Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 8272:7f0981be07c4 quic
Fixed client certificate verification.
For ngx_http_process_request() part to work, this required to set both
r->http_connection->ssl and c->ssl on a QUIC stream. To avoid damaging
global SSL object, ngx_ssl_shutdown() is managed to ignore QUIC streams.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Mon, 23 Mar 2020 20:48:34 +0300 |
| parents | 253cf267f95a |
| children | 7995cd199b52 |
comparison
equal
deleted
inserted
replaced
| 8271:8e54a17dabee | 8272:7f0981be07c4 |
|---|---|
| 2732 ngx_int_t | 2732 ngx_int_t |
| 2733 ngx_ssl_shutdown(ngx_connection_t *c) | 2733 ngx_ssl_shutdown(ngx_connection_t *c) |
| 2734 { | 2734 { |
| 2735 int n, sslerr, mode; | 2735 int n, sslerr, mode; |
| 2736 ngx_err_t err; | 2736 ngx_err_t err; |
| 2737 | |
| 2738 if (c->qs) { | |
| 2739 /* QUIC streams inherit SSL object */ | |
| 2740 return NGX_OK; | |
| 2741 } | |
| 2737 | 2742 |
| 2738 if (SSL_in_init(c->ssl->connection)) { | 2743 if (SSL_in_init(c->ssl->connection)) { |
| 2739 /* | 2744 /* |
| 2740 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during | 2745 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during |
| 2741 * an SSL handshake, while previous versions always return 0. | 2746 * an SSL handshake, while previous versions always return 0. |