Mercurial > hg > nginx

view src/stream/ngx_stream_ssl_module.h @ 6644:af642539cd53

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed regex captures handling without PCRE. If PCRE is disabled, captures were treated as normal variables in ngx_http_script_compile(), while code calculating flushes array length in ngx_http_compile_complex_value() did not account captures as variables. This could lead to write outside of the array boundary when setting last element to -1. Found with AddressSanitizer.
author Vladimir Homutov <vl@nginx.com>
date Wed, 06 Jul 2016 14:33:40 +0300
parents 51e1f047d15d
children 41cb1b64561d
line wrap: on
line source


/*
 * Copyright (C) Igor Sysoev
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_STREAM_SSL_H_INCLUDED_
#define _NGX_STREAM_SSL_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_stream.h>


typedef struct {
    ngx_msec_t       handshake_timeout;

    ngx_flag_t       prefer_server_ciphers;

    ngx_ssl_t        ssl;

    ngx_uint_t       protocols;

    ssize_t          builtin_session_cache;

    time_t           session_timeout;

    ngx_array_t     *certificates;
    ngx_array_t     *certificate_keys;

    ngx_str_t        dhparam;
    ngx_str_t        ecdh_curve;

    ngx_str_t        ciphers;

    ngx_array_t     *passwords;

    ngx_shm_zone_t  *shm_zone;

    ngx_flag_t       session_tickets;
    ngx_array_t     *session_ticket_keys;
} ngx_stream_ssl_conf_t;


extern ngx_module_t  ngx_stream_ssl_module;


#endif /* _NGX_STREAM_SSL_H_INCLUDED_ */