source: mod_gnutls/src/gnutls_config.h @ c39ae1a

Last change on this file since c39ae1a was c39ae1a, checked in by Thomas Klute <thomas2.klute@…>, 6 years ago

Initialize OCSP timeouts with an "unset" value

The configuration merge function used the default timeout to check if
an OCSP related timeout has been set in a virtual host
configuration. This would work most of the time, but break in the
corner case of the global configuration setting a non-default timeout
and a virtual host configuration restoring the default. In this
situation the merge would handle the value from the virtual host
configuration as unset and copy the global timeout.

The problem is solved by initializing the timeouts using the new macro
MGS_TIMEOUT_UNSET. Timeouts as used in the mod_gnutls configuration
cannot be negative, so there is ample room for explicitly unset
values. MGS_TIMEOUT_UNSET is also used for the session cache timeout
instead of hard coded -1.

  • Property mode set to 100644
File size: 947 bytes
2 *  Copyright 2016 Thomas Klute
3 *
4 *  Licensed under the Apache License, Version 2.0 (the "License");
5 *  you may not use this file except in compliance with the License.
6 *  You may obtain a copy of the License at
7 *
8 *
9 *
10 *  Unless required by applicable law or agreed to in writing, software
11 *  distributed under the License is distributed on an "AS IS" BASIS,
12 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 *  See the License for the specific language governing permissions and
14 *  limitations under the License.
15 *
16 */
18#ifndef __MOD_GNUTLS_CONFIG_H__
19#define __MOD_GNUTLS_CONFIG_H__
21#include "mod_gnutls.h"
22#include <httpd.h>
24/* timeouts as defined in mgs_set_timeout() cannot be negative */
25#define MGS_TIMEOUT_UNSET -1
27/* TODO: move configuration related function definitions from
28 * over here */
30#endif /* __MOD_GNUTLS_CONFIG_H__ */
Note: See TracBrowser for help on using the repository browser.