Add isc_nm_has_encryption()

This commit adds an isc_nm_has_encryption() function intended to check if a given handle is backed by a connection which uses encryption.
2025-09-02 23:55:27 +00:00 · 2021-11-16 13:35:37 +02:00
parent 07cf827b0b
commit f0e18f3927
4 changed files with 50 additions and 0 deletions
--- a/lib/isc/include/isc/netmgr.h
+++ b/lib/isc/include/isc/netmgr.h
@@ -654,6 +654,15 @@ isc_nm_socket_type(const isc_nmhandle_t *handle);
 *  \li 'handle' is a valid netmgr handle object.
 */

+bool
+isc_nm_has_encryption(const isc_nmhandle_t *handle);
+/*%<
+ * Returns 'true' iff the handle's underlying transport does encryption.
+ *
+ * Requires:
+ *  \li 'handle' is a valid netmgr handle object.
+ */
+
 void
 isc_nm_task_enqueue(isc_nm_t *mgr, isc_task_t *task, int threadid);
 /*%<
--- a/lib/isc/netmgr/http.c
+++ b/lib/isc/netmgr/http.c
@@ -2863,6 +2863,22 @@ isc__nm_http_set_maxage(isc_nmhandle_t *handle, const uint32_t ttl) {
 	sock->h2.min_ttl = ttl;
 }

+bool
+isc__nm_http_has_encryption(const isc_nmhandle_t *handle) {
+	isc_nm_http_session_t *session;
+	isc_nmsocket_t *sock;
+
+	REQUIRE(VALID_NMHANDLE(handle));
+	REQUIRE(VALID_NMSOCK(handle->sock));
+
+	sock = handle->sock;
+	session = sock->h2.session;
+
+	INSIST(VALID_HTTP2_SESSION(session));
+
+	return (isc_nm_socket_type(session->handle) == isc_nm_tlssocket);
+}
+
 static const bool base64url_validation_table[256] = {
 	false, false, false, false, false, false, false, false, false, false,
 	false, false, false, false, false, false, false, false, false, false,
--- a/lib/isc/netmgr/netmgr-int.h
+++ b/lib/isc/netmgr/netmgr-int.h
@@ -1695,6 +1695,9 @@ isc__nm_http_bad_request(isc_nmhandle_t *handle);
 * socket
 */

+bool
+isc__nm_http_has_encryption(const isc_nmhandle_t *handle);
+
 void
 isc__nm_http_set_maxage(isc_nmhandle_t *handle, const uint32_t ttl);

--- a/lib/isc/netmgr/netmgr.c
+++ b/lib/isc/netmgr/netmgr.c
@@ -3500,6 +3500,28 @@ isc_nm_socket_type(const isc_nmhandle_t *handle) {
 	return (handle->sock->type);
 }

+bool
+isc_nm_has_encryption(const isc_nmhandle_t *handle) {
+	REQUIRE(VALID_NMHANDLE(handle));
+	REQUIRE(VALID_NMSOCK(handle->sock));
+
+	switch (handle->sock->type) {
+	case isc_nm_tlsdnssocket:
+#if HAVE_LIBNGHTTP2
+	case isc_nm_tlssocket:
+#endif /* HAVE_LIBNGHTTP2 */
+		return (true);
+#if HAVE_LIBNGHTTP2
+	case isc_nm_httpsocket:
+		return (isc__nm_http_has_encryption(handle));
+#endif /* HAVE_LIBNGHTTP2 */
+	default:
+		return (false);
+	};
+
+	return (false);
+}
+
 #ifdef NETMGR_TRACE
 /*
 * Dump all active sockets in netmgr. We output to stderr