You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ic...@apache.org on 2017/12/20 20:43:11 UTC
svn commit: r1818850 [2/2] - in /httpd/httpd/branches/2.4.x-mod_md: ./
modules/md/
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_crypt.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_crypt.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_crypt.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_crypt.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -1097,16 +1113,16 @@ static apr_status_t add_must_staple(STAC
X509_EXTENSION *x;
int nid;
- nid = OBJ_create("1.3.6.1.5.5.7.1.24", "OCSPReq", "OCSP Request");
+ nid = OBJ_create("1.3.6.1.5.5.7.1.24", "tlsfeature", "TLS Feature");
if (NID_undef == nid) {
md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, p,
- "%s: unable to get NID for must-staple", md->name);
- return APR_EGENERAL;
+ "%s: unable to get NID for v3 must-staple TLS feature", md->name);
+ return APR_ENOTIMPL;
}
x = X509V3_EXT_conf_nid(NULL, NULL, nid, (char*)"DER:30:03:02:01:05");
if (NULL == x) {
md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, p,
- "%s: unable to get x509 extension for must-staple", md->name);
+ "%s: unable to create x509 extension for must-staple", md->name);
return APR_EGENERAL;
}
sk_X509_EXTENSION_push(exts, x);
@@ -1148,7 +1164,11 @@ apr_status_t md_cert_req_create(const ch
rv = APR_EGENERAL; goto out;
}
if (APR_SUCCESS != (rv = add_must_staple(exts, md, p))) {
- md_log_perror(MD_LOG_MARK, MD_LOG_ERR, rv, p, "%s: must staple", md->name);
+ md_log_perror(MD_LOG_MARK, MD_LOG_ERR, rv, p, "%s: you requested that a certificate "
+ "is created with the 'must-staple' extension, however the SSL library was "
+ "unable to initialized that extension. Please file a bug report on which platform "
+ "and with which library this happens. To continue before this problem is resolved, "
+ "configure 'MDMustStaple off' for your domains", md->name);
rv = APR_EGENERAL; goto out;
}
/* add extensions to csr */
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_curl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_curl.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_curl.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_curl.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_http.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_http.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_http.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_json.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_json.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_json.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_json.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -95,6 +111,7 @@ md_json_t *md_json_create_s(apr_pool_t *
void md_json_destroy(md_json_t *json)
{
if (json && json->j) {
+ assert(json->j->refcount > 0);
json_decref(json->j);
json->j = NULL;
}
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_jws.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_jws.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_jws.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_jws.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_log.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_log.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_log.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_log.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_reg.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_reg.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_reg.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_reg.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store_fs.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store_fs.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store_fs.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_store_fs.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_util.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_util.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_util.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/md_version.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/md_version.h?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/md_version.h (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/md_version.h Wed Dec 20 20:43:11 2017
@@ -26,7 +26,7 @@
* @macro
* Version number of the md module as c string
*/
-#define MOD_MD_VERSION "1.1.1"
+#define MOD_MD_VERSION "1.1.4"
/**
* @macro
@@ -34,7 +34,7 @@
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_MD_VERSION_NUM 0x010101
+#define MOD_MD_VERSION_NUM 0x010104
#define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory"
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -234,7 +250,7 @@ static apr_status_t assign_to_servers(md
* If mode is "manual", a generated certificate will not match
* all necessary names. */
if ((!mc->local_80 || !uses_port_only(s, mc->local_80))
- && APR_SUCCESS != (rv = md_covers_server(md, s, ptemp))) {
+ && APR_SUCCESS != (rv = md_covers_server(md, s, p))) {
return rv;
}
@@ -1044,11 +1060,6 @@ static apr_status_t md_post_config(apr_p
goto out;
}
- if (dry_run) {
- /* enough done in this case */
- return APR_SUCCESS;
- }
-
if (APR_SUCCESS != (rv = md_reg_sync(reg, p, ptemp, mc->mds))) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(10073)
"synching %d mds to registry", mc->mds->nelts);
@@ -1056,8 +1067,8 @@ static apr_status_t md_post_config(apr_p
/* Determine the managed domains that are in auto drive_mode. For those,
* determine in which state they are:
- * - UNKNOWN: should not happen, report, dont drive
- * - ERROR: something we do not know how to fix, report, dont drive
+ * - UNKNOWN: should not happen, report, don't drive
+ * - ERROR: something we do not know how to fix, report, don't drive
* - INCOMPLETE/EXPIRED: need to drive them right away
* - COMPLETE: determine when cert expires, drive when the time comes
*
@@ -1083,6 +1094,10 @@ static apr_status_t md_post_config(apr_p
init_ssl();
+ if (dry_run) {
+ goto out;
+ }
+
/* If there are MDs to drive, start a watchdog to check on them regularly */
if (drive_names->nelts > 0) {
ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, s, APLOGNO(10074)
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_config.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_config.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_config.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");
Modified: httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_os.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_os.c?rev=1818850&r1=1818849&r2=1818850&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_os.c (original)
+++ httpd/httpd/branches/2.4.x-mod_md/modules/md/mod_md_os.c Wed Dec 20 20:43:11 2017
@@ -1,3 +1,19 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
/* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de)
*
* Licensed under the Apache License, Version 2.0 (the "License");