Context Navigation

gnutls_config.c @ 480aba1

Visit:

debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream

Last change on this file since 480aba1 was 480aba1, checked in by Daniel Kahn Gillmor <dkg@…>, 7 years ago

correct context terminology for GnuTLSCache configurations

"global config" is not one of the four standard directive contexts as
seen at:

https://httpd.apache.org/docs/2.2/mod/directive-dict.html#Context

The intent was clearly "server config"

Property mode set to 100644

File size: 19.8 KB

Line
1	/**
2	* Copyright 2004-2005 Paul Querna
3	* Copyright 2008 Nikos Mavrogiannopoulos
4	* Copyright 2011 Dash Shendy
5	*
6	* Licensed under the Apache License, Version 2.0 (the "License");
7	* you may not use this file except in compliance with the License.
8	* You may obtain a copy of the License at
9	*
10	* http://www.apache.org/licenses/LICENSE-2.0
11	*
12	* Unless required by applicable law or agreed to in writing, software
13	* distributed under the License is distributed on an "AS IS" BASIS,
14	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15	* See the License for the specific language governing permissions and
16	* limitations under the License.
17	*
18	*/
19
20	#include "mod_gnutls.h"
21
22	static int load_datum_from_file(apr_pool_t * pool,
23	const char file, gnutls_datum_t data) {
24	apr_file_t *fp;
25	apr_finfo_t finfo;
26	apr_status_t rv;
27	apr_size_t br = 0;
28
29	rv = apr_file_open(&fp, file, APR_READ \| APR_BINARY,
30	APR_OS_DEFAULT, pool);
31	if (rv != APR_SUCCESS) {
32	return rv;
33	}
34
35	rv = apr_file_info_get(&finfo, APR_FINFO_SIZE, fp);
36
37	if (rv != APR_SUCCESS) {
38	return rv;
39	}
40
41	data->data = apr_palloc(pool, finfo.size + 1);
42	rv = apr_file_read_full(fp, data->data, finfo.size, &br);
43
44	if (rv != APR_SUCCESS) {
45	return rv;
46	}
47	apr_file_close(fp);
48
49	data->data[br] = '\0';
50	data->size = br;
51
52	return 0;
53	}
54
55	const char mgs_set_dh_file(cmd_parms parms, void *dummy,
56	const char *arg) {
57	int ret;
58	gnutls_datum_t data;
59	const char *file;
60	apr_pool_t *spool;
61	mgs_srvconf_rec *sc =
62	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
63	module_config,
64	&gnutls_module);
65
66	apr_pool_create(&spool, parms->pool);
67
68	file = ap_server_root_relative(spool, arg);
69
70	if (load_datum_from_file(spool, file, &data) != 0) {
71	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
72	"DH params '%s'", file);
73	}
74
75	ret = gnutls_dh_params_init(&sc->dh_params);
76	if (ret < 0) {
77	return apr_psprintf(parms->pool,
78	"GnuTLS: Failed to initialize"
79	": (%d) %s", ret,
80	gnutls_strerror(ret));
81	}
82
83	ret =
84	gnutls_dh_params_import_pkcs3(sc->dh_params, &data,
85	GNUTLS_X509_FMT_PEM);
86	if (ret < 0) {
87	return apr_psprintf(parms->pool,
88	"GnuTLS: Failed to Import "
89	"DH params '%s': (%d) %s", file, ret,
90	gnutls_strerror(ret));
91	}
92
93	apr_pool_destroy(spool);
94
95	return NULL;
96	}
97
98	const char mgs_set_cert_file(cmd_parms parms, void dummy, const char arg) {
99
100	int ret;
101	gnutls_datum_t data;
102	const char *file;
103	apr_pool_t *spool;
104
105	mgs_srvconf_rec sc = (mgs_srvconf_rec ) ap_get_module_config(parms->server->module_config, &gnutls_module);
106	apr_pool_create(&spool, parms->pool);
107
108	file = ap_server_root_relative(spool, arg);
