I’ve been studying agentzh’s encrypted session module from
https://github.com/agentzh/encrypted-session-nginx-module/tree/master/src.
There are essentially two methods: one to encrypt values, and a second
to decrypt modules. The functions to do so are
ngx_http_set_encode_encrypted_session and
ngx_http_set_decode_encrypted_session. The functions call
ngx_http_encrypted_session_aes_mac_encrypt and
ngx_http_encrypted_session_aes_mac_decrypt respectively.
The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:
Can anyone shed some light on the magic I am missing?
Thanks in advance.
Hello!
On Sat, Jan 4, 2014 at 11:59 PM, Jeffrey W. wrote:
I’ve been studying agentzh’s encrypted session module from
encrypted-session-nginx-module/src at master · openresty/encrypted-session-nginx-module · GitHub.
Thank you for checking it out! 
The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:
The callbacks are injected into the standard ngx_rewrite module’s
command list by means of the ndk_set_var submodule in the
ngx_devel_kit (NDK) module:
https://github.com/simpl/ngx_devel_kit
The entry point of NDK called ngx_encrypted_session is
ndk_set_var_value. You can trace from there
The actual request-time caller of these configuration directives is
the standard ngx_rewrite module at the “rewrite” running phase.
Best regards,
-agentzh