Afraid these are likely generated, just something to watch out for
  in the future.  Address PR 8963


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95024 13f79535-47bb-0310-9956-ffa450edef68

This is admittedly rather ugly code to come up with a unique 4-byte
identifier for the thread.  Since our threads are pthreads and a pthread
maps 1:1 to a TCB, the address of the TCB is sufficient.   Yes, every
TCB sees a different piece of real storage mapped to the first page,
so the code does make sense.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@95016 13f79535-47bb-0310-9956-ffa450edef68

Fix a case where an invalid pass phrase is entered and an
error message is given, but the prompt is not shown again.
This left the user in an ambiguous state.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94896 13f79535-47bb-0310-9956-ffa450edef68

to be unusable with mod_ssl.

PR: 8572


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94881 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94877 13f79535-47bb-0310-9956-ffa450edef68

for one thing.  But it just plain doesn't need it.  Rip it out to avoid
segfaulting.

Submitted by:  Aaron Bannert


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94876 13f79535-47bb-0310-9956-ffa450edef68

- Also a minor change to add more useful error
  logging for shmcb startup failures


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94875 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94696 13f79535-47bb-0310-9956-ffa450edef68

Submitted by: Thom May <thom@planetarytramp.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94631 13f79535-47bb-0310-9956-ffa450edef68

.y and .l files.  These must be kept newer than those at all times to avoid
introducing a dependency on flex and yacc.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94623 13f79535-47bb-0310-9956-ffa450edef68

uses of apr_lock.h [deprecated]. Tested that I could serve simple
SSL (v3) pages.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94583 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94547 13f79535-47bb-0310-9956-ffa450edef68

Obtained from:
Submitted by:
Reviewed by:
fix compilation problem in ssl_engine_kernel.c
if SSL_LIBRARY_VERSION >= 0x00907000


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94527 13f79535-47bb-0310-9956-ffa450edef68

Obtained from:
Submitted by:
Reviewed by:
ssl_io_input_read now returns APR_EOF if ssl_io_hook_read returns 0
bytes for a reason other than SSL_ERROR_WANT_READ.  this should
prevent a possible endless loop.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94519 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94515 13f79535-47bb-0310-9956-ffa450edef68

at this point, so the \r\n\r\n just confuses the http input filter.

One concern: this patch is only correct as long as we only ever call this
function while in AP_MODE_GETLINE.  Ideally we would account for the mode
and return the newlines if not in GETLINE mode, but at the moment it doesn't
seem to matter.

Reviewed by: Doug MacEachern


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94453 13f79535-47bb-0310-9956-ffa450edef68

Obtained from:
Submitted by:
Reviewed by:
avoid the error_log message: [error] mod_ssl: Certificate Verification: Error ...
if SSLProxyVerify is not configured or set to "none".
the verify callback does not happen in the server context when
SSLVerify is not configured or set to "none".


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94444 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94406 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94405 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94404 13f79535-47bb-0310-9956-ffa450edef68

ssl_cmd_check_dir rather than ssl_cmd_check_file


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94403 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94400 13f79535-47bb-0310-9956-ffa450edef68

Obtained from:
Submitted by:
Reviewed by:    Ryan Bloom
ap_remove_output_filter no longer works for connection filters.
change logic in the case of "HTTP spoken on HTTPS port" to disable the
ssl filters rather than attempt to remove the filters.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94393 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94392 13f79535-47bb-0310-9956-ffa450edef68

to get these changes working with sslc


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94341 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94340 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94338 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94337 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94336 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94334 13f79535-47bb-0310-9956-ffa450edef68

verify callback.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94332 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94331 13f79535-47bb-0310-9956-ffa450edef68

(uses SSLProxyMachineCertificate{File,Cert} when downstream server
requires a client certificate)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94329 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94328 13f79535-47bb-0310-9956-ffa450edef68

when bucket read from socket was successful,
but there was an error within the ssl runtime.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94327 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94324 13f79535-47bb-0310-9956-ffa450edef68

proxy context


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94323 13f79535-47bb-0310-9956-ffa450edef68

"mod_ssl/Apache/2.0.xx".


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94320 13f79535-47bb-0310-9956-ffa450edef68

mod_ssl because the SSL_CTX was created and configured for *every*
request.  unlike in 2.0 where we configure the proxy SSL_CTX at
startup time, which is much better for performance.  but we don't want
to configure a proxy context for every vhost if it isn't going to be
used, for the same reasons we don't create a server context for every
vhost unless SSLEngine is on.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94314 13f79535-47bb-0310-9956-ffa450edef68

Add an allocator-passing mechanism throughout the bucket brigades API.

From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given
connection is stored in the conn_rec by the create_connection hook.  That
means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's --
the MPM must ensure that no two threads can ever use the same one at the
same time, for instance.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94304 13f79535-47bb-0310-9956-ffa450edef68