aboutsummaryrefslogtreecommitdiffstats
path: root/src/gnutls_config.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gnutls_config.c')
-rw-r--r--src/gnutls_config.c405
1 files changed, 225 insertions, 180 deletions
diff --git a/src/gnutls_config.c b/src/gnutls_config.c
index d3879f1..cad078c 100644
--- a/src/gnutls_config.c
+++ b/src/gnutls_config.c
@@ -17,225 +17,275 @@
17 17
18#include "mod_gnutls.h" 18#include "mod_gnutls.h"
19 19
20static int load_datum_from_file(apr_pool_t* pool, 20static int load_datum_from_file(apr_pool_t * pool,
21 const char* file, 21 const char *file, gnutls_datum_t * data)
22 gnutls_datum_t* data)
23{ 22{
24 apr_file_t* fp; 23 apr_file_t *fp;
25 apr_finfo_t finfo; 24 apr_finfo_t finfo;
26 apr_status_t rv; 25 apr_status_t rv;
27 apr_size_t br = 0; 26 apr_size_t br = 0;
28 27
29 rv = apr_file_open(&fp, file, APR_READ|APR_BINARY, APR_OS_DEFAULT, 28 rv = apr_file_open(&fp, file, APR_READ | APR_BINARY, APR_OS_DEFAULT,
30 pool); 29 pool);
31 if (rv != APR_SUCCESS) { 30 if (rv != APR_SUCCESS) {
32 return rv; 31 return rv;
33 } 32 }
34 33
35 rv = apr_file_info_get(&finfo, APR_FINFO_SIZE, fp); 34 rv = apr_file_info_get(&finfo, APR_FINFO_SIZE, fp);
36 35
37 if (rv != APR_SUCCESS) { 36 if (rv != APR_SUCCESS) {
38 return rv; 37 return rv;
39 } 38 }
40 39
41 data->data = apr_palloc(pool, finfo.size+1); 40 data->data = apr_palloc(pool, finfo.size + 1);
42 rv = apr_file_read_full(fp, data->data, finfo.size, &br); 41 rv = apr_file_read_full(fp, data->data, finfo.size, &br);
43 42
44 if (rv != APR_SUCCESS) { 43 if (rv != APR_SUCCESS) {
45 return rv; 44 return rv;
46 } 45 }
47 apr_file_close(fp); 46 apr_file_close(fp);
48 47
49 data->data[br] = '\0'; 48 data->data[br] = '\0';
50 data->size = br; 49 data->size = br;
51 50
52 return 0; 51 return 0;
53} 52}
54 53
54const char *mgs_set_dh_file(cmd_parms * parms, void *dummy,
55 const char *arg)
56{
57 mgs_srvconf_rec *sc =
58 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
59 module_config,
60 &gnutls_module);
61
62 sc->dh_params_file = ap_server_root_relative(parms->pool, arg);
63
64 return NULL;
65}
66
67const char *mgs_set_rsa_export_file(cmd_parms * parms, void *dummy,
68 const char *arg)
69{
70 mgs_srvconf_rec *sc =
71 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
72 module_config,
73 &gnutls_module);
74
75 sc->rsa_params_file = ap_server_root_relative(parms->pool, arg);
76
77 return NULL;
78}
79
80
55const char *mgs_set_cert_file(cmd_parms * parms, void *dummy, 81const char *mgs_set_cert_file(cmd_parms * parms, void *dummy,
56 const char *arg) 82 const char *arg)
57{ 83{
58 int ret; 84 int ret;
59 gnutls_datum_t data; 85 gnutls_datum_t data;
60 const char* file; 86 const char *file;
61 apr_pool_t* spool; 87 apr_pool_t *spool;
62 mgs_srvconf_rec *sc = 88 mgs_srvconf_rec *sc =
63 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 89 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
64 module_config, 90 module_config,
65 &gnutls_module); 91 &gnutls_module);
66 apr_pool_create(&spool, parms->pool); 92 apr_pool_create(&spool, parms->pool);
67 93
68 file = ap_server_root_relative(spool, arg); 94 file = ap_server_root_relative(spool, arg);
69 95
70 if (load_datum_from_file(spool, file, &data) != 0) { 96 if (load_datum_from_file(spool, file, &data) != 0) {
