Re: svn commit: r1685052 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c

Fri, 12 Jun 2015 05:12:07 -0700 

On Fri, Jun 12, 2015 at 5:07 AM, <yla...@apache.org> wrote:

> Author: ylavic
> Date: Fri Jun 12 09:07:34 2015
> New Revision: 1685052
>
> URL: http://svn.apache.org/r1685052
> Log:
> mod_ssl: Warn about deprecated SSLCertificateChainFile once at startup,
> on first usage only.
>
> Modified:
>     httpd/httpd/trunk/CHANGES
>     httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
>
> Modified: httpd/httpd/trunk/CHANGES
> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1685052&r1=1685051&r2=1685052&view=diff
>
> ==============================================================================
> --- httpd/httpd/trunk/CHANGES [utf-8] (original)
> +++ httpd/httpd/trunk/CHANGES [utf-8] Fri Jun 12 09:07:34 2015
> @@ -1,6 +1,9 @@
>                                                           -*- coding:
> utf-8 -*-
>  Changes with Apache 2.5.0
>
> +  *) mod_ssl: Warn about deprecated SSLCertificateChainFile once at
> startup,
> +     on first usage only.  [Yann Ylavic]
> +
>    *) mod_substitute: Fix configuraton merge order.
>       PR 57641 [<Marc.Stern approach.be>]
>
>
> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=1685052&r1=1685051&r2=1685052&view=diff
>
> ==============================================================================
> --- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original)
> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Fri Jun 12 09:07:34
> 2015
> @@ -839,13 +839,22 @@ const char *ssl_cmd_SSLCertificateChainF
>                                              const char *arg)
>  {
>      SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
> +    void *once = NULL;
>      const char *err;
>
> -    ap_log_error(APLOG_MARK, APLOG_WARNING|APLOG_STARTUP, 0, NULL,
> -                 APLOGNO(02559)
> -                 "The SSLCertificateChainFile directive (%s:%d) is
> deprecated, "
> -                 "SSLCertificateFile should be used instead",
> -                 cmd->directive->filename, cmd->directive->line_num);
> +    apr_pool_userdata_get(&once, "ssl_cmd_SSLCertificateChainFile",
> +                          ap_pglobal);
> +    if (!once) {
> +        ap_log_error(APLOG_MARK, APLOG_WARNING|APLOG_STARTUP, 0, NULL,
> +                     APLOGNO(02559)
> +                     "The SSLCertificateChainFile directive (%s:%d) is "
> +                     "deprecated, SSLCertificateFile should be used
> instead",
> +                     cmd->directive->filename, cmd->directive->line_num);
> +
> +        apr_pool_userdata_set("ssl_cmd_SSLCertificateChainFile",
> +                              apr_pstrdup(ap_pglobal, "1"), NULL,
> +                              ap_pglobal);
> +    }
>
> IMHO the  ap_retained_data_get/create APIs make this "nicer" than this
older pattern.

    retained = ap_retained_data_get(userdata_key);
    if (!retained) {
        retained = ap_retained_data_create(userdata_key, sizeof(*retained))



     if ((err = ssl_cmd_check_file(cmd, &arg))) {
>          return err;
>
>
>


-- 
Born in Roswell... married an alien...
http://emptyhammock.com/

Reply via email to