Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 6552:addd98357629

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: style.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 19 May 2016 14:46:32 +0300
parents 62f99a890754
children 2014ed60f17f
comparison
equal deleted inserted replaced
6551:62f99a890754 6552:addd98357629
1067 EC_KEY *ecdh; 1067 EC_KEY *ecdh;
1068 1068
1069 /* 1069 /*
1070 * Elliptic-Curve Diffie-Hellman parameters are either "named curves" 1070 * Elliptic-Curve Diffie-Hellman parameters are either "named curves"
1071 * from RFC 4492 section 5.1.1, or explicitly described curves over 1071 * from RFC 4492 section 5.1.1, or explicitly described curves over
1072 * binary fields. OpenSSL only supports the "named curves", which provide 1072 * binary fields. OpenSSL only supports the "named curves", which provide
1073 * maximum interoperability. 1073 * maximum interoperability.
1074 */ 1074 */
1075 1075
1076 nid = OBJ_sn2nid((const char *) name->data); 1076 nid = OBJ_sn2nid((char *) name->data);
1077 if (nid == 0) { 1077 if (nid == 0) {
1078 ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0, 1078 ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
1079 "OBJ_sn2nid(\"%s\") failed: unknown curve", name->data); 1079 "OBJ_sn2nid(\"%s\") failed: unknown curve", name->data);
1080 return NGX_ERROR; 1080 return NGX_ERROR;
1081 } 1081 }
2163 /* 2163 /*
2164 * If the server explicitly says that it does not support 2164 * If the server explicitly says that it does not support
2165 * session reuse (see SSL_SESS_CACHE_OFF above), then 2165 * session reuse (see SSL_SESS_CACHE_OFF above), then
2166 * Outlook Express fails to upload a sent email to 2166 * Outlook Express fails to upload a sent email to
2167 * the Sent Items folder on the IMAP server via a separate IMAP 2167 * the Sent Items folder on the IMAP server via a separate IMAP
2168 * connection in the background. Therefore we have a special 2168 * connection in the background. Therefore we have a special
2169 * mode (SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_STORE) 2169 * mode (SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_STORE)
2170 * where the server pretends that it supports session reuse, 2170 * where the server pretends that it supports session reuse,
2171 * but it does not actually store any session. 2171 * but it does not actually store any session.
2172 */ 2172 */
2173 2173
3600 3600
3601 oscf->engine = 1; 3601 oscf->engine = 1;
3602 3602
3603 value = cf->args->elts; 3603 value = cf->args->elts;
3604 3604
3605 engine = ENGINE_by_id((const char *) value[1].data); 3605 engine = ENGINE_by_id((char *) value[1].data);
3606 3606
3607 if (engine == NULL) { 3607 if (engine == NULL) {
3608 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0, 3608 ngx_ssl_error(NGX_LOG_WARN, cf->log, 0,
3609 "ENGINE_by_id(\"%V\") failed", &value[1]); 3609 "ENGINE_by_id(\"%V\") failed", &value[1]);
3610 return NGX_CONF_ERROR; 3610 return NGX_CONF_ERROR;