Changeset 1c87791 in mod_gnutls for src/gnutls_io.c


Ignore:
Timestamp:
Jan 11, 2013, 12:54:56 AM (9 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports
Children:
3f5c713
Parents:
b67ea18 (diff), 3e94bd3 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merge tag 'upstream/0.2.0'

Upstream version 0.2.0

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_io.c

    rb67ea18 r1c87791  
    3636                                           apr_status_t status)
    3737{
    38     mod_gnutls_handle_t *ctxt = (mod_gnutls_handle_t *) f->ctx;
     38    mgs_handle_t *ctxt = (mgs_handle_t *) f->ctx;
    3939    apr_bucket *bucket;
    4040
     
    6464}
    6565
    66 static int char_buffer_read(mod_gnutls_char_buffer_t * buffer, char *in,
     66static int char_buffer_read(mgs_char_buffer_t * buffer, char *in,
    6767                            int inl)
    6868{
     
    8888}
    8989
    90 static int char_buffer_write(mod_gnutls_char_buffer_t * buffer, char *in,
     90static int char_buffer_write(mgs_char_buffer_t * buffer, char *in,
    9191                             int inl)
    9292{
     
    182182
    183183
    184 static apr_status_t gnutls_io_input_read(mod_gnutls_handle_t * ctxt,
     184static apr_status_t gnutls_io_input_read(mgs_handle_t * ctxt,
    185185                                         char *buf, apr_size_t * len)
    186186{
     
    311311}
    312312
    313 static apr_status_t gnutls_io_input_getline(mod_gnutls_handle_t * ctxt,
     313static apr_status_t gnutls_io_input_getline(mgs_handle_t * ctxt,
    314314                                            char *buf, apr_size_t * len)
    315315{
     
    354354}
    355355
    356 
    357 static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt)
     356static int gnutls_do_handshake(mgs_handle_t * ctxt)
    358357{
    359358    int ret;
    360359    int errcode;
    361360    if (ctxt->status != 0) {
    362         return;
     361        return -1;
    363362    }
    364363
    365364tryagain:
    366 
    367     ret = gnutls_handshake(ctxt->session);
     365    do {
     366        ret = gnutls_handshake(ctxt->session);
     367    } while (ret == GNUTLS_E_AGAIN);
     368   
    368369    if (ret < 0) {
    369370        if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED
     
    381382            goto tryagain;
    382383        }
    383 
     384#if USING_2_1_RECENT
     385        ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctxt->c,
     386                     "GnuTLS: Handshake Failed (%d) '%s'", ret,
     387                      gnutls_strerror(ret));
     388#else
    384389        ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server,
    385390                     "GnuTLS: Handshake Failed (%d) '%s'", ret,
    386                       gnutls_strerror(ret));
     391                     gnutls_strerror(ret));
     392#endif
    387393        ctxt->status = -1;
    388394        gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
    389395                          gnutls_error_to_alert(ret, NULL));
    390396        gnutls_deinit(ctxt->session);
    391         return;
     397        return ret;
    392398    }
    393399    else {
     400        /* all done with the handshake */
    394401        ctxt->status = 1;
    395         return;             /* all done with the handshake */
    396     }
    397 }
    398 
    399 
    400 apr_status_t mod_gnutls_filter_input(ap_filter_t* f,
     402        /* If the session was resumed, we did not set the correct
     403         * server_rec in ctxt->sc.  Go Find it. (ick!)
     404         */
     405        if (gnutls_session_is_resumed(ctxt->session)) {
     406            mgs_srvconf_rec* sc;
     407            sc = mgs_find_sni_server(ctxt->session);
     408            if (sc) {
     409                ctxt->sc = sc;
     410            }
     411        }
     412        return 0;
     413    }
     414}
     415
     416int mgs_rehandshake(mgs_handle_t * ctxt)
     417{
     418    int rv;
     419
     420    rv = gnutls_rehandshake(ctxt->session);
     421   
     422    if (rv != 0) {
     423        /* the client did not want to rehandshake. goodbye */
     424        ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server,
     425                     "GnuTLS: Client Refused Rehandshake request.");
     426        return -1;
     427    }
     428   
     429    ctxt->status = 0;
     430
     431    rv = gnutls_do_handshake(ctxt);
     432
     433    return rv;
     434}
     435
     436
     437apr_status_t mgs_filter_input(ap_filter_t* f,
    401438                                     apr_bucket_brigade * bb,
    402439                                     ap_input_mode_t mode,
     
    405442{
    406443    apr_status_t status = APR_SUCCESS;
    407     mod_gnutls_handle_t *ctxt = (mod_gnutls_handle_t *) f->ctx;
     444    mgs_handle_t *ctxt = (mgs_handle_t *) f->ctx;
    408445    apr_size_t len = sizeof(ctxt->input_buffer);
    409446
     
    415452
    416453    if (ctxt->status == 0) {
    417         char* server_name;
    418         int server_type;
    419         int data_len = 256;
    420        
    421454        gnutls_do_handshake(ctxt);
    422        
    423         /**
    424          * Due to issues inside the GnuTLS API, we cannot currently do TLS 1.1
    425          * Server Name Indication.
    426          */
    427         server_name = apr_palloc(ctxt->c->pool, data_len);
    428         if (gnutls_server_name_get(ctxt->session, server_name, &data_len, &server_type, 0) == 0) {
    429             if (server_type == GNUTLS_NAME_DNS) {
    430                 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
    431                              ctxt->c->base_server,
    432                              "GnuTLS: TLS 1.1 Server Name: "
    433                              "%s", server_name);
    434                
    435             }
    436         }
    437455    }
    438456
     
    481499}
    482500
    483 apr_status_t mod_gnutls_filter_output(ap_filter_t * f,
     501apr_status_t mgs_filter_output(ap_filter_t * f,
    484502                                      apr_bucket_brigade * bb)
    485503{
    486504    apr_size_t ret;
    487505    apr_bucket* e;
    488     mod_gnutls_handle_t *ctxt = (mod_gnutls_handle_t *) f->ctx;
     506    mgs_handle_t *ctxt = (mgs_handle_t *) f->ctx;
    489507    apr_status_t status = APR_SUCCESS;
    490508    apr_read_type_e rblock = APR_NONBLOCK_READ;
     
    585603}
    586604
    587 ssize_t mod_gnutls_transport_read(gnutls_transport_ptr_t ptr,
     605ssize_t mgs_transport_read(gnutls_transport_ptr_t ptr,
    588606                                  void *buffer, size_t len)
    589607{
    590     mod_gnutls_handle_t *ctxt = ptr;
     608    mgs_handle_t *ctxt = ptr;
    591609    apr_status_t rc;
    592610    apr_size_t in = len;
     
    652670
    653671
    654 static ssize_t write_flush(mod_gnutls_handle_t * ctxt)
     672static ssize_t write_flush(mgs_handle_t * ctxt)
    655673{
    656674    apr_bucket *e;
     
    684702}
    685703
    686 ssize_t mod_gnutls_transport_write(gnutls_transport_ptr_t ptr,
     704ssize_t mgs_transport_write(gnutls_transport_ptr_t ptr,
    687705                                   const void *buffer, size_t len)
    688706{
    689     mod_gnutls_handle_t *ctxt = ptr;
     707    mgs_handle_t *ctxt = ptr;
    690708
    691709    /* pass along the encrypted data
Note: See TracChangeset for help on using the changeset viewer.