You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2004/03/06 18:54:28 UTC
cvs commit: httpd-2.0/modules/ssl ssl_engine_pphrase.c
jorton 2004/03/06 09:54:28
Modified: . Tag: APACHE_2_0_BRANCH CHANGES STATUS
modules/ssl Tag: APACHE_2_0_BRANCH ssl_engine_pphrase.c
Log:
* modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle): Clear the
OpenSSL error stack before reading the private key.
PR: 21160
Reviewed by: Jeff Trawick, Justin Erenkrantz
Revision Changes Path
No revision
No revision
1.988.2.247 +3 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.988.2.246
retrieving revision 1.988.2.247
diff -w -d -u -r1.988.2.246 -r1.988.2.247
--- CHANGES 3 Mar 2004 11:07:48 -0000 1.988.2.246
+++ CHANGES 6 Mar 2004 17:54:27 -0000 1.988.2.247
@@ -1,5 +1,8 @@
Changes with Apache 2.0.49
+ *) mod_ssl: Fix bug in passphrase handling which could cause spurious
+ failures in SSL functions later. PR 21160. [Joe Orton]
+
*) mod_log_config: Fix corruption of buffered logs with threaded
MPMs. PR 25520. [Jeff Trawick]
1.751.2.725 +1 -8 httpd-2.0/STATUS
Index: STATUS
===================================================================
RCS file: /home/cvs/httpd-2.0/STATUS,v
retrieving revision 1.751.2.724
retrieving revision 1.751.2.725
diff -w -d -u -r1.751.2.724 -r1.751.2.725
--- STATUS 5 Mar 2004 19:08:13 -0000 1.751.2.724
+++ STATUS 6 Mar 2004 17:54:27 -0000 1.751.2.725
@@ -113,13 +113,6 @@
modules/metadata/mod_setenvif.c: r1.50
+1: nd
- * mod_ssl: Clear OpenSSL error stack during pphrase entry to prevent
- spurious failures in SSL functions later.
- PR: 21160
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_pphrase.c?r1=1.44&r2=1.45
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_pphrase.c?r1=1.49&r2=1.50 (comment-only modification)
- +1: jorton, trawick, jerenkrantz
-
* Fix file extensions for real media files and removed rpm extension
from mime.types. PR 26079. (2.0 + 1.3)
docs/conf/mime.types: r1.23, r1.24
No revision
No revision
1.42.2.6 +5 -0 httpd-2.0/modules/ssl/ssl_engine_pphrase.c
Index: ssl_engine_pphrase.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_pphrase.c,v
retrieving revision 1.42.2.5
retrieving revision 1.42.2.6
diff -w -d -u -r1.42.2.5 -r1.42.2.6
--- ssl_engine_pphrase.c 9 Feb 2004 20:53:20 -0000 1.42.2.5
+++ ssl_engine_pphrase.c 6 Mar 2004 17:54:28 -0000 1.42.2.6
@@ -340,6 +340,11 @@
cpPassPhraseCur = NULL;
ssl_pphrase_server_rec = s; /* to make up for sslc flaw */
+ /* Ensure that the error stack is empty; some SSL
+ * functions will fail spuriously if the error stack
+ * is not empty. */
+ ERR_clear_error();
+
bReadable = ((pPrivateKey = SSL_read_PrivateKey(szPath, NULL,
ssl_pphrase_Handle_CB, s)) != NULL ? TRUE : FALSE);