[PATCH] remove ngx_ssl_server_conf_index

Maxim Dounin mdounin at mdounin.ru
Tue Oct 2 10:03:59 UTC 2012


On Tue, Oct 02, 2012 at 12:09:00PM +1000, Daniel Black wrote:

> Just a minor cleanup as I was doing some development around the 
> openssl event code. As we're adding indexes for 
> ngx_ssl_certificate_index and ngx_ssl_stapling_index it makes 
> sense to remove the ones we're not using.
> The patch removes the configuration pointer 
> ngx_ssl_server_conf_index out of the SSL context.
> As the pointer could be a ngx_http_ssl_srv_conf_t or a 
> ngx_mail_ssl_conf_t
> it isn't particularly useful as you can't reliable cast it in 
> any event_openssl callback.

This isn't something expected to be used in callbacks set by 
generic code in ngx_event_openssl.c, but rather something intended 
to be used by a party which calls ngx_ssl_create().

It was previously used by a session cache code when it was in 
ngx_http_ssl_module.c, but not used now as session cache code was 
made generic and moved into ngx_event_openssl.c.  I don't think it 
should be removed though, as it might still be usable in some 


> @@ -169,12 +160,6 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data)
>          return NGX_ERROR;
>      }
> -    if (SSL_CTX_set_ex_data(ssl->ctx, ngx_ssl_server_conf_index, data) == 0) {
> -        ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
> -                      "SSL_CTX_set_ex_data() failed");
> -        return NGX_ERROR;
> -    }
> -

Just a side note: it doesn't make sense to remove 
SSL_CTX_set_ex_data(ngx_ssl_server_conf_index) but preserve "data" 
argument of ngx_ssl_create().


Maxim Dounin

More information about the nginx-devel mailing list