71 return apr_psprintf(parms->pool, "GnuTLS: Error Reading " 97 return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
72 "Certificate '%s'", file); 98 "Certificate '%s'", file);
73 } 99 }
74 100
75 gnutls_x509_crt_init(&sc->cert_x509); 101 gnutls_x509_crt_init(&sc->cert_x509);
76 ret = gnutls_x509_crt_import(sc->cert_x509, &data, GNUTLS_X509_FMT_PEM); 102 ret =
103 gnutls_x509_crt_import(sc->cert_x509, &data, GNUTLS_X509_FMT_PEM);
77 if (ret != 0) { 104 if (ret != 0) {
78 return apr_psprintf(parms->pool, "GnuTLS: Failed to Import " 105 return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
79 "Certificate'%s': (%d) %s", file, ret, 106 "Certificate'%s': (%d) %s", file, ret,
80 gnutls_strerror(ret)); 107 gnutls_strerror(ret));
81 } 108 }
82 109
83 apr_pool_destroy(spool); 110 apr_pool_destroy(spool);
84 return NULL; 111 return NULL;
85} 112}
86 113
87const char *mgs_set_key_file(cmd_parms * parms, void *dummy, 114const char *mgs_set_key_file(cmd_parms * parms, void *dummy,
88 const char *arg) 115 const char *arg)
89{ 116{
90 int ret; 117 int ret;
91 gnutls_datum_t data; 118 gnutls_datum_t data;
92 const char* file; 119 const char *file;
93 apr_pool_t* spool; 120 apr_pool_t *spool;
94 mgs_srvconf_rec *sc = 121 mgs_srvconf_rec *sc =
95 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 122 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
96 module_config, 123 module_config,
97 &gnutls_module); 124 &gnutls_module);
98 apr_pool_create(&spool, parms->pool); 125 apr_pool_create(&spool, parms->pool);
99 126
100 file = ap_server_root_relative(spool, arg); 127 file = ap_server_root_relative(spool, arg);
101 128
102 if (load_datum_from_file(spool, file, &data) != 0) { 129 if (load_datum_from_file(spool, file, &data) != 0) {
103 return apr_psprintf(parms->pool, "GnuTLS: Error Reading " 130 return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
104 "Private Key '%s'", file); 131 "Private Key '%s'", file);
105 } 132 }
106 133
107 gnutls_x509_privkey_init(&sc->privkey_x509); 134 gnutls_x509_privkey_init(&sc->privkey_x509);
108 ret = gnutls_x509_privkey_import(sc->privkey_x509, &data, GNUTLS_X509_FMT_PEM); 135 ret =
136 gnutls_x509_privkey_import(sc->privkey_x509, &data,
137 GNUTLS_X509_FMT_PEM);
109 if (ret != 0) { 138 if (ret != 0) {
110 return apr_psprintf(parms->pool, "GnuTLS: Failed to Import " 139 return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
111 "Private Key '%s': (%d) %s", file, ret, 140 "Private Key '%s': (%d) %s", file, ret,
112 gnutls_strerror(ret)); 141 gnutls_strerror(ret));
113 } 142 }
114 apr_pool_destroy(spool); 143 apr_pool_destroy(spool);
115 return NULL; 144 return NULL;
116} 145}
117 146
147const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy,
148 const char *arg)
149{
150 mgs_srvconf_rec *sc =
151 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
152 module_config,
153 &gnutls_module);
154
155 sc->srp_tpasswd_file = ap_server_root_relative(parms->pool, arg);
156
157 return NULL;
158}
159
160const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy,
161 const char *arg)
162{
163 mgs_srvconf_rec *sc =
164 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
165 module_config,
166 &gnutls_module);
167
168 sc->srp_tpasswd_conf_file = ap_server_root_relative(parms->pool, arg);
