Mercurial > hg > nginx

diff src/mail/ngx_mail_handler.c @ 7269:7f955d3b9a0d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: detect "listen ... ssl" without certificates (ticket #178). In mail and stream modules, no certificate provided is a fatal condition, much like with the "ssl" and "starttls" directives. In http, "listen ... ssl" can be used in a non-default server without certificates as long as there is a certificate in the default one, so missing certificate is only fatal for default servers.
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 24 Apr 2018 15:29:01 +0300
parents 9d14931cec8c
children da0a85e91587
line wrap: on
line diff
--- a/src/mail/ngx_mail_handler.c
+++ b/src/mail/ngx_mail_handler.c
@@ -165,29 +165,13 @@ ngx_mail_init_connection(ngx_connection_
 
     sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module);
 
-    if (sslcf->enable) {
+    if (sslcf->enable || addr_conf->ssl) {
         c->log->action = "SSL handshaking";
 
         ngx_mail_ssl_init_connection(&sslcf->ssl, c);
         return;
     }
 
-    if (addr_conf->ssl) {
-
-        c->log->action = "SSL handshaking";
-
-        if (sslcf->ssl.ctx == NULL) {
-            ngx_log_error(NGX_LOG_ERR, c->log, 0,
-                          "no \"ssl_certificate\" is defined "
-                          "in server listening on SSL port");
-            ngx_mail_close_connection(c);
-            return;
-        }
-
-        ngx_mail_ssl_init_connection(&sslcf->ssl, c);
-        return;
-    }
-
     }
 #endif