diff options
author | Sergey Kandaurov <pluknet@nginx.com> | 2020-02-27 19:03:21 +0300 |
---|---|---|
committer | Sergey Kandaurov <pluknet@nginx.com> | 2020-02-27 19:03:21 +0300 |
commit | f909a7dc331621a8638ea46056e437b8be1496da (patch) | |
tree | 24979d3b8ee60821314fffbe632cc58c259e79cc | |
parent | 37984f0be1a5d608015517a64927d498888fb7ca (diff) |
Disabled connection reuse while in SSL handshake.
During SSL handshake, the connection could be reused in the OCSP stapling
callback, if configured, which subsequently leads to a segmentation fault.
-rw-r--r-- | src/http/ngx_http_request.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index 99fa6967d..bb69e71d0 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -748,6 +748,8 @@ ngx_http_ssl_handshake(ngx_event_t *rev) return; } + ngx_reusable_connection(c, 0); + rc = ngx_ssl_handshake(c); if (rc == NGX_AGAIN) { @@ -756,8 +758,6 @@ ngx_http_ssl_handshake(ngx_event_t *rev) ngx_add_timer(rev, c->listening->post_accept_timeout); } - ngx_reusable_connection(c, 0); - c->ssl->handler = ngx_http_ssl_handshake_handler; return; } |