summaryrefslogtreecommitdiffstats
path: root/modules/ssl/ssl_engine_pphrase.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Pass the server_rec to ssl_die() and use it to log a message to the main errorStefan Fritsch2012-06-101-9/+9
| | | | | | | log, pointing to the appropriate virtual host error log git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1348660 13f79535-47bb-0310-9956-ffa450edef68
* Various code cleanup to avoid compiler, cppcheck, or clang warnings:Stefan Fritsch2011-12-181-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | modules/debugging/mod_firehose.c: Make some internal functions static (to do: logs_cleanup() is unused) modules/filters/mod_charset_lite.c: Remove dead assignments modules/filters/mod_include.c: likewise modules/metadata/mod_usertrack.c: likewise modules/proxy/mod_proxy_ftp.c: likewise modules/ssl/ssl_engine_pphrase.c: likewise modules/proxy/mod_proxy_balancer.c: likewise; Remove NULL check that can never happen modules/proxy/proxy_util.c: Axe NULL-check that can never happen and if it would, it would just mask another bug os/unix/unixd.c: likewise modules/http/http_filters.c: Remove sub-condition that is always true modules/lua/mod_lua.c: Add default cases to switch statements modules/generators/mod_autoindex.c: Unsigned value can never be < 0 server/util_expr_eval.c: Fix compiler warnings with VC and on OS2 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1220493 13f79535-47bb-0310-9956-ffa450edef68
* Add some more log message tagsStefan Fritsch2011-12-051-12/+12
| | | | | | | | | Add some more mod_ssl macros that confuse coccinelle. Remove restriction on format string because it causes coccinelle to not consider multi line format strings. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1210284 13f79535-47bb-0310-9956-ffa450edef68
* Add some more log message tagsStefan Fritsch2011-12-041-7/+7
| | | | | | | | | | | | | Remove some log message tags from ap_log_* calls that log lots of different error messages, in particular the config parsing errors. Not sure how we should handle those. ssl_util.c: Downgrade some dynamic locking messages from level DEBUG to TRACE1-3 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1210252 13f79535-47bb-0310-9956-ffa450edef68
* Add lots of unique tags to error log messagesStefan Fritsch2011-12-031-5/+5
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1209766 13f79535-47bb-0310-9956-ffa450edef68
* Cleanup effort in prep for GA push:Jim Jagielski2011-09-231-1/+1
| | | | | | | | Trim trailing whitespace... no func change git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1174751 13f79535-47bb-0310-9956-ffa450edef68
* Drop support for the RSA BSAFE SSL-C toolkit from configure,Kaspar Brand2011-08-071-10/+0
| | | | | | | | | | | and remove #ifdef'ed code from mod_ssl and ab where applicable. Consensus for dropping support for SSL/TLS toolkits other than OpenSSL was reached on dev@httpd in June 2010 (message with ID <20100602162310.GA11156@redhat.com> and follow-ups). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154683 13f79535-47bb-0310-9956-ffa450edef68
* Add some debug logging when loading server certificatesStefan Fritsch2011-06-291-5/+12
| | | | | | | | | PR: 37912 Submitted by: Nick Burch <nick burch alfresco com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1141223 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c: Fix comment, no functional change.Joe Orton2011-06-011-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1130145 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_private.h: Drop some redundant/unused macros; pickJoe Orton2011-03-161-2/+2
| | | | | | | | | | | up stdlib.h. * modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle), modules/ssl/ssl_engine_vars.c: Stop pretending mod_ssl has a version independent of the rest of the server. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1082202 13f79535-47bb-0310-9956-ffa450edef68
* fix some grammar mistakes, mostly in commentsJeff Trawick2011-03-121-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1080821 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle): Fix possibleJoe Orton2011-02-111-16/+18
| | | | | | | | | | | | | | | startup failure in cases where multiple vhosts share the same "vhost-id" and private key file. The cached-key case would previously cause an abrupt return from the function, which could prevent processing of configured keypairs for other vhosts. There is no apparent reason to check for a "cache hit" against cached keys using *any* algorithm types; instead only check against a key with the matching type. Submitted by: Masahiro Matsuya <matsuya redhat.com>, jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1069772 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle): Simplify toJoe Orton2011-02-111-7/+24
| | | | | | | | | | calculate hash index only once per loop iteration; no (intended) functional change. Add comments and tweak a log message. * modules/ssl/ssl_private.h: Add comments. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1069765 13f79535-47bb-0310-9956-ffa450edef68
* Consistently use loglevel emerg before ssl_die()Stefan Fritsch2010-10-241-14/+14
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1026903 13f79535-47bb-0310-9956-ffa450edef68
* remove more unused variablesStefan Fritsch2010-08-041-2/+1
| | | | | | | | | revove some obsolete comments netware file is untested git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@982050 13f79535-47bb-0310-9956-ffa450edef68
* Introduce SSLLOG_MARK for use with ssl_log_ssl_error(). This will allow toStefan Fritsch2010-06-041-7/+7
| | | | | | | redefine APLOG_MARK later. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@951194 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: The error message when SSLCertificateFile is missing should atGraham Leggett2009-09-091-1/+2
| | | | | | | | least give the name or position of the problematic virtual host definition. [Stefan Fritsch sf sfritsch.de] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@813105 13f79535-47bb-0310-9956-ffa450edef68
* Layout and compiler warning.Ben Laurie2006-07-231-23/+26
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@424735 13f79535-47bb-0310-9956-ffa450edef68
* Add PKCS#7 support.Ben Laurie2006-07-231-17/+26
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@424707 13f79535-47bb-0310-9956-ffa450edef68
* update license header textRoy T. Fielding2006-07-111-6/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@420983 13f79535-47bb-0310-9956-ffa450edef68
* Update the copyright year in all .c, .h and .xml filesColm MacCarthaigh2006-04-191-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@395228 13f79535-47bb-0310-9956-ffa450edef68
* No functional Change: Removing trailing whitespace. This alsoJim Jagielski2005-11-101-12/+12
| | | | | | | | means that "blank" lines consisting of just spaces or tabs are now really blank lines git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@332306 13f79535-47bb-0310-9956-ffa450edef68
* No functional change: simple detabbing of indented code.Jim Jagielski2005-11-101-4/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@332305 13f79535-47bb-0310-9956-ffa450edef68
* Update copyright year to 2005 and standardize on current copyright owner line.Justin Erenkrantz2005-02-041-1/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@151408 13f79535-47bb-0310-9956-ffa450edef68
* Move mod_ssl-internal interfaces into ssl_private.h; allow mod_ssl.hJoe Orton2004-02-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | to be included even when mod_ssl is not enabled. * Makefile.in (install-include): Only install mod_ssl.h. * modules/ssl/ssl_private.h: New file. * modules/ssl/mod_ssl.h: Move everything apart from than the optional hook definitions into ssl_private.h. * modules/ssl/*.c: Include ssl_private.h not mod_ssl.h * modules/ssl/config.m4: Always add the mod_ssl directory to the include path so other modules can find mod_ssl.h. * modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional hook definitions rather than copy'n'pasting them. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102803 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle): WordingJoe Orton2004-02-221-3/+3
| | | | | | | tweaks. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102747 13f79535-47bb-0310-9956-ffa450edef68
* * modules/ssl/ssl_engine_pphrase.c: Note that the ERR_clear_error()Joe Orton2004-02-101-2/+3
| | | | | | | call is not merely a cosmetic fix in light of PR 21160. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102628 13f79535-47bb-0310-9956-ffa450edef68
* fix name of The Apache Software FoundationAndré Malo2004-02-091-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102618 13f79535-47bb-0310-9956-ffa450edef68
* fix copyright dates according to the first check inAndré Malo2004-02-081-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102573 13f79535-47bb-0310-9956-ffa450edef68
* apply Apache License, Version 2.0André Malo2004-02-061-54/+20
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102525 13f79535-47bb-0310-9956-ffa450edef68
* update license to 2004.André Malo2004-01-011-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102135 13f79535-47bb-0310-9956-ffa450edef68
* Fix a cosmetic issue where OpenSSL 0.9.7 will dump the error stackJoe Orton2003-10-221-0/+4
| | | | | | | | | | during pass phrase entry. * ssl_engine_pphrase.c (ssl_pphrase_Handle): Clear the OpenSSL error stack before reading the private key. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101515 13f79535-47bb-0310-9956-ffa450edef68
* Introduce a number of SSLC hints to mod_ssl, including the followingWilliam A. Rowe Jr2003-04-031-5/+10
| | | | | | | | | | | | | | | | type overrides; MODSSL_CLIENT_CERT_CB_ARG_TYPE MODSSL_PCHAR_CAST (for a host of non-void/const sslc values) modssl_read_bio_cb_fn (for several callbacks with same prototypes) Declare callback functions appropriately. And protect us from indetermineant toolkits with #error "Unrecognized SSL Toolkit!" git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99183 13f79535-47bb-0310-9956-ffa450edef68
* finished that boring job:André Malo2003-02-031-1/+1
| | | | | | | | | update license to 2003. Happy New Year! ;-)) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98573 13f79535-47bb-0310-9956-ffa450edef68
* These emits occur mainline, outside of the pphrase_callback, so we neverWilliam A. Rowe Jr2002-06-171-6/+3
| | | | | | | | | | | | | | | | | opened readtty or writetty. But they are absolute failures, nothing the user could do to deal with them. They are logged in the ssl vhost's error log. In this case, I forgot my SSLCertificateKeyFile, so the server never tried the callback. writetty wasn't initialized, so we segfaulted. This segfault is due to misconfig, not to the dialog with the user. This is the easiest fix (easier to read, too), but we shouldn't need to worry too much that the release is tagged. If we retag, fine, then grab it, but it only addresses a config problem. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95734 13f79535-47bb-0310-9956-ffa450edef68
