Changeset 017ef2d in mod_gnutls
- Timestamp:
- Sep 17, 2017, 11:06:44 AM (5 years ago)
- Branches:
- asyncio, debian/master, debian/stretch-backports, master, proxy-ticket, upstream
- Children:
- 98cf33f
- Parents:
- cebb74a
- git-author:
- Thomas Klute <thomas2.klute@…> (09/17/17 08:36:42)
- git-committer:
- Thomas Klute <thomas2.klute@…> (09/17/17 11:06:44)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/gnutls_hooks.c
rcebb74a r017ef2d 134 134 } 135 135 136 static int mgs_select_virtual_server_cb(gnutls_session_t session) { 137 138 mgs_handle_t *ctxt = NULL; 139 mgs_srvconf_rec *tsc = NULL; 136 /** 137 * Post client hello function for GnuTLS, used to configure the TLS 138 * server based on virtual host configuration. Uses SNI to select the 139 * virtual host if available. 140 * 141 * @param session the TLS session 142 * 143 * @return zero or a GnuTLS error code, as required by GnuTLS hook 144 * definition 145 */ 146 static int mgs_select_virtual_server_cb(gnutls_session_t session) 147 { 140 148 int ret = 0; 141 142 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 143 144 ctxt = gnutls_transport_get_ptr(session); 145 146 /* find the virtual server */ 147 tsc = mgs_find_sni_server(session); 148 149 if (tsc != NULL) { 150 // Found a TLS vhost based on the SNI from the client; use it instead. 149 mgs_handle_t *ctxt = gnutls_session_get_ptr(session); 150 151 /* try to find a virtual host */ 152 mgs_srvconf_rec *tsc = mgs_find_sni_server(session); 153 if (tsc != NULL) 154 { 155 /* Found a TLS vhost based on the SNI, configure the 156 * connection context. */ 151 157 ctxt->sc = tsc; 152 158 } … … 177 183 * negotiation. 178 184 */ 179 180 185 ret = gnutls_priority_set(session, ctxt->sc->priorities); 186 181 187 /* actually it shouldn't fail since we have checked at startup */ 182 188 return ret; 183 184 189 } 185 190 … … 831 836 mgs_srvconf_rec *mgs_find_sni_server(gnutls_session_t session) 832 837 { 833 int rv;834 838 unsigned int sni_type; 835 839 size_t data_len = MAX_HOST_LEN; 836 840 char sni_name[MAX_HOST_LEN]; 837 mgs_handle_t *ctxt;838 vhost_cb_rec cbx;839 841 840 842 if (session == NULL) 841 843 return NULL; 842 844 843 _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__); 844 ctxt = gnutls_transport_get_ptr(session); 845 846 rv = gnutls_server_name_get(ctxt->session, sni_name, 847 &data_len, &sni_type, 0); 845 mgs_handle_t *ctxt = gnutls_session_get_ptr(session); 846 int rv = gnutls_server_name_get(session, sni_name, 847 &data_len, &sni_type, 0); 848 848 849 849 850 if (rv != 0) { 851 ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_EGENERAL, ctxt->c, 852 "%s: no SNI data found: %s (%d)", 853 __func__, gnutls_strerror(rv), rv); 850 854 return NULL; 851 855 } … … 858 862 } 859 863 860 /** 861 * Code in the Core already sets up the c->base_server as the base 862 * for this IP/Port combo. Trust that the core did the 'right' thing. 863 */ 864 cbx.ctxt = ctxt; 865 cbx.sc = NULL; 866 cbx.sni_name = sni_name; 867 864 ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctxt->c, 865 "%s: client requested server '%s'.", 866 __func__, sni_name); 867 868 /* Search for vhosts matching connection parameters and the 869 * SNI. If a match is found, cbx.sc will contain the mod_gnutls 870 * server config for the vhost. */ 871 vhost_cb_rec cbx = { 872 .ctxt = ctxt, 873 .sc = NULL, 874 .sni_name = sni_name 875 }; 868 876 rv = ap_vhost_iterate_given_conn(ctxt->c, vhost_cb, &cbx); 869 877 if (rv == 1) {
Note: See TracChangeset
for help on using the changeset viewer.