Mercurial > hg > nginx-vendor-1-0
comparison src/http/modules/ngx_http_ssl_module.c @ 0:f0b350454894 NGINX_0_1_0
nginx 0.1.0
*) The first public version.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 04 Oct 2004 00:00:00 +0400 |
parents | |
children | 7ca9bdc82b3f |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:f0b350454894 |
---|---|
1 | |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4 */ | |
5 | |
6 | |
7 #include <ngx_config.h> | |
8 #include <ngx_core.h> | |
9 #include <ngx_http.h> | |
10 | |
11 | |
12 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" | |
13 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" | |
14 | |
15 | |
16 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); | |
17 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, | |
18 void *parent, void *child); | |
19 | |
20 | |
21 static ngx_command_t ngx_http_ssl_commands[] = { | |
22 | |
23 { ngx_string("ssl"), | |
24 NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, | |
25 ngx_conf_set_flag_slot, | |
26 NGX_HTTP_SRV_CONF_OFFSET, | |
27 offsetof(ngx_http_ssl_srv_conf_t, enable), | |
28 NULL }, | |
29 | |
30 { ngx_string("ssl_certificate"), | |
31 NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | |
32 ngx_conf_set_str_slot, | |
33 NGX_HTTP_SRV_CONF_OFFSET, | |
34 offsetof(ngx_http_ssl_srv_conf_t, certificate), | |
35 NULL }, | |
36 | |
37 { ngx_string("ssl_certificate_key"), | |
38 NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | |
39 ngx_conf_set_str_slot, | |
40 NGX_HTTP_SRV_CONF_OFFSET, | |
41 offsetof(ngx_http_ssl_srv_conf_t, certificate_key), | |
42 NULL }, | |
43 | |
44 ngx_null_command | |
45 }; | |
46 | |
47 | |
48 static ngx_http_module_t ngx_http_ssl_module_ctx = { | |
49 NULL, /* pre conf */ | |
50 | |
51 NULL, /* create main configuration */ | |
52 NULL, /* init main configuration */ | |
53 | |
54 ngx_http_ssl_create_srv_conf, /* create server configuration */ | |
55 ngx_http_ssl_merge_srv_conf, /* merge server configuration */ | |
56 | |
57 NULL, /* create location configuration */ | |
58 NULL, /* merge location configuration */ | |
59 }; | |
60 | |
61 | |
62 ngx_module_t ngx_http_ssl_module = { | |
63 NGX_MODULE, | |
64 &ngx_http_ssl_module_ctx, /* module context */ | |
65 ngx_http_ssl_commands, /* module directives */ | |
66 NGX_HTTP_MODULE, /* module type */ | |
67 NULL, /* init module */ | |
68 NULL /* init process */ | |
69 }; | |
70 | |
71 | |
72 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) | |
73 { | |
74 ngx_http_ssl_srv_conf_t *scf; | |
75 | |
76 if (!(scf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_srv_conf_t)))) { | |
77 return NGX_CONF_ERROR; | |
78 } | |
79 | |
80 scf->enable = NGX_CONF_UNSET; | |
81 | |
82 return scf; | |
83 } | |
84 | |
85 | |
86 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, | |
87 void *parent, void *child) | |
88 { | |
89 ngx_http_ssl_srv_conf_t *prev = parent; | |
90 ngx_http_ssl_srv_conf_t *conf = child; | |
91 | |
92 ngx_conf_merge_value(conf->enable, prev->enable, 0); | |
93 | |
94 if (conf->enable == 0) { | |
95 return NGX_CONF_OK; | |
96 } | |
97 | |
98 ngx_conf_merge_str_value(conf->certificate, prev->certificate, | |
99 NGX_DEFLAUT_CERTIFICATE); | |
100 | |
101 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, | |
102 NGX_DEFLAUT_CERTIFICATE_KEY); | |
103 | |
104 /* TODO: configure methods */ | |
105 | |
106 conf->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); | |
107 | |
108 if (conf->ssl_ctx == NULL) { | |
109 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_new() failed"); | |
110 return NGX_CONF_ERROR; | |
111 } | |
112 | |
113 if (SSL_CTX_use_certificate_file(conf->ssl_ctx, | |
114 (char *) conf->certificate.data, | |
115 SSL_FILETYPE_PEM) == 0) { | |
116 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, | |
117 "SSL_CTX_use_certificate_file(\"%s\") failed", | |
118 conf->certificate.data); | |
119 return NGX_CONF_ERROR; | |
120 } | |
121 | |
122 if (SSL_CTX_use_PrivateKey_file(conf->ssl_ctx, | |
123 (char *) conf->certificate_key.data, | |
124 SSL_FILETYPE_PEM) == 0) { | |
125 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, | |
126 "SSL_CTX_use_PrivateKey_file(\"%s\") failed", | |
127 conf->certificate_key.data); | |
128 return NGX_CONF_ERROR; | |
129 } | |
130 | |
131 return NGX_CONF_OK; | |
132 } | |
133 | |
134 | |
135 #if 0 | |
136 | |
137 static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle) | |
138 { | |
139 ngx_uint_t i; | |
140 ngx_http_ssl_srv_conf_t *sscf; | |
141 ngx_http_core_srv_conf_t **cscfp; | |
142 ngx_http_core_main_conf_t *cmcf; | |
143 | |
144 cmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_core_module); | |
145 | |
146 cscfp = cmcf->servers.elts; | |
147 | |
148 for (i = 0; i < cmcf->servers.nelts; i++) { | |
149 sscf = cscfp[i]->ctx->srv_conf[ngx_http_ssl_module.ctx_index]; | |
150 | |
151 if (sscf->enable) { | |
152 cscfp[i]->recv = ngx_ssl_recv; | |
153 cscfp[i]->send_chain = ngx_ssl_send_chain; | |
154 } | |
155 } | |
156 | |
157 return NGX_OK; | |
158 } | |
159 | |
160 #endif |