From: Doug MacEachern Date: Thu, 28 Feb 2002 00:28:05 +0000 (+0000) Subject: switch SSLModConfigRec.tPublicCert to ssl_asn1_table api to prevent X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=53ee1dba73227d6b981ede36141f9f5b8a9d4d0d;p=apache switch SSLModConfigRec.tPublicCert to ssl_asn1_table api to prevent leakage on restarts. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93615 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h index 54ffddc18f..6055fe7ddc 100644 --- a/modules/ssl/mod_ssl.h +++ b/modules/ssl/mod_ssl.h @@ -518,7 +518,7 @@ typedef struct { int nScoreboardSize; /* used for builtin random seed */ apr_hash_t *tTmpKeys; void *pTmpKeys[SSL_TKPIDX_MAX]; - ssl_ds_table *tPublicCert; + apr_hash_t *tPublicCert; apr_hash_t *tPrivateKey; #ifdef SSL_EXPERIMENTAL_ENGINE char *szCryptoDevice; diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c index 6e0ad3e4d3..fd291fec4b 100644 --- a/modules/ssl/ssl_engine_config.c +++ b/modules/ssl/ssl_engine_config.c @@ -102,7 +102,7 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s) mc->pMutex = NULL; mc->aRandSeed = apr_array_make(pPool, 4, sizeof(ssl_randseed_t)); mc->tPrivateKey = apr_hash_make(pPool); - mc->tPublicCert = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t)); + mc->tPublicCert = apr_hash_make(pPool); mc->tTmpKeys = apr_hash_make(pPool); #ifdef SSL_EXPERIMENTAL_ENGINE mc->szCryptoDevice = NULL; diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index a427a7dadf..ba00484cff 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -590,7 +590,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) */ ok = FALSE; cp = apr_psprintf(p, "%s:RSA", cpVHostID); - if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPublicCert, cp)) != NULL) { + if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, cp)) != NULL) { ssl_log(s, SSL_LOG_TRACE, "Init: (%s) Configuring RSA server certificate", cpVHostID); ucp = asn1->cpData; @@ -609,7 +609,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) ok = TRUE; } cp = apr_psprintf(p, "%s:DSA", cpVHostID); - if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPublicCert, cp)) != NULL) { + if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, cp)) != NULL) { ssl_log(s, SSL_LOG_TRACE, "Init: (%s) Configuring DSA server certificate", cpVHostID); ucp = asn1->cpData; diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c index cf5ae614b7..0a7c0c9268 100644 --- a/modules/ssl/ssl_engine_pphrase.c +++ b/modules/ssl/ssl_engine_pphrase.c @@ -200,10 +200,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p) * configuration structures). */ cp = apr_psprintf(mc->pPool, "%s:%s", cpVHostID, an); - asn1 = (ssl_asn1_t *)ssl_ds_table_push(mc->tPublicCert, cp); - asn1->nData = i2d_X509(pX509Cert, NULL); - asn1->cpData = apr_palloc(mc->pPool, asn1->nData); - ucp = asn1->cpData; i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */ + length = i2d_X509(pX509Cert, NULL); + ucp = ssl_asn1_table_set(mc->tPublicCert, cp, length); + (void)i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */ /* * Free the X509 structure