summaryrefslogtreecommitdiffstats
path: root/changes-entries (follow)
Commit message (Collapse)AuthorAgeFilesLines
* * Use iobuffersize set on worker level for the IO buffer size.HEADtrunkRuediger Pluem3 days1-0/+2
| | | | | | | | | PR: 69402 Submitted by: Jari Ahonen <jah@progress.com> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1922115 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1921336.Joe Orton2024-10-161-2/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921357 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: Disallow SSLOpenSSLConfCmd within vhost context since itJoe Orton2024-10-151-0/+2
| | | | | | | | | | | | has global effect. * modules/ssl/ssl_engine_config.c (ssl_cmd_SSLOpenSSLConfCmd): Disallow use within vhost context. PR: 69397 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921336 13f79535-47bb-0310-9956-ffa450edef68
* Add changes-entries/ file missed from r1921305.Joe Orton2024-10-141-0/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921306 13f79535-47bb-0310-9956-ffa450edef68
* mod_lua: Make r.ap_auth_type writableJoe Orton2024-10-111-0/+2
| | | | | | | | | | | | | | | | | This completes the option of setting the remote user by the authentication mechanism which actually verified the user. One possible usecase is that a proxied (upstream) server performs the authentication, but the access log of HTTPd does not contain this information. The upstream server can pass this kind of information back to HTTPd and both servers will have consistent access logs. Submitted by: Michael Osipov <michaelo apache.org> PR: 62497 Github: closes #67 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921260 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: Add SSLClientHelloVars directive which exposes variousJoe Orton2024-10-011-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | ClientHello properties in new SSL_CLIENTHELLO_* variables. * modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup_vars): Add SSL_CLIENTHELLO_* vars. (copy_clienthello_vars): New function. (ssl_callback_ClientHello): Call it when needed. * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_clienthello): New function. (ssl_var_lookup_ssl): Call it for SSL_CLIENTHELLO_*. * modules/ssl/ssl_private.h (modssl_clienthello_vars): Add type. (SSLConnRec): Add clienthello_vars pointer. * modules/ssl/ssl_engine_config.c, modules/ssl/mod_ssl.c: Add handling of new SSLClientHelloVars directive. Submitted by: Charles Smutz <csmutz gmail.com> Github: closes #483 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1921074 13f79535-47bb-0310-9956-ffa450edef68
* *) mod_md: update to version 2.4.28Stefan Eissing2024-09-171-0/+11
| | | | | | | | | | | | | | | | | - When the server starts, it looks for new, staged certificates to activate. If the staged set of files in 'md/staging/<domain>' is messed up, this could prevent further renewals to happen. Now, when the staging set is present, but could not be activated due to an error, purge the whole directory. [icing] - Fix certificate retrieval on ACME renewal to not require a 'Location:' header returned by the ACME CA. This was the way it was done in ACME before it became an IETF standard. Let's Encrypt still supports this, but other CAs do not. [icing] - Restore compatibility with OpenSSL < 1.1. [ylavic] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920747 13f79535-47bb-0310-9956-ffa450edef68
* removed experimental mod_tls. source, documenation and test casesStefan Eissing2024-09-171-0/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920744 13f79535-47bb-0310-9956-ffa450edef68
* update changesStefan Eissing2024-09-1760-225/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920740 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: Fix regression in r1914365 preventing pkcs11: key/cert lookupJoe Orton2024-09-121-0/+2
| | | | | | | | | | | | | | | | via the ENGINE API without SSLCryptoDevice configured. * modules/ssl/ssl_engine_pphrase.c (modssl_load_keypair_engine): Return APR_ENOTIMPL if the ENGINE could not be loaded for the key. (modssl_load_engine_keypair): Always try loading via ENGINE (as prior to r1914365) but fall back to the STORE API for the new APR_ENOTIMPL case. Github: closes #480 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920597 13f79535-47bb-0310-9956-ffa450edef68
