*) mod_md v2.2.3:
- Configuring MDCAChallenges replaces any previous existing challenge configuration. It
had been additive before which was not the intended behaviour. [@mkauf]
- Fixing order of ACME challenges used when nothing else configured. Code now behaves as
documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
- Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
- Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
"transfer-encoding" to POST requests. This failed in directy communication with
Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing. [Stefan Eissing]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1869394 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.4.42
+
+ *) mod_md v2.2.3:
+ - Configuring MDCAChallenges replaces any previous existing challenge configuration. It
+ had been additive before which was not the intended behaviour. [@mkauf]
+ - Fixing order of ACME challenges used when nothing else configured. Code now behaves as
+ documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
+ - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
+ - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
+ "transfer-encoding" to POST requests. This failed in directy communication with
+ Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing. [Stefan Eissing]
*) mod_md: Adding the several new features.
The module offers an implementation of OCSP Stapling that can replace fully or
}
else {
/* free to chose. Add all we support and see what we get offered */
- APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_HTTP01;
APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_TLSALPN01;
+ APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_HTTP01;
APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_DNS01;
if (!d->can_http && !d->can_https
curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, timeout_sec(req->timeout.stalled));
}
+ if (req->body_len >= 0) {
+ /* set the Content-Length */
+ curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)req->body_len);
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)req->body_len);
+ }
+
if (req->user_agent) {
curl_easy_setopt(curl, CURLOPT_USERAGENT, req->user_agent);
}
req->cb.on_response_data = baton;
}
-static void req_init_cl(md_http_request_t *req)
-{
- if (req->body_len == 0 && apr_strnatcasecmp("GET", req->method)) {
- apr_table_setn(req->headers, "Content-Length", "0");
- }
- else if (req->body_len > 0) {
- apr_table_setn(req->headers, "Content-Length", apr_off_t_toa(req->pool, req->body_len));
- }
-}
-
apr_status_t md_http_perform(md_http_request_t *req)
{
- req_init_cl(req);
return req->http->impl->perform(req);
}
md_http_t *http, int in_flight)
{
nextreq_proxy_t *proxy = baton;
- apr_status_t rv;
- rv = proxy->nextreq(preq, proxy->baton, http, in_flight);
- if (APR_SUCCESS == rv) req_init_cl(*preq);
- return rv;
+ return proxy->nextreq(preq, proxy->baton, http, in_flight);
}
apr_status_t md_http_multi_perform(md_http_t *http, md_http_next_req *nextreq, void *baton)
* @macro
* Version number of the md module as c string
*/
-#define MOD_MD_VERSION "2.2.1"
+#define MOD_MD_VERSION "2.2.3"
/**
* @macro
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_MD_VERSION_NUM 0x020201
+#define MOD_MD_VERSION_NUM 0x020203
#define MD_ACME_DEF_URL "https://acme-v02.api.letsencrypt.org/directory"
pcha = &config->ca_challenges;
ca_challenges = *pcha;
- if (!ca_challenges) {
+ if (ca_challenges) {
+ apr_array_clear(ca_challenges);
+ }
+ else {
*pcha = ca_challenges = apr_array_make(cmd->pool, 5, sizeof(const char *));
}
for (i = 0; i < argc; ++i) {
projects / thirdparty / apache / httpd.git / commitdiff
