view contrib/README @ 7465:6708bec13757

SSL: adjusted session id context with dynamic certificates. Dynamic certificates re-introduce problem with incorrect session reuse (AKA "virtual host confusion", CVE-2014-3616), since there are no server certificates to generate session id context from. To prevent this, session id context is now generated from ssl_certificate directives as specified in the configuration. This approach prevents incorrect session reuse in most cases, while still allowing sharing sessions across multiple machines with ssl_session_ticket_key set as long as configurations are identical.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 25 Feb 2019 16:42:54 +0300
parents 1bdf906bba99
children
line wrap: on
line source


geo2nginx.pl 		by Andrei Nigmatulin

	The perl script to convert CSV geoip database ( free download
	at http://www.maxmind.com/app/geoip_country ) to format, suitable
	for use by the ngx_http_geo_module.


unicode2nginx		by Maxim Dounin

	The perl script to convert unicode mappings ( available
	at http://www.unicode.org/Public/MAPPINGS/ ) to the nginx
	configuration file format.
	Two generated full maps for windows-1251 and koi8-r.


vim			by Evan Miller

	Syntax highlighting of nginx configuration for vim, to be
	placed into ~/.vim/.