walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Check negotiated ALPN in LiveCheck

This commit is contained in:
Tatsuhiro Tsujikawa 2016-04-08 22:58:38 +09:00
parent ece3654139
commit a803be9171
1 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/shrpx_live_check.cc
View File

@ -281,11 +281,40 @@ int LiveCheck::tls_handshake() {
} }
} }
// Check negotiated ALPN
const unsigned char *next_proto = nullptr;
unsigned int next_proto_len = 0;
SSL_get0_next_proto_negotiated(conn_.tls.ssl, &next_proto, &next_proto_len);
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
if (next_proto == nullptr) {
SSL_get0_alpn_selected(conn_.tls.ssl, &next_proto, &next_proto_len);
}
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
auto proto = StringRef{next_proto, next_proto_len};
const auto &shared_addr = group_->shared_addr;
switch (shared_addr->proto) {
case PROTO_HTTP1:
if (proto.empty() || proto == StringRef::from_lit("http/1.1")) {
break;
}
return -1;
case PROTO_HTTP2:
if (util::check_h2_is_selected(proto)) {
break;
}
return -1;
default:
break;
}
on_success(); on_success();
disconnect(); disconnect();
// TODO Check ALPN identifier here
return 0; return 0;
} }