Mercurial > hg > nginx

diff src/stream/ngx_stream_ssl_module.c @ 7193:9d14931cec8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: using default server context in session remove (closes #1464). This fixes segfault in configurations with multiple virtual servers sharing the same port, where a non-default virtual server block misses certificate.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 30 Jan 2018 17:46:31 +0300
parents 82f0b8dcca27
children 7f955d3b9a0d
line wrap: on
line diff
--- a/src/stream/ngx_stream_ssl_module.c
+++ b/src/stream/ngx_stream_ssl_module.c
@@ -328,7 +328,7 @@ ngx_stream_ssl_handler(ngx_stream_sessio
                           "client SSL certificate verify error: (%l:%s)",
                           rc, X509_verify_cert_error_string(rc));
 
-            ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
+            ngx_ssl_remove_cached_session(c->ssl->session_ctx,
                                        (SSL_get0_session(c->ssl->connection)));
             return NGX_ERROR;
         }
@@ -340,7 +340,7 @@ ngx_stream_ssl_handler(ngx_stream_sessio
                 ngx_log_error(NGX_LOG_INFO, c->log, 0,
                               "client sent no required SSL certificate");
 
-                ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
+                ngx_ssl_remove_cached_session(c->ssl->session_ctx,
                                        (SSL_get0_session(c->ssl->connection)));
                 return NGX_ERROR;
             }