SSL: using default server context in session remove (closes #1464).
This fixes segfault in configurations with multiple virtual servers sharing the same port, where a non-default virtual server block misses certificate.
This commit is contained in:
parent
590dad7177
commit
4cc53b092e
|
@ -1902,7 +1902,7 @@ ngx_http_process_request(ngx_http_request_t *r)
|
|||
"client SSL certificate verify error: (%l:%s)",
|
||||
rc, X509_verify_cert_error_string(rc));
|
||||
|
||||
ngx_ssl_remove_cached_session(sscf->ssl.ctx,
|
||||
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
|
||||
(SSL_get0_session(c->ssl->connection)));
|
||||
|
||||
ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR);
|
||||
|
@ -1916,7 +1916,7 @@ ngx_http_process_request(ngx_http_request_t *r)
|
|||
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
||||
"client sent no required SSL certificate");
|
||||
|
||||
ngx_ssl_remove_cached_session(sscf->ssl.ctx,
|
||||
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
|
||||
(SSL_get0_session(c->ssl->connection)));
|
||||
|
||||
ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
|
||||
|
|
|
@ -302,7 +302,7 @@ ngx_mail_verify_cert(ngx_mail_session_t *s, ngx_connection_t *c)
|
|||
"client SSL certificate verify error: (%l:%s)",
|
||||
rc, X509_verify_cert_error_string(rc));
|
||||
|
||||
ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
|
||||
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
|
||||
(SSL_get0_session(c->ssl->connection)));
|
||||
|
||||
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
||||
|
@ -323,7 +323,7 @@ ngx_mail_verify_cert(ngx_mail_session_t *s, ngx_connection_t *c)
|
|||
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
||||
"client sent no required SSL certificate");
|
||||
|
||||
ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
|
||||
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
|
||||
(SSL_get0_session(c->ssl->connection)));
|
||||
|
||||
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
||||
|
|
|
@ -328,7 +328,7 @@ ngx_stream_ssl_handler(ngx_stream_session_t *s)
|
|||
"client SSL certificate verify error: (%l:%s)",
|
||||
rc, X509_verify_cert_error_string(rc));
|
||||
|
||||
ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
|
||||
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
|
||||
(SSL_get0_session(c->ssl->connection)));
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
@ -340,7 +340,7 @@ ngx_stream_ssl_handler(ngx_stream_session_t *s)
|
|||
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
||||
"client sent no required SSL certificate");
|
||||
|
||||
ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
|
||||
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
|
||||
(SSL_get0_session(c->ssl->connection)));
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue