httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject cvs commit: httpd-2.0/modules/ssl ssl_engine_config.c ssl_engine_init.c ssl_engine_kernel.c ssl_private.h
Date Fri, 05 Mar 2004 02:44:40 GMT
bnicholes    2004/03/04 18:44:40

  Modified:    modules/ssl ssl_engine_config.c ssl_engine_init.c
                        ssl_engine_kernel.c ssl_private.h
  Log:
  Allow the enabled flag to be set to more than just TRUE or FALSE so that
  the OPTIONAL flag can be correctly merged within the
  ssl_config_server_merge() function.
  
  Revision  Changes    Path
  1.90      +5 -5      httpd-2.0/modules/ssl/ssl_engine_config.c
  
  Index: ssl_engine_config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_config.c,v
  retrieving revision 1.89
  retrieving revision 1.90
  diff -u -r1.89 -r1.90
  --- ssl_engine_config.c	28 Feb 2004 18:06:34 -0000	1.89
  +++ ssl_engine_config.c	5 Mar 2004 02:44:40 -0000	1.90
  @@ -171,7 +171,7 @@
       SSLSrvConfigRec *sc = apr_palloc(p, sizeof(*sc));
   
       sc->mc                     = NULL;
  -    sc->enabled                = FALSE;
  +    sc->enabled                = SSL_ENABLED_FALSE;
       sc->proxy_enabled          = UNSET;
       sc->vhost_id               = NULL;  /* set during module init */
       sc->vhost_id_len           = 0;     /* set during module init */
  @@ -257,7 +257,7 @@
       SSLSrvConfigRec *mrg  = ssl_config_server_new(p);
   
       cfgMerge(mc, NULL);
  -    cfgMergeBool(enabled);
  +    cfgMerge(enabled, SSL_ENABLED_UNSET);
       cfgMergeBool(proxy_enabled);
       cfgMergeInt(session_cache_timeout);
   
  @@ -606,15 +606,15 @@
       SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
   
       if (!strcasecmp(arg, "On")) {
  -        sc->enabled = TRUE;
  +        sc->enabled = SSL_ENABLED_TRUE;
       return NULL;
       }
       else if (!strcasecmp(arg, "Off")) {
  -        sc->enabled = FALSE;
  +        sc->enabled = SSL_ENABLED_FALSE;
           return NULL;
       }
       else if (!strcasecmp(arg, "Optional")) {
  -        sc->enabled = UNSET;
  +        sc->enabled = SSL_ENABLED_OPTIONAL;
           return NULL;
       }
   
  
  
  
  1.126     +7 -10     httpd-2.0/modules/ssl/ssl_engine_init.c
  
  Index: ssl_engine_init.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_init.c,v
  retrieving revision 1.125
  retrieving revision 1.126
  diff -u -r1.125 -r1.126
  --- ssl_engine_init.c	4 Mar 2004 22:00:25 -0000	1.125
  +++ ssl_engine_init.c	5 Mar 2004 02:44:40 -0000	1.126
  @@ -206,13 +206,11 @@
           sc->vhost_id = ssl_util_vhostid(p, s);
           sc->vhost_id_len = strlen(sc->vhost_id);
   
  -#if 0
          /* If sc->enabled is UNSET, then SSL is optional on this vhost  */
           /* Fix up stuff that may not have been set */
  -        if (sc->enabled == UNSET) {
  -            sc->enabled = FALSE;
  +        if (sc->enabled == SSL_ENABLED_UNSET) {
  +            sc->enabled = SSL_ENABLED_FALSE;
           }
  -#endif
           if (sc->proxy_enabled == UNSET) {
               sc->proxy_enabled = FALSE;
           }
  @@ -960,10 +958,9 @@
                                 apr_pool_t *ptemp,
                                 SSLSrvConfigRec *sc)
   {
  -    /* A bit of a hack, but initialize the server if SSL is optional or
  -     * not.
  +    /* Initialize the server if SSL is enabled or optional.
        */
  -    if (sc->enabled) {
  +    if ((sc->enabled == SSL_ENABLED_TRUE) || (sc->enabled == SSL_ENABLED_OPTIONAL))
{
           ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
                        "Configuring server for SSL protocol");
           ssl_init_server_ctx(s, p, ptemp, sc);
  @@ -991,7 +988,7 @@
       for (s = base_server; s; s = s->next) {
           sc = mySrvConfig(s);
   
