]> git.kaiwu.me - nginx.git/commit
HTTP/3: fixed segfault when using SSL certificates with variables.
authorSergey Kandaurov <pluknet@nginx.com>
Wed, 29 Sep 2021 12:01:59 +0000 (15:01 +0300)
committerSergey Kandaurov <pluknet@nginx.com>
Wed, 29 Sep 2021 12:01:59 +0000 (15:01 +0300)
commitdab6035d68f3dd3f212393635c193c7aefea0d65
tree023e10d3fdbc97ebc110ef7837c5fc85a5b67bd8
parent1ea6f35fbfecadfe3e78c4b59b8c03a97b696d15
HTTP/3: fixed segfault when using SSL certificates with variables.

A QUIC connection doesn't have c->log->data and friends initialized to sensible
values.  Yet, a request can be created in the certificate callback with such an
assumption, which leads to a segmentation fault due to null pointer dereference
in ngx_http_free_request().  The fix is to adjust initializing the QUIC part of
a connection such that it has all of that in place.

Further, this appends logging error context for unsuccessful QUIC handshakes:
- cannot load certificate .. while handling frames
- SSL_do_handshake() failed .. while sending frames
src/http/modules/ngx_http_quic_module.c
src/http/ngx_http_request.c