- Jan 08, 2004
-
-
Joe Orton authored
* modules/ssl/mod_ssl.h: Undo accidental comment change in previous commit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102228 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
distcache. * LAYOUT: Update for removal of scache_shmht and addition of scache_dc. * modules/ssl/config.m4: Check for libdistcache; build ssl_scache_dc.lo. * modules/ssl/mod_ssl.dsp: Build ssl_scache_dc (with luck). * modules/ssl/mod_ssl.h: Add SSL_SCMODE_DC and scache_dc_* prototypes. * modules/ssl/ssl_engine_config.c (ssl_cmd_SSLSessionCache): Allow use of dc: argument. * modules/ssl/ssl_scache_dc.c: New file. * modules/ssl/ssl_scache.c (ssl_scache_init, ssl_scache_kill, ssl_scache_store, ssl_scache_retrieve, ssl_scache_remove, ssl_ext_status_hook): Hook into scache_dc. Submitted by: Geoff Thorpe <geoff@geoffthorpe.net> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102227 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 01, 2004
-
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102135 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 15, 2003
-
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102067 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
(we *x weenies have to be careful :) ) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102062 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 12, 2003
-
-
Joe Orton authored
* modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_store): Print apr_size_t using APR_SIZE_T_FMT. * modules/ssl/ssl_engine_io.c (ssl_filter_write): Print difference between sizes using APR_SSIZE_T_FMT, apr_size_t using APR_SIZE_T_FMT. * modules/proxy/proxy_http.c (ap_proxy_http_request): Print apr_uint64_t using APR_UINT64_T_HEX_FMT. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@102037 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 26, 2003
-
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101900 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 25, 2003
-
-
Joe Orton authored
information: * modules/ssl/mod_ssl.c (ssl_hook_pre_config): Call ssl_scache_status_register. * modules/ssl/ssl_scache.c (ssl_scache_status): Removed function. (ssl_ext_status_hook): Renamed from ssl_ext_ms_display: switch to 2.1's mod_status "status_hook" API. (ssl_scache_status_register): Register optional hook. * modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_status): Adjust to use new API. * modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_status): Adjust to use new API. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101889 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
data corruption bugs since being apr_rmm'ified. * config.m4, mod_ssl.dsp: Don't build ssl_util_table and ssl_scache_shmht. * ssl_util_table.h, ssl_util_table.c, ssl_scache_shmht.c: Removed files. * mod_ssl.h (SSLModConfigRec): Use a void * pointer for storing the scache-specific data. * ssl_engine_config.c (ssl_cmd_SSLSessionCache): Treat shmht: as shmcb:. * ssl_scache.c: Remove shmht hooks throughout. * ssl_scache_shmcb.c: Remove casts to use the table_t * pointer as a void *. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101888 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
unused variable from previous commit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101881 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
ssl_var_lookup_ssl for a real SSL connection; fix lookup of "HTTPS" for non-SSL connections. (ssl_var_log_handler_x): Give results for non-SSL connections too; e.g. %{HTTPS}x does the right thing. PR: 23956 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101880 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Determine the library version string at run-time rather than at compile-time. Submitted by: Eric Seidel <eseidel@apple.com> PR: 23956 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101879 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
(rather than segfault later) if a client cert is configured which is missing either the certificate or private key. PR: 24030 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101878 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 16, 2003
-
-
Justin Erenkrantz authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101789 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 30, 2003
-
-
Joe Orton authored
interface for retrieving error strings. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101625 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
* mod_ssl.c (ssl_cleanup_pre_config): Don't free the error strings, since they can't be loaded again once. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101624 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 23, 2003
-
-
Joe Orton authored
segfault on a non-SSL request. PR: 22741 Submitted by: Gary E. Miller <gem@rellim.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101534 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 22, 2003
-
-
Joe Orton authored
during pass phrase entry. * ssl_engine_pphrase.c (ssl_pphrase_Handle): Clear the OpenSSL error stack before reading the private key. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101515 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 22, 2003
-
-
William A. Rowe Jr authored
SSL-C doesn't declare the char* file arg const, so we shouldn't either. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101303 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 10, 2003
-
-
Jim Jagielski authored
use APR'd dbm. mod_ssl had hacked sdbm for larger sizes. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101214 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 08, 2003
-
-
William A. Rowe Jr authored
Simplify includes - we always (in HTTPD 2.1 forward) are looking for the openssl/foo.h headers explicitly. Fix the abs.dsp build to define HAVE_OPENSSL instead of USE_SSL so the correct headers are included upfront. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101195 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 03, 2003
-
-
