git.kaiwu.me - nginx.git/commit

author	Piotr Sikora <piotr@cloudflare.com>
	Fri, 11 Oct 2013 23:05:24 +0000 (16:05 -0700)
committer	Piotr Sikora <piotr@cloudflare.com>
	Fri, 11 Oct 2013 23:05:24 +0000 (16:05 -0700)
commit	79be6a5462498af8655aaed141f13a1d2a34abc8
tree	52b4c69bed7f44caba6b83c6282f8a85230b3e87	tree \| snapshot
parent	a8ad0c02cc19f9684a357aace70a5fbbf9106fc1	commit \| diff

SSL: added ability to set keys used for Session Tickets (RFC5077).

In order to support key rollover, ssl_session_ticket_key can be defined
multiple times. The first key will be used to issue and resume Session
Tickets, while the rest will be used only to resume them.

    ssl_session_ticket_key  session_tickets/current.key;
    ssl_session_ticket_key  session_tickets/prev-1h.key;
    ssl_session_ticket_key  session_tickets/prev-2h.key;

Please note that nginx supports Session Tickets even without explicit
configuration of the keys and this feature should be only used in setups
where SSL traffic is distributed across multiple nginx servers.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>

src/event/ngx_event_openssl.c		diff \| blob \| history
src/event/ngx_event_openssl.h		diff \| blob \| history
src/http/modules/ngx_http_ssl_module.c		diff \| blob \| history
src/http/modules/ngx_http_ssl_module.h		diff \| blob \| history
src/mail/ngx_mail_ssl_module.c		diff \| blob \| history
src/mail/ngx_mail_ssl_module.h		diff \| blob \| history