projects
/
privoxy.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
ssl_send_certificate_error(): Respect HEAD requests by not sending a body
[privoxy.git]
/
openssl.c
diff --git
a/openssl.c
b/openssl.c
index
d27f918
..
c4783fb
100644
(file)
--- a/
openssl.c
+++ b/
openssl.c
@@
-283,7
+283,7
@@
static int ssl_store_cert(struct client_state *csp, X509* crt)
if (!bio)
{
if (!bio)
{
- log_ssl_errors(LOG_LEVEL_ERROR, "BIO_new
_mem_buf
() failed");
+ log_ssl_errors(LOG_LEVEL_ERROR, "BIO_new() failed");
return -1;
}
return -1;
}
@@
-328,7
+328,7
@@
static int ssl_store_cert(struct client_state *csp, X509* crt)
bio = BIO_new(BIO_s_mem());
if (!bio)
{
bio = BIO_new(BIO_s_mem());
if (!bio)
{
- log_ssl_errors(LOG_LEVEL_ERROR, "BIO_new
_mem_buf
() failed");
+ log_ssl_errors(LOG_LEVEL_ERROR, "BIO_new() failed");
ret = -1;
goto exit;
}
ret = -1;
goto exit;
}
@@
-656,7
+656,7
@@
static int ssl_store_cert(struct client_state *csp, X509* crt)
len = BIO_get_mem_data(bio, &bio_mem_data);
if (len <= 0)
{
len = BIO_get_mem_data(bio, &bio_mem_data);
if (len <= 0)
{
- log_error(LOG_LEVEL_ERROR, "BIO_get_mem_data() returned %d "
+ log_error(LOG_LEVEL_ERROR, "BIO_get_mem_data() returned %
l
d "
"while gathering certificate information", len);
ret = -1;
goto exit;
"while gathering certificate information", len);
ret = -1;
goto exit;
@@
-697,7
+697,7
@@
exit:
* Parameters :
* 1 : csp = Current client state (buffers, headers, etc...)
*
* Parameters :
* 1 : csp = Current client state (buffers, headers, etc...)
*
- * Returns :
1 => Error while creating hash
+ * Returns :
-
1 => Error while creating hash
* 0 => Hash created successfully
*
*********************************************************************/
* 0 => Hash created successfully
*
*********************************************************************/
@@
-869,7
+869,9
@@
extern int create_client_ssl_connection(struct client_state *csp)
goto exit;
}
goto exit;
}
- log_error(LOG_LEVEL_CONNECT, "Client successfully connected over TLS/SSL");
+ log_error(LOG_LEVEL_CONNECT, "Client successfully connected over %s (%s).",
+ SSL_get_version(ssl), SSL_get_cipher_name(ssl));
+
csp->ssl_with_client_is_opened = 1;
ret = 0;
csp->ssl_with_client_is_opened = 1;
ret = 0;
@@
-1179,7
+1181,8
@@
extern int create_server_ssl_connection(struct client_state *csp)
}
}
}
}
- log_error(LOG_LEVEL_CONNECT, "Server successfully connected over TLS/SSL");
+ log_error(LOG_LEVEL_CONNECT, "Server successfully connected over %s (%s).",
+ SSL_get_version(ssl), SSL_get_cipher_name(ssl));
/*
* Server certificate chain is valid, so we can clean
/*
* Server certificate chain is valid, so we can clean
@@
-2221,6
+2224,7
@@
extern void ssl_crt_verify_info(char *buf, size_t size, struct client_state *csp
}
}
+#ifdef FEATURE_GRACEFUL_TERMINATION
/*********************************************************************
*
* Function : ssl_release
/*********************************************************************
*
* Function : ssl_release
@@
-2236,8
+2240,12
@@
extern void ssl_release(void)
{
if (ssl_inited == 1)
{
{
if (ssl_inited == 1)
{
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL
+#ifndef LIBRESSL_VERSION_NUMBER
#ifndef OPENSSL_NO_COMP
SSL_COMP_free_compression_methods();
#ifndef OPENSSL_NO_COMP
SSL_COMP_free_compression_methods();
+#endif
+#endif
#endif
CONF_modules_free();
CONF_modules_unload(1);
#endif
CONF_modules_free();
CONF_modules_unload(1);
@@
-2251,4
+2259,4
@@
extern void ssl_release(void)
CRYPTO_cleanup_all_ex_data();
}
}
CRYPTO_cleanup_all_ex_data();
}
}
-
+#endif /* def FEATURE_GRACEFUL_TERMINATION */