diff options
author | nginx <nginx@nginx.org> | 2012-10-30 14:08:26 +0000 |
---|---|---|
committer | Jon Kolb <jon@b0g.us> | 2012-10-30 14:08:26 +0000 |
commit | 31b9b10de5546f4ecb9dd3791c2a32dc97a34651 (patch) | |
tree | d723bf761713812cac9b52fac9cb7bd280c05212 /src/http/ngx_http_request.c | |
parent | ab4bd1d23e43e937e2b9f08ae34904f9d0d7c60b (diff) | |
download | nginx-31b9b10de5546f4ecb9dd3791c2a32dc97a34651.tar.gz |
Changes with nginx 1.3.8 30 Oct 2012v1.3.8
*) Feature: the "optional_no_ca" parameter of the "ssl_verify_client"
directive.
Thanks to Mike Kazantsev and Eric O'Connor.
*) Feature: the $bytes_sent, $connection, and $connection_requests
variables can now be used not only in the "log_format" directive.
Thanks to Benjamin Grössing.
*) Feature: the "auto" parameter of the "worker_processes" directive.
*) Bugfix: "cache file ... has md5 collision" alert.
*) Bugfix: in the ngx_http_gunzip_filter_module.
*) Bugfix: in the "ssl_stapling" directive.
Diffstat (limited to 'src/http/ngx_http_request.c')
-rw-r--r-- | src/http/ngx_http_request.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index cb970c5c2..ef010ff57 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -1642,7 +1642,9 @@ ngx_http_process_request(ngx_http_request_t *r) if (sscf->verify) { rc = SSL_get_verify_result(c->ssl->connection); - if (rc != X509_V_OK) { + if (rc != X509_V_OK + && (sscf->verify != 3 || !ngx_ssl_verify_error_optional(rc))) + { ngx_log_error(NGX_LOG_INFO, c->log, 0, "client SSL certificate verify error: (%l:%s)", rc, X509_verify_cert_error_string(rc)); @@ -2751,6 +2753,20 @@ ngx_http_keepalive_handler(ngx_event_t *rev) ngx_http_close_connection(c); } + /* + * Like ngx_http_set_keepalive() we are trying to not hold + * c->buffer's memory for a keepalive connection. + */ + + if (ngx_pfree(c->pool, b->start) == NGX_OK) { + + /* + * the special note that c->buffer's memory was freed + */ + + b->pos = NULL; + } + return; } |