Mercurial > hg > nginx-vendor-current
diff src/event/ngx_event_openssl.h @ 272:29a6403156b0 NGINX_0_5_6
nginx 0.5.6
*) Change: now the ngx_http_index_module ignores all methods except the
GET, HEAD, and POST methods.
*) Feature: the ngx_http_limit_zone_module.
*) Feature: the $binary_remote_addr variable.
*) Feature: the "ssl_session_cache" directives of the
ngx_http_ssl_module and ngx_imap_ssl_module.
*) Feature: the DELETE method supports recursive removal.
*) Bugfix: the byte-ranges were transferred incorrectly if the
$r->sendfile() was used.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Tue, 09 Jan 2007 00:00:00 +0300 |
| parents | 559bc7ec214e |
| children | 052a7b1d40e5 |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h @@ -15,6 +15,7 @@ #include <openssl/err.h> #if OPENSSL_VERSION_NUMBER >= 0x00907000 +#include <openssl/conf.h> #include <openssl/engine.h> #define NGX_SSL_ENGINE 1 #endif @@ -50,6 +51,41 @@ typedef struct { } ngx_ssl_connection_t; +#define NGX_SSL_DFLT_BUILTIN_SCACHE -2 +#define NGX_SSL_NO_BUILTIN_SCACHE -3 + + +typedef struct ngx_ssl_cached_sess_s ngx_ssl_cached_sess_t; + + +#define NGX_SSL_MAX_SESSION_SIZE (4096 - offsetof(ngx_ssl_cached_sess_t, asn1)) + + +typedef struct { + ngx_rbtree_node_t node; + u_char *id; + size_t len; + ngx_ssl_cached_sess_t *session; +} ngx_ssl_sess_id_t; + + +struct ngx_ssl_cached_sess_s { + ngx_ssl_cached_sess_t *prev; + ngx_ssl_cached_sess_t *next; + time_t expire; + ngx_ssl_sess_id_t *sess_id; + u_char asn1[1]; +}; + + +typedef struct { + ngx_rbtree_t *session_rbtree; + ngx_ssl_cached_sess_t session_cache_head; + ngx_ssl_cached_sess_t session_cache_tail; +} ngx_ssl_session_cache_t; + + + #define NGX_SSL_SSLv2 2 #define NGX_SSL_SSLv3 4 #define NGX_SSL_TLSv1 8 @@ -62,19 +98,24 @@ typedef struct { ngx_int_t ngx_ssl_init(ngx_log_t *log); -ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols); +ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data); ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert, ngx_str_t *key); ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert, ngx_int_t depth); ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl); +ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx, + ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout); ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_uint_t flags); ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session); #define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection) #define ngx_ssl_free_session SSL_SESSION_free -#define ngx_ssl_get_connection(sc) SSL_get_ex_data(sc, ngx_connection_index) +#define ngx_ssl_get_connection(ssl_conn) \ + SSL_get_ex_data(ssl_conn, ngx_ssl_connection_index) +#define ngx_ssl_get_server_conf(ssl_ctx) \ + SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_server_conf_index) ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool, @@ -89,8 +130,6 @@ ngx_int_t ngx_ssl_get_serial_number(ngx_ ngx_str_t *s); - - ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size); @@ -103,7 +142,9 @@ void ngx_cdecl ngx_ssl_error(ngx_uint_t void ngx_ssl_cleanup_ctx(void *data); -extern int ngx_connection_index; +extern int ngx_ssl_connection_index; +extern int ngx_ssl_server_conf_index; +extern int ngx_ssl_session_cache_index; #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */