delta/apache/httpd.git/modules/ssl/ssl_expr_eval.c, branch fcgi-proxy-dev github.com: apache/httpd.git No functional Change: Removing trailing whitespace. This also 2005-11-10T15:11:44+00:00 Jim Jagielski jim@apache.org 2005-11-10T15:11:44+00:00 5061d9fa920cb1821a51495fc42833c54e5bd714 means that "blank" lines consisting of just spaces or tabs are now really blank lines git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@332306 13f79535-47bb-0310-9956-ffa450edef68 
means that "blank" lines consisting of just spaces or
tabs are now really blank lines


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@332306 13f79535-47bb-0310-9956-ffa450edef68
As discussed previously: OID() -> PeerExtList() 2005-09-20T10:27:41+00:00 Martin Kraemer martin@apache.org 2005-09-20T10:27:41+00:00 16032e8b01339bfa43b29fa026d64b4656b89261 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@290414 13f79535-47bb-0310-9956-ffa450edef68 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@290414 13f79535-47bb-0310-9956-ffa450edef68
- remove ssl_ext_lookup and replace it with ssl_ext_list 2005-09-16T09:03:49+00:00 David Reid dreid@apache.org 2005-09-16T09:03:49+00:00 42b3715533aac28a1a179c9ff72c08a10773ca75 - change ssl_expr_eval_oid to use ssl_ext_list This change provides for a singfle function that provides an array of all values from a certificate that match a given extension and removes the duplictaed code that was present. Reviewed by: Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@289444 13f79535-47bb-0310-9956-ffa450edef68 
- change ssl_expr_eval_oid to use ssl_ext_list

This change provides for a singfle function that provides an array of all
values from a certificate that match a given extension and removes the
duplictaed code that was present.

Reviewed by: Joe Orton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@289444 13f79535-47bb-0310-9956-ffa450edef68
* modules/ssl/ssl_expr_eval.c (ssl_expr_eval_oid): Remove unused 2005-07-25T12:51:28+00:00 Joe Orton jorton@apache.org 2005-07-25T12:51:28+00:00 7303aa9b0bc11489fec178eddf3e829830cb8d09 variable. * modules/ssl/ssl_private.h, modules/ssl/mod_ssl.h (ssl_extlist_by_oid): Move prototype to ssl_private.h. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@224722 13f79535-47bb-0310-9956-ffa450edef68 
variable.

* modules/ssl/ssl_private.h, modules/ssl/mod_ssl.h
(ssl_extlist_by_oid): Move prototype to ssl_private.h.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@224722 13f79535-47bb-0310-9956-ffa450edef68
Allow extraction of the values of SSL certificate extensions into 2005-07-22T12:11:55+00:00 Martin Kraemer martin@apache.org 2005-07-22T12:11:55+00:00 4c8c57327534587c0b56f007e24616d373cb0963 environment variables, so that their value can be used by any module that is aware of environment variables, as in: SetEnvIf OID("2.16.840.1.113730.1.13") "(.*) Generated (Certificate)" ca=$1 sets ca=TinyCA if the cert was issued by TinyCA. Similarly, SetenvIf OID("2.16.840.1.113730.1.13") "(.*)" NetscapeComment=$1 will set $NetscapeComment to the whole string. It is technically allowed to have multiple instances of an extension field, all with the same oid. In this case, the environment variable will be set to the list of all fields, separated by commas. The [PATCH] uses a cross-module call from mod_setenvif to mod_ssl (the latter may also be missing: in this case the variable will never be set). It calls a common function in the ssl module that is also used for the SSLRequire directive's test. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@220307 13f79535-47bb-0310-9956-ffa450edef68 
environment variables, so that their value can be used by any
module that is aware of environment variables, as in:

  SetEnvIf OID("2.16.840.1.113730.1.13") "(.*) Generated (Certificate)" ca=$1
sets
  ca=TinyCA
if the cert was issued by TinyCA.

Similarly,
  SetenvIf OID("2.16.840.1.113730.1.13") "(.*)" NetscapeComment=$1
will set $NetscapeComment to the whole string.

It is technically allowed to have multiple instances of an extension
field, all with the same oid. In this case, the environment variable
will be set to the list of all fields, separated by commas.

The [PATCH] uses a cross-module call from mod_setenvif to
mod_ssl (the latter may also be missing: in this case the
variable will never be set). It calls a common function
in the ssl module that is also used for the SSLRequire
directive's test.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@220307 13f79535-47bb-0310-9956-ffa450edef68
Collaborative work: (Thanks, dreid!) 2005-07-20T16:42:58+00:00 Martin Kraemer martin@apache.org 2005-07-20T16:42:58+00:00 b5a3f87755a24db37f50773d0a40143180b92fca Implement OID checking for mod_ssl. This code allows for checking of arbitrary client certificate extensions by OID, in a syntax like: SSLRequire "BaDCA Generated Certificate" in Oid("2.16.840.1.113730.1.13") \ || "committers" in Oid("1.3.6.1.4.1.18060.1") Note the following: * A given OID can occur multiple times in one cert, with different values. Therefore the OID function compares the left-hand string against each of the OID values, until a complete match is found. If none patches, the result is FALSE * The left hand side can be another expression, so can be a reference to a variable or an file() invocation etc. * The OID is also just a reference to a string, or function, or whatever. * My manual description is very short. Someone else please help improve the description git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219940 13f79535-47bb-0310-9956-ffa450edef68 
Implement OID checking for mod_ssl. This code allows for checking of arbitrary client
certificate extensions by OID, in a syntax like:
   SSLRequire "BaDCA Generated Certificate" in Oid("2.16.840.1.113730.1.13") \
          || "committers"                   in Oid("1.3.6.1.4.1.18060.1")
Note the following:
* A given OID can occur multiple times in one cert, with different values. Therefore
  the OID function compares the left-hand string against each of the OID values,
  until a complete match is found. If none patches, the result is FALSE
* The left hand side can be another expression, so can be a reference to a variable
  or an file() invocation etc.
* The OID is also just a reference to a string, or function, or whatever.
* My manual description is very short. Someone else please help improve the description