109
110	if (load_datum_from_file(spool, file, &data) != 0) {
111	apr_pool_destroy(spool);
112	return apr_psprintf(parms->pool, "GnuTLS: Error Reading Certificate '%s'", file);
113	}
114
115	sc->certs_x509_chain_num = MAX_CHAIN_SIZE;
116	ret = gnutls_x509_crt_list_import(sc->certs_x509_chain, &sc->certs_x509_chain_num, &data, GNUTLS_X509_FMT_PEM, 0);
117	if (ret < 0) {
118	apr_pool_destroy(spool);
119	return apr_psprintf(parms->pool, "GnuTLS: Failed to Import Certificate '%s': (%d) %s", file, ret, gnutls_strerror(ret));
120	}
121
122	apr_pool_destroy(spool);
123	return NULL;
124
125	}
126
127	const char mgs_set_key_file(cmd_parms parms, void dummy, const char arg) {
128
129	int ret;
130	gnutls_datum_t data;
131	const char *file;
132	apr_pool_t *spool;
133
134	mgs_srvconf_rec sc = (mgs_srvconf_rec ) ap_get_module_config(parms->server->module_config, &gnutls_module);
135
136	apr_pool_create(&spool, parms->pool);
137
138	file = ap_server_root_relative(spool, arg);
139
140	if (load_datum_from_file(spool, file, &data) != 0) {
141	apr_pool_destroy(spool);
142	return apr_psprintf(parms->pool, "GnuTLS: Error Reading Private Key '%s'", file);
143	}
144
145	ret = gnutls_x509_privkey_init(&sc->privkey_x509);
146
147	if (ret < 0) {
148	apr_pool_destroy(spool);
149	return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize: (%d) %s", ret, gnutls_strerror(ret));
150	}
151
152	ret = gnutls_x509_privkey_import(sc->privkey_x509, &data, GNUTLS_X509_FMT_PEM);
153
154	if (ret < 0) {
155	ret = gnutls_x509_privkey_import_pkcs8(sc->privkey_x509, &data, GNUTLS_X509_FMT_PEM, NULL, GNUTLS_PKCS_PLAIN);
156	}
157
158	if (ret < 0) {
159	apr_pool_destroy(spool);
160	return apr_psprintf(parms->pool, "GnuTLS: Failed to Import Private Key '%s': (%d) %s", file, ret, gnutls_strerror(ret));
161	}
162
163	apr_pool_destroy(spool);
164
165	return NULL;
166	}
167
168	const char mgs_set_pgpcert_file(cmd_parms parms, void *dummy,
169	const char *arg) {
170	int ret;
171	gnutls_datum_t data;
172	const char *file;
173	apr_pool_t *spool;
174	mgs_srvconf_rec *sc =
175	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
176	module_config,
177	&gnutls_module);
178	apr_pool_create(&spool, parms->pool);
179
180	file = ap_server_root_relative(spool, arg);
181
182	if (load_datum_from_file(spool, file, &data) != 0) {
183	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
184	"Certificate '%s'", file);
185	}
186
187	ret = gnutls_openpgp_crt_init(&sc->cert_pgp);
188	if (ret < 0) {
189	return apr_psprintf(parms->pool, "GnuTLS: Failed to Init "
190	"PGP Certificate: (%d) %s", ret,
191	gnutls_strerror(ret));
192	}
193
194	ret =
195	gnutls_openpgp_crt_import(sc->cert_pgp, &data,
196	GNUTLS_OPENPGP_FMT_BASE64);
197	if (ret < 0) {
198	return apr_psprintf(parms->pool,
199	"GnuTLS: Failed to Import "
200	"PGP Certificate '%s': (%d) %s", file,
201	ret, gnutls_strerror(ret));
202	}
203
204	apr_pool_destroy(spool);
205	return NULL;
206	}
207
208	const char mgs_set_pgpkey_file(cmd_parms parms, void *dummy,
209	const char *arg) {
210	int ret;
211	gnutls_datum_t data;
212	const char *file;
213	apr_pool_t *spool;
214	mgs_srvconf_rec *sc =
215	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
216	module_config,
217	&gnutls_module);
218	apr_pool_create(&spool, parms->pool);
219
220	file = ap_server_root_relative(spool, arg);
