Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.h @ 671:cec32b3753ac release-0.3.57
nginx-0.3.57-RELEASE import
*) Feature: the $ssl_client_serial variable.
*) Bugfix: in the "!-e" operator of the "if" directive.
Thanks to Andrian Budanstov.
*) Bugfix: while a client certificate verification nginx did not send
to a client the required certificates information.
*) Bugfix: the $document_root variable did not support the variables in
the "root" directive.
| author | Igor Sysoev <igor@sysoev.ru> |
|---|---|
| date | Wed, 09 Aug 2006 19:59:45 +0000 |
| parents | 95d7da23ea53 |
| children | 1b60ecc8cdb7 |
comparison
equal
deleted
inserted
replaced
| 670:ba43c68592d0 | 671:cec32b3753ac |
|---|---|
| 20 #endif | 20 #endif |
| 21 | 21 |
| 22 #define NGX_SSL_NAME "OpenSSL" | 22 #define NGX_SSL_NAME "OpenSSL" |
| 23 | 23 |
| 24 | 24 |
| 25 #define ngx_ssl_session_t SSL_SESSION | |
| 26 #define ngx_ssl_conn_t SSL | |
| 27 | |
| 28 | |
| 25 typedef struct { | 29 typedef struct { |
| 26 SSL_CTX *ctx; | 30 SSL_CTX *ctx; |
| 27 RSA *rsa512_key; | |
| 28 ngx_log_t *log; | 31 ngx_log_t *log; |
| 29 } ngx_ssl_t; | 32 } ngx_ssl_t; |
| 30 | 33 |
| 31 | 34 |
| 32 typedef struct { | 35 typedef struct { |
| 33 SSL *connection; | 36 ngx_ssl_conn_t *connection; |
| 34 | 37 |
| 35 ngx_int_t last; | 38 ngx_int_t last; |
| 36 ngx_buf_t *buf; | 39 ngx_buf_t *buf; |
| 37 | 40 |
| 38 ngx_connection_handler_pt handler; | 41 ngx_connection_handler_pt handler; |
| 45 unsigned no_wait_shutdown:1; | 48 unsigned no_wait_shutdown:1; |
| 46 unsigned no_send_shutdown:1; | 49 unsigned no_send_shutdown:1; |
| 47 } ngx_ssl_connection_t; | 50 } ngx_ssl_connection_t; |
| 48 | 51 |
| 49 | 52 |
| 50 #define ngx_ssl_session_t SSL_SESSION | |
| 51 | |
| 52 | |
| 53 #define NGX_SSL_SSLv2 2 | 53 #define NGX_SSL_SSLv2 2 |
| 54 #define NGX_SSL_SSLv3 4 | 54 #define NGX_SSL_SSLv3 4 |
| 55 #define NGX_SSL_TLSv1 8 | 55 #define NGX_SSL_TLSv1 8 |
| 56 | 56 |
| 57 | 57 |
| 59 #define NGX_SSL_CLIENT 2 | 59 #define NGX_SSL_CLIENT 2 |
| 60 | 60 |
| 61 #define NGX_SSL_BUFSIZE 16384 | 61 #define NGX_SSL_BUFSIZE 16384 |
| 62 | 62 |
| 63 | 63 |
| 64 #define NGX_SSL_VERIFY SSL_VERIFY_PEER | |
| 65 | |
| 66 | |
| 67 ngx_int_t ngx_ssl_init(ngx_log_t *log); | 64 ngx_int_t ngx_ssl_init(ngx_log_t *log); |
| 68 ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols); | 65 ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols); |
| 69 ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, | 66 ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 70 ngx_str_t *cert, ngx_str_t *key); | 67 ngx_str_t *cert, ngx_str_t *key); |
| 71 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, | 68 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 72 ngx_str_t *cert); | 69 ngx_str_t *cert, ngx_int_t depth); |
| 73 ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl); | 70 ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl); |
| 74 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, | 71 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, |
| 75 ngx_uint_t flags); | 72 ngx_uint_t flags); |
| 76 | 73 |
| 77 ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session); | 74 ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session); |
| 78 #define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection) | 75 #define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection) |
| 79 #define ngx_ssl_free_session SSL_SESSION_free | 76 #define ngx_ssl_free_session SSL_SESSION_free |
| 77 #define ngx_ssl_get_connection(sc) SSL_get_ex_data(sc, ngx_connection_index) | |
| 80 | 78 |
| 81 | 79 |
| 82 u_char *ngx_ssl_get_protocol(ngx_connection_t *c); | 80 ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool, |
| 83 u_char *ngx_ssl_get_cipher_name(ngx_connection_t *c); | 81 ngx_str_t *s); |
| 82 ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool, | |
| 83 ngx_str_t *s); | |
| 84 ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, | 84 ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, |
| 85 ngx_str_t *s); | 85 ngx_str_t *s); |
| 86 ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool, | 86 ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool, |
| 87 ngx_str_t *s); | 87 ngx_str_t *s); |
| 88 ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, | |
| 89 ngx_str_t *s); | |
| 90 | |
| 88 | 91 |
| 89 | 92 |
| 90 | 93 |
| 91 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); | 94 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c); |
| 92 ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); | 95 ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); |
| 98 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err, | 101 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err, |
| 99 char *fmt, ...); | 102 char *fmt, ...); |
| 100 void ngx_ssl_cleanup_ctx(void *data); | 103 void ngx_ssl_cleanup_ctx(void *data); |
| 101 | 104 |
| 102 | 105 |
| 106 extern int ngx_connection_index; | |
| 107 | |
| 108 | |
| 103 #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */ | 109 #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */ |