httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: httpd-2.0/modules/ssl config.m4 ssl_engine_io.c ssl_engine_kernel.c ssl_toolkit_compat.h
Date Thu, 22 May 2003 19:41:32 GMT
wrowe       2003/05/22 12:41:32

  Modified:    modules/ssl config.m4 ssl_engine_io.c ssl_engine_kernel.c
                        ssl_toolkit_compat.h
  Log:
    The patch below reverts the prior commit to eliminate SSL_set_state().
    Some additional work or research is required in order to pass the
    perl-framework regressions, but I don't have the cycles and don't
    care to leave the broken code in cvs HEAD.
  
  REVERTING: wrowe 2003/05/19 08:13:19
  
    Modified:    modules/ssl config.m4 ssl_engine_io.c ssl_engine_kernel.c
                          ssl_toolkit_compat.h
    Log:
      Drop SSL_set_state() in favor of a proper SSL_renegotiate() to begin
      rehandshaking the SSL connection, vis-a-vis ApacheSSL.
  
    Revision  Changes    Path
    1.15      +0 -1      httpd-2.0/modules/ssl/config.m4
    1.108     +1 -1      httpd-2.0/modules/ssl/ssl_engine_io.c
    1.93      +1 -1      httpd-2.0/modules/ssl/ssl_engine_kernel.c
    1.34      +0 -6      httpd-2.0/modules/ssl/ssl_toolkit_compat.h
  
  Revision  Changes    Path
  1.16      +1 -0      httpd-2.0/modules/ssl/config.m4
  
  Index: config.m4
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/config.m4,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- config.m4	19 May 2003 15:13:18 -0000	1.15
  +++ config.m4	22 May 2003 19:41:32 -0000	1.16
  @@ -77,6 +77,7 @@
   dnl #  hook module into the Autoconf mechanism (--enable-ssl option)
   APACHE_MODULE(ssl, [SSL/TLS support (mod_ssl)], $ssl_objs, , no, [
       APACHE_CHECK_SSL_TOOLKIT
  +    AC_CHECK_FUNCS(SSL_set_state)
       AC_CHECK_FUNCS(SSL_set_cert_store)
       AC_CHECK_FUNCS(ENGINE_init)
   ])
  
  
  
  1.109     +5 -1      httpd-2.0/modules/ssl/ssl_engine_io.c
  
  Index: ssl_engine_io.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_io.c,v
  retrieving revision 1.108
  retrieving revision 1.109
  diff -u -r1.108 -r1.109
  --- ssl_engine_io.c	19 May 2003 15:13:18 -0000	1.108
  +++ ssl_engine_io.c	22 May 2003 19:41:32 -0000	1.109
  @@ -1257,7 +1257,11 @@
       sslconn = myConnConfig(f->c);
       ssl = sslconn->ssl;
   
  -    SSL_renegotiate(ssl);
  +    /* XXX: Should replace SSL_set_state with SSL_renegotiate(ssl);
  +     * However, this causes failures in perl-framework currently, 
  +     * perhaps pre-test if we have already negotiated?
  +     */
  +    SSL_set_state(ssl, SSL_ST_ACCEPT);
       SSL_do_handshake(ssl);
   
       if (SSL_get_state(ssl) != SSL_ST_OK) {
  
  
  
  1.94      +5 -1      httpd-2.0/modules/ssl/ssl_engine_kernel.c
  
  Index: ssl_engine_kernel.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_kernel.c,v
  retrieving revision 1.93
  retrieving revision 1.94
  diff -u -r1.93 -r1.94
  --- ssl_engine_kernel.c	19 May 2003 15:13:19 -0000	1.93
  +++ ssl_engine_kernel.c	22 May 2003 19:41:32 -0000	1.94
  @@ -712,7 +712,11 @@
               ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
                            "Awaiting re-negotiation handshake");
   
  -            SSL_renegotiate(ssl);
  +            /* XXX: Should replace SSL_set_state with SSL_renegotiate(ssl);
  +             * However, this causes failures in perl-framework currently, 
  +             * perhaps pre-test if we have already negotiated?
  +             */
  +            SSL_set_state(ssl, SSL_ST_ACCEPT);
               SSL_do_handshake(ssl);
   
               if (SSL_get_state(ssl) != SSL_ST_OK) {
  
  
  
  1.35      +6 -0      httpd-2.0/modules/ssl/ssl_toolkit_compat.h
  
  Index: ssl_toolkit_compat.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_toolkit_compat.h,v
  retrieving revision 1.34
  retrieving revision 1.35
  diff -u -r1.34 -r1.35
  --- ssl_toolkit_compat.h	19 May 2003 15:13:19 -0000	1.34
  +++ ssl_toolkit_compat.h	22 May 2003 19:41:32 -0000	1.35
  @@ -103,6 +103,8 @@
   #define SSL_get_state(ssl) SSL_state(ssl)
   #endif
   
  +#define SSL_set_state(ssl,val) (ssl)->state = val
  +
   #define MODSSL_BIO_CB_ARG_TYPE const char
   #define MODSSL_CRYPTO_CB_ARG_TYPE const char
   #if (OPENSSL_VERSION_NUMBER < 0x00907000)
  @@ -180,6 +182,10 @@
   
   #define modssl_PEM_read_bio_PrivateKey(b, k, cb, arg) \
      PEM_read_bio_PrivateKey(b, k, cb)
  +
  +#ifndef HAVE_SSL_SET_STATE
  +#define SSL_set_state(ssl, state) /* XXX: should throw an error */
  +#endif
   
   #define modssl_set_cipher_list(ssl, l) \
      SSL_set_cipher_list(ssl, (char *)l)
  
  
  

Mime
View raw message