summaryrefslogtreecommitdiff
path: root/modules/ssl
Commit message (Collapse)AuthorAgeFilesLines
* In the newer versions of OpenSSL, the flag SSL_SESS_CACHE_NO_INTERNAL_LOOKUPMadhusudan Mathihalli2004-03-262-2/+6
| | | | | | | | | | | | just prevents the internal lookup but does not prevent the caching. OpenSSL 0.9.6h onwards has a new flag 'SSL_SESS_CACHE_NO_INTERNAL' to prevent OpenSSL from both lookup and caching the sessions internally. PR: 26562 Reviewed by: Geoff Thorpe, Joe Orton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103165 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_io.c (ssl_io_filter_cleanup): Don't try andJoe Orton2004-03-251-13/+11
| | | | | | | send an SSL shutdown from a pool cleanup. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103156 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_log.c (ssl_log_annotation): const-ify more.Joe Orton2004-03-121-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102943 13f79535-47bb-0310-9956-ffa450edef68
* Pick up mod_status.hWilliam A. Rowe Jr2004-03-111-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102938 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_log.c (ssl_log_annotate, ssl_log_annotation,Joe Orton2004-03-101-15/+12
| | | | | | | | ssl_log_ssl_error): const-ify annotation strings and simplify ssl_log_annotation. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102927 13f79535-47bb-0310-9956-ffa450edef68
* Fix use of mod_ssl as a DSO linked against static SSL libraries; alsoJoe Orton2004-03-061-1/+2
| | | | | | | | | | | | | | | | | | | | stop linking all of support/* against the SSL libraries: * acinclude.m4 (APACHE_MODULE): Define MOD_FOO_LDADD which each module .la library will be linked against. (APACHE_MODPATH_ADD): Link static modules against the provided libraries. (APACHE_CHECK_SSL_TOOLKIT): Put SSL libraries in SSL_LIBS and export that to config_vars.mk. * support/Makefile.in: Link ab against SSL_LIBS. * modules/ssl/config.m4: Add SSL_LIBS and distcache libraries to MOD_SSL_LDADD. PR: 17217 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102870 13f79535-47bb-0310-9956-ffa450edef68
* Allow the enabled flag to be set to more than just TRUE or FALSE so thatBradley Nicholes2004-03-054-21/+28
| | | | | | | | the OPTIONAL flag can be correctly merged within the ssl_config_server_merge() function. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102860 13f79535-47bb-0310-9956-ffa450edef68
* Allow the enabled flag to be set to more that just TRUE or FALSE so thatBradley Nicholes2004-03-051-5/+5
| | | | | | | | the OPTIONAL flag is correctly merged within the ssl_config_server_merge() function. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102859 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_init.c (ssl_init_Engine): Log the OpenSSLJoe Orton2004-03-041-0/+2
| | | | | | | error stack contents if engine load/init fails. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102857 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_log.c (ssl_log_ssl_error): Use %lu to printJoe Orton2004-03-041-2/+2
| | | | | | | an unsigned long. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102856 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_lookup,Joe Orton2004-03-041-3/+3
| | | | | | | ssl_var_lookup_ssl_cipher): Use apr_itoa instead of psprintf %d. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102855 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars (ssl_var_lookup): const'ify result andJoe Orton2004-03-041-30/+20
| | | | | | | | | drop a bunch of casts; use apr_table_get directly in place of ssl_var_lookup_header. (ssl_var_lookup_header): Remove function. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102854 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars (ssl_var_lookup): Optimise such thatJoe Orton2004-03-041-57/+76
| | | | | | | | lookup of SSL_* variables (the common case) requires 2 rather than 29 strcasecmp calls before getting to ssl_var_lookup_ssl(). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102851 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/mod_ssl.h: Declare ssl_is_https optional function.Joe Orton2004-03-042-0/+11
| | | | | | | | * modules/ssl/ssl_engine_vars (ssl_is_https): New function. (ssl_var_register): Register it. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102850 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars (ssl_var_lookup): Fix potentialJoe Orton2004-03-041-4/+4
| | | | | | | segfaults if called with r=NULL, c!=NULL, spotted by Andr��. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102849 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_io.c (ssl_io_filter_disable,Joe Orton2004-02-291-2/+3
| | | | | | | ssl_io_filter_error): Clear the SSL * pointer in the SSLConnRec too. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102819 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): SimplifyJoe Orton2004-02-281-8/+5
| | | | | | | to use apr_pstrmemdup. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102815 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): For a DNJoe Orton2004-02-281-4/+15