221
222	if (load_datum_from_file(spool, file, &data) != 0) {
223	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
224	"Private Key '%s'", file);
225	}
226
227	ret = gnutls_openpgp_privkey_init(&sc->privkey_pgp);
228	if (ret < 0) {
229	return apr_psprintf(parms->pool,
230	"GnuTLS: Failed to initialize"
231	": (%d) %s", ret,
232	gnutls_strerror(ret));
233	}
234
235	ret =
236	gnutls_openpgp_privkey_import(sc->privkey_pgp, &data,
237	GNUTLS_OPENPGP_FMT_BASE64, NULL,
238	0);
239	if (ret != 0) {
240	return apr_psprintf(parms->pool,
241	"GnuTLS: Failed to Import "
242	"PGP Private Key '%s': (%d) %s", file,
243	ret, gnutls_strerror(ret));
244	}
245	apr_pool_destroy(spool);
246	return NULL;
247	}
248
249	const char mgs_set_tickets(cmd_parms parms, void *dummy,
250	const char *arg) {
251	mgs_srvconf_rec *sc =
252	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
253	module_config,
254	&gnutls_module);
255
256	sc->tickets = 0;
257	if (strcasecmp("on", arg) == 0) {
258	sc->tickets = 1;
259	}
260
261	return NULL;
262	}
263
264
265	#ifdef ENABLE_SRP
266
267	const char mgs_set_srp_tpasswd_file(cmd_parms parms, void *dummy,
268	const char *arg) {
269	mgs_srvconf_rec *sc =
270	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
271	module_config,
272	&gnutls_module);
273
274	sc->srp_tpasswd_file = ap_server_root_relative(parms->pool, arg);
275
276	return NULL;
277	}
278
279	const char mgs_set_srp_tpasswd_conf_file(cmd_parms parms, void *dummy,
280	const char *arg) {
281	mgs_srvconf_rec *sc =
282	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
283	module_config,
284	&gnutls_module);
285
286	sc->srp_tpasswd_conf_file =
287	ap_server_root_relative(parms->pool, arg);
288
289	return NULL;
290	}
291
292	#endif
293
294	const char mgs_set_cache(cmd_parms parms, void *dummy,
295	const char type, const char arg) {
296	const char *err;
297	mgs_srvconf_rec *sc =
298	ap_get_module_config(parms->server->module_config,
299	&gnutls_module);
300	if ((err = ap_check_cmd_context(parms, GLOBAL_ONLY))) {
301	return err;
302	}
303
304	if (strcasecmp("none", type) == 0) {
305	sc->cache_type = mgs_cache_none;
306	sc->cache_config = NULL;
307	return NULL;
308	} else if (strcasecmp("dbm", type) == 0) {
309	sc->cache_type = mgs_cache_dbm;
310	} else if (strcasecmp("gdbm", type) == 0) {
311	sc->cache_type = mgs_cache_gdbm;
312	}
313	#if HAVE_APR_MEMCACHE
314	else if (strcasecmp("memcache", type) == 0) {
315	sc->cache_type = mgs_cache_memcache;
316	}
317	#endif
318	else {
319	return "Invalid Type for GnuTLSCache!";
320	}
321
322	if (arg == NULL)
323	return "Invalid argument 2 for GnuTLSCache!";
324
325	if (sc->cache_type == mgs_cache_dbm
326	\|\| sc->cache_type == mgs_cache_gdbm) {
327	sc->cache_config =
328	ap_server_root_relative(parms->pool, arg);
329	} else {
330	sc->cache_config = apr_pstrdup(parms->pool, arg);
331	}
332
333	return NULL;
334	}
335
336	const char mgs_set_cache_timeout(cmd_parms parms, void *dummy,
337	const char *arg) {
338	int argint;
339	const char *err;
340	mgs_srvconf_rec *sc =
341	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
342	module_config,
343	&gnutls_module);
344
345	if ((err = ap_check_cmd_context(parms, GLOBAL_ONLY))) {
346	return err;
347	}
348
349	argint = atoi(arg);
350
351	if (argint < 0) {
352	return "GnuTLSCacheTimeout: Invalid argument";
