httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Trevor Perrin <tr...@trevp.net>
Subject Re: [PATCH 55593] Add "SSLServerInfoFile" directive
Date Thu, 10 Oct 2013 22:18:22 GMT
On Wed, Oct 9, 2013 at 6:52 AM, Dr Stephen Henson
<shenson@opensslfoundation.com> wrote:
>
> Technically the "current certificate" concept doesn't need exposing at all. You
> just have to make sure you set all the relevant parameters *after* you set the
> certificate they apply to and *before* you set another one.

Hi Stephen,

Thanks a lot for your continued help.  I'm trying to figure out how to do that:

In ssl_engine_config.c, when a ServerInfoFile is encountered in the
config file (whether directive or SSL_CONF), the code could look at
sc->server->pks->cert_files to figure out the most recent
"SSLCertificateFile", and its index.

But by ssl_engine_init.c, the certs have been read, parsed, and
translated into a table indexed by algorithm type, and accessed via
ssl_asn1_table_get(...).

How would you expect the code to track the Cert -> ServerInfo
relationship between these points?

Trevor

Mime
View raw message