Mercurial > hg > nginx-quic
view src/core/ngx_cycle.h @ 4872:7c3cca603438
OCSP stapling: ssl_trusted_certificate directive.
The directive allows to specify additional trusted Certificate Authority
certificates to be used during certificate verification. In contrast to
ssl_client_certificate DNs of these cerificates aren't sent to a client
during handshake.
Trusted certificates are loaded regardless of the fact whether client
certificates verification is enabled as the same certificates will be
used for OCSP stapling, during construction of an OCSP request and for
verification of an OCSP response.
The same applies to a CRL (which is now always loaded).
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 01 Oct 2012 12:39:36 +0000 |
| parents | 8a9b7b4e9f2d |
| children | 5482671df278 |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_CYCLE_H_INCLUDED_ #define _NGX_CYCLE_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #ifndef NGX_CYCLE_POOL_SIZE #define NGX_CYCLE_POOL_SIZE 16384 #endif #define NGX_DEBUG_POINTS_STOP 1 #define NGX_DEBUG_POINTS_ABORT 2 typedef struct ngx_shm_zone_s ngx_shm_zone_t; typedef ngx_int_t (*ngx_shm_zone_init_pt) (ngx_shm_zone_t *zone, void *data); struct ngx_shm_zone_s { void *data; ngx_shm_t shm; ngx_shm_zone_init_pt init; void *tag; }; struct ngx_cycle_s { void ****conf_ctx; ngx_pool_t *pool; ngx_log_t *log; ngx_log_t new_log; ngx_connection_t **files; ngx_connection_t *free_connections; ngx_uint_t free_connection_n; ngx_queue_t reusable_connections_queue; ngx_array_t listening; ngx_array_t paths; ngx_list_t open_files; ngx_list_t shared_memory; ngx_uint_t connection_n; ngx_uint_t files_n; ngx_connection_t *connections; ngx_event_t *read_events; ngx_event_t *write_events; ngx_cycle_t *old_cycle; ngx_str_t conf_file; ngx_str_t conf_param; ngx_str_t conf_prefix; ngx_str_t prefix; ngx_str_t lock_file; ngx_str_t hostname; }; typedef struct { ngx_flag_t daemon; ngx_flag_t master; ngx_msec_t timer_resolution; ngx_int_t worker_processes; ngx_int_t debug_points; ngx_int_t rlimit_nofile; ngx_int_t rlimit_sigpending; off_t rlimit_core; int priority; ngx_uint_t cpu_affinity_n; uint64_t *cpu_affinity; char *username; ngx_uid_t user; ngx_gid_t group; ngx_str_t working_directory; ngx_str_t lock_file; ngx_str_t pid; ngx_str_t oldpid; ngx_array_t env; char **environment; #if (NGX_THREADS) ngx_int_t worker_threads; size_t thread_stack_size; #endif } ngx_core_conf_t; typedef struct { ngx_pool_t *pool; /* pcre's malloc() pool */ } ngx_core_tls_t; #define ngx_is_init_cycle(cycle) (cycle->conf_ctx == NULL) ngx_cycle_t *ngx_init_cycle(ngx_cycle_t *old_cycle); ngx_int_t ngx_create_pidfile(ngx_str_t *name, ngx_log_t *log); void ngx_delete_pidfile(ngx_cycle_t *cycle); ngx_int_t ngx_signal_process(ngx_cycle_t *cycle, char *sig); void ngx_reopen_files(ngx_cycle_t *cycle, ngx_uid_t user); char **ngx_set_environment(ngx_cycle_t *cycle, ngx_uint_t *last); ngx_pid_t ngx_exec_new_binary(ngx_cycle_t *cycle, char *const *argv); uint64_t ngx_get_cpu_affinity(ngx_uint_t n); ngx_shm_zone_t *ngx_shared_memory_add(ngx_conf_t *cf, ngx_str_t *name, size_t size, void *tag); extern volatile ngx_cycle_t *ngx_cycle; extern ngx_array_t ngx_old_cycles; extern ngx_module_t ngx_core_module; extern ngx_uint_t ngx_test_config; extern ngx_uint_t ngx_quiet_mode; #if (NGX_THREADS) extern ngx_tls_key_t ngx_core_tls_key; #endif #endif /* _NGX_CYCLE_H_INCLUDED_ */