diff options
| author | Maxim Dounin <mdounin@mdounin.ru> | 2016-12-05 22:23:23 +0300 |
|---|---|---|
| committer | Maxim Dounin <mdounin@mdounin.ru> | 2016-12-05 22:23:23 +0300 |
| commit | 551091951a479e2f512062c51bdcc6157a211164 (patch) | |
| tree | 67ee9ca6586953a24bf98ba6891f57b626e9e01c /src/stream/ngx_stream_ssl_module.c | |
| parent | 2daf78867bb60bee5e5ca517f20339211391635b (diff) | |
| download | nginx-551091951a479e2f512062c51bdcc6157a211164.tar.gz nginx-551091951a479e2f512062c51bdcc6157a211164.zip | |
SSL: $ssl_curves (ticket #1088).
The variable contains a list of curves as supported by the client.
Known curves are listed by their names, unknown ones are shown
in hex, e.g., "0x001d:prime256v1:secp521r1:secp384r1".
Note that OpenSSL uses session data for SSL_get1_curves(), and
it doesn't store full list of curves supported by the client when
serializing a session. As a result $ssl_curves is only available
for new sessions (and will be empty for reused ones).
The variable is only meaningful when using OpenSSL 1.0.2 and above.
With older versions the variable is empty.
Diffstat (limited to 'src/stream/ngx_stream_ssl_module.c')
| -rw-r--r-- | src/stream/ngx_stream_ssl_module.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/stream/ngx_stream_ssl_module.c b/src/stream/ngx_stream_ssl_module.c index 39ecc51f3..9191641d1 100644 --- a/src/stream/ngx_stream_ssl_module.c +++ b/src/stream/ngx_stream_ssl_module.c @@ -185,6 +185,9 @@ static ngx_stream_variable_t ngx_stream_ssl_vars[] = { { ngx_string("ssl_ciphers"), NULL, ngx_stream_ssl_variable, (uintptr_t) ngx_ssl_get_ciphers, NGX_STREAM_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_curves"), NULL, ngx_stream_ssl_variable, + (uintptr_t) ngx_ssl_get_curves, NGX_STREAM_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_session_id"), NULL, ngx_stream_ssl_variable, (uintptr_t) ngx_ssl_get_session_id, NGX_STREAM_VAR_CHANGEABLE, 0 }, |