From 4abafc85d612f3348c38e5294124f27a2e4681df Mon Sep 17 00:00:00 2001 From: Maxim Dounin Date: Thu, 2 Feb 2017 20:29:16 +0300 Subject: SSL: fixed ssl_buffer_size on SNI virtual hosts (ticket #1192). Previously, buffer size was not changed from the one saved during initial ngx_ssl_create_connection(), even if the buffer itself was not yet created. Fix is to change c->ssl->buffer_size in the SNI callback. Note that it should be also possible to update buffer size even in non-SNI virtual hosts as long as the buffer is not yet allocated. This looks like an overcomplication though. --- src/http/ngx_http_request.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/http/ngx_http_request.c') diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index 6ff7903db..baf970404 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -884,6 +884,8 @@ ngx_http_ssl_servername(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg) sscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_ssl_module); + c->ssl->buffer_size = sscf->buffer_size; + if (sscf->ssl.ctx) { SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx); -- cgit v1.2.3