You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ic...@apache.org on 2018/06/29 11:53:50 UTC
svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Author: icing
Date: Fri Jun 29 11:53:50 2018
New Revision: 1834671
URL: http://svn.apache.org/viewvc?rev=1834671&view=rev
Log:
On the 2.4.x branch:
backport of current mod_md version and documentation.
Modified:
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml
httpd/httpd/branches/2.4.x/modules/md/md_crypt.c
httpd/httpd/branches/2.4.x/modules/md/md_json.c
httpd/httpd/branches/2.4.x/modules/md/md_version.h
httpd/httpd/branches/2.4.x/modules/md/mod_md.c
httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Fri Jun 29 11:53:50 2018
@@ -1,6 +1,13 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.34
+ *) mod_md: improvements and bugfixes
+ - MDNotifyCmd now takes additional parameter that are passed on to the called command.
+ - ACME challenges have better checks for interference with other modules
+ - ACME challenges are only handled for domains managed by the module, allowing
+ other ACME clients to operate for other domains in the server.
+ - better libressl integration
+
*) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
PR 62480. [Lubos Uhliarik <luhliari redhat.com>}
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml Fri Jun 29 11:53:50 2018
@@ -391,15 +391,15 @@ MDCertificateAgreement https://letsencry
<directivesynopsis>
<name>MDNotifyCmd</name>
<description>Run a program when Managed Domain are ready.</description>
- <syntax>MDNotifyCmd <var>path</var></syntax>
+ <syntax>MDNotifyCmd <var>path</var> [ <var>args</var> ]</syntax>
<contextlist>
<context>server config</context>
</contextlist>
<usage>
<p>The configured executable is run when Managed Domains have signed up or
renewed their certificates. It is given the names of the processed MDs as
- arguments. It should return status code 0 to indicate that it has
- run successfully.
+ additional arguments (after the parameters specified here). It should
+ return status code 0 to indicate that it has run successfully.
</p>
</usage>
</directivesynopsis>
Modified: httpd/httpd/branches/2.4.x/modules/md/md_crypt.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/md/md_crypt.c?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/md/md_crypt.c (original)
+++ httpd/httpd/branches/2.4.x/modules/md/md_crypt.c Fri Jun 29 11:53:50 2018
@@ -50,6 +50,13 @@
#include <process.h>
#endif
+#if defined(LIBRESSL_VERSION_NUMBER)
+/* Missing from LibreSSL */
+#define MD_USE_OPENSSL_PRE_1_1_API (LIBRESSL_VERSION_NUMBER < 0x2080000f)
+#else /* defined(LIBRESSL_VERSION_NUMBER) */
+#define MD_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#endif
+
static int initialized;
struct md_pkey_t {
@@ -471,7 +478,8 @@ apr_status_t md_pkey_gen(md_pkey_t **ppk
}
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if MD_USE_OPENSSL_PRE_1_1_API || (defined(LIBRESSL_VERSION_NUMBER) && \
+ LIBRESSL_VERSION_NUMBER < 0x2070000f)
#ifndef NID_tlsfeature
#define NID_tlsfeature 1020
Modified: httpd/httpd/branches/2.4.x/modules/md/md_json.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/md/md_json.c?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/md/md_json.c (original)
+++ httpd/httpd/branches/2.4.x/modules/md/md_json.c Fri Jun 29 11:53:50 2018
@@ -28,10 +28,12 @@
* when undefining their INLINEs, we get static, unused functions, arg
*/
#if defined(__GNUC__)
+#if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6)
#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wunreachable-code"
#endif
-#if defined(__clang__)
+#pragma GCC diagnostic ignored "-Wunused-function"
+#pragma GCC diagnostic ignored "-Wunreachable-code"
+#elif defined(__clang__)
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wunused-function"
#endif
@@ -42,9 +44,10 @@
#include <jansson.h>
#if defined(__GNUC__)
+#if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6)
#pragma GCC diagnostic pop
#endif
-#if defined(__clang__)
+#elif defined(__clang__)
#pragma clang diagnostic pop
#endif
Modified: httpd/httpd/branches/2.4.x/modules/md/md_version.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/md/md_version.h?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/md/md_version.h (original)
+++ httpd/httpd/branches/2.4.x/modules/md/md_version.h Fri Jun 29 11:53:50 2018
@@ -27,7 +27,7 @@
* @macro
* Version number of the md module as c string
*/
-#define MOD_MD_VERSION "1.1.8"
+#define MOD_MD_VERSION "1.1.15"
/**
* @macro
@@ -35,7 +35,7 @@
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_MD_VERSION_NUM 0x010108
+#define MOD_MD_VERSION_NUM 0x01010f
#define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory"
Modified: httpd/httpd/branches/2.4.x/modules/md/mod_md.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/md/mod_md.c?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/md/mod_md.c (original)
+++ httpd/httpd/branches/2.4.x/modules/md/mod_md.c Fri Jun 29 11:53:50 2018
@@ -698,11 +698,11 @@ static apr_status_t check_job(md_watchdo
}
}
else {
- job->next_check = job->md->expires - job->md->renew_window;
-
+ /* Renew is not necessary yet, leave job->next_check as 0 since
+ * that keeps the default schedule of running twice a day. */
apr_rfc822_date(ts, job->md->expires);
ap_log_error( APLOG_MARK, APLOG_DEBUG, 0, wd->s, APLOGNO(10053)
- "md(%s): is complete, cert expires %s", job->md->name, ts);
+ "md(%s): no need to renew yet, cert expires %s", job->md->name, ts);
}
}
@@ -823,8 +823,12 @@ static apr_status_t run_watchdog(int sta
wd->mc->notify_cmd, exit_code);
}
else {
+ if (APR_EINCOMPLETE == rv && exit_code) {
+ rv = 0;
+ }
ap_log_error(APLOG_MARK, APLOG_ERR, rv, wd->s, APLOGNO(10109)
- "executing configured MDNotifyCmd %s", wd->mc->notify_cmd);
+ "executing MDNotifyCmd %s returned %d",
+ wd->mc->notify_cmd, exit_code);
notified = 0;
}
}
@@ -1302,26 +1306,35 @@ static int md_http_challenge_pr(request_
const md_srv_conf_t *sc;
const char *name, *data;
md_reg_t *reg;
+ int configured;
apr_status_t rv;
- if (!strncmp(ACME_CHALLENGE_PREFIX, r->parsed_uri.path, sizeof(ACME_CHALLENGE_PREFIX)-1)) {
- if (r->method_number == M_GET) {
-
- sc = ap_get_module_config(r->server->module_config, &md_module);
- reg = sc && sc->mc? sc->mc->reg : NULL;
+ if (r->parsed_uri.path
+ && !strncmp(ACME_CHALLENGE_PREFIX, r->parsed_uri.path, sizeof(ACME_CHALLENGE_PREFIX)-1)) {
+ sc = ap_get_module_config(r->server->module_config, &md_module);
+ if (sc && sc->mc) {
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+ "access inside /.well-known/acme-challenge for %s%s",
+ r->hostname, r->parsed_uri.path);
+ configured = (NULL != md_get_by_domain(sc->mc->mds, r->hostname));
name = r->parsed_uri.path + sizeof(ACME_CHALLENGE_PREFIX)-1;
-
- r->status = HTTP_NOT_FOUND;
- if (!ap_strchr_c(name, '/') && reg) {
+ reg = sc && sc->mc? sc->mc->reg : NULL;
+
+ if (strlen(name) && !ap_strchr_c(name, '/') && reg) {
md_store_t *store = md_reg_store_get(reg);
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
- "Challenge for %s (%s)", r->hostname, r->uri);
-
+
rv = md_store_load(store, MD_SG_CHALLENGES, r->hostname,
MD_FN_HTTP01, MD_SV_TEXT, (void**)&data, r->pool);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r,
+ "loading challenge for %s (%s)", r->hostname, r->uri);
if (APR_SUCCESS == rv) {
apr_size_t len = strlen(data);
+ if (r->method_number != M_GET) {
+ return HTTP_NOT_IMPLEMENTED;
+ }
+ /* A GET on a challenge resource for a hostname we are
+ * configured for. Let's send the content back */
r->status = HTTP_OK;
apr_table_setn(r->headers_out, "Content-Length", apr_ltoa(r->pool, (long)len));
@@ -1329,20 +1342,25 @@ static int md_http_challenge_pr(request_
apr_brigade_write(bb, NULL, NULL, data, len);
ap_pass_brigade(r->output_filters, bb);
apr_brigade_cleanup(bb);
+
+ return DONE;
+ }
+ else if (!configured) {
+ /* The request hostname is not for a configured domain. We are not
+ * the sole authority here for /.well-known/acme-challenge (see PR62189).
