On 07/12/2016 11:16 PM, Graham Leggett wrote: > On 11 Jul 2016, at 4:39 PM, Ruediger Pluem <rpl...@apache.org> wrote: > >>> Added: httpd/httpd/trunk/modules/filters/mod_crypto.c >>> URL: >>> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_crypto.c?rev=1752099&view=auto >>> ============================================================================== >>> --- httpd/httpd/trunk/modules/filters/mod_crypto.c (added) >>> +++ httpd/httpd/trunk/modules/filters/mod_crypto.c Sun Jul 10 17:27:03 2016 >> >>> +static void *merge_crypto_config(apr_pool_t * p, void *basev, void *addv) >>> +{ >>> + crypto_conf *new = (crypto_conf *) apr_pcalloc(p, sizeof(crypto_conf)); >>> + crypto_conf *add = (crypto_conf *) addv; >>> + crypto_conf *base = (crypto_conf *) basev; >>> + >>> + new->library = (add->library_set == 0) ? base->library : add->library; >>> + new->params = (add->library_set == 0) ? base->params : add->params; >>> + new->library_set = add->library_set || base->library_set; >>> + >>> + new->crypto = base->crypto; >> >> Shouldn't this be: >> >> new->crypto = add->crypto; > > In this case no, the value of crypto is set globally and needs to be unique > across the server. >
Hmm. This is confusing in various ways. Why do we need to apr_pcalloc crypto then in every call to create_crypto_config? Isn't that a waste of memory then when we face a configuration with many virtual hosts if it set globally? Further more we do the same alloc in set_crypto_driver. So we do it twice if we set a crypto driver. How about the following or do I miss the point completly Index: mod_crypto.c =================================================================== --- mod_crypto.c (revision 1752371) +++ mod_crypto.c (working copy) @@ -1034,7 +1034,7 @@ #ifdef APU_CRYPTO_RECOMMENDED_DRIVER new->library = APU_CRYPTO_RECOMMENDED_DRIVER; #endif - new->crypto = apr_pcalloc(p, sizeof(apr_crypto_t *)); + new->crypto = NULL; return (void *) new; } @@ -1118,7 +1118,6 @@ conf->library = ap_getword_conf(cmd->pool, &arg); conf->params = arg; - conf->crypto = apr_pcalloc(cmd->pool, sizeof(apr_crypto_t *)); conf->library_set = 1; return NULL; @@ -1181,13 +1180,15 @@ apr_pool_t * ptemp, server_rec *s) { const apr_crypto_driver_t *driver = NULL; + apr_crypto_t **crypto = apr_pcalloc(p, sizeof(apr_crypto_t *)); while (s) { crypto_conf *conf = ap_get_module_config(s->module_config, &crypto_module); - if (conf->library_set && !*conf->crypto) { + conf->crypto = crypto; + if (conf->library_set && !*crypto) { const apu_err_t *err = NULL; apr_status_t rv; @@ -1226,7 +1227,7 @@ return rv; } - rv = apr_crypto_make(conf->crypto, driver, conf->params, p); + rv = apr_crypto_make(crypto, driver, conf->params, p); if (APR_SUCCESS != rv) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(03440) "The crypto library '%s' could not be initialised", Regards RĂ¼diger