modules/ssl/ssl_util.c

	ssl_util.c revision 6b441532f6ac4ebd1c4867ab5f8a0165247b178e
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews/*                      _             _
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User**  _ __ ___   ___   __| |    ___ ___| |  mod_ssl
f0aad5341752aefe5059832f6cf3abc3283c6e16Tinderbox User** | '_ ` _ \ / _ \ / _` |   / __/ __| |  Apache Interface to OpenSSL
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User** | | | | | | (_) | (_| |   \__ \__ \ |  www.modssl.org
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User** |_| |_| |_|\___/ \__,_|___|___/___/_|  ftp.modssl.org
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User**                      |_____|
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User**  ssl_util.c
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User**  Utility Functions
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews*/
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User/* ====================================================================
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * The Apache Software License, Version 1.1
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * Copyright (c) 2000-2003 The Apache Software Foundation.  All rights
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * reserved.
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * Redistribution and use in source and binary forms, with or without
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * modification, are permitted provided that the following conditions
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * are met:
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * 1. Redistributions of source code must retain the above copyright
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    notice, this list of conditions and the following disclaimer.
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * 2. Redistributions in binary form must reproduce the above copyright
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    notice, this list of conditions and the following disclaimer in
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    the documentation and/or other materials provided with the
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    distribution.
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * 3. The end-user documentation included with the redistribution,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    if any, must include the following acknowledgment:
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *       "This product includes software developed by the
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *        Apache Software Foundation (http://www.apache.org/)."
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    Alternately, this acknowledgment may appear in the software itself,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    if and wherever such third-party acknowledgments normally appear.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User *
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * 4. The names "Apache" and "Apache Software Foundation" must
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User *    not be used to endorse or promote products derived from this
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User *    software without prior written permission. For written
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *    permission, please contact apache@apache.org.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User *
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * 5. Products derived from this software may not be called "Apache",
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User *    nor may "Apache" appear in their name, without prior written
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User *    permission of the Apache Software Foundation.
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User *
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * SUCH DAMAGE.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * ====================================================================
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User */
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                             /* ``Every day of my life
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                  I am forced to add another
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                  name to the list of people
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                  who piss me off!''
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                            -- Calvin          */
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#include "mod_ssl.h"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#include "ap_mpm.h"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#include "apr_thread_mutex.h"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User/*  _________________________________________________________________
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User**
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User**  Utility Functions
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User**  _________________________________________________________________
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User*/
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userchar *ssl_util_vhostid(apr_pool_t *p, server_rec *s)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    char *id;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    SSLSrvConfigRec *sc;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    char *host;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    apr_port_t port;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    host = s->server_hostname;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (s->port != 0)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        port = s->port;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    else {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        sc = mySrvConfig(s);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        if (sc->enabled == TRUE)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            port = DEFAULT_HTTPS_PORT;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        else
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            port = DEFAULT_HTTP_PORT;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    id = apr_psprintf(p, "%s:%lu", host, (unsigned long)port);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    return id;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Uservoid ssl_util_strupper(char *s)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    for (; *s; ++s)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        *s = apr_toupper(*s);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userstatic const char ssl_util_uuencode_six2pr[64+1] =
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Uservoid ssl_util_uuencode(char *szTo, const char *szFrom, BOOL bPad)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    ssl_util_uuencode_binary((unsigned char *)szTo,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                             (const unsigned char *)szFrom,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                             strlen(szFrom), bPad);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Uservoid ssl_util_uuencode_binary(unsigned char *szTo,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                              const unsigned char *szFrom,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                              int nLength, BOOL bPad)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    const unsigned char *s;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    int nPad = 0;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    for (s = szFrom; nLength > 0; s += 3) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        *szTo++ = ssl_util_uuencode_six2pr[s[0] >> 2];
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        *szTo++ = ssl_util_uuencode_six2pr[(s[0] << 4 | s[1] >> 4) & 0x3f];
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        if (--nLength == 0) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            nPad = 2;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            break;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        *szTo++ = ssl_util_uuencode_six2pr[(s[1] << 2 | s[2] >> 6) & 0x3f];
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        if (--nLength == 0) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            nPad = 1;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            break;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        *szTo++ = ssl_util_uuencode_six2pr[s[2] & 0x3f];
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        --nLength;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    while(bPad && nPad--) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        *szTo++ = NUL;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    *szTo = NUL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userapr_file_t *ssl_util_ppopen(server_rec *s, apr_pool_t *p, const char *cmd,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                            const char * const *argv)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    apr_procattr_t *procattr;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    apr_proc_t *proc;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (apr_procattr_create(&procattr, p) != APR_SUCCESS)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return NULL;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (apr_procattr_io_set(procattr, APR_FULL_BLOCK, APR_FULL_BLOCK,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                            APR_FULL_BLOCK) != APR_SUCCESS)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (apr_procattr_dir_set(procattr,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                             ap_make_dirstr_parent(p, cmd)) != APR_SUCCESS)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        return NULL;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (apr_procattr_cmdtype_set(procattr, APR_PROGRAM) != APR_SUCCESS)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        return NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if ((proc = (apr_proc_t *)apr_pcalloc(p, sizeof(apr_proc_t))) == NULL)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        return NULL;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (apr_proc_create(proc, cmd, argv, NULL, procattr, p) != APR_SUCCESS)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        return NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return proc->out;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Uservoid ssl_util_ppclose(server_rec *s, apr_pool_t *p, apr_file_t *fp)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_file_close(fp);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User/*
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * Run a filter program and read the first line of its stdout output
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userchar *ssl_util_readfilter(server_rec *s, apr_pool_t *p, const char *cmd,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                          const char * const *argv)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    static char buf[MAX_STRING_LEN];
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    apr_file_t *fp;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    apr_size_t nbytes = 1;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    char c;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    int k;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if ((fp = ssl_util_ppopen(s, p, cmd, argv)) == NULL)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    /* XXX: we are reading 1 byte at a time here */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    for (k = 0; apr_file_read(fp, &c, &nbytes) == APR_SUCCESS
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                && nbytes == 1 && (k < MAX_STRING_LEN-1)     ; ) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        if (c == '\n' || c == '\r')
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            break;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        buf[k++] = c;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    buf[k] = NUL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    ssl_util_ppclose(s, p, fp);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    return buf;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox UserBOOL ssl_util_path_check(ssl_pathcheck_t pcm, const char *path, apr_pool_t *p)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_finfo_t finfo;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (path == NULL)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return FALSE;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (pcm & SSL_PCM_EXISTS && apr_stat(&finfo, path,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                APR_FINFO_TYPE|APR_FINFO_SIZE, p) != 0)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return FALSE;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (pcm & SSL_PCM_ISREG && finfo.filetype != APR_REG)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        return FALSE;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (pcm & SSL_PCM_ISDIR && finfo.filetype != APR_DIR)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return FALSE;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (pcm & SSL_PCM_ISNONZERO && finfo.size <= 0)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        return FALSE;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return TRUE;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userssl_algo_t ssl_util_algotypeof(X509 *pCert, EVP_PKEY *pKey)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    ssl_algo_t t;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    t = SSL_ALGO_UNKNOWN;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (pCert != NULL)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        pKey = X509_get_pubkey(pCert);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (pKey != NULL) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        switch (EVP_PKEY_key_type(pKey)) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            case EVP_PKEY_RSA:
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                t = SSL_ALGO_RSA;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                break;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            case EVP_PKEY_DSA:
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                t = SSL_ALGO_DSA;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                break;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            default:
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                break;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return t;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userchar *ssl_util_algotypestr(ssl_algo_t t)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    char *cp;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
ea640e04eae220b5e569f188563eb1f204c7c77eTinderbox User    cp = "UNKNOWN";
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    switch (t) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        case SSL_ALGO_RSA:
ea640e04eae220b5e569f188563eb1f204c7c77eTinderbox User            cp = "RSA";
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            break;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        case SSL_ALGO_DSA:
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            cp = "DSA";
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            break;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        default:
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            break;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return cp;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userchar *ssl_util_ptxtsub(apr_pool_t *p, const char *cpLine,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                       const char *cpMatch, char *cpSubst)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#define MAX_PTXTSUB 100
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    char *cppMatch[MAX_PTXTSUB];
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    char *cpResult;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    int nResult;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    int nLine;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    int nSubst;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    int nMatch;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    char *cpI;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    char *cpO;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    char *cp;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    int i;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    /*
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User     * Pass 1: find substitution locations and calculate sizes
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User     */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    nLine  = strlen(cpLine);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    nMatch = strlen(cpMatch);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    nSubst = strlen(cpSubst);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    for (cpI = (char *)cpLine, i = 0, nResult = 0;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User         cpI < cpLine+nLine && i < MAX_PTXTSUB;    ) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        if ((cp = strstr(cpI, cpMatch)) != NULL) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            cppMatch[i++] = cp;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            nResult += ((cp-cpI)+nSubst);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            cpI = (cp+nMatch);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        else {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            nResult += strlen(cpI);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            break;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    cppMatch[i] = NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (i == 0)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    /*
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     * Pass 2: allocate memory and assemble result
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    cpResult = apr_pcalloc(p, nResult+1);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    for (cpI = (char *)cpLine, cpO = cpResult, i = 0;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User         cppMatch[i] != NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User         i++) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        apr_cpystrn(cpO, cpI, cppMatch[i]-cpI+1);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        cpO += (cppMatch[i]-cpI);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        apr_cpystrn(cpO, cpSubst, nSubst+1);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        cpO += nSubst;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        cpI = (cppMatch[i]+nMatch);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_cpystrn(cpO, cpI, cpResult+nResult-cpO+1);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return cpResult;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User/*
