Changeset 87f1ed2 in mod_gnutls for src/gnutls_config.c


Ignore:
Timestamp:
May 8, 2015, 8:40:02 PM (5 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
8f90bf4
Parents:
39bd695
git-author:
Thomas Klute <thomas2.klute@…> (04/26/15 14:48:27)
git-committer:
Thomas Klute <thomas2.klute@…> (05/08/15 20:40:02)
Message:

Allow loading of an additional PKCS #11 provider library

When using PKCS #11, it may not be desirable to add the PKCS #11 module
to be used by mod_gnutls to the system wide config, and we definitely
cannot demand it for tests.

To work around such problems, add the new configuration parameter
"GnuTLSP11Module", which may contain the path of a library to load. Note
that the value is only used if present in the base server configuration
(not a virtual host), and that the library is used in addition to
system defaults (if any).

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_config.c

    r39bd695 r87f1ed2  
    948948    sc->privkey_pgp = NULL;
    949949    sc->certs_x509_chain_num = 0;
     950    sc->p11_module = NULL;
    950951    sc->pin = NULL;
    951952    sc->priorities_str = NULL;
     
    10081009    gnutls_srvconf_merge(x509_key_file, NULL);
    10091010    gnutls_srvconf_merge(x509_ca_file, NULL);
     1011    gnutls_srvconf_merge(p11_module, NULL);
    10101012    gnutls_srvconf_merge(pin, NULL);
    10111013    gnutls_srvconf_merge(pgp_cert_file, NULL);
     
    11001102    return NULL;
    11011103}
     1104
     1105
     1106
     1107/*
     1108 * Record additional PKCS #11 module to load. Note that the value is
     1109 * only used in the base config, settings in virtual hosts are
     1110 * ignored.
     1111 */
     1112const char *mgs_set_p11_module(cmd_parms * parms,
     1113                               void *dummy __attribute__((unused)),
     1114                               const char *arg)
     1115{
     1116    mgs_srvconf_rec *sc = (mgs_srvconf_rec *)
     1117        ap_get_module_config(parms->server->module_config, &gnutls_module);
     1118    sc->p11_module = apr_pstrdup(parms->pool, arg);
     1119    return NULL;
     1120}
Note: See TracChangeset for help on using the changeset viewer.