diff options
| author | Vadim Zhestikov <v.zhestikov@f5.com> | 2022-09-27 10:56:54 -0700 |
|---|---|---|
| committer | Vadim Zhestikov <v.zhestikov@f5.com> | 2022-09-27 10:56:54 -0700 |
| commit | bc04a0da5c8e22122ac6d9cf11efc4a2838dd133 (patch) | |
| tree | aaa188b3c95dea3ada5e7329dd0cd813e52377bf /nginx/ngx_js.c | |
| parent | 8698212b3392e38a12414ba322301f7a21644c28 (diff) | |
| download | njs-bc04a0da5c8e22122ac6d9cf11efc4a2838dd133.tar.gz njs-bc04a0da5c8e22122ac6d9cf11efc4a2838dd133.zip | |
Modules: js_merge_conf is moved to shared library.
Diffstat (limited to 'nginx/ngx_js.c')
| -rw-r--r-- | nginx/ngx_js.c | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/nginx/ngx_js.c b/nginx/ngx_js.c index a97064c4..831593da 100644 --- a/nginx/ngx_js.c +++ b/nginx/ngx_js.c @@ -1039,3 +1039,90 @@ ngx_js_create_conf(ngx_conf_t *cf, size_t size) return conf; } + + +#if defined(NGX_HTTP_SSL) || defined(NGX_STREAM_SSL) + +static char * +ngx_js_set_ssl(ngx_conf_t *cf, ngx_js_conf_t *conf) +{ + ngx_ssl_t *ssl; + ngx_pool_cleanup_t *cln; + + ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (ssl == NULL) { + return NGX_CONF_ERROR; + } + + conf->ssl = ssl; + ssl->log = cf->log; + + if (ngx_ssl_create(ssl, conf->ssl_protocols, NULL) != NGX_OK) { + return NGX_CONF_ERROR; + } + + cln = ngx_pool_cleanup_add(cf->pool, 0); + if (cln == NULL) { + ngx_ssl_cleanup_ctx(ssl); + return NGX_CONF_ERROR; + } + + cln->handler = ngx_ssl_cleanup_ctx; + cln->data = ssl; + + if (ngx_ssl_ciphers(NULL, ssl, &conf->ssl_ciphers, 0) != NGX_OK) { + return NGX_CONF_ERROR; + } + + if (ngx_ssl_trusted_certificate(cf, ssl, &conf->ssl_trusted_certificate, + conf->ssl_verify_depth) + != NGX_OK) + { + return NGX_CONF_ERROR; + } + + return NGX_CONF_OK; +} + +#endif + + +char * +ngx_js_merge_conf(ngx_conf_t *cf, void *parent, void *child, + ngx_int_t (*init_vm)(ngx_conf_t *cf, ngx_js_conf_t *conf)) +{ + ngx_js_conf_t *prev = parent; + ngx_js_conf_t *conf = child; + + ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); + ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size, 16384); + ngx_conf_merge_size_value(conf->max_response_body_size, + prev->max_response_body_size, 1048576); + + if (ngx_js_merge_vm(cf, (ngx_js_conf_t *) conf, (ngx_js_conf_t *) prev, + init_vm) + != NGX_OK) + { + return NGX_CONF_ERROR; + } + +#if defined(NGX_HTTP_SSL) || defined(NGX_STREAM_SSL) + ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, + "DEFAULT"); + + ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, + (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 + |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); + + ngx_conf_merge_value(conf->ssl_verify, prev->ssl_verify, 1); + ngx_conf_merge_value(conf->ssl_verify_depth, prev->ssl_verify_depth, + 100); + + ngx_conf_merge_str_value(conf->ssl_trusted_certificate, + prev->ssl_trusted_certificate, ""); + + return ngx_js_set_ssl(cf, conf); +#else + return NGX_CONF_OK; +#endif +} |