From 5d3544185c2df6d82bc0c9b7e450959f9d688345 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Thu, 8 Jan 2015 20:46:35 +0900
Subject: [PATCH] nghttpx: Fix crash in SSL_CTX_set_tlsext_ticket_key_cb

It seems that returning 0 when enc == 0 crashes OpenSSL.
---
 src/shrpx.cc     | 1 -
 src/shrpx_ssl.cc | 6 +++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/shrpx.cc b/src/shrpx.cc
index 1c6b4728..e03d94b4 100644
--- a/src/shrpx.cc
+++ b/src/shrpx.cc
@@ -465,7 +465,6 @@ void renew_ticket_key_cb(struct ev_loop *loop, ev_timer *w, int revents) {
     if (LOG_ENABLED(INFO)) {
       LOG(INFO) << "failed to renew ticket key";
     }
-    mod_config()->ticket_keys.reset();
     return;
   }
 
diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc
index 9e459942..89bce944 100644
--- a/src/shrpx_ssl.cc
+++ b/src/shrpx_ssl.cc
@@ -160,8 +160,8 @@ int ticket_key_cb(SSL *ssl, unsigned char *key_name, unsigned char *iv,
 #endif // NOTHREADS
 
   if (!ticket_keys) {
-    /* No ticket keys available.  Perform full handshake */
-    return 0;
+    // No ticket keys available.
+    return -1;
   }
 
   auto &keys = ticket_keys->keys;
@@ -172,7 +172,7 @@ int ticket_key_cb(SSL *ssl, unsigned char *key_name, unsigned char *iv,
       if (LOG_ENABLED(INFO)) {
         CLOG(INFO, handler) << "session ticket key: RAND_bytes failed";
       }
-      return 0;
+      return -1;
     }
 
     auto &key = keys[0];