There are a couple of problems with using the SSLPassPhraseDialog
exec:[path] on Apache Win32. There is a simple source fix for on of them,
and a workaround for the other.
Problems defined:
The full executable path is formed by taking the path specified by the
SSLPassPhraseDialog, and if it is not an absolute path preprending the
ServerRoot path. However, NT paths allow spaces in directory names (e.g.,
"Program Files"). Assuming that httpd.conf contains:
SSLPassPhraseDialog exec:bin/pwfilter1.exe
and that Server root is "f:\program files\OpenSA\Apache", then the
executable pathname will be "f:\program
files\OpenSA\Apache\bin/pwfilter1.exe". At the end of all processsing, the
command string passed to CreateProcess is
CMD /C f:\program files\OpenSA\Apache\bin/pwfilter1.exe
However, this fails because of the space in 'program files'. The solution
is to modify file ssl_engine_pphrase.c, line 526 (2.6.3 release) from:
cmd = ap_psprintf(p, "%s %s %s", sc->szPassPhraseDialogPath,
cpVHostID, cpAlgoType);
to
cmd = ap_psprintf(p, "\"%s\" %s %s", sc->szPassPhraseDialogPath,
cpVHostID, cpAlgoType);
This encloses the path in "" such that the spawned process is:
CMD /C "f:\program files\OpenSA\Apache\bin/pwfilter1.exe"
I have verified that this works for the configuration defined above.
However, there still exists a problem where the passphrase filter path is to
be defined as absolute rather than relative to ServerRoot. The parsing of
the SSLPassPhraseDialog directive does not recognize valid Win32 paths, nor
does it allow enclosure of the path with quotes. Therefore it is impossible
to specify an executable located on another drive letter or one that
contains spaces.
regards
Kirk
gee, I'm a real apache hacker these days 8-P
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]