169
170 return NULL;
171}
172
118const char *mgs_set_cache(cmd_parms * parms, void *dummy, 173const char *mgs_set_cache(cmd_parms * parms, void *dummy,
119 const char *type, const char* arg) 174 const char *type, const char *arg)
120{ 175{
121 const char* err; 176 const char *err;
122 mgs_srvconf_rec *sc = ap_get_module_config(parms->server-> 177 mgs_srvconf_rec *sc = ap_get_module_config(parms->server->
123 module_config, 178 module_config,
124 &gnutls_module); 179 &gnutls_module);
125 if ((err = ap_check_cmd_context(parms, GLOBAL_ONLY))) { 180 if ((err = ap_check_cmd_context(parms, GLOBAL_ONLY))) {
126 return err; 181 return err;
127 } 182 }
128 183
129 if (strcasecmp("none", type) == 0) { 184 if (strcasecmp("none", type) == 0) {
130 sc->cache_type = mgs_cache_none; 185 sc->cache_type = mgs_cache_none;
131 } 186 } else if (strcasecmp("dbm", type) == 0) {
132 else if (strcasecmp("dbm", type) == 0) { 187 sc->cache_type = mgs_cache_dbm;
133 sc->cache_type = mgs_cache_dbm;
134 } 188 }
135#if HAVE_APR_MEMCACHE 189#if HAVE_APR_MEMCACHE
136 else if (strcasecmp("memcache", type) == 0) { 190 else if (strcasecmp("memcache", type) == 0) {
137 sc->cache_type = mgs_cache_memcache; 191 sc->cache_type = mgs_cache_memcache;
138 } 192 }
139#endif 193#endif
140 else { 194 else {
141 return "Invalid Type for GnuTLSCache!"; 195 return "Invalid Type for GnuTLSCache!";
142 } 196 }
143 197
144 if (sc->cache_type == mgs_cache_dbm) { 198 if (sc->cache_type == mgs_cache_dbm) {
145 sc->cache_config = ap_server_root_relative(parms->pool, arg); 199 sc->cache_config = ap_server_root_relative(parms->pool, arg);
146 } 200 } else {
147 else { 201 sc->cache_config = apr_pstrdup(parms->pool, arg);
148 sc->cache_config = apr_pstrdup(parms->pool, arg);
149 } 202 }
150 203
151 return NULL; 204 return NULL;
152} 205}
153 206
154const char *mgs_set_cache_timeout(cmd_parms * parms, void *dummy, 207const char *mgs_set_cache_timeout(cmd_parms * parms, void *dummy,
155 const char *arg) 208 const char *arg)
156{ 209{
157 int argint; 210 int argint;
158 mgs_srvconf_rec *sc = 211 mgs_srvconf_rec *sc =
159 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 212 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
160 module_config, 213 module_config,
161 &gnutls_module); 214 &gnutls_module);
162 215
163 argint = atoi(arg); 216 argint = atoi(arg);
164 217
165 if (argint < 0) { 218 if (argint < 0) {
166 return "GnuTLSCacheTimeout: Invalid argument"; 219 return "GnuTLSCacheTimeout: Invalid argument";
167 } 220 } else if (argint == 0) {
168 else if (argint == 0) { 221 sc->cache_timeout = 0;
169 sc->cache_timeout = 0; 222 } else {
223 sc->cache_timeout = apr_time_from_sec(argint);
170 } 224 }
171 else { 225
172 sc->cache_timeout = apr_time_from_sec(argint);
173 }
174
175 return NULL; 226 return NULL;
176} 227}
177 228
178const char *mgs_set_client_verify(cmd_parms * parms, void *dummy, 229const char *mgs_set_client_verify(cmd_parms * parms, void *dummy,
179 const char *arg) 230 const char *arg)
180{ 231{
181 int mode; 232 int mode;
182 233
183 if (strcasecmp("none", arg) == 0 || strcasecmp("ignore", arg) == 0) { 234 if (strcasecmp("none", arg) == 0 || strcasecmp("ignore", arg) == 0) {
184 mode = GNUTLS_CERT_IGNORE; 235 mode = GNUTLS_CERT_IGNORE;
