Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 7781:51e6a665523c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: added check for debugging. If debugging is not enabled, there is no need to do extra work in ngx_ssl_verify_callback() and ngx_ssl_handshake_log().
author Maxim Dounin <mdounin@mdounin.ru>
date Sat, 20 Feb 2021 18:03:04 +0300
parents 3bed5797a1b7
children fecf645ff2f8 05e0988a6898
comparison
equal deleted inserted replaced
7780:3bed5797a1b7 7781:51e6a665523c
1012 ssl_conn = X509_STORE_CTX_get_ex_data(x509_store, 1012 ssl_conn = X509_STORE_CTX_get_ex_data(x509_store,
1013 SSL_get_ex_data_X509_STORE_CTX_idx()); 1013 SSL_get_ex_data_X509_STORE_CTX_idx());
1014 1014
1015 c = ngx_ssl_get_connection(ssl_conn); 1015 c = ngx_ssl_get_connection(ssl_conn);
1016 1016
1017 if (!(c->log->log_level & NGX_LOG_DEBUG_EVENT)) {
1018 return 1;
1019 }
1020
1017 cert = X509_STORE_CTX_get_current_cert(x509_store); 1021 cert = X509_STORE_CTX_get_current_cert(x509_store);
1018 err = X509_STORE_CTX_get_error(x509_store); 1022 err = X509_STORE_CTX_get_error(x509_store);
1019 depth = X509_STORE_CTX_get_error_depth(x509_store); 1023 depth = X509_STORE_CTX_get_error_depth(x509_store);
1020 1024
1021 sname = X509_get_subject_name(cert); 1025 sname = X509_get_subject_name(cert);
1967 char buf[129], *s, *d; 1971 char buf[129], *s, *d;
1968 #if OPENSSL_VERSION_NUMBER >= 0x10000000L 1972 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
1969 const 1973 const
1970 #endif 1974 #endif
1971 SSL_CIPHER *cipher; 1975 SSL_CIPHER *cipher;
1976
1977 if (!(c->log->log_level & NGX_LOG_DEBUG_EVENT)) {
1978 return;
1979 }
1972 1980
1973 cipher = SSL_get_current_cipher(c->ssl->connection); 1981 cipher = SSL_get_current_cipher(c->ssl->connection);
1974 1982
1975 if (cipher) { 1983 if (cipher) {
1976 SSL_CIPHER_description(cipher, &buf[1], 128); 1984 SSL_CIPHER_description(cipher, &buf[1], 128);