For cached TLS sessions, in addition to the SNI itself, its hash is now also
saved. No changes are expected here because this hash is not used for now.
This commit relies on:
* MINOR: ssl: Add a function to hash SNIs
unsigned char *ptr;
int size;
int allocated_size;
+ uint64_t sni_hash; /* Hash of the SNI used for the session */
char *sni; /* SNI used for the session */
__decl_thread(HA_RWLOCK_T sess_lock);
} * reused_sess;
/* if the new sni is empty or isn' t the same as the old one */
if ((!sni) || strcmp(s->ssl_ctx.reused_sess[tid].sni, sni) != 0) {
ha_free(&s->ssl_ctx.reused_sess[tid].sni);
- if (sni)
+ s->ssl_ctx.reused_sess[tid].sni_hash = 0;
+ if (sni) {
s->ssl_ctx.reused_sess[tid].sni = strdup(sni);
+ s->ssl_ctx.reused_sess[tid].sni_hash = ssl_sock_sni_hash(ist(sni));
+ }
}
} else if (sni) {
/* if there wasn't an old sni but there is a new one */
s->ssl_ctx.reused_sess[tid].sni = strdup(sni);
+ s->ssl_ctx.reused_sess[tid].sni_hash = ssl_sock_sni_hash(ist(sni));
}
#ifdef USE_QUIC
/* The selected ALPN is not stored without SSL session. */
projects / thirdparty / haproxy.git / commitdiff
