git.kaiwu.me - nginx.git/commit

]> git.kaiwu.me - nginx.git/commit

projects / nginx.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 0e6c7b0) | patch

author	Maxim Dounin <mdounin@mdounin.ru>
	Tue, 13 Nov 2012 10:42:16 +0000 (10:42 +0000)
committer	Maxim Dounin <mdounin@mdounin.ru>
	Tue, 13 Nov 2012 10:42:16 +0000 (10:42 +0000)
commit	71b6604e4465b6aac478f04c3608a6be5c6500e6
tree	69d9583a55a99dabd167e17cae48df4baa9cc42c	tree \| snapshot
parent	0e6c7b0614eafd628c2abe93e5418599a025b552	commit \| diff

Merge of r4885: ssl_verify_client optional_no_ca.

SSL: the "ssl_verify_client" directive parameter "optional_no_ca".

This parameter allows to don't require certificate to be signed by
a trusted CA, e.g. if CA certificate isn't known in advance, like in
WebID protocol.

Note that it doesn't add any security unless the certificate is actually
checked to be trusted by some external means (e.g. by a backend).

Patch by Mike Kazantsev, Eric O'Connor.

src/event/ngx_event_openssl.h		diff \| blob \| history
src/http/modules/ngx_http_ssl_module.c		diff \| blob \| history
src/http/ngx_http_request.c		diff \| blob \| history

nginx upstream