Mercurial > hg > nginx-quic

view src/os/unix/ngx_dlopen.h @ 7493:dbebbb25ae92

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
OCSP stapling: fixed segfault with dynamic certificate loading. If OCSP stapling was enabled with dynamic certificate loading, with some OpenSSL versions (1.0.2o and older, 1.1.0h and older; fixed in 1.0.2p, 1.1.0i, 1.1.1) a segmentation fault might happen. The reason is that during an abbreviated handshake the certificate callback is not called, but the certificate status callback was called (https://github.com/openssl/openssl/issues/1662), leading to NULL being returned from SSL_get_certificate(). Fix is to explicitly check SSL_get_certificate() result.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 15 Apr 2019 19:13:09 +0300
parents 7142b04337d6
children
line wrap: on
line source


/*
 * Copyright (C) Maxim Dounin
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_DLOPEN_H_INCLUDED_
#define _NGX_DLOPEN_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>


#define ngx_dlopen(path)           dlopen((char *) path, RTLD_NOW | RTLD_GLOBAL)
#define ngx_dlopen_n               "dlopen()"

#define ngx_dlsym(handle, symbol)  dlsym(handle, symbol)
#define ngx_dlsym_n                "dlsym()"

#define ngx_dlclose(handle)        dlclose(handle)
#define ngx_dlclose_n              "dlclose()"


#if (NGX_HAVE_DLOPEN)
char *ngx_dlerror(void);
#endif


#endif /* _NGX_DLOPEN_H_INCLUDED_ */