nginx-vendor-1-0: src/http/ngx_http

comparison src/http/ngx_http_request.c @ 638:692f4d4d7f10 NGINX_1_0_9

nginx 1.0.9 *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an access_log. *) Change: now SIGWINCH signal works only in daemon mode. *) Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support the following additional values: X-Accel-Limit-Rate, X-Accel-Buffering, X-Accel-Charset. *) Feature: decrease of memory consumption if SSL is used. *) Feature: accept filters are now supported on NetBSD. *) Feature: the "uwsgi_buffering" and "scgi_buffering" directives. Thanks to Peter Smit. *) Bugfix: a segmentation fault occurred on start or while reconfiguration if the "ssl" directive was used at http level and there was no "ssl_certificate" defined. *) Bugfix: some UTF-8 characters were processed incorrectly. Thanks to Alexey Kuts. *) Bugfix: the ngx_http_rewrite_module directives specified at "server" level were executed twice if no matching locations were defined. *) Bugfix: a socket leak might occurred if "aio sendfile" was used. *) Bugfix: connections with fast clients might be closed after send_timeout if file AIO was used. *) Bugfix: in the ngx_http_autoindex_module. *) Bugfix: the module ngx_http_mp4_module did not support seeking on 32-bit platforms. *) Bugfix: non-cacheable responses might be cached if "proxy_cache_bypass" directive was used. Thanks to John Ferlito. *) Bugfix: cached responses with an empty body were returned incorrectly; the bug had appeared in 0.8.31. *) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the bug had appeared in 0.8.32. *) Bugfix: in the "return" directive. *) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and "ssl_prefer_server_ciphers" directives might work incorrectly if SNI was used.

author	Igor Sysoev <http://sysoev.ru>
date	Tue, 01 Nov 2011 00:00:00 +0400
parents	0d6525917227
children	1b80544421e8

comparison

equal deleted inserted replaced

-:ea7441793bba
+:692f4d4d7f10
 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
 SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
+/*
+* SSL_set_SSL_CTX() only changes certs as of 1.0.0d
+* adjust other things we care about
+*/
+SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
+SSL_CTX_get_verify_callback(sscf->ssl.ctx));
+SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
+#ifdef SSL_CTRL_CLEAR_OPTIONS
+/* only in 0.9.8m+ */
+SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
+~SSL_CTX_get_options(sscf->ssl.ctx));
+#endif
+SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
 return SSL_TLSEXT_ERR_OK;
 }
 #endif
 }
 return;
 }
-} else {
+}
-if (wev->delayed || r->aio) {
-ngx_log_debug0(NGX_LOG_DEBUG_HTTP, wev->log, 0,
+if (wev->delayed || r->aio) {
-"http writer delayed");
+ngx_log_debug0(NGX_LOG_DEBUG_HTTP, wev->log, 0,
+"http writer delayed");
-if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
-ngx_http_close_request(r, 0);
+if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
-}
+ngx_http_close_request(r, 0);
+}
-return;
-}
+return;
 }
 rc = ngx_http_output_filter(r, NULL);
 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, c->log, 0,
 return;
 }
 if (r->buffered || r->postponed || (r == r->main && c->buffered)) {
-if (!wev->ready && !wev->delayed) {
+if (!wev->delayed) {
 ngx_add_timer(wev, clcf->send_timeout);
 }
 if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
 ngx_http_close_request(r, 0);

Mercurial > hg > nginx-vendor-1-0

comparison src/http/ngx_http_request.c @ 638:692f4d4d7f10 NGINX_1_0_9