details: http://hg.nginx.org/nginx/rev/dcae651b2a0c
branches:
changeset: 6205:dcae651b2a0c
user: Maxim Dounin <mdou...@mdounin.ru>
date: Tue Jul 07 16:38:49 2015 +0300
description:
OCSP stapling: fixed ssl_stapling_file (ticket #769).
Broken by 6893a1007a7c (1.9.2) during introduction of strict OCSP response
validity checks. As stapling file is expected to be returned unconditionally,
fix is to set its validity to the maximum supported time.
Reported by Faidon Liambotis.
diffstat:
src/event/ngx_event_openssl_stapling.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diffs (11 lines):
diff --git a/src/event/ngx_event_openssl_stapling.c
b/src/event/ngx_event_openssl_stapling.c
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@@ -245,6 +245,7 @@ ngx_ssl_stapling_file(ngx_conf_t *cf, ng
staple->staple.data = buf;
staple->staple.len = len;
+ staple->valid = NGX_MAX_TIME_T_VALUE;
return NGX_OK;
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
