[PATCH 3 of 3] PSK: add PSK identity variable

Karstens, Nate Nate.Karstens at garmin.com
Thu Jun 1 17:21:35 UTC 2017 

# HG changeset patch
# User Nate Karstens <nate.karstens at garmin.com>
# Date 1496332963 18000
#      Thu Jun 01 11:02:43 2017 -0500
# Node ID cb09937f63834ab74b49a76b9b158dd0a5871309
# Parent  7aa7771191d61ef635478460017446bca1f6db55
PSK: add PSK identity variable

Adds the variable $ssl_psk_identity to get the PSK identity
used in a connnection secured with a PSK cipher suite.

Signed-off-by: Nate Karstens <nate.karstens at garmin.com>

diff -r 7aa7771191d6 -r cb09937f6383 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c     Thu Jun 01 11:01:05 2017 -0500
+++ b/src/event/ngx_event_openssl.c     Thu Jun 01 11:02:43 2017 -0500
@@ -4286,6 +4286,33 @@
 }


+ngx_int_t
+ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
+{
+    const char *identity;
+    size_t      len;
+
+    identity = SSL_get_psk_identity(c->ssl->connection);
+
+    if (identity == NULL) {
+        s->len = 0;
+        return NGX_OK;
+    }
+
+    len = ngx_strlen(identity);
+
+    s->data = ngx_pnalloc(pool, len);
+    if (s->data == NULL) {
+        return NGX_ERROR;
+    }
+
+    ngx_memcpy(s->data, identity, len);
+    s->len = len;
+
+    return NGX_OK;
+}
+
+
 static time_t
 ngx_ssl_parse_time(
 #if OPENSSL_VERSION_NUMBER > 0x10100000L
diff -r 7aa7771191d6 -r cb09937f6383 src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h     Thu Jun 01 11:01:05 2017 -0500
+++ b/src/event/ngx_event_openssl.h     Thu Jun 01 11:02:43 2017 -0500
@@ -235,6 +235,8 @@
     ngx_str_t *s);
 ngx_int_t ngx_ssl_get_client_v_remain(ngx_connection_t *c, ngx_pool_t *pool,
     ngx_str_t *s);
+ngx_int_t ngx_ssl_get_psk_identity(ngx_connection_t *c, ngx_pool_t *pool,
+    ngx_str_t *s);


 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);
diff -r 7aa7771191d6 -r cb09937f6383 src/http/modules/ngx_http_ssl_module.c
--- a/src/http/modules/ngx_http_ssl_module.c    Thu Jun 01 11:01:05 2017 -0500
+++ b/src/http/modules/ngx_http_ssl_module.c    Thu Jun 01 11:02:43 2017 -0500
@@ -357,6 +357,9 @@
     { ngx_string("ssl_client_v_remain"), NULL, ngx_http_ssl_variable,
       (uintptr_t) ngx_ssl_get_client_v_remain, NGX_HTTP_VAR_CHANGEABLE, 0 },

+    { ngx_string("ssl_psk_identity"), NULL, ngx_http_ssl_variable,
+      (uintptr_t) ngx_ssl_get_psk_identity, NGX_HTTP_VAR_CHANGEABLE, 0 },
+
     { ngx_null_string, NULL, NULL, 0, 0, 0 }
 };

________________________________

CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of the intended recipient(s) and contain information that may be Garmin confidential and/or Garmin legally privileged. If you have received this email in error, please notify the sender by reply email and delete the message. Any disclosure, copying, distribution or use of this communication (including attachments) by someone other than the intended recipient is prohibited. Thank you.

More information about the nginx-devel mailing list