Mercurial > hg > nginx-vendor-current
comparison src/http/modules/ngx_http_ssl_module.c @ 90:71c46860eb55 NGINX_0_1_45
nginx 0.1.45
*) Change: the "ssl_engine" directive was canceled in the
ngx_http_ssl_module and now is introduced at global level.
*) Bugfix: the responses with SSI subrequests did not transferred via
SSL connection.
*) Various bug fixes in the IMAP/POP3 proxy.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Thu, 08 Sep 2005 00:00:00 +0400 |
parents | 9db7e0b5b27f |
children | 45945fa8b8ba |
comparison
equal
deleted
inserted
replaced
89:7ed9767f1c4e | 90:71c46860eb55 |
---|---|
6 | 6 |
7 #include <ngx_config.h> | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | 8 #include <ngx_core.h> |
9 #include <ngx_http.h> | 9 #include <ngx_http.h> |
10 | 10 |
11 #include <openssl/engine.h> | |
12 | |
13 | 11 |
14 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" | 12 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" |
15 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" | 13 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" |
16 | 14 |
17 | 15 |
18 static void *ngx_http_ssl_create_main_conf(ngx_conf_t *cf); | |
19 static char *ngx_http_ssl_init_main_conf(ngx_conf_t *cf, void *conf); | |
20 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); | 16 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); |
21 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, | 17 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, |
22 void *parent, void *child); | 18 void *parent, void *child); |
23 | 19 |
24 | 20 |
25 static ngx_command_t ngx_http_ssl_commands[] = { | 21 static ngx_command_t ngx_http_ssl_commands[] = { |
26 | 22 |
27 { ngx_string("ssl_engine"), | |
28 NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, | |
29 ngx_conf_set_str_slot, | |
30 NGX_HTTP_MAIN_CONF_OFFSET, | |
31 offsetof(ngx_http_ssl_main_conf_t, engine), | |
32 NULL }, | |
33 | |
34 { ngx_string("ssl"), | 23 { ngx_string("ssl"), |
35 NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, | 24 NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, |
36 ngx_conf_set_flag_slot, | 25 ngx_conf_set_flag_slot, |
37 NGX_HTTP_SRV_CONF_OFFSET, | 26 NGX_HTTP_SRV_CONF_OFFSET, |
38 offsetof(ngx_http_ssl_srv_conf_t, enable), | 27 offsetof(ngx_http_ssl_srv_conf_t, enable), |
65 | 54 |
66 static ngx_http_module_t ngx_http_ssl_module_ctx = { | 55 static ngx_http_module_t ngx_http_ssl_module_ctx = { |
67 NULL, /* preconfiguration */ | 56 NULL, /* preconfiguration */ |
68 NULL, /* postconfiguration */ | 57 NULL, /* postconfiguration */ |
69 | 58 |
70 ngx_http_ssl_create_main_conf, /* create main configuration */ | 59 NULL, /* create main configuration */ |
71 ngx_http_ssl_init_main_conf, /* init main configuration */ | 60 NULL, /* init main configuration */ |
72 | 61 |
73 ngx_http_ssl_create_srv_conf, /* create server configuration */ | 62 ngx_http_ssl_create_srv_conf, /* create server configuration */ |
74 ngx_http_ssl_merge_srv_conf, /* merge server configuration */ | 63 ngx_http_ssl_merge_srv_conf, /* merge server configuration */ |
75 | 64 |
76 NULL, /* create location configuration */ | 65 NULL, /* create location configuration */ |
81 ngx_module_t ngx_http_ssl_module = { | 70 ngx_module_t ngx_http_ssl_module = { |
82 NGX_MODULE_V1, | 71 NGX_MODULE_V1, |
83 &ngx_http_ssl_module_ctx, /* module context */ | 72 &ngx_http_ssl_module_ctx, /* module context */ |
84 ngx_http_ssl_commands, /* module directives */ | 73 ngx_http_ssl_commands, /* module directives */ |
85 NGX_HTTP_MODULE, /* module type */ | 74 NGX_HTTP_MODULE, /* module type */ |
75 NULL, /* init master */ | |
86 NULL, /* init module */ | 76 NULL, /* init module */ |
87 NULL /* init process */ | 77 NULL, /* init process */ |
78 NULL, /* init thread */ | |
79 NULL, /* exit thread */ | |
80 NULL, /* exit process */ | |
81 NULL, /* exit master */ | |
82 NGX_MODULE_V1_PADDING | |
88 }; | 83 }; |
89 | |
90 | |
91 static void * | |
92 ngx_http_ssl_create_main_conf(ngx_conf_t *cf) | |
93 { | |
94 ngx_http_ssl_main_conf_t *mcf; | |
95 | |
96 mcf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_main_conf_t)); | |
97 if (mcf == NULL) { | |
98 return NGX_CONF_ERROR; | |
99 } | |
100 | |
101 /* | |
102 * set by ngx_pcalloc(): | |
103 * | |
104 * mcf->engine.len = 0; | |
105 * mcf->engine.data = NULL; | |
106 */ | |
107 | |
108 return mcf; | |
109 } | |
110 | |
111 | |
112 static char * | |
113 ngx_http_ssl_init_main_conf(ngx_conf_t *cf, void *conf) | |
114 { | |
115 ngx_http_ssl_main_conf_t *mcf = conf; | |
116 | |
117 ENGINE *engine; | |
118 | |
119 if (mcf->engine.len == 0) { | |
120 return NGX_CONF_OK; | |
121 } | |
122 | |
123 engine = ENGINE_by_id((const char *) mcf->engine.data); | |
124 | |
125 if (engine == NULL) { | |
126 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, | |
127 "ENGINE_by_id(\"%V\") failed", &mcf->engine); | |
128 return NGX_CONF_ERROR; | |
129 } | |
130 | |
131 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { | |
132 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, | |
133 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", | |
134 &mcf->engine); | |
135 return NGX_CONF_ERROR; | |
136 } | |
137 | |
138 ENGINE_free(engine); | |
139 | |
140 return NGX_CONF_OK; | |
141 } | |
142 | 84 |
143 | 85 |
144 static void * | 86 static void * |
145 ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) | 87 ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) |
146 { | 88 { |
238 "SSL_CTX_use_PrivateKey_file(\"%s\") failed", | 180 "SSL_CTX_use_PrivateKey_file(\"%s\") failed", |
239 conf->certificate_key.data); | 181 conf->certificate_key.data); |
240 return NGX_CONF_ERROR; | 182 return NGX_CONF_ERROR; |
241 } | 183 } |
242 | 184 |
185 SSL_CTX_set_verify(conf->ssl_ctx, SSL_VERIFY_NONE, NULL); | |
186 | |
243 return NGX_CONF_OK; | 187 return NGX_CONF_OK; |
244 } | 188 } |
245 | 189 |
246 | 190 |
247 #if 0 | 191 #if 0 |
192 | |
193 /* how to enumrate server' configs */ | |
248 | 194 |
249 static ngx_int_t | 195 static ngx_int_t |
250 ngx_http_ssl_init_process(ngx_cycle_t *cycle) | 196 ngx_http_ssl_init_process(ngx_cycle_t *cycle) |
251 { | 197 { |
252 ngx_uint_t i; | 198 ngx_uint_t i; |