]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
mod_ssl: Use retained data API for storing private keys across reloads.
authorJoe Orton <jorton@apache.org>
Mon, 4 May 2020 08:32:23 +0000 (08:32 +0000)
committerJoe Orton <jorton@apache.org>
Mon, 4 May 2020 08:32:23 +0000 (08:32 +0000)
commit31dfb9b47658a0aba72ba49a9cc8555edc98f4be
tree8a448286cbf05d14cc0b60c0ef73651d8d72e704
parentdd3b1ab98bf9976468dbda2fc68ae98ddb4068aa
mod_ssl: Use retained data API for storing private keys across reloads.
Allocate SSLModConfigRec from pconf rather than the process pool.

* modules/ssl/ssl_private.h: Add modssl_retained_data_t structure and
  move private key storage here from SSLModConfigRec.  Add retained
  pointer to SSLModConfigRec.

* modules/ssl/ssl_engine_config.c (ssl_config_global_create): Take
  pool argument; allocate SSLModConfigRec from there and
  initialize mc->retained.  SSLModConfigRec no longer cached for the
  process lifetime.
  (ssl_init_Module): Sanity check that sc->mc is correct.
  (ssl_init_server_certs): Use private keys from mc->retained.

* modules/ssl/ssl_engine_pphrase.c
  (privkey_vhost_keyid): Rename from asn1_table_vhost_key and
  update to use the retained structure.
  (ssl_load_encrypted_pkey): Update for above.

* modules/ssl/ssl_engine_init.c (ssl_init_Module): Remove
  (apparently) redundant call to ssl_config_global_create and
  add debug asserts to validate that is safe.

Github: closes #119

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877345 13f79535-47bb-0310-9956-ffa450edef68
modules/ssl/ssl_engine_config.c
modules/ssl/ssl_engine_init.c
modules/ssl/ssl_engine_pphrase.c
modules/ssl/ssl_private.h