mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-27 09:00:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

SSL: fixed $ssl_session_id variable.

Browse Source 
Previously, it used to contain full session serialized instead of just
a session id, making it almost impossible to use the variable in a safe
way.

Thanks to Ivan Ristić.
This commit is contained in:
Maxim Dounin 2014-01-22 16:05:06 +04:00
parent abcbe54219
commit 096bcd03c3
1 changed files with 3 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/event/ngx_event_openssl.c
View File

@ -2504,32 +2504,22 @@ ngx_int_t
ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{ {
int len; int len;
u_char *p, *buf; u_char *buf;
SSL_SESSION *sess; SSL_SESSION *sess;
sess = SSL_get0_session(c->ssl->connection); sess = SSL_get0_session(c->ssl->connection);
len = i2d_SSL_SESSION(sess, NULL); buf = sess->session_id;
len = sess->session_id_length;
buf = ngx_alloc(len, c->log);
if (buf == NULL) {
return NGX_ERROR;
}
s->len = 2 * len; s->len = 2 * len;
s->data = ngx_pnalloc(pool, 2 * len); s->data = ngx_pnalloc(pool, 2 * len);
if (s->data == NULL) { if (s->data == NULL) {
ngx_free(buf);
return NGX_ERROR; return NGX_ERROR;
} }
p = buf;
i2d_SSL_SESSION(sess, &p);
ngx_hex_dump(s->data, buf, len); ngx_hex_dump(s->data, buf, len);
ngx_free(buf);
return NGX_OK; return NGX_OK;
} }