| | | | | | | | which includes several RDNs with the same OID, allow lookup of any particular RDN using an "_<n>" suffix on the name. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102813 13f79535-47bb-0310-9956-ffa450edef68
* Move mod_ssl-internal interfaces into ssl_private.h; allow mod_ssl.hJoe Orton2004-02-2827-648/+670
| | | | | | | | | | | | | | | | | | | | | | to be included even when mod_ssl is not enabled. * Makefile.in (install-include): Only install mod_ssl.h. * modules/ssl/ssl_private.h: New file. * modules/ssl/mod_ssl.h: Move everything apart from than the optional hook definitions into ssl_private.h. * modules/ssl/*.c: Include ssl_private.h not mod_ssl.h * modules/ssl/config.m4: Always add the mod_ssl directory to the include path so other modules can find mod_ssl.h. * modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional hook definitions rather than copy'n'pasting them. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102803 13f79535-47bb-0310-9956-ffa450edef68
* Relicense.Joe Orton2004-02-282-94/+25
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102799 13f79535-47bb-0310-9956-ffa450edef68
* Send the 'Close Alert' message to the peer upon closing a SSL session. ThisMadhusudan Mathihalli2004-02-281-1/+19
| | | | | | | | | | | required creating a new EOC (End-Of-Connection) bucket type to notify mod_ssl that the connection is about to be closed. Reviewed by: Joe Orton, Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102793 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_io.c (ssl_io_filter_disable): Don't leak anJoe Orton2004-02-251-0/+1
| | | | | | | | | SSL structure for each plain-HTTP-on-SSL-port request. PR: 27106 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102770 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle): WordingJoe Orton2004-02-221-3/+3
| | | | | | | tweaks. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102747 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_init): Use anJoe Orton2004-02-221-4/+13
| | | | | | | anonymous shm segment by default or fall back on name-based shm. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102746 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c: Note that the ERR_clear_error()Joe Orton2004-02-101-2/+3
| | | | | | | call is not merely a cosmetic fix in light of PR 21160. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102628 13f79535-47bb-0310-9956-ffa450edef68
* fix name of The Apache Software FoundationAndré Malo2004-02-0926-27/+27
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102618 13f79535-47bb-0310-9956-ffa450edef68
* fix copyright dates according to the first check inAndré Malo2004-02-0825-26/+26
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102573 13f79535-47bb-0310-9956-ffa450edef68
* apply Apache License, Version 2.0André Malo2004-02-0626-1412/+515
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102525 13f79535-47bb-0310-9956-ffa450edef68
* We need the SSL module dir in our path in order to compile mod_ssl.Justin Erenkrantz2004-02-051-0/+1
| | | | | | | Otherwise, we can't find mod_ssl.h. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102515 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_io.c (ssl_io_filter_output): Use non-blockingJoe Orton2004-01-231-3/+17
| | | | | | | | | | | bucket reads whilst data remains available; flush when a read returns EAGAIN. Fixes streaming nph- CGI scripts over SSL. PR: 21944 Inspired by: Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102397 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Fix segfault ifJoe Orton2004-01-121-4/+6
| | | | | | | | | | SSL_get_session() returns NULL. PR: 15057 Submitted by: Otmar Lendl (lendl@nic.at) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102281 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_scache_dc.c: Add the Apache Software License.Joe Orton2004-01-082-1/+50
| | | | | | | | * modules/ssl/mod_ssl.h: Undo accidental comment change in previous commit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102228 13f79535-47bb-0310-9956-ffa450edef68
* Add support to mod_ssl for a distributed session cache usingJoe Orton2004-01-086-2/+310
| | | | | | | | | | | | | | | | | | | | | | | | | | distcache. * LAYOUT: Update for removal of scache_shmht and addition of scache_dc. * modules/ssl/config.m4: Check for libdistcache; build ssl_scache_dc.lo. * modules/ssl/mod_ssl.dsp: Build ssl_scache_dc (with luck). * modules/ssl/mod_ssl.h: Add SSL_SCMODE_DC and scache_dc_* prototypes. * modules/ssl/ssl_engine_config.c (ssl_cmd_SSLSessionCache): Allow use of dc: argument. * modules/ssl/ssl_scache_dc.c: New file. * modules/ssl/ssl_scache.c (ssl_scache_init, ssl_scache_kill, ssl_scache_store, ssl_scache_retrieve, ssl_scache_remove, ssl_ext_status_hook): Hook into scache_dc. Submitted by: Geoff Thorpe <geoff@geoffthorpe.net> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102227 13f79535-47bb-0310-9956-ffa450edef68
* update license to 2004.André Malo2004-01-0125-26/+26
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102135 13f79535-47bb-0310-9956-ffa450edef68
* We need the error strings loaded as early as possibleMartin Kraemer2003-12-151-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102067 13f79535-47bb-0310-9956-ffa450edef68
