CERBERUS/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2026-06-26 11:52:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
3574 commits 23 branches 591 tags 88 MiB
Commit graph

512 commits

Author SHA1 Message Date
Igor Sysoev
dfd81a23b2 A new fix for the case when ssl_session_cache defined, but ssl is not 
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.
 2011-08-04 11:12:30 +00:00
Igor Sysoev
b0b6bcedfc fix SSL connection issues on platforms with 32-bit off_t 
patch by Maxim Dounin
 2011-07-22 12:53:04 +00:00
Igor Sysoev
a7ed0951e3 fix build by gcc46 with -Wunused-value option 
patch by Maxim Dounin
 2011-07-22 10:43:50 +00:00
Igor Sysoev
f39642a907 ECDHE support 
patch by Adrian Kotelba
 2011-07-20 15:42:40 +00:00
Igor Sysoev
e61ba26744 MSIE export versions are rare now, so RSA 512 key is generated on demand 
and is shared among all hosts instead of pregenerating for every HTTPS host
on configuraiton phase. This decreases start time for configuration with
large number of HTTPS hosts.
 2011-07-20 12:59:24 +00:00
Igor Sysoev
e2c8ad7122 use POSIX semaphores in shmtx instead of sched_yield() 
number of spinlock spins are increased twice
 2011-05-10 11:39:13 +00:00
Igor Sysoev
efde3eb92e fix building by gcc 4.6 without --with-debug 2011-04-23 17:25:06 +00:00
Igor Sysoev
3d86ad3f95 fix building on Fedora 14 
patch by Kirill A. Korinskiy
 2011-01-20 12:33:17 +00:00
Igor Sysoev
3e3ee60b99 remove SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG becuase of CVE-2010-4180 2010-12-06 11:17:03 +00:00
Igor Sysoev
0c39c27412 fix building by msvc8 introduced by the previous commit 2010-12-02 14:20:51 +00:00
Igor Sysoev
a07d6ec39f fallback to accept() if accept4() is not implemented, 
the issue has been introduced in r3787
 2010-12-02 10:05:41 +00:00
Igor Sysoev
40747ad861 Linux accept4() support 2010-11-25 10:15:04 +00:00
Igor Sysoev
6b45b065fe decrease SSL handshake error level to info 2010-07-29 09:30:15 +00:00
Igor Sysoev
05b1a8f1e3 ngx_str_set() and ngx_str_null() 2010-05-14 09:56:37 +00:00
Igor Sysoev
502252d43a MSVC8 compatibility with OpenSSL 1.0.0 2010-04-01 15:18:29 +00:00
Igor Sysoev
6d45d8a50d *) introduce ngx_time_sigsafe_update() to update the error log time only 
*) change ngx_time_update() interface
 2010-03-25 09:10:10 +00:00
Igor Sysoev
2f916a9721 *) use previously cached GMT offset value to update time from a signal handler 
*) change ngx_time_update() interface since there are no notification methods
   those return time
 2010-03-13 18:08:07 +00:00
Igor Sysoev
b80f68aeda do not update time in the timer signal handler, 
since localtime_r() is not Async-Signal-Safe function
 2010-03-12 14:31:47 +00:00
Igor Sysoev
e71f39932f add OpenSSL_add_all_algorithms(), this fixes the error 
"ASN1_item_verify:unknown message digest algorithm" occurred if
client certificate is signed using sha256WithRSAEncryption
 2010-03-03 16:23:14 +00:00
Igor Sysoev
416fc7aac7 Set SSL session context for "ssl_session_cache none". 
This fixes a bug when client certficate is used and nginx closes connection
with the message: "SSL_GET_PREV_SESSION:session id context uninitialized".
 2010-03-02 08:41:47 +00:00
Igor Sysoev
146324618d decrease SSL handshake error level to info 2010-02-19 20:54:58 +00:00
Igor Sysoev
d5624689cb update comments 2009-11-25 18:03:59 +00:00
Igor Sysoev
72db760eca add NGX_PROCESS_HELPER process status 2009-11-23 15:46:21 +00:00
Igor Sysoev
8019121120 decrease SSL handshake error level to info 2009-11-23 14:09:57 +00:00
Igor Sysoev
70bd187c4c disable SSL renegotiation (CVE-2009-3555) 2009-11-11 10:59:07 +00:00
Igor Sysoev
cc65b0879b fix segfault in SSL if limit_rate is used 2009-11-03 15:38:33 +00:00
Igor Sysoev
72e928755b proxy_bind, fastcgi_bind, and memcached_bind 2009-11-02 15:24:02 +00:00
Igor Sysoev
19811dbdde style fix 2009-11-02 12:41:56 +00:00
Igor Sysoev
61490aa6b6 delete unused field c->local_socklen 2009-11-01 19:29:49 +00:00
Igor Sysoev
baf8e409ba http listen unix domain sockets 2009-10-26 11:43:32 +00:00
Igor Sysoev
c81582ea67 fix r3155 2009-09-24 20:09:12 +00:00
Igor Sysoev
ef2662caab fix debug log message 2009-09-24 14:47:10 +00:00
Igor Sysoev
cdaf442a2f $ssl_session_id 2009-09-24 14:45:28 +00:00
Igor Sysoev
bfff03406d aio sendfile 2009-08-30 09:52:39 +00:00
Igor Sysoev
a962506498 FreeBSD and Linux AIO support 2009-08-28 08:12:35 +00:00
Igor Sysoev
5297d456d8 axe r->connection->destroyed testing 2009-08-26 16:14:57 +00:00
Igor Sysoev
b71610eb09 *) move small declarations in appropriate places and delete the surplus 
header files
*) delete insignificant comments
 2009-08-25 09:09:13 +00:00
Igor Sysoev
8e7e69e351 style fix 2009-08-25 09:06:21 +00:00
Igor Sysoev
3a58935936 *) share temporary number between workers 
*) randomize collision offset
 2009-08-21 09:06:35 +00:00
Igor Sysoev
365d663cc2 fix memory corruption in $ssl_client_cert 2009-07-27 11:51:12 +00:00
Igor Sysoev
f5ca9df2ab delete ancient define 2009-07-23 12:59:11 +00:00
Igor Sysoev
80c3e8e03b delete OpenSSL pre-0.9.7 compatibility: the sources were not actually 
compatible with OpenSSL 0.9.6 since ssl_session_cache introduction
 2009-07-23 12:54:20 +00:00
Igor Sysoev
9db0245cda ssl_crl 2009-07-23 12:21:26 +00:00
Igor Sysoev
5b4b7c58cc *) $ssl_client_verify 
*) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
 2009-07-22 17:41:42 +00:00
Igor Sysoev
a5fe5881c6 ignore ngx_atomic_fetch_add() result 
this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
 2009-06-18 13:14:51 +00:00
Igor Sysoev
260c4321d7 return NULL instead of NGX_CONF_ERROR on a create conf failure 2009-06-02 16:09:44 +00:00
Igor Sysoev
731e6a9b11 style fix 2009-05-14 16:24:39 +00:00
Igor Sysoev
6ce6fcd12d divide select module into two modules: Unix and Win32 ones 2009-05-06 14:53:54 +00:00
Igor Sysoev
44063a76f4 make code clearer 2009-05-06 08:54:54 +00:00
Igor Sysoev
57ca2c8013 test event type to prevent errors 2009-05-06 08:53:13 +00:00