You are viewing a plain text version of this content. The canonical link for it is here.

Posted to test-cvs@httpd.apache.org by jo...@apache.org on 2005/09/19 15:42:05 UTC

svn commit: r290157 - /httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c

Author: jorton
Date: Mon Sep 19 06:42:03 2005
New Revision: 290157

URL: http://svn.apache.org/viewcvs?rev=290157&view=rev
Log:
- fix for trunk mod_ssl.

Modified:
    httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c

Modified: httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c
URL: http://svn.apache.org/viewcvs/httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c?rev=290157&r1=290156&r2=290157&view=diff
==============================================================================
--- httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c (original)
+++ httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c Mon Sep 19 06:42:03 2005
@@ -29,7 +29,10 @@
 
 #include "mod_ssl.h"
 
-#if AP_MODULE_MAGIC_AT_LEAST(20050127, 0) /* approx. when ssl_ext_lookup was added */
+#if AP_MODULE_MAGIC_AT_LEAST(20050919, 0) /* ssl_ext_list() implementation added */
+#define HAVE_SSL_EXT_LIST
+static APR_OPTIONAL_FN_TYPE(ssl_ext_list) *ext_list;
+#elif AP_MODULE_MAGIC_AT_LEAST(20050127, 0) /* approx. when ssl_ext_lookup was added */
 #define HAVE_SSL_EXT_LOOKUP
 static APR_OPTIONAL_FN_TYPE(ssl_ext_lookup) *ext_lookup;
 #endif
@@ -52,9 +55,12 @@
 #ifdef HAVE_SSL_EXT_LOOKUP
     ext_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_ext_lookup);
 #endif
+#ifdef HAVE_SSL_EXT_LIST
+    ext_list = APR_RETRIEVE_OPTIONAL_FN(ssl_ext_list);
+#endif
 }
 
-#ifdef HAVE_SSL_EXT_LOOKUP
+#if defined(HAVE_SSL_EXT_LOOKUP) || defined(HAVE_SSL_EXT_LIST)
 static int test_ssl_ext_lookup(request_rec *r)
 {
     const char *value;
@@ -69,12 +75,31 @@
         return OK;
     }
 
+#ifdef HAVE_SSL_EXT_LOOKUP
     if (!ext_lookup) {
         ap_rputs("ssl_ext_lookup not available", r);
         return OK;
     }
 
     value = ext_lookup(r->pool, r->connection, 1, r->args);
+#else
+    if (!ext_list) {
+        ap_rputs("ssl_ext_list not available", r);
+        return OK;
+    }
+    
+    {
+        apr_array_header_t *vals = ext_list(r->pool, r->connection, 1,
+                                            r->args);
+        
+        if (vals) {
+            value = *(const char **)apr_array_pop(vals);
+        }
+        else {
+            value = NULL;
+        }
+    }
+#endif
 
     if (!value) value = "NULL";
     
@@ -125,7 +150,7 @@
 static void test_ssl_register_hooks(apr_pool_t *p)
 {
     ap_hook_handler(test_ssl_var_lookup, NULL, NULL, APR_HOOK_MIDDLE);
-#ifdef HAVE_SSL_EXT_LOOKUP
+#if defined(HAVE_SSL_EXT_LOOKUP) || defined(HAVE_SSL_EXT_LIST)
     ap_hook_handler(test_ssl_ext_lookup, NULL, NULL, APR_HOOK_MIDDLE);
 #endif
     ap_hook_optional_fn_retrieve(import_ssl_var_lookup,

Re: svn commit: r290157 - /httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c

Posted by Geoffrey Young <ge...@modperlcookbook.org>.

> So with 2.1.7 $r->ext_lookup("2.16.840.1.113730.1.13") should return 
> "This Is A Comment" for any SSL vhost in the test suite if it works 
> properly.

excellent!

thanks so much for the info.

--Geoff

Re: svn commit: r290157 - /httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c

Posted by Joe Orton <jo...@redhat.com>.

On Mon, Sep 19, 2005 at 01:39:22PM -0400, Geoffrey Young wrote:
> 
> > +#ifdef HAVE_SSL_EXT_LOOKUP
> >      if (!ext_lookup) {
> >          ap_rputs("ssl_ext_lookup not available", r);
> >          return OK;
> >      }
> 
> hey, speaking of this ext_lookup, can you give me an example of what this
> function does?  in Apache::SSLLookup I've added perl glue for this method,
> and right now I've got 2 forms:
> 
>   my $client_foo = $r->ext_lookup($something, 1);
>   my $server_foo = $r->ext_lookup($something);
> 
> but I really could never figure out what to glean from the generated ssl
> certificates to test against, what to pass as $something, etc.

"$something" should be the OID (unique identifier) of the extension 
which you wish to look up.

The ssl_ext_lookup function has just been replaced with ssl_ext_list so 
you'd probably want to support the latter.  ssl_ext_list returns an 
array of all extensions with that 

All the certificates which are automatically generated in Apache-Test 
have an "nsComment" extension, which has OID "2.16.840.1.113730.1.13", 
set to "This Is A Comment", that's what I used for the t/ssl/extlookup.t 
test.

So with 2.1.7 $r->ext_lookup("2.16.840.1.113730.1.13") should return 
"This Is A Comment" for any SSL vhost in the test suite if it works 
properly.

joe

Re: svn commit: r290157 - /httpd/test/trunk/perl-framework/c-modules/test_ssl/mod_test_ssl.c

Posted by Geoffrey Young <ge...@modperlcookbook.org>.

> +#ifdef HAVE_SSL_EXT_LOOKUP
>      if (!ext_lookup) {
>          ap_rputs("ssl_ext_lookup not available", r);
>          return OK;
>      }

hey, speaking of this ext_lookup, can you give me an example of what this
function does?  in Apache::SSLLookup I've added perl glue for this method,
and right now I've got 2 forms:

  my $client_foo = $r->ext_lookup($something, 1);
  my $server_foo = $r->ext_lookup($something);

but I really could never figure out what to glean from the generated ssl
certificates to test against, what to pass as $something, etc.

ideas?

--Geoff