View | Details | Raw Unified | Return to bug 39636
Collapse All | Expand All

(-)jakarta-tomcat-connectors-1.2.15-src/jk/native/apache-1.3/mod_jk.c.orig (+39 lines)
Lines 127-132 Link Here
127 
    int ssl_enable;
 127 
    int ssl_enable;
128 
    char *https_indicator;
 128 
    char *https_indicator;
129 
    char *certs_indicator;
 129 
    char *certs_indicator;
130 
    char *certchain_indicator;
130 
    char *cipher_indicator;
 131 
    char *cipher_indicator;
131 
    char *session_indicator;
 132 
    char *session_indicator;
132 
    char *key_size_indicator;
 133 
    char *key_size_indicator;
Lines 559-570 Link Here
559 
                (char *)ap_table_get(r->subprocess_env,
 560 
                (char *)ap_table_get(r->subprocess_env,
560 
                                     conf->https_indicator);
 561 
                                     conf->https_indicator);
561 
            if (ssl_temp && !strcasecmp(ssl_temp, "on")) {
 562 
            if (ssl_temp && !strcasecmp(ssl_temp, "on")) {
563 
                array_header *t = ap_table_elts(r->subprocess_env);
562 
                s->is_ssl = JK_TRUE;
 564 
                s->is_ssl = JK_TRUE;
563 
                s->ssl_cert =
 565 
                s->ssl_cert =
564 
                    (char *)ap_table_get(r->subprocess_env,
 566 
                    (char *)ap_table_get(r->subprocess_env,
565 
                                         conf->certs_indicator);
 567 
                                         conf->certs_indicator);
568 
                if (t && t->nelts) {
569 
                    int i;
570 
                    table_entry *elts = (table_entry *) t->elts;
571 
                    array_header *certs = ap_make_array(r->pool, 1, sizeof(char *));
572 
                    *(const char **)ap_push_array(certs) = s->ssl_cert;
573 
                    for (i = 0; i < t->nelts; i++) {
574 
                       if (!elts[i].key)
575 
                           continue;
576 
                       if (!strncasecmp(elts[i].key, conf->certchain_indicator, strlen(conf->certchain_indicator)))
577 
                           *(const char **)ap_push_array(certs) = elts[i].val;
578 
                    }
579 
                    s->ssl_cert = ap_array_pstrcat(r->pool, certs, '\0');
580 
                }
566 
                if (s->ssl_cert) {
 581 
                if (s->ssl_cert) {
567 
                    s->ssl_cert_len = strlen(s->ssl_cert);
 582 
                    s->ssl_cert_len = strlen(s->ssl_cert);
583 
                    jk_log(conf->log ? conf->log : main_log, JK_LOG_DEBUG, "length of SSL client certificate: %d bytes, dump follows:\n%s", s->ssl_cert_len, s->ssl_cert);
568 
                }
 584 
                }
569 
                /* Servlet 2.3 API */
 585 
                /* Servlet 2.3 API */
570 
                s->ssl_cipher =
 586 
                s->ssl_cipher =
Lines 1408-1413 Link Here
1408 
}
 1424 
}
1409 

          1425
          

        

        

          1410
          
/*

          1426
          
/*

        

            

              
              
              1427
              
 * JkCERTCHAINIndicator Directive Handling

            

            

              1428
              
 *

            

            

              1429
              
 * JkCERTCHAINIndicator SSL_CLIENT_CERT_CHAIN_

            

            

              1430
              
 */

            

            

              1431
              

            

            

              1432
              
static const char *jk_set_certchain_indicator(cmd_parms * cmd,

            

            

              1433
              
                                              void *dummy, char *indicator)

            

            

              1434
              
{

            

            

              1435
              
    server_rec *s = cmd->server;

            

            

              1436
              
    jk_server_conf_t *conf =

            

            

              1437
              
        (jk_server_conf_t *) ap_get_module_config(s->module_config,

            

            

              1438
              
                                                  &jk_module);

            

            

              1439
              

            

            

              1440
              
    conf->certchain_indicator = ap_pstrdup(cmd->pool, indicator);

            

            

              1441
              
    return NULL;

            

            

              1442
              
}

            

            

              1443
              

            

            

              1444
              
/*

            

        

          1411
          
 * JkCIPHERIndicator Directive Handling

          1445
          
 * JkCIPHERIndicator Directive Handling

        

        

          1412
          
 *

          1446
          
 *

        

        

          1413
          
 * JkCIPHERIndicator SSL_CIPHER

          1447
          
 * JkCIPHERIndicator SSL_CIPHER

        

  

    
      
            Lines 1663-1668
          
      
      
        Link Here
      
    
  

        

          1663
          
     *

          1697
          
     *

        

        

          1664
          
     * HTTPS - indication for SSL

          1698
          
     * HTTPS - indication for SSL

        

        

          1665
          
     * CERTS - Base64-Der-encoded client certificates.

          1699
          
     * CERTS - Base64-Der-encoded client certificates.

        

            

              
              
              1700
              
     * CERTCHAIN - Base64-Der-encoded client chain certificates.

            

        

          1666
          
     * CIPHER - A string specifing the ciphers suite in use.

          1701
          
     * CIPHER - A string specifing the ciphers suite in use.

        

        

          1667
          
     * SESSION - A string specifing the current SSL session.

          1702
          
     * SESSION - A string specifing the current SSL session.

        

        

          1668
          
     * KEYSIZE - Size of Key used in dialogue (#bits are secure)

          1703
          
     * KEYSIZE - Size of Key used in dialogue (#bits are secure)

        

  

    
      
            Lines 1671-1676
          
      
      
        Link Here
      
    
  

        

          1671
          
     "Name of the Apache environment that contains SSL indication"},

          1706
          
     "Name of the Apache environment that contains SSL indication"},

        

        

          1672
          
    {"JkCERTSIndicator", jk_set_certs_indicator, NULL, RSRC_CONF, TAKE1,

          1707
          
    {"JkCERTSIndicator", jk_set_certs_indicator, NULL, RSRC_CONF, TAKE1,

        

        

          1673
          
     "Name of the Apache environment that contains SSL client certificates"},

          1708
          
     "Name of the Apache environment that contains SSL client certificates"},

        

            

              
              
              1709
              
    {"JkCERTCHAINIndicator", jk_set_certchain_indicator, NULL, RSRC_CONF, TAKE1,

            

            

              1710
              
     "Name of the Apache environment (prefix) that contains SSL client chain certificates"},

            

        

          1674
          
    {"JkCIPHERIndicator", jk_set_cipher_indicator, NULL, RSRC_CONF, TAKE1,

          1711
          
    {"JkCIPHERIndicator", jk_set_cipher_indicator, NULL, RSRC_CONF, TAKE1,

        

        

          1675
          
     "Name of the Apache environment that contains SSL client cipher"},

          1712
          
     "Name of the Apache environment that contains SSL client cipher"},

        

        

          1676
          
    {"JkSESSIONIndicator", jk_set_session_indicator, NULL, RSRC_CONF, TAKE1,

          1713
          
    {"JkSESSIONIndicator", jk_set_session_indicator, NULL, RSRC_CONF, TAKE1,

        

  

    
      
            Lines 1896-1901
          
      
      
        Link Here
      
    
  

        

          1896
          
     */

          1933
          
     */

        

        

          1897
          
    c->https_indicator = "HTTPS";

          1934
          
    c->https_indicator = "HTTPS";

        

        

          1898
          
    c->certs_indicator = "SSL_CLIENT_CERT";

          1935
          
    c->certs_indicator = "SSL_CLIENT_CERT";

        

            

              
              
              1936
              
    c->certchain_indicator = "SSL_CLIENT_CERT_CHAIN_";

            

        

          1899
          

          1937
          

        

        

          1900
          
    /*

          1938
          
    /*

        

        

          1901
          
     * The following (comented out) environment variables match apache_ssl!

          1939
          
     * The following (comented out) environment variables match apache_ssl!

        

  

    
      
            Lines 1960-1965
          
      
      
        Link Here
      
    
  

        

          1960
          
        overrides->ssl_enable = base->ssl_enable;

          1998
          
        overrides->ssl_enable = base->ssl_enable;

        

        

          1961
          
        overrides->https_indicator = base->https_indicator;

          1999
          
        overrides->https_indicator = base->https_indicator;

        

        

          1962
          
        overrides->certs_indicator = base->certs_indicator;

          2000
          
        overrides->certs_indicator = base->certs_indicator;

        

            

              
              
              2001
              
        overrides->certchain_indicator = base->certchain_indicator;

            

        

          1963
          
        overrides->cipher_indicator = base->cipher_indicator;

          2002
          
        overrides->cipher_indicator = base->cipher_indicator;

        

        

          1964
          
        overrides->session_indicator = base->session_indicator;

          2003
          
        overrides->session_indicator = base->session_indicator;

        

        

          1965
          
        overrides->key_size_indicator = base->key_size_indicator;

          2004
          
        overrides->key_size_indicator = base->key_size_indicator;

        



(-)jakarta-tomcat-connectors-1.2.15-src/jk/native/apache-2.0/mod_jk.c.orig
      (+40 lines)




  

    
      
            Lines 170-175
          
      
      
        Link Here
      
    
  

        

          170
          
    int ssl_enable;

          170
          
    int ssl_enable;

        

        

          171
          
    char *https_indicator;

          171
          
    char *https_indicator;

        

        

          172
          
    char *certs_indicator;

          172
          
    char *certs_indicator;

        

            

              
              
              173
              
    char *certchain_indicator;

            

        

          173
          
    char *cipher_indicator;

          174
          
    char *cipher_indicator;

        

        

          174
          
    char *session_indicator;    /* Servlet API 2.3 requirement */

          175
          
    char *session_indicator;    /* Servlet API 2.3 requirement */

        

        

          175
          
    char *key_size_indicator;   /* Servlet API 2.3 requirement */

          176
          
    char *key_size_indicator;   /* Servlet API 2.3 requirement */

        

  

    
      
            Lines 599-610
          
      
      
        Link Here
      
    
  

        

          599
          
                (char *)apr_table_get(r->subprocess_env,

          600
          
                (char *)apr_table_get(r->subprocess_env,

        

        

          600
          
                                      conf->https_indicator);

          601
          
                                      conf->https_indicator);

        

        

          601
          
            if (ssl_temp && !strcasecmp(ssl_temp, "on")) {

          602
          
            if (ssl_temp && !strcasecmp(ssl_temp, "on")) {

        

            

              
              
              603
              
                const apr_array_header_t *t = apr_table_elts(r->subprocess_env);

            

        

          602
          
                s->is_ssl = JK_TRUE;

          604
          
                s->is_ssl = JK_TRUE;

        

        

          603
          
                s->ssl_cert =

          605
          
                s->ssl_cert =

        

        

          604
          
                    (char *)apr_table_get(r->subprocess_env,

          606
          
                    (char *)apr_table_get(r->subprocess_env,

        

        

          605
          
                                          conf->certs_indicator);

          607
          
                                          conf->certs_indicator);

        

            

              
              
              608
              
                if (t && t->nelts) {

            

            

              609
              
                    int i;

            

            

              610
              
                    const apr_table_entry_t *elts = (const apr_table_entry_t *) t->elts;

            

            

              611
              
                    apr_array_header_t *certs = apr_array_make(r->pool, 1, sizeof(char *));

            

            

              612
              
                    *(const char **)apr_array_push(certs) = s->ssl_cert;

            

            

              613
              
                    for (i = 0; i < t->nelts; i++) {

            

            

              614
              
                        if (!elts[i].key)

            

            

              615
              
                            continue;

            

            

              616
              
                        if (!strncasecmp(elts[i].key, conf->certchain_indicator, strlen(conf->certchain_indicator)))

            

            

              617
              
                            *(const char **)apr_array_push(certs) = elts[i].val;

            

            

              618
              
                    }

            

            

              619
              
                    s->ssl_cert = apr_array_pstrcat(r->pool, certs, '\0');

            

            

              620
              
                }

            

        

          606
          
                if (s->ssl_cert) {

          621
          
                if (s->ssl_cert) {

        

        

          607
          
                    s->ssl_cert_len = strlen(s->ssl_cert);

          622
          
                    s->ssl_cert_len = strlen(s->ssl_cert);

        

            

              
              
              623
              
                    jk_log(conf->log, JK_LOG_DEBUG, "length of SSL client certificate: %d bytes, dump follows:\n%s", s->ssl_cert_len, s->ssl_cert);

            

        

          608
          
                }

          624
          
                }

        

        

          609
          
                /* Servlet 2.3 API */

          625
          
                /* Servlet 2.3 API */

        

        

          610
          
                s->ssl_cipher =

          626
          
                s->ssl_cipher =

        

  

    
      
            Lines 1433-1438
          
      
      
        Link Here
      
    
  

        

          1433
          
}

          1449
          
}

        

        

          1434
          

          1450
          

        

        

          1435
          
/*

          1451
          
/*

        

            

              
              
              1452
              
 * JkCERTCHAINIndicator Directive Handling

            

            

              1453
              
 *

            

            

              1454
              
 * JkCERTCHAINIndicator SSL_CLIENT_CERT_CHAIN_

            

            

              1455
              
 */

            

            

              1456
              

            

            

              1457
              
static const char *jk_set_certchain_indicator(cmd_parms * cmd,

            

            

              1458
              
                                              void *dummy, const char *indicator)

            

            

              1459
              
{

            

            

              1460
              
    server_rec *s = cmd->server;

            

            

              1461
              
    jk_server_conf_t *conf =

            

            

              1462
              
        (jk_server_conf_t *) ap_get_module_config(s->module_config,

            

            

              1463
              
                                                  &jk_module);

            

            

              1464
              

            

            

              1465
              
    conf->certchain_indicator = apr_pstrdup(cmd->pool, indicator);

            

            

              1466
              

            

            

              1467
              
    return NULL;

            

            

              1468
              
}

            

            

              1469
              

            