236 } else if (strcasecmp("optional", arg) == 0
237 || strcasecmp("request", arg) == 0) {
238 mode = GNUTLS_CERT_REQUEST;
239 } else if (strcasecmp("require", arg) == 0) {
240 mode = GNUTLS_CERT_REQUIRE;
241 } else {
242 return "GnuTLSClientVerify: Invalid argument";
185 } 243 }
186 else if (strcasecmp("optional", arg) == 0 || strcasecmp("request", arg) == 0) { 244
187 mode = GNUTLS_CERT_REQUEST;
188 }
189 else if (strcasecmp("require", arg) == 0) {
190 mode = GNUTLS_CERT_REQUIRE;
191 }
192 else {
193 return "GnuTLSClientVerify: Invalid argument";
194 }
195
196 /* This was set from a directory context */ 245 /* This was set from a directory context */
197 if (parms->path) { 246 if (parms->path) {
198 mgs_dirconf_rec *dc = (mgs_dirconf_rec *)dummy; 247 mgs_dirconf_rec *dc = (mgs_dirconf_rec *) dummy;
199 dc->client_verify_mode = mode; 248 dc->client_verify_mode = mode;
200 } 249 } else {
201 else { 250 mgs_srvconf_rec *sc =
202 mgs_srvconf_rec *sc = 251 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
203 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 252 module_config,
204 module_config, 253 &gnutls_module);
205 &gnutls_module); 254 sc->client_verify_mode = mode;
206 sc->client_verify_mode = mode;
207 } 255 }
208 256
209 return NULL; 257 return NULL;
210} 258}
211 259
212const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, 260const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
213 const char *arg) 261 const char *arg)
214{ 262{
215 int rv; 263 int rv;
216 const char* file; 264 const char *file;
217 apr_pool_t* spool; 265 apr_pool_t *spool;
218 gnutls_datum_t data; 266 gnutls_datum_t data;
219 267
220 mgs_srvconf_rec *sc = 268 mgs_srvconf_rec *sc =
221 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 269 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
222 module_config, 270 module_config,
223 &gnutls_module); 271 &gnutls_module);
224 apr_pool_create(&spool, parms->pool); 272 apr_pool_create(&spool, parms->pool);
225 273
226 file = ap_server_root_relative(spool, arg); 274 file = ap_server_root_relative(spool, arg);
227 275
228 sc->ca_list_size = 16; 276 if (load_datum_from_file(spool, file, &data) != 0) {
229 277 return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
230 load_datum_from_file(spool, file, &data); 278 "Client CA File '%s'", file);
279 }
231 280
232 rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size, 281 sc->ca_list_size = MAX_CA_CRTS;
233 &data, GNUTLS_X509_FMT_PEM, 282 rv = gnutls_x509_crt_list_import(sc->ca_list, &sc->ca_list_size,
234 GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); 283 &data, GNUTLS_X509_FMT_PEM,
284 GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
235 if (rv < 0) { 285 if (rv < 0) {
236 return apr_psprintf(parms->pool, "GnuTLS: Failed to load " 286 return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
237 "Client CA File '%s': (%d) %s", file, rv, 287 "Client CA File '%s': (%d) %s", file, rv,
238 gnutls_strerror(rv)); 288 gnutls_strerror(rv));
239 } 289 }
240 290
241 apr_pool_destroy(spool); 291 apr_pool_destroy(spool);
@@ -243,20 +293,57 @@ const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
243} 293}
244 294
245const char *mgs_set_enabled(cmd_parms * parms, void *dummy, 295const char *mgs_set_enabled(cmd_parms * parms, void *dummy,
