diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2004-07-15 20:35:51 +0400 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2004-07-15 20:35:51 +0400 |
| commit | 1c3567ecc81a9f07f3c3d53912114bc5bd5daffa (patch) | |
| tree | ba0b57b32bb1232af3fad0ff38375df9e498ec66 | |
| parent | 4aa888820d3f13a225ee6bdd596305ea3b4db6f4 (diff) | |
nginx-0.0.7-2004-07-15-20:35:51 import
| -rw-r--r-- | auto/modules | 8 | ||||
| -rw-r--r-- | auto/sources | 4 | ||||
| -rw-r--r-- | src/core/nginx.c | 4 | ||||
| -rw-r--r-- | src/core/ngx_connection.h | 2 | ||||
| -rw-r--r-- | src/core/ngx_core.h | 3 | ||||
| -rw-r--r-- | src/event/ngx_event_openssl.c | 124 | ||||
| -rw-r--r-- | src/event/ngx_event_openssl.h | 24 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_access_handler.c | 3 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_ssl_filter.c | 74 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_ssl_filter.h | 12 | ||||
| -rw-r--r-- | src/http/ngx_http_config.h | 8 | ||||
| -rw-r--r-- | src/http/ngx_http_core_module.c | 30 | ||||
| -rw-r--r-- | src/http/ngx_http_core_module.h | 36 | ||||
| -rw-r--r-- | src/http/ngx_http_header_filter.c | 7 | ||||
| -rw-r--r-- | src/http/ngx_http_log_handler.c | 4 | ||||
| -rw-r--r-- | src/http/ngx_http_request.c | 35 | ||||
| -rw-r--r-- | src/http/ngx_http_request.h | 1 | ||||
| -rw-r--r-- | src/http/ngx_http_write_filter.c | 8 | ||||
| -rw-r--r-- | src/os/unix/ngx_os.h | 14 |
19 files changed, 296 insertions, 105 deletions
diff --git a/auto/modules b/auto/modules index 9447780f3..d2e2b01bc 100644 --- a/auto/modules +++ b/auto/modules @@ -61,11 +61,15 @@ HTTP_FILTER_MODULES="$HTTP_WRITE_FILTER_MODULE \ $HTTP_RANGE_HEADER_FILTER_MODULE" if [ $HTTP_SSL = YES ]; then - have=NGX_OPENSSL . auto/have HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_SSL_FILTER_MODULE" HTTP_DEPS="$HTTP_DEPS $HTTP_SSL_DEPS" HTTP_SRCS="$HTTP_SRCS $HTTP_SSL_SRCS" - # STUB: move to auto/libs/ssl + + # STUB: move to auto/libs/ssl after md5 + have=NGX_HTTP_SSL . auto/have + have=NGX_OPENSSL . auto/have + CORE_DEPS="$CORE_DEPS $OPENSSL_DEPS" + CORE_SRCS="$CORE_SRCS $OPENSSL_SRCS" CORE_LIBS="$CORE_LIBS -lssl -lcrypto" fi diff --git a/auto/sources b/auto/sources index 71dab3c0f..7c8b7b33f 100644 --- a/auto/sources +++ b/auto/sources @@ -97,6 +97,10 @@ AIO_SRCS="src/event/modules/ngx_aio_module.c \ src/os/unix/ngx_aio_write_chain.c" +OPENSSL_DEPS=src/event/ngx_event_openssl.h +OPENSSL_SRCS=src/event/ngx_event_openssl.c + + UNIX_INCS="$CORE_INCS $EVENT_INCS src/os/unix" UNIX_DEPS="$CORE_DEPS $EVENT_DEPS \ diff --git a/src/core/nginx.c b/src/core/nginx.c index 38418a8ac..6d6103c0e 100644 --- a/src/core/nginx.c +++ b/src/core/nginx.c @@ -114,6 +114,10 @@ int main(int argc, char *const *argv) log = ngx_log_init_errlog(); ngx_pid = ngx_getpid(); +#if (NGX_OPENSSL) + ngx_ssl_init(log); +#endif + /* init_cycle->log is required for signal handlers and ngx_getopt() */ ngx_memzero(&init_cycle, sizeof(ngx_cycle_t)); diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h index ea69790a0..08714ad45 100644 --- a/src/core/ngx_connection.h +++ b/src/core/ngx_connection.h @@ -91,7 +91,7 @@ struct ngx_connection_s { ngx_str_t addr_text; #if (NGX_OPENSSL) - SSL *ssl; + ngx_ssl_t *ssl; #endif #if (HAVE_IOCP) diff --git a/src/core/ngx_core.h b/src/core/ngx_core.h index 8f30f2f01..575717f10 100644 --- a/src/core/ngx_core.h +++ b/src/core/ngx_core.h @@ -56,8 +56,7 @@ typedef struct ngx_connection_s ngx_connection_t; #include <ngx_conf_file.h> #include <ngx_os.h> #if (NGX_OPENSSL) -#include <openssl/ssl.h> -#include <openssl/err.h> +#include <ngx_event_openssl.h> #endif #include <ngx_connection.h> diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c new file mode 100644 index 000000000..2fae37112 --- /dev/null +++ b/src/event/ngx_event_openssl.c @@ -0,0 +1,124 @@ +#include <ngx_config.h> +#include <ngx_core.h> + + +static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, + char *fmt, ...); + + +ngx_int_t ngx_ssl_init(ngx_log_t *log) +{ + SSL_library_init(); + SSL_load_error_strings(); + + return NGX_OK; +} + + +ngx_int_t ngx_ssl_create_session(ngx_ssl_ctx_t *ssl_ctx, ngx_connection_t *c) +{ + ngx_ssl_t *ssl; + + ssl = SSL_new(ssl_ctx); + + if (ssl == NULL) { + ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_new() failed"); + return NGX_ERROR; + } + + if (SSL_set_fd(ssl, c->fd) == 0) { + ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_set_fd() failed"); + return NGX_ERROR; + } + + SSL_set_accept_state(ssl); + + c->ssl = ssl; + + return NGX_OK; +} + + +ngx_int_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size) +{ + int n; + char *handshake; + + n = SSL_read(c->ssl, buf, size); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_read: %d", n); + + if (n > 0) { + return n; + } + + n = SSL_get_error(c->ssl, n); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); + + if (n == SSL_ERROR_WANT_READ) { + return NGX_AGAIN; + } + +#if 0 + if (n == SSL_ERROR_WANT_WRITE) { + return NGX_AGAIN; + } +#endif + + if (!SSL_is_init_finished(c->ssl)) { + handshake = "in SSL handshake"; + + } else { + handshake = ""; + } + + if (n == SSL_ERROR_ZERO_RETURN) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client closed connection%s", handshake); + + SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); + + return NGX_ERROR; + } + + if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_HTTP_REQUEST) { + ngx_log_error(NGX_LOG_ERR, c->log, 0, + "client sent plain HTTP request to HTTPS port"); + + SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); + + return NGX_SSL_HTTP_ERROR; + } + + ngx_ssl_error(NGX_LOG_ALERT, c->log, n, "SSL_read() failed%s", handshake); + + SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); + + return NGX_ERROR; +} + + +static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, + char *fmt, ...) +{ + int len; + char errstr[NGX_MAX_CONF_ERRSTR]; + va_list args; + + va_start(args, fmt); + len = ngx_vsnprintf(errstr, sizeof(errstr) - 1, fmt, args); + va_end(args); + + errstr[len++] = ' '; + errstr[len++] = '('; + errstr[len++] = 'S'; + errstr[len++] = 'S'; + errstr[len++] = 'L'; + errstr[len++] = ':'; + errstr[len++] = ' '; + + ERR_error_string_n(ERR_get_error(), errstr + len, sizeof(errstr) - len - 1); + + ngx_log_error(level, log, 0, "%s)", errstr); +} diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h new file mode 100644 index 000000000..bac43b06e --- /dev/null +++ b/src/event/ngx_event_openssl.h @@ -0,0 +1,24 @@ +#ifndef _NGX_EVENT_OPENSSL_H_INCLUDED_ +#define _NGX_EVENT_OPENSSL_H_INCLUDED_ + + +#include <ngx_config.h> +#include <ngx_core.h> + +#include <openssl/ssl.h> +#include <openssl/err.h> + + +typedef SSL ngx_ssl_t; +typedef SSL_CTX ngx_ssl_ctx_t; + + +#define NGX_SSL_HTTP_ERROR -10 + + +ngx_int_t ngx_ssl_init(ngx_log_t *log); +ngx_int_t ngx_ssl_create_session(ngx_ssl_ctx_t *ctx, ngx_connection_t *c); +ngx_int_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); + + +#endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */ diff --git a/src/http/modules/ngx_http_access_handler.c b/src/http/modules/ngx_http_access_handler.c index 95e4f773b..a57526ef2 100644 --- a/src/http/modules/ngx_http_access_handler.c +++ b/src/http/modules/ngx_http_access_handler.c @@ -193,8 +193,11 @@ static ngx_int_t ngx_http_access_init(ngx_cycle_t *cycle) ngx_http_conf_ctx_t *ctx; ngx_http_core_main_conf_t *cmcf; +#if 0 ctx = (ngx_http_conf_ctx_t *) cycle->conf_ctx[ngx_http_module.index]; cmcf = ctx->main_conf[ngx_http_core_module.ctx_index]; +#endif + cmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_core_module); h = ngx_push_array(&cmcf->phases[NGX_HTTP_ACCESS_PHASE].handlers); if (h == NULL) { diff --git a/src/http/modules/ngx_http_ssl_filter.c b/src/http/modules/ngx_http_ssl_filter.c index 297f5c7b6..f64ef5417 100644 --- a/src/http/modules/ngx_http_ssl_filter.c +++ b/src/http/modules/ngx_http_ssl_filter.c @@ -3,52 +3,41 @@ #include <ngx_core.h> #include <ngx_http.h> +/* STUB */ +#define NGX_SSL_ERROR -11 + #define NGX_DEFLAUT_CERTIFICATE "cert.pem" #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" -typedef struct { - ngx_flag_t enable; - ngx_str_t certificate; - ngx_str_t certificate_key; - - SSL_CTX *ssl_ctx; -} ngx_http_ssl_srv_conf_t; - - -typedef struct { - SSL *ssl; -} ngx_http_ssl_ctx_t; - - static ngx_int_t ngx_http_ssl_create_ssl(ngx_http_request_t *r); static void ngx_http_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, char *fmt, ...); static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child); -static ngx_int_t ngx_http_ssl_filter_init(ngx_cycle_t *cycle); +static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle); static ngx_command_t ngx_http_charset_filter_commands[] = { - { ngx_string("ssl_"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, + { ngx_string("ssl"), + NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, NGX_HTTP_SRV_CONF_OFFSET, offsetof(ngx_http_ssl_srv_conf_t, enable), NULL }, { ngx_string("ssl_certificate"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, + NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, NGX_HTTP_SRV_CONF_OFFSET, offsetof(ngx_http_ssl_srv_conf_t, certificate), NULL }, { ngx_string("ssl_certificate_key"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, + NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, NGX_HTTP_SRV_CONF_OFFSET, offsetof(ngx_http_ssl_srv_conf_t, certificate_key), @@ -75,10 +64,10 @@ static ngx_http_module_t ngx_http_ssl_filter_module_ctx = { ngx_module_t ngx_http_ssl_filter_module = { NGX_MODULE, &ngx_http_ssl_filter_module_ctx, /* module context */ - NULL, /* module directives */ + ngx_http_charset_filter_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ - ngx_http_ssl_filter_init, /* init module */ - NULL /* init process */ + NULL, /* init module */ + ngx_http_ssl_init_process /* init process */ }; @@ -86,7 +75,6 @@ ngx_int_t ngx_http_ssl_read(ngx_http_request_t *r, u_char *buf, size_t size) { int n; SSL *ssl; - ngx_http_ssl_ctx_t *ctx; ngx_http_log_ctx_t *log_ctx; if (r->connection->ssl == NULL) { @@ -334,18 +322,16 @@ static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, ngx_conf_merge_value(conf->enable, prev->enable, 0); + if (conf->enable == 0) { + return NGX_CONF_OK; + } + ngx_conf_merge_str_value(conf->certificate, prev->certificate, NGX_DEFLAUT_CERTIFICATE); ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, NGX_DEFLAUT_CERTIFICATE_KEY); - /* STUB: where to move ??? */ - SSL_library_init(); - SSL_load_error_strings(); - - /* TODO: inherit ssl_ctx */ - /* TODO: configure methods */ conf->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); @@ -358,14 +344,16 @@ static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, if (SSL_CTX_use_certificate_file(conf->ssl_ctx, conf->certificate.data, SSL_FILETYPE_PEM) == 0) { ngx_http_ssl_error(NGX_LOG_EMERG, cf->log, 0, - "SSL_CTX_use_certificate_file() failed"); + "SSL_CTX_use_certificate_file(\"%s\") failed", + conf->certificate.data); return NGX_CONF_ERROR; } if (SSL_CTX_use_PrivateKey_file(conf->ssl_ctx, conf->certificate_key.data, SSL_FILETYPE_PEM) == 0) { ngx_http_ssl_error(NGX_LOG_EMERG, cf->log, 0, - "SSL_CTX_use_PrivateKey_file() failed"); + "SSL_CTX_use_PrivateKey_file(\"%s\") failed", + conf->certificate_key.data); return NGX_CONF_ERROR; } @@ -373,15 +361,27 @@ static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, } -static ngx_int_t ngx_http_ssl_filter_init(ngx_cycle_t *cycle) +static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle) { -#if 0 - ngx_http_next_header_filter = ngx_http_top_header_filter; - ngx_http_top_header_filter = ngx_http_ssl_header_filter; + ngx_uint_t i; + ngx_http_ssl_srv_conf_t *sscf; + ngx_http_core_srv_conf_t **cscfp; + ngx_http_core_main_conf_t *cmcf; + + cmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_core_module); + + cscfp = cmcf->servers.elts; - ngx_http_next_body_filter = ngx_http_top_body_filter; - ngx_http_top_body_filter = ngx_http_ssl_body_filter; + for (i = 0; i < cmcf->servers.nelts; i++) { + sscf = cscfp[i]->ctx->srv_conf[ngx_http_ssl_filter_module.ctx_index]; + + if (sscf->enable) { + cscfp[i]->recv = ngx_ssl_recv; +#if 0 + cscfp[i]->send_chain = ngx_ssl_send_chain; #endif + } + } return NGX_OK; } diff --git a/src/http/modules/ngx_http_ssl_filter.h b/src/http/modules/ngx_http_ssl_filter.h index a96a26781..a42ee9135 100644 --- a/src/http/modules/ngx_http_ssl_filter.h +++ b/src/http/modules/ngx_http_ssl_filter.h @@ -7,8 +7,13 @@ #include <ngx_http.h> -#define NGX_SSL_ERROR -10 -#define NGX_SSL_HTTP_ERROR -11 +typedef struct { + ngx_flag_t enable; + ngx_str_t certificate; + ngx_str_t certificate_key; + + ngx_ssl_ctx_t *ssl_ctx; +} ngx_http_ssl_srv_conf_t; ngx_int_t ngx_http_ssl_read(ngx_http_request_t *r, u_char *buf, size_t size); @@ -19,4 +24,7 @@ ngx_chain_t *ngx_http_ssl_write(ngx_connection_t *c, ngx_chain_t *in, void ngx_http_ssl_close_connection(SSL *ssl, ngx_log_t *log); +extern ngx_module_t ngx_http_ssl_filter_module; + + #endif /* _NGX_HTTP_SSL_FILTER_H_INCLUDED_ */ diff --git a/src/http/ngx_http_config.h b/src/http/ngx_http_config.h index 03c634781..647566aab 100644 --- a/src/http/ngx_http_config.h +++ b/src/http/ngx_http_config.h @@ -43,8 +43,14 @@ typedef struct { #define ngx_http_get_module_srv_conf(r, module) r->srv_conf[module.ctx_index] #define ngx_http_get_module_loc_conf(r, module) r->loc_conf[module.ctx_index] -#define ngx_http_conf_module_main_conf(cf, module) \ +#define ngx_http_conf_get_module_main_conf(cf, module) \ ((ngx_http_conf_ctx_t *) cf->ctx)->main_conf[module.ctx_index] +#define ngx_http_conf_get_module_srv_conf(cf, module) \ + ngx_http_conf_get_module_srv_conf_could_not_be_implemented() + +#define ngx_http_cycle_get_module_main_conf(cycle, module) \ + ((ngx_http_conf_ctx_t *) \ + cycle->conf_ctx[ngx_http_module.index])->main_conf[module.ctx_index] diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c index 001ed8900..dc6e8736b 100644 --- a/src/http/ngx_http_core_module.c +++ b/src/http/ngx_http_core_module.c @@ -18,7 +18,7 @@ static void *ngx_http_core_create_loc_conf(ngx_conf_t *cf); static char *ngx_http_core_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child); -static ngx_int_t ngx_http_core_init(ngx_cycle_t *cycle); +static ngx_int_t ngx_http_core_init_process(ngx_cycle_t *cycle); static char *ngx_server_block(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy); static int ngx_cmp_locations(const void *first, const void *second); static char *ngx_location_block(ngx_conf_t *cf, ngx_command_t *cmd, @@ -303,8 +303,8 @@ ngx_module_t ngx_http_core_module = { &ngx_http_core_module_ctx, /* module context */ ngx_http_core_commands, /* module directives */ NGX_HTTP_MODULE, /* module type */ - ngx_http_core_init, /* init module */ - NULL /* init child */ + NULL, /* init module */ + ngx_http_core_init_process /* init process */ }; @@ -822,15 +822,18 @@ int ngx_http_delay_handler(ngx_http_request_t *r) #endif -static ngx_int_t ngx_http_core_init(ngx_cycle_t *cycle) +static ngx_int_t ngx_http_core_init_process(ngx_cycle_t *cycle) { + ngx_uint_t i; + ngx_http_core_srv_conf_t **cscfp; + ngx_http_core_main_conf_t *cmcf; + + cmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_core_module); + #if 0 - ngx_http_handler_pt *h; - ngx_http_conf_ctx_t *ctx; - ngx_http_core_main_conf_t *cmcf; + ngx_http_core_init_module: - ctx = (ngx_http_conf_ctx_t *) cycle->conf_ctx[ngx_http_module.index]; - cmcf = ctx->main_conf[ngx_http_core_module.ctx_index]; + ngx_http_handler_pt *h; ngx_test_null(h, ngx_push_array( &cmcf->phases[NGX_HTTP_TRANSLATE_PHASE].handlers), @@ -838,6 +841,15 @@ static ngx_int_t ngx_http_core_init(ngx_cycle_t *cycle) *h = ngx_http_delay_handler; #endif + cscfp = cmcf->servers.elts; + + for (i = 0; i < cmcf->servers.nelts; i++) { + if (cscfp[i]->recv == NULL) { + cscfp[i]->recv = ngx_io.recv; + cscfp[i]->send_chain = ngx_io.send_chain; + } + } + return NGX_OK; } diff --git a/src/http/ngx_http_core_module.h b/src/http/ngx_http_core_module.h index 051486a22..98e020b1f 100644 --- a/src/http/ngx_http_core_module.h +++ b/src/http/ngx_http_core_module.h @@ -47,26 +47,34 @@ typedef struct { typedef struct { - ngx_array_t