Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.h @ 9035:3be953161026 quic
Merged with the default branch.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 20 Oct 2022 16:41:36 +0400 |
| parents | 5c86189a1c1b 496241338da5 |
| children | 0f4f781e57c1 |
comparison
equal
deleted
inserted
replaced
| 9034:79cd6993a3e3 | 9035:3be953161026 |
|---|---|
| 120 unsigned sendfile:1; | 120 unsigned sendfile:1; |
| 121 unsigned no_wait_shutdown:1; | 121 unsigned no_wait_shutdown:1; |
| 122 unsigned no_send_shutdown:1; | 122 unsigned no_send_shutdown:1; |
| 123 unsigned shutdown_without_free:1; | 123 unsigned shutdown_without_free:1; |
| 124 unsigned handshake_buffer_set:1; | 124 unsigned handshake_buffer_set:1; |
| 125 unsigned session_timeout_set:1; | |
| 125 unsigned try_early_data:1; | 126 unsigned try_early_data:1; |
| 126 unsigned in_early:1; | 127 unsigned in_early:1; |
| 127 unsigned in_ocsp:1; | 128 unsigned in_ocsp:1; |
| 128 unsigned early_preread:1; | 129 unsigned early_preread:1; |
| 129 unsigned write_blocked:1; | 130 unsigned write_blocked:1; |
| 140 | 141 |
| 141 typedef struct ngx_ssl_sess_id_s ngx_ssl_sess_id_t; | 142 typedef struct ngx_ssl_sess_id_s ngx_ssl_sess_id_t; |
| 142 | 143 |
| 143 struct ngx_ssl_sess_id_s { | 144 struct ngx_ssl_sess_id_s { |
| 144 ngx_rbtree_node_t node; | 145 ngx_rbtree_node_t node; |
| 145 u_char *id; | |
| 146 size_t len; | 146 size_t len; |
| 147 u_char *session; | |
| 148 ngx_queue_t queue; | 147 ngx_queue_t queue; |
| 149 time_t expire; | 148 time_t expire; |
| 149 u_char id[32]; | |
| 150 #if (NGX_PTR_SIZE == 8) | 150 #if (NGX_PTR_SIZE == 8) |
| 151 void *stub; | 151 u_char *session; |
| 152 u_char sess_id[32]; | 152 #else |
| 153 u_char session[1]; | |
| 153 #endif | 154 #endif |
| 154 }; | 155 }; |
| 156 | |
| 157 | |
| 158 typedef struct { | |
| 159 u_char name[16]; | |
| 160 u_char hmac_key[32]; | |
| 161 u_char aes_key[32]; | |
| 162 time_t expire; | |
| 163 unsigned size:8; | |
| 164 unsigned shared:1; | |
| 165 } ngx_ssl_ticket_key_t; | |
| 155 | 166 |
| 156 | 167 |
| 157 typedef struct { | 168 typedef struct { |
| 158 ngx_rbtree_t session_rbtree; | 169 ngx_rbtree_t session_rbtree; |
| 159 ngx_rbtree_node_t sentinel; | 170 ngx_rbtree_node_t sentinel; |
| 160 ngx_queue_t expire_queue; | 171 ngx_queue_t expire_queue; |
| 172 ngx_ssl_ticket_key_t ticket_keys[3]; | |
| 173 time_t fail_time; | |
| 161 } ngx_ssl_session_cache_t; | 174 } ngx_ssl_session_cache_t; |
| 162 | |
| 163 | |
| 164 #ifdef SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB | |
| 165 | |
| 166 typedef struct { | |
| 167 size_t size; | |
| 168 u_char name[16]; | |
| 169 u_char hmac_key[32]; | |
| 170 u_char aes_key[32]; | |
| 171 } ngx_ssl_session_ticket_key_t; | |
| 172 | |
| 173 #endif | |
| 174 | 175 |
| 175 | 176 |
| 176 #define NGX_SSL_SSLv2 0x0002 | 177 #define NGX_SSL_SSLv2 0x0002 |
| 177 #define NGX_SSL_SSLv3 0x0004 | 178 #define NGX_SSL_SSLv3 0x0004 |
| 178 #define NGX_SSL_TLSv1 0x0008 | 179 #define NGX_SSL_TLSv1 0x0008 |
| 210 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); | 211 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); |
| 211 ngx_int_t ngx_ssl_ocsp(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *responder, | 212 ngx_int_t ngx_ssl_ocsp(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *responder, |
| 212 ngx_uint_t depth, ngx_shm_zone_t *shm_zone); | 213 ngx_uint_t depth, ngx_shm_zone_t *shm_zone); |
| 213 ngx_int_t ngx_ssl_ocsp_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, | 214 ngx_int_t ngx_ssl_ocsp_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 214 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); | 215 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); |
| 216 | |
| 215 ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c); | 217 ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c); |
| 216 ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s); | 218 ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s); |
| 217 void ngx_ssl_ocsp_cleanup(ngx_connection_t *c); | 219 void ngx_ssl_ocsp_cleanup(ngx_connection_t *c); |
| 218 ngx_int_t ngx_ssl_ocsp_cache_init(ngx_shm_zone_t *shm_zone, void *data); | 220 ngx_int_t ngx_ssl_ocsp_cache_init(ngx_shm_zone_t *shm_zone, void *data); |
| 221 | |
| 219 ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file); | 222 ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file); |
| 220 ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf, | 223 ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf, |
| 221 ngx_array_t *passwords); | 224 ngx_array_t *passwords); |
| 222 ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file); | 225 ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file); |
| 223 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name); | 226 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name); |
| 320 | 323 |
| 321 | 324 |
| 322 extern int ngx_ssl_connection_index; | 325 extern int ngx_ssl_connection_index; |
| 323 extern int ngx_ssl_server_conf_index; | 326 extern int ngx_ssl_server_conf_index; |
| 324 extern int ngx_ssl_session_cache_index; | 327 extern int ngx_ssl_session_cache_index; |
| 325 extern int ngx_ssl_session_ticket_keys_index; | 328 extern int ngx_ssl_ticket_keys_index; |
| 326 extern int ngx_ssl_ocsp_index; | 329 extern int ngx_ssl_ocsp_index; |
| 327 extern int ngx_ssl_certificate_index; | 330 extern int ngx_ssl_certificate_index; |
| 328 extern int ngx_ssl_next_certificate_index; | 331 extern int ngx_ssl_next_certificate_index; |
| 329 extern int ngx_ssl_certificate_name_index; | 332 extern int ngx_ssl_certificate_name_index; |
| 330 extern int ngx_ssl_stapling_index; | 333 extern int ngx_ssl_stapling_index; |