You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2008/04/06 01:35:03 UTC
svn commit: r645186 - in /httpd/httpd/trunk:
docs/manual/mod/mod_session_crypto.xml modules/session/mod_session_crypto.c
Author: minfrin
Date: Sat Apr 5 16:35:00 2008
New Revision: 645186
URL: http://svn.apache.org/viewvc?rev=645186&view=rev
Log:
Clarify the operation of the SessionCryptoPassphrase directive as raised by rpluem. When
SessionCryptoCertificateFile is set, asymmetrical encryption will be used, and SessionCryptoPassphrase
will be interpreted as the passphrase protecting the private key. When SessionCryptoCertificateFile
is not set, symmetrical encryption is used, and SessionCryptoPassphrase will contain the key to
use. Make sure that the engine parameter is properly passed into the crypto functions, and fix a
missing cleanup on an error case.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
httpd/httpd/trunk/modules/session/mod_session_crypto.c
Modified: httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml?rev=645186&r1=645185&r2=645186&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml Sat Apr 5 16:35:00 2008
@@ -87,12 +87,17 @@
<usage>
<p>The <directive>SessionCryptoPassphrase</directive> directive specifies the key
- to be used to encrypt the contents of the session before writing the session, or
- decrypting the contents of the session after reading the session.</p>
-
+ to be used to enable symmetrical encryption on the contents of the session before
+ writing the session, or decrypting the contents of the session after reading the session.</p>
+
<p>Keys are more secure when they are long, and consist of truly random characters.
Changing the key on a server has the effect of invalidating all existing sessions.</p>
-
+
+ <p>If the <directive module="mod_session_crypto">SessionCryptoCertificateFile</directive>
+ directive is set and asymmetrical encryption is enabled instead, the
+ <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> directive
+ will be interpreted as the passphrase of the key, if the key is encrypted.</p>
+
</usage>
</directivesynopsis>
@@ -107,12 +112,16 @@
<usage>
<p>The <directive>SessionCryptoCertificateFile</directive> directive specifies the name
- of a certificate to be used to encrypt the contents of the session before writing
- the session, or decrypting the content of the session after reading the session.</p>
-
+ of a certificate to be used to asymmetrically encrypt the contents of the session before
+ writing the session, or decrypting the content of the session after reading the session.</p>
+
<p>Changing the certificate on a server has the effect of invalidating all existing
sessions.</p>
+ <p>If the key associated with this certificate is protected with a passphrase, the
+ <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> directive
+ will be interpreted as the passphrase to use to decrypt the key.</p>
+
<note type="warning"><title>Experimental</title>
<p>This directive is dependent on experimental support for assymetrical encryption
support currently available in prerelease versions of OpenSSL, and will only be
@@ -139,6 +148,10 @@
<p>Changing the certificate or key on a server has the effect of invalidating all existing
sessions.</p>
+
+ <p>If this key is protected with a passphrase, the
+ <directive module="mod_session_crypto">SessionCryptoPassphrase</directive> directive
+ will be interpreted as the passphrase to use to decrypt the key.</p>
<note type="warning"><title>Experimental</title>
<p>This directive is dependent on experimental support for asymmetrical encryption
Modified: httpd/httpd/trunk/modules/session/mod_session_crypto.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_crypto.c?rev=645186&r1=645185&r2=645186&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session_crypto.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session_crypto.c Sat Apr 5 16:35:00 2008
@@ -58,7 +58,7 @@
{
apr_status_t res;
- if (!conf->certfile_set && !conf->keyfile_set && !conf->passphrase_set) {
+ if (!conf->certfile_set && !conf->passphrase_set) {
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, LOG_PREFIX
"encryption not configured, "
"no passphrase or certfile/keyfile set");
@@ -69,17 +69,19 @@
if (conf->certfile_set) {
*key = APR_EVP_KEY_PUBLIC;
res = apr_evp_factory_create(f, conf->keyfile, conf->certfile, NULL,
- NULL, NULL, conf->digest, APR_EVP_FACTORY_ASYM, r->pool);
+ conf->passphrase, conf->engine, conf->digest,
+ APR_EVP_FACTORY_ASYM, r->pool);
if (APR_ENOTIMPL == res) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
"generic public/private key encryption is not supported by "
"this version of APR. session encryption not possible");
}
}
- if (conf->passphrase) {
+ else {
*key = APR_EVP_KEY_SYM;
res = apr_evp_factory_create(f, NULL, NULL, conf->cipher,
- conf->passphrase, NULL, conf->digest, APR_EVP_FACTORY_SYM, r->pool);
+ conf->passphrase, conf->engine, conf->digest,
+ APR_EVP_FACTORY_SYM, r->pool);
if (APR_ENOTIMPL == res) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
"generic symmetrical encryption is not supported by this "
@@ -134,6 +136,9 @@
session_crypto_dir_conf *conf = ap_get_module_config(r->per_dir_config,
&session_crypto_module);
+ /* by default, return an empty string */
+ *out = "";
+
/* don't attempt to encrypt an empty string, trying to do so causes a segfault */
if (!in || !*in) {
return APR_SUCCESS;
@@ -232,6 +237,8 @@
if (res) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
"decrypt: attempt to decrypt failed");
+ apr_evp_factory_cleanup(f);
+ apr_evp_crypt_cleanup(e);
return res;
}
*out = (char *) decrypted;