nghttpx: Add --tls-ticket-key-memcached-interval option

juniway · Jul 27, 2015 · 4949dd4 · 4949dd4
1 parent 2f2a300
commit 4949dd4
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 0 deletions.
diff --git a/gennghttpxfun.py b/gennghttpxfun.py
@@ -95,6 +95,7 @@
     "host-rewrite",
     "tls-session-cache-memcached",
     "tls-ticket-key-memcached",
+    "tls-ticket-key-memcached-interval",
     "conf",
 ]
 

diff --git a/src/shrpx.cc b/src/shrpx.cc
@@ -1505,6 +1505,11 @@ SSL/TLS:
               keys from  memcached, and  use them,  possibly replacing
               current set of keys.  It is  up to extern TLS ticket key
               generator to rotate keys frequently.
+  --tls-ticket-key-memcached-interval=<DURATION>
+              Set interval to get TLS ticket keys from memcached.
+              Default: )"
+      << util::duration_str(get_config()->tls_ticket_key_memcached_interval)
+      << R"(
 
 HTTP/2 and SPDY:
   -c, --http2-max-concurrent-streams=<N>
@@ -1870,6 +1875,8 @@ int main(int argc, char **argv) {
         {SHRPX_OPT_HOST_REWRITE, no_argument, &flag, 85},
         {SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED, required_argument, &flag, 86},
         {SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, required_argument, &flag, 87},
+        {SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED_INTERVAL, required_argument, &flag,
+         88},
         {nullptr, 0, nullptr, 0}};
 
     int option_index = 0;
@@ -2252,6 +2259,11 @@ int main(int argc, char **argv) {
         // --tls-ticket-key-memcached
         cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED, optarg);
         break;
+      case 88:
+        // --tls-ticket-key-memcached-interval
+        cmdcfgs.emplace_back(SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED_INTERVAL,
+                             optarg);
+        break;
       default:
         break;
       }

diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc
@@ -707,6 +707,7 @@ enum {
   SHRPX_OPTID_TLS_TICKET_CIPHER,
   SHRPX_OPTID_TLS_TICKET_KEY_FILE,
   SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED,
+  SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL,
   SHRPX_OPTID_USER,
   SHRPX_OPTID_VERIFY_CLIENT,
   SHRPX_OPTID_VERIFY_CLIENT_CACERT,
@@ -1221,6 +1222,15 @@ int option_lookup_token(const char *name, size_t namelen) {
       break;
     }
     break;
+  case 33:
+    switch (name[32]) {
+    case 'l':
+      if (util::strieq_l("tls-ticket-key-memcached-interva", name, 32)) {
+        return SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL;
+      }
+      break;
+    }
+    break;
   case 34:
     switch (name[33]) {
     case 'r':
@@ -1898,6 +1908,9 @@ int parse_config(const char *opt, const char *optarg,
 
     return 0;
   }
+  case SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_INTERVAL:
+    return parse_duration(&mod_config()->tls_ticket_key_memcached_interval, opt,
+                          optarg);
   case SHRPX_OPTID_CONF:
     LOG(WARN) << "conf: ignored";
 

diff --git a/src/shrpx_config.h b/src/shrpx_config.h
@@ -177,6 +177,8 @@ constexpr char SHRPX_OPT_TLS_SESSION_CACHE_MEMCACHED[] =
     "tls-session-cache-memcached";
 constexpr char SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED[] =
     "tls-ticket-key-memcached";
+constexpr char SHRPX_OPT_TLS_TICKET_KEY_MEMCACHED_INTERVAL[] =
+    "tls-ticket-key-memcached-interval";
 
 union sockaddr_union {
   sockaddr_storage storage;