Mercurial > hg > nginx

diff src/event/ngx_event_openssl.c @ 2994:f33c48457d0c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
*) $ssl_client_verify *) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
author Igor Sysoev <igor@sysoev.ru>
date Wed, 22 Jul 2009 17:41:42 +0000
parents c7d57b539248
children cc07d164f0dc
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2108,6 +2108,35 @@ ngx_ssl_get_serial_number(ngx_connection
 }
 
 
+ngx_int_t
+ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
+{
+    X509  *cert;
+
+    if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) {
+        s->len = sizeof("FAILED") - 1;
+        s->data = (u_char *) "FAILED";
+
+        return NGX_OK;
+    }
+
+    cert = SSL_get_peer_certificate(c->ssl->connection);
+
+    if (cert) {
+        s->len = sizeof("SUCCESS") - 1;
+        s->data = (u_char *) "SUCCESS";
+
+    } else {
+        s->len = sizeof("NONE") - 1;
+        s->data = (u_char *) "NONE";
+    }
+
+    X509_free(cert);
+
+    return NGX_OK;
+}
+
+
 static void *
 ngx_openssl_create_conf(ngx_cycle_t *cycle)
 {