[PATCH] OCSP stapling: fix error logging of successful OCSP responses.
Piotr Sikora
piotr at cloudflare.com
Thu May 16 23:10:26 UTC 2013
Erm, "hg export" patch attached, sorry about that.
Best regards,
Piotr Sikora
# HG changeset patch
# User Piotr Sikora <piotr at cloudflare.com>
# Date 1368743833 25200
# Node ID cfab1e7e4ac2f0d17199ee1d49ac4647b63746d3
# Parent 2220de0521ca2c0b664a8ea1e201ce1cb90fd7a2
OCSP stapling: fix error logging of successful OCSP responses.
Due to a bad argument list, nginx worker would crash (SIGSEGV) while
trying to log the fact that it received OCSP response with "revoked"
or "unknown" certificate status.
While there, fix similar (but non-crashing) error a few lines above.
Signed-off-by: Piotr Sikora <piotr at cloudflare.com>
diff -r 2220de0521ca -r cfab1e7e4ac2 src/event/ngx_event_openssl_stapling.c
--- a/src/event/ngx_event_openssl_stapling.c Thu May 09 10:54:28 2013 +0200
+++ b/src/event/ngx_event_openssl_stapling.c Thu May 16 15:37:13 2013 -0700
@@ -611,15 +611,14 @@
!= 1)
{
ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
- "certificate status not found in the OCSP response",
- n, OCSP_response_status_str(n));
+ "certificate status not found in the OCSP response");
goto error;
}
if (n != V_OCSP_CERTSTATUS_GOOD) {
ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
"certificate status \"%s\" in the OCSP response",
- n, OCSP_cert_status_str(n));
+ OCSP_cert_status_str(n));
goto error;
}
More information about the nginx-devel
mailing list