Mercurial > hg > nginx-vendor-0-8
comparison src/http/ngx_http_request.c @ 96:ca4f70b3ccc6 NGINX_0_2_2
nginx 0.2.2
*) Feature: the "config errmsg" command of the ngx_http_ssi_module.
*) Change: the ngx_http_geo_module variables can be overridden by the
"set" directive.
*) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers"
directives of the ngx_http_ssl_module and ngx_imap_ssl_module.
*) Bugfix: the ngx_http_autoindex_module did not show correctly the
long file names;
*) Bugfix: the ngx_http_autoindex_module now do not show the files
starting by dot.
*) Bugfix: if the SSL handshake failed then another connection may be
closed too.
Thanks to Rob Mueller.
*) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Fri, 30 Sep 2005 00:00:00 +0400 |
parents | 45945fa8b8ba |
children | f63280c59dd5 |
comparison
equal
deleted
inserted
replaced
95:2f95911bc4b4 | 96:ca4f70b3ccc6 |
---|---|
47 static u_char *ngx_http_log_error_handler(ngx_http_request_t *r, u_char *buf, | 47 static u_char *ngx_http_log_error_handler(ngx_http_request_t *r, u_char *buf, |
48 size_t len); | 48 size_t len); |
49 | 49 |
50 #if (NGX_HTTP_SSL) | 50 #if (NGX_HTTP_SSL) |
51 static void ngx_http_ssl_handshake(ngx_event_t *rev); | 51 static void ngx_http_ssl_handshake(ngx_event_t *rev); |
52 static void ngx_http_ssl_handshake_handler(ngx_connection_t *c); | |
52 static void ngx_http_ssl_close_handler(ngx_event_t *ev); | 53 static void ngx_http_ssl_close_handler(ngx_event_t *ev); |
53 #endif | 54 #endif |
54 | 55 |
55 | 56 |
56 static char *ngx_http_client_errors[] = { | 57 static char *ngx_http_client_errors[] = { |
357 | 358 |
358 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); | 359 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); |
359 if (sscf->enable) { | 360 if (sscf->enable) { |
360 | 361 |
361 if (c->ssl == NULL) { | 362 if (c->ssl == NULL) { |
362 if (ngx_ssl_create_connection(sscf->ssl_ctx, c, NGX_SSL_BUFFER) | 363 if (ngx_ssl_create_connection(&sscf->ssl, c, NGX_SSL_BUFFER) |
363 == NGX_ERROR) | 364 == NGX_ERROR) |
364 { | 365 { |
365 ngx_http_close_connection(c); | 366 ngx_http_close_connection(c); |
366 return; | 367 return; |
367 } | 368 } |
368 | 369 |
369 rev->handler = ngx_http_ssl_handshake; | 370 rev->handler = ngx_http_ssl_handshake; |
370 | |
371 /* | |
372 * The majority of browsers do not send the "close notify" alert. | |
373 * Among them are MSIE, Mozilla, Netscape 4, Konqueror, and Links. | |
374 * And what is more, MSIE ignores the server's alert. | |
375 * | |
376 * Opera always sends the alert. | |
377 */ | |
378 | |
379 c->ssl->no_rcv_shut = 1; | |
380 } | 371 } |
381 | 372 |
382 r->main_filter_need_in_memory = 1; | 373 r->main_filter_need_in_memory = 1; |
383 } | 374 } |
384 | 375 |
489 if (n == 1) { | 480 if (n == 1) { |
490 if (buf[0] == 0x80 /* SSLv2 */ || buf[0] == 0x16 /* SSLv3/TLSv1 */) { | 481 if (buf[0] == 0x80 /* SSLv2 */ || buf[0] == 0x16 /* SSLv3/TLSv1 */) { |
491 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, rev->log, 0, | 482 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, rev->log, 0, |
492 "https ssl handshake: 0x%02Xd", buf[0]); | 483 "https ssl handshake: 0x%02Xd", buf[0]); |
493 | 484 |
494 c->recv = ngx_ssl_recv; | |
495 c->send = ngx_ssl_write; | |
496 c->send_chain = ngx_ssl_send_chain; | |
497 | |
498 rc = ngx_ssl_handshake(c); | 485 rc = ngx_ssl_handshake(c); |
499 | 486 |
500 if (rc == NGX_ERROR) { | 487 if (rc == NGX_AGAIN) { |
501 ngx_http_close_request(r, NGX_HTTP_BAD_REQUEST); | 488 c->ssl->handler = ngx_http_ssl_handshake_handler; |
502 ngx_http_close_connection(r->connection); | |
503 return; | 489 return; |
504 } | 490 } |
505 | 491 |
506 if (rc != NGX_OK) { | 492 ngx_http_ssl_handshake_handler(c); |
507 return; | 493 |
508 } | 494 return; |
509 | 495 |
510 } else { | 496 } else { |
511 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0, | 497 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0, |
512 "plain http"); | 498 "plain http"); |
513 | 499 |
516 } | 502 } |
517 | 503 |
518 rev->handler = ngx_http_process_request_line; | 504 rev->handler = ngx_http_process_request_line; |
519 ngx_http_process_request_line(rev); | 505 ngx_http_process_request_line(rev); |
520 } | 506 } |
507 | |
508 | |
509 static void | |
510 ngx_http_ssl_handshake_handler(ngx_connection_t *c) | |
511 { | |
512 ngx_http_request_t *r; | |
513 | |
514 if (c->ssl->handshaked) { | |
515 | |
516 /* | |
517 * The majority of browsers do not send the "close notify" alert. | |
518 * Among them are MSIE, old Mozilla, Netscape 4, Konqueror, | |
519 * and Links. And what is more, MSIE ignores the server's alert. | |
520 * | |
521 * Opera and recent Mozilla send the alert. | |
522 */ | |
523 | |
524 c->ssl->no_wait_shutdown = 1; | |
525 | |
526 c->read->handler = ngx_http_process_request_line; | |
527 /* STUB: epoll edge */ c->write->handler = ngx_http_empty_handler; | |
528 | |
529 ngx_http_process_request_line(c->read); | |
530 | |
531 return; | |
532 } | |
533 | |
534 r = c->data; | |
535 | |
536 ngx_http_close_request(r, NGX_HTTP_BAD_REQUEST); | |
537 ngx_http_close_connection(r->connection); | |
538 | |
539 return; | |
540 } | |
541 | |
521 | 542 |
522 #endif | 543 #endif |
523 | 544 |
524 | 545 |
525 static void | 546 static void |
1288 } | 1309 } |
1289 | 1310 |
1290 #if 0 | 1311 #if 0 |
1291 /* MSIE ignores the SSL "close notify" alert */ | 1312 /* MSIE ignores the SSL "close notify" alert */ |
1292 if (c->ssl) { | 1313 if (c->ssl) { |
1293 r->connection->ssl->no_send_shut = 1; | 1314 c->ssl->no_send_shutdown = 1; |
1294 } | 1315 } |
1295 #endif | 1316 #endif |
1296 } | 1317 } |
1297 | 1318 |
1298 if (ngx_strstr(user_agent, "Opera")) { | 1319 if (ngx_strstr(user_agent, "Opera")) { |
2124 ngx_log_error(NGX_LOG_INFO, c->log, rev->kq_errno, | 2145 ngx_log_error(NGX_LOG_INFO, c->log, rev->kq_errno, |
2125 "kevent() reported that client %V closed " | 2146 "kevent() reported that client %V closed " |
2126 "keepalive connection", &c->addr_text); | 2147 "keepalive connection", &c->addr_text); |
2127 #if (NGX_HTTP_SSL) | 2148 #if (NGX_HTTP_SSL) |
2128 if (c->ssl) { | 2149 if (c->ssl) { |
2129 c->ssl->no_send_shut = 1; | 2150 c->ssl->no_send_shutdown = 1; |
2130 } | 2151 } |
2131 #endif | 2152 #endif |
2132 ngx_http_close_connection(c); | 2153 ngx_http_close_connection(c); |
2133 return; | 2154 return; |
2134 } | 2155 } |