Mercurial > hg > nginx-vendor-current

comparison src/event/ngx_event_openssl.c @ 446:15a022ee809b NGINX_0_7_35

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.7.35 *) Bugfix: a "ssl_engine" directive did not use a SSL-accelerator for asymmetric ciphers. Thanks to Marcin Gozdalik. *) Bugfix: a "try_files" directive set MIME type depending on an original request extension. *) Bugfix: "*domain.tld" names were handled incorrectly in "server_name", "valid_referers", and "map" directives, if an ".domain.tld" and ".subdomain.domain.tld" wildcards were used; the bug had appeared in 0.7.9.
author Igor Sysoev <http://sysoev.ru>
date Mon, 16 Feb 2009 00:00:00 +0300
parents dac47e9ef0d5
children a8424ffa495c
comparison
equal deleted inserted replaced
445:e8605e87c1cb 446:15a022ee809b
8 #include <ngx_core.h> 8 #include <ngx_core.h>
9 #include <ngx_event.h> 9 #include <ngx_event.h>
10 10
11 11
12 typedef struct { 12 typedef struct {
13 ngx_str_t engine; 13 ngx_uint_t engine; /* unsigned engine:1; */
14 } ngx_openssl_conf_t; 14 } ngx_openssl_conf_t;
15 15
16 16
17 static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store); 17 static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
18 static void ngx_ssl_handshake_handler(ngx_event_t *ev); 18 static void ngx_ssl_handshake_handler(ngx_event_t *ev);
35 ngx_slab_pool_t *shpool, ngx_uint_t n); 35 ngx_slab_pool_t *shpool, ngx_uint_t n);
36 static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp, 36 static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp,
37 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); 37 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel);
38 38
39 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); 39 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle);
40 static char *ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf); 40 static char *ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
41 static void ngx_openssl_exit(ngx_cycle_t *cycle); 41 static void ngx_openssl_exit(ngx_cycle_t *cycle);
42
43 #if !(NGX_SSL_ENGINE)
44 static char *ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd,
45 void *conf);
46 #endif
47 42
48 43
49 static ngx_command_t ngx_openssl_commands[] = { 44 static ngx_command_t ngx_openssl_commands[] = {
50 45
51 { ngx_string("ssl_engine"), 46 { ngx_string("ssl_engine"),
52 NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1, 47 NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1,
53 #if (NGX_SSL_ENGINE) 48 ngx_openssl_engine,
54 ngx_conf_set_str_slot,
55 #else
56 ngx_openssl_noengine,
57 #endif
58 0, 49 0,
59 offsetof(ngx_openssl_conf_t, engine), 50 0,
60 NULL }, 51 NULL },
61 52
62 ngx_null_command 53 ngx_null_command
63 }; 54 };
64 55
65 56
66 static ngx_core_module_t ngx_openssl_module_ctx = { 57 static ngx_core_module_t ngx_openssl_module_ctx = {
67 ngx_string("openssl"), 58 ngx_string("openssl"),
68 ngx_openssl_create_conf, 59 ngx_openssl_create_conf,
69 ngx_openssl_init_conf 60 NULL
70 }; 61 };
71 62
72 63
73 ngx_module_t ngx_openssl_module = { 64 ngx_module_t ngx_openssl_module = {
74 NGX_MODULE_V1, 65 NGX_MODULE_V1,
2111 } 2102 }
2112 2103
2113 /* 2104 /*
2114 * set by ngx_pcalloc(): 2105 * set by ngx_pcalloc():
2115 * 2106 *
2116 * oscf->engine.len = 0; 2107 * oscf->engine = 0;
2117 * oscf->engine.data = NULL;
2118 */ 2108 */
2119 2109
2120 return oscf; 2110 return oscf;
2121 } 2111 }
2122 2112
2123 2113
2124 static char * 2114 static char *
2125 ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf) 2115 ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
2126 { 2116 {
2127 #if (NGX_SSL_ENGINE) 2117 #if (NGX_SSL_ENGINE)
2128 ngx_openssl_conf_t *oscf = conf; 2118 ngx_openssl_conf_t *oscf = conf;
2129 2119
2130 ENGINE *engine; 2120 ENGINE *engine;
2131 2121 ngx_str_t *value;
2132 if (oscf->engine.len == 0) { 2122
2133 return NGX_CONF_OK; 2123 if (oscf->engine) {
2134 } 2124 return "is duplicate";
2135 2125 }
2136 engine = ENGINE_by_id((const char *) oscf->engine.data); 2126
2127 oscf->engine = 1;
2128
2129 value = cf->args->elts;
2130
2131 engine = ENGINE_by_id((const char *) value[1].data);
2137 2132
2138 if (engine == NULL) { 2133 if (engine == NULL) {
2139 ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, 2134 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0,
2140 "ENGINE_by_id(\"%V\") failed", &oscf->engine); 2135 "ENGINE_by_id(\"%V\") failed", &value[1]);
2141 return NGX_CONF_ERROR; 2136 return NGX_CONF_ERROR;
2142 } 2137 }
2143 2138
2144 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { 2139 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) {
2145 ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, 2140 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0,
2146 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", 2141 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed",
2147 &oscf->engine); 2142 &value[1]);
2143
2144 ENGINE_free(engine);
2145
2148 return NGX_CONF_ERROR; 2146 return NGX_CONF_ERROR;
2149 } 2147 }
2150 2148
2151 ENGINE_free(engine); 2149 ENGINE_free(engine);
2152 2150
2153 #endif
2154
2155 return NGX_CONF_OK; 2151 return NGX_CONF_OK;
2156 } 2152
2157 2153 #else
2158 2154
2159 #if !(NGX_SSL_ENGINE)
2160
2161 static char *
2162 ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
2163 {
2164 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, 2155 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
2165 "\"ssl_engine\" directive is available only in " 2156 "\"ssl_engine\" directive is available only in "
2166 "OpenSSL 0.9.7 and higher,"); 2157 "OpenSSL 0.9.7 and higher,");
2167 2158
2168 return NGX_CONF_ERROR; 2159 return NGX_CONF_ERROR;
2169 }
2170 2160
2171 #endif 2161 #endif
2162 }
2172 2163
2173 2164
2174 static void 2165 static void
2175 ngx_openssl_exit(ngx_cycle_t *cycle) 2166 ngx_openssl_exit(ngx_cycle_t *cycle)
2176 { 2167 {