353	} else if (argint == 0) {
354	sc->cache_timeout = 0;
355	} else {
356	sc->cache_timeout = apr_time_from_sec(argint);
357	}
358
359	return NULL;
360	}
361
362	const char mgs_set_client_verify(cmd_parms parms, void *dummy,
363	const char *arg) {
364	int mode;
365
366	if (strcasecmp("none", arg) == 0 \|\| strcasecmp("ignore", arg) == 0) {
367	mode = GNUTLS_CERT_IGNORE;
368	} else if (strcasecmp("optional", arg) == 0
369	\|\| strcasecmp("request", arg) == 0) {
370	mode = GNUTLS_CERT_REQUEST;
371	} else if (strcasecmp("require", arg) == 0) {
372	mode = GNUTLS_CERT_REQUIRE;
373	} else {
374	return "GnuTLSClientVerify: Invalid argument";
375	}
376
377	/* This was set from a directory context */
378	if (parms->path) {
379	mgs_dirconf_rec dc = (mgs_dirconf_rec ) dummy;
380	dc->client_verify_mode = mode;
381	} else {
382	mgs_srvconf_rec *sc =
383	(mgs_srvconf_rec *)
384	ap_get_module_config(parms->server->module_config,
385	&gnutls_module);
386	sc->client_verify_mode = mode;
387	}
388
389	return NULL;
390	}
391
392	#define INIT_CA_SIZE 128
393
394	const char mgs_set_client_ca_file(cmd_parms parms, void *dummy,
395	const char *arg) {
396	int rv;
397	const char *file;
398	apr_pool_t *spool;
399	gnutls_datum_t data;
400
401	mgs_srvconf_rec *sc =
402	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
403	module_config,
404	&gnutls_module);
405	apr_pool_create(&spool, parms->pool);
406
407	file = ap_server_root_relative(spool, arg);
408
409	if (load_datum_from_file(spool, file, &data) != 0) {
410	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
411	"Client CA File '%s'", file);
412	}
413
414	sc->ca_list_size = INIT_CA_SIZE;
415	sc->ca_list = malloc(sc->ca_list_size * sizeof (*sc->ca_list));
416	if (sc->ca_list == NULL) {
417	return apr_psprintf(parms->pool,
418	"mod_gnutls: Memory allocation error");
419	}
420
421	rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size,
422	&data, GNUTLS_X509_FMT_PEM,
423	GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
424	if (rv < 0 && rv != GNUTLS_E_SHORT_MEMORY_BUFFER) {
425	return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
426	"Client CA File '%s': (%d) %s", file,
427	rv, gnutls_strerror(rv));
428	}
429
430	if (INIT_CA_SIZE < sc->ca_list_size) {
431	sc->ca_list =
432	realloc(sc->ca_list,
433	sc->ca_list_size * sizeof (*sc->ca_list));
434	if (sc->ca_list == NULL) {
435	return apr_psprintf(parms->pool,
436	"mod_gnutls: Memory allocation error");
437	}
438
439	/* re-read */
440	rv = gnutls_x509_crt_list_import(sc->ca_list,
441	&sc->ca_list_size, &data,
442	GNUTLS_X509_FMT_PEM, 0);
443
444	if (rv < 0) {
445	return apr_psprintf(parms->pool,
446	"GnuTLS: Failed to load "
447	"Client CA File '%s': (%d) %s",
448	file, rv, gnutls_strerror(rv));
449	}
450	}
451
452	apr_pool_destroy(spool);
453	return NULL;
454	}
455
456	const char mgs_set_keyring_file(cmd_parms parms, void *dummy,
457	const char *arg) {
458	int rv;
459	const char *file;
460	apr_pool_t *spool;
461	gnutls_datum_t data;
462
463	mgs_srvconf_rec *sc =
464	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
465	module_config,
466	&gnutls_module);
467	apr_pool_create(&spool, parms->pool);
468
469	file = ap_server_root_relative(spool, arg);
470
471	if (load_datum_from_file(spool, file, &data) != 0) {
472	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
