# HG changeset patch # User Nate Karstens <[email protected]> # Date 1498137207 18000 # Thu Jun 22 08:13:27 2017 -0500 # Node ID a4635fa4a0cabf5312cda617b8010ea14279ab1c # Parent 3fb3c4928d06029ca1d57853a163c9f56fa90bca PSK: add PSK identity variable
Adds the variable $ssl_psk_identity to get the PSK identity used in a connnection secured with a PSK cipher suite. Signed-off-by: Nate Karstens <[email protected]> diff -r 3fb3c4928d06 -r a4635fa4a0ca src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c Thu Jun 22 08:13:00 2017 -0500 +++ b/src/event/ngx_event_openssl.c Thu Jun 22 08:13:27 2017 -0500 @@ -4147,6 +4147,33 @@ } +ngx_int_t +ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) +{ + const char *identity; + size_t len; + + identity = SSL_get_psk_identity(c->ssl->connection); + + if (identity == NULL) { + s->len = 0; + return NGX_OK; + } + + len = ngx_strlen(identity); + + s->data = ngx_pnalloc(pool, len); + if (s->data == NULL) { + return NGX_ERROR; + } + + ngx_memcpy(s->data, identity, len); + s->len = len; + + return NGX_OK; +} + + static time_t ngx_ssl_parse_time( #if OPENSSL_VERSION_NUMBER > 0x10100000L diff -r 3fb3c4928d06 -r a4635fa4a0ca src/event/ngx_event_openssl.h --- a/src/event/ngx_event_openssl.h Thu Jun 22 08:13:00 2017 -0500 +++ b/src/event/ngx_event_openssl.h Thu Jun 22 08:13:27 2017 -0500 @@ -233,6 +233,8 @@ ngx_str_t *s); ngx_int_t ngx_ssl_get_client_v_remain(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s); +ngx_int_t ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, + ngx_str_t *s); ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); diff -r 3fb3c4928d06 -r a4635fa4a0ca src/http/modules/ngx_http_ssl_module.c --- a/src/http/modules/ngx_http_ssl_module.c Thu Jun 22 08:13:00 2017 -0500 +++ b/src/http/modules/ngx_http_ssl_module.c Thu Jun 22 08:13:27 2017 -0500 @@ -336,6 +336,9 @@ { ngx_string("ssl_client_v_remain"), NULL, ngx_http_ssl_variable, (uintptr_t) ngx_ssl_get_client_v_remain, NGX_HTTP_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_psk_identity"), NULL, ngx_http_ssl_variable, + (uintptr_t) ngx_ssl_get_psk_identity, NGX_HTTP_VAR_CHANGEABLE, 0 }, + { ngx_null_string, NULL, NULL, 0, 0, 0 } }; ________________________________ CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of the intended recipient(s) and contain information that may be Garmin confidential and/or Garmin legally privileged. If you have received this email in error, please notify the sender by reply email and delete the message. Any disclosure, copying, distribution or use of this communication (including attachments) by someone other than the intended recipient is prohibited. Thank you. _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
