Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 5700:5e892d40e5cc
SSL: $ssl_client_fingerprint variable.
author | Sergey Budnevitch <sb@waeme.net> |
---|---|
date | Tue, 20 May 2014 14:03:03 +0400 |
parents | cac82b9b3499 |
children | 42114bf12da0 |
comparison
equal
deleted
inserted
replaced
5699:e9dbffc18a77 | 5700:5e892d40e5cc |
---|---|
2955 return NGX_OK; | 2955 return NGX_OK; |
2956 } | 2956 } |
2957 | 2957 |
2958 | 2958 |
2959 ngx_int_t | 2959 ngx_int_t |
2960 ngx_ssl_get_fingerprint(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | |
2961 { | |
2962 X509 *cert; | |
2963 unsigned int len; | |
2964 u_char buf[EVP_MAX_MD_SIZE]; | |
2965 | |
2966 s->len = 0; | |
2967 | |
2968 cert = SSL_get_peer_certificate(c->ssl->connection); | |
2969 if (cert == NULL) { | |
2970 return NGX_OK; | |
2971 } | |
2972 | |
2973 if (!X509_digest(cert, EVP_sha1(), buf, &len)) { | |
2974 X509_free(cert); | |
2975 return NGX_ERROR; | |
2976 } | |
2977 | |
2978 s->len = 2 * len; | |
2979 s->data = ngx_pnalloc(pool, 2 * len); | |
2980 if (s->data == NULL) { | |
2981 X509_free(cert); | |
2982 return NGX_ERROR; | |
2983 } | |
2984 | |
2985 ngx_hex_dump(s->data, buf, len); | |
2986 | |
2987 X509_free(cert); | |
2988 | |
2989 return NGX_OK; | |
2990 } | |
2991 | |
2992 | |
2993 ngx_int_t | |
2960 ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | 2994 ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) |
2961 { | 2995 { |
2962 X509 *cert; | 2996 X509 *cert; |
2963 | 2997 |
2964 if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) { | 2998 if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) { |