mirror of
https://github.com/nginx/nginx.git
synced 2024-11-27 23:49:00 +08:00
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
Even during execution of a request it is possible that there will be no session available, notably in case of renegotiation. As a result logging of $ssl_session_id in some cases caused NULL pointer dereference after revision 97e3769637a7 (1.5.9). The check added returns an empty string if there is no session available.
This commit is contained in:
parent
bb40c4ed2f
commit
1ebb44e3e3
@ -2508,6 +2508,10 @@ ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
|
||||
SSL_SESSION *sess;
|
||||
|
||||
sess = SSL_get0_session(c->ssl->connection);
|
||||
if (sess == NULL) {
|
||||
s->len = 0;
|
||||
return NGX_OK;
|
||||
}
|
||||
|
||||
buf = sess->session_id;
|
||||
len = sess->session_id_length;
|
||||
|
Loading…
Reference in New Issue
Block a user