Mercurial > hg > nginx
annotate src/http/modules/ngx_http_ssl_filter.c @ 392:d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Wed, 14 Jul 2004 20:07:58 +0000 |
parents | b670db10cbbd |
children | 5659d773cfa8 |
rev | line source |
---|---|
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
1 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
2 #include <ngx_config.h> |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
3 #include <ngx_core.h> |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
4 #include <ngx_http.h> |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
5 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
6 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
7 #define NGX_DEFLAUT_CERTIFICATE "cert.pem" |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
8 #define NGX_DEFLAUT_CERTIFICATE_KEY "cert.pem" |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
9 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
10 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
11 typedef struct { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
12 ngx_flag_t enable; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
13 ngx_str_t certificate; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
14 ngx_str_t certificate_key; |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
15 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
16 SSL_CTX *ssl_ctx; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
17 } ngx_http_ssl_srv_conf_t; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
18 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
19 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
20 typedef struct { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
21 SSL *ssl; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
22 } ngx_http_ssl_ctx_t; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
23 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
24 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
25 static ngx_int_t ngx_http_ssl_create_ssl(ngx_http_request_t *r); |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
26 static void ngx_http_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
27 char *fmt, ...); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
28 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
29 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
30 void *parent, void *child); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
31 static ngx_int_t ngx_http_ssl_filter_init(ngx_cycle_t *cycle); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
32 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
33 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
34 static ngx_command_t ngx_http_charset_filter_commands[] = { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
35 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
36 { ngx_string("ssl_"), |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
37 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
38 ngx_conf_set_flag_slot, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
39 NGX_HTTP_SRV_CONF_OFFSET, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
40 offsetof(ngx_http_ssl_srv_conf_t, enable), |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
41 NULL }, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
42 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
43 { ngx_string("ssl_certificate"), |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
44 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
45 ngx_conf_set_str_slot, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
46 NGX_HTTP_SRV_CONF_OFFSET, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
47 offsetof(ngx_http_ssl_srv_conf_t, certificate), |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
48 NULL }, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
49 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
50 { ngx_string("ssl_certificate_key"), |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
51 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
52 ngx_conf_set_str_slot, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
53 NGX_HTTP_SRV_CONF_OFFSET, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
54 offsetof(ngx_http_ssl_srv_conf_t, certificate_key), |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
55 NULL }, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
56 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
57 ngx_null_command |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
58 }; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
59 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
60 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
61 static ngx_http_module_t ngx_http_ssl_filter_module_ctx = { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
62 NULL, /* pre conf */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
63 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
64 NULL, /* create main configuration */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
65 NULL, /* init main configuration */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
66 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
67 ngx_http_ssl_create_srv_conf, /* create server configuration */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
68 ngx_http_ssl_merge_srv_conf, /* merge server configuration */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
69 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
70 NULL, /* create location configuration */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
71 NULL, /* merge location configuration */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
72 }; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
73 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
74 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
75 ngx_module_t ngx_http_ssl_filter_module = { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
76 NGX_MODULE, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
77 &ngx_http_ssl_filter_module_ctx, /* module context */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
78 NULL, /* module directives */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
79 NGX_HTTP_MODULE, /* module type */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
80 ngx_http_ssl_filter_init, /* init module */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
81 NULL /* init process */ |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
82 }; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
83 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
84 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
85 ngx_int_t ngx_http_ssl_read(ngx_http_request_t *r, u_char *buf, size_t size) |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
86 { |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
87 int n; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
88 SSL *ssl; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
89 ngx_http_ssl_ctx_t *ctx; |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
90 ngx_http_log_ctx_t *log_ctx; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
91 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
92 if (r->connection->ssl == NULL) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
93 if (ngx_http_ssl_create_ssl(r) == NGX_ERROR) { |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
94 return NGX_HTTP_INTERNAL_SERVER_ERROR; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
95 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
96 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
97 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
98 ssl = r->connection->ssl; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
99 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
100 n = SSL_read(ssl, buf, size); |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
101 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
102 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
103 "SSL_read: %d", n); |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
104 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
105 if (n > 0) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
106 return n; |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
107 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
108 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
109 n = SSL_get_error(ssl, n); |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
110 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
111 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
112 "SSL_get_error: %d", n); |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
113 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
114 if (n == SSL_ERROR_WANT_READ) { |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
115 return NGX_AGAIN; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
116 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
117 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
118 #if 0 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
119 if (n == SSL_ERROR_WANT_WRITE) { |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
120 return NGX_AGAIN; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
121 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
122 #endif |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
123 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
124 if (!SSL_is_init_finished(ssl)) { |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
125 log_ctx = (ngx_http_log_ctx_t *) r->connection->log->data; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
126 log_ctx->action = "SSL handshake"; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
127 } |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
128 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
129 if (n == SSL_ERROR_ZERO_RETURN) { |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
130 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
131 "client closed connection"); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
132 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
133 SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN); |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
134 |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
135 return NGX_SSL_ERROR; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
136 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
137 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
138 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_HTTP_REQUEST) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
139 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
140 "client sent plain HTTP request to HTTPS port"); |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
141 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
142 SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
143 |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
144 return NGX_SSL_HTTP_ERROR; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
145 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
146 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
147 ngx_http_ssl_error(NGX_LOG_ALERT, r->connection->log, n, |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
148 "SSL_read() failed"); |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
149 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
150 SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN); |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
151 |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
152 return NGX_SSL_ERROR; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
153 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
154 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
155 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
156 ngx_chain_t *ngx_http_ssl_write(ngx_connection_t *c, ngx_chain_t *in, |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
157 off_t limit) |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
158 { |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
159 int n; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
160 ssize_t send, size; |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
161 |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
162 send = 0; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
163 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
164 for (/* void */; in; in = in->next) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
165 if (ngx_buf_special(in->buf)) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
166 continue; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
167 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
168 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
169 size = in->buf->last - in->buf->pos; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
170 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
171 if (send + size > limit) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
172 size = limit - send; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
173 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
174 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
175 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "SSL to write: %d", size); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
176 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
177 n = SSL_write(c->ssl, in->buf->pos, size); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
178 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
179 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "SSL_write: %d", n); |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
180 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
181 if (n > 0) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
182 in->buf->pos += n; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
183 send += n; |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
184 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
185 if (n == size) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
186 if (send < limit) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
187 continue; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
188 } |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
189 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
190 return in; |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
191 } |
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
192 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
193 c->write->ready = 0; |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
194 return in; |
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
195 } |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
196 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
197 n = SSL_get_error(c->ssl, n); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
198 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
199 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "SSL_get_error: %d", n); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
200 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
201 if (n == SSL_ERROR_WANT_WRITE) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
202 c->write->ready = 0; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
203 return in; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
204 } |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
205 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
206 ngx_http_ssl_error(NGX_LOG_ALERT, c->log, n, "SSL_write() failed"); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
207 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
208 return NGX_CHAIN_ERROR; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
209 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
210 |
391
b670db10cbbd
nginx-0.0.7-2004-07-14-20:01:42 import
Igor Sysoev <igor@sysoev.ru>
parents:
386
diff
changeset
|
211 return in; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
212 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
213 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
214 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
215 ngx_int_t ngx_http_ssl_shutdown(ngx_http_request_t *r) |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
216 { |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
217 int n; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
218 SSL *ssl; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
219 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
220 ssl = r->connection->ssl; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
221 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
222 n = SSL_shutdown(ssl); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
223 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
224 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
225 "SSL_shutdown: %d", n); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
226 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
227 if (n == 0) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
228 return NGX_AGAIN; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
229 } |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
230 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
231 if (n == 1) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
232 SSL_free(ssl); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
233 r->connection->ssl = NULL; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
234 return NGX_OK; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
235 } |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
236 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
237 n = SSL_get_error(ssl, n); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
238 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
239 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
240 "SSL_get_error: %d", n); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
241 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
242 if (n == SSL_ERROR_WANT_WRITE) { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
243 return NGX_AGAIN; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
244 } |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
245 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
246 ngx_http_ssl_error(NGX_LOG_ALERT, r->connection->log, n, |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
247 "SSL_shutdown() failed"); |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
248 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
249 return NGX_ERROR; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
250 } |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
251 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
252 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
253 static ngx_int_t ngx_http_ssl_create_ssl(ngx_http_request_t *r) |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
254 { |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
255 SSL *ssl; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
256 ngx_http_ssl_srv_conf_t *scf; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
257 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
258 scf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_filter_module); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
259 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
260 ssl = SSL_new(scf->ssl_ctx); |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
261 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
262 if (ssl == NULL) { |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
263 ngx_http_ssl_error(NGX_LOG_ALERT, r->connection->log, 0, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
264 "SSL_new() failed"); |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
265 return NGX_ERROR; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
266 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
267 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
268 if (SSL_set_fd(ssl, r->connection->fd) == 0) { |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
269 ngx_http_ssl_error(NGX_LOG_ALERT, r->connection->log, 0, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
270 "SSL_set_fd() failed"); |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
271 return NGX_ERROR; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
272 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
273 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
274 SSL_set_accept_state(ssl); |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
275 |
392
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
276 r->connection->ssl = ssl; |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
277 |
d1222d46b3f9
nginx-0.0.7-2004-07-15-00:07:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
391
diff
changeset
|
278 return NGX_OK; |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
279 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
280 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
281 |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
282 void ngx_http_ssl_close_connection(SSL *ssl, ngx_log_t *log) |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
283 { |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
284 int rc; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
285 |
384
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
286 SSL_free(ssl); |
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
287 } |
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
288 |
e7054aaedf68
nginx-0.0.7-2004-07-09-11:12:14 import
Igor Sysoev <igor@sysoev.ru>
parents:
383
diff
changeset
|
289 |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
290 static void ngx_http_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
291 char *fmt, ...) |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
292 { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
293 int len; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
294 char errstr[NGX_MAX_CONF_ERRSTR]; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
295 va_list args; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
296 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
297 va_start(args, fmt); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
298 len = ngx_vsnprintf(errstr, sizeof(errstr) - 1, fmt, args); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
299 va_end(args); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
300 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
301 errstr[len++] = ' '; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
302 errstr[len++] = '('; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
303 errstr[len++] = 'S'; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
304 errstr[len++] = 'S'; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
305 errstr[len++] = 'L'; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
306 errstr[len++] = ':'; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
307 errstr[len++] = ' '; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
308 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
309 ERR_error_string_n(ERR_get_error(), errstr + len, sizeof(errstr) - len - 1); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
310 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
311 ngx_log_error(level, log, 0, "%s)", errstr); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
312 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
313 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
314 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
315 static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
316 { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
317 ngx_http_ssl_srv_conf_t *scf; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
318 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
319 if (!(scf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_srv_conf_t)))) { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
320 return NGX_CONF_ERROR; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
321 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
322 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
323 scf->enable = NGX_CONF_UNSET; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
324 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
325 return scf; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
326 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
327 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
328 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
329 static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
330 void *parent, void *child) |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
331 { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
332 ngx_http_ssl_srv_conf_t *prev = parent; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
333 ngx_http_ssl_srv_conf_t *conf = child; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
334 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
335 ngx_conf_merge_value(conf->enable, prev->enable, 0); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
336 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
337 ngx_conf_merge_str_value(conf->certificate, prev->certificate, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
338 NGX_DEFLAUT_CERTIFICATE); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
339 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
340 ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
341 NGX_DEFLAUT_CERTIFICATE_KEY); |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
342 |
386
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
343 /* STUB: where to move ??? */ |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
344 SSL_library_init(); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
345 SSL_load_error_strings(); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
346 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
347 /* TODO: inherit ssl_ctx */ |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
348 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
349 /* TODO: configure methods */ |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
350 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
351 conf->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
352 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
353 if (conf->ssl_ctx == NULL) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
354 ngx_http_ssl_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_new() failed"); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
355 return NGX_CONF_ERROR; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
356 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
357 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
358 if (SSL_CTX_use_certificate_file(conf->ssl_ctx, conf->certificate.data, |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
359 SSL_FILETYPE_PEM) == 0) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
360 ngx_http_ssl_error(NGX_LOG_EMERG, cf->log, 0, |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
361 "SSL_CTX_use_certificate_file() failed"); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
362 return NGX_CONF_ERROR; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
363 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
364 |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
365 if (SSL_CTX_use_PrivateKey_file(conf->ssl_ctx, conf->certificate_key.data, |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
366 SSL_FILETYPE_PEM) == 0) { |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
367 ngx_http_ssl_error(NGX_LOG_EMERG, cf->log, 0, |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
368 "SSL_CTX_use_PrivateKey_file() failed"); |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
369 return NGX_CONF_ERROR; |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
370 } |
fa72605e7089
nginx-0.0.7-2004-07-12-01:03:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
385
diff
changeset
|
371 |
383
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
372 return NGX_CONF_OK; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
373 } |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
374 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
375 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
376 static ngx_int_t ngx_http_ssl_filter_init(ngx_cycle_t *cycle) |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
377 { |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
378 #if 0 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
379 ngx_http_next_header_filter = ngx_http_top_header_filter; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
380 ngx_http_top_header_filter = ngx_http_ssl_header_filter; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
381 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
382 ngx_http_next_body_filter = ngx_http_top_body_filter; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
383 ngx_http_top_body_filter = ngx_http_ssl_body_filter; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
384 #endif |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
385 |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
386 return NGX_OK; |
c05876036128
nginx-0.0.7-2004-07-08-19:17:47 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
387 } |