agentzh's encrypted session module
Jeffrey Walton
noloader at gmail.com
Sun Jan 5 07:59:52 UTC 2014
I've been studying agentzh's encrypted session module from
https://github.com/agentzh/encrypted-session-nginx-module/tree/master/src.
There are essentially two methods: one to encrypt values, and a second
to decrypt modules. The functions to do so are
ngx_http_set_encode_encrypted_session and
ngx_http_set_decode_encrypted_session. The functions call
ngx_http_encrypted_session_aes_mac_encrypt and
ngx_http_encrypted_session_aes_mac_decrypt respectively.
The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:
Can anyone shed some light on the magic I am missing?
Thanks in advance.
More information about the nginx
mailing list