Deleted
Added
nxt_openssl.c (1967:98e518a1c90e) | nxt_openssl.c (1975:6a47cab8f271) |
---|---|
1 2/* 3 * Copyright (C) Igor Sysoev 4 * Copyright (C) NGINX, Inc. 5 */ 6 7#include <nxt_main.h> 8#include <nxt_conf.h> --- 607 unchanged lines hidden (view full) --- 616#endif 617 618#if (NXT_HAVE_OPENSSL_TLSEXT) 619 620static nxt_int_t 621nxt_tls_ticket_keys(nxt_task_t *task, SSL_CTX *ctx, nxt_tls_init_t *tls_init, 622 nxt_mp_t *mp) 623{ | 1 2/* 3 * Copyright (C) Igor Sysoev 4 * Copyright (C) NGINX, Inc. 5 */ 6 7#include <nxt_main.h> 8#include <nxt_conf.h> --- 607 unchanged lines hidden (view full) --- 616#endif 617 618#if (NXT_HAVE_OPENSSL_TLSEXT) 619 620static nxt_int_t 621nxt_tls_ticket_keys(nxt_task_t *task, SSL_CTX *ctx, nxt_tls_init_t *tls_init, 622 nxt_mp_t *mp) 623{ |
624 size_t len; |
|
624 uint32_t i; | 625 uint32_t i; |
625 nxt_int_t ret; | |
626 nxt_str_t value; 627 nxt_uint_t count; 628 nxt_conf_value_t *member, *tickets_conf; 629 nxt_tls_ticket_t *ticket; 630 nxt_tls_tickets_t *tickets; 631 u_char buf[80]; 632 633 tickets_conf = tls_init->tickets_conf; --- 47 unchanged lines hidden (view full) --- 681 682 } else { 683 /* nxt_conf_type(tickets_conf) == NXT_CONF_STRING */ 684 member = tickets_conf; 685 } 686 687 nxt_conf_get_string(member, &value); 688 | 626 nxt_str_t value; 627 nxt_uint_t count; 628 nxt_conf_value_t *member, *tickets_conf; 629 nxt_tls_ticket_t *ticket; 630 nxt_tls_tickets_t *tickets; 631 u_char buf[80]; 632 633 tickets_conf = tls_init->tickets_conf; --- 47 unchanged lines hidden (view full) --- 681 682 } else { 683 /* nxt_conf_type(tickets_conf) == NXT_CONF_STRING */ 684 member = tickets_conf; 685 } 686 687 nxt_conf_get_string(member, &value); 688 |
689 ret = nxt_openssl_base64_decode(buf, 80, value.start, value.length); 690 if (nxt_slow_path(ret == NXT_ERROR)) { 691 return NXT_ERROR; 692 } | 689 len = nxt_base64_decode(buf, value.start, value.length); |
693 694 nxt_memcpy(ticket->name, buf, 16); 695 | 690 691 nxt_memcpy(ticket->name, buf, 16); 692 |
696 if (ret == 48) { | 693 if (len == 48) { |
697 nxt_memcpy(ticket->aes_key, buf + 16, 16); 698 nxt_memcpy(ticket->hmac_key, buf + 32, 16); 699 ticket->size = 16; 700 701 } else { 702 nxt_memcpy(ticket->hmac_key, buf + 16, 32); 703 nxt_memcpy(ticket->aes_key, buf + 48, 32); 704 ticket->size = 32; --- 1108 unchanged lines hidden (view full) --- 1813 } 1814 1815 if (p < end) { 1816 *p++ = ')'; 1817 } 1818 1819 return p; 1820} | 694 nxt_memcpy(ticket->aes_key, buf + 16, 16); 695 nxt_memcpy(ticket->hmac_key, buf + 32, 16); 696 ticket->size = 16; 697 698 } else { 699 nxt_memcpy(ticket->hmac_key, buf + 16, 32); 700 nxt_memcpy(ticket->aes_key, buf + 48, 32); 701 ticket->size = 32; --- 1108 unchanged lines hidden (view full) --- 1810 } 1811 1812 if (p < end) { 1813 *p++ = ')'; 1814 } 1815 1816 return p; 1817} |
1821 1822 1823nxt_int_t 1824nxt_openssl_base64_decode(u_char *d, size_t dlen, const u_char *s, size_t slen) 1825{ 1826 BIO *bio, *b64; 1827 nxt_int_t count, ret; 1828 u_char buf[128]; 1829 1830 b64 = BIO_new(BIO_f_base64()); 1831 if (nxt_slow_path(b64 == NULL)) { 1832 goto error; 1833 } 1834 1835 bio = BIO_new_mem_buf(s, slen); 1836 if (nxt_slow_path(bio == NULL)) { 1837 goto error; 1838 } 1839 1840 bio = BIO_push(b64, bio); 1841 1842 BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); 1843 1844 count = 0; 1845 1846 if (d == NULL) { 1847 1848 for ( ;; ) { 1849 ret = BIO_read(bio, buf, 128); 1850 1851 if (ret < 0) { 1852 goto invalid; 1853 } 1854 1855 count += ret; 1856 1857 if (ret != 128) { 1858 break; 1859 } 1860 } 1861 1862 } else { 1863 count = BIO_read(bio, d, dlen); 1864 1865 if (count < 0) { 1866 goto invalid; 1867 } 1868 } 1869 1870 BIO_free_all(bio); 1871 1872 return count; 1873 1874error: 1875 1876 BIO_vfree(b64); 1877 ERR_clear_error(); 1878 1879 return NXT_ERROR; 1880 1881invalid: 1882 1883 BIO_free_all(bio); 1884 ERR_clear_error(); 1885 1886 return NXT_DECLINED; 1887} | |