id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
1585	ssl_verify_client cause core dump	akf00000@…		"when a server turn on the ssl_verify_client whitout setting ssl_certificate, the ssl handshake would be finished by using default server's ssl_ctx, but the server's ssl_ctx(which is NULL) would be used for verify. It will cause core dump.

advise:
void
ngx_ssl_remove_cached_session(SSL_CTX *ssl, ngx_ssl_session_t *sess)
{
    /*   add this   */
    if (ssl == NULL) {
        return;
    }
    /*   add this end */
    SSL_CTX_remove_session(ssl, sess);

    ngx_ssl_remove_session(ssl, sess);
}"	defect	closed	blocker	nginx-1.15	nginx-core	1.15.x	duplicate		cpp (GCC) 5.3.0	SunOS host 5.10 Generic_150401-50 i86pc i386 i86pc	nginx version: nginx/1.13.8 (i386-sun-solaris2.10) build by gcc .3.0 (GCC) build with OpenSSL 1.0.2k 26 Jan 2017 TLS SNI support enabled configure arguments: --build-i386-sun-solaris2.10 --prefix=