Add isc_nm_has_encryption()

This commit adds an isc_nm_has_encryption() function intended to check
if a given handle is backed by a connection which uses encryption.

diff --git a/lib/isc/include/isc/netmgr.h b/lib/isc/include/isc/netmgr.h
index 4b17006d2827d3b974b0309c0fbc375ba1894cde..94fed339a35dc9980bd9d9611a8e981a8fe8033b 100644 (file)
--- a/lib/isc/include/isc/netmgr.h
+++ b/lib/isc/include/isc/netmgr.h
@@ -654,6 +654,15 @@ isc_nm_socket_type(const isc_nmhandle_t *handle);
  *  \li 'handle' is a valid netmgr handle object.
  */
 
+bool
+isc_nm_has_encryption(const isc_nmhandle_t *handle);
+/*%<
+ * Returns 'true' iff the handle's underlying transport does encryption.
+ *
+ * Requires:
+ *  \li 'handle' is a valid netmgr handle object.
+ */
+
 void
 isc_nm_task_enqueue(isc_nm_t *mgr, isc_task_t *task, int threadid);
 /*%<

diff --git a/lib/isc/netmgr/http.c b/lib/isc/netmgr/http.c
index 466ae5497ac66e322237ed1928a09fbc0f516d69..539fef6fd31babfacb4b971ffdced800bb85f081 100644 (file)
--- a/lib/isc/netmgr/http.c
+++ b/lib/isc/netmgr/http.c
@@ -2863,6 +2863,22 @@ isc__nm_http_set_maxage(isc_nmhandle_t *handle, const uint32_t ttl) {
        sock->h2.min_ttl = ttl;
 }
 
+bool
+isc__nm_http_has_encryption(const isc_nmhandle_t *handle) {
+       isc_nm_http_session_t *session;
+       isc_nmsocket_t *sock;
+
+       REQUIRE(VALID_NMHANDLE(handle));
+       REQUIRE(VALID_NMSOCK(handle->sock));
+
+       sock = handle->sock;
+       session = sock->h2.session;
+
+       INSIST(VALID_HTTP2_SESSION(session));
+
+       return (isc_nm_socket_type(session->handle) == isc_nm_tlssocket);
+}
+
 static const bool base64url_validation_table[256] = {
        false, false, false, false, false, false, false, false, false, false,
        false, false, false, false, false, false, false, false, false, false,

diff --git a/lib/isc/netmgr/netmgr-int.h b/lib/isc/netmgr/netmgr-int.h
index 649017e522c17f108e16323d9ea2a88e50adfd6b..da892b8415aca34c8e8da7ecc9d6d67d2591e455 100644 (file)
--- a/lib/isc/netmgr/netmgr-int.h
+++ b/lib/isc/netmgr/netmgr-int.h
@@ -1695,6 +1695,9 @@ isc__nm_http_bad_request(isc_nmhandle_t *handle);
  * socket
  */
 
+bool
+isc__nm_http_has_encryption(const isc_nmhandle_t *handle);
+
 void
 isc__nm_http_set_maxage(isc_nmhandle_t *handle, const uint32_t ttl);
 

diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c
index 97b9f5bb25f8cecb149dc4ca9e4dd2009b39a764..3404d19ba0ebc1dc6088fb592daaa054615567ac 100644 (file)
--- a/lib/isc/netmgr/netmgr.c
+++ b/lib/isc/netmgr/netmgr.c
@@ -3500,6 +3500,28 @@ isc_nm_socket_type(const isc_nmhandle_t *handle) {
        return (handle->sock->type);
 }
 
+bool
+isc_nm_has_encryption(const isc_nmhandle_t *handle) {
+       REQUIRE(VALID_NMHANDLE(handle));
+       REQUIRE(VALID_NMSOCK(handle->sock));
+
+       switch (handle->sock->type) {
+       case isc_nm_tlsdnssocket:
+#if HAVE_LIBNGHTTP2
+       case isc_nm_tlssocket:
+#endif /* HAVE_LIBNGHTTP2 */
+               return (true);
+#if HAVE_LIBNGHTTP2
+       case isc_nm_httpsocket:
+               return (isc__nm_http_has_encryption(handle));
+#endif /* HAVE_LIBNGHTTP2 */
+       default:
+               return (false);
+       };
+
+       return (false);
+}
+
 #ifdef NETMGR_TRACE
 /*
  * Dump all active sockets in netmgr. We output to stderr