Changeset fd82e59 in mod_gnutls
- Timestamp:
- Feb 27, 2014, 2:26:26 AM (6 years ago)
- Branches:
- debian/master, debian/stretch-backports, jessie-backports, master, upstream
- Children:
- c32240f
- Parents:
- 8a30d35
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
configure.ac
r8a30d35 rfd82e59 42 42 fi 43 43 44 AC_ARG_ENABLE(strict, 45 AS_HELP_STRING([--disable-strict], 46 [Avoid strict compiler warnings and errors]), 47 use_strict=$enableval, use_strict=yes) 48 49 STRICT_CFLAGS="" 50 if test "$use_strict" != "no"; then 51 STRICT_CFLAGS="-Wall -Werror -Wextra" 52 fi 53 44 54 AC_MSG_CHECKING([whether to enable SRP functionality]) 45 55 AC_MSG_RESULT($use_srp) … … 66 76 AC_SUBST(have_apr_memcache) 67 77 68 MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${SRP_CFLAGS} ${MSVA_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} "78 MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${SRP_CFLAGS} ${MSVA_CFLAGS} ${APR_MEMCACHE_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}" 69 79 MODULE_LIBS="${APR_MEMCACHE_LIBS} ${LIBGNUTLS_LIBS}" 70 80 -
src/gnutls_config.c
r8a30d35 rfd82e59 58 58 } 59 59 60 const char *mgs_set_dh_file(cmd_parms * parms, void *dummy ,60 const char *mgs_set_dh_file(cmd_parms * parms, void *dummy __attribute__((unused)), 61 61 const char *arg) { 62 62 int ret; … … 101 101 } 102 102 103 const char *mgs_set_cert_file(cmd_parms * parms, void *dummy , const char *arg) {103 const char *mgs_set_cert_file(cmd_parms * parms, void *dummy __attribute__((unused)), const char *arg) { 104 104 105 105 int ret; … … 130 130 } 131 131 132 const char *mgs_set_key_file(cmd_parms * parms, void *dummy , const char *arg) {132 const char *mgs_set_key_file(cmd_parms * parms, void *dummy __attribute__((unused)), const char *arg) { 133 133 134 134 int ret; … … 174 174 } 175 175 176 const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy ,176 const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy __attribute__((unused)), 177 177 const char *arg) { 178 178 int ret; … … 214 214 } 215 215 216 const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy ,216 const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy __attribute__((unused)), 217 217 const char *arg) { 218 218 int ret; … … 255 255 } 256 256 257 const char *mgs_set_tickets(cmd_parms * parms, void *dummy ,257 const char *mgs_set_tickets(cmd_parms * parms, void *dummy __attribute__((unused)), 258 258 const char *arg) { 259 259 mgs_srvconf_rec *sc = … … 273 273 #ifdef ENABLE_SRP 274 274 275 const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy ,275 const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy __attribute__((unused)), 276 276 const char *arg) { 277 277 mgs_srvconf_rec *sc = … … 285 285 } 286 286 287 const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy ,287 const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy __attribute__((unused)), 288 288 const char *arg) { 289 289 mgs_srvconf_rec *sc = … … 300 300 #endif 301 301 302 const char *mgs_set_cache(cmd_parms * parms, void *dummy ,302 const char *mgs_set_cache(cmd_parms * parms, void *dummy __attribute__((unused)), 303 303 const char *type, const char *arg) { 304 304 const char *err; … … 342 342 } 343 343 344 const char *mgs_set_cache_timeout(cmd_parms * parms, void *dummy ,344 const char *mgs_set_cache_timeout(cmd_parms * parms, void *dummy __attribute__((unused)), 345 345 const char *arg) { 346 346 int argint; … … 368 368 } 369 369 370 const char *mgs_set_client_verify_method(cmd_parms * parms, void *dummy ,370 const char *mgs_set_client_verify_method(cmd_parms * parms, void *dummy __attribute__((unused)), 371 371 const char *arg) { 372 372 mgs_srvconf_rec *sc = (mgs_srvconf_rec *)ap_get_module_config(parms->server->module_config, &gnutls_module); … … 387 387 } 388 388 389 const char *mgs_set_client_verify(cmd_parms * parms, void *dummy, 390 const char *arg) { 389 const char *mgs_set_client_verify(cmd_parms * parms, 390 void *dirconf, 391 const char *arg) { 391 392 int mode; 392 393 … … 404 405 /* This was set from a directory context */ 405 406 if (parms->path) { 406 mgs_dirconf_rec *dc = (mgs_dirconf_rec *) d ummy;407 mgs_dirconf_rec *dc = (mgs_dirconf_rec *) dirconf; 407 408 dc->client_verify_mode = mode; 408 409 } else { … … 419 420 #define INIT_CA_SIZE 128 420 421 421 const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy ,422 const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy __attribute__((unused)), 422 423 const char *arg) { 423 424 int rv; … … 481 482 } 482 483 483 const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy ,484 const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy __attribute__((unused)), 484 485 const char *arg) { 485 486 int rv; … … 521 522 } 522 523 523 const char *mgs_set_proxy_engine(cmd_parms * parms, void *dummy ,524 const char *mgs_set_proxy_engine(cmd_parms * parms, void *dummy __attribute__((unused)), 524 525 const char *arg) { 525 526 … … 538 539 } 539 540 540 const char *mgs_set_enabled(cmd_parms * parms, void *dummy ,541 const char *mgs_set_enabled(cmd_parms * parms, void *dummy __attribute__((unused)), 541 542 const char *arg) { 542 543 mgs_srvconf_rec *sc = … … 555 556 } 556 557 557 const char *mgs_set_export_certificates_size(cmd_parms * parms, void *dummy , const char *arg) {558 const char *mgs_set_export_certificates_size(cmd_parms * parms, void *dummy __attribute__((unused)), const char *arg) { 558 559 mgs_srvconf_rec *sc = (mgs_srvconf_rec *) ap_get_module_config(parms->server->module_config, &gnutls_module); 559 560 if (!strcasecmp(arg, "On")) { … … 577 578 } 578 579 579 const char *mgs_set_priorities(cmd_parms * parms, void *dummy , const char *arg) {580 const char *mgs_set_priorities(cmd_parms * parms, void *dummy __attribute__((unused)), const char *arg) { 580 581 581 582 int ret; … … 656 657 } 657 658 658 void *mgs_config_server_create(apr_pool_t * p, server_rec * s) { 659 void *mgs_config_server_create(apr_pool_t * p, 660 server_rec * s __attribute__((unused))) { 659 661 char *err = NULL; 660 662 mgs_srvconf_rec *sc = _mgs_config_server_create(p, &err); … … 715 717 #undef gnutls_srvconf_assign 716 718 717 void *mgs_config_dir_merge(apr_pool_t * p, void *basev, void *addv) { 719 void *mgs_config_dir_merge(apr_pool_t * p, 720 void *basev __attribute__((unused)), 721 void *addv __attribute__((unused))) { 718 722 mgs_dirconf_rec *new; 719 723 /* mgs_dirconf_rec *base = (mgs_dirconf_rec *) basev; */ … … 725 729 } 726 730 727 void *mgs_config_dir_create(apr_pool_t * p, char *dir) { 731 void *mgs_config_dir_create(apr_pool_t * p, 732 char *dir __attribute__((unused))) { 728 733 mgs_dirconf_rec *dc = apr_palloc(p, sizeof (*dc)); 729 734 dc->client_verify_mode = -1; -
src/gnutls_hooks.c
r8a30d35 rfd82e59 44 44 static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt); 45 45 /* use side==0 for server and side==1 for client */ 46 static void mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, int export_cert_size); 47 static void mgs_add_common_pgpcert_vars(request_rec * r, gnutls_openpgp_crt_t cert, int side, int export_cert_size); 46 static void mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, size_t export_cert_size); 47 static void mgs_add_common_pgpcert_vars(request_rec * r, gnutls_openpgp_crt_t cert, int side, size_t export_cert_size); 48 static int mgs_status_hook(request_rec *r, int flags); 49 #ifdef ENABLE_MSVA 48 50 static const char* mgs_x509_construct_uid(request_rec * pool, gnutls_x509_crt_t cert); 49 static int mgs_status_hook(request_rec *r, int flags); 51 #endif 50 52 51 53 /* Pool Cleanup Function */ 52 apr_status_t mgs_cleanup_pre_config(void *data ) {54 apr_status_t mgs_cleanup_pre_config(void *data __attribute__((unused))) { 53 55 /* Free all session data */ 54 56 gnutls_free(session_ticket_key.data); … … 83 85 84 86 /* Pre-Configuration HOOK: Runs First */ 85 int mgs_hook_pre_config(apr_pool_t * pconf, apr_pool_t * plog, apr_pool_t * ptemp ) {87 int mgs_hook_pre_config(apr_pool_t * pconf, apr_pool_t * plog, apr_pool_t * ptemp __attribute__((unused))) { 86 88 87 89 /* Maintainer Logging */ … … 169 171 170 172 static int cert_retrieve_fn(gnutls_session_t session, 171 const gnutls_datum_t * req_ca_rdn , int nreqs,172 const gnutls_pk_algorithm_t * pk_algos , int pk_algos_length,173 const gnutls_datum_t * req_ca_rdn __attribute__((unused)), int