Changeset 02c8e54 in mod_gnutls for src


Ignore:
Timestamp:
Nov 22, 2015, 1:43:48 PM (5 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, upstream
Children:
63468af, 8a264b0, bcbcf5d
Parents:
89f863f (diff), 07cc51f (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Imported Upstream version 0.7.2

Location:
src
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • src/Makefile.in

    r89f863f r02c8e54  
    1 # Makefile.in generated by automake 1.14.1 from Makefile.am.
     1# Makefile.in generated by automake 1.15 from Makefile.am.
    22# @configure_input@
    33
    4 # Copyright (C) 1994-2013 Free Software Foundation, Inc.
     4# Copyright (C) 1994-2014 Free Software Foundation, Inc.
    55
    66# This Makefile.in is free software; the Free Software Foundation
     
    1616
    1717VPATH = @srcdir@
    18 am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
     18am__is_gnu_make = { \
     19  if test -z '$(MAKELEVEL)'; then \
     20    false; \
     21  elif test -n '$(MAKE_HOST)'; then \
     22    true; \
     23  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
     24    true; \
     25  else \
     26    false; \
     27  fi; \
     28}
    1929am__make_running_with_option = \
    2030  case $${target_option-} in \
     
    8191target_triplet = @target@
    8292subdir = src
    83 DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
    84         $(top_srcdir)/config/depcomp
    8593ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
    8694am__aclocal_m4_deps = $(top_srcdir)/m4/apache.m4 \
     
    92100am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
    93101        $(ACLOCAL_M4)
     102DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
    94103mkinstalldirs = $(install_sh) -d
    95104CONFIG_HEADER = $(top_builddir)/include/mod_gnutls_config.h
     
    199208ETAGS = etags
    200209CTAGS = ctags
     210am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/config/depcomp
    201211DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
    202212ACLOCAL = @ACLOCAL@
     
    212222APR_MEMCACHE_CFLAGS = @APR_MEMCACHE_CFLAGS@
    213223APR_MEMCACHE_LIBS = @APR_MEMCACHE_LIBS@
     224APR_UTIL_CONF = @APR_UTIL_CONF@
    214225APU_INCLUDES = @APU_INCLUDES@
    215226APU_LDFLAGS = @APU_LDFLAGS@
     
    381392        $(am__cd) $(top_srcdir) && \
    382393          $(AUTOMAKE) --gnu src/Makefile
    383 .PRECIOUS: Makefile
    384394Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
    385395        @case '$?' in \
     
    716726        tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
    717727
     728.PRECIOUS: Makefile
     729
    718730
    719731make_so: $(lib_LTLIBRARIES)
  • src/gnutls_hooks.c

    r89f863f r02c8e54  
    694694}
    695695
    696 /*
     696/**
    697697 * This function is intended as a cleanup handler for connections
    698  * using GnuTLS.
     698 * using GnuTLS. If attached to the connection pool, it ensures that
     699 * session resources are released with the connection pool even if the
     700 * session wasn't terminated properly.
    699701 *
    700702 * @param data must point to the mgs_handle_t associated with the
     
    711713    if (ctxt->session != NULL)
    712714    {
     715        ap_log_cerror(APLOG_MARK, APLOG_WARNING, APR_ECONNABORTED, ctxt->c,
     716                      "%s: connection pool cleanup in progress but %sTLS "
     717                      "session hasn't been terminated, trying to close",
     718                      __func__, IS_PROXY_STR(ctxt));
    713719        int ret;
    714720        /* Try A Clean Shutdown */
     
    717723        while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
    718724        if (ret != GNUTLS_E_SUCCESS)
    719             ap_log_cerror(APLOG_MARK, APLOG_INFO, ret, ctxt->c,
     725            ap_log_cerror(APLOG_MARK, APLOG_INFO, APR_EGENERAL, ctxt->c,
    720726                          "%s: error while closing TLS %sconnection: %s (%d)",
    721727                          __func__, IS_PROXY_STR(ctxt),
    722728                          gnutls_strerror(ret), ret);
    723729        else
    724             ap_log_cerror(APLOG_MARK, APLOG_DEBUG, ret, ctxt->c,
     730            ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
    725731                          "%s: TLS %sconnection closed.",
    726732                          __func__, IS_PROXY_STR(ctxt));
     
