Skip to content
GitLab
  1. 16 May, 2003 1 commit
    • William A. Rowe Jr's avatar
      · 9cb8ff49
      William A. Rowe Jr authored 
        Assure that we block on the read BIO when we invoke the read BIO for both
  first-use cases (via ssl_io_input_add_filter) and when we are writing and
  need response from the client (via ssl_io_filter_output).  Both of these
  cases are always blocking.  [

PR: 19242
Submitted by:	David Deaves <David.Deaves@dd.id.au>, William Rowe


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99863 13f79535-47bb-0310-9956-ffa450edef68
      9cb8ff49
  3. 01 May, 2003 1 commit
  5. 06 Apr, 2003 2 commits
  7. 05 Apr, 2003 6 commits
    • William A. Rowe Jr's avatar
      · 430e6606
      William A. Rowe Jr authored 
        Solve SSL-C breakage introduced in mod_ssl.h rev 1.129 and
  ssl_engine_kernel.c rev 1.88.  SSL* is not const under SSL-C.

  I've confirmed Jeff's comment that the original patch doesn't harm
  earlier OpenSSL versions which declared no arguments at all.

  I suspect now that we could fold
     #define MODSSL_BIO_CB_ARG_TYPE const char
     #define MODSSL_CRYPTO_CB_ARG_TYPE const char
     #define MODSSL_INFO_CB_ARG_TYPE const SSL*
  into a single MODSSL_CB_ARG_CONST define, but this works for now.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99263 13f79535-47bb-0310-9956-ffa450edef68
      430e6606
    • William A. Rowe Jr's avatar
      · f0f89dbf
      William A. Rowe Jr authored 
        Noop MS DevStudio IDE change
 to include ssl_toolkit_compat.h
  in the list of project headers.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99261 13f79535-47bb-0310-9956-ffa450edef68
      f0f89dbf
    • William A. Rowe Jr's avatar
      · 8f413882
      William A. Rowe Jr authored 
        Have some consistency!  Fixes logic I introduced in 1.37.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99253 13f79535-47bb-0310-9956-ffa450edef68
      8f413882
    • William A. Rowe Jr's avatar
      · fb574408
      William A. Rowe Jr authored 
        Reapply the fix *intended* by rev 1.79 in a safer manner.  Prior to
  all assignments and the final SSL_free(), free ssl_conn->client_cert
  to avoid leaks of this refcounted X509*.  Prereleasing refcounted
  objects is unsafe programming; fix applied to both branches.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99252 13f79535-47bb-0310-9956-ffa450edef68
      fb574408
    • William A. Rowe Jr's avatar
      · fbf92085
      William A. Rowe Jr authored 
        EVP_PKEY_free() is refcounted on OpenSSL, but NOT under RSA SSL-C.
  Eliminate a number of test failures by conditionally reverting rev 1.79
  pubkey handling in ssl_engine_kernel.c, except under OpenSSL.

  Also revert a rev 1.79 bogisity for all toolkits; it's entirely bogus
  to release a refcount after setting aside the results in a persistant
  structure, in this case sslconn->client_cert from SSL_get_peer_certificate()
  mustn't be freed while sslconn is still in play.  The proper patch (not
  written yet) is to invoke the X509_free(sslconn->client_cert) when we
  cleanup the sslconn structure.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99250 13f79535-47bb-0310-9956-ffa450edef68
      fbf92085
    • William A. Rowe Jr's avatar
      · b97742be
      William A. Rowe Jr authored 
        A cosmetic change to 1.79 - a real X509 *cert is in play, don't use
  that same variable to retrieve/release the quick lookup and discard
  of the peercert.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99244 13f79535-47bb-0310-9956-ffa450edef68
      b97742be
  9. 04 Apr, 2003 2 commits
  11. 03 Apr, 2003 3 commits
  13. 31 Mar, 2003 2 commits
  15. 29 Mar, 2003 2 commits
  17. 28 Mar, 2003 2 commits
  19. 27 Mar, 2003 3 commits
    • William A. Rowe Jr's avatar
      · ee2c7f6f
      William A. Rowe Jr authored 
        Addendum to r1.21... I missed the fact that we blew away the init
  complete state too early in ssl_init_Module().