* * modules/core/mod_macro.c (process_content): Return error if there'sJoe Orton2024-09-121-0/+3
| | | | | | | | | | | | enough not space to store the macro. Replaced MAX_STRING_LEN by sizeof(line). PR: 69258 Submitted by: Marc Stern <marc.stern approach-cyber.com> Github: closes #479 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920588 13f79535-47bb-0310-9956-ffa450edef68
* * Mention the additional bug [skip ci]Ruediger Pluem2024-09-111-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920572 13f79535-47bb-0310-9956-ffa450edef68
* mod_rewrite, mod_proxy: mod_proxy to cononicalize rewritten [P] URLs. PR 69235.Yann Ylavic2024-09-111-0/+2
| | | | | | | | | | | | | When mod_rewrite sets a "proxy:" URL with [P], it should be canonicalized by mod_proxy still, notably to handle any "unix:" local socket part. To avoid double encoding in perdir context, a follow up commit should remove the ap_escape_uri() done in mod_rewrite since it's now on mod_proxy to canonicalize, per PR 69260. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920570 13f79535-47bb-0310-9956-ffa450edef68
* Windows: fix "Include" of UNC paths Eric Covener2024-09-111-0/+2
| | | | | | | ... by making UNCList EXEC_ON_READ (since Include is EXEC_ON_READ) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920564 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: Add SSL_HANDSHAKE_RTT environment variable.Joe Orton2024-08-301-0/+1
| | | | | | | | | | | | | | | * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Support SSL_HANDSHAKE_RTT. (ssl_var_lookup_ssl_handshake_rtt): New function. * modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup_vars): Add SSL_HANDSHAKE_RTT. Submitted by: csmutz Github: closes #477 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920297 13f79535-47bb-0310-9956-ffa450edef68
* don't merge slashes on perdir prefixEric Covener2024-08-131-0/+3
| | | | | | | | | Submitted by: Eric Covener Github: closes #472 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919860 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1919620: Restore r->filename re-encoding for ProxyPass URLs.Yann Ylavic2024-08-021-1/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919628 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1919620: CHANGES entry indent.Yann Ylavic2024-08-011-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919621 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy_fcgi: Don't re-encode SCRIPT_FILENAME. PR 69203Yann Ylavic2024-08-011-0/+1
| | | | | | | | | | | | | | | | | | | Before r1918550 (r1918559 in 2.4.60), "SetHandler proxy:..." configurations did not pass through proxy_fixup() hence the proxy_canon_handler hooks, leaving fcgi's SCRIPT_FILENAME environment variable (from r->filename) decoded, or more exactly not re-encoded. We still want to call ap_proxy_canon_url() for "fcgi:" to handle/strip the UDS "unix:" case and check that r->filename is valid and contains no controls, but proxy_fcgi_canon() will not ap_proxy_canonenc_ex() thus re-encode anymore. Note that this will do the same for "ProxyPass fcgi:...", there is no reason that using SetHandler or ProxyPass don't result in the same thing. If an opt in/out makes sense we should probably look at ProxyFCGIBackendType. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919620 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1919617: Better CHANGES entry per Eric.Yann Ylavic2024-08-011-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919619 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: Fix selection of ProxyPassMatch workers with host/port ↵Yann Ylavic2024-08-011-0/+2
| | | | | | | | | | | | | | | substitution. PR 69233. With "ProxyPassMatch ^/([^/]+)/(.*)$ https://$1/$2", ap_proxy_get_worker_ex() should not consider the length of scheme://host part of the given URL because of the globbing match on the host part. Fix it by setting worker->s>is_host_matchable when creating a worker with host substitution and avoiding the min_match check in worker_matches() in this case. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919617 13f79535-47bb-0310-9956-ffa450edef68