    775781                          "gnutls_session_ticket_enable_client failed: %s (%d)",
    776782                          gnutls_strerror(err), err);
    777         /* Try to close and deinit the session when the connection
    778          * pool is cleared. Note that mod_proxy might not close
    779          * connections immediately, if you need that, look at the
    780          * "proxy-nokeepalive" environment variable for
    781          * mod_proxy_http. */
    782         apr_pool_pre_cleanup_register(c->pool, ctxt, cleanup_gnutls_session);
    783783    }
    784784    else
     
    800800        }
    801801    }
     802
     803    /* Ensure TLS session resources are released when the connection
     804     * pool is cleared, if the filters haven't done that already. */
     805    apr_pool_pre_cleanup_register(c->pool, ctxt, cleanup_gnutls_session);
    802806
    803807    /* Set Default Priority */
  • src/gnutls_io.c

    r89f863f r02c8e54  
    4242    ((c->is_proxy == GNUTLS_ENABLED_TRUE) ? "proxy " : "")
    4343
     44/**
     45 * Convert APR_EINTR or APR_EAGAIN to the match raw error code. Needed
     46 * to pass the status on to GnuTLS from the pull function.
     47 */
     48#define EAI_APR_TO_RAW(s) (APR_STATUS_IS_EAGAIN(s) ? EAGAIN : EINTR)
     49
     50
     51
    4452static apr_status_t gnutls_io_filter_error(ap_filter_t * f,
    4553        apr_bucket_brigade * bb,
     
    233241    }
    234242
    235     while (1) {
    236 
    237         do
    238             rc = gnutls_record_recv(ctxt->session, buf + bytes,
    239                                     wanted - bytes);
    240         while (rc == GNUTLS_E_INTERRUPTED || rc == GNUTLS_E_AGAIN);
     243    while (1)
     244    {
     245        rc = gnutls_record_recv(ctxt->session, buf + bytes, wanted - bytes);
     246
     247        if (rc == GNUTLS_E_INTERRUPTED)
     248            ctxt->input_rc = APR_EINTR;
     249        else if (rc == GNUTLS_E_AGAIN)
     250            ctxt->input_rc = APR_EAGAIN;
    241251
    242252        if (rc > 0) {
     
    486496}
    487497
     498
     499
     500/**
     501 * Close the TLS session associated with the given connection
     502 * structure and free its resources
     503 */
     504static int mgs_bye(mgs_handle_t* ctxt)
     505{
     506    int ret = GNUTLS_E_SUCCESS;
     507    /* End Of Connection */
     508    if (ctxt->session != NULL)
     509    {
     510        /* Try A Clean Shutdown */
     511        do {
     512            ret = gnutls_bye(ctxt->session, GNUTLS_SHUT_WR);
     513        } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
     514        if (ret != GNUTLS_E_SUCCESS)
     515            ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_EGENERAL, ctxt->c,
     516                          "%s: Error while closing TLS %sconnection: "
     517                          "'%s' (%d)",
     518                          __func__, IS_PROXY_STR(ctxt),
     519                          gnutls_strerror(ret), (int) ret);
     520        else
     521            ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
     522                          "%s: TLS %sconnection closed.",
     523                          __func__, IS_PROXY_STR(ctxt));
     524        /* De-Initialize Session */
     525        gnutls_deinit(ctxt->session);
     526        ctxt->session = NULL;
     527    }
     528    return ret;
     529}
     530
     531
     532
    488533apr_status_t mgs_filter_input(ap_filter_t * f,
    489534        apr_bucket_brigade * bb,
     
