OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: svn commit: r1844002 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c


This fix at least formally applies to 2.4.x as well? Shouldn't it get backported?

Due to the below svn log message the bug was introduced by the feature that SSLProxy* can be used in <Proxy> sections. That feature got backported to 2.4.x, so probably this fix here should be backported as well.

Regards,

Rainer

Am 16.10.2018 um 14:55 schrieb rpluem@xxxxxxxxxx:
Author: rpluem
Date: Tue Oct 16 12:55:01 2018
New Revision: 1844002

URL: http://svn.apache.org/viewvc?rev=1844002&view=rev
Log:
* Correctly merge configurations that have client certificates set
   by SSLProxyMachineCertificate{File|Path}.
   The certificates and keys loaded during configuration time got lost during
   runtime if e.g. SSLProxyMachineCertificate{File|Path} was set on virtual host
   level and there was an SSL directive at directory level, e.g. SSLRequire.
   This fixes a regression likely introduced in r1740928.

Modified:
     httpd/httpd/trunk/CHANGES
     httpd/httpd/trunk/modules/ssl/ssl_engine_config.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1844002&r1=1844001&r2=1844002&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Oct 16 12:55:01 2018
@@ -1,6 +1,9 @@
                                                           -*- coding: utf-8 -*-
  Changes with Apache 2.5.1
+ *) mod_ssl: Correctly merge configurations that have client certificates set
+     by SSLProxyMachineCertificate{File|Path}. [Ruediger Pluem]
+
    *) core: Ensure that aborted connections are logged as such. PR 62823
       [Arnaud Grandville <contact@xxxxxxxxxxxxxx>]
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=1844002&r1=1844001&r2=1844002&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Tue Oct 16 12:55:01 2018
@@ -433,6 +433,8 @@ static void modssl_ctx_cfg_merge_proxy(a
      cfgMergeString(pkp->cert_file);
      cfgMergeString(pkp->cert_path);
      cfgMergeString(pkp->ca_cert_file);
+    cfgMergeString(pkp->certs);
+    cfgMergeString(pkp->ca_certs);
  }
void *ssl_config_perdir_merge(apr_pool_t *p, void *basev, void *addv)