Mercurial > hg > nginx-quic
changeset 7738:7f0981be07c4 quic
Fixed client certificate verification.
For ngx_http_process_request() part to work, this required to set both
r->http_connection->ssl and c->ssl on a QUIC stream. To avoid damaging
global SSL object, ngx_ssl_shutdown() is managed to ignore QUIC streams.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 23 Mar 2020 20:48:34 +0300 |
parents | 8e54a17dabee |
children | cb75f194f1f0 |
files | src/event/ngx_event_openssl.c src/event/ngx_event_quic.c src/http/ngx_http_request.c |
diffstat | 3 files changed, 7 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -2735,6 +2735,11 @@ ngx_ssl_shutdown(ngx_connection_t *c) int n, sslerr, mode; ngx_err_t err; + if (c->qs) { + /* QUIC streams inherit SSL object */ + return NGX_OK; + } + if (SSL_in_init(c->ssl->connection)) { /* * OpenSSL 1.0.2f complains if SSL_shutdown() is called during