www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

fold some duplication into generic ssl_server_import_cert function

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94253 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Doug MacEachern
2002-03-28 01:47:50 +00:00
parent 886376b4cb
commit b63b80acf5
1 changed files with 39 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
modules/ssl/ssl_engine_init.c
View File

@@ -660,6 +660,42 @@ static void ssl_init_cert_chain(server_rec *s,
n, n == 1 ? "" : "s"); n, n == 1 ? "" : "s");
} }
static int ssl_server_import_cert(server_rec *s,
SSLSrvConfigRec *sc,
const char *id,
int idx)
{
SSLModConfigRec *mc = myModConfig(s);
ssl_asn1_t *asn1;
unsigned char *ptr;
const char *type = ssl_asn1_keystr(idx);
X509 *cert;
if (!(asn1 = ssl_asn1_table_get(mc->tPublicCert, id))) {
return FALSE;
}
ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
"Configuring %s server certificate", type);
ptr = asn1->cpData;
if (!(cert = d2i_X509(NULL, &ptr, asn1->nData))) {
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
"Unable to import %s server certificate", type);
ssl_die();
}
if (SSL_CTX_use_certificate(sc->pSSLCtx, cert) <= 0) {
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
"Unable to configure %s server certificate", type);
ssl_die();
}
sc->pPublicCert[idx] = cert;
return TRUE;
}
static void ssl_check_public_cert(server_rec *s, static void ssl_check_public_cert(server_rec *s,
apr_pool_t *ptemp, apr_pool_t *ptemp,
X509 *cert, X509 *cert,
@@ -766,51 +802,9 @@ void ssl_init_ConfigureServer(server_rec *s,
rsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_RSA); rsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_RSA);
dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA); dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA);
if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, rsa_id))) { if (!(ssl_server_import_cert(s, sc, rsa_id, SSL_AIDX_RSA) ||
ssl_log(s, SSL_LOG_TRACE|SSL_INIT, ssl_server_import_cert(s, sc, dsa_id, SSL_AIDX_DSA)))
"Configuring RSA server certificate"); {
ptr = asn1->cpData;
if (!(sc->pPublicCert[SSL_AIDX_RSA] =
d2i_X509(NULL, &ptr, asn1->nData)))
{
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
"Unable to import RSA server certificate");
ssl_die();
}
if (SSL_CTX_use_certificate(ctx, sc->pPublicCert[SSL_AIDX_RSA]) <= 0) {
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
"Unable to configure RSA server certificate");
ssl_die();
}
ok = TRUE;
}
if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, dsa_id))) {
ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
"Configuring DSA server certificate");
ptr = asn1->cpData;
if (!(sc->pPublicCert[SSL_AIDX_DSA] =
d2i_X509(NULL, &ptr, asn1->nData)))
{
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
"Unable to import DSA server certificate");
ssl_die();
}
if (SSL_CTX_use_certificate(ctx, sc->pPublicCert[SSL_AIDX_DSA]) <= 0) {
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
"Unable to configure DSA server certificate");
ssl_die();
}
ok = TRUE;
}
if (!ok) {
ssl_log(s, SSL_LOG_ERROR|SSL_INIT, ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
"Oops, no RSA or DSA server certificate found?!"); "Oops, no RSA or DSA server certificate found?!");
ssl_log(s, SSL_LOG_ERROR|SSL_INIT, ssl_log(s, SSL_LOG_ERROR|SSL_INIT,