Mercurial > hg > nginx-vendor-0-7
comparison src/event/ngx_event_openssl.c @ 90:71c46860eb55 NGINX_0_1_45
nginx 0.1.45
*) Change: the "ssl_engine" directive was canceled in the
ngx_http_ssl_module and now is introduced at global level.
*) Bugfix: the responses with SSI subrequests did not transferred via
SSL connection.
*) Various bug fixes in the IMAP/POP3 proxy.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Thu, 08 Sep 2005 00:00:00 +0400 |
parents | e916a291e9aa |
children | 45945fa8b8ba |
comparison
equal
deleted
inserted
replaced
89:7ed9767f1c4e | 90:71c46860eb55 |
---|---|
6 | 6 |
7 #include <ngx_config.h> | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | 8 #include <ngx_core.h> |
9 #include <ngx_event.h> | 9 #include <ngx_event.h> |
10 | 10 |
11 #include <openssl/engine.h> | 11 |
12 typedef struct { | |
13 ngx_str_t engine; | |
14 } ngx_openssl_conf_t; | |
12 | 15 |
13 | 16 |
14 static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n); | 17 static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n); |
15 static void ngx_ssl_write_handler(ngx_event_t *wev); | 18 static void ngx_ssl_write_handler(ngx_event_t *wev); |
16 static void ngx_ssl_read_handler(ngx_event_t *rev); | 19 static void ngx_ssl_read_handler(ngx_event_t *rev); |
20 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); | |
21 static char *ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf); | |
22 | |
23 #if !(NGX_SSL_ENGINE) | |
24 static char *ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, | |
25 void *conf); | |
26 #endif | |
27 | |
28 | |
29 static ngx_command_t ngx_openssl_commands[] = { | |
30 | |
31 { ngx_string("ssl_engine"), | |
32 NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1, | |
33 #if (NGX_SSL_ENGINE) | |
34 ngx_conf_set_str_slot, | |
35 #else | |
36 ngx_openssl_noengine, | |
37 #endif | |
38 0, | |
39 offsetof(ngx_openssl_conf_t, engine), | |
40 NULL }, | |
41 | |
42 ngx_null_command | |
43 }; | |
44 | |
45 | |
46 static ngx_core_module_t ngx_openssl_module_ctx = { | |
47 ngx_string("openssl"), | |
48 ngx_openssl_create_conf, | |
49 ngx_openssl_init_conf | |
50 }; | |
51 | |
52 | |
53 ngx_module_t ngx_openssl_module = { | |
54 NGX_MODULE_V1, | |
55 &ngx_openssl_module_ctx, /* module context */ | |
56 ngx_openssl_commands, /* module directives */ | |
57 NGX_CORE_MODULE, /* module type */ | |
58 NULL, /* init master */ | |
59 NULL, /* init module */ | |
60 NULL, /* init process */ | |
61 NULL, /* init thread */ | |
62 NULL, /* exit thread */ | |
63 NULL, /* exit process */ | |
64 NULL, /* exit master */ | |
65 NGX_MODULE_V1_PADDING | |
66 }; | |
17 | 67 |
18 | 68 |
19 ngx_int_t | 69 ngx_int_t |
20 ngx_ssl_init(ngx_log_t *log) | 70 ngx_ssl_init(ngx_log_t *log) |
21 { | 71 { |
22 SSL_library_init(); | 72 SSL_library_init(); |
23 SSL_load_error_strings(); | 73 SSL_load_error_strings(); |
74 | |
75 #if (NGX_SSL_ENGINE) | |
24 ENGINE_load_builtin_engines(); | 76 ENGINE_load_builtin_engines(); |
77 #endif | |
25 | 78 |
26 return NGX_OK; | 79 return NGX_OK; |
27 } | 80 } |
28 | 81 |
29 | 82 |
636 { | 689 { |
637 SSL_CTX *ctx = data; | 690 SSL_CTX *ctx = data; |
638 | 691 |
639 SSL_CTX_free(ctx); | 692 SSL_CTX_free(ctx); |
640 } | 693 } |
694 | |
695 | |
696 static void * | |
697 ngx_openssl_create_conf(ngx_cycle_t *cycle) | |
698 { | |
699 ngx_openssl_conf_t *oscf; | |
700 | |
701 oscf = ngx_pcalloc(cycle->pool, sizeof(ngx_openssl_conf_t)); | |
702 if (oscf == NULL) { | |
703 return NGX_CONF_ERROR; | |
704 } | |
705 | |
706 /* | |
707 * set by ngx_pcalloc(): | |
708 * | |
709 * oscf->engine.len = 0; | |
710 * oscf->engine.data = NULL; | |
711 */ | |
712 | |
713 return oscf; | |
714 } | |
715 | |
716 | |
717 static char * | |
718 ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf) | |
719 { | |
720 #if (NGX_SSL_ENGINE) | |
721 ngx_openssl_conf_t *oscf = conf; | |
722 | |
723 ENGINE *engine; | |
724 | |
725 if (oscf->engine.len == 0) { | |
726 return NGX_CONF_OK; | |
727 } | |
728 | |
729 engine = ENGINE_by_id((const char *) oscf->engine.data); | |
730 | |
731 if (engine == NULL) { | |
732 ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, | |
733 "ENGINE_by_id(\"%V\") failed", &oscf->engine); | |
734 return NGX_CONF_ERROR; | |
735 } | |
736 | |
737 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { | |
738 ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, | |
739 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", | |
740 &oscf->engine); | |
741 return NGX_CONF_ERROR; | |
742 } | |
743 | |
744 ENGINE_free(engine); | |
745 | |
746 #endif | |
747 | |
748 return NGX_CONF_OK; | |
749 } | |
750 | |
751 | |
752 #if !(NGX_SSL_ENGINE) | |
753 | |
754 static char * | |
755 ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
756 { | |
757 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
758 "\"ssl_engine\" is not supported: " NGX_SSL_NAME | |
759 " library does not support crypto accelerators"); | |
760 | |
761 return NGX_CONF_ERROR; | |
762 } | |
763 | |
764 #endif |