Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.h @ 7654:b56f725dd4bb
OCSP: certificate status cache.
When enabled, certificate status is stored in cache and is used to validate
the certificate in future requests.
New directive ssl_ocsp_cache is added to configure the cache.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Fri, 22 May 2020 17:25:27 +0300 |
| parents | 8409f9df6219 |
| children | 3bff3f397c05 7995cd199b52 |
comparison
equal
deleted
inserted
replaced
| 7653:8409f9df6219 | 7654:b56f725dd4bb |
|---|---|
| 185 ngx_int_t ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl, | 185 ngx_int_t ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 186 ngx_str_t *file, ngx_str_t *responder, ngx_uint_t verify); | 186 ngx_str_t *file, ngx_str_t *responder, ngx_uint_t verify); |
| 187 ngx_int_t ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, | 187 ngx_int_t ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 188 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); | 188 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); |
| 189 ngx_int_t ngx_ssl_ocsp(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *responder, | 189 ngx_int_t ngx_ssl_ocsp(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *responder, |
| 190 ngx_uint_t depth); | 190 ngx_uint_t depth, ngx_shm_zone_t *shm_zone); |
| 191 ngx_int_t ngx_ssl_ocsp_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, | 191 ngx_int_t ngx_ssl_ocsp_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 192 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); | 192 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); |
| 193 ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c); | 193 ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c); |
| 194 ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s); | 194 ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s); |
| 195 void ngx_ssl_ocsp_cleanup(ngx_connection_t *c); | 195 void ngx_ssl_ocsp_cleanup(ngx_connection_t *c); |
| 196 ngx_int_t ngx_ssl_ocsp_cache_init(ngx_shm_zone_t *shm_zone, void *data); | |
| 196 RSA *ngx_ssl_rsa512_key_callback(ngx_ssl_conn_t *ssl_conn, int is_export, | 197 RSA *ngx_ssl_rsa512_key_callback(ngx_ssl_conn_t *ssl_conn, int is_export, |
| 197 int key_length); | 198 int key_length); |
| 198 ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file); | 199 ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file); |
| 199 ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf, | 200 ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf, |
| 200 ngx_array_t *passwords); | 201 ngx_array_t *passwords); |