Mercurial > hg > nginx-quic

view src/os/unix/ngx_dlopen.c @ 7493:dbebbb25ae92

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
OCSP stapling: fixed segfault with dynamic certificate loading. If OCSP stapling was enabled with dynamic certificate loading, with some OpenSSL versions (1.0.2o and older, 1.1.0h and older; fixed in 1.0.2p, 1.1.0i, 1.1.1) a segmentation fault might happen. The reason is that during an abbreviated handshake the certificate callback is not called, but the certificate status callback was called (https://github.com/openssl/openssl/issues/1662), leading to NULL being returned from SSL_get_certificate(). Fix is to explicitly check SSL_get_certificate() result.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 15 Apr 2019 19:13:09 +0300
parents 7142b04337d6
children
line wrap: on
line source


/*
 * Copyright (C) Maxim Dounin
 * Copyright (C) Nginx, Inc.
 */


#include <ngx_config.h>
#include <ngx_core.h>


#if (NGX_HAVE_DLOPEN)

char *
ngx_dlerror(void)
{
    char  *err;

    err = (char *) dlerror();

    if (err == NULL) {
        return "";
    }

    return err;
}

#endif