diff options
| author | Joe Orton <jorton@apache.org> | 2024-08-30 17:36:29 +0200 |
|---|---|---|
| committer | Joe Orton <jorton@apache.org> | 2024-08-30 17:36:29 +0200 |
| commit | 79990b070f2e5374e1add982342b1fa71f5d189e (patch) | |
| tree | 1cac0ff34346d73997084adb8e8b7268b80725f1 /modules | |
| parent | Update tr.xml (#1) (diff) | |
| download | apache2-79990b070f2e5374e1add982342b1fa71f5d189e.tar.xz apache2-79990b070f2e5374e1add982342b1fa71f5d189e.zip | |
mod_ssl: Add SSL_HANDSHAKE_RTT environment variable.
* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Support
SSL_HANDSHAKE_RTT. (ssl_var_lookup_ssl_handshake_rtt): New
function.
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup_vars): Add
SSL_HANDSHAKE_RTT.
Submitted by: csmutz
Github: closes #477
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920297 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/ssl/ssl_engine_kernel.c | 1 | ||||
| -rw-r--r-- | modules/ssl/ssl_engine_vars.c | 14 |
2 files changed, 15 insertions, 0 deletions
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index e89bc0cecc..4ce98aa80b 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1546,6 +1546,7 @@ static const char *const ssl_hook_Fixup_vars[] = { "SSL_SRP_USER", "SSL_SRP_USERINFO", #endif + "SSL_HANDSHAKE_RTT", NULL }; diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index d8881734b9..7d09846c27 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -51,6 +51,7 @@ static const char *ssl_var_lookup_ssl_cert_rfc4523_cea(apr_pool_t *p, SSL *ssl); static const char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, const SSLConnRec *sslconn); static const char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, const SSLConnRec *sslconn, const char *var); static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize); +static const char *ssl_var_lookup_ssl_handshake_rtt(apr_pool_t *p, SSL *ssl); static const char *ssl_var_lookup_ssl_version(const char *var); static const char *ssl_var_lookup_ssl_compress_meth(SSL *ssl); @@ -472,6 +473,9 @@ static const char *ssl_var_lookup_ssl(apr_pool_t *p, const SSLConnRec *sslconn, else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) { result = ssl_var_lookup_ssl_cipher(p, sslconn, var+6); } + else if (ssl != NULL && strcEQ(var, "HANDSHAKE_RTT")) { + result = ssl_var_lookup_ssl_handshake_rtt(p, ssl); + } else if (ssl != NULL && strlen(var) > 18 && strcEQn(var, "CLIENT_CERT_CHAIN_", 18)) { sk = SSL_get_peer_cert_chain(ssl); result = ssl_var_lookup_ssl_cert_chain(p, sk, var+18, 1); @@ -961,6 +965,16 @@ static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algke return; } +static const char *ssl_var_lookup_ssl_handshake_rtt(apr_pool_t *p, SSL *ssl) +{ +#if OPENSSL_VERSION_NUMBER >= 0x30200000L + apr_uint64_t rtt; + if (SSL_get_handshake_rtt(ssl, &rtt) > 0) + return apr_psprintf(p, "%" APR_UINT64_T_FMT, rtt); +#endif + return NULL; +} + static const char *ssl_var_lookup_ssl_version(const char *var) { if (strEQ(var, "INTERFACE")) { |