Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 5567:5a38f9609d85 stable-1.4
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation. As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9). The check added returns an empty
string if there is no session available.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Jan 2014 18:32:26 +0400 |
parents | 70f4d99ded41 |
children |
comparison
equal
deleted
inserted
replaced
5566:70f4d99ded41 | 5567:5a38f9609d85 |
---|---|
2231 int len; | 2231 int len; |
2232 u_char *buf; | 2232 u_char *buf; |
2233 SSL_SESSION *sess; | 2233 SSL_SESSION *sess; |
2234 | 2234 |
2235 sess = SSL_get0_session(c->ssl->connection); | 2235 sess = SSL_get0_session(c->ssl->connection); |
2236 if (sess == NULL) { | |
2237 s->len = 0; | |
2238 return NGX_OK; | |
2239 } | |
2236 | 2240 |
2237 buf = sess->session_id; | 2241 buf = sess->session_id; |
2238 len = sess->session_id_length; | 2242 len = sess->session_id_length; |
2239 | 2243 |
2240 s->len = 2 * len; | 2244 s->len = 2 * len; |