search

eidheim / Simple-Web-Server

A very simple, fast, multithreaded, platform independent HTTP and HTTPS server and client library implemented using C++11 and Boost.Asio. Created to be an easy way to make REST resources available from C++ applications.
MIT License
2.61k stars 751 forks source link

Why reverse session_id_context ? #194

Closed lxlenovostar closed 6 years ago

lxlenovostar commented 6 years ago 
  void start() override {
      if(set_session_id_context) {
        // Creating session_id_context from address:port but reversed due to small SSL_MAX_SSL_SESSION_ID_LENGTH
        session_id_context = std::to_string(config.port) + ':';
        session_id_context.append(config.address.rbegin(), config.address.rend());
        SSL_CTX_set_session_id_context(context.native_handle(), reinterpret_cast<const unsigned char *>(session_id_context.data()),
                                       std::min<std::size_t>(session_id_context.size(), SSL_MAX_SSL_SESSION_ID_LENGTH));
      }
      ServerBase::start();
    }

Why we need reverse session_id_context? this maybe not change length of string.

Thank you.

eidheim commented 6 years ago

The rationale was to include the most significant parts of address:port in case this exceeded SSL_MAX_SSL_SESSION_ID_LENGTH

lxlenovostar commented 6 years ago

@eidheim Why use rbegin()/rend() instead of begin()/end() ? Thank you.

eidheim commented 6 years ago

Again, the thought was to include the most significant parts of the address. For instance, the country code is more important to keep than www. at start of an address.

lxlenovostar commented 6 years ago

Thank you.