Mercurial > hg > nginx

view auto/lib/openssl/conf @ 5992:174512857ccf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Cache: do not inherit last_modified and etag from stale response. When replacing a stale cache entry, its last_modified and etag could be inherited from the old entry if the response code is not 200 or 206. Moreover, etag could be inherited with any response code if it's missing in the new response. As a result, the cache entry is left with invalid last_modified or etag which could lead to broken revalidation. For example, when a file is deleted from backend, its last_modified is copied to the new 404 cache entry and is used later for revalidation. Once the old file appears again with its original timestamp, revalidation succeeds and the cached 404 response is sent to client instead of the file. The problem appeared with etags in 44b9ab7752e3 (1.7.3) and affected last_modified in 1573fc7875fa (1.7.9).
author Roman Arutyunyan <arut@nginx.com>
date Mon, 02 Mar 2015 19:47:13 +0300
parents 3d2d3e1cf427
children 4d25ec8f0adb
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


if [ $OPENSSL != NONE ]; then

    case "$CC" in

        cl | bcc32)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have

            CFLAGS="$CFLAGS -DNO_SYS_TYPES_H"

            CORE_INCS="$CORE_INCS $OPENSSL/openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/openssl/include/openssl/ssl.h"
            CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/ssleay32.lib"
            CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libeay32.lib"

            # libeay32.lib requires gdi32.lib
            CORE_LIBS="$CORE_LIBS gdi32.lib"
            # OpenSSL 1.0.0 requires crypt32.lib
            CORE_LIBS="$CORE_LIBS crypt32.lib"
        ;;

        *)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have

            CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
            CORE_LIBS="$CORE_LIBS $NGX_LIBDL"

            if [ "$NGX_PLATFORM" = win32 ]; then
                CORE_LIBS="$CORE_LIBS -lgdi32 -lcrypt32 -lws2_32"
            fi
        ;;
    esac

else

    if [ "$NGX_PLATFORM" != win32 ]; then

        OPENSSL=NO

        ngx_feature="OpenSSL library"
        ngx_feature_name="NGX_OPENSSL"
        ngx_feature_run=no
        ngx_feature_incs="#include <openssl/ssl.h>"
        ngx_feature_path=
        ngx_feature_libs="-lssl -lcrypto"
        ngx_feature_test="SSL_library_init()"
        . auto/feature

        if [ $ngx_found = yes ]; then
            have=NGX_SSL . auto/have
            CORE_LIBS="$CORE_LIBS $ngx_feature_libs $NGX_LIBDL"
            OPENSSL=YES
        fi
    fi

    if [ $OPENSSL != YES ]; then

cat << END

$0: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.

END
        exit 1
    fi

fi