diff options
author | Paul Querna | 2004-12-09 07:52:31 +0000 |
---|---|---|
committer | Paul Querna | 2004-12-09 07:52:31 +0000 |
commit | 32f2e601850dbbfb34180763df507d103c6b6aff (patch) | |
tree | 9b50b30743958f0a4e2c71f3d7f762b6170952f9 /src | |
parent | 0314debf01c32040851395b66669b75bbc1220cc (diff) |
fixes and stuff that i should of already committed.
Diffstat (limited to 'src')
-rw-r--r-- | src/gnutls_cache.c | 38 | ||||
-rw-r--r-- | src/gnutls_io.c | 59 | ||||
-rw-r--r-- | src/mod_gnutls.c | 17 |
3 files changed, 54 insertions, 60 deletions
diff --git a/src/gnutls_cache.c b/src/gnutls_cache.c index f2fb803..683cdf4 100644 --- a/src/gnutls_cache.c +++ b/src/gnutls_cache.c | |||
@@ -21,5 +21,41 @@ | |||
21 | * GnuTLS Session Cache using libmemcached | 21 | * GnuTLS Session Cache using libmemcached |
22 | * | 22 | * |
23 | */ | 23 | */ |
24 | /* | ||
25 | #include "memcache.h" | ||
24 | 26 | ||
25 | #include "libmemcache/memcache.h" | 27 | int mod_gnutls_cache_init() |
28 | { | ||
29 | return 0; | ||
30 | } | ||
31 | static int cache_store((void* baton, gnutls_datum_t key, gnutls_datum_t data) | ||
32 | { | ||
33 | mc_set(struct memcache *mc, | ||
34 | key->data, key->size, | ||
35 | data->data, data->size, | ||
36 | 3600, 0); | ||
37 | return 0; | ||
38 | } | ||
39 | |||
40 | static int cache_fetch(void* baton, gnutls_datum_t key) | ||
41 | { | ||
42 | mod_gnutls_handle_t *ctxt = baton; | ||
43 | return 0; | ||
44 | } | ||
45 | |||
46 | static int cache_delete(void* baton, gnutls_datum_t key) | ||
47 | { | ||
48 | mod_gnutls_handle_t *ctxt = baton; | ||
49 | return 0; | ||
50 | } | ||
51 | |||
52 | int mod_gnutls_cache_session_init(mod_gnutls_handle_t *ctxt) | ||
53 | { | ||
54 | gnutls_db_set_cache_expiration | ||
55 | gnutls_db_set_retrieve_function(session, cache_fetch); | ||
56 | gnutls_db_set_remove_function(session, cache_delete); | ||
57 | gnutls_db_set_store_function(session, cache_store); | ||
58 | gnutls_db_set_ptr(session, NULL); | ||
59 | return 0; | ||
60 | } | ||
61 | */ | ||
diff --git a/src/gnutls_io.c b/src/gnutls_io.c index 856b6a3..e1c84be 100644 --- a/src/gnutls_io.c +++ b/src/gnutls_io.c | |||
@@ -332,46 +332,12 @@ static apr_status_t gnutls_io_input_getline(mod_gnutls_handle_t * ctxt, | |||
332 | } | 332 | } |
333 | 333 | ||
334 | 334 | ||
335 | #define GNUTLS_HANDSHAKE_ATTEMPTS 10 | ||
336 | |||
337 | static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt) | 335 | static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt) |
338 | { | 336 | { |
339 | int i, ret; | 337 | int ret; |
340 | 338 | ||
341 | if (ctxt->status != 0) | 339 | if (ctxt->status != 0) |
342 | return; | 340 | return; |
343 | #if 0 | ||
344 | |||
345 | for (i = GNUTLS_HANDSHAKE_ATTEMPTS; i > 0; i--) { | ||
346 | ret = gnutls_handshake(ctxt->session); | ||
347 | if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) { | ||
348 | continue; | ||
349 | } | ||
350 | |||
351 | if (ret < 0) { | ||
352 | if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED | ||
353 | || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) { | ||
354 | ret = gnutls_alert_get(ctxt->session); | ||
355 | ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, | ||
356 | "GnuTLS: Hanshake Alert (%d) '%s'.\n", ret, | ||
357 | gnutls_alert_get_name(ret)); | ||
358 | } | ||
359 | |||
360 | gnutls_deinit(ctxt->session); | ||
361 | ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, | ||
362 | "GnuTLS: Handshake Failed (%d) '%s'", ret, | ||
363 | gnutls_strerror(ret)); | ||
364 | ctxt->status = -1; | ||
365 | return; | ||
366 | } | ||
367 | else { | ||
368 | ctxt->status = 1; | ||
369 | return; /* all done with the handshake */ | ||
370 | } | ||
371 | } | ||
372 | ctxt->status = -1; | ||
373 | return; | ||
374 | #else | ||
375 | ret = gnutls_handshake(ctxt->session); | 341 | ret = gnutls_handshake(ctxt->session); |
376 | if (ret < 0) { | 342 | if (ret < 0) { |
377 | if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED | 343 | if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED |
@@ -393,8 +359,6 @@ static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt) | |||
393 | ctxt->status = 1; | 359 | ctxt->status = 1; |
394 | return; /* all done with the handshake */ | 360 | return; /* all done with the handshake */ |
395 | } | 361 | } |
396 | |||
397 | #endif | ||
398 | } | 362 | } |
399 | 363 | ||
400 | 364 | ||
@@ -465,7 +429,7 @@ apr_status_t mod_gnutls_filter_input(ap_filter_t * f, | |||
465 | apr_status_t mod_gnutls_filter_output(ap_filter_t * f, | 429 | apr_status_t mod_gnutls_filter_output(ap_filter_t * f, |
466 | apr_bucket_brigade * bb) | 430 | apr_bucket_brigade * bb) |
467 | { | 431 | { |
468 | int ret; | 432 | apr_size_t ret; |
469 | mod_gnutls_handle_t *ctxt = (mod_gnutls_handle_t *) f->ctx; | 433 | mod_gnutls_handle_t *ctxt = (mod_gnutls_handle_t *) f->ctx; |
470 | apr_status_t status = APR_SUCCESS; | 434 | apr_status_t status = APR_SUCCESS; |
471 | apr_read_type_e rblock = APR_NONBLOCK_READ; | 435 | apr_read_type_e rblock = APR_NONBLOCK_READ; |
@@ -513,7 +477,6 @@ apr_status_t mod_gnutls_filter_output(ap_filter_t * f, | |||
513 | 477 | ||
514 | } | 478 | } |
515 | else { | 479 | else { |
516 | |||
517 | /* filter output */ | 480 | /* filter output */ |
518 | const char *data; | 481 | const char *data; |
519 | apr_size_t len; | 482 | apr_size_t len; |
@@ -546,20 +509,10 @@ apr_status_t mod_gnutls_filter_output(ap_filter_t * f, | |||
546 | ctxt->output_rc = APR_EGENERAL; | 509 | ctxt->output_rc = APR_EGENERAL; |
547 | } | 510 | } |
548 | } | 511 | } |
549 | else if ((apr_size_t) ret != len) { | 512 | else if (ret != len) { |
550 | //apr_bucket_split(bucket, ret); | 513 | /* Not able to send the entire bucket, |
551 | //APR_BUCKET_REMOVE(bucket); | 514 | split it and send it again. */ |
552 | /* not all of the data was sent. */ | 515 | apr_bucket_split(bucket, ret); |
553 | /* mod_ssl basicly errors out here.. this doesn't seem right? */ | ||
554 | ap_log_error(APLOG_MARK, APLOG_INFO, ctxt->output_rc, | ||
555 | ctxt->c->base_server, | ||
556 | "GnuTLS: failed to write %" APR_SSIZE_T_FMT | ||
557 | " of %" APR_SIZE_T_FMT " bytes.", | ||
558 | len - (apr_size_t) ret, len); | ||
559 | //continue; | ||
560 | if (ctxt->output_rc == APR_SUCCESS) { | ||
561 | ctxt->output_rc = APR_EGENERAL; | ||
562 | } | ||
563 | } | 516 | } |
564 | 517 | ||
565 | apr_bucket_delete(bucket); | 518 | apr_bucket_delete(bucket); |
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c index f1ab6a2..04f7db9 100644 --- a/src/mod_gnutls.c +++ b/src/mod_gnutls.c | |||
@@ -44,8 +44,9 @@ static int mod_gnutls_hook_pre_config(apr_pool_t * pconf, | |||
44 | } | 44 | } |
45 | 45 | ||
46 | #define DH_BITS 1024 | 46 | #define DH_BITS 1024 |
47 | #ifdef USE_RSA | ||
47 | #define RSA_BITS 512 | 48 | #define RSA_BITS 512 |
48 | 49 | #endif | |
49 | static int mod_gnutls_hook_post_config(apr_pool_t * p, apr_pool_t * plog, | 50 | static int mod_gnutls_hook_post_config(apr_pool_t * p, apr_pool_t * plog, |
50 | apr_pool_t * ptemp, | 51 | apr_pool_t * ptemp, |
51 | server_rec * base_server) | 52 | server_rec * base_server) |
@@ -53,15 +54,17 @@ static int mod_gnutls_hook_post_config(apr_pool_t * p, apr_pool_t * plog, | |||
53 | mod_gnutls_srvconf_rec *sc; | 54 | mod_gnutls_srvconf_rec *sc; |
54 | server_rec *s; | 55 | server_rec *s; |
55 | gnutls_dh_params_t dh_params; | 56 | gnutls_dh_params_t dh_params; |
57 | #ifdef USE_RSA | ||
56 | gnutls_rsa_params_t rsa_params; | 58 | gnutls_rsa_params_t rsa_params; |
57 | 59 | #endif | |
58 | 60 | ||
59 | /* TODO: Should we regenerate these after X requests / X time ? */ | 61 | /* TODO: Should we regenerate these after X requests / X time ? */ |
60 | gnutls_dh_params_init(&dh_params); | 62 | gnutls_dh_params_init(&dh_params); |
61 | gnutls_dh_params_generate2(dh_params, DH_BITS); | 63 | gnutls_dh_params_generate2(dh_params, DH_BITS); |
62 | // gnutls_rsa_params_init(&rsa_params); | 64 | #ifdef USE_RSA |
63 | // gnutls_rsa_params_generate2(rsa_params, RSA_BITS); | 65 | gnutls_rsa_params_init(&rsa_params); |
64 | 66 | gnutls_rsa_params_generate2(rsa_params, RSA_BITS); | |
67 | #endif | ||
65 | for (s = base_server; s; s = s->next) { | 68 | for (s = base_server; s; s = s->next) { |
66 | sc = (mod_gnutls_srvconf_rec *) ap_get_module_config(s->module_config, | 69 | sc = (mod_gnutls_srvconf_rec *) ap_get_module_config(s->module_config, |
67 | &gnutls_module); | 70 | &gnutls_module); |
@@ -69,7 +72,9 @@ static int mod_gnutls_hook_post_config(apr_pool_t * p, apr_pool_t * plog, | |||
69 | gnutls_certificate_set_x509_key_file(sc->certs, sc->cert_file, | 72 | gnutls_certificate_set_x509_key_file(sc->certs, sc->cert_file, |
70 | sc->key_file, | 73 | sc->key_file, |
71 | GNUTLS_X509_FMT_PEM); | 74 | GNUTLS_X509_FMT_PEM); |
72 | // gnutls_certificate_set_rsa_export_params(sc->certs, rsa_params); | 75 | #ifdef USE_RSA |
76 | gnutls_certificate_set_rsa_export_params(sc->certs, rsa_params); | ||
77 | #endif | ||
73 | gnutls_certificate_set_dh_params(sc->certs, dh_params); | 78 | gnutls_certificate_set_dh_params(sc->certs, dh_params); |
74 | } | 79 | } |
75 | else if (sc->enabled == GNUTLS_ENABLED_TRUE) { | 80 | else if (sc->enabled == GNUTLS_ENABLED_TRUE) { |