Mercurial > hg > nginx
comparison src/stream/ngx_stream_ssl_module.c @ 7193:9d14931cec8c
SSL: using default server context in session remove (closes #1464).
This fixes segfault in configurations with multiple virtual servers sharing
the same port, where a non-default virtual server block misses certificate.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 30 Jan 2018 17:46:31 +0300 |
parents | 82f0b8dcca27 |
children | 7f955d3b9a0d |
comparison
equal
deleted
inserted
replaced
7192:d5a535774861 | 7193:9d14931cec8c |
---|---|
326 { | 326 { |
327 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 327 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
328 "client SSL certificate verify error: (%l:%s)", | 328 "client SSL certificate verify error: (%l:%s)", |
329 rc, X509_verify_cert_error_string(rc)); | 329 rc, X509_verify_cert_error_string(rc)); |
330 | 330 |
331 ngx_ssl_remove_cached_session(sslcf->ssl.ctx, | 331 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
332 (SSL_get0_session(c->ssl->connection))); | 332 (SSL_get0_session(c->ssl->connection))); |
333 return NGX_ERROR; | 333 return NGX_ERROR; |
334 } | 334 } |
335 | 335 |
336 if (sslcf->verify == 1) { | 336 if (sslcf->verify == 1) { |
338 | 338 |
339 if (cert == NULL) { | 339 if (cert == NULL) { |
340 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 340 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
341 "client sent no required SSL certificate"); | 341 "client sent no required SSL certificate"); |
342 | 342 |
343 ngx_ssl_remove_cached_session(sslcf->ssl.ctx, | 343 ngx_ssl_remove_cached_session(c->ssl->session_ctx, |
344 (SSL_get0_session(c->ssl->connection))); | 344 (SSL_get0_session(c->ssl->connection))); |
345 return NGX_ERROR; | 345 return NGX_ERROR; |
346 } | 346 } |
347 | 347 |
348 X509_free(cert); | 348 X509_free(cert); |