On Fri, Jun 12, 2015 at 5:07 AM, <yla...@apache.org> wrote: > Author: ylavic > Date: Fri Jun 12 09:07:34 2015 > New Revision: 1685052 > > URL: http://svn.apache.org/r1685052 > Log: > mod_ssl: Warn about deprecated SSLCertificateChainFile once at startup, > on first usage only. > > Modified: > httpd/httpd/trunk/CHANGES > httpd/httpd/trunk/modules/ssl/ssl_engine_config.c > > Modified: httpd/httpd/trunk/CHANGES > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1685052&r1=1685051&r2=1685052&view=diff > > ============================================================================== > --- httpd/httpd/trunk/CHANGES [utf-8] (original) > +++ httpd/httpd/trunk/CHANGES [utf-8] Fri Jun 12 09:07:34 2015 > @@ -1,6 +1,9 @@ > -*- coding: > utf-8 -*- > Changes with Apache 2.5.0 > > + *) mod_ssl: Warn about deprecated SSLCertificateChainFile once at > startup, > + on first usage only. [Yann Ylavic] > + > *) mod_substitute: Fix configuraton merge order. > PR 57641 [<Marc.Stern approach.be>] > > > Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=1685052&r1=1685051&r2=1685052&view=diff > > ============================================================================== > --- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original) > +++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Fri Jun 12 09:07:34 > 2015 > @@ -839,13 +839,22 @@ const char *ssl_cmd_SSLCertificateChainF > const char *arg) > { > SSLSrvConfigRec *sc = mySrvConfig(cmd->server); > + void *once = NULL; > const char *err; > > - ap_log_error(APLOG_MARK, APLOG_WARNING|APLOG_STARTUP, 0, NULL, > - APLOGNO(02559) > - "The SSLCertificateChainFile directive (%s:%d) is > deprecated, " > - "SSLCertificateFile should be used instead", > - cmd->directive->filename, cmd->directive->line_num); > + apr_pool_userdata_get(&once, "ssl_cmd_SSLCertificateChainFile", > + ap_pglobal); > + if (!once) { > + ap_log_error(APLOG_MARK, APLOG_WARNING|APLOG_STARTUP, 0, NULL, > + APLOGNO(02559) > + "The SSLCertificateChainFile directive (%s:%d) is " > + "deprecated, SSLCertificateFile should be used > instead", > + cmd->directive->filename, cmd->directive->line_num); > + > + apr_pool_userdata_set("ssl_cmd_SSLCertificateChainFile", > + apr_pstrdup(ap_pglobal, "1"), NULL, > + ap_pglobal); > + } > > IMHO the ap_retained_data_get/create APIs make this "nicer" than this older pattern.
retained = ap_retained_data_get(userdata_key); if (!retained) { retained = ap_retained_data_create(userdata_key, sizeof(*retained)) if ((err = ssl_cmd_check_file(cmd, &arg))) { > return err; > > > -- Born in Roswell... married an alien... http://emptyhammock.com/