Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 394:e7a68e14ccd3
nginx-0.0.7-2004-07-16-10:33:35 import
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Fri, 16 Jul 2004 06:33:35 +0000 |
parents | 5659d773cfa8 |
children | f8f0f1834266 |
comparison
equal
deleted
inserted
replaced
393:5659d773cfa8 | 394:e7a68e14ccd3 |
---|---|
1 | |
1 #include <ngx_config.h> | 2 #include <ngx_config.h> |
2 #include <ngx_core.h> | 3 #include <ngx_core.h> |
3 | 4 #include <ngx_event.h> |
4 | |
5 static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, | |
6 char *fmt, ...); | |
7 | 5 |
8 | 6 |
9 ngx_int_t ngx_ssl_init(ngx_log_t *log) | 7 ngx_int_t ngx_ssl_init(ngx_log_t *log) |
10 { | 8 { |
11 SSL_library_init(); | 9 SSL_library_init(); |
20 ngx_ssl_t *ssl; | 18 ngx_ssl_t *ssl; |
21 | 19 |
22 ssl = SSL_new(ssl_ctx); | 20 ssl = SSL_new(ssl_ctx); |
23 | 21 |
24 if (ssl == NULL) { | 22 if (ssl == NULL) { |
25 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_new() failed"); | 23 ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_new() failed"); |
26 return NGX_ERROR; | 24 return NGX_ERROR; |
27 } | 25 } |
28 | 26 |
29 if (SSL_set_fd(ssl, c->fd) == 0) { | 27 if (SSL_set_fd(ssl, c->fd) == 0) { |
30 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_set_fd() failed"); | 28 ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_set_fd() failed"); |
31 return NGX_ERROR; | 29 return NGX_ERROR; |
32 } | 30 } |
33 | 31 |
34 SSL_set_accept_state(ssl); | 32 SSL_set_accept_state(ssl); |
35 | 33 |
57 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); | 55 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); |
58 | 56 |
59 if (n == SSL_ERROR_WANT_READ) { | 57 if (n == SSL_ERROR_WANT_READ) { |
60 return NGX_AGAIN; | 58 return NGX_AGAIN; |
61 } | 59 } |
62 | 60 |
63 #if 0 | 61 #if 0 |
64 if (n == SSL_ERROR_WANT_WRITE) { | 62 if (n == SSL_ERROR_WANT_WRITE) { |
65 return NGX_AGAIN; | 63 return NGX_AGAIN; |
66 } | 64 } |
67 #endif | 65 #endif |
89 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); | 87 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); |
90 | 88 |
91 return NGX_SSL_HTTP_ERROR; | 89 return NGX_SSL_HTTP_ERROR; |
92 } | 90 } |
93 | 91 |
94 ngx_ssl_error(NGX_LOG_ALERT, c->log, n, "SSL_read() failed%s", handshake); | 92 ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_read() failed%s", handshake); |
95 | 93 |
96 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | 94 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); |
97 | 95 |
98 return NGX_ERROR; | 96 return NGX_ERROR; |
99 } | 97 } |
100 | 98 |
101 | 99 |
102 static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, | 100 ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, |
103 char *fmt, ...) | 101 off_t limit) |
102 { | |
103 int n; | |
104 ssize_t send, size; | |
105 | |
106 send = 0; | |
107 | |
108 for (/* void */; in; in = in->next) { | |
109 if (ngx_buf_special(in->buf)) { | |
110 continue; | |
111 } | |
112 | |
113 size = in->buf->last - in->buf->pos; | |
114 | |
115 if (send + size > limit) { | |
116 size = limit - send; | |
117 } | |
118 | |
119 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
120 "SSL to write: %d", size); | |
121 | |
122 n = SSL_write(c->ssl, in->buf->pos, size); | |
123 | |
124 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_write: %d", n); | |
125 | |
126 if (n > 0) { | |
127 in->buf->pos += n; | |
128 send += n; | |
129 | |
130 if (n == size) { | |
131 if (send < limit) { | |
132 continue; | |
133 } | |
134 | |
135 return in; | |
136 } | |
137 | |
138 c->write->ready = 0; | |
139 return in; | |
140 } | |
141 | |
142 n = SSL_get_error(c->ssl, n); | |
143 | |
144 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); | |
145 | |
146 if (n == SSL_ERROR_WANT_WRITE) { | |
147 c->write->ready = 0; | |
148 return in; | |
149 } | |
150 | |
151 #if 0 | |
152 if (n == SSL_ERROR_WANT_READ) { | |
153 return NGX_AGAIN; | |
154 } | |
155 #endif | |
156 | |
157 ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_write() failed"); | |
158 | |
159 return NGX_CHAIN_ERROR; | |
160 } | |
161 | |
162 return in; | |
163 } | |
164 | |
165 | |
166 ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c) | |
167 { | |
168 int n; | |
169 ngx_uint_t again; | |
170 | |
171 #if 0 | |
172 if (c->read->timedout || c->write->timedout) { | |
173 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | |
174 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); | |
175 } | |
176 #endif | |
177 | |
178 #if 0 | |
179 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); | |
180 #endif | |
181 | |
182 again = 0; | |
183 | |
184 for ( ;; ) { | |
185 n = SSL_shutdown(c->ssl); | |
186 | |
187 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); | |
188 | |
189 if (n == 0) { | |
190 again = 1; | |
191 break; | |
192 } | |
193 | |
194 if (n == 1) { | |
195 SSL_free(c->ssl); | |
196 c->ssl = NULL; | |
197 return NGX_OK; | |
198 } | |
199 | |
200 break; | |
201 } | |
202 | |
203 if (!again) { | |
204 n = SSL_get_error(c->ssl, n); | |
205 | |
206 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); | |
207 } | |
208 | |
209 if (again || n == SSL_ERROR_WANT_READ) { | |
210 | |
211 ngx_add_timer(c->read, 10000); | |
212 | |
213 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { | |
214 return NGX_ERROR; | |
215 } | |
216 | |
217 return NGX_AGAIN; | |
218 } | |
219 | |
220 if (n == SSL_ERROR_WANT_WRITE) { | |
221 | |
222 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { | |
223 return NGX_ERROR; | |
224 } | |
225 | |
226 return NGX_AGAIN; | |
227 } | |
228 | |
229 ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_shutdown() failed"); | |
230 | |
231 return NGX_ERROR; | |
232 } | |
233 | |
234 | |
235 void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, char *fmt, ...) | |
104 { | 236 { |
105 int len; | 237 int len; |
106 char errstr[NGX_MAX_CONF_ERRSTR]; | 238 char errstr[NGX_MAX_CONF_ERRSTR]; |
107 va_list args; | 239 va_list args; |
108 | 240 |