From: Doug MacEachern Date: Thu, 28 Feb 2002 00:28:05 +0000 (+0000) Subject: switch SSLModConfigRec.tPublicCert to ssl_asn1_table api to prevent X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5681beab9b9c1fde4f0b810ab45a9443529ae3fe;p=thirdparty%2Fapache%2Fhttpd.git switch SSLModConfigRec.tPublicCert to ssl_asn1_table api to prevent leakage on restarts. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93615 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/mod_ssl.h b/mod_ssl.h index 54ffddc18f9..6055fe7ddc2 100644 --- a/mod_ssl.h +++ b/mod_ssl.h @@ -518,7 +518,7 @@ typedef struct { int nScoreboardSize; /* used for builtin random seed */ apr_hash_t *tTmpKeys; void *pTmpKeys[SSL_TKPIDX_MAX]; - ssl_ds_table *tPublicCert; + apr_hash_t *tPublicCert; apr_hash_t *tPrivateKey; #ifdef SSL_EXPERIMENTAL_ENGINE char *szCryptoDevice; diff --git a/ssl_engine_config.c b/ssl_engine_config.c index 6e0ad3e4d31..fd291fec4b5 100644 --- a/ssl_engine_config.c +++ b/ssl_engine_config.c @@ -102,7 +102,7 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s) mc->pMutex = NULL; mc->aRandSeed = apr_array_make(pPool, 4, sizeof(ssl_randseed_t)); mc->tPrivateKey = apr_hash_make(pPool); - mc->tPublicCert = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t)); + mc->tPublicCert = apr_hash_make(pPool); mc->tTmpKeys = apr_hash_make(pPool); #ifdef SSL_EXPERIMENTAL_ENGINE mc->szCryptoDevice = NULL; diff --git a/ssl_engine_init.c b/ssl_engine_init.c index a427a7dadf4..ba00484cffa 100644 --- a/ssl_engine_init.c +++ b/ssl_engine_init.c @@ -590,7 +590,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) */ ok = FALSE; cp = apr_psprintf(p, "%s:RSA", cpVHostID); - if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPublicCert, cp)) != NULL) { + if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, cp)) != NULL) { ssl_log(s, SSL_LOG_TRACE, "Init: (%s) Configuring RSA server certificate", cpVHostID); ucp = asn1->cpData; @@ -609,7 +609,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) ok = TRUE; } cp = apr_psprintf(p, "%s:DSA", cpVHostID); - if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPublicCert, cp)) != NULL) { + if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, cp)) != NULL) { ssl_log(s, SSL_LOG_TRACE, "Init: (%s) Configuring DSA server certificate", cpVHostID); ucp = asn1->cpData; diff --git a/ssl_engine_pphrase.c b/ssl_engine_pphrase.c index cf5ae614b75..0a7c0c92689 100644 --- a/ssl_engine_pphrase.c +++ b/ssl_engine_pphrase.c @@ -200,10 +200,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p) * configuration structures). */ cp = apr_psprintf(mc->pPool, "%s:%s", cpVHostID, an); - asn1 = (ssl_asn1_t *)ssl_ds_table_push(mc->tPublicCert, cp); - asn1->nData = i2d_X509(pX509Cert, NULL); - asn1->cpData = apr_palloc(mc->pPool, asn1->nData); - ucp = asn1->cpData; i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */ + length = i2d_X509(pX509Cert, NULL); + ucp = ssl_asn1_table_set(mc->tPublicCert, cp, length); + (void)i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */ /* * Free the X509 structure