httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Kaluža <jkal...@redhat.com>
Subject Re: svn commit: 1573360 - SSLPassPhraseDialog arguments changed in 2.4.x
Date Wed, 16 Apr 2014 07:45:23 GMT
On 04/16/2014 09:35 AM, Plüm, Rüdiger, Vodafone Group wrote:
>
>
>> -----Original Message-----
>> From: Jan Kaluža [mailto:jkaluza@redhat.com]
>> Sent: Mittwoch, 16. April 2014 09:32
>> To: dev@httpd.apache.org
>> Subject: Re: svn commit: 1573360 - SSLPassPhraseDialog arguments changed
>> in 2.4.x
>>
>> On 04/16/2014 08:45 AM, Kaspar Brand wrote:
>>> On 14.04.2014 10:47, Jan Kaluža wrote:
>>>> On 04/12/2014 12:37 PM, Kaspar Brand wrote:
>>>>> We can partly restore the argument structure for "exec"-type programs,
>>>>> but effectively, lifting the limit of 2 (or 3) certs per SSL host
>> means
>>>>> that there's no longer a reliable way of determining if we are
>> actually
>>>>> loading an "RSA", "DSA", or "ECC" key when calling the
>>>>> SSLPassPhraseDialog program.
>>>>
>>>> It would be useful to have the same arguments as before, but if that's
>>>> not possible to do in all cases now, I would say just increasing the
>>>> arguments count won't help anything.
>>>
>>> I'm attaching a cleaned up patch, which does it in a somewhat more
>>> systematic way. If we apply this to 2.4.x, then we have at least
>>> compatibility with existing configs and exec-type SSLPassPhraseDialog
>>> programs.
>>
>> Thank you very much! I've tested the patch and it works for me. I think
>> for the basic backward compatibility it would be really great to have
>> that in 2.4.x.
>>
>
> Are we sure that ppcb_arg->key_id always contains a ':'?

I've checked that part of patch and if I'm right, the key_id is only 
created by asn1_table_vhost_key(...) like this:

char *key = apr_psprintf(p, "%s:%d", id, i);

So this part should be OK.

> Regards
>
> Rüdiger
>

Regards,
Jan Kaluza


Mime
View raw message