Changeset 64856fd in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
May 31, 2016, 6:00:31 PM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
fad7695
Parents:
2a1ffd6
Message:

Get rid of exit(-1) calls in mgs_hook_post_config()

This allows the server to fail properly. Also rename the config pool
to match http_config.h for readability.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r2a1ffd6 r64856fd  
    303303}
    304304
    305 int mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog __attribute__((unused)), apr_pool_t * ptemp __attribute__((unused)), server_rec * base_server) {
    306 
     305/*
     306 * Must return OK or DECLINED on success, something else on
     307 * error. These codes are defined in Apache httpd.h along with the
     308 * HTTP status codes, so I'm going to use HTTP error codes both for
     309 * fun (and to avoid conflicts).
     310 */
     311int mgs_hook_post_config(apr_pool_t *pconf,
     312                         apr_pool_t *plog __attribute__((unused)),
     313                         apr_pool_t *ptemp __attribute__((unused)),
     314                         server_rec *base_server)
     315{
    307316    int rv;
    308317    server_rec *s;
     
    324333
    325334
    326     rv = mgs_cache_post_config(p, s, sc_base);
     335    rv = mgs_cache_post_config(pconf, s, sc_base);
    327336    if (rv != 0) {
    328337        ap_log_error(APLOG_MARK, APLOG_STARTUP, rv, s,
    329338                "GnuTLS: Post Config for GnuTLSCache Failed."
    330339                " Shutting Down.");
    331         exit(-1);
     340        return HTTP_INSUFFICIENT_STORAGE;
    332341    }
    333342
     
    366375        sc->cache_timeout = sc_base->cache_timeout;
    367376
    368         rv = mgs_load_files(p, s);
     377        rv = mgs_load_files(pconf, s);
    369378        if (rv != 0) {
    370379            ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
    371380                "GnuTLS: Loading required files failed."
    372381                " Shutting Down.");
    373             exit(-1);
     382            return HTTP_NOT_FOUND;
    374383        }
    375384
     
    391400                    "GnuTLS: Host '%s:%d' is missing the GnuTLSPriorities directive!",
    392401                    s->server_hostname, s->port);
    393             exit(-1);
     402            return HTTP_NOT_ACCEPTABLE;
    394403        }
    395404
     
    423432                                                "GnuTLS: Host '%s:%d' is missing a Certificate File!",
    424433                                                s->server_hostname, s->port);
    425             exit(-1);
     434            return HTTP_UNAUTHORIZED;
    426435        }
    427436        if (sc->enabled == GNUTLS_ENABLED_TRUE &&
     
    431440                                                "GnuTLS: Host '%s:%d' is missing a Private Key File!",
    432441                                                s->server_hostname, s->port);
    433             exit(-1);
     442            return HTTP_UNAUTHORIZED;
    434443        }
    435444
     
    437446            rv = -1;
    438447            if (sc->certs_x509_chain_num > 0) {
    439                 rv = read_crt_cn(s, p, sc->certs_x509_crt_chain[0], &sc->cert_cn);
     448                rv = read_crt_cn(s, pconf, sc->certs_x509_crt_chain[0], &sc->cert_cn);
    440449            }
    441450            if (rv < 0 && sc->cert_pgp != NULL) {
    442                 rv = read_pgpcrt_cn(s, p, sc->cert_crt_pgp[0], &sc->cert_cn);
     451                rv = read_pgpcrt_cn(s, pconf, sc->cert_crt_pgp[0], &sc->cert_cn);
    443452                        }
    444453
     
    460469                         "'%s:%d' failed, exiting!",
    461470                         __func__, s->server_hostname, s->port);
    462             exit(-1);
    463         }
    464     }
    465 
    466 
    467     ap_add_version_component(p, "mod_gnutls/" MOD_GNUTLS_VERSION);
     471            return HTTP_PROXY_AUTHENTICATION_REQUIRED;
     472        }
     473    }
     474
     475
     476    ap_add_version_component(pconf, "mod_gnutls/" MOD_GNUTLS_VERSION);
    468477
    469478    {
    470479        const char* libvers = gnutls_check_version(NULL);
    471480        char* gnutls_version = NULL;
    472         if(libvers && (gnutls_version = apr_psprintf(p, "GnuTLS/%s", libvers))) {
    473             ap_add_version_component(p, gnutls_version);
     481        if(libvers && (gnutls_version = apr_psprintf(pconf, "GnuTLS/%s", libvers))) {
     482            ap_add_version_component(pconf, gnutls_version);
    474483        } else {
    475484            // In case we could not create the above string go for the static version instead
    476             ap_add_version_component(p, "GnuTLS/" GNUTLS_VERSION "-static");
     485            ap_add_version_component(pconf, "GnuTLS/" GNUTLS_VERSION "-static");
    477486        }
    478487    }
Note: See TracChangeset for help on using the changeset viewer.