apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minf...@apache.org
Subject svn commit: r1861894 - in /apr/apr/trunk: crypto/apr_crypto.c crypto/apr_crypto_internal.c crypto/apr_crypto_nss.c include/private/apr_crypto_internal.h
Date Sat, 22 Jun 2019 23:58:06 GMT
Author: minfrin
Date: Sat Jun 22 23:58:06 2019
New Revision: 1861894

URL: http://svn.apache.org/viewvc?rev=1861894&view=rev
Log:
Revert r1833421 et al:

Move NSS initialisation back to apr_crypto_nss, reinstate
DSO support.

Modified:
    apr/apr/trunk/crypto/apr_crypto.c
    apr/apr/trunk/crypto/apr_crypto_internal.c
    apr/apr/trunk/crypto/apr_crypto_nss.c
    apr/apr/trunk/include/private/apr_crypto_internal.h

Modified: apr/apr/trunk/crypto/apr_crypto.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto.c?rev=1861894&r1=1861893&r2=1861894&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto.c (original)
+++ apr/apr/trunk/crypto/apr_crypto.c Sat Jun 22 23:58:06 2019
@@ -386,13 +386,6 @@ APR_DECLARE(apr_status_t) apr_crypto_lib
     }
     else
 #endif
-#if APU_HAVE_NSS
-    if (!strcmp(name, "nss")) {
-        *version = apr__crypto_nss_version();
-        rv = *version ? APR_SUCCESS : APR_NOTFOUND;
-    }
-    else
-#endif
     ;
     return rv;
 }
@@ -451,16 +444,6 @@ APR_DECLARE(apr_status_t) apr_crypto_lib
     }
     else
 #endif
-#if APU_HAVE_NSS
-    if (!strcmp(name, "nss")) {
-        rv = apr__crypto_nss_init(params, result, pool);
-        if (rv == APR_SUCCESS) {
-            lib->term = apr__crypto_nss_term;
-            lib->name = "nss";
-        }
-    }
-    else
-#endif
     ;
     if (rv == APR_SUCCESS) {
         lib->pool = pool;
@@ -495,12 +478,6 @@ static apr_status_t crypto_lib_term(cons
         rv = APR_SUCCESS;
     }
     else
-#endif
-#if APU_HAVE_NSS
-    if (!strcmp(name, "nss")) {
-        rv = APR_SUCCESS;
-    }
-    else
 #endif
     ;
     if (rv == APR_SUCCESS) {

Modified: apr/apr/trunk/crypto/apr_crypto_internal.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_internal.c?rev=1861894&r1=1861893&r2=1861894&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_internal.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_internal.c Sat Jun 22 23:58:06 2019
@@ -354,137 +354,4 @@ static apr_status_t ossl_thread_setup(ap
 #endif /* APU_HAVE_OPENSSL */
 
 
-#if APU_HAVE_NSS
-
-#include <prerror.h>
-
-#ifdef HAVE_NSS_NSS_H
-#include <nss/nss.h>
-#endif
-#ifdef HAVE_NSS_H
-#include <nss.h>
-#endif
-
-const char *apr__crypto_nss_version(void)
-{
-    return NSS_VERSION;
-}
-
-apr_status_t apr__crypto_nss_init(const char *params,
-                                 const apu_err_t **result,
-                                 apr_pool_t *pool)
-{
-    SECStatus s;
-    const char *dir = NULL;
-    const char *keyPrefix = NULL;
-    const char *certPrefix = NULL;
-    const char *secmod = NULL;
-    int noinit = 0;
-    PRUint32 flags = 0;
-
-    struct {
-        const char *field;
-        const char *value;
-        int set;
-    } fields[] = {
-        { "dir", NULL, 0 },
-        { "key3", NULL, 0 },
-        { "cert7", NULL, 0 },
-        { "secmod", NULL, 0 },
-        { "noinit", NULL, 0 },
-        { NULL, NULL, 0 }
-    };
-    const char *ptr;
-    size_t klen;
-    char **elts = NULL;
-    char *elt;
-    int i = 0, j;
-    apr_status_t status;
-
-    if (params) {
-        if (APR_SUCCESS != (status = apr_tokenize_to_argv(params, &elts, pool))) {
-            return status;
-        }
-        while ((elt = elts[i])) {
-            ptr = strchr(elt, '=');
-            if (ptr) {
-                for (klen = ptr - elt; klen && apr_isspace(elt[klen - 1]); --klen)
-                    ;
-                ptr++;
-            }
-            else {
-                for (klen = strlen(elt); klen && apr_isspace(elt[klen - 1]); --klen)
-                    ;
-            }
-            elt[klen] = 0;
-
-            for (j = 0; fields[j].field != NULL; ++j) {
-                if (klen && !strcasecmp(fields[j].field, elt)) {
-                    fields[j].set = 1;
-                    if (ptr) {
-                        fields[j].value = ptr;
-                    }
-                    break;
-                }
-            }
-
-            i++;
-        }
-        dir = fields[0].value;
-        keyPrefix = fields[1].value;
-        certPrefix = fields[2].value;
-        secmod = fields[3].value;
-        noinit = fields[4].set;
-    }
-
-    /* if we've been asked to bypass, do so here */
-    if (noinit) {
-        return APR_SUCCESS;
-    }
-
-    /* sanity check - we can only initialise NSS once */
-    if (NSS_IsInitialized()) {
-        return APR_EREINIT;
-    }
-
-    if (keyPrefix || certPrefix || secmod) {
-        s = NSS_Initialize(dir, certPrefix, keyPrefix, secmod, flags);
-    }
-    else if (dir) {
-        s = NSS_InitReadWrite(dir);
-    }
-    else {
-        s = NSS_NoDB_Init(NULL);
-    }
-    if (s != SECSuccess) {
-        if (result) {
-            /* Note: all memory must be owned by the caller, in case we're unloaded */
-            apu_err_t *err = apr_pcalloc(pool, sizeof(apu_err_t));
-            err->rc = PR_GetError();
-            err->msg = apr_pstrdup(pool, PR_ErrorToName(s));
-            err->reason = apr_pstrdup(pool, "Error during 'nss' initialisation");
-            *result = err;
-        }
-
-        return APR_ECRYPT;
-    }
-
-    return APR_SUCCESS;
-}
-
-apr_status_t apr__crypto_nss_term(void)
-{
-    if (NSS_IsInitialized()) {
-        SECStatus s = NSS_Shutdown();
-        if (s != SECSuccess) {
-            fprintf(stderr, "NSS failed to shutdown, possible leak: %d: %s",
-                PR_GetError(), PR_ErrorToName(s));
-            return APR_EINIT;
-        }
-    }
-    return APR_SUCCESS;
-}
-
-#endif /* APU_HAVE_NSS */
-
 #endif /* APU_HAVE_CRYPTO */

Modified: apr/apr/trunk/crypto/apr_crypto_nss.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_nss.c?rev=1861894&r1=1861893&r2=1861894&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_nss.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_nss.c Sat Jun 22 23:58:06 2019
@@ -135,7 +135,20 @@ static apr_status_t crypto_error(const a
  */
 static apr_status_t crypto_shutdown(void)
 {
-    return apr_crypto_lib_term("nss");
+    if (NSS_IsInitialized()) {
+        SECStatus s = NSS_Shutdown();
+        if (s != SECSuccess) {
+            fprintf(stderr, "NSS failed to shutdown, possible leak: %d: %s",
+                PR_GetError(), PR_ErrorToName(s));
+            return APR_EINIT;
+        }
+    }
+    return APR_SUCCESS;
+}
+
+static apr_status_t crypto_shutdown_helper(void *data)
+{
+    return crypto_shutdown();
 }
 
 /**
@@ -144,7 +157,105 @@ static apr_status_t crypto_shutdown(void
 static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
         const apu_err_t **result)
 {
-    return apr_crypto_lib_init("nss", params, result, pool);
+    SECStatus s;
+    const char *dir = NULL;
+    const char *keyPrefix = NULL;
+    const char *certPrefix = NULL;
+    const char *secmod = NULL;
+    int noinit = 0;
+    PRUint32 flags = 0;
+
+    struct {
+        const char *field;
+        const char *value;
+        int set;
+    } fields[] = {
+        { "dir", NULL, 0 },
+        { "key3", NULL, 0 },
+        { "cert7", NULL, 0 },
+        { "secmod", NULL, 0 },
+        { "noinit", NULL, 0 },
+        { NULL, NULL, 0 }
+    };
+    const char *ptr;
+    size_t klen;
+    char **elts = NULL;
+    char *elt;
+    int i = 0, j;
+    apr_status_t status;
+
+    if (params) {
+        if (APR_SUCCESS != (status = apr_tokenize_to_argv(params, &elts, pool))) {
+            return status;
+        }
+        while ((elt = elts[i])) {
+            ptr = strchr(elt, '=');
+            if (ptr) {
+                for (klen = ptr - elt; klen && apr_isspace(elt[klen - 1]); --klen)
+                    ;
+                ptr++;
+            }
+            else {
+                for (klen = strlen(elt); klen && apr_isspace(elt[klen - 1]); --klen)
+                    ;
+            }
+            elt[klen] = 0;
+
+            for (j = 0; fields[j].field != NULL; ++j) {
+                if (klen && !strcasecmp(fields[j].field, elt)) {
+                    fields[j].set = 1;
+                    if (ptr) {
+                        fields[j].value = ptr;
+                    }
+                    break;
+                }
+            }
+
+            i++;
+        }
+        dir = fields[0].value;
+        keyPrefix = fields[1].value;
+        certPrefix = fields[2].value;
+        secmod = fields[3].value;
+        noinit = fields[4].set;
+    }
+
+    /* if we've been asked to bypass, do so here */
+    if (noinit) {
+        return APR_SUCCESS;
+    }
+
+    /* sanity check - we can only initialise NSS once */
+    if (NSS_IsInitialized()) {
+        return APR_EREINIT;
+    }
+
+    if (keyPrefix || certPrefix || secmod) {
+        s = NSS_Initialize(dir, certPrefix, keyPrefix, secmod, flags);
+    }
+    else if (dir) {
+        s = NSS_InitReadWrite(dir);
+    }
+    else {
+        s = NSS_NoDB_Init(NULL);
+    }
+    if (s != SECSuccess) {
+        if (result) {
+            /* Note: all memory must be owned by the caller, in case we're unloaded */
+            apu_err_t *err = apr_pcalloc(pool, sizeof(apu_err_t));
+            err->rc = PR_GetError();
+            err->msg = apr_pstrdup(pool, PR_ErrorToName(s));
+            err->reason = apr_pstrdup(pool, "Error during 'nss' initialisation");
+            *result = err;
+        }
+
+        return APR_ECRYPT;
+    }
+
+    apr_pool_cleanup_register(pool, pool, crypto_shutdown_helper,
+            apr_pool_cleanup_null);
+
+    return APR_SUCCESS;
 }
 
 /**

Modified: apr/apr/trunk/include/private/apr_crypto_internal.h
URL: http://svn.apache.org/viewvc/apr/apr/trunk/include/private/apr_crypto_internal.h?rev=1861894&r1=1861893&r2=1861894&view=diff
==============================================================================
--- apr/apr/trunk/include/private/apr_crypto_internal.h (original)
+++ apr/apr/trunk/include/private/apr_crypto_internal.h Sat Jun 22 23:58:06 2019
@@ -428,14 +428,6 @@ apr_status_t apr__crypto_openssl_init(co
 apr_status_t apr__crypto_openssl_term(void);
 #endif
 
-#if APU_HAVE_NSS
-const char *apr__crypto_nss_version(void);
-apr_status_t apr__crypto_nss_init(const char *params,
-                                  const apu_err_t **result,
-                                  apr_pool_t *pool);
-apr_status_t apr__crypto_nss_term(void);
-#endif
-
 #endif
 
 #ifdef __cplusplus



Mime
View raw message