diff --git a/auto/lib/openssl/conf b/auto/lib/openssl/conf index e0da92a2b..c8c47e2b9 100644 --- a/auto/lib/openssl/conf +++ b/auto/lib/openssl/conf @@ -4,8 +4,6 @@ if [ $OPENSSL != NONE ]; then CORE_INCS="$CORE_INCS $OPENSSL/include" - CORE_DEPS="$CORE_DEPS $OPENSSL_DEPS" - CORE_SRCS="$CORE_SRCS $OPENSSL_SRCS" case "$CC" in *) @@ -36,8 +34,6 @@ else . auto/feature if [ $ngx_found = yes ]; then - CORE_DEPS="$CORE_DEPS $OPENSSL_DEPS" - CORE_SRCS="$CORE_SRCS $OPENSSL_SRCS" CORE_LIBS="$CORE_LIBS $ngx_feature_libs" OPENSSL=YES fi diff --git a/auto/make b/auto/make index f304ac7ec..866fb34f2 100644 --- a/auto/make +++ b/auto/make @@ -124,7 +124,7 @@ if test -n "$NGX_ADDON_SRCS"; then cat << END >> $NGX_MAKEFILE -ADDON_DEPS = \$(CORE_DPES) $NGX_ADDON_DEPS +ADDON_DEPS = \$(CORE_DEPS) $NGX_ADDON_DEPS END diff --git a/auto/modules b/auto/modules index 606149acc..46f356cc0 100644 --- a/auto/modules +++ b/auto/modules @@ -61,17 +61,22 @@ if [ $HTTP_SSI = YES ]; then HTTP_POSTPONE=YES fi +# the module order is important +# ngx_http_autoindex_module +# ngx_http_index_module +# +# # the filter order is important # ngx_http_write_filter # ngx_http_header_filter # ngx_http_chunked_filter # ngx_http_range_header_filter -# ngx_http_ssl_filter # ngx_http_gzip_filter # ngx_http_postpone_filter # ngx_http_charset_filter # ngx_http_ssi_filter -# ngx_http_headers_filter +# ngx_http_userid_filter +# ngx_http_headers_filter # ngx_http_copy_filter # ngx_http_range_body_filter # ngx_http_not_modified_filter @@ -212,8 +217,23 @@ if test -n "$NGX_ADDONS"; then fi +if [ $IMAP_SSL = YES ]; then + IMAP_DEPS="$IMAP_DEPS $IMAP_SSL_DEPS" + IMAP_SRCS="$IMAP_SRCS $IMAP_SSL_SRCS" + have=NGX_IMAP_SSL . auto/have + USE_OPENSSL=YES +fi + + modules="$CORE_MODULES $EVENT_MODULES" + +if [ $USE_OPENSSL = YES ]; then + modules="$modules $OPENSSL_MODULE" + CORE_DEPS="$CORE_DEPS $OPENSSL_DEPS" + CORE_SRCS="$CORE_SRCS $OPENSSL_SRCS" +fi + if [ $HTTP = YES ]; then modules="$modules $HTTP_MODULES $HTTP_FILTER_MODULES \ $HTTP_HEADERS_FILTER_MODULE \ @@ -230,10 +250,6 @@ if [ $IMAP = YES ]; then if [ $IMAP_SSL = YES ]; then modules="$modules $IMAP_SSL_MODULE" - IMAP_DEPS="$IMAP_DEPS $IMAP_SSL_DEPS" - IMAP_SRCS="$IMAP_SRCS $IMAP_SSL_SRCS" - have=NGX_IMAP_SSL . auto/have - USE_OPENSSL=YES fi modules="$modules $IMAP_AUTH_HTTP_MODULE" diff --git a/auto/sources b/auto/sources index 806875d99..bf048948d 100644 --- a/auto/sources +++ b/auto/sources @@ -55,6 +55,11 @@ REGEX_DEPS=src/core/ngx_regex.h REGEX_SRCS=src/core/ngx_regex.c +OPENSSL_MODULE=ngx_openssl_module +OPENSSL_DEPS=src/event/ngx_event_openssl.h +OPENSSL_SRCS=src/event/ngx_event_openssl.c + + EVENT_MODULES="ngx_events_module ngx_event_core_module" EVENT_INCS="src/event src/event/modules" @@ -104,10 +109,6 @@ AIO_SRCS="src/event/modules/ngx_aio_module.c \ src/os/unix/ngx_aio_write_chain.c" -OPENSSL_DEPS=src/event/ngx_event_openssl.h -OPENSSL_SRCS=src/event/ngx_event_openssl.c - - UNIX_INCS="$CORE_INCS $EVENT_INCS src/os/unix" UNIX_DEPS="$CORE_DEPS $EVENT_DEPS \ diff --git a/docs/xml/nginx/changes.xml b/docs/xml/nginx/changes.xml index 3bf26111d..3a316deb0 100644 --- a/docs/xml/nginx/changes.xml +++ b/docs/xml/nginx/changes.xml @@ -9,6 +9,41 @@ nginx changelog + + + + +директива ssl_engine упразднена в модуле ngx_http_ssl_module и +перенесена на глобальный уровень. + + +the "ssl_engine" directive is canceled in the ngx_http_ssl_module +and now is introduced at global level. + + + + + +ответы с подзапросами, включённые с помощью SSI, не передавались +через SSL соединение. + + +the responses with SSI subrequests did not transferred via SSL connection. + + + + + +Разные исправления в IMAP/POP3 прокси. + + +Various bug fixes in the IMAP/POP3 proxy. + + + + + + @@ -22,10 +57,10 @@ the IMAP/POP3 proxy supports SSL. -директива proxy_timeout. +директива proxy_timeout модуля ngx_imap_proxy_module. -the "proxy_timeout" directive. +the "proxy_timeout" directive of the ngx_imap_proxy_module. @@ -75,7 +110,7 @@ the geo2nginx.pl script was added to contrib. -параметры FastCGI, с пустым значениями, теперь передаются серверу. +параметры FastCGI с пустым значениями теперь передаются серверу. the FastCGI parameters with the empty values now are passed to a server. diff --git a/src/core/nginx.c b/src/core/nginx.c index 78e3caa3c..10db55540 100644 --- a/src/core/nginx.c +++ b/src/core/nginx.c @@ -118,8 +118,14 @@ ngx_module_t ngx_core_module = { &ngx_core_module_ctx, /* module context */ ngx_core_commands, /* module directives */ NGX_CORE_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -153,6 +159,7 @@ main(int argc, char *const *argv) return 1; } + /* STUB */ #if (NGX_OPENSSL) ngx_ssl_init(log); #endif diff --git a/src/core/nginx.h b/src/core/nginx.h index a24f88360..904c2ea38 100644 --- a/src/core/nginx.h +++ b/src/core/nginx.h @@ -8,7 +8,7 @@ #define _NGINX_H_INCLUDED_ -#define NGINX_VER "nginx/0.1.44" +#define NGINX_VER "nginx/0.1.45" #define NGINX_VAR "NGINX" #define NGX_NEWPID_EXT ".newbin" diff --git a/src/core/ngx_conf_file.c b/src/core/ngx_conf_file.c index 1a66ea92a..a536bd69d 100644 --- a/src/core/ngx_conf_file.c +++ b/src/core/ngx_conf_file.c @@ -31,8 +31,14 @@ ngx_module_t ngx_conf_module = { NULL, /* module context */ ngx_conf_commands, /* module directives */ NGX_CONF_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/core/ngx_conf_file.h b/src/core/ngx_conf_file.h index 1f4e72cee..483852fd2 100644 --- a/src/core/ngx_conf_file.h +++ b/src/core/ngx_conf_file.h @@ -65,8 +65,6 @@ #define NGX_CONF_BLOCK_DONE 2 #define NGX_CONF_FILE_DONE 3 -#define NGX_MODULE_V1 0, 0, 1, 0, 0 - #define NGX_CORE_MODULE 0x45524F43 /* "CORE" */ #define NGX_CONF_MODULE 0x464E4F43 /* "CONF" */ @@ -99,21 +97,42 @@ struct ngx_open_file_s { }; +#define NGX_MODULE_V1 0, 0, 1, 0, 0, 0, 0 +#define NGX_MODULE_V1_PADDING 0, 0, 0, 0, 0, 0, 0, 0 + struct ngx_module_s { ngx_uint_t ctx_index; ngx_uint_t index; ngx_uint_t version; + ngx_uint_t spare0; ngx_uint_t spare1; + ngx_uint_t spare2; + ngx_uint_t spare3; void *ctx; ngx_command_t *commands; ngx_uint_t type; + + ngx_int_t (*init_master)(ngx_log_t *log); + ngx_int_t (*init_module)(ngx_cycle_t *cycle); + ngx_int_t (*init_process)(ngx_cycle_t *cycle); -#if 0 ngx_int_t (*init_thread)(ngx_cycle_t *cycle); -#endif + ngx_int_t (*exit_thread)(ngx_cycle_t *cycle); + ngx_int_t (*exit_process)(ngx_cycle_t *cycle); + + ngx_int_t (*exit_master)(ngx_cycle_t *cycle); + + uintptr_t spare_hook0; + uintptr_t spare_hook1; + uintptr_t spare_hook2; + uintptr_t spare_hook3; + uintptr_t spare_hook4; + uintptr_t spare_hook5; + uintptr_t spare_hook6; + uintptr_t spare_hook7; }; diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c index fe75264db..c423c05ee 100644 --- a/src/core/ngx_connection.c +++ b/src/core/ngx_connection.c @@ -67,6 +67,7 @@ ngx_set_inherited_sockets(ngx_cycle_t *cycle) ngx_listening_t *ls; struct sockaddr_in *sin; #if (NGX_HAVE_DEFERRED_ACCEPT && defined SO_ACCEPTFILTER) + ngx_err_t err; socklen_t aflen; struct accept_filter_arg af; #endif @@ -133,7 +134,13 @@ ngx_set_inherited_sockets(ngx_cycle_t *cycle) if (getsockopt(ls[i].fd, SOL_SOCKET, SO_ACCEPTFILTER, &af, &aflen) == -1) { - ngx_log_error(NGX_LOG_NOTICE, cycle->log, ngx_errno, + err = ngx_errno; + + if (err == NGX_EINVAL) { + continue; + } + + ngx_log_error(NGX_LOG_NOTICE, cycle->log, err, "getsockopt(SO_ACCEPTFILTER) for %V failed, ignored", &ls[i].addr_text); continue; diff --git a/src/core/ngx_log.c b/src/core/ngx_log.c index efc62f93c..905c8a165 100644 --- a/src/core/ngx_log.c +++ b/src/core/ngx_log.c @@ -37,8 +37,14 @@ ngx_module_t ngx_errlog_module = { &ngx_errlog_module_ctx, /* module context */ ngx_errlog_commands, /* module directives */ NGX_CORE_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_aio_module.c b/src/event/modules/ngx_aio_module.c index 37d520a96..bf78a8e00 100644 --- a/src/event/modules/ngx_aio_module.c +++ b/src/event/modules/ngx_aio_module.c @@ -58,8 +58,14 @@ ngx_module_t ngx_aio_module = { &ngx_aio_module_ctx, /* module context */ NULL, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_devpoll_module.c b/src/event/modules/ngx_devpoll_module.c index cab5af074..413b0def4 100644 --- a/src/event/modules/ngx_devpoll_module.c +++ b/src/event/modules/ngx_devpoll_module.c @@ -95,8 +95,14 @@ ngx_module_t ngx_devpoll_module = { &ngx_devpoll_module_ctx, /* module context */ ngx_devpoll_commands, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_epoll_module.c b/src/event/modules/ngx_epoll_module.c index 9847e0fe4..75a0b0f4b 100644 --- a/src/event/modules/ngx_epoll_module.c +++ b/src/event/modules/ngx_epoll_module.c @@ -125,8 +125,14 @@ ngx_module_t ngx_epoll_module = { &ngx_epoll_module_ctx, /* module context */ ngx_epoll_commands, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_iocp_module.c b/src/event/modules/ngx_iocp_module.c index 1bb677c63..5c9e7e68f 100644 --- a/src/event/modules/ngx_iocp_module.c +++ b/src/event/modules/ngx_iocp_module.c @@ -73,8 +73,14 @@ ngx_module_t ngx_iocp_module = { &ngx_iocp_module_ctx, /* module context */ ngx_iocp_commands, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_kqueue_module.c b/src/event/modules/ngx_kqueue_module.c index 713ea1a07..78ebbad95 100644 --- a/src/event/modules/ngx_kqueue_module.c +++ b/src/event/modules/ngx_kqueue_module.c @@ -98,8 +98,14 @@ ngx_module_t ngx_kqueue_module = { &ngx_kqueue_module_ctx, /* module context */ ngx_kqueue_commands, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_poll_module.c b/src/event/modules/ngx_poll_module.c index 97ac7ccc4..68d592cca 100644 --- a/src/event/modules/ngx_poll_module.c +++ b/src/event/modules/ngx_poll_module.c @@ -54,8 +54,14 @@ ngx_module_t ngx_poll_module = { &ngx_poll_module_ctx, /* module context */ NULL, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_rtsig_module.c b/src/event/modules/ngx_rtsig_module.c index 838b27d70..69792c67c 100644 --- a/src/event/modules/ngx_rtsig_module.c +++ b/src/event/modules/ngx_rtsig_module.c @@ -122,8 +122,14 @@ ngx_module_t ngx_rtsig_module = { &ngx_rtsig_module_ctx, /* module context */ ngx_rtsig_commands, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/modules/ngx_select_module.c b/src/event/modules/ngx_select_module.c index 4cf88400c..7cb338182 100644 --- a/src/event/modules/ngx_select_module.c +++ b/src/event/modules/ngx_select_module.c @@ -67,8 +67,14 @@ ngx_module_t ngx_select_module = { &ngx_select_module_ctx, /* module context */ NULL, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c index 274be6c52..5557c340d 100644 --- a/src/event/ngx_event.c +++ b/src/event/ngx_event.c @@ -95,8 +95,14 @@ ngx_module_t ngx_events_module = { &ngx_events_module_ctx, /* module context */ ngx_events_commands, /* module directives */ NGX_CORE_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -167,8 +173,14 @@ ngx_module_t ngx_event_core_module = { &ngx_event_core_module_ctx, /* module context */ ngx_event_core_commands, /* module