nginx

mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00

Go to file

Maxim Dounin a976e6b9ef SSL: switched to detect log level based on the last error.

In some cases there might be multiple errors in the OpenSSL error queue,
notably when a libcrypto call fails, and then the SSL layer generates
an error itself.  For example, the following errors were observed
with OpenSSL 3.0.8 with TLSv1.3 enabled:

SSL_do_handshake() failed (SSL: error:02800066:Diffie-Hellman routines::invalid public key error:0A000132:SSL routines::bad ecpoint)
SSL_do_handshake() failed (SSL: error:08000066:elliptic curve routines::invalid encoding error:0A000132:SSL routines::bad ecpoint)
SSL_do_handshake() failed (SSL: error:0800006B:elliptic curve routines::point is not on curve error:0A000132:SSL routines::bad ecpoint)

In such cases it seems to be better to determine logging level based on
the last error in the error queue (the one added by the SSL layer,
SSL_R_BAD_ECPOINT in all of the above example example errors).  To do so,
the ngx_ssl_connection_error() function was changed to use
ERR_peek_last_error().

2023-03-08 22:21:53 +03:00

auto

Win32: OpenSSL compilation for x64 targets with MSVC.

2023-02-23 18:16:08 +03:00

conf

MIME: added image/avif type.

2021-10-25 20:49:15 +03:00

contrib

Contrib: vim syntax, update core and 3rd party module directives.

2022-06-18 15:54:40 +03:00

docs

nginx-1.23.3-RELEASE

2022-12-13 18:53:53 +03:00

misc

Updated OpenSSL and zlib used for win32 builds.

2022-12-13 03:32:57 +03:00

src

SSL: switched to detect log level based on the last error.

2023-03-08 22:21:53 +03:00

.hgtags

release-1.23.3 tag

2022-12-13 18:53:53 +03:00

Description

An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html

78 MiB