aboutsummaryrefslogtreecommitdiff
path: root/src/http/modules/ngx_http_memcached_module.c
diff options
context:
space:
mode:
authorMaxim Dounin <mdounin@mdounin.ru>2020-06-29 17:15:51 +0300
committerMaxim Dounin <mdounin@mdounin.ru>2020-06-29 17:15:51 +0300
commitfa2f2e35082ba01a8aed026b34fc5246637f104e (patch)
tree326c6aef1d5e65a8a1758ab41bcd5a05b71ecb77 /src/http/modules/ngx_http_memcached_module.c
parent1bbc37d35c67c0ef5271551f8e40fd899442d157 (diff)
downloadnginx-fa2f2e35082ba01a8aed026b34fc5246637f104e.tar.gz
nginx-fa2f2e35082ba01a8aed026b34fc5246637f104e.zip
SSL: fixed unexpected certificate requests (ticket #2008).
Using SSL_CTX_set_verify(SSL_VERIFY_PEER) implies that OpenSSL will send a certificate request during an SSL handshake, leading to unexpected certificate requests from browsers as long as there are any client certificates installed. Given that ngx_ssl_trusted_certificate() is called unconditionally by the ngx_http_ssl_module, this affected all HTTPS servers. Broken by 699f6e55bbb4 (not released yet). Fix is to set verify callback in the ngx_ssl_trusted_certificate() function without changing the verify mode.
Diffstat (limited to 'src/http/modules/ngx_http_memcached_module.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-20 09:59:15 +0000