  -        if ((sc->enabled == TRUE) && (s->port == DEFAULT_HTTP_PORT)) {
  +        if ((sc->enabled == SSL_ENABLED_TRUE) && (s->port == DEFAULT_HTTP_PORT))
{
               ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
                            base_server,
                            "Init: (%s) You configured HTTPS(%d) "
  @@ -1000,7 +997,7 @@
                            DEFAULT_HTTPS_PORT, DEFAULT_HTTP_PORT);
           }
   
  -        if (!sc->enabled && (s->port == DEFAULT_HTTPS_PORT)) {
  +        if ((sc->enabled == SSL_ENABLED_FALSE) && (s->port == DEFAULT_HTTPS_PORT))
{
               ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
                            base_server,
                            "Init: (%s) You configured HTTP(%d) "
  @@ -1021,7 +1018,7 @@
       for (s = base_server; s; s = s->next) {
           sc = mySrvConfig(s);
   
  -        if (!(sc->enabled && s->addrs)) {
  +        if (!((sc->enabled == SSL_ENABLED_TRUE) && s->addrs)) {
               continue;
           }
   
  
  
  
  1.105     +5 -5      httpd-2.0/modules/ssl/ssl_engine_kernel.c
  
  Index: ssl_engine_kernel.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_kernel.c,v
  retrieving revision 1.104
  retrieving revision 1.105
  diff -u -r1.104 -r1.105
  --- ssl_engine_kernel.c	28 Feb 2004 18:06:34 -0000	1.104
  +++ ssl_engine_kernel.c	5 Mar 2004 02:44:40 -0000	1.105
  @@ -190,7 +190,7 @@
        * Support for SSLRequireSSL directive
        */
       if (dc->bSSLRequired && !ssl) {
  -        if (sc->enabled == UNSET) {
  +        if (sc->enabled == SSL_ENABLED_OPTIONAL) {
               /* This vhost was configured for optional SSL, just tell the
                * client that we need to upgrade.
                */
  @@ -213,7 +213,7 @@
       /*
        * Check to see if SSL protocol is on
        */
  -    if (!(sc->enabled || ssl)) {
  +    if (!((sc->enabled == SSL_ENABLED_TRUE) || (sc->enabled == SSL_ENABLED_OPTIONAL)
|| ssl)) {
           return DECLINED;
       }
       /*
  @@ -860,7 +860,7 @@
        * - ssl not enabled
        * - client did not present a certificate
        */
  -    if (!(sc->enabled && sslconn->ssl && sslconn->client_cert)
||
  +    if (!((sc->enabled == SSL_ENABLED_TRUE || sc->enabled == SSL_ENABLED_OPTIONAL)
&& sslconn->ssl && sslconn->client_cert) ||
           !(dc->nOptions & SSL_OPT_FAKEBASICAUTH) || r->user)
       {
           return DECLINED;
  @@ -1012,14 +1012,14 @@
       SSL *ssl;
       int i;
   
  -    if (sc->enabled == UNSET) {
  +    if (sc->enabled == SSL_ENABLED_OPTIONAL) {
           apr_table_setn(r->headers_out, "Upgrade", "TLS/1.0, HTTP/1.1");
       }
   
       /*
        * Check to see if SSL is on
        */
  -    if (!(sc->enabled && sslconn && (ssl = sslconn->ssl))) {
  +    if (!(((sc->enabled == SSL_ENABLED_TRUE) || (sc->enabled == SSL_ENABLED_OPTIONAL))
&& sslconn && (ssl = sslconn->ssl))) {
           return DECLINED;
       }
   
  
  
  
  1.2       +11 -1     httpd-2.0/modules/ssl/ssl_private.h
  
  Index: ssl_private.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_private.h,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- ssl_private.h	28 Feb 2004 18:06:35 -0000	1.1
  +++ ssl_private.h	5 Mar 2004 02:44:40 -0000	1.2
  @@ -272,6 +272,16 @@
   } ssl_mutexmode_t;
   
   /*
  + * Define the SSL enabled state
  + */
  +typedef enum {
  +    SSL_ENABLED_UNSET    = UNSET,
  +    SSL_ENABLED_FALSE    = 0,
  +    SSL_ENABLED_TRUE     = 1,
  +	SSL_ENABLED_OPTIONAL = 3
  +} ssl_enabled_t;
  +
  +/*
    * Define the SSL requirement structure
    */
   typedef struct {
  @@ -420,7 +430,7 @@
   
   struct SSLSrvConfigRec {
       SSLModConfigRec *mc;
  -    BOOL             enabled;
  +    ssl_enabled_t    enabled;
       BOOL             proxy_enabled;
       const char      *vhost_id;
       int              vhost_id_len;
  
  
  

Mime
View raw message