Mercurial > hg > nginx-vendor-1-0
comparison src/event/ngx_event_openssl.h @ 272:29a6403156b0 NGINX_0_5_6
nginx 0.5.6
*) Change: now the ngx_http_index_module ignores all methods except the
GET, HEAD, and POST methods.
*) Feature: the ngx_http_limit_zone_module.
*) Feature: the $binary_remote_addr variable.
*) Feature: the "ssl_session_cache" directives of the
ngx_http_ssl_module and ngx_imap_ssl_module.
*) Feature: the DELETE method supports recursive removal.
*) Bugfix: the byte-ranges were transferred incorrectly if the
$r->sendfile() was used.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Tue, 09 Jan 2007 00:00:00 +0300 |
parents | 559bc7ec214e |
children | 052a7b1d40e5 |
comparison
equal
deleted
inserted
replaced
271:fcbee7dacf2b | 272:29a6403156b0 |
---|---|
13 | 13 |
14 #include <openssl/ssl.h> | 14 #include <openssl/ssl.h> |
15 #include <openssl/err.h> | 15 #include <openssl/err.h> |
16 | 16 |
17 #if OPENSSL_VERSION_NUMBER >= 0x00907000 | 17 #if OPENSSL_VERSION_NUMBER >= 0x00907000 |
18 #include <openssl/conf.h> | |
18 #include <openssl/engine.h> | 19 #include <openssl/engine.h> |
19 #define NGX_SSL_ENGINE 1 | 20 #define NGX_SSL_ENGINE 1 |
20 #endif | 21 #endif |
21 | 22 |
22 #define NGX_SSL_NAME "OpenSSL" | 23 #define NGX_SSL_NAME "OpenSSL" |
48 unsigned no_wait_shutdown:1; | 49 unsigned no_wait_shutdown:1; |
49 unsigned no_send_shutdown:1; | 50 unsigned no_send_shutdown:1; |
50 } ngx_ssl_connection_t; | 51 } ngx_ssl_connection_t; |
51 | 52 |
52 | 53 |
54 #define NGX_SSL_DFLT_BUILTIN_SCACHE -2 | |
55 #define NGX_SSL_NO_BUILTIN_SCACHE -3 | |
56 | |
57 | |
58 typedef struct ngx_ssl_cached_sess_s ngx_ssl_cached_sess_t; | |
59 | |
60 | |
61 #define NGX_SSL_MAX_SESSION_SIZE (4096 - offsetof(ngx_ssl_cached_sess_t, asn1)) | |
62 | |
63 | |
64 typedef struct { | |
65 ngx_rbtree_node_t node; | |
66 u_char *id; | |
67 size_t len; | |
68 ngx_ssl_cached_sess_t *session; | |
69 } ngx_ssl_sess_id_t; | |
70 | |
71 | |
72 struct ngx_ssl_cached_sess_s { | |
73 ngx_ssl_cached_sess_t *prev; | |
74 ngx_ssl_cached_sess_t *next; | |
75 time_t expire; | |
76 ngx_ssl_sess_id_t *sess_id; | |
77 u_char asn1[1]; | |
78 }; | |
79 | |
80 | |
81 typedef struct { | |
82 ngx_rbtree_t *session_rbtree; | |
83 ngx_ssl_cached_sess_t session_cache_head; | |
84 ngx_ssl_cached_sess_t session_cache_tail; | |
85 } ngx_ssl_session_cache_t; | |
86 | |
87 | |
88 | |
53 #define NGX_SSL_SSLv2 2 | 89 #define NGX_SSL_SSLv2 2 |
54 #define NGX_SSL_SSLv3 4 | 90 #define NGX_SSL_SSLv3 4 |
55 #define NGX_SSL_TLSv1 8 | 91 #define NGX_SSL_TLSv1 8 |
56 | 92 |
57 | 93 |
60 | 96 |
61 #define NGX_SSL_BUFSIZE 16384 | 97 #define NGX_SSL_BUFSIZE 16384 |
62 | 98 |
63 | 99 |
64 ngx_int_t ngx_ssl_init(ngx_log_t *log); | 100 ngx_int_t ngx_ssl_init(ngx_log_t *log); |
65 ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols); | 101 ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data); |
66 ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, | 102 ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, |
67 ngx_str_t *cert, ngx_str_t *key); | 103 ngx_str_t *cert, ngx_str_t *key); |
68 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, | 104 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, |
69 ngx_str_t *cert, ngx_int_t depth); | 105 ngx_str_t *cert, ngx_int_t depth); |
70 ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl); | 106 ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl); |
107 ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx, | |
108 ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout); | |
71 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, | 109 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, |
72 ngx_uint_t flags); | 110 ngx_uint_t flags); |
73 | 111 |
74 ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session); | 112 ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session); |
75 #define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection) | 113 #define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection) |
76 #define ngx_ssl_free_session SSL_SESSION_free | 114 #define ngx_ssl_free_session SSL_SESSION_free |
77 #define ngx_ssl_get_connection(sc) SSL_get_ex_data(sc, ngx_connection_index) | 115 #define ngx_ssl_get_connection(ssl_conn) \ |
116 SSL_get_ex_data(ssl_conn, ngx_ssl_connection_index) | |
117 #define ngx_ssl_get_server_conf(ssl_ctx) \ | |
118 SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_server_conf_index) | |
78 | 119 |
79 | 120 |
80 ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool, | 121 ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool, |
81 ngx_str_t *s); | 122 ngx_str_t *s); |
82 ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool, | 123 ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool, |
87 ngx_str_t *s); | 128 ngx_str_t *s); |
88 ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, | 129 ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, |
89 ngx_str_t *s); | 130 ngx_str_t *s); |
90 | 131 |
91 | 132 |
92 | |
93 | |
94 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); | 133 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); |
95 ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); | 134 ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); |
96 ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size); | 135 ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size); |
97 ssize_t ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl); | 136 ssize_t ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl); |
98 ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, | 137 ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, |
101 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err, | 140 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err, |
102 char *fmt, ...); | 141 char *fmt, ...); |
103 void ngx_ssl_cleanup_ctx(void *data); | 142 void ngx_ssl_cleanup_ctx(void *data); |
104 | 143 |
105 | 144 |
106 extern int ngx_connection_index; | 145 extern int ngx_ssl_connection_index; |
146 extern int ngx_ssl_server_conf_index; | |
147 extern int ngx_ssl_session_cache_index; | |
107 | 148 |
108 | 149 |
109 #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */ | 150 #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */ |