VladPolskiy/apache-http-server
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-13 14:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,720 Commits 62 Branches 304 Tags
8047103871b9cca3277bcbf1284cae11ae533b47
Commit Graph

4 Commits

Author SHA1 Message Date
Joe Orton
8047103871 * modules/ssl/ssl_util_ocsp.c: Fix spelling mistake in comment; no 
functional change.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@600497 13f79535-47bb-0310-9956-ffa450edef68
 2007-12-03 11:58:42 +00:00
Joe Orton
080255428b * modules/ssl/ssl_util_ocsp.c (read_response): Bail out if the maximum 
response-header count is exceeded.  Also bump to APLOG_ERR the log
  message given after a header read error.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@600482 13f79535-47bb-0310-9956-ffa450edef68
 2007-12-03 11:15:31 +00:00
Joe Orton
fc7fdf4d26 * modules/ssl/ssl_util_ocsp.c (serialize_request): Fix query string 
handling.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@599496 13f79535-47bb-0310-9956-ffa450edef68
 2007-11-29 16:12:59 +00:00
Joe Orton
33c045efb2 mod_ssl: Add support for OCSP validation of client certificates: 
* modules/ssl/ssl_engine_config.c (modssl_ctx_init,
  modssl_ctx_cfg_merge): Initialize and merge OCSP config options.
  (ssl_cmd_SSLOCSPOverrideResponder, ssl_cmd_SSLOCSPDefaultResponder,
  ssl_cmd_SSLOCSPEnable): Add functions.

* modules/ssl/mod_ssl.c (ssl_config_cmds): Add config options.

* modules/ssl/ssl_private.h: Add prototypes, config options to
  modssl_ctx_t.

* modules/ssl/ssl_util_ocsp.c: New file, utility interface for
  dispatching OCSP requests.

* modules/ssl/ssl_engine_ocsp.c: New file, interface for performing
  OCSP validation.

* modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify): Perform
  OCSP validation if configured, and the cert is so-far verified to be
  trusted.  Fail if OCSP validation is configured an the optional-no-ca 
  check tripped.

* modules/ssl/config.m4: Check for OCSP support, build new files.

* modules/ssl/mod_ssl.dsp: Build new files.

* modules/ssl/ssl_toolkit_compat.h: Include headers for OCSP
  interfaces.

PR: 41123
Submitted by: Marc Stern <marc.stern approach.be>, Joe Orton
Reviewed by: Steve Henson <steve openssl.org>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@599385 13f79535-47bb-0310-9956-ffa450edef68
 2007-11-29 11:18:40 +00:00