Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 3457:17706823a57e
Set SSL session context for "ssl_session_cache none".
This fixes a bug when client certficate is used and nginx closes connection
with the message: "SSL_GET_PREV_SESSION:session id context uninitialized".
| author | Igor Sysoev <igor@sysoev.ru> |
|---|---|
| date | Tue, 02 Mar 2010 08:41:47 +0000 |
| parents | 028f0892e0cd |
| children | 7f99ce2247f9 |
comparison
equal
deleted
inserted
replaced
| 3456:91cff7f97a50 | 3457:17706823a57e |
|---|---|
| 1426 if (builtin_session_cache == NGX_SSL_NO_SCACHE) { | 1426 if (builtin_session_cache == NGX_SSL_NO_SCACHE) { |
| 1427 SSL_CTX_set_session_cache_mode(ssl->ctx, SSL_SESS_CACHE_OFF); | 1427 SSL_CTX_set_session_cache_mode(ssl->ctx, SSL_SESS_CACHE_OFF); |
| 1428 return NGX_OK; | 1428 return NGX_OK; |
| 1429 } | 1429 } |
| 1430 | 1430 |
| 1431 SSL_CTX_set_session_id_context(ssl->ctx, sess_ctx->data, sess_ctx->len); | |
| 1432 | |
| 1431 if (builtin_session_cache == NGX_SSL_NONE_SCACHE) { | 1433 if (builtin_session_cache == NGX_SSL_NONE_SCACHE) { |
| 1432 | 1434 |
| 1433 /* | 1435 /* |
| 1434 * If the server explicitly says that it does not support | 1436 * If the server explicitly says that it does not support |
| 1435 * session reuse (see SSL_SESS_CACHE_OFF above), then | 1437 * session reuse (see SSL_SESS_CACHE_OFF above), then |
| 1456 if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) { | 1458 if (shm_zone && builtin_session_cache == NGX_SSL_NO_BUILTIN_SCACHE) { |
| 1457 cache_mode |= SSL_SESS_CACHE_NO_INTERNAL; | 1459 cache_mode |= SSL_SESS_CACHE_NO_INTERNAL; |
| 1458 } | 1460 } |
| 1459 | 1461 |
| 1460 SSL_CTX_set_session_cache_mode(ssl->ctx, cache_mode); | 1462 SSL_CTX_set_session_cache_mode(ssl->ctx, cache_mode); |
| 1461 | |
| 1462 SSL_CTX_set_session_id_context(ssl->ctx, sess_ctx->data, sess_ctx->len); | |
| 1463 | 1463 |
| 1464 if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) { | 1464 if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) { |
| 1465 | 1465 |
| 1466 if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) { | 1466 if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) { |
| 1467 SSL_CTX_sess_set_cache_size(ssl->ctx, builtin_session_cache); | 1467 SSL_CTX_sess_set_cache_size(ssl->ctx, builtin_session_cache); |