Mercurial > hg > nginx
diff src/event/ngx_event_openssl.h @ 3243:08570d26c7c5 stable-0.7
merge r2995, r2996, r2997, r2998, r3003, r3141, r3210, r3211, r3232:
various SSL fixes and features:
*) $ssl_client_verify
*) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
*) ssl_crl
*) delete OpenSSL pre-0.9.7 compatibility: the sources were not actually
compatible with OpenSSL 0.9.6 since ssl_session_cache introduction
*) fix memory corruption in $ssl_client_cert
*) issue SNI warning instead of failure: this is too common case
*) use ngx_log_error(), since OpenSSL does not set an error on the failure
*) add SNI support in -V output
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Mon, 26 Oct 2009 16:53:34 +0000 |
parents | 9697407e9ecb |
children | 305fe2aa9e49 |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h @@ -13,12 +13,8 @@ #include <openssl/ssl.h> #include <openssl/err.h> - -#if OPENSSL_VERSION_NUMBER >= 0x00907000 #include <openssl/conf.h> #include <openssl/engine.h> -#define NGX_SSL_ENGINE 1 -#endif #define NGX_SSL_NAME "OpenSSL" @@ -100,6 +96,7 @@ ngx_int_t ngx_ssl_certificate(ngx_conf_t ngx_str_t *cert, ngx_str_t *key); ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert, ngx_int_t depth); +ngx_int_t ngx_ssl_crl(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *crl); ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl); ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file); ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx, @@ -131,6 +128,8 @@ ngx_int_t ngx_ssl_get_issuer_dn(ngx_conn ngx_str_t *s); ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s); +ngx_int_t ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, + ngx_str_t *s); ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);