httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From b..@apache.org
Subject svn commit: r424735 - in /httpd/httpd/trunk/modules/ssl: mod_ssl.c ssl_engine_init.c ssl_engine_pphrase.c ssl_util.c
Date Sun, 23 Jul 2006 13:17:29 GMT
Author: ben
Date: Sun Jul 23 06:17:28 2006
New Revision: 424735

URL: http://svn.apache.org/viewvc?rev=424735&view=rev
Log:
Layout and compiler warning.

Modified:
    httpd/httpd/trunk/modules/ssl/mod_ssl.c
    httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
    httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c
    httpd/httpd/trunk/modules/ssl/ssl_util.c

Modified: httpd/httpd/trunk/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl.c?rev=424735&r1=424734&r2=424735&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/trunk/modules/ssl/mod_ssl.c Sun Jul 23 06:17:28 2006
@@ -112,8 +112,8 @@
                 "SSL Server CA Certificate Chain file "
                 "(`/path/to/file' - PEM encoded)")
     SSL_CMD_SRV(PKCS7CertificateFile, TAKE1,
-		"PKCS#7 file containing server certificate and chain"
-		" certificates (`/path/to/file' - PEM ecnoded)")
+                "PKCS#7 file containing server certificate and chain"
+                " certificates (`/path/to/file' - PEM ecnoded)")
     SSL_CMD_ALL(CACertificatePath, TAKE1,
                 "SSL CA Certificate path "
                 "(`/path/to/dir' - contains PEM encoded files)")

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=424735&r1=424734&r2=424735&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Sun Jul 23 06:17:28 2006
@@ -654,8 +654,8 @@
     int n;
 
     if (!mctx->ssl_ctx->extra_certs)
-	for (n = 1; n < sk_X509_num(certs); ++n)
-	    SSL_CTX_add_extra_chain_cert(mctx->ssl_ctx, sk_X509_value(certs, n));
+        for (n = 1; n < sk_X509_num(certs); ++n)
+            SSL_CTX_add_extra_chain_cert(mctx->ssl_ctx, sk_X509_value(certs, n));
 }
 
 static void ssl_init_ctx_cert_chain(server_rec *s,
@@ -668,8 +668,8 @@
     const char *chain = mctx->cert_chain;
 
     if (mctx->pkcs7) {
-	ssl_init_ctx_pkcs7_cert_chain(s,mctx);
-	return;
+        ssl_init_ctx_pkcs7_cert_chain(s, mctx);
+        return;
     }
 
     /*

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c?rev=424735&r1=424734&r2=424735&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c Sun Jul 23 06:17:28 2006
@@ -186,7 +186,7 @@
          * because this file isn't encrypted in any way.
          */
         if (sc->server->pks->cert_files[0] == NULL
-	    && sc->server->pkcs7 == NULL) {
+            && sc->server->pkcs7 == NULL) {
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, pServ,
                          "Server should be SSL-aware but has no certificate "
                          "configured [Hint: SSLCertificateFile]");
@@ -196,28 +196,31 @@
         algoCert = SSL_ALGO_UNKNOWN;
         algoKey  = SSL_ALGO_UNKNOWN;
         for (i = 0, j = 0; i < SSL_AIDX_MAX
-		 && (sc->server->pks->cert_files[i] != NULL
-		     || sc->server->pkcs7); i++) {
-	    if (sc->server->pkcs7) {
-		STACK_OF(X509) *certs = ssl_read_pkcs7(pServ, sc->server->pkcs7);
-
-		pX509Cert = sk_X509_value(certs, 0);
-		i = SSL_AIDX_MAX;
-	    } else {
-		apr_cpystrn(szPath, sc->server->pks->cert_files[i], sizeof(szPath));
-		if ((rv = exists_and_readable(szPath, p, NULL)) != APR_SUCCESS) {
-		    ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
-				 "Init: Can't open server certificate file %s",
-				 szPath);
-		    ssl_die();
-		}
-		if ((pX509Cert = SSL_read_X509(szPath, NULL, NULL)) == NULL) {
-		    ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
-				 "Init: Unable to read server certificate from file %s", szPath);
-		    ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s);
-		    ssl_die();
-		}
-	    }
+                 && (sc->server->pks->cert_files[i] != NULL
+                     || sc->server->pkcs7); i++) {
+            if (sc->server->pkcs7) {
+                STACK_OF(X509) *certs = ssl_read_pkcs7(pServ,
+                                                       sc->server->pkcs7);
+                pX509Cert = sk_X509_value(certs, 0);
+                i = SSL_AIDX_MAX;
+            } else {
+                apr_cpystrn(szPath, sc->server->pks->cert_files[i],
+                            sizeof(szPath));
+                if ((rv = exists_and_readable(szPath, p, NULL))
+                    != APR_SUCCESS) {
+                    ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+                                 "Init: Can't open server certificate file %s",
+                                 szPath);
+                    ssl_die();
+                }
+                if ((pX509Cert = SSL_read_X509(szPath, NULL, NULL)) == NULL) {
+                    ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                                 "Init: Unable to read server certificate from"
+                                 " file %s", szPath);
+                    ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s);
+                    ssl_die();
+                }
+            }
             /*
              * check algorithm type of certificate and make
              * sure only one certificate per type is used.

Modified: httpd/httpd/trunk/modules/ssl/ssl_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util.c?rev=424735&r1=424734&r2=424735&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util.c Sun Jul 23 06:17:28 2006
@@ -268,43 +268,45 @@
 STACK_OF(X509) *ssl_read_pkcs7(server_rec *s,const char *pkcs7)
 {
     PKCS7 *p7;
-    STACK_OF(X509) *certs;
+    STACK_OF(X509) *certs = NULL;
     FILE *f;
 
     f = fopen(pkcs7, "r");
     if (!f) {
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, "Can't open %s", pkcs7);
-	ssl_die();
+        ssl_die();
     }
 
     p7 = PEM_read_PKCS7(f,NULL,NULL,NULL);
     if (!p7) {
-	ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
-		     "Can't read PKCS7 object %s", pkcs7);
-	ssl_log_ssl_error(APLOG_MARK, APLOG_CRIT, s);
-	exit(1);
+        ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
+                     "Can't read PKCS7 object %s", pkcs7);
+        ssl_log_ssl_error(APLOG_MARK, APLOG_CRIT, s);
+        exit(1);
     }
 
     switch (OBJ_obj2nid(p7->type)) {
     case NID_pkcs7_signed:
-	certs = p7->d.sign->cert;
-	break;
+        certs = p7->d.sign->cert;
+        break;
 
     case NID_pkcs7_signedAndEnveloped:
-	certs = p7->d.signed_and_enveloped->cert;
-	break;
+        certs = p7->d.signed_and_enveloped->cert;
+        break;
 
     default:
-	ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
-		     "Don't understand PKCS7 file %s", pkcs7);
-	ssl_die();
+        ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
+                     "Don't understand PKCS7 file %s", pkcs7);
+        ssl_die();
     }
 
     if (!certs) {
-	ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
-		     "No certificates in %s", pkcs7);
-	ssl_die();
+        ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
+                     "No certificates in %s", pkcs7);
+        ssl_die();
     }
+
+    fclose(f);
 
     return certs;
 }



Mime
View raw message