Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: mod_sslcrl issue - windows/linux differences |
|
| Author |
|
slaklu
Joined: 06 Oct 2014
Posts: 8
|
 Posted: Mon 06 Oct '14 16:35 Post subject: mod_sslcrl issue - windows/linux differences |
 |
|
I have successfully compiled on windows mod_sslcrl apache module: (http://opensource.adnovum.ch/mod_sslcrl/) which can handle online CRL files. The module works, but only partially. For comparison, I used linux version which doesn't have that problem. The problem is that windows module version doesn't block all certificates when downloaded CRL file is expired.
I have debug the code and it seems that some internal date structure are correctly filled on linux version but not on windows, ie. inside function:
| Code: |
static int sslcrl_check_chain(request_rec *r, sslcrl_config_t *sconf, X509 *cert) {
...
for(i = 0; i < apr_table_elts(sconf->chains)->nelts; i++) {
...
}
...
}
|
The size of apr_table_elts(sconf->chains)->nelts equals 1 on linux but 0 on windows. So on windows, the loop will never execute. The sconf field is filled based on request data.
Does anyone have an idea why it behaves this way? How to debug it better?
I'm using Apache 2.4.10 win64 VC11 with openssl 1.0.1i/f on Windows 7 and Apache 2.4.7 with openssl 1.0.1f on ubuntu server. |
|
| Back to top |
|
|
|
|
|
|
