[patch] Patch for 2.2.3 which fixes the invalid if condition, and logs openssl errors if SSLCACertificateFile fails to load

2.2-head.patch (text/plain), 1.10 KB, created by Paul Tiemann on 2006-08-24 21:14:09 UTC

(hide)

Description: Patch for 2.2.3 which fixes the invalid if condition, and logs openssl errors if SSLCACertificateFile fails to load

Filename:

MIME Type:

Creator: Paul Tiemann

Created: 2006-08-24 21:14:09 UTC

Size: 1.10 KB

patch

obsolete

>--- ssl_engine_init.c 2006-07-23 05:11:58.000000000 -0600 >+++ ssl_engine_init-patched.c 2006-08-24 14:26:01.000000000 -0600 >@@ -557,7 +557,7 @@ > ca_list = ssl_init_FindCAList(s, ptemp, > mctx->auth.ca_cert_file, > mctx->auth.ca_cert_path); >- if (!ca_list) { >+ if (sk_X509_NAME_num(ca_list) == 0) { > ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, > "Unable to determine list of acceptable " > "CA certificates for client authentication"); >@@ -1151,6 +1151,15 @@ > */ > if (ca_file) { > ssl_init_PushCAList(ca_list, s, ca_file); >+ /* >+ * If ca_list is still empty after trying to load ca_file >+ * then the file failed to load, and users should hear about that. >+ */ >+ if (sk_X509_NAME_num(ca_list) == 0) { >+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, >+ "Failed to load SSLCACertificateFile: %s", file); >+ ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); >+ } > } > > /* View Attachment As Diff View Attachment As Raw

This is ASF Bugzilla: the Apache Software Foundation bug system. In case of problems with the functioning of ASF Bugzilla, please contact bugzilla-admin@apache.org. Please Note: this e-mail address is only for reporting problems with ASF Bugzilla. Mail about any other subject will be silently ignored.

• • Home
  • | New
  • | Browse
  • | Search
  • |
    [?]
  • | Reports
  • | Help
  • | New Account
  • | Log In
    Remember [x]
  • | Forgot Password
    Login: [x]