www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

mod_ssl: Update the ssl_var_lookup() API:

Browse Source 
a) constify return value and variable name passed-in
b) require that pool argument is non-NULL
c) add gcc warning attributes for NULL arguments or ignored result.

This allows removal of inefficient internal duplication of constant
strings which was necessary only to allow non-const char *, and
removal of unsafe casts to/from const in various places.

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Assume pool is
  non-NULL; return constant and remove apr_pstrdup of constant
  result string.  Also constify variable name.
  (ssl_var_lookup_*): Update to return const char * and avoid
  duplication where now possible.

* modules/ssl/mod_ssl.h: Update ssl_var_lookup() optional function
  API description and add GCC warning attributes as per private API.

* modules/ssl/ssl_engine_init.c (ssl_add_version_components): Adjust
  for const return value.

* modules/ssl/ssl_engine_io.c (ssl_io_filter_handshake): Pass c->pool
  to ssl_var_lookup.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Pass r->pool to
  ssl_var_lookup, expect const return and dup the string since r->user
  is char *.
  (log_tracing_state): Pass c->pool to ssl_var_lookup.

* modules/http2/h2_h2.c (h2_is_acceptable_connection): Assume
  return value of ssl_var_lookup is const.

Github: closes #120


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877475 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
2020-05-07 15:34:04 +00:00
parent 8f55fe9f98
commit b77cd8dfde
8 changed files with 103 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
modules/ssl/ssl_engine_kernel.c
View File

@@ -1291,10 +1291,10 @@ int ssl_hook_Access(request_rec *r)
* we need to postpone setting the username until later.
*/
if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName) {
char *val = ssl_var_lookup(r->pool, r->server, r->connection,
r, (char *)dc->szUserName);
const char *val = ssl_var_lookup(r->pool, r->server, r->connection,
r, dc->szUserName);
if (val && val[0])
r->user = val;
r->user = apr_pstrdup(r->pool, val);
else
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02227)
"Failed to set r->user to '%s'", dc->szUserName);
@@ -1542,7 +1542,7 @@ int ssl_hook_Fixup(request_rec *r)
{
SSLDirConfigRec *dc = myDirConfig(r);
apr_table_t *env = r->subprocess_env;
char *var, *val = "";
const char *var, *val = "";
#ifdef HAVE_TLSEXT
const char *servername;
#endif
@@ -1575,7 +1575,7 @@ int ssl_hook_Fixup(request_rec *r)
modssl_var_extract_san_entries(env, ssl, r->pool);
for (i = 0; ssl_hook_Fixup_vars[i]; i++) {
var = (char *)ssl_hook_Fixup_vars[i];
var = ssl_hook_Fixup_vars[i];
val = ssl_var_lookup(r->pool, r->server, r->connection, r, var);
if (!strIsEmpty(val)) {
apr_table_setn(env, var, val);
@@ -2254,10 +2254,10 @@ static void log_tracing_state(const SSL *ssl, conn_rec *c,
if (where & SSL_CB_HANDSHAKE_DONE) {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02041)
"Protocol: %s, Cipher: %s (%s/%s bits)",
ssl_var_lookup(NULL, s, c, NULL, "SSL_PROTOCOL"),
ssl_var_lookup(NULL, s, c, NULL, "SSL_CIPHER"),
ssl_var_lookup(NULL, s, c, NULL, "SSL_CIPHER_USEKEYSIZE"),
ssl_var_lookup(NULL, s, c, NULL, "SSL_CIPHER_ALGKEYSIZE"));
ssl_var_lookup(c->pool, s, c, NULL, "SSL_PROTOCOL"),
ssl_var_lookup(c->pool, s, c, NULL, "SSL_CIPHER"),
ssl_var_lookup(c->pool, s, c, NULL, "SSL_CIPHER_USEKEYSIZE"),
ssl_var_lookup(c->pool, s, c, NULL, "SSL_CIPHER_ALGKEYSIZE"));
}
}