+ * So, we decline to handle this and let others step in.
+ */
+ return DECLINED;
}
else if (APR_STATUS_IS_ENOENT(rv)) {
return HTTP_NOT_FOUND;
}
- else if (APR_ENOENT != rv) {
+ else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(10081)
"loading challenge %s from store", name);
return HTTP_INTERNAL_SERVER_ERROR;
}
}
- return r->status;
- }
- else {
- return HTTP_NOT_IMPLEMENTED;
}
}
return DECLINED;
@@ -1358,7 +1376,7 @@ static int md_require_https_maybe(reques
const char *s;
int status;
- if (opt_ssl_is_https
+ if (opt_ssl_is_https && r->parsed_uri.path
&& strncmp(WELL_KNOWN_PREFIX, r->parsed_uri.path, sizeof(WELL_KNOWN_PREFIX)-1)) {
sc = ap_get_module_config(r->server->module_config, &md_module);
Modified: httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c?rev=1834671&r1=1834670&r2=1834671&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c (original)
+++ httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c Fri Jun 29 11:53:50 2018
@@ -771,7 +771,7 @@ static const char *md_config_set_pkeys(c
return apr_pstrcat(cmd->pool, "unsupported private key type \"", ptype, "\"", NULL);
}
-static const char *md_config_set_notify_cmd(cmd_parms *cmd, void *arg, const char *value)
+static const char *md_config_set_notify_cmd(cmd_parms *cmd, void *mconfig, const char *arg)
{
md_srv_conf_t *sc = md_config_get(cmd->server);
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
@@ -779,8 +779,8 @@ static const char *md_config_set_notify_
if (err) {
return err;
}
- sc->mc->notify_cmd = value;
- (void)arg;
+ sc->mc->notify_cmd = arg;
+ (void)mconfig;
return NULL;
}
@@ -837,8 +837,8 @@ const command_rec md_cmds[] = {
"Time length for renewal before certificate expires (defaults to days)"),
AP_INIT_TAKE1( MD_CMD_REQUIREHTTPS, md_config_set_require_https, NULL, RSRC_CONF,
"Redirect non-secure requests to the https: equivalent."),
- AP_INIT_TAKE1( MD_CMD_NOTIFYCMD, md_config_set_notify_cmd, NULL, RSRC_CONF,
- "set the command to run when signup/renew of domain is complete."),
+ AP_INIT_RAW_ARGS(MD_CMD_NOTIFYCMD, md_config_set_notify_cmd, NULL, RSRC_CONF,
+ "set the command and optional arguments to run when signup/renew of domain is complete."),
AP_INIT_TAKE1( MD_CMD_BASE_SERVER, md_config_set_base_server, NULL, RSRC_CONF,
"allow managing of base server outside virtual hosts."),
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by Stefan Eissing <st...@greenbytes.de>.
> Am 03.07.2018 um 13:54 schrieb Yann Ylavic <yl...@gmail.com>:
>
> On Tue, Jul 3, 2018 at 12:53 PM, Jim Jagielski <ji...@jagunet.com> wrote:
>>
>>
>>> On Jul 2, 2018, at 1:40 PM, Christophe Jaillet <ch...@wanadoo.fr> wrote:
>>>
>>> Le 02/07/2018 à 17:36, William A Rowe Jr a écrit :
>>>> On Mon, Jul 2, 2018 at 8:25 AM, Stefan Eissing <stefan.eissing@greenbytes.de <ma...@greenbytes.de>> wrote:
>>>> I thought experimental == CTR, but if this is separate then I‘ll go
>>>> through the votes. Just let me know what you prefer. I basically thought the same thing, but it is clearly spelled out in STATUS.
