Skip to content
GitLab
  1. 12 Mar, 2002 9 commits
  3. 10 Mar, 2002 2 commits
  5. 08 Mar, 2002 2 commits
  7. 06 Mar, 2002 1 commit
  9. 03 Mar, 2002 1 commit
  11. 01 Mar, 2002 2 commits
  13. 28 Feb, 2002 19 commits
  15. 27 Feb, 2002 4 commits
    • William A. Rowe Jr's avatar
      · 63a7946b
      William A. Rowe Jr authored 
        Introduce PassPhraseDialog 'pipe' mechanism.  This builds on DougM's
  apr-ization of the 'tty', and changes his naming a bit so we clearly
  identify the pipe-to and pipe-from the user.

  This patch invokes a bidirectional piped dialog to the user.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93607 13f79535-47bb-0310-9956-ffa450edef68
      63a7946b
    • William A. Rowe Jr's avatar
      · c47513c2
      William A. Rowe Jr authored 
        Introduce the PassPhraseDialog 'pipe' mechanism.

  This is the directive handling commit only, the mechanics patch will
  follow.  PassPhraseDialog "|/path/to/pipe" will use the bidirectional
  pipe to have a 'conversation', along the lines of the tty dialog with
  PassPhraseDialog 'builtin'.  This is entirely different than the 'exec'
  method, which simply runs once for each passphrase, and doesn't allow
  for failure/retries, and certainly doesn't offer any sensible 'dialog'.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93606 13f79535-47bb-0310-9956-ffa450edef68
      c47513c2
    • Doug MacEachern's avatar
      change builtin passphrase prompt to use stdout rather than stderr. · da9d307a
      Doug MacEachern authored 
      and switch to using apr_file api for portability.
stderr has already been redirected to the error_log.
rather than attempting to temporarily rehook it to the terminal,
we print the prompt to stdout before EVP_read_pw_string turns
off tty echo.  which is also more portable.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93586 13f79535-47bb-0310-9956-ffa450edef68
      da9d307a
    • Doug MacEachern's avatar
      changing mod_ssl to do a full startup/teardown on each restart rather · ab0881ba
      Doug MacEachern authored 
      than hack to only read passphrase on 1st round startup.  this change:
- fixes current segv on restarts (SHARED_MODULE is not defined)
- allows LoadModule ssl_module to be added to httpd.conf on restart
  (was core dumping previously)
- allows certs/keys to be changed on restart provided key is not
  encrypted or SSLPassPhraseDialog is exec.  if key is encrypted and
  SSLPassPhraseDialog is builtin, existing private keys will be reused
  on restart (which happens currently for any type of key/dialog).

note: mod_ssl currently leaks on restart; leaks more with this change.
      fixes to come.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93585 13f79535-47bb-0310-9956-ffa450edef68
      ab0881ba