Mercurial > hg > nginx

comparison src/mail/ngx_mail_ssl_module.c @ 9120:0aaa09927703

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: removed the "ssl" directive. It has been deprecated since 7270:46c0c7ef4913 (1.15.0) in favour of the "ssl" parameter of the "listen" directive, which has been available since 2224:109849282793 (0.7.14).
author Roman Arutyunyan <arut@nginx.com>
date Thu, 08 Jun 2023 14:49:27 +0400
parents d1cf09451ae8
children
comparison
equal deleted inserted replaced
9119:08ef02ad5c54 9120:0aaa09927703
21 #endif 21 #endif
22 22
23 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf); 23 static void *ngx_mail_ssl_create_conf(ngx_conf_t *cf);
24 static char *ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child); 24 static char *ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child);
25 25
26 static char *ngx_mail_ssl_enable(ngx_conf_t *cf, ngx_command_t *cmd,
27 void *conf);
28 static char *ngx_mail_ssl_starttls(ngx_conf_t *cf, ngx_command_t *cmd, 26 static char *ngx_mail_ssl_starttls(ngx_conf_t *cf, ngx_command_t *cmd,
29 void *conf); 27 void *conf);
30 static char *ngx_mail_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, 28 static char *ngx_mail_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd,
31 void *conf); 29 void *conf);
32 static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, 30 static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd,
63 { ngx_string("optional_no_ca"), 3 }, 61 { ngx_string("optional_no_ca"), 3 },
64 { ngx_null_string, 0 } 62 { ngx_null_string, 0 }
65 }; 63 };
66 64
67 65
68 static ngx_conf_deprecated_t ngx_mail_ssl_deprecated = {
69 ngx_conf_deprecated, "ssl", "listen ... ssl"
70 };
71
72
73 static ngx_conf_post_t ngx_mail_ssl_conf_command_post = 66 static ngx_conf_post_t ngx_mail_ssl_conf_command_post =
74 { ngx_mail_ssl_conf_command_check }; 67 { ngx_mail_ssl_conf_command_check };
75 68
76 69
77 static ngx_command_t ngx_mail_ssl_commands[] = { 70 static ngx_command_t ngx_mail_ssl_commands[] = {
78
79 { ngx_string("ssl"),
80 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG,
81 ngx_mail_ssl_enable,
82 NGX_MAIL_SRV_CONF_OFFSET,
83 offsetof(ngx_mail_ssl_conf_t, enable),
84 &ngx_mail_ssl_deprecated },
85 71
86 { ngx_string("starttls"), 72 { ngx_string("starttls"),
87 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, 73 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
88 ngx_mail_ssl_starttls, 74 ngx_mail_ssl_starttls,
89 NGX_MAIL_SRV_CONF_OFFSET, 75 NGX_MAIL_SRV_CONF_OFFSET,
320 * scf->crl = { 0, NULL }; 306 * scf->crl = { 0, NULL };
321 * scf->ciphers = { 0, NULL }; 307 * scf->ciphers = { 0, NULL };
322 * scf->shm_zone = NULL; 308 * scf->shm_zone = NULL;
323 */ 309 */
324 310
325 scf->enable = NGX_CONF_UNSET;
326 scf->starttls = NGX_CONF_UNSET_UINT; 311 scf->starttls = NGX_CONF_UNSET_UINT;
327 scf->certificates = NGX_CONF_UNSET_PTR; 312 scf->certificates = NGX_CONF_UNSET_PTR;
328 scf->certificate_keys = NGX_CONF_UNSET_PTR; 313 scf->certificate_keys = NGX_CONF_UNSET_PTR;
329 scf->passwords = NGX_CONF_UNSET_PTR; 314 scf->passwords = NGX_CONF_UNSET_PTR;
330 scf->conf_commands = NGX_CONF_UNSET_PTR; 315 scf->conf_commands = NGX_CONF_UNSET_PTR;
347 ngx_mail_ssl_conf_t *conf = child; 332 ngx_mail_ssl_conf_t *conf = child;
348 333
349 char *mode; 334 char *mode;
350 ngx_pool_cleanup_t *cln; 335 ngx_pool_cleanup_t *cln;
351 336
352 ngx_conf_merge_value(conf->enable, prev->enable, 0);
353 ngx_conf_merge_uint_value(conf->starttls, prev->starttls, 337 ngx_conf_merge_uint_value(conf->starttls, prev->starttls,
354 NGX_MAIL_STARTTLS_OFF); 338 NGX_MAIL_STARTTLS_OFF);
355 339
356 ngx_conf_merge_value(conf->session_timeout, 340 ngx_conf_merge_value(conf->session_timeout,
357 prev->session_timeout, 300); 341 prev->session_timeout, 300);
391 375
392 conf->ssl.log = cf->log; 376 conf->ssl.log = cf->log;
393 377
394 if (conf->listen) { 378 if (conf->listen) {
395 mode = "listen ... ssl"; 379 mode = "listen ... ssl";
396
397 } else if (conf->enable) {
398 mode = "ssl";
399 380
400 } else if (conf->starttls != NGX_MAIL_STARTTLS_OFF) { 381 } else if (conf->starttls != NGX_MAIL_STARTTLS_OFF) {
401 mode = "starttls"; 382 mode = "starttls";
402 383
403 } else { 384 } else {
544 return NGX_CONF_OK; 525 return NGX_CONF_OK;
545 } 526 }
546 527
547 528
548 static char * 529 static char *
549 ngx_mail_ssl_enable(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
550 {
551 ngx_mail_ssl_conf_t *scf = conf;
552
553 char *rv;
554
555 rv = ngx_conf_set_flag_slot(cf, cmd, conf);
556
557 if (rv != NGX_CONF_OK) {
558 return rv;
559 }
560
561 if (scf->enable && (ngx_int_t) scf->starttls > NGX_MAIL_STARTTLS_OFF) {
562 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
563 "\"starttls\" directive conflicts with \"ssl on\"");
564 return NGX_CONF_ERROR;
565 }
566
567 if (!scf->listen) {
568 scf->file = cf->conf_file->file.name.data;
569 scf->line = cf->conf_file->line;
570 }
571
572 return NGX_CONF_OK;
573 }
574
575
576 static char *
577 ngx_mail_ssl_starttls(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) 530 ngx_mail_ssl_starttls(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
578 { 531 {
579 ngx_mail_ssl_conf_t *scf = conf; 532 ngx_mail_ssl_conf_t *scf = conf;
580 533
581 char *rv; 534 char *rv;
582 535
583 rv = ngx_conf_set_enum_slot(cf, cmd, conf); 536 rv = ngx_conf_set_enum_slot(cf, cmd, conf);
584 537
585 if (rv != NGX_CONF_OK) { 538 if (rv != NGX_CONF_OK) {
586 return rv; 539 return rv;
587 }
588
589 if (scf->enable == 1 && (ngx_int_t) scf->starttls > NGX_MAIL_STARTTLS_OFF) {
590 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
591 "\"ssl\" directive conflicts with \"starttls\"");
592 return NGX_CONF_ERROR;
593 } 540 }
594 541
595 if (!scf->listen) { 542 if (!scf->listen) {
596 scf->file = cf->conf_file->file.name.data; 543 scf->file = cf->conf_file->file.name.data;
597 scf->line = cf->conf_file->line; 544 scf->line = cf->conf_file->line;