summaryrefslogtreecommitdiffstatsabout
path: root/src/mod_gnutls.c
diff options
context:
space:
mode:
authorPaul Querna <chip@outoforder.cc>2005-04-22 01:29:13 (GMT)
committer Paul Querna <chip@outoforder.cc>2005-04-22 01:29:13 (GMT)
commit316bd8cab0ab97335f2b0e36c3a240ff7967ed1a (patch)
tree89fc433988291e4bdcd3dfc45b323040a4f42996 /src/mod_gnutls.c
parente924ddd3c71d5a28d973bf0b17316b63d9fad70f (diff)
- remove more debug logging.
- fix a crash by changing the certificate structure *after* starting the handshake.
Diffstat (limited to 'src/mod_gnutls.c')
-rw-r--r--src/mod_gnutls.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
index cb81a26..681411b 100644
--- a/src/mod_gnutls.c
+++ b/src/mod_gnutls.c
@@ -294,7 +294,6 @@ static apr_port_t mod_gnutls_hook_default_port(const request_rec * r)
294 294
295static void mod_gnutls_changed_servers(mod_gnutls_handle_t *ctxt) 295static void mod_gnutls_changed_servers(mod_gnutls_handle_t *ctxt)
296{ 296{
297 gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs);
298 gnutls_certificate_server_set_request(ctxt->session, ctxt->sc->client_verify_mode); 297 gnutls_certificate_server_set_request(ctxt->session, ctxt->sc->client_verify_mode);
299} 298}
300 299
@@ -479,9 +478,11 @@ static mod_gnutls_handle_t* create_gnutls_handle(apr_pool_t* pool, conn_rec * c)
479 gnutls_certificate_type_set_priority(ctxt->session, sc->cert_types); 478 gnutls_certificate_type_set_priority(ctxt->session, sc->cert_types);
480 479
481 mod_gnutls_cache_session_init(ctxt); 480 mod_gnutls_cache_session_init(ctxt);
481
482 gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs);
482 483
483 gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn); 484 gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn);
484 485
485 mod_gnutls_changed_servers(ctxt); 486 mod_gnutls_changed_servers(ctxt);
486 return ctxt; 487 return ctxt;
487} 488}
@@ -838,7 +839,7 @@ int mod_gnutls_hook_authz(request_rec *r)
838 839
839 if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) { 840 if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) {
840 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, 841 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
841 "GnuTLS: Ignoring Client Certificate!"); 842 "GnuTLS: Directory set to Ignore Client Certificate!");
842 return DECLINED; 843 return DECLINED;
843 } 844 }
844 845
@@ -855,8 +856,10 @@ int mod_gnutls_hook_authz(request_rec *r)
855 } 856 }
856 } 857 }
857 else if (ctxt->sc->client_verify_mode == GNUTLS_CERT_IGNORE) { 858 else if (ctxt->sc->client_verify_mode == GNUTLS_CERT_IGNORE) {
859#if MOD_GNUTLS_DEBUG
858 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, 860 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
859 "GnuTLS: Peer is set to IGNORE"); 861 "GnuTLS: Peer is set to IGNORE");
862#endif
860 return DECLINED; 863 return DECLINED;
861 } 864 }
862 865