You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2010/12/17 21:58:04 UTC
DO NOT REPLY [Bug 41123] Support of OCSP in mod_ssl (rewritten patch
from bug #31383)
https://issues.apache.org/bugzilla/show_bug.cgi?id=41123
--- Comment #46 from Roberto Moreda <mo...@allenta.com> 2010-12-17 15:57:54 EST ---
I backported the basic OCSP support from trunk to 2.2.17.
I tried to stay away from modifications out of the modules/ssl part of the
source tree.
This patch doesn't provide the full featured OCSP support (i.e. stapling)
currently present in trunk in order to avoid a more complex patch.
The lsdiff of the patch is:
a/configure
a/modules/ssl/mod_ssl.c
a/modules/ssl/ssl_engine_config.c
a/modules/ssl/ssl_engine_kernel.c
a/modules/ssl/ssl_engine_log.c
b/modules/ssl/ssl_engine_ocsp.c
a/modules/ssl/ssl_private.h
a/modules/ssl/ssl_toolkit_compat.h
b/modules/ssl/ssl_util_ocsp.c
and it is based in the successive application of the patches corresponding to
the svn trunk revisions:
599385
599496
599497
600482
600493
600497
682788
683242
704917
757463
815719
815741
... plus a specific patch needed to add the ssl_log_cxerror(...) function in
ssl_engine_log.c.
You have to define the HAVE_OCSP define flag at configure time (i.e.
CPPFLAGS='-DHAVE_OCSP') in order to activate the support.
All in all, it could be useful for those that can't wait for the stable version
of 2.3 and needed OCSP support without stapling in 2.2.x series.
Greets.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org