directives */ NGX_EVENT_MODULE, /* module type */ + NULL, /* init master */ ngx_event_module_init, /* init module */ - ngx_event_process_init /* init process */ + ngx_event_process_init, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/event/ngx_event_connect.c b/src/event/ngx_event_connect.c index 7cab38cb7..be1d9638a 100644 --- a/src/event/ngx_event_connect.c +++ b/src/event/ngx_event_connect.c @@ -17,7 +17,7 @@ ngx_int_t ngx_event_connect_peer(ngx_peer_connection_t *pc) { int rc; - ngx_uint_t instance; + ngx_uint_t instance, level; u_int event; time_t now; ngx_err_t err; @@ -283,20 +283,15 @@ ngx_event_connect_peer(ngx_peer_connection_t *pc) /* Winsock returns WSAEWOULDBLOCK (NGX_EAGAIN) */ if (err != NGX_EINPROGRESS && err != NGX_EAGAIN) { - ngx_connection_error(c, err, "connect() failed"); -#if 0 -#undef sun - { - struct sockaddr_un *sun; - - sun = (struct sockaddr_un *) peer->sockaddr; - - ngx_log_error(NGX_LOG_ALERT, pc->log, 0, - "\"%s\", f:%d, l:%uz", - sun->sun_path, sun->sun_family, peer->socklen); + if (err == NGX_ECONNREFUSED || err == NGX_EHOSTUNREACH) { + level = NGX_LOG_ERR; + } else { + level = NGX_LOG_CRIT; } -#endif + + ngx_log_error(level, c->log, err, "connect() to %V failed", + &peer->name); return NGX_CONNECT_ERROR; } diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 4c7deb336..b02926a74 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -8,12 +8,62 @@ #include #include -#include + +typedef struct { + ngx_str_t engine; +} ngx_openssl_conf_t; static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n); static void ngx_ssl_write_handler(ngx_event_t *wev); static void ngx_ssl_read_handler(ngx_event_t *rev); +static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); +static char *ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf); + +#if !(NGX_SSL_ENGINE) +static char *ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); +#endif + + +static ngx_command_t ngx_openssl_commands[] = { + + { ngx_string("ssl_engine"), + NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1, +#if (NGX_SSL_ENGINE) + ngx_conf_set_str_slot, +#else + ngx_openssl_noengine, +#endif + 0, + offsetof(ngx_openssl_conf_t, engine), + NULL }, + + ngx_null_command +}; + + +static ngx_core_module_t ngx_openssl_module_ctx = { + ngx_string("openssl"), + ngx_openssl_create_conf, + ngx_openssl_init_conf +}; + + +ngx_module_t ngx_openssl_module = { + NGX_MODULE_V1, + &ngx_openssl_module_ctx, /* module context */ + ngx_openssl_commands, /* module directives */ + NGX_CORE_MODULE, /* module type */ + NULL, /* init master */ + NULL, /* init module */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING +}; ngx_int_t @@ -21,7 +71,10 @@ ngx_ssl_init(ngx_log_t *log) { SSL_library_init(); SSL_load_error_strings(); + +#if (NGX_SSL_ENGINE) ENGINE_load_builtin_engines(); +#endif return NGX_OK; } @@ -638,3 +691,74 @@ ngx_ssl_cleanup_ctx(void *data) SSL_CTX_free(ctx); } + + +static void * +ngx_openssl_create_conf(ngx_cycle_t *cycle) +{ + ngx_openssl_conf_t *oscf; + + oscf = ngx_pcalloc(cycle->pool, sizeof(ngx_openssl_conf_t)); + if (oscf == NULL) { + return NGX_CONF_ERROR; + } + + /* + * set by ngx_pcalloc(): + * + * oscf->engine.len = 0; + * oscf->engine.data = NULL; + */ + + return oscf; +} + + +static char * +ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf) +{ +#if (NGX_SSL_ENGINE) + ngx_openssl_conf_t *oscf = conf; + + ENGINE *engine; + + if (oscf->engine.len == 0) { + return NGX_CONF_OK; + } + + engine = ENGINE_by_id((const char *) oscf->engine.data); + + if (engine == NULL) { + ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, + "ENGINE_by_id(\"%V\") failed", &oscf->engine); + return NGX_CONF_ERROR; + } + + if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { + ngx_ssl_error(NGX_LOG_WARN, cycle->log, 0, + "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", + &oscf->engine); + return NGX_CONF_ERROR; + } + + ENGINE_free(engine); + +#endif + + return NGX_CONF_OK; +} + + +#if !(NGX_SSL_ENGINE) + +static char * +ngx_openssl_noengine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +{ + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "\"ssl_engine\" is not supported: " NGX_SSL_NAME + " library does not support crypto accelerators"); + + return NGX_CONF_ERROR; +} + +#endif diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h index 7fc6bc092..f298aeb10 100644 --- a/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h @@ -14,6 +14,13 @@ #include #include +#if OPENSSL_VERSION_NUMBER >= 0x00907000 +#include +#define NGX_SSL_ENGINE 1 +#endif + +#define NGX_SSL_NAME "OpenSSL" + typedef struct { SSL *ssl; @@ -38,7 +45,6 @@ typedef SSL_CTX ngx_ssl_ctx_t; #define NGX_SSL_BUFFER 1 - #define NGX_SSL_BUFSIZE 16384 diff --git a/src/http/modules/ngx_http_access_module.c b/src/http/modules/ngx_http_access_module.c index 47f9944b0..b02e8cfd1 100644 --- a/src/http/modules/ngx_http_access_module.c +++ b/src/http/modules/ngx_http_access_module.c @@ -73,8 +73,14 @@ ngx_module_t ngx_http_access_module = { &ngx_http_access_module_ctx, /* module context */ ngx_http_access_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_access_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_auth_basic_module.c b/src/http/modules/ngx_http_auth_basic_module.c index 06d0df54e..b129a9874 100644 --- a/src/http/modules/ngx_http_auth_basic_module.c +++ b/src/http/modules/ngx_http_auth_basic_module.c @@ -79,8 +79,14 @@ ngx_module_t ngx_http_auth_basic_module = { &ngx_http_auth_basic_module_ctx, /* module context */ ngx_http_auth_basic_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_auth_basic_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_autoindex_module.c b/src/http/modules/ngx_http_autoindex_module.c index a7246b04d..2838e9fc7 100644 --- a/src/http/modules/ngx_http_autoindex_module.c +++ b/src/http/modules/ngx_http_autoindex_module.c @@ -99,8 +99,14 @@ ngx_module_t ngx_http_autoindex_module = { &ngx_http_autoindex_module_ctx, /* module context */ ngx_http_autoindex_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_autoindex_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_charset_filter_module.c b/src/http/modules/ngx_http_charset_filter_module.c index 62c81e116..2ec138fb9 100644 --- a/src/http/modules/ngx_http_charset_filter_module.c +++ b/src/http/modules/ngx_http_charset_filter_module.c @@ -121,8 +121,14 @@ ngx_module_t ngx_http_charset_filter_module = { &ngx_http_charset_filter_module_ctx, /* module context */ ngx_http_charset_filter_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_charset_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_chunked_filter_module.c b/src/http/modules/ngx_http_chunked_filter_module.c index 4136613e0..bfa362408 100644 --- a/src/http/modules/ngx_http_chunked_filter_module.c +++ b/src/http/modules/ngx_http_chunked_filter_module.c @@ -32,8 +32,14 @@ ngx_module_t ngx_http_chunked_filter_module = { &ngx_http_chunked_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_chunked_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c index c5a2c4bc4..6efac3df6 100644 --- a/src/http/modules/ngx_http_fastcgi_module.c +++ b/src/http/modules/ngx_http_fastcgi_module.c @@ -330,8 +330,14 @@ ngx_module_t ngx_http_fastcgi_module = { &ngx_http_fastcgi_module_ctx, /* module context */ ngx_http_fastcgi_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_geo_module.c b/src/http/modules/ngx_http_geo_module.c index 723eff90f..834282b16 100644 --- a/src/http/modules/ngx_http_geo_module.c +++ b/src/http/modules/ngx_http_geo_module.c @@ -53,8 +53,14 @@ ngx_module_t ngx_http_geo_module = { &ngx_http_geo_module_ctx, /* module context */ ngx_http_geo_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_gzip_filter_module.c b/src/http/modules/ngx_http_gzip_filter_module.c index 024302807..c37f79cb7 100644 --- a/src/http/modules/ngx_http_gzip_filter_module.c +++ b/src/http/modules/ngx_http_gzip_filter_module.c @@ -218,8 +218,14 @@ ngx_module_t ngx_http_gzip_filter_module = { &ngx_http_gzip_filter_module_ctx, /* module context */ ngx_http_gzip_filter_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_gzip_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_headers_filter_module.c b/src/http/modules/ngx_http_headers_filter_module.c index 91bebdc50..1ad225fe9 100644 --- a/src/http/modules/ngx_http_headers_filter_module.c +++ b/src/http/modules/ngx_http_headers_filter_module.c @@ -60,8 +60,14 @@ ngx_module_t ngx_http_headers_filter_module = { &ngx_http_headers_filter_module_ctx, /* module context */ ngx_http_headers_filter_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_headers_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_index_module.c b/src/http/modules/ngx_http_index_module.c index 5315704b4..abab26807 100644 --- a/src/http/modules/ngx_http_index_module.c +++ b/src/http/modules/ngx_http_index_module.c @@ -96,8 +96,14 @@ ngx_module_t ngx_http_index_module = { &ngx_http_index_module_ctx, /* module context */ ngx_http_index_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_index_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_not_modified_filter_module.c b/src/http/modules/ngx_http_not_modified_filter_module.c index 23ea57215..6712a917d 100644 --- a/src/http/modules/ngx_http_not_modified_filter_module.c +++ b/src/http/modules/ngx_http_not_modified_filter_module.c @@ -33,8 +33,14 @@ ngx_module_t ngx_http_not_modified_filter_module = { &ngx_http_not_modified_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_not_modified_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c index e8b9c4ee9..1415f2180 100644 --- a/src/http/modules/ngx_http_proxy_module.c +++ b/src/http/modules/ngx_http_proxy_module.c @@ -295,8 +295,14 @@ ngx_module_t ngx_http_proxy_module = { &ngx_http_proxy_module_ctx, /* module context */ ngx_http_proxy_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_range_filter_module.c b/src/http/modules/ngx_http_range_filter_module.c index cfc23f6e1..c62649595 100644 --- a/src/http/modules/ngx_http_range_filter_module.c +++ b/src/http/modules/ngx_http_range_filter_module.c @@ -73,8 +73,14 @@ ngx_module_t ngx_http_range_header_filter_module = { &ngx_http_range_header_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_range_header_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -98,8 +104,14 @@ ngx_module_t ngx_http_range_body_filter_module = { &ngx_http_range_body_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_range_body_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_rewrite_module.c b/src/http/modules/ngx_http_rewrite_module.c index 5f73c026c..693495e3b 100644 --- a/src/http/modules/ngx_http_rewrite_module.c +++ b/src/http/modules/ngx_http_rewrite_module.c @@ -130,8 +130,14 @@ ngx_module_t ngx_http_rewrite_module = { &ngx_http_rewrite_module_ctx, /* module context */ ngx_http_rewrite_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_rewrite_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_ssi_filter_module.c