Changeset 52b649e in mod_gnutls for src

Timestamp:

Jan 11, 2013, 12:57:39 AM (8 years ago)

Author:

Daniel Kahn Gillmor <dkg@…>

Branches:

debian/master, debian/stretch-backports, jessie-backports, upstream

Children:

4e539d3, 66b608e

Parents:

4ecf14f

Message:

Imported Upstream version 0.5.5

Location:

src

Files:

• Makefile.in (modified) (5 diffs)
• gnutls_config.c (modified) (3 diffs)
• gnutls_io.c (modified) (1 diff)

src/Makefile.in

@@ -1 @@
-# Makefile.in generated by automake 1.10.1 from Makefile.am.
+# Makefile.in generated by automake 1.10.2 from Makefile.am.
 # @configure_input@
 
@@ -161 +161 @@
 NM = @NM@
 NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
 OBJEXT = @OBJEXT@
 OOO_MAINTAIN = @OOO_MAINTAIN@
@@ -233 +234 @@
 target_os = @target_os@
 target_vendor = @target_vendor@
+top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
@@ -249 +251 @@
           case '$(am__configure_deps)' in \
             *$$dep*) \
-              cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
-                && exit 0; \
+              ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+                && { if test -f $@; then exit 0; else break; fi; }; \
               exit 1;; \
           esac; \
@@ -383 +385 @@
             if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
           done | \
-          $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
+          $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
               END { if (nonempty) { for (i in files) print i; }; }'`; \
         mkid -fID $$unique

src/gnutls_config.c

@@ -195 +195 @@
         gnutls_x509_privkey_import(sc->privkey_x509, &data,
                                    GNUTLS_X509_FMT_PEM);
-    if (ret != 0) {
+
+    if (ret < 0)
+        ret = gnutls_x509_privkey_import_pkcs8 (sc->privkey_x509, &data, GNUTLS_X509_FMT_PEM,
+                                                        NULL, GNUTLS_PKCS_PLAIN);
+
+    if (ret < 0) {
         return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
                             "Private Key '%s': (%d) %s", file, ret,
@@ -399 +404 @@
 }
 
+#define INIT_CA_SIZE 128
 const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
                                    const char *arg)
@@ -420 +426 @@
     }
 
-    sc->ca_list_size = MAX_CA_CRTS;
+    sc->ca_list_size = INIT_CA_SIZE;
+    sc->ca_list = malloc(sc->ca_list_size * sizeof(*sc->ca_list));
+    if (sc->ca_list == NULL) {
+                return apr_psprintf(parms->pool, "mod_gnutls: Memory allocation error");
+    }
+
     rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size,
-                                     &data, GNUTLS_X509_FMT_PEM,
-                                     GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
-    if (rv < 0) {
-        return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
+                                     &data, GNUTLS_X509_FMT_PEM, GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
+    if (rv < 0 && rv != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+                        return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
                             "Client CA File '%s': (%d) %s", file, rv,
                             gnutls_strerror(rv));
+    }
+    
+    if (INIT_CA_SIZE < sc->ca_list_size) {
+                    sc->ca_list = realloc(sc->ca_list, sc->ca_list_size*sizeof(*sc->ca_list));
+                    if (sc->ca_list == NULL) {
+                                return apr_psprintf(parms->pool, "mod_gnutls: Memory allocation error");
+                    }
+
+                /* re-read */
+                rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size,
+                                     &data, GNUTLS_X509_FMT_PEM, 0);
+
+                    if (rv < 0) {
+                                        return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
+                                            "Client CA File '%s': (%d) %s", file, rv,
+                                            gnutls_strerror(rv));
+                    }
     }
 

src/gnutls_io.c

@@ -588 +588 @@
                 break;
             }
-
-            do {
-                ret = gnutls_record_send(ctxt->session, data, len);
-            }
-            while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
-
-            if (ret < 0) {
-                /* error sending output */
-                ap_log_error(APLOG_MARK, APLOG_INFO, ctxt->output_rc,
+            
+            if (len > 0) {
+
+                do {
+                    ret = gnutls_record_send(ctxt->session, data, len);
+                }
+                while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
+
+                if (ret < 0) {
+                    /* error sending output */
+                    ap_log_error(APLOG_MARK, APLOG_INFO, ctxt->output_rc,
                              ctxt->c->base_server,
                              "GnuTLS: Error writing data."
                              " (%d) '%s'", (int)ret, gnutls_strerror(ret));
-                if (ctxt->output_rc == APR_SUCCESS) {
-                    ctxt->output_rc = APR_EGENERAL;
-                }
-            }
-            else if (ret != len) {
-                /* Not able to send the entire bucket, 
-                   split it and send it again. */
-                apr_bucket_split(bucket, ret);
+                    if (ctxt->output_rc == APR_SUCCESS) {
+                        ctxt->output_rc = APR_EGENERAL;
+                    }
+                }
+                else if (ret != len) {
+                    /* Not able to send the entire bucket, 
+                       split it and send it again. */
+                    apr_bucket_split(bucket, ret);
+                }
             }