Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 157430 Details for
Bug 244937
mod_admserv: Should do client TLS/SSL init even if mod_nss not used
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
diffs
cvsdiffs (text/plain), 3.35 KB, created by
Rich Megginson
on 2007-06-19 23:12:33 UTC
(
hide
)
Description:
diffs
Filename:
MIME Type:
Creator:
Rich Megginson
Created:
2007-06-19 23:12:33 UTC
Size:
3.35 KB
patch
obsolete
>Index: mod_admserv.c >=================================================================== >RCS file: /cvs/dirsec/mod_admserv/mod_admserv.c,v >retrieving revision 1.29 >diff -u -8 -r1.29 mod_admserv.c >--- mod_admserv.c 11 May 2007 19:46:36 -0000 1.29 >+++ mod_admserv.c 19 Jun 2007 23:12:02 -0000 >@@ -746,22 +746,28 @@ > data->bindPW = NULL; > > ldap_free_urldesc(ldapInfo); > > return TRUE; > } > > static int >-sslinit() >+sslinit(AdmldapInfo info, const char *configdir) > { > if (!NSS_IsInitialized()) { >- ap_log_error(APLOG_MARK, APLOG_CRIT, 0 /* status */, NULL, >- "sslinit: mod_nss has not been started and initialized: cannot start server"); >- exit(1); >+ /* mod_nss is used when we are a TLS/SSL server - mod_nss starts up before we do >+ and will set up all of the TLS/SSL stuff */ >+ /* if we are acting as simply a TLS/SSL client to the directory server, >+ we still have to perform our own TLS/SSL client init */ >+ if (ADMSSL_Init(info, configdir, 0)) { >+ ap_log_error(APLOG_MARK, APLOG_CRIT, 0 /* status */, NULL, >+ "sslinit: NSS is required to use LDAPS, but security initialization failed. Cannot start server"); >+ exit(1); >+ } > } else { > ap_log_error(APLOG_MARK, APLOG_DEBUG, 0 /* status */, NULL, > "sslinit: mod_nss has been started and initialized"); > } > > return 1; > } > >@@ -789,17 +795,17 @@ > if (!(info = admldapBuildInfo(configdir, &error))) { > ap_log_error(APLOG_MARK, APLOG_CRIT, 0 /* status */, s, > "buildUGInfo(): unable to create AdmldapInfo (error code = %d)", > error); > goto done; > } > > if (admldapGetSecurity(info)) { >- sslinit(); >+ sslinit(info, configdir); > if (admldapBuildInfoSSL(info, &error)) { > } else { > char *host = admldapGetHost(info); > ap_log_error(APLOG_MARK, APLOG_CRIT, 0 /* status */, s, > "buildUGInfo(): unable to initialize TLS connection to LDAP host %s port %d: %d", > host, admldapGetPort(info), error); > PL_strfree(host); > goto done; >@@ -1366,17 +1372,17 @@ > > if (!ldapInfo) { > ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, > "AdmInit: Failed to read data from adm.conf"); > return 0; > } > > if (admldapGetSecurity(ldapInfo)) { >- sslinit(); >+ sslinit(ldapInfo, admroot); > } > > destroyAdmldap(ldapInfo); > > binddn = apr_table_get(r->notes, RQ_NOTES_USERDN); > bindpw = apr_table_get(r->notes, RQ_NOTES_USERPW); > > pset = psetCreateSSL((char*)"admin-serv", >@@ -2030,17 +2036,17 @@ > } else { > ap_log_error(APLOG_MARK, APLOG_CRIT, 0, base_server, > "host_ip_init(): unable to create AdmldapInfo (error code = %d)", > error); > return DONE; > } > > if (admldapGetSecurity(info)) { >- sslinit(); >+ sslinit(info, configdir); > if (admldapBuildInfoSSL(info, &error)) { > } else { > ap_log_error(APLOG_MARK, APLOG_CRIT, 0, base_server, > "host_ip_init(): unable to create secure AdmldapInfo (error code = %d)", > error); > destroyAdmldap(info); > return DONE; > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 244937
: 157430