Mercurial > hg > nginx-vendor-0-6
comparison src/event/ngx_event_openssl.c @ 384:09b703ae3ba5 NGINX_0_6_36
nginx 0.6.36
*) Change: now the "Invalid argument" error returned by
setsockopt(TCP_NODELAY) on Solaris, is ignored.
*) Change: now POSTs without "Content-Length" header line are allowed.
*) Feature: the "try_files" directive.
*) Feature: the --with-pcre option in the configure.
*) Feature: the "if_modified_since" directive.
*) Feature: the "$cookie_..." variables.
*) Feature: the "$arg_..." variables.
*) Bugfix: compatibility with Tru64 UNIX.
Thanks to Dustin Marquess.
*) Bugfix: a "ssl_engine" directive did not use a SSL-accelerator for
asymmetric ciphers.
Thanks to Marcin Gozdalik.
*) Bugfix: in a redirect rewrite directive original arguments were
concatenated with new arguments by a "?" rather than an "&";
the bug had appeared in 0.1.18.
Thanks to Maxim Dounin.
*) Bugfix: nginx could not be built on AIX.
*) Bugfix: a double response might be returned if the epoll or rtsig
methods are used and a redirect was returned to a request with
body.
Thanks to Eden Li.
*) Bugfix: a segmentation fault might occur in worker process if
"resolver" directive was used in SMTP proxy.
*) Bugfix: fastcgi_store stored files not always.
*) Bugfix: nginx did not process a FastCGI server response, if the
server send too many messages to stderr before response.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Thu, 02 Apr 2009 00:00:00 +0400 |
| parents | fc497c1dfb7c |
| children |
comparison
equal
deleted
inserted
replaced
| 383:3d40b0260a84 | 384:09b703ae3ba5 |
|---|---|
| 8 #include <ngx_core.h> | 8 #include <ngx_core.h> |
| 9 #include <ngx_event.h> | 9 #include <ngx_event.h> |
| 10 | 10 |
| 11 | 11 |
| 12 typedef struct { | 12 typedef struct { |
| 13 ngx_str_t engine; | 13 ngx_uint_t engine; /* unsigned engine:1; */ |
| 14 } ngx_openssl_conf_t; | 14 } ngx_openssl_conf_t; |
| 15 | 15 |
| 16 | 16 |
| 17 static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store); | 17 static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store); |
| 18 static void ngx_ssl_handshake_handler(ngx_event_t *ev); | 18 static void ngx_ssl_handshake_handler(ngx_event_t *ev); |
| 35 ngx_slab_pool_t *shpool, ngx_uint_t n); | 35 ngx_slab_pool_t *shpool, ngx_uint_t n); |
| 36 static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp, | 36 static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp, |
| 37 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); | 37 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); |
| 38 | 38 |
| 39 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); | 39 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); |
| 40 static char *ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf); | 40 static char *ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
| 41 static void ngx_openssl_exit(ngx_cycle_t *cycle); | 41 static void ngx_openssl_exit(ngx_cycle_t *cycle); |
| 42 | |
| 43 #if !(NGX_SSL_ENGINE) | |
| 44 static char *ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, | |
| 45 void *conf); | |
| 46 #endif | |
| 47 | 42 |
| 48 | 43 |
| 49 static ngx_command_t ngx_openssl_commands[] = { | 44 static ngx_command_t ngx_openssl_commands[] = { |
| 50 | 45 |
| 51 { ngx_string("ssl_engine"), | 46 { ngx_string("ssl_engine"), |
| 52 NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1, | 47 NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1, |
| 53 #if (NGX_SSL_ENGINE) | 48 ngx_openssl_engine, |
| 54 ngx_conf_set_str_slot, | |
| 55 #else | |
| 56 ngx_openssl_noengine, | |
| 57 #endif | |
| 58 0, | 49 0, |
| 59 offsetof(ngx_openssl_conf_t, engine), | 50 0, |
| 60 NULL }, | 51 NULL }, |
| 61 | 52 |
