Changeset f8ffc43 in mod_gnutls
- Timestamp:
- Jan 11, 2013, 12:57:17 AM (10 years ago)
- Branches:
- debian/master, debian/stretch-backports, jessie-backports, upstream
- Children:
- 4ecf14f, f809816
- Parents:
- 8ce897a
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
NEWS
r8ce897a rf8ffc43 1 ** Version 0.5.3 (2008-10-16) 2 3 - Corrected bug to allow having an OpenPGP-only web site. 4 5 - Increased Max handshake tries due to interrupted system calls. 6 1 7 ** Version 0.5.2 (2008-06-29) 2 8 -
README
r8ce897a rf8ffc43 1 mod_gnutls2 1 3 This module started back in September of 2004 because I was tired of trying to 4 fix bugs in mod_ssl. mod_ssl is a giant beast of a module -- no offense to it's 5 authors is intended -- but I believe it has fallen prey to massive feature bloat. 2 mod_gnutls, Apache GnuTLS module. 3 ================================= 6 4 7 When I started hacking on httpd, mod_ssl remained a great mystery to me, and 8 when I actually looked at it, I ran away. The shear ammount code is huge, and it 9 does not conform to the style guidelines. It was painful to read, and even harder 10 to debug. I wanted to understand how it worked, and I had recently heard about 11 GnuTLS, so long story short, I decided to implement a mod_gnutls. 5 $LastChangedDate: $ 12 6 13 Lines of Code in mod_ssl: 15,324 14 Lines of Code in mod_gnutls: 3,594 7 Contents: 15 8 16 Because of writing mod_gnutls, I now understand how input and output filters work, 17 better than I ever thought possible. It was a little painful at times, and some parts 18 lift code and ideas directly from mod_ssl. Kudos to the original authors of mod_ssl. 9 I. ABOUT 10 II. AUTHORS 11 III. LICENSE 12 IV. STATUS 13 V. BASIC CONFIGURATION 14 VI. CREATE OPENPGP CREDENTIALS FOR THE SERVER 19 15 20 ----------------------------21 16 22 Author: Paul Querna <chip force-elite.com>23 17 24 Heavily modified by Nikos Mavrogiannopoulos <nmav gnutls.org> 18 I. ABOUT 25 19 26 License: Apache Software License v2.0. (see the LICENSE file for details) 20 This module started back in September of 2004 because I was tired of 21 trying to fix bugs in mod_ssl. mod_ssl is a giant beast of a module -- 22 no offense to it's authors is intended -- but I believe it has fallen 23 prey to massive feature bloat. 27 24 28 Current Status: 29 - SSL and TLS connections with all popular browsers work! 30 - Sets enviromental vars for scripts (compatible with mod_ssl vars) 31 - Supports Memcached as a distributed SSL Session Cache 32 - Supports DBM as a local SSL Session Cache 33 - Support for Server Name Indication 34 - Support for Client Certificates 35 - Support for TLS-SRP 25 When I started hacking on httpd, mod_ssl remained a great mystery to me, 26 and when I actually looked at it, I ran away. The shear amount code is 27 huge, and it does not conform to the style guidelines. It was painful to 28 read, and even harder to debug. I wanted to understand how it worked, 29 and I had recently heard about GnuTLS, so long story short, I decided to 30 implement a mod_gnutls. 36 31 37 Basic Configuration: 32 Lines of Code in mod_ssl: 15,324 33 Lines of Code in mod_gnutls: 3,594 38 34 39 LoadModule gnutls_module modules/mod_gnutls.so 35 Because of writing mod_gnutls, I now understand how input and output 36 filters work, better than I ever thought possible. It was a little 37 painful at times, and some parts lift code and ideas directly from 38 mod_ssl. Kudos to the original authors of mod_ssl. 40 39 41 # mod_gnutls can optionaly use a memcached server to store it's SSL Sessions.42 # This is useful in a cluster enviroment, where you want all of your servers43 # to share a single SSL Session Cache.44 #GnuTLSCache memcache "127.0.0.1 server2.example.com server3.example.com"45 40 46 # The Default method is to use a DBM backed Cache. It isn't super fast, but47 # it is portable and does not require another server to be running like memcached.48 GnuTLSCache dbm conf/gnutls_cache49 41 50 <VirtualHost 1.2.3.4:443> 51 # insert other directives ... here ... 42 II. AUTHORS 52 43 53 # This enables the mod_gnutls Handlers for this Virtual Host54 GnuTLSEnable On44 Paul Querna <chip force-elite.com> 45 Nikos Mavrogiannopoulos <nmav gnutls.org> 55 46 56 # This is the Private key for your server.57 GnuTLSX509KeyFile conf/server.key58 47 59 # This is the Server Certificate.60 GnuTLSX509CertificateFile conf/server.cert61 </VirtualHost>62 48 63 # a more advanced configuration 64 GnuTLSCache dbm "/var/cache/www-tls-cache/cache" 65 GnuTLSCacheTimeout 600 66 NameVirtualHost 1.2.3.4:443 49 III. LICENSE 67 50 68 <VirtualHost 1.2.3.4:443> 69 Servername server.com:443 51 Apache License, Version 2.0 (see the LICENSE file for details) 52 53 54 55 IV. STATUS 56 57 * SSL and TLS connections with all popular browsers work! 58 * Sets environmental vars for scripts (compatible with mod_ssl vars) 59 * Supports memcached as a distributed SSL session cache 60 * Supports DBM as a local SSL session cache 61 * Support for server name indication (SNI), RFC3546 62 * Support for client certificates 63 * Support for secure remote password (SRP), RFC5054 64 65 66 67 V. BASIC CONFIGURATION 68 69 LoadModule gnutls_module modules/mod_gnutls.so 70 71 # mod_gnutls can optionally use a memcached server to store it's SSL 72 # Sessions. This is useful in a cluster environment, where you want all 73 # of your servers to share a single SSL session cache. 74 #GnuTLSCache memcache "127.0.0.1 server2.example.com server3.example.com" 75 76 # The Default method is to use a DBM backed Cache. It isn't super fast, 77 # but it is portable and does not require another server to be running 78 # like memcached. 79 GnuTLSCache dbm conf/gnutls_cache 80 81 <VirtualHost 1.2.3.4:443> 82 83 # Enable mod_gnutls handlers for this virtual host 84 GnuTLSEnable On 85 86 # This is the private key for your server 87 GnuTLSX509KeyFile conf/server.key 88 89 # This is the server certificate 90 GnuTLSX509CertificateFile conf/server.cert 91 92 </VirtualHost> 93 94 # A more advanced configuration 95 GnuTLSCache dbm "/var/cache/www-tls-cache/cache" 96 GnuTLSCacheTimeout 600 97 NameVirtualHost 1.2.3.4:443 98 99 <VirtualHost 1.2.3.4:443> 100 101 Servername server.com:443 70 102 GnuTLSEnable on 71 GnuTLSPriority NORMAL 72 # To export exactly the same environment variables as mod_ssl to CGI scripts. 73 GNUTLSExportCertificates on 103 GnuTLSPriority NORMAL 74 104 75 GnuTLSX509CertificateFile /etc/apache2/server-cert.pem 76 GnuTLSX509KeyFile /etc/apache2/server-key.pem 105 # Export exactly the same environment variables as mod_ssl to CGI 106 # scripts. 107 GNUTLSExportCertificates on 108 109 GnuTLSX509CertificateFile /etc/apache2/server-cert.pem 110 GnuTLSX509KeyFile /etc/apache2/server-key.pem 111 112 # To enable SRP you must have these files installed. Check the gnutls 113 # srptool. 114 GnuTLSSRPPasswdFile /etc/apache2/tpasswd 115 GnuTLSSRPPasswdConfFile /etc/apache2/tpasswd.conf 116 117 # In order to verify client certificates. Other options to 118 # GnuTLSClientVerify could be ignore or require. The 119 # GnuTLSClientCAFile contains the CAs to verify client certificates. 120 GnuTLSClientVerify request 121 GnuTLSX509CAFile ca.pem 77 122 78 # To enable SRP you must have these files installed. Check the gnutls srptool. 79 GnuTLSSRPPasswdFile /etc/apache2/tpasswd 80 GnuTLSSRPPasswdConfFile /etc/apache2/tpasswd.conf 123 </VirtualHost> 124 125 # A setup for OpenPGP and X.509 authentication 126 <VirtualHost 1.2.3.4:443> 81 127 82 # In order to verify client certificates. Other options to 83 # GnuTLSClientVerify could be ignore or require. The GnuTLSClientCAFile 84 # contains the CAs to verify client certificates. 85 GnuTLSClientVerify request 86 GnuTLSX509CAFile ca.pem 87 ... 88 </VirtualHost> 128 Servername crystal.lan:443 129 GnuTLSEnable on 130 GnuTLSPriorities NORMAL:+COMP-NULL 131 132 # Setup the openpgp keys 133 GnuTLSPGPCertificateFile /etc/apache2/test.pub.asc 134 GnuTLSPGPKeyFile /etc/apache2/test.sec.asc 135 136 # - and the X.509 keys 137 GnuTLSCertificateFile /etc/apache2/server-cert.pem 138 GnuTLSKeyFile /etc/apache2/server-key.pem 89 139 90 # A setup for OpenPGP and X.509 authentication 91 <VirtualHost 1.2.3.4:443> 92 Servername crystal.lan:443 93 GnuTLSEnable on 94 GnuTLSPriorities NORMAL:+COMP-NULL 140 GnuTLSClientVerify ignore 141 142 # To avoid using the default DH params 143 GnuTLSDHFile /etc/apache2/dh.pem 144 145 # These are only needed if GnuTLSClientVerify != ignore 146 GnuTLSClientCAFile ca.pem 147 GnuTLSPGPKeyringFile /etc/apache2/ring.asc 95 148 96 # setup the openpgp keys 97 GnuTLSPGPCertificateFile /etc/apache2/test.pub.asc 98 GnuTLSPGPKeyFile /etc/apache2/test.sec.asc 149 </VirtualHost> 99 150 100 # and the X.509 keys101 GnuTLSCertificateFile /etc/apache2/server-cert.pem102 GnuTLSKeyFile /etc/apache2/server-key.pem103 GnuTLSClientVerify ignore104 151 105 # To avoid using the default DH params106 GnuTLSDHFile /etc/apache2/dh.pem107 152 108 # these are only needed if GnuTLSClientVerify != ignore 109 GnuTLSClientCAFile ca.pem 110 GnuTLSPGPKeyringFile /etc/apache2/ring.asc 111 </VirtualHost> 153 VI. CREATE OPENPGP CREDENTIALS FOR THE SERVER 154 155 mod_gnutls currently cannot read encrypted OpenPGP credentials. That is, 156 when you generate a key with gpg and gpg prompts you for a passphrase, 157 just press enter. Then press enter again, to confirm an empty 158 passphrase. http://news.gmane.org/gmane.comp.apache.outoforder.modules 159 160 These instructions are from the GnuTLS manual: 161 http://www.gnu.org/software/gnutls/manual/html_node/Invoking-gnutls_002dserv.html#Invoking-gnutls_002dserv 162 163 $ gpg --gen-key 164 ...enter whatever details you want, use 'test.gnutls.org' as name... 165 166 Make a note of the OpenPGP key identifier of the newly generated key, 167 here it was 5D1D14D8. You will need to export the key for GnuTLS to be 168 able to use it. 169 170 $ gpg -a --export 5D1D14D8 > openpgp-server.txt 171 $ gpg -a --export-secret-keys 5D1D14D8 > openpgp-server-key.txt -
configure
r8ce897a rf8ffc43 1 1 #! /bin/sh 2 2 # Guess values for system-dependent variables and create Makefiles. 3 # Generated by GNU Autoconf 2.61 for mod_gnutls 0.5. 2.3 # Generated by GNU Autoconf 2.61 for mod_gnutls 0.5.3. 4 4 # 5 5 # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, … … 727 727 PACKAGE_NAME='mod_gnutls' 728 728 PACKAGE_TARNAME='mod_gnutls' 729 PACKAGE_VERSION='0.5. 2'730 PACKAGE_STRING='mod_gnutls 0.5. 2'729 PACKAGE_VERSION='0.5.3' 730 PACKAGE_STRING='mod_gnutls 0.5.3' 731 731 PACKAGE_BUGREPORT='' 732 732 … … 1436 1436 # This message is too long to be a string in the A/UX 3.1 sh. 1437 1437 cat <<_ACEOF 1438 \`configure' configures mod_gnutls 0.5. 2to adapt to many kinds of systems.1438 \`configure' configures mod_gnutls 0.5.3 to adapt to many kinds of systems. 1439 1439 1440 1440 Usage: $0 [OPTION]... [VAR=VALUE]... … … 1507 1507 if test -n "$ac_init_help"; then 1508 1508 case $ac_init_help in 1509 short | recursive ) echo "Configuration of mod_gnutls 0.5. 2:";;1509 short | recursive ) echo "Configuration of mod_gnutls 0.5.3:";; 1510 1510 esac 1511 1511 cat <<\_ACEOF … … 1622 1622 if $ac_init_version; then 1623 1623 cat <<\_ACEOF 1624 mod_gnutls configure 0.5. 21624 mod_gnutls configure 0.5.3 1625 1625 generated by GNU Autoconf 2.61 1626 1626 … … 1636 1636 running configure, to aid debugging if configure makes a mistake. 1637 1637 1638 It was created by mod_gnutls $as_me 0.5. 2, which was1638 It was created by mod_gnutls $as_me 0.5.3, which was 1639 1639 generated by GNU Autoconf 2.61. Invocation command line was 1640 1640 … … 2007 2007 chmod +x config.nice 2008 2008 2009 MOD_GNUTLS_VERSION=0.5. 22009 MOD_GNUTLS_VERSION=0.5.3 2010 2010 2011 2011 … … 2508 2508 # Define the identity of the package. 2509 2509 PACKAGE=mod_gnutls 2510 VERSION=0.5. 22510 VERSION=0.5.3 2511 2511 2512 2512 … … 21700 21700 21701 21701 21702 MODULE_CFLAGS="${LIBGNUTLS_ EXTRA_CFLAGS} ${SRP_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}"21703 MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_ EXTRA_LIBS}"21702 MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${SRP_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}" 21703 MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_LIBS}" 21704 21704 21705 21705 … … 22132 22132 # values after options handling. 22133 22133 ac_log=" 22134 This file was extended by mod_gnutls $as_me 0.5. 2, which was22134 This file was extended by mod_gnutls $as_me 0.5.3, which was 22135 22135 generated by GNU Autoconf 2.61. Invocation command line was 22136 22136 … … 22185 22185 cat >>$CONFIG_STATUS <<_ACEOF 22186 22186 ac_cs_version="\\ 22187 mod_gnutls config.status 0.5. 222187 mod_gnutls config.status 0.5.3 22188 22188 configured by $0, generated by GNU Autoconf 2.61, 22189 22189 with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" -
configure.ac
r8ce897a rf8ffc43 1 1 dnl 2 AC_INIT(mod_gnutls, 0.5. 2)2 AC_INIT(mod_gnutls, 0.5.3) 3 3 OOO_CONFIG_NICE(config.nice) 4 4 MOD_GNUTLS_VERSION=AC_PACKAGE_VERSION … … 56 56 AC_SUBST(have_apr_memcache) 57 57 58 MODULE_CFLAGS="${LIBGNUTLS_ EXTRA_CFLAGS} ${SRP_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}"59 MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_ EXTRA_LIBS}"58 MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${SRP_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES}" 59 MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_LIBS}" 60 60 61 61 AC_SUBST(MODULE_CFLAGS) -
src/gnutls_hooks.c
r8ce897a rf8ffc43 55 55 apr_file_printf(debug_log_fp, "<%d> %s\n", level, str); 56 56 } 57 #define _gnutls_log apr_file_printf 58 #else 59 # define _gnutls_log(...) 57 60 #endif 58 61 … … 62 65 { 63 66 int ret; 67 68 #if MOD_GNUTLS_DEBUG 69 apr_file_open(&debug_log_fp, "/tmp/gnutls_debug", 70 APR_APPEND | APR_WRITE | APR_CREATE, APR_OS_DEFAULT, 71 pconf); 72 73 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 74 75 gnutls_global_set_log_level(9); 76 gnutls_global_set_log_function(gnutls_debug_log_all); 77 _gnutls_log(debug_log_fp, "gnutls: %s\n", gnutls_check_version(NULL)); 78 #endif 64 79 65 80 #if APR_HAS_THREADS … … 73 88 74 89 if (gnutls_check_version(LIBGNUTLS_VERSION)==NULL) { 75 fprintf(stderr, "gnutls_check_version() failed. Required: gnutls-%s Found: gnutls-%s\n",90 _gnutls_log(debug_log_fp, "gnutls_check_version() failed. Required: gnutls-%s Found: gnutls-%s\n", 76 91 LIBGNUTLS_VERSION, gnutls_check_version(NULL)); 77 92 return -3; … … 80 95 ret = gnutls_global_init(); 81 96 if (ret < 0) { 82 fprintf(stderr, "gnutls_global_init: %s\n", gnutls_strerror(ret));97 _gnutls_log(debug_log_fp, "gnutls_global_init: %s\n", gnutls_strerror(ret)); 83 98 return -3; 84 99 } … … 87 102 apr_pool_cleanup_null); 88 103 89 #if MOD_GNUTLS_DEBUG90 apr_file_open(&debug_log_fp, "/tmp/gnutls_debug",91 APR_APPEND | APR_WRITE | APR_CREATE, APR_OS_DEFAULT,92 pconf);93 94 gnutls_global_set_log_level(9);95 gnutls_global_set_log_function(gnutls_debug_log_all);96 apr_file_printf(debug_log_fp, "gnutls: %s\n", gnutls_check_version(NULL));97 #endif98 104 99 105 return OK; … … 106 112 int ret; 107 113 int cprio[2]; 114 115 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 108 116 109 117 ctxt = gnutls_transport_get_ptr(session); … … 163 171 mgs_handle_t *ctxt; 164 172 173 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 165 174 ctxt = gnutls_transport_get_ptr(session); 175 176 if (ctxt == NULL) 177 return GNUTLS_E_INTERNAL_ERROR; 166 178 167 179 if (gnutls_certificate_type_get( session) == GNUTLS_CRT_X509) { … … 211 223 212 224 225 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 213 226 *cert_cn = NULL; 214 227 … … 262 275 263 276 277 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 264 278 *cert_cn = NULL; 265 279 … … 294 308 const char *userdata_key = "mgs_init"; 295 309 310 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 296 311 apr_pool_userdata_get(&data, userdata_key, base_server->process->pool); 297 312 if (data == NULL) { … … 395 410 #endif 396 411 397 if (sc->certs_x509[0] == NULL 398 && sc->enabled == GNUTLS_ENABLED_TRUE) { 412 if (sc->certs_x509[0] == NULL && 413 sc->cert_pgp == NULL && 414 sc->enabled == GNUTLS_ENABLED_TRUE) { 399 415 ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, 400 416 "[GnuTLS] - Host '%s:%d' is missing a " … … 404 420 } 405 421 406 if (sc->privkey_x509 == NULL 407 && sc->enabled == GNUTLS_ENABLED_TRUE) { 422 if (sc->enabled == GNUTLS_ENABLED_TRUE && 423 ((sc->certs_x509[0] != NULL && sc->privkey_x509 == NULL) || 424 (sc->cert_pgp != NULL && sc->privkey_pgp == NULL))) { 408 425 ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, 409 426 "[GnuTLS] - Host '%s:%d' is missing a " … … 440 457 &gnutls_module); 441 458 459 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 442 460 if (sc->cache_type != mgs_cache_none) { 443 461 rv = mgs_cache_child_init(p, s, sc); … … 458 476 &gnutls_module); 459 477 478 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 460 479 if (sc->enabled == GNUTLS_ENABLED_FALSE) { 461 480 return NULL; … … 471 490 &gnutls_module); 472 491 492 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 473 493 if (sc->enabled == GNUTLS_ENABLED_FALSE) { 474 494 return 0; … … 492 512 vhost_cb_rec *x = baton; 493 513 514 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 494 515 tsc = (mgs_srvconf_rec *) ap_get_module_config(s->module_config, 495 516 &gnutls_module); … … 544 565 #endif 545 566 567 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 546 568 ctxt = gnutls_transport_get_ptr(session); 547 569 … … 621 643 &gnutls_module); 622 644 645 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 623 646 ctxt = apr_pcalloc(pool, sizeof(*ctxt)); 624 647 ctxt->c = c; … … 659 682 &gnutls_module); 660 683 684 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 661 685 if (!(sc && (sc->enabled == GNUTLS_ENABLED_TRUE))) { 662 686 return DECLINED; … … 688 712 int rv = OK; 689 713 714 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 690 715 apr_table_t *env = r->subprocess_env; 691 716 … … 762 787 &gnutls_module); 763 788 789 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 764 790 ctxt = 765 791 ap_get_module_config(r->connection->conn_config, &gnutls_module); … … 823 849 apr_table_t *env = r->subprocess_env; 824 850 851 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 825 852 if (export_certificates_enabled != 0) { 826 853 char cert_buf[10 * 1024]; … … 929 956 int ret; 930 957 958 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 931 959 apr_table_t *env = r->subprocess_env; 932 960 … … 995 1023 apr_time_t activation_time, expiration_time, cur_time; 996 1024 1025 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 997 1026 cert_list = 998 1027 gnutls_certificate_get_peers(ctxt->session, &cert_list_size); -
src/gnutls_io.c
r8ce897a rf8ffc43 73 73 if (buffer->length > inl) { 74 74 /* we have have enough to fill the caller's buffer */ 75 mem cpy(in, buffer->value, inl);75 memmove(in, buffer->value, inl); 76 76 buffer->value += inl; 77 77 buffer->length -= inl; … … 79 79 else { 80 80 /* swallow remainder of the buffer */ 81 mem cpy(in, buffer->value, buffer->length);81 memmove(in, buffer->value, buffer->length); 82 82 inl = buffer->length; 83 83 buffer->value = NULL; … … 354 354 } 355 355 356 #define HANDSHAKE_MAX_TRIES 10 0356 #define HANDSHAKE_MAX_TRIES 1024 357 357 static int gnutls_do_handshake(mgs_handle_t * ctxt) 358 358 {
Note: See TracChangeset
for help on using the changeset viewer.