* *) mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLsYann Ylavic2024-07-261-0/+2
| | | | | | | | | | | | | in <Location> (incomplete fix in 2.4.62). PR 69160. When SetHandler "unix:..." is used in a <Location "/path"> block, the path gets appended (including $DOCUMENT_ROOT somehow) to r->filename hence the current checks in fixup_uds_filename() to add "localhost" when missing don't work. Fix them. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919532 13f79535-47bb-0310-9956-ffa450edef68
* mod_rewrite: Better question mark tracking to avoid UnsafeAllow3F. PR 69197.Yann Ylavic2024-07-171-0/+2
| | | | | | | | | | | | | Track in do_expand() whether a '?' in the uri-path comes from a literal in the substitution string or from an expansion (variable, lookup, ...). In the former case it's safe to assume that it's the query-string separator but for the other case it's not (could be a decoded %3f from r->uri). This allows to avoid [UnsafeAllow3F] for most cases. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919325 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) forYann Ylavic2024-07-081-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * modules/proxy/proxy_util.h, modules/proxy/proxy_util.c: Move proxy_interpolate() from mod_proxy.c to ap_proxy_interpolate(), exported locally only (non public). Move proxy_fixup() from mod_proxy.c to ap_proxy_canon_url(), exported locally only too (non public). Rollback ap_proxy_fixup_uds_filename() to a local fixup_uds_filename() usable from proxy_util.c only. The public function will be removed in a following commit. * modules/proxy/mod_proxy.h: Note that ap_proxy_fixup_uds_filename() is deprecated. * modules/proxy/mod_proxy.c: Just use ap_proxy_canon_url() from proxy_fixup() and proxy_handler() for SetHandler URLs. * modules/proxy/mod_proxy_balancer.c: Do not canonicalize the path from proxy_balancer_canon() anymore but rather from balancer_fixup() where the balancer URL is rewritten to the BalancerMember URL. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919022 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160Yann Ylavic2024-07-081-0/+2
| | | | | | | | | | | | The hostname part of the URL is not mandated for UDS though the canon_handler hooks will require it, so add "localhost" if it's missing (won't be used anyway for an AF_UNIX socket). This can trigger with SetHandler "unix:" URLs which are now also fixed up. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1919015 13f79535-47bb-0310-9956-ffa450edef68
* * Changelog for r1918880Ruediger Pluem2024-07-031-0/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1918881 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: Fix DNS requests and connections closed before the configured ↵Yann Ylavic2024-06-181-0/+2
| | | | | | | | | | | addressTTL. BZ 69126 * modules/proxy/proxy_util.c(ap_proxy_determine_address): Fix shared expiry compare-and-swap loop. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1918410 13f79535-47bb-0310-9956-ffa450edef68
* Explicitly reject CGI output which includes a Transfer-EncodingJoe Orton2024-05-201-0/+4
| | | | | | | | | | | | | | header, rather than drop it and send what's likely to be an unexpected or corrupted response. * modules/generators/cgi_common.h (cgi_handle_response): Send a 502 error if Transfer-Encoding is present in the response headers. PR: 68970 Github: closes #444 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917835 13f79535-47bb-0310-9956-ffa450edef68
* On Linux use the real thread id via gettid() in error logging,Joe Orton2024-05-081-0/+1
| | | | | | | | | | | | | | | where available, rather than the (meaningless) default pthread_self()-as-integer interpretation: * configure.in: Define DEFAULT_LOG_TID on Linux if gettid() is available. * server/log.c: Define DEFAULT_LOG_TID as NULL by default. (do_errorlog_default): Use DEFAULT_LOG_TID as the argument to log_tid(). Github: closes #443 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917578 13f79535-47bb-0310-9956-ffa450edef68
* * mod_tls: update version of rustls-ffi to v0.13.0. Stefan Eissing2024-04-221-0/+2
| | | | | | | | [Daniel McCarney (@cpu}] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917270 13f79535-47bb-0310-9956-ffa450edef68
