Changeset 9ca1f21 in mod_gnutls for src/gnutls_config.c


Ignore:
Timestamp:
Sep 18, 2015, 7:12:16 PM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
dff03fa
Parents:
88df24d
Message:

Allow loading more than one PKCS #11 module using GnuTLSP11Module

This commit allows multiple modules to be loaded using the
GnuTLSP11Module directive. Each occurrence of GnuTLSP11Module causes the
given module to be added to a list, and all modules on that list are
loaded.

Commit f21d2a6dba6378b18d015dde88193fcad70d8728 disabled modules
configured through the system wide p11-kit configuration if
GnuTLSP11Module is set. With that change, using multiple PKCS #11
modules required using the system configuration, since only one module
could be loaded using GnuTLSP11Module.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_config.c

    r88df24d r9ca1f21  
    952952    sc->privkey_pgp = NULL;
    953953    sc->certs_x509_chain_num = 0;
    954     sc->p11_module = NULL;
     954    sc->p11_modules = NULL;
    955955    sc->pin = NULL;
    956956    sc->priorities_str = NULL;
     
    10131013    gnutls_srvconf_merge(x509_key_file, NULL);
    10141014    gnutls_srvconf_merge(x509_ca_file, NULL);
    1015     gnutls_srvconf_merge(p11_module, NULL);
     1015    gnutls_srvconf_merge(p11_modules, NULL);
    10161016    gnutls_srvconf_merge(pin, NULL);
    10171017    gnutls_srvconf_merge(pgp_cert_file, NULL);
     
    11191119    mgs_srvconf_rec *sc = (mgs_srvconf_rec *)
    11201120        ap_get_module_config(parms->server->module_config, &gnutls_module);
    1121     sc->p11_module = apr_pstrdup(parms->pool, arg);
    1122     return NULL;
    1123 }
     1121    /* initialize PKCS #11 module list if necessary */
     1122    if (sc->p11_modules == NULL)
     1123        sc->p11_modules = apr_array_make(parms->pool, 2, sizeof(char*));
     1124
     1125    *(char **) apr_array_push(sc->p11_modules) = apr_pstrdup(parms->pool, arg);
     1126
     1127    return NULL;
     1128}
Note: See TracChangeset for help on using the changeset viewer.