aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Nikos Mavrogiannopoulos
2010-07-01 03:09:56 +0200
committerGravatar Nokis Mavrogiannopoulos 2007-12-03 18:39:16 +0000
commitf8fa1f35348c471e27f0a416e4d9d5f660b5dfa0 (patch)
treeecf769ab55650968fb8943deb2e460ea59e87944
parent16d0fc76a6981f3f2562cdcade76179e9805dfd8 (diff)
Diffstat
-rw-r--r--NEWS2
1 files changed, 1 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 81a6954..e4b908d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,4 +1,4 @@
1** Version 0.4.1 (unreleased) 1** Version 0.4.1 (2007-12-03)
2 2
3- Added support for subject alternative names in certificates. 3- Added support for subject alternative names in certificates.
4Only one per certificate is supported. 4Only one per certificate is supported.
generated by cgit (git 2.34.1) at 2025-06-07 11:10:35 +0000
n8'>8- Added support for session tickets. This allows a 8- Added support for session tickets. This allows a 9 server to avoid using a session cache and still support 9 server to avoid using a session cache and still support 10 session resumption. This is at the cost of transporting 10 session resumption. This is at the cost of transporting 11 session data during handshake. 11 session data during handshake. New option 12 GnuTLSSessionTickets [on|off] 12 13 13- Depend on gnutls 2.10.0 to force support for safe 14- Depend on gnutls 2.10.0 to force support for safe 14 renegotiation. 15 renegotiation.
diff --git a/include/mod_gnutls.h.in b/include/mod_gnutls.h.in
index 40d0c40..5bb8514 100644
--- a/include/mod_gnutls.h.in
+++ b/include/mod_gnutls.h.in
@@ -109,6 +109,7 @@ typedef struct 109 unsigned int ca_list_size; 109 unsigned int ca_list_size; 110 int client_verify_mode; 110 int client_verify_mode; 111 apr_time_t last_cache_check; 111 apr_time_t last_cache_check; 112 int tickets; /* whether session tickets are allowed */ 112} mgs_srvconf_rec; 113} mgs_srvconf_rec; 113 114 114typedef struct { 115typedef struct {@@ -280,6 +281,8 @@ const char *mgs_set_export_certificates_enabled(cmd_parms * parms, void *dummy, 280 const char *arg); 281 const char *arg); 281const char *mgs_set_priorities(cmd_parms * parms, void *dummy, 282const char *mgs_set_priorities(cmd_parms * parms, void *dummy, 282 const char *arg); 283 const char *arg); 284const char *mgs_set_tickets(cmd_parms * parms, void *dummy, 285 const char *arg); 283 286 284const char *mgs_set_require_section(cmd_parms *cmd, 287const char *mgs_set_require_section(cmd_parms *cmd, 285 void *mconfig, const char *arg); 288 void *mconfig, const char *arg);
diff --git a/src/gnutls_config.c b/src/gnutls_config.c
index d75e785..ca26a2d 100644
--- a/src/gnutls_config.c
+++ b/src/gnutls_config.c
@@ -285,6 +285,22 @@ const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy, 285 return NULL; 285 return NULL; 286} 286} 287 287 288const char *mgs_set_tickets(cmd_parms * parms, void *dummy, 289 const char *arg) 290{ 291 mgs_srvconf_rec *sc = 292 (mgs_srvconf_rec *) ap_get_module_config(parms->server-> 293 module_config, 294 &gnutls_module); 295 296 sc->tickets = 0; 297 if (strcasecmp("on", arg) == 0) { 298 sc->tickets = 1; 299 } 300 301 return NULL; 302} 303 288 304 289#ifdef ENABLE_SRP 305#ifdef ENABLE_SRP 290 306
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 2130cb0..032e6f3 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -673,7 +673,7 @@ static mgs_handle_t *create_gnutls_handle(apr_pool_t * pool, conn_rec * c) 673 ctxt->output_length = 0; 673 ctxt->output_length = 0; 674 674 675 gnutls_init(&ctxt->session, GNUTLS_SERVER); 675 gnutls_init(&ctxt->session, GNUTLS_SERVER); 676 if (session_ticket_key.data != NULL) 676 if (session_ticket_key.data != NULL && ctxt->sc->tickets != 0) 677 gnutls_session_ticket_enable_server(ctxt->session, &session_ticket_key); 677 gnutls_session_ticket_enable_server(ctxt->session, &session_ticket_key); 678 678 679 /* because we don't set any default priorities here (we set later at 679 /* because we don't set any default priorities here (we set later at
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
index 08e7dba..c95d183 100644
--- a/src/mod_gnutls.c
+++ b/src/mod_gnutls.c
@@ -121,6 +121,10 @@ static const command_rec mgs_config_cmds[] = { 121 NULL, 121 NULL, 122 RSRC_CONF, 122 RSRC_CONF, 123 "Cache Configuration"), 123 "Cache Configuration"), 124 AP_INIT_TAKE1("GnuTLSSessionTickets", mgs_set_tickets, 125 NULL, 126 RSRC_CONF, 127 "Session Tickets Configuration"), 124 AP_INIT_RAW_ARGS("GnuTLSPriorities", mgs_set_priorities, 128 AP_INIT_RAW_ARGS("GnuTLSPriorities", mgs_set_priorities, 125 NULL, 129 NULL, 126 RSRC_CONF, 130 RSRC_CONF,
generated by cgit (git 2.34.1) at 2025-06-07 11:10:35 +0000