Mercurial > hg > nginx-vendor-current
diff src/event/ngx_event_openssl.c @ 420:ad0a34a8efa6 NGINX_0_7_22
nginx 0.7.22
*) Feature: the "none" parameter in the "smtp_auth" directive.
Thanks to Maxim Dounin.
*) Feature: the "$cookie_..." variables.
*) Bugfix: the "directio" directive did not work in XFS filesystem.
*) Bugfix: the resolver did not understand big DNS responses.
Thanks to Zyb.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Thu, 20 Nov 2008 00:00:00 +0300 |
| parents | b4f69f2ef02c |
| children | dac47e9ef0d5 |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -1240,23 +1240,37 @@ ngx_ssl_connection_error(ngx_connection_ n = ERR_GET_REASON(ERR_peek_error()); /* handshake failures */ - if (n == SSL_R_DIGEST_CHECK_FAILED - || n == SSL_R_NO_SHARED_CIPHER - || n == SSL_R_UNEXPECTED_MESSAGE - || n == SSL_R_WRONG_VERSION_NUMBER - || n == SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC + if (n == SSL_R_DIGEST_CHECK_FAILED /* 149 */ + || n == SSL_R_NO_CIPHERS_PASSED /* 182 */ + || n == SSL_R_NO_SHARED_CIPHER /* 193 */ + || n == SSL_R_UNEXPECTED_MESSAGE /* 244 */ + || n == SSL_R_UNEXPECTED_RECORD /* 245 */ + || n == SSL_R_WRONG_VERSION_NUMBER /* 267 */ + || n == SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC /* 281 */ || n == 1000 /* SSL_R_SSLV3_ALERT_CLOSE_NOTIFY */ - || n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE - || n == SSL_R_SSLV3_ALERT_BAD_RECORD_MAC - || n == SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE - || n == SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE - || n == SSL_R_SSLV3_ALERT_BAD_CERTIFICATE - || n == SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE - || n == SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED - || n == SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED - || n == SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN - || n == SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER - || n == SSL_R_TLSV1_ALERT_UNKNOWN_CA) + || n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE /* 1010 */ + || n == SSL_R_SSLV3_ALERT_BAD_RECORD_MAC /* 1020 */ + || n == SSL_R_TLSV1_ALERT_DECRYPTION_FAILED /* 1021 */ + || n == SSL_R_TLSV1_ALERT_RECORD_OVERFLOW /* 1022 */ + || n == SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE /* 1030 */ + || n == SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE /* 1040 */ + || n == SSL_R_SSLV3_ALERT_NO_CERTIFICATE /* 1041 */ + || n == SSL_R_SSLV3_ALERT_BAD_CERTIFICATE /* 1042 */ + || n == SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE /* 1043 */ + || n == SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED /* 1044 */ + || n == SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED /* 1045 */ + || n == SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN /* 1046 */ + || n == SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER /* 1047 */ + || n == SSL_R_TLSV1_ALERT_UNKNOWN_CA /* 1048 */ + || n == SSL_R_TLSV1_ALERT_ACCESS_DENIED /* 1049 */ + || n == SSL_R_TLSV1_ALERT_DECODE_ERROR /* 1050 */ + || n == SSL_R_TLSV1_ALERT_DECRYPT_ERROR /* 1051 */ + || n == SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION /* 1060 */ + || n == SSL_R_TLSV1_ALERT_PROTOCOL_VERSION /* 1070 */ + || n == SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY /* 1071 */ + || n == SSL_R_TLSV1_ALERT_INTERNAL_ERROR /* 1080 */ + || n == SSL_R_TLSV1_ALERT_USER_CANCELLED /* 1090 */ + || n == SSL_R_TLSV1_ALERT_NO_RENEGOTIATION) /* 1100 */ { switch (c->log_error) {