Mercurial > hg > nginx

comparison src/http/modules/ngx_http_ssl_module.c @ 2044:f45cec1cd270

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
DH parameters, ssl_dhparam
author Igor Sysoev <igor@sysoev.ru>
date Mon, 16 Jun 2008 05:51:32 +0000
parents 12b3ad3353f9
children 2b11822b12d6
comparison
equal deleted inserted replaced
2043:1d86674d1286 2044:f45cec1cd270
68 { ngx_string("ssl_certificate_key"), 68 { ngx_string("ssl_certificate_key"),
69 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, 69 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1,
70 ngx_conf_set_str_slot, 70 ngx_conf_set_str_slot,
71 NGX_HTTP_SRV_CONF_OFFSET, 71 NGX_HTTP_SRV_CONF_OFFSET,
72 offsetof(ngx_http_ssl_srv_conf_t, certificate_key), 72 offsetof(ngx_http_ssl_srv_conf_t, certificate_key),
73 NULL },
74
75 { ngx_string("ssl_dhparam"),
76 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1,
77 ngx_conf_set_str_slot,
78 NGX_HTTP_SRV_CONF_OFFSET,
79 offsetof(ngx_http_ssl_srv_conf_t, dhparam),
73 NULL }, 80 NULL },
74 81
75 { ngx_string("ssl_protocols"), 82 { ngx_string("ssl_protocols"),
76 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_1MORE, 83 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_1MORE,
77 ngx_conf_set_bitmask_slot, 84 ngx_conf_set_bitmask_slot,
285 292
286 /* 293 /*
287 * set by ngx_pcalloc(): 294 * set by ngx_pcalloc():
288 * 295 *
289 * sscf->protocols = 0; 296 * sscf->protocols = 0;
290 * sscf->certificate.len = 0; 297 * sscf->certificate = { 0, NULL };
291 * sscf->certificate.data = NULL; 298 * sscf->certificate_key = { 0, NULL };
292 * sscf->certificate_key.len = 0; 299 * sscf->dhparam = { 0, NULL };
293 * sscf->certificate_key.data = NULL; 300 * sscf->client_certificate = { 0, NULL };
294 * sscf->client_certificate.len = 0;
295 * sscf->client_certificate.data = NULL;
296 * sscf->ciphers.len = 0; 301 * sscf->ciphers.len = 0;
297 * sscf->ciphers.data = NULL; 302 * sscf->ciphers.data = NULL;
298 * sscf->shm_zone = NULL; 303 * sscf->shm_zone = NULL;
299 */ 304 */
300 305
339 ngx_conf_merge_str_value(conf->certificate, prev->certificate, 344 ngx_conf_merge_str_value(conf->certificate, prev->certificate,
340 NGX_DEFLAUT_CERTIFICATE); 345 NGX_DEFLAUT_CERTIFICATE);
341 346
342 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, 347 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key,
343 NGX_DEFLAUT_CERTIFICATE_KEY); 348 NGX_DEFLAUT_CERTIFICATE_KEY);
349
350 ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, "");
344 351
345 ngx_conf_merge_str_value(conf->client_certificate, prev->client_certificate, 352 ngx_conf_merge_str_value(conf->client_certificate, prev->client_certificate,
346 ""); 353 "");
347 354
348 ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFLAUT_CIPHERS); 355 ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFLAUT_CIPHERS);
412 /* a temporary 512-bit RSA key is required for export versions of MSIE */ 419 /* a temporary 512-bit RSA key is required for export versions of MSIE */
413 if (ngx_ssl_generate_rsa512_key(&conf->ssl) != NGX_OK) { 420 if (ngx_ssl_generate_rsa512_key(&conf->ssl) != NGX_OK) {
414 return NGX_CONF_ERROR; 421 return NGX_CONF_ERROR;
415 } 422 }
416 423
424 if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) {
425 return NGX_CONF_ERROR;
426 }
427
417 ngx_conf_merge_value(conf->builtin_session_cache, 428 ngx_conf_merge_value(conf->builtin_session_cache,
418 prev->builtin_session_cache, NGX_SSL_NONE_SCACHE); 429 prev->builtin_session_cache, NGX_SSL_NONE_SCACHE);
419 430
420 if (conf->shm_zone == NULL) { 431 if (conf->shm_zone == NULL) {
421 conf->shm_zone = prev->shm_zone; 432 conf->shm_zone = prev->shm_zone;