* get mod_ssl.dsp to load againJeff Trawick2003-12-151-1/+2
| | | | | | | (we *x weenies have to be careful :) ) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102062 13f79535-47bb-0310-9956-ffa450edef68
* Fix format string warnings from gcc on amd64:Joe Orton2003-12-122-3/+5
| | | | | | | | | | | | | | * modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_store): Print apr_size_t using APR_SIZE_T_FMT. * modules/ssl/ssl_engine_io.c (ssl_filter_write): Print difference between sizes using APR_SSIZE_T_FMT, apr_size_t using APR_SIZE_T_FMT. * modules/proxy/proxy_http.c (ap_proxy_http_request): Print apr_uint64_t using APR_UINT64_T_HEX_FMT. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102037 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/mod_ssl.h: Remove prototypes for shmht.Joe Orton2003-11-261-8/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101900 13f79535-47bb-0310-9956-ffa450edef68
* Extend mod_status output to include SSL session cache statusJoe Orton2003-11-255-91/+65
| | | | | | | | | | | | | | | | | | | | | information: * modules/ssl/mod_ssl.c (ssl_hook_pre_config): Call ssl_scache_status_register. * modules/ssl/ssl_scache.c (ssl_scache_status): Removed function. (ssl_ext_status_hook): Renamed from ssl_ext_ms_display: switch to 2.1's mod_status "status_hook" API. (ssl_scache_status_register): Register optional hook. * modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_status): Adjust to use new API. * modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_status): Adjust to use new API. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101889 13f79535-47bb-0310-9956-ffa450edef68
* Remove shmht session cache in favour of shmcb; shmht has hadJoe Orton2003-11-259-3214/+11
| | | | | | | | | | | | | | | | | | | | | | | | data corruption bugs since being apr_rmm'ified. * config.m4, mod_ssl.dsp: Don't build ssl_util_table and ssl_scache_shmht. * ssl_util_table.h, ssl_util_table.c, ssl_scache_shmht.c: Removed files. * mod_ssl.h (SSLModConfigRec): Use a void * pointer for storing the scache-specific data. * ssl_engine_config.c (ssl_cmd_SSLSessionCache): Treat shmht: as shmcb:. * ssl_scache.c: Remove shmht hooks throughout. * ssl_scache_shmcb.c: Remove casts to use the table_t * pointer as a void *. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101888 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_log_handler_x): FixJoe Orton2003-11-251-1/+0
| | | | | | | unused variable from previous commit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101881 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Only callJoe Orton2003-11-251-7/+6
| | | | | | | | | | | | ssl_var_lookup_ssl for a real SSL connection; fix lookup of "HTTPS" for non-SSL connections. (ssl_var_log_handler_x): Give results for non-SSL connections too; e.g. %{HTTPS}x does the right thing. PR: 23956 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101880 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_version):Joe Orton2003-11-251-1/+1
| | | | | | | | | | | Determine the library version string at run-time rather than at compile-time. Submitted by: Eric Seidel <eseidel@apple.com> PR: 23956 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101879 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_init.c (ssl_init_proxy_certs): Fail earlyJoe Orton2003-11-251-10/+24
| | | | | | | | | | (rather than segfault later) if a client cert is configured which is missing either the certificate or private key. PR: 24030 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101878 13f79535-47bb-0310-9956-ffa450edef68
* Sync with APR-util deprecated functions.Justin Erenkrantz2003-11-161-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101789 13f79535-47bb-0310-9956-ffa450edef68
* * ssl_engine_log.c (ssl_log_ssl_error): Use the thread-safeJoe Orton2003-10-301-2/+3
| | | | | | | interface for retrieving error strings. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101625 13f79535-47bb-0310-9956-ffa450edef68
* Fix missing human-readable error information in SSL log messages:Joe Orton2003-10-301-1/+5
| | | | | | | | * mod_ssl.c (ssl_cleanup_pre_config): Don't free the error strings, since they can't be loaded again once. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101624 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_vars.c (ssl_var_log_handler_c): FixJoe Orton2003-10-231-1/+1
| | | | | | | | | | segfault on a non-SSL request. PR: 22741 Submitted by: Gary E. Miller <gem@rellim.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101534 13f79535-47bb-0310-9956-ffa450edef68
* Fix a cosmetic issue where OpenSSL 0.9.7 will dump the error stackJoe Orton2003-10-221-0/+4
| | | | | | | | | | during pass phrase entry. * ssl_engine_pphrase.c (ssl_pphrase_Handle): Clear the OpenSSL error stack before reading the private key. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101515 13f79535-47bb-0310-9956-ffa450edef68
* SSL-C doesn't declare the char* file arg const, so we shouldn't either.William A. Rowe Jr2003-09-221-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101303 13f79535-47bb-0310-9956-ffa450edef68
View Lorry Controller Status