Mercurial > hg > nginx-quic

view auto/lib/openssl/conf @ 4617:972642646f06

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Rewrite: fixed escaping and possible segfault (ticket #162). The following code resulted in incorrect escaping of uri and possible segfault: location / { rewrite ^(.*) $1?c=$1; return 200 "$uri"; } If there were arguments in a rewrite's replacement string, and length was actually calculated (due to duplicate captures as in the example above, or variables present), the is_args flag was set and incorrectly copied after length calculation. This resulted in escaping applied to the uri part of the replacement, resulting in incorrect escaping. Additionally, buffer was allocated without escaping expected, thus this also resulted in buffer overrun and possible segfault.
author Maxim Dounin <mdounin@mdounin.ru>
date Fri, 11 May 2012 13:19:22 +0000
parents d620f497c50f
children 3d2d3e1cf427
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


if [ $OPENSSL != NONE ]; then

    case "$CC" in

        cl | bcc32)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have

            CFLAGS="$CFLAGS -DNO_SYS_TYPES_H"

            CORE_INCS="$CORE_INCS $OPENSSL/openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/openssl/include/openssl/ssl.h"
            CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/ssleay32.lib"
            CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libeay32.lib"

            # libeay32.lib requires gdi32.lib
            CORE_LIBS="$CORE_LIBS gdi32.lib"
            # OpenSSL 1.0.0 requires crypt32.lib
            CORE_LIBS="$CORE_LIBS crypt32.lib"
        ;;

        *)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have

            CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
            CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
        ;;
    esac

else

    if [ "$NGX_PLATFORM" != win32 ]; then

        OPENSSL=NO

        ngx_feature="OpenSSL library"
        ngx_feature_name="NGX_OPENSSL"
        ngx_feature_run=no
        ngx_feature_incs="#include <openssl/ssl.h>"
        ngx_feature_path=
        ngx_feature_libs="-lssl -lcrypto"
        ngx_feature_test="SSL_library_init()"
        . auto/feature

        if [ $ngx_found = yes ]; then
            have=NGX_SSL . auto/have
            CORE_LIBS="$CORE_LIBS $ngx_feature_libs $NGX_LIBDL"
            OPENSSL=YES
        fi
    fi

    if [ $OPENSSL != YES ]; then

cat << END

$0: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.

END
        exit 1
    fi

fi