Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 155840 Details for
Bug 241936
Sync mod_nss to mod_ssl in Apache 2.2.4
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Applied differences of 2.0.59 -> 2.2.4
sync.diff (text/plain), 14.11 KB, created by
Rob Crittenden
on 2007-05-31 20:41:55 UTC
(
hide
)
Description:
Applied differences of 2.0.59 -> 2.2.4
Filename:
MIME Type:
Creator:
Rob Crittenden
Created:
2007-05-31 20:41:55 UTC
Size:
14.11 KB
patch
obsolete
>Index: mod_nss.c >=================================================================== >RCS file: /cvs/dirsec/mod_nss/mod_nss.c,v >retrieving revision 1.15 >diff -u -r1.15 mod_nss.c >--- mod_nss.c 20 Oct 2006 15:23:39 -0000 1.15 >+++ mod_nss.c 31 May 2007 20:40:28 -0000 >@@ -206,7 +206,7 @@ > > SSLConnRec *sslconn; > >- if (!sc->enabled) { >+ if (sc->enabled == FALSE) { > return 0; > } > >Index: mod_nss.h >=================================================================== >RCS file: /cvs/dirsec/mod_nss/mod_nss.h,v >retrieving revision 1.17 >diff -u -r1.17 mod_nss.h >--- mod_nss.h 20 Oct 2006 15:23:39 -0000 1.17 >+++ mod_nss.h 31 May 2007 20:40:29 -0000 >@@ -446,9 +446,6 @@ > > /* Utility Functions */ > char *nss_util_vhostid(apr_pool_t *, server_rec *); >-void nss_util_strupper(char *); >-void nss_util_uuencode(char *, const char *, BOOL); >-void nss_util_uuencode_binary(unsigned char *, const unsigned char *, int, BOOL); > apr_file_t *nss_util_ppopen(server_rec *, apr_pool_t *, const char *, > const char * const *); > void nss_util_ppclose(server_rec *, apr_pool_t *, apr_file_t *); >Index: nss_engine_init.c >=================================================================== >RCS file: /cvs/dirsec/mod_nss/nss_engine_init.c,v >retrieving revision 1.28 >diff -u -r1.28 nss_engine_init.c >--- nss_engine_init.c 1 Feb 2007 14:06:56 -0000 1.28 >+++ nss_engine_init.c 31 May 2007 20:40:30 -0000 >@@ -1036,13 +1036,13 @@ > apr_pool_t *ptemp, > SSLSrvConfigRec *sc) > { >- if (sc->enabled) { >+ if (sc->enabled == TRUE) { > ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, > "Configuring server for SSL protocol"); > nss_init_server_ctx(s, p, ptemp, sc); > } > >- if (sc->proxy_enabled) { >+ if (sc->proxy_enabled == TRUE) { > ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, > "Enabling proxy."); > nss_init_proxy_ctx(s, p, ptemp, sc); >@@ -1070,7 +1070,7 @@ > for (s = base_server; s; s = s->next) { > sc = mySrvConfig(s); > >- if (sc->enabled) { >+ if (sc->enabled == TRUE) { > if (sc->server->nickname) { > CERT_DestroyCertificate(sc->server->servercert); > SECKEY_DestroyPrivateKey(sc->server->serverkey); >Index: nss_engine_io.c >=================================================================== >RCS file: /cvs/dirsec/mod_nss/nss_engine_io.c,v >retrieving revision 1.7 >diff -u -r1.7 nss_engine_io.c >--- nss_engine_io.c 9 Aug 2006 20:11:45 -0000 1.7 >+++ nss_engine_io.c 31 May 2007 20:40:33 -0000 >@@ -578,8 +578,7 @@ > switch (status) { > case HTTP_BAD_REQUEST: > /* log the situation */ >- ap_log_error(APLOG_MARK, APLOG_INFO, 0, >- f->c->base_server, >+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, f->c->base_server, > "SSL handshake failed: HTTP spoken on HTTPS port; " > "trying to send HTML error page"); > >@@ -924,6 +923,7 @@ > > struct modnss_buffer_ctx { > apr_bucket_brigade *bb; >+ apr_pool_t *pool; > }; > > int nss_io_buffer_fill(request_rec *r) >@@ -936,7 +936,8 @@ > > /* Create the context which will be passed to the input filter. */ > ctx = apr_palloc(r->pool, sizeof *ctx); >- ctx->bb = apr_brigade_create(r->pool, c->bucket_alloc); >+ apr_pool_create(&ctx->pool, r->pool); >+ ctx->bb = apr_brigade_create(ctx->pool, c->bucket_alloc); > > /* ... and a temporary brigade. */ > tempb = apr_brigade_create(r->pool, c->bucket_alloc); >@@ -981,7 +982,7 @@ > total += len; > } > >- rv = apr_bucket_setaside(e, r->pool); >+ rv = apr_bucket_setaside(e, ctx->pool); > if (rv != APR_SUCCESS) { > ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, > "could not setaside bucket for SSL buffer"); >@@ -1059,6 +1060,9 @@ > * the APR_BRIGADE_* macros. */ > APR_RING_UNSPLICE(d, e, link); > APR_RING_SPLICE_HEAD(&bb->list, d, e, apr_bucket, link); >+ >+ APR_BRIGADE_CHECK_CONSISTENCY(bb); >+ APR_BRIGADE_CHECK_CONSISTENCY(ctx->bb); > } > } > else { >Index: nss_engine_kernel.c >=================================================================== >RCS file: /cvs/dirsec/mod_nss/nss_engine_kernel.c,v >retrieving revision 1.9 >diff -u -r1.9 nss_engine_kernel.c >--- nss_engine_kernel.c 9 Aug 2006 20:32:47 -0000 1.9 >+++ nss_engine_kernel.c 31 May 2007 20:40:36 -0000 >@@ -130,7 +130,7 @@ > * no further access control checks are relevant. The test for > * sc->enabled is probably strictly unnecessary > */ >- if (!(sc->enabled || !ssl)) { >+ if (!((sc->enabled == TRUE) || !ssl)) { > return DECLINED; > } > >@@ -619,7 +619,7 @@ > * - ssl not enabled > * - client did not present a certificate > */ >- if (!(sc->enabled && sslconn && sslconn->ssl && sslconn->client_cert) || >+ if (!((sc->enabled == TRUE) && sslconn && sslconn->ssl && sslconn->client_cert) || > !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user) > { > return DECLINED; >@@ -781,7 +781,7 @@ > /* > * Check to see if SSL is on > */ >- if (!(sc->enabled && sslconn && (ssl = sslconn->ssl))) { >+ if (!((sc->enabled == TRUE) && sslconn && (ssl = sslconn->ssl))) { > return DECLINED; > } > >Index: nss_engine_vars.c >=================================================================== >RCS file: /cvs/dirsec/mod_nss/nss_engine_vars.c,v >retrieving revision 1.8 >diff -u -r1.8 nss_engine_vars.c >--- nss_engine_vars.c 9 Aug 2006 19:31:18 -0000 1.8 >+++ nss_engine_vars.c 31 May 2007 20:40:36 -0000 >@@ -80,59 +80,82 @@ > * Request dependent stuff > */ > if (r != NULL) { >- if (strcEQ(var, "HTTP_USER_AGENT")) >- result = nss_var_lookup_header(p, r, "User-Agent"); >- else if (strcEQ(var, "HTTP_REFERER")) >- result = nss_var_lookup_header(p, r, "Referer"); >- else if (strcEQ(var, "HTTP_COOKIE")) >- result = nss_var_lookup_header(p, r, "Cookie"); >- else if (strcEQ(var, "HTTP_FORWARDED")) >- result = nss_var_lookup_header(p, r, "Forwarded"); >- else if (strcEQ(var, "HTTP_HOST")) >- result = nss_var_lookup_header(p, r, "Host"); >- else if (strcEQ(var, "HTTP_PROXY_CONNECTION")) >- result = nss_var_lookup_header(p, r, "Proxy-Connection"); >- else if (strcEQ(var, "HTTP_ACCEPT")) >- result = nss_var_lookup_header(p, r, "Accept"); >- else