diff options
author | Maxim Dounin <mdounin@mdounin.ru> | 2019-02-25 16:42:23 +0300 |
---|---|---|
committer | Maxim Dounin <mdounin@mdounin.ru> | 2019-02-25 16:42:23 +0300 |
commit | 8772a0e0892e632c37f3b92b1d287ed9b473cb13 (patch) | |
tree | 7f5c5a9db242028cee1f99abafe261c6bcc79a31 /src/http/ngx_http_request.c | |
parent | 6e5a731edb6c1b8581c4b6fd2a2bf4ec0e768c24 (diff) |
SSL: passwords support for dynamic certificate loading.
Passwords have to be copied to the configuration pool to be used
at runtime. Also, to prevent blocking on stdin (with "daemon off;")
an empty password list is provided.
To make things simpler, password handling was modified to allow
an empty array (with 0 elements and elts set to NULL) as an equivalent
of an array with 1 empty password.
Diffstat (limited to 'src/http/ngx_http_request.c')
-rw-r--r-- | src/http/ngx_http_request.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index 4e14d3b10..81d546a86 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -995,7 +995,8 @@ ngx_http_ssl_certificate(ngx_ssl_conn_t *ssl_conn, void *arg) ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "ssl key: \"%s\"", key.data); - if (ngx_ssl_connection_certificate(c, r->pool, &cert, &key, NULL) + if (ngx_ssl_connection_certificate(c, r->pool, &cert, &key, + sscf->passwords) != NGX_OK) { goto failed; |