Skip to content
  1. Mar 12, 2002
  2. Mar 10, 2002
  3. Mar 08, 2002
  4. Mar 06, 2002
  5. Mar 03, 2002
  6. Mar 01, 2002
  7. Feb 28, 2002
  8. Feb 27, 2002
    • William A. Rowe Jr's avatar
      · 63a7946b
      William A. Rowe Jr authored
        Introduce PassPhraseDialog 'pipe' mechanism.  This builds on DougM's
        apr-ization of the 'tty', and changes his naming a bit so we clearly
        identify the pipe-to and pipe-from the user.
      
        This patch invokes a bidirectional piped dialog to the user.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93607 13f79535-47bb-0310-9956-ffa450edef68
      63a7946b
    • William A. Rowe Jr's avatar
      · c47513c2
      William A. Rowe Jr authored
        Introduce the PassPhraseDialog 'pipe' mechanism.
      
        This is the directive handling commit only, the mechanics patch will
        follow.  PassPhraseDialog "|/path/to/pipe" will use the bidirectional
        pipe to have a 'conversation', along the lines of the tty dialog with
        PassPhraseDialog 'builtin'.  This is entirely different than the 'exec'
        method, which simply runs once for each passphrase, and doesn't allow
        for failure/retries, and certainly doesn't offer any sensible 'dialog'.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93606 13f79535-47bb-0310-9956-ffa450edef68
      c47513c2
    • Doug MacEachern's avatar
      change builtin passphrase prompt to use stdout rather than stderr. · da9d307a
      Doug MacEachern authored
      and switch to using apr_file api for portability.
      stderr has already been redirected to the error_log.
      rather than attempting to temporarily rehook it to the terminal,
      we print the prompt to stdout before EVP_read_pw_string turns
      off tty echo.  which is also more portable.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93586 13f79535-47bb-0310-9956-ffa450edef68
      da9d307a
    • Doug MacEachern's avatar
      changing mod_ssl to do a full startup/teardown on each restart rather · ab0881ba
      Doug MacEachern authored
      than hack to only read passphrase on 1st round startup.  this change:
      - fixes current segv on restarts (SHARED_MODULE is not defined)
      - allows LoadModule ssl_module to be added to httpd.conf on restart
        (was core dumping previously)
      - allows certs/keys to be changed on restart provided key is not
        encrypted or SSLPassPhraseDialog is exec.  if key is encrypted and
        SSLPassPhraseDialog is builtin, existing private keys will be reused
        on restart (which happens currently for any type of key/dialog).
      
      note: mod_ssl currently leaks on restart; leaks more with this change.
            fixes to come.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93585 13f79535-47bb-0310-9956-ffa450edef68
      ab0881ba