mirror of
https://github.com/nginx/nginx.git
synced 2025-02-25 18:55:26 -06:00
3b1589173f
Early data AKA 0-RTT mode is enabled as long as "ssl_early_data on" is specified in the configuration (default is off). The $ssl_early_data variable evaluates to "1" if the SSL handshake isn't yet completed, and can be used to set the Early-Data header as per draft-ietf-httpbis-replay-04.
68 lines
1.7 KiB
C
68 lines
1.7 KiB
C
|
|
/*
|
|
* Copyright (C) Igor Sysoev
|
|
* Copyright (C) Nginx, Inc.
|
|
*/
|
|
|
|
|
|
#ifndef _NGX_HTTP_SSL_H_INCLUDED_
|
|
#define _NGX_HTTP_SSL_H_INCLUDED_
|
|
|
|
|
|
#include <ngx_config.h>
|
|
#include <ngx_core.h>
|
|
#include <ngx_http.h>
|
|
|
|
|
|
typedef struct {
|
|
ngx_flag_t enable;
|
|
|
|
ngx_ssl_t ssl;
|
|
|
|
ngx_flag_t prefer_server_ciphers;
|
|
ngx_flag_t early_data;
|
|
|
|
ngx_uint_t protocols;
|
|
|
|
ngx_uint_t verify;
|
|
ngx_uint_t verify_depth;
|
|
|
|
size_t buffer_size;
|
|
|
|
ssize_t builtin_session_cache;
|
|
|
|
time_t session_timeout;
|
|
|
|
ngx_array_t *certificates;
|
|
ngx_array_t *certificate_keys;
|
|
|
|
ngx_str_t dhparam;
|
|
ngx_str_t ecdh_curve;
|
|
ngx_str_t client_certificate;
|
|
ngx_str_t trusted_certificate;
|
|
ngx_str_t crl;
|
|
|
|
ngx_str_t ciphers;
|
|
|
|
ngx_array_t *passwords;
|
|
|
|
ngx_shm_zone_t *shm_zone;
|
|
|
|
ngx_flag_t session_tickets;
|
|
ngx_array_t *session_ticket_keys;
|
|
|
|
ngx_flag_t stapling;
|
|
ngx_flag_t stapling_verify;
|
|
ngx_str_t stapling_file;
|
|
ngx_str_t stapling_responder;
|
|
|
|
u_char *file;
|
|
ngx_uint_t line;
|
|
} ngx_http_ssl_srv_conf_t;
|
|
|
|
|
|
extern ngx_module_t ngx_http_ssl_module;
|
|
|
|
|
|
#endif /* _NGX_HTTP_SSL_H_INCLUDED_ */
|