Changeset 764fef3 in mod_gnutls for src/gnutls_proxy.c


Ignore:
Timestamp:
May 31, 2020, 6:24:41 AM (13 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
asyncio, master
Children:
e151b6f
Parents:
7e29705
git-author:
Fiona Klute <fiona.klute@…> (05/31/20 06:17:51)
git-committer:
Fiona Klute <fiona.klute@…> (05/31/20 06:24:41)
Message:

Load cached proxy TLS sessions from cache

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_proxy.c

    r7e29705 r764fef3  
    1616
    1717#include "mod_gnutls.h"
     18#include "gnutls_cache.h"
    1819#include "gnutls_proxy.h"
    1920#include "gnutls_util.h"
     
    2122#include <apr_strings.h>
    2223#include <gnutls/gnutls.h>
     24
     25APLOG_USE_MODULE(gnutls);
    2326
    2427/*
     
    396399
    397400
     401/**
     402 * Check if there is a cached session for the connection, and load it
     403 * if yes. The session is deleted from the cache after that, because
     404 * tickets should not be reused for forward secrecy.
     405 *
     406 * @param ctxt the mod_gnutls connection handle
     407 */
     408static void proxy_conn_load_session(mgs_handle_t *ctxt)
     409{
     410    gnutls_datum_t data = {NULL, 0};
     411    data.data = gnutls_malloc(MGS_SESSION_FETCH_BUF_SIZE);
     412    if (data.data == NULL)
     413        return;
     414    data.size = MGS_SESSION_FETCH_BUF_SIZE;
     415
     416    apr_status_t rv = mgs_cache_fetch(ctxt->sc->cache, ctxt->c->base_server,
     417                                      ctxt->proxy_ticket_key, &data,
     418                                      ctxt->c->pool);
     419    if (rv != APR_SUCCESS)
     420    {
     421        gnutls_free(data.data);
     422        return;
     423    }
     424
     425    // TODO: delete the cache entry
     426
     427    int ret = gnutls_session_set_data(ctxt->session, data.data, data.size);
     428    if (ret == GNUTLS_E_SUCCESS)
     429        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
     430                      "%s: Cached session loaded.", __func__);
     431    else
     432        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_EGENERAL, ctxt->c,
     433                      "%s: Loading cached session failed: %s (%d)",
     434                      __func__, gnutls_strerror(ret), ret);
     435    gnutls_free(data.data);
     436}
     437
     438
     439
    398440gnutls_datum_t mgs_proxy_ticket_id(mgs_handle_t *ctxt, apr_pool_t *pool)
    399441{
     
    429471    proxy_conn_set_sni(ctxt);
    430472    proxy_conn_set_alpn(ctxt);
    431 }
     473    proxy_conn_load_session(ctxt);
     474}
Note: See TracChangeset for help on using the changeset viewer.