Return-Path: Delivered-To: apmail-httpd-bugs-archive@www.apache.org Received: (qmail 22454 invoked from network); 1 Aug 2008 11:39:52 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 1 Aug 2008 11:39:52 -0000 Received: (qmail 15788 invoked by uid 500); 1 Aug 2008 11:39:51 -0000 Delivered-To: apmail-httpd-bugs-archive@httpd.apache.org Received: (qmail 15741 invoked by uid 500); 1 Aug 2008 11:39:51 -0000 Mailing-List: contact bugs-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: "Apache HTTPD Bugs Notification List" List-Id: Delivered-To: mailing list bugs@httpd.apache.org Received: (qmail 15728 invoked by uid 99); 1 Aug 2008 11:39:51 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Aug 2008 04:39:51 -0700 X-ASF-Spam-Status: No, hits=-1998.5 required=10.0 tests=ALL_TRUSTED,WEIRD_PORT X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Aug 2008 11:38:53 +0000 Received: by brutus.apache.org (Postfix, from userid 33) id 02A1F234C18A; Fri, 1 Aug 2008 04:39:18 -0700 (PDT) From: bugzilla@apache.org To: bugs@httpd.apache.org Subject: DO NOT REPLY [Bug 45522] New: OCSP URIs in mod_ssl: use default port and path (if not supplied explicitly) X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: newchanged X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Apache httpd-2 X-Bugzilla-Component: mod_ssl X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: asfbugz@velox.ch X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: bugs@httpd.apache.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Date: Fri, 1 Aug 2008 04:39:18 -0700 (PDT) X-Virus-Checked: Checked by ClamAV on apache.org https://issues.apache.org/bugzilla/show_bug.cgi?id=45522 Summary: OCSP URIs in mod_ssl: use default port and path (if not supplied explicitly) Product: Apache httpd-2 Version: 2.3-HEAD Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: mod_ssl AssignedTo: bugs@httpd.apache.org ReportedBy: asfbugz@velox.ch CC: jorton@redhat.com Created an attachment (id=22344) --> (https://issues.apache.org/bugzilla/attachment.cgi?id=22344) Proposed patch When parsing OCSP responder URIs, mod_ssl currently requires them to be in the format http://responder.example.com:8888/responder Certificates from public CAs frequently omit both the port number and the url-path component in the AIA extension, however. I.e. we normally see certs with OCSP URIs such as http://EVIntl-ocsp.verisign.com http://ocsp.entrust.net http://ocsp.quovadisglobal.com http://ocsp.comodoca.com etc. With the attached patch, mod_ssl will use the default port for HTTP and "/" as the url-path for these "short forms" of OCSP responder URIs. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org For additional commands, e-mail: bugs-help@httpd.apache.org