if (strlen(var) > 5 && strcEQn(var, "HTTP:", 5)) >- /* all other headers from which we are still not know about */ >- result = nss_var_lookup_header(p, r, var+5); >- else if (strcEQ(var, "THE_REQUEST")) >- result = r->the_request; >- else if (strcEQ(var, "REQUEST_METHOD")) >- result = (char *)(r->method); >- else if (strcEQ(var, "REQUEST_SCHEME")) >+ switch (var[0]) { >+ case 'H': >+ case 'h': >+ if (strcEQ(var, "HTTP_USER_AGENT")) >+ result = nss_var_lookup_header(p, r, "User-Agent"); >+ else if (strcEQ(var, "HTTP_REFERER")) >+ result = nss_var_lookup_header(p, r, "Referer"); >+ else if (strcEQ(var, "HTTP_COOKIE")) >+ result = nss_var_lookup_header(p, r, "Cookie"); >+ else if (strcEQ(var, "HTTP_FORWARDED")) >+ result = nss_var_lookup_header(p, r, "Forwarded"); >+ else if (strcEQ(var, "HTTP_HOST")) >+ result = nss_var_lookup_header(p, r, "Host"); >+ else if (strcEQ(var, "HTTP_PROXY_CONNECTION")) >+ result = nss_var_lookup_header(p, r, "Proxy-Connection"); >+ else if (strcEQ(var, "HTTP_ACCEPT")) >+ result = nss_var_lookup_header(p, r, "Accept"); >+ else if (strlen(var) > 5 && strcEQn(var, "HTTP:", 5)) >+ /* all other headers from which we are still not know about */ >+ result = nss_var_lookup_header(p, r, var+5); >+ break; >+ >+ case 'R': >+ case 'r': >+ if (strcEQ(var, "REQUEST_METHOD")) >+ result = (char *)(r->method); >+ else if (strcEQ(var, "REQUEST_SCHEME")) > #if AP_SERVER_MINORVERSION_NUMBER < 2 /* See comment in mod_nss.h */ >- result = (char *)ap_http_method(r); >+ result = (char *)ap_http_method(r); > #else >- result = (char *)ap_http_scheme(r); >+ result = (char *)ap_http_scheme(r); > #endif >- else if (strcEQ(var, "REQUEST_URI")) >- result = r->uri; >- else if (strcEQ(var, "SCRIPT_FILENAME") || >- strcEQ(var, "REQUEST_FILENAME")) >- result = r->filename; >- else if (strcEQ(var, "PATH_INFO")) >- result = r->path_info; >- else if (strcEQ(var, "QUERY_STRING")) >- result = r->args; >- else if (strcEQ(var, "REMOTE_HOST")) >- result = (char *)ap_get_remote_host(r->connection, >+ else if (strcEQ(var, "REQUEST_URI")) >+ result = r->uri; >+ else if (strcEQ(var, "REQUEST_FILENAME")) >+ result = r->filename; >+ else if (strcEQ(var, "REMOTE_HOST")) >+ result = (char *)ap_get_remote_host(r->connection, > r->per_dir_config, REMOTE_NAME, NULL); >- else if (strcEQ(var, "REMOTE_IDENT")) >- result = (char *)ap_get_remote_logname(r); >- else if (strcEQ(var, "IS_SUBREQ")) >- result = (r->main != NULL ? "true" : "false"); >- else if (strcEQ(var, "DOCUMENT_ROOT")) >- result = (char *)ap_document_root(r); >- else if (strcEQ(var, "SERVER_ADMIN")) >- result = r->server->server_admin; >- else if (strcEQ(var, "SERVER_NAME")) >- result = (char *)ap_get_server_name(r); >- else if (strcEQ(var, "SERVER_PORT")) >- result = apr_psprintf(p, "%u", ap_get_server_port(r)); >- else if (strcEQ(var, "SERVER_PROTOCOL")) >- result = r->protocol; >+ else if (strcEQ(var, "REMOTE_IDENT")) >+ result = (char *)ap_get_remote_logname(r); >+ else if (strcEQ(var, "REMOTE_USER")) >+ result = r->user; >+ break; >+ >+ case 'S': >+ case 's': >+ if (strcEQn(var, "SSL", 3)) break; /* shortcut common case */ >+ >+ if (strcEQ(var, "SERVER_ADMIN")) >+ result = r->server->server_admin; >+ else if (strcEQ(var, "SERVER_NAME")) >+ result = (char *)ap_get_server_name(r); >+ else if (strcEQ(var, "SERVER_PORT")) >+ result = apr_psprintf(p, "%u", ap_get_server_port(r)); >+ else if (strcEQ(var, "SERVER_PROTOCOL")) >+ result = r->protocol; >+ else if (strcEQ(var, "SCRIPT_FILENAME")) >+ result = r->filename; >+ break; >+ >+ default: >+ if (strcEQ(var, "PATH_INFO")) >+ result = r->path_info; >+ else if (strcEQ(var, "QUERY_STRING")) >+ result = r->args; >+ else if (strcEQ(var, "IS_SUBREQ")) >+ result = (r->main != NULL ? "true" : "false"); >+ else if (strcEQ(var, "DOCUMENT_ROOT")) >+ result = (char *)ap_document_root(r); >+ else if (strcEQ(var, "AUTH_TYPE")) >+ result = r->ap_auth_type; >+ if (strcEQ(var, "THE_REQUEST")) >+ result = r->the_request; >+ break; >+ } > } > > /* >@@ -140,15 +163,11 @@ > */ > if (result == NULL && c != NULL) { > SSLConnRec *sslconn = myConnConfig(c); >- if (strcEQ(var, "REMOTE_ADDR")) >- result = c->remote_ip; >- else if (strcEQ(var, "REMOTE_USER")) >- result = r->user; >- else if (strcEQ(var, "AUTH_TYPE")) >- result = r->ap_auth_type; >- else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4) >+ if (strlen(var) > 4 && strcEQn(var, "SSL_", 4) > && sslconn && sslconn->ssl) > result = nss_var_lookup_ssl(p, c, var+4); >+ else if (strcEQ(var, "REMOTE_ADDR")) >+ result = c->remote_ip; > else if (strcEQ(var, "HTTPS")) { > if (sslconn && sslconn->ssl) > result = "on"; >Index: nss_util.c >=================================================================== >RCS file: /cvs/dirsec/mod_nss/nss_util.c,v >retrieving revision 1.2 >diff -u -r1.2 nss_util.c >--- nss_util.c 31 May 2005 14:32:42 -0000 1.2 >+++ nss_util.c 31 May 2007 20:40:36 -0000 >@@ -36,7 +36,7 @@ > port = s->port; > else { > sc = mySrvConfig(s); >- if (sc->enabled) >+ if (sc->enabled == TRUE) > port = DEFAULT_HTTPS_PORT; > else > port = DEFAULT_HTTP_PORT; >@@ -45,52 +45,6 @@ > return id; > } > >-void nss_util_strupper(char *s) >-{ >- for (; *s; ++s) >- *s = apr_toupper(*s); >- return; >-} >- >-static const char nss_util_uuencode_six2pr[64+1] = >- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; >- >-void nss_util_uuencode(char *szTo, const char *szFrom, BOOL bPad) >-{ >- nss_util_uuencode_binary((unsigned char *)szTo, >- (const unsigned char *)szFrom, >- strlen(szFrom), bPad); >-} >- >-void nss_util_uuencode_binary(unsigned char *szTo, >- const unsigned char *szFrom, >- int nLength, BOOL bPad) >-{ >- const unsigned char *s; >- int nPad = 0; >- >- for (s = szFrom; nLength > 0; s += 3) { >- *szTo++ = nss_util_uuencode_six2pr[s[0] >> 2]; >- *szTo++ = nss_util_uuencode_six2pr[(s[0] << 4 | s[1] >> 4) & 0x3f]; >- if (--nLength == 0) { >- nPad = 2; >- break; >- } >- *szTo++ = nss_util_uuencode_six2pr[(s[1] << 2 | s[2] >> 6) & 0x3f]; >- if (--nLength == 0) { >- nPad = 1; >- break; >- } >- *szTo++ = nss_util_uuencode_six2pr[s[2] & 0x3f]; >- --nLength; >- } >- while(bPad && nPad--) { >- *szTo++ = NUL; >- } >- *szTo = NUL; >- return; >-} >- > apr_file_t *nss_util_ppopen(server_rec *s, apr_pool_t *p, const char *cmd, > const char * const *argv) > {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=155840">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 241936
: 155840