From 0ccbe0abe4fc1313689576b21b8649e4ebe524ee Mon Sep 17 00:00:00 2001
From: Vladimir Homutov <vl@nginx.com>
Date: Thu, 19 Jan 2017 16:17:05 +0300
Subject: Stream: fixed handling of non-ssl sessions.

A missing check could cause ngx_stream_ssl_handler() to be applied
to a non-ssl session, which resulted in a null pointer dereference
if ssl_verify_client is enabled.

The bug had appeared in 1.11.8 (41cb1b64561d).
---
 src/stream/ngx_stream_ssl_module.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/stream')

diff --git a/src/stream/ngx_stream_ssl_module.c b/src/stream/ngx_stream_ssl_module.c
index fb653c57c..414d32824 100644
--- a/src/stream/ngx_stream_ssl_module.c
+++ b/src/stream/ngx_stream_ssl_module.c
@@ -287,11 +287,15 @@ ngx_stream_ssl_handler(ngx_stream_session_t *s)
     ngx_connection_t       *c;
     ngx_stream_ssl_conf_t  *sslcf;
 
+    if (!s->ssl) {
+        return NGX_OK;
+    }
+
     c = s->connection;
 
     sslcf = ngx_stream_get_module_srv_conf(s, ngx_stream_ssl_module);
 
-    if (s->ssl && c->ssl == NULL) {
+    if (c->ssl == NULL) {
         c->log->action = "SSL handshaking";
 
         if (sslcf->ssl.ctx == NULL) {
-- 
cgit