diff options
| author | Maxim Dounin <mdounin@mdounin.ru> | 2021-02-20 18:03:04 +0300 |
|---|---|---|
| committer | Maxim Dounin <mdounin@mdounin.ru> | 2021-02-20 18:03:04 +0300 |
| commit | ef44627852ce831407d54c09d7a100e3ca41b9a6 (patch) | |
| tree | 1bafc6fe8f9bc48342ea482991253a77bea661fa /src | |
| parent | 7ae100407c9b771e1067396baf1d013490b488f5 (diff) | |
| download | nginx-ef44627852ce831407d54c09d7a100e3ca41b9a6.tar.gz nginx-ef44627852ce831407d54c09d7a100e3ca41b9a6.zip | |
SSL: added check for debugging.
If debugging is not enabled, there is no need to do extra work in
ngx_ssl_verify_callback() and ngx_ssl_handshake_log().
Diffstat (limited to 'src')
| -rw-r--r-- | src/event/ngx_event_openssl.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 48b3192b1..d762d6b7f 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -1014,6 +1014,10 @@ ngx_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store) c = ngx_ssl_get_connection(ssl_conn); + if (!(c->log->log_level & NGX_LOG_DEBUG_EVENT)) { + return 1; + } + cert = X509_STORE_CTX_get_current_cert(x509_store); err = X509_STORE_CTX_get_error(x509_store); depth = X509_STORE_CTX_get_error_depth(x509_store); @@ -1970,6 +1974,10 @@ ngx_ssl_handshake_log(ngx_connection_t *c) #endif SSL_CIPHER *cipher; + if (!(c->log->log_level & NGX_LOG_DEBUG_EVENT)) { + return; + } + cipher = SSL_get_current_cipher(c->ssl->connection); if (cipher) { |