cvs commit: httpd-test/flood CHANGES config.h.in configure.in flood_net_ssl.c

jerenkrantz 4 Dec 2001 09:57:11 -0000

jerenkrantz    01/12/04 01:38:53


  Modified:    flood    CHANGES config.h.in configure.in flood_net_ssl.c
  Log:
  - Look for certs dir in logical places if not overriden.
  - Have knowledge of platforms with /dev/random and /dev/urandom where
    OpenSSL will get the entropy on its own anyway.  If --with-randfile is
    not specified, we'll see if it even matters.
  - Don't call RAND_load_file if we are relying on /dev/random.
  
  Revision  Changes    Path
  1.23      +1 -1      httpd-test/flood/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-test/flood/CHANGES,v
  retrieving revision 1.22
  retrieving revision 1.23
  diff -u -r1.22 -r1.23
  --- CHANGES   2001/12/04 09:13:09     1.22
  +++ CHANGES   2001/12/04 09:38:53     1.23
  @@ -1,6 +1,6 @@
   Changes since milestone-02:
   
  -* Make randfile and capath mandatory options (no default) when SSL is
  +* Allow better detection of randfile and capath options when SSL is 
     enabled.  [Justin Erenkrantz]
   
   * Detect when we have a https URL and don't have SSL support built in.
  
  
  
  1.18      +1 -0      httpd-test/flood/config.h.in
  
  Index: config.h.in
  ===================================================================
  RCS file: /home/cvs/httpd-test/flood/config.h.in,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- config.h.in       2001/11/16 22:38:12     1.17
  +++ config.h.in       2001/12/04 09:38:53     1.18
  @@ -65,6 +65,7 @@
   #define FLOOD_HAS_STRTOQ    @hasstrtoq@
   
   #define FLOOD_HAS_OPENSSL   @flood_has_openssl@
  +#define FLOOD_HAS_DEVRAND   @flood_has_devrand@
   
   #if !FLOOD_HAS_STRTOLL && FLOOD_HAS_STRTOQ
   #define strtoll(p, e, b) strtoq(p, e, b)
  
  
  
  1.15      +25 -6     httpd-test/flood/configure.in
  
  Index: configure.in
  ===================================================================
  RCS file: /home/cvs/httpd-test/flood/configure.in,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- configure.in      2001/12/04 09:11:10     1.14
  +++ configure.in      2001/12/04 09:38:53     1.15
  @@ -42,6 +42,7 @@
   [enable_ssl=no])
   
   flood_has_openssl=0
  +flood_has_devrand=0
   if test "$enable_ssl" = "yes"; then
     AC_CHECK_HEADERS(openssl/ssl.h openssl/opensslv.h,,
       AC_MSG_ERROR('OpenSSL Headers not found at patch specified'))
  @@ -56,15 +57,32 @@
     AC_CHECK_LIB(ssl, BIO_next, LIBS="$LIBS -lssl")
     flood_has_openssl=1
   
  +  dnl Extra OpenSSL specific options
  +  AC_ARG_WITH(capath,
  +    [  --with-capath=PATH      Path to a directory with c_rehash'd CA files 
used by OpenSSL (default $OPENSSL_PREFIX/certs)],
  +    [if test "$withval" = "yes"; then AC_MSG_ERROR('option --with-capath 
requires a path'); else CAPATH="$withval"; fi],
  +    [if test -d "$fl_openssl_prefix/certs"; then
  +        CAPATH="$fl_openssl_prefix/certs"
  +     else if test -d "/usr/lib/ssl/certs"; then
  +        CAPATH="/usr/lib/ssl/certs"
  +     else
  +        AC_MSG_ERROR('option --with-capath must be specified')
  +     fi
  +     fi
  +    ])
  +
     AC_ARG_WITH(randfile,
       [  --with-randfile=PATH    Path to a random file used by OpenSSL],
       [if test "$withval" = "yes"; then AC_MSG_ERROR('option --with-randfile 
requires a path'); else RANDFILE="$withval"; fi],
  -    [AC_MSG_ERROR('option --with-randfile must be specified')])
  -
  -  AC_ARG_WITH(capath,
  -    [  --with-capath=PATH      Path to a directory with c_rehash'd CA files 
used by OpenSSL],
  -    [if test "$withval" = "yes"; then AC_MSG_ERROR('option --with-capath 
requires a path'); else CAPATH="$withval"; fi],
  -    [AC_MSG_ERROR('option --with-capath must be specified')])
  +    [if test -c "/dev/random"; then
  +        flood_has_devrand=1
  +     else if test -c "/dev/urandom"; then
  +        flood_has_devrand=1
  +     else
  +        AC_MSG_ERROR(option --with-randfile must be specified to point at a 
random file used to seed OpenSSL)
  +     fi
  +     fi
  +    ])
   fi
   
   dnl Need for now.  Remove later.
  @@ -131,6 +149,7 @@
   AC_SUBST(hasstrtoll)
   AC_SUBST(hasstrtoq)
   AC_SUBST(flood_has_openssl)
  +AC_SUBST(flood_has_devrand)
   
   dnl Makefile outputs
   dnl Note: There can only be one AC_OUTPUT command.
  
  
  
  1.14      +2 -0      httpd-test/flood/flood_net_ssl.c
  
  Index: flood_net_ssl.c
  ===================================================================
  RCS file: /home/cvs/httpd-test/flood/flood_net_ssl.c,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- flood_net_ssl.c   2001/11/17 01:26:48     1.13
  +++ flood_net_ssl.c   2001/12/04 09:38:53     1.14
  @@ -161,7 +161,9 @@
       OpenSSL_add_ssl_algorithms();
       SSL_load_error_strings();
       ERR_load_crypto_strings();
  +#if !FLOOD_HAS_DEVRAND
       RAND_load_file(RANDFILE, -1);
  +#endif
   
   #if APR_HAS_THREADS
       numlocks = CRYPTO_num_locks();

cvs commit: httpd-test/flood CHANGES config.h.in configure.in flood_net_ssl.c

Reply via email to