Mercurial > hg > nginx
comparison src/http/modules/ngx_http_ssl_module.c @ 8586:7621ffaa79b3 quic
SSL: added the "ssl_keys_file" directive.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Tue, 15 Sep 2020 22:44:46 +0300 |
| parents | 0d2b2664b41c |
| children | 93be5658a250 |
comparison
equal
deleted
inserted
replaced
| 8585:02ee77f8d53d | 8586:7621ffaa79b3 |
|---|---|
| 115 { ngx_string("ssl_password_file"), | 115 { ngx_string("ssl_password_file"), |
| 116 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | 116 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, |
| 117 ngx_http_ssl_password_file, | 117 ngx_http_ssl_password_file, |
| 118 NGX_HTTP_SRV_CONF_OFFSET, | 118 NGX_HTTP_SRV_CONF_OFFSET, |
| 119 0, | 119 0, |
| 120 NULL }, | |
| 121 | |
| 122 { ngx_string("ssl_keys_file"), | |
| 123 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | |
| 124 ngx_conf_set_str_slot, | |
| 125 NGX_HTTP_SRV_CONF_OFFSET, | |
| 126 offsetof(ngx_http_ssl_srv_conf_t, keys_file), | |
| 120 NULL }, | 127 NULL }, |
| 121 | 128 |
| 122 { ngx_string("ssl_dhparam"), | 129 { ngx_string("ssl_dhparam"), |
| 123 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | 130 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, |
| 124 ngx_conf_set_str_slot, | 131 ngx_conf_set_str_slot, |
| 603 * sscf->ecdh_curve = { 0, NULL }; | 610 * sscf->ecdh_curve = { 0, NULL }; |
| 604 * sscf->client_certificate = { 0, NULL }; | 611 * sscf->client_certificate = { 0, NULL }; |
| 605 * sscf->trusted_certificate = { 0, NULL }; | 612 * sscf->trusted_certificate = { 0, NULL }; |
| 606 * sscf->crl = { 0, NULL }; | 613 * sscf->crl = { 0, NULL }; |
| 607 * sscf->ciphers = { 0, NULL }; | 614 * sscf->ciphers = { 0, NULL }; |
| 615 * sscf->keys_file = { 0, NULL }; | |
| 608 * sscf->shm_zone = NULL; | 616 * sscf->shm_zone = NULL; |
| 609 * sscf->ocsp_responder = { 0, NULL }; | 617 * sscf->ocsp_responder = { 0, NULL }; |
| 610 * sscf->stapling_file = { 0, NULL }; | 618 * sscf->stapling_file = { 0, NULL }; |
| 611 * sscf->stapling_responder = { 0, NULL }; | 619 * sscf->stapling_responder = { 0, NULL }; |
| 612 */ | 620 */ |
| 674 ngx_conf_merge_ptr_value(conf->certificate_keys, prev->certificate_keys, | 682 ngx_conf_merge_ptr_value(conf->certificate_keys, prev->certificate_keys, |
| 675 NULL); | 683 NULL); |
| 676 | 684 |
| 677 ngx_conf_merge_ptr_value(conf->passwords, prev->passwords, NULL); | 685 ngx_conf_merge_ptr_value(conf->passwords, prev->passwords, NULL); |
| 678 | 686 |
| 687 ngx_conf_merge_str_value(conf->keys_file, prev->keys_file, ""); | |
| 688 | |
| 679 ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, ""); | 689 ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, ""); |
| 680 | 690 |
| 681 ngx_conf_merge_str_value(conf->client_certificate, prev->client_certificate, | 691 ngx_conf_merge_str_value(conf->client_certificate, prev->client_certificate, |
| 682 ""); | 692 ""); |
| 683 ngx_conf_merge_str_value(conf->trusted_certificate, | 693 ngx_conf_merge_str_value(conf->trusted_certificate, |
| 908 | 918 |
| 909 if (ngx_ssl_session_ticket_keys(cf, &conf->ssl, conf->session_ticket_keys) | 919 if (ngx_ssl_session_ticket_keys(cf, &conf->ssl, conf->session_ticket_keys) |
| 910 != NGX_OK) | 920 != NGX_OK) |
| 911 { | 921 { |
| 912 return NGX_CONF_ERROR; | 922 return NGX_CONF_ERROR; |
| 923 } | |
| 924 | |
| 925 if (conf->keys_file.len) { | |
| 926 | |
| 927 conf->ssl.keylog = ngx_conf_open_file(cf->cycle, &conf->keys_file); | |
| 928 | |
| 929 if (conf->ssl.keylog == NULL) { | |
| 930 return NGX_CONF_ERROR; | |
| 931 } | |
| 932 | |
| 933 SSL_CTX_set_keylog_callback(conf->ssl.ctx, ngx_ssl_keylogger); | |
| 913 } | 934 } |
| 914 | 935 |
| 915 if (conf->stapling) { | 936 if (conf->stapling) { |
| 916 | 937 |
| 917 if (ngx_ssl_stapling(cf, &conf->ssl, &conf->stapling_file, | 938 if (ngx_ssl_stapling(cf, &conf->ssl, &conf->stapling_file, |