Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 7193:9d14931cec8c
SSL: using default server context in session remove (closes #1464).
This fixes segfault in configurations with multiple virtual servers sharing
the same port, where a non-default virtual server block misses certificate.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 30 Jan 2018 17:46:31 +0300 |
parents | 9c29644f6d03 |
children | 33edea74bd58 |
comparison
equal
deleted
inserted
replaced
7192:d5a535774861 | 7193:9d14931cec8c |
---|---|
1900 { | 1900 { |
1901 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1901 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1902 "client SSL certificate verify error: (%l:%s)", | 1902 "client SSL certificate verify error: (%l:%s)", |
1903 rc, X509_verify_cert_error_string(rc)); | 1903 rc, X509_verify_cert_error_string(rc)); |
1904 | 1904 |
1905 ngx_ssl_remove_cached_session(sscf->ssl.ctx, | 1905 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
1906 (SSL_get0_session(c->ssl->connection))); | 1906 (SSL_get0_session(c->ssl->connection))); |
1907 | 1907 |
1908 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); | 1908 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); |
1909 return; | 1909 return; |
1910 } | 1910 } |
1914 | 1914 |
1915 if (cert == NULL) { | 1915 if (cert == NULL) { |
1916 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1916 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1917 "client sent no required SSL certificate"); | 1917 "client sent no required SSL certificate"); |
1918 | 1918 |
1919 ngx_ssl_remove_cached_session(sscf->ssl.ctx, | 1919 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
1920 (SSL_get0_session(c->ssl->connection))); | 1920 (SSL_get0_session(c->ssl->connection))); |
1921 | 1921 |
1922 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); | 1922 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); |
1923 return; | 1923 return; |
1924 } | 1924 } |