Changeset 7ff6c6c in mod_gnutls
- Timestamp:
- Nov 4, 2018, 4:55:35 PM (2 years ago)
- Branches:
- asyncio, debian/master, master, proxy-ticket
- Children:
- c0fc11e
- Parents:
- 99eb567
- Files:
-
- 2 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
configure.ac
r99eb567 r7ff6c6c 67 67 AC_SEARCH_LIBS([gnutls_srp_server_get_username], [gnutls], [], [use_srp="no"]) 68 68 69 SRP_CFLAGS=""69 GNUTLS_FEAT_CFLAGS="" 70 70 if test "$use_srp" != "no"; then 71 SRP_CFLAGS="-DENABLE_SRP=1" 71 GNUTLS_FEAT_CFLAGS="-DENABLE_SRP=1" 72 fi 73 74 # check if the available GnuTLS library supports raw extension parsing 75 AC_SEARCH_LIBS([gnutls_ext_raw_parse], [gnutls], [early_sni="yes"], 76 [early_sni="no"]) 77 if test "$early_sni" != "no"; then 78 GNUTLS_FEAT_CFLAGS="${GNUTLS_FEAT_CFLAGS} -DENABLE_EARLY_SNI" 72 79 fi 73 80 … … 223 230 AC_PATH_PROGS([HTTP_CLI], [curl wget], [no]) 224 231 225 MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${ SRP_CFLAGS} ${MSVA_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}"232 MODULE_CFLAGS="${LIBGNUTLS_CFLAGS} ${GNUTLS_FEAT_CFLAGS} ${MSVA_CFLAGS} ${APXS_CFLAGS} ${AP_INCLUDES} ${APR_INCLUDES} ${APU_INCLUDES} ${STRICT_CFLAGS}" 226 233 MODULE_LIBS="${LIBGNUTLS_LIBS}" 227 234 … … 315 322 echo " * SRP Authentication: ${use_srp}" 316 323 echo " * MSVA Client Verification: ${use_msva}" 324 echo " * Early SNI (experimental): ${early_sni}" 317 325 echo " * Build documentation: ${build_doc}" 318 326 echo "" -
src/Makefile.am
r99eb567 r7ff6c6c 7 7 8 8 mod_gnutls_la_SOURCES = mod_gnutls.c gnutls_io.c gnutls_cache.c \ 9 gnutls_config.c gnutls_hooks.c gnutls_ocsp.c gnutls_ util.c \10 gnutls_ watchdog.c9 gnutls_config.c gnutls_hooks.c gnutls_ocsp.c gnutls_sni.c \ 10 gnutls_util.c gnutls_watchdog.c 11 11 mod_gnutls_la_CFLAGS = -Wall ${MODULE_CFLAGS} 12 12 mod_gnutls_la_LDFLAGS = -module -avoid-version ${MODULE_LIBS} 13 noinst_HEADERS = gnutls_cache.h gnutls_config.h gnutls_ocsp.h gnutls_ util.h \14 gnutls_ watchdog.h13 noinst_HEADERS = gnutls_cache.h gnutls_config.h gnutls_ocsp.h gnutls_sni.h \ 14 gnutls_util.h gnutls_watchdog.h 15 15 16 16 apmodpkglib_LTLIBRARIES = mod_gnutls.la -
src/gnutls_hooks.c
r99eb567 r7ff6c6c 23 23 #include "gnutls_config.h" 24 24 #include "gnutls_ocsp.h" 25 #include "gnutls_sni.h" 25 26 #include "gnutls_util.h" 26 27 #include "gnutls_watchdog.h" … … 1032 1033 } 1033 1034 1035 1036 1037 #ifdef ENABLE_EARLY_SNI 1038 static int early_sni_hook(gnutls_session_t session, 1039 unsigned int htype __attribute__((unused)), 1040 unsigned when __attribute__((unused)), 1041 unsigned int incoming, 1042 const gnutls_datum_t *msg) 1043 { 1044 //assert(htype == GNUTLS_HANDSHAKE_CLIENT_HELLO); 1045 //assert(when == GNUTLS_HOOK_PRE); 1046 if (!incoming) 1047 return 0; 1048 1049 mgs_handle_t *ctxt = (mgs_handle_t *) gnutls_session_get_ptr(session); 1050 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c, 1051 "%s: Trying early SNI.", 1052 __func__); 1053 1054 int ret = gnutls_ext_raw_parse(session, mgs_sni_ext_hook, msg, 1055 GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO); 1056 if (ret == 0 && ctxt->sni_name != NULL) 1057 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c, 1058 "%s: Early SNI result: %s", 1059 __func__, ctxt->sni_name); 1060 return ret; 1061 } 1062 #endif 1063 1064 1065 1034 1066 /** 1035 1067 * This function is intended as a cleanup handler for connections … … 1122 1154 ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c, 1123 1155 "gnutls_priority_set failed!"); 1156 #ifdef ENABLE_EARLY_SNI 1157 /* Pre-handshake hook, EXPERIMENTAL */ 1158 gnutls_handshake_set_hook_function(ctxt->session, 1159 GNUTLS_HANDSHAKE_CLIENT_HELLO, 1160 GNUTLS_HOOK_PRE, early_sni_hook); 1161 #endif 1124 1162 /* Set Handshake function */ 1125 1163 gnutls_handshake_set_post_client_hello_function(ctxt->session,
Note: See TracChangeset
for help on using the changeset viewer.