Mercurial > hg > nginx
comparison src/event/ngx_event_openssl_stapling.c @ 6813:94586180fb41
OCSP stapling: improved error logging context.
It now logs the IP address of the responder used (if it's already known),
as well as the certificate name.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 05 Dec 2016 22:23:22 +0300 |
parents | a7ec59df0c4d |
children | e7cb5deb951d |
comparison
equal
deleted
inserted
replaced
6812:a7ec59df0c4d | 6813:94586180fb41 |
---|---|
44 typedef struct ngx_ssl_ocsp_ctx_s ngx_ssl_ocsp_ctx_t; | 44 typedef struct ngx_ssl_ocsp_ctx_s ngx_ssl_ocsp_ctx_t; |
45 | 45 |
46 struct ngx_ssl_ocsp_ctx_s { | 46 struct ngx_ssl_ocsp_ctx_s { |
47 X509 *cert; | 47 X509 *cert; |
48 X509 *issuer; | 48 X509 *issuer; |
49 | |
50 u_char *name; | |
49 | 51 |
50 ngx_uint_t naddrs; | 52 ngx_uint_t naddrs; |
51 | 53 |
52 ngx_addr_t *addrs; | 54 ngx_addr_t *addrs; |
53 ngx_str_t host; | 55 ngx_str_t host; |
557 return; | 559 return; |
558 } | 560 } |
559 | 561 |
560 ctx->cert = staple->cert; | 562 ctx->cert = staple->cert; |
561 ctx->issuer = staple->issuer; | 563 ctx->issuer = staple->issuer; |
564 ctx->name = staple->name; | |
562 | 565 |
563 ctx->addrs = staple->addrs; | 566 ctx->addrs = staple->addrs; |
564 ctx->host = staple->host; | 567 ctx->host = staple->host; |
565 ctx->uri = staple->uri; | 568 ctx->uri = staple->uri; |
566 ctx->port = staple->port; | 569 ctx->port = staple->port; |
1835 p = buf; | 1838 p = buf; |
1836 | 1839 |
1837 if (log->action) { | 1840 if (log->action) { |
1838 p = ngx_snprintf(buf, len, " while %s", log->action); | 1841 p = ngx_snprintf(buf, len, " while %s", log->action); |
1839 len -= p - buf; | 1842 len -= p - buf; |
1843 buf = p; | |
1840 } | 1844 } |
1841 | 1845 |
1842 ctx = log->data; | 1846 ctx = log->data; |
1843 | 1847 |
1844 if (ctx) { | 1848 if (ctx) { |
1845 p = ngx_snprintf(p, len, ", responder: %V", &ctx->host); | 1849 p = ngx_snprintf(buf, len, ", responder: %V", &ctx->host); |
1850 len -= p - buf; | |
1851 buf = p; | |
1852 } | |
1853 | |
1854 if (ctx && ctx->peer.name) { | |
1855 p = ngx_snprintf(buf, len, ", peer: %V", ctx->peer.name); | |
1856 len -= p - buf; | |
1857 buf = p; | |
1858 } | |
1859 | |
1860 if (ctx && ctx->name) { | |
1861 p = ngx_snprintf(buf, len, ", certificate: \"%s\"", ctx->name); | |
1862 len -= p - buf; | |
1863 buf = p; | |
1846 } | 1864 } |
1847 | 1865 |
1848 return p; | 1866 return p; |
1849 } | 1867 } |
1850 | 1868 |