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99096 13f79535-47bb-0310-9956-ffa450edef68
      ee2c7f6f
    • William A. Rowe Jr's avatar
      · 3fc4bea7
      William A. Rowe Jr authored 
        Fix a serious bug where the 'next' generation of the server would open
  a brand new mutex.  This patch creates a single mutex in the first config
  phase that survives for the life of the server (server->process->pool).

  Now one server generation to the next will respect the same mutex between
  one another, while the previous generation is still mopping up.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99095 13f79535-47bb-0310-9956-ffa450edef68
      3fc4bea7
    • William A. Rowe Jr's avatar
      · fcbf42f4
      William A. Rowe Jr authored 
        Allow any mutex to accept a 'filename' ... and always root it to the
  server root unless we are using posixsem, which can't handle big paths.
  This reorganization should make the code much more readable because
  all of the common code is at the beginning and end of the function,
  simplifing the long conditional test case block.

  This patch allows SSLMutex default:logs/ssl_mutex syntax.  It also
  removes the mod_ssl historical '.pid' suffixes - that isn't how Apache2
  specifies files.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@99094 13f79535-47bb-0310-9956-ffa450edef68
      fcbf42f4
  21. 26 Mar, 2003 1 commit
  23. 14 Mar, 2003 1 commit
  25. 13 Mar, 2003 1 commit
  27. 12 Mar, 2003 1 commit
  29. 11 Mar, 2003 1 commit
    • William A. Rowe Jr's avatar
      · 18e49f9b
      William A. Rowe Jr authored 
        After discussions at length on dev@apr/httpd, it is determined that
  the older .dbg format symbols are not worth the interference with
  generating complete .pdb symbolic debugging databases.

  This patch further eliminates pdbtype:sept flags that interfere with
  deciphering local symbols and type information.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@98970 13f79535-47bb-0310-9956-ffa450edef68
      18e49f9b
  31. 06 Mar, 2003 1 commit
  33. 23 Feb, 2003 1 commit
  35. 21 Feb, 2003 1 commit
  37. 20 Feb, 2003 1 commit
    • William A. Rowe Jr's avatar
      · 2f10bf47
      William A. Rowe Jr authored 
        After consultations on the APR list, it was decided that /map files are
  fairly redundant when you retain rich .pdb debugging symbol files.  We
  have rarely used them, and generally .dbg and .pdb files prove much more
  useful for the cases we have.

  While eliminating /map files, we are also shrinking the size of the .dbg
  files by stripping 'private' symbol information.  Really this means less
  rich diagnostics from Dr. Watson on NT or Win9x when they query the .dbg
  symbols in creating a DrWatson log file.  But it's more than compensated
  for on newer OS'es where Dr. Watson will query the .pdb symbols, on all
  Win32 flavors when WinDbg is used with the .pdb symbols, and the fact that
  the distribution of binary symbols will use less bandwidth when less
  information is duplicated from the .pdb format into the .dbg files.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@98743 13f79535-47bb-0310-9956-ffa450edef68
      2f10bf47
  39. 18 Feb, 2003 1 commit
  41. 07 Feb, 2003 1 commit
  43. 03 Feb, 2003 1 commit
  45. 21 Jan, 2003 2 commits
  47. 20 Jan, 2003 1 commit
  49. 13 Jan, 2003 1 commit
    • William A. Rowe Jr's avatar
      · 06aa798f
      William A. Rowe Jr authored 
        After introducing tests in the cmds, we lose the absolute authority
  of the CRYPTO_malloc_init() which must happen the moment we load the
  module and prior to *any* ssl library fn invocation.

  Moved the CRYPTO_malloc_init() into the ssl_register_hooks() function,
  the absolute first call made into any loaded module.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@98252 13f79535-47bb-0310-9956-ffa450edef68
      06aa798f