Klaus Demo nginx / 1a30d79
SSL: fixed possible segfault with dynamic certificates. A virtual server may have no SSL context if it does not have certificates defined, so we have to use config of the ngx_http_ssl_module from the SSL context in the certificate callback. To do so, it is now passed as the argument of the callback. The stream module doesn't really need any changes, but was modified as well to match http code. Maxim Dounin 1 year, 9 months ago
3 changed file(s) with 4 addition(s) and 4 deletion(s). Raw diff Collapse all Expand all
740740
741741 /* install callback to lookup certificates */
742742
743 SSL_CTX_set_cert_cb(conf->ssl.ctx, ngx_http_ssl_certificate, NULL);
743 SSL_CTX_set_cert_cb(conf->ssl.ctx, ngx_http_ssl_certificate, conf);
744744
745745 #else
746746 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
972972
973973 r->logged = 1;
974974
975 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
975 sscf = arg;
976976
977977 nelts = sscf->certificate_values->nelts;
978978 certs = sscf->certificate_values->elts;
433433
434434 s = c->data;
435435
436 sslcf = ngx_stream_get_module_srv_conf(s, ngx_stream_ssl_module);
436 sslcf = arg;
437437
438438 nelts = sslcf->certificate_values->nelts;
439439 certs = sslcf->certificate_values->elts;
691691
692692 /* install callback to lookup certificates */
693693
694 SSL_CTX_set_cert_cb(conf->ssl.ctx, ngx_stream_ssl_certificate, NULL);
694 SSL_CTX_set_cert_cb(conf->ssl.ctx, ngx_stream_ssl_certificate, conf);
695695
696696 #else
697697 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,