b/src/http/modules/ngx_http_ssi_filter_module.c index 6507105e3..0f3829594 100644 --- a/src/http/modules/ngx_http_ssi_filter_module.c +++ b/src/http/modules/ngx_http_ssi_filter_module.c @@ -200,8 +200,14 @@ ngx_module_t ngx_http_ssi_filter_module = { &ngx_http_ssi_filter_module_ctx, /* module context */ ngx_http_ssi_filter_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_ssi_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c index bf1d24fc7..5137af0d8 100644 --- a/src/http/modules/ngx_http_ssl_module.c +++ b/src/http/modules/ngx_http_ssl_module.c @@ -8,15 +8,11 @@ #include #include -#include - #define NGX_DEFLAUT_CERTIFICATE "cert.pem" #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" -static void *ngx_http_ssl_create_main_conf(ngx_conf_t *cf); -static char *ngx_http_ssl_init_main_conf(ngx_conf_t *cf, void *conf); static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child); @@ -24,13 +20,6 @@ static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, static ngx_command_t ngx_http_ssl_commands[] = { - { ngx_string("ssl_engine"), - NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, - ngx_conf_set_str_slot, - NGX_HTTP_MAIN_CONF_OFFSET, - offsetof(ngx_http_ssl_main_conf_t, engine), - NULL }, - { ngx_string("ssl"), NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, @@ -67,8 +56,8 @@ static ngx_http_module_t ngx_http_ssl_module_ctx = { NULL, /* preconfiguration */ NULL, /* postconfiguration */ - ngx_http_ssl_create_main_conf, /* create main configuration */ - ngx_http_ssl_init_main_conf, /* init main configuration */ + NULL, /* create main configuration */ + NULL, /* init main configuration */ ngx_http_ssl_create_srv_conf, /* create server configuration */ ngx_http_ssl_merge_srv_conf, /* merge server configuration */ @@ -83,64 +72,17 @@ ngx_module_t ngx_http_ssl_module = { &ngx_http_ssl_module_ctx, /* module context */ ngx_http_ssl_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; -static void * -ngx_http_ssl_create_main_conf(ngx_conf_t *cf) -{ - ngx_http_ssl_main_conf_t *mcf; - - mcf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_main_conf_t)); - if (mcf == NULL) { - return NGX_CONF_ERROR; - } - - /* - * set by ngx_pcalloc(): - * - * mcf->engine.len = 0; - * mcf->engine.data = NULL; - */ - - return mcf; -} - - -static char * -ngx_http_ssl_init_main_conf(ngx_conf_t *cf, void *conf) -{ - ngx_http_ssl_main_conf_t *mcf = conf; - - ENGINE *engine; - - if (mcf->engine.len == 0) { - return NGX_CONF_OK; - } - - engine = ENGINE_by_id((const char *) mcf->engine.data); - - if (engine == NULL) { - ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, - "ENGINE_by_id(\"%V\") failed", &mcf->engine); - return NGX_CONF_ERROR; - } - - if (ENGINE_set_default(engine, ENGINE_METHOD_ALL) == 0) { - ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, - "ENGINE_set_default(\"%V\", ENGINE_METHOD_ALL) failed", - &mcf->engine); - return NGX_CONF_ERROR; - } - - ENGINE_free(engine); - - return NGX_CONF_OK; -} - - static void * ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) { @@ -240,12 +182,16 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) return NGX_CONF_ERROR; } + SSL_CTX_set_verify(conf->ssl_ctx, SSL_VERIFY_NONE, NULL); + return NGX_CONF_OK; } #if 0 +/* how to enumrate server' configs */ + static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle) { diff --git a/src/http/modules/ngx_http_ssl_module.h b/src/http/modules/ngx_http_ssl_module.h index bf6036634..acb0aeeb5 100644 --- a/src/http/modules/ngx_http_ssl_module.h +++ b/src/http/modules/ngx_http_ssl_module.h @@ -13,11 +13,6 @@ #include -typedef struct { - ngx_str_t engine; -} ngx_http_ssl_main_conf_t; - - typedef struct { ngx_flag_t enable; ngx_str_t certificate; diff --git a/src/http/modules/ngx_http_static_module.c b/src/http/modules/ngx_http_static_module.c index 54e624fa8..eac3c193a 100644 --- a/src/http/modules/ngx_http_static_module.c +++ b/src/http/modules/ngx_http_static_module.c @@ -58,8 +58,14 @@ ngx_module_t ngx_http_static_module = { &ngx_http_static_module_ctx, /* module context */ ngx_http_static_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_static_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_stub_status_module.c b/src/http/modules/ngx_http_stub_status_module.c index 0f1a252a8..ea55c1b04 100644 --- a/src/http/modules/ngx_http_stub_status_module.c +++ b/src/http/modules/ngx_http_stub_status_module.c @@ -41,8 +41,14 @@ ngx_module_t ngx_http_stub_status_module = { &ngx_http_stub_status_module_ctx, /* module context */ ngx_http_status_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/modules/ngx_http_userid_filter_module.c b/src/http/modules/ngx_http_userid_filter_module.c index 5ee9712f8..1add894be 100644 --- a/src/http/modules/ngx_http_userid_filter_module.c +++ b/src/http/modules/ngx_http_userid_filter_module.c @@ -177,8 +177,14 @@ ngx_module_t ngx_http_userid_filter_module = { &ngx_http_userid_filter_module_ctx, /* module context */ ngx_http_userid_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_userid_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http.c b/src/http/ngx_http.c index 0f6f2f1d4..646e16d50 100644 --- a/src/http/ngx_http.c +++ b/src/http/ngx_http.c @@ -57,8 +57,14 @@ ngx_module_t ngx_http_module = { &ngx_http_module_ctx, /* module context */ ngx_http_commands, /* module directives */ NGX_CORE_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_copy_filter_module.c