Changeset 4133f2d in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Apr 21, 2015, 9:08:00 AM (5 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
39bd695
Parents:
2cde026d
Message:

Unify argument handling in mgs_set_priorities

Just store the argument in mgs_set_priorities for both front end and
proxy priorities. Like the front end priorities, the gnutls_priority_t
structure for proxy connections now gets initialized when the
credentials are loaded (load_proxy_x509_credentials in gnutls_hooks.c).

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r2cde026d r4133f2d  
    415415
    416416        if (sc->enabled == GNUTLS_ENABLED_TRUE
    417             && sc->proxy_enabled == GNUTLS_ENABLED_TRUE)
     417            && sc->proxy_enabled == GNUTLS_ENABLED_TRUE
     418            && load_proxy_x509_credentials(s) != APR_SUCCESS)
    418419        {
    419             /* Check if the proxy priorities have been set */
    420             if (sc->proxy_priorities == NULL)
    421             {
    422                 ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
    423                              "Host '%s:%d' is missing the "
    424                              "GnuTLSProxyPriorities directive!",
    425                              s->server_hostname, s->port);
    426                 exit(-1);
    427             }
    428             /* Set up proxy credentials */
    429             load_proxy_x509_credentials(s);
     420            ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
     421                         "%s: loading proxy credentials for host "
     422                         "'%s:%d' failed, exiting!",
     423                         __func__, s->server_hostname, s->port);
     424            exit(-1);
    430425        }
    431426    }
     
    17561751    }
    17571752
     1753    /* Check if the proxy priorities have been set, fail immediately
     1754     * if not */
     1755    if (sc->proxy_priorities_str == NULL)
     1756    {
     1757        ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
     1758                     "Host '%s:%d' is missing the GnuTLSProxyPriorities "
     1759                     "directive!",
     1760                     s->server_hostname, s->port);
     1761        return APR_EGENERAL;
     1762    }
     1763    /* parse proxy priorities */
     1764    const char *err_pos = NULL;
     1765    err = gnutls_priority_init(&sc->proxy_priorities,
     1766                               sc->proxy_priorities_str, &err_pos);
     1767    if (err != GNUTLS_E_SUCCESS)
     1768    {
     1769        if (ret == GNUTLS_E_INVALID_REQUEST)
     1770            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
     1771                         "%s: Syntax error parsing proxy priorities "
     1772                         "string at: %s",
     1773                         __func__, err_pos);
     1774        else
     1775            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
     1776                         "Error setting proxy priorities: %s (%d)",
     1777                         gnutls_strerror(err), err);
     1778        ret = APR_EGENERAL;
     1779    }
     1780
    17581781    /* load certificate and key for client auth, if configured */
    17591782    if (sc->proxy_x509_key_file && sc->proxy_x509_cert_file)
Note: See TracChangeset for help on using the changeset viewer.