tls: support OCSP on client and server

author: Fedor Indutny <fedor@indutny.com> 2014-04-14 21:15:57 +0400
committer: Fedor Indutny <fedor@indutny.com> 2014-04-18 02:21:16 +0400
commit: b3ef289ffb7db476d284866658213f04415ea92d (patch)
tree: ece3f973d16849e46ea7736880055482df0616e7 /src/node_crypto_clienthello.cc
parent: 77d1f4a91f2885fd3f39298754ae5b7ee75ad3d1 (diff)
download: node-new-b3ef289ffb7db476d284866658213f04415ea92d.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/src/node_crypto_clienthello.cc b/src/node_crypto_clienthello.cc
index b786942529..c1228c79ac 100644
--- a/src/node_crypto_clienthello.cc
+++ b/src/node_crypto_clienthello.cc
@@ -123,6 +123,7 @@ void ClientHelloParser::ParseHeader(const uint8_t* data, size_t avail) {
   hello.session_id_ = session_id_;
   hello.session_size_ = session_size_;
   hello.has_ticket_ = tls_ticket_ != NULL && tls_ticket_size_ != 0;
+  hello.ocsp_request_ = ocsp_request_;
   hello.servername_ = servername_;
   hello.servername_size_ = servername_size_;
   onhello_cb_(cb_arg_, hello);
@@ -159,6 +160,18 @@ void ClientHelloParser::ParseExtension(ClientHelloParser::ExtensionType type,
         }
       }
       break;
+    case kStatusRequest:
+      // We are ignoring any data, just indicating the presence of extension
+      if (len < kMinStatusRequestSize)
+        return;
+
+      // Unknown type, ignore it
+      if (data[0] != kStatusRequestOCSP)
+        break;
+
+      // Ignore extensions, they won't work with caching on backend anyway
+      ocsp_request_ = 1;
+      break;
     case kTLSSessionTicket:
       tls_ticket_size_ = len;
       tls_ticket_ = data + len;
author	Fedor Indutny <fedor@indutny.com>	2014-04-14 21:15:57 +0400
committer	Fedor Indutny <fedor@indutny.com>	2014-04-18 02:21:16 +0400
commit	b3ef289ffb7db476d284866658213f04415ea92d (patch)
tree	ece3f973d16849e46ea7736880055482df0616e7 /src/node_crypto_clienthello.cc
parent	77d1f4a91f2885fd3f39298754ae5b7ee75ad3d1 (diff)
download	node-new-b3ef289ffb7db476d284866658213f04415ea92d.tar.gz