Changeset e239d1a in mod_gnutls


Ignore:
Timestamp:
Dec 2, 2007, 6:12:23 PM (12 years ago)
Author:
Nokis Mavrogiannopoulos <nmav@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, msva, upstream
Children:
d786d75
Parents:
ea470be
git-author:
Nikos Mavrogiannopoulos <nmav@…> (12/02/07 18:12:23)
git-committer:
Nokis Mavrogiannopoulos <nmav@…> (12/02/07 18:12:23)
Message:

No more defaults for dhparams, rsaparams. Check for GnuTLSPriorities.

Location:
src
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_config.c

    rea470be re239d1a  
    368368    sc->cache_config = ap_server_root_relative(p, "conf/gnutls_cache");
    369369
    370     sc->dh_params_file = ap_server_root_relative(p, "conf/dhfile");
    371     sc->rsa_params_file = ap_server_root_relative(p, "conf/rsafile");
    372 
    373370    sc->client_verify_mode = GNUTLS_CERT_IGNORE;
    374371
  • src/gnutls_hooks.c

    rea470be re239d1a  
    9898                       pool);
    9999    if (rv != APR_SUCCESS) {
    100         ap_log_error(APLOG_MARK, APLOG_INFO, rv, s,
     100        ap_log_error(APLOG_MARK, APLOG_STARTUP, rv, s,
    101101                     "GnuTLS failed to load params file at: %s. Will use internal params.",
    102102                     file);
     
    107107
    108108    if (rv != APR_SUCCESS) {
    109         ap_log_error(APLOG_MARK, APLOG_INFO, rv, s,
     109        ap_log_error(APLOG_MARK, APLOG_STARTUP, rv, s,
    110110                     "GnuTLS failed to stat params file at: %s", file);
    111111        return ret;
     
    116116
    117117    if (rv != APR_SUCCESS) {
    118         ap_log_error(APLOG_MARK, APLOG_INFO, rv, s,
     118        ap_log_error(APLOG_MARK, APLOG_STARTUP, rv, s,
    119119                     "GnuTLS failed to read params file at: %s", file);
    120120        return ret;
     
    267267    int rv;
    268268    server_rec *s;
    269     gnutls_dh_params_t dh_params;
    270     gnutls_rsa_params_t rsa_params;
     269    gnutls_dh_params_t dh_params = NULL;
     270    gnutls_rsa_params_t rsa_params = NULL;
    271271    mgs_srvconf_rec *sc;
    272272    mgs_srvconf_rec *sc_base;
     
    285285
    286286    {
    287         gnutls_datum pdata;
     287        gnutls_datum pdata = { NULL, 0 };
    288288        apr_pool_t *tpool;
    289289        s = base_server;
     
    294294        apr_pool_create(&tpool, p);
    295295
     296
    296297        gnutls_dh_params_init(&dh_params);
    297298
    298         pdata = load_params(sc_base->dh_params_file, s, tpool);
     299        if (sc_base->dh_params_file)
     300            pdata = load_params(sc_base->dh_params_file, s, tpool);
    299301
    300302        if (pdata.size != 0) {
     
    324326        apr_pool_clear(tpool);
    325327
    326         rsa_params = NULL;
    327 
    328         pdata = load_params(sc_base->rsa_params_file, s, tpool);
     328        pdata.data = NULL;
     329        pdata.size = 0;
     330
     331        if (sc_base->rsa_params_file)
     332            pdata = load_params(sc_base->rsa_params_file, s, tpool);
    329333
    330334        if (pdata.size != 0) {
     
    357361            sc->cache_config = sc_base->cache_config;
    358362
     363            /* Check if the priorities have been set */
     364            if (sc->priorities == NULL) {
     365                ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
     366                     "GnuTLS: Host '%s:%d' is missing the GnuTLSPriorities directive!",
     367                             s->server_hostname, s->port);
     368                exit(-1);
     369            }
     370
    359371            if (rsa_params != NULL)
    360372                gnutls_certificate_set_rsa_export_params(sc->certs,
    361373                                                         rsa_params);
    362             gnutls_certificate_set_dh_params(sc->certs, dh_params);
     374           
     375            if (dh_params != NULL) /* not needed but anyway */
     376                gnutls_certificate_set_dh_params(sc->certs, dh_params);
     377
    363378
    364379            gnutls_anon_set_server_dh_params(sc->anon_creds, dh_params);
  • src/mod_gnutls.c

    rea470be re239d1a  
    100100                  NULL,
    101101                  RSRC_CONF,
    102                   "The priorities to enable (ciphers, Key exchange, macs, compression)"),
     102                  "The priorities to enable (ciphers, Key exchange, macs, compression)."),
    103103    AP_INIT_TAKE1("GnuTLSEnable", mgs_set_enabled,
    104104                  NULL,
Note: See TracChangeset for help on using the changeset viewer.