Browse Source

[mod_wolfssl] need to build --enable-alpn for ALPN

need to build wolfSSL library with --enable-alpn for ALPN
even if already building wolfSSL library with --enable-openssall
(sigh)

ALPN is required by the HTTP/2 specification
master
Glenn Strauss 3 months ago
parent
commit
988fa8ecfa
1 changed files with 6 additions and 0 deletions
  1. +6
    -0
      src/mod_wolfssl.c

+ 6
- 0
src/mod_wolfssl.c View File

@ -1520,6 +1520,7 @@ network_openssl_load_pemfile (server *srv, const buffer *pemfile, const buffer *
#ifdef HAVE_TLS_EXTENSIONS
#ifdef HAVE_ALPN
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
static int
@ -1687,6 +1688,7 @@ mod_openssl_alpn_select_cb (SSL *ssl, const unsigned char **out, unsigned char *
}
#endif /* TLSEXT_TYPE_application_layer_protocol_negotiation */
#endif /* HAVE_ALPN */
#endif /* HAVE_TLS_EXTENSIONS */
@ -2034,9 +2036,11 @@ network_init_ssl (server *srv, plugin_config_socket *s, plugin_data *p)
UNUSED(network_ssl_servername_callback);
#endif
#ifdef HAVE_ALPN
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
SSL_CTX_set_alpn_select_cb(s->ssl_ctx,mod_openssl_alpn_select_cb,NULL);
#endif
#endif
#endif
if (!s->ssl_use_sslv3 && !s->ssl_use_sslv2
@ -2681,6 +2685,7 @@ connection_read_cq_ssl (connection *con, chunkqueue *cq, off_t max_bytes)
return -1;
}
#ifdef HAVE_ALPN
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
if (hctx->alpn) {
if (hctx->alpn == MOD_OPENSSL_ALPN_ACME_TLS_1) {
@ -2695,6 +2700,7 @@ connection_read_cq_ssl (connection *con, chunkqueue *cq, off_t max_bytes)
hctx->alpn = 0;
}
#endif
#endif
} while (len > 0
&& (hctx->conf.ssl_read_ahead || SSL_pending(hctx->ssl) > 0));


Loading…
Cancel
Save