r2033 merge:

author Igor Sysoev <igor@sysoev.ru>

Mon, 7 Jul 2008 11:28:48 +0000 (11:28 +0000)

committer Igor Sysoev <igor@sysoev.ru>

Mon, 7 Jul 2008 11:28:48 +0000 (11:28 +0000)
author Igor Sysoev <igor@sysoev.ru>
Mon, 7 Jul 2008 11:28:48 +0000 (11:28 +0000)
committer Igor Sysoev <igor@sysoev.ru>
Mon, 7 Jul 2008 11:28:48 +0000 (11:28 +0000)
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c

index 559c007723d308c14bbd618b5155e66a03eb935e..7b44815d79342dfed9398c77641a0f70443251de 100644 (file)
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1267,6 +1267,29 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
          return NGX_OK;
      }
  
+    if (builtin_session_cache == NGX_SSL_NONE_SCACHE) {
+
+        /*
+         * If the server explicitly says that it does not support
+         * session reuse (see SSL_SESS_CACHE_OFF above), then
+         * Outlook Express fails to upload a sent email to
+         * the Sent Items folder on the IMAP server via a separate IMAP
+         * connection in the background. Therefore we have a special
+         * mode (SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+         * where the server pretends that it supports session reuse,
+         * but it does not actually store any session.
+         */
+
+        SSL_CTX_set_session_cache_mode(ssl->ctx,
+                                       SSL_SESS_CACHE_SERVER
+                                       |SSL_SESS_CACHE_NO_AUTO_CLEAR
+                                       |SSL_SESS_CACHE_NO_INTERNAL_STORE);
+
+        SSL_CTX_sess_set_cache_size(ssl->ctx, 1);
+
+        return NGX_OK;
+    }
+
      cache_mode = SSL_SESS_CACHE_SERVER;
  
      if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) {
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h

index b9771c121978f6d9b55bb51532ff564679f32f29..4c3dd4830b4771c1702a5938ef49bce1af92cd64 100644 (file)
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -51,9 +51,10 @@ typedef struct {
  } ngx_ssl_connection_t;
  
  
-#define NGX_SSL_DFLT_BUILTIN_SCACHE  -2
-#define NGX_SSL_NO_BUILTIN_SCACHE    -3
-#define NGX_SSL_NO_SCACHE            -4
+#define NGX_SSL_NO_SCACHE            -2
+#define NGX_SSL_NONE_SCACHE          -3
+#define NGX_SSL_NO_BUILTIN_SCACHE    -4
+#define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
  
  
  #define NGX_SSL_MAX_SESSION_SIZE  4096
diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c

index 3359900fdd7f394cfddbc5d18c150e86fc188443..ea9ff8f7e9340c0d57b727e234c228a8ee2c177a 100644 (file)
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -415,7 +415,7 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
      }
  
      ngx_conf_merge_value(conf->builtin_session_cache,
-                         prev->builtin_session_cache, NGX_SSL_NO_SCACHE);
+                         prev->builtin_session_cache, NGX_SSL_NONE_SCACHE);
  
      if (conf->shm_zone == NULL) {
          conf->shm_zone = prev->shm_zone;
@@ -452,6 +452,11 @@ ngx_http_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
              continue;
          }
  
+        if (ngx_strcmp(value[i].data, "none") == 0) {
+            sscf->builtin_session_cache = NGX_SSL_NONE_SCACHE;
+            continue;
+        }
+
          if (ngx_strcmp(value[i].data, "builtin") == 0) {
              sscf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE;
              continue;
diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c

index 7360539caca4f62f7a1346f394bd16b203e872e6..a387e59d1f402da185569d27b86fbf91c3e12e01 100644 (file)
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c
@@ -261,7 +261,7 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
      }
  
      ngx_conf_merge_value(conf->builtin_session_cache,
-                         prev->builtin_session_cache, NGX_SSL_NO_SCACHE);
+                         prev->builtin_session_cache, NGX_SSL_NONE_SCACHE);
  
      if (conf->shm_zone == NULL) {
          conf->shm_zone = prev->shm_zone;
@@ -298,6 +298,11 @@ ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
              continue;
          }
  
+        if (ngx_strcmp(value[i].data, "none") == 0) {
+            scf->builtin_session_cache = NGX_SSL_NONE_SCACHE;
+            continue;
+        }
+
          if (ngx_strcmp(value[i].data, "builtin") == 0) {
              scf->builtin_session_cache = NGX_SSL_DFLT_BUILTIN_SCACHE;
              continue;
author	Igor Sysoev <igor@sysoev.ru>
	Mon, 7 Jul 2008 11:28:48 +0000 (11:28 +0000)
committer	Igor Sysoev <igor@sysoev.ru>
	Mon, 7 Jul 2008 11:28:48 +0000 (11:28 +0000)
src/event/ngx_event_openssl.c		patch \| blob \| history
src/event/ngx_event_openssl.h		patch \| blob \| history
src/http/modules/ngx_http_ssl_module.c		patch \| blob \| history
src/mail/ngx_mail_ssl_module.c		patch \| blob \| history