httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kaspar Brand <>
Subject Re: mod_ssl: inline SSL_X509_INFO_load_path(); please review
Date Sat, 02 May 2015 09:11:59 GMT
On 01.05.2015 17:11, Stefan Sperling wrote:
> I believe SSL_X509_INFO_load_path() should be inlined into
> its only caller.

I'm +1 for this. The "Low-Level CA Certificate Loading" part in
ssl_util_ssl.c is / was only used by ssl_init_proxy_certs, so I would be
in favor of also moving SSL_X509_INFO_load_file to ssl_engine_init.c
(and making it static).

> Regarding the removed comment about merging the dir-read loop
> with another one: I don't think that's worth it.

If we can get rid of code duplication on this occasion, then I think we
should do so - it makes future maintenance easier if there is common
code for loading CA files from a directory, be that for client
authentication (SSLCACertificatePath) or for proxy connections


View raw message