Agentzh's encrypted session module

I’ve been studying agentzh’s encrypted session module from
https://github.com/agentzh/encrypted-session-nginx-module/tree/master/src.

There are essentially two methods: one to encrypt values, and a second
to decrypt modules. The functions to do so are
ngx_http_set_encode_encrypted_session and
ngx_http_set_decode_encrypted_session. The functions call
ngx_http_encrypted_session_aes_mac_encrypt and
ngx_http_encrypted_session_aes_mac_decrypt respectively.

The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:

Can anyone shed some light on the magic I am missing?

Thanks in advance.

Hello!

On Sat, Jan 4, 2014 at 11:59 PM, Jeffrey W. wrote:

I’ve been studying agentzh’s encrypted session module from
https://github.com/agentzh/encrypted-session-nginx-module/tree/master/src.

Thank you for checking it out! :slight_smile:

The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:

The callbacks are injected into the standard ngx_rewrite module’s
command list by means of the ndk_set_var submodule in the
ngx_devel_kit (NDK) module:

https://github.com/simpl/ngx_devel_kit

The entry point of NDK called ngx_encrypted_session is
ndk_set_var_value. You can trace from there :slight_smile:

The actual request-time caller of these configuration directives is
the standard ngx_rewrite module at the “rewrite” running phase.

Best regards,
-agentzh

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs