You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by do...@apache.org on 2001/07/18 22:29:29 UTC
cvs commit: httpd-2.0/modules/tls mod_tls.c openssl_state_machine.c
dougm 01/07/18 13:29:29
Modified: modules/tls mod_tls.c openssl_state_machine.c
Log:
give some more diagnostics if server cert or key file cannot be read
Revision Changes Path
1.17 +4 -0 httpd-2.0/modules/tls/mod_tls.c
Index: mod_tls.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/tls/mod_tls.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- mod_tls.c 2001/07/18 18:18:20 1.16
+++ mod_tls.c 2001/07/18 20:29:29 1.17
@@ -137,6 +137,10 @@
pCtx->pStateMachine=SSLStateMachine_new(pConfig->szCertificateFile,
pConfig->szKeyFile);
+ if (!pCtx->pStateMachine) {
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
pCtx->pInputFilter=ap_add_input_filter(s_szTLSFilterName,pCtx,NULL,c);
pCtx->pOutputFilter=ap_add_output_filter(s_szTLSFilterName,pCtx,NULL,c);
pCtx->pbbInput=apr_brigade_create(c->pool);
1.6 +19 -3 httpd-2.0/modules/tls/openssl_state_machine.c
Index: openssl_state_machine.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/tls/openssl_state_machine.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- openssl_state_machine.c 2001/07/18 18:18:20 1.5
+++ openssl_state_machine.c 2001/07/18 20:29:29 1.6
@@ -143,10 +143,21 @@
n=SSL_CTX_use_certificate_file(pMachine->pCtx,szCertificateFile,
SSL_FILETYPE_PEM);
- die_unless(n > 0);
+ if (n <= 0) {
+ SSLStateMachine_print_error(pMachine,
+ "Error opening certificate file:");
+ SSLStateMachine_destroy(pMachine);
+ return NULL;
+ }
n=SSL_CTX_use_PrivateKey_file(pMachine->pCtx,szKeyFile,SSL_FILETYPE_PEM);
- die_unless(n > 0);
+
+ if (n <= 0) {
+ SSLStateMachine_print_error(pMachine,
+ "Error opening private key file:");
+ SSLStateMachine_destroy(pMachine);
+ return NULL;
+ }
pMachine->pSSL=SSL_new(pMachine->pCtx);
die_unless(pMachine->pSSL);
@@ -164,7 +175,12 @@
void SSLStateMachine_destroy(SSLStateMachine *pMachine)
{
- SSL_free(pMachine->pSSL);
+ if (pMachine->pCtx) {
+ SSL_CTX_free(pMachine->pCtx);
+ }
+ if (pMachine->pSSL) {
+ SSL_free(pMachine->pSSL);
+ }
free(pMachine);
}