Google Git
Sign in
nginx / nginx / df83e6f81a53f5d61fe06100f9150cd1dc61e4a2^! / . / src / mail / ngx_mail_ssl_module.c
commitdf83e6f81a53f5d61fe06100f9150cd1dc61e4a2[log] [tgz]
authorIgor Sysoev <igor@sysoev.ru>Mon Jun 16 05:51:32 2008 +0000
committerIgor Sysoev <igor@sysoev.ru>Mon Jun 16 05:51:32 2008 +0000
tree5eb5e1968a69f8f39a4f988721c984362d3d6855
parentb0780752b00dea6aca3bc4f6d19d69e0382b2ad3 [diff] [blame]
DH parameters, ssl_dhparam

diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index a387e59..c64d48c 100644
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c

@@ -76,6 +76,13 @@
       offsetof(ngx_mail_ssl_conf_t, certificate_key),
       NULL },
 
+    { ngx_string("ssl_dhparam"),
+      NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
+      ngx_conf_set_str_slot,
+      NGX_MAIL_SRV_CONF_OFFSET,
+      offsetof(ngx_mail_ssl_conf_t, dhparam),
+      NULL },
+
     { ngx_string("ssl_protocols"),
       NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_1MORE,
       ngx_conf_set_bitmask_slot,
@@ -163,10 +170,9 @@
      * set by ngx_pcalloc():
      *
      *     scf->protocols = 0;
-     *     scf->certificate.len = 0;
-     *     scf->certificate.data = NULL;
-     *     scf->certificate_key.len = 0;
-     *     scf->certificate_key.data = NULL;
+     *     scf->certificate = { 0, NULL };
+     *     scf->certificate_key = { 0, NULL };
+     *     scf->dhparam = { 0, NULL };
      *     scf->ciphers.len = 0;
      *     scf->ciphers.data = NULL;
      *     scf->shm_zone = NULL;
@@ -213,6 +219,8 @@
     ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key,
                          NGX_DEFLAUT_CERTIFICATE_KEY);
 
+    ngx_conf_merge_str_value(conf->dhparam, prev->dhparam, "");
+
     ngx_conf_merge_str_value(conf->ciphers, prev->ciphers, NGX_DEFLAUT_CIPHERS);
 
 
@@ -260,6 +268,10 @@
         return NGX_CONF_ERROR;
     }
 
+    if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
     ngx_conf_merge_value(conf->builtin_session_cache,
                          prev->builtin_session_cache, NGX_SSL_NONE_SCACHE);