From b077bddda4c47a1dffc8a24493d3412419cda26c Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 3 Dec 2007 21:09:43 +0000 Subject: added more error checks. --- src/gnutls_config.c | 53 ++++++++++++++++++++++++++++++++++++++++++++--------- src/gnutls_hooks.c | 7 +++++-- 2 files changed, 49 insertions(+), 11 deletions(-) diff --git a/src/gnutls_config.c b/src/gnutls_config.c index 22e8fbc..7b5a42b 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c @@ -72,10 +72,15 @@ const char *mgs_set_dh_file(cmd_parms * parms, void *dummy, "DH params '%s'", file); } - gnutls_dh_params_init(&sc->dh_params); + ret = gnutls_dh_params_init(&sc->dh_params); + if (ret < 0) { + return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } + ret = gnutls_dh_params_import_pkcs3(sc->dh_params, &data, GNUTLS_X509_FMT_PEM); - if (ret != 0) { + if (ret < 0) { return apr_psprintf(parms->pool, "GnuTLS: Failed to Import " "DH params '%s': (%d) %s", file, ret, gnutls_strerror(ret)); @@ -107,7 +112,12 @@ const char *mgs_set_rsa_export_file(cmd_parms * parms, void *dummy, "RSA params '%s'", file); } - gnutls_rsa_params_init(&sc->rsa_params); + ret = gnutls_rsa_params_init(&sc->rsa_params); + if (ret < 0) { + return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } + ret = gnutls_rsa_params_import_pkcs1(sc->rsa_params, &data, GNUTLS_X509_FMT_PEM); if (ret != 0) { @@ -141,7 +151,12 @@ const char *mgs_set_cert_file(cmd_parms * parms, void *dummy, "Certificate '%s'", file); } - gnutls_x509_crt_init(&sc->cert_x509); + ret = gnutls_x509_crt_init(&sc->cert_x509); + if (ret < 0) { + return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } + ret = gnutls_x509_crt_import(sc->cert_x509, &data, GNUTLS_X509_FMT_PEM); if (ret != 0) { @@ -174,7 +189,12 @@ const char *mgs_set_key_file(cmd_parms * parms, void *dummy, "Private Key '%s'", file); } - gnutls_x509_privkey_init(&sc->privkey_x509); + ret = gnutls_x509_privkey_init(&sc->privkey_x509); + if (ret < 0) { + return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } + ret = gnutls_x509_privkey_import(sc->privkey_x509, &data, GNUTLS_X509_FMT_PEM); @@ -395,12 +415,27 @@ const char *mgs_set_priorities(cmd_parms * parms, void *dummy, const char *arg) void *mgs_config_server_create(apr_pool_t * p, server_rec * s) { mgs_srvconf_rec *sc = apr_pcalloc(p, sizeof(*sc)); - + int ret; + sc->enabled = GNUTLS_ENABLED_FALSE; - gnutls_certificate_allocate_credentials(&sc->certs); - gnutls_anon_allocate_server_credentials(&sc->anon_creds); - gnutls_srp_allocate_server_credentials(&sc->srp_creds); + ret = gnutls_certificate_allocate_credentials(&sc->certs); + if (ret < 0) { + return apr_psprintf(p, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } + + ret = gnutls_anon_allocate_server_credentials(&sc->anon_creds); + if (ret < 0) { + return apr_psprintf(p, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } + + ret = gnutls_srp_allocate_server_credentials(&sc->srp_creds); + if (ret < 0) { + return apr_psprintf(p, "GnuTLS: Failed to initialize" + ": (%d) %s", ret, gnutls_strerror(ret)); + } sc->srp_tpasswd_conf_file = NULL; sc->srp_tpasswd_file = NULL; diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 7b7e2b3..4364add 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c @@ -57,6 +57,7 @@ int mgs_hook_pre_config(apr_pool_t * pconf, apr_pool_t * plog, apr_pool_t * ptemp) { +int ret; #if APR_HAS_THREADS ap_mpm_query(AP_MPMQ_IS_THREADED, &mpm_is_threaded); @@ -67,8 +68,10 @@ mgs_hook_pre_config(apr_pool_t * pconf, mpm_is_threaded = 0; #endif - gnutls_global_init(); - + ret = gnutls_global_init(); + if (ret < 0) /* FIXME: can we print here? */ + exit(ret); + apr_pool_cleanup_register(pconf, NULL, mgs_cleanup_pre_config, apr_pool_cleanup_null); -- cgit