]> git.kaiwu.me - nginx.git/commitdiff
Stream: fixed segfault when using SSL certificates with variables.
authorSergey Kandaurov <pluknet@nginx.com>
Wed, 29 Sep 2021 12:06:28 +0000 (15:06 +0300)
committerSergey Kandaurov <pluknet@nginx.com>
Wed, 29 Sep 2021 12:06:28 +0000 (15:06 +0300)
Similar to the previous change, a segmentation fault occurres when evaluating
SSL certificates on a QUIC connection due to an uninitialized stream session.
The fix is to adjust initializing the QUIC part of a connection until after
it has session and variables initialized.

Similarly, this appends logging error context for QUIC connections:
- client 127.0.0.1:54749 connected to 127.0.0.1:8880 while handling frames
- quic client timed out (60: Operation timed out) while handling quic input

src/stream/ngx_stream_handler.c

index f9030335f8828c928050d2b64b9b40d8010b804c..3b95bf81281110b3ff7f24b54f2e9611e6c0cd4f 100644 (file)
@@ -115,23 +115,6 @@ ngx_stream_init_connection(ngx_connection_t *c)
         }
     }
 
-#if (NGX_STREAM_QUIC)
-
-    if (addr_conf->quic) {
-        ngx_quic_conf_t  *qcf;
-
-        if (c->quic == NULL) {
-            c->log->connection = c->number;
-
-            qcf = ngx_stream_get_module_srv_conf(addr_conf->ctx,
-                                                 ngx_stream_quic_module);
-            ngx_quic_run(c, qcf);
-            return;
-        }
-    }
-
-#endif
-
     s = ngx_pcalloc(c->pool, sizeof(ngx_stream_session_t));
     if (s == NULL) {
         ngx_stream_close_connection(c);
@@ -194,6 +177,21 @@ ngx_stream_init_connection(ngx_connection_t *c)
     s->start_sec = tp->sec;
     s->start_msec = tp->msec;
 
+#if (NGX_STREAM_QUIC)
+
+    if (addr_conf->quic) {
+        ngx_quic_conf_t  *qcf;
+
+        if (c->quic == NULL) {
+            qcf = ngx_stream_get_module_srv_conf(addr_conf->ctx,
+                                                 ngx_stream_quic_module);
+            ngx_quic_run(c, qcf);
+            return;
+        }
+    }
+
+#endif
+
     rev = c->read;
     rev->handler = ngx_stream_session_handler;