Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.h @ 4873:dd74fd35ceb5
OCSP stapling: ssl_stapling_file support.
Very basic version without any OCSP responder query code, assuming valid
DER-encoded OCSP response is present in a ssl_stapling_file configured.
Such file might be produced with openssl like this:
openssl ocsp -issuer root.crt -cert domain.crt -respout domain.staple \
-url http://ocsp.example.com
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 01 Oct 2012 12:41:08 +0000 |
| parents | 7c3cca603438 |
| children | 386a06a22c40 |
comparison
equal
deleted
inserted
replaced
| 4872:7c3cca603438 | 4873:dd74fd35ceb5 |
|---|---|
| 15 #include <openssl/ssl.h> | 15 #include <openssl/ssl.h> |
| 16 #include <openssl/err.h> | 16 #include <openssl/err.h> |
| 17 #include <openssl/conf.h> | 17 #include <openssl/conf.h> |
| 18 #include <openssl/engine.h> | 18 #include <openssl/engine.h> |
| 19 #include <openssl/evp.h> | 19 #include <openssl/evp.h> |
| 20 #include <openssl/ocsp.h> | |
| 20 | 21 |
| 21 #define NGX_SSL_NAME "OpenSSL" | 22 #define NGX_SSL_NAME "OpenSSL" |
| 22 | 23 |
| 23 | 24 |
| 24 #define ngx_ssl_session_t SSL_SESSION | 25 #define ngx_ssl_session_t SSL_SESSION |
| 102 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, | 103 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 103 ngx_str_t *cert, ngx_int_t depth); | 104 ngx_str_t *cert, ngx_int_t depth); |
| 104 ngx_int_t ngx_ssl_trusted_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, | 105 ngx_int_t ngx_ssl_trusted_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 105 ngx_str_t *cert, ngx_int_t depth); | 106 ngx_str_t *cert, ngx_int_t depth); |
| 106 ngx_int_t ngx_ssl_crl(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *crl); | 107 ngx_int_t ngx_ssl_crl(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *crl); |
| 108 ngx_int_t ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file); | |
| 107 RSA *ngx_ssl_rsa512_key_callback(SSL *ssl, int is_export, int key_length); | 109 RSA *ngx_ssl_rsa512_key_callback(SSL *ssl, int is_export, int key_length); |
| 108 ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file); | 110 ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file); |
| 109 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name); | 111 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name); |
| 110 ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx, | 112 ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx, |
| 111 ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout); | 113 ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout); |