Mercurial > hg > nginx-quic

comparison src/event/ngx_event_openssl.c @ 8812:7c2adf237091 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merged with the default branch.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 25 Jan 2022 23:42:48 +0300
parents eaf356a35f5d e30f7dc7f143
children ce6d9cf0f567
comparison
equal deleted inserted replaced
8802:4646a981111f 8812:7c2adf237091
1381 } 1381 }
1382 1382
1383 if (SSL_CTX_set0_tmp_dh_pkey(ssl->ctx, dh) != 1) { 1383 if (SSL_CTX_set0_tmp_dh_pkey(ssl->ctx, dh) != 1) {
1384 ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0, 1384 ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
1385 "SSL_CTX_set0_tmp_dh_pkey(\%s\") failed", file->data); 1385 "SSL_CTX_set0_tmp_dh_pkey(\%s\") failed", file->data);
1386 #if (OPENSSL_VERSION_NUMBER >= 0x3000001fL)
1387 EVP_PKEY_free(dh);
1388 #endif
1386 BIO_free(bio); 1389 BIO_free(bio);
1387 return NGX_ERROR; 1390 return NGX_ERROR;
1388 } 1391 }
1389 } 1392 }
1390 #endif 1393 #endif
4453 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, 4456 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0,
4454 "EVP_DecryptInit_ex() failed"); 4457 "EVP_DecryptInit_ex() failed");
4455 return -1; 4458 return -1;
4456 } 4459 }
4457 4460
4458 return (i == 0) ? 1 : 2 /* renew */; 4461 /* renew if TLSv1.3 */
4462
4463 #ifdef TLS1_3_VERSION
4464 if (SSL_version(ssl_conn) == TLS1_3_VERSION) {
4465 return 2;
4466 }
4467 #endif
4468
4469 /* renew if non-default key */
4470
4471 if (i != 0) {
4472 return 2;
4473 }
4474
4475 return 1;
4459 } 4476 }
4460 } 4477 }
4461 4478
4462 4479
4463 static void 4480 static void