static const apr_crypto_driver_t *get_driver(abts_case *tc, apr_pool_t *pool, const char *name, const apr_array_header_t *params) { const apr_crypto_driver_t *driver = NULL; const apu_err_t *err = NULL; apr_status_t rv; rv = apr_crypto_init(pool, params); ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS); rv = apr_crypto_get_driver(pool, name, &driver, params, &err); if (APR_SUCCESS != rv && err) { ABTS_NOT_IMPL(tc, err->msg); return NULL; } if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, (char *)driver); return NULL; } ABTS_ASSERT(tc, "failed to apr_crypto_get_driver", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_get_driver returned NULL", driver != NULL); if (!driver || rv) { return NULL; } return driver; }
/* Set CTX to a Subversion cryptography context allocated from RESULT_POOL. */ svn_error_t * svn_crypto__context_create(svn_crypto__ctx_t **ctx, apr_pool_t *result_pool) { #ifdef SVN_HAVE_CRYPTO apr_status_t apr_err; const apu_err_t *apu_err = NULL; apr_crypto_t *apr_crypto; const apr_crypto_driver_t *driver; CRYPTO_INIT(result_pool); /* Load the crypto driver. ### TODO: For the sake of flexibility, should we use ### APU_CRYPTO_RECOMMENDED_DRIVER instead of hard coding ### "openssl" here? NOTE: Potential bugs in get_driver() imply we might get APR_SUCCESS and NULL. Sigh. Just be a little more careful in error generation here. */ apr_err = apr_crypto_get_driver(&driver, "openssl", NULL, &apu_err, result_pool); if (apr_err != APR_SUCCESS) return svn_error_create(apr_err, err_from_apu_err(apr_err, apu_err), _("OpenSSL crypto driver error")); if (driver == NULL) return svn_error_create(APR_EGENERAL, err_from_apu_err(APR_EGENERAL, apu_err), _("Bad return value while loading crypto " "driver")); apr_err = apr_crypto_make(&apr_crypto, driver, NULL, result_pool); if (apr_err != APR_SUCCESS || apr_crypto == NULL) return svn_error_create(apr_err, NULL, _("Error creating OpenSSL crypto context")); /* Allocate and initialize our crypto context. */ *ctx = apr_palloc(result_pool, sizeof(**ctx)); (*ctx)->crypto = apr_crypto; return SVN_NO_ERROR; #else /* SVN_HAVE_CRYPTO */ return svn_error_create(SVN_ERR_UNSUPPORTED_FEATURE, NULL, "Cryptographic support is not available"); #endif /* SVN_HAVE_CRYPTO */ }
/** * Initialise the SSL in the post_config hook. */ static int session_crypto_init(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s) { const apr_crypto_driver_t *driver = NULL; apr_crypto_t *f = NULL; session_crypto_conf *conf = ap_get_module_config(s->module_config, &session_crypto_module); /* session_crypto_init() will be called twice. Don't bother * going through all of the initialization on the first call * because it will just be thrown away.*/ if (ap_state_query(AP_SQ_MAIN_STATE) == AP_SQ_MS_CREATE_PRE_CONFIG) { return OK; } if (conf->library) { const apu_err_t *err = NULL; apr_status_t rv; rv = apr_crypto_init(p); if (APR_SUCCESS != rv) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01843) "APR crypto could not be initialised"); return rv; } rv = apr_crypto_get_driver(&driver, conf->library, conf->params, &err, p); if (APR_EREINIT == rv) { ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, APLOGNO(01844) "warning: crypto for '%s' was already initialised, " "using existing configuration", conf->library); rv = APR_SUCCESS; } if (APR_SUCCESS != rv && err) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01845) "%s", err->msg); return rv; } if (APR_ENOTIMPL == rv) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01846) "The crypto library '%s' could not be found", conf->library); return rv; } if (APR_SUCCESS != rv || !driver) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01847) "The crypto library '%s' could not be loaded", conf->library); return rv; } rv = apr_crypto_make(&f, driver, conf->params, p); if (APR_SUCCESS != rv) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01848) "The crypto library '%s' could not be initialised", conf->library); return rv; } ap_log_error(APLOG_MARK, APLOG_INFO, rv, s, APLOGNO(01849) "The crypto library '%s' was loaded successfully", conf->library); apr_pool_userdata_set((const void *)f, CRYPTO_KEY, apr_pool_cleanup_null, s->process->pconf); } return OK; }