Mercurial > hg > nginx-quic
comparison src/http/modules/ngx_http_ssl_module.c @ 5487:a297b7ad6f94
SSL: ssl_buffer_size directive.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 20 Dec 2013 16:18:25 +0400 |
parents | 1356a3b96924 |
children | d049b0ea00a3 |
comparison
equal
deleted
inserted
replaced
5486:741aa3fde496 | 5487:a297b7ad6f94 |
---|---|
107 { ngx_string("ssl_ciphers"), | 107 { ngx_string("ssl_ciphers"), |
108 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | 108 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, |
109 ngx_conf_set_str_slot, | 109 ngx_conf_set_str_slot, |
110 NGX_HTTP_SRV_CONF_OFFSET, | 110 NGX_HTTP_SRV_CONF_OFFSET, |
111 offsetof(ngx_http_ssl_srv_conf_t, ciphers), | 111 offsetof(ngx_http_ssl_srv_conf_t, ciphers), |
112 NULL }, | |
113 | |
114 { ngx_string("ssl_buffer_size"), | |
115 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | |
116 ngx_conf_set_size_slot, | |
117 NGX_HTTP_SRV_CONF_OFFSET, | |
118 offsetof(ngx_http_ssl_srv_conf_t, buffer_size), | |
112 NULL }, | 119 NULL }, |
113 | 120 |
114 { ngx_string("ssl_verify_client"), | 121 { ngx_string("ssl_verify_client"), |
115 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | 122 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, |
116 ngx_conf_set_enum_slot, | 123 ngx_conf_set_enum_slot, |
422 * sscf->stapling_responder = { 0, NULL }; | 429 * sscf->stapling_responder = { 0, NULL }; |
423 */ | 430 */ |
424 | 431 |
425 sscf->enable = NGX_CONF_UNSET; | 432 sscf->enable = NGX_CONF_UNSET; |
426 sscf->prefer_server_ciphers = NGX_CONF_UNSET; | 433 sscf->prefer_server_ciphers = NGX_CONF_UNSET; |
434 sscf->buffer_size = NGX_CONF_UNSET_SIZE; | |
427 sscf->verify = NGX_CONF_UNSET_UINT; | 435 sscf->verify = NGX_CONF_UNSET_UINT; |
428 sscf->verify_depth = NGX_CONF_UNSET_UINT; | 436 sscf->verify_depth = NGX_CONF_UNSET_UINT; |
429 sscf->builtin_session_cache = NGX_CONF_UNSET; | 437 sscf->builtin_session_cache = NGX_CONF_UNSET; |
430 sscf->session_timeout = NGX_CONF_UNSET; | 438 sscf->session_timeout = NGX_CONF_UNSET; |
431 sscf->session_ticket_keys = NGX_CONF_UNSET_PTR; | 439 sscf->session_ticket_keys = NGX_CONF_UNSET_PTR; |
462 prev->prefer_server_ciphers, 0); | 470 prev->prefer_server_ciphers, 0); |
463 | 471 |
464 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols, | 472 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols, |
465 (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1 | 473 (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1 |
466 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); | 474 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); |
475 | |
476 ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size, | |
477 NGX_SSL_BUFSIZE); | |
467 | 478 |
468 ngx_conf_merge_uint_value(conf->verify, prev->verify, 0); | 479 ngx_conf_merge_uint_value(conf->verify, prev->verify, 0); |
469 ngx_conf_merge_uint_value(conf->verify_depth, prev->verify_depth, 1); | 480 ngx_conf_merge_uint_value(conf->verify_depth, prev->verify_depth, 1); |
470 | 481 |
471 ngx_conf_merge_str_value(conf->certificate, prev->certificate, ""); | 482 ngx_conf_merge_str_value(conf->certificate, prev->certificate, ""); |
570 "SSL_CTX_set_cipher_list(\"%V\") failed", | 581 "SSL_CTX_set_cipher_list(\"%V\") failed", |
571 &conf->ciphers); | 582 &conf->ciphers); |
572 return NGX_CONF_ERROR; | 583 return NGX_CONF_ERROR; |
573 } | 584 } |
574 | 585 |
586 conf->ssl.buffer_size = conf->buffer_size; | |
587 | |
575 if (conf->verify) { | 588 if (conf->verify) { |
576 | 589 |
577 if (conf->client_certificate.len == 0 && conf->verify != 3) { | 590 if (conf->client_certificate.len == 0 && conf->verify != 3) { |
578 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | 591 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
579 "no ssl_client_certificate for ssl_client_verify"); | 592 "no ssl_client_certificate for ssl_client_verify"); |