diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2004-07-16 10:33:35 +0400 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2004-07-16 10:33:35 +0400 |
| commit | 0ad253766fb8d62f257c446410a632a596ac5783 (patch) | |
| tree | 52af0662727e4f9129a15eb18cd690b8180bd0e5 /src/event/ngx_event_openssl.c | |
| parent | 1c3567ecc81a9f07f3c3d53912114bc5bd5daffa (diff) | |
nginx-0.0.7-2004-07-16-10:33:35 import
Diffstat (limited to 'src/event/ngx_event_openssl.c')
| -rw-r--r-- | src/event/ngx_event_openssl.c | 152 |
1 files changed, 142 insertions, 10 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 2fae37112..4f523cfb4 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -1,9 +1,7 @@ + #include <ngx_config.h> #include <ngx_core.h> - - -static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, - char *fmt, ...); +#include <ngx_event.h> ngx_int_t ngx_ssl_init(ngx_log_t *log) @@ -22,12 +20,12 @@ ngx_int_t ngx_ssl_create_session(ngx_ssl_ctx_t *ssl_ctx, ngx_connection_t *c) ssl = SSL_new(ssl_ctx); if (ssl == NULL) { - ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_new() failed"); + ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_new() failed"); return NGX_ERROR; } if (SSL_set_fd(ssl, c->fd) == 0) { - ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_set_fd() failed"); + ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_set_fd() failed"); return NGX_ERROR; } @@ -59,7 +57,7 @@ ngx_int_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size) if (n == SSL_ERROR_WANT_READ) { return NGX_AGAIN; } - + #if 0 if (n == SSL_ERROR_WANT_WRITE) { return NGX_AGAIN; @@ -91,16 +89,150 @@ ngx_int_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size) return NGX_SSL_HTTP_ERROR; } - ngx_ssl_error(NGX_LOG_ALERT, c->log, n, "SSL_read() failed%s", handshake); + ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_read() failed%s", handshake); + + SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); + + return NGX_ERROR; +} + + +ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, + off_t limit) +{ + int n; + ssize_t send, size; + + send = 0; + + for (/* void */; in; in = in->next) { + if (ngx_buf_special(in->buf)) { + continue; + } + + size = in->buf->last - in->buf->pos; + + if (send + size > limit) { + size = limit - send; + } + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "SSL to write: %d", size); + + n = SSL_write(c->ssl, in->buf->pos, size); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_write: %d", n); + + if (n > 0) { + in->buf->pos += n; + send += n; + + if (n == size) { + if (send < limit) { + continue; + } + + return in; + } + + c->write->ready = 0; + return in; + } + + n = SSL_get_error(c->ssl, n); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); + + if (n == SSL_ERROR_WANT_WRITE) { + c->write->ready = 0; + return in; + } + +#if 0 + if (n == SSL_ERROR_WANT_READ) { + return NGX_AGAIN; + } +#endif + + ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_write() failed"); + + return NGX_CHAIN_ERROR; + } + + return in; +} + + +ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c) +{ + int n; + ngx_uint_t again; + +#if 0 + if (c->read->timedout || c->write->timedout) { + SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); + SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN); + } +#endif +#if 0 SSL_set_shutdown(c->ssl, SSL_RECEIVED_SHUTDOWN); +#endif + + again = 0; + + for ( ;; ) { + n = SSL_shutdown(c->ssl); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); + + if (n == 0) { + again = 1; + break; + } + + if (n == 1) { + SSL_free(c->ssl); + c->ssl = NULL; + return NGX_OK; + } + + break; + } + + if (!again) { + n = SSL_get_error(c->ssl, n); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", n); + } + + if (again || n == SSL_ERROR_WANT_READ) { + + ngx_add_timer(c->read, 10000); + + if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { + return NGX_ERROR; + } + + return NGX_AGAIN; + } + + if (n == SSL_ERROR_WANT_WRITE) { + + if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { + return NGX_ERROR; + } + + return NGX_AGAIN; + } + + ngx_ssl_error(NGX_LOG_ALERT, c->log, "SSL_shutdown() failed"); return NGX_ERROR; } -static void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, int err, - char *fmt, ...) +void ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, char *fmt, ...) { int len; char errstr[NGX_MAX_CONF_ERRSTR]; |