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219940 13f79535-47bb-0310-9956-ffa450edef68
Move the POSIX reg* implementations into the ap_* namespace; 2005-02-11T12:00:41+00:00 Joe Orton jorton@apache.org 2005-02-11T12:00:41+00:00 a0570c8746d04d82b724932cdb9c96240cf3329d internalise the ap_reg*<->PCRE wrapper: * configure.in: Add srclib/pcre to the include path. * include/ap_regex.h: Renamed from include/pcreposix.h. Prefix all constants with AP_; prefix all functions and types with ap_. Define AP_DECLARE to nothing if necessary. Remove regcomp error codes. * include/httpd.h: Include ap_regex.h not pcreposix.h. (ap_pregcomp, ap_regexec, ap_regfree): s/regex_t/ap_regex_t/. (ap_regexec, ap_regerror): Prototypes moved to ap_regex.h. * server/util.c (regex_cleanup, ap_pregcomp, ap_pregsub, ap_pregfree): Adjust for ap_ prefixed types. (ap_regexec, ap_regerror): Removed. * server/Makefile.in: Build util_pcre.c. * server/util_pcre.c: Copied from srclib/pcre/pcreposix.c; remove use of PCRE-internals to do error mapping; rename types to add AP_/ap_ prefixes as above. Use APR includes. (ap_regerror): Use apr_snprintf. * srclib/pcre/Makefile.in: Don't build pcreposix.c into libpcre.la. * modules/*: Update to use new type and constant names. PR: 27750 (part one) Submitted by: Andres Salomon <dilinger voxel.net>, Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@153384 13f79535-47bb-0310-9956-ffa450edef68 
internalise the ap_reg*<->PCRE wrapper:

* configure.in: Add srclib/pcre to the include path.

* include/ap_regex.h: Renamed from include/pcreposix.h.  Prefix all
constants with AP_; prefix all functions and types with ap_.  Define
AP_DECLARE to nothing if necessary.  Remove regcomp error codes.

* include/httpd.h: Include ap_regex.h not pcreposix.h.
(ap_pregcomp, ap_regexec, ap_regfree): s/regex_t/ap_regex_t/.
(ap_regexec, ap_regerror): Prototypes moved to ap_regex.h.

* server/util.c (regex_cleanup, ap_pregcomp, ap_pregsub, ap_pregfree):
Adjust for ap_ prefixed types.  (ap_regexec, ap_regerror): Removed.

* server/Makefile.in: Build util_pcre.c.

* server/util_pcre.c: Copied from srclib/pcre/pcreposix.c; remove use
of PCRE-internals to do error mapping; rename types to add AP_/ap_
prefixes as above.  Use APR includes.  (ap_regerror): Use apr_snprintf.

* srclib/pcre/Makefile.in: Don't build pcreposix.c into libpcre.la.

* modules/*: Update to use new type and constant names.

PR: 27750 (part one)
Submitted by: Andres Salomon <dilinger voxel.net>, Joe Orton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@153384 13f79535-47bb-0310-9956-ffa450edef68
Update copyright year to 2005 and standardize on current copyright owner line. 2005-02-04T20:28:49+00:00 Justin Erenkrantz jerenkrantz@apache.org 2005-02-04T20:28:49+00:00 905cdf9f0b330131433f4d8ad2cb3905357dbc58 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@151408 13f79535-47bb-0310-9956-ffa450edef68 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@151408 13f79535-47bb-0310-9956-ffa450edef68
Move mod_ssl-internal interfaces into ssl_private.h; allow mod_ssl.h 2004-02-28T18:06:35+00:00 Joe Orton jorton@apache.org 2004-02-28T18:06:35+00:00 3ca3524c318f56ce0b8bc62e2400d943de13bed0 to be included even when mod_ssl is not enabled. * Makefile.in (install-include): Only install mod_ssl.h. * modules/ssl/ssl_private.h: New file. * modules/ssl/mod_ssl.h: Move everything apart from than the optional hook definitions into ssl_private.h. * modules/ssl/*.c: Include ssl_private.h not mod_ssl.h * modules/ssl/config.m4: Always add the mod_ssl directory to the include path so other modules can find mod_ssl.h. * modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional hook definitions rather than copy'n'pasting them. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102803 13f79535-47bb-0310-9956-ffa450edef68 
to be included even when mod_ssl is not enabled.

* Makefile.in (install-include): Only install mod_ssl.h.

* modules/ssl/ssl_private.h: New file.

* modules/ssl/mod_ssl.h: Move everything apart from than the optional
hook definitions into ssl_private.h.

* modules/ssl/*.c: Include ssl_private.h not mod_ssl.h

* modules/ssl/config.m4: Always add the mod_ssl directory to the
include path so other modules can find mod_ssl.h.

* modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional
hook definitions rather than copy'n'pasting them.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102803 13f79535-47bb-0310-9956-ffa450edef68
fix name of The Apache Software Foundation 2004-02-09T20:31:03+00:00 André Malo nd@apache.org 2004-02-09T20:31:03+00:00 a688f06b1950709fa47442869be48b5e98266a50 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102618 13f79535-47bb-0310-9956-ffa450edef68 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102618 13f79535-47bb-0310-9956-ffa450edef68