SSL: SSL_CTX_set_timeout() now always called. The timeout set is used by OpenSSL as a hint for clients in TLS Session Tickets. Previous code resulted in a default timeout (5m) used for TLS Sessions Tickets if there was no session cache configured. Prodded by Piotr Sikora.

commit: a8ad0c02cc19f9684a357aace70a5fbbf9106fc1 [log] [tgz]
author: Maxim Dounin <mdounin@mdounin.ru> Mon Oct 14 13:59:35 2013 +0400
committer: Maxim Dounin <mdounin@mdounin.ru> Mon Oct 14 13:59:35 2013 +0400
tree: c90179fbd3fcc277519b33f816728612ff7e00e3
parent: 87a607a031cb42289d01768239d58abcb439b8ff [diff]
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index df8f7e1..6a3a2b5 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c

@@ -1704,6 +1704,8 @@
 {
     long  cache_mode;
 
+    SSL_CTX_set_timeout(ssl->ctx, (long) timeout);
+
     if (builtin_session_cache == NGX_SSL_NO_SCACHE) {
         SSL_CTX_set_session_cache_mode(ssl->ctx, SSL_SESS_CACHE_OFF);
         return NGX_OK;
@@ -1749,8 +1751,6 @@
         }
     }
 
-    SSL_CTX_set_timeout(ssl->ctx, (long) timeout);
-
     if (shm_zone) {
         SSL_CTX_sess_set_new_cb(ssl->ctx, ngx_ssl_new_session);
         SSL_CTX_sess_set_get_cb(ssl->ctx, ngx_ssl_get_cached_session);
commit	a8ad0c02cc19f9684a357aace70a5fbbf9106fc1	[log] [tgz]
author	Maxim Dounin <mdounin@mdounin.ru>	Mon Oct 14 13:59:35 2013 +0400
committer	Maxim Dounin <mdounin@mdounin.ru>	Mon Oct 14 13:59:35 2013 +0400
tree	c90179fbd3fcc277519b33f816728612ff7e00e3
parent	87a607a031cb42289d01768239d58abcb439b8ff [diff]