- Feb 28, 2002
-
-
Doug MacEachern authored
is encrypted and mtime stamp has not changed. this prevents getting prompted twice for passphrase on windows and elsewhere when server is started with -DNO_DETACH. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93620 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93619 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93617 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
of s->process->pool to prevent "leaking" each time we format a vhost key. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93616 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
leakage on restarts. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93615 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
leakage on restarts. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93614 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
to use it. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93613 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
were allocated using apr_palloc out of s->process->pool and pushed into an apr_array_header_t. solve the problem by moving from apr_array_header_t's to an apr_hash_t. also add ssl_asn1_table_{set,unset} wrappers to use malloc/free so we do not "leak" from s->process->pool. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93612 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 27, 2002
-
-
William A. Rowe Jr authored
Introduce PassPhraseDialog 'pipe' mechanism. This builds on DougM's apr-ization of the 'tty', and changes his naming a bit so we clearly identify the pipe-to and pipe-from the user. This patch invokes a bidirectional piped dialog to the user. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93607 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Introduce the PassPhraseDialog 'pipe' mechanism. This is the directive handling commit only, the mechanics patch will follow. PassPhraseDialog "|/path/to/pipe" will use the bidirectional pipe to have a 'conversation', along the lines of the tty dialog with PassPhraseDialog 'builtin'. This is entirely different than the 'exec' method, which simply runs once for each passphrase, and doesn't allow for failure/retries, and certainly doesn't offer any sensible 'dialog'. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93606 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
and switch to using apr_file api for portability. stderr has already been redirected to the error_log. rather than attempting to temporarily rehook it to the terminal, we print the prompt to stdout before EVP_read_pw_string turns off tty echo. which is also more portable. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93586 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
than hack to only read passphrase on 1st round startup. this change: - fixes current segv on restarts (SHARED_MODULE is not defined) - allows LoadModule ssl_module to be added to httpd.conf on restart (was core dumping previously) - allows certs/keys to be changed on restart provided key is not encrypted or SSLPassPhraseDialog is exec. if key is encrypted and SSLPassPhraseDialog is builtin, existing private keys will be reused on restart (which happens currently for any type of key/dialog). note: mod_ssl currently leaks on restart; leaks more with this change. fixes to come. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93585 13f79535-47bb-0310-9956-ffa450edef68
-
Ryan Bloom authored
Thanks Cliff for slapping me in the head. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93583 13f79535-47bb-0310-9956-ffa450edef68
-
Ryan Bloom authored
platforms. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93582 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 25, 2002
-
-
Cliff Woolley authored
version 2.8.7-1.3.23. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93564 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 17, 2002
-
-
Justin Erenkrantz authored
(Why does mod_ssl insist on having its own logging levels? Bad, bad, bad.) PR: 9842 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93464 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 16, 2002
-
-
Justin Erenkrantz authored
If the file specified by SSLMutex cannot be created (because the directory does not exist for example), children will segfault on init without giving any reason that the user can figure out. This happens because the module init in the parent never checks to see if the mutex intialization succeded. This patch adds this check and a user-friendly error message. (Justin made one formatting change to this patch.) Submitted by: Adam Sussman <myddryn@vishnu.vidya.com> Reviewed by: Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93441 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 12, 2002
-
-
William A. Rowe Jr authored
What happened? 0.9.6b built just dandy without the flags... 0.9.6c won't build for jack without these changes. Of course they don't harm 0.9.6b builders either, unless they are outside of the states/EU/AU and find themselves free to ignore IP considerations. I'd really like to know _why_ 0.9.6c doesn't configure itself rationally. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93381 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 05, 2002
-
-
Ryan Bloom authored
acheived with the pre_connection hook. I have added the socket to the pre_connection phase to make this possible. Reviewed by: Bill Stoddard git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93259 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 03, 2002
-
-
Cliff Woolley authored
and constify it while I'm at it. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93188 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 31, 2002
-
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93130 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 28, 2002
-
-
Aaron Bannert authored
cause the server to bail out under error conditions. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93063 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 25, 2002
-
-
Justin Erenkrantz authored
If you need the length, you should be using apr_brigade_length. This is much more consistent. Of all the places that call ap_get_brigade, only one (ap_http_filter) needs the length. This makes it now possible to pass constants down without assigning them to a temporary variable first. Also: - Change proxy_ftp to use EXHAUSTIVE mode (didn't catch its -1 before) - Fix buglet in mod_ssl that would cause it to return too much data in some circumstances git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93014 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 22, 2002
-
-
Justin Erenkrantz authored
- Protect mod_ssl from dealing with modes it doesn't recognize. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92968 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
point at the end of the buffer with a length of 0. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92967 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 19, 2002
-
-
Justin Erenkrantz authored
separate from the input filter mode type. We also no longer look at readbytes to determine the method of filter operation. This makes the use of filters more obvious and allows a wider range of options for input filters modes. To start with, the new input filter modes are: AP_MODE_READBYTES (no more than *readbytes returned) AP_MODE_GETLINE (old *readbytes == 0 case) AP_MODE_EATCRLF (old AP_MODE_PEEK) AP_MODE_SPECULATIVE (will be used in a future ap_getline rewrite) AP_MODE_EXHAUSTIVE (old *readbytes == -1 case) AP_MODE_INIT (special case for NNTP over SSL) The block parameter is an apr_read_type_e: APR_BLOCK_READ, APR_NONBLOCK_READ This also allows cleanup of mod_ssl's handling in the getline case. Reviewed by: Ryan Bloom (concept), Greg Stein (concept) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92928 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 18, 2002
-
-
Doug MacEachern authored
macros for OpenSSL in mod_ssl.h git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92918 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92897 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 17, 2002
-
-
William A. Rowe Jr authored
Clean up several typesaftey (signedness and size) emits. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92889 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
- avoid creating a new bucket brigade for each EOS or FLUSH bucket - do not pass FLUSH bucket since BIO_bucket_flush() already does so if there is any data to flush. - do not call apr_brigade_destroy(bb); since we will have either emptied it or passed it, in which case it will be destroyed further down the chain. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92885 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
ssl_var_lookup_ssl_cipher() git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92883 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92881 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
PR: Obtained from: Submitted by: Reviewed by: Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92873 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 11, 2002
-
-
Ben Laurie authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92829 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
The mutex must be pool-managed, not ssl managed. We are encountering segfaults on Win32 when the cleanup of the mutex occurs after the pool was destroyed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92818 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 10, 2002
-
-
William A. Rowe Jr authored
mod_so, mod_win32 and the winnt mpm] into individual loadable modules, so the administrator may individually disable the former compiled-in modules by simply commenting out their LoadModule directives. [William Rowe] *) Saved Win32 module authors and porters many future headaches, by duplicating the appropriate .h files such as os.h into the include directory, including in the build tree. [William Rowe] Also noticed that version stamp resources weren't generated for proxy modules, this too is now fixed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92804 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
Use SSL functions/macros instead of directly dereferencing SSL structures wherever possible. Add type-casts for the cases where functions return a generic pointer. Add $SSL/include to configure search path. PR: Obtained from: Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com> Reviewed by: dougm git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92800 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
This patch eliminated from the _SHARED_ segment of the scoreboard all pointer math. This is required for portable scoreboards. vhost becomes the 'vhost name string' so it now survives ap_generation clicks. next was apparently never used. This patch also accounts for the changes to the apr_shm api, and gives Win32 the magic of a shared scoreboard. Breakage aplenty on non-win32 platforms, I suspect, but this radical surgery, and culling of unused functions, was really, really needed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92791 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92789 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 09, 2002
-
-
Doug MacEachern authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@92788 13f79535-47bb-0310-9956-ffa450edef68
-