Changeset e6d9e47 in mod_gnutls for src/gnutls_proxy.c


Ignore:
Timestamp:
Jun 5, 2020, 3:42:56 PM (2 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
master
Children:
796d9a3
Parents:
641d11b
Message:

Move the callback for incoming tickets into gnutls_proxy.c

It's only used for proxy connection, so that's the appropriate
location.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_proxy.c

    r641d11b re6d9e47  
    297297
    298298
     299int mgs_proxy_got_ticket_func(gnutls_session_t session,
     300                              unsigned int htype,
     301                              unsigned when,
     302                              unsigned int incoming __attribute__((unused)),
     303                              const gnutls_datum_t *msg __attribute__((unused)))
     304{
     305    /* Ignore all unexpected messages */
     306    if (htype != GNUTLS_HANDSHAKE_NEW_SESSION_TICKET
     307        || when != GNUTLS_HOOK_POST)
     308        return GNUTLS_E_SUCCESS;
     309
     310    mgs_handle_t *ctxt = gnutls_session_get_ptr(session);
     311    if (!(gnutls_session_get_flags(session) & GNUTLS_SFLAGS_SESSION_TICKET))
     312    {
     313        ap_log_cerror(APLOG_MARK, APLOG_WARNING, APR_SUCCESS, ctxt->c,
     314                      "%s called but session has no ticket!",
     315                      __func__);
     316        /* Tickets are optional, so don't break the session on
     317         * errors. */
     318        return GNUTLS_E_SUCCESS;
     319    }
     320
     321    /* No cache means we cannot cache tickets. */
     322    if (!ctxt->sc->cache_enable)
     323        return GNUTLS_E_SUCCESS;
     324
     325    gnutls_datum_t ticket;
     326    int ret = gnutls_session_get_data2(session, &ticket);
     327    if (ret != GNUTLS_E_SUCCESS)
     328    {
     329        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
     330                      "%s: error reading session ticket: %s (%d)",
     331                      __func__, gnutls_strerror(ret), ret);
     332        if (ticket.data)
     333            gnutls_free(ticket.data);
     334        return GNUTLS_E_SUCCESS;
     335    }
     336
     337    apr_time_t expiry = apr_time_now() + ctxt->sc->cache_timeout;
     338    ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
     339                  "%s: caching session ticket for %s (%u bytes)",
     340                  __func__, ctxt->proxy_ticket_key.data, ticket.size);
     341    mgs_cache_store(ctxt->sc->cache, ctxt->c->base_server,
     342                    ctxt->proxy_ticket_key, ticket, expiry);
     343    gnutls_free(ticket.data);
     344    return GNUTLS_E_SUCCESS;
     345}
     346
     347
     348
    299349/**
    300350 * Returns either a valid hostname for use with SNI, or NULL.
Note: See TracChangeset for help on using the changeset viewer.