mod_ssl: Redesign NPN (Next Protocol Negotiation) API to avoid use of

hooks API and inter-module hard linkage: * modules/ssl/mod_ssl.h: Remove NPN hooks, add "modssl_register_npn" optional function and callback function type declarations for ssl_npn_advertise_protos, ssl_npn_proto_negotiated. * modules/ssl/mod_ssl.c: Drop hooks. (modssl_register_npn): New optional function implementation. (ssl_register_hooks): Register it. * modules/ssl/ssl_private.h (SSLConnRec): Add npn_advertfns, npn_negofns array fields. * modules/ssl/ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos): Replace use of hook API with array iteration. * modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Likewise. Reviewed by: Matthew Steele <mdsteele google.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1487772 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2013-05-30 07:19:07 +00:00
parent 7557b6066f
commit b3ce136d05
5 changed files with 101 additions and 43 deletions
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -1422,16 +1422,27 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f,
     * which protocol was decided upon and inform other modules by calling
     * npn_proto_negotiated_hook. */
    if (!inctx->npn_finished) {
+        SSLConnRec *sslconn = myConnConfig(f->c);
        const unsigned char *next_proto = NULL;
        unsigned next_proto_len = 0;
+        int n;

-        SSL_get0_next_proto_negotiated(
-            inctx->ssl, &next_proto, &next_proto_len);
-        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c,
-                      APLOGNO(02306) "SSL NPN negotiated protocol: '%*s'",
-                      next_proto_len, (const char*)next_proto);
-        modssl_run_npn_proto_negotiated_hook(
-            f->c, (const char*)next_proto, next_proto_len);
+        if (sslconn->npn_negofns) {
+            SSL_get0_next_proto_negotiated(
+                inctx->ssl, &next_proto, &next_proto_len);
+            ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c,
+                          APLOGNO(02306) "SSL NPN negotiated protocol: '%*s'",
+                          next_proto_len, (const char*)next_proto);
+            
+            for (n = 0; n < sslconn->npn_negofns->nelts; n++) {
+                ssl_npn_proto_negotiated fn = 
+                    APR_ARRAY_IDX(sslconn->npn_negofns, n, ssl_npn_proto_negotiated);
+                
+                if (fn(f->c, (const char *)next_proto, next_proto_len) == DONE)
+                    break;
+            }
+        }
+            
        inctx->npn_finished = 1;
    }
 #endif