3party/mongoose
0
0
Fork 0
mirror of https://github.com/cesanta/mongoose.git synced 2024-12-29 16:25:54 +08:00
Code Issues Projects Releases Wiki Activity

Allow OpenSSL session reuse on 2-way SSL, integrate https://github.com/cesanta/mongoose/pull/877

Browse Source 
PUBLISHED_FROM=6e2568b963869d062dd51b590f8e536d043c4ca2
This commit is contained in:
Sergey Lyubka 2020-05-11 14:09:29 +01:00
parent 4ea452307e
commit 3d53ed17fb
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
mongoose.c
View File

@ -4474,6 +4474,8 @@ struct mg_iface *mg_socks_mk_iface(struct mg_mgr *mgr, const char *proxy_addr) {
#include <openssl/tls1.h> #include <openssl/tls1.h>
#endif #endif
static const char *mg_default_session_id_context = "mongoose";
struct mg_ssl_if_ctx { struct mg_ssl_if_ctx {
SSL *ssl; SSL *ssl;
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
@ -4535,6 +4537,9 @@ enum mg_ssl_if_result mg_ssl_if_conn_init(
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_set_session_id_context(ctx->ssl_ctx,
(void *) mg_default_session_id_context,
strlen(mg_default_session_id_context));
#ifdef MG_SSL_OPENSSL_NO_COMPRESSION #ifdef MG_SSL_OPENSSL_NO_COMPRESSION
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_COMPRESSION); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_COMPRESSION);
#endif #endif

5
src/mg_ssl_if_openssl.c
View File

@ -15,6 +15,8 @@
#include <openssl/tls1.h> #include <openssl/tls1.h>
#endif #endif
static const char *mg_default_session_id_context = "mongoose";
struct mg_ssl_if_ctx { struct mg_ssl_if_ctx {
SSL *ssl; SSL *ssl;
SSL_CTX *ssl_ctx; SSL_CTX *ssl_ctx;
@ -76,6 +78,9 @@ enum mg_ssl_if_result mg_ssl_if_conn_init(
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_set_session_id_context(ctx->ssl_ctx,
(void *) mg_default_session_id_context,
strlen(mg_default_session_id_context));
#ifdef MG_SSL_OPENSSL_NO_COMPRESSION #ifdef MG_SSL_OPENSSL_NO_COMPRESSION
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_COMPRESSION); SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_COMPRESSION);
#endif #endif