mod_ssl: Calculate the MD5 digest used as the session context once per

vhost at startup, rather than building it for each new connection. * modules/ssl/ssl_private.h (struct SSLSrvConfigRec): Replace vhost_id_len field with vhost_md5. * modules/ssl/ssl_engine_init.c (ssl_init_Module): Build the sc->vhost_md5 hash here. * modules/ssl/mod_ssl.c: Fail at compile time if the SSL_set_session_id_context() API constraint on context length is violated. (ssl_init_ssl_connection): Use sc->vhost_md5. * modules/ssl/ssl_engine_kernel.c (ssl_find_vhost): Use sc->vhost_md5 after renegotiation. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877349 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2020-05-04 09:23:03 +00:00
parent 37de2054b3
commit ccc38eab46
5 changed files with 14 additions and 17 deletions
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -2556,11 +2556,7 @@ static int ssl_find_vhost(void *servername, conn_rec *c, server_rec *s)
         * a renegotiation.
         */
        if (SSL_num_renegotiations(ssl) == 0) {
-            unsigned char *sid_ctx =
-                (unsigned char *)ap_md5_binary(c->pool,
-                                               (unsigned char *)sc->vhost_id,
-                                               sc->vhost_id_len);
-            SSL_set_session_id_context(ssl, sid_ctx, APR_MD5_DIGESTSIZE*2);
+            SSL_set_session_id_context(ssl, sc->vhost_md5, APR_MD5_DIGESTSIZE*2);
        }

        /*