walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Add --tls-ticket-key-memcached-interval option

This commit is contained in:
Tatsuhiro Tsujikawa 2015-07-28 01:02:33 +09:00
parent 2f2a300e83
commit 4949dd4888
4 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gennghttpxfun.py
View File

@ -95,6 +95,7 @@ OPTIONS = [
"host-rewrite", "host-rewrite",
"tls-session-cache-memcached", "tls-session-cache-memcached",
"tls-ticket-key-memcached", "tls-ticket-key-memcached",
"tls-ticket-key-memcached-interval",
"conf", "conf",
] ]

12
src/shrpx.cc
View File

@ -1505,6 +1505,11 @@ SSL/TLS:
keys from memcached, and use them, possibly replacing keys from memcached, and use them, possibly replacing
current set of keys. It is up to extern TLS ticket key current set of keys. It is up to extern TLS ticket key
generator to rotate keys frequently. generator to rotate keys frequently.
--tls-ticket-key-memcached-interval=<DURATION>
Set interval to get TLS ticket keys from memcached.
Default: )"
<< util::duration_str(get_config()->tls_ticket_key_memcached_interval)
<< R"(
HTTP/2 and SPDY: HTTP/2 and SPDY:
-c, --http2-max-concurrent-streams=<N> -c, --http2-max-concurrent-streams=<N>
@ -1870,6 +1875,8 @@ int main(int argc, char **argv) {
{SHRPX_OPT_HOST_REWRITE, no_argument, &flag, 85}, {SHRPX_OPT_HOST_REWRITE, no_argument, &flag, 85},
{SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED, required_argument, &flag, 86}, {SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED, required_argument, &flag, 86},
{SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, required_argument, &flag, 87}, {SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, required_argument, &flag, 87},
{SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED_INTERVAL, required_argument, &flag,
88},
{nullptr, 0, nullptr, 0}}; {nullptr, 0, nullptr, 0}};
int option_index = 0; int option_index = 0;
@ -2252,6 +2259,11 @@ int main(int argc, char **argv) {
// --tls-ticket-key-memcached // --tls-ticket-key-memcached
cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, optarg); cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, optarg);
break; break;
case 88:
// --tls-ticket-key-memcached-interval
cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED_INTERVAL,
optarg);
break;
default: default:
break; break;
} }

13
src/shrpx_config.cc
View File

@ -707,6 +707,7 @@ enum {
SHRPX_OPTID_TLS_TICKET_CIPHER, SHRPX_OPTID_TLS_TICKET_CIPHER,
SHRPX_OPTID_TLS_TICKET_KEY_FILE, SHRPX_OPTID_TLS_TICKET_KEY_FILE,
SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED, SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED,
SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL,
SHRPX_OPTID_USER, SHRPX_OPTID_USER,
SHRPX_OPTID_VERIFY_CLIENT, SHRPX_OPTID_VERIFY_CLIENT,
SHRPX_OPTID_VERIFY_CLIENT_CACERT, SHRPX_OPTID_VERIFY_CLIENT_CACERT,
@ -1221,6 +1222,15 @@ int option_lookup_token(const char *name, size_t namelen) {
break; break;
} }
break; break;
case 33:
switch (name[32]) {
case 'l':
if (util::strieq_l("tls-ticket-key-memcached-interva", name, 32)) {
return SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL;
}
break;
}
break;
case 34: case 34:
switch (name[33]) { switch (name[33]) {
case 'r': case 'r':
@ -1898,6 +1908,9 @@ int parse_config(const char *opt, const char *optarg,
return 0; return 0;
} }
case SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL:
return parse_duration(&mod_config()->tls_ticket_key_memcached_interval, opt,
optarg);
case SHRPX_OPTID_CONF: case SHRPX_OPTID_CONF:
LOG(WARN) << "conf: ignored"; LOG(WARN) << "conf: ignored";

2
src/shrpx_config.h
View File

@ -177,6 +177,8 @@ constexpr char SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED[] =
"tls-session-cache-memcached"; "tls-session-cache-memcached";
constexpr char SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED[] = constexpr char SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED[] =
"tls-ticket-key-memcached"; "tls-ticket-key-memcached";
constexpr char SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED_INTERVAL[] =
"tls-ticket-key-memcached-interval";
union sockaddr_union { union sockaddr_union {
sockaddr_storage storage; sockaddr_storage storage;