Mercurial > hg > nginx-mail

annotate src/mail/ngx_mail_ssl_module.c @ 434:375518f786db

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Mail: don't drop connection when RCPT TO fails. Always pass reply for RCPT TO back to client and establish proxied connection. There is no real reason to close connection here.
author Maxim Dounin <mdounin@mdounin.ru>
date Wed, 10 Sep 2008 21:27:57 +0400
parents a094317ba307
children 392c16f2d858
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
1
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
2 /*
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
3 * Copyright (C) Igor Sysoev
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
4 */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
5
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
6
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
7 #include <ngx_config.h>
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
8 #include <ngx_core.h>
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
9 #include <ngx_mail.h>
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
10
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
11
390
0b6053502c55 nginx 0.7.7
Igor Sysoev <http://sysoev.ru>
parents: 380
diff changeset
12 #define NGX_DEFAULT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
13
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
14
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
15 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
16 static char *ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child);
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
17
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
18 static char *ngx_mail_ssl_enable(ngx_conf_t *cf, ngx_command_t *cmd,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
19 void *conf);
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
20 static char *ngx_mail_ssl_starttls(ngx_conf_t *cf, ngx_command_t *cmd,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
21 void *conf);
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
22 static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
23 void *conf);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
24
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
25 #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
26
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
27 static char *ngx_mail_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
28 void *conf);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
29
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
30 static char ngx_mail_ssl_openssl097[] = "OpenSSL 0.9.7 and higher";
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
31
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
32 #endif
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
33
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
34
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
35 static ngx_conf_enum_t ngx_http_starttls_state[] = {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
36 { ngx_string("off"), NGX_MAIL_STARTTLS_OFF },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
37 { ngx_string("on"), NGX_MAIL_STARTTLS_ON },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
38 { ngx_string("only"), NGX_MAIL_STARTTLS_ONLY },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
39 { ngx_null_string, 0 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
40 };
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
41
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
42
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
43
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
44 static ngx_conf_bitmask_t ngx_mail_ssl_protocols[] = {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
45 { ngx_string("SSLv2"), NGX_SSL_SSLv2 },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
46 { ngx_string("SSLv3"), NGX_SSL_SSLv3 },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
47 { ngx_string("TLSv1"), NGX_SSL_TLSv1 },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
48 { ngx_null_string, 0 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
49 };
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
50
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
51
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
52 static ngx_command_t ngx_mail_ssl_commands[] = {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
53
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
54 { ngx_string("ssl"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
55 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG,
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
56 ngx_mail_ssl_enable,
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
57 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
58 offsetof(ngx_mail_ssl_conf_t, enable),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
59 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
60
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
61 { ngx_string("starttls"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
62 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
63 ngx_mail_ssl_starttls,
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
64 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
65 offsetof(ngx_mail_ssl_conf_t, starttls),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
66 ngx_http_starttls_state },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
67
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
68 { ngx_string("ssl_certificate"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
69 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
70 ngx_conf_set_str_slot,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
71 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
72 offsetof(ngx_mail_ssl_conf_t, certificate),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
73 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
74
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
75 { ngx_string("ssl_certificate_key"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
76 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
77 ngx_conf_set_str_slot,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
78 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
79 offsetof(ngx_mail_ssl_conf_t, certificate_key),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
80 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
81
380
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
82 { ngx_string("ssl_dhparam"),
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
83 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
84 ngx_conf_set_str_slot,
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
85 NGX_MAIL_SRV_CONF_OFFSET,
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
86 offsetof(ngx_mail_ssl_conf_t, dhparam),
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
87 NULL },
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
88
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
89 { ngx_string("ssl_protocols"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
90 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
91 ngx_conf_set_bitmask_slot,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
92 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
93 offsetof(ngx_mail_ssl_conf_t, protocols),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
94 &ngx_mail_ssl_protocols },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
95
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
96 { ngx_string("ssl_ciphers"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
97 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
98 ngx_conf_set_str_slot,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
99 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
100 offsetof(ngx_mail_ssl_conf_t, ciphers),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
101 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
102
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
103 { ngx_string("ssl_prefer_server_ciphers"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
104 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
105 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
106 ngx_conf_set_flag_slot,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
107 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
108 offsetof(ngx_mail_ssl_conf_t, prefer_server_ciphers),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
109 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
110 #else
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
111 ngx_mail_ssl_nosupported, 0, 0, ngx_mail_ssl_openssl097 },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
112 #endif
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
113
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
114 { ngx_string("ssl_session_cache"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
115 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE12,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
116 ngx_mail_ssl_session_cache,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
117 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
118 0,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
119 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
120
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
121 { ngx_string("ssl_session_timeout"),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
122 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
123 ngx_conf_set_sec_slot,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
124 NGX_MAIL_SRV_CONF_OFFSET,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
