Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 2994:f33c48457d0c
*) $ssl_client_verify
*) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Wed, 22 Jul 2009 17:41:42 +0000 |
parents | c7d57b539248 |
children | cc07d164f0dc |
comparison
equal
deleted
inserted
replaced
2993:f592d466bbda | 2994:f33c48457d0c |
---|---|
2106 | 2106 |
2107 return NGX_OK; | 2107 return NGX_OK; |
2108 } | 2108 } |
2109 | 2109 |
2110 | 2110 |
2111 ngx_int_t | |
2112 ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | |
2113 { | |
2114 X509 *cert; | |
2115 | |
2116 if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) { | |
2117 s->len = sizeof("FAILED") - 1; | |
2118 s->data = (u_char *) "FAILED"; | |
2119 | |
2120 return NGX_OK; | |
2121 } | |
2122 | |
2123 cert = SSL_get_peer_certificate(c->ssl->connection); | |
2124 | |
2125 if (cert) { | |
2126 s->len = sizeof("SUCCESS") - 1; | |
2127 s->data = (u_char *) "SUCCESS"; | |
2128 | |
2129 } else { | |
2130 s->len = sizeof("NONE") - 1; | |
2131 s->data = (u_char *) "NONE"; | |
2132 } | |
2133 | |
2134 X509_free(cert); | |
2135 | |
2136 return NGX_OK; | |
2137 } | |
2138 | |
2139 | |
2111 static void * | 2140 static void * |
2112 ngx_openssl_create_conf(ngx_cycle_t *cycle) | 2141 ngx_openssl_create_conf(ngx_cycle_t *cycle) |
2113 { | 2142 { |
2114 ngx_openssl_conf_t *oscf; | 2143 ngx_openssl_conf_t *oscf; |
2115 | 2144 |