nreqs __attribute__((unused)), 174 const gnutls_pk_algorithm_t * pk_algos __attribute__((unused)), int pk_algos_length __attribute__((unused)), 173 175 gnutls_retr2_st *ret) { 174 176 … … 303 305 } 304 306 305 int mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog , apr_pool_t * ptemp, server_rec * base_server) {307 int mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog __attribute__((unused)), apr_pool_t * ptemp __attribute__((unused)), server_rec * base_server) { 306 308 307 309 int rv; … … 589 591 } 590 592 591 static int vhost_cb(void *baton, conn_rec * conn , server_rec * s) {593 static int vhost_cb(void *baton, conn_rec * conn __attribute__((unused)), server_rec * s) { 592 594 mgs_srvconf_rec *tsc; 593 595 vhost_cb_rec *x = baton; … … 728 730 } 729 731 730 int mgs_hook_pre_connection(conn_rec * c, void *csd ) {732 int mgs_hook_pre_connection(conn_rec * c, void *csd __attribute__((unused))) { 731 733 mgs_srvconf_rec *sc; 732 734 … … 900 902 #define MGS_SIDE(suffix) ((side==0) ? "SSL_SERVER" suffix : "SSL_CLIENT" suffix) 901 903 902 static void mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, int export_cert_size) {904 static void mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, size_t export_cert_size) { 903 905 unsigned char sbuf[64]; /* buffer to hold serials */ 904 906 char buf[AP_IOBUFSIZE]; … … 1019 1021 * to use for the PEM-encoded certificate (0 means do not export) 1020 1022 */ 1021 static void mgs_add_common_pgpcert_vars(request_rec * r, gnutls_openpgp_crt_t cert, int side, int export_cert_size) {1023 static void mgs_add_common_pgpcert_vars(request_rec * r, gnutls_openpgp_crt_t cert, int side, size_t export_cert_size) { 1022 1024 1023 1025 unsigned char sbuf[64]; /* buffer to hold serials */ … … 1335 1337 exit: 1336 1338 if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_X509) { 1337 int i;1339 unsigned int i; 1338 1340 for (i = 0; i < ch_size; i++) { 1339 1341 gnutls_x509_crt_deinit(cert.x509[i]); … … 1347 1349 } 1348 1350 1351 #ifdef ENABLE_MSVA 1352 /* this section of code is used only when trying to talk to the MSVA */ 1349 1353 static const char* mgs_x509_leaf_oid_from_dn(apr_pool_t *pool, const char* oid, gnutls_x509_crt_t cert) { 1350 1354 int rv=GNUTLS_E_SUCCESS, i; … … 1383 1387 data = apr_palloc(pool, sz); 1384 1388 rv = gnutls_x509_crt_get_subject_alt_name2(cert, i, data, &sz, &thistype, NULL); 1385 if (rv == target)1389 if (rv >=0 && (thistype == target)) 1386 1390 return data; 1387 1391 } … … 1390 1394 return NULL; 1391 1395 } 1396 1392 1397 1393 1398 /* Create a string representing a candidate User ID from an X.509 … … 1505 1510 return ret; 1506 1511 } 1507 1508 static int mgs_status_hook(request_rec *r, int flags) 1512 #endif /* ENABLE_MSVA */ 1513 1514 static int mgs_status_hook(request_rec *r, int flags __attribute__((unused))) 1509 1515 { 1510 1516 mgs_srvconf_rec *sc; -
src/gnutls_io.c
r8a30d35 rfd82e59 510 510 if (ctxt->input_mode == AP_MODE_READBYTES || 511 511 ctxt->input_mode == AP_MODE_SPECULATIVE) { 512 if (readbytes < 0) { 513 /* you're asking us to speculatively read a negative number of bytes! */ 514 return APR_ENOTIMPL; 515 } 512 516 /* Err. This is bad. readbytes *can* be a 64bit int! len.. is NOT */ 513 if ( readbytes < len) {517 if ((apr_size_t) readbytes < len) { 514 518 len = (apr_size_t) readbytes; 515 519 } … … 573 577 574 578 apr_status_t mgs_filter_output(ap_filter_t * f, apr_bucket_brigade * bb) { 575 apr_size_t ret;579 int ret; 576 580 mgs_handle_t *ctxt = (mgs_handle_t *) f->ctx; 577 581 apr_status_t status = APR_SUCCESS; … … 672 676 return ctxt->output_rc; 673 677 } 674 } else if (ret != len) { 678 } else if ((apr_size_t)(ret) != len) { 679 /* we know the above cast is OK because len > 0 and ret >= 0 */ 675 680 /* Not able to send the entire bucket, 676 681 split it and send it again. */ -
src/mod_gnutls.c
r8a30d35 rfd82e59 20 20 #include "mod_gnutls.h" 21 21 22 static void gnutls_hooks(apr_pool_t * p ) {22 static void gnutls_hooks(apr_pool_t * p __attribute__((unused))) { 23 23 24 24 /* Try Run Post-Config Hook After mod_proxy */
Note: See TracChangeset
for help on using the changeset viewer.