125 offsetof(ngx_mail_ssl_conf_t, session_timeout),
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
126 NULL },
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
127
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
128 ngx_null_command
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
129 };
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
130
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
131
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
132 static ngx_mail_module_t ngx_mail_ssl_module_ctx = {
336
1c519aff5c0c nginx 0.6.12
Igor Sysoev <http://sysoev.ru>
parents: 290
diff changeset
133 NULL, /* protocol */
1c519aff5c0c nginx 0.6.12
Igor Sysoev <http://sysoev.ru>
parents: 290
diff changeset
134
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
135 NULL, /* create main configuration */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
136 NULL, /* init main configuration */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
137
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
138 ngx_mail_ssl_create_conf, /* create server configuration */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
139 ngx_mail_ssl_merge_conf /* merge server configuration */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
140 };
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
141
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
142
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
143 ngx_module_t ngx_mail_ssl_module = {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
144 NGX_MODULE_V1,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
145 &ngx_mail_ssl_module_ctx, /* module context */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
146 ngx_mail_ssl_commands, /* module directives */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
147 NGX_MAIL_MODULE, /* module type */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
148 NULL, /* init master */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
149 NULL, /* init module */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
150 NULL, /* init process */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
151 NULL, /* init thread */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
152 NULL, /* exit thread */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
153 NULL, /* exit process */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
154 NULL, /* exit master */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
155 NGX_MODULE_V1_PADDING
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
156 };
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
157
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
158
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
159 static ngx_str_t ngx_mail_ssl_sess_id_ctx = ngx_string("MAIL");
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
160
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
161
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
162 static void *
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
163 ngx_mail_ssl_create_conf(ngx_conf_t *cf)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
164 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
165 ngx_mail_ssl_conf_t *scf;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
166
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
167 scf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_ssl_conf_t));
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
168 if (scf == NULL) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
169 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
170 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
171
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
172 /*
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
173 * set by ngx_pcalloc():
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
174 *
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
175 * scf->protocols = 0;
380
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
176 * scf->certificate = { 0, NULL };
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
177 * scf->certificate_key = { 0, NULL };
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
178 * scf->dhparam = { 0, NULL };
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
179 * scf->ciphers.len = 0;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
180 * scf->ciphers.data = NULL;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
181 * scf->shm_zone = NULL;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
182 */
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
183
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
184 scf->enable = NGX_CONF_UNSET;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
185 scf->starttls = NGX_CONF_UNSET;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
186 scf->prefer_server_ciphers = NGX_CONF_UNSET;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
187 scf->builtin_session_cache = NGX_CONF_UNSET;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
188 scf->session_timeout = NGX_CONF_UNSET;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
189
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
190 return scf;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
191 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
192
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
193
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
194 static char *
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
195 ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
196 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
197 ngx_mail_ssl_conf_t *prev = parent;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
198 ngx_mail_ssl_conf_t *conf = child;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
199
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
200 char *mode;
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
201 ngx_pool_cleanup_t *cln;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
202
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
203 ngx_conf_merge_value(conf->enable, prev->enable, 0);
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
204 ngx_conf_merge_uint_value(conf->starttls, prev->starttls,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
205 NGX_MAIL_STARTTLS_OFF);
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
206
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
207 ngx_conf_merge_value(conf->session_timeout,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
208 prev->session_timeout, 300);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
209
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
210 ngx_conf_merge_value(conf->prefer_server_ciphers,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
211 prev->prefer_server_ciphers, 0);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
212
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
213 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
214 (NGX_CONF_BITMASK_SET
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
215 |NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1));
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
216
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
217 ngx_conf_merge_str_value(conf->certificate, prev->certificate, "");
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
218 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, "");
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
219
380
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
220 ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, "");
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
221
390
0b6053502c55 nginx 0.7.7
Igor Sysoev <http://sysoev.ru>
parents: 380
diff changeset
222 ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFAULT_CIPHERS);
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
223
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
224
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
225 conf->ssl.log = cf->log;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
226
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
227 if (conf->enable) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
228 mode = "ssl";
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
229
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
230 } else if (conf->starttls != NGX_MAIL_STARTTLS_OFF) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
231 mode = "starttls";
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
232
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
233 } else {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
234 mode = "";
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
235 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
236
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
237 if (*mode) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
238
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
239 if (conf->certificate.len == 0) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
240 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
241 "no \"ssl_certificate\" is defined for "
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
242 "the \"%s\" directive in %s:%ui",
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
243 mode, conf->file, conf->line);
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
244 return NGX_CONF_ERROR;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
245 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
246
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
247 if (conf->certificate_key.len == 0) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
248 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
249 "no \"ssl_certificate_key\" is defined for "
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
250 "the \"%s\" directive in %s:%ui",
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
251 mode, conf->file, conf->line);
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
252 return NGX_CONF_ERROR;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
253 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
254
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
255 } else {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
256
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
257 if (conf->certificate.len == 0) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
258 return NGX_CONF_OK;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
259 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
260
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
261 if (conf->certificate_key.len == 0) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
262 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
263 "no \"ssl_certificate_key\" is defined "
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
264 "for certificate \"%V\"",
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
265 &conf->certificate);
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
266 return NGX_CONF_ERROR;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
267 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
268 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
269
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
270 if (ngx_ssl_create(&conf->ssl, conf->protocols, NULL) != NGX_OK) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
271 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
272 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
273
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
274 cln = ngx_pool_cleanup_add(cf->pool, 0);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
275 if (cln == NULL) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
276 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
277 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
278
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
279 cln->handler = ngx_ssl_cleanup_ctx;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
280 cln->data = &conf->ssl;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
281
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
282 if (ngx_ssl_certificate(cf, &conf->ssl, &conf->certificate,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
283 &conf->certificate_key)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
284 != NGX_OK)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
285 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
286 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
287 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
288
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
289 if (conf->ciphers.len) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
290 if (SSL_CTX_set_cipher_list(conf->ssl.ctx,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
291 (const char *) conf->ciphers.data)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
292 == 0)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
293 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
294 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
295 "SSL_CTX_set_cipher_list(\"%V\") failed",
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
296 &conf->ciphers);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
297 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
298 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
299
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
300 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
301
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
302 if (conf->prefer_server_ciphers) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
303 SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
304 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
305
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
306 #endif
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
307
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
308 if (ngx_ssl_generate_rsa512_key(&conf->ssl) != NGX_OK) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
309 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
310 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
311
380
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
312 if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) {
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
313 return NGX_CONF_ERROR;
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
314 }
bc21d9cd9c54 nginx 0.7.2
Igor Sysoev <http://sysoev.ru>
parents: 378
diff changeset
315
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
316 ngx_conf_merge_value(conf->builtin_session_cache,
378
820f6378fc00 nginx 0.7.1
Igor Sysoev <http://sysoev.ru>
parents: 358
diff changeset
317 prev->builtin_session_cache, NGX_SSL_NONE_SCACHE);
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
318
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
319 if (conf->shm_zone == NULL) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
320 conf->shm_zone = prev->shm_zone;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
321 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
322
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
323 if (ngx_ssl_session_cache(&conf->ssl, &ngx_mail_ssl_sess_id_ctx,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
324 conf->builtin_session_cache,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
325 conf->shm_zone, conf->session_timeout)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
326 != NGX_OK)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
327 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
328 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
329 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
330
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
331 return NGX_CONF_OK;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
332 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
333
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
334
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
335 static char *
426
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
336 ngx_mail_ssl_enable(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
337 {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
338 ngx_mail_ssl_conf_t *scf = conf;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
339
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
340 char *rv;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
341
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
342 rv = ngx_conf_set_flag_slot(cf, cmd, conf);
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
343
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
344 if (rv != NGX_CONF_OK) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
345 return rv;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
346 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
347
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
348 if (scf->enable && (ngx_int_t) scf->starttls > NGX_MAIL_STARTTLS_OFF) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
349 ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
350 "\"starttls\" directive conflicts with \"ssl on\"");
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
351 return NGX_CONF_ERROR;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
352 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
353
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
354 scf->file = cf->conf_file->file.name.data;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
355 scf->line = cf->conf_file->line;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
356
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
357 return NGX_CONF_OK;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
358 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
359
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
360
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
361 static char *
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
362 ngx_mail_ssl_starttls(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
363 {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
364 ngx_mail_ssl_conf_t *scf = conf;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
365
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
366 char *rv;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
367
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
368 rv = ngx_conf_set_enum_slot(cf, cmd, conf);
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
369
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
370 if (rv != NGX_CONF_OK) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
371 return rv;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
372 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
373
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
374 if (scf->enable == 1 && (ngx_int_t) scf->starttls > NGX_MAIL_STARTTLS_OFF) {
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
375 ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
376 "\"ssl\" directive conflicts with \"starttls\"");
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
377 return NGX_CONF_ERROR;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
378 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
379
