# HG changeset patch # User Nate Karstens <[email protected]> # Date 1501265895 18000 # Fri Jul 28 13:18:15 2017 -0500 # Node ID 00a1466fe33b8969ef765d8d0547dfbc7c97dd4e # Parent 9537b7d299131e41a3f5993257000d328e28b117 SSL: add PSK identity variable.
Adds the variable $ssl_psk_identity to get the PSK identity used in a connnection secured with a PSK cipher suite. Signed-off-by: Nate Karstens <[email protected]> diff -r 9537b7d29913 -r 00a1466fe33b src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c Fri Jul 28 13:17:29 2017 -0500 +++ b/src/event/ngx_event_openssl.c Fri Jul 28 13:18:15 2017 -0500 @@ -4249,6 +4249,22 @@ ngx_ssl_get_client_v_remain(ngx_connecti } +ngx_int_t +ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) +{ + const char *identity; + + identity = SSL_get_psk_identity(c->ssl->connection); + + if (identity) { + s->data = (u_char *) identity; + s->len = ngx_strlen(identity); + } + + return NGX_OK; +} + + static time_t ngx_ssl_parse_time( #if OPENSSL_VERSION_NUMBER > 0x10100000L diff -r 9537b7d29913 -r 00a1466fe33b src/event/ngx_event_openssl.h --- a/src/event/ngx_event_openssl.h Fri Jul 28 13:17:29 2017 -0500 +++ b/src/event/ngx_event_openssl.h Fri Jul 28 13:18:15 2017 -0500 @@ -233,6 +233,8 @@ ngx_int_t ngx_ssl_get_client_v_end(ngx_c ngx_str_t *s); ngx_int_t ngx_ssl_get_client_v_remain(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s); +ngx_int_t ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, + ngx_str_t *s); ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); diff -r 9537b7d29913 -r 00a1466fe33b src/http/modules/ngx_http_ssl_module.c --- a/src/http/modules/ngx_http_ssl_module.c Fri Jul 28 13:17:29 2017 -0500 +++ b/src/http/modules/ngx_http_ssl_module.c Fri Jul 28 13:18:15 2017 -0500 @@ -336,6 +336,9 @@ static ngx_http_variable_t ngx_http_ssl { ngx_string("ssl_client_v_remain"), NULL, ngx_http_ssl_variable, (uintptr_t) ngx_ssl_get_client_v_remain, NGX_HTTP_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_psk_identity"), NULL, ngx_http_ssl_variable, + (uintptr_t) ngx_ssl_get_psk_identity, NGX_HTTP_VAR_CHANGEABLE, 0 }, + { ngx_null_string, NULL, NULL, 0, 0, 0 } }; ________________________________ CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of the intended recipient(s) and contain information that may be Garmin confidential and/or Garmin legally privileged. If you have received this email in error, please notify the sender by reply email and delete the message. Any disclosure, copying, distribution or use of this communication (including attachments) by someone other than the intended recipient is prohibited. Thank you. _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
