Maxim Dounin
August 25, 2022 11:14PM
# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1661481954 -10800
# Fri Aug 26 05:45:54 2022 +0300
# Node ID 92c96bf72bc64b49bf8825a8c1d6159af4cb3d32
# Parent 84919c2ee8173f704649a8cb4901887e1bf79588
SSL: renamed session ticket key type.

The ngx_ssl_session_ticket_key_t is way too long, renamed to
ngx_ssl_ticket_key_t to simplify writing code.

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -4223,23 +4223,23 @@ ngx_ssl_session_rbtree_insert_value(ngx_
ngx_int_t
ngx_ssl_session_ticket_keys(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *paths)
{
- u_char buf[80];
- size_t size;
- ssize_t n;
- ngx_str_t *path;
- ngx_file_t file;
- ngx_uint_t i;
- ngx_array_t *keys;
- ngx_file_info_t fi;
- ngx_pool_cleanup_t *cln;
- ngx_ssl_session_ticket_key_t *key;
+ u_char buf[80];
+ size_t size;
+ ssize_t n;
+ ngx_str_t *path;
+ ngx_file_t file;
+ ngx_uint_t i;
+ ngx_array_t *keys;
+ ngx_file_info_t fi;
+ ngx_pool_cleanup_t *cln;
+ ngx_ssl_ticket_key_t *key;

if (paths == NULL) {
return NGX_OK;
}

keys = ngx_array_create(cf->pool, paths->nelts,
- sizeof(ngx_ssl_session_ticket_key_t));
+ sizeof(ngx_ssl_ticket_key_t));
if (keys == NULL) {
return NGX_ERROR;
}
@@ -4366,14 +4366,14 @@ ngx_ssl_session_ticket_key_callback(ngx_
unsigned char *name, unsigned char *iv, EVP_CIPHER_CTX *ectx,
HMAC_CTX *hctx, int enc)
{
- size_t size;
- SSL_CTX *ssl_ctx;
- ngx_uint_t i;
- ngx_array_t *keys;
- ngx_connection_t *c;
- ngx_ssl_session_ticket_key_t *key;
- const EVP_MD *digest;
- const EVP_CIPHER *cipher;
+ size_t size;
+ SSL_CTX *ssl_ctx;
+ ngx_uint_t i;
+ ngx_array_t *keys;
+ ngx_connection_t *c;
+ ngx_ssl_ticket_key_t *key;
+ const EVP_MD *digest;
+ const EVP_CIPHER *cipher;

c = ngx_ssl_get_connection(ssl_conn);
ssl_ctx = c->ssl->session_ctx;
@@ -4502,7 +4502,7 @@ ngx_ssl_session_ticket_keys_cleanup(void
ngx_array_t *keys = data;

ngx_explicit_memzero(keys->elts,
- keys->nelts * sizeof(ngx_ssl_session_ticket_key_t));
+ keys->nelts * sizeof(ngx_ssl_ticket_key_t));
}

#else
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -161,7 +161,7 @@ typedef struct {
u_char name[16];
u_char hmac_key[32];
u_char aes_key[32];
-} ngx_ssl_session_ticket_key_t;
+} ngx_ssl_ticket_key_t;

#endif


_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org
Subject Author Views Posted

[PATCH 00 of 11] SSL session handling patches

Maxim Dounin 703 August 25, 2022 11:14PM

[PATCH 06 of 11] SSL: explicit clearing of expired sessions

Maxim Dounin 320 August 25, 2022 11:14PM

[PATCH 04 of 11] SSL: explicit session id length checking

Maxim Dounin 213 August 25, 2022 11:14PM

Re: [PATCH 04 of 11] SSL: explicit session id length checking

Sergey Kandaurov 198 September 15, 2022 01:42AM

Re: [PATCH 04 of 11] SSL: explicit session id length checking

Maxim Dounin 239 September 16, 2022 05:04PM

Re: [PATCH 04 of 11] SSL: explicit session id length checking

Sergey Kandaurov 200 September 26, 2022 06:14AM

[PATCH 08 of 11] SSL: renamed session ticket key type

Maxim Dounin 210 August 25, 2022 11:14PM

[PATCH 10 of 11] SSL: shorter debug messages about session tickets

Maxim Dounin 213 August 25, 2022 11:14PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 122
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready