mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-13 06:12:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

proxy_ssl_session_reuse

Browse Source
This commit is contained in:
Igor Sysoev 2008-08-17 17:47:52 +00:00
parent f60dde9767
commit 916ee8ecea
3 changed files with 29 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/http/modules/ngx_http_proxy_module.c
View File

@ -360,6 +360,17 @@ static ngx_command_t ngx_http_proxy_commands[] = {
offsetof(ngx_http_proxy_loc_conf_t, upstream.hide_headers), offsetof(ngx_http_proxy_loc_conf_t, upstream.hide_headers),
NULL }, NULL },
#if (NGX_HTTP_SSL)
{ ngx_string("proxy_ssl_session_reuse"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
ngx_conf_set_flag_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_proxy_loc_conf_t, upstream.ssl_session_reuse),
NULL },
#endif
ngx_null_command ngx_null_command
}; };
@ -1645,6 +1656,9 @@ ngx_http_proxy_create_loc_conf(ngx_conf_t *cf)
conf->upstream.pass_headers = NGX_CONF_UNSET_PTR; conf->upstream.pass_headers = NGX_CONF_UNSET_PTR;
conf->upstream.intercept_errors = NGX_CONF_UNSET; conf->upstream.intercept_errors = NGX_CONF_UNSET;
#if (NGX_HTTP_SSL)
conf->upstream.ssl_session_reuse = NGX_CONF_UNSET;
#endif
/* "proxy_cyclic_temp_file" is disabled */ /* "proxy_cyclic_temp_file" is disabled */
conf->upstream.cyclic_temp_file = 0; conf->upstream.cyclic_temp_file = 0;
@ -1834,6 +1848,11 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_value(conf->upstream.intercept_errors, ngx_conf_merge_value(conf->upstream.intercept_errors,
prev->upstream.intercept_errors, 0); prev->upstream.intercept_errors, 0);
#if (NGX_HTTP_SSL)
ngx_conf_merge_value(conf->upstream.ssl_session_reuse,
prev->upstream.ssl_session_reuse, 1);
#endif
ngx_conf_merge_value(conf->redirect, prev->redirect, 1); ngx_conf_merge_value(conf->redirect, prev->redirect, 1);
if (conf->redirect) { if (conf->redirect) {

14
src/http/ngx_http_upstream.c
View File

@ -789,10 +789,12 @@ ngx_http_upstream_ssl_init_connection(ngx_http_request_t *r,
c->sendfile = 0; c->sendfile = 0;
u->output.sendfile = 0; u->output.sendfile = 0;
if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) { if (u->conf->ssl_session_reuse) {
ngx_http_upstream_finalize_request(r, u, if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) {
NGX_HTTP_INTERNAL_SERVER_ERROR); ngx_http_upstream_finalize_request(r, u,
return; NGX_HTTP_INTERNAL_SERVER_ERROR);
return;
}
} }
r->connection->log->action = "SSL handshaking to upstream"; r->connection->log->action = "SSL handshaking to upstream";
@ -819,7 +821,9 @@ ngx_http_upstream_ssl_handshake(ngx_connection_t *c)
if (c->ssl->handshaked) { if (c->ssl->handshaked) {
u->peer.save_session(&u->peer, u->peer.data); if (u->conf->ssl_session_reuse) {
u->peer.save_session(&u->peer, u->peer.data);
}
c->write->handler = ngx_http_upstream_send_request_handler; c->write->handler = ngx_http_upstream_send_request_handler;
c->read->handler = ngx_http_upstream_process_header; c->read->handler = ngx_http_upstream_process_header;

1
src/http/ngx_http_upstream.h
View File

@ -148,6 +148,7 @@ typedef struct {
#if (NGX_HTTP_SSL) #if (NGX_HTTP_SSL)
ngx_ssl_t *ssl; ngx_ssl_t *ssl;
ngx_flag_t ssl_session_reuse;
#endif #endif
} ngx_http_upstream_conf_t; } ngx_http_upstream_conf_t;