Mercurial > hg > nginx-ranges
comparison src/event/ngx_event_openssl.c @ 392:0b6053502c55 NGINX_0_7_7
nginx 0.7.7
*) Change: now the EAGAIN error returned by connect() is not considered
as temporary error.
*) Change: now the $ssl_client_cert variable value is a certificate
with TAB character intended before each line except first one; an
unchanged certificate is available in the $ssl_client_raw_cert
variable.
*) Feature: the "ask" parameter in the "ssl_verify_client" directive.
*) Feature: byte-range processing improvements.
Thanks to Maxim Dounin.
*) Feature: the "directio" directive.
*) Feature: MacOSX 1.5 sendfile() support.
*) Bugfix: now in MacOSX and Cygwin locations are tested in case
insensitive mode; however, the compare is provided by single-byte
locales only.
*) Bugfix: mail proxy SSL connections hanged, if select, poll, or
/dev/poll methods were used.
*) Bugfix: UTF-8 encoding usage in the ngx_http_autoindex_module.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Wed, 30 Jul 2008 00:00:00 +0400 |
parents | 984bb0b1399b |
children | 05981f639d21 |
comparison
equal
deleted
inserted
replaced
389:930e48a26dde | 392:0b6053502c55 |
---|---|
502 n = SSL_do_handshake(c->ssl->connection); | 502 n = SSL_do_handshake(c->ssl->connection); |
503 | 503 |
504 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); | 504 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); |
505 | 505 |
506 if (n == 1) { | 506 if (n == 1) { |
507 | |
508 c->read->ready = 0; | |
509 c->write->ready = 1; | |
507 | 510 |
508 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { | 511 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { |
509 return NGX_ERROR; | 512 return NGX_ERROR; |
510 } | 513 } |
511 | 514 |
1882 return NGX_OK; | 1885 return NGX_OK; |
1883 } | 1886 } |
1884 | 1887 |
1885 | 1888 |
1886 ngx_int_t | 1889 ngx_int_t |
1887 ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | 1890 ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) |
1888 { | 1891 { |
1889 size_t len; | 1892 size_t len; |
1890 BIO *bio; | 1893 BIO *bio; |
1891 X509 *cert; | 1894 X509 *cert; |
1892 | 1895 |
1928 | 1931 |
1929 BIO_free(bio); | 1932 BIO_free(bio); |
1930 X509_free(cert); | 1933 X509_free(cert); |
1931 | 1934 |
1932 return NGX_ERROR; | 1935 return NGX_ERROR; |
1936 } | |
1937 | |
1938 | |
1939 ngx_int_t | |
1940 ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | |
1941 { | |
1942 u_char *p; | |
1943 size_t len; | |
1944 ngx_uint_t i; | |
1945 ngx_str_t cert; | |
1946 | |
1947 if (ngx_ssl_get_raw_certificate(c, pool, &cert) != NGX_OK) { | |
1948 return NGX_ERROR; | |
1949 } | |
1950 | |
1951 if (cert.len == 0) { | |
1952 s->len = 0; | |
1953 return NGX_OK; | |
1954 } | |
1955 | |
1956 len = cert.len - 1; | |
1957 | |
1958 for (i = 0; i < cert.len - 1; i++) { | |
1959 if (cert.data[i] == LF) { | |
1960 len++; | |
1961 } | |
1962 } | |
1963 | |
1964 s->len = len; | |
1965 s->data = ngx_pnalloc(pool, len); | |
1966 if (s->data == NULL) { | |
1967 return NGX_ERROR; | |
1968 } | |
1969 | |
1970 p = s->data; | |
1971 | |
1972 for (i = 0; i < len; i++) { | |
1973 *p++ = cert.data[i]; | |
1974 if (cert.data[i] == LF) { | |
1975 *p++ = '\t'; | |
1976 } | |
1977 } | |
1978 | |
1979 return NGX_OK; | |
1933 } | 1980 } |
1934 | 1981 |
1935 | 1982 |
1936 ngx_int_t | 1983 ngx_int_t |
1937 ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | 1984 ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) |