walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Use plain hex string format for client serial

This commit is contained in:
Tatsuhiro Tsujikawa 2017-11-17 00:02:33 +09:00
parent c479f6122f
commit 73344ae9aa
3 changed files with 13 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/nghttpx.h2r
View File

@ -386,8 +386,7 @@ respectively.
.. rb:attr_reader:: tls_client_serial .. rb:attr_reader:: tls_client_serial
Return the serial number of a client certificate in a format Return the serial number of a client certificate.
like "ff:ff:ff:ff:ff:ff:ff:ff".
.. rb:attr_reader:: tls_cipher .. rb:attr_reader:: tls_cipher

28
src/shrpx_tls.cc
View File

@ -1959,6 +1959,13 @@ StringRef get_x509_issuer_name(BlockAllocator &balloc, X509 *x) {
return get_x509_name(balloc, X509_get_issuer_name(x)); return get_x509_name(balloc, X509_get_issuer_name(x));
} }
#ifdef WORDS_BIGENDIAN
#define bswap64(N) (N)
#else /* !WORDS_BIGENDIAN */
#define bswap64(N) \
((uint64_t)(ntohl((uint32_t)(N))) << 32 | ntohl((uint32_t)((N) >> 32)))
#endif /* !WORDS_BIGENDIAN */
StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) { StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) {
#if OPENSSL_1_1_API #if OPENSSL_1_1_API
auto sn = X509_get0_serialNumber(x); auto sn = X509_get0_serialNumber(x);
@ -1967,14 +1974,9 @@ StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) {
return StringRef{}; return StringRef{};
} }
auto iov = make_byte_ref(balloc, 16 + 7 + 1); r = bswap64(r);
auto p = iov.base; return util::format_hex(
for (int i = 56; i >= 0; i -= 8) { balloc, StringRef{reinterpret_cast<uint8_t *>(&r), sizeof(r)});
auto a = r >> i;
*p++ = util::LOWER_XDIGITS[(a >> 4) & 0xf];
*p++ = util::LOWER_XDIGITS[a & 0xf];
*p++ = ':';
}
#else // !OPENSSL_1_1_API #else // !OPENSSL_1_1_API
auto sn = X509_get_serialNumber(x); auto sn = X509_get_serialNumber(x);
auto bn = BN_new(); auto bn = BN_new();
@ -1987,16 +1989,8 @@ StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) {
auto n = BN_bn2bin(bn, b.data()); auto n = BN_bn2bin(bn, b.data());
assert(n == b.size()); assert(n == b.size());
auto iov = make_byte_ref(balloc, 16 + 7 + 1); return util::format_hex(balloc, StringRef{std::begin(b), std::end(b)});
auto p = iov.base;
for (auto c : b) {
*p++ = util::LOWER_XDIGITS[c >> 4];
*p++ = util::LOWER_XDIGITS[c & 0xf];
*p++ = ':';
}
#endif // !OPENSSL_1_1_API #endif // !OPENSSL_1_1_API
*--p = '\0';
return StringRef{iov.base, p};
} }
} // namespace tls } // namespace tls

3
src/shrpx_tls.h
View File

@ -284,8 +284,7 @@ StringRef get_x509_subject_name(BlockAllocator &balloc, X509 *x);
// name, it returns an empty string. // name, it returns an empty string.
StringRef get_x509_issuer_name(BlockAllocator &balloc, X509 *x); StringRef get_x509_issuer_name(BlockAllocator &balloc, X509 *x);
// Returns serial number of |x| in format like // Returns serial number of |x|. If this function fails to get serial
// "ff:ff:ff:ff:ff:ff:ff:ff". If this function fails to get serial
// number, it returns an empty string. number // number, it returns an empty string. number
StringRef get_x509_serial(BlockAllocator &balloc, X509 *x); StringRef get_x509_serial(BlockAllocator &balloc, X509 *x);