Mercurial > hg > nginx
comparison src/http/ngx_http_upstream.c @ 8786:d514f88053e5 quic
Merged with the default branch.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Fri, 28 May 2021 13:33:08 +0300 |
| parents | f1986657fc26 3ab8e1e2f0f7 |
| children | fac88e160653 |
comparison
equal
deleted
inserted
replaced
| 8785:e6c26cb4d38b | 8786:d514f88053e5 |
|---|---|
| 185 static void ngx_http_upstream_ssl_handshake(ngx_http_request_t *, | 185 static void ngx_http_upstream_ssl_handshake(ngx_http_request_t *, |
| 186 ngx_http_upstream_t *u, ngx_connection_t *c); | 186 ngx_http_upstream_t *u, ngx_connection_t *c); |
| 187 static void ngx_http_upstream_ssl_save_session(ngx_connection_t *c); | 187 static void ngx_http_upstream_ssl_save_session(ngx_connection_t *c); |
| 188 static ngx_int_t ngx_http_upstream_ssl_name(ngx_http_request_t *r, | 188 static ngx_int_t ngx_http_upstream_ssl_name(ngx_http_request_t *r, |
| 189 ngx_http_upstream_t *u, ngx_connection_t *c); | 189 ngx_http_upstream_t *u, ngx_connection_t *c); |
| 190 static ngx_int_t ngx_http_upstream_ssl_certificate(ngx_http_request_t *r, | |
| 191 ngx_http_upstream_t *u, ngx_connection_t *c); | |
| 190 #endif | 192 #endif |
| 191 | 193 |
| 192 | 194 |
| 193 static ngx_http_upstream_header_t ngx_http_upstream_headers_in[] = { | 195 static ngx_http_upstream_header_t ngx_http_upstream_headers_in[] = { |
| 194 | 196 |
| 1710 NGX_HTTP_INTERNAL_SERVER_ERROR); | 1712 NGX_HTTP_INTERNAL_SERVER_ERROR); |
| 1711 return; | 1713 return; |
| 1712 } | 1714 } |
| 1713 } | 1715 } |
| 1714 | 1716 |
| 1717 if (u->conf->ssl_certificate && (u->conf->ssl_certificate->lengths | |
| 1718 || u->conf->ssl_certificate_key->lengths)) | |
| 1719 { | |
| 1720 if (ngx_http_upstream_ssl_certificate(r, u, c) != NGX_OK) { | |
| 1721 ngx_http_upstream_finalize_request(r, u, | |
| 1722 NGX_HTTP_INTERNAL_SERVER_ERROR); | |
| 1723 return; | |
| 1724 } | |
| 1725 } | |
| 1726 | |
| 1715 if (u->conf->ssl_session_reuse) { | 1727 if (u->conf->ssl_session_reuse) { |
| 1716 c->ssl->save_session = ngx_http_upstream_ssl_save_session; | 1728 c->ssl->save_session = ngx_http_upstream_ssl_save_session; |
| 1717 | 1729 |
| 1718 if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) { | 1730 if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) { |
| 1719 ngx_http_upstream_finalize_request(r, u, | 1731 ngx_http_upstream_finalize_request(r, u, |
| 1926 #endif | 1938 #endif |
| 1927 | 1939 |
| 1928 done: | 1940 done: |
| 1929 | 1941 |
| 1930 u->ssl_name = name; | 1942 u->ssl_name = name; |
| 1943 | |
| 1944 return NGX_OK; | |
| 1945 } | |
| 1946 | |
| 1947 | |
| 1948 static ngx_int_t | |
| 1949 ngx_http_upstream_ssl_certificate(ngx_http_request_t *r, | |
| 1950 ngx_http_upstream_t *u, ngx_connection_t *c) | |
| 1951 { | |
| 1952 ngx_str_t cert, key; | |
| 1953 | |
| 1954 if (ngx_http_complex_value(r, u->conf->ssl_certificate, &cert) | |
| 1955 != NGX_OK) | |
| 1956 { | |
| 1957 return NGX_ERROR; | |
| 1958 } | |
| 1959 | |
| 1960 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, | |
| 1961 "http upstream ssl cert: \"%s\"", cert.data); | |
| 1962 | |
| 1963 if (*cert.data == '\0') { | |
| 1964 return NGX_OK; | |
| 1965 } | |
| 1966 | |
| 1967 if (ngx_http_complex_value(r, u->conf->ssl_certificate_key, &key) | |
| 1968 != NGX_OK) | |
| 1969 { | |
| 1970 return NGX_ERROR; | |
| 1971 } | |
| 1972 | |
| 1973 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, | |
| 1974 "http upstream ssl key: \"%s\"", key.data); | |
| 1975 | |
| 1976 if (ngx_ssl_connection_certificate(c, r->pool, &cert, &key, | |
| 1977 u->conf->ssl_passwords) | |
| 1978 != NGX_OK) | |
| 1979 { | |
| 1980 return NGX_ERROR; | |
| 1981 } | |
| 1931 | 1982 |
| 1932 return NGX_OK; | 1983 return NGX_OK; |
| 1933 } | 1984 } |
| 1934 | 1985 |
| 1935 #endif | 1986 #endif |