Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 5537:49b1ad48b55c
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation. As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9). The check added returns an empty
string if there is no session available.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 23 Jan 2014 18:32:26 +0400 |
| parents | 97e3769637a7 |
| children | 7c05f6590753 |
comparison
equal
deleted
inserted
replaced
| 5536:2a81949cbd7c | 5537:49b1ad48b55c |
|---|---|
| 2506 int len; | 2506 int len; |
| 2507 u_char *buf; | 2507 u_char *buf; |
| 2508 SSL_SESSION *sess; | 2508 SSL_SESSION *sess; |
| 2509 | 2509 |
| 2510 sess = SSL_get0_session(c->ssl->connection); | 2510 sess = SSL_get0_session(c->ssl->connection); |
| 2511 if (sess == NULL) { | |
| 2512 s->len = 0; | |
| 2513 return NGX_OK; | |
| 2514 } | |
| 2511 | 2515 |
| 2512 buf = sess->session_id; | 2516 buf = sess->session_id; |
| 2513 len = sess->session_id_length; | 2517 len = sess->session_id_length; |
| 2514 | 2518 |
| 2515 s->len = 2 * len; | 2519 s->len = 2 * len; |