Changeset bbb9bb1 in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Jan 11, 2013, 12:58:02 AM (8 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, upstream
Children:
5508683, ae015fa
Parents:
66b608e
Message:

Imported Upstream version 0.5.7

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r66b608e rbbb9bb1  
    2121#include "ap_mpm.h"
    2222
     23#if APR_HAS_THREADS
     24# if GNUTLS_VERSION_MAJOR <= 2 && GNUTLS_VERSION_MINOR < 11
     25#include <gcrypt.h>
     26GCRY_THREAD_OPTION_PTHREAD_IMPL;
     27# endif
     28#endif
     29
    2330#if !USING_2_1_RECENT
    2431extern server_rec *ap_server_conf;
    2532#endif
    2633
    27 #if APR_HAS_THREADS
    28 GCRY_THREAD_OPTION_PTHREAD_IMPL;
    29 #endif
    30 
    3134#if MOD_GNUTLS_DEBUG
    3235static apr_file_t *debug_log_fp;
     
    3437
    3538static int mpm_is_threaded;
     39static gnutls_datum session_ticket_key = { NULL, 0 };
    3640
    3741static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt);
     
    4650static apr_status_t mgs_cleanup_pre_config(void *data)
    4751{
     52    gnutls_free(session_ticket_key.data);
     53    session_ticket_key.data = NULL;
     54    session_ticket_key.size = 0;
    4855    gnutls_global_deinit();
    4956    return APR_SUCCESS;
     
    8087#if APR_HAS_THREADS
    8188    ap_mpm_query(AP_MPMQ_IS_THREADED, &mpm_is_threaded);
     89#if (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR < 11) || GNUTLS_VERSION_MAJOR < 2
    8290    if (mpm_is_threaded) {
    8391        gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
    8492    }
     93#endif
    8594#else
    8695    mpm_is_threaded = 0;
    8796#endif
     97
    8898
    8999    if (gnutls_check_version(LIBGNUTLS_VERSION)==NULL) {
     
    97107        _gnutls_log(debug_log_fp, "gnutls_global_init: %s\n", gnutls_strerror(ret));
    98108        return -3;
     109    }
     110   
     111    ret = gnutls_session_ticket_key_generate( &session_ticket_key);
     112    if (ret < 0) {
     113        _gnutls_log(debug_log_fp, "gnutls_session_ticket_key_generate: %s\n", gnutls_strerror(ret));
    99114    }
    100115
     
    145160     * enabled on this virtual server. Note that here we ignore the version
    146161     * negotiation.
    147      */
     162     */   
    148163    ret = gnutls_priority_set(session, ctxt->sc->priorities);
    149164    /* actually it shouldn't fail since we have checked at startup */
     
    659674
    660675    gnutls_init(&ctxt->session, GNUTLS_SERVER);
     676    if (session_ticket_key.data != NULL && ctxt->sc->tickets != 0)
     677        gnutls_session_ticket_enable_server(ctxt->session, &session_ticket_key);
    661678
    662679    /* because we don't set any default priorities here (we set later at
     
    10281045    const gnutls_datum_t *cert_list;
    10291046    unsigned int cert_list_size, status, expired;
    1030     int rv, ret;
     1047    int rv = GNUTLS_E_NO_CERTIFICATE_FOUND, ret;
    10311048    unsigned int ch_size = 0;
    10321049    union {
     
    10571074            "GnuTLS: A Chain of %d certificate(s) was provided for validation", cert_list_size);
    10581075
    1059         for (ch_size =0; ch_size<cert_list_size; ch_size++) {
     1076        for (ch_size = 0; ch_size<cert_list_size; ch_size++) {
    10601077            gnutls_x509_crt_init(&cert.x509[ch_size]);
    10611078            rv = gnutls_x509_crt_import(cert.x509[ch_size], &cert_list[ch_size], GNUTLS_X509_FMT_DER);
Note: See TracChangeset for help on using the changeset viewer.