-* Fri Sep 15 2009 Andrew McNab <Andrew.McNab@cern.ch>
+* Mon Oct 19 2009 Andrew McNab <Andrew.McNab@cern.ch>
+- Discard X509_V_ERR_INVALID_PURPOSE errors in
+ GRST_callback_SSLVerify_wrapper(), needed by
+ OpenSSL 0.9.8e
+* Thu Sep 17 2009 Andrew McNab <Andrew.McNab@cern.ch>
+- GRSThttpUrlEncode rather than GRSThttpUrlMildencode
+ in mod_gridsite directory listings.
+* Fri Sep 11 2009 Andrew McNab <Andrew.McNab@cern.ch>
- Include GRSTgaclUserFree() memory leak fix in
mod_gridsite_perm_handler() in mod_gridsite.c
* Mon Aug 10 2009 Andrew McNab <Andrew.McNab@cern.ch>
"<td align=right>%R</td><td align=right>%e %b %y</td>",
&mtime_tm);
- encoded = GRSThttpUrlMildencode(namelist[n]->d_name);
+ encoded = GRSThttpUrlEncode(namelist[n]->d_name);
escaped = html_escape(r->pool, namelist[n]->d_name);
if (S_ISDIR(statbuf.st_mode))
}
/*
+ * Skip X509_V_ERR_INVALID_PURPOSE at this stage, since we will check
+ * the full chain using GRSTx509ChainLoadCheck at errdepth=0
+ */
+ if (errnum == X509_V_ERR_INVALID_PURPOSE)
+ {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+ "Skip Invalid Purpose error");
+
+ sslconn->verify_error = NULL;
+ ok = TRUE;
+ errnum = X509_V_OK;
+ X509_STORE_CTX_set_error(ctx, errnum);
+ }
+
+ /*
* New style GSI Proxy handling, with critical ProxyCertInfo
* extension: we use GRSTx509KnownCriticalExts() to check this
*/
git://scientific.zcu.cz / jra1mw.git / commitdiff