Mercurial > hg > nginx
comparison src/http/modules/ngx_http_ssl_module.c @ 395:f8f0f1834266
nginx-0.0.7-2004-07-16-21:11:43 import
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Fri, 16 Jul 2004 17:11:43 +0000 |
parents | src/http/modules/ngx_http_ssl_filter.c@e7a68e14ccd3 |
children | 6f3b20c1ac50 |
comparison
equal
deleted
inserted
replaced
394:e7a68e14ccd3 | 395:f8f0f1834266 |
---|---|
1 | |
2 #include <ngx_config.h> | |
3 #include <ngx_core.h> | |
4 #include <ngx_http.h> | |
5 | |
6 | |
7 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" | |
8 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" | |
9 | |
10 | |
11 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); | |
12 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, | |
13 void *parent, void *child); | |
14 | |
15 | |
16 static ngx_command_t ngx_http_ssl_commands[] = { | |
17 | |
18 { ngx_string("ssl"), | |
19 NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, | |
20 ngx_conf_set_flag_slot, | |
21 NGX_HTTP_SRV_CONF_OFFSET, | |
22 offsetof(ngx_http_ssl_srv_conf_t, enable), | |
23 NULL }, | |
24 | |
25 { ngx_string("ssl_certificate"), | |
26 NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | |
27 ngx_conf_set_str_slot, | |
28 NGX_HTTP_SRV_CONF_OFFSET, | |
29 offsetof(ngx_http_ssl_srv_conf_t, certificate), | |
30 NULL }, | |
31 | |
32 { ngx_string("ssl_certificate_key"), | |
33 NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, | |
34 ngx_conf_set_str_slot, | |
35 NGX_HTTP_SRV_CONF_OFFSET, | |
36 offsetof(ngx_http_ssl_srv_conf_t, certificate_key), | |
37 NULL }, | |
38 | |
39 ngx_null_command | |
40 }; | |
41 | |
42 | |
43 static ngx_http_module_t ngx_http_ssl_module_ctx = { | |
44 NULL, /* pre conf */ | |
45 | |
46 NULL, /* create main configuration */ | |
47 NULL, /* init main configuration */ | |
48 | |
49 ngx_http_ssl_create_srv_conf, /* create server configuration */ | |
50 ngx_http_ssl_merge_srv_conf, /* merge server configuration */ | |
51 | |
52 NULL, /* create location configuration */ | |
53 NULL, /* merge location configuration */ | |
54 }; | |
55 | |
56 | |
57 ngx_module_t ngx_http_ssl_module = { | |
58 NGX_MODULE, | |
59 &ngx_http_ssl_module_ctx, /* module context */ | |
60 ngx_http_ssl_commands, /* module directives */ | |
61 NGX_HTTP_MODULE, /* module type */ | |
62 NULL, /* init module */ | |
63 NULL /* init process */ | |
64 }; | |
65 | |
66 | |
67 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) | |
68 { | |
69 ngx_http_ssl_srv_conf_t *scf; | |
70 | |
71 if (!(scf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_srv_conf_t)))) { | |
72 return NGX_CONF_ERROR; | |
73 } | |
74 | |
75 scf->enable = NGX_CONF_UNSET; | |
76 | |
77 return scf; | |
78 } | |
79 | |
80 | |
81 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, | |
82 void *parent, void *child) | |
83 { | |
84 ngx_http_ssl_srv_conf_t *prev = parent; | |
85 ngx_http_ssl_srv_conf_t *conf = child; | |
86 | |
87 ngx_conf_merge_value(conf->enable, prev->enable, 0); | |
88 | |
89 if (conf->enable == 0) { | |
90 return NGX_CONF_OK; | |
91 } | |
92 | |
93 ngx_conf_merge_str_value(conf->certificate, prev->certificate, | |
94 NGX_DEFLAUT_CERTIFICATE); | |
95 | |
96 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, | |
97 NGX_DEFLAUT_CERTIFICATE_KEY); | |
98 | |
99 /* TODO: configure methods */ | |
100 | |
101 conf->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); | |
102 | |
103 if (conf->ssl_ctx == NULL) { | |
104 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_new() failed"); | |
105 return NGX_CONF_ERROR; | |
106 } | |
107 | |
108 if (SSL_CTX_use_certificate_file(conf->ssl_ctx, conf->certificate.data, | |
109 SSL_FILETYPE_PEM) == 0) { | |
110 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, | |
111 "SSL_CTX_use_certificate_file(\"%s\") failed", | |
112 conf->certificate.data); | |
113 return NGX_CONF_ERROR; | |
114 } | |
115 | |
116 if (SSL_CTX_use_PrivateKey_file(conf->ssl_ctx, conf->certificate_key.data, | |
117 SSL_FILETYPE_PEM) == 0) { | |
118 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, | |
119 "SSL_CTX_use_PrivateKey_file(\"%s\") failed", | |
120 conf->certificate_key.data); | |
121 return NGX_CONF_ERROR; | |
122 } | |
123 | |
124 return NGX_CONF_OK; | |
125 } | |
126 | |
127 | |
128 #if 0 | |
129 | |
130 static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle) | |
131 { | |
132 ngx_uint_t i; | |
133 ngx_http_ssl_srv_conf_t *sscf; | |
134 ngx_http_core_srv_conf_t **cscfp; | |
135 ngx_http_core_main_conf_t *cmcf; | |
136 | |
137 cmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_core_module); | |
138 | |
139 cscfp = cmcf->servers.elts; | |
140 | |
141 for (i = 0; i < cmcf->servers.nelts; i++) { | |
142 sscf = cscfp[i]->ctx->srv_conf[ngx_http_ssl_module.ctx_index]; | |
143 | |
144 if (sscf->enable) { | |
145 cscfp[i]->recv = ngx_ssl_recv; | |
146 cscfp[i]->send_chain = ngx_ssl_send_chain; | |
147 } | |
148 } | |
149 | |
150 return NGX_OK; | |
151 } | |
152 | |
153 #endif |