Changeset 104e881 in mod_gnutls


Ignore:
Timestamp:
Dec 6, 2016, 2:13:55 AM (12 months ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
master, debian, upstream
Children:
e0e0b0f
Parents:
14548b9
Message:

General comment updates for Doxygen compatibility

Mostly /* */ vs. / */ changes so Doxygen does catch the correct
descriptions instead of e.g. license headers, plus some minor comment
updates.

Files:
11 edited

Legend:

Unmodified
Added
Removed
  • include/mod_gnutls.h.in

    re1c094c r104e881  
    1 /**
     1/*
    22 *  Copyright 2004-2005 Paul Querna
    33 *  Copyright 2014 Nikos Mavrogiannopoulos
     
    1515 *  See the License for the specific language governing permissions and
    1616 *  limitations under the License.
    17  *
    1817 */
    1918
  • src/gnutls_cache.h

    r14548b9 r104e881  
    2020 * @file
    2121 *
    22  * Generic object cache for mod_gnutls
     22 * Generic object cache for mod_gnutls.
    2323 */
    2424
     
    3737 * function is called after the configuration file(s) have been
    3838 * parsed.
     39 *
     40 * @param p configuration memory pool
     41 * @param s default server of the Apache configuration, head of the
     42 * server list
     43 * @param sc mod_gnutls data associated with `s`
    3944 */
    4045int mgs_cache_post_config(apr_pool_t *p, server_rec *s, mgs_srvconf_rec *sc);
    4146
    4247/**
    43  * (Re-)Initialize the cache in a child process after forking
     48 * (Re-)Initialize the cache in a child process after forking.
     49 *
     50 * @param p child memory pool provided by Apache
     51 * @param s default server of the Apache configuration, head of the
     52 * server list
     53 * @param sc mod_gnutls data associated with `s`
    4454 */
    4555int mgs_cache_child_init(apr_pool_t *p, server_rec *s, mgs_srvconf_rec *sc);
    4656
    4757/**
    48  * Setup caching for the given TLS session
     58 * Set up caching for the given TLS session.
    4959 *
    5060 * @param ctxt mod_gnutls session context
     61 *
    5162 * @return 0
    5263 */
     
    5768/**
    5869 * Convert a `time_t` into a null terminated string in a format
    59  * compatible with OpenSSL's `ASN1_TIME_print()`
     70 * compatible with OpenSSL's `ASN1_TIME_print()`.
    6071 *
    6172 * @param t time_t time
    6273 * @param str Location to store the time string
    6374 * @param strsize The maximum length that can be stored in `str`
     75 *
    6476 * @return `str`
    6577 */
     
    6779
    6880/**
    69  * Generic store function for the mod_gnutls object cache
     81 * Generic store function for the mod_gnutls object cache.
    7082 *
    7183 * @param s server associated with the cache entry
     
    7385 * @param data data to be cached
    7486 * @param expiry expiration time
    75  * @return -1 on error, 0 on success
     87 *
     88 * @return `-1` on error, `0` on success
    7689 */
    7790typedef int (*cache_store_func)(server_rec *s, gnutls_datum_t key,
    7891                                gnutls_datum_t data, apr_time_t expiry);
    7992/**
    80  * Generic fetch function for the mod_gnutls object cache
     93 * Generic fetch function for the mod_gnutls object cache.
     94 *
     95 * *Warning*: The `data` element of the returned `gnutls_datum_t` is
     96 * allocated using `gnutls_malloc()` for compatibility with the GnuTLS
     97 * session caching API, and must be released using `gnutls_free()`.
    8198 *
    8299 * @param ctxt mod_gnutls session context for the request
    83100 * @param key key for the cache entry to be fetched
     101 *
    84102 * @return the requested cache entry, or `{NULL, 0}`
    85103 */
  • src/gnutls_config.c

    re1c094c r104e881  
    1 /**
     1/*
    22 *  Copyright 2004-2005 Paul Querna
    33 *  Copyright 2008, 2014 Nikos Mavrogiannopoulos
     
    1616 *  See the License for the specific language governing permissions and
    1717 *  limitations under the License.
    18  *
    1918 */
    2019
  • src/gnutls_config.h

    rc39ae1a r104e881  
    1313 *  See the License for the specific language governing permissions and
    1414 *  limitations under the License.
    15  *
    1615 */
    1716
  • src/gnutls_hooks.c

    re9ef72c r104e881  
    1 /**
     1/*
    22 *  Copyright 2004-2005 Paul Querna
    33 *  Copyright 2008, 2014 Nikos Mavrogiannopoulos
     
    1717 *  See the License for the specific language governing permissions and
    1818 *  limitations under the License.
    19  *
    2019 */
    2120
     
    4443    ((c->is_proxy == GNUTLS_ENABLED_TRUE) ? "proxy " : "")
    4544
     45/** Key to encrypt session tickets. Must be kept secret. This key is
     46 * generated in the `pre_config` hook and thus constant across
     47 * forks. The problem with this approach is that it does not support
     48 * regular key rotation. */
    4649static gnutls_datum_t session_ticket_key = {NULL, 0};
    4750
     
    310313}
    311314
    312 /*
     315/**
     316 * Post config hook.
     317 *
    313318 * Must return OK or DECLINED on success, something else on
    314319 * error. These codes are defined in Apache httpd.h along with the
     
    614619 * @param x vhost callback record
    615620 * @param s server record
     621 * @param tsc mod_gnutls server data for `s`
     622 *
    616623 * @return true if a match, false otherwise
    617624 *
    618625 */
    619 int check_server_aliases(vhost_cb_rec *x, server_rec * s, mgs_srvconf_rec *tsc) {
     626int check_server_aliases(vhost_cb_rec *x, server_rec * s, mgs_srvconf_rec *tsc)
     627{
    620628        apr_array_header_t *names;
    621629        int rv = 0;
  • src/gnutls_io.c

    rac3f500 r104e881  
    1 /**
     1/*
    22 *  Copyright 2004-2005 Paul Querna
    33 *  Copyright 2008 Nikos Mavrogiannopoulos
     
    1616 *  See the License for the specific language governing permissions and
    1717 *  limitations under the License.
    18  *
    1918 */
    2019
     
    3029
    3130/**
     31 * @file
    3232 * Describe how the GnuTLS Filter system works here
    3333 *  - Basicly the same as what mod_ssl does with OpenSSL.
  • src/gnutls_ocsp.c

    re1c094c r104e881  
    1 /**
     1/*
    22 *  Copyright 2016 Thomas Klute
    33 *
     
    3131#endif
    3232
    33 /* maximum supported OCSP response size, 8K should be plenty */
     33/** maximum supported OCSP response size, 8K should be plenty */
    3434#define OCSP_RESP_SIZE_MAX (8 * 1024)
    3535#define OCSP_REQ_TYPE "application/ocsp-request"
    3636#define OCSP_RESP_TYPE "application/ocsp-response"
    3737
    38 /* Dummy data for failure cache entries (one byte). */
     38/** Dummy data for failure cache entries (one byte). */
    3939#define OCSP_FAILURE_CACHE_DATA 0x0f
    4040
     
    4343    ap_log_error(APLOG_MARK, APLOG_INFO, APR_EGENERAL, (srv),           \
    4444                 "Reason for failed OCSP response verification: %s", (str))
    45 /*
     45/**
    4646 * Log all matching reasons for verification failure
    4747 */
  • src/gnutls_ocsp.h

    re1c094c r104e881  
    1 /**
     1/*
    22 *  Copyright 2016 Thomas Klute
    33 *
     
    2525#define MGS_OCSP_MUTEX_NAME "gnutls-ocsp"
    2626
    27 /* Default OCSP response cache timeout in seconds */
     27/** Default OCSP response cache timeout in seconds */
    2828#define MGS_OCSP_CACHE_TIMEOUT 3600
    29 /* Default OCSP failure timeout in seconds */
     29/** Default OCSP failure timeout in seconds */
    3030#define MGS_OCSP_FAILURE_TIMEOUT 300
    31 /* Default socket timeout for OCSP responder connections, in
     31/** Default socket timeout for OCSP responder connections, in
    3232 * seconds. Note that the timeout applies to "absolutely no data sent
    3333 * or received", not the whole connection. 10 seconds in mod_ssl. */
     
    3838 */
    3939struct mgs_ocsp_data {
    40     /* OCSP URI extracted from the server certificate. NULL if
     40    /** OCSP URI extracted from the server certificate. NULL if
    4141     * unset. */
    4242    apr_uri_t *uri;
    43     /* Trust list to verify OCSP responses for stapling. Should
     43    /** Trust list to verify OCSP responses for stapling. Should
    4444     * usually only contain the CA that signed the server
    4545     * certificate. */
    4646    gnutls_x509_trust_list_t *trust;
    47     /* Server certificate fingerprint, used as cache key for the OCSP
     47    /** Server certificate fingerprint, used as cache key for the OCSP
    4848     * response */
    4949    gnutls_datum_t fingerprint;
     
    6262                                         const char *arg);
    6363
    64 /*
     64/**
    6565 * Create a trust list from a certificate chain (one or more
    6666 * certificates).
    6767 *
    68  * tl: This trust list will be initialized and filled with the
     68 * @param tl This trust list will be initialized and filled with the
    6969 * specified certificate(s)
    7070 *
    71  * chain: certificate chain, must contain at least num certifictes
     71 * @param chain certificate chain, must contain at least `num`
     72 * certifictes
    7273 *
    73  * num: number of certificates to load from chain
     74 * @param num number of certificates to load from chain
    7475 *
    7576 * Chain is supposed to be static (the trust chain of the server
    76  * certificate), so when gnutls_x509_trust_list_deinit() is called on
     77 * certificate), so when `gnutls_x509_trust_list_deinit()` is called on
    7778 * tl later, the "all" parameter should be zero.
    7879 *
    79  * Returns GNUTLS_E_SUCCESS or a GnuTLS error code. In case of error
     80 * @return `GNUTLS_E_SUCCESS` or a GnuTLS error code. In case of error
    8081 * tl will be uninitialized.
    8182 */
  • src/gnutls_util.c

    ref06c74 r104e881  
    1 /**
     1/*
    22 *  Copyright 2016 Thomas Klute
    33 *
  • src/gnutls_util.h

    r16ad0eb r104e881  
    1 /**
     1/*
    22 *  Copyright 2016 Thomas Klute
    33 *
     
    2525#define __MOD_GNUTLS_UTIL_H__
    2626
    27 /* maximum allowed length of one header line */
     27/** maximum allowed length of one header line */
    2828#define HTTP_HDR_LINE_MAX 1024
    2929
  • src/mod_gnutls.c

    re1c094c r104e881  
    1 /**
     1/*
    22 *  Copyright 2004-2005 Paul Querna
    33 *  Copyright 2008, 2014 Nikos Mavrogiannopoulos
     
    1616 *  See the License for the specific language governing permissions and
    1717 *  limitations under the License.
    18  *
    1918 */
    2019
     
    7372
    7473
    75 /*
    76  * mod_rewrite calls this function to fill %{HTTPS}. A non-zero return
    77  * value means that HTTPS is in use.
     74/**
     75 * mod_rewrite calls this function to fill %{HTTPS}.
     76 *
     77 * @param c the connection to check
     78 * @return non-zero value if HTTPS is in use, zero if not
    7879 */
    7980int ssl_is_https(conn_rec *c)
Note: See TracChangeset for help on using the changeset viewer.