Deleted
Added
nxt_tls.h (1884:4645a43bc248) | nxt_tls.h (1885:09b857a2cca9) |
---|---|
1 2/* 3 * Copyright (C) Igor Sysoev 4 * Copyright (C) NGINX, Inc. 5 */ 6 7#ifndef _NXT_TLS_H_INCLUDED_ 8#define _NXT_TLS_H_INCLUDED_ 9 10 | 1 2/* 3 * Copyright (C) Igor Sysoev 4 * Copyright (C) NGINX, Inc. 5 */ 6 7#ifndef _NXT_TLS_H_INCLUDED_ 8#define _NXT_TLS_H_INCLUDED_ 9 10 |
11#include <nxt_conf.h> 12 13 |
|
11/* 12 * The SSL/TLS libraries lack vector I/O interface yet add noticeable 13 * overhead to each SSL/TLS record so buffering allows to decrease the 14 * overhead. The typical overhead size is about 30 bytes, however, TLS 15 * supports also random padding up to 255 bytes. The maximum SSLv3/TLS 16 * record size is 16K. However, large records increase decryption latency. 17 * 4K is good compromise between 1-6% of SSL/TLS overhead and the latency. 18 * 4K buffer allows to send one SSL/TLS record (4096-bytes data and up to --- 8 unchanged lines hidden (view full) --- 27typedef struct nxt_tls_bundle_conf_s nxt_tls_bundle_conf_t; 28 29typedef struct { 30 nxt_int_t (*library_init)(nxt_task_t *task); 31 void (*library_free)(nxt_task_t *task); 32 33 nxt_int_t (*server_init)(nxt_task_t *task, 34 nxt_tls_conf_t *conf, nxt_mp_t *mp, | 14/* 15 * The SSL/TLS libraries lack vector I/O interface yet add noticeable 16 * overhead to each SSL/TLS record so buffering allows to decrease the 17 * overhead. The typical overhead size is about 30 bytes, however, TLS 18 * supports also random padding up to 255 bytes. The maximum SSLv3/TLS 19 * record size is 16K. However, large records increase decryption latency. 20 * 4K is good compromise between 1-6% of SSL/TLS overhead and the latency. 21 * 4K buffer allows to send one SSL/TLS record (4096-bytes data and up to --- 8 unchanged lines hidden (view full) --- 30typedef struct nxt_tls_bundle_conf_s nxt_tls_bundle_conf_t; 31 32typedef struct { 33 nxt_int_t (*library_init)(nxt_task_t *task); 34 void (*library_free)(nxt_task_t *task); 35 36 nxt_int_t (*server_init)(nxt_task_t *task, 37 nxt_tls_conf_t *conf, nxt_mp_t *mp, |
38 nxt_conf_value_t *conf_cmds, |
|
35 nxt_bool_t last); 36 void (*server_free)(nxt_task_t *task, 37 nxt_tls_conf_t *conf); 38} nxt_tls_lib_t; 39 40 41typedef struct { 42 nxt_tls_bundle_conf_t *bundle; 43 44 nxt_str_t name; 45} nxt_tls_bundle_hash_item_t; 46 47 48struct nxt_tls_bundle_conf_s { 49 void *ctx; 50 51 nxt_fd_t chain_file; | 39 nxt_bool_t last); 40 void (*server_free)(nxt_task_t *task, 41 nxt_tls_conf_t *conf); 42} nxt_tls_lib_t; 43 44 45typedef struct { 46 nxt_tls_bundle_conf_t *bundle; 47 48 nxt_str_t name; 49} nxt_tls_bundle_hash_item_t; 50 51 52struct nxt_tls_bundle_conf_s { 53 void *ctx; 54 55 nxt_fd_t chain_file; |
52 nxt_str_t *name; | 56 nxt_str_t name; |
53 54 nxt_tls_bundle_conf_t *next; 55}; 56 57 58struct nxt_tls_conf_s { 59 nxt_tls_bundle_conf_t *bundle; 60 nxt_lvlhsh_t bundle_hash; --- 38 unchanged lines hidden --- | 57 58 nxt_tls_bundle_conf_t *next; 59}; 60 61 62struct nxt_tls_conf_s { 63 nxt_tls_bundle_conf_t *bundle; 64 nxt_lvlhsh_t bundle_hash; --- 38 unchanged lines hidden --- |