Mercurial > hg > nginx
comparison src/http/ngx_http_upstream_round_robin.c @ 5756:5b7276408565
SSL: stop accessing SSL_SESSION's fields directly.
SSL_SESSION struct is internal part of the OpenSSL library and it's fields
should be accessed via API (when exposed), not directly.
The unfortunate side-effect of this change is that we're losing reference
count that used to be printed at the debug log level, but this seems to be
an acceptable trade-off.
Almost fixes build with -DOPENSSL_NO_SSL_INTERN.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
author | Piotr Sikora <piotr@cloudflare.com> |
---|---|
date | Sun, 06 Jul 2014 16:41:14 -0700 |
parents | ab540dd44528 |
children | 575175ebf4b4 |
comparison
equal
deleted
inserted
replaced
5755:8df08465fcfd | 5756:5b7276408565 |
---|---|
630 | 630 |
631 ssl_session = peer->ssl_session; | 631 ssl_session = peer->ssl_session; |
632 | 632 |
633 rc = ngx_ssl_set_session(pc->connection, ssl_session); | 633 rc = ngx_ssl_set_session(pc->connection, ssl_session); |
634 | 634 |
635 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0, | 635 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, |
636 "set session: %p:%d", | 636 "set session: %p", ssl_session); |
637 ssl_session, ssl_session ? ssl_session->references : 0); | |
638 | 637 |
639 /* ngx_unlock_mutex(rrp->peers->mutex); */ | 638 /* ngx_unlock_mutex(rrp->peers->mutex); */ |
640 | 639 |
641 return rc; | 640 return rc; |
642 } | 641 } |
655 | 654 |
656 if (ssl_session == NULL) { | 655 if (ssl_session == NULL) { |
657 return; | 656 return; |
658 } | 657 } |
659 | 658 |
660 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0, | 659 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, |
661 "save session: %p:%d", ssl_session, ssl_session->references); | 660 "save session: %p", ssl_session); |
662 | 661 |
663 peer = &rrp->peers->peer[rrp->current]; | 662 peer = &rrp->peers->peer[rrp->current]; |
664 | 663 |
665 /* TODO: threads only mutex */ | 664 /* TODO: threads only mutex */ |
666 /* ngx_lock_mutex(rrp->peers->mutex); */ | 665 /* ngx_lock_mutex(rrp->peers->mutex); */ |
670 | 669 |
671 /* ngx_unlock_mutex(rrp->peers->mutex); */ | 670 /* ngx_unlock_mutex(rrp->peers->mutex); */ |
672 | 671 |
673 if (old_ssl_session) { | 672 if (old_ssl_session) { |
674 | 673 |
675 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0, | 674 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0, |
676 "old session: %p:%d", | 675 "old session: %p", old_ssl_session); |
677 old_ssl_session, old_ssl_session->references); | |
678 | 676 |
679 /* TODO: may block */ | 677 /* TODO: may block */ |
680 | 678 |
681 ngx_ssl_free_session(old_ssl_session); | 679 ngx_ssl_free_session(old_ssl_session); |
682 } | 680 } |