>>>> We aught to adjust this to reflect the eventual consensus;
>>>> * Current exceptions for RTC for this branch:
>>>> . mod_proxy_http2
>>>> . mod_lua
>>>> . documentation
>>>> . non-Unix build
>>>> . non-Unix, single-platform code
>>>
>>> I don't have a strong opinion about it, that's why I proposed to update STATUS to add an exception for mod_md? (or maybe even for any module marked as experimental?)
>>>
>>
>> +1 (for CTR for both mod_md *as well as* any module marked experimental)
>
> +1
+1
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by Yann Ylavic <yl...@gmail.com>.
On Tue, Jul 3, 2018 at 12:53 PM, Jim Jagielski <ji...@jagunet.com> wrote:
>
>
>> On Jul 2, 2018, at 1:40 PM, Christophe Jaillet <ch...@wanadoo.fr> wrote:
>>
>> Le 02/07/2018 à 17:36, William A Rowe Jr a écrit :
>>> On Mon, Jul 2, 2018 at 8:25 AM, Stefan Eissing <stefan.eissing@greenbytes.de <ma...@greenbytes.de>> wrote:
>>> I thought experimental == CTR, but if this is separate then I‘ll go
>>> through the votes. Just let me know what you prefer. I basically thought the same thing, but it is clearly spelled out in STATUS.
>>> We aught to adjust this to reflect the eventual consensus;
>>> * Current exceptions for RTC for this branch:
>>> . mod_proxy_http2
>>> . mod_lua
>>> . documentation
>>> . non-Unix build
>>> . non-Unix, single-platform code
>>
>> I don't have a strong opinion about it, that's why I proposed to update STATUS to add an exception for mod_md? (or maybe even for any module marked as experimental?)
>>
>
> +1 (for CTR for both mod_md *as well as* any module marked experimental)
+1
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by Jim Jagielski <ji...@jaguNET.com>.
> On Jul 2, 2018, at 1:40 PM, Christophe Jaillet <ch...@wanadoo.fr> wrote:
>
> Le 02/07/2018 à 17:36, William A Rowe Jr a écrit :
>> On Mon, Jul 2, 2018 at 8:25 AM, Stefan Eissing <stefan.eissing@greenbytes.de <ma...@greenbytes.de>> wrote:
>> I thought experimental == CTR, but if this is separate then I‘ll go
>> through the votes. Just let me know what you prefer. I basically thought the same thing, but it is clearly spelled out in STATUS.
>> We aught to adjust this to reflect the eventual consensus;
>> * Current exceptions for RTC for this branch:
>> . mod_proxy_http2
>> . mod_lua
>> . documentation
>> . non-Unix build
>> . non-Unix, single-platform code
>
> I don't have a strong opinion about it, that's why I proposed to update STATUS to add an exception for mod_md? (or maybe even for any module marked as experimental?)
>
+1 (for CTR for both mod_md *as well as* any module marked experimental)
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by Christophe Jaillet <ch...@wanadoo.fr>.
Le 02/07/2018 à 17:36, William A Rowe Jr a écrit :
> On Mon, Jul 2, 2018 at 8:25 AM, Stefan Eissing
> <stefan.eissing@greenbytes.de <ma...@greenbytes.de>> wrote:
>
> I thought experimental == CTR, but if this is separate then I‘ll go
> through the votes. Just let me know what you prefer.
>
>
> I basically thought the same thing, but it is clearly spelled out in STATUS.
> We aught to adjust this to reflect the eventual consensus;
>
> * Current exceptions for RTC for this branch:
> . mod_proxy_http2
> . mod_lua
> . documentation
> . non-Unix build
> . non-Unix, single-platform code
I don't have a strong opinion about it, that's why I proposed to update
STATUS to add an exception for mod_md? (or maybe even for any module
marked as experimental?)
