Mercurial > hg > nginx
comparison src/mail/ngx_mail_handler.c @ 7193:9d14931cec8c
SSL: using default server context in session remove (closes #1464).
This fixes segfault in configurations with multiple virtual servers sharing
the same port, where a non-default virtual server block misses certificate.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 30 Jan 2018 17:46:31 +0300 |
parents | 03444167a3bb |
children | 7f955d3b9a0d |
comparison
equal
deleted
inserted
replaced
7192:d5a535774861 | 7193:9d14931cec8c |
---|---|
300 { | 300 { |
301 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 301 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
302 "client SSL certificate verify error: (%l:%s)", | 302 "client SSL certificate verify error: (%l:%s)", |
303 rc, X509_verify_cert_error_string(rc)); | 303 rc, X509_verify_cert_error_string(rc)); |
304 | 304 |
305 ngx_ssl_remove_cached_session(sslcf->ssl.ctx, | 305 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
306 (SSL_get0_session(c->ssl->connection))); | 306 (SSL_get0_session(c->ssl->connection))); |
307 | 307 |
308 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); | 308 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
309 | 309 |
310 s->out = cscf->protocol->cert_error; | 310 s->out = cscf->protocol->cert_error; |
321 | 321 |
322 if (cert == NULL) { | 322 if (cert == NULL) { |
323 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 323 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
324 "client sent no required SSL certificate"); | 324 "client sent no required SSL certificate"); |
325 | 325 |
326 ngx_ssl_remove_cached_session(sslcf->ssl.ctx, | 326 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
327 (SSL_get0_session(c->ssl->connection))); | 327 (SSL_get0_session(c->ssl->connection))); |
328 | 328 |
329 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); | 329 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
330 | 330 |
331 s->out = cscf->protocol->no_cert; | 331 s->out = cscf->protocol->no_cert; |