summaryrefslogtreecommitdiffstatsabout
diff options
context:
space:
mode:
-rw-r--r--src/gnutls_hooks.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 9ebf771..4155158 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -33,6 +33,7 @@ static apr_file_t *debug_log_fp;
33#endif 33#endif
34 34
35static int mpm_is_threaded; 35static int mpm_is_threaded;
36static gnutls_datum session_ticket_key = { NULL, 0 };
36 37
37static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt); 38static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt);
38/* use side==0 for server and side==1 for client */ 39/* use side==0 for server and side==1 for client */
@@ -97,6 +98,11 @@ int ret;
97 _gnutls_log(debug_log_fp, "gnutls_global_init: %s\n", gnutls_strerror(ret)); 98 _gnutls_log(debug_log_fp, "gnutls_global_init: %s\n", gnutls_strerror(ret));
98 return -3; 99 return -3;
99 } 100 }
101
102 ret = gnutls_session_ticket_key_generate( &session_ticket_key);
103 if (ret < 0) {
104 _gnutls_log(debug_log_fp, "gnutls_session_ticket_key_generate: %s\n", gnutls_strerror(ret));
105 }
100 106
101 apr_pool_cleanup_register(pconf, NULL, mgs_cleanup_pre_config, 107 apr_pool_cleanup_register(pconf, NULL, mgs_cleanup_pre_config,
102 apr_pool_cleanup_null); 108 apr_pool_cleanup_null);
@@ -144,7 +150,7 @@ static int mgs_select_virtual_server_cb(gnutls_session_t session)
144 /* update the priorities - to avoid negotiating a ciphersuite that is not 150 /* update the priorities - to avoid negotiating a ciphersuite that is not
145 * enabled on this virtual server. Note that here we ignore the version 151 * enabled on this virtual server. Note that here we ignore the version
146 * negotiation. 152 * negotiation.
147 */ 153 */
148 ret = gnutls_priority_set(session, ctxt->sc->priorities); 154 ret = gnutls_priority_set(session, ctxt->sc->priorities);
149 /* actually it shouldn't fail since we have checked at startup */ 155 /* actually it shouldn't fail since we have checked at startup */
150 if (ret < 0) 156 if (ret < 0)
@@ -658,6 +664,8 @@ static mgs_handle_t *create_gnutls_handle(apr_pool_t * pool, conn_rec * c)
658 ctxt->output_length = 0; 664 ctxt->output_length = 0;
659 665
660 gnutls_init(&ctxt->session, GNUTLS_SERVER); 666 gnutls_init(&ctxt->session, GNUTLS_SERVER);
667 if (session_ticket_key.data != NULL)
668 gnutls_session_ticket_enable_server(ctxt->session, &session_ticket_key);
661 669
662 /* because we don't set any default priorities here (we set later at 670 /* because we don't set any default priorities here (we set later at
663 * the user hello callback) we need to at least set this in order for 671 * the user hello callback) we need to at least set this in order for