Author: ylavic
Date: Thu Feb 22 14:17:43 2024
New Revision: 1915951
URL: http://svn.apache.org/viewvc?rev=1915951&view=rev
Log:
Follow-up to r1825120:
* modules/ssl/ssl_engine_init.c (ssl_init_ca_cert_path): Since
SSL_add_file_cert_subjects_to_stack() internally replaces the
comparison callback with one equivalent to
ssl_init_FindCAList_X509NameCmp, there's no point in using that
here.
(ssl_init_FindCAList_X509NameCmp): Removed.
Merges r1825124 from https://svn.apache.org/repos/asf/httpd/httpd/trunk.
Submitted by: jorton
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1825124
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1915951&r1=1915950&r2=1915951&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Thu Feb 22 14:17:43 2024
@@ -160,12 +160,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
rpluem says: This has conflict in modules/http2/h2_version.h. Otherwise
+1 from me on the backport.
- *) mod_ssl: follow-up to r1825120 to simplify code (no functional change)
- trunk patch: https://svn.apache.org/r1825124
- 2.4.x patch: svn merge -c 1825124 ^/httpd/httpd/trunk .
- Github PR: https://github.com/apache/httpd/pull/412
- +1: jorton, ylavic, jfclere
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[. New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c?rev=1915951&r1=1915950&r2=1915951&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c Thu Feb 22 14:17:43 2024
@@ -2242,12 +2242,6 @@ int ssl_proxy_section_post_config(apr_po
return OK;
}
-static int ssl_init_FindCAList_X509NameCmp(const X509_NAME * const *a,
- const X509_NAME * const *b)
-{
- return(X509_NAME_cmp(*a, *b));
-}
-
static apr_status_t ssl_init_ca_cert_path(server_rec *s,
apr_pool_t *ptemp,
const char *path,
@@ -2287,13 +2281,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList
const char *ca_file,
const char *ca_path)
{
- STACK_OF(X509_NAME) *ca_list;
-
- /*
- * Start with a empty stack/list where new
- * entries get added in sorted order.
- */
- ca_list = sk_X509_NAME_new(ssl_init_FindCAList_X509NameCmp);
+ STACK_OF(X509_NAME) *ca_list = sk_X509_NAME_new_null();;
/*
* Process CA certificate bundle file
@@ -2323,11 +2311,6 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList
return NULL;
}
- /*
- * Cleanup
- */
- (void) sk_X509_NAME_set_cmp_func(ca_list, NULL);
-
return ca_list;
}
Date: Thu Feb 22 14:17:43 2024
New Revision: 1915951
URL: http://svn.apache.org/viewvc?rev=1915951&view=rev
Log:
Follow-up to r1825120:
* modules/ssl/ssl_engine_init.c (ssl_init_ca_cert_path): Since
SSL_add_file_cert_subjects_to_stack() internally replaces the
comparison callback with one equivalent to
ssl_init_FindCAList_X509NameCmp, there's no point in using that
here.
(ssl_init_FindCAList_X509NameCmp): Removed.
Merges r1825124 from https://svn.apache.org/repos/asf/httpd/httpd/trunk.
Submitted by: jorton
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1825124
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1915951&r1=1915950&r2=1915951&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Thu Feb 22 14:17:43 2024
@@ -160,12 +160,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
rpluem says: This has conflict in modules/http2/h2_version.h. Otherwise
+1 from me on the backport.
- *) mod_ssl: follow-up to r1825120 to simplify code (no functional change)
- trunk patch: https://svn.apache.org/r1825124
- 2.4.x patch: svn merge -c 1825124 ^/httpd/httpd/trunk .
- Github PR: https://github.com/apache/httpd/pull/412
- +1: jorton, ylavic, jfclere
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[. New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c?rev=1915951&r1=1915950&r2=1915951&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c Thu Feb 22 14:17:43 2024
@@ -2242,12 +2242,6 @@ int ssl_proxy_section_post_config(apr_po
return OK;
}
-static int ssl_init_FindCAList_X509NameCmp(const X509_NAME * const *a,
- const X509_NAME * const *b)
-{
- return(X509_NAME_cmp(*a, *b));
-}
-
static apr_status_t ssl_init_ca_cert_path(server_rec *s,
apr_pool_t *ptemp,
const char *path,
@@ -2287,13 +2281,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList
const char *ca_file,
const char *ca_path)
{
- STACK_OF(X509_NAME) *ca_list;
-
- /*
- * Start with a empty stack/list where new
- * entries get added in sorted order.
- */
- ca_list = sk_X509_NAME_new(ssl_init_FindCAList_X509NameCmp);
+ STACK_OF(X509_NAME) *ca_list = sk_X509_NAME_new_null();;
/*
* Process CA certificate bundle file
@@ -2323,11 +2311,6 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList
return NULL;
}
- /*
- * Cleanup
- */
- (void) sk_X509_NAME_set_cmp_func(ca_list, NULL);
-
return ca_list;
}