Changeset 42307a9 in mod_gnutls for src/mod_gnutls.c
- Timestamp:
- Apr 6, 2005, 12:52:25 AM (15 years ago)
- Branches:
- debian/master, debian/stretch-backports, jessie-backports, master, msva, upstream
- Children:
- 6af4f74
- Parents:
- fcb122d
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/mod_gnutls.c
rfcb122d r42307a9 190 190 191 191 if (sc->cert_file != NULL && sc->key_file != NULL) { 192 192 193 rv = gnutls_certificate_set_x509_key_file(sc->certs, sc->cert_file, 193 194 sc->key_file, … … 215 216 } /* first_run */ 216 217 217 ap_add_version_component(p, " GnuTLS/" LIBGNUTLS_VERSION);218 ap_add_version_component(p, "mod_gnutls/" MOD_GNUTLS_VERSION); 218 219 219 220 return OK; … … 265 266 266 267 return 443; 268 } 269 270 /* TODO: Complete support for Server Name Indication */ 271 static int cert_retrieve_fn(gnutls_session_t session, gnutls_retr_st* ret) 272 { 273 char* server_name; 274 int server_type; 275 int data_len = 256; 276 mod_gnutls_handle_t *ctxt; 277 ctxt = gnutls_transport_get_ptr(session); 278 279 ret->type = GNUTLS_CRT_X509; 280 ret->ncerts = 1; 281 server_name = apr_palloc(ctxt->c->pool, data_len); 282 if (gnutls_server_name_get(ctxt->session, server_name, &data_len, &server_type, 0) == 0) { 283 if (server_type == GNUTLS_NAME_DNS) { 284 ap_log_error(APLOG_MARK, APLOG_INFO, 0, 285 ctxt->c->base_server, 286 "GnuTLS: Virtual Host: " 287 "%s", server_name); 288 } 289 } 290 291 return 0; 267 292 } 268 293 … … 300 325 gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, sc->certs); 301 326 302 // if(anon) {303 // gnutls_credentials_set(ctxt->session, GNUTLS_CRD_ANON, sc->anoncred);304 // }305 306 327 gnutls_certificate_server_set_request(ctxt->session, GNUTLS_CERT_IGNORE); 307 328 308 329 mod_gnutls_cache_session_init(ctxt); 330 331 /* TODO: Finish Support for Server Name Indication */ 332 /* gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn); */ 309 333 return ctxt; 310 334 } … … 342 366 static int mod_gnutls_hook_fixups(request_rec *r) 343 367 { 368 unsigned char sbuf[GNUTLS_MAX_SESSION_ID]; 369 char buf[GNUTLS_SESSION_ID_STRING_LEN]; 344 370 const char* tmp; 371 int len; 345 372 mod_gnutls_handle_t *ctxt; 346 373 apr_table_t *env = r->subprocess_env; … … 353 380 354 381 apr_table_setn(env, "HTTPS", "on"); 382 383 apr_table_setn(env, "GNUTLS_VERSION_INTERFACE", MOD_GNUTLS_VERSION); 384 apr_table_setn(env, "GNUTLS_VERSION_LIBRARY", LIBGNUTLS_VERSION); 385 355 386 apr_table_setn(env, "SSL_PROTOCOL", 356 387 gnutls_protocol_get_name(gnutls_protocol_get_version(ctxt->session))); 388 357 389 apr_table_setn(env, "SSL_CIPHER", 358 390 gnutls_cipher_get_name(gnutls_cipher_get(ctxt->session))); 359 391 392 apr_table_setn(env, "SSL_CLIENT_VERIFY", "NONE"); 393 360 394 tmp = apr_psprintf(r->pool, "%d", 361 395 8 * gnutls_cipher_get_key_size(gnutls_cipher_get(ctxt->session))); 362 396 363 397 apr_table_setn(env, "SSL_CIPHER_USEKEYSIZE", tmp); 398 364 399 apr_table_setn(env, "SSL_CIPHER_ALGKEYSIZE", tmp); 365 400 401 len = sizeof(sbuf); 402 gnutls_session_get_id(ctxt->session, sbuf, &len); 403 tmp = mod_gnutls_session_id2sz(sbuf, len, buf, sizeof(buf)); 404 apr_table_setn(env, "SSL_SESSION_ID", tmp); 405 366 406 return OK; 367 407 } … … 385 425 module_config, 386 426 &gnutls_module); 427 387 428 sc->key_file = ap_server_root_relative(parms->pool, arg); 388 429 return NULL; … … 509 550 510 551 gnutls_certificate_allocate_credentials(&sc->certs); 511 gnutls_anon_allocate_server_credentials(&sc->anoncred);512 552 sc->key_file = NULL; 513 553 sc->cert_file = NULL;
Note: See TracChangeset
for help on using the changeset viewer.