On 07/12/2016 11:16 PM, Graham Leggett wrote:
> On 11 Jul 2016, at 4:39 PM, Ruediger Pluem <[email protected]> wrote:
>
>>> Added: httpd/httpd/trunk/modules/filters/mod_crypto.c
>>> URL:
>>> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_crypto.c?rev=1752099&view=auto
>>> ==============================================================================
>>> --- httpd/httpd/trunk/modules/filters/mod_crypto.c (added)
>>> +++ httpd/httpd/trunk/modules/filters/mod_crypto.c Sun Jul 10 17:27:03 2016
>>
>>> +static void *merge_crypto_config(apr_pool_t * p, void *basev, void *addv)
>>> +{
>>> + crypto_conf *new = (crypto_conf *) apr_pcalloc(p, sizeof(crypto_conf));
>>> + crypto_conf *add = (crypto_conf *) addv;
>>> + crypto_conf *base = (crypto_conf *) basev;
>>> +
>>> + new->library = (add->library_set == 0) ? base->library : add->library;
>>> + new->params = (add->library_set == 0) ? base->params : add->params;
>>> + new->library_set = add->library_set || base->library_set;
>>> +
>>> + new->crypto = base->crypto;
>>
>> Shouldn't this be:
>>
>> new->crypto = add->crypto;
>
> In this case no, the value of crypto is set globally and needs to be unique
> across the server.
>
Hmm. This is confusing in various ways. Why do we need to apr_pcalloc crypto
then in every
call to create_crypto_config? Isn't that a waste of memory then when we face a
configuration with many virtual hosts if
it set globally? Further more we do the same alloc in set_crypto_driver. So we
do it twice if we set a crypto driver.
How about the following or do I miss the point completly
Index: mod_crypto.c
===================================================================
--- mod_crypto.c (revision 1752371)
+++ mod_crypto.c (working copy)
@@ -1034,7 +1034,7 @@
#ifdef APU_CRYPTO_RECOMMENDED_DRIVER
new->library = APU_CRYPTO_RECOMMENDED_DRIVER;
#endif
- new->crypto = apr_pcalloc(p, sizeof(apr_crypto_t *));
+ new->crypto = NULL;
return (void *) new;
}
@@ -1118,7 +1118,6 @@
conf->library = ap_getword_conf(cmd->pool, &arg);
conf->params = arg;
- conf->crypto = apr_pcalloc(cmd->pool, sizeof(apr_crypto_t *));
conf->library_set = 1;
return NULL;
@@ -1181,13 +1180,15 @@
apr_pool_t * ptemp, server_rec *s)
{
const apr_crypto_driver_t *driver = NULL;
+ apr_crypto_t **crypto = apr_pcalloc(p, sizeof(apr_crypto_t *));
while (s) {
crypto_conf *conf = ap_get_module_config(s->module_config,
&crypto_module);
- if (conf->library_set && !*conf->crypto) {
+ conf->crypto = crypto;
+ if (conf->library_set && !*crypto) {
const apu_err_t *err = NULL;
apr_status_t rv;
@@ -1226,7 +1227,7 @@
return rv;
}
- rv = apr_crypto_make(conf->crypto, driver, conf->params, p);
+ rv = apr_crypto_make(crypto, driver, conf->params, p);
if (APR_SUCCESS != rv) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
APLOGNO(03440) "The crypto library '%s' could not
be initialised",
Regards
RĂ¼diger
