SSL: fixed $ssl_session_id variable.
Previously, it used to contain full session serialized instead of just a session id, making it almost impossible to use the variable in a safe way. Thanks to Ivan Ristić.
This commit is contained in:
parent
db4766b488
commit
239327a9b1
|
@ -2229,32 +2229,22 @@ ngx_int_t
|
|||
ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
|
||||
{
|
||||
int len;
|
||||
u_char *p, *buf;
|
||||
u_char *buf;
|
||||
SSL_SESSION *sess;
|
||||
|
||||
sess = SSL_get0_session(c->ssl->connection);
|
||||
|
||||
len = i2d_SSL_SESSION(sess, NULL);
|
||||
|
||||
buf = ngx_alloc(len, c->log);
|
||||
if (buf == NULL) {
|
||||
return NGX_ERROR;
|
||||
}
|
||||
buf = sess->session_id;
|
||||
len = sess->session_id_length;
|
||||
|
||||
s->len = 2 * len;
|
||||
s->data = ngx_pnalloc(pool, 2 * len);
|
||||
if (s->data == NULL) {
|
||||
ngx_free(buf);
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
p = buf;
|
||||
i2d_SSL_SESSION(sess, &p);
|
||||
|
||||
ngx_hex_dump(s->data, buf, len);
|
||||
|
||||
ngx_free(buf);
|
||||
|
||||
return NGX_OK;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue