Changeset 42307a9 in mod_gnutls for src/gnutls_io.c
- Timestamp:
- Apr 6, 2005, 12:52:25 AM (18 years ago)
- Branches:
- asyncio, debian/master, debian/stretch-backports, jessie-backports, master, msva, proxy-ticket, upstream
- Children:
- 6af4f74
- Parents:
- fcb122d
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/gnutls_io.c
rfcb122d r42307a9 272 272 " (%d) '%s'", rc, gnutls_strerror(rc)); 273 273 } 274 else if (rc == GNUTLS_E_WARNING_ALERT_RECEIVED) { 275 rc = gnutls_alert_get(ctxt->session); 276 ap_log_error(APLOG_MARK, APLOG_INFO, ctxt->input_rc, 277 ctxt->c->base_server, 278 "GnuTLS: Warning Alert From Client: " 279 " (%d) '%s'", rc, gnutls_alert_get_name(rc)); 280 } 281 else if (rc == GNUTLS_E_FATAL_ALERT_RECEIVED) { 282 rc = gnutls_alert_get(ctxt->session); 283 ap_log_error(APLOG_MARK, APLOG_INFO, ctxt->input_rc, 284 ctxt->c->base_server, 285 "GnuTLS: Fatal Alert From Client: " 286 "(%d) '%s'", rc, gnutls_alert_get_name(rc)); 287 ctxt->input_rc = APR_EGENERAL; 288 break; 289 } 274 290 else { 275 291 /* Some Other Error. Report it. Die. */ … … 342 358 { 343 359 int ret; 344 360 int errcode; 345 361 if (ctxt->status != 0) { 346 362 return; … … 353 369 if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED 354 370 || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) { 355 ret= gnutls_alert_get(ctxt->session);371 errcode = gnutls_alert_get(ctxt->session); 356 372 ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, 357 "GnuTLS: Hanshake Alert (%d) '%s'. \n", ret,358 gnutls_alert_get_name( ret));373 "GnuTLS: Hanshake Alert (%d) '%s'.", errcode, 374 gnutls_alert_get_name(errcode)); 359 375 } 360 376 … … 399 415 400 416 if (ctxt->status == 0) { 417 char* server_name; 418 int server_type; 419 int data_len = 256; 420 401 421 gnutls_do_handshake(ctxt); 422 423 /** 424 * Due to issues inside the GnuTLS API, we cannot currently do TLS 1.1 425 * Server Name Indication. 426 */ 427 server_name = apr_palloc(ctxt->c->pool, data_len); 428 if (gnutls_server_name_get(ctxt->session, server_name, &data_len, &server_type, 0) == 0) { 429 if (server_type == GNUTLS_NAME_DNS) { 430 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, 431 ctxt->c->base_server, 432 "GnuTLS: TLS 1.1 Server Name: " 433 "%s", server_name); 434 435 } 436 } 402 437 } 403 438 … … 450 485 { 451 486 apr_size_t ret; 487 apr_bucket* e; 452 488 mod_gnutls_handle_t *ctxt = (mod_gnutls_handle_t *) f->ctx; 453 489 apr_status_t status = APR_SUCCESS; … … 470 506 apr_bucket *bucket = APR_BRIGADE_FIRST(bb); 471 507 if (AP_BUCKET_IS_EOC(bucket)) { 472 508 do { 509 ret = gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL, 510 GNUTLS_A_CLOSE_NOTIFY); 511 } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN); 512 513 apr_bucket_copy(bucket, &e); 514 APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, e); 515 516 if ((status = ap_pass_brigade(f->next, ctxt->output_bb)) != APR_SUCCESS) { 517 apr_brigade_cleanup(ctxt->output_bb); 518 return status; 519 } 520 521 apr_brigade_cleanup(ctxt->output_bb); 473 522 gnutls_bye(ctxt->session, GNUTLS_SHUT_WR); 474 523 gnutls_deinit(ctxt->session); 475 524 continue; 525 526 } else if (APR_BUCKET_IS_FLUSH(bucket) || APR_BUCKET_IS_EOS(bucket)) { 527 528 apr_bucket_copy(bucket, &e); 529 APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, e); 476 530 if ((status = ap_pass_brigade(f->next, bb)) != APR_SUCCESS) { 531 apr_brigade_cleanup(ctxt->output_bb); 477 532 return status; 478 533 } 479 break; 480 481 } else if (APR_BUCKET_IS_FLUSH(bucket) || APR_BUCKET_IS_EOS(bucket)) { 482 483 if ((status = ap_pass_brigade(f->next, bb)) != APR_SUCCESS) { 484 return status; 485 } 486 break; 534 apr_brigade_cleanup(ctxt->output_bb); 535 continue; 487 536 } 488 537 else { … … 629 678 ctxt->output_rc = ap_pass_brigade(ctxt->output_filter->next, 630 679 ctxt->output_bb); 631 /* c reate new brigade ready for next time through*/632 ctxt->output_bb =633 apr_brigade_create(ctxt->c->pool, ctxt->c->bucket_alloc); 680 /* clear the brigade to be ready for next time */ 681 apr_brigade_cleanup(ctxt->output_bb); 682 634 683 return (ctxt->output_rc == APR_SUCCESS) ? 1 : -1; 635 684 } … … 640 689 mod_gnutls_handle_t *ctxt = ptr; 641 690 642 /* pass along the encrypted data 643 * need to flush since we're using SSL's malloc-ed buffer 644 * which will be overwritten once we leave here 645 */ 646 apr_bucket *bucket = apr_bucket_transient_create(buffer, len, 647 ctxt->output_bb-> 648 bucket_alloc); 649 650 ctxt->output_length += len; 651 APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, bucket); 652 653 if (write_flush(ctxt) < 0) { 654 return -1; 655 } 691 /* pass along the encrypted data 692 * need to flush since we're using SSL's malloc-ed buffer 693 * which will be overwritten once we leave here 694 */ 695 apr_bucket *bucket = apr_bucket_transient_create(buffer, len, 696 ctxt->output_bb->bucket_alloc); 697 ctxt->output_length += len; 698 APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, bucket); 699 700 if (write_flush(ctxt) < 0) { 701 return -1; 702 } 656 703 return len; 657 704 }
Note: See TracChangeset
for help on using the changeset viewer.