Jeff Trawick authored
because of the changes to the argument lists of apr_mmap_dup and apr_socket_create, 2.1-dev won't build with apr and apr-util's 0.9 branch anymore git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101154 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 29, 2003
-
-
Joe Orton authored
library code as well as the reason code when looking for the plain-HTTP-request error. Submitted by: Stephen Henson <steve@openssl.org> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101135 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 12, 2003
-
-
Cliff Woolley authored
openssl-engine (ie, you're missing the headers). ssl_cmd_SSLCryptoDevice() is thrown away by the preprocessor if you're missing the header, so the call to it should have the same condition applied. otherwise, mod_ssl will fail to link. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100970 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 08, 2003
-
-
Sander Striker authored
encountered with respect to FakeBasicAuth. Submitted by: Greg Stein git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100941 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 07, 2003
-
-
Sander Striker authored
have been here in the first place. Makes issues like these be found easier in the future. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100937 13f79535-47bb-0310-9956-ffa450edef68
-
Sander Striker authored
#1364 in Subversion: http://subversion.tigris.org/issues/show_bug.cgi?id=1364 The fix is to make mod_ssl's check_user_id hook stop tripping over it's own checks in case of a subrequest. That is, it should DECLINE in case of a subrequest. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100926 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 05, 2003
-
-
William A. Rowe Jr authored
Although we initialize mc->pid in the child init phase, we haven't initialized it before initially performing our ssl_rand_seed() in the parent/postconfig phase. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100912 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 24, 2003
-
-
Joe Orton authored
function after mod_ssl is unloaded. * ssl_util.c (ssl_util_thread_cleanup): Clear the id_callback. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100767 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 21, 2003
-
-
Joe Orton authored
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Set aborted flag after renegotiation failure. * modules/ssl/ssl_engine_io.c (ssl_filter_write, ssl_io_filter_output): Don't dereference BIOs in filter_ctx when filter_ctx->pssl is NULL. (ssl_filter_io_shutdown): Set aborted flag on abortive shutdown. PR: 21370 Submitted by: Hartmut Keil <Hartmut.Keil@adnovum.ch> Cleaned up by: Jeff Trawick, Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100720 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 14, 2003
-
-
Jeff Trawick authored
client certificate chain. PR: 21371 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100605 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
static string or something parsed from the config git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100603 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 09, 2003
-
-
Sander Striker authored
SECURITY [CAN-2003-0192]: Fixed a bug whereby certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one. [Ben Laurie] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100518 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 24, 2003
-
-
William A. Rowe Jr authored
Narrow the scope of several OPENSSL-specific setup and teardown calls to only OpenSSL based builds. Also introduce success result for the registered cleanup callback to clean up a compiler emit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100348 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 20, 2003
-
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100314 13f79535-47bb-0310-9956-ffa450edef68
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100313 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 17, 2003
-
-
William A. Rowe Jr authored
Reaction to Jeff Trawick's observations that we are double-initializing dynalinked OpenSSL Engines and Configs. Move the library teardown code so that it is torn down in the proper order, corresponding to when the library itself was initialized. And leave a little reminder that some memory diagnostics would be good if OpenSSL is built for malloc debugging. Suggested by: Geoff Thorpe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100288 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 11, 2003
-
-
William A. Rowe Jr authored
OPENSSL_load_builtin_modules -appears- to have been introduced in beta-1, but boy is this a hassle to determine without gstein's viewcvs ;-) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100211 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 07, 2003
-
-
Jeff Trawick authored
unixd_set_global|proc_mutex_perms(). Allow the functions to be called for any type of mutex. This resolves a fatal problem with mod_rewrite on systems where APR uses flock-based mutex. It simplifies mod_ssl as well, which had special logic to perform the chown(). It fixed an init error with mod_ssl on systems where flock is used when the user had no SSLMutex directive. The Unix MPMs continue to call unixd_set_global|proc_mutex_perms() only for SysV sems. There is no permission problem with flock-based accept mutexes since the child init logic for the MPMs is done prior to switching identity. PR: 20312 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100189 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 02, 2003
-
-
William A. Rowe Jr authored
The right patch (thanks to Eric for identifying the wrong patch) to move SSL_library_init() into the register hooks phase. OpenSSL_add_ssl_algorithms devolves to SSL_library_init, which is the same for most toolkits (and would be accomodated in ssl_toolkit_config.h if not.) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100136 13f79535-47bb-0310-9956-ffa450edef68
-