Mercurial > hg > nginx-ranges
comparison src/event/ngx_event_openssl.c @ 140:55a211e5eeb7 NGINX_0_3_17
nginx 0.3.17
*) Change: now on Linux configure checks the presence of epoll and
sendfile64() in kernel.
*) Feature: the "map" directive supports domain names in the
".domain.tld" form.
*) Bugfix: the timeouts were not used in SSL handshake; bug appeared in
0.2.4.
*) Bugfix: in the HTTPS protocol in the "proxy_pass" directive.
*) Bugfix: when the HTTPS protocol was used in the "proxy_pass"
directive the port 80 was used by default.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Sun, 18 Dec 2005 00:00:00 +0300 |
parents | 8e6d4d96ec4c |
children | 36af50a5582d |
comparison
equal
deleted
inserted
replaced
139:9cee8bc94578 | 140:55a211e5eeb7 |
---|---|
332 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr); | 332 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr); |
333 | 333 |
334 if (sslerr == SSL_ERROR_WANT_READ) { | 334 if (sslerr == SSL_ERROR_WANT_READ) { |
335 c->read->ready = 0; | 335 c->read->ready = 0; |
336 c->read->handler = ngx_ssl_handshake_handler; | 336 c->read->handler = ngx_ssl_handshake_handler; |
337 c->write->handler = ngx_ssl_handshake_handler; | |
337 | 338 |
338 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { | 339 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { |
339 return NGX_ERROR; | 340 return NGX_ERROR; |
340 } | 341 } |
341 | 342 |
342 return NGX_AGAIN; | 343 return NGX_AGAIN; |
343 } | 344 } |
344 | 345 |
345 if (sslerr == SSL_ERROR_WANT_WRITE) { | 346 if (sslerr == SSL_ERROR_WANT_WRITE) { |
346 c->write->ready = 0; | 347 c->write->ready = 0; |
348 c->read->handler = ngx_ssl_handshake_handler; | |
347 c->write->handler = ngx_ssl_handshake_handler; | 349 c->write->handler = ngx_ssl_handshake_handler; |
348 | 350 |
349 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { | 351 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { |
350 return NGX_ERROR; | 352 return NGX_ERROR; |
351 } | 353 } |
355 | 357 |
356 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; | 358 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; |
357 | 359 |
358 c->ssl->no_wait_shutdown = 1; | 360 c->ssl->no_wait_shutdown = 1; |
359 c->ssl->no_send_shutdown = 1; | 361 c->ssl->no_send_shutdown = 1; |
362 c->read->eof = 1; | |
360 | 363 |
361 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { | 364 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { |
362 ngx_log_error(NGX_LOG_INFO, c->log, err, | 365 ngx_log_error(NGX_LOG_INFO, c->log, err, |
363 "peer closed connection in SSL handshake"); | 366 "peer closed connection in SSL handshake"); |
364 | 367 |
365 return NGX_ERROR; | 368 return NGX_ERROR; |
366 } | 369 } |
367 | 370 |
371 c->read->error = 1; | |
372 | |
368 ngx_ssl_connection_error(c, sslerr, err, "SSL_do_handshake() failed"); | 373 ngx_ssl_connection_error(c, sslerr, err, "SSL_do_handshake() failed"); |
369 | 374 |
370 return NGX_ERROR; | 375 return NGX_ERROR; |
371 } | 376 } |
372 | 377 |
378 | 383 |
379 c = ev->data; | 384 c = ev->data; |
380 | 385 |
381 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 386 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
382 "SSL handshake handler: %d", ev->write); | 387 "SSL handshake handler: %d", ev->write); |
388 | |
389 if (ev->timedout) { | |
390 c->ssl->handler(c); | |
391 return; | |
392 } | |
383 | 393 |
384 if (ngx_ssl_handshake(c) == NGX_AGAIN) { | 394 if (ngx_ssl_handshake(c) == NGX_AGAIN) { |
385 return; | 395 return; |
386 } | 396 } |
387 | 397 |
546 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 556 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
547 "peer shutdown SSL cleanly"); | 557 "peer shutdown SSL cleanly"); |
548 return NGX_DONE; | 558 return NGX_DONE; |
549 } | 559 } |
550 | 560 |
561 c->read->error = 1; | |
551 ngx_ssl_connection_error(c, sslerr, err, "SSL_read() failed"); | 562 ngx_ssl_connection_error(c, sslerr, err, "SSL_read() failed"); |
552 | 563 |
553 return NGX_ERROR; | 564 return NGX_ERROR; |
554 } | 565 } |
555 | 566 |
771 return NGX_AGAIN; | 782 return NGX_AGAIN; |
772 } | 783 } |
773 | 784 |
774 c->ssl->no_wait_shutdown = 1; | 785 c->ssl->no_wait_shutdown = 1; |
775 c->ssl->no_send_shutdown = 1; | 786 c->ssl->no_send_shutdown = 1; |
787 c->write->error = 1; | |
776 | 788 |
777 ngx_ssl_connection_error(c, sslerr, err, "SSL_write() failed"); | 789 ngx_ssl_connection_error(c, sslerr, err, "SSL_write() failed"); |
778 | 790 |
779 return NGX_ERROR; | 791 return NGX_ERROR; |
780 } | 792 } |
793 | 805 |
794 ngx_int_t | 806 ngx_int_t |
795 ngx_ssl_shutdown(ngx_connection_t *c) | 807 ngx_ssl_shutdown(ngx_connection_t *c) |
796 { | 808 { |
797 int n, sslerr, mode; | 809 int n, sslerr, mode; |
810 ngx_err_t err; | |
798 ngx_uint_t again; | 811 ngx_uint_t again; |
799 | 812 |
800 if (c->timedout) { | 813 if (c->timedout) { |
801 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; | 814 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; |
802 | 815 |
864 } | 877 } |
865 | 878 |
866 return NGX_AGAIN; | 879 return NGX_AGAIN; |
867 } | 880 } |
868 | 881 |
869 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_shutdown() failed"); | 882 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; |
883 | |
884 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); | |
870 | 885 |
871 SSL_free(c->ssl->connection); | 886 SSL_free(c->ssl->connection); |
872 c->ssl = NULL; | 887 c->ssl = NULL; |
873 | 888 |
874 return NGX_ERROR; | 889 return NGX_ERROR; |