mod_ssl_ct needs a per-vhost module config even if a vhost doesn't contain mod_ssl_ct's own directives, because the module config needs to represent that vhost's certificates. PR: 57533

Provide separate SSL_CT_*_STATUS variables for client vs. proxy connections, courtesy of a new flag passed from mod_ssl on its pre_connection "optional hook."

Fix extraction of an SCT list from a stapled OCSP response. The hard-coded 2 byte offset to get to the list (in lieu of the proper logic) didn't survive the addition of the SCT from an additional log.

Style ('{' on same line as function definition)

mod_ssl_ct: Work with current Certificate Transparency tools (e.g., as of certificate-transparency commit 3f03188fe89974d45345fddee64a8227bd2ec26a) The interface to the "ct" tool now requires the log's URL and public key, resulting in a bit of refactoring in the module.

Adjust Certificate Transparency support (mod_ssl_ct) to build with/require OpenSSL 1.0.2 Beta 3. Update notes on missing OpenSSL documentation. Submitted by: ben (the primary changes), trawick

Add message numbers to mod_ssl_ct messages with severity > debug.

APR_THREAD_FUNC decorator needed for 32-bit builds on Windows

Fix duplicate APLOGNO

allow operation without any logs configured or without the log client tool configured this supports configurations where SCTs are managed by the admin or by some other infrastructure

ensure that the post-config hook runs after that of mod_ssl (mod_ssl_ct looks for stuff that should have been found while mod_ssl ran)

Add module mod_ssl_ct, which provides an implementation of Certificate Transparency (RFC 6962) for httpd. mod_ssl_ct requires OpenSSL 1.0.2 (in beta) and must be explicitly enabled via configure. Note that support/ctauditscts is purposefully not installed; it does not properly function due to a dependency on a certificate-transparency open source project tool which itself is not sufficiently complete at this time.