From: Christophe Jaillet Date: Sat, 25 Dec 2021 19:14:30 +0000 (+0000) Subject: Backport CTR changes for mod_tls and /test/* X-Git-Tag: 2.4.53-rc1-candidate~110 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e0dd1f000c1d2985b3e6d40a50efb44339767c61;p=thirdparty%2Fapache%2Fhttpd.git Backport CTR changes for mod_tls and /test/* This is only typo fixes. r1896386 + r1896393 in trunk git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1896395 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/tls/tls_cache.c b/modules/tls/tls_cache.c index 944f471758f..de4be188106 100644 --- a/modules/tls/tls_cache.c +++ b/modules/tls/tls_cache.c @@ -302,7 +302,7 @@ apr_status_t tls_cache_init_server( tls_conf_server_t *sc = tls_conf_server_get(s); if (sc && sc->global->session_cache) { - ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s, "adding session persistance to rustls"); + ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s, "adding session persistence to rustls"); rustls_server_config_builder_set_persistence( builder, tls_cache_get, tls_cache_put); } diff --git a/modules/tls/tls_conf.c b/modules/tls/tls_conf.c index 4de4c5b2c51..a9f27de87a9 100644 --- a/modules/tls/tls_conf.c +++ b/modules/tls/tls_conf.c @@ -745,7 +745,7 @@ const command_rec tls_conf_cmds[] = { AP_INIT_TAKE1("TLSHonorClientOrder", tls_conf_set_honor_client_order, NULL, RSRC_CONF, "Set 'on' to have the server honor client preferences in cipher suites, default off."), AP_INIT_TAKE1("TLSEngine", tls_conf_add_engine, NULL, RSRC_CONF, - "Specify an adress+port where the module shall handle incoming TLS connections."), + "Specify an address+port where the module shall handle incoming TLS connections."), AP_INIT_TAKE_ARGV("TLSOptions", tls_conf_set_options, NULL, OR_OPTIONS, "En-/disables optional features in the module."), AP_INIT_TAKE1("TLSProtocol", tls_conf_set_protocol, NULL, RSRC_CONF, diff --git a/modules/tls/tls_conf.h b/modules/tls/tls_conf.h index a315afba0d6..e924412d548 100644 --- a/modules/tls/tls_conf.h +++ b/modules/tls/tls_conf.h @@ -64,7 +64,7 @@ typedef enum { * and then readonly. */ typedef struct { - server_rec *ap_server; /* the gobal server we initialized on */ + server_rec *ap_server; /* the global server we initialized on */ const char *module_version; const char *crustls_version; @@ -182,4 +182,4 @@ int tls_proxy_section_post_config( apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s, ap_conf_vector_t *section_config); -#endif /* tls_conf_h */ \ No newline at end of file +#endif /* tls_conf_h */ diff --git a/modules/tls/tls_core.c b/modules/tls/tls_core.c index 281ac15b156..38c88730091 100644 --- a/modules/tls/tls_core.c +++ b/modules/tls/tls_core.c @@ -778,7 +778,7 @@ static apr_status_t init_outgoing_connection(conn_rec *c) hostname = apr_table_get(c->notes, "proxy-request-hostname"); alpn_note = apr_table_get(c->notes, "proxy-request-alpn-protos"); ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, c->base_server, - "setup_outgoing: to %s [ALPN: %s] from configration in %s" + "setup_outgoing: to %s [ALPN: %s] from configuration in %s" " using CA %s", hostname, alpn_note, pc->defined_in->server_hostname, pc->proxy_ca); rv = get_proxy_ciphers(&ciphersuites, c->pool, pc); @@ -1185,7 +1185,7 @@ apr_status_t tls_core_conn_seen_client_hello(conn_rec *c) int sni_match = 0; /* The initial rustls generic session has been fed the client hello and - * we have extraced SNI and ALPN values (so present). + * we have extracted SNI and ALPN values (so present). * Time to select the actual server_rec and application protocol that * will be used on this connection. */ ap_assert(cc); diff --git a/modules/tls/tls_core.h b/modules/tls/tls_core.h index 505155c277e..6ee1713b5e8 100644 --- a/modules/tls/tls_core.h +++ b/modules/tls/tls_core.h @@ -118,7 +118,7 @@ void tls_core_conn_bind(conn_rec *c, ap_conf_vector_t *dir_conf); void tls_core_conn_disable(conn_rec *c); /** - * Initialiaze the tls_conf_connt_t for the connection + * Initialize the tls_conf_connt_t for the connection * and decide if TLS is enabled or not. * @return OK if enabled, DECLINED otherwise */ @@ -181,4 +181,4 @@ apr_status_t tls_core_error(conn_rec *c, rustls_result rr, const char **perrstr) */ int tls_core_setup_outgoing(conn_rec *c); -#endif /* tls_core_h */ \ No newline at end of file +#endif /* tls_core_h */ diff --git a/modules/tls/tls_filter.c b/modules/tls/tls_filter.c index ec589a87de4..0ee6be61a23 100644 --- a/modules/tls/tls_filter.c +++ b/modules/tls/tls_filter.c @@ -235,7 +235,7 @@ static apr_status_t filter_recv_client_hello(tls_filter_ctx_t *fctx) bb_tmp = fctx->fin_tls_bb; /* data we have yet to feed to rustls */ fctx->fin_tls_bb = fctx->fin_tls_buffer_bb; /* data we already fed to the pre_session */ fctx->fin_tls_buffer_bb = NULL; - APR_BRIGADE_CONCAT(fctx->fin_tls_bb, bb_tmp); /* all tls data from the cleint so far, reloaded */ + APR_BRIGADE_CONCAT(fctx->fin_tls_bb, bb_tmp); /* all tls data from the client so far, reloaded */ apr_brigade_destroy(bb_tmp); rv = APR_SUCCESS; } @@ -1014,4 +1014,4 @@ void tls_filter_register( (void)pool; ap_register_input_filter(TLS_FILTER_RAW, filter_conn_input, NULL, AP_FTYPE_CONNECTION + 5); ap_register_output_filter(TLS_FILTER_RAW, filter_conn_output, NULL, AP_FTYPE_CONNECTION + 5); -} \ No newline at end of file +} diff --git a/modules/tls/tls_proto.h b/modules/tls/tls_proto.h index ba91a1748f9..a3fe881dbaf 100644 --- a/modules/tls/tls_proto.h +++ b/modules/tls/tls_proto.h @@ -28,7 +28,7 @@ */ typedef struct { apr_uint16_t id; /* IANA 16-bit assigned value as used on the wire */ - const char *name; /* IANA given name of hte cipher */ + const char *name; /* IANA given name of the cipher */ const char *alias; /* Optional, commonly known alternate name */ } tls_cipher_t; @@ -52,19 +52,19 @@ struct tls_proto_conf_t { tls_proto_conf_t *tls_proto_init(apr_pool_t *p, server_rec *s); /** - * Called during pre-config phase to start intialization + * Called during pre-config phase to start initialization * of the tls protocol configuration. */ apr_status_t tls_proto_pre_config(apr_pool_t *pool, apr_pool_t *ptemp); /** - * Called during post-config phase to conclude the intialization + * Called during post-config phase to conclude the initialization * of the tls protocol configuration. */ apr_status_t tls_proto_post_config(apr_pool_t *p, apr_pool_t *ptemp, server_rec *s); /** - * Get the TLS protocol identifer (as used on the wire) for the TLS + * Get the TLS protocol identifier (as used on the wire) for the TLS * protocol of the given name. Returns 0 if protocol is unknown. */ apr_uint16_t tls_proto_get_version_by_name(tls_proto_conf_t *conf, const char *name); @@ -97,7 +97,7 @@ int tls_proto_is_cipher_supported(tls_proto_conf_t *conf, apr_uint16_t cipher); /** * Get the name of a TLS cipher for the IANA assigned 16bit value. This will - * return the name in the protocol configuation, if the cipher is known, and + * return the name in the protocol configuration, if the cipher is known, and * create the string `TLS_CIPHER_0x%04x` for the 16bit cipher value. */ const char *tls_proto_get_cipher_name( @@ -121,4 +121,4 @@ const char *tls_proto_get_cipher_names( apr_array_header_t *tls_proto_get_rustls_suites( tls_proto_conf_t *conf, const apr_array_header_t *ids, apr_pool_t *pool); -#endif /* tls_proto_h */ \ No newline at end of file +#endif /* tls_proto_h */ diff --git a/modules/tls/tls_util.c b/modules/tls/tls_util.c index 639a51c7da6..9eac212815a 100644 --- a/modules/tls/tls_util.c +++ b/modules/tls/tls_util.c @@ -275,7 +275,7 @@ apr_status_t tls_util_brigade_split_line( if (APR_SUCCESS != rv) goto cleanup; apr_brigade_length(dest, 0, &nend); /* apr_brigade_split_line() has the nasty habit of leaving a 0-length bucket - * at the start of the brigade when it transfered the whole content. Get rid of it. + * at the start of the brigade when it transferred the whole content. Get rid of it. */ if (!APR_BRIGADE_EMPTY(src)) { apr_bucket *b = APR_BRIGADE_FIRST(src); diff --git a/modules/tls/tls_util.h b/modules/tls/tls_util.h index 21ed19d47bf..18ae4dff4a3 100644 --- a/modules/tls/tls_util.h +++ b/modules/tls/tls_util.h @@ -82,9 +82,9 @@ const apr_array_header_t *tls_util_array_uint16_remove( /** * Transfer up to bytes from to , including all - * encountered meta data buckets. The transfered buckets/data are + * encountered meta data buckets. The transferred buckets/data are * removed from . - * Return the actual byte count transfered in . + * Return the actual byte count transferred in . */ apr_status_t tls_util_brigade_transfer( apr_bucket_brigade *dest, apr_bucket_brigade *src, apr_off_t length, @@ -154,4 +154,4 @@ do { \ -#endif /* tls_util_h */ \ No newline at end of file +#endif /* tls_util_h */ diff --git a/modules/tls/tls_var.c b/modules/tls/tls_var.c index f35ae63b00a..fa4ae2aed6b 100644 --- a/modules/tls/tls_var.c +++ b/modules/tls/tls_var.c @@ -317,7 +317,7 @@ static void add_vars(apr_table_t *env, conn_rec *c, server_rec *s, request_rec * ctx.c = c; ctx.r = r; ctx.cc = tls_conf_conn_get(c->master? c->master : c); - /* Can we re-use teh precomputed connection values? */ + /* Can we re-use the precomputed connection values? */ overlap = (r && ctx.cc->subprocess_env && r->server == ctx.cc->server); if (overlap) { apr_table_overlap(env, ctx.cc->subprocess_env, APR_OVERLAP_TABLES_SET); @@ -336,7 +336,7 @@ static void add_vars(apr_table_t *env, conn_rec *c, server_rec *s, request_rec * } } else if (overlap && sdc->std_env_vars == TLS_FLAG_TRUE) { - /* Remove variables added on connection init that are disbled here */ + /* Remove variables added on connection init that are disabled here */ for (i = 0; i < TLS_DIM(StdEnvVars); ++i) { apr_table_unset(env, StdEnvVars[i]); } @@ -348,7 +348,7 @@ static void add_vars(apr_table_t *env, conn_rec *c, server_rec *s, request_rec * } } else if (overlap && sdc->std_env_vars == TLS_FLAG_TRUE) { - /* Remove variables added on connection init that are disbled here */ + /* Remove variables added on connection init that are disabled here */ for (i = 0; i < TLS_DIM(ExportCertVars); ++i) { apr_table_unset(env, ExportCertVars[i]); } diff --git a/test/modules/http2/mod_h2test/mod_h2test.c b/test/modules/http2/mod_h2test/mod_h2test.c index b65f1df6f76..63dc28aac43 100644 --- a/test/modules/http2/mod_h2test/mod_h2test.c +++ b/test/modules/http2/mod_h2test/mod_h2test.c @@ -220,7 +220,7 @@ static int h2test_delay_handler(request_rec *r) cleanup: ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, r, - "delay_handler: request cleanup, r->status=%d, aborte=%d", + "delay_handler: request cleanup, r->status=%d, aborted=%d", r->status, c->aborted); if (rv == APR_SUCCESS || r->status != HTTP_OK diff --git a/test/modules/http2/test_004_post.py b/test/modules/http2/test_004_post.py index 3e17b7233b3..1a52623a9a9 100644 --- a/test/modules/http2/test_004_post.py +++ b/test/modules/http2/test_004_post.py @@ -180,7 +180,7 @@ CustomLog logs/test_004_30 issue_203 assert log_h2_full['bytes_rx_I'] > 0 assert log_h2_full['bytes_resp_B'] == full_length assert log_h2_full['bytes_tx_O'] > full_length - assert log_h1['bytes_rx_I'] > 0 # input bytes recieved + assert log_h1['bytes_rx_I'] > 0 # input bytes received assert log_h1['bytes_resp_B'] == chunk # response bytes sent (payload) assert log_h1['bytes_tx_O'] > chunk # output bytes sent assert log_h2['bytes_rx_I'] > 0 diff --git a/test/modules/http2/test_400_push.py b/test/modules/http2/test_400_push.py index 5c62c20857c..1d7410031da 100644 --- a/test/modules/http2/test_400_push.py +++ b/test/modules/http2/test_400_push.py @@ -87,7 +87,7 @@ class TestPush: assert 1 == len(promises) assert '/006/006.js' == promises[0]["request"]["header"][":path"] - # 2 Links, only one with correct rel attribue + # 2 Links, only one with correct rel attribute def test_h2_400_03(self, env): url = env.mkurl("https", "push", "/006-push3.html") r = env.nghttp().get(url) diff --git a/test/modules/md/test_310_conf_store.py b/test/modules/md/test_310_conf_store.py index 69a086ebd92..f2bb9c723ac 100644 --- a/test/modules/md/test_310_conf_store.py +++ b/test/modules/md/test_310_conf_store.py @@ -752,7 +752,7 @@ class TestConf: # setup: drive it r = env.a2md(["-v", "drive", name]) - assert r.exit_code == 0, "drive not successfull: {0}".format(r.stderr) + assert r.exit_code == 0, "drive not successful: {0}".format(r.stderr) assert env.a2md(["list", name]).json['output'][0]['state'] == env.MD_S_COMPLETE # remove one domain -> status stays COMPLETE diff --git a/test/modules/md/test_720_wildcard.py b/test/modules/md/test_720_wildcard.py index c440a0ce231..07d0dcadca3 100644 --- a/test/modules/md/test_720_wildcard.py +++ b/test/modules/md/test_720_wildcard.py @@ -1,4 +1,4 @@ -# test wildcard certifcates +# test wildcard certificates import os import pytest diff --git a/test/modules/md/test_810_ec.py b/test/modules/md/test_810_ec.py index f8480dd4ada..5c310180a85 100644 --- a/test/modules/md/test_810_ec.py +++ b/test/modules/md/test_810_ec.py @@ -90,7 +90,7 @@ class TestAutov2: # use a curve unsupported by LE # only works with mod_ssl as rustls refuses to load such a weak key @pytest.mark.skipif(MDTestEnv.get_ssl_module() != "mod_ssl", reason="only for mod_ssl") - @pytest.mark.skipif(MDTestEnv.get_acme_server() != 'boulder', reason="onyl boulder rejects this") + @pytest.mark.skipif(MDTestEnv.get_acme_server() != 'boulder', reason="only boulder rejects this") def test_md_810_004(self, env): domain = self.test_domain # generate config with one MD diff --git a/test/modules/md/test_920_status.py b/test/modules/md/test_920_status.py index d8b2edea70f..36c520ac94b 100644 --- a/test/modules/md/test_920_status.py +++ b/test/modules/md/test_920_status.py @@ -217,13 +217,13 @@ Protocols h2 http/1.1 acme-tls/1 conf.install() assert env.apache_restart() == 0 assert env.await_completion([domain], restart=False) - # In the stats JSON, we excpect 2 certificates under 'renewal' + # In the stats JSON, we expect 2 certificates under 'renewal' stat = env.get_md_status(domain) assert 'renewal' in stat assert 'cert' in stat['renewal'] assert 'rsa' in stat['renewal']['cert'] assert 'secp256r1' in stat['renewal']['cert'] - # In /.httpd/certificate-status 'renewal' we excpect 2 certificates + # In /.httpd/certificate-status 'renewal' we expect 2 certificates status = env.get_certificate_status(domain) assert 'renewal' in status assert 'cert' in status['renewal'] diff --git a/test/modules/tls/test_03_sni.py b/test/modules/tls/test_03_sni.py index 2873b65fb9c..eda9a33adb2 100644 --- a/test/modules/tls/test_03_sni.py +++ b/test/modules/tls/test_03_sni.py @@ -36,7 +36,7 @@ class TestSni: assert r.exit_code != 0 def test_03_sni_request_other_same_config(self, env): - # do we see the first vhost respone for another domain with different certs? + # do we see the first vhost response for another domain with different certs? r = env.tls_get(env.domain_a, "/index.json", options=[ "-vvvv", "--header", "Host: {0}".format(env.domain_b) ]) @@ -49,7 +49,7 @@ class TestSni: if env.curl_supports_tls_1_3(): # can't do this test then return - # do we see the first vhost respone for an unknown domain? + # do we see the first vhost response for an unknown domain? conf = TlsTestConf(env=env, extras={ env.domain_a: "TLSProtocol TLSv1.2+", env.domain_b: "TLSProtocol TLSv1.3+" diff --git a/test/modules/tls/test_06_ciphers.py b/test/modules/tls/test_06_ciphers.py index 60a5e20b90d..650c0dabeaf 100644 --- a/test/modules/tls/test_06_ciphers.py +++ b/test/modules/tls/test_06_ciphers.py @@ -175,7 +175,7 @@ class TestCiphers: env.apache_restart() def test_06_ciphers_pref_unsupported(self, env): - # a warning on prefering a known, but not supported cipher + # a warning on preferring a known, but not supported cipher env.httpd_error_log.ignore_recent() conf = TlsTestConf(env=env, extras={ env.domain_b: "TLSCiphersPrefer TLS_NULL_WITH_NULL_NULL"