SSL: fixed ssl_buffer_size on SNI virtual hosts (ticket #1192).

Previously, buffer size was not changed from the one saved during
initial ngx_ssl_create_connection(), even if the buffer itself was not
yet created.  Fix is to change c->ssl->buffer_size in the SNI callback.

Note that it should be also possible to update buffer size even in non-SNI
virtual hosts as long as the buffer is not yet allocated.  This looks
like an overcomplication though.

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 6ff7903db4798c4ab20a5bee9fbcdfde76443e7b..baf97040463c3e1afc7adc593779fc2a2c6a2b2c 100644 (file)
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -884,6 +884,8 @@ ngx_http_ssl_servername(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg)
 
     sscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_ssl_module);
 
+    c->ssl->buffer_size = sscf->buffer_size;
+
     if (sscf->ssl.ctx) {
         SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);