"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/mod_md_ocsp.c" between
mod_md-2.4.2.tar.gz and mod_md-2.4.4.tar.gz

About: mod_md is an Apache module that adds Let's Encrypt (ACME) support.

mod_md_ocsp.c  (mod_md-2.4.2):mod_md_ocsp.c  (mod_md-2.4.4)
skipping to change at line 56 skipping to change at line 56
static int staple_here(md_srv_conf_t *sc) static int staple_here(md_srv_conf_t *sc)
{ {
if (!sc || !sc->mc->ocsp) return 0; if (!sc || !sc->mc->ocsp) return 0;
if (sc->assigned if (sc->assigned
&& sc->assigned->nelts == 1 && sc->assigned->nelts == 1
&& APR_ARRAY_IDX(sc->assigned, 0, const md_t*)->stapling) return 1; && APR_ARRAY_IDX(sc->assigned, 0, const md_t*)->stapling) return 1;
return (md_config_geti(sc, MD_CONFIG_STAPLING) return (md_config_geti(sc, MD_CONFIG_STAPLING)
&& md_config_geti(sc, MD_CONFIG_STAPLE_OTHERS)); && md_config_geti(sc, MD_CONFIG_STAPLE_OTHERS));
} }
int md_ocsp_init_stapling_status(server_rec *s, apr_pool_t *p,
X509 *cert, X509 *issuer)
{
md_srv_conf_t *sc;
const md_t *md;
apr_status_t rv;
sc = md_config_get(s);
if (!staple_here(sc)) goto declined;
md = ((sc->assigned && sc->assigned->nelts == 1)?
APR_ARRAY_IDX(sc->assigned, 0, const md_t*) : NULL);
rv = md_ocsp_prime(sc->mc->ocsp, NULL, 0, md_cert_wrap(p, cert),
md_cert_wrap(p, issuer), md);
ap_log_error(APLOG_MARK, APLOG_TRACE1, rv, s, "init stapling for: %s",
md? md->name : s->server_hostname);
if (APR_SUCCESS == rv) {
return OK;
}
declined:
return DECLINED;
}
int md_ocsp_prime_status(server_rec *s, apr_pool_t *p, int md_ocsp_prime_status(server_rec *s, apr_pool_t *p,
const char *id, apr_size_t id_len, const char *pem) const char *id, apr_size_t id_len, const char *pem)
{ {
md_srv_conf_t *sc; md_srv_conf_t *sc;
const md_t *md; const md_t *md;
apr_array_header_t *chain; apr_array_header_t *chain;
apr_status_t rv = APR_ENOENT; apr_status_t rv = APR_ENOENT;
sc = md_config_get(s); sc = md_config_get(s);
if (!staple_here(sc)) goto cleanup; if (!staple_here(sc)) goto cleanup;
skipping to change at line 121 skipping to change at line 98
cleanup: cleanup:
return (APR_SUCCESS == rv)? OK : DECLINED; return (APR_SUCCESS == rv)? OK : DECLINED;
} }
typedef struct { typedef struct {
unsigned char *der; unsigned char *der;
apr_size_t der_len; apr_size_t der_len;
} ocsp_copy_ctx_t; } ocsp_copy_ctx_t;
static void ocsp_copy_der(const unsigned char *der, apr_size_t der_len, void *us
erdata)
{
ocsp_copy_ctx_t *ctx = userdata;
memset(ctx, 0, sizeof(*ctx));
if (der && der_len > 0) {
ctx->der = OPENSSL_malloc(der_len);
if (ctx->der != NULL) {
ctx->der_len = der_len;
memcpy(ctx->der, der, der_len);
}
}
}
int md_ocsp_get_stapling_status(unsigned char **pder, int *pderlen,
conn_rec *c, server_rec *s, X509 *x)
{
md_srv_conf_t *sc;
const md_t *md;
md_cert_t *cert;
md_data_t id;
apr_status_t rv;
ocsp_copy_ctx_t ctx;
sc = md_config_get(s);
if (!staple_here(sc)) goto declined;
md = ((sc->assigned && sc->assigned->nelts == 1)?
APR_ARRAY_IDX(sc->assigned, 0, const md_t*) : NULL);
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, "get stapling for: %s",
md? md->name : s->server_hostname);
cert = md_cert_wrap(c->pool, x);
rv = md_ocsp_init_id(&id, c->pool, cert);
if (APR_SUCCESS != rv) goto declined;
rv = md_ocsp_get_status(ocsp_copy_der, &ctx, sc->mc->ocsp, id.data, id.len,
c->pool, md);
if (APR_STATUS_IS_ENOENT(rv)) goto declined;
*pder = ctx.der;
*pderlen = (int)ctx.der_len;
return OK;
declined:
return DECLINED;
}
int md_ocsp_provide_status(server_rec *s, conn_rec *c, int md_ocsp_provide_status(server_rec *s, conn_rec *c,
const char *id, apr_size_t id_len, const char *id, apr_size_t id_len,
ap_ssl_ocsp_copy_resp *cb, void *userdata) ap_ssl_ocsp_copy_resp *cb, void *userdata)
{ {
md_srv_conf_t *sc; md_srv_conf_t *sc;
const md_t *md; const md_t *md;
apr_status_t rv; apr_status_t rv;
sc = md_config_get(s); sc = md_config_get(s);
if (!staple_here(sc)) goto declined; if (!staple_here(sc)) goto declined;
 End of changes. 2 change blocks. 
70 lines changed or deleted 0 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)