Checkout Tools
  • last updated 1 hour ago
Constraints: committers
Constraints: files
Constraints: dates

Changeset 1864209 is being indexed.

Merge of r1863635 from trunk:

*) md_crypt: Wrap get_ct_scts_nid(void) definition to avoid unused function error

when building in maintainer mode. [jim]

  1. … 2 more files in changeset.
Merged /httpd/httpd/trunk:r1864153

Fix unnecessary redefinition of AP_ENABLE_EXCEPTION_HOOK. [Eric Covener]

  1. … 1 more file in changeset.

update to mod_md 2.0

mod_md v2.0.8: synching wiht github release.

mod_md: adapting to the latest mod_ssk hook changes.

  1. … 1 more file in changeset.
fixing a signedness conversion warning
Merged /httpd/httpd/trunk:r1861448,1862013,1862041,1862052,1862785

*) mod_md: new features

- supports the ACMEv2 protocol

- new challenge method 'tls-alpn-01' implemented, needs mod_ssl patch to become available

- supports command configuration to setup/teardown 'dns-01' challenges

- supports wildcard certificates when dns challenges are configured

- ACMEv2 is the new default and will be used on the next certificate renewal,

unless another MDCertificateAuthority is configured

- challenge type 'tls-sni-01' has been removed as CAs do not offer this any longer

- a domain exposes its status at https://<domain>/.httpd/certificate-status

- Managed Domains are now in Apache's 'server-status' page

- A new handler 'md-status' exposes verbose status information in JSON format

- new directives "MDCertificateFile" and "MDCertificateKeyFile" to configure a

Managed Domain that uses static files. Auto-renewal is turned off for those.

- new MDMessageCmd that is invoked on several events: 'renewed', 'expiring' and

'errored'. New 'MDWarnWindow' directive to configure when expiration warnings

shall be issued.

- ACMEv2 endpoints use the GET via empty POST way of accessing resources, see

announcement by Let's Encrypt:

  1. … 39 more files in changeset.
Merged /httpd/httpd/trunk:r1856297

*) mod_md: Store permissions are enforced on file creation, enforcing restrictions in

spite of umask. Fixes <>. [Stefan Eissing]

  1. … 2 more files in changeset.
Merge r1486027, r1828909, r1839249, r1842888, r1844343, r1846651 from trunk:

Clarify the existing behavior.

* modules/generators/mod_info.c: Constify fixed tables and mark

module-private global variables static. No functional change.

Axe an old and apparently out-dated comment.

There is a typo in the comment.

HN_UPDATE_SEC has been renamed HM_UPDATE_SEC.

The TODO seems to have been taken into account in r759862.

* modules/filters/mod_deflate.c

(deflate_out_filter): Fix typo setting output note. (Coverity warning)

(deflate_in_filter): Fix redundant assignment. (clang warning)

* modules/md/md_acme_authz.c (md_acme_authz_update): Fix typo in log


* modules/dav/main/mod_dav.c (dav_method_propfind): Tag the scratchpool.

Submitted by: minfrin, jorton, jailletc36

Reviewed by: jailletc36, icing, jorton

  1. … 6 more files in changeset.
Merge r1850834 from trunk:

* modules/md/md_acme_drive.c (acme_driver_init):

Remove written-but-not-read variable (gcc 8.x warning).

Submitted by: jorton

Reviewed by: jailletc36, jim, ylavic

Merge of r1830747 from trunk:

mod_md: Don't export all symbols on Unix (reduces .so size by ~8%) [jorton]

  1. … 2 more files in changeset.
Merge of r1849174 from trunk:

*) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges

have been fixed. [Michael Kaufmann, Stefan Eissing]

  1. … 2 more files in changeset.
On the 2.4.x branch:

backport of r1837357 from trunk.

*) mod_md: When the last domain name from an MD is moved to another one,

that now empty MD gets moved to the store archive. PR 62572.

  1. … 2 more files in changeset.
On the 2.4.x branch:

merge r1836095 from trunk:

* using the, hopefully correct, ever elusive libressl version numbering check for the new openssl API calls, fixes PR 62548.

  1. … 1 more file in changeset.
On the 2.4.x branch:

backport of current mod_md version and documentation.

  1. … 2 more files in changeset.
Merge r1826973 from trunk:

mod_md: Fix compilation with OpenSSL before version 1.0.2.

Symbol ASN1_TIME_diff is only available for 1.0.2+,

but luckily alternative code we can use is already

available, originally written for the LibreSSL case.

Submitted by: rjung

Reviewed by: rjung, ylavic, jim

  1. … 3 more files in changeset.
Merge r1826686 from trunk:

Instrument 'md_log_perror' and fix corresponding errors reported by gcc.

Submitted by: jailletc36

Reviewed by: jailletc36, ylavic, covener

  1. … 1 more file in changeset.
On the 2.4.x branch:

mod_md: merged copyright de-advertisements.

  1. … 23 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/branches/2.4.x-mod_md:r1816423-1821089

Merged /httpd/httpd/trunk:r1804530-1804531,1804542,1804545,1804671,1804759,1804787,1804975,1805180,1805192,1805194,1805256,1805294,1805373,1806939,1807228,1807347,1807577,1807593,1807774,1807777,1808005,1808092,1808100,1808241-1808243,1808249,1808444,1809719,1809888,1810723,1811082,1811812,1812193,1812517-1812518,1812999,1813642,1814720,1814939,1815005,1815078,1815264,1815370,1815483,1816055,1816154,1816156,1816552,1816558,1816970,1817023,1817777,1817785,1818120,1818122,1818308,1818725,1818792,1818849

Merged mod_md from trunk via 2.4.x-mod_md branch.

  1. … 14 more files in changeset.