2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/mod_nss.c
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/mod_nss.c
|
|
|
|
+++ mod_nss-1.0.8/mod_nss.c
|
|
|
|
@@ -362,7 +362,7 @@ static int nss_hook_pre_connection(conn_
|
2013-07-11 18:44:28 +02:00
|
|
|
ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server,
|
|
|
|
"Connection to child %ld established "
|
|
|
|
"(server %s, client %s)", c->id, sc->vhost_id,
|
|
|
|
- c->remote_ip ? c->remote_ip : "unknown");
|
|
|
|
+ c->client_ip ? c->client_ip : "unknown");
|
|
|
|
|
|
|
|
mctx = sslconn->is_proxy ? sc->proxy : sc->server;
|
|
|
|
|
2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/mod_nss.h
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/mod_nss.h
|
|
|
|
+++ mod_nss-1.0.8/mod_nss.h
|
|
|
|
@@ -28,7 +28,6 @@
|
|
|
|
#include "mod_ssl.h"
|
2013-07-11 18:44:28 +02:00
|
|
|
#include "util_script.h"
|
|
|
|
#include "util_filter.h"
|
|
|
|
-#include "mpm.h"
|
|
|
|
#include "apr.h"
|
|
|
|
#include "apr_strings.h"
|
|
|
|
#define APR_WANT_STRFUNC
|
2013-08-06 11:34:39 +02:00
|
|
|
@@ -481,7 +480,7 @@ int nss_rand_seed(server_rec *s, apr_poo
|
2013-07-11 18:44:28 +02:00
|
|
|
SECStatus nss_Init_Tokens(server_rec *s);
|
|
|
|
|
|
|
|
/* Logging */
|
|
|
|
-void nss_log_nss_error(const char *file, int line, int level, server_rec *s);
|
|
|
|
+void nss_log_nss_error(const char *file, int line, int module_index, int level, server_rec *s);
|
|
|
|
void nss_die(void);
|
|
|
|
|
|
|
|
/* NSS callback */
|
2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/nss_engine_init.c
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/nss_engine_init.c
|
|
|
|
+++ mod_nss-1.0.8/nss_engine_init.c
|
2013-07-11 18:44:28 +02:00
|
|
|
@@ -15,7 +15,7 @@
|
|
|
|
|
|
|
|
#include "mod_nss.h"
|
|
|
|
#include "apr_thread_proc.h"
|
|
|
|
-#include "ap_mpm.h"
|
|
|
|
+#include "mpm_common.h"
|
|
|
|
#include "secmod.h"
|
|
|
|
#include "sslerr.h"
|
|
|
|
#include "pk11func.h"
|
2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/nss_engine_io.c
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/nss_engine_io.c
|
|
|
|
+++ mod_nss-1.0.8/nss_engine_io.c
|
|
|
|
@@ -620,13 +620,13 @@ static apr_status_t nss_filter_io_shutdo
|
2013-07-11 18:44:28 +02:00
|
|
|
PR_Close(ssl);
|
|
|
|
|
|
|
|
/* log the fact that we've closed the connection */
|
|
|
|
- if (c->base_server->loglevel >= APLOG_INFO) {
|
|
|
|
+ if (c->base_server->log.level >= APLOG_INFO) {
|
|
|
|
ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server,
|
|
|
|
"Connection to child %ld closed "
|
|
|
|
"(server %s, client %s)",
|
|
|
|
c->id,
|
|
|
|
nss_util_vhostid(c->pool, c->base_server),
|
|
|
|
- c->remote_ip ? c->remote_ip : "unknown");
|
|
|
|
+ c->client_ip ? c->client_ip : "unknown");
|
|
|
|
}
|
|
|
|
|
|
|
|
/* deallocate the SSL connection */
|
2013-08-06 11:34:39 +02:00
|
|
|
@@ -1164,7 +1164,7 @@ static PRStatus PR_CALLBACK nspr_filter_
|
2013-07-11 18:44:28 +02:00
|
|
|
filter_ctx = (nss_filter_ctx_t *)(fd->secret);
|
|
|
|
c = filter_ctx->c;
|
|
|
|
|
|
|
|
- return PR_StringToNetAddr(c->remote_ip, addr);
|
|
|
|
+ return PR_StringToNetAddr(c->client_ip, addr);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/nss_engine_kernel.c
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/nss_engine_kernel.c
|
|
|
|
+++ mod_nss-1.0.8/nss_engine_kernel.c
|
|
|
|
@@ -73,7 +73,7 @@ int nss_hook_ReadReq(request_rec *r)
|
2013-07-11 18:44:28 +02:00
|
|
|
/*
|
|
|
|
* Log information about incoming HTTPS requests
|
|
|
|
*/
|
|
|
|
- if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
|
|
|
|
+ if (r->server->log.level >= APLOG_INFO && ap_is_initial_req(r)) {
|
|
|
|
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
|
|
|
|
"%s HTTPS request received for child %ld (server %s)",
|
|
|
|
(r->connection->keepalives <= 0 ?
