2004-09-28 16:34:51 +08:00
|
|
|
|
|
|
|
|
/*
|
2004-09-30 00:00:49 +08:00
|
|
|
* Copyright (C) Igor Sysoev
|
2004-09-28 16:34:51 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
2004-07-17 01:11:43 +08:00
|
|
|
#ifndef _NGX_HTTP_SSL_H_INCLUDED_
|
|
|
|
|
#define _NGX_HTTP_SSL_H_INCLUDED_
|
2004-07-08 23:17:47 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
#include <ngx_config.h>
|
|
|
|
|
#include <ngx_core.h>
|
|
|
|
|
#include <ngx_http.h>
|
|
|
|
|
|
|
|
|
|
|
2004-07-16 00:35:51 +08:00
|
|
|
typedef struct {
|
2007-01-03 07:55:05 +08:00
|
|
|
ngx_flag_t enable;
|
|
|
|
|
|
|
|
|
|
ngx_ssl_t ssl;
|
|
|
|
|
|
|
|
|
|
ngx_flag_t prefer_server_ciphers;
|
2005-09-30 22:41:25 +08:00
|
|
|
|
2007-01-03 07:55:05 +08:00
|
|
|
ngx_uint_t protocols;
|
2005-09-30 22:41:25 +08:00
|
|
|
|
2008-07-29 22:29:02 +08:00
|
|
|
ngx_uint_t verify;
|
|
|
|
|
ngx_uint_t verify_depth;
|
2005-09-30 22:41:25 +08:00
|
|
|
|
2007-01-03 07:55:05 +08:00
|
|
|
ssize_t builtin_session_cache;
|
2005-09-30 22:41:25 +08:00
|
|
|
|
2007-01-03 07:55:05 +08:00
|
|
|
time_t session_timeout;
|
2006-05-07 00:28:56 +08:00
|
|
|
|
2007-01-03 07:55:05 +08:00
|
|
|
ngx_str_t certificate;
|
|
|
|
|
ngx_str_t certificate_key;
|
2008-06-16 13:51:32 +08:00
|
|
|
ngx_str_t dhparam;
|
2007-01-03 07:55:05 +08:00
|
|
|
ngx_str_t client_certificate;
|
nginx-0.3.8-RELEASE import
*) Security: nginx now checks URI got from a backend in
"X-Accel-Redirect" header line or in SSI file for the "/../" paths
and zeroes.
*) Change: nginx now does not treat the empty user name in the
"Authorization" header line as valid one.
*) Feature: the "ssl_session_timeout" directives of the
ngx_http_ssl_module and ngx_imap_ssl_module.
*) Feature: the "auth_http_header" directive of the
ngx_imap_auth_http_module.
*) Feature: the "add_header" directive.
*) Feature: the ngx_http_realip_module.
*) Feature: the new variables to use in the "log_format" directive:
$bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri,
$request_time, $request_length, $upstream_status,
$upstream_response_time, $gzip_ratio, $uid_got, $uid_set,
$connection, $pipe, and $msec. The parameters in the "%name" form
will be canceled soon.
*) Change: now the false variable values in the "if" directive are the
empty string "" and string starting with "0".
*) Bugfix: while using proxied or FastCGI-server nginx may leave
connections and temporary files with client requests in open state.
*) Bugfix: the worker processes did not flush the buffered logs on
graceful exit.
*) Bugfix: if the request URI was changes by the "rewrite" directive
and the request was proxied in location given by regular expression,
then the incorrect request was transferred to backend; the bug had
appeared in 0.2.6.
*) Bugfix: the "expires" directive did not remove the previous
"Expires" header.
*) Bugfix: nginx may stop to accept requests if the "rtsig" method and
several worker processes were used.
*) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in
SSI commands.
*) Bugfix: if the response was ended just after the SSI command and
gzipping was used, then the response did not transferred complete or
did not transferred at all.
2005-11-10 01:25:55 +08:00
|
|
|
|
2007-01-03 07:55:05 +08:00
|
|
|
ngx_str_t ciphers;
|
2004-07-16 00:35:51 +08:00
|
|
|
|
2007-01-03 07:55:05 +08:00
|
|
|
ngx_shm_zone_t *shm_zone;
|
2008-09-01 22:19:01 +08:00
|
|
|
|
|
|
|
|
u_char *file;
|
|
|
|
|
ngx_uint_t line;
|
2004-07-16 00:35:51 +08:00
|
|
|
} ngx_http_ssl_srv_conf_t;
|
2004-07-12 05:03:47 +08:00
|
|
|
|
|
|
|
|
|
2004-07-17 01:11:43 +08:00
|
|
|
extern ngx_module_t ngx_http_ssl_module;
|
2004-07-16 00:35:51 +08:00
|
|
|
|
|
|
|
|
|
2004-07-17 01:11:43 +08:00
|
|
|
#endif /* _NGX_HTTP_SSL_H_INCLUDED_ */
|