#if defined(NGX_HTTP_SSL) || defined(NGX_STREAM_SSL)
+static ngx_int_t
+ngx_js_merge_ssl(ngx_conf_t *cf, ngx_js_loc_conf_t *conf,
+ ngx_js_loc_conf_t *prev)
+{
+ ngx_uint_t preserve;
+
+ if (conf->ssl_protocols == 0
+ && conf->ssl_ciphers.data == NULL
+ && conf->ssl_verify == NGX_CONF_UNSET
+ && conf->ssl_verify_depth == NGX_CONF_UNSET
+ && conf->ssl_trusted_certificate.data == NULL)
+ {
+ if (prev->ssl) {
+ conf->ssl = prev->ssl;
+ return NGX_OK;
+ }
+
+ preserve = 1;
+
+ } else {
+ preserve = 0;
+ }
+
+ conf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t));
+ if (conf->ssl == NULL) {
+ return NGX_ERROR;
+ }
+
+ conf->ssl->log = cf->log;
+
+ /*
+ * special handling to preserve conf->ssl
+ * in the "http" section to inherit it to all servers
+ */
+
+ if (preserve) {
+ prev->ssl = conf->ssl;
+ }
+
+ return NGX_OK;
+}
+
+
static char *
ngx_js_set_ssl(ngx_conf_t *cf, ngx_js_loc_conf_t *conf)
{
ngx_ssl_t *ssl;
ngx_pool_cleanup_t *cln;
- ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t));
- if (ssl == NULL) {
- return NGX_CONF_ERROR;
+ if (conf->ssl->ctx) {
+ return NGX_OK;
}
- conf->ssl = ssl;
- ssl->log = cf->log;
+ ssl = conf->ssl;
if (ngx_ssl_create(ssl, conf->ssl_protocols, NULL) != NGX_OK) {
return NGX_CONF_ERROR;
}
#if defined(NGX_HTTP_SSL) || defined(NGX_STREAM_SSL)
+
+ if (ngx_js_merge_ssl(cf, conf, prev) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers,
"DEFAULT");
projects / njs.git / commitdiff