static void ngx_stream_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c) { ngx_stream_session_t *s; ngx_stream_ssl_conf_t *sslcf; if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { ngx_stream_close_connection(c); return; } if (ngx_ssl_handshake(c) == NGX_AGAIN) { s = c->data; sslcf = ngx_stream_get_module_srv_conf(s, ngx_stream_ssl_module); ngx_add_timer(c->read, sslcf->handshake_timeout, NGX_FUNC_LINE); c->ssl->handler = ngx_stream_ssl_handshake_handler; return; } ngx_stream_ssl_handshake_handler(c); }
static void ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c) { ngx_mail_session_t *s; ngx_mail_core_srv_conf_t *cscf; if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { ngx_mail_close_connection(c); return; } if (ngx_ssl_handshake(c) == NGX_AGAIN) { s = c->data; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); ngx_add_timer(c->read, cscf->timeout); c->ssl->handler = ngx_mail_ssl_handshake_handler; return; } ngx_mail_ssl_handshake_handler(c); }
static ngx_int_t ngx_stream_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c) { ngx_int_t rc; ngx_stream_session_t *s; ngx_stream_ssl_conf_t *sslcf; s = c->data; if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { return NGX_ERROR; } rc = ngx_ssl_handshake(c); if (rc == NGX_ERROR) { return NGX_ERROR; } if (rc == NGX_AGAIN) { sslcf = ngx_stream_get_module_srv_conf(s, ngx_stream_ssl_module); ngx_add_timer(c->read, sslcf->handshake_timeout); c->ssl->handler = ngx_stream_ssl_handshake_handler; return NGX_AGAIN; } /* rc == NGX_OK */ return NGX_OK; }
static void ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s) { ngx_int_t rc; ngx_connection_t *pc; ngx_stream_upstream_t *u; ngx_stream_proxy_srv_conf_t *pscf; u = s->upstream; pc = u->peer.connection; pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); if (ngx_ssl_create_connection(pscf->ssl, pc, NGX_SSL_BUFFER|NGX_SSL_CLIENT) != NGX_OK) { ngx_stream_proxy_finalize(s, NGX_ERROR); return; } if (pscf->ssl_server_name || pscf->ssl_verify) { if (ngx_stream_proxy_ssl_name(s) != NGX_OK) { ngx_stream_proxy_finalize(s, NGX_ERROR); return; } } if (pscf->ssl_session_reuse) { if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) { ngx_stream_proxy_finalize(s, NGX_ERROR); return; } } s->connection->log->action = "SSL handshaking to upstream"; rc = ngx_ssl_handshake(pc); if (rc == NGX_AGAIN) { if (!pc->write->timer_set) { ngx_add_timer(pc->write, pscf->connect_timeout); } pc->ssl->handler = ngx_stream_proxy_ssl_handshake; return; } ngx_stream_proxy_ssl_handshake(pc); }
static void ngx_rtmp_ssl_handshake_handler(ngx_connection_t *c) { ngx_rtmp_session_t *s; ngx_event_t *rev; ngx_int_t rc; s = c->data; if (c->ssl->handshaked) { ngx_rtmp_handshake(s); return; } if (c->read->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "SSL handshake timed out"); ngx_rtmp_finalize_session(s); return; } if (c->read->error || c->write->error || c->error) { ngx_log_error(NGX_LOG_INFO, c->log, 0, "SSL handshake failed: c%d w%d r%d", c->error, c->write->error, c->read->error); ngx_rtmp_finalize_session(s); return; } rc = ngx_ssl_handshake(c); if (rc == NGX_AGAIN) { rev = c->read; if (!rev->timer_set) { ngx_add_timer(rev, s->timeout); } c->ssl->handler = ngx_rtmp_ssl_handshake_handler; return; } if (rc == NGX_OK) { ngx_rtmp_handshake(s); return; } ngx_rtmp_finalize_session(s); return; }
static void ngx_ssl_handshake_handler(ngx_event_t *ev) { ngx_connection_t *c; c = ev->data; ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL handshake handler: %d", ev->write); if (ev->timedout) { c->ssl->handler(c); return; } if (ngx_ssl_handshake(c) == NGX_AGAIN) { return; } c->ssl->handler(c); }
void ngx_mail_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_int_t dir) { ngx_mail_session_t *s; ngx_mail_core_srv_conf_t *cscf; s = c->data; if (dir == NGX_MAIL_SECURE_DIR_IN) { if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { ngx_mail_close_connection(c); return; } } else { if (ngx_ssl_create_connection(ssl, c, NGX_SSL_BUFFER|NGX_SSL_CLIENT) == NGX_ERROR) { ngx_mail_proxy_internal_server_error(s); return; } } if (ngx_ssl_handshake(c) == NGX_AGAIN) { cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); /* expected that for upstream, one is set already */ if (dir == NGX_MAIL_SECURE_DIR_IN) ngx_add_timer(c->read, cscf->timeout); c->ssl->handler = ngx_mail_ssl_handshake_handler; return; } ngx_mail_ssl_handshake_handler(c); }