246 const char *arg) 296 const char *arg)
247{ 297{
248 mgs_srvconf_rec *sc = 298 mgs_srvconf_rec *sc =
249 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 299 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
250 module_config, 300 module_config,
251 &gnutls_module); 301 &gnutls_module);
252 if (!strcasecmp(arg, "On")) { 302 if (!strcasecmp(arg, "On")) {
253 sc->enabled = GNUTLS_ENABLED_TRUE; 303 sc->enabled = GNUTLS_ENABLED_TRUE;
304 } else if (!strcasecmp(arg, "Off")) {
305 sc->enabled = GNUTLS_ENABLED_FALSE;
306 } else {
307 return "GnuTLSEnable must be set to 'On' or 'Off'";
254 } 308 }
255 else if (!strcasecmp(arg, "Off")) { 309
256 sc->enabled = GNUTLS_ENABLED_FALSE; 310 return NULL;
311}
312
313const char *mgs_set_export_certificates_enabled(cmd_parms * parms, void *dummy,
314 const char *arg)
315{
316 mgs_srvconf_rec *sc =
317 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
318 module_config,
319 &gnutls_module);
320 if (!strcasecmp(arg, "On")) {
321 sc->export_certificates_enabled = GNUTLS_ENABLED_TRUE;
322 } else if (!strcasecmp(arg, "Off")) {
323 sc->export_certificates_enabled = GNUTLS_ENABLED_FALSE;
324 } else {
325 return "GnuTLSExportCertificates must be set to 'On' or 'Off'";
257 } 326 }
258 else { 327
259 return "GnuTLSEnable must be set to 'On' or 'Off'"; 328 return NULL;
329}
330
331
332const char *mgs_set_priorities(cmd_parms * parms, void *dummy, const char *arg)
333{
334 int ret;
335 char *err;
336 mgs_srvconf_rec *sc =
337 (mgs_srvconf_rec *) ap_get_module_config(parms->server->
338 module_config,
339 &gnutls_module);
340
341
342 ret = gnutls_priority_init( &sc->priorities, arg, &err);
343 if (ret < 0) {
344 if (ret == GNUTLS_E_INVALID_REQUEST)
345 return apr_psprintf(parms->pool, "GnuTLS: Syntax error parsing priorities string at: %s", err);
346 return "Error setting priorities";
260 } 347 }
261 348
262 return NULL; 349 return NULL;
@@ -264,92 +351,50 @@ const char *mgs_set_enabled(cmd_parms * parms, void *dummy,
264 351
265void *mgs_config_server_create(apr_pool_t * p, server_rec * s) 352void *mgs_config_server_create(apr_pool_t * p, server_rec * s)
266{ 353{
267 int i;
268 mgs_srvconf_rec *sc = apr_pcalloc(p, sizeof(*sc)); 354 mgs_srvconf_rec *sc = apr_pcalloc(p, sizeof(*sc));
269 355
270 sc->enabled = GNUTLS_ENABLED_FALSE; 356 sc->enabled = GNUTLS_ENABLED_FALSE;
271 357
272 gnutls_certificate_allocate_credentials(&sc->certs); 358 gnutls_certificate_allocate_credentials(&sc->certs);
359 gnutls_anon_allocate_server_credentials(&sc->anon_creds);
360 gnutls_srp_allocate_server_credentials(&sc->srp_creds);
361
362 sc->srp_tpasswd_conf_file = NULL;
363 sc->srp_tpasswd_file = NULL;
273 sc->privkey_x509 = NULL; 364 sc->privkey_x509 = NULL;
274 sc->cert_x509 = NULL; 365 sc->cert_x509 = NULL;
275 sc->cache_timeout = apr_time_from_sec(300); 366 sc->cache_timeout = apr_time_from_sec(300);
276 sc->cache_type = mgs_cache_dbm; 367 sc->cache_type = mgs_cache_dbm;
277 sc->cache_config = ap_server_root_relative(p, "conf/gnutls_cache"); 368 sc->cache_config = ap_server_root_relative(p, "conf/gnutls_cache");
278 369
279 /* TODO: Make this Configurable. But it isn't configurable in mod_ssl? */