A grep in 2.4.x, shows the following modules marked as Experimental:
mod_allowmethods.xml:<status>Experimental</status>
mod_dialup.xml:<status>Experimental</status>
mod_echo.xml:<status>Experimental</status>
mod_example_hooks.xml:<status>Experimental</status>
mod_file_cache.xml:<status>Experimental</status>
mod_heartbeat.xml:<status>Experimental</status>
mod_heartmonitor.xml:<status>Experimental</status>
mod_lbmethod_heartbeat.xml:<status>Experimental</status>
mod_log_debug.xml:<status>Experimental</status>
mod_lua.xml:<status>Experimental</status>
mod_privileges.xml:<status>Experimental</status>
mod_sed.xml:<status>Experimental</status>
mod_session_crypto.xml:<status>Experimental</status>
I suspect, that some should not be marked as Experimental anymore.
mod_md and mod_proxy_http2 don't have an Experimental status, only a
red-lined warning at the beginning of its doc.
Maybe something should be added in the module list to easily spot the
one with an Experimental status and a note explaining what this mean.
(i.e., if I'm correct, the code is considered as stable, but its
implementation and/or API and/or directives are subject to change in
future release)
CJ
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by William A Rowe Jr <wr...@rowe-clan.net>.
On Mon, Jul 2, 2018 at 8:25 AM, Stefan Eissing <stefan.eissing@greenbytes.de
> wrote:
> I thought experimental == CTR, but if this is separate then I‘ll go
> through the votes. Just let me know what you prefer.
I basically thought the same thing, but it is clearly spelled out in STATUS.
We aught to adjust this to reflect the eventual consensus;
* Current exceptions for RTC for this branch:
. mod_proxy_http2
. mod_lua
. documentation
. non-Unix build
. non-Unix, single-platform code
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by Stefan Eissing <st...@greenbytes.de>.
I thought experimental == CTR, but if this is separate then I‘ll go through the votes. Just let me know what you prefer.
> Am 29.06.2018 um 21:31 schrieb Christophe Jaillet <ch...@wanadoo.fr>:
>
>> Le 29/06/2018 à 13:53, icing@apache.org a écrit :
>> Author: icing
>> Date: Fri Jun 29 11:53:50 2018
>> New Revision: 1834671
>> URL: http://svn.apache.org/viewvc?rev=1834671&view=rev
>> Log:
>> On the 2.4.x branch:
>> backport of current mod_md version and documentation.
>> Modified:
>> httpd/httpd/branches/2.4.x/CHANGES
>> httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml
>> httpd/httpd/branches/2.4.x/modules/md/md_crypt.c
>> httpd/httpd/branches/2.4.x/modules/md/md_json.c
>> httpd/httpd/branches/2.4.x/modules/md/md_version.h
>> httpd/httpd/branches/2.4.x/modules/md/mod_md.c
>> httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c
>
> Hi,
>
> according to 2.4.x/STATUS, mod_md is not CTR.
> Maybe, STATUS should be updated to add an exception for mod_md? (or maybe even for any module marked as experimental?)
> Otherwise, this should go through STATUS first.
>
> CJ
Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES
docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c
modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_config.c
Posted by Christophe Jaillet <ch...@wanadoo.fr>.
Le 29/06/2018 à 13:53, icing@apache.org a écrit :
> Author: icing
> Date: Fri Jun 29 11:53:50 2018
> New Revision: 1834671
>
> URL: http://svn.apache.org/viewvc?rev=1834671&view=rev
> Log:
> On the 2.4.x branch:
>
> backport of current mod_md version and documentation.
>
>
> Modified:
> httpd/httpd/branches/2.4.x/CHANGES
> httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.xml
> httpd/httpd/branches/2.4.x/modules/md/md_crypt.c
> httpd/httpd/branches/2.4.x/modules/md/md_json.c
> httpd/httpd/branches/2.4.x/modules/md/md_version.h
> httpd/httpd/branches/2.4.x/modules/md/mod_md.c
> httpd/httpd/branches/2.4.x/modules/md/mod_md_config.c
>
Hi,
according to 2.4.x/STATUS, mod_md is not CTR.
Maybe, STATUS should be updated to add an exception for mod_md? (or
maybe even for any module marked as experimental?)
Otherwise, this should go through STATUS first.
CJ