httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r159354 - in httpd/httpd/branches/2.0.x: STATUS modules/ssl/ssl_engine_kernel.c
Date Tue, 29 Mar 2005 08:36:03 GMT
Author: jorton
Date: Tue Mar 29 00:36:02 2005
New Revision: 159354

URL: http://svn.apache.org/viewcvs?view=rev&rev=159354
Log:
Merge r111241 from trunk:

* modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify): Use
X509_STORE_CTX_get_ex_data() and SSL_get_ex_data_X509_STORE_CTX_idx()
to use the correct ex_data index from the context in pathological
cases where SSL_get_ex_data_X509_STORE_CTX_idx() does not return 0.

PR: 32529
Reviewed by: jorton, trawick, jerenkrantz

Modified:
    httpd/httpd/branches/2.0.x/STATUS
    httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?view=diff&r1=159353&r2=159354
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Tue Mar 29 00:36:02 2005
@@ -109,16 +109,6 @@
        svn rev 126565
        +1: bnicholes, trawick (no need for APLOG_NOERRNO in Apache >=2)
 
-    *) mod_ssl: fix to access mod_ssl-specific X509_STORE_CTX userdata
-       using the proper accessor function; matters only in some
-       pathological cases with OpenSSL global variables not getting
-       reset during reloads but is fatal in such cases.
-       http://svn.apache.org/viewcvs?view=rev&rev=111241
-       PR: 32529
-       jerenkrantz chimes in: X509_STORE_CTX_get_app_data is a macro around
-                              X509_STORE_CTX_get_ex_data(ctx,0).
-       +1: jorton, trawick, jerenkrantz
-
     *) several changes to improve logging of connection-oriented errors, including
        ap_log_cerror() API (needs minor bump in addition to changes below)
          http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/core.c?r1=1.289&r2=1.291

Modified: httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c?view=diff&r1=159353&r2=159354
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c Tue Mar 29 00:36:02 2005
@@ -1187,7 +1187,8 @@
 int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
 {
     /* Get Apache context back through OpenSSL context */
-    SSL *ssl            = (SSL *)X509_STORE_CTX_get_app_data(ctx);
+    SSL *ssl = X509_STORE_CTX_get_ex_data(ctx,
+                                          SSL_get_ex_data_X509_STORE_CTX_idx());
     conn_rec *conn      = (conn_rec *)SSL_get_app_data(ssl);
     server_rec *s       = conn->base_server;
     request_rec *r      = (request_rec *)SSL_get_app_data2(ssl);



Mime
View raw message