From ae46c54ae785aabba43610d8a210c05d9600dfa4 Mon Sep 17 00:00:00 2001 From: Jim Jagielski Date: Tue, 11 Dec 2018 14:14:40 +0000 Subject: [PATCH] Merge r1830816, r1830836, r1842882, r1842884 from trunk: * modules/ssl: Add some missing logno tags. * modules/ssl/ssl_engine_pphrase.c (ssl_load_encrypted_pkey): Simplify code, no functional change. * modules/slotmem/mod_slotmem_shm.c (restore_slotmem): Remove redundant assignment (clang warning), the apr_file_eof(fp)=>APR_EOF case assigns rv to APR_EOF and then to APR_SUCCESS after already. * modules/mappers/mod_negotiation.c (set_language_quality): Remove redundant branch (warning from Coverity). Submitted by: jorton Reviewed by: jailletc36, icing, jorton, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1848685 13f79535-47bb-0310-9956-ffa450edef68 --- STATUS | 12 ------------ modules/mappers/mod_negotiation.c | 3 --- modules/slotmem/mod_slotmem_shm.c | 1 - modules/ssl/ssl_engine_init.c | 2 +- modules/ssl/ssl_engine_kernel.c | 4 ++-- modules/ssl/ssl_engine_pphrase.c | 17 ++++++----------- 6 files changed, 9 insertions(+), 30 deletions(-) diff --git a/STATUS b/STATUS index 2b23806d9f1..7ec7e620959 100644 --- a/STATUS +++ b/STATUS @@ -126,18 +126,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - *) Easy patches: synch 2.4.x and trunk - - mod_ssl: Add some missing logno tags. - - mod_ssl: Simplify code, no functional change - - mod_slotmem_shm: Fix clang warning - - mod_negotiation: Remove redundant branch (warning from Coverity). - trunk patch: http://svn.apache.org/r1830816 - http://svn.apache.org/r1830836 - http://svn.apache.org/r1842882 - http://svn.apache.org/r1842884 - 2.4.x patch: svn merge -c 1830816,1830836,1842882,1842884 ^/httpd/httpd/trunk . - +1: jailletc36, icing, jorton, jim - *) core: Fix incorrect substitution of env vars in directives containing multiple env vars. In ap_resolve_env(), the string returned from getenv() should be copied since the returned string may be diff --git a/modules/mappers/mod_negotiation.c b/modules/mappers/mod_negotiation.c index da68353fe78..3f04d83ddf0 100644 --- a/modules/mappers/mod_negotiation.c +++ b/modules/mappers/mod_negotiation.c @@ -1550,9 +1550,6 @@ static void set_language_quality(negotiation_state *neg, var_rec *variant) if (!neg->dont_fiddle_headers) { variant->lang_quality = neg->default_lang_quality; } - if (!neg->accept_langs) { - return; /* no accept-language header */ - } return; } else { diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c index 7dffef19fce..6dda8f65fec 100644 --- a/modules/slotmem/mod_slotmem_shm.c +++ b/modules/slotmem/mod_slotmem_shm.c @@ -214,7 +214,6 @@ static apr_status_t restore_slotmem(sharedslotdesc_t *desc, if (rv == APR_SUCCESS) { rv = apr_file_read_full(fp, ptr, nbytes, NULL); if (rv == APR_SUCCESS || rv == APR_EOF) { - rv = APR_SUCCESS; /* for successful return @ EOF */ /* * if at EOF, don't bother checking md5 * - backwards compatibility diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 753ed4b3a96..18d18c691fc 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -923,7 +923,7 @@ static apr_status_t ssl_init_ctx_cipher_suite(server_rec *s, #if SSL_HAVE_PROTOCOL_TLSV1_3 if (mctx->auth.tls13_ciphers && !SSL_CTX_set_ciphersuites(ctx, mctx->auth.tls13_ciphers)) { - ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO() + ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(10127) "Unable to configure permitted TLSv1.3 ciphers"); ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s); return ssl_die(s); diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 62d5539e829..81c0f63d2ca 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1125,7 +1125,7 @@ static int ssl_hook_Access_modern(request_rec *r, SSLSrvConfigRec *sc, SSLDirCon : sc->server->auth.verify_depth; if (sslconn->verify_depth < n) { change_vmode = TRUE; - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO() + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(10128) "Reduced client verification depth will " "force renegotiation"); } @@ -1144,7 +1144,7 @@ static int ssl_hook_Access_modern(request_rec *r, SSLSrvConfigRec *sc, SSLDirCon return HTTP_FORBIDDEN; } - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO() "verify client post handshake"); + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10129) "verify client post handshake"); SSL_set_verify(ssl, vmode_needed, ssl_callback_SSLVerify); diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c index 4099864fe57..8c294438161 100644 --- a/modules/ssl/ssl_engine_pphrase.c +++ b/modules/ssl/ssl_engine_pphrase.c @@ -145,7 +145,6 @@ apr_status_t ssl_load_encrypted_pkey(server_rec *s, apr_pool_t *p, int idx, ssl_asn1_t *asn1; unsigned char *ucp; long int length; - BOOL bReadable; int nPassPhrase = (*pphrases)->nelts; int nPassPhraseRetry = 0; apr_time_t pkey_mtime = 0; @@ -222,16 +221,12 @@ apr_status_t ssl_load_encrypted_pkey(server_rec *s, apr_pool_t *p, int idx, * is not empty. */ ERR_clear_error(); - bReadable = ((pPrivateKey = modssl_read_privatekey(ppcb_arg.pkey_file, - NULL, ssl_pphrase_Handle_CB, &ppcb_arg)) != NULL ? - TRUE : FALSE); - - /* - * when the private key file now was readable, - * it's fine and we go out of the loop - */ - if (bReadable) - break; + pPrivateKey = modssl_read_privatekey(ppcb_arg.pkey_file, NULL, + ssl_pphrase_Handle_CB, &ppcb_arg); + /* If the private key was successfully read, nothing more to + do here. */ + if (pPrivateKey != NULL) + break; /* * when we have more remembered pass phrases -- 2.47.3