Upstream tarball 2.2.13upstream/2.2.13

author: Stefan Fritsch <sf@sfritsch.de> 2011-12-27 19:42:39 +0100
committer: Stefan Fritsch <sf@sfritsch.de> 2011-12-27 19:42:39 +0100
commit: 6a3ba4eb1e9c7d7e07529543117d79ac01af20f5 (patch)
tree: fb5c30ec79d5d0581e9519859f9b8cbc32756803 /modules
parent: ad14e19ad0400e289b06fb7728aea815e6ed49be (diff)
download: apache2-6a3ba4eb1e9c7d7e07529543117d79ac01af20f5.tar.gz
5 files changed, 14 insertions, 13 deletions
diff --git a/modules/generators/mod_cgid.c b/modules/generators/mod_cgid.c
index 99ae84b5..6f39ff66 100644
--- a/modules/generators/mod_cgid.c
+++ b/modules/generators/mod_cgid.c
@@ -203,7 +203,7 @@ static char **create_argv(apr_pool_t *p, char *path, char *user, char *group,
     char *w;
     int idx = 0;
 
-    if (ap_strchr_c(args, '=')) {
+    if (!(*args) || ap_strchr_c(args, '=')) {
         numwords = 0;
     }
     else {
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 4c11208a..17a9c86d 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -573,7 +573,7 @@ static void ssl_init_ctx_verify(server_rec *s,
             ssl_die();
         }
 
-        SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list);
+        SSL_CTX_set_client_CA_list(ctx, ca_list);
     }
 
     /*
@@ -581,7 +581,7 @@ static void ssl_init_ctx_verify(server_rec *s,
      * should take place. This cannot work.
      */
     if (mctx->auth.verify_mode == SSL_CVERIFY_REQUIRE) {
-        ca_list = (STACK_OF(X509_NAME) *)SSL_CTX_get_client_CA_list(ctx);
+        ca_list = SSL_CTX_get_client_CA_list(ctx);
 
         if (sk_X509_NAME_num(ca_list) == 0) {
             ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
@@ -1115,7 +1115,8 @@ static int ssl_init_FindCAList_X509NameCmp(char **a, char **b)
     return(X509_NAME_cmp((void*)*a, (void*)*b));
 }
 #else
-static int ssl_init_FindCAList_X509NameCmp(X509_NAME **a, X509_NAME **b)
+static int ssl_init_FindCAList_X509NameCmp(const X509_NAME * const *a, 
+                                           const X509_NAME * const *b)
 {
     return(X509_NAME_cmp(*a, *b));
 }
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 17bf9353..15186209 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -222,7 +222,7 @@ int ssl_hook_Access(request_rec *r)
     X509_STORE *cert_store = NULL;
     X509_STORE_CTX cert_store_ctx;
     STACK_OF(SSL_CIPHER) *cipher_list_old = NULL, *cipher_list = NULL;
-    SSL_CIPHER *cipher = NULL;
+    const SSL_CIPHER *cipher = NULL;
     int depth, verify_old, verify, n;
 
     if (ssl) {
@@ -668,7 +668,7 @@ int ssl_hook_Access(request_rec *r)
                  * sk_X509_shift-ed the peer cert out of the chain.
                  * we put it back here for the purpose of quick_renegotiation.
                  */
-                cert_stack = sk_new_null();
+                cert_stack = sk_X509_new_null();
                 sk_X509_push(cert_stack, MODSSL_PCHAR_CAST cert);
             }
 
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 4bbe375b..7833f14a 100644
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -628,7 +628,7 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var)
     ssl_var_lookup_ssl_cipher_bits(ssl, &usekeysize, &algkeysize);
 
     if (ssl && strEQ(var, "")) {
-        SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
+        const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
         result = (cipher != NULL ? (char *)SSL_CIPHER_get_name(cipher) : NULL);
     }
     else if (strcEQ(var, "_EXPORT"))
@@ -649,7 +649,7 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var)
 
 static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize)
 {
-    SSL_CIPHER *cipher;
+    const SSL_CIPHER *cipher;
 
     *usekeysize = 0;
     *algkeysize = 0;
diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c
index 1b5df13b..a06b6504 100644
--- a/modules/ssl/ssl_util_ssl.c
+++ b/modules/ssl/ssl_util_ssl.c
@@ -294,7 +294,7 @@ BOOL SSL_X509_isSGC(X509 *cert)
 #ifdef HAVE_SSL_X509V3_EXT_d2i
     X509_EXTENSION *ext;
     int ext_nid;
-    STACK *sk;
+    EXTENDED_KEY_USAGE *sk;
     BOOL is_sgc;
     int idx;
     int i;
@@ -303,9 +303,9 @@ BOOL SSL_X509_isSGC(X509 *cert)
     idx = X509_get_ext_by_NID(cert, NID_ext_key_usage, -1);
     if (idx >= 0) {
         ext = X509_get_ext(cert, idx);
-        if ((sk = (STACK *)X509V3_EXT_d2i(ext)) != NULL) {
-            for (i = 0; i < sk_num(sk); i++) {
-                ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_value(sk, i));
+        if ((sk = (EXTENDED_KEY_USAGE *)X509V3_EXT_d2i(ext)) != NULL) {
+            for (i = 0; i < sk_ASN1_OBJECT_num(sk); i++) {
+                ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_ASN1_OBJECT_value(sk, i));
                 if (ext_nid == NID_ms_sgc || ext_nid == NID_ns_sgc) {
                     is_sgc = TRUE;
                     break;
@@ -467,7 +467,7 @@ int SSL_CTX_use_certificate_chain(
     X509 *x509;
     unsigned long err;
     int n;
-    STACK *extra_certs;
+    STACK_OF(X509) *extra_certs;
 
     if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
         return -1;
author	Stefan Fritsch <sf@sfritsch.de>	2011-12-27 19:42:39 +0100
committer	Stefan Fritsch <sf@sfritsch.de>	2011-12-27 19:42:39 +0100
commit	6a3ba4eb1e9c7d7e07529543117d79ac01af20f5 (patch)
tree	fb5c30ec79d5d0581e9519859f9b8cbc32756803 /modules
parent	ad14e19ad0400e289b06fb7728aea815e6ed49be (diff)
download	apache2-6a3ba4eb1e9c7d7e07529543117d79ac01af20f5.tar.gz