Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 5566:70f4d99ded41 stable-1.4
SSL: fixed $ssl_session_id variable.
Previously, it used to contain full session serialized instead of just
a session id, making it almost impossible to use the variable in a safe
way.
Thanks to Ivan Ristić.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 22 Jan 2014 16:05:06 +0400 |
parents | 35b00bcf72fe |
children | 5a38f9609d85 |
comparison
equal
deleted
inserted
replaced
5565:b8e6297358b5 | 5566:70f4d99ded41 |
---|---|
2227 | 2227 |
2228 ngx_int_t | 2228 ngx_int_t |
2229 ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) | 2229 ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) |
2230 { | 2230 { |
2231 int len; | 2231 int len; |
2232 u_char *p, *buf; | 2232 u_char *buf; |
2233 SSL_SESSION *sess; | 2233 SSL_SESSION *sess; |
2234 | 2234 |
2235 sess = SSL_get0_session(c->ssl->connection); | 2235 sess = SSL_get0_session(c->ssl->connection); |
2236 | 2236 |
2237 len = i2d_SSL_SESSION(sess, NULL); | 2237 buf = sess->session_id; |
2238 | 2238 len = sess->session_id_length; |
2239 buf = ngx_alloc(len, c->log); | |
2240 if (buf == NULL) { | |
2241 return NGX_ERROR; | |
2242 } | |
2243 | 2239 |
2244 s->len = 2 * len; | 2240 s->len = 2 * len; |
2245 s->data = ngx_pnalloc(pool, 2 * len); | 2241 s->data = ngx_pnalloc(pool, 2 * len); |
2246 if (s->data == NULL) { | 2242 if (s->data == NULL) { |
2247 ngx_free(buf); | 2243 return NGX_ERROR; |
2248 return NGX_ERROR; | 2244 } |
2249 } | |
2250 | |
2251 p = buf; | |
2252 i2d_SSL_SESSION(sess, &p); | |
2253 | 2245 |
2254 ngx_hex_dump(s->data, buf, len); | 2246 ngx_hex_dump(s->data, buf, len); |
2255 | |
2256 ngx_free(buf); | |
2257 | 2247 |
2258 return NGX_OK; | 2248 return NGX_OK; |
2259 } | 2249 } |
2260 | 2250 |
2261 | 2251 |