Forum: NGINX agentzh's encrypted session module

8d313c5d85c52a953e498c4f66d59c8a?d=identicon&s=25 Jeffrey Walton (Guest)
on 2014-01-05 09:00
(Received via mailing list)
I've been studying agentzh's encrypted session module from
https://github.com/agentzh/encrypted-session-nginx....

There are essentially two methods: one to encrypt values, and a second
to decrypt modules. The functions to do so are
ngx_http_set_encode_encrypted_session and
ngx_http_set_decode_encrypted_session. The functions call
ngx_http_encrypted_session_aes_mac_encrypt and
ngx_http_encrypted_session_aes_mac_decrypt respectively.

The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:


Can anyone shed some light on the magic I am missing?

Thanks in advance.
37f3ea777f96500b332a1a89d6027897?d=identicon&s=25 Yichun Zhang (agentzh) (Guest)
on 2014-01-06 20:45
(Received via mailing list)
Hello!

On Sat, Jan 4, 2014 at 11:59 PM, Jeffrey Walton wrote:
> I've been studying agentzh's encrypted session module from
> https://github.com/agentzh/encrypted-session-nginx....
>

Thank you for checking it out! :)

>
> The problem I am having is: I cannot tell how this is plumbed into
> nginx framework such that a value is encrypted going one way, and
> decrypted going another. From the module, I clearly see the command:
>

The callbacks are injected into the standard ngx_rewrite module's
command list by means of the ndk_set_var submodule in the
ngx_devel_kit (NDK) module:

    https://github.com/simpl/ngx_devel_kit

The entry point of NDK called ngx_encrypted_session is
ndk_set_var_value. You can trace from there :)

The actual request-time caller of these configuration directives is
the standard ngx_rewrite module at the "rewrite" running phase.

Best regards,
-agentzh
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.