Mercurial > hg > nginx-vendor-current

comparison src/http/modules/ngx_http_ssl_module.c @ 218:1bf60f8c5c9e NGINX_0_3_56

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.3.56 *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if an request returned an redirect and some sent to client header lines were logged in the access log.
author Igor Sysoev <http://sysoev.ru>
date Fri, 04 Aug 2006 00:00:00 +0400
parents fa32d59d9a15
children 559bc7ec214e
comparison
equal deleted inserted replaced
217:a346c23fc94e 218:1bf60f8c5c9e
15 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" 15 #define NGX_DEFLAUT_CERTIFICATE "cert.pem"
16 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" 16 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem"
17 #define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" 17 #define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
18 18
19 19
20 static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
20 static ngx_int_t ngx_http_ssl_variable(ngx_http_request_t *r, 21 static ngx_int_t ngx_http_ssl_variable(ngx_http_request_t *r,
21 ngx_http_variable_value_t *v, uintptr_t data); 22 ngx_http_variable_value_t *v, uintptr_t data);
22 static ngx_int_t ngx_http_ssl_client_s_dn(ngx_http_request_t *r, 23 static ngx_int_t ngx_http_ssl_client_s_dn(ngx_http_request_t *r,
23 ngx_http_variable_value_t *v, uintptr_t data); 24 ngx_http_variable_value_t *v, uintptr_t data);
24 static ngx_int_t ngx_http_ssl_client_i_dn(ngx_http_request_t *r, 25 static ngx_int_t ngx_http_ssl_client_i_dn(ngx_http_request_t *r,
382 "SSL_CTX_set_cipher_list(\"%V\") failed", 383 "SSL_CTX_set_cipher_list(\"%V\") failed",
383 &conf->ciphers); 384 &conf->ciphers);
384 } 385 }
385 386
386 if (conf->verify) { 387 if (conf->verify) {
387 SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY, NULL); 388 SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY,
389 ngx_http_ssl_verify_callback);
388 390
389 SSL_CTX_set_verify_depth(conf->ssl.ctx, conf->verify_depth); 391 SSL_CTX_set_verify_depth(conf->ssl.ctx, conf->verify_depth);
390 392
391 if (conf->client_certificate.len) { 393 if (conf->client_certificate.len) {
392 if (ngx_ssl_client_certificate(cf, &conf->ssl, 394 if (ngx_ssl_client_certificate(cf, &conf->ssl,
420 422
421 return NGX_CONF_OK; 423 return NGX_CONF_OK;
422 } 424 }
423 425
424 426
427 static int
428 ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store)
429 {
430 return 1;
431 }
432
433
425 #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) 434 #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE)
426 435
427 static char * 436 static char *
428 ngx_http_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) 437 ngx_http_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
429 { 438 {