| 62 ngx_null_command | 53 ngx_null_command |
| 63 }; | 54 }; |
| 64 | 55 |
| 65 | 56 |
| 66 static ngx_core_module_t ngx_openssl_module_ctx = { | 57 static ngx_core_module_t ngx_openssl_module_ctx = { |
| 67 ngx_string("openssl"), | 58 ngx_string("openssl"), |
| 68 ngx_openssl_create_conf, | 59 ngx_openssl_create_conf, |
| 69 ngx_openssl_init_conf | 60 NULL |
| 70 }; | 61 }; |
| 71 | 62 |
| 72 | 63 |
| 73 ngx_module_t ngx_openssl_module = { | 64 ngx_module_t ngx_openssl_module = { |
| 74 NGX_MODULE_V1, | 65 NGX_MODULE_V1, |
| 1919 } | 1910 } |
| 1920 | 1911 |
| 1921 /* | 1912 /* |
| 1922 * set by ngx_pcalloc(): | 1913 * set by ngx_pcalloc(): |
| 1923 * | 1914 * |
| 1924 * oscf->engine.len = 0; | 1915 * oscf->engine = 0; |
| 1925 * oscf->engine.data = NULL; | |
| 1926 */ | 1916 */ |
| 1927 | 1917 |
| 1928 return oscf; | 1918 return oscf; |
| 1929 } | 1919 } |
| 1930 | 1920 |
| 1931 | 1921 |
| 1932 static char * | 1922 static char * |
| 1933 ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf) | 1923 ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
| 1934 { | 1924 { |
| 1935 #if (NGX_SSL_ENGINE) | 1925 #if (NGX_SSL_ENGINE) |
| 1936 ngx_openssl_conf_t *oscf = conf; | 1926 ngx_openssl_conf_t *oscf = conf; |
| 1937 | 1927 |
| 1938 ENGINE *engine; | 1928 ENGINE *engine; |
| 1939 | 1929 ngx_str_t *value; |
| 1940 if (oscf->engine.len == 0) { | 1930 |
| 1941 return NGX_CONF_OK; | 1931 if (oscf->engine) { |
| 1942 } | 1932 return "is duplicate"; |
| 1943 | 1933 } |
| 1944 engine = ENGINE_by_id((const char *) oscf->engine.data); | 1934 |
| 1935 oscf->engine = 1; | |
| 1936 | |
| 1937 value = cf->args->elts; | |
| 1938 | |
| 1939 engine = ENGINE_by_id((const char *) value[1].data); | |
| 1945 | 1940 |
| 1946 if (engine == NULL) { | 1941 if (engine == NULL) { |
| 1947 ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, | 1942 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, |
| 1948 "ENGINE_by_id(\"%V\") failed", &oscf->engine); | 1943 "ENGINE_by_id(\"%V\") failed", &value[1]); |
| 1949 return NGX_CONF_ERROR; | 1944 return NGX_CONF_ERROR; |
| 1950 } | 1945 } |
| 1951 | 1946 |
| 1952 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { | 1947 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { |
| 1953 ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, | 1948 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, |
| 1954 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", | 1949 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", |
| 1955 &oscf->engine); | 1950 &value[1]); |
| 1951 | |
| 1952 ENGINE_free(engine); | |
| 1953 | |
| 1956 return NGX_CONF_ERROR; | 1954 return NGX_CONF_ERROR; |
| 1957 } | 1955 } |
| 1958 | 1956 |
| 1959 ENGINE_free(engine); | 1957 ENGINE_free(engine); |
| 1960 | 1958 |
| 1961 #endif | |
| 1962 | |
| 1963 return NGX_CONF_OK; | 1959 return NGX_CONF_OK; |
| 1964 } | 1960 |
| 1965 | 1961 #else |
| 1966 | 1962 |
| 1967 #if !(NGX_SSL_ENGINE) | |
| 1968 | |
| 1969 static char * | |
| 1970 ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
| 1971 { | |
| 1972 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | 1963 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
| 1973 "\"ssl_engine\" directive is available only in " | 1964 "\"ssl_engine\" directive is available only in " |
| 1974 "OpenSSL 0.9.7 and higher,"); | 1965 "OpenSSL 0.9.7 and higher,"); |
| 1975 | 1966 |
| 1976 return NGX_CONF_ERROR; | 1967 return NGX_CONF_ERROR; |
| 1977 } | |
| 1978 | 1968 |
| 1979 #endif | 1969 #endif |
| 1970 } | |
| 1980 | 1971 |
| 1981 | 1972 |
| 1982 static void | 1973 static void |
| 1983 ngx_openssl_exit(ngx_cycle_t *cycle) | 1974 ngx_openssl_exit(ngx_cycle_t *cycle) |
| 1984 { | 1975 { |