httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From do...@apache.org
Subject cvs commit: httpd-2.0/modules/ssl mod_ssl.h ssl_engine_init.c
Date Tue, 12 Mar 2002 22:50:38 GMT
dougm       02/03/12 14:50:38

  Modified:    modules/ssl mod_ssl.h ssl_engine_init.c
  Log:
  split ssl_init_TmpKeysHandle function to init/free functions,
  and make them static to ssl_engine_init.c
  
  Revision  Changes    Path
  1.73      +0 -4      httpd-2.0/modules/ssl/mod_ssl.h
  
  Index: mod_ssl.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v
  retrieving revision 1.72
  retrieving revision 1.73
  diff -u -r1.72 -r1.73
  --- mod_ssl.h	12 Mar 2002 22:34:31 -0000	1.72
  +++ mod_ssl.h	12 Mar 2002 22:50:38 -0000	1.73
  @@ -299,9 +299,6 @@
    * Define IDs for the temporary RSA keys and DH params
    */
   
  -#define SSL_TKP_GEN        (0)
  -#define SSL_TKP_FREE       (2)
  -
   #define SSL_TKPIDX_RSA512  (0)
   #define SSL_TKPIDX_RSA1024 (1)
   #define SSL_TKPIDX_DH512   (2)
  @@ -645,7 +642,6 @@
   /*  module initialization  */
   int          ssl_init_Module(apr_pool_t *, apr_pool_t *, apr_pool_t *, server_rec *);
   void         ssl_init_Engine(server_rec *, apr_pool_t *);
  -void         ssl_init_TmpKeysHandle(int, server_rec *, apr_pool_t *);
   void         ssl_init_ConfigureServer(server_rec *, apr_pool_t *, SSLSrvConfigRec *);
   void         ssl_init_CheckServers(server_rec *, apr_pool_t *);
   STACK_OF(X509_NAME) 
  
  
  
  1.50      +80 -77    httpd-2.0/modules/ssl/ssl_engine_init.c
  
  Index: ssl_engine_init.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_init.c,v
  retrieving revision 1.49
  retrieving revision 1.50
  diff -u -r1.49 -r1.50
  --- ssl_engine_init.c	12 Mar 2002 22:34:31 -0000	1.49
  +++ ssl_engine_init.c	12 Mar 2002 22:50:38 -0000	1.50
  @@ -120,6 +120,84 @@
   }
   
   /*
  + * Handle the Temporary RSA Keys and DH Params
  + */
  +
  +#define MODSSL_TMP_KEY_FREE(mc, type, idx) \
  +    if (mc->pTmpKeys[idx]) { \
  +        type##_free((type *)mc->pTmpKeys[idx]); \
  +        mc->pTmpKeys[idx] = NULL; \
  +    }
  +
  +#define MODSSL_TMP_KEYS_FREE(mc, type) \
  +    MODSSL_TMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##512); \
  +    MODSSL_TMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##1024)
  +
  +static void ssl_tmp_keys_free(server_rec *s)
  +{
  +    SSLModConfigRec *mc = myModConfig(s);
  +
  +    MODSSL_TMP_KEYS_FREE(mc, RSA);
  +    MODSSL_TMP_KEYS_FREE(mc, DH);
  +}
  +
  +static void ssl_tmp_keys_init(server_rec *s, apr_pool_t *p)
  +{
  +    SSLModConfigRec *mc = myModConfig(s);
  +
  +    /* seed PRNG */
  +    ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: ");
  +
  +    /* generate 512 bit RSA key */
  +    ssl_log(s, SSL_LOG_INFO,
  +            "Init: Generating temporary RSA private keys (512/1024 bits)");
  +
  +    /* generate 512 bit RSA key */
  +    if (!(mc->pTmpKeys[SSL_TKPIDX_RSA512] = 
  +          RSA_generate_key(512, RSA_F4, NULL, NULL)))
  +    {
  +        ssl_log(s, SSL_LOG_ERROR,
  +                "Init: Failed to generate temporary "
  +                "512 bit RSA private key");
  +        ssl_die();
  +    }
  +
  +    /* generate 1024 bit RSA key */
  +    if (!(mc->pTmpKeys[SSL_TKPIDX_RSA1024] = 
  +          RSA_generate_key(1024, RSA_F4, NULL, NULL)))
  +    {
  +        ssl_log(s, SSL_LOG_ERROR,
  +                "Init: Failed to generate temporary "
  +                "1024 bit RSA private key");
  +        ssl_die();
  +    }
  +
  +    ssl_log(s, SSL_LOG_INFO,
  +            "Init: Configuring temporary "
  +            "DH parameters (512/1024 bits)");
  +
  +    /* generate 512 bit DH param */
  +    if (!(mc->pTmpKeys[SSL_TKPIDX_DH512] = 
  +          ssl_dh_GetTmpParam(512)))
  +    {
  +        ssl_log(s, SSL_LOG_ERROR,
  +                "Init: Failed to generate temporary "
  +                "512 bit DH parameters");
  +        ssl_die();
  +    }
  +
  +    /* generate 1024 bit DH param */
  +    if (!(mc->pTmpKeys[SSL_TKPIDX_DH1024] = 
  +          ssl_dh_GetTmpParam(1024)))
  +    {
  +        ssl_log(s, SSL_LOG_ERROR,
  +                "Init: Failed to generate temporary "
  +                "1024 bit DH parameters");
  +        ssl_die();
  +    }
  +}
  +
  +/*
    *  Per-module initialization
    */
   int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
  @@ -188,7 +266,7 @@
   #endif
   
