Mercurial > hg > nginx
view src/os/unix/ngx_send.c @ 7653:8409f9df6219
SSL: client certificate validation with OCSP (ticket #1534).
OCSP validation for client certificates is enabled by the "ssl_ocsp" directive.
OCSP responder can be optionally specified by "ssl_ocsp_responder".
When session is reused, peer chain is not available for validation.
If the verified chain contains certificates from the peer chain not available
at the server, validation will fail.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Fri, 22 May 2020 17:30:12 +0300 |
| parents | f01ab2dbcfdc |
| children |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> ssize_t ngx_unix_send(ngx_connection_t *c, u_char *buf, size_t size) { ssize_t n; ngx_err_t err; ngx_event_t *wev; wev = c->write; #if (NGX_HAVE_KQUEUE) if ((ngx_event_flags & NGX_USE_KQUEUE_EVENT) && wev->pending_eof) { (void) ngx_connection_error(c, wev->kq_errno, "kevent() reported about an closed connection"); wev->error = 1; return NGX_ERROR; } #endif for ( ;; ) { n = send(c->fd, buf, size, 0); ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, "send: fd:%d %z of %uz", c->fd, n, size); if (n > 0) { if (n < (ssize_t) size) { wev->ready = 0; } c->sent += n; return n; } err = ngx_socket_errno; if (n == 0) { ngx_log_error(NGX_LOG_ALERT, c->log, err, "send() returned zero"); wev->ready = 0; return n; } if (err == NGX_EAGAIN || err == NGX_EINTR) { wev->ready = 0; ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, err, "send() not ready"); if (err == NGX_EAGAIN) { return NGX_AGAIN; } } else { wev->error = 1; (void) ngx_connection_error(c, err, "send() failed"); return NGX_ERROR; } } }