Add exec: callout support for mod_session_crypto

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1524079 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 31 insertions, 1 deletions

diff --git a/modules/session/mod_session_crypto.c b/modules/session/mod_session_crypto.c
index 03dbba61d6..984a048762 100644
--- a/modules/session/mod_session_crypto.c
+++ b/modules/session/mod_session_crypto.c
@@ -534,11 +534,41 @@ static const char *set_crypto_driver(cmd_parms * cmd, void *config, const char *
 
 static const char *set_crypto_passphrase(cmd_parms * cmd, void *config, const char *arg)
 {
+    int arglen = strlen(arg);
+    char **argv;
+    char *result;
     const char **passphrase;
     session_crypto_dir_conf *dconf = (session_crypto_dir_conf *) config;
 
     passphrase = apr_array_push(dconf->passphrases);
-    *passphrase = arg;
+
+    if ((arglen > 5) && strncmp(arg, "exec:", 5) == 0) {
+        if (apr_tokenize_to_argv(arg+5, &argv, cmd->temp_pool) != APR_SUCCESS) {
+            return apr_pstrcat(cmd->pool,
+                               "Unable to parse exec arguments from ",
+                               arg+5, NULL);
+        }
+        argv[0] = ap_server_root_relative(cmd->temp_pool, argv[0]);
+
+        if (!argv[0]) {
+            return apr_pstrcat(cmd->pool,
+                               "Invalid SessionCryptoPassphrase exec location:",
+                               arg+5, NULL);
+        }
+        result = ap_get_exec_line(cmd->pool,
+                                  (const char*)argv[0], (const char * const *)argv);
+
+        if(!result) {
+            return apr_pstrcat(cmd->pool,
+                               "Unable to get bind password from exec of ",
+                               arg+5, NULL);
+        }
+        *passphrase = result;
+    }
+    else {
+        *passphrase = arg;
+    }
+
     dconf->passphrases_set = 1;
 
     return NULL;