Disabled connection reuse while in SSL handshake.

During SSL handshake, the connection could be reused in the OCSP stapling
callback, if configured, which subsequently leads to a segmentation fault.

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 99fa6967d23c664e95286ac0acc0ac1010466acc..bb69e71d0f29ac3b6088a1b20174b261455869b5 100644 (file)
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -748,6 +748,8 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
                 return;
             }
 
+            ngx_reusable_connection(c, 0);
+
             rc = ngx_ssl_handshake(c);
 
             if (rc == NGX_AGAIN) {
@@ -756,8 +758,6 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
                     ngx_add_timer(rev, c->listening->post_accept_timeout);
                 }
 
-                ngx_reusable_connection(c, 0);
-
                 c->ssl->handler = ngx_http_ssl_handshake_handler;
                 return;
             }