Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 393:5659d773cfa8
nginx-0.0.7-2004-07-15-20:35:51 import
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Thu, 15 Jul 2004 16:35:51 +0000 |
parents | |
children | e7a68e14ccd3 |
comparison
equal
deleted
inserted
replaced
392:d1222d46b3f9 | 393:5659d773cfa8 |
---|---|
1 #include <ngx_config.h> | |
2 #include <ngx_core.h> | |
3 | |
4 | |
5 static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, | |
6 char *fmt, ...); | |
7 | |
8 | |
9 ngx_int_t ngx_ssl_init(ngx_log_t *log) | |
10 { | |
11 SSL_library_init(); | |
12 SSL_load_error_strings(); | |
13 | |
14 return NGX_OK; | |
15 } | |
16 | |
17 | |
18 ngx_int_t ngx_ssl_create_session(ngx_ssl_ctx_t *ssl_ctx, ngx_connection_t *c) | |
19 { | |
20 ngx_ssl_t *ssl; | |
21 | |
22 ssl = SSL_new(ssl_ctx); | |
23 | |
24 if (ssl == NULL) { | |
25 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_new() failed"); | |
26 return NGX_ERROR; | |
27 } | |
28 | |
29 if (SSL_set_fd(ssl, c->fd) == 0) { | |
30 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_set_fd() failed"); | |
31 return NGX_ERROR; | |
32 } | |
33 | |
34 SSL_set_accept_state(ssl); | |
35 | |
36 c->ssl = ssl; | |
37 | |
38 return NGX_OK; | |
39 } | |
40 | |
41 | |
42 ngx_int_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size) | |
43 { | |
44 int n; | |
45 char *handshake; | |
46 | |
47 n = SSL_read(c->ssl, buf, size); | |
48 | |
49 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_read: %d", n); | |
50 | |
51 if (n > 0) { | |
52 return n; | |
53 } | |
54 | |
55 n = SSL_get_error(c->ssl, n); | |
56 | |
57 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); | |
58 | |
59 if (n == SSL_ERROR_WANT_READ) { | |
60 return NGX_AGAIN; | |
61 } | |
62 | |
63 #if 0 | |
64 if (n == SSL_ERROR_WANT_WRITE) { | |
65 return NGX_AGAIN; | |
66 } | |
67 #endif | |
68 | |
69 if (!SSL_is_init_finished(c->ssl)) { | |
70 handshake = "in SSL handshake"; | |
71 | |
72 } else { | |
73 handshake = ""; | |
74 } | |
75 | |
76 if (n == SSL_ERROR_ZERO_RETURN) { | |
77 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
78 "client closed connection%s", handshake); | |
79 | |
80 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | |
81 | |
82 return NGX_ERROR; | |
83 } | |
84 | |
85 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_HTTP_REQUEST) { | |
86 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
87 "client sent plain HTTP request to HTTPS port"); | |
88 | |
89 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); | |
90 | |
91 return NGX_SSL_HTTP_ERROR; | |
92 } | |
93 | |
94 ngx_ssl_error(NGX_LOG_ALERT, c->log, n, "SSL_read() failed%s", handshake); | |
95 | |
96 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | |
97 | |
98 return NGX_ERROR; | |
99 } | |
100 | |
101 | |
102 static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, | |
103 char *fmt, ...) | |
104 { | |
105 int len; | |
106 char errstr[NGX_MAX_CONF_ERRSTR]; | |
107 va_list args; | |
108 | |
109 va_start(args, fmt); | |
110 len = ngx_vsnprintf(errstr, sizeof(errstr) - 1, fmt, args); | |
111 va_end(args); | |
112 | |
113 errstr[len++] = ' '; | |
114 errstr[len++] = '('; | |
115 errstr[len++] = 'S'; | |
116 errstr[len++] = 'S'; | |
117 errstr[len++] = 'L'; | |
118 errstr[len++] = ':'; | |
119 errstr[len++] = ' '; | |
120 | |
121 ERR_error_string_n(ERR_get_error(), errstr + len, sizeof(errstr) - len - 1); | |
122 | |
123 ngx_log_error(level, log, 0, "%s)", errstr); | |
124 } |