git.ipfire.org Git - thirdparty/apache/httpd.git/commit

author	Joe Orton <jorton@apache.org>
	Fri, 19 Mar 2021 15:15:36 +0000 (15:15 +0000)
committer	Joe Orton <jorton@apache.org>
	Fri, 19 Mar 2021 15:15:36 +0000 (15:15 +0000)
commit	1c76cd30813ac630b3ced614247bb96fa24df964
tree	46f99b9af03afef226d26aea33a9a351b82ac3dd	tree \| snapshot
parent	f7e848dd2808956aea893c556ad778b2f079e41b	commit \| diff

mod_ssl: Add base64-encoded DER certificate variables as alternative
to PEM, to avoid newline mangling issues when using PEM in header
values.

* modules/ssl/ssl_private.h (SSL_OPT_EXPORTCB64DATA): New constant.

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_data):
  New function, replacing ssl_var_lookup_ssl_cert_PEM.
  (ssl_var_lookup_ssl): Use it, and add _B64CERT variants of
  SSL_{CLIENT,SERVER}_CERT.
  (ssl_var_lookup_ssl_cert_chain): Use it.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLOptions): Support
  "ExportBase64CertData" argument.

* modules/ssl/ssl_engine_kernel.c (extract_to_env): New function.
  (ssl_hook_Fixup): Use it, also export _B64CERT variables if
  SSL_OPT_EXPORTCB64DATA is set; simplify the client cert chain
  handling.

PR: 65169
Reviewed by: michaelo
Github: closes #177

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1887811 13f79535-47bb-0310-9956-ffa450edef68

changes-entries/pr65169.txt	[new file with mode: 0644]	blob
modules/ssl/ssl_engine_config.c		diff \| blob \| blame \| history
modules/ssl/ssl_engine_kernel.c		diff \| blob \| blame \| history
modules/ssl/ssl_engine_vars.c		diff \| blob \| blame \| history
modules/ssl/ssl_private.h		diff \| blob \| blame \| history