Mercurial > hg > nginx

comparison src/mail/ngx_mail_handler.c @ 7193:9d14931cec8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: using default server context in session remove (closes #1464). This fixes segfault in configurations with multiple virtual servers sharing the same port, where a non-default virtual server block misses certificate.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 30 Jan 2018 17:46:31 +0300
parents 03444167a3bb
children 7f955d3b9a0d
comparison
equal deleted inserted replaced
7192:d5a535774861 7193:9d14931cec8c
300 { 300 {
301 ngx_log_error(NGX_LOG_INFO, c->log, 0, 301 ngx_log_error(NGX_LOG_INFO, c->log, 0,
302 "client SSL certificate verify error: (%l:%s)", 302 "client SSL certificate verify error: (%l:%s)",
303 rc, X509_verify_cert_error_string(rc)); 303 rc, X509_verify_cert_error_string(rc));
304 304
305 ngx_ssl_remove_cached_session(sslcf->ssl.ctx, 305 ngx_ssl_remove_cached_session(c->ssl->session_ctx,
306 (SSL_get0_session(c->ssl->connection))); 306 (SSL_get0_session(c->ssl->connection)));
307 307
308 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); 308 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
309 309
310 s->out = cscf->protocol->cert_error; 310 s->out = cscf->protocol->cert_error;
321 321
322 if (cert == NULL) { 322 if (cert == NULL) {
323 ngx_log_error(NGX_LOG_INFO, c->log, 0, 323 ngx_log_error(NGX_LOG_INFO, c->log, 0,
324 "client sent no required SSL certificate"); 324 "client sent no required SSL certificate");
325 325
326 ngx_ssl_remove_cached_session(sslcf->ssl.ctx, 326 ngx_ssl_remove_cached_session(c->ssl->session_ctx,
327 (SSL_get0_session(c->ssl->connection))); 327 (SSL_get0_session(c->ssl->connection)));
328 328
329 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); 329 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
330 330
331 s->out = cscf->protocol->no_cert; 331 s->out = cscf->protocol->no_cert;