www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-01 07:26:57 +03:00
Code Activity

split ssl_init_TmpKeysHandle function to init/free functions,

Browse Source 
and make them static to ssl_engine_init.c


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93882 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Doug MacEachern
2002-03-12 22:50:38 +00:00
parent 15d581b6fe
commit 52ff7b736e
2 changed files with 80 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/ssl/mod_ssl.h
View File

@ -299,9 +299,6 @@ typedef int ssl_algo_t;
* Define IDs for the temporary RSA keys and DH params * Define IDs for the temporary RSA keys and DH params
*/ */
#define SSL_TKP_GEN (0)
#define SSL_TKP_FREE (2)
#define SSL_TKPIDX_RSA512 (0) #define SSL_TKPIDX_RSA512 (0)
#define SSL_TKPIDX_RSA1024 (1) #define SSL_TKPIDX_RSA1024 (1)
#define SSL_TKPIDX_DH512 (2) #define SSL_TKPIDX_DH512 (2)
@ -645,7 +642,6 @@ const char *ssl_cmd_SSLProxyMachineCertificateFile(cmd_parms *, char *, char *)
/* module initialization */ /* module initialization */
int ssl_init_Module(apr_pool_t *, apr_pool_t *, apr_pool_t *, server_rec *); int ssl_init_Module(apr_pool_t *, apr_pool_t *, apr_pool_t *, server_rec *);
void ssl_init_Engine(server_rec *, apr_pool_t *); void ssl_init_Engine(server_rec *, apr_pool_t *);
void ssl_init_TmpKeysHandle(int, server_rec *, apr_pool_t *);
void ssl_init_ConfigureServer(server_rec *, apr_pool_t *, SSLSrvConfigRec *); void ssl_init_ConfigureServer(server_rec *, apr_pool_t *, SSLSrvConfigRec *);
void ssl_init_CheckServers(server_rec *, apr_pool_t *); void ssl_init_CheckServers(server_rec *, apr_pool_t *);
STACK_OF(X509_NAME) STACK_OF(X509_NAME)

157
modules/ssl/ssl_engine_init.c
View File

@ -119,6 +119,84 @@ static void ssl_init_SSLLibrary(server_rec *s)
SSL_library_init(); SSL_library_init();
} }
/*
* Handle the Temporary RSA Keys and DH Params
*/
#define MODSSL_TMP_KEY_FREE(mc, type, idx) \
if (mc->pTmpKeys[idx]) { \
type##_free((type *)mc->pTmpKeys[idx]); \
mc->pTmpKeys[idx] = NULL; \
}
#define MODSSL_TMP_KEYS_FREE(mc, type) \
MODSSL_TMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##512); \
MODSSL_TMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##1024)
static void ssl_tmp_keys_free(server_rec *s)
{
SSLModConfigRec *mc = myModConfig(s);
MODSSL_TMP_KEYS_FREE(mc, RSA);
MODSSL_TMP_KEYS_FREE(mc, DH);
}
static void ssl_tmp_keys_init(server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
/* seed PRNG */
ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: ");
/* generate 512 bit RSA key */
ssl_log(s, SSL_LOG_INFO,
"Init: Generating temporary RSA private keys (512/1024 bits)");
/* generate 512 bit RSA key */
if (!(mc->pTmpKeys[SSL_TKPIDX_RSA512] =
RSA_generate_key(512, RSA_F4, NULL, NULL)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"512 bit RSA private key");
ssl_die();
}
/* generate 1024 bit RSA key */
if (!(mc->pTmpKeys[SSL_TKPIDX_RSA1024] =
RSA_generate_key(1024, RSA_F4, NULL, NULL)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"1024 bit RSA private key");
ssl_die();
}
ssl_log(s, SSL_LOG_INFO,
"Init: Configuring temporary "
"DH parameters (512/1024 bits)");
/* generate 512 bit DH param */
if (!(mc->pTmpKeys[SSL_TKPIDX_DH512] =
ssl_dh_GetTmpParam(512)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"512 bit DH parameters");
ssl_die();
}
/* generate 1024 bit DH param */
if (!(mc->pTmpKeys[SSL_TKPIDX_DH1024] =
ssl_dh_GetTmpParam(1024)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"1024 bit DH parameters");
ssl_die();
}
}
/* /*
* Per-module initialization * Per-module initialization
*/ */
@ -188,7 +266,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
#endif #endif
ssl_pphrase_Handle(base_server, p); ssl_pphrase_Handle(base_server, p);
ssl_init_TmpKeysHandle(SSL_TKP_GEN, base_server, p); ssl_tmp_keys_init(base_server, p);
/* /*
* SSL external crypto device ("engine") support * SSL external crypto device ("engine") support
@ -302,81 +380,6 @@ void ssl_init_Engine(server_rec *s, apr_pool_t *p)
} }
#endif #endif
#define MODSSL_TEMP_KEY_FREE(mc, type, idx) \
if (mc->pTmpKeys[idx]) { \
type##_free((type *)mc->pTmpKeys[idx]); \
mc->pTmpKeys[idx] = NULL; \
}
#define MODSSL_TEMP_KEYS_FREE(mc, type) \
MODSSL_TEMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##512); \
MODSSL_TEMP_KEY_FREE(mc, type, SSL_TKPIDX_##type##1024)
/*
* Handle the Temporary RSA Keys and DH Params
*/
void ssl_init_TmpKeysHandle(int action, server_rec *s, apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
if (action == SSL_TKP_GEN) { /* Generate Keys and Params */
/* seed PRNG */
ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: ");
/* generate 512 bit RSA key */
ssl_log(s, SSL_LOG_INFO,
"Init: Generating temporary RSA private keys (512/1024 bits)");
/* generate 512 bit RSA key */
if (!(mc->pTmpKeys[SSL_TKPIDX_RSA512] =
RSA_generate_key(512, RSA_F4, NULL, NULL)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"512 bit RSA private key");
ssl_die();
}
/* generate 1024 bit RSA key */
if (!(mc->pTmpKeys[SSL_TKPIDX_RSA1024] =
RSA_generate_key(1024, RSA_F4, NULL, NULL)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"1024 bit RSA private key");
ssl_die();
}
ssl_log(s, SSL_LOG_INFO,
"Init: Configuring temporary "
"DH parameters (512/1024 bits)");
/* generate 512 bit DH param */
if (!(mc->pTmpKeys[SSL_TKPIDX_DH512] =
ssl_dh_GetTmpParam(512)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"512 bit DH parameters");
ssl_die();
}
/* generate 1024 bit DH param */
if (!(mc->pTmpKeys[SSL_TKPIDX_DH1024] =
ssl_dh_GetTmpParam(1024)))
{
ssl_log(s, SSL_LOG_ERROR,
"Init: Failed to generate temporary "
"1024 bit DH parameters");
ssl_die();
}
}
else if (action == SSL_TKP_FREE) { /* Free Keys and Params */
MODSSL_TEMP_KEYS_FREE(mc, RSA);
MODSSL_TEMP_KEYS_FREE(mc, DH);
}
}
/* /*
* Configure a particular server * Configure a particular server
*/ */
@ -1067,7 +1070,7 @@ apr_status_t ssl_init_ModuleKill(void *data)
/* /*
* Destroy the temporary keys and params * Destroy the temporary keys and params
*/ */
ssl_init_TmpKeysHandle(SSL_TKP_FREE, base_server, NULL); ssl_tmp_keys_free(base_server);
/* /*
* Free the non-pool allocated structures * Free the non-pool allocated structures