Changeset eced11a in mod_gnutls


Ignore:
Timestamp:
May 16, 2018, 1:19:05 PM (2 years ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
debian/master, master, proxy-ticket
Children:
3358887
Parents:
92b5f4d
Message:

Remove server variable ocsp_cache_enable

There is no need to explicitly disable the OCSP cache: It will be used
if OCSP stapling is enabled, and not used otherwise.

Files:
3 edited

Legend:

Unmodified
Added
Removed
  • include/mod_gnutls.h.in

    r92b5f4d reced11a  
    182182    /* Mutex to prevent parallel OCSP requests */
    183183    apr_global_mutex_t *ocsp_mutex;
    184     /* Enable OCSP cache */
    185     unsigned char ocsp_cache_enable : 2;
    186184    /* Internal OCSP cache data */
    187185    mgs_cache_t ocsp_cache;
  • src/gnutls_config.c

    r92b5f4d reced11a  
    626626    {
    627627        if (enable == GNUTLS_ENABLED_FALSE)
    628         {
    629             /* TODO: Should this return an error like "use
    630              * GnuTLSOCSPStapling off if you want to disable OCSP
    631              * stapling"? */
    632             sc->ocsp_cache_enable = GNUTLS_ENABLED_FALSE;
    633             return NULL;
    634         }
    635         sc->ocsp_cache_enable = GNUTLS_ENABLED_TRUE;
     628            return "\"GnuTLSOCSPCache none\" is invalid, use "
     629                "\"GnuTLSOCSPStapling off\" if you want to disable "
     630                "OCSP stapling.";
    636631        cache = &sc->ocsp_cache;
    637632    }
     
    907902    sc->ocsp_response_file = NULL;
    908903    sc->ocsp_mutex = NULL;
    909     sc->ocsp_cache_enable = GNUTLS_ENABLED_UNSET;
    910904    sc->ocsp_cache = NULL;
    911905    sc->ocsp_cache_time = MGS_TIMEOUT_UNSET;
  • src/gnutls_hooks.c

    r92b5f4d reced11a  
    635635        if (sc->cache_timeout == MGS_TIMEOUT_UNSET)
    636636            sc->cache_timeout = sc_base->cache_timeout;
    637         sc->ocsp_cache_enable = sc_base->ocsp_cache_enable;
    638637        sc->ocsp_cache = sc_base->ocsp_cache;
    639638
     
    787786    }
    788787
    789     if (sc->ocsp_cache_enable == GNUTLS_ENABLED_TRUE)
     788    if (sc->ocsp_cache != NULL)
    790789    {
    791790        rv = mgs_cache_child_init(p, s, sc->ocsp_cache,
Note: See TracChangeset for help on using the changeset viewer.