1 /*
2  * Copyright (c) 2015-2016 Graham Edgecombe <gpe@grahamedgecombe.com>
3  *
4  * Permission to use, copy, modify, and/or distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include <ngx_stream.h>
18 #include "ngx_ssl_ct_module.h"
19 
20 static char *ngx_stream_ssl_ct_merge_srv_conf(ngx_conf_t *cf, void *parent,
21     void *child);
22 
23 static ngx_stream_module_t ngx_stream_ssl_ct_module_ctx = {
24 #if nginx_version >= 1011002
25     NULL,                             /* preconfiguration */
26 #endif
27     NULL,                             /* postconfiguration */
28 
29     NULL,                             /* create main configuration */
30     NULL,                             /* init main configuration */
31 
32     &ngx_ssl_ct_create_srv_conf,      /* create server configuration */
33     &ngx_stream_ssl_ct_merge_srv_conf /* merge server configuration */
34 };
35 
36 static ngx_command_t ngx_stream_ssl_ct_commands[] = {
37     {
38         ngx_string("ssl_ct"),
39         NGX_STREAM_MAIN_CONF | NGX_STREAM_SRV_CONF | NGX_CONF_FLAG,
40         &ngx_conf_set_flag_slot,
41         NGX_STREAM_SRV_CONF_OFFSET,
42         offsetof(ngx_ssl_ct_srv_conf_t, enable),
43         NULL
44     },
45     {
46         ngx_string("ssl_ct_static_scts"),
47         NGX_STREAM_MAIN_CONF | NGX_STREAM_SRV_CONF | NGX_CONF_TAKE1,
48         &ngx_conf_set_str_array_slot,
49         NGX_STREAM_SRV_CONF_OFFSET,
50         offsetof(ngx_ssl_ct_srv_conf_t, sct_dirs),
51         NULL
52     },
53     ngx_null_command
54 };
55 
56 ngx_module_t ngx_stream_ssl_ct_module = {
57     NGX_MODULE_V1,
58     &ngx_stream_ssl_ct_module_ctx, /* module context */
59     ngx_stream_ssl_ct_commands,    /* module directives */
60     NGX_STREAM_MODULE,             /* module type */
61     NULL,                          /* init master */
62     NULL,                          /* init module */
63     NULL,                          /* init process */
64     NULL,                          /* init thread */
65     NULL,                          /* exit thread */
66     NULL,                          /* exit process */
67     NULL,                          /* exit master */
68     NGX_MODULE_V1_PADDING
69 };
70 
ngx_stream_ssl_ct_merge_srv_conf(ngx_conf_t * cf,void * parent,void * child)71 static char *ngx_stream_ssl_ct_merge_srv_conf(ngx_conf_t *cf, void *parent,
72     void *child)
73 {
74     ngx_stream_ssl_conf_t *ssl_conf = ngx_stream_conf_get_module_srv_conf(cf,
75         ngx_stream_ssl_module);
76 
77     ngx_array_t *certificates;
78 
79 #if nginx_version >= 1011000
80     certificates = ssl_conf->certificates;
81 #else
82     certificates = ngx_array_create(cf->pool, 1, sizeof(ngx_str_t));
83 
84     ngx_str_t *certificate = ngx_array_push(certificates);
85     *certificate = ssl_conf->certificate;
86 #endif
87 
88     return ngx_ssl_ct_merge_srv_conf(cf, parent, child, ssl_conf->ssl.ctx,
89         certificates);
90 }
91