Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 5700:5e892d40e5cc
SSL: $ssl_client_fingerprint variable.
| author | Sergey Budnevitch <sb@waeme.net> |
|---|---|
| date | Tue, 20 May 2014 14:03:03 +0400 |
| parents | cac82b9b3499 |
| children | 42114bf12da0 |
comparison
equal
deleted
inserted
replaced
| 5699:e9dbffc18a77 | 5700:5e892d40e5cc |
|---|---|
| 2955 return NGX_OK; | 2955 return NGX_OK; |
| 2956 } | 2956 } |
| 2957 | 2957 |
| 2958 | 2958 |
| 2959 ngx_int_t | 2959 ngx_int_t |
| 2960 ngx_ssl_get_fingerprint(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | |
| 2961 { | |
| 2962 X509 *cert; | |
| 2963 unsigned int len; | |
| 2964 u_char buf[EVP_MAX_MD_SIZE]; | |
| 2965 | |
| 2966 s->len = 0; | |
| 2967 | |
| 2968 cert = SSL_get_peer_certificate(c->ssl->connection); | |
| 2969 if (cert == NULL) { | |
| 2970 return NGX_OK; | |
| 2971 } | |
| 2972 | |
| 2973 if (!X509_digest(cert, EVP_sha1(), buf, &len)) { | |
| 2974 X509_free(cert); | |
| 2975 return NGX_ERROR; | |
| 2976 } | |
| 2977 | |
| 2978 s->len = 2 * len; | |
| 2979 s->data = ngx_pnalloc(pool, 2 * len); | |
| 2980 if (s->data == NULL) { | |
| 2981 X509_free(cert); | |
| 2982 return NGX_ERROR; | |
| 2983 } | |
| 2984 | |
| 2985 ngx_hex_dump(s->data, buf, len); | |
| 2986 | |
| 2987 X509_free(cert); | |
| 2988 | |
| 2989 return NGX_OK; | |
| 2990 } | |
| 2991 | |
| 2992 | |
| 2993 ngx_int_t | |
| 2960 ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | 2994 ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) |
| 2961 { | 2995 { |
| 2962 X509 *cert; | 2996 X509 *cert; |
| 2963 | 2997 |
| 2964 if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) { | 2998 if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) { |