nghttpx: Enable session resumption on HTTP/2 backend
This commit is contained in:
parent
abce7c7210
commit
afbb99ecf7
|
@ -62,7 +62,13 @@ Connection::Connection(struct ev_loop *loop, int fd, SSL *ssl,
|
||||||
tls.last_write_time = 0.;
|
tls.last_write_time = 0.;
|
||||||
}
|
}
|
||||||
|
|
||||||
Connection::~Connection() { disconnect(); }
|
Connection::~Connection() {
|
||||||
|
disconnect();
|
||||||
|
|
||||||
|
if (tls.ssl) {
|
||||||
|
SSL_free(tls.ssl);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
void Connection::disconnect() {
|
void Connection::disconnect() {
|
||||||
ev_timer_stop(loop, &rt);
|
ev_timer_stop(loop, &rt);
|
||||||
|
@ -75,10 +81,13 @@ void Connection::disconnect() {
|
||||||
SSL_set_app_data(tls.ssl, nullptr);
|
SSL_set_app_data(tls.ssl, nullptr);
|
||||||
SSL_set_shutdown(tls.ssl, SSL_RECEIVED_SHUTDOWN);
|
SSL_set_shutdown(tls.ssl, SSL_RECEIVED_SHUTDOWN);
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
SSL_shutdown(tls.ssl);
|
// To reuse SSL/TLS session, we have to shutdown, and don't free
|
||||||
|
// tls.ssl.
|
||||||
|
if (SSL_shutdown(tls.ssl) != 1) {
|
||||||
SSL_free(tls.ssl);
|
SSL_free(tls.ssl);
|
||||||
tls.ssl = nullptr;
|
tls.ssl = nullptr;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (fd != -1) {
|
if (fd != -1) {
|
||||||
shutdown(fd, SHUT_WR);
|
shutdown(fd, SHUT_WR);
|
||||||
|
|
|
@ -320,13 +320,16 @@ int Http2Session::initiate_connection() {
|
||||||
SSLOG(INFO, this) << "Connecting to downstream server";
|
SSLOG(INFO, this) << "Connecting to downstream server";
|
||||||
}
|
}
|
||||||
if (ssl_ctx_) {
|
if (ssl_ctx_) {
|
||||||
// We are establishing TLS connection.
|
// We are establishing TLS connection. If conn_.tls.ssl, we may
|
||||||
|
// reuse the previous session.
|
||||||
|
if (!conn_.tls.ssl) {
|
||||||
conn_.tls.ssl = SSL_new(ssl_ctx_);
|
conn_.tls.ssl = SSL_new(ssl_ctx_);
|
||||||
if (!conn_.tls.ssl) {
|
if (!conn_.tls.ssl) {
|
||||||
SSLOG(ERROR, this) << "SSL_new() failed: "
|
SSLOG(ERROR, this) << "SSL_new() failed: "
|
||||||
<< ERR_error_string(ERR_get_error(), NULL);
|
<< ERR_error_string(ERR_get_error(), NULL);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const char *sni_name = nullptr;
|
const char *sni_name = nullptr;
|
||||||
if (get_config()->backend_tls_sni_name) {
|
if (get_config()->backend_tls_sni_name) {
|
||||||
|
|
Loading…
Reference in New Issue