aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/gnutls_cache.c3
-rw-r--r--src/gnutls_io.c9
-rw-r--r--src/mod_gnutls.c9
3 files changed, 15 insertions, 6 deletions
diff --git a/src/gnutls_cache.c b/src/gnutls_cache.c
index 91e6ec9..eaeeea6 100644
--- a/src/gnutls_cache.c
+++ b/src/gnutls_cache.c
@@ -209,11 +209,12 @@ static gnutls_datum_t mc_cache_fetch(void* baton, gnutls_datum_t key)
209 &value, &value_len, NULL); 209 &value, &value_len, NULL);
210 210
211 if (rv != APR_SUCCESS) { 211 if (rv != APR_SUCCESS) {
212#if MOD_GNUTLS_DEBUG
212 ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, 213 ap_log_error(APLOG_MARK, APLOG_DEBUG, rv,
213 ctxt->c->base_server, 214 ctxt->c->base_server,
214 "[gnutls_cache] error fetching key '%s' ", 215 "[gnutls_cache] error fetching key '%s' ",
215 strkey); 216 strkey);
216 217#endif
217 data.size = 0; 218 data.size = 0;
218 data.data = NULL; 219 data.data = NULL;
219 return data; 220 return data;
diff --git a/src/gnutls_io.c b/src/gnutls_io.c
index 5e0c4ef..dee2c4f 100644
--- a/src/gnutls_io.c
+++ b/src/gnutls_io.c
@@ -381,10 +381,15 @@ tryagain:
381 gnutls_strerror(ret)); 381 gnutls_strerror(ret));
382 goto tryagain; 382 goto tryagain;
383 } 383 }
384 384#if USING_2_1_RECENT
385 ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, 385 ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctxt->c,
386 "GnuTLS: Handshake Failed (%d) '%s'", ret, 386 "GnuTLS: Handshake Failed (%d) '%s'", ret,
387 gnutls_strerror(ret)); 387 gnutls_strerror(ret));
388#else
389 ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server,
390 "GnuTLS: Handshake Failed (%d) '%s'", ret,
391 gnutls_strerror(ret));
392#endif
388 ctxt->status = -1; 393 ctxt->status = -1;
389 gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL, 394 gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
390 gnutls_error_to_alert(ret, NULL)); 395 gnutls_error_to_alert(ret, NULL));
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
index cb81a26..681411b 100644
--- a/src/mod_gnutls.c
+++ b/src/mod_gnutls.c
@@ -294,7 +294,6 @@ static apr_port_t mod_gnutls_hook_default_port(const request_rec * r)
294 294
295static void mod_gnutls_changed_servers(mod_gnutls_handle_t *ctxt) 295static void mod_gnutls_changed_servers(mod_gnutls_handle_t *ctxt)
296{ 296{
297 gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs);
298 gnutls_certificate_server_set_request(ctxt->session, ctxt->sc->client_verify_mode); 297 gnutls_certificate_server_set_request(ctxt->session, ctxt->sc->client_verify_mode);
299} 298}
300 299
@@ -479,9 +478,11 @@ static mod_gnutls_handle_t* create_gnutls_handle(apr_pool_t* pool, conn_rec * c)
479 gnutls_certificate_type_set_priority(ctxt->session, sc->cert_types); 478 gnutls_certificate_type_set_priority(ctxt->session, sc->cert_types);
480 479
481 mod_gnutls_cache_session_init(ctxt); 480 mod_gnutls_cache_session_init(ctxt);
481
482 gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs);
482 483
483 gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn); 484 gnutls_certificate_server_set_retrieve_function(sc->certs, cert_retrieve_fn);
484 485
485 mod_gnutls_changed_servers(ctxt); 486 mod_gnutls_changed_servers(ctxt);
486 return ctxt; 487 return ctxt;
487} 488}
@@ -838,7 +839,7 @@ int mod_gnutls_hook_authz(request_rec *r)
838 839
839 if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) { 840 if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) {
840 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, 841 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
841 "GnuTLS: Ignoring Client Certificate!"); 842 "GnuTLS: Directory set to Ignore Client Certificate!");
842 return DECLINED; 843 return DECLINED;
843 } 844 }
844 845
@@ -855,8 +856,10 @@ int mod_gnutls_hook_authz(request_rec *r)
855 } 856 }
856 } 857 }
857 else if (ctxt->sc->client_verify_mode == GNUTLS_CERT_IGNORE) { 858 else if (ctxt->sc->client_verify_mode == GNUTLS_CERT_IGNORE) {
859#if MOD_GNUTLS_DEBUG
858 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, 860 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
859 "GnuTLS: Peer is set to IGNORE"); 861 "GnuTLS: Peer is set to IGNORE");
862#endif
860 return DECLINED; 863 return DECLINED;
861 } 864 }
862 865