b/src/http/ngx_http_copy_filter_module.c index 46715482a..2afdcf670 100644 --- a/src/http/ngx_http_copy_filter_module.c +++ b/src/http/ngx_http_copy_filter_module.c @@ -53,8 +53,14 @@ ngx_module_t ngx_http_copy_filter_module = { &ngx_http_copy_filter_module_ctx, /* module context */ ngx_http_copy_filter_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_copy_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c index 0b483e0c8..66373e389 100644 --- a/src/http/ngx_http_core_module.c +++ b/src/http/ngx_http_core_module.c @@ -383,8 +383,14 @@ ngx_module_t ngx_http_core_module = { &ngx_http_core_module_ctx, /* module context */ ngx_http_core_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_header_filter_module.c b/src/http/ngx_http_header_filter_module.c index daf6c8580..5af1cf386 100644 --- a/src/http/ngx_http_header_filter_module.c +++ b/src/http/ngx_http_header_filter_module.c @@ -34,8 +34,14 @@ ngx_module_t ngx_http_header_filter_module = { &ngx_http_header_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_header_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_log_module.c b/src/http/ngx_http_log_module.c index 333472ecc..3caa2e91e 100644 --- a/src/http/ngx_http_log_module.c +++ b/src/http/ngx_http_log_module.c @@ -125,8 +125,14 @@ ngx_module_t ngx_http_log_module = { &ngx_http_log_module_ctx, /* module context */ ngx_http_log_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_postpone_filter_module.c b/src/http/ngx_http_postpone_filter_module.c index d7d338f09..73e31e698 100644 --- a/src/http/ngx_http_postpone_filter_module.c +++ b/src/http/ngx_http_postpone_filter_module.c @@ -32,8 +32,14 @@ ngx_module_t ngx_http_postpone_filter_module = { &ngx_http_postpone_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_postpone_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c index c575347db..04a7a572b 100644 --- a/src/http/ngx_http_upstream.c +++ b/src/http/ngx_http_upstream.c @@ -189,8 +189,14 @@ ngx_module_t ngx_http_upstream_module = { &ngx_http_upstream_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/http/ngx_http_write_filter_module.c b/src/http/ngx_http_write_filter_module.c index af95c99cd..f3b36225b 100644 --- a/src/http/ngx_http_write_filter_module.c +++ b/src/http/ngx_http_write_filter_module.c @@ -33,8 +33,14 @@ ngx_module_t ngx_http_write_filter_module = { &ngx_http_write_filter_module_ctx, /* module context */ NULL, /* module directives */ NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ ngx_http_write_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -226,7 +232,7 @@ ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in) r->out = chain; - if (chain || c->buffered) { + if (chain || (c->buffered && r->postponed == NULL)) { return NGX_AGAIN; } diff --git a/src/imap/ngx_imap.c b/src/imap/ngx_imap.c index aa28b2d6a..b8a75ad2b 100644 --- a/src/imap/ngx_imap.c +++ b/src/imap/ngx_imap.c @@ -41,8 +41,14 @@ ngx_module_t ngx_imap_module = { &ngx_imap_module_ctx, /* module context */ ngx_imap_commands, /* module directives */ NGX_CORE_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/imap/ngx_imap.h b/src/imap/ngx_imap.h index 5e037743b..7bee2adf3 100644 --- a/src/imap/ngx_imap.h +++ b/src/imap/ngx_imap.h @@ -123,6 +123,12 @@ typedef struct { } ngx_imap_session_t; +typedef struct { + ngx_str_t *client; + ngx_imap_session_t *session; +} ngx_imap_log_ctx_t; + + #define NGX_POP3_USER 1 #define NGX_POP3_PASS 2 #define NGX_POP3_CAPA 3 diff --git a/src/imap/ngx_imap_auth_http_module.c b/src/imap/ngx_imap_auth_http_module.c index 2bf0cc96c..1e2bc4c04 100644 --- a/src/imap/ngx_imap_auth_http_module.c +++ b/src/imap/ngx_imap_auth_http_module.c @@ -105,8 +105,14 @@ ngx_module_t ngx_imap_auth_http_module = { &ngx_imap_auth_http_module_ctx, /* module context */ ngx_imap_auth_http_commands, /* module directives */ NGX_IMAP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -120,6 +126,8 @@ ngx_imap_auth_http_init(ngx_imap_session_t *s) ngx_imap_auth_http_ctx_t *ctx; ngx_imap_auth_http_conf_t *ahcf; + s->connection->log->action = "in http auth state"; + ctx = ngx_pcalloc(s->connection->pool, sizeof(ngx_imap_auth_http_ctx_t)); if (ctx == NULL) { ngx_imap_session_internal_server_error(s); @@ -142,7 +150,7 @@ ngx_imap_auth_http_init(ngx_imap_session_t *s) rc = ngx_event_connect_peer(&ctx->peer); - if (rc == NGX_ERROR) { + if (rc == NGX_ERROR || rc == NGX_CONNECT_ERROR) { ngx_imap_session_internal_server_error(s); return; } @@ -156,13 +164,13 @@ ngx_imap_auth_http_init(ngx_imap_session_t *s) ctx->handler = ngx_imap_auth_http_ignore_status_line; + ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); + ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); + if (rc == NGX_OK) { ngx_imap_auth_http_write_handler(ctx->peer.connection->write); return; } - - ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); - ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); } @@ -185,7 +193,8 @@ ngx_imap_auth_http_write_handler(ngx_event_t *wev) if (wev->timedout) { ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, - "auth http server timed out"); + "auth http server %V timed out", + &ctx->peer.peers->peer[0].name); ngx_close_connection(ctx->peer.connection); ngx_imap_session_internal_server_error(s); return; @@ -240,7 +249,8 @@ ngx_imap_auth_http_read_handler(ngx_event_t *rev) if (rev->timedout) { ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, - "auth http server timed out"); + "auth http server %V