Return-Path: Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 88676 invoked by uid 500); 22 Nov 2001 00:40:12 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 88665 invoked by uid 500); 22 Nov 2001 00:40:11 -0000 Delivered-To: apmail-httpd-2.0-cvs@apache.org Date: 22 Nov 2001 00:25:00 -0000 Message-ID: <20011122002500.59506.qmail@icarus.apache.org> From: dougm@apache.org To: httpd-2.0-cvs@apache.org Subject: cvs commit: httpd-2.0/modules/ssl mod_ssl.c mod_ssl.h ssl_engine_kernel.c X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N dougm 01/11/21 16:25:00 Modified: modules/ssl mod_ssl.c mod_ssl.h ssl_engine_kernel.c Log: move c->notes.ssl::verify::depth to SSLConnRec.verify_depth note: may actually be removed unless somebody can figure out why it is in there to begin with Revision Changes Path 1.35 +0 -1 httpd-2.0/modules/ssl/mod_ssl.c Index: mod_ssl.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- mod_ssl.c 2001/11/21 22:29:14 1.34 +++ mod_ssl.c 2001/11/22 00:25:00 1.35 @@ -274,7 +274,6 @@ SSL_set_app_data(ssl, c); apctx = apr_table_make(c->pool, AP_CTX_MAX_ENTRIES); apr_table_setn(apctx, "ssl::request_rec", NULL); - apr_table_setn(apctx, "ssl::verify::depth", AP_CTX_NUM2PTR(0)); SSL_set_app_data2(ssl, apctx); sslconn->ssl = ssl; 1.39 +1 -0 httpd-2.0/modules/ssl/mod_ssl.h Index: mod_ssl.h =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v retrieving revision 1.38 retrieving revision 1.39 diff -u -r1.38 -r1.39 --- mod_ssl.h 2001/11/21 22:29:14 1.38 +++ mod_ssl.h 2001/11/22 00:25:00 1.39 @@ -462,6 +462,7 @@ ssl_shutdown_type_e shutdown_type; const char *verify_info; const char *verify_error; + int verify_depth; } SSLConnRec; typedef struct { 1.25 +5 -9 httpd-2.0/modules/ssl/ssl_engine_kernel.c Index: ssl_engine_kernel.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_kernel.c,v retrieving revision 1.24 retrieving revision 1.25 diff -u -r1.24 -r1.25 --- ssl_engine_kernel.c 2001/11/21 22:29:14 1.24 +++ ssl_engine_kernel.c 2001/11/22 00:25:00 1.25 @@ -371,11 +371,9 @@ STACK_OF(SSL_CIPHER) *skCipherOld; STACK_OF(SSL_CIPHER) *skCipher; SSL_CIPHER *pCipher; - apr_table_t *apctx; int nVerifyOld; int nVerify; int n; - void *vp; int rc; dc = myDirConfig(r); @@ -522,13 +520,11 @@ * restriction on the certificate chain). */ if (dc->nVerifyDepth != UNSET) { - apctx = (apr_table_t *)SSL_get_app_data2(ssl); - if ((vp = (void *)apr_table_get(apctx, "ssl::verify::depth")) != NULL) - n = (int)AP_CTX_PTR2NUM(vp); - else - n = sc->nVerifyDepth; - apr_table_setn(apctx, "ssl::verify::depth", - (const char *)AP_CTX_NUM2PTR(dc->nVerifyDepth)); + /* XXX: doesnt look like sslconn->verify_depth is actually used */ + if (!(n = sslconn->verify_depth)) { + sslconn->verify_depth = n = sc->nVerifyDepth; + } + /* determine whether a renegotiation has to be forced */ if (dc->nVerifyDepth < n) { renegotiate = TRUE;