Mercurial > hg > nginx

comparison src/http/modules/ngx_http_ssl_module.c @ 541:b09ee85d0ac8 release-0.1.45

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-0.1.45-RELEASE import *) Change: the "ssl_engine" directive was canceled in the ngx_http_ssl_module and now is introduced at global level. *) Bugfix: the responses with SSI subrequests did not transferred via SSL connection. *) Various bug fixes in the IMAP/POP3 proxy.
author Igor Sysoev <igor@sysoev.ru>
date Thu, 08 Sep 2005 14:36:09 +0000
parents e5d7d0334fdb
children 511a89da35ad
comparison
equal deleted inserted replaced
540:983c48ab79bb 541:b09ee85d0ac8
6 6
7 #include <ngx_config.h> 7 #include <ngx_config.h>
8 #include <ngx_core.h> 8 #include <ngx_core.h>
9 #include <ngx_http.h> 9 #include <ngx_http.h>
10 10
11 #include <openssl/engine.h>
12
13 11
14 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" 12 #define NGX_DEFLAUT_CERTIFICATE "cert.pem"
15 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" 13 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem"
16 14
17 15
18 static void *ngx_http_ssl_create_main_conf(ngx_conf_t *cf);
19 static char *ngx_http_ssl_init_main_conf(ngx_conf_t *cf, void *conf);
20 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); 16 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf);
21 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, 17 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf,
22 void *parent, void *child); 18 void *parent, void *child);
23 19
24 20
25 static ngx_command_t ngx_http_ssl_commands[] = { 21 static ngx_command_t ngx_http_ssl_commands[] = {
26 22
27 { ngx_string("ssl_engine"),
28 NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
29 ngx_conf_set_str_slot,
30 NGX_HTTP_MAIN_CONF_OFFSET,
31 offsetof(ngx_http_ssl_main_conf_t, engine),
32 NULL },
33
34 { ngx_string("ssl"), 23 { ngx_string("ssl"),
35 NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, 24 NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
36 ngx_conf_set_flag_slot, 25 ngx_conf_set_flag_slot,
37 NGX_HTTP_SRV_CONF_OFFSET, 26 NGX_HTTP_SRV_CONF_OFFSET,
38 offsetof(ngx_http_ssl_srv_conf_t, enable), 27 offsetof(ngx_http_ssl_srv_conf_t, enable),
65 54
66 static ngx_http_module_t ngx_http_ssl_module_ctx = { 55 static ngx_http_module_t ngx_http_ssl_module_ctx = {
67 NULL, /* preconfiguration */ 56 NULL, /* preconfiguration */
68 NULL, /* postconfiguration */ 57 NULL, /* postconfiguration */
69 58
70 ngx_http_ssl_create_main_conf, /* create main configuration */ 59 NULL, /* create main configuration */
71 ngx_http_ssl_init_main_conf, /* init main configuration */ 60 NULL, /* init main configuration */
72 61
73 ngx_http_ssl_create_srv_conf, /* create server configuration */ 62 ngx_http_ssl_create_srv_conf, /* create server configuration */
74 ngx_http_ssl_merge_srv_conf, /* merge server configuration */ 63 ngx_http_ssl_merge_srv_conf, /* merge server configuration */
75 64
76 NULL, /* create location configuration */ 65 NULL, /* create location configuration */
81 ngx_module_t ngx_http_ssl_module = { 70 ngx_module_t ngx_http_ssl_module = {
82 NGX_MODULE_V1, 71 NGX_MODULE_V1,
83 &ngx_http_ssl_module_ctx, /* module context */ 72 &ngx_http_ssl_module_ctx, /* module context */
84 ngx_http_ssl_commands, /* module directives */ 73 ngx_http_ssl_commands, /* module directives */
85 NGX_HTTP_MODULE, /* module type */ 74 NGX_HTTP_MODULE, /* module type */
75 NULL, /* init master */
86 NULL, /* init module */ 76 NULL, /* init module */
87 NULL /* init process */ 77 NULL, /* init process */
78 NULL, /* init thread */
79 NULL, /* exit thread */
80 NULL, /* exit process */
81 NULL, /* exit master */
82 NGX_MODULE_V1_PADDING
88 }; 83 };
89
90
91 static void *
92 ngx_http_ssl_create_main_conf(ngx_conf_t *cf)
93 {
94 ngx_http_ssl_main_conf_t *mcf;
95
96 mcf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_main_conf_t));
97 if (mcf == NULL) {
98 return NGX_CONF_ERROR;
99 }
100
101 /*
102 * set by ngx_pcalloc():
103 *
104 * mcf->engine.len = 0;
105 * mcf->engine.data = NULL;
106 */
107
108 return mcf;
109 }
110
111
112 static char *
113 ngx_http_ssl_init_main_conf(ngx_conf_t *cf, void *conf)
114 {
115 ngx_http_ssl_main_conf_t *mcf = conf;
116
117 ENGINE *engine;
118
119 if (mcf->engine.len == 0) {
120 return NGX_CONF_OK;
121 }
122
123 engine = ENGINE_by_id((const char *) mcf->engine.data);
124
125 if (engine == NULL) {
126 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0,
127 "ENGINE_by_id(\"%V\") failed", &mcf->engine);
128 return NGX_CONF_ERROR;
129 }
130
131 if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) {
132 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0,
133 "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed",
134 &mcf->engine);
135 return NGX_CONF_ERROR;
136 }
137
138 ENGINE_free(engine);
139
140 return NGX_CONF_OK;
141 }
142 84
143 85
144 static void * 86 static void *
145 ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) 87 ngx_http_ssl_create_srv_conf(ngx_conf_t *cf)
146 { 88 {
238 "SSL_CTX_use_PrivateKey_file(\"%s\") failed", 180 "SSL_CTX_use_PrivateKey_file(\"%s\") failed",
239 conf->certificate_key.data); 181 conf->certificate_key.data);
240 return NGX_CONF_ERROR; 182 return NGX_CONF_ERROR;
241 } 183 }
242 184
185 SSL_CTX_set_verify(conf->ssl_ctx, SSL_VERIFY_NONE, NULL);
186
243 return NGX_CONF_OK; 187 return NGX_CONF_OK;
244 } 188 }
245 189
246 190
247 #if 0 191 #if 0
192
193 /* how to enumrate server' configs */
248 194
249 static ngx_int_t 195 static ngx_int_t
250 ngx_http_ssl_init_process(ngx_cycle_t *cycle) 196 ngx_http_ssl_init_process(ngx_cycle_t *cycle)
251 { 197 {
252 ngx_uint_t i; 198 ngx_uint_t i;