Changeset c4a015b in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Apr 4, 2015, 5:03:43 PM (5 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
01b5d85
Parents:
259e835 (diff), 9a06bbd (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merge branch 'split-testsuite' into new-gnutls-api

OpenPGP support is still broken, but this will make testing a lot
easier.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r259e835 rc4a015b  
    632632}
    633633
    634 static void create_gnutls_handle(conn_rec * c) {
    635     mgs_handle_t *ctxt;
    636     /* Get mod_gnutls Configuration Record */
    637     mgs_srvconf_rec *sc =(mgs_srvconf_rec *)
    638             ap_get_module_config(c->base_server->module_config,&gnutls_module);
    639 
    640     _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
    641     ctxt = apr_pcalloc(c->pool, sizeof (*ctxt));
     634static void create_gnutls_handle(conn_rec * c)
     635{
     636    /* Get mod_gnutls server configuration */
     637    mgs_srvconf_rec *sc = (mgs_srvconf_rec *)
     638            ap_get_module_config(c->base_server->module_config, &gnutls_module);
     639
     640    _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
     641
     642    /* Get connection specific configuration */
     643    mgs_handle_t *ctxt = (mgs_handle_t *) ap_get_module_config(c->conn_config, &gnutls_module);
     644    if (ctxt == NULL)
     645    {
     646        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "%s: allocating connection memory", __func__);
     647        ctxt = apr_pcalloc(c->pool, sizeof (*ctxt));
     648        ap_set_module_config(c->conn_config, &gnutls_module, ctxt);
     649    }
     650    ctxt->enabled = GNUTLS_ENABLED_TRUE;
    642651    ctxt->c = c;
    643652    ctxt->sc = sc;
     
    650659    ctxt->output_blen = 0;
    651660    ctxt->output_length = 0;
     661
    652662    /* Initialize GnuTLS Library */
    653     gnutls_init(&ctxt->session, GNUTLS_SERVER);
     663    int err = gnutls_init(&ctxt->session, GNUTLS_SERVER);
     664    if (err != GNUTLS_E_SUCCESS)
     665        ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c, "gnutls_init failed!");
    654666    /* Initialize Session Tickets */
    655667    if (session_ticket_key.data != NULL && ctxt->sc->tickets != 0) {
    656         gnutls_session_ticket_enable_server(ctxt->session,&session_ticket_key);
     668        err = gnutls_session_ticket_enable_server(ctxt->session, &session_ticket_key);
     669        if (err != GNUTLS_E_SUCCESS)
     670            ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c, "gnutls_session_ticket_enable_server failed!");
    657671    }
    658672
    659673    /* Set Default Priority */
    660         gnutls_priority_set_direct (ctxt->session, "NORMAL", NULL);
     674        err = gnutls_priority_set_direct(ctxt->session, "NORMAL", NULL);
     675    if (err != GNUTLS_E_SUCCESS)
     676        ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c, "gnutls_priority_set_direct failed!");
    661677    /* Set Handshake function */
    662678    gnutls_handshake_set_post_client_hello_function(ctxt->session,
     
    665681    mgs_cache_session_init(ctxt);
    666682
    667     /* Set this config for this connection */
    668     ap_set_module_config(c->conn_config, &gnutls_module, ctxt);
    669683    /* Set pull, push & ptr functions */
    670684    gnutls_transport_set_pull_function(ctxt->session,
     
    680694}
    681695
    682 int mgs_hook_pre_connection(conn_rec * c, void *csd __attribute__((unused))) {
    683     mgs_srvconf_rec *sc;
    684 
    685     _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
    686 
    687     sc = (mgs_srvconf_rec *) ap_get_module_config(c->base_server->module_config,
    688             &gnutls_module);
    689 
    690     if (sc && (!sc->enabled || sc->proxy_enabled == GNUTLS_ENABLED_TRUE)) {
     696int mgs_hook_pre_connection(conn_rec * c, void *csd __attribute__((unused)))
     697{
     698    _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
     699
     700    mgs_srvconf_rec *sc = (mgs_srvconf_rec *)
     701        ap_get_module_config(c->base_server->module_config, &gnutls_module);
     702    mgs_handle_t *ctxt = (mgs_handle_t *)
     703        ap_get_module_config(c->conn_config, &gnutls_module);
     704
     705    if ((sc && (!sc->enabled || sc->proxy_enabled == GNUTLS_ENABLED_TRUE))
     706        || (ctxt && ctxt->enabled == GNUTLS_ENABLED_FALSE))
     707    {
     708        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "%s declined connection",
     709                      __func__);
    691710        return DECLINED;
    692711    }
     
    710729    apr_table_t *env = r->subprocess_env;
    711730
    712     ctxt =
    713             ap_get_module_config(r->connection->conn_config,
    714             &gnutls_module);
    715 
    716     if (!ctxt || ctxt->session == NULL) {
     731    ctxt = ap_get_module_config(r->connection->conn_config,
     732                                &gnutls_module);
     733
     734    if (!ctxt || ctxt->enabled != GNUTLS_ENABLED_TRUE || ctxt->session == NULL)
     735    {
     736        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "request declined in %s", __func__);
    717737        return DECLINED;
    718738    }
Note: See TracChangeset for help on using the changeset viewer.