give some more diagnostics if server cert or key file cannot be read

author Doug MacEachern <dougm@apache.org>

Wed, 18 Jul 2001 20:29:29 +0000 (20:29 +0000)

committer Doug MacEachern <dougm@apache.org>

Wed, 18 Jul 2001 20:29:29 +0000 (20:29 +0000)
author Doug MacEachern <dougm@apache.org>
Wed, 18 Jul 2001 20:29:29 +0000 (20:29 +0000)
committer Doug MacEachern <dougm@apache.org>
Wed, 18 Jul 2001 20:29:29 +0000 (20:29 +0000)
diff --git a/modules/tls/mod_tls.c b/modules/tls/mod_tls.c

index df9fd59515bda38ddfc61b5ae43206da0efc569b..5aee9a08e94656d31c3ad6bb026821ef761a23da 100644 (file)
--- a/modules/tls/mod_tls.c
+++ b/modules/tls/mod_tls.c
@@ -137,6 +137,10 @@ static int tls_filter_inserter(conn_rec *c)
      pCtx->pStateMachine=SSLStateMachine_new(pConfig->szCertificateFile,
                                             pConfig->szKeyFile);
  
+    if (!pCtx->pStateMachine) {
+        return HTTP_INTERNAL_SERVER_ERROR;
+    }
+
      pCtx->pInputFilter=ap_add_input_filter(s_szTLSFilterName,pCtx,NULL,c);
      pCtx->pOutputFilter=ap_add_output_filter(s_szTLSFilterName,pCtx,NULL,c);
      pCtx->pbbInput=apr_brigade_create(c->pool);
diff --git a/modules/tls/openssl_state_machine.c b/modules/tls/openssl_state_machine.c

index 4f626e9efbf2a550f47f46fae1eb67b05f5c887a..207b06c0fb063f3551858fade60dca0a0685b44b 100644 (file)
--- a/modules/tls/openssl_state_machine.c
+++ b/modules/tls/openssl_state_machine.c
@@ -143,10 +143,21 @@ SSLStateMachine *SSLStateMachine_new(const char *szCertificateFile,
  
      n=SSL_CTX_use_certificate_file(pMachine->pCtx,szCertificateFile,
                                    SSL_FILETYPE_PEM);
-    die_unless(n > 0);
+    if (n <= 0) {
+        SSLStateMachine_print_error(pMachine,
+                                    "Error opening certificate file:");
+        SSLStateMachine_destroy(pMachine);
+        return NULL;
+    }
  
      n=SSL_CTX_use_PrivateKey_file(pMachine->pCtx,szKeyFile,SSL_FILETYPE_PEM);
-    die_unless(n > 0);
+
+    if (n <= 0) {
+        SSLStateMachine_print_error(pMachine,
+                                    "Error opening private key file:");
+        SSLStateMachine_destroy(pMachine);
+        return NULL;
+    }
  
      pMachine->pSSL=SSL_new(pMachine->pCtx);
      die_unless(pMachine->pSSL);
@@ -164,7 +175,12 @@ SSLStateMachine *SSLStateMachine_new(const char *szCertificateFile,
  
  void SSLStateMachine_destroy(SSLStateMachine *pMachine)
  {
-    SSL_free(pMachine->pSSL);
+    if (pMachine->pCtx) {
+        SSL_CTX_free(pMachine->pCtx);
+    }
+    if (pMachine->pSSL) {
+        SSL_free(pMachine->pSSL);
+    }
      free(pMachine);
  }
author	Doug MacEachern <dougm@apache.org>
	Wed, 18 Jul 2001 20:29:29 +0000 (20:29 +0000)
committer	Doug MacEachern <dougm@apache.org>
	Wed, 18 Jul 2001 20:29:29 +0000 (20:29 +0000)
modules/tls/mod_tls.c		patch \| blob \| history
modules/tls/openssl_state_machine.c		patch \| blob \| history