From: Doug MacEachern Date: Tue, 12 Mar 2002 23:42:53 +0000 (+0000) Subject: cleanup tmp key callbacks. each had assigned the same (1024 bit) value X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=521013ef2a30227691911c64706490b3705fc945;p=apache cleanup tmp key callbacks. each had assigned the same (1024 bit) value in 3 different places. the old code did nothing special in the case of the export flag either. add an ssl_log in each to trace when keys are being handed out. add some XXX comments. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93885 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 8a3310b6df..48ccb0fe32 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1213,65 +1213,66 @@ int ssl_hook_Fixup(request_rec *r) * | Whenever a new key is completed, the existing temporary key can be * | replaced with the new one. * + * XXX: base on comment above, if thread support is enabled, + * we should spawn a low-priority thread to generate new keys + * on the fly. + * * So we generated 512 and 1024 bit temporary keys on startup - * which we now just handle out on demand.... + * which we now just hand out on demand.... */ RSA *ssl_callback_TmpRSA(SSL *ssl, int export, int keylen) { conn_rec *c = (conn_rec *)SSL_get_app_data(ssl); SSLModConfigRec *mc = myModConfig(c->base_server); - RSA *rsa = NULL; + int idx; - if (export) { - /* It's because an export cipher is used */ - if (keylen == 512) { - rsa = (RSA *)mc->pTmpKeys[SSL_TMP_KEY_RSA_512]; - } - else if (keylen == 1024) { - rsa = (RSA *)mc->pTmpKeys[SSL_TMP_KEY_RSA_1024]; - } - else { - /* it's too expensive to generate on-the-fly, so keep 1024bit */ - rsa = (RSA *)mc->pTmpKeys[SSL_TMP_KEY_RSA_1024]; - } - } - else { - /* It's because a sign-only certificate situation exists */ - rsa = (RSA *)mc->pTmpKeys[SSL_TMP_KEY_RSA_1024]; + ssl_log(c->base_server, SSL_LOG_TRACE, + "handing out temporary %d bit RSA key", keylen); + + /* doesn't matter if export flag is on, + * we won't be asked for keylen > 512 in that case. + * if we are asked for a keylen > 1024, it is too expensive + * to generate on the fly. + * XXX: any reason not to generate 2048 bit keys at startup? + */ + + switch (keylen) { + case 512: + idx = SSL_TMP_KEY_RSA_512; + break; + + case 1024: + default: + idx = SSL_TMP_KEY_RSA_1024; } - return rsa; + return (RSA *)mc->pTmpKeys[idx]; } /* - * Handle out the already generated DH parameters... + * Hand out the already generated DH parameters... */ DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen) { conn_rec *c = (conn_rec *)SSL_get_app_data(ssl); SSLModConfigRec *mc = myModConfig(c->base_server); - DH *dh = NULL; + int idx; - if (export) { - /* It's because an export cipher is used */ - if (keylen == 512) { - dh = (DH *)mc->pTmpKeys[SSL_TMP_KEY_DH_512]; - } - else if (keylen == 1024) { - dh = (DH *)mc->pTmpKeys[SSL_TMP_KEY_DH_1024]; - } - else { - /* it's too expensive to generate on-the-fly, so keep 1024bit */ - dh = (DH *)mc->pTmpKeys[SSL_TMP_KEY_DH_1024]; - } - } - else { - /* It's because a sign-only certificate situation exists */ - dh = (DH *)mc->pTmpKeys[SSL_TMP_KEY_DH_1024]; + ssl_log(c->base_server, SSL_LOG_TRACE, + "handing out temporary %d bit DH key", keylen); + + switch (keylen) { + case 512: + idx = SSL_TMP_KEY_DH_512; + break; + + case 1024: + default: + idx = SSL_TMP_KEY_DH_1024; } - return dh; + return (DH *)mc->pTmpKeys[idx]; } /*