Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 393:5659d773cfa8
nginx-0.0.7-2004-07-15-20:35:51 import
| author | Igor Sysoev <igor@sysoev.ru> |
|---|---|
| date | Thu, 15 Jul 2004 16:35:51 +0000 |
| parents | |
| children | e7a68e14ccd3 |
comparison
equal
deleted
inserted
replaced
| 392:d1222d46b3f9 | 393:5659d773cfa8 |
|---|---|
| 1 #include <ngx_config.h> | |
| 2 #include <ngx_core.h> | |
| 3 | |
| 4 | |
| 5 static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, | |
| 6 char *fmt, ...); | |
| 7 | |
| 8 | |
| 9 ngx_int_t ngx_ssl_init(ngx_log_t *log) | |
| 10 { | |
| 11 SSL_library_init(); | |
| 12 SSL_load_error_strings(); | |
| 13 | |
| 14 return NGX_OK; | |
| 15 } | |
| 16 | |
| 17 | |
| 18 ngx_int_t ngx_ssl_create_session(ngx_ssl_ctx_t *ssl_ctx, ngx_connection_t *c) | |
| 19 { | |
| 20 ngx_ssl_t *ssl; | |
| 21 | |
| 22 ssl = SSL_new(ssl_ctx); | |
| 23 | |
| 24 if (ssl == NULL) { | |
| 25 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_new() failed"); | |
| 26 return NGX_ERROR; | |
| 27 } | |
| 28 | |
| 29 if (SSL_set_fd(ssl, c->fd) == 0) { | |
| 30 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_set_fd() failed"); | |
| 31 return NGX_ERROR; | |
| 32 } | |
| 33 | |
| 34 SSL_set_accept_state(ssl); | |
| 35 | |
| 36 c->ssl = ssl; | |
| 37 | |
| 38 return NGX_OK; | |
| 39 } | |
| 40 | |
| 41 | |
| 42 ngx_int_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size) | |
| 43 { | |
| 44 int n; | |
| 45 char *handshake; | |
| 46 | |
| 47 n = SSL_read(c->ssl, buf, size); | |
| 48 | |
| 49 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_read: %d", n); | |
| 50 | |
| 51 if (n > 0) { | |
| 52 return n; | |
| 53 } | |
| 54 | |
| 55 n = SSL_get_error(c->ssl, n); | |
| 56 | |
| 57 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); | |
| 58 | |
| 59 if (n == SSL_ERROR_WANT_READ) { | |
| 60 return NGX_AGAIN; | |
| 61 } | |
| 62 | |
| 63 #if 0 | |
| 64 if (n == SSL_ERROR_WANT_WRITE) { | |
| 65 return NGX_AGAIN; | |
| 66 } | |
| 67 #endif | |
| 68 | |
| 69 if (!SSL_is_init_finished(c->ssl)) { | |
| 70 handshake = "in SSL handshake"; | |
| 71 | |
| 72 } else { | |
| 73 handshake = ""; | |
| 74 } | |
| 75 | |
| 76 if (n == SSL_ERROR_ZERO_RETURN) { | |
| 77 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 78 "client closed connection%s", handshake); | |
| 79 | |
| 80 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | |
| 81 | |
| 82 return NGX_ERROR; | |
| 83 } | |
| 84 | |
| 85 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_HTTP_REQUEST) { | |
| 86 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
| 87 "client sent plain HTTP request to HTTPS port"); | |
| 88 | |
| 89 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); | |
| 90 | |
| 91 return NGX_SSL_HTTP_ERROR; | |
| 92 } | |
| 93 | |
| 94 ngx_ssl_error(NGX_LOG_ALERT, c->log, n, "SSL_read() failed%s", handshake); | |
| 95 | |
| 96 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | |
| 97 | |
| 98 return NGX_ERROR; | |
| 99 } | |
| 100 | |
| 101 | |
| 102 static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, | |
| 103 char *fmt, ...) | |
| 104 { | |
| 105 int len; | |
| 106 char errstr[NGX_MAX_CONF_ERRSTR]; | |
| 107 va_list args; | |
| 108 | |
| 109 va_start(args, fmt); | |
| 110 len = ngx_vsnprintf(errstr, sizeof(errstr) - 1, fmt, args); | |
| 111 va_end(args); | |
| 112 | |
| 113 errstr[len++] = ' '; | |
| 114 errstr[len++] = '('; | |
| 115 errstr[len++] = 'S'; | |
| 116 errstr[len++] = 'S'; | |
| 117 errstr[len++] = 'L'; | |
| 118 errstr[len++] = ':'; | |
| 119 errstr[len++] = ' '; | |
| 120 | |
| 121 ERR_error_string_n(ERR_get_error(), errstr + len, sizeof(errstr) - len - 1); | |
| 122 | |
| 123 ngx_log_error(level, log, 0, "%s)", errstr); | |
| 124 } |