You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2004/11/10 16:21:44 UTC
cvs commit: httpd-2.0/modules/ssl ssl_private.h ssl_engine_config.c mod_ssl.c
jorton 2004/11/10 07:21:44
Modified: . CHANGES
modules/ssl ssl_private.h ssl_engine_config.c mod_ssl.c
Log:
Add -t -DDUMP_CERTS option to mod_ssl which dumps the filenames of all
configured SSL certificates to stdout, useful for cron-ing through a
"do I need to renew any of my certificates this week" tool:
* modules/ssl/ssl_engine_config.c (ssl_hook_ConfigTest): New function.
* modules/ssl/mod_ssl.c (ssl_register_hooks): ...register it as a
test_config hook.
Revision Changes Path
1.1632 +6 -3 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.1631
retrieving revision 1.1632
diff -d -w -u -r1.1631 -r1.1632
--- CHANGES 10 Nov 2004 13:00:32 -0000 1.1631
+++ CHANGES 10 Nov 2004 15:21:43 -0000 1.1632
@@ -2,6 +2,10 @@
[Remove entries to the current 2.0 section below, when backported]
+ *) mod_ssl: Add support for command-line option "-t -DDUMP_CERTS" which
+ will dump the filenames of all configured SSL certificates to stdout.
+ [Joe Orton]
+
*) mod_disk_cache: Remove a bunch of non-implemented garbage collection
and cache size directives that are now available through htcacheclean.
[Justin Erenkrantz]
@@ -11,8 +15,7 @@
*) mod_authnz_ldap: Added the directive "Requires ldap-filter" that
allows the module to authorize a user based on a complex LDAP
- search filter.
- [Brad Nicholes]
+ search filter. [Brad Nicholes]
*) mod_usertrack: Run the fixups hook before other modules.
PR 29755. [Paul Querna]
1.8 +1 -0 httpd-2.0/modules/ssl/ssl_private.h
Index: ssl_private.h
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_private.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -d -w -u -r1.7 -r1.8
--- ssl_private.h 3 Jun 2004 15:00:15 -0000 1.7
+++ ssl_private.h 10 Nov 2004 15:21:44 -0000 1.8
@@ -530,6 +530,7 @@
int ssl_hook_Fixup(request_rec *);
int ssl_hook_ReadReq(request_rec *);
int ssl_hook_Upgrade(request_rec *);
+void ssl_hook_ConfigTest(apr_pool_t *pconf, server_rec *s);
/* OpenSSL callbacks */
RSA *ssl_callback_TmpRSA(SSL *, int, int);
1.96 +25 -0 httpd-2.0/modules/ssl/ssl_engine_config.c
Index: ssl_engine_config.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_config.c,v
retrieving revision 1.95
retrieving revision 1.96
diff -d -w -u -r1.95 -r1.96
--- ssl_engine_config.c 4 Nov 2004 18:54:25 -0000 1.95
+++ ssl_engine_config.c 10 Nov 2004 15:21:44 -0000 1.96
@@ -1380,3 +1380,28 @@
dc->szUserName = arg;
return NULL;
}
+
+void ssl_hook_ConfigTest(apr_pool_t *pconf, server_rec *s)
+{
+ if (!ap_exists_config_define("DUMP_CERTS")) {
+ return;
+ }
+
+ /* Dump the filenames of all configured server certificates to
+ * stdout. */
+ while (s) {
+ SSLSrvConfigRec *sc = mySrvConfig(s);
+
+ if (sc && sc->server && sc->server->pks) {
+ modssl_pk_server_t *const pks = sc->server->pks;
+ int i;
+
+ for (i = 0; (i < SSL_AIDX_MAX) && pks->cert_files[i]; i++) {
+ printf("%s\n", pks->cert_files[i]);
+ }
+ }
+
+ s = s->next;
+ }
+
+}
1.102 +1 -0 httpd-2.0/modules/ssl/mod_ssl.c
Index: mod_ssl.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v
retrieving revision 1.101
retrieving revision 1.102
diff -d -w -u -r1.101 -r1.102
--- mod_ssl.c 10 Nov 2004 13:35:28 -0000 1.101
+++ mod_ssl.c 10 Nov 2004 15:21:44 -0000 1.102
@@ -474,6 +474,7 @@
ssl_io_filter_register(p);
ap_hook_pre_connection(ssl_hook_pre_connection,NULL,NULL, APR_HOOK_MIDDLE);
+ ap_hook_test_config (ssl_hook_ConfigTest, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_post_config (ssl_init_Module, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_http_method (ssl_hook_http_method, NULL,NULL, APR_HOOK_MIDDLE);
ap_hook_default_port (ssl_hook_default_port, NULL,NULL, APR_HOOK_MIDDLE);