diff options
author | Nikos Mavrogiannopoulos | 2010-08-17 19:04:34 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos | 2010-08-18 20:41:36 +0200 |
commit | 368b5740dd89c160645548b3a608e032d1d39160 (patch) | |
tree | 9accfaccd8378f4ae811a47835e511ef8866abc4 /src/gnutls_hooks.c | |
parent | 7fec961893adf880d4acc3da171031829f93af86 (diff) |
Safer usage of session variable to prevent segmentation faults on closure. Should solve issue #106.
Diffstat (limited to 'src/gnutls_hooks.c')
-rw-r--r-- | src/gnutls_hooks.c | 50 |
1 files changed, 43 insertions, 7 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 3ce8188..7c638fb 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
@@ -486,7 +486,12 @@ void mgs_hook_child_init(apr_pool_t * p, server_rec * s) | |||
486 | 486 | ||
487 | const char *mgs_hook_http_scheme(const request_rec * r) | 487 | const char *mgs_hook_http_scheme(const request_rec * r) |
488 | { | 488 | { |
489 | mgs_srvconf_rec *sc = | 489 | mgs_srvconf_rec *sc; |
490 | |||
491 | if (r == NULL) | ||
492 | return NULL; | ||
493 | |||
494 | sc = | ||
490 | (mgs_srvconf_rec *) ap_get_module_config(r->server->module_config, | 495 | (mgs_srvconf_rec *) ap_get_module_config(r->server->module_config, |
491 | &gnutls_module); | 496 | &gnutls_module); |
492 | 497 | ||
@@ -500,7 +505,12 @@ const char *mgs_hook_http_scheme(const request_rec * r) | |||
500 | 505 | ||
501 | apr_port_t mgs_hook_default_port(const request_rec * r) | 506 | apr_port_t mgs_hook_default_port(const request_rec * r) |
502 | { | 507 | { |
503 | mgs_srvconf_rec *sc = | 508 | mgs_srvconf_rec *sc; |
509 | |||
510 | if (r == NULL) | ||
511 | return 0; | ||
512 | |||
513 | sc = | ||
504 | (mgs_srvconf_rec *) ap_get_module_config(r->server->module_config, | 514 | (mgs_srvconf_rec *) ap_get_module_config(r->server->module_config, |
505 | &gnutls_module); | 515 | &gnutls_module); |
506 | 516 | ||
@@ -579,6 +589,9 @@ mgs_srvconf_rec *mgs_find_sni_server(gnutls_session_t session) | |||
579 | mgs_srvconf_rec *tsc; | 589 | mgs_srvconf_rec *tsc; |
580 | #endif | 590 | #endif |
581 | 591 | ||
592 | if (session == NULL) | ||
593 | return NULL; | ||
594 | |||
582 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | 595 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); |
583 | ctxt = gnutls_transport_get_ptr(session); | 596 | ctxt = gnutls_transport_get_ptr(session); |
584 | 597 | ||
@@ -693,12 +706,18 @@ static mgs_handle_t *create_gnutls_handle(apr_pool_t * pool, conn_rec * c) | |||
693 | int mgs_hook_pre_connection(conn_rec * c, void *csd) | 706 | int mgs_hook_pre_connection(conn_rec * c, void *csd) |
694 | { | 707 | { |
695 | mgs_handle_t *ctxt; | 708 | mgs_handle_t *ctxt; |
696 | mgs_srvconf_rec *sc = | 709 | mgs_srvconf_rec *sc; |
710 | |||
711 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | ||
712 | |||
713 | if (c == NULL) | ||
714 | return DECLINED; | ||
715 | |||
716 | sc = | ||
697 | (mgs_srvconf_rec *) ap_get_module_config(c->base_server-> | 717 | (mgs_srvconf_rec *) ap_get_module_config(c->base_server-> |
698 | module_config, | 718 | module_config, |
699 | &gnutls_module); | 719 | &gnutls_module); |
700 | 720 | ||
701 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | ||
702 | if (!(sc && (sc->enabled == GNUTLS_ENABLED_TRUE))) { | 721 | if (!(sc && (sc->enabled == GNUTLS_ENABLED_TRUE))) { |
703 | return DECLINED; | 722 | return DECLINED; |
704 | } | 723 | } |
@@ -732,13 +751,16 @@ int mgs_hook_fixups(request_rec * r) | |||
732 | mgs_handle_t *ctxt; | 751 | mgs_handle_t *ctxt; |
733 | int rv = OK; | 752 | int rv = OK; |
734 | 753 | ||
754 | if (r == NULL) | ||
755 | return DECLINED; | ||
756 | |||
735 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | 757 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); |
736 | apr_table_t *env = r->subprocess_env; | 758 | apr_table_t *env = r->subprocess_env; |
737 | 759 | ||
738 | ctxt = | 760 | ctxt = |
739 | ap_get_module_config(r->connection->conn_config, &gnutls_module); | 761 | ap_get_module_config(r->connection->conn_config, &gnutls_module); |
740 | 762 | ||
741 | if (!ctxt) { | 763 | if (!ctxt || ctxt->session == NULL) { |
742 | return DECLINED; | 764 | return DECLINED; |
743 | } | 765 | } |
744 | 766 | ||
@@ -804,14 +826,19 @@ int mgs_hook_authz(request_rec * r) | |||
804 | { | 826 | { |
805 | int rv; | 827 | int rv; |
806 | mgs_handle_t *ctxt; | 828 | mgs_handle_t *ctxt; |
807 | mgs_dirconf_rec *dc = ap_get_module_config(r->per_dir_config, | 829 | mgs_dirconf_rec *dc; |
830 | |||
831 | if (r == NULL) | ||
832 | return DECLINED; | ||
833 | |||
834 | dc = ap_get_module_config(r->per_dir_config, | ||
808 | &gnutls_module); | 835 | &gnutls_module); |
809 | 836 | ||
810 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | 837 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); |
811 | ctxt = | 838 | ctxt = |
812 | ap_get_module_config(r->connection->conn_config, &gnutls_module); | 839 | ap_get_module_config(r->connection->conn_config, &gnutls_module); |
813 | 840 | ||
814 | if (!ctxt) { | 841 | if (!ctxt || ctxt->session == NULL) { |
815 | return DECLINED; | 842 | return DECLINED; |
816 | } | 843 | } |
817 | 844 | ||
@@ -875,6 +902,9 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, | |||
875 | size_t len; | 902 | size_t len; |
876 | int ret, i; | 903 | int ret, i; |
877 | 904 | ||
905 | if (r == NULL) | ||
906 | return; | ||
907 | |||
878 | apr_table_t *env = r->subprocess_env; | 908 | apr_table_t *env = r->subprocess_env; |
879 | 909 | ||
880 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | 910 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); |
@@ -983,6 +1013,9 @@ mgs_add_common_pgpcert_vars(request_rec * r, gnutls_openpgp_crt_t cert, int side | |||
983 | const char *tmp; | 1013 | const char *tmp; |
984 | size_t len; | 1014 | size_t len; |
985 | int ret; | 1015 | int ret; |
1016 | |||
1017 | if (r == NULL) | ||
1018 | return; | ||
986 | 1019 | ||
987 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | 1020 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); |
988 | apr_table_t *env = r->subprocess_env; | 1021 | apr_table_t *env = r->subprocess_env; |
@@ -1052,6 +1085,9 @@ static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt) | |||
1052 | } cert; | 1085 | } cert; |
1053 | apr_time_t expiration_time, cur_time; | 1086 | apr_time_t expiration_time, cur_time; |
1054 | 1087 | ||
1088 | if (r == NULL || ctxt == NULL || ctxt->session == NULL) | ||
1089 | return HTTP_FORBIDDEN; | ||
1090 | |||
1055 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); | 1091 | _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); |
1056 | cert_list = | 1092 | cert_list = |
1057 | gnutls_certificate_get_peers(ctxt->session, &cert_list_size); | 1093 | gnutls_certificate_get_peers(ctxt->session, &cert_list_size); |