Mercurial > hg > nginx-vendor-1-0

diff src/http/ngx_http_request.c @ 642:1b80544421e8 NGINX_1_0_11

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 1.0.11 *) Change: now double quotes are encoded in an "echo" SSI-command output. Thanks to Zaur Abasmirzoev. *) Feature: the "image_filter_sharpen" directive. *) Bugfix: a segmentation fault might occur in a worker process if SNI was used; the bug had appeared in 1.0.9. *) Bugfix: SIGWINCH signal did not work after first binary upgrade; the bug had appeared in 1.0.9. *) Bugfix: the "If-Modified-Since", "If-Range", etc. client request header lines might be passed to backend while caching; or not passed without caching if caching was enabled in another part of the configuration. *) Bugfix: in the "scgi_param" directive, if complex parameters were used. *) Bugfix: "add_header" and "expires" directives did not work if a request was proxied and response status code was 206. *) Bugfix: in the "expires @time" directive. *) Bugfix: in the ngx_http_flv_module. Thanks to Piotr Sikora. *) Bugfix: in the ngx_http_mp4_module. *) Bugfix: nginx could not be built on FreeBSD 10. *) Bugfix: nginx could not be built on AIX.
author Igor Sysoev <http://sysoev.ru>
date Thu, 15 Dec 2011 00:00:00 +0400
parents 692f4d4d7f10
children ad25218fd14b
line wrap: on
line diff
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -671,25 +671,27 @@ ngx_http_ssl_servername(ngx_ssl_conn_t *
 
     sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
 
-    SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
-
-    /*
-     * SSL_set_SSL_CTX() only changes certs as of 1.0.0d
-     * adjust other things we care about
-     */
-
-    SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
-                   SSL_CTX_get_verify_callback(sscf->ssl.ctx));
-
-    SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
+    if (sscf->ssl.ctx) {
+        SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
+
+        /*
+         * SSL_set_SSL_CTX() only changes certs as of 1.0.0d
+         * adjust other things we care about
+         */
+
+        SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
+                       SSL_CTX_get_verify_callback(sscf->ssl.ctx));
+
+        SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
 
 #ifdef SSL_CTRL_CLEAR_OPTIONS
-    /* only in 0.9.8m+ */
-    SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
-                                ~SSL_CTX_get_options(sscf->ssl.ctx));
+        /* only in 0.9.8m+ */
+        SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
+                                    ~SSL_CTX_get_options(sscf->ssl.ctx));
 #endif
 
-    SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
+        SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
+    }
 
     return SSL_TLSEXT_ERR_OK;
 }