280 sc->dh_params_file = ap_server_root_relative(p, "conf/dhfile"); 370 sc->dh_params_file = ap_server_root_relative(p, "conf/dhfile");
281 sc->rsa_params_file = ap_server_root_relative(p, "conf/rsafile"); 371 sc->rsa_params_file = ap_server_root_relative(p, "conf/rsafile");
282 372
283 /* Finish SSL Client Certificate Support */
284 sc->client_verify_mode = GNUTLS_CERT_IGNORE; 373 sc->client_verify_mode = GNUTLS_CERT_IGNORE;
285 374
286 /* TODO: Make this Configurable ! */
287 /* mod_ssl uses a flex based parser for this part.. sigh */
288 i = 0;
289 sc->ciphers[i++] = GNUTLS_CIPHER_AES_256_CBC;
290 sc->ciphers[i++] = GNUTLS_CIPHER_AES_128_CBC;
291 sc->ciphers[i++] = GNUTLS_CIPHER_ARCFOUR_128;
292 sc->ciphers[i++] = GNUTLS_CIPHER_3DES_CBC;
293 sc->ciphers[i++] = GNUTLS_CIPHER_ARCFOUR_40;
294 sc->ciphers[i] = 0;
295
296 i = 0;
297 sc->key_exchange[i++] = GNUTLS_KX_RSA;
298 sc->key_exchange[i++] = GNUTLS_KX_RSA_EXPORT;
299 sc->key_exchange[i++] = GNUTLS_KX_DHE_DSS;
300 sc->key_exchange[i++] = GNUTLS_KX_DHE_RSA;
301 sc->key_exchange[i++] = GNUTLS_KX_ANON_DH;
302 sc->key_exchange[i++] = GNUTLS_KX_SRP;
303 sc->key_exchange[i++] = GNUTLS_KX_SRP_RSA;
304 sc->key_exchange[i++] = GNUTLS_KX_SRP_DSS;
305 sc->key_exchange[i] = 0;
306
307 i = 0;
308 sc->macs[i++] = GNUTLS_MAC_SHA;
309 sc->macs[i++] = GNUTLS_MAC_MD5;
310 sc->macs[i++] = GNUTLS_MAC_RMD160;
311 sc->macs[i] = 0;
312
313 i = 0;
314 sc->protocol[i++] = GNUTLS_TLS1_1;
315 sc->protocol[i++] = GNUTLS_TLS1;
316 sc->protocol[i++] = GNUTLS_SSL3;
317 sc->protocol[i] = 0;
318
319 i = 0;
320 sc->compression[i++] = GNUTLS_COMP_NULL;
321 sc->compression[i++] = GNUTLS_COMP_ZLIB;
322 sc->compression[i++] = GNUTLS_COMP_LZO;
323 sc->compression[i] = 0;
324
325 i = 0;
326 sc->cert_types[i++] = GNUTLS_CRT_X509;
327 sc->cert_types[i] = 0;
328
329 return sc; 375 return sc;
330} 376}
331 377
332void *mgs_config_dir_merge(apr_pool_t *p, void *basev, void *addv) 378void *mgs_config_dir_merge(apr_pool_t * p, void *basev, void *addv)
333{ 379{
334 mgs_dirconf_rec *new; 380 mgs_dirconf_rec *new;
335 mgs_dirconf_rec *base = (mgs_dirconf_rec *) basev; 381/* mgs_dirconf_rec *base = (mgs_dirconf_rec *) basev; */
336 mgs_dirconf_rec *add = (mgs_dirconf_rec *) addv; 382 mgs_dirconf_rec *add = (mgs_dirconf_rec *) addv;
337 383
338 new = (mgs_dirconf_rec *) apr_pcalloc(p, sizeof(mgs_dirconf_rec)); 384 new = (mgs_dirconf_rec *) apr_pcalloc(p, sizeof(mgs_dirconf_rec));
339 new->lua_bytecode = apr_pstrmemdup(p, add->lua_bytecode, 385 new->lua_bytecode = apr_pstrmemdup(p, add->lua_bytecode,
340 add->lua_bytecode_len); 386 add->lua_bytecode_len);
341 new->lua_bytecode_len = add->lua_bytecode_len; 387 new->lua_bytecode_len = add->lua_bytecode_len;
342 new->client_verify_mode = add->client_verify_mode; 388 new->client_verify_mode = add->client_verify_mode;
343 return new; 389 return new;
344} 390}
345 391
346void *mgs_config_dir_create(apr_pool_t *p, char *dir) 392void *mgs_config_dir_create(apr_pool_t * p, char *dir)
347{ 393{
348 mgs_dirconf_rec *dc = apr_palloc(p, sizeof(*dc)); 394 mgs_dirconf_rec *dc = apr_palloc(p, sizeof(*dc));
349 395
350 dc->client_verify_mode = -1; 396 dc->client_verify_mode = -1;
351 dc->lua_bytecode = NULL; 397 dc->lua_bytecode = NULL;
352 dc->lua_bytecode_len = 0; 398 dc->lua_bytecode_len = 0;
353 return dc; 399 return dc;
354} 400}
355