httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minf...@apache.org
Subject svn commit: r645186 - in /httpd/httpd/trunk: docs/manual/mod/mod_session_crypto.xml modules/session/mod_session_crypto.c
Date Sat, 05 Apr 2008 23:35:03 GMT
Author: minfrin
Date: Sat Apr  5 16:35:00 2008
New Revision: 645186

URL: http://svn.apache.org/viewvc?rev=645186&view=rev
Log:
Clarify the operation of the SessionCryptoPassphrase directive as raised by rpluem. When
SessionCryptoCertificateFile is set, asymmetrical encryption will be used, and SessionCryptoPassphrase
will be interpreted as the passphrase protecting the private key. When SessionCryptoCertificateFile
is not set, symmetrical encryption is used, and SessionCryptoPassphrase will contain the key
to
use. Make sure that the engine parameter is properly passed into the crypto functions, and
fix a
missing cleanup on an error case.

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
    httpd/httpd/trunk/modules/session/mod_session_crypto.c

Modified: httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml?rev=645186&r1=645185&r2=645186&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml Sat Apr  5 16:35:00 2008
@@ -87,12 +87,17 @@
 
 <usage>
     <p>The <directive>SessionCryptoPassphrase</directive> directive specifies
the key
-    to be used to encrypt the contents of the session before writing the session, or
-    decrypting the contents of the session after reading the session.</p>
-    
+    to be used to enable symmetrical encryption on the contents of the session before
+    writing the session, or decrypting the contents of the session after reading the session.</p>
+
     <p>Keys are more secure when they are long, and consist of truly random characters.
     Changing the key on a server has the effect of invalidating all existing sessions.</p>
-    
+
+    <p>If the <directive module="mod_session_crypto">SessionCryptoCertificateFile</directive>
+    directive is set and asymmetrical encryption is enabled instead, the
+    <directive module="mod_session_crypto">SessionCryptoPassphrase</directive>
directive
+    will be interpreted as the passphrase of the key, if the key is encrypted.</p>
+
 </usage>
 </directivesynopsis>
 
@@ -107,12 +112,16 @@
 
 <usage>
     <p>The <directive>SessionCryptoCertificateFile</directive> directive
specifies the name
-    of a certificate to be used to encrypt the contents of the session before writing
-    the session, or decrypting the content of the session after reading the session.</p>
-    
+    of a certificate to be used to asymmetrically encrypt the contents of the session before
+    writing the session, or decrypting the content of the session after reading the session.</p>
+
     <p>Changing the certificate on a server has the effect of invalidating all existing
     sessions.</p>
 
+    <p>If the key associated with this certificate is protected with a passphrase,
the
+    <directive module="mod_session_crypto">SessionCryptoPassphrase</directive>
directive
+    will be interpreted as the passphrase to use to decrypt the key.</p>
+
     <note type="warning"><title>Experimental</title>
       <p>This directive is dependent on experimental support for assymetrical encryption
       support currently available in prerelease versions of OpenSSL, and will only be
@@ -139,6 +148,10 @@
     
     <p>Changing the certificate or key on a server has the effect of invalidating all
existing
     sessions.</p>
+
+    <p>If this key is protected with a passphrase, the
+    <directive module="mod_session_crypto">SessionCryptoPassphrase</directive>
directive
+    will be interpreted as the passphrase to use to decrypt the key.</p>
 
     <note type="warning"><title>Experimental</title>
       <p>This directive is dependent on experimental support for asymmetrical encryption

Modified: httpd/httpd/trunk/modules/session/mod_session_crypto.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_crypto.c?rev=645186&r1=645185&r2=645186&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session_crypto.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session_crypto.c Sat Apr  5 16:35:00 2008
@@ -58,7 +58,7 @@
 {
     apr_status_t res;
 
-    if (!conf->certfile_set && !conf->keyfile_set && !conf->passphrase_set)
{
+    if (!conf->certfile_set && !conf->passphrase_set) {
         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, LOG_PREFIX
                       "encryption not configured, "
                       "no passphrase or certfile/keyfile set");
@@ -69,17 +69,19 @@
     if (conf->certfile_set) {
         *key = APR_EVP_KEY_PUBLIC;
         res = apr_evp_factory_create(f, conf->keyfile, conf->certfile, NULL,
-                   NULL, NULL, conf->digest, APR_EVP_FACTORY_ASYM, r->pool);
+                   conf->passphrase, conf->engine, conf->digest,
+                   APR_EVP_FACTORY_ASYM, r->pool);
         if (APR_ENOTIMPL == res) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
                 "generic public/private key encryption is not supported by "
                     "this version of APR. session encryption not possible");
         }
     }
-    if (conf->passphrase) {
+    else {
         *key = APR_EVP_KEY_SYM;
         res = apr_evp_factory_create(f, NULL, NULL, conf->cipher,
-        conf->passphrase, NULL, conf->digest, APR_EVP_FACTORY_SYM, r->pool);
+                                     conf->passphrase, conf->engine, conf->digest,
+                                     APR_EVP_FACTORY_SYM, r->pool);
         if (APR_ENOTIMPL == res) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
                   "generic symmetrical encryption is not supported by this "
@@ -134,6 +136,9 @@
     session_crypto_dir_conf *conf = ap_get_module_config(r->per_dir_config,
                                                     &session_crypto_module);
 
+    /* by default, return an empty string */
+    *out = "";
+
     /* don't attempt to encrypt an empty string, trying to do so causes a segfault */
     if (!in || !*in) {
         return APR_SUCCESS;
@@ -232,6 +237,8 @@
     if (res) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
                       "decrypt: attempt to decrypt failed");
+        apr_evp_factory_cleanup(f);
+        apr_evp_crypt_cleanup(e);
         return res;
     }
     *out = (char *) decrypted;



Mime
View raw message