1berry/nginx
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SSL: added check for debugging.

Browse Source 
If debugging is not enabled, there is no need to do extra work in
ngx_ssl_verify_callback() and ngx_ssl_handshake_log().
This commit is contained in:
Maxim Dounin 2021-02-20 18:03:04 +03:00
parent 7ae100407c
commit ef44627852
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/event/ngx_event_openssl.c
View File

@ -1014,6 +1014,10 @@ ngx_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store)
c = ngx_ssl_get_connection(ssl_conn); c = ngx_ssl_get_connection(ssl_conn);
if (!(c->log->log_level & NGX_LOG_DEBUG_EVENT)) {
return 1;
}
cert = X509_STORE_CTX_get_current_cert(x509_store); cert = X509_STORE_CTX_get_current_cert(x509_store);
err = X509_STORE_CTX_get_error(x509_store); err = X509_STORE_CTX_get_error(x509_store);
depth = X509_STORE_CTX_get_error_depth(x509_store); depth = X509_STORE_CTX_get_error_depth(x509_store);
@ -1970,6 +1974,10 @@ ngx_ssl_handshake_log(ngx_connection_t *c)
#endif #endif
SSL_CIPHER *cipher; SSL_CIPHER *cipher;
if (!(c->log->log_level & NGX_LOG_DEBUG_EVENT)) {
return;
}
cipher = SSL_get_current_cipher(c->ssl->connection); cipher = SSL_get_current_cipher(c->ssl->connection);
if (cipher) { if (cipher) {