Mercurial > hg > nginx-quic
view auto/lib/openssl/makefile.bcc @ 7121:924b6ef942bf
Fixed handling of unix sockets in $binary_remote_addr.
Previously, unix sockets were treated as AF_INET ones, and this may
result in buffer overread on Linux, where unbound unix sockets have
2-byte addresses.
Note that it is not correct to use just sun_path as a binary representation
for unix sockets. This will result in an empty string for unbound unix
sockets, and thus behaviour of limit_req and limit_conn will change when
switching from $remote_addr to $binary_remote_addr. As such, normal text
representation is used.
Reported by Stephan Dollberg.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 04 Oct 2017 21:19:42 +0300 |
parents | d620f497c50f |
children |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. all: cd $(OPENSSL) perl Configure BC-32 no-shared --prefix=openssl $(OPENSSL_OPT) ms\do_nasm $(MAKE) -f ms\bcb.mak $(MAKE) -f ms\bcb.mak install # Borland's make does not expand "[ch]" in # copy "inc32\openssl\*.[ch]" "openssl\include\openssl" copy inc32\openssl\*.h openssl\include\openssl