Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8324:7cca3624f9c4 quic
Added check for SSL_get_current_cipher() results.
The function may return NULL and result need to be checked before use.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Sat, 04 Apr 2020 22:25:41 +0300 |
| parents | 29354c6fc5f2 |
| children | aba84d9ab256 |
comparison
equal
deleted
inserted
replaced
| 8323:853908b5a216 | 8324:7cca3624f9c4 |
|---|---|
| 60 | 60 |
| 61 static ngx_int_t | 61 static ngx_int_t |
| 62 ngx_quic_ciphers(ngx_ssl_conn_t *ssl_conn, ngx_quic_ciphers_t *ciphers, | 62 ngx_quic_ciphers(ngx_ssl_conn_t *ssl_conn, ngx_quic_ciphers_t *ciphers, |
| 63 enum ssl_encryption_level_t level) | 63 enum ssl_encryption_level_t level) |
| 64 { | 64 { |
| 65 ngx_int_t id, len; | 65 ngx_int_t id, len; |
| 66 const SSL_CIPHER *cipher; | |
| 66 | 67 |
| 67 if (level == ssl_encryption_initial) { | 68 if (level == ssl_encryption_initial) { |
| 68 id = NGX_AES_128_GCM_SHA256; | 69 id = NGX_AES_128_GCM_SHA256; |
| 69 | 70 |
| 70 } else { | 71 } else { |
| 71 id = SSL_CIPHER_get_id(SSL_get_current_cipher(ssl_conn)) & 0xffff; | 72 cipher = SSL_get_current_cipher(ssl_conn); |
| 73 if (cipher == NULL) { | |
| 74 return NGX_ERROR; | |
| 75 } | |
| 76 | |
| 77 id = SSL_CIPHER_get_id(cipher) & 0xffff; | |
| 72 } | 78 } |
| 73 | 79 |
| 74 switch (id) { | 80 switch (id) { |
| 75 | 81 |
| 76 case NGX_AES_128_GCM_SHA256: | 82 case NGX_AES_128_GCM_SHA256: |