The official NGINX Open Source repository.

Maxim Dounin 53803b4780 SSL: fixed segfault on renegotiation (ticket #1646). ... In e3ba4026c02d (1.15.4) nginx own renegotiation checks were disabled if SSL_OP_NO_RENEGOTIATION is available. But since SSL_OP_NO_RENEGOTIATION is only set on a connection, not in an SSL context, SSL_clear_option() removed it as long as a matching virtual server was found. This resulted in a segmentation fault similar to the one fixed in a6902a941279 (1.9.8), affecting nginx built with OpenSSL 1.1.0h or higher. To fix this, SSL_OP_NO_RENEGOTIATION is now explicitly set in ngx_http_ssl_servername() after adjusting options. Additionally, instead of c->ssl->renegotiation we now check c->ssl->handshaked, which seems to be a more correct flag to test, and will prevent the segmentation fault from happening even if SSL_OP_NO_RENEGOTIATION is not working.		2018-10-02 17:46:18 +03:00
auto	Configure: fixed compiler warnings with "-Wall -Wextra".	2018-07-24 18:46:54 +03:00
conf	MIME: added font/woff2 type (ticket #1243).	2018-06-15 17:29:55 +03:00
contrib	Contrib: vim syntax, update core and 3rd party module directives.	2018-03-18 11:11:14 +02:00
docs	nginx-1.15.4-RELEASE	2018-09-25 18:11:39 +03:00
misc	Updated OpenSSL used for win32 builds.	2018-08-28 15:05:41 +03:00
src	SSL: fixed segfault on renegotiation (ticket #1646).	2018-10-02 17:46:18 +03:00
.hgtags	release-1.15.4 tag	2018-09-25 18:11:39 +03:00