473	"Keyring File '%s'", file);
474	}
475
476	rv = gnutls_openpgp_keyring_init(&sc->pgp_list);
477	if (rv < 0) {
478	return apr_psprintf(parms->pool,
479	"GnuTLS: Failed to initialize"
480	"keyring: (%d) %s", rv,
481	gnutls_strerror(rv));
482	}
483
484	rv = gnutls_openpgp_keyring_import(sc->pgp_list, &data,
485	GNUTLS_OPENPGP_FMT_BASE64);
486	if (rv < 0) {
487	return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
488	"Keyring File '%s': (%d) %s", file, rv,
489	gnutls_strerror(rv));
490	}
491
492	apr_pool_destroy(spool);
493	return NULL;
494	}
495
496	const char mgs_set_proxy_engine(cmd_parms parms, void *dummy,
497	const char *arg) {
498
499	mgs_srvconf_rec sc =(mgs_srvconf_rec )
500	ap_get_module_config(parms->server->module_config, &gnutls_module);
501
502	if (!strcasecmp(arg, "On")) {
503	sc->proxy_enabled = GNUTLS_ENABLED_TRUE;
504	} else if (!strcasecmp(arg, "Off")) {
505	sc->proxy_enabled = GNUTLS_ENABLED_FALSE;
506	} else {
507	return "SSLProxyEngine must be set to 'On' or 'Off'";
508	}
509
510	return NULL;
511	}
512
513	const char mgs_set_enabled(cmd_parms parms, void *dummy,
514	const char *arg) {
515	mgs_srvconf_rec *sc =
516	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
517	module_config,
518	&gnutls_module);
519	if (!strcasecmp(arg, "On")) {
520	sc->enabled = GNUTLS_ENABLED_TRUE;
521	} else if (!strcasecmp(arg, "Off")) {
522	sc->enabled = GNUTLS_ENABLED_FALSE;
523	} else {
524	return "GnuTLSEnable must be set to 'On' or 'Off'";
525	}
526
527	return NULL;
528	}
529
530	const char mgs_set_priorities(cmd_parms parms, void dummy, const char arg) {
531
532	int ret;
533	const char *err;
534
535	mgs_srvconf_rec sc = (mgs_srvconf_rec )
536	ap_get_module_config(parms->server->module_config, &gnutls_module);
537
538	ret = gnutls_priority_init(&sc->priorities, arg, &err);
539
540	if (ret < 0) {
541	if (ret == GNUTLS_E_INVALID_REQUEST) {
542	return apr_psprintf(parms->pool,
543	"GnuTLS: Syntax error parsing priorities string at: %s", err);
544	}
545	return "Error setting priorities";
546	}
547
548	return NULL;
549	}
550
551	static mgs_srvconf_rec _mgs_config_server_create(apr_pool_t p, char** err) {
552	mgs_srvconf_rec sc = apr_pcalloc(p, sizeof (sc));
553	int ret;
554
555	sc->enabled = GNUTLS_ENABLED_UNSET;
556
557	ret = gnutls_certificate_allocate_credentials(&sc->certs);
558	if (ret < 0) {
559	*err = apr_psprintf(p, "GnuTLS: Failed to initialize"
560	": (%d) %s", ret,
561	gnutls_strerror(ret));
562	return NULL;
563	}
564
565	ret = gnutls_anon_allocate_server_credentials(&sc->anon_creds);
566	if (ret < 0) {
567	*err = apr_psprintf(p, "GnuTLS: Failed to initialize"
568	": (%d) %s", ret,
569	gnutls_strerror(ret));
570	return NULL;
571	}
572	#ifdef ENABLE_SRP
573	ret = gnutls_srp_allocate_server_credentials(&sc->srp_creds);
574	if (ret < 0) {
575	*err = apr_psprintf(p, "GnuTLS: Failed to initialize"
576	": (%d) %s", ret,
577	gnutls_strerror(ret));
578	return NULL;
579	}
580
581	sc->srp_tpasswd_conf_file = NULL;
582	sc->srp_tpasswd_file = NULL;
583	#endif
584
585	sc->privkey_x509 = NULL;
586	/* Initialize all Certificate Chains */
587	/* FIXME: how do we indicate that this is unset for a merge? (that
588	* is, how can a subordinate server override the chain by setting
589	* an empty one? what would that even look like in the
