Changeset 84cb5b2 in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
May 17, 2005, 5:00:53 PM (15 years ago)
Author:
Paul Querna <chip@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, msva, proxy-ticket, upstream
Children:
836c2f9
Parents:
836417f
Message:
  • add lua to do client verification
  • only use gcrypt locking when required to
File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r836417f r84cb5b2  
    1818#include "mod_gnutls.h"
    1919#include "http_vhost.h"
     20#include "ap_mpm.h"
    2021
    2122#if !USING_2_1_RECENT
     
    3132#endif
    3233
     34static int mpm_is_threaded;
     35
    3336static apr_status_t mgs_cleanup_pre_config(void *data)
    3437{
     
    4952
    5053#if APR_HAS_THREADS
    51     /* TODO: Check MPM Type here */
    52     gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
     54    ap_mpm_query(AP_MPMQ_IS_THREADED, &mpm_is_threaded);
     55    if (mpm_is_threaded) {
     56        gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
     57    }
     58#else
     59    mpm_is_threaded = 0;
    5360#endif
    5461
     
    235242                                               GNUTLS_OID_X520_COMMON_NAME, 0, 0,
    236243                                               sc->cert_cn, &data_len);
    237             ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
    238                          s,
    239                          "GnuTLS: sni-x509 cn: %s/%d pk: %s s: 0x%08X sc: 0x%08X", sc->cert_cn, rv,
    240                          gnutls_pk_algorithm_get_name(gnutls_x509_privkey_get_pk_algorithm(sc->privkey_x509)),
    241                          (unsigned int)s, (unsigned int)sc);
    242244        }
    243245    }
     
    569571        apr_table_setn(env, "SSL_SERVER_I_DN", apr_pstrmemdup(r->pool, buf, len));
    570572    }
    571    
    572573    return rv;
    573574}
     
    586587        return DECLINED;
    587588    }
    588    
    589     if (!dc) {
    590         dc = mgs_config_dir_create(r->pool, NULL);
    591     }
    592 
     589    ap_add_common_vars(r);
     590    mgs_hook_fixups(r);
     591    status = mgs_authz_lua(r);
     592    if (status != 0) {
     593        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
     594                      "GnuTLS: FAILED Lua Authorization Test");
     595        return HTTP_FORBIDDEN;
     596    }
    593597    if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) {
    594598        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
Note: See TracChangeset for help on using the changeset viewer.