IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-21 05:43:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

ssl_session_cache off

Browse Source
This commit is contained in:
Igor Sysoev 2007-12-26 20:27:22 +00:00
parent 0123ee3adf
commit 6ff850baf8
4 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/event/ngx_event_openssl.c
View File

@ -1174,6 +1174,11 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
{ {
long cache_mode; long cache_mode;
if (builtin_session_cache == NGX_SSL_NO_SCACHE) {
SSL_CTX_set_session_cache_mode(ssl->ctx, SSL_SESS_CACHE_OFF);
return NGX_OK;
}
cache_mode = SSL_SESS_CACHE_SERVER; cache_mode = SSL_SESS_CACHE_SERVER;
if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) { if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) {

3
src/event/ngx_event_openssl.h
View File

@ -53,9 +53,10 @@ typedef struct {
#define NGX_SSL_DFLT_BUILTIN_SCACHE -2 #define NGX_SSL_DFLT_BUILTIN_SCACHE -2
#define NGX_SSL_NO_BUILTIN_SCACHE -3 #define NGX_SSL_NO_BUILTIN_SCACHE -3
#define NGX_SSL_NO_SCACHE -4
#define NGX_SSL_MAX_SESSION_SIZE (4096) #define NGX_SSL_MAX_SESSION_SIZE 4096
typedef struct ngx_ssl_sess_id_s ngx_ssl_sess_id_t; typedef struct ngx_ssl_sess_id_s ngx_ssl_sess_id_t;

8
src/http/modules/ngx_http_ssl_module.c
View File

@ -415,8 +415,7 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
} }
ngx_conf_merge_value(conf->builtin_session_cache, ngx_conf_merge_value(conf->builtin_session_cache,
prev->builtin_session_cache, prev->builtin_session_cache, NGX_SSL_NO_SCACHE);
NGX_SSL_DFLT_BUILTIN_SCACHE);
if (conf->shm_zone == NULL) { if (conf->shm_zone == NULL) {
conf->shm_zone = prev->shm_zone; conf->shm_zone = prev->shm_zone;
@ -448,6 +447,11 @@ ngx_http_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
for (i = 1; i < cf->args->nelts; i++) { for (i = 1; i < cf->args->nelts; i++) {
if (ngx_strcmp(value[i].data, "off") == 0) {
sscf->builtin_session_cache = NGX_SSL_NO_SCACHE;
continue;
}
if (ngx_strcmp(value[i].data, "builtin") == 0) { if (ngx_strcmp(value[i].data, "builtin") == 0) {
sscf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE; sscf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE;
continue; continue;

12
src/mail/ngx_mail_ssl_module.c
View File

@ -208,10 +208,10 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
|NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1)); |NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1));
ngx_conf_merge_str_value(conf->certificate, prev->certificate, ngx_conf_merge_str_value(conf->certificate, prev->certificate,
NGX_DEFLAUT_CERTIFICATE); NGX_DEFLAUT_CERTIFICATE);
ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key,
NGX_DEFLAUT_CERTIFICATE_KEY); NGX_DEFLAUT_CERTIFICATE_KEY);
ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFLAUT_CIPHERS); ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFLAUT_CIPHERS);
@ -261,8 +261,7 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
} }
ngx_conf_merge_value(conf->builtin_session_cache, ngx_conf_merge_value(conf->builtin_session_cache,
prev->builtin_session_cache, prev->builtin_session_cache, NGX_SSL_NO_SCACHE);
NGX_SSL_DFLT_BUILTIN_SCACHE);
if (conf->shm_zone == NULL) { if (conf->shm_zone == NULL) {
conf->shm_zone = prev->shm_zone; conf->shm_zone = prev->shm_zone;
@ -294,6 +293,11 @@ ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
for (i = 1; i < cf->args->nelts; i++) { for (i = 1; i < cf->args->nelts; i++) {
if (ngx_strcmp(value[i].data, "off") == 0) {
scf->builtin_session_cache = NGX_SSL_NO_SCACHE;
continue;
}
if (ngx_strcmp(value[i].data, "builtin") == 0) { if (ngx_strcmp(value[i].data, "builtin") == 0) {
scf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE; scf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE;
continue; continue;