Mercurial > hg > nginx

comparison src/stream/ngx_stream_ssl_module.c @ 6611:85e7bcb37d6b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Stream: SSL-related variables.
author Vladimir Homutov <vl@nginx.com>
date Wed, 29 Jun 2016 12:52:52 +0300
parents 2f41d383c9c7
children 3908156a51fa
comparison
equal deleted inserted replaced
6610:d5b5866c06c4 6611:85e7bcb37d6b
8 #include <ngx_config.h> 8 #include <ngx_config.h>
9 #include <ngx_core.h> 9 #include <ngx_core.h>
10 #include <ngx_stream.h> 10 #include <ngx_stream.h>
11 11
12 12
13 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
14 ngx_pool_t *pool, ngx_str_t *s);
15
16
13 #define NGX_DEFAULT_CIPHERS "HIGH:!aNULL:!MD5" 17 #define NGX_DEFAULT_CIPHERS "HIGH:!aNULL:!MD5"
14 #define NGX_DEFAULT_ECDH_CURVE "auto" 18 #define NGX_DEFAULT_ECDH_CURVE "auto"
15 19
16 20
21 static ngx_int_t ngx_stream_ssl_static_variable(ngx_stream_session_t *s,
22 ngx_stream_variable_value_t *v, uintptr_t data);
23 static ngx_int_t ngx_stream_ssl_variable(ngx_stream_session_t *s,
24 ngx_stream_variable_value_t *v, uintptr_t data);
25
26 static ngx_int_t ngx_stream_ssl_add_variables(ngx_conf_t *cf);
17 static void *ngx_stream_ssl_create_conf(ngx_conf_t *cf); 27 static void *ngx_stream_ssl_create_conf(ngx_conf_t *cf);
18 static char *ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent, 28 static char *ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent,
19 void *child); 29 void *child);
20 30
21 static char *ngx_stream_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, 31 static char *ngx_stream_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd,
130 ngx_null_command 140 ngx_null_command
131 }; 141 };
132 142
133 143
134 static ngx_stream_module_t ngx_stream_ssl_module_ctx = { 144 static ngx_stream_module_t ngx_stream_ssl_module_ctx = {
135 NULL, /* preconfiguration */ 145 ngx_stream_ssl_add_variables, /* preconfiguration */
136 NULL, /* postconfiguration */ 146 NULL, /* postconfiguration */
137 147
138 NULL, /* create main configuration */ 148 NULL, /* create main configuration */
139 NULL, /* init main configuration */ 149 NULL, /* init main configuration */
140 150
157 NULL, /* exit master */ 167 NULL, /* exit master */
158 NGX_MODULE_V1_PADDING 168 NGX_MODULE_V1_PADDING
159 }; 169 };
160 170
161 171
172 static ngx_stream_variable_t ngx_stream_ssl_vars[] = {
173
174 { ngx_string("ssl_protocol"), NULL, ngx_stream_ssl_static_variable,
175 (uintptr_t) ngx_ssl_get_protocol, NGX_STREAM_VAR_CHANGEABLE, 0 },
176
177 { ngx_string("ssl_cipher"), NULL, ngx_stream_ssl_static_variable,
178 (uintptr_t) ngx_ssl_get_cipher_name, NGX_STREAM_VAR_CHANGEABLE, 0 },
179
180 { ngx_string("ssl_session_id"), NULL, ngx_stream_ssl_variable,
181 (uintptr_t) ngx_ssl_get_session_id, NGX_STREAM_VAR_CHANGEABLE, 0 },
182
183 { ngx_string("ssl_session_reused"), NULL, ngx_stream_ssl_variable,
184 (uintptr_t) ngx_ssl_get_session_reused, NGX_STREAM_VAR_CHANGEABLE, 0 },
185
186 { ngx_string("ssl_server_name"), NULL, ngx_stream_ssl_variable,
187 (uintptr_t) ngx_ssl_get_server_name, NGX_STREAM_VAR_CHANGEABLE, 0 },
188
189 { ngx_null_string, NULL, NULL, 0, 0, 0 }
190 };
191
192
162 static ngx_str_t ngx_stream_ssl_sess_id_ctx = ngx_string("STREAM"); 193 static ngx_str_t ngx_stream_ssl_sess_id_ctx = ngx_string("STREAM");
194
195
196 static ngx_int_t
197 ngx_stream_ssl_static_variable(ngx_stream_session_t *s,
198 ngx_stream_variable_value_t *v, uintptr_t data)
199 {
200 ngx_ssl_variable_handler_pt handler = (ngx_ssl_variable_handler_pt) data;
201
202 size_t len;
203 ngx_str_t str;
204
205 if (s->connection->ssl) {
206
207 (void) handler(s->connection, NULL, &str);
208
209 v->data = str.data;
210
211 for (len = 0; v->data[len]; len++) { /* void */ }
212
213 v->len = len;
214 v->valid = 1;
215 v->no_cacheable = 0;
216 v->not_found = 0;
217
218 return NGX_OK;
219 }
220
221 v->not_found = 1;
222
223 return NGX_OK;
224 }
225
226
227 static ngx_int_t
228 ngx_stream_ssl_variable(ngx_stream_session_t *s,
229 ngx_stream_variable_value_t *v, uintptr_t data)
230 {
231 ngx_ssl_variable_handler_pt handler = (ngx_ssl_variable_handler_pt) data;
232
233 ngx_str_t str;
234
235 if (s->connection->ssl) {
236
237 if (handler(s->connection, s->connection->pool, &str) != NGX_OK) {
238 return NGX_ERROR;
239 }
240
241 v->len = str.len;
242 v->data = str.data;
243
244 if (v->len) {
245 v->valid = 1;
246 v->no_cacheable = 0;
247 v->not_found = 0;
248
249 return NGX_OK;
250 }
251 }
252
253 v->not_found = 1;
254
255 return NGX_OK;
256 }
257
258
259 static ngx_int_t
260 ngx_stream_ssl_add_variables(ngx_conf_t *cf)
261 {
262 ngx_stream_variable_t *var, *v;
263
264 for (v = ngx_stream_ssl_vars; v->name.len; v++) {
265 var = ngx_stream_add_variable(cf, &v->name, v->flags);
266 if (var == NULL) {
267 return NGX_ERROR;
268 }
269
270 var->get_handler = v->get_handler;
271 var->data = v->data;
272 }
273
274 return NGX_OK;
275 }
163 276
164 277
165 static void * 278 static void *
166 ngx_stream_ssl_create_conf(ngx_conf_t *cf) 279 ngx_stream_ssl_create_conf(ngx_conf_t *cf)
167 { 280 {