ssl_util.c revision aafba4d7e3ecc7fcaa87efa8d7fae3e700d2428b
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* _ _
* _ __ ___ ___ __| | ___ ___| | mod_ssl
* | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL
* | | | | | | (_) | (_| | \__ \__ \ |
* |_| |_| |_|\___/ \__,_|___|___/___/_|
* |_____|
* Utility Functions
*/
/* ``Every day of my life
I am forced to add another
name to the list of people
who piss me off!''
-- Calvin */
#include "ssl_private.h"
#include "ap_mpm.h"
#include "apr_thread_mutex.h"
/* _________________________________________________________________
**
** Utility Functions
** _________________________________________________________________
*/
{
char *id;
char *host;
host = s->server_hostname;
if (s->port != 0)
else {
sc = mySrvConfig(s);
else
}
return id;
}
const char * const *argv)
{
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
}
{
return;
}
/*
* Run a filter program and read the first line of its stdout output
*/
const char * const *argv)
{
static char buf[MAX_STRING_LEN];
apr_file_t *fp;
char c;
int k;
return NULL;
/* XXX: we are reading 1 byte at a time here */
if (c == '\n' || c == '\r')
break;
buf[k++] = c;
}
ssl_util_ppclose(s, p, fp);
return buf;
}
{
return FALSE;
APR_FINFO_TYPE|APR_FINFO_SIZE, p) != 0)
return FALSE;
return FALSE;
return FALSE;
return FALSE;
return TRUE;
}
{
ssl_algo_t t;
t = SSL_ALGO_UNKNOWN;
case EVP_PKEY_RSA:
t = SSL_ALGO_RSA;
break;
case EVP_PKEY_DSA:
t = SSL_ALGO_DSA;
break;
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
t = SSL_ALGO_ECC;
break;
#endif
default:
break;
}
}
return t;
}
char *ssl_util_algotypestr(ssl_algo_t t)
{
char *cp;
cp = "UNKNOWN";
switch (t) {
case SSL_ALGO_RSA:
cp = "RSA";
break;
case SSL_ALGO_DSA:
cp = "DSA";
break;
#ifndef OPENSSL_NO_EC
case SSL_ALGO_ECC:
cp = "ECC";
break;
#endif
default:
break;
}
return cp;
}
/*
* certain key and cert data needs to survive restarts,
* which are stored in the user data table of s->process->pool.
* rather than apr_palloc and these wrappers to help make sure
* we do not leak the malloc-ed data.
*/
const char *key,
long int length)
{
/*
* if a value for this key already exists,
* reuse as much of the already malloc-ed data
* as possible.
*/
if (asn1) {
}
}
else {
}
}
}
const char *key)
{
}
const char *key)
{
if (!asn1) {
return;
}
}
}
#ifndef OPENSSL_NO_EC
#else
#endif
const char *ssl_asn1_keystr(int keytype)
{
if (keytype >= SSL_AIDX_MAX) {
return NULL;
}
return ssl_asn1_key_types[keytype];
}
const char *ssl_asn1_table_keyfmt(apr_pool_t *p,
const char *id,
int keytype)
{
}
{
FILE *f;
if (!f) {
ssl_die(s);
}
if (!p7) {
"Can't read PKCS7 object %s", pkcs7);
exit(1);
}
case NID_pkcs7_signed:
PKCS7_free(p7);
break;
PKCS7_free(p7);
break;
default:
"Don't understand PKCS7 file %s", pkcs7);
ssl_die(s);
}
if (!certs) {
"No certificates in %s", pkcs7);
ssl_die(s);
}
fclose(f);
return certs;
}
#if APR_HAS_THREADS
/*
* To ensure thread-safetyness in OpenSSL - work in progress
*/
static apr_thread_mutex_t **lock_cs;
static int lock_num_locks;
{
if (type < lock_num_locks) {
if (mode & CRYPTO_LOCK) {
}
else {
}
}
}
/* Dynamic lock structure */
struct CRYPTO_dynlock_value {
const char* file;
int line;
};
/* Global reference to the pool passed into ssl_util_thread_setup() */
/*
* Dynamic lock creation callback
*/
int line)
{
struct CRYPTO_dynlock_value *value;
apr_pool_t *p;
/*
* We need a pool to allocate our mutex. Since we can't clear
* allocated memory from a pool, create a subpool that we can blow
* away in the destruction callback.
*/
apr_pool_create(&p, dynlockpool);
"Creating dynamic lock");
/* Keep our own copy of the place from which we were created,
using our own pool. */
p);
if (rv != APR_SUCCESS) {
"Failed to create thread mutex for dynamic lock");
apr_pool_destroy(p);
return NULL;
}
return value;
}
/*
* Dynamic locking and unlocking function
*/
{
if (mode & CRYPTO_LOCK) {
}
else {
}
}
/*
* Dynamic lock destruction callback
*/
static void ssl_dyn_destroy_function(struct CRYPTO_dynlock_value *l,
{
if (rv != APR_SUCCESS) {
}
/* Trust that whomever owned the CRYPTO_dynlock_value we were
* passed has no future use for it...
*/
apr_pool_destroy(l->pool);
}
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
{
/* OpenSSL needs this to return an unsigned long. On OS/390, the pthread
* id is a structure twice that big. Use the TCB pointer instead as a
* unique unsigned long.
*/
#ifdef __MVS__
struct PSA {
char unmapped[540];
unsigned long PSATOLD;
} *psaptr = 0;
#else
#endif
}
#else
static unsigned long ssl_util_thr_id(void)
{
/* OpenSSL needs this to return an unsigned long. On OS/390, the pthread
* id is a structure twice that big. Use the TCB pointer instead as a
* unique unsigned long.
*/
#ifdef __MVS__
struct PSA {
char unmapped[540];
unsigned long PSATOLD;
} *psaptr = 0;
#else
return (unsigned long) apr_os_thread_current();
#endif
}
#endif
{
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#else
#endif
dynlockpool = NULL;
/* Let the registered mutex cleanups do their own thing
*/
return APR_SUCCESS;
}
void ssl_util_thread_setup(apr_pool_t *p)
{
int i;
for (i = 0; i < lock_num_locks; i++) {
}
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#else
#endif
/* Set up dynamic locking scaffolding for OpenSSL to use at its
* convenience.
*/
dynlockpool = p;
}
#endif