IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-20 21:33:20 -06:00
Code Issues Packages Projects Releases Wiki Activity

A new fix for the case when ssl_session_cache defined, but ssl is not

Browse Source 
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.
This commit is contained in:
Igor Sysoev 2011-08-04 11:12:30 +00:00
parent c42be75569
commit dfd81a23b2
5 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/core/ngx_cycle.c
View File

@ -418,11 +418,6 @@ ngx_init_cycle(ngx_cycle_t *old_cycle)
goto failed;
}
if (shm_zone[i].init == NULL) {
/* unused shared zone */
continue;
}
shm_zone[i].shm.log = cycle->log;
opart = &old_cycle->shared_memory.part;

7
src/event/ngx_event_openssl.c
View File

@ -26,8 +26,7 @@ static void ngx_ssl_connection_error(ngx_connection_t *c, int sslerr,
ngx_err_t err, char *text);
static void ngx_ssl_clear_error(ngx_log_t *log);
static ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone,
void *data);
ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
static int ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn,
ngx_ssl_session_t *sess);
static ngx_ssl_session_t *ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
@ -1505,8 +1504,6 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
SSL_CTX_set_timeout(ssl->ctx, (long) timeout);
if (shm_zone) {
shm_zone->init = ngx_ssl_session_cache_init;
SSL_CTX_sess_set_new_cb(ssl->ctx, ngx_ssl_new_session);
SSL_CTX_sess_set_get_cb(ssl->ctx, ngx_ssl_get_cached_session);
SSL_CTX_sess_set_remove_cb(ssl->ctx, ngx_ssl_remove_session);
@ -1524,7 +1521,7 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
}
static ngx_int_t
ngx_int_t
ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data)
{
size_t len;

1
src/event/ngx_event_openssl.h
View File

@ -104,6 +104,7 @@ ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file);
ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name);
ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout);
ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
ngx_uint_t flags);

2
src/http/modules/ngx_http_ssl_module.c
View File

@ -626,6 +626,8 @@ ngx_http_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
sscf->builtin_session_cache = NGX_SSL_NO_BUILTIN_SCACHE;
}
sscf->shm_zone->init = ngx_ssl_session_cache_init;
return NGX_CONF_OK;
invalid:

2
src/mail/ngx_mail_ssl_module.c
View File

@ -474,6 +474,8 @@ ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
scf->builtin_session_cache = NGX_SSL_NO_BUILTIN_SCACHE;
}
scf->shm_zone->init = ngx_ssl_session_cache_init;
return NGX_CONF_OK;
invalid: