nginx-0.8.51

Igor Sysoev igor at sysoev.ru
Tue Sep 28 10:51:43 MSD 2010


On Mon, Sep 27, 2010 at 06:56:29PM -0700, Xin LI wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Hi,
> 
> On 2010/09/27 06:41, Igor Sysoev wrote:
> >     *) Feature: now a listen socket "ssl" parameter may be set several 
> >        times.
> 
> It seems that when one have both HTTP and HTTPS service under the same
> host name, the HTTP service would break (asking for SSL certificate, log
> says: no "ssl_certificate" is defined in server listening on SSL port
> while SSL handshaking, client: 67.195.111.174, server: 0.0.0.0:80).
> 
> I think it is a bug, the problem is that when SSL support is compiled
> in, all HTTP servers would be considered as SSL since their opt.set is 1.
> 
> Attached patch should fix the problem (I am not very familiar with the
> code though).

The attched patch fixes the bug.

> Thanks for your work on nginx! :)

Thanks for your work on FreeBSD! :)


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/ngx_http.c
===================================================================
--- src/http/ngx_http.c	(revision 3087)
+++ src/http/ngx_http.c	(working copy)
@@ -1274,7 +1274,7 @@
         default_server = addr[i].opt.default_server;
 
 #if (NGX_HTTP_SSL)
-        ssl = lsopt->ssl || addr[i].opt.set;
+        ssl = lsopt->ssl || addr[i].opt.ssl;
 #endif
 
         if (lsopt->set) {


More information about the nginx mailing list