walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Added SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION and TCP_NODELAY

This commit is contained in:
Tatsuhiro Tsujikawa 2012-06-07 22:39:57 +09:00
parent 49c9e01f3e
commit 7319620160
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
examples/shrpx_ssl.cc
View File

@ -26,6 +26,7 @@
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/tcp.h>
#include <event2/bufferevent.h>
#include <event2/bufferevent_ssl.h>
@ -73,7 +74,9 @@ SSL_CTX* create_ssl_context()
DIE();
}
SSL_CTX_set_options(ssl_ctx,
SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION);
SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION |
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
@ -125,6 +128,12 @@ ClientHandler* accept_ssl_connection(event_base *evbase, SSL_CTX *ssl_ctx,
LOG(ERROR) << "SSL_new() failed";
return 0;
}
int val = 1;
rv = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY,
reinterpret_cast<char *>(&val), sizeof(val));
if(rv == -1) {
LOG(WARNING) << "Setting option TCP_NODELAY failed";
}
bufferevent *bev = bufferevent_openssl_socket_new
(evbase, fd, ssl,
BUFFEREVENT_SSL_ACCEPTING, BEV_OPT_DEFER_CALLBACKS);