Mercurial > hg > nginx-vendor-1-0
comparison src/event/ngx_event_openssl.c @ 530:4c5d2c627a6c NGINX_0_8_17
nginx 0.8.17
*) Security: now "/../" are disabled in "Destination" request header
line.
*) Change: now $host variable value is always low case.
*) Feature: the $ssl_session_id variable.
*) Bugfix: socket leak; the bug had appeared in 0.8.11.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 28 Sep 2009 00:00:00 +0400 |
parents | 24b676623d4f |
children | c04fa65fe604 |
comparison
equal
deleted
inserted
replaced
529:b8ac674b0ec9 | 530:4c5d2c627a6c |
---|---|
1586 ngx_memcpy(id, sess->session_id, sess->session_id_length); | 1586 ngx_memcpy(id, sess->session_id, sess->session_id_length); |
1587 | 1587 |
1588 hash = ngx_crc32_short(sess->session_id, sess->session_id_length); | 1588 hash = ngx_crc32_short(sess->session_id, sess->session_id_length); |
1589 | 1589 |
1590 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1590 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1591 "http ssl new session: %08XD:%d:%d", | 1591 "ssl new session: %08XD:%d:%d", |
1592 hash, sess->session_id_length, len); | 1592 hash, sess->session_id_length, len); |
1593 | 1593 |
1594 sess_id->node.key = hash; | 1594 sess_id->node.key = hash; |
1595 sess_id->node.data = (u_char) sess->session_id_length; | 1595 sess_id->node.data = (u_char) sess->session_id_length; |
1596 sess_id->id = id; | 1596 sess_id->id = id; |
1649 | 1649 |
1650 hash = ngx_crc32_short(id, (size_t) len); | 1650 hash = ngx_crc32_short(id, (size_t) len); |
1651 *copy = 0; | 1651 *copy = 0; |
1652 | 1652 |
1653 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1653 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1654 "http ssl get session: %08XD:%d", hash, len); | 1654 "ssl get session: %08XD:%d", hash, len); |
1655 | 1655 |
1656 shm_zone = SSL_CTX_get_ex_data(SSL_get_SSL_CTX(ssl_conn), | 1656 shm_zone = SSL_CTX_get_ex_data(SSL_get_SSL_CTX(ssl_conn), |
1657 ngx_ssl_session_cache_index); | 1657 ngx_ssl_session_cache_index); |
1658 | 1658 |
1659 cache = shm_zone->data; | 1659 cache = shm_zone->data; |
1763 len = (size_t) sess->session_id_length; | 1763 len = (size_t) sess->session_id_length; |
1764 | 1764 |
1765 hash = ngx_crc32_short(id, len); | 1765 hash = ngx_crc32_short(id, len); |
1766 | 1766 |
1767 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, | 1767 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, |
1768 "http ssl remove session: %08XD:%uz", hash, len); | 1768 "ssl remove session: %08XD:%uz", hash, len); |
1769 | 1769 |
1770 shpool = (ngx_slab_pool_t *) shm_zone->shm.addr; | 1770 shpool = (ngx_slab_pool_t *) shm_zone->shm.addr; |
1771 | 1771 |
1772 ngx_shmtx_lock(&shpool->mutex); | 1772 ngx_shmtx_lock(&shpool->mutex); |
1773 | 1773 |
1927 return NGX_OK; | 1927 return NGX_OK; |
1928 } | 1928 } |
1929 | 1929 |
1930 | 1930 |
1931 ngx_int_t | 1931 ngx_int_t |
1932 ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | |
1933 { | |
1934 int len; | |
1935 u_char *p, *buf; | |
1936 SSL_SESSION *sess; | |
1937 | |
1938 sess = SSL_get0_session(c->ssl->connection); | |
1939 | |
1940 len = i2d_SSL_SESSION(sess, NULL); | |
1941 | |
1942 buf = ngx_alloc(len, c->log); | |
1943 if (buf == NULL) { | |
1944 return NGX_ERROR; | |
1945 } | |
1946 | |
1947 s->len = 2 * len; | |
1948 s->data = ngx_pnalloc(pool, 2 * len); | |
1949 if (s->data == NULL) { | |
1950 ngx_free(buf); | |
1951 return NGX_ERROR; | |
1952 } | |
1953 | |
1954 p = buf; | |
1955 i2d_SSL_SESSION(sess, &p); | |
1956 | |
1957 ngx_hex_dump(s->data, buf, len); | |
1958 | |
1959 ngx_free(buf); | |
1960 | |
1961 return NGX_OK; | |
1962 } | |
1963 | |
1964 | |
1965 ngx_int_t | |
1932 ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | 1966 ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) |
1933 { | 1967 { |
1934 size_t len; | 1968 size_t len; |
1935 BIO *bio; | 1969 BIO *bio; |
1936 X509 *cert; | 1970 X509 *cert; |