|
2013-08-06 11:34:39 +02:00
|
|
|
@@ -530,7 +530,7 @@ int nss_hook_Access(request_rec *r)
|
2013-07-11 18:44:28 +02:00
|
|
|
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
|
|
|
|
"Access to %s denied for %s "
|
|
|
|
"(requirement expression not fulfilled)",
|
|
|
|
- r->filename, r->connection->remote_ip);
|
|
|
|
+ r->filename, r->connection->client_ip);
|
|
|
|
|
|
|
|
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
|
|
|
|
"Failed expression: %s", req->cpExpr);
|
2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/nss_engine_log.c
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/nss_engine_log.c
|
|
|
|
+++ mod_nss-1.0.8/nss_engine_log.c
|
|
|
|
@@ -321,7 +321,7 @@ void nss_die(void)
|
2013-07-11 18:44:28 +02:00
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
-void nss_log_nss_error(const char *file, int line, int level, server_rec *s)
|
|
|
|
+void nss_log_nss_error(const char *file, int line, int module_index, int level, server_rec *s)
|
|
|
|
{
|
|
|
|
const char *err;
|
|
|
|
PRInt32 error;
|
2013-08-06 11:34:39 +02:00
|
|
|
@@ -340,7 +340,7 @@ void nss_log_nss_error(const char *file,
|
2013-07-11 18:44:28 +02:00
|
|
|
err = "Unknown";
|
|
|
|
}
|
|
|
|
|
|
|
|
- ap_log_error(file, line, level, 0, s,
|
|
|
|
+ ap_log_error(file, line, module_index, level, 0, s,
|
|
|
|
"SSL Library Error: %d %s",
|
|
|
|
error, err);
|
|
|
|
}
|
2013-08-06 11:34:39 +02:00
|
|
|
Index: mod_nss-1.0.8/nss_engine_vars.c
|
|
|
|
===================================================================
|
|
|
|
--- mod_nss-1.0.8.orig/nss_engine_vars.c
|
|
|
|
+++ mod_nss-1.0.8/nss_engine_vars.c
|
|
|
|
@@ -196,7 +196,7 @@ char *nss_var_lookup(apr_pool_t *p, serv
|
2013-07-11 18:44:28 +02:00
|
|
|
&& sslconn && sslconn->ssl)
|
|
|
|
result = nss_var_lookup_ssl(p, c, var+4);
|
|
|
|
else if (strcEQ(var, "REMOTE_ADDR"))
|
|
|
|
- result = c->remote_ip;
|
|
|
|
+ result = c->client_ip;
|
|
|
|
else if (strcEQ(var, "HTTPS")) {
|
|
|
|
if (sslconn && sslconn->ssl)
|
|
|
|
result = "on";
|
2013-08-06 11:34:39 +02:00
|
|
|
@@ -212,7 +212,7 @@ char *nss_var_lookup(apr_pool_t *p, serv
|
2013-07-11 18:44:28 +02:00
|
|
|
if (strlen(var) > 12 && strcEQn(var, "SSL_VERSION_", 12))
|
|
|
|
result = nss_var_lookup_nss_version(p, var+12);
|
|
|
|
else if (strcEQ(var, "SERVER_SOFTWARE"))
|
|
|
|
- result = (char *)ap_get_server_version();
|
|
|
|
+ result = (char *)ap_get_server_banner();
|
|
|
|
else if (strcEQ(var, "API_VERSION")) {
|
|
|
|
result = apr_psprintf(p, "%d", MODULE_MAGIC_NUMBER);
|
|
|
|
resdup = FALSE;
|