* mpm_worker: Fix AH00045 about children processes not terminating timely.Yann Ylavic2024-04-121-0/+2
| | | | | | | | | | | | | | | | | | | * server/mpm/worker/worker.c(setup_threads_runtime): Create pollset with APR_POLLSET_WAKEABLE to be able to wake up the listener when stopping. * server/mpm/worker/worker.c(wakeup_listener): Wake up the listener using the wakeup pipe (apr_pollset_wakeup). * server/mpm/worker/worker.c(join_workers): Like mpm_event, don't depend on `pthread_kill(listener_thread, 0)` to check whether the listener has exited (this does not work on some systems), but use the "dying" global variable instead which is set by the listener just before exiting. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916926 13f79535-47bb-0310-9956-ffa450edef68
* * Ensure that we set the default DH parameters for the keyRuediger Pluem2024-04-081-0/+3
| | | | | | | | | | | | | Replace else with an if as the if branch no longer ensures that custome DH parameters have been loaded. This fixes a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR: 68863 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916863 13f79535-47bb-0310-9956-ffa450edef68
* mod_md: update to v2.4.26Stefan Eissing2024-04-081-0/+10
| | | | | | | | | | | | | | | | | | | | | | - Using OCSP stapling information to trigger certificate renewals. Proposed by @frasertweedale. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. Added by @frasertweedale. - Adapt OpenSSL usage to changes in their API. By Yann Ylavic. Test Updates - workarounds for using Pebble v2.5 - disable EAB tests for Pebble since v2.5 no longer supports HS256 FWT for EAB keys - some stability improvemnets in error/warning checks git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916861 13f79535-47bb-0310-9956-ffa450edef68
* Fix BrowserMatch for gvfs.Joe Orton2024-03-181-1/+2
| | | | | | | | PR: 66148 Submitted by: Romain Tartière <romain blogreen.org> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916381 13f79535-47bb-0310-9956-ffa450edef68
* mod_systemd: if SELinux is available and enabled, log the SELinuxJoe Orton2024-03-151-0/+2
| | | | | | | | | | | | | | | | | | context at startup, since this may vary when httpd is started via systemd vs being started directly. * modules/arch/unix/mod_systemd.c (systemd_post_config): Do nothing for the pre-config iteration. Log the SELinux context if available. * modules/arch/unix/config5.m4: Detect libselinux. Have at least one CI job build mod_systemd. Github: closes #422 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916344 13f79535-47bb-0310-9956-ffa450edef68
* shutdown carefully when threads don't startEric Covener2024-03-131-0/+3
| | | | | | | Submitted By: ylavic, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916267 13f79535-47bb-0310-9956-ffa450edef68
* Add missing changes-entries.Jean-Frederic Clere2024-02-141-0/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1915785 13f79535-47bb-0310-9956-ffa450edef68
* mod_dav: Update redirect-carefully example BrowserMatch config toJoe Orton2024-02-081-0/+3
| | | | | | | | | | match more recent client versions. PR: 66148, 67039 Submitted by: Michal Maloszewski <michal.maloszewski canonical.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1915651 13f79535-47bb-0310-9956-ffa450edef68
* * support/htcacheclean.c (list_urls): Continue rather than stoppingJoe Orton2024-02-011-0/+4
| | | | | | | | | | after listing a file for each subdirectory. PR: 65091 Submitted by: Artem Egorenkov <aegorenkov.91 gmail.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1915508 13f79535-47bb-0310-9956-ffa450edef68
* *) mod_http2: v2.0.26 with the following fixes:Stefan Eissing2024-01-171-0/+6
| | | | | | | | | | | - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes <https://github.com/icing/mod_h2/issues/272>. - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1915281 13f79535-47bb-0310-9956-ffa450edef68
