Mercurial > hg > nginx
diff src/http/modules/ngx_http_ssl_module.c @ 669:562806624c4a release-0.3.56
nginx-0.3.56-RELEASE import
*) Feature: the "dav_access" directive.
*) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e",
"-x", and "!-x" operators.
*) Bugfix: a segmentation fault occurred if a request returned a
redirect and some sent to client header lines were logged in the
access log.
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Fri, 04 Aug 2006 16:04:04 +0000 |
parents | 63a820b0bc6c |
children | cec32b3753ac |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_ssl_module.c +++ b/src/http/modules/ngx_http_ssl_module.c @@ -17,6 +17,7 @@ typedef u_char *(*ngx_ssl_variable_handl #define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" +static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store); static ngx_int_t ngx_http_ssl_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_ssl_client_s_dn(ngx_http_request_t *r, @@ -384,7 +385,8 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t * } if (conf->verify) { - SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY, NULL); + SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY, + ngx_http_ssl_verify_callback); SSL_CTX_set_verify_depth(conf->ssl.ctx, conf->verify_depth); @@ -422,6 +424,13 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t * } +static int +ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store) +{ + return 1; +} + + #if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) static char *