VladPolskiy/apache-http-server
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-10 02:56:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for TLS Next Protocol Negotiation:

Browse Source 
* modules/ssl/mod_ssl.c, modules/ssl/mod_ssl.h: Add and implement new
  hooks for next protocol advertisement/discovery.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Enable
  NPN advertisement callback in handshake.

* modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Invoke
  next-protocol discovery hook.

* modules/ssl/ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos): 
  New callback.

* modules/ssl/ssl_private.h: Add prototype.

Submitted by: Matthew Steele <mdsteele google.com>
  with slight tweaks by jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1332643 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
2012-05-01 13:27:14 +00:00
parent 6d378e85a0
commit dd5f55ce6b
7 changed files with 153 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
modules/ssl/mod_ssl.h
View File

@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
/** The npn_advertise_protos optional hook allows other modules to add entries
* to the list of protocol names advertised by the server during the Next
* Protocol Negotiation (NPN) portion of the SSL handshake. The hook callee is
* given the connection and an APR array; it should push one or more char*'s
* pointing to null-terminated strings (such as "http/1.1" or "spdy/2") onto
* the array and return OK, or do nothing and return DECLINED. */
APR_DECLARE_EXTERNAL_HOOK(modssl, AP, int, npn_advertise_protos_hook,
(conn_rec *connection, apr_array_header_t *protos));
/** The npn_proto_negotiated optional hook allows other modules to discover the
* name of the protocol that was chosen during the Next Protocol Negotiation
* (NPN) portion of the SSL handshake. Note that this may be the empty string
* (in which case modules should probably assume HTTP), or it may be a protocol
* that was never even advertised by the server. The hook callee is given the
* connection, a non-null-terminated string containing the protocol name, and
* the length of the string; it should do something appropriate (i.e. insert or
* remove filters) and return OK, or do nothing and return DECLINED. */
APR_DECLARE_EXTERNAL_HOOK(modssl, AP, int, npn_proto_negotiated_hook,
(conn_rec *connection, const char *proto_name,
apr_size_t proto_name_len));
#endif /* __MOD_SSL_H__ */
/** @} */