Mercurial > hg > nginx-vendor-current
comparison src/mail/ngx_mail_ssl_module.c @ 390:0b6053502c55 NGINX_0_7_7
nginx 0.7.7
*) Change: now the EAGAIN error returned by connect() is not considered
as temporary error.
*) Change: now the $ssl_client_cert variable value is a certificate
with TAB character intended before each line except first one; an
unchanged certificate is available in the $ssl_client_raw_cert
variable.
*) Feature: the "ask" parameter in the "ssl_verify_client" directive.
*) Feature: byte-range processing improvements.
Thanks to Maxim Dounin.
*) Feature: the "directio" directive.
*) Feature: MacOSX 1.5 sendfile() support.
*) Bugfix: now in MacOSX and Cygwin locations are tested in case
insensitive mode; however, the compare is provided by single-byte
locales only.
*) Bugfix: mail proxy SSL connections hanged, if select, poll, or
/dev/poll methods were used.
*) Bugfix: UTF-8 encoding usage in the ngx_http_autoindex_module.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Wed, 30 Jul 2008 00:00:00 +0400 |
| parents | bc21d9cd9c54 |
| children | a094317ba307 |
comparison
equal
deleted
inserted
replaced
| 389:930e48a26dde | 390:0b6053502c55 |
|---|---|
| 7 #include <ngx_config.h> | 7 #include <ngx_config.h> |
| 8 #include <ngx_core.h> | 8 #include <ngx_core.h> |
| 9 #include <ngx_mail.h> | 9 #include <ngx_mail.h> |
| 10 | 10 |
| 11 | 11 |
| 12 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" | 12 #define NGX_DEFAULT_CERTIFICATE "cert.pem" |
| 13 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" | 13 #define NGX_DEFAULT_CERTIFICATE_KEY "cert.pem" |
| 14 #define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" | 14 #define NGX_DEFAULT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" |
| 15 | 15 |
| 16 | 16 |
| 17 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf); | 17 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf); |
| 18 static char *ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child); | 18 static char *ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child); |
| 19 static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, | 19 static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, |
| 212 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols, | 212 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols, |
| 213 (NGX_CONF_BITMASK_SET | 213 (NGX_CONF_BITMASK_SET |
| 214 |NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1)); | 214 |NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1)); |
| 215 | 215 |
| 216 ngx_conf_merge_str_value(conf->certificate, prev->certificate, | 216 ngx_conf_merge_str_value(conf->certificate, prev->certificate, |
| 217 NGX_DEFLAUT_CERTIFICATE); | 217 NGX_DEFAULT_CERTIFICATE); |
| 218 | 218 |
| 219 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, | 219 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, |
| 220 NGX_DEFLAUT_CERTIFICATE_KEY); | 220 NGX_DEFAULT_CERTIFICATE_KEY); |
| 221 | 221 |
| 222 ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, ""); | 222 ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, ""); |
| 223 | 223 |
| 224 ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFLAUT_CIPHERS); | 224 ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFAULT_CIPHERS); |
| 225 | 225 |
| 226 | 226 |
| 227 conf->ssl.log = cf->log; | 227 conf->ssl.log = cf->log; |
| 228 | 228 |
| 229 if (ngx_ssl_create(&conf->ssl, conf->protocols, NULL) != NGX_OK) { | 229 if (ngx_ssl_create(&conf->ssl, conf->protocols, NULL) != NGX_OK) { |