- Nov 01, 2002
-
-
Justin Erenkrantz authored
in mod_ssl. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97373 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
Stick a comment in there as a 'Waldo was here' so that if I ever see this again, I realize that I've actually thought about it and didn't think > was necessary. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97372 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Clean up the read pattern for cases when some data already exists. Also return APR_SUCCESS once we've gathered any decrypted bytes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97371 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Distinguish inctx, outctx, frec [and b ??? looked like bucket to me!!!] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97370 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
More nits spotted by Justin, and catch all the errors except SYSCALL in the SSL logging section. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97369 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Suggestions by Justin, implemention by Will. Rename away all bogisity, especially eliminating all of 'our' capitalized identifiers that were easily confused with library symbols; go with APR_STATUS_IS_EOF() just in case there is a platform result; fix a bogus *len = 0; reassignment and fold the two flavors of input context tracking into one. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97368 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Completely refactor the BIO-side client input handling for the SSL library. Should eliminate many false spurious interrupt detected errors. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97367 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 29, 2002
-
-
William A. Rowe Jr authored
Fix memory leak in mod_ssl from internal SSL library allocations within SSL_get_peer_certificate and X509_get_pubkey. Submitted by: Zvi Har'El <rl@math.technion.ac.il> Reviewed by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97344 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Close several small leaks in SSL. Submitted by: Zvi Har'El <rl@math.technion.ac.il> Reviewed by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97340 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 27, 2002
-
-
William A. Rowe Jr authored
Outch. No freeing consts. Fortunately, the fn's return code isn't const. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97315 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 25, 2002
-
-
Jeff Trawick authored
Submitted by: Madhu Mathihalli <madhusudan_mathihalli@hp.com> Reviewed by: Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97308 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
memory which has been previously allocated inside OpenSSL. Such memory should be freed with OPENSSL_free(), not with free(). Submitted by: Nadav Har'El <nyh@math.technion.ac.il>, Madhusudan Mathihalli <madhusudan_mathihalli@hp.com> Reviewed by: Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97307 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
Submitted by: Madhu Mathihalli <madhusudan_mathihalli@hp.com> Reviewed by: Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97298 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 22, 2002
-
-
Jim Jagielski authored
(and allow 8192 to be valid). Secondly, this missplaced else made the size part (8192) non-optional for shm: PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97281 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 17, 2002
-
-
Jim Jagielski authored
which has the overloaded '%p' format (not ANSI). PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97252 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 14, 2002
-
-
Ryan Bloom authored
and it was included in a commit that shouldn't have touched these files. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97201 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 11, 2002
-
-
Ryan Bloom authored
Also, uncomment a line of code that the last commit should have uncommented. Randall found this line and the fix, but I forgot to uncomment this line along with the fix. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97179 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 01, 2002
-
-
Jeff Trawick authored
could lead to an infinite loop. PR: 12705 Diagnosis submitted by: amund.elstad@ergo.no (Amund Elstad) Coded by: Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97048 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 30, 2002
-
-
Ryan Bloom authored
/me wonders why we have generated content in CVS. :-( git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97039 13f79535-47bb-0310-9956-ffa450edef68
-
Ryan Bloom authored
network write. All other status codes result in c->aborted being set, which allows the logs to note that the connection was aborted. Previous to this patch, if the network cable was unplugged on the client, the server would get APR_ETIMEUP, but we wouldn't note that the connection was aborted. Submitted by: Ryan Morgan <rmorgan@covalent.net> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97038 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 28, 2002
-
-
Ryan Bloom authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97002 13f79535-47bb-0310-9956-ffa450edef68
-
Ryan Bloom authored
This matches what Apache 1.3 does. Also add documentation for this feature. PR: 9299 Submitted by: Jay Ball <jay@veggiespam.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@97001 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 15, 2002
-
-
Justin Erenkrantz authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@96818 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 21, 2002
-
-
William A. Rowe Jr authored
Small fixes for SSLC git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@96477 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 31, 2002
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@96262 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@96261 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 17, 2002
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@96098 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 08, 2002
-
-
William A. Rowe Jr authored
Changes for deprecated apr_is_fnmatch git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95976 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 30, 2002
-
-
Ryan Bloom authored
users and groups. It doesn't pass requests between child processes yet. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95918 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 28, 2002
-
-
Justin Erenkrantz authored
arbitrary code before the handlers are invoked. This resolves an issue with incorrect 304s on If-Modified-Since mod_include requests since ap_meets_conditions() is not aware that this is a dynamic request and it is not possible to satisfy 304 for these requests (unless xbithack full is on, of course). When mod_include runs as a filter, it is too late to set any flag since the handler is responsible for calling ap_meets_conditions(), which it should do before generating any data. If a module doesn't need to run such arbitrary code, it can just pass NULL as the argument and all is well. PR: 9673 Reviewed by: Ryan Bloom and others git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95906 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 21, 2002
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95835 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 17, 2002
-
-
William A. Rowe Jr authored
These emits occur mainline, outside of the pphrase_callback, so we never opened readtty or writetty. But they are absolute failures, nothing the user could do to deal with them. They are logged in the ssl vhost's error log. In this case, I forgot my SSLCertificateKeyFile, so the server never tried the callback. writetty wasn't initialized, so we segfaulted. This segfault is due to misconfig, not to the dialog with the user. This is the easiest fix (easier to read, too), but we shouldn't need to worry too much that the release is tagged. If we retag, fine, then grab it, but it only addresses a config problem. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95734 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 11, 2002
-
-
Cliff Woolley authored
Reported by: Paul J. Reder Submitted by: Ryan Bloom git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95604 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
using the value of SSL_get_peer_certificate(ssl) to verify as it will have been removed from the chain before it was put in the cache. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95603 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
Obtained from: Submitted by: Reviewed by: allow POST method over SSL when per-directory client cert authentication is used with 'SSLOptions +OptRenegotiate' enabled and a client cert was found in the ssl session cache. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95602 13f79535-47bb-0310-9956-ffa450edef68
-
Doug MacEachern authored
Obtained from: Submitted by: Reviewed by: 'SSLOptions +OptRengotiate' will use client cert in from the ssl session cache when there is no cert chain in the cache. prior to the fix this situation would result in a FORBIDDEN response and error message "Cannot find peer certificate chain" git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95601 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 07, 2002
-
-
Jeff Trawick authored
to return an error rather than exiting directly git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95567 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 06, 2002
-
-
Cliff Woolley authored
questions about shmcb: "Feel free to buzz me on shmcb matters to as/when you like - my time may be limited right now but I will certainly reply as best I can to anything that comes up." Submitted by: Geoff Thorpe <geoff@geoffthorpe.net> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95550 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 05, 2002
-
-
William A. Rowe Jr authored
cvs up/diff gets pretty hard to track with vc7 builds. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95524 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 04, 2002
-
-
Ryan Bloom authored
redirecting (.*) will allow an SSL protected page to be viewed without SSL. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95501 13f79535-47bb-0310-9956-ffa450edef68
-