www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

* Store the correct server_rec in the connection record configuration and

Browse Source 
adjust the remaining part of mod_ssl to use this server_rec instead of
  c->base_server.

  modules/ssl/ssl_private.h:
  - server_rec member to SSLConnRec struct
  - Add macros to extract data from connection_rec
    mySrvFromConn(c)
    mySrvConfigFromConn(c)
    myModConfigFromConn(c)
  modules/ssl/ssl_engine_io.c
  modules/ssl/ssl_util_ocsp.c
  modules/ssl/ssl_engine_kernel.c
  modules/ssl/mod_ssl.c
  modules/ssl/ssl_engine_log.c
  - Use the new macros to extract data fron connection_rec
    and use the server_rec stored in SSLConnRec instead of
    c->base_server whereever appropriate.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@757463 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Ruediger Pluem
2009-03-23 17:37:38 +00:00
parent ba2883e9b2
commit 9e39ba015a
6 changed files with 66 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
modules/ssl/ssl_engine_io.c
View File

@@ -702,7 +702,7 @@ static apr_status_t ssl_io_input_read(bio_filter_in_ctx_t *inctx,
*/
ap_log_cerror(APLOG_MARK, APLOG_INFO, inctx->rc, c,
"SSL library error %d reading data", ssl_err);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, mySrvFromConn(c));
}
if (inctx->rc == APR_SUCCESS) {
@@ -809,7 +809,7 @@ static apr_status_t ssl_filter_write(ap_filter_t *f,
*/
ap_log_cerror(APLOG_MARK, APLOG_INFO, outctx->rc, c,
"SSL library error %d writing data", ssl_err);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, mySrvFromConn(c));
}
if (outctx->rc == APR_SUCCESS) {
outctx->rc = APR_EGENERAL;
@@ -879,7 +879,7 @@ static apr_status_t ssl_io_filter_error(ap_filter_t *f,
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c,
"SSL handshake failed: HTTP spoken on HTTPS port; "
"trying to send HTML error page");
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, f->c->base_server);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, sslconn->server);
sslconn->non_ssl_request = 1;
ssl_io_filter_disable(sslconn, f);
@@ -996,11 +996,11 @@ static void ssl_filter_io_shutdown(ssl_filter_ctx_t *filter_ctx,
SSL_smart_shutdown(ssl);
/* and finally log the fact that we've closed the connection */
if (c->base_server->loglevel >= APLOG_INFO) {
if (mySrvFromConn(c)->loglevel >= APLOG_INFO) {
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c,
"Connection closed to child %ld with %s shutdown "
"(server %s)",
c->id, type, ssl_util_vhostid(c->pool, c->base_server));
c->id, type, ssl_util_vhostid(c->pool, mySrvFromConn(c)));
}
/* deallocate the SSL connection */
@@ -1047,21 +1047,23 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
{
conn_rec *c = (conn_rec *)SSL_get_app_data(filter_ctx->pssl);
SSLConnRec *sslconn = myConnConfig(c);
SSLSrvConfigRec *sc = mySrvConfig(c->base_server);
SSLSrvConfigRec *sc;
X509 *cert;
int n;
int ssl_err;
long verify_result;
server_rec *server;
if (SSL_is_init_finished(filter_ctx->pssl)) {
return APR_SUCCESS;
}
server = mySrvFromConn(c);
if (sslconn->is_proxy) {
if ((n = SSL_connect(filter_ctx->pssl)) <= 0) {
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c,
"SSL Proxy connect failed");
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);
/* ensure that the SSL structures etc are freed, etc: */
ssl_filter_io_shutdown(filter_ctx, c, 1);
return MODSSL_ERROR_BAD_GATEWAY;
@@ -1118,8 +1120,8 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
ap_log_cerror(APLOG_MARK, APLOG_INFO, rc, c,
"SSL library error %d in handshake "
"(server %s)", ssl_err,
ssl_util_vhostid(c->pool, c->base_server));
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
ssl_util_vhostid(c->pool, server));
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);
}
if (inctx->rc == APR_SUCCESS) {
@@ -1129,6 +1131,7 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
ssl_filter_io_shutdown(filter_ctx, c, 1);
return inctx->rc;
}
sc = mySrvConfig(sslconn->server);
/*
* Check for failed client authentication
@@ -1154,7 +1157,7 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
"accepting certificate based on "
"\"SSLVerifyClient optional_no_ca\" "
"configuration");
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);
}
else {
const char *error = sslconn->verify_error ?
@@ -1164,7 +1167,7 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c,
"SSL client authentication failed: %s",
error ? error : "unknown");
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server);
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, server);
ssl_filter_io_shutdown(filter_ctx, c, 1);
return APR_ECONNABORTED;
@@ -1773,7 +1776,7 @@ long ssl_io_data_cb(BIO *bio, int cmd,
return rc;
if ((c = (conn_rec *)SSL_get_app_data(ssl)) == NULL)
return rc;
s = c->base_server;
s = mySrvFromConn(c);
sc = mySrvConfig(s);
if ( cmd == (BIO_CB_WRITE|BIO_CB_RETURN)