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * certain key and cert data needs to survive restarts,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * which are stored in the user data table of s->process->pool.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * to prevent "leaking" of this data, we use malloc/free
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User * rather than apr_palloc and these wrappers to help make sure
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * we do not leak the malloc-ed data.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User */
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userunsigned char *ssl_asn1_table_set(apr_hash_t *table,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                                  const char *key,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                                  long int length)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    apr_ssize_t klen = strlen(key);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    ssl_asn1_t *asn1 = apr_hash_get(table, key, klen);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    /*
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User     * if a value for this key already exists,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User     * reuse as much of the already malloc-ed data
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     * as possible.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (asn1) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        if (asn1->nData != length) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            free(asn1->cpData); /* XXX: realloc? */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            asn1->cpData = NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    else {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        asn1 = malloc(sizeof(*asn1));
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        asn1->source_mtime = 0; /* used as a note for encrypted private keys */
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        asn1->cpData = NULL;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    asn1->nData = length;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (!asn1->cpData) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        asn1->cpData = malloc(length);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_hash_set(table, key, klen, asn1);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return asn1->cpData; /* caller will assign a value to this */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userssl_asn1_t *ssl_asn1_table_get(apr_hash_t *table,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                               const char *key)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    return (ssl_asn1_t *)apr_hash_get(table, key, APR_HASH_KEY_STRING);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Uservoid ssl_asn1_table_unset(apr_hash_t *table,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                          const char *key)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_ssize_t klen = strlen(key);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    ssl_asn1_t *asn1 = apr_hash_get(table, key, klen);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (!asn1) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (asn1->cpData) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        free(asn1->cpData);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    free(asn1);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_hash_set(table, key, klen, NULL);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userstatic const char *ssl_asn1_key_types[] = {"RSA", "DSA"};
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userconst char *ssl_asn1_keystr(int keytype)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    if (keytype >= SSL_AIDX_MAX) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return NULL;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return ssl_asn1_key_types[keytype];
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userconst char *ssl_asn1_table_keyfmt(apr_pool_t *p,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                  const char *id,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User                                  int keytype)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    const char *keystr = ssl_asn1_keystr(keytype);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return apr_pstrcat(p, id, ":", keystr, NULL);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#if APR_HAS_THREADS
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User/*
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User * To ensure thread-safetyness in OpenSSL - work in progress
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User */
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userstatic apr_thread_mutex_t **lock_cs;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userstatic int                  lock_num_locks;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#ifdef HAVE_SSLC
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#if SSLC_VERSION_NUMBER >= 0x2000
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userstatic int ssl_util_thr_lock(int mode, int type,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                             char *file, int line)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#else
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userstatic void ssl_util_thr_lock(int mode, int type,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                              char *file, int line)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#endif
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#else
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox Userstatic void ssl_util_thr_lock(int mode, int type,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                              const char *file, int line)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#endif
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    if (type < lock_num_locks) {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        if (mode & CRYPTO_LOCK) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User            apr_thread_mutex_lock(lock_cs[type]);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        else {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User            apr_thread_mutex_unlock(lock_cs[type]);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#ifdef HAVE_SSLC
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#if SSLC_VERSION_NUMBER >= 0x2000
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return 1;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    else {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        return -1;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#endif
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#endif
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userstatic unsigned long ssl_util_thr_id(void)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    /* OpenSSL needs this to return an unsigned long.  On OS/390, the pthread
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     * id is a structure twice that big.  Use the TCB pointer instead as a
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     * unique unsigned long.
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User     */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#ifdef __MVS__
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    struct PSA {
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User        char unmapped[540];
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        unsigned long PSATOLD;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    } *psaptr = 0;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    return psaptr->PSATOLD;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#else
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return (unsigned long) apr_os_thread_current();
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User#endif
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userstatic apr_status_t ssl_util_thread_cleanup(void *data)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    CRYPTO_set_locking_callback(NULL);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    CRYPTO_set_id_callback(NULL);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    /* Let the registered mutex cleanups do their own thing
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User     */
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    return APR_SUCCESS;
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Uservoid ssl_util_thread_setup(apr_pool_t *p)
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User{
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    int i;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    lock_num_locks = CRYPTO_num_locks();
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    lock_cs = apr_palloc(p, lock_num_locks * sizeof(*lock_cs));
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    for (i = 0; i < lock_num_locks; i++) {
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User        apr_thread_mutex_create(&(lock_cs[i]), APR_THREAD_MUTEX_DEFAULT, p);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    }
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    CRYPTO_set_id_callback(ssl_util_thr_id);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    CRYPTO_set_locking_callback(ssl_util_thr_lock);
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User    apr_pool_cleanup_register(p, NULL, ssl_util_thread_cleanup,
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User                                       apr_pool_cleanup_null);
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User#endif
1e9517ea2156b990be21f44676d3370318eacf17Tinderbox User