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
380 scf->file = cf->conf_file->file.name.data;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
381 scf->line = cf->conf_file->line;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
382
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
383 return NGX_CONF_OK;
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
384 }
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
385
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
386
a094317ba307 nginx 0.7.14
Igor Sysoev <http://sysoev.ru>
parents: 390
diff changeset
387 static char *
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
388 ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
389 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
390 ngx_mail_ssl_conf_t *scf = conf;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
391
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
392 size_t len;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
393 ngx_str_t *value, name, size;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
394 ngx_int_t n;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
395 ngx_uint_t i, j;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
396
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
397 value = cf->args->elts;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
398
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
399 for (i = 1; i < cf->args->nelts; i++) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
400
358
9121a0a91f47 nginx 0.6.23
Igor Sysoev <http://sysoev.ru>
parents: 336
diff changeset
401 if (ngx_strcmp(value[i].data, "off") == 0) {
9121a0a91f47 nginx 0.6.23
Igor Sysoev <http://sysoev.ru>
parents: 336
diff changeset
402 scf->builtin_session_cache = NGX_SSL_NO_SCACHE;
9121a0a91f47 nginx 0.6.23
Igor Sysoev <http://sysoev.ru>
parents: 336
diff changeset
403 continue;
9121a0a91f47 nginx 0.6.23
Igor Sysoev <http://sysoev.ru>
parents: 336
diff changeset
404 }
9121a0a91f47 nginx 0.6.23
Igor Sysoev <http://sysoev.ru>
parents: 336
diff changeset
405
378
820f6378fc00 nginx 0.7.1
Igor Sysoev <http://sysoev.ru>
parents: 358
diff changeset
406 if (ngx_strcmp(value[i].data, "none") == 0) {
820f6378fc00 nginx 0.7.1
Igor Sysoev <http://sysoev.ru>
parents: 358
diff changeset
407 scf->builtin_session_cache = NGX_SSL_NONE_SCACHE;
820f6378fc00 nginx 0.7.1
Igor Sysoev <http://sysoev.ru>
parents: 358
diff changeset
408 continue;
820f6378fc00 nginx 0.7.1
Igor Sysoev <http://sysoev.ru>
parents: 358
diff changeset
409 }
820f6378fc00 nginx 0.7.1
Igor Sysoev <http://sysoev.ru>
parents: 358
diff changeset
410
290
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
411 if (ngx_strcmp(value[i].data, "builtin") == 0) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
412 scf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
413 continue;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
414 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
415
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
416 if (value[i].len > sizeof("builtin:") - 1
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
417 && ngx_strncmp(value[i].data, "builtin:", sizeof("builtin:") - 1)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
418 == 0)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
419 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
420 n = ngx_atoi(value[i].data + sizeof("builtin:") - 1,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
421 value[i].len - (sizeof("builtin:") - 1));
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
422
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
423 if (n == NGX_ERROR) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
424 goto invalid;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
425 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
426
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
427 scf->builtin_session_cache = n;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
428
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
429 continue;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
430 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
431
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
432 if (value[i].len > sizeof("shared:") - 1
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
433 && ngx_strncmp(value[i].data, "shared:", sizeof("shared:") - 1)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
434 == 0)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
435 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
436 len = 0;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
437
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
438 for (j = sizeof("shared:") - 1; j < value[i].len; j++) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
439 if (value[i].data[j] == ':') {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
440 break;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
441 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
442
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
443 len++;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
444 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
445
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
446 if (len == 0) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
447 goto invalid;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
448 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
449
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
450 name.len = len;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
451 name.data = value[i].data + sizeof("shared:") - 1;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
452
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
453 size.len = value[i].len - j - 1;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
454 size.data = name.data + len + 1;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
455
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
456 n = ngx_parse_size(&size);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
457
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
458 if (n == NGX_ERROR) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
459 goto invalid;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
460 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
461
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
462 if (n < (ngx_int_t) (8 * ngx_pagesize)) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
463 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
464 "session cache \"%V\" is too small",
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
465 &value[i]);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
466
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
467 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
468 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
469
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
470 scf->shm_zone = ngx_shared_memory_add(cf, &name, n,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
471 &ngx_mail_ssl_module);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
472 if (scf->shm_zone == NULL) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
473 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
474 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
475
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
476 continue;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
477 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
478
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
479 goto invalid;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
480 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
481
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
482 if (scf->shm_zone && scf->builtin_session_cache == NGX_CONF_UNSET) {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
483 scf->builtin_session_cache = NGX_SSL_NO_BUILTIN_SCACHE;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
484 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
485
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
486 return NGX_CONF_OK;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
487
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
488 invalid:
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
489
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
490 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
491 "invalid session cache \"%V\"", &value[i]);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
492
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
493 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
494 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
495
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
496
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
497 #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
498
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
499 static char *
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
500 ngx_mail_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
501 {
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
502 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
503 "\"%V\" directive is available only in %s,",
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
504 &cmd->name, cmd->post);
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
505
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
506 return NGX_CONF_ERROR;
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
507 }
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
508
f745bf973510 nginx 0.5.15
Igor Sysoev <http://sysoev.ru>
parents:
diff changeset
509 #endif