git.ipfire.org Git - thirdparty/apache/httpd.git/commit

author	Kaspar Brand <kbrand@apache.org>
	Sat, 23 Nov 2013 13:03:25 +0000 (13:03 +0000)
committer	Kaspar Brand <kbrand@apache.org>
	Sat, 23 Nov 2013 13:03:25 +0000 (13:03 +0000)
commit	e7dc6dd3f4cea392c1dab2d22429fe35b2b82011
tree	c1eebe585fd5805b89d8e609327d867e17a76349	tree \| snapshot
parent	7d402a24ec566ccdd342be80ab35652f0f125265	commit \| diff

Remove SSLPKCS7CertificateFile support:

- was never documented, so very unlikely that it was ever used

- adds complexity without apparent benefit; PKCS#7 files can
  be trivially converted to a file for use with SSLCertificateChainFile
  (concatenated X509 CERTIFICATE chunks, openssl pkcs7 -print_certs...)

- only supports PKCS7 files with PEM encoding, i.e. relies on a
  non-standardized PEM header (cf. RFC 2315 and draft-josefsson-pkix-textual)

- issues pointed out in http://mail-archives.apache.org/mod_mbox/httpd-dev/200607.mbox/%3C20060723093125.GA19423@redhat.com%3E
  were never fully addressed (cf. r424707 and r424735)

- has never worked in vhost context due to a cfgMergeString
  call missing from modssl_ctx_cfg_merge

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1544784 13f79535-47bb-0310-9956-ffa450edef68

docs/STATUS		diff \| blob \| blame \| history
modules/ssl/mod_ssl.c		diff \| blob \| blame \| history
modules/ssl/ssl_engine_config.c		diff \| blob \| blame \| history
modules/ssl/ssl_engine_init.c		diff \| blob \| blame \| history
modules/ssl/ssl_engine_pphrase.c		diff \| blob \| blame \| history
modules/ssl/ssl_private.h		diff \| blob \| blame \| history
modules/ssl/ssl_util.c		diff \| blob \| blame \| history