trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jpe...@apache.org
Subject [3/4] git commit: TS-462: Configure checks for ServerNameIndication
Date Wed, 14 Mar 2012 03:43:32 GMT
TS-462: Configure checks for ServerNameIndication


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/cad0e9b5
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/cad0e9b5
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/cad0e9b5

Branch: refs/heads/master
Commit: cad0e9b529337ee70b52235be9065e73820c157e
Parents: f67290f
Author: James Peach <jpeach@apache.org>
Authored: Wed Feb 29 22:11:40 2012 -0800
Committer: James Peach <jpeach@apache.org>
Committed: Tue Mar 13 20:33:15 2012 -0700

----------------------------------------------------------------------
 build/crypto.m4        |   39 +++++++++++++++++++++++++++++++++++++++
 configure.ac           |    4 ++++
 lib/ts/ink_config.h.in |    1 +
 3 files changed, 44 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cad0e9b5/build/crypto.m4
----------------------------------------------------------------------
diff --git a/build/crypto.m4 b/build/crypto.m4
index 5cdc80a..3cee32f 100644
--- a/build/crypto.m4
+++ b/build/crypto.m4
@@ -124,3 +124,42 @@ AC_DEFUN([TS_CHECK_CRYPTO_NEXTPROTONEG], [
   TS_ARG_ENABLE_VAR([use], [tls-npn])
   AC_SUBST(use_tls_npn)
 ])
+
+AC_DEFUN([TS_CHECK_CRYPTO_SNI], [
+  _sni_saved_LIBS=$LIBS
+  enable_tls_sni=yes
+
+  TS_ADDTO(LIBS, [$LIBSSL])
+  AC_CHECK_HEADERS(openssl/tls1.h openssl/ssl.h)
+  # We are looking for SSL_CTX_set_tlsext_servername_callback, but it's a
+  # macro, so AC_CHECK_FUNCS is not going to do the business.
+  AC_MSG_CHECKING([for SSL_CTX_set_tlsext_servername_callback])
+  AC_COMPILE_IFELSE(
+  [
+    AC_LANG_PROGRAM([[
+#if HAVE_OPENSSL_SSL_H
+#include <openssl/ssl.h>
+#endif
+#if HAVE_OPENSSL_TLS1_H
+#include <openssl/tls1.h>
+#endif
+      ]],
+      [[SSL_CTX_set_tlsext_servername_callback(NULL, NULL);]])
+  ],
+  [
+    AC_MSG_RESULT([yes])
+  ],
+  [
+    AC_MSG_RESULT([no])
+    enable_tls_sni=no
+  ])
+
+  AC_CHECK_FUNCS(SSL_get_servername, [], [enable_tls_sni=no])
+
+  LIBS=$_sni_saved_LIBS
+
+  AC_MSG_CHECKING(whether to enable ServerNameIndication TLS extension support)
+  AC_MSG_RESULT([$enable_tls_sni])
+  TS_ARG_ENABLE_VAR([use], [tls-sni])
+  AC_SUBST(use_tls_sni)
+])

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cad0e9b5/configure.ac
----------------------------------------------------------------------
diff --git a/configure.ac b/configure.ac
index 52e072f..9f849e7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -845,6 +845,10 @@ fi
 TS_CHECK_CRYPTO_NEXTPROTONEG
 
 #
+# Check for ServerNameIndication TLS extension support.
+TS_CHECK_CRYPTO_SNI
+
+#
 # Check for zlib presence and usability
 TS_CHECK_ZLIB
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cad0e9b5/lib/ts/ink_config.h.in
----------------------------------------------------------------------
diff --git a/lib/ts/ink_config.h.in b/lib/ts/ink_config.h.in
index 6d02b77..aa12b36 100644
--- a/lib/ts/ink_config.h.in
+++ b/lib/ts/ink_config.h.in
@@ -114,6 +114,7 @@
 #define TS_USE_HWLOC                   @use_hwloc@
 #define TS_USE_FREELIST                @use_freelist@
 #define TS_USE_TLS_NPN                 @use_tls_npn@
+#define TS_USE_TLS_SNI                 @use_tls_sni@
 
 /* OS API definitions */
 #define GETHOSTBYNAME_R_HOSTENT_DATA   @gethostbyname_r_hostent_data@


Mime
View raw message