From dbc5a742fdcf3f95da46510ac59ead44276fbc68 Mon Sep 17 00:00:00 2001 From: Valentin Bartenev Date: Wed, 25 Aug 2021 10:33:32 +0300 Subject: TLS: refactored nxt_tls_ticket_key_callback(). Deduplicated code and improved style. No functional changes. --- src/nxt_tls.h | 14 -------------- 1 file changed, 14 deletions(-) (limited to 'src/nxt_tls.h') diff --git a/src/nxt_tls.h b/src/nxt_tls.h index eeb4e7ba..e02a0aab 100644 --- a/src/nxt_tls.h +++ b/src/nxt_tls.h @@ -92,20 +92,6 @@ struct nxt_tls_init_s { }; -struct nxt_tls_ticket_s { - uint8_t aes128; - u_char name[16]; - u_char hmac_key[32]; - u_char aes_key[32]; -}; - - -struct nxt_tls_tickets_s { - nxt_uint_t count; - nxt_tls_ticket_t tickets[]; -}; - - #if (NXT_HAVE_OPENSSL) extern const nxt_tls_lib_t nxt_openssl_lib; -- cgit From 7bf6253941d3b61e5eb3339fb5f68c84e9e68795 Mon Sep 17 00:00:00 2001 From: Valentin Bartenev Date: Tue, 26 Oct 2021 15:43:44 +0300 Subject: Custom implementation of Base64 decoding function. Compared to the previous implementation based on OpenSSL, the new implementation has these advantages: 1. Strict and reliable detection of invalid strings, including strings with less than 4 bytes of garbage at the end; 2. Allows to use Base64 strings without '=' padding. --- src/nxt_tls.h | 2 -- 1 file changed, 2 deletions(-) (limited to 'src/nxt_tls.h') diff --git a/src/nxt_tls.h b/src/nxt_tls.h index e02a0aab..0667ade3 100644 --- a/src/nxt_tls.h +++ b/src/nxt_tls.h @@ -98,8 +98,6 @@ extern const nxt_tls_lib_t nxt_openssl_lib; void nxt_cdecl nxt_openssl_log_error(nxt_task_t *task, nxt_uint_t level, const char *fmt, ...); u_char *nxt_openssl_copy_error(u_char *p, u_char *end); -nxt_int_t nxt_openssl_base64_decode(u_char *d, size_t dlen, const u_char *s, - size_t slen); #endif #if (NXT_HAVE_GNUTLS) -- cgit