    549594    }
    550595
    551     if (status != APR_SUCCESS) {
     596    if (status != APR_SUCCESS)
     597    {
     598        /* no data for nonblocking read, return APR_EAGAIN */
     599        if ((block == APR_NONBLOCK_READ) && APR_STATUS_IS_EINTR(status))
     600            return APR_EAGAIN;
     601
     602        /* Close TLS session and free resources on EOF,
     603         * gnutls_io_filter_error will add an EOS bucket */
     604        if (APR_STATUS_IS_EOF(status))
     605            mgs_bye(ctxt);
     606
    552607        return gnutls_io_filter_error(f, bb, status);
    553608    }
     
    633688            apr_bucket_delete(bucket);
    634689        } else if (AP_BUCKET_IS_EOC(bucket)) {
    635             /* End Of Connection */
    636             if (ctxt->session != NULL) {
    637                 /* Try A Clean Shutdown */
    638                 do {
    639                     ret = gnutls_bye(ctxt->session, GNUTLS_SHUT_WR);
    640                 } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
    641                 if (ret != GNUTLS_E_SUCCESS)
    642                     ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
    643                                   "%s: Error while closing TLS %sconnection: "
    644                                   "'%s' (%d)",
    645                                   __func__, IS_PROXY_STR(ctxt),
    646                                   gnutls_strerror(ret), (int) ret);
    647                 else
    648                     ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
    649                                   "%s: TLS %sconnection closed.",
    650                                   __func__, IS_PROXY_STR(ctxt));
    651                 /* De-Initialize Session */
    652                 gnutls_deinit(ctxt->session);
    653                 ctxt->session = NULL;
    654             }
     690            /* End Of Connection, close TLS session and free
     691             * resources */
     692            mgs_bye(ctxt);
    655693            /* cleanup! */
    656694            apr_bucket_delete(bucket);
     
    725763}
    726764
     765/**
     766 * Pull function for GnuTLS
     767 */
    727768ssize_t mgs_transport_read(gnutls_transport_ptr_t ptr,
    728         void *buffer, size_t len) {
     769                           void *buffer, size_t len)
     770{
    729771    mgs_handle_t *ctxt = ptr;
    730772    apr_status_t rc;
     
    752794         */
    753795        if (APR_STATUS_IS_EAGAIN(rc) || APR_STATUS_IS_EINTR(rc)
    754                 || (rc == APR_SUCCESS
    755                 && APR_BRIGADE_EMPTY(ctxt->input_bb))) {
    756 
    757             if (APR_STATUS_IS_EOF(ctxt->input_rc)) {
     796            || (rc == APR_SUCCESS
     797                && APR_BRIGADE_EMPTY(ctxt->input_bb)))
     798        {
     799            if (APR_STATUS_IS_EOF(ctxt->input_rc))
     800            {
    758801                return 0;
    759             } else {
     802            }
     803            else
     804            {
    760805                if (ctxt->session)
    761                     gnutls_transport_set_errno(ctxt->
    762                         session,
    763                         EINTR);
     806                    gnutls_transport_set_errno(ctxt->session,
     807                                               EAI_APR_TO_RAW(ctxt->input_rc));
    764808                return -1;
    765809            }
    766810        }
    767 
    768811
    769812        if (rc != APR_SUCCESS) {
     
    783826
    784827    if (APR_STATUS_IS_EAGAIN(ctxt->input_rc)
    785             || APR_STATUS_IS_EINTR(ctxt->input_rc)) {
    786         if (len == 0) {
     828        || APR_STATUS_IS_EINTR(ctxt->input_rc))
     829    {
     830        if (len == 0)
     831        {
    787832            if (ctxt->session)
    788833                gnutls_transport_set_errno(ctxt->session,
    789                     EINTR);
     834                                           EAI_APR_TO_RAW(ctxt->input_rc));
    790835            return -1;
    791836        }
Note: See TracChangeset for help on using the changeset viewer.