]> git.kaiwu.me - nginx.git/commitdiff
projects / nginx.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 05596e5)
Merging r3933, r4154:
authorIgor Sysoev <igor@sysoev.ru>
Fri, 30 Sep 2011 13:36:33 +0000 (13:36 +0000)
committerIgor Sysoev <igor@sysoev.ru>
Fri, 30 Sep 2011 13:36:33 +0000 (13:36 +0000)
A new fix for the case when ssl_session_cache defined, but ssl is not
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.

src/core/ngx_cycle.c patch | blob | history
src/event/ngx_event_openssl.c patch | blob | history
src/event/ngx_event_openssl.h patch | blob | history
src/http/modules/ngx_http_ssl_module.c patch | blob | history
src/mail/ngx_mail_ssl_module.c patch | blob | history

diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c
index 79867079d5ea1b16e48a0a34b6ef621202162f46..968056c42e6eb206b0765749cc910b461de40e75 100644 (file)
--- a/src/core/ngx_cycle.c
+++ b/src/core/ngx_cycle.c
@@ -418,11 +418,6 @@ ngx_init_cycle(ngx_cycle_t *old_cycle)
             goto failed;
         }
 
-        if (shm_zone[i].init == NULL) {
-            /* unused shared zone */
-            continue;
-        }
-
         shm_zone[i].shm.log = cycle->log;
 
         opart = &old_cycle->shared_memory.part;
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 692f50639992fb222b46b15cf965afe279e79633..bb689488a86204a9164c047cf2e29e1037a9b298 100644 (file)
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -26,8 +26,7 @@ static void ngx_ssl_connection_error(ngx_connection_t *c, int sslerr,
     ngx_err_t err, char *text);
 static void ngx_ssl_clear_error(ngx_log_t *log);
 
-static ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone,
-    void *data);
+ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
 static int ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn,
     ngx_ssl_session_t *sess);
 static ngx_ssl_session_t *ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
@@ -1505,8 +1504,6 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
     SSL_CTX_set_timeout(ssl->ctx, (long) timeout);
 
     if (shm_zone) {
-        shm_zone->init = ngx_ssl_session_cache_init;
-
         SSL_CTX_sess_set_new_cb(ssl->ctx, ngx_ssl_new_session);
         SSL_CTX_sess_set_get_cb(ssl->ctx, ngx_ssl_get_cached_session);
         SSL_CTX_sess_set_remove_cb(ssl->ctx, ngx_ssl_remove_session);
@@ -1524,7 +1521,7 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
 }
 
 
-static ngx_int_t
+ngx_int_t
 ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data)
 {
     size_t                    len;
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
index 204d5f08ed45c4fb42e324b2b465931a1896d5d5..33cab7b3ccb085f38351d2cc03479577679f0b81 100644 (file)
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -104,6 +104,7 @@ ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file);
 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name);
 ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
     ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout);
+ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
     ngx_uint_t flags);
 
diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 120a858dfc50a773fdd5e98fbbe15ded1026a940..192fc3e35e1539fc690538baf81c54fe377bd383 100644 (file)
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -616,6 +616,8 @@ ngx_http_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
                 return NGX_CONF_ERROR;
             }
 
+            sscf->shm_zone->init = ngx_ssl_session_cache_init;
+
             continue;
         }
 
diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index 5767a2fd4103bc62335b81c9295a65d0fda4b7d3..4f4c9a20d0d5cf0506fc81c7d6214933e9fcc109 100644 (file)
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c
@@ -464,6 +464,8 @@ ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
                 return NGX_CONF_ERROR;
             }
 
+            scf->shm_zone->init = ngx_ssl_session_cache_init;
+
             continue;
         }
 
nginx upstream