Mercurial > hg > nginx-vendor-0-8
diff src/http/modules/ngx_http_ssl_module.c @ 218:1bf60f8c5c9e NGINX_0_3_56
nginx 0.3.56
*) Feature: the "dav_access" directive.
*) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e",
"-x", and "!-x" operators.
*) Bugfix: a segmentation fault occurred if an request returned an
redirect and some sent to client header lines were logged in the
access log.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Fri, 04 Aug 2006 00:00:00 +0400 |
parents | fa32d59d9a15 |
children | 559bc7ec214e |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_ssl_module.c +++ b/src/http/modules/ngx_http_ssl_module.c @@ -17,6 +17,7 @@ typedef u_char *(*ngx_ssl_variable_handl #define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" +static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store); static ngx_int_t ngx_http_ssl_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_ssl_client_s_dn(ngx_http_request_t *r, @@ -384,7 +385,8 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t * } if (conf->verify) { - SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY, NULL); + SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY, + ngx_http_ssl_verify_callback); SSL_CTX_set_verify_depth(conf->ssl.ctx, conf->verify_depth); @@ -422,6 +424,13 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t * } +static int +ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store) +{ + return 1; +} + + #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) static char *