You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by do...@apache.org on 2001/07/18 22:29:29 UTC

cvs commit: httpd-2.0/modules/tls mod_tls.c openssl_state_machine.c

dougm       01/07/18 13:29:29

  Modified:    modules/tls mod_tls.c openssl_state_machine.c
  Log:
  give some more diagnostics if server cert or key file cannot be read
  
  Revision  Changes    Path
  1.17      +4 -0      httpd-2.0/modules/tls/mod_tls.c
  
  Index: mod_tls.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/tls/mod_tls.c,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- mod_tls.c	2001/07/18 18:18:20	1.16
  +++ mod_tls.c	2001/07/18 20:29:29	1.17
  @@ -137,6 +137,10 @@
       pCtx->pStateMachine=SSLStateMachine_new(pConfig->szCertificateFile,
   					    pConfig->szKeyFile);
   
  +    if (!pCtx->pStateMachine) {
  +        return HTTP_INTERNAL_SERVER_ERROR;
  +    }
  +
       pCtx->pInputFilter=ap_add_input_filter(s_szTLSFilterName,pCtx,NULL,c);
       pCtx->pOutputFilter=ap_add_output_filter(s_szTLSFilterName,pCtx,NULL,c);
       pCtx->pbbInput=apr_brigade_create(c->pool);
  
  
  
  1.6       +19 -3     httpd-2.0/modules/tls/openssl_state_machine.c
  
  Index: openssl_state_machine.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/tls/openssl_state_machine.c,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- openssl_state_machine.c	2001/07/18 18:18:20	1.5
  +++ openssl_state_machine.c	2001/07/18 20:29:29	1.6
  @@ -143,10 +143,21 @@
   
       n=SSL_CTX_use_certificate_file(pMachine->pCtx,szCertificateFile,
   				   SSL_FILETYPE_PEM);
  -    die_unless(n > 0);
  +    if (n <= 0) {
  +        SSLStateMachine_print_error(pMachine,
  +                                    "Error opening certificate file:");
  +        SSLStateMachine_destroy(pMachine);
  +        return NULL;
  +    }
   
       n=SSL_CTX_use_PrivateKey_file(pMachine->pCtx,szKeyFile,SSL_FILETYPE_PEM);
  -    die_unless(n > 0);
  +
  +    if (n <= 0) {
  +        SSLStateMachine_print_error(pMachine,
  +                                    "Error opening private key file:");
  +        SSLStateMachine_destroy(pMachine);
  +        return NULL;
  +    }
   
       pMachine->pSSL=SSL_new(pMachine->pCtx);
       die_unless(pMachine->pSSL);
  @@ -164,7 +175,12 @@
   
   void SSLStateMachine_destroy(SSLStateMachine *pMachine)
   {
  -    SSL_free(pMachine->pSSL);
  +    if (pMachine->pCtx) {
  +        SSL_CTX_free(pMachine->pCtx);
  +    }
  +    if (pMachine->pSSL) {
  +        SSL_free(pMachine->pSSL);
  +    }
       free(pMachine);
   }