diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2006-08-04 16:04:04 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2006-08-04 16:04:04 +0000 |
| commit | b71c690895870290663dd4eef453d195209269ce (patch) | |
| tree | f95ec569e2482a95ee2789e5e25991d0fbbb92e6 /src/http/ngx_http_request.c | |
| parent | 9bda615eef680b3a2ea8ceccb51a872a4bcc340e (diff) | |
| download | nginx-b71c690895870290663dd4eef453d195209269ce.tar.gz nginx-b71c690895870290663dd4eef453d195209269ce.zip | |
nginx-0.3.56-RELEASE importrelease-0.3.56
*) Feature: the "dav_access" directive.
*) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e",
"-x", and "!-x" operators.
*) Bugfix: a segmentation fault occurred if a request returned a
redirect and some sent to client header lines were logged in the
access log.
Diffstat (limited to 'src/http/ngx_http_request.c')
| -rw-r--r-- | src/http/ngx_http_request.c | 57 |
1 files changed, 29 insertions, 28 deletions
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index e645e811a..42933e8d2 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -1269,34 +1269,6 @@ ngx_http_process_request_header(ngx_http_request_t *r) return NGX_ERROR; } -#if (NGX_HTTP_SSL) - - if (r->connection->ssl) { - sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); - - if (sscf->verify) { - rc = SSL_get_verify_result(r->connection->ssl->connection); - - if (rc != X509_V_OK) { - ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, - "client SSL certificate verify error: %l ", rc); - ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); - return NGX_ERROR; - } - - if (SSL_get_peer_certificate(r->connection->ssl->connection) - == NULL) - { - ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, - "client sent no required SSL certificate"); - ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); - return NGX_ERROR; - } - } - } - -#endif - if (r->headers_in.connection) { if (r->headers_in.connection->value.len == 5 && ngx_strcasecmp(r->headers_in.connection->value.data, "close") @@ -1362,6 +1334,35 @@ ngx_http_process_request_header(ngx_http_request_t *r) } } +#if (NGX_HTTP_SSL) + + if (r->connection->ssl) { + sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); + + if (sscf->verify) { + rc = SSL_get_verify_result(r->connection->ssl->connection); + + if (rc != X509_V_OK) { + ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, + "client SSL certificate verify error: (%l:%s) ", + rc, X509_verify_cert_error_string(rc)); + ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); + return NGX_ERROR; + } + + if (SSL_get_peer_certificate(r->connection->ssl->connection) + == NULL) + { + ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, + "client sent no required SSL certificate"); + ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); + return NGX_ERROR; + } + } + } + +#endif + return NGX_OK; } |