nghttpx: Client always uses simpler TLS handshake

This commit is contained in:
Tatsuhiro Tsujikawa 2022-05-08 10:31:25 +09:00
parent 992181a0de
commit c13a66d26f
2 changed files with 11 additions and 10 deletions

View File

@ -2921,7 +2921,8 @@ SSL/TLS:
accepts.
Default: )"
<< util::utos_unit(config->tls.max_early_data) << R"(
--tls-ktls Enable ktls.
--tls-ktls Enable ktls. For server, ktls is enable if
--tls-session-cache-memcached is not configured.
HTTP/2:
-c, --frontend-http2-max-concurrent-streams=<N>

View File

@ -150,6 +150,13 @@ void Connection::prepare_client_handshake() {
}
void Connection::prepare_server_handshake() {
auto &tlsconf = get_config()->tls;
if (proto != Proto::HTTP3 && !tlsconf.session_cache.memcached.host.empty()) {
auto bio = BIO_new(tlsconf.bio_method);
BIO_set_data(bio, this);
SSL_set_bio(tls.ssl, bio, bio);
}
SSL_set_accept_state(tls.ssl);
tls.server_handshake = true;
}
@ -312,13 +319,6 @@ BIO_METHOD *create_bio_method() {
void Connection::set_ssl(SSL *ssl) {
tls.ssl = ssl;
auto &tlsconf = get_config()->tls;
if (proto != Proto::HTTP3 && !tlsconf.session_cache.memcached.host.empty()) {
auto bio = BIO_new(tlsconf.bio_method);
BIO_set_data(bio, this);
SSL_set_bio(tls.ssl, bio, bio);
}
SSL_set_app_data(tls.ssl, this);
}
@ -338,7 +338,7 @@ int Connection::tls_handshake() {
auto &tlsconf = get_config()->tls;
if (tlsconf.session_cache.memcached.host.empty()) {
if (!tls.server_handshake || tlsconf.session_cache.memcached.host.empty()) {
return tls_handshake_simple();
}
@ -387,7 +387,7 @@ int Connection::tls_handshake() {
set_ssl(ssl);
SSL_set_accept_state(tls.ssl);
prepare_server_handshake();
tls.handshake_state = TLSHandshakeState::NORMAL;
break;