locations; /* array of ngx_http_core_loc_conf_t, - used in the translation handler - and in the merge phase */ + ngx_recv_pt recv; + ngx_send_chain_pt send_chain; - ngx_array_t listen; /* 'listen', array of ngx_http_listen_t */ - ngx_array_t server_names; /* 'server_name', - array of ngx_http_server_name_t */ + /* + * array of ngx_http_core_loc_conf_t, used in the translation handler + * and in the merge phase + */ + ngx_array_t locations; - ngx_http_conf_ctx_t *ctx; /* server ctx */ + /* "listen", array of ngx_http_listen_t */ + ngx_array_t listen; - size_t connection_pool_size; - size_t request_pool_size; - size_t client_header_buffer_size; + /* "server_name", array of ngx_http_server_name_t */ + ngx_array_t server_names; - ngx_msec_t post_accept_timeout; - ngx_msec_t client_header_timeout; + /* server ctx */ + ngx_http_conf_ctx_t *ctx; - ngx_uint_t restrict_host_names; + size_t connection_pool_size; + size_t request_pool_size; + size_t client_header_buffer_size; - ngx_flag_t large_client_header; + ngx_msec_t post_accept_timeout; + ngx_msec_t client_header_timeout; + + ngx_uint_t restrict_host_names; + + ngx_flag_t large_client_header; } ngx_http_core_srv_conf_t; diff --git a/src/http/ngx_http_header_filter.c b/src/http/ngx_http_header_filter.c index f565d2fc8..738f1ebf5 100644 --- a/src/http/ngx_http_header_filter.c +++ b/src/http/ngx_http_header_filter.c @@ -33,9 +33,6 @@ ngx_module_t ngx_http_header_filter_module = { }; -static ngx_http_output_body_filter_pt write_filter; - - static char server_string[] = "Server: " NGINX_VER CRLF; @@ -358,7 +355,7 @@ static ngx_int_t ngx_http_header_filter(ngx_http_request_t *r) ln->buf = b; ln->next = NULL; - return write_filter(r, ln); + return ngx_http_write_filter(r, ln); } @@ -366,7 +363,5 @@ static ngx_int_t ngx_http_header_filter_init(ngx_cycle_t *cycle) { ngx_http_top_header_filter = ngx_http_header_filter; - write_filter = ngx_http_top_body_filter; - return NGX_OK; } diff --git a/src/http/ngx_http_log_handler.c b/src/http/ngx_http_log_handler.c index 727cceb98..4f63d0190 100644 --- a/src/http/ngx_http_log_handler.c +++ b/src/http/ngx_http_log_handler.c @@ -656,7 +656,7 @@ static char *ngx_http_log_merge_loc_conf(ngx_conf_t *cf, void *parent, return NGX_CONF_ERROR; } - lmcf = ngx_http_conf_module_main_conf(cf, ngx_http_log_module); + lmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_log_module); fmt = lmcf->formats.elts; /* the default "combined" format */ log->ops = fmt[0].ops; @@ -686,7 +686,7 @@ static char *ngx_http_log_set_log(ngx_conf_t *cf, ngx_command_t *cmd, } value = cf->args->elts; - lmcf = ngx_http_conf_module_main_conf(cf, ngx_http_log_module); + lmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_log_module); if (!(log = ngx_push_array(llcf->logs))) { return NGX_CONF_ERROR; diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index d0c92edcc..49e809462 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -141,6 +141,9 @@ static void ngx_http_init_request(ngx_event_t *rev) ngx_http_server_name_t *server_name; ngx_http_core_srv_conf_t *cscf; ngx_http_core_loc_conf_t *clcf; +#if (NGX_HTTP_SSL) + ngx_http_ssl_srv_conf_t *sscf; +#endif c = rev->data; @@ -229,9 +232,18 @@ static void ngx_http_init_request(ngx_event_t *rev) r->srv_conf = cscf->ctx->srv_conf; r->loc_conf = cscf->ctx->loc_conf; -#if 1 - r->ssl = 1; - r->filter_need_in_memory = 1; +#if (NGX_HTTP_SSL) + + sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_filter_module); + if (sscf->enable) { + if (ngx_ssl_create_session(sscf->ssl_ctx, c) == NGX_ERROR) { + ngx_http_close_connection(c); + return; + } + + r->filter_need_in_memory = 1; + } + #endif server_name = cscf->server_names.elts; @@ -820,22 +832,13 @@ static ssize_t ngx_http_read_request_header(ngx_http_request_t *r) return NGX_AGAIN; } -/* STUB */ -#if (NGX_OPENSSL) - if (r->ssl) { - n = ngx_http_ssl_read(r, r->header_in->last, - r->header_in->end - r->header_in->last); - } else { -#endif - n = ngx_recv(r->connection, r->header_in->last, - r->header_in->end - r->header_in->last); -#if (NGX_OPENSSL) - } -#endif + cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); + + n = cscf->recv(r->connection, r->header_in->last, + r->header_in->end - r->header_in->last); if (n == NGX_AGAIN) { if (!r->header_timeout_set) { - cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); ngx_add_timer(rev, cscf->client_header_timeout); r->header_timeout_set = 1; } diff --git a/src/http/ngx_http_request.h b/src/http/ngx_http_request.h index c315add03..7abd57f80 100644 --- a/src/http/ngx_http_request.h +++ b/src/http/ngx_http_request.h @@ -280,7 +280,6 @@ struct ngx_http_request_s { unsigned complex_uri:1; unsigned header_timeout_set:1; - unsigned ssl:1; unsigned proxy:1; unsigned bypass_cache:1; unsigned no_cache:1; diff --git a/src/http/ngx_http_write_filter.c b/src/http/ngx_http_write_filter.c index b0a82f531..92b7a8591 100644 --- a/src/http/ngx_http_write_filter.c +++ b/src/http/ngx_http_write_filter.c @@ -53,12 +53,6 @@ ngx_int_t ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in) sizeof(ngx_http_write_filter_ctx_t), NGX_ERROR); } -#if (NGX_OPENSSL) - if (r->ssl && in == NULL && ctx->out == NULL) { - return ngx_http_ssl_shutdown(r); - } -#endif - size = 0; flush = 0; last = 0; @@ -131,7 +125,7 @@ ngx_int_t ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in) /* STUB */ #if (NGX_OPENSSL) - if (r->ssl) { + if (r->connection->ssl) { chain = ngx_http_ssl_write(r->connection, ctx->out, clcf->limit_rate ? clcf->limit_rate: OFF_T_MAX_VALUE); diff --git a/src/os/unix/ngx_os.h b/src/os/unix/ngx_os.h index c4da5cdbd..385fac0a2 100644 --- a/src/os/unix/ngx_os.h +++ b/src/os/unix/ngx_os.h @@ -22,13 +22,17 @@ #endif +typedef ssize_t (*ngx_recv_pt)(ngx_connection_t *c, u_char *buf, size_t size); +typedef ssize_t (*ngx_recv_chain_pt)(ngx_connection_t *c, ngx_chain_t *in); +typedef ssize_t (*ngx_send_pt)(ngx_connection_t *c, u_char *buf, size_t size); +typedef ngx_chain_t *(*ngx_send_chain_pt)(ngx_connection_t *c, ngx_chain_t *in, + off_t limit); typedef struct { - ssize_t (*recv)(ngx_connection_t *c, u_char *buf, size_t size); - ssize_t (*recv_chain)(ngx_connection_t *c, ngx_chain_t *in); - ssize_t (*send)(ngx_connection_t *c, u_char *buf, size_t size); - ngx_chain_t *(*send_chain)(ngx_connection_t *c, ngx_chain_t *in, - off_t limit); + ngx_recv_pt recv; + ngx_recv_chain_pt recv_chain; + ngx_send_pt send; + ngx_send_chain_pt send_chain; int flags; } ngx_os_io_t; |