From 64fcac48b7b773aaa39d4079c5b6a41bd6193470 Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Sat, 16 Feb 2013 17:51:38 +0900 Subject: [PATCH] shrpx: Fix bug in building certificate lookup tree --- src/shrpx_ssl.cc | 6 +++++- src/shrpx_ssl_test.cc | 3 ++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc index 26cc392a..08332dab 100644 --- a/src/shrpx_ssl.cc +++ b/src/shrpx_ssl.cc @@ -587,7 +587,11 @@ void cert_lookup_tree_add_cert(CertLookupTree *lt, CertNode *node, cn->str[i] == hostname[j]; --i, --j); if(i == cn->last) { if(j == -1) { - // same hostname, we don't overwrite exiting ssl_ctx + if(cn->ssl_ctx) { + // same hostname, we don't overwrite exiting ssl_ctx + } else { + cn->ssl_ctx = ssl_ctx; + } } else { // The existing hostname is a suffix of this hostname. // Continue matching at potion j. diff --git a/src/shrpx_ssl_test.cc b/src/shrpx_ssl_test.cc index daec697d..d31ca269 100644 --- a/src/shrpx_ssl_test.cc +++ b/src/shrpx_ssl_test.cc @@ -96,9 +96,10 @@ void test_shrpx_ssl_create_lookup_tree(void) } SSL_CTX *ctxs2[] = {SSL_CTX_new(TLSv1_method()), + SSL_CTX_new(TLSv1_method()), SSL_CTX_new(TLSv1_method()), SSL_CTX_new(TLSv1_method())}; - const char *names[] = { "rab", "zab", "zzub" }; + const char *names[] = { "rab", "zab", "zzub", "ab" }; num = sizeof(ctxs2)/sizeof(ctxs2[0]); tree = ssl::cert_lookup_tree_new(); for(int i = 0; i < num; ++i) {