avoid crash in case of plain http

Igor Sysoev igor at sysoev.ru
Wed May 11 14:08:42 MSD 2011


On Mon, May 09, 2011 at 04:42:29PM +0800, Robert wrote:
> diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> index 0527c9c..822d7ba 100644
> --- a/src/event/ngx_event_openssl.c
> +++ b/src/event/ngx_event_openssl.c
> @@ -2198,8 +2198,7 @@ ngx_ssl_get_serial_number(ngx_connection_t *c,
> ngx_pool_t *pool, ngx_str_t *s)
> 
>      s->len = 0;
> 
> -    cert = SSL_get_peer_certificate(c->ssl->connection);
> -    if (cert == NULL) {
> +    if ( NULL == c->ssl || NULL == ( cert =
> SSL_get_peer_certificate(c->ssl->connection))) {
>          return NGX_OK;
>      }

ngx_ssl_get_serial_number() is called only by ngx_http_ssl_variable()
which tests c->ssl existence.


-- 
Igor Sysoev



More information about the nginx-devel mailing list