Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Dev

Re: svn commit: r832496 - in /httpd/httpd/trunk/modules/ssl: ssl_toolkit_compat.h ssl_util_stapling.c

  

 
Apache dev RSS feed   Index | Next | Previous | View Threaded


rpluem at apache

Nov 3, 2009, 11:45 AM

Post #1 of 3 (107 views)
Permalink
Re: svn commit: r832496 - in /httpd/httpd/trunk/modules/ssl: ssl_toolkit_compat.h ssl_util_stapling.c
On 11/03/2009 07:19 PM, sctemme[at]apache.org wrote:
> Author: sctemme
> Date: Tue Nov 3 18:19:33 2009
> New Revision: 832496
>
> URL: http://svn.apache.org/viewvc?rev=832496&view=rev
> Log:
> We now check for OCSP support in configure, so we can lose an OpenSSL version
> number check. Use a type safe STACK.
>
> Modified:
> httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h
> httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c
>
> Modified: httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h?rev=832496&r1=832495&r2=832496&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h (original)
> +++ httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h Tue Nov 3 18:19:33 2009
> @@ -39,8 +39,7 @@
> #include <openssl/rand.h>
> #include <openssl/x509v3.h>
>
> -#if OPENSSL_VERSION_NUMBER >= 0x00907000
> -#define HAVE_OCSP
> +#ifdef HAVE_OCSP
> #include <openssl/x509_vfy.h>
> #include <openssl/ocsp.h>
> #endif

I guess this brings back some problems on Windows and Netware:

See threads starting at

http://mail-archives.apache.org/mod_mbox/httpd-dev/200910.mbox/%3c4AE6579F.1040203[at]apache.org%3e

and

http://mail-archives.apache.org/mod_mbox/httpd-dev/200911.mbox/%3c4AEF4250.3080005[at]apache.org%3e

But I guess Guenther can explain this better.

Regards

Rüdiger


fuankg at apache

Nov 3, 2009, 11:47 AM

Post #2 of 3 (99 views)
Permalink
Re: svn commit: r832496 - in /httpd/httpd/trunk/modules/ssl: ssl_toolkit_compat.h ssl_util_stapling.c [In reply to]
Hi Sander,
sctemme[at]apache.org schrieb:
> Author: sctemme
> Date: Tue Nov 3 18:19:33 2009
> New Revision: 832496
>
> URL: http://svn.apache.org/viewvc?rev=832496&view=rev
> Log:
> We now check for OCSP support in configure, so we can lose an OpenSSL version
> number check. Use a type safe STACK.
I was just discussing this with Ruediger, and I introduced the version
number check because this also works with non-configure platforms like
NetWare and Win32; it would be better to remove the configure check,
though we were unsure if something else might use HAVE_OCSP (though I
doubt); if we like to stay with the configure check for whatever reason
then please lets do:

#ifndef HAVE_OCSP
#if OPENSSL_VERSION_NUMBER >= 0x00907000
#define HAVE_OCSP
#include <openssl/x509_vfy.h>
#include <openssl/ocsp.h>
#endif
#endif

thanks, Gün.


fuankg at apache

Nov 3, 2009, 11:51 AM

Post #3 of 3 (99 views)
Permalink
Re: svn commit: r832496 - in /httpd/httpd/trunk/modules/ssl: ssl_toolkit_compat.h ssl_util_stapling.c [In reply to]
Hi,
Guenter Knauf schrieb:
> then please lets do:
>
> #ifndef HAVE_OCSP
> #if OPENSSL_VERSION_NUMBER >= 0x00907000
> #define HAVE_OCSP
> #include <openssl/x509_vfy.h>
> #include <openssl/ocsp.h>
> #endif
> #endif
whoups, meant:

#ifndef HAVE_OCSP
#if OPENSSL_VERSION_NUMBER >= 0x00907000
#define HAVE_OCSP
#endif
#endif
#ifdef HAVE_OCSP
#include <openssl/x509_vfy.h>
#include <openssl/ocsp.h>
#endif

Gün.

Apache dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.