Mercurial > hg > nginx-vendor-current

comparison src/event/ngx_event_openssl.c @ 390:0b6053502c55 NGINX_0_7_7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.7.7 *) Change: now the EAGAIN error returned by connect() is not considered as temporary error. *) Change: now the $ssl_client_cert variable value is a certificate with TAB character intended before each line except first one; an unchanged certificate is available in the $ssl_client_raw_cert variable. *) Feature: the "ask" parameter in the "ssl_verify_client" directive. *) Feature: byte-range processing improvements. Thanks to Maxim Dounin. *) Feature: the "directio" directive. *) Feature: MacOSX 1.5 sendfile() support. *) Bugfix: now in MacOSX and Cygwin locations are tested in case insensitive mode; however, the compare is provided by single-byte locales only. *) Bugfix: mail proxy SSL connections hanged, if select, poll, or /dev/poll methods were used. *) Bugfix: UTF-8 encoding usage in the ngx_http_autoindex_module.
author Igor Sysoev <http://sysoev.ru>
date Wed, 30 Jul 2008 00:00:00 +0400
parents 984bb0b1399b
children 05981f639d21
comparison
equal deleted inserted replaced
389:930e48a26dde 390:0b6053502c55
502 n = SSL_do_handshake(c->ssl->connection); 502 n = SSL_do_handshake(c->ssl->connection);
503 503
504 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); 504 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n);
505 505
506 if (n == 1) { 506 if (n == 1) {
507
508 c->read->ready = 0;
509 c->write->ready = 1;
507 510
508 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { 511 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
509 return NGX_ERROR; 512 return NGX_ERROR;
510 } 513 }
511 514
1882 return NGX_OK; 1885 return NGX_OK;
1883 } 1886 }
1884 1887
1885 1888
1886 ngx_int_t 1889 ngx_int_t
1887 ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) 1890 ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
1888 { 1891 {
1889 size_t len; 1892 size_t len;
1890 BIO *bio; 1893 BIO *bio;
1891 X509 *cert; 1894 X509 *cert;
1892 1895
1928 1931
1929 BIO_free(bio); 1932 BIO_free(bio);
1930 X509_free(cert); 1933 X509_free(cert);
1931 1934
1932 return NGX_ERROR; 1935 return NGX_ERROR;
1936 }
1937
1938
1939 ngx_int_t
1940 ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
1941 {
1942 u_char *p;
1943 size_t len;
1944 ngx_uint_t i;
1945 ngx_str_t cert;
1946
1947 if (ngx_ssl_get_raw_certificate(c, pool, &cert) != NGX_OK) {
1948 return NGX_ERROR;
1949 }
1950
1951 if (cert.len == 0) {
1952 s->len = 0;
1953 return NGX_OK;
1954 }
1955
1956 len = cert.len - 1;
1957
1958 for (i = 0; i < cert.len - 1; i++) {
1959 if (cert.data[i] == LF) {
1960 len++;
1961 }
1962 }
1963
1964 s->len = len;
1965 s->data = ngx_pnalloc(pool, len);
1966 if (s->data == NULL) {
1967 return NGX_ERROR;
1968 }
1969
1970 p = s->data;
1971
1972 for (i = 0; i < len; i++) {
1973 *p++ = cert.data[i];
1974 if (cert.data[i] == LF) {
1975 *p++ = '\t';
1976 }
1977 }
1978
1979 return NGX_OK;
1933 } 1980 }
1934 1981
1935 1982
1936 ngx_int_t 1983 ngx_int_t
1937 ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) 1984 ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)