Mercurial > hg > nginx-quic
view src/os/unix/ngx_sunpro_sparc64.il @ 6548:8a34e92d8ab5
SSL: made it possible to iterate though all certificates.
A pointer to a previously configured certificate now stored in a certificate.
This makes it possible to iterate though all certificates configured in
the SSL context. This is now used to configure OCSP stapling for all
certificates, and in ngx_ssl_session_id_context().
As SSL_CTX_use_certificate() frees previously loaded certificate of the same
type, and we have no way to find out if it's the case, X509_free() calls
are now posponed till ngx_ssl_cleanup_ctx().
Note that in OpenSSL 1.0.2+ this can be done without storing things in exdata
using the SSL_CTX_set_current_cert() and SSL_CTX_get0_certificate() functions.
These are not yet available in all supported versions though, so it's easier
to continue to use exdata for now.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 19 May 2016 14:46:32 +0300 |
| parents | d620f497c50f |
| children |
line wrap: on
line source
/ / Copyright (C) Igor Sysoev / Copyright (C) Nginx, Inc. / / "casa [%o2] 0x80, %o1, %o0" and / "casxa [%o2] 0x80, %o1, %o0" do the following: / / if ([%o2] == %o1) { / swap(%o0, [%o2]); / } else { / %o0 = [%o2]; / } / ngx_atomic_uint_t ngx_casa(ngx_atomic_uint_t set, ngx_atomic_uint_t old, / ngx_atomic_t *lock); / / the arguments are passed in the %o0, %o1, %o2 / the result is returned in the %o0 .inline ngx_casa,0 casa [%o2] 0x80, %o1, %o0 .end / ngx_atomic_uint_t ngx_casxa(ngx_atomic_uint_t set, ngx_atomic_uint_t old, / ngx_atomic_t *lock); / / the arguments are passed in the %o0, %o1, %o2 / the result is returned in the %o0 .inline ngx_casxa,0 casxa [%o2] 0x80, %o1, %o0 .end