DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=31383>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31383 OCSP support ------- Additional Comments From [EMAIL PROTECTED] 2004-09-27 09:01 ------- Thanks for the contribution, Marc. A few meta-comments: 1) please attach the source files and patches as-is rather than in a zip file 2) please try and stick to the correct code style: http://httpd.apache.org/dev/styleguide.html 3) ideally the patch should be against HEAD, failing that, the latest stable release (i.e. without the unnecessary FakeBasicAuth fixes already in the tree) >From actual review: a) I'd put the ssl_ocsp.h stuff straight into mod_ssl.h (or ssl_private.h for HEAD) rather than adding a new header b) ssl_ocsp_setProxy and the global variables are not OK. If this needs to be configurable it should be properly configurable... c) use of the X509_get_ext/X509V3_EXT_get/X509V3_EXT_d2i form of retrieving extensions is not encouraged, AIUI: the correct (and simpler) method is to use X509_get_ext_d2i. d) C++/C99 style comments are not portable // establish a connection to the OCSP responder I suppose this also needs to be built conditionally on versions of OpenSSL (>=0.9.7 ?) which support the OCSP stuff. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
