Mercurial > hg > nginx
comparison src/http/modules/ngx_http_quic_module.c @ 8871:74b43926b470 quic
HTTP/3: fixed segfault when using SSL certificates with variables.
A QUIC connection doesn't have c->log->data and friends initialized to sensible
values. Yet, a request can be created in the certificate callback with such an
assumption, which leads to a segmentation fault due to null pointer dereference
in ngx_http_free_request(). The fix is to adjust initializing the QUIC part of
a connection such that it has all of that in place.
Further, this appends logging error context for unsuccessful QUIC handshakes:
- cannot load certificate .. while handling frames
- SSL_do_handshake() failed .. while sending frames
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 29 Sep 2021 15:01:59 +0300 |
parents | 59d2d47ad3c6 |
children | 4b2d259bdadd |
comparison
equal
deleted
inserted
replaced
8870:a550d4fa3581 | 8871:74b43926b470 |
---|---|
196 hc = c->data; | 196 hc = c->data; |
197 | 197 |
198 hc->ssl = 1; | 198 hc->ssl = 1; |
199 | 199 |
200 if (c->quic == NULL) { | 200 if (c->quic == NULL) { |
201 c->log->connection = c->number; | |
202 | |
203 qcf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_quic_module); | 201 qcf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_quic_module); |
204 | 202 |
205 ngx_quic_run(c, qcf); | 203 ngx_quic_run(c, qcf); |
206 | 204 |
207 return NGX_DONE; | 205 return NGX_DONE; |