       ssl_pphrase_Handle(base_server, p);
  -    ssl_init_TmpKeysHandle(SSL_TKP_GEN, base_server, p);
  +    ssl_tmp_keys_init(base_server, p);
   
       /*
        * SSL external crypto device ("engine") support
  @@ -302,81 +380,6 @@
   }
   #endif
   
  -#define MODSSL_TEMP_KEY_FREE(mc, type, idx) \
  -    if (mc->pTmpKeys[idx]) { \
  -        type##_free((type *)mc->pTmpKeys[idx]); \
  -        mc->pTmpKeys[idx] = NULL; \
  -    }
  -
  -#define MODSSL_TEMP_KEYS_FREE(mc, type) \
  -    MODSSL_TEMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##512); \
  -    MODSSL_TEMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##1024)
  -
  -/*
  - * Handle the Temporary RSA Keys and DH Params
  - */
  -void ssl_init_TmpKeysHandle(int action, server_rec *s, apr_pool_t *p)
  -{
  -    SSLModConfigRec *mc = myModConfig(s);
  -
  -    if (action == SSL_TKP_GEN) { /* Generate Keys and Params */
  -        /* seed PRNG */
  -        ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: ");
  -
  -        /* generate 512 bit RSA key */
  -        ssl_log(s, SSL_LOG_INFO,
  -                "Init: Generating temporary RSA private keys (512/1024 bits)");
  -
  -        /* generate 512 bit RSA key */
  -        if (!(mc->pTmpKeys[SSL_TKPIDX_RSA512] = 
  -              RSA_generate_key(512, RSA_F4, NULL, NULL)))
  -        {
  -            ssl_log(s, SSL_LOG_ERROR,
  -                    "Init: Failed to generate temporary "
  -                    "512 bit RSA private key");
  -            ssl_die();
  -        }
  -
  -        /* generate 1024 bit RSA key */
  -        if (!(mc->pTmpKeys[SSL_TKPIDX_RSA1024] = 
  -              RSA_generate_key(1024, RSA_F4, NULL, NULL)))
  -        {
  -            ssl_log(s, SSL_LOG_ERROR,
  -                    "Init: Failed to generate temporary "
  -                    "1024 bit RSA private key");
  -            ssl_die();
  -        }
  -
  -        ssl_log(s, SSL_LOG_INFO,
  -                "Init: Configuring temporary "
  -                "DH parameters (512/1024 bits)");
  -
  -        /* generate 512 bit DH param */
  -        if (!(mc->pTmpKeys[SSL_TKPIDX_DH512] = 
  -              ssl_dh_GetTmpParam(512)))
  -        {
  -            ssl_log(s, SSL_LOG_ERROR,
  -                    "Init: Failed to generate temporary "
  -                    "512 bit DH parameters");
  -            ssl_die();
  -        }
  -
  -        /* generate 1024 bit DH param */
  -        if (!(mc->pTmpKeys[SSL_TKPIDX_DH1024] = 
  -              ssl_dh_GetTmpParam(1024)))
  -        {
  -            ssl_log(s, SSL_LOG_ERROR,
  -                    "Init: Failed to generate temporary "
  -                    "1024 bit DH parameters");
  -            ssl_die();
  -        }
  -    }
  -    else if (action == SSL_TKP_FREE) { /* Free Keys and Params */
  -        MODSSL_TEMP_KEYS_FREE(mc, RSA);
  -        MODSSL_TEMP_KEYS_FREE(mc, DH);
  -    }
  -}
  -
   /*
    * Configure a particular server
    */
  @@ -1067,7 +1070,7 @@
       /* 
        * Destroy the temporary keys and params
        */
  -    ssl_init_TmpKeysHandle(SSL_TKP_FREE, base_server, NULL);
  +    ssl_tmp_keys_free(base_server);
   
       /*
        * Free the non-pool allocated structures
  
  
  

Mime
View raw message