Mercurial > hg > nginx-quic
annotate src/stream/ngx_stream_ssl_module.h @ 6850:41cb1b64561d
Stream: client SSL certificates verification support.
New directives: "ssl_verify_client", "ssl_verify_depth",
"ssl_client_certificate", "ssl_trusted_certificate", and
"ssl_crl".
New variables: $ssl_client_cert, $ssl_client_raw_cert,
$ssl_client_s_dn, $ssl_client_i_dn, $ssl_client_serial,
$ssl_client_fingerprint, $ssl_client_verify, $ssl_client_v_start,
$ssl_client_v_end, and $ssl_client_v_remain.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Tue, 20 Dec 2016 12:05:14 +0300 |
parents | 51e1f047d15d |
children | 7f955d3b9a0d |
rev | line source |
---|---|
6115 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #ifndef _NGX_STREAM_SSL_H_INCLUDED_ | |
9 #define _NGX_STREAM_SSL_H_INCLUDED_ | |
10 | |
11 | |
12 #include <ngx_config.h> | |
13 #include <ngx_core.h> | |
14 #include <ngx_stream.h> | |
15 | |
16 | |
17 typedef struct { | |
18 ngx_msec_t handshake_timeout; | |
19 | |
20 ngx_flag_t prefer_server_ciphers; | |
21 | |
22 ngx_ssl_t ssl; | |
23 | |
24 ngx_uint_t protocols; | |
25 | |
6850
41cb1b64561d
Stream: client SSL certificates verification support.
Vladimir Homutov <vl@nginx.com>
parents:
6550
diff
changeset
|
26 ngx_uint_t verify; |
41cb1b64561d
Stream: client SSL certificates verification support.
Vladimir Homutov <vl@nginx.com>
parents:
6550
diff
changeset
|
27 ngx_uint_t verify_depth; |
41cb1b64561d
Stream: client SSL certificates verification support.
Vladimir Homutov <vl@nginx.com>
parents:
6550
diff
changeset
|
28 |
6115 | 29 ssize_t builtin_session_cache; |
30 | |
31 time_t session_timeout; | |
32 | |
6550
51e1f047d15d
SSL: support for multiple certificates (ticket #814).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
33 ngx_array_t *certificates; |
51e1f047d15d
SSL: support for multiple certificates (ticket #814).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
34 ngx_array_t *certificate_keys; |
51e1f047d15d
SSL: support for multiple certificates (ticket #814).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
35 |
6115 | 36 ngx_str_t dhparam; |
37 ngx_str_t ecdh_curve; | |
6850
41cb1b64561d
Stream: client SSL certificates verification support.
Vladimir Homutov <vl@nginx.com>
parents:
6550
diff
changeset
|
38 ngx_str_t client_certificate; |
41cb1b64561d
Stream: client SSL certificates verification support.
Vladimir Homutov <vl@nginx.com>
parents:
6550
diff
changeset
|
39 ngx_str_t trusted_certificate; |
41cb1b64561d
Stream: client SSL certificates verification support.
Vladimir Homutov <vl@nginx.com>
parents:
6550
diff
changeset
|
40 ngx_str_t crl; |
6115 | 41 |
42 ngx_str_t ciphers; | |
43 | |
44 ngx_array_t *passwords; | |
45 | |
46 ngx_shm_zone_t *shm_zone; | |
47 | |
48 ngx_flag_t session_tickets; | |
49 ngx_array_t *session_ticket_keys; | |
50 } ngx_stream_ssl_conf_t; | |
51 | |
52 | |
53 extern ngx_module_t ngx_stream_ssl_module; | |
54 | |
55 | |
56 #endif /* _NGX_STREAM_SSL_H_INCLUDED_ */ |