Hello! On Thu, Jun 22, 2017 at 01:24:57PM +0000, Karstens, Nate wrote:
> # HG changeset patch > # User Nate Karstens <[email protected]> > # Date 1498137207 18000 > # Thu Jun 22 08:13:27 2017 -0500 > # Node ID a4635fa4a0cabf5312cda617b8010ea14279ab1c > # Parent 3fb3c4928d06029ca1d57853a163c9f56fa90bca > PSK: add PSK identity variable Style: "SSL: " prefix, dot. > > Adds the variable $ssl_psk_identity to get the PSK identity > used in a connnection secured with a PSK cipher suite. > > Signed-off-by: Nate Karstens <[email protected]> > > diff -r 3fb3c4928d06 -r a4635fa4a0ca src/event/ngx_event_openssl.c > --- a/src/event/ngx_event_openssl.c Thu Jun 22 08:13:00 2017 -0500 > +++ b/src/event/ngx_event_openssl.c Thu Jun 22 08:13:27 2017 -0500 > @@ -4147,6 +4147,33 @@ > } > > > +ngx_int_t > +ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) > +{ > + const char *identity; > + size_t len; Style: two spaces between type and "*", order from short type to long type. > + > + identity = SSL_get_psk_identity(c->ssl->connection); > + > + if (identity == NULL) { > + s->len = 0; > + return NGX_OK; > + } > + > + len = ngx_strlen(identity); > + > + s->data = ngx_pnalloc(pool, len); > + if (s->data == NULL) { > + return NGX_ERROR; > + } > + > + ngx_memcpy(s->data, identity, len); > + s->len = len; Is the allocation of additional buffer is needed here? For example, in ngx_ssl_get_server_name() we simply use the memory returned. > + > + return NGX_OK; > +} > + > + > static time_t > ngx_ssl_parse_time( > #if OPENSSL_VERSION_NUMBER > 0x10100000L > diff -r 3fb3c4928d06 -r a4635fa4a0ca src/event/ngx_event_openssl.h > --- a/src/event/ngx_event_openssl.h Thu Jun 22 08:13:00 2017 -0500 > +++ b/src/event/ngx_event_openssl.h Thu Jun 22 08:13:27 2017 -0500 > @@ -233,6 +233,8 @@ > ngx_str_t *s); > ngx_int_t ngx_ssl_get_client_v_remain(ngx_connection_t *c, ngx_pool_t *pool, > ngx_str_t *s); > +ngx_int_t ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, > + ngx_str_t *s); > > > ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); > diff -r 3fb3c4928d06 -r a4635fa4a0ca src/http/modules/ngx_http_ssl_module.c > --- a/src/http/modules/ngx_http_ssl_module.c Thu Jun 22 08:13:00 2017 -0500 > +++ b/src/http/modules/ngx_http_ssl_module.c Thu Jun 22 08:13:27 2017 -0500 > @@ -336,6 +336,9 @@ > { ngx_string("ssl_client_v_remain"), NULL, ngx_http_ssl_variable, > (uintptr_t) ngx_ssl_get_client_v_remain, NGX_HTTP_VAR_CHANGEABLE, 0 }, > > + { ngx_string("ssl_psk_identity"), NULL, ngx_http_ssl_variable, > + (uintptr_t) ngx_ssl_get_psk_identity, NGX_HTTP_VAR_CHANGEABLE, 0 }, > + > { ngx_null_string, NULL, NULL, 0, 0, 0 } > }; > > > ________________________________ > > CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use > of the intended recipient(s) and contain information that may be Garmin > confidential and/or Garmin legally privileged. If you have received this > email in error, please notify the sender by reply email and delete the > message. Any disclosure, copying, distribution or use of this communication > (including attachments) by someone other than the intended recipient is > prohibited. Thank you. > _______________________________________________ > nginx-devel mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx-devel -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
