On Mon, Oct 21, 2013 at 5:45 AM, Dr Stephen Henson
shen...@opensslfoundation.com wrote:
On 21/10/2013 05:09, Trevor Perrin wrote:
Seems like a lot of work. For example, how would the generic
SSLConfCmd commands get hooked-up with passphrase handling for the key
files?
BTW I've just added
On 22/10/2013 20:14, Trevor Perrin wrote:
On Mon, Oct 21, 2013 at 5:45 AM, Dr Stephen Henson
shen...@opensslfoundation.com wrote:
On 21/10/2013 05:09, Trevor Perrin wrote:
BTW I've just added some experimental code to the OpenSSL master branch. It
adds
key/certificate support to SSL_CONF
On Mon, Oct 21, 2013 at 2:30 AM, n...@apache.org wrote:
Author: niq
Date: Mon Oct 21 00:30:26 2013
New Revision: 1534015
URL: http://svn.apache.org/r1534015
Log:
Fix r55670. Not a great idea to dereference process after pool destroy!
Modified:
httpd/httpd/trunk/server/main.c
On Oct 22, 2013 5:14 PM, Yann Ylavic ylavic@gmail.com wrote:
Shouldn't this be safe from terminal controls, eg :
const char *name = process-short_name;
if (!name ||
!*name ||
ap_has_cntrl(name)) {
name = httpd;
}
?
No. You are thinking of untrusted user input.
On 10/20/13 5:31 AM, Ruediger Pluem wrote:
Can't we use apr_psprintf with %pm instead of the constant length buffer
char [120]?
Done in r1534895, r1534896 and r1534914.