Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl_stapling.c @ 6810:64f5bfba5d96
OCSP stapling: style.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 05 Dec 2016 22:23:22 +0300 |
| parents | 6acbe9964ceb |
| children | 5eb3309d0b9e |
comparison
equal
deleted
inserted
replaced
| 6809:87d7e640b45d | 6810:64f5bfba5d96 |
|---|---|
| 55 ngx_resolver_t *resolver; | 55 ngx_resolver_t *resolver; |
| 56 ngx_msec_t resolver_timeout; | 56 ngx_msec_t resolver_timeout; |
| 57 | 57 |
| 58 ngx_msec_t timeout; | 58 ngx_msec_t timeout; |
| 59 | 59 |
| 60 void (*handler)(ngx_ssl_ocsp_ctx_t *r); | 60 void (*handler)(ngx_ssl_ocsp_ctx_t *ctx); |
| 61 void *data; | 61 void *data; |
| 62 | 62 |
| 63 ngx_buf_t *request; | 63 ngx_buf_t *request; |
| 64 ngx_buf_t *response; | 64 ngx_buf_t *response; |
| 65 ngx_peer_connection_t peer; | 65 ngx_peer_connection_t peer; |
| 66 | 66 |
| 67 ngx_int_t (*process)(ngx_ssl_ocsp_ctx_t *r); | 67 ngx_int_t (*process)(ngx_ssl_ocsp_ctx_t *ctx); |
| 68 | 68 |
| 69 ngx_uint_t state; | 69 ngx_uint_t state; |
| 70 | 70 |
| 71 ngx_uint_t code; | 71 ngx_uint_t code; |
| 72 ngx_uint_t count; | 72 ngx_uint_t count; |
| 372 | 372 |
| 373 static ngx_int_t | 373 static ngx_int_t |
| 374 ngx_ssl_stapling_responder(ngx_conf_t *cf, ngx_ssl_t *ssl, | 374 ngx_ssl_stapling_responder(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 375 ngx_ssl_stapling_t *staple, ngx_str_t *responder) | 375 ngx_ssl_stapling_t *staple, ngx_str_t *responder) |
| 376 { | 376 { |
| 377 ngx_url_t u; | |
| 378 char *s; | 377 char *s; |
| 379 ngx_str_t rsp; | 378 ngx_str_t rsp; |
| 379 ngx_url_t u; | |
| 380 STACK_OF(OPENSSL_STRING) *aia; | 380 STACK_OF(OPENSSL_STRING) *aia; |
| 381 | 381 |
| 382 if (responder->len == 0) { | 382 if (responder->len == 0) { |
| 383 | 383 |
| 384 /* extract OCSP responder URL from certificate */ | 384 /* extract OCSP responder URL from certificate */ |
| 755 | 755 |
| 756 | 756 |
| 757 static time_t | 757 static time_t |
| 758 ngx_ssl_stapling_time(ASN1_GENERALIZEDTIME *asn1time) | 758 ngx_ssl_stapling_time(ASN1_GENERALIZEDTIME *asn1time) |
| 759 { | 759 { |
| 760 BIO *bio; | |
| 760 u_char *value; | 761 u_char *value; |
| 761 size_t len; | 762 size_t len; |
| 762 time_t time; | 763 time_t time; |
| 763 BIO *bio; | |
| 764 | 764 |
| 765 /* | 765 /* |
| 766 * OpenSSL doesn't provide a way to convert ASN1_GENERALIZEDTIME | 766 * OpenSSL doesn't provide a way to convert ASN1_GENERALIZEDTIME |
| 767 * into time_t. To do this, we use ASN1_GENERALIZEDTIME_print(), | 767 * into time_t. To do this, we use ASN1_GENERALIZEDTIME_print(), |
| 768 * which uses the "MMM DD HH:MM:SS YYYY [GMT]" format (e.g., | 768 * which uses the "MMM DD HH:MM:SS YYYY [GMT]" format (e.g., |
| 1003 | 1003 |
| 1004 | 1004 |
| 1005 static void | 1005 static void |
| 1006 ngx_ssl_ocsp_connect(ngx_ssl_ocsp_ctx_t *ctx) | 1006 ngx_ssl_ocsp_connect(ngx_ssl_ocsp_ctx_t *ctx) |
| 1007 { | 1007 { |
| 1008 ngx_int_t rc; | 1008 ngx_int_t rc; |
| 1009 | 1009 |
| 1010 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ctx->log, 0, | 1010 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ctx->log, 0, |
| 1011 "ssl ocsp connect"); | 1011 "ssl ocsp connect"); |
| 1012 | 1012 |
| 1013 /* TODO: use all ip addresses */ | 1013 /* TODO: use all ip addresses */ |
| 1101 | 1101 |
| 1102 | 1102 |
| 1103 static void | 1103 static void |
| 1104 ngx_ssl_ocsp_read_handler(ngx_event_t *rev) | 1104 ngx_ssl_ocsp_read_handler(ngx_event_t *rev) |
| 1105 { | 1105 { |
| 1106 ssize_t n, size; | 1106 ssize_t n, size; |
| 1107 ngx_int_t rc; | 1107 ngx_int_t rc; |
| 1108 ngx_ssl_ocsp_ctx_t *ctx; | 1108 ngx_connection_t *c; |
| 1109 ngx_connection_t *c; | 1109 ngx_ssl_ocsp_ctx_t *ctx; |
| 1110 | 1110 |
| 1111 c = rev->data; | 1111 c = rev->data; |
| 1112 ctx = c->data; | 1112 ctx = c->data; |
| 1113 | 1113 |
| 1114 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, | 1114 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, |
| 1606 | 1606 |
| 1607 ctx->process = ngx_ssl_ocsp_process_body; | 1607 ctx->process = ngx_ssl_ocsp_process_body; |
| 1608 return ctx->process(ctx); | 1608 return ctx->process(ctx); |
| 1609 } | 1609 } |
| 1610 | 1610 |
| 1611 | |
| 1611 static ngx_int_t | 1612 static ngx_int_t |
| 1612 ngx_ssl_ocsp_parse_header_line(ngx_ssl_ocsp_ctx_t *ctx) | 1613 ngx_ssl_ocsp_parse_header_line(ngx_ssl_ocsp_ctx_t *ctx) |
| 1613 { | 1614 { |
| 1614 u_char c, ch, *p; | 1615 u_char c, ch, *p; |
| 1615 enum { | 1616 enum { |
| 1616 sw_start = 0, | 1617 sw_start = 0, |
| 1617 sw_name, | 1618 sw_name, |
| 1618 sw_space_before_value, | 1619 sw_space_before_value, |
| 1619 sw_value, | 1620 sw_value, |
| 1844 "\"ssl_stapling\" ignored, not supported"); | 1845 "\"ssl_stapling\" ignored, not supported"); |
| 1845 | 1846 |
| 1846 return NGX_OK; | 1847 return NGX_OK; |
| 1847 } | 1848 } |
| 1848 | 1849 |
| 1850 | |
| 1849 ngx_int_t | 1851 ngx_int_t |
| 1850 ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, | 1852 ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, |
| 1851 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout) | 1853 ngx_resolver_t *resolver, ngx_msec_t resolver_timeout) |
| 1852 { | 1854 { |
| 1853 return NGX_OK; | 1855 return NGX_OK; |