}
+ngx_int_t
+ngx_ssl_get_curve(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
+{
+#ifdef SSL_get_negotiated_group
+
+ int nid;
+
+ nid = SSL_get_negotiated_group(c->ssl->connection);
+
+ if (nid != NID_undef) {
+
+ if ((nid & TLSEXT_nid_unknown) == 0) {
+ s->len = ngx_strlen(OBJ_nid2sn(nid));
+ s->data = (u_char *) OBJ_nid2sn(nid);
+ return NGX_OK;
+ }
+
+ s->len = sizeof("0x0000") - 1;
+
+ s->data = ngx_pnalloc(pool, s->len);
+ if (s->data == NULL) {
+ return NGX_ERROR;
+ }
+
+ ngx_sprintf(s->data, "0x%04xd", nid & 0xffff);
+
+ return NGX_OK;
+ }
+
+#endif
+
+ s->len = 0;
+ return NGX_OK;
+}
+
+
ngx_int_t
ngx_ssl_get_curves(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
ngx_str_t *s);
ngx_int_t ngx_ssl_get_ciphers(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
+ngx_int_t ngx_ssl_get_curve(ngx_connection_t *c, ngx_pool_t *pool,
+ ngx_str_t *s);
ngx_int_t ngx_ssl_get_curves(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
ngx_int_t ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool,
{ ngx_string("ssl_ciphers"), NULL, ngx_http_ssl_variable,
(uintptr_t) ngx_ssl_get_ciphers, NGX_HTTP_VAR_CHANGEABLE, 0 },
+ { ngx_string("ssl_curve"), NULL, ngx_http_ssl_variable,
+ (uintptr_t) ngx_ssl_get_curve, NGX_HTTP_VAR_CHANGEABLE, 0 },
+
{ ngx_string("ssl_curves"), NULL, ngx_http_ssl_variable,
(uintptr_t) ngx_ssl_get_curves, NGX_HTTP_VAR_CHANGEABLE, 0 },
{ ngx_string("ssl_ciphers"), NULL, ngx_stream_ssl_variable,
(uintptr_t) ngx_ssl_get_ciphers, NGX_STREAM_VAR_CHANGEABLE, 0 },
+ { ngx_string("ssl_curve"), NULL, ngx_stream_ssl_variable,
+ (uintptr_t) ngx_ssl_get_curve, NGX_STREAM_VAR_CHANGEABLE, 0 },
+
{ ngx_string("ssl_curves"), NULL, ngx_stream_ssl_variable,
(uintptr_t) ngx_ssl_get_curves, NGX_STREAM_VAR_CHANGEABLE, 0 },
projects / nginx.git / commitdiff