* This definitely gets the award for least useful error message of the month.Cliff Woolley2002-05-311-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | Not only should it just say "can't do that on win32," which is after all the bottom line, it was spitting out openssl error messages which were totally useless. Eg: [30/May/2002 17:31:17 05760] [error] Init: PassPhraseDialog BuiltIn not supported in server private key from file F:/Apache/Apache2/conf/ssl/secure.key (OpenSSL library error follows) [30/May/2002 17:31:17 05760] [error] OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag [30/May/2002 17:31:17 05760] [error] OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing [30/May/2002 17:31:17 05760] [error] OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib Which is essentially saying "OpenSSL couldn't read your private key because it was encrypted, and we can't get the passphrase the way you asked us to on this platform." Brought to my attention by the inquiry of: Chris Hsiang <chsiang@ivivos.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95415 13f79535-47bb-0310-9956-ffa450edef68
* stop using APLOG_NOERRNO in calls to ap_log_[pr]error()Jeff Trawick2002-05-171-20/+20
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95150 13f79535-47bb-0310-9956-ffa450edef68
* tweak an error message for readabilityJeff Trawick2002-05-161-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95135 13f79535-47bb-0310-9956-ffa450edef68
* Change mod_ssl from using ssl_log() to ap_log_error().Justin Erenkrantz2002-05-161-53/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | | The issue is that ssl_log doesn't handle apr_status_t result codes. This leads to a number of places (esp. with mutexes) where the error codes get lost. Rather than extending ssl_log further, since mod_ssl is part of our core, migrate to ap_log_error. This means that mod_ssl no longer does its own logging. Most uses of SSL_ADD_ERRNO are now mapped correctly to apr_status_t values (mainly because the APIs that used to return errnos are now APRized and have apr_status_t codes available). SSL_LOG_TRACE and SSL_LOG_DEBUG were mapped to the APLOG_DEBUG values. mod_ssl prints out a LOT of debugging information, so mod_ssl with LogLevel Debug may not be a good idea - perhaps mod_ssl should be less chatty. Numerous printf type collisions were also resolved. (The ssl logging code itself will be removed in a subsequent commit.) This has been discussed on dev@httpd, but the fact that there isn't much to review besides the mindless changes, I'm going to commit now and rely on CTR if I screwed up anything on the translation. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95127 13f79535-47bb-0310-9956-ffa450edef68
* Stop using SSL_ADD_SSLERR option in ssl_log() and replace with newJustin Erenkrantz2002-05-161-8/+17
| | | | | | | | | | | ssl_log_ssl_error() function that wraps ap_log_error instead. This begins the migration from ssl_log() -> ap_log_error(). Divorcing ourselves from the SSL_ADD_SSLERR option is required to make the next pass easier. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95122 13f79535-47bb-0310-9956-ffa450edef68
* Fix a case where an invalid pass phrase is entered and anPaul J. Reder2002-05-011-1/+1
| | | | | | | | error message is given, but the prompt is not shown again. This left the user in an ambiguous state. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94896 13f79535-47bb-0310-9956-ffa450edef68
* breakup SSLSrvConfigRec in preparation for proxy support:Doug MacEachern2002-03-281-26/+26
| | | | | | | | | | | | | + modssl_pk_server_t - certs/keys for the server + modssl_pk_proxy_t - certs/keys for the proxy + modssl_auth_ctx_t - stuff related to authentication that can also be per-dir, used by both server and proxy + modssl_ctx_t - context that can be used by both server and proxy + SSLSrvConfigRec - now contains original stuff specific to the server config and modssl_ctx_t *server, *proxy git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94267 13f79535-47bb-0310-9956-ffa450edef68
* de-hungarian-ize server config member names which are going to stayDoug MacEachern2002-03-281-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94264 13f79535-47bb-0310-9956-ffa450edef68
* there is a heaping pile of:Doug MacEachern2002-03-281-15/+14
| | | | | | | | | ssl_log(s, flags, "Init: (%s) ...", sc->szVHostID) add SSL_INIT flag to cut down some noise and end up with: ssl_log(s, flags, "...") git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94247 13f79535-47bb-0310-9956-ffa450edef68
* bringing back MOD_SSL_VERSION macro, define it to AP_SERVER_BASEVERSIONDoug MacEachern2002-03-271-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94231 13f79535-47bb-0310-9956-ffa450edef68
* adjustment for sslc where its PEM_read_bio_PrivateKey does not take aDoug MacEachern2002-03-271-3/+18
| | | | | | | callback arg. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94230 13f79535-47bb-0310-9956-ffa450edef68
* static-ize {write,read}tty variablesDoug MacEachern2002-03-271-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94227 13f79535-47bb-0310-9956-ffa450edef68
* the mod_ssl provided with Apache >= 2.0 no longer has an independentJeff Trawick2002-03-221-1/+1
| | | | | | | version number git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94111 13f79535-47bb-0310-9956-ffa450edef68
* Clear up a const warning, and recognize some arrays by changing theWilliam A. Rowe Jr2002-03-171-5/+5
| | | | | | | | variable names to the plural [rather than aszFoo, which I hope continues to be cleaned up as folks have time.] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93982 13f79535-47bb-0310-9956-ffa450edef68
* deal with the rename of kill_after_timeout to APR_KILL_AFTER_TIMEOUTJeff Trawick2002-03-141-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93940 13f79535-47bb-0310-9956-ffa450edef68
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-13 10:34:10 +0100