# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1582819401 -10800
# Node ID 2e3bfd696ecb822c82605681554381e9eabd032d
# Parent  4f18393a1d51bce6103ea2f1b2587900f349ba3d
Disabled connection reuse while in SSL handshake.

During SSL handshake, the connection could be reused in the OCSP stapling
callback, if configured, which subsequently leads to a segmentation fault.

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -748,6 +748,8 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
                 return;
             }
 
+            ngx_reusable_connection(c, 0);
+
             rc = ngx_ssl_handshake(c);
 
             if (rc == NGX_AGAIN) {
@@ -756,8 +758,6 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
                     ngx_add_timer(rev, c->listening->post_accept_timeout);
                 }
 
-                ngx_reusable_connection(c, 0);
-
                 c->ssl->handler = ngx_http_ssl_handshake_handler;
                 return;
             }