Changeset 0314deb in mod_gnutls for src/mod_gnutls.c


Ignore:
Timestamp:
Dec 6, 2004, 1:07:15 AM (15 years ago)
Author:
Paul Querna <chip@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, msva, upstream
Children:
32f2e60
Parents:
0b3bc05
Message:

re-order the cipher types.
Add a fixups hook and some Basic Env vars

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/mod_gnutls.c

    r0b3bc05 r0314deb  
    182182}
    183183
     184static int mod_gnutls_hook_fixups(request_rec *r)
     185{
     186    const char* tmp;
     187    mod_gnutls_handle_t *ctxt;
     188    apr_table_t *env = r->subprocess_env;
     189
     190    ctxt = ap_get_module_config(r->connection->conn_config, &gnutls_module);
     191
     192    if(!ctxt) {
     193        return DECLINED;
     194    }
     195    apr_table_setn(env, "HTTPS", "on");
     196    apr_table_setn(env, "SSL_PROTOCOL",
     197                   gnutls_protocol_get_name(gnutls_protocol_get_version(ctxt->session)));
     198    apr_table_setn(env, "SSL_CIPHER",
     199                   gnutls_cipher_get_name(gnutls_cipher_get(ctxt->session)));
     200
     201    tmp = apr_psprintf(r->pool, "%d",
     202              8 * gnutls_cipher_get_key_size(gnutls_cipher_get(ctxt->session)));
     203
     204    apr_table_setn(env, "SSL_CIPHER_USEKEYSIZE", tmp);
     205    apr_table_setn(env, "SSL_CIPHER_ALGKEYSIZE", tmp);
     206
     207    return OK;
     208}
     209
    184210static const char *gnutls_set_cert_file(cmd_parms * parms, void *dummy,
    185211                                        const char *arg)
     
    260286                       APR_HOOK_MIDDLE);
    261287
     288    ap_hook_fixups(mod_gnutls_hook_fixups, NULL, NULL, APR_HOOK_MIDDLE);
     289
    262290    /* TODO: HTTP Upgrade Filter */
    263291    /* ap_register_output_filter ("UPGRADE_FILTER",
     
    285313
    286314    i = 0;
    287     sc->ciphers[i++] = GNUTLS_CIPHER_RIJNDAEL_128_CBC;
     315    sc->ciphers[i++] = GNUTLS_CIPHER_AES_256_CBC;
     316    sc->ciphers[i++] = GNUTLS_CIPHER_AES_128_CBC;
    288317    sc->ciphers[i++] = GNUTLS_CIPHER_ARCFOUR_128;
    289318    sc->ciphers[i++] = GNUTLS_CIPHER_3DES_CBC;
     
    300329
    301330    i = 0;
     331    sc->macs[i++] = GNUTLS_MAC_SHA;
    302332    sc->macs[i++] = GNUTLS_MAC_MD5;
    303     sc->macs[i++] = GNUTLS_MAC_SHA;
    304333    sc->macs[i++] = GNUTLS_MAC_RMD160;
    305334    sc->macs[i] = 0;
Note: See TracChangeset for help on using the changeset viewer.