Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 3457:17706823a57e
Set SSL session context for "ssl_session_cache none".
This fixes a bug when client certficate is used and nginx closes connection
with the message: "SSL_GET_PREV_SESSION:session id context uninitialized".
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Tue, 02 Mar 2010 08:41:47 +0000 |
parents | 028f0892e0cd |
children | 7f99ce2247f9 |
comparison
equal
deleted
inserted
replaced
3456:91cff7f97a50 | 3457:17706823a57e |
---|---|
1426 if (builtin_session_cache == NGX_SSL_NO_SCACHE) { | 1426 if (builtin_session_cache == NGX_SSL_NO_SCACHE) { |
1427 SSL_CTX_set_session_cache_mode(ssl->ctx, SSL_SESS_CACHE_OFF); | 1427 SSL_CTX_set_session_cache_mode(ssl->ctx, SSL_SESS_CACHE_OFF); |
1428 return NGX_OK; | 1428 return NGX_OK; |
1429 } | 1429 } |
1430 | 1430 |
1431 SSL_CTX_set_session_id_context(ssl->ctx, sess_ctx->data, sess_ctx->len); | |
1432 | |
1431 if (builtin_session_cache == NGX_SSL_NONE_SCACHE) { | 1433 if (builtin_session_cache == NGX_SSL_NONE_SCACHE) { |
1432 | 1434 |
1433 /* | 1435 /* |
1434 * If the server explicitly says that it does not support | 1436 * If the server explicitly says that it does not support |
1435 * session reuse (see SSL_SESS_CACHE_OFF above), then | 1437 * session reuse (see SSL_SESS_CACHE_OFF above), then |
1456 if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) { | 1458 if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) { |
1457 cache_mode |= SSL_SESS_CACHE_NO_INTERNAL; | 1459 cache_mode |= SSL_SESS_CACHE_NO_INTERNAL; |
1458 } | 1460 } |
1459 | 1461 |
1460 SSL_CTX_set_session_cache_mode(ssl->ctx, cache_mode); | 1462 SSL_CTX_set_session_cache_mode(ssl->ctx, cache_mode); |
1461 | |
1462 SSL_CTX_set_session_id_context(ssl->ctx, sess_ctx->data, sess_ctx->len); | |
1463 | 1463 |
1464 if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) { | 1464 if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) { |
1465 | 1465 |
1466 if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) { | 1466 if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) { |
1467 SSL_CTX_sess_set_cache_size(ssl->ctx, builtin_session_cache); | 1467 SSL_CTX_sess_set_cache_size(ssl->ctx, builtin_session_cache); |