590	* configuration?) */
591	sc->certs_x509_chain = malloc(MAX_CHAIN_SIZE * sizeof (*sc->certs_x509_chain));
592	sc->certs_x509_chain_num = 0;
593	sc->cache_timeout = -1; /* -1 means "unset" */
594	sc->cache_type = mgs_cache_unset;
595	sc->cache_config = NULL;
596	sc->tickets = GNUTLS_ENABLED_UNSET;
597	sc->priorities = NULL;
598	sc->dh_params = NULL;
599	sc->proxy_enabled = GNUTLS_ENABLED_UNSET;
600
601	/* this relies on GnuTLS never changing the gnutls_certificate_request_t enum to define -1 */
602	sc->client_verify_mode = -1;
603
604	return sc;
605	}
606
607	void mgs_config_server_create(apr_pool_t p, server_rec * s) {
608	char *err = NULL;
609	mgs_srvconf_rec *sc = _mgs_config_server_create(p, &err);
610	if (sc) return sc; else return err;
611	}
612
613	#define gnutls_srvconf_merge(t, unset) sc->t = (add->t == unset) ? base->t : add->t
614	#define gnutls_srvconf_assign(t) sc->t = add->t
615
616	void mgs_config_server_merge(apr_pool_t p, void BASE, void ADD) {
617	int i;
618	char *err = NULL;
619	mgs_srvconf_rec base = (mgs_srvconf_rec )BASE;
620	mgs_srvconf_rec add = (mgs_srvconf_rec )ADD;
621	mgs_srvconf_rec *sc = _mgs_config_server_create(p, &err);
622	if (NULL == sc) return err;
623
624	gnutls_srvconf_merge(enabled, GNUTLS_ENABLED_UNSET);
625	gnutls_srvconf_merge(tickets, GNUTLS_ENABLED_UNSET);
626	gnutls_srvconf_merge(proxy_enabled, GNUTLS_ENABLED_UNSET);
627	gnutls_srvconf_merge(client_verify_mode, -1);
628	gnutls_srvconf_merge(srp_tpasswd_file, NULL);
629	gnutls_srvconf_merge(srp_tpasswd_conf_file, NULL);
630	gnutls_srvconf_merge(privkey_x509, NULL);
631	gnutls_srvconf_merge(priorities, NULL);
632	gnutls_srvconf_merge(dh_params, NULL);
633
634	/* FIXME: the following items are pre-allocated, and should be
635	* properly disposed of before assigning in order to avoid leaks;
636	* so at the moment, we can't actually have them in the config.
637	* what happens during de-allocation?
638
639	* This is probably leaky.
640	*/
641	gnutls_srvconf_assign(certs);
642	gnutls_srvconf_assign(anon_creds);
643	gnutls_srvconf_assign(srp_creds);
644	gnutls_srvconf_assign(certs_x509_chain);
645	gnutls_srvconf_assign(certs_x509_chain_num);
646
647	/* how do these get transferred cleanly before the data from ADD
648	* goes away? */
649	gnutls_srvconf_assign(cert_cn);
650	for (i = 0; i < MAX_CERT_SAN; i++)
651	gnutls_srvconf_assign(cert_san[i]);
652	gnutls_srvconf_assign(ca_list);
653	gnutls_srvconf_assign(ca_list_size);
654	gnutls_srvconf_assign(cert_pgp);
655	gnutls_srvconf_assign(pgp_list);
656	gnutls_srvconf_assign(privkey_pgp);
657
658	return sc;
659	}
660
661	#undef gnutls_srvconf_merge
662	#undef gnutls_srvconf_assign
663
664	void mgs_config_dir_merge(apr_pool_t p, void basev, void addv) {
665	mgs_dirconf_rec *new;
666	/* mgs_dirconf_rec base = (mgs_dirconf_rec ) basev; */
667	mgs_dirconf_rec add = (mgs_dirconf_rec ) addv;
668
669	new = (mgs_dirconf_rec *) apr_pcalloc(p, sizeof (mgs_dirconf_rec));
670	new->client_verify_mode = add->client_verify_mode;
671	return new;
672	}
673
674	void mgs_config_dir_create(apr_pool_t p, char *dir) {
675	mgs_dirconf_rec dc = apr_palloc(p, sizeof (dc));
676	dc->client_verify_mode = -1;
677	return dc;
678	}
679

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: mod_gnutls/src/gnutls_config.c @ 480aba1

Download in other formats: