diff options
author | Nokis Mavrogiannopoulos | 2008-03-05 17:38:09 +0000 |
---|---|---|
committer | Nokis Mavrogiannopoulos | 2008-03-05 17:38:09 +0000 |
commit | 2cb49bd5137176e1445550399b6e9592607858a3 (patch) | |
tree | e7c8933ce56ecdac588fbaa9af0c4beb03850c3e /src | |
parent | fc05b4b880d4247da9353cae6be44180dee17b23 (diff) |
Diffstat (limited to 'src')
-rw-r--r-- | src/gnutls_cache.c | 9 | ||||
-rw-r--r-- | src/gnutls_config.c | 7 | ||||
-rw-r--r-- | src/gnutls_hooks.c | 6 | ||||
-rw-r--r-- | src/mod_gnutls.c | 3 |
4 files changed, 23 insertions, 2 deletions
diff --git a/src/gnutls_cache.c b/src/gnutls_cache.c index 83e7bb5..90f5a86 100644 --- a/src/gnutls_cache.c +++ b/src/gnutls_cache.c | |||
@@ -1,5 +1,6 @@ | |||
1 | /** | 1 | /** |
2 | * Copyright 2004-2005 Paul Querna | 2 | * Copyright 2004-2005 Paul Querna |
3 | * Portions Copyright 2008 Nikos Mavrogiannopoulos | ||
3 | * | 4 | * |
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
5 | * you may not use this file except in compliance with the License. | 6 | * you may not use this file except in compliance with the License. |
@@ -345,6 +346,7 @@ static int dbm_cache_expire(mgs_handle_t *ctxt) | |||
345 | break; | 346 | break; |
346 | } | 347 | } |
347 | } | 348 | } |
349 | apr_dbm_freedatum( dbm, dbmval); | ||
348 | 350 | ||
349 | } | 351 | } |
350 | apr_dbm_nextkey(dbm, &dbmkey); | 352 | apr_dbm_nextkey(dbm, &dbmkey); |
@@ -401,20 +403,25 @@ static gnutls_datum_t dbm_cache_fetch(void* baton, gnutls_datum_t key) | |||
401 | } | 403 | } |
402 | 404 | ||
403 | if (dbmval.dptr == NULL || dbmval.dsize <= sizeof(apr_time_t)) { | 405 | if (dbmval.dptr == NULL || dbmval.dsize <= sizeof(apr_time_t)) { |
406 | apr_dbm_freedatum( dbm, dbmval); | ||
404 | apr_dbm_close(dbm); | 407 | apr_dbm_close(dbm); |
405 | return data; | 408 | return data; |
406 | } | 409 | } |
407 | apr_dbm_close(dbm); | ||
408 | 410 | ||
409 | data.size = dbmval.dsize - sizeof(apr_time_t); | 411 | data.size = dbmval.dsize - sizeof(apr_time_t); |
410 | 412 | ||
411 | data.data = gnutls_malloc(data.size); | 413 | data.data = gnutls_malloc(data.size); |
412 | if (data.data == NULL) { | 414 | if (data.data == NULL) { |
415 | apr_dbm_freedatum( dbm, dbmval); | ||
416 | apr_dbm_close(dbm); | ||
413 | return data; | 417 | return data; |
414 | } | 418 | } |
415 | 419 | ||
416 | memcpy(data.data, dbmval.dptr+sizeof(apr_time_t), data.size); | 420 | memcpy(data.data, dbmval.dptr+sizeof(apr_time_t), data.size); |
417 | 421 | ||
422 | apr_dbm_freedatum( dbm, dbmval); | ||
423 | apr_dbm_close(dbm); | ||
424 | |||
418 | return data; | 425 | return data; |
419 | } | 426 | } |
420 | 427 | ||
diff --git a/src/gnutls_config.c b/src/gnutls_config.c index 8d6308a..4786f6d 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c | |||
@@ -202,6 +202,8 @@ const char *mgs_set_key_file(cmd_parms * parms, void *dummy, | |||
202 | return NULL; | 202 | return NULL; |
203 | } | 203 | } |
204 | 204 | ||
205 | #ifdef ENABLE_SRP | ||
206 | |||
205 | const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy, | 207 | const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy, |
206 | const char *arg) | 208 | const char *arg) |
207 | { | 209 | { |
@@ -228,6 +230,8 @@ const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy, | |||
228 | return NULL; | 230 | return NULL; |
229 | } | 231 | } |
230 | 232 | ||
233 | #endif | ||
234 | |||
231 | const char *mgs_set_cache(cmd_parms * parms, void *dummy, | 235 | const char *mgs_set_cache(cmd_parms * parms, void *dummy, |
232 | const char *type, const char *arg) | 236 | const char *type, const char *arg) |
233 | { | 237 | { |
@@ -426,6 +430,7 @@ void *mgs_config_server_create(apr_pool_t * p, server_rec * s) | |||
426 | ": (%d) %s", ret, gnutls_strerror(ret)); | 430 | ": (%d) %s", ret, gnutls_strerror(ret)); |
427 | } | 431 | } |
428 | 432 | ||
433 | #ifdef ENABLE_SRP | ||
429 | ret = gnutls_srp_allocate_server_credentials(&sc->srp_creds); | 434 | ret = gnutls_srp_allocate_server_credentials(&sc->srp_creds); |
430 | if (ret < 0) { | 435 | if (ret < 0) { |
431 | return apr_psprintf(p, "GnuTLS: Failed to initialize" | 436 | return apr_psprintf(p, "GnuTLS: Failed to initialize" |
@@ -434,6 +439,8 @@ void *mgs_config_server_create(apr_pool_t * p, server_rec * s) | |||
434 | 439 | ||
435 | sc->srp_tpasswd_conf_file = NULL; | 440 | sc->srp_tpasswd_conf_file = NULL; |
436 | sc->srp_tpasswd_file = NULL; | 441 | sc->srp_tpasswd_file = NULL; |
442 | #endif | ||
443 | |||
437 | sc->privkey_x509 = NULL; | 444 | sc->privkey_x509 = NULL; |
438 | memset( sc->certs_x509, 0, sizeof(sc->certs_x509)); | 445 | memset( sc->certs_x509, 0, sizeof(sc->certs_x509)); |
439 | sc->certs_x509_num = 0; | 446 | sc->certs_x509_num = 0; |
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 55a1120..0483602 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
@@ -115,11 +115,13 @@ static int mgs_select_virtual_server_cb(gnutls_session_t session) | |||
115 | 115 | ||
116 | gnutls_credentials_set(session, GNUTLS_CRD_ANON, ctxt->sc->anon_creds); | 116 | gnutls_credentials_set(session, GNUTLS_CRD_ANON, ctxt->sc->anon_creds); |
117 | 117 | ||
118 | #ifdef ENABLE_SRP | ||
118 | if (ctxt->sc->srp_tpasswd_conf_file != NULL | 119 | if (ctxt->sc->srp_tpasswd_conf_file != NULL |
119 | && ctxt->sc->srp_tpasswd_file != NULL) { | 120 | && ctxt->sc->srp_tpasswd_file != NULL) { |
120 | gnutls_credentials_set(session, GNUTLS_CRD_SRP, | 121 | gnutls_credentials_set(session, GNUTLS_CRD_SRP, |
121 | ctxt->sc->srp_creds); | 122 | ctxt->sc->srp_creds); |
122 | } | 123 | } |
124 | #endif | ||
123 | 125 | ||
124 | /* update the priorities - to avoid negotiating a ciphersuite that is not | 126 | /* update the priorities - to avoid negotiating a ciphersuite that is not |
125 | * enabled on this virtual server. Note that here we ignore the version | 127 | * enabled on this virtual server. Note that here we ignore the version |
@@ -313,6 +315,7 @@ mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog, | |||
313 | gnutls_certificate_server_set_retrieve_function(sc->certs, | 315 | gnutls_certificate_server_set_retrieve_function(sc->certs, |
314 | cert_retrieve_fn); | 316 | cert_retrieve_fn); |
315 | 317 | ||
318 | #ifdef ENABLE_SRP | ||
316 | if (sc->srp_tpasswd_conf_file != NULL | 319 | if (sc->srp_tpasswd_conf_file != NULL |
317 | && sc->srp_tpasswd_file != NULL) { | 320 | && sc->srp_tpasswd_file != NULL) { |
318 | rv = gnutls_srp_set_server_credentials_file(sc->srp_creds, | 321 | rv = gnutls_srp_set_server_credentials_file(sc->srp_creds, |
@@ -329,6 +332,7 @@ mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog, | |||
329 | exit(-1); | 332 | exit(-1); |
330 | } | 333 | } |
331 | } | 334 | } |
335 | #endif | ||
332 | 336 | ||
333 | if (sc->certs_x509[0] == NULL | 337 | if (sc->certs_x509[0] == NULL |
334 | && sc->enabled == GNUTLS_ENABLED_TRUE) { | 338 | && sc->enabled == GNUTLS_ENABLED_TRUE) { |
@@ -662,8 +666,10 @@ int mgs_hook_fixups(request_rec * r) | |||
662 | gnutls_compression_get_name(gnutls_compression_get | 666 | gnutls_compression_get_name(gnutls_compression_get |
663 | (ctxt->session))); | 667 | (ctxt->session))); |
664 | 668 | ||
669 | #ifdef ENABLE_SRP | ||
665 | apr_table_setn(env, "SSL_SRP_USER", | 670 | apr_table_setn(env, "SSL_SRP_USER", |
666 | gnutls_srp_server_get_username(ctxt->session)); | 671 | gnutls_srp_server_get_username(ctxt->session)); |
672 | #endif | ||
667 | 673 | ||
668 | if (apr_table_get(env, "SSL_CLIENT_VERIFY") == NULL) | 674 | if (apr_table_get(env, "SSL_CLIENT_VERIFY") == NULL) |
669 | apr_table_setn(env, "SSL_CLIENT_VERIFY", "NONE"); | 675 | apr_table_setn(env, "SSL_CLIENT_VERIFY", "NONE"); |
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c index a6e5528..cc760e6 100644 --- a/src/mod_gnutls.c +++ b/src/mod_gnutls.c | |||
@@ -17,7 +17,6 @@ | |||
17 | 17 | ||
18 | #include "mod_gnutls.h" | 18 | #include "mod_gnutls.h" |
19 | 19 | ||
20 | |||
21 | static void gnutls_hooks(apr_pool_t * p) | 20 | static void gnutls_hooks(apr_pool_t * p) |
22 | { | 21 | { |
23 | ap_hook_pre_connection(mgs_hook_pre_connection, NULL, NULL, | 22 | ap_hook_pre_connection(mgs_hook_pre_connection, NULL, NULL, |
@@ -80,6 +79,7 @@ static const command_rec mgs_config_cmds[] = { | |||
80 | NULL, | 79 | NULL, |
81 | RSRC_CONF, | 80 | RSRC_CONF, |
82 | "SSL Server SRP Password file"), | 81 | "SSL Server SRP Password file"), |
82 | #ifdef ENABLE_SRP | ||
83 | AP_INIT_TAKE1("GnuTLSSRPPasswdFile", mgs_set_srp_tpasswd_file, | 83 | AP_INIT_TAKE1("GnuTLSSRPPasswdFile", mgs_set_srp_tpasswd_file, |
84 | NULL, | 84 | NULL, |
85 | RSRC_CONF, | 85 | RSRC_CONF, |
@@ -88,6 +88,7 @@ static const command_rec mgs_config_cmds[] = { | |||
88 | NULL, | 88 | NULL, |
89 | RSRC_CONF, | 89 | RSRC_CONF, |
90 | "SSL Server SRP Parameters file"), | 90 | "SSL Server SRP Parameters file"), |
91 | #endif | ||
91 | AP_INIT_TAKE1("GnuTLSCacheTimeout", mgs_set_cache_timeout, | 92 | AP_INIT_TAKE1("GnuTLSCacheTimeout", mgs_set_cache_timeout, |
92 | NULL, | 93 | NULL, |
93 | RSRC_CONF, | 94 | RSRC_CONF, |