SSL: fixed segfault on renegotiation (ticket #1646). In e3ba4026c02d (1.15.4) nginx own renegotiation checks were disabled if SSL_OP_NO_RENEGOTIATION is available. But since SSL_OP_NO_RENEGOTIATION is only set on a connection, not in an SSL context, SSL_clear_option() removed it as long as a matching virtual server was found. This resulted in a segmentation fault similar to the one fixed in a6902a941279 (1.9.8), affecting nginx built with OpenSSL 1.1.0h or higher. To fix this, SSL_OP_NO_RENEGOTIATION is now explicitly set in ngx_http_ssl_servername() after adjusting options. Additionally, instead of c->ssl->renegotiation we now check c->ssl->handshaked, which seems to be a more correct flag to test, and will prevent the segmentation fault from happening even if SSL_OP_NO_RENEGOTIATION is not working.

scgi_param  REQUEST_METHOD     $request_method;
scgi_param  REQUEST_URI        $request_uri;
scgi_param  QUERY_STRING       $query_string;
scgi_param  CONTENT_TYPE       $content_type;

scgi_param  DOCUMENT_URI       $document_uri;
scgi_param  DOCUMENT_ROOT      $document_root;
scgi_param  SCGI               1;
scgi_param  SERVER_PROTOCOL    $server_protocol;
scgi_param  REQUEST_SCHEME     $scheme;
scgi_param  HTTPS              $https if_not_empty;

scgi_param  REMOTE_ADDR        $remote_addr;
scgi_param  REMOTE_PORT        $remote_port;
scgi_param  SERVER_PORT        $server_port;
scgi_param  SERVER_NAME        $server_name;