Merge of r1849174 from trunk: (b2878dda) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

CHANGES

+3 −0

Original line number	Diff line number	Diff line
		-- coding: utf-8 --
		Changes with Apache 2.4.38

		*) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges
		have been fixed. [Michael Kaufmann, Stefan Eissing]

		*) mod_setenvif: We can have expressions that become true if a regex pattern
		in the expression does NOT match. In this case val is NULL
		and we should just set the value for the environment variable

modules/md/md_acme.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -153,6 +153,8 @@ apr_status_t md_acme_setup(md_acme_t *acme)
		if (acme->new_authz && acme->new_cert && acme->new_reg && acme->revoke_cert) {
		return APR_SUCCESS;
		}
		md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, 0, acme->p,
		"Unable to understand ACME server response. Wrong ACME protocol version?");
		rv = APR_EINVAL;
		}
		else {

modules/md/md_acme_authz.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -95,7 +95,7 @@ apr_status_t md_acme_authz_set_remove(md_acme_authz_set_t set, const char doma
		int n = i + 1;
		if (n < set->authzs->nelts) {
		void elems = (void )set->authzs->elts;
		memmove(elems + i, elems + n, (size_t)(set->authzs->nelts - n));
		memmove(elems + i, elems + n, (size_t)(set->authzs->nelts - n) * sizeof(*elems));
		}
		--set->authzs->nelts;
		return APR_SUCCESS;

modules/md/md_acme_drive.c

+9 −3

Original line number	Diff line number	Diff line
		@@ -162,7 +162,8 @@ static apr_status_t ad_setup_authz(md_proto_driver_t *d)
		apr_status_t rv;
		md_t *md = ad->md;
		md_acme_authz_t *authz;
		int i, changed;
		int i;
		int changed = 0;

		assert(ad->md);
		assert(ad->acme);
		@@ -186,18 +187,20 @@ static apr_status_t ad_setup_authz(md_proto_driver_t *d)
		}

		/* Remove anything we no longer need */
		for (i = 0; i < ad->authz_set->authzs->nelts; ++i) {
		for (i = 0; i < ad->authz_set->authzs->nelts;) {
		authz = APR_ARRAY_IDX(ad->authz_set->authzs, i, md_acme_authz_t*);
		if (!md_contains(md, authz->domain, 0)) {
		md_acme_authz_set_remove(ad->authz_set, authz->domain);
		changed = 1;
		}
		else {
		++i;
		}
		}

		/* Add anything we do not already have */
		for (i = 0; i < md->domains->nelts && APR_SUCCESS == rv; ++i) {
		const char domain = APR_ARRAY_IDX(md->domains, i, const char );
		changed = 0;
		authz = md_acme_authz_set_get(ad->authz_set, domain);
		if (authz) {
		/* check valid */
		@@ -615,6 +618,7 @@ static apr_status_t acme_driver_init(md_proto_driver_t *d)
		{
		md_acme_driver_t *ad;
		apr_status_t rv = APR_SUCCESS;
		int challenges_configured = 0;

		ad = apr_pcalloc(d->p, sizeof(*ad));

		@@ -631,10 +635,12 @@ static apr_status_t acme_driver_init(md_proto_driver_t *d)
		if (d->challenge) {
		/* we have been told to use this type */
		APR_ARRAY_PUSH(ad->ca_challenges, const char*) = apr_pstrdup(d->p, d->challenge);
		challenges_configured = 1;
		}
		else if (d->md->ca_challenges && d->md->ca_challenges->nelts > 0) {
		/* pre-configured set for this managed domain */
		apr_array_cat(ad->ca_challenges, d->md->ca_challenges);
		challenges_configured = 1;
		}
		else {
		/* free to chose. Add all we support and see what we get offered */

modules/md/md_version.h

+2 −2

Original line number	Diff line number	Diff line
		@@ -27,7 +27,7 @@
		* @macro
		* Version number of the md module as c string
		*/
		#define MOD_MD_VERSION "1.1.16"
		#define MOD_MD_VERSION "1.1.17"

		/**
		* @macro
		@@ -35,7 +35,7 @@
		* release. This is a 24 bit number with 8 bits for major number, 8 bits
		* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
		*/
		#define MOD_MD_VERSION_NUM 0x010110
		#define MOD_MD_VERSION_NUM 0x010111

		#define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory"