ASF Bugzilla – Attachment 18752 Details for
Bug 40312
ssl_engine_init.c, ssl_init_ctx_verify contains a never-true if condition.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for 2.2.3 which fixes the invalid if condition, and logs openssl errors if SSLCACertificateFile fails to load
2.2-head.patch (text/plain), 1.10 KB, created by
Paul Tiemann
on 2006-08-24 21:14:09 UTC
(
hide
)
Description:
Patch for 2.2.3 which fixes the invalid if condition, and logs openssl errors if SSLCACertificateFile fails to load
Filename:
MIME Type:
Creator:
Paul Tiemann
Created:
2006-08-24 21:14:09 UTC
Size:
1.10 KB
patch
obsolete
>--- ssl_engine_init.c 2006-07-23 05:11:58.000000000 -0600 >+++ ssl_engine_init-patched.c 2006-08-24 14:26:01.000000000 -0600 >@@ -557,7 +557,7 @@ > ca_list = ssl_init_FindCAList(s, ptemp, > mctx->auth.ca_cert_file, > mctx->auth.ca_cert_path); >- if (!ca_list) { >+ if (sk_X509_NAME_num(ca_list) == 0) { > ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, > "Unable to determine list of acceptable " > "CA certificates for client authentication"); >@@ -1151,6 +1151,15 @@ > */ > if (ca_file) { > ssl_init_PushCAList(ca_list, s, ca_file); >+ /* >+ * If ca_list is still empty after trying to load ca_file >+ * then the file failed to load, and users should hear about that. >+ */ >+ if (sk_X509_NAME_num(ca_list) == 0) { >+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, >+ "Failed to load SSLCACertificateFile: %s", file); >+ ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); >+ } > } > > /*
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 40312
:
18751
| 18752