* mod_headers: Avoid infinite recursion with the edit* action and empty matches.Yann Ylavic2024-01-161-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Change the recursion used for edit* to a loop using the new ap_regexec_ex() function taking the current position (offset) in the subject string. After an empty match do the same thing as pcre2_substitute() (or Perl's /g), that is: don't allow for another empty match at the same positition by setting the AP_REG_NOTEMPTY_ATSTART option. If there is a non-empty match use it, otherwise skip/consume the first character and continue from there. * modules/metadata/mod_headers.c: Rename the hdr_edit_r enum for edit* to hdr_edit_all to better express what is does (and since the action is not recursive anymore). * modules/metadata/mod_headers.c(push_string, push_match): New helpers to consume the subject and substitutions in an array of iovec. * modules/metadata/mod_headers.c(process_regexp): Implement the new logic, using push_match() and push_string() to fill the iovec array finally passed to apr_strcatv() for the resulting string. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1915271 13f79535-47bb-0310-9956-ffa450edef68
* * modules/http/chunk_filter.c (ap_http_chunk_filter): For a brigadeJoe Orton2023-12-201-0/+2
| | | | | | | | | | containing [FLUSH EOS], insert the last-chunk terminator before the FLUSH rather than between the FLUSH and the EOS. Github: closes #400 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1914804 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: Add support for loading keys from OpenSSL 3.x providers viaJoe Orton2023-12-051-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | the STORE API. Separates compile-time support for the STORE API (supported in 3.x) from support for the ENGINE API (deprecated in 3.x). * modules/ssl/ssl_private.h: Define MODSSL_HAVE_OPENSSL_STORE for OpenSSL 3.0+. * modules/ssl/ssl_engine_pphrase.c (modssl_load_store_uri, modssl_load_keypair_store): New functions. (modssl_load_keypair_engine): Renamed from modssl_load_keypair_engine. (modssl_load_engine_keypair): Reimplement to use new STORE-based functions if SSLCryptoDevice was not configured, or else old ENGINE implementation. * modules/ssl/ssl_util.c (modssl_is_engine_id): Match pkcs11: URIs also for the OpenSSL 3.x STORE API. * modules/ssl/ssl_engine_init.c (ssl_init_server_certs): Tweak log message on error paths for the provider/STORE case. Signed-off-by: Ingo Franzki <ifranzki linux.ibm.com> Submitted by: Ingo Franzki <ifranzki linux.ibm.com> Github: closes #397, closes #398 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1914365 13f79535-47bb-0310-9956-ffa450edef68
* Optimise handling LDAP authorization where LDAP was not usedGraham Leggett2023-11-231-0/+4
| | | | | | | previously for LDAP authentication. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1914067 13f79535-47bb-0310-9956-ffa450edef68
* Add an option to specify a source address.Graham Leggett2023-11-221-0/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1914045 13f79535-47bb-0310-9956-ffa450edef68
* mod_xml2enc: remove dependency on xmlstring headerEric Covener2023-11-211-0/+2
| | | | | | | | | Submitted by: ttachi <tachihara@hotmail.com> Github: closes #393 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1914013 13f79535-47bb-0310-9956-ffa450edef68
* mod_ldap: HTML-escape ldap-status handler.Eric Covener2023-11-161-0/+2
| | | | | | | | Reported by Chamal De Silva. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1913855 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1908537: CHANGES entry.Yann Ylavic2023-11-161-0/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1913832 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1913815: credit Joe in CHANGES too.Yann Ylavic2023-11-151-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1913816 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. PR 68080Yann Ylavic2023-11-151-0/+3
| | | | | | | | | | | | | | | | | | Also, always allow for "SSLCryptoDevice builtin" even if the ENGINE API is not available, OPENSSL_NO_ENGINE or more generally with the new API (providers) available since OpenSSL >= 3. * ssl_private.h: Set MODSSL_HAVE_ENGINE_API to 0 if OPENSSL_NO_ENGINE. * mod_ssl.c, ssl_engine_config.c: Don't depend on HAVE_OPENSSL_ENGINE_H and HAVE_ENGINE_INIT to provide [ssl_cmd_]SSLCryptoDevice. Submitted by: ylavic, jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1913815 13f79535-47bb-0310-9956-ffa450edef68
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 12:32:00 +0100