Mercurial > hg > nginx

changeset 3457:17706823a57e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Set SSL session context for "ssl_session_cache none". This fixes a bug when client certficate is used and nginx closes connection with the message: "SSL_GET_PREV_SESSION:session id context uninitialized".
author Igor Sysoev <igor@sysoev.ru>
date Tue, 02 Mar 2010 08:41:47 +0000
parents 91cff7f97a50
children bdcae1a576e3
files src/event/ngx_event_openssl.c
diffstat 1 files changed, 2 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1428,6 +1428,8 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ng
         return NGX_OK;
     }
 
+    SSL_CTX_set_session_id_context(ssl->ctx, sess_ctx->data, sess_ctx->len);
+
     if (builtin_session_cache == NGX_SSL_NONE_SCACHE) {
 
         /*
@@ -1459,8 +1461,6 @@ ngx_ssl_session_cache(ngx_ssl_t *ssl, ng
 
     SSL_CTX_set_session_cache_mode(ssl->ctx, cache_mode);
 
-    SSL_CTX_set_session_id_context(ssl->ctx, sess_ctx->data, sess_ctx->len);
-
     if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) {
 
         if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) {