            

              1470
              
/*

            

        

          1436
          
 * JkCIPHERIndicator Directive Handling

          1471
          
 * JkCIPHERIndicator Directive Handling

        

        

          1437
          
 *

          1472
          
 *

        

        

          1438
          
 * JkCIPHERIndicator SSL_CIPHER

          1473
          
 * JkCIPHERIndicator SSL_CIPHER

        

  

    
      
            Lines 1700-1705
          
      
      
        Link Here
      
    
  

        

          1700
          
     *

          1735
          
     *

        

        

          1701
          
     * HTTPS - indication for SSL

          1736
          
     * HTTPS - indication for SSL

        

        

          1702
          
     * CERTS - Base64-Der-encoded client certificates.

          1737
          
     * CERTS - Base64-Der-encoded client certificates.

        

            

              
              
              1738
              
     * CERTCHAIN - Base64-Der-encoded client chain certificates.

            

        

          1703
          
     * CIPHER - A string specifing the ciphers suite in use.

          1739
          
     * CIPHER - A string specifing the ciphers suite in use.

        

        

          1704
          
     * KEYSIZE - Size of Key used in dialogue (#bits are secure)

          1740
          
     * KEYSIZE - Size of Key used in dialogue (#bits are secure)

        

        

          1705
          
     * SESSION - A string specifing the current SSL session.

          1741
          
     * SESSION - A string specifing the current SSL session.

        

  

    
      
            Lines 1708-1713
          
      
      
        Link Here
      
    
  

        

          1708
          
                  "Name of the Apache environment that contains SSL indication"),

          1744
          
                  "Name of the Apache environment that contains SSL indication"),

        

        

          1709
          
    AP_INIT_TAKE1("JkCERTSIndicator", jk_set_certs_indicator, NULL, RSRC_CONF,

          1745
          
    AP_INIT_TAKE1("JkCERTSIndicator", jk_set_certs_indicator, NULL, RSRC_CONF,

        

        

          1710
          
                  "Name of the Apache environment that contains SSL client certificates"),

          1746
          
                  "Name of the Apache environment that contains SSL client certificates"),

        

            

              
              
              1747
              
    AP_INIT_TAKE1("JkCERTCHAINIndicator", jk_set_certchain_indicator, NULL, RSRC_CONF,

            

            

              1748
              
                  "Name of the Apache environment (prefix) that contains SSL client chain certificates"),

            

        

          1711
          
    AP_INIT_TAKE1("JkCIPHERIndicator", jk_set_cipher_indicator, NULL,

          1749
          
    AP_INIT_TAKE1("JkCIPHERIndicator", jk_set_cipher_indicator, NULL,

        

        

          1712
          
                  RSRC_CONF,

          1750
          
                  RSRC_CONF,

        

        

          1713
          
                  "Name of the Apache environment that contains SSL client cipher"),

          1751
          
                  "Name of the Apache environment that contains SSL client cipher"),

        

  

    
      
            Lines 2069-2074
          
      
      
        Link Here
      
    
  

        

          2069
          
     */

          2107
          
     */

        

        

          2070
          
    c->https_indicator = "HTTPS";

          2108
          
    c->https_indicator = "HTTPS";

        

        

          2071
          
    c->certs_indicator = "SSL_CLIENT_CERT";

          2109
          
    c->certs_indicator = "SSL_CLIENT_CERT";

        

            

              
              
              2110
              
    c->certchain_indicator = "SSL_CLIENT_CERT_CHAIN_";

            

        

          2072
          

          2111
          

        

        

          2073
          
    /*

          2112
          
    /*

        

        

          2074
          
     * The following (comented out) environment variables match apache_ssl!

          2113
          
     * The following (comented out) environment variables match apache_ssl!

        

  

    
      
            Lines 2138-2143
          
      
      
        Link Here
      
    
  

        

          2138
          
        overrides->ssl_enable = base->ssl_enable;

          2177
          
        overrides->ssl_enable = base->ssl_enable;

        

        

          2139
          
        overrides->https_indicator = base->https_indicator;

          2178
          
        overrides->https_indicator = base->https_indicator;

        

        

          2140
          
        overrides->certs_indicator = base->certs_indicator;

          2179
          
        overrides->certs_indicator = base->certs_indicator;

        

            

              
              
              2180
              
        overrides->certchain_indicator = base->certchain_indicator;

            

        

          2141
          
        overrides->cipher_indicator = base->cipher_indicator;

          2181
          
        overrides->cipher_indicator = base->cipher_indicator;

        

        

          2142
          
        overrides->session_indicator = base->session_indicator;

          2182
          
        overrides->session_indicator = base->session_indicator;

        

        

          2143
          
    }

          2183
          
    }

        






  

  Return to bug 39636