timed out", + &ctx->peer.peers->peer[0].name); ngx_close_connection(ctx->peer.connection); ngx_imap_session_internal_server_error(s); return; @@ -355,7 +365,8 @@ ngx_imap_auth_http_ignore_status_line(ngx_imap_session_t *s, } ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, - "auth http server sent invalid response"); + "auth http server &V sent invalid response", + &ctx->peer.peers->peer[0].name); ngx_close_connection(ctx->peer.connection); ngx_imap_session_internal_server_error(s); return; @@ -520,9 +531,11 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, if (ctx->sleep == 0) { s->quit = 1; - } - ngx_imap_send(s->connection->write); + ngx_imap_send(s->connection->write); + + return; + } ngx_add_timer(s->connection->read, ctx->sleep * 1000); @@ -533,7 +546,8 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, if (ctx->addr.len == 0 || ctx->port.len == 0) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, - "auth http server did not send server or port"); + "auth http server %V did not send server or port", + &ctx->peer.peers->peer[0].name); ngx_imap_session_internal_server_error(s); return; } @@ -555,8 +569,9 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, port = ngx_atoi(ctx->port.data, ctx->port.len); if (port == NGX_ERROR || port < 1 || port > 65536) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, - "auth http server sent invalid server " - "port:\"%V\"", &ctx->port); + "auth http server %V sent invalid server " + "port:\"%V\"", + &ctx->peer.peers->peer[0].name, &ctx->port); ngx_imap_session_internal_server_error(s); return; } @@ -567,8 +582,9 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, sin->sin_addr.s_addr = inet_addr((char *) ctx->addr.data); if (sin->sin_addr.s_addr == INADDR_NONE) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, - "auth http server sent invalid server " - "address:\"%V\"", &ctx->addr); + "auth http server %V sent invalid server " + "address:\"%V\"", + &ctx->peer.peers->peer[0].name, &ctx->addr); ngx_imap_session_internal_server_error(s); return; } @@ -612,7 +628,8 @@ ngx_imap_auth_http_process_headers(ngx_imap_session_t *s, /* rc == NGX_ERROR */ ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, - "auth http server sent invalid header in response"); + "auth http server %V sent invalid header in response", + &ctx->peer.peers->peer[0].name); ngx_close_connection(ctx->peer.connection); ngx_imap_session_internal_server_error(s); @@ -654,6 +671,8 @@ ngx_imap_auth_sleep_handler(ngx_event_t *rev) ngx_imap_close_connection(s->connection); } + ngx_imap_send(s->connection->write); + return; } diff --git a/src/imap/ngx_imap_core_module.c b/src/imap/ngx_imap_core_module.c index 8225574ec..0203f44f1 100644 --- a/src/imap/ngx_imap_core_module.c +++ b/src/imap/ngx_imap_core_module.c @@ -114,8 +114,14 @@ ngx_module_t ngx_imap_core_module = { &ngx_imap_core_module_ctx, /* module context */ ngx_imap_core_commands, /* module directives */ NGX_IMAP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; diff --git a/src/imap/ngx_imap_handler.c b/src/imap/ngx_imap_handler.c index 03dedaf34..0ddf51f61 100644 --- a/src/imap/ngx_imap_handler.c +++ b/src/imap/ngx_imap_handler.c @@ -11,7 +11,9 @@ static void ngx_imap_init_session(ngx_event_t *rev); +static void ngx_imap_init_protocol(ngx_event_t *rev); static ngx_int_t ngx_imap_read_command(ngx_imap_session_t *s); +static u_char *ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len); #if (NGX_IMAP_SSL) static void ngx_imap_ssl_close_handler(ngx_event_t *ev); @@ -40,20 +42,49 @@ static u_char imap_invalid_command[] = "BAD invalid command" CRLF; void ngx_imap_init_connection(ngx_connection_t *c) { + ngx_imap_log_ctx_t *ctx; + + ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap init connection"); + + ctx = ngx_palloc(c->pool, sizeof(ngx_imap_log_ctx_t)); + if (ctx == NULL) { + ngx_imap_close_connection(c); + return; + } + + ctx->client = &c->addr_text; + ctx->session = NULL; + + c->log->connection = c->number; + c->log->handler = ngx_imap_log_error; + c->log->data = ctx; + c->log->action = "sending client greeting line"; + + c->log_error = NGX_ERROR_INFO; + + ngx_imap_init_session(c->read); +} + + +static void +ngx_imap_init_session(ngx_event_t *rev) +{ + ngx_connection_t *c; ngx_imap_session_t *s; + ngx_imap_log_ctx_t *lctx; ngx_imap_conf_ctx_t *ctx; + ngx_imap_core_srv_conf_t *cscf; #if (NGX_IMAP_SSL) ngx_int_t rc; ngx_imap_ssl_conf_t *sslcf; #endif - ngx_imap_core_srv_conf_t *cscf; - ngx_log_debug0(NGX_LOG_DEBUG_IMAP, c->log, 0, "imap init connection"); - - c->log_error = NGX_ERROR_INFO; + c = rev->data; ctx = c->ctx; + cscf = ngx_imap_get_module_srv_conf(ctx, ngx_imap_core_module); + #if (NGX_IMAP_SSL) sslcf = ngx_imap_get_module_srv_conf(ctx, ngx_imap_ssl_module); @@ -74,6 +105,17 @@ ngx_imap_init_connection(ngx_connection_t *c) return; } + if (rc == NGX_AGAIN) { + ngx_add_timer(rev, cscf->timeout); + c->read->handler = ngx_imap_init_session; + + if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { + ngx_imap_close_connection(c); + } + + return; + } + c->recv = ngx_ssl_recv; c->send = ngx_ssl_write; c->send_chain = ngx_ssl_send_chain; @@ -90,7 +132,6 @@ ngx_imap_init_connection(ngx_connection_t *c) c->data = s; s->connection = c; - cscf = ngx_imap_get_module_srv_conf(ctx, ngx_imap_core_module); s->protocol = cscf->protocol; s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_imap_max_module); @@ -104,13 +145,15 @@ ngx_imap_init_connection(ngx_connection_t *c) s->out = greetings[s->protocol]; - c->read->handler = ngx_imap_init_session; + lctx = c->log->data; + lctx->session = s; + + c->read->handler = ngx_imap_init_protocol; c->write->handler = ngx_imap_send; - ngx_add_timer(c->write, cscf->timeout); - ngx_add_timer(c->read, cscf->timeout); + ngx_add_timer(rev, cscf->timeout); - if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { + if (ngx_handle_read_event(rev, 0) == NGX_ERROR) { ngx_imap_close_connection(c); } @@ -121,9 +164,10 @@ ngx_imap_init_connection(ngx_connection_t *c) void ngx_imap_send(ngx_event_t *wev) { - ngx_int_t n; - ngx_connection_t *c; - ngx_imap_session_t *s; + ngx_int_t n; + ngx_connection_t *c; + ngx_imap_session_t *s; + ngx_imap_core_srv_conf_t *cscf; c = wev->data; s = c->data; @@ -147,6 +191,10 @@ ngx_imap_send(ngx_event_t *wev) if (n > 0) { s->out.len -= n; + if (wev->timer_set) { + ngx_del_timer(wev); + } + if (s->quit) { ngx_imap_close_connection(c); return; @@ -166,6 +214,10 @@ ngx_imap_send(ngx_event_t *wev) /* n == NGX_AGAIN */ + cscf = ngx_imap_get_module_srv_conf(s, ngx_imap_core_module); + + ngx_add_timer(c->write, cscf->timeout); + if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { ngx_imap_close_connection(c); return; @@ -174,7 +226,7 @@ ngx_imap_send(ngx_event_t *wev) static void -ngx_imap_init_session(ngx_event_t *rev) +ngx_imap_init_protocol(ngx_event_t *rev) { size_t size; ngx_connection_t *c; @@ -183,6 +235,8 @@ ngx_imap_init_session(ngx_event_t *rev) c = rev->data; + c->log->action = "in auth state"; + if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); ngx_imap_close_connection(c); @@ -666,3 +720,52 @@ ngx_imap_ssl_close_handler(ngx_event_t *ev) } #endif + + +static u_char * +ngx_imap_log_error(ngx_log_t *log, u_char *buf, size_t len) +{ + u_char *p; + ngx_imap_session_t *s; + ngx_imap_log_ctx_t *ctx; + + if (log->action) { + p = ngx_snprintf(buf, len, " while %s", log->action); + len -= p - buf; + buf = p; + } + + ctx = log->data; + + p = ngx_snprintf(buf, len, ", client: %V", ctx->client); + len -= p - buf; + buf = p; + + s = ctx->session; + + if (s == NULL) { + return p; + } + + p = ngx_snprintf(buf, len, ", server: %V", + &s->connection->listening->addr_text); + len -= p - buf; + buf = p; + + if (s->login.len == 0) { + return p; + } + + p = ngx_snprintf(buf, len, ", login: \"%V\"", &s->login); + len -= p - buf; + buf = p; + + if (s->proxy == NULL) { + return p; + } + + p = ngx_snprintf(buf, len, ", upstream: %V", + &s->proxy->upstream.peers->peer[0].name); + + return p; +} diff --git a/src/imap/ngx_imap_proxy_module.c b/src/imap/ngx_imap_proxy_module.c index f9a84ce55..5502dc617 100644 --- a/src/imap/ngx_imap_proxy_module.c +++ b/src/imap/ngx_imap_proxy_module.c @@ -77,8 +77,14 @@ ngx_module_t ngx_imap_proxy_module = { &ngx_imap_proxy_module_ctx, /* module context */ ngx_imap_proxy_commands, /* module directives */ NGX_IMAP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -101,9 +107,11 @@ ngx_imap_proxy_init(ngx_imap_session_t *s, ngx_peers_t *peers) p->upstream.log = s->connection->log; p->upstream.log_error = NGX_ERROR_ERR; + s->connection->log->action = "in upstream auth state"; + rc = ngx_event_connect_peer(&p->upstream); - if (rc == NGX_ERROR) { + if (rc == NGX_ERROR || rc == NGX_CONNECT_ERROR) { ngx_imap_session_internal_server_error(s); return; } @@ -284,6 +292,8 @@ ngx_imap_proxy_imap_handler(ngx_event_t *rev) pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); + + c->log->action = "proxying"; } } @@ -407,6 +417,8 @@ ngx_imap_proxy_pop3_handler(ngx_event_t *rev) pcf = ngx_imap_get_module_srv_conf(s, ngx_imap_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); + + c->log->action = "proxying"; } } diff --git a/src/imap/ngx_imap_ssl_module.c b/src/imap/ngx_imap_ssl_module.c index e5834a631..b072d9194 100644 --- a/src/imap/ngx_imap_ssl_module.c +++ b/src/imap/ngx_imap_ssl_module.c @@ -65,8 +65,14 @@ ngx_module_t ngx_imap_ssl_module = { &ngx_imap_ssl_module_ctx, /* module context */ ngx_imap_ssl_commands, /* module directives */ NGX_IMAP_MODULE, /* module type */ + NULL, /* init master */ NULL, /* init module */ - NULL /* init process */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING }; @@ -170,5 +176,7 @@ ngx_imap_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) return NGX_CONF_ERROR; } + SSL_CTX_set_verify(conf->ssl_ctx, SSL_VERIFY_NONE, NULL); + return NGX_CONF_OK; } diff --git a/src/os/unix/ngx_posix_init.c b/src/os/unix/ngx_posix_init.c index c8b0548ce..97aa8761f 100644 --- a/src/os/unix/ngx_posix_init.c +++ b/src/os/unix/ngx_posix_init.c @@ -30,8 +30,6 @@ ngx_os_io_t ngx_os_io = { ngx_int_t ngx_os_init(ngx_log_t *log) { - ngx_log_error(NGX_LOG_NOTICE, log, 0, NGINX_VER); - #if (NGX_HAVE_OS_SPECIFIC_INIT) if (ngx_os_specific_init(log) != NGX_OK) { return NGX_ERROR; @@ -67,6 +65,8 @@ ngx_os_init(ngx_log_t *log) void ngx_os_status(ngx_log_t *log) { + ngx_log_error(NGX_LOG_NOTICE, log, 0, NGINX_VER); + #if (NGX_HAVE_OS_SPECIFIC_INIT) ngx_os_specific_status(log); #endif diff --git a/src/os/win32/ngx_win32_init.c b/src/os/win32/ngx_win32_init.c index 2b8891321..9c3df96f7 100644 --- a/src/os/win32/ngx_win32_init.c +++ b/src/os/win32/ngx_win32_init.c @@ -6,6 +6,7 @@ #include #include +#include ngx_uint_t ngx_win32_version; @@ -166,6 +167,8 @@ void ngx_os_status(ngx_log_t *log) { ngx_osviex_stub_t *osviex_stub; + ngx_log_error(NGX_LOG_NOTICE, log, 0, NGINX_VER); + if (osviex) { /*