diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2005-09-06 20:09:32 +0400 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2005-09-06 20:09:32 +0400 |
| commit | ceb992921cee6f76d1752af2d388ee6a1d71e078 (patch) | |
| tree | 2b4916a12d02210134939b7fb388a270e76002fa /src/event | |
| parent | 5650106a09de8e8d876ed38fbff57b2161d910c4 (diff) | |
nginx-0.1.44-RELEASE importrelease-0.1.44
*) Feature: the IMAP/POP3 proxy supports SSL.
*) Feature: the "proxy_timeout" directive of the ngx_imap_proxy_module.
*) Feature: the "userid_mark" directive.
*) Feature: the $remote_user variable value is determined independently
of authorization use.
Diffstat (limited to 'src/event')
| -rw-r--r-- | src/event/ngx_event_accept.c | 1 | ||||
| -rw-r--r-- | src/event/ngx_event_acceptex.c | 1 | ||||
| -rw-r--r-- | src/event/ngx_event_connect.c | 4 | ||||
| -rw-r--r-- | src/event/ngx_event_openssl.c | 67 | ||||
| -rw-r--r-- | src/event/ngx_event_openssl.h | 1 |
5 files changed, 58 insertions, 16 deletions
diff --git a/src/event/ngx_event_accept.c b/src/event/ngx_event_accept.c index 0c21e72ed..6d9f66ead 100644 --- a/src/event/ngx_event_accept.c +++ b/src/event/ngx_event_accept.c @@ -256,6 +256,7 @@ ngx_event_accept(ngx_event_t *ev) c->servers = ls->servers; c->recv = ngx_recv; + c->send = ngx_send; c->send_chain = ngx_send_chain; c->log = log; diff --git a/src/event/ngx_event_acceptex.c b/src/event/ngx_event_acceptex.c index 50cd21df3..bc2443dfd 100644 --- a/src/event/ngx_event_acceptex.c +++ b/src/event/ngx_event_acceptex.c @@ -151,6 +151,7 @@ int ngx_event_post_acceptex(ngx_listening_t *ls, int n) c->servers = ls->servers; c->recv = ngx_recv; + c->send = ngx_send; c->send_chain = ngx_send_chain; c->pool = ngx_create_pool(ls->pool_size, ls->log); diff --git a/src/event/ngx_event_connect.c b/src/event/ngx_event_connect.c index e07a33d43..7cab38cb7 100644 --- a/src/event/ngx_event_connect.c +++ b/src/event/ngx_event_connect.c @@ -229,6 +229,10 @@ ngx_event_connect_peer(ngx_peer_connection_t *pc) c->write = wev; wev->write = 1; + c->recv = ngx_recv; + c->send = ngx_send; + c->send_chain = ngx_send_chain; + c->log = pc->log; rev->log = pc->log; wev->log = pc->log; diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 1c0f1485d..4c7deb336 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -13,7 +13,6 @@ static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n); static void ngx_ssl_write_handler(ngx_event_t *wev); -static ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size); static void ngx_ssl_read_handler(ngx_event_t *rev); @@ -209,8 +208,10 @@ ngx_ssl_handle_recv(ngx_connection_t *c, int n) } if (sslerr == SSL_ERROR_WANT_WRITE) { - ngx_log_error(NGX_LOG_ALERT, c->log, err, - "SSL wants to write%s", handshake); + + ngx_log_error(NGX_LOG_INFO, c->log, err, + "client does SSL %shandshake", + SSL_is_init_finished(c->ssl->ssl) ? "re" : ""); c->write->ready = 0; @@ -391,12 +392,11 @@ ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit) } -static ssize_t +ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size) { - int n, sslerr; - ngx_err_t err; - char *handshake; + int n, sslerr; + ngx_err_t err; ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL to write: %d", size); @@ -405,6 +405,47 @@ ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size) ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_write: %d", n); if (n > 0) { + +#if (NGX_DEBUG) + + if (!c->ssl->handshaked && SSL_is_init_finished(c->ssl->ssl)) { + char buf[129], *s, *d; + SSL_CIPHER *cipher; + + c->ssl->handshaked = 1; + + cipher = SSL_get_current_cipher(c->ssl->ssl); + + if (cipher) { + SSL_CIPHER_description(cipher, &buf[1], 128); + + for (s = &buf[1], d = buf; *s; s++) { + if (*s == ' ' && *d == ' ') { + continue; + } + + if (*s == LF || *s == CR) { + continue; + } + + *++d = *s; + } + + if (*d != ' ') { + d++; + } + + *d = '\0'; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "SSL cipher: \"%s\"", &buf[1]); + } else { + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "SSL no shared ciphers"); + } + } +#endif + if (c->ssl->saved_read_handler) { c->read->handler = c->ssl->saved_read_handler; @@ -440,15 +481,9 @@ ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size) if (sslerr == SSL_ERROR_WANT_READ) { - if (!SSL_is_init_finished(c->ssl->ssl)) { - handshake = " in SSL handshake"; - - } else { - handshake = ""; - } - - ngx_log_error(NGX_LOG_ALERT, c->log, err, - "SSL wants to read%s", handshake); + ngx_log_error(NGX_LOG_INFO, c->log, err, + "client does SSL %shandshake", + SSL_is_init_finished(c->ssl->ssl) ? "re" : ""); c->read->ready = 0; diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h index 8797fcd0f..7fc6bc092 100644 --- a/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h @@ -49,6 +49,7 @@ ngx_int_t ngx_ssl_create_session(ngx_ssl_ctx_t *ctx, ngx_connection_t *c, #define ngx_ssl_handshake(c) NGX_OK ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size); +ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size); ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit); ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c); |