Changeset 64470ce in mod_gnutls for src/gnutls_hooks.c
- Timestamp:
- Nov 6, 2018, 12:50:05 PM (4 years ago)
- Branches:
- asyncio, debian/master, master, proxy-ticket
- Children:
- a939015
- Parents:
- 79fc46b
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/gnutls_hooks.c
r79fc46b r64470ce 365 365 mgs_handle_t *ctxt = gnutls_session_get_ptr(session); 366 366 367 /* try to find a virtual host */ 368 mgs_srvconf_rec *tsc = mgs_find_sni_server(ctxt); 369 if (tsc != NULL) 370 { 371 /* Found a TLS vhost based on the SNI, configure the 372 * connection context. */ 373 ctxt->sc = tsc; 374 } 375 376 reload_session_credentials(ctxt); 367 /* If ctxt->sni_name is set at this point the early_sni_hook() 368 * function ran, found an SNI server name, selected a virtual 369 * host, and set up credentials, so we don't need to do that 370 * again. Otherwise try again, to cover GnuTLS versions < 3.6.3 371 * and pick up future extensions to gnutls_server_name_get(). */ 372 if (ctxt->sni_name == NULL) 373 { 374 /* try to find a virtual host */ 375 mgs_srvconf_rec *tsc = mgs_find_sni_server(ctxt); 376 if (tsc != NULL) 377 { 378 /* Found a TLS vhost based on the SNI, configure the 379 * connection context. */ 380 ctxt->sc = tsc; 381 } 382 383 ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c, 384 "%s: Loading credentials in post client hello hook", 385 __func__); 386 reload_session_credentials(ctxt); 387 } 377 388 378 389 ret = process_alpn_result(ctxt); … … 1032 1043 } 1033 1044 1034 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,1035 "%s: Trying early SNI.",1036 __func__);1037 1038 1045 int ret = gnutls_ext_raw_parse(session, mgs_sni_ext_hook, msg, 1039 1046 GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO); 1040 1047 if (ret == 0 && ctxt->sni_name != NULL) 1041 1048 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c, 1042 "%s : Early SNI result: %s",1049 "%s found SNI name: '%s'", 1043 1050 __func__, ctxt->sni_name); 1051 1052 /* try to find a virtual host for that name */ 1053 mgs_srvconf_rec *tsc = mgs_find_sni_server(ctxt); 1054 if (tsc != NULL) 1055 { 1056 /* Found a TLS vhost based on the SNI, configure the 1057 * connection context. */ 1058 ctxt->sc = tsc; 1059 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c, 1060 "%s: Selected virtual host %s from early SNI, " 1061 "connection server is still %s.", 1062 __func__, ctxt->sc->s->server_hostname, 1063 ctxt->c->base_server->server_hostname); 1064 } 1065 1066 reload_session_credentials(ctxt); 1067 1068 prepare_alpn_proposals(ctxt); 1069 1044 1070 return ret; 1045 1071 } … … 1138 1164 ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c, 1139 1165 "gnutls_priority_set failed!"); 1166 1140 1167 #ifdef ENABLE_EARLY_SNI 1141 1168 /* Pre-handshake hook, EXPERIMENTAL */ … … 1143 1170 GNUTLS_HANDSHAKE_CLIENT_HELLO, 1144 1171 GNUTLS_HOOK_PRE, early_sni_hook); 1172 #else 1173 prepare_alpn_proposals(ctxt); 1145 1174 #endif 1146 /* Set Handshake function */ 1175 1176 /* Post client hello hook (called after GnuTLS has parsed it) */ 1147 1177 gnutls_handshake_set_post_client_hello_function(ctxt->session, 1148 1178 mgs_select_virtual_server_cb); … … 1172 1202 __func__, gnutls_strerror(err), err); 1173 1203 } 1174 1175 prepare_alpn_proposals(ctxt);1176 1204 1177 1205 /* Initialize Session Cache */
Note: See TracChangeset
for help on using the changeset viewer.