[nginx] SSL: fixed subjectAltName and commonName debug logging.
Maxim Dounin
mdounin at mdounin.ru
Thu Aug 21 02:29:27 UTC 2025
details: http://freenginx.org/hg/nginx/rev/a540fac7e04a
branches:
changeset: 9410:a540fac7e04a
user: Maxim Dounin <mdounin at mdounin.ru>
date: Thu Aug 21 04:40:59 2025 +0300
description:
SSL: fixed subjectAltName and commonName debug logging.
Previously, ASN1_STRING_length() was used as a length for "%*s" format
specifier, which is wrong, since string length is expected to be "size_t",
and ASN1_STRING_length() returns "int".
diffstat:
src/event/ngx_event_openssl.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diffs (23 lines):
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -4957,7 +4957,8 @@ ngx_ssl_check_host(ngx_connection_t *c,
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
"SSL subjectAltName: \"%*s\"",
- ASN1_STRING_length(str), ASN1_STRING_data(str));
+ (size_t) ASN1_STRING_length(str),
+ ASN1_STRING_data(str));
if (ngx_ssl_check_name(name, str) == NGX_OK) {
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
@@ -4999,7 +5000,8 @@ ngx_ssl_check_host(ngx_connection_t *c,
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
"SSL commonName: \"%*s\"",
- ASN1_STRING_length(str), ASN1_STRING_data(str));
+ (size_t) ASN1_STRING_length(str),
+ ASN1_STRING_data(str));
if (ngx_ssl_check_name(name, str) == NGX_OK) {
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
More information about the nginx-devel
mailing list