[nginx] svn commit: r4878 - trunk/src/event

mdounin at mdounin.ru mdounin at mdounin.ru
Mon Oct 1 12:50:36 UTC 2012


Author: mdounin
Date: 2012-10-01 12:50:36 +0000 (Mon, 01 Oct 2012)
New Revision: 4878
URL: http://trac.nginx.org/nginx/changeset/4878/nginx

Log:
OCSP stapling: log error data in ngx_ssl_error().

It's hard to debug OCSP_basic_verify() failures without the actual error
string it records in the error data field.


Modified:
   trunk/src/event/ngx_event_openssl.c

Modified: trunk/src/event/ngx_event_openssl.c
===================================================================
--- trunk/src/event/ngx_event_openssl.c	2012-10-01 12:48:54 UTC (rev 4877)
+++ trunk/src/event/ngx_event_openssl.c	2012-10-01 12:50:36 UTC (rev 4878)
@@ -1590,10 +1590,12 @@
 void ngx_cdecl
 ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err, char *fmt, ...)
 {
-    u_long    n;
-    va_list   args;
-    u_char   *p, *last;
-    u_char    errstr[NGX_MAX_CONF_ERRSTR];
+    int          flags;
+    u_long       n;
+    va_list      args;
+    u_char      *p, *last;
+    u_char       errstr[NGX_MAX_CONF_ERRSTR];
+    const char  *data;
 
     last = errstr + NGX_MAX_CONF_ERRSTR;
 
@@ -1605,14 +1607,14 @@
 
     for ( ;; ) {
 
-        n = ERR_get_error();
+        n = ERR_peek_error_line_data(NULL, NULL, &data, &flags);
 
         if (n == 0) {
             break;
         }
 
         if (p >= last) {
-            continue;
+            goto next;
         }
 
         *p++ = ' ';
@@ -1622,6 +1624,15 @@
         while (p < last && *p) {
             p++;
         }
+
+        if (p < last && *data && (flags & ERR_TXT_STRING)) {
+            *p++ = ':';
+            p = ngx_cpystrn(p, (u_char *) data, last - p);
+        }
+
+    next:
+
+        (void) ERR_get_error();
     }
 
     ngx_log_error(level, log, err, "%s)", errstr);



More information about the nginx-devel mailing list