Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 8272:7f0981be07c4 quic
Fixed client certificate verification.
For ngx_http_process_request() part to work, this required to set both
r->http_connection->ssl and c->ssl on a QUIC stream. To avoid damaging
global SSL object, ngx_ssl_shutdown() is managed to ignore QUIC streams.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 23 Mar 2020 20:48:34 +0300 |
parents | 253cf267f95a |
children | 7995cd199b52 |
comparison
equal
deleted
inserted
replaced
8271:8e54a17dabee | 8272:7f0981be07c4 |
---|---|
2732 ngx_int_t | 2732 ngx_int_t |
2733 ngx_ssl_shutdown(ngx_connection_t *c) | 2733 ngx_ssl_shutdown(ngx_connection_t *c) |
2734 { | 2734 { |
2735 int n, sslerr, mode; | 2735 int n, sslerr, mode; |
2736 ngx_err_t err; | 2736 ngx_err_t err; |
2737 | |
2738 if (c->qs) { | |
2739 /* QUIC streams inherit SSL object */ | |
2740 return NGX_OK; | |
2741 } | |
2737 | 2742 |
2738 if (SSL_in_init(c->ssl->connection)) { | 2743 if (SSL_in_init(c->ssl->connection)) { |
2739 /* | 2744 /* |
2740 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during | 2745 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during |
2741 * an SSL handshake, while previous versions always return 0. | 2746 * an SSL handshake, while previous versions always return 0. |