diff options
| -rw-r--r-- | CHANGES | 3 | ||||
| -rw-r--r-- | modules/md/md_acme.c | 2 | ||||
| -rw-r--r-- | modules/md/md_acme_authz.c | 2 | ||||
| -rw-r--r-- | modules/md/md_acme_drive.c | 12 | ||||
| -rw-r--r-- | modules/md/md_version.h | 4 |
5 files changed, 17 insertions, 6 deletions
@@ -1,6 +1,9 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.1 + *) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges + have been fixed. [Michael Kaufmann, Stefan Eissing] + *) core: Incorrect values for environment variables are substituted when multiple environment variables are specified in a directive. [Hank Ibell] diff --git a/modules/md/md_acme.c b/modules/md/md_acme.c index f8c1936d73..3fbd365f9c 100644 --- a/modules/md/md_acme.c +++ b/modules/md/md_acme.c @@ -153,6 +153,8 @@ apr_status_t md_acme_setup(md_acme_t *acme) if (acme->new_authz && acme->new_cert && acme->new_reg && acme->revoke_cert) { return APR_SUCCESS; } + md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, 0, acme->p, + "Unable to understand ACME server response. Wrong ACME protocol version?"); rv = APR_EINVAL; } else { diff --git a/modules/md/md_acme_authz.c b/modules/md/md_acme_authz.c index 3ff8405bea..2295745b7b 100644 --- a/modules/md/md_acme_authz.c +++ b/modules/md/md_acme_authz.c @@ -95,7 +95,7 @@ apr_status_t md_acme_authz_set_remove(md_acme_authz_set_t *set, const char *doma int n = i + 1; if (n < set->authzs->nelts) { void **elems = (void **)set->authzs->elts; - memmove(elems + i, elems + n, (size_t)(set->authzs->nelts - n)); + memmove(elems + i, elems + n, (size_t)(set->authzs->nelts - n) * sizeof(*elems)); } --set->authzs->nelts; return APR_SUCCESS; diff --git a/modules/md/md_acme_drive.c b/modules/md/md_acme_drive.c index b5592e69b8..34fd37e091 100644 --- a/modules/md/md_acme_drive.c +++ b/modules/md/md_acme_drive.c @@ -162,7 +162,8 @@ static apr_status_t ad_setup_authz(md_proto_driver_t *d) apr_status_t rv; md_t *md = ad->md; md_acme_authz_t *authz; - int i, changed; + int i; + int changed = 0; assert(ad->md); assert(ad->acme); @@ -186,18 +187,20 @@ static apr_status_t ad_setup_authz(md_proto_driver_t *d) } /* Remove anything we no longer need */ - for (i = 0; i < ad->authz_set->authzs->nelts; ++i) { + for (i = 0; i < ad->authz_set->authzs->nelts;) { authz = APR_ARRAY_IDX(ad->authz_set->authzs, i, md_acme_authz_t*); if (!md_contains(md, authz->domain, 0)) { md_acme_authz_set_remove(ad->authz_set, authz->domain); changed = 1; } + else { + ++i; + } } /* Add anything we do not already have */ for (i = 0; i < md->domains->nelts && APR_SUCCESS == rv; ++i) { const char *domain = APR_ARRAY_IDX(md->domains, i, const char *); - changed = 0; authz = md_acme_authz_set_get(ad->authz_set, domain); if (authz) { /* check valid */ @@ -615,6 +618,7 @@ static apr_status_t acme_driver_init(md_proto_driver_t *d) { md_acme_driver_t *ad; apr_status_t rv = APR_SUCCESS; + int challenges_configured = 0; ad = apr_pcalloc(d->p, sizeof(*ad)); @@ -631,10 +635,12 @@ static apr_status_t acme_driver_init(md_proto_driver_t *d) if (d->challenge) { /* we have been told to use this type */ APR_ARRAY_PUSH(ad->ca_challenges, const char*) = apr_pstrdup(d->p, d->challenge); + challenges_configured = 1; } else if (d->md->ca_challenges && d->md->ca_challenges->nelts > 0) { /* pre-configured set for this managed domain */ apr_array_cat(ad->ca_challenges, d->md->ca_challenges); + challenges_configured = 1; } else { /* free to chose. Add all we support and see what we get offered */ diff --git a/modules/md/md_version.h b/modules/md/md_version.h index 7a3af68d96..58a4afc1b5 100644 --- a/modules/md/md_version.h +++ b/modules/md/md_version.h @@ -27,7 +27,7 @@ * @macro * Version number of the md module as c string */ -#define MOD_MD_VERSION "1.1.17-DEV" +#define MOD_MD_VERSION "1.1.18-DEV" /** * @macro @@ -35,7 +35,7 @@ * release. This is a 24 bit number with 8 bits for major number, 8 bits * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. */ -#define MOD_MD_VERSION_NUM 0x010111 +#define MOD_MD_VERSION_NUM 0x010112 #define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory" |