Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
Message-ID: <20050329083603.4050.qmail@minotaur.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Date: Tue, 29 Mar 2005 08:36:03 -0000
Subject: svn commit: r159354 - in httpd/httpd/branches/2.0.x: STATUS
 modules/ssl/ssl_engine_kernel.c
To: cvs@httpd.apache.org
From: jorton@apache.org

Author: jorton
Date: Tue Mar 29 00:36:02 2005
New Revision: 159354

URL: http://svn.apache.org/viewcvs?view=3Drev&rev=3D159354
Log:
Merge r111241 from trunk:

* modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify): Use
X509_STORE_CTX_get_ex_data() and SSL_get_ex_data_X509_STORE_CTX_idx()
to use the correct ex_data index from the context in pathological
cases where SSL_get_ex_data_X509_STORE_CTX_idx() does not return 0.

PR: 32529
Reviewed by: jorton, trawick, jerenkrantz

Modified:
    httpd/httpd/branches/2.0.x/STATUS
    httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?view=
=3Ddiff&r1=3D159353&r2=3D159354
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Tue Mar 29 00:36:02 2005
@@ -109,16 +109,6 @@
        svn rev 126565
        +1: bnicholes, trawick (no need for APLOG_NOERRNO in Apache >=3D2)
=20
-    *) mod_ssl: fix to access mod_ssl-specific X509_STORE_CTX userdata
-       using the proper accessor function; matters only in some
-       pathological cases with OpenSSL global variables not getting
-       reset during reloads but is fatal in such cases.
-       http://svn.apache.org/viewcvs?view=3Drev&rev=3D111241
-       PR: 32529
-       jerenkrantz chimes in: X509_STORE_CTX_get_app_data is a macro around
-                              X509_STORE_CTX_get_ex_data(ctx,0).
-       +1: jorton, trawick, jerenkrantz
-
     *) several changes to improve logging of connection-oriented errors, i=
ncluding
        ap_log_cerror() API (needs minor bump in addition to changes below)
          http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/core.c?r1=3D1.=
289&r2=3D1.291

Modified: httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/ssl/s=
sl_engine_kernel.c?view=3Ddiff&r1=3D159353&r2=3D159354
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/branches/2.0.x/modules/ssl/ssl_engine_kernel.c Tue Mar 29 0=
0:36:02 2005
@@ -1187,7 +1187,8 @@
 int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
 {
     /* Get Apache context back through OpenSSL context */
-    SSL *ssl            =3D (SSL *)X509_STORE_CTX_get_app_data(ctx);
+    SSL *ssl =3D X509_STORE_CTX_get_ex_data(ctx,
+                                          SSL_get_ex_data_X509_STORE_CTX_i=
dx());
     conn_rec *conn      =3D (conn_rec *)SSL_get_app_data(ssl);
     server_rec *s       =3D conn->base_server;
     request_rec *r      =3D (request_rec *)SSL_get_app_data2(ssl);