SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.

Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation.  As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9).  The check added returns an empty
string if there is no session available.

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 9935fb098959e5966fc9c9855ad025535ff74fb7..cbe4136a10fe126dd07d2077a73bd99363183e28 100644 (file)
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2508,6 +2508,10 @@ ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
     SSL_SESSION  *sess;
 
     sess = SSL_get0_session(c->ssl->connection);
+    if (sess == NULL) {
+        s->len = 0;
+        return NGX_OK;
+    }
 
     buf = sess->session_id;
     len = sess->session_id_length;