Mercurial > hg > nginx-quic
comparison src/http/ngx_http_request.c @ 7193:9d14931cec8c
SSL: using default server context in session remove (closes #1464).
This fixes segfault in configurations with multiple virtual servers sharing
the same port, where a non-default virtual server block misses certificate.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 30 Jan 2018 17:46:31 +0300 |
| parents | 9c29644f6d03 |
| children | 33edea74bd58 |
comparison
equal
deleted
inserted
replaced
| 7192:d5a535774861 | 7193:9d14931cec8c |
|---|---|
| 1900 { | 1900 { |
| 1901 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1901 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 1902 "client SSL certificate verify error: (%l:%s)", | 1902 "client SSL certificate verify error: (%l:%s)", |
| 1903 rc, X509_verify_cert_error_string(rc)); | 1903 rc, X509_verify_cert_error_string(rc)); |
| 1904 | 1904 |
| 1905 ngx_ssl_remove_cached_session(sscf->ssl.ctx, | 1905 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
| 1906 (SSL_get0_session(c->ssl->connection))); | 1906 (SSL_get0_session(c->ssl->connection))); |
| 1907 | 1907 |
| 1908 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); | 1908 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); |
| 1909 return; | 1909 return; |
| 1910 } | 1910 } |
| 1914 | 1914 |
| 1915 if (cert == NULL) { | 1915 if (cert == NULL) { |
| 1916 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1916 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 1917 "client sent no required SSL certificate"); | 1917 "client sent no required SSL certificate"); |
| 1918 | 1918 |
| 1919 ngx_ssl_remove_cached_session(sscf->ssl.ctx, | 1919 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
| 1920 (SSL_get0_session(c->ssl->connection))); | 1920 (SSL_get0_session(c->ssl->connection))); |
| 1921 | 1921 |
| 1922 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); | 1922 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); |
| 1923 return; | 1923 return; |
| 1924 } | 1924 } |