diff options
author | dreid <dreid@13f79535-47bb-0310-9956-ffa450edef68> | 2007-03-28 16:05:03 +0000 |
---|---|---|
committer | dreid <dreid@13f79535-47bb-0310-9956-ffa450edef68> | 2007-03-28 16:05:03 +0000 |
commit | 0a8af3b2d6ccf8a62b20bb93ea424f8361a83f6c (patch) | |
tree | 4f36d35361526fb38c5d2f53c4045b177bfe13d3 | |
parent | b30ed14e477bc1721bf96f02bb9be5d67665b207 (diff) | |
download | libapr-util-0a8af3b2d6ccf8a62b20bb93ea424f8361a83f6c.tar.gz |
Explicity state what type of factory we are creating rather than
trying to guess based on the arguments passed in, which was less
than optimal.
Highlighted by Joe Orton
git-svn-id: http://svn.apache.org/repos/asf/apr/apr-util/trunk@523382 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | include/apr_ssl.h | 20 | ||||
-rw-r--r-- | include/private/apr_ssl_private.h | 5 | ||||
-rw-r--r-- | ssl/apr_ssl.c | 2 | ||||
-rw-r--r-- | ssl/apr_ssl_openssl.c | 7 | ||||
-rw-r--r-- | test/echod.c | 3 | ||||
-rw-r--r-- | test/sockperf.c | 3 | ||||
-rw-r--r-- | test/testssl.c | 3 |
7 files changed, 30 insertions, 13 deletions
diff --git a/include/apr_ssl.h b/include/apr_ssl.h index 9750ce32..4613399c 100644 --- a/include/apr_ssl.h +++ b/include/apr_ssl.h @@ -39,6 +39,14 @@ extern "C" { */ /** + * Values that determine how a created factory will be used. + */ +typedef enum { + APR_SSL_FACTORY_SERVER, /**< Factory is for server operations */ + APR_SSL_FACTORY_CLIENT, /**< Factory is for client operations */ +} apr_ssl_factory_type_e; + +/** * Structure for referencing an ssl "factory" */ typedef struct apr_ssl_factory apr_ssl_factory_t; @@ -54,23 +62,23 @@ typedef struct apr_ssl_socket apr_ssl_socket_t; const char *privateKeyFilename, const char *certificateFilename, const char *digestTypeToUse, + apr_ssl_factory_type_e purpose, apr_pool_t *pool) * @brief Attempts to create an SSL "factory". The "factory" is then - * used to create sockets. If a private key filename - * is passed then the created factory will assume it is to be used - * in a server context. + * used to create sockets. * @param newFactory The newly created factory - * @param privateKeyFilename + * @param privateKeyFilename Private key filename to use * @param certificateFilename X509 certificate file * @param digestTypeToUse A string identifying the type of digest scheme * to use + * @param purpose Constant that determines how the created factory will be used * @param pool The pool to use for memory allocations * @return an APR_ status code */ APU_DECLARE(apr_status_t) apr_ssl_factory_create(apr_ssl_factory_t **, + const char *, const char *, const char *, - const char *, - const char *, + apr_ssl_factory_type_e, apr_pool_t *); /** diff --git a/include/private/apr_ssl_private.h b/include/private/apr_ssl_private.h index d1a93047..5cafc5b7 100644 --- a/include/private/apr_ssl_private.h +++ b/include/private/apr_ssl_private.h @@ -38,8 +38,9 @@ typedef struct apu_ssl_socket_data apu_ssl_socket_data_t; * SSL factory structure */ struct apr_ssl_factory { - apr_pool_t *pool; /**< pool to use for memory allocations */ - apu_ssl_data_t *sslData; /**< Pointer to implementation specific data */ + apr_pool_t *pool; /**< pool to use for memory allocations */ + apr_ssl_factory_type_e purpose; /**< Purpose of the factory */ + apu_ssl_data_t *sslData; /**< Pointer to implementation specific data */ }; /** diff --git a/ssl/apr_ssl.c b/ssl/apr_ssl.c index 4842aa9c..5bdd7216 100644 --- a/ssl/apr_ssl.c +++ b/ssl/apr_ssl.c @@ -39,6 +39,7 @@ APU_DECLARE(apr_status_t) apr_ssl_factory_create(apr_ssl_factory_t **fact, const char *privateKeyFn, const char *certFn, const char *digestType, + apr_ssl_factory_type_e why, apr_pool_t *p) { @@ -60,6 +61,7 @@ APU_DECLARE(apr_status_t) apr_ssl_factory_create(apr_ssl_factory_t **fact, *fact = NULL; asf->pool = p; + asf->purpose = why; if ((rv = apu_ssl_factory_create(asf, privateKeyFn, certFn, digestType)) != APR_SUCCESS) return rv; diff --git a/ssl/apr_ssl_openssl.c b/ssl/apr_ssl_openssl.c index f2600fb8..18bf6828 100644 --- a/ssl/apr_ssl_openssl.c +++ b/ssl/apr_ssl_openssl.c @@ -58,6 +58,9 @@ static void openssl_get_error(apr_ssl_socket_t *sock, int fncode) sock->sslData->sslErr = SSL_get_error(sock->sslData->ssl, fncode); } +/* The apr_ssl_factory_t structure will have the pool and purpose + * fields set only. + */ apr_status_t apu_ssl_factory_create(apr_ssl_factory_t *asf, const char *privateKeyFn, const char *certFn, @@ -68,7 +71,7 @@ apr_status_t apu_ssl_factory_create(apr_ssl_factory_t *asf, return -1; } - if (privateKeyFn && certFn) { + if (asf->purpose == APR_SSL_FACTORY_SERVER) { sslData->ctx = SSL_CTX_new(SSLv23_server_method()); if (sslData->ctx) { if (!SSL_CTX_use_PrivateKey_file(sslData->ctx, privateKeyFn, @@ -82,7 +85,7 @@ apr_status_t apu_ssl_factory_create(apr_ssl_factory_t *asf, } } else { sslData->ctx = SSL_CTX_new(SSLv23_client_method()); - } + } if (digestType) { sslData->md = EVP_get_digestbyname(digestType); diff --git a/test/echod.c b/test/echod.c index d7dd0c7a..ead53663 100644 --- a/test/echod.c +++ b/test/echod.c @@ -154,7 +154,8 @@ int main(int argc, const char * const * argv) printf("\tPrivate key: %s\n", keyFn); printf("\tCertificate: %s\n", certFn); - rv = apr_ssl_factory_create(&asf, keyFn, certFn, NULL, pool); + rv = apr_ssl_factory_create(&asf, keyFn, certFn, NULL, + APR_SSL_FACTORY_SERVER, pool); if (rv != APR_SUCCESS) { reportError("Unable to create an SSL factory!", rv, pool); exit(1); diff --git a/test/sockperf.c b/test/sockperf.c index 294b5686..9e47b695 100644 --- a/test/sockperf.c +++ b/test/sockperf.c @@ -216,7 +216,8 @@ int main(int argc, char **argv) apr_pool_create(&pool, NULL); - rv = apr_ssl_factory_create(&asf, NULL, NULL, NULL, pool); + rv = apr_ssl_factory_create(&asf, NULL, NULL, NULL, + APR_SSL_FACTORY_CLIENT, pool); results = (struct testResult *)apr_pcalloc(pool, sizeof(*results) * nTests); diff --git a/test/testssl.c b/test/testssl.c index 4f98747c..4f1835cb 100644 --- a/test/testssl.c +++ b/test/testssl.c @@ -206,7 +206,8 @@ int main(int argc, const char * const * argv) exit(1); } - if (apr_ssl_factory_create(&asf, NULL, NULL, NULL, pool) != APR_SUCCESS) { + if (apr_ssl_factory_create(&asf, NULL, NULL, NULL, + APR_SSL_FACTORY_CLIENT, pool) != APR_SUCCESS) { fprintf(stderr, "Unable to create client factory\n"); } else { int i; |