commit dfd81a23b2771fa8a9be37a2a911562826005124
author Igor Sysoev <igor@sysoev.ru> Thu Aug 04 11:12:30 2011 +0000
committer Igor Sysoev <igor@sysoev.ru> Thu Aug 04 11:12:30 2011 +0000
tree 3ccb7322a77c468b34b4373db153bb95a70d3771
parent c42be75569adf56defbe61ac46b14a70c684cd5e

A new fix for the case when ssl_session_cache defined, but ssl is not
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.

src/core/ngx_cycle.c

diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c
index 7986707..968056c 100644
--- a/src/core/ngx_cycle.c
+++ b/src/core/ngx_cycle.c
@@ -418,11 +418,6 @@
             goto failed;
         }
 
-        if (shm_zone[i].init == NULL) {
-            /* unused shared zone */
-            continue;
-        }
-
         shm_zone[i].shm.log = cycle->log;
 
         opart = &old_cycle->shared_memory.part;

src/event/ngx_event_openssl.c

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 692f506..bb68948 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -26,8 +26,7 @@
     ngx_err_t err, char *text);
 static void ngx_ssl_clear_error(ngx_log_t *log);
 
-static ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone,
-    void *data);
+ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
 static int ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn,
     ngx_ssl_session_t *sess);
 static ngx_ssl_session_t *ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
@@ -1505,8 +1504,6 @@
     SSL_CTX_set_timeout(ssl->ctx, (long) timeout);
 
     if (shm_zone) {
-        shm_zone->init = ngx_ssl_session_cache_init;
-
         SSL_CTX_sess_set_new_cb(ssl->ctx, ngx_ssl_new_session);
         SSL_CTX_sess_set_get_cb(ssl->ctx, ngx_ssl_get_cached_session);
         SSL_CTX_sess_set_remove_cb(ssl->ctx, ngx_ssl_remove_session);
@@ -1524,7 +1521,7 @@
 }
 
 
-static ngx_int_t
+ngx_int_t
 ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data)
 {
     size_t                    len;

src/event/ngx_event_openssl.h

diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
index 204d5f0..33cab7b 100644
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -104,6 +104,7 @@
 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name);
 ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
     ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout);
+ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
     ngx_uint_t flags);
 

src/http/modules/ngx_http_ssl_module.c

diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 120a858..143f04d 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -626,6 +626,8 @@
         sscf->builtin_session_cache = NGX_SSL_NO_BUILTIN_SCACHE;
     }
 
+    sscf->shm_zone->init = ngx_ssl_session_cache_init;
+
     return NGX_CONF_OK;
 
 invalid:

src/mail/ngx_mail_ssl_module.c

diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index 5767a2f..d06f7d2 100644
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c
@@ -474,6 +474,8 @@
         scf->builtin_session_cache = NGX_SSL_NO_BUILTIN_SCACHE;
     }
 
+    scf->shm_zone->init = ngx_ssl_session_cache_init;
+
     return NGX_CONF_OK;
 
 invalid: