SSL: adjusted session id context with dynamic certificates. Dynamic certificates re-introduce problem with incorrect session reuse (AKA "virtual host confusion", CVE-2014-3616), since there are no server certificates to generate session id context from. To prevent this, session id context is now generated from ssl_certificate directives as specified in the configuration. This approach prevents incorrect session reuse in most cases, while still allowing sharing sessions across multiple machines with ssl_session_ticket_key set as long as configurations are identical.

# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


if [ $PCRE != NONE -a $PCRE != NO -a $PCRE != YES ]; then
    . auto/lib/pcre/make
fi

if [ $OPENSSL != NONE -a $OPENSSL != NO -a $OPENSSL != YES ]; then
    . auto/lib/openssl/make
fi

if [ $ZLIB != NONE -a $ZLIB != NO -a $ZLIB != YES ]; then
    . auto/lib/zlib/make
fi

if [ $NGX_LIBATOMIC != NO -a $NGX_LIBATOMIC != YES ]; then
    . auto/lib/libatomic/make
fi

if [ $USE_PERL != NO ]; then
    . auto/lib/perl/make
fi