Mercurial > hg > nginx-vendor-current
diff src/http/ngx_http_request.c @ 636:943566b4d82e NGINX_1_1_2
nginx 1.1.2
*) Change: now if total size of all ranges is greater than source
response size, then nginx disables ranges and returns just the source
response.
*) Feature: the "max_ranges" directive.
*) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and
"ssl_prefer_server_ciphers" directives might work incorrectly if SNI
was used.
*) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort"
directives.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 05 Sep 2011 00:00:00 +0400 |
parents | 5b73504dd4ba |
children | 6f21ae02fb01 |
line wrap: on
line diff
--- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -673,6 +673,24 @@ ngx_http_ssl_servername(ngx_ssl_conn_t * SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx); + /* + * SSL_set_SSL_CTX() only changes certs as of 1.0.0d + * adjust other things we care about + */ + + SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx), + SSL_CTX_get_verify_callback(sscf->ssl.ctx)); + + SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx)); + +#ifdef SSL_CTRL_CLEAR_OPTIONS + /* only in 0.9.8m+ */ + SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) & + ~SSL_CTX_get_options(sscf->ssl.ctx)); +#endif + + SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx)); + return SSL_TLSEXT_ERR_OK; }