Mercurial > hg > nginx-quic
view src/os/unix/ngx_udp_send.c @ 6549:d3302eb87a0c
SSL: support for per-certificate chains.
The SSL_CTX_add0_chain_cert() function as introduced in OpenSSL 1.0.2 now
used instead of SSL_CTX_add_extra_chain_cert().
SSL_CTX_add_extra_chain_cert() adds extra certs for all certificates
in the context, while SSL_CTX_add0_chain_cert() only to a particular
certificate. There is no difference unless multiple certificates are used,
though it is important when using multiple certificates.
Additionally, SSL_CTX_select_current_cert() is now called before using
a chain to make sure correct chain will be returned.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 19 May 2016 14:46:32 +0300 |
parents | 8f038068f4bc |
children |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> ssize_t ngx_udp_unix_send(ngx_connection_t *c, u_char *buf, size_t size) { ssize_t n; ngx_err_t err; ngx_event_t *wev; wev = c->write; for ( ;; ) { n = sendto(c->fd, buf, size, 0, c->sockaddr, c->socklen); ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, "sendto: fd:%d %z of %uz to \"%V\"", c->fd, n, size, &c->addr_text); if (n >= 0) { if ((size_t) n != size) { wev->error = 1; (void) ngx_connection_error(c, 0, "sendto() incomplete"); return NGX_ERROR; } c->sent += n; return n; } err = ngx_socket_errno; if (err == NGX_EAGAIN) { wev->ready = 0; ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, NGX_EAGAIN, "sendto() not ready"); return NGX_AGAIN; } if (err != NGX_EINTR) { wev->error = 1; (void) ngx_connection_error(c, err, "sendto() failed"); return NGX_ERROR; } } }