switch SSLModConfigRec.tPrivateKey to ssl_asn1_table api to prevent

author Doug MacEachern <dougm@apache.org>

Thu, 28 Feb 2002 00:23:32 +0000 (00:23 +0000)

committer Doug MacEachern <dougm@apache.org>

Thu, 28 Feb 2002 00:23:32 +0000 (00:23 +0000)
author Doug MacEachern <dougm@apache.org>
Thu, 28 Feb 2002 00:23:32 +0000 (00:23 +0000)
committer Doug MacEachern <dougm@apache.org>
Thu, 28 Feb 2002 00:23:32 +0000 (00:23 +0000)
diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h

index 99cfb6895c437471105d0b53afc67428ab6ebbd9..54ffddc18f9cc025916ddea66d35b06ab6393da3 100644 (file)
--- a/modules/ssl/mod_ssl.h
+++ b/modules/ssl/mod_ssl.h
@@ -519,7 +519,7 @@ typedef struct {
      apr_hash_t     *tTmpKeys;
      void           *pTmpKeys[SSL_TKPIDX_MAX];
      ssl_ds_table   *tPublicCert;
-    ssl_ds_table   *tPrivateKey;
+    apr_hash_t     *tPrivateKey;
  #ifdef SSL_EXPERIMENTAL_ENGINE
      char           *szCryptoDevice;
  #endif
diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c

index 2160c4e6c8c828442a55c0fee67dfd22fe748de5..6e0ad3e4d319f0e6ed8819001e0e314e1583367a 100644 (file)
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -101,7 +101,7 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s)
          mc->szMutexFile            = NULL;
          mc->pMutex                 = NULL;
          mc->aRandSeed              = apr_array_make(pPool, 4, sizeof(ssl_randseed_t));
-        mc->tPrivateKey            = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t));
+        mc->tPrivateKey            = apr_hash_make(pPool);
          mc->tPublicCert            = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t));
          mc->tTmpKeys               = apr_hash_make(pPool);
  #ifdef SSL_EXPERIMENTAL_ENGINE
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c

index 18a01ddd952157a03a0343605215d5fba5a62ef4..a427a7dadf4cd5cffc5972a115384159b59c0b72 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -682,7 +682,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc)
       */
      ok = FALSE;
      cp = apr_psprintf(p, "%s:RSA", cpVHostID);
-    if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPrivateKey, cp)) != NULL) {
+    if ((asn1 = ssl_asn1_table_get(mc->tPrivateKey, cp)) != NULL) {
          ssl_log(s, SSL_LOG_TRACE,
                  "Init: (%s) Configuring RSA server private key", cpVHostID);
          ucp = asn1->cpData;
@@ -702,7 +702,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc)
          ok = TRUE;
      }
      cp = apr_psprintf(p, "%s:DSA", cpVHostID);
-    if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPrivateKey, cp)) != NULL) {
+    if ((asn1 = ssl_asn1_table_get(mc->tPrivateKey, cp)) != NULL) {
          ssl_log(s, SSL_LOG_TRACE,
                  "Init: (%s) Configuring DSA server private key", cpVHostID);
          ucp = asn1->cpData;
diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c

index 8b0717fcc2fae743665460da92439372a81f97d1..cf5ae614b75a42ae9a8da09a07199c02d879c228 100644 (file)
--- a/modules/ssl/ssl_engine_pphrase.c
+++ b/modules/ssl/ssl_engine_pphrase.c
@@ -114,6 +114,7 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
      EVP_PKEY *pPrivateKey;
      ssl_asn1_t *asn1;
      unsigned char *ucp;
+    long int length;
      X509 *pX509Cert;
      BOOL bReadable;
      ssl_ds_array *aPassPhrase;
@@ -278,7 +279,7 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
                      !(isterm = isatty(fileno(stdout)))) /* XXX: apr_isatty() */
                  {
                      char *key_id = apr_psprintf(p, "%s:%s", cpVHostID, "RSA"); /* XXX: check for DSA key too? */
-                    ssl_asn1_t *asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPrivateKey, key_id);
+                    ssl_asn1_t *asn1 = ssl_asn1_table_get(mc->tPrivateKey, key_id);
                      
                      if (asn1 && (asn1->source_mtime == pkey_mtime)) {
                          ssl_log(pServ, SSL_LOG_INFO,
@@ -427,12 +428,15 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
               * RSA structure which do not survive DSO reloads!)
               */
              cp = apr_psprintf(mc->pPool, "%s:%s", cpVHostID, an);
-            asn1 = (ssl_asn1_t *)ssl_ds_table_push(mc->tPrivateKey, cp);
-            asn1->nData  = i2d_PrivateKey(pPrivateKey, NULL);
-            asn1->cpData = apr_palloc(mc->pPool, asn1->nData);
-            ucp = asn1->cpData; i2d_PrivateKey(pPrivateKey, &ucp); /* 2nd arg increments */
-
-            asn1->source_mtime = pkey_mtime;
+            length = i2d_PrivateKey(pPrivateKey, NULL);
+            ucp = ssl_asn1_table_set(mc->tPrivateKey, cp, length);
+            (void)i2d_PrivateKey(pPrivateKey, &ucp); /* 2nd arg increments */
+
+            if (nPassPhraseDialogCur != 0) {
+                /* remember mtime of encrypted keys */
+                asn1 = ssl_asn1_table_get(mc->tPrivateKey, cp);
+                asn1->source_mtime = pkey_mtime;
+            }
  
              /*
               * Free the private key structure
author	Doug MacEachern <dougm@apache.org>
	Thu, 28 Feb 2002 00:23:32 +0000 (00:23 +0000)
committer	Doug MacEachern <dougm@apache.org>
	Thu, 28 Feb 2002 00:23:32 +0000 (00:23 +0000)
modules/ssl/mod_ssl.h		patch \| blob \| history
modules/ssl/ssl_engine_config.c		patch \| blob \| history
modules/ssl/ssl_engine_init.c		patch \| blob \| history
modules/ssl/ssl_engine_pphrase.c		patch \| blob \| history