VladPolskiy/apache-http-server
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-06 11:06:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
587d17015167f442c98efaf497504fe3825a3fe7
apache-http-server/server/ssl.c
Stefan Eissing 587d170151 *) core: provide ap_ssl_* functions in new http_ssl.h header file. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1888083 13f79535-47bb-0310-9956-ffa450edef68
2021-03-26 11:27:34 +00:00

165 lines
6.1 KiB
C
Raw Blame History

/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* ssl.c --- routines for SSL/TLS server infrastructure.
*
*/
#include "apr.h"
#include "apr_strings.h"
#include "apr_lib.h"
#include "apr_signal.h"
#include "apr_strmatch.h"
#define APR_WANT_STRFUNC
#define APR_WANT_MEMFUNC
#include "apr_want.h"
#include "ap_config.h"
#include "httpd.h"
#include "http_core.h"
#include "http_protocol.h"
#include "http_request.h"
#include "http_ssl.h"
#include "http_log.h" /* For errors detected in basic auth common
* support code... */
#include "mod_core.h"
#if APR_HAVE_STDARG_H
#include <stdarg.h>
#endif
#if APR_HAVE_UNISTD_H
#include <unistd.h>
#endif
/* we know core's module_index is 0 */
#undef APLOG_MODULE_INDEX
#define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
APR_HOOK_STRUCT(
APR_HOOK_LINK(ssl_conn_is_ssl)
APR_HOOK_LINK(ssl_var_lookup)
APR_HOOK_LINK(ssl_add_cert_files)
APR_HOOK_LINK(ssl_add_fallback_cert_files)
APR_HOOK_LINK(ssl_answer_challenge)
)
APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *));
static APR_OPTIONAL_FN_TYPE(ssl_is_https) *module_ssl_is_https;
static int ssl_is_https(conn_rec *c)
{
/* Someone retrieved the optional function., not knowning about the
* new API. We redirect them to what they should have inoked. */
return ap_ssl_conn_is_ssl(c);
}
AP_DECLARE(int) ap_ssl_conn_is_ssl(conn_rec *c)
{
int r = (ap_run_ssl_conn_is_ssl(c) == OK);
if (r == 0 && module_ssl_is_https) {
r = module_ssl_is_https(c);
}
return r;
}
APR_DECLARE_OPTIONAL_FN(const char *, ssl_var_lookup,
(apr_pool_t *p, server_rec *s,
conn_rec *c, request_rec *r,
const char *name))
AP_FN_ATTR_NONNULL((1, 2, 5)) AP_FN_ATTR_WARN_UNUSED_RESULT;
static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *module_ssl_var_lookup;
static const char *ssl_var_lookup(apr_pool_t *p, server_rec *s,
conn_rec *c, request_rec *r,
const char *name)
{
/* Someone retrieved the optional function., not knowning about the
* new API. We redirect them to what they should have inoked. */
return ap_ssl_var_lookup(p, s, c, r, name);
}
AP_DECLARE(const char *) ap_ssl_var_lookup(apr_pool_t *p, server_rec *s,
conn_rec *c, request_rec *r,
const char *name)
{
const char *val = ap_run_ssl_var_lookup(p, s, c, r, name);
if (val == NULL && module_ssl_is_https) {
val = module_ssl_var_lookup(p, s, c, r, name);
}
return val;
}
AP_DECLARE(void) ap_setup_ssl_optional_fns(apr_pool_t *pool)
{
/* Run as core's very early 'post config' hook, check for any already
* installed optional functions related to SSL and save them. Install
* our own instances that invoke the new hooks. */
APR_OPTIONAL_FN_TYPE(ssl_is_https) *fn_is_https;
APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *fn_ssl_var_lookup;
fn_is_https = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https);
module_ssl_is_https = (fn_is_https
&& fn_is_https != ssl_is_https)? fn_is_https : NULL;
APR_REGISTER_OPTIONAL_FN(ssl_is_https);
fn_ssl_var_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup);
module_ssl_var_lookup = (fn_ssl_var_lookup
&& fn_ssl_var_lookup != ssl_var_lookup)? fn_ssl_var_lookup : NULL;
APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
}
AP_DECLARE(apr_status_t) ap_ssl_add_cert_files(server_rec *s, apr_pool_t *p,
apr_array_header_t *cert_files,
apr_array_header_t *key_files)
{
int rv = ap_run_ssl_add_cert_files(s, p, cert_files, key_files);
return (rv == OK || rv == DECLINED)? APR_SUCCESS : APR_EGENERAL;
}
AP_DECLARE(apr_status_t) ap_ssl_add_fallback_cert_files(server_rec *s, apr_pool_t *p,
apr_array_header_t *cert_files,
apr_array_header_t *key_files)
{
int rv = ap_run_ssl_add_fallback_cert_files(s, p, cert_files, key_files);
return (rv == OK || rv == DECLINED)? APR_SUCCESS : APR_EGENERAL;
}
AP_DECLARE(int) ap_ssl_answer_challenge(conn_rec *c, const char *server_name,
const char **pcert_pem, const char **pkey_pem)
{
return (ap_run_ssl_answer_challenge(c, server_name, pcert_pem, pkey_pem) == OK);
}
AP_IMPLEMENT_HOOK_RUN_FIRST(int, ssl_conn_is_ssl,
(conn_rec *c), (c), DECLINED)
AP_IMPLEMENT_HOOK_RUN_FIRST(const char *,ssl_var_lookup,
(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, const char *name),
(p, s, c, r, name), NULL)
AP_IMPLEMENT_HOOK_RUN_ALL(int, ssl_add_cert_files,
(server_rec *s, apr_pool_t *p,
apr_array_header_t *cert_files, apr_array_header_t *key_files),
(s, p, cert_files, key_files), OK, DECLINED)
AP_IMPLEMENT_HOOK_RUN_ALL(int, ssl_add_fallback_cert_files,
(server_rec *s, apr_pool_t *p,
apr_array_header_t *cert_files, apr_array_header_t *key_files),
(s, p, cert_files, key_files), OK, DECLINED)
AP_IMPLEMENT_HOOK_RUN_FIRST(int, ssl_answer_challenge,
(conn_rec *c, const char *server_name, const char **pcert_pem, const char **pkey_pem),
(c, server_name, pcert_pem, pkey_pem), DECLINED)
Reference in New Issue View Git Blame Copy Permalink