- Timestamp:
- Feb 3, 2015, 6:31:46 AM (6 years ago)
- Branches:
- asyncio, debian/master, debian/stretch-backports, jessie-backports, master, proxy-ticket, upstream
- Children:
- b324906
- Parents:
- d7a8286
- git-author:
- Thomas Klute <thomas2.klute@…> (02/03/15 05:46:50)
- git-committer:
- Thomas Klute <thomas2.klute@…> (02/03/15 06:31:46)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/gnutls_hooks.c
rd7a8286 rb429e4c 39 39 static apr_file_t *debug_log_fp; 40 40 #endif 41 42 #define IS_PROXY_STR(c) \ 43 ((c->is_proxy == GNUTLS_ENABLED_TRUE) ? "proxy " : "") 41 44 42 45 static gnutls_datum_t session_ticket_key = {NULL, 0}; … … 684 687 } 685 688 689 /* 690 * This function is intended as a cleanup handler for connections 691 * using GnuTLS. 692 * 693 * @param data must point to the mgs_handle_t associated with the 694 * connection 695 */ 696 static apr_status_t cleanup_gnutls_session(void *data) 697 { 698 /* nothing to do */ 699 if (data == NULL) 700 return APR_SUCCESS; 701 702 /* check if session needs closing */ 703 mgs_handle_t *ctxt = (mgs_handle_t *) data; 704 if (ctxt->session != NULL) 705 { 706 int ret; 707 /* Try A Clean Shutdown */ 708 do 709 ret = gnutls_bye(ctxt->session, GNUTLS_SHUT_WR); 710 while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN); 711 if (ret != GNUTLS_E_SUCCESS) 712 ap_log_cerror(APLOG_MARK, APLOG_INFO, ret, ctxt->c, 713 "%s: error while closing TLS %sconnection: %s (%d)", 714 __func__, IS_PROXY_STR(ctxt), 715 gnutls_strerror(ret), ret); 716 else 717 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, ret, ctxt->c, 718 "%s: TLS %sconnection closed.", 719 __func__, IS_PROXY_STR(ctxt)); 720 /* De-Initialize Session */ 721 gnutls_deinit(ctxt->session); 722 ctxt->session = NULL; 723 } 724 return APR_SUCCESS; 725 } 726 686 727 static void create_gnutls_handle(conn_rec * c) 687 728 { … … 727 768 "gnutls_session_ticket_enable_client failed: %s (%d)", 728 769 gnutls_strerror(err), err); 770 /* Try to close and deinit the session when the connection 771 * pool is cleared. Note that mod_proxy might not close 772 * connections immediately, if you need that, look at the 773 * "proxy-nokeepalive" environment variable for 774 * mod_proxy_http. */ 775 apr_pool_pre_cleanup_register(c->pool, ctxt, cleanup_gnutls_session); 729 776 } 730 777 else
Note: See TracChangeset
for help on using the changeset viewer.