Changeset 994a5fb in mod_gnutls for src/gnutls_hooks.c


Ignore:
Timestamp:
Dec 5, 2017, 2:57:35 AM (3 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, proxy-ticket, upstream
Children:
1de1026
Parents:
2a912c3
Message:

Do not reconfigure OCSP status callback on each connection

The callback is a property of the credentials, not the session, so
rewriting it during each handshake will create problems with parallel
connections on one virtual host. Set the callback once during
post_config instead, and get the mod_gnutls session context from the
GnuTLS session pointer instead of the callback pointer.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r2a912c3 r994a5fb  
    164164    /* Set Anon credentials */
    165165    gnutls_credentials_set(session, GNUTLS_CRD_ANON, ctxt->sc->anon_creds);
    166 
    167     if (ctxt->sc->ocsp_staple)
    168     {
    169         gnutls_certificate_set_ocsp_status_request_function(ctxt->sc->certs,
    170                                                             mgs_get_ocsp_response,
    171                                                             ctxt);
    172     }
    173166
    174167#ifdef ENABLE_SRP
Note: See TracChangeset for help on using the changeset viewer.