Mercurial > hg > nginx-quic

view src/mail/ngx_mail_ssl_module.h @ 4162:fb1375e8b68c stable-1.0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merging r4036, r4055, r4056, r4057, r4058, r4059, r4060, r4061, r4062, r4063, r4064: Ranges related fixes: The "max_ranges" directive. "max_ranges 0" disables ranges support at all, "max_ranges 1" allows the single range, etc. By default number of ranges is unlimited, to be precise, 2^31-1. If client requests more ranges than "max_ranges" permits, nginx disables ranges and returns just the source response. If total size of all ranges is greater than source response size, then nginx disables ranges and returns just the source response. This fix should not affect well-behaving applications but will defeat DoS attempts exploiting malicious byte ranges. Now unsatisfiable ranges are processed according to RFC 2616.
author Igor Sysoev <igor@sysoev.ru>
date Fri, 30 Sep 2011 14:06:08 +0000
parents f87edc142316
children d620f497c50f
line wrap: on
line source


/*
 * Copyright (C) Igor Sysoev
 */


#ifndef _NGX_MAIL_SSL_H_INCLUDED_
#define _NGX_MAIL_SSL_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_mail.h>


#define NGX_MAIL_STARTTLS_OFF   0
#define NGX_MAIL_STARTTLS_ON    1
#define NGX_MAIL_STARTTLS_ONLY  2


typedef struct {
    ngx_flag_t       enable;
    ngx_flag_t       prefer_server_ciphers;

    ngx_ssl_t        ssl;

    ngx_uint_t       starttls;
    ngx_uint_t       protocols;

    ssize_t          builtin_session_cache;

    time_t           session_timeout;

    ngx_str_t        certificate;
    ngx_str_t        certificate_key;
    ngx_str_t        dhparam;
    ngx_str_t        ecdh_curve;

    ngx_str_t        ciphers;

    ngx_shm_zone_t  *shm_zone;

    u_char          *file;
    ngx_uint_t       line;
} ngx_mail_ssl_conf_t;


extern ngx_module_t  ngx_mail_ssl_module;


#endif /* _NGX_MAIL_SSL_H_INCLUDED_ */