Changeset e819f13 in mod_gnutls


Ignore:
Timestamp:
Jan 25, 2020, 11:03:50 AM (10 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
asyncio, master, proxy-ticket
Children:
f51d359
Parents:
f4f837a
Message:

Unconditionally enable early SNI parsing

All supported GnuTLS versions provide gnutls_ext_raw_parse(), so
there's no more need to provide a fallback for older versions.

Files:
1 deleted
4 edited

Legend:

Unmodified
Added
Removed
  • configure.ac

    rf4f837a re819f13  
    7171        GNUTLS_FEAT_CFLAGS="-DENABLE_SRP=1"
    7272fi
    73 
    74 # check if the available GnuTLS library supports raw extension parsing
    75 AC_SEARCH_LIBS([gnutls_ext_raw_parse], [gnutls], [early_sni="yes"],
    76         [early_sni="no"])
    77 if test "$early_sni" != "no"; then
    78         ENABLE_EARLY_SNI=1
    79         # This is for the test server configuration
    80         EXPECT_EARLY_SNI="Define EXPECT_EARLY_SNI"
    81 else
    82         ENABLE_EARLY_SNI=0
    83         EXPECT_EARLY_SNI=""
    84 fi
    85 AC_SUBST(ENABLE_EARLY_SNI)
    86 AC_SUBST(EXPECT_EARLY_SNI)
    87 AM_SUBST_NOTMAKE(EXPECT_EARLY_SNI)
    8873
    8974AC_ARG_ENABLE(strict,
     
    290275                        doc/Makefile doc/doxygen.conf include/mod_gnutls.h \
    291276                        test/proxy_backend.conf test/ocsp_server.conf \
    292                         test/apache-conf/early_sni.conf \
    293277                        test/apache-conf/listen.conf \
    294278                        test/apache-conf/netns.conf])
     
    305289echo "   * SRP Authentication:  ${use_srp}"
    306290echo "   * MSVA Client Verification:    ${use_msva}"
    307 echo "   * Early SNI:                   ${early_sni}"
    308291echo "   * Build documentation: ${build_doc}"
    309292echo ""
  • include/mod_gnutls.h.in

    rf4f837a re819f13  
    5050/* Module Debug Mode */
    5151#define MOD_GNUTLS_DEBUG @OOO_MAINTAIN@
    52 
    53 /* Compile support for early SNI? */
    54 #if @ENABLE_EARLY_SNI@ == 1
    55 #define ENABLE_EARLY_SNI
    56 #endif
    5752
    5853/** Name of the module-wide singleton watchdog */
  • src/gnutls_hooks.c

    rf4f837a re819f13  
    10221022
    10231023
    1024 #ifdef ENABLE_EARLY_SNI
    10251024/**
    10261025 * Pre client hello hook function for GnuTLS that implements early SNI
     
    10931092    return ret;
    10941093}
    1095 #endif
    10961094
    10971095
     
    11891187                      "gnutls_priority_set failed!");
    11901188
    1191 #ifdef ENABLE_EARLY_SNI
    1192     /* Pre-handshake hook, EXPERIMENTAL */
     1189    /* Pre-handshake hook for early SNI parsing */
    11931190    gnutls_handshake_set_hook_function(ctxt->session,
    11941191                                       GNUTLS_HANDSHAKE_CLIENT_HELLO,
    11951192                                       GNUTLS_HOOK_PRE, early_sni_hook);
    1196 #else
    1197     prepare_alpn_proposals(ctxt);
    1198 #endif
    11991193
    12001194    /* Post client hello hook (called after GnuTLS has parsed it) */
  • test/tests/28_HTTP2_support/apache.conf

    rf4f837a re819f13  
    99</Location>
    1010
    11 <IfDefine EXPECT_EARLY_SNI>
    1211# Different ALPN settings on the same port work only with early SNI
    1312<VirtualHost _default_:${TEST_PORT}>
     
    1918        GnuTLSPriorities        NORMAL
    2019</VirtualHost>
    21 </IfDefine>
    2220
    2321<VirtualHost _default_:${TEST_PORT}>
Note: See TracChangeset for help on using the changeset viewer.