if (!ssl_mutex_init(base_server, p)) {

    if (!ssl_mutex_init(base_server, p)) {

        return HTTP_INTERNAL_SERVER_ERROR;

        return HTTP_INTERNAL_SERVER_ERROR;

    }

    }

    /*

    /*

     * initialize session caching

     * initialize session caching

static int ssl_server_import_cert(server_rec *s,

static int ssl_server_import_cert(server_rec *s,

                                  modssl_ctx_t *mctx,

                                  modssl_ctx_t *mctx,

                                  const char *id,

                                  const char *id,

{

{

    SSLModConfigRec *mc = myModConfig(s);

    SSLModConfigRec *mc = myModConfig(s);

    ssl_asn1_t *asn1;

    ssl_asn1_t *asn1;

#ifdef HAVE_OCSP_STAPLING

#ifdef HAVE_OCSP_STAPLING

    if ((mctx->pkp == FALSE) && (mctx->stapling_enabled == TRUE)) {

    if ((mctx->pkp == FALSE) && (mctx->stapling_enabled == TRUE)) {

            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02235)

            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02235)

                         "Unable to configure server certificate for stapling");

                         "Unable to configure server certificate for stapling");

        }

        }

    ecc_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_ECC);

    ecc_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_ECC);

#endif

#endif

#ifdef HAVE_ECC

#ifdef HAVE_ECC

#endif

#endif

    if (!(have_rsa || have_dsa

    if (!(have_rsa || have_dsa

    } rCtx;

    } rCtx;

} SSLModConfigRec;

} SSLModConfigRec;

/** Structure representing configured filenames for certs and keys for

/** Structure representing configured filenames for certs and keys for

 * a given vhost, and the corresponding in-memory structures once the

 * a given vhost, and the corresponding in-memory structures once the

 * files are parsed.  */

 * files are parsed.  */

    X509        *certs[SSL_AIDX_MAX];

    X509        *certs[SSL_AIDX_MAX];

    EVP_PKEY    *keys[SSL_AIDX_MAX];

    EVP_PKEY    *keys[SSL_AIDX_MAX];

    /** Certificates which specify the set of CA names which should be

    /** Certificates which specify the set of CA names which should be

     * sent in the CertificateRequest message: */

     * sent in the CertificateRequest message: */

    const char  *ca_name_path;

    const char  *ca_name_path;

const char  *ssl_cmd_SSLStaplingForceURL(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLStaplingForceURL(cmd_parms *, void *, const char *);

void         modssl_init_stapling(server_rec *, apr_pool_t *, apr_pool_t *, modssl_ctx_t *);

void         modssl_init_stapling(server_rec *, apr_pool_t *, apr_pool_t *, modssl_ctx_t *);

void         ssl_stapling_ex_init(void);

void         ssl_stapling_ex_init(void);

#endif

#endif

#ifdef HAVE_SRP

#ifdef HAVE_SRP

int          ssl_callback_SRPServerParams(SSL *, int *, void *);

int          ssl_callback_SRPServerParams(SSL *, int *, void *);

#define MAX_STAPLING_DER 10240

#define MAX_STAPLING_DER 10240

static X509 *stapling_get_issuer(modssl_ctx_t *mctx, X509 *x)

static X509 *stapling_get_issuer(modssl_ctx_t *mctx, X509 *x)

{

{

    X509 *issuer = NULL;

    X509 *issuer = NULL;

}

}

{

{

    certinfo *cinf;

    certinfo *cinf;

    X509 *issuer = NULL;

    X509 *issuer = NULL;

    if (x == NULL)

    if (x == NULL)

        return 0;

        return 0;

        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02215)

        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02215)

                     "ssl_stapling_init_cert: certificate already initialized!");

                     "ssl_stapling_init_cert: certificate already initialized!");

        return 0;

        return 0;

    }

    }

    if (!cinf) {

    if (!cinf) {

        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02216)

        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02216)

                     "ssl_stapling_init_cert: error allocating memory!");

                     "ssl_stapling_init_cert: error allocating memory!");

        return 0;

        return 0;

    }

    }

    issuer = stapling_get_issuer(mctx, x);

    issuer = stapling_get_issuer(mctx, x);

    X509_digest(x, EVP_sha1(), cinf->idx, NULL);

    X509_digest(x, EVP_sha1(), cinf->idx, NULL);

    aia = X509_get1_ocsp(x);

    aia = X509_get1_ocsp(x);

    if (!cinf->uri && !mctx->stapling_force_url) {

    if (!cinf->uri && !mctx->stapling_force_url) {

        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02218)

        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02218)

                     "ssl_stapling_init_cert: no responder URL");

                     "ssl_stapling_init_cert: no responder URL");

                                        SSL *ssl)

                                        SSL *ssl)

{

{

    certinfo *cinf;

    certinfo *cinf;

    if (cinf && cinf->cid)

    if (cinf && cinf->cid)

        return cinf;

        return cinf;

    ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, APLOGNO(01926)

    ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, APLOGNO(01926)