Mercurial > hg > nginx-vendor-current
diff src/http/ngx_http_request.c @ 690:b5b7eea22fda NGINX_1_3_8
nginx 1.3.8
*) Feature: the "optional_no_ca" parameter of the "ssl_verify_client"
directive.
Thanks to Mike Kazantsev and Eric O'Connor.
*) Feature: the $bytes_sent, $connection, and $connection_requests
variables can now be used not only in the "log_format" directive.
Thanks to Benjamin Grössing.
*) Feature: the "auto" parameter of the "worker_processes" directive.
*) Bugfix: "cache file ... has md5 collision" alert.
*) Bugfix: in the ngx_http_gunzip_filter_module.
*) Bugfix: in the "ssl_stapling" directive.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Tue, 30 Oct 2012 00:00:00 +0400 |
parents | 5cb5db9975ba |
children | 6db6e93f55ee |
line wrap: on
line diff
--- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -1642,7 +1642,9 @@ ngx_http_process_request(ngx_http_reques if (sscf->verify) { rc = SSL_get_verify_result(c->ssl->connection); - if (rc != X509_V_OK) { + if (rc != X509_V_OK + && (sscf->verify != 3 || !ngx_ssl_verify_error_optional(rc))) + { ngx_log_error(NGX_LOG_INFO, c->log, 0, "client SSL certificate verify error: (%l:%s)", rc, X509_verify_cert_error_string(rc)); @@ -2751,6 +2753,20 @@ ngx_http_keepalive_handler(ngx_event_t * ngx_http_close_connection(c); } + /* + * Like ngx_http_set_keepalive() we are trying to not hold + * c->buffer's memory for a keepalive connection. + */ + + if (ngx_pfree(c->pool, b->start) == NGX_OK) { + + /* + * the special note that c->buffer's memory was freed + */ + + b->pos = NULL; + } + return; }