Mercurial > hg > nginx-quic
annotate src/os/win32/ngx_socket.c @ 7367:bf1ac3dc1e68
SSL: fixed segfault on renegotiation (ticket #1646).
In e3ba4026c02d (1.15.4) nginx own renegotiation checks were disabled
if SSL_OP_NO_RENEGOTIATION is available. But since SSL_OP_NO_RENEGOTIATION
is only set on a connection, not in an SSL context, SSL_clear_option()
removed it as long as a matching virtual server was found. This resulted
in a segmentation fault similar to the one fixed in a6902a941279 (1.9.8),
affecting nginx built with OpenSSL 1.1.0h or higher.
To fix this, SSL_OP_NO_RENEGOTIATION is now explicitly set in
ngx_http_ssl_servername() after adjusting options. Additionally, instead
of c->ssl->renegotiation we now check c->ssl->handshaked, which seems
to be a more correct flag to test, and will prevent the segmentation fault
from happening even if SSL_OP_NO_RENEGOTIATION is not working.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 02 Oct 2018 17:46:18 +0300 |
| parents | d620f497c50f |
| children | efd71d49bde0 |
| rev | line source |
|---|---|
|
441
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
100
diff
changeset
|
1 |
|
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
100
diff
changeset
|
2 /* |
|
444
42d11f017717
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
Igor Sysoev <igor@sysoev.ru>
parents:
441
diff
changeset
|
3 * Copyright (C) Igor Sysoev |
| 4412 | 4 * Copyright (C) Nginx, Inc. |
|
441
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
100
diff
changeset
|
5 */ |
|
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
100
diff
changeset
|
6 |
|
59
e8cdc2989cee
nginx-0.0.1-2003-02-06-20:21:13 import
Igor Sysoev <igor@sysoev.ru>
parents:
3
diff
changeset
|
7 |
|
3
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
8 #include <ngx_config.h> |
|
59
e8cdc2989cee
nginx-0.0.1-2003-02-06-20:21:13 import
Igor Sysoev <igor@sysoev.ru>
parents:
3
diff
changeset
|
9 #include <ngx_core.h> |
|
e8cdc2989cee
nginx-0.0.1-2003-02-06-20:21:13 import
Igor Sysoev <igor@sysoev.ru>
parents:
3
diff
changeset
|
10 |
|
2
ffffe1499bce
nginx-0.0.1-2002-08-16-19:27:03 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
11 |
| 501 | 12 int |
| 13 ngx_nonblocking(ngx_socket_t s) | |
|
2
ffffe1499bce
nginx-0.0.1-2002-08-16-19:27:03 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
14 { |
|
ffffe1499bce
nginx-0.0.1-2002-08-16-19:27:03 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
15 unsigned long nb = 1; |
|
ffffe1499bce
nginx-0.0.1-2002-08-16-19:27:03 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
16 |
|
ffffe1499bce
nginx-0.0.1-2002-08-16-19:27:03 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
17 return ioctlsocket(s, FIONBIO, &nb); |
|
ffffe1499bce
nginx-0.0.1-2002-08-16-19:27:03 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
18 } |
|
3
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
19 |
|
100
7ebc8b7fb816
nginx-0.0.1-2003-06-03-19:42:58 import
Igor Sysoev <igor@sysoev.ru>
parents:
60
diff
changeset
|
20 |
| 501 | 21 int |
| 22 ngx_blocking(ngx_socket_t s) | |
|
3
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
23 { |
|
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
24 unsigned long nb = 0; |
|
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
25 |
|
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
26 return ioctlsocket(s, FIONBIO, &nb); |
|
34a521b1a148
nginx-0.0.1-2002-08-20-18:48:28 import
Igor Sysoev <igor@sysoev.ru>
parents:
2
diff
changeset
|
27 } |
| 501 | 28 |
| 29 | |
| 30 int | |
| 31 ngx_tcp_push(ngx_socket_t s) | |
| 32 { | |
| 33 return 0; | |
| 34 } |