Changeset 87f1ed2 in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
May 8, 2015, 8:40:02 PM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
8f90bf4
Parents:
39bd695
git-author:
Thomas Klute <thomas2.klute@…> (04/26/15 14:48:27)
git-committer:
Thomas Klute <thomas2.klute@…> (05/08/15 20:40:02)
Message:

Allow loading of an additional PKCS #11 provider library

When using PKCS #11, it may not be desirable to add the PKCS #11 module
to be used by mod_gnutls to the system wide config, and we definitely
cannot demand it for tests.

To work around such problems, add the new configuration parameter
"GnuTLSP11Module", which may contain the path of a library to load. Note
that the value is only used if present in the base server configuration
(not a virtual host), and that the library is used in addition to
system defaults (if any).

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r39bd695 r87f1ed2  
    320320                " Shutting Down.");
    321321        exit(-1);
     322    }
     323
     324    /* Load additional PKCS #11 module, if requested */
     325    if (sc_base->p11_module != NULL)
     326    {
     327        rv = gnutls_pkcs11_add_provider(sc_base->p11_module, NULL);
     328        if (rv != GNUTLS_E_SUCCESS)
     329            ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
     330                         "GnuTLS: Loading PKCS #11 provider module %s "
     331                         "failed: %s (%d).",
     332                         sc_base->p11_module, gnutls_strerror(rv), rv);
    322333    }
    323334
Note: See TracChangeset for help on using the changeset viewer.