Mercurial > hg > nginx-quic
comparison src/http/modules/ngx_http_ssl_module.c @ 7466:48c87377aabd
SSL: fixed possible segfault with dynamic certificates.
A virtual server may have no SSL context if it does not have certificates
defined, so we have to use config of the ngx_http_ssl_module from the
SSL context in the certificate callback. To do so, it is now passed as
the argument of the callback.
The stream module doesn't really need any changes, but was modified as
well to match http code.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 25 Feb 2019 21:16:26 +0300 |
| parents | 6708bec13757 |
| children | 8981dbb12254 |
comparison
equal
deleted
inserted
replaced
| 7465:6708bec13757 | 7466:48c87377aabd |
|---|---|
| 739 | 739 |
| 740 #ifdef SSL_R_CERT_CB_ERROR | 740 #ifdef SSL_R_CERT_CB_ERROR |
| 741 | 741 |
| 742 /* install callback to lookup certificates */ | 742 /* install callback to lookup certificates */ |
| 743 | 743 |
| 744 SSL_CTX_set_cert_cb(conf->ssl.ctx, ngx_http_ssl_certificate, NULL); | 744 SSL_CTX_set_cert_cb(conf->ssl.ctx, ngx_http_ssl_certificate, conf); |
| 745 | 745 |
| 746 #else | 746 #else |
| 747 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | 747 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
| 748 "variables in " | 748 "variables in " |
| 749 "\"ssl_certificate\" and \"ssl_certificate_key\" " | 749 "\"ssl_certificate\" and \"ssl_certificate_key\" " |