~sircmpwn/gmni-devel

This thread contains a patchset. You're looking at the original emails, but you may wish to use the patch review UI. Review patch
6 3

[PATCH] set session id context

mbays
Details
Message ID
<20210721164938.1372-1-mbays@sdf.org>
DKIM signature
missing
Download raw message
Patch: +1 -0
This is necessary now client certificates are supported.
Without it, an attempt to resume a session fails with
"ssl_get_prev_session:session id context uninitialized".
---
 src/tls.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/tls.c b/src/tls.c
index 0e092d3..9753131 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -194,6 +194,7 @@ tls_init(struct gmnisrv_config *conf)
	assert(r == 1);

	SSL_CTX_set_tlsext_servername_callback(conf->tls.ssl_ctx, NULL);
	SSL_CTX_set_session_id_context(conf->tls.ssl_ctx, (const unsigned char*) "gmnisrv", 7);
	SSL_CTX_set_verify(conf->tls.ssl_ctx, SSL_VERIFY_PEER, NULL);
	// use always_true_callback to ignore errors such as self-signed error
	SSL_CTX_set_cert_verify_callback(conf->tls.ssl_ctx, always_true_callback, NULL);
-- 
2.32.0
Details
Message ID
<CCZIHBVGT8M6.39ZMT1AQ9S90Z@taiga>
In-Reply-To
<20210721164938.1372-1-mbays@sdf.org> (view parent)
DKIM signature
fail
Download raw message
DKIM signature: fail
On Wed Jul 21, 2021 at 6:49 PM CEST, mbays wrote:
> This is necessary now client certificates are supported.
> Without it, an attempt to resume a session fails with
> "ssl_get_prev_session:session id context uninitialized".
> ---
> src/tls.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/tls.c b/src/tls.c
> index 0e092d3..9753131 100644
> --- a/src/tls.c
> +++ b/src/tls.c
> @@ -194,6 +194,7 @@ tls_init(struct gmnisrv_config *conf)
> assert(r == 1);
>  
> SSL_CTX_set_tlsext_servername_callback(conf->tls.ssl_ctx, NULL);
> + SSL_CTX_set_session_id_context(conf->tls.ssl_ctx, (const unsigned char*) "gmnisrv", 7);

Style nit: no space between ) and " here
mbays
Details
Message ID
<20210722132620.2916-1-mbays@sdf.org>
In-Reply-To
<20210721164938.1372-1-mbays@sdf.org> (view parent)
DKIM signature
missing
Download raw message
Patch: +1 -0
This is necessary now client certificates are supported.
Without it, an attempt to resume a session fails with
"ssl_get_prev_session:session id context uninitialized".
---
 src/tls.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/tls.c b/src/tls.c
index 0e092d3..02d7ab7 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -194,6 +194,7 @@ tls_init(struct gmnisrv_config *conf)
	assert(r == 1);

	SSL_CTX_set_tlsext_servername_callback(conf->tls.ssl_ctx, NULL);
	SSL_CTX_set_session_id_context(conf->tls.ssl_ctx, (const unsigned char*)"gmnisrv", 7);
	SSL_CTX_set_verify(conf->tls.ssl_ctx, SSL_VERIFY_PEER, NULL);
	// use always_true_callback to ignore errors such as self-signed error
	SSL_CTX_set_cert_verify_callback(conf->tls.ssl_ctx, always_true_callback, NULL);
-- 
2.32.0
Martin Bays
Details
Message ID
<20210825205548.g225mqgxzxanj5ip@localhost>
In-Reply-To
<20210722132620.2916-1-mbays@sdf.org> (view parent)
DKIM signature
missing
Download raw message
Is there anything preventing this being merged?
Details
Message ID
<CDT8Z6JFQZ76.2EHQS67X7T7MW@taiga>
In-Reply-To
<20210825205548.g225mqgxzxanj5ip@localhost> (view parent)
DKIM signature
fail
Download raw message
DKIM signature: fail
Yes. You never answered my feedback.
Martin Bays
Details
Message ID
<20210826100500.kf3jbwquchmr3mvx@localhost>
In-Reply-To
<CDT8Z6JFQZ76.2EHQS67X7T7MW@taiga> (view parent)
DKIM signature
missing
Download raw message
* Thursday, 2021-08-26 at 08:57 +0200 - Drew DeVault <sir@cmpwn.com>:

>Yes. You never answered my feedback.

You mean the nit about the unnecessary space? I sent a revised patch 
which fixed that.
Details
Message ID
<CDTD1FOFV8JH.2WNOFQ4BYMW9N@taiga>
In-Reply-To
<20210826100500.kf3jbwquchmr3mvx@localhost> (view parent)
DKIM signature
pass
Download raw message
I see it now. Don't send it to the same thread: make a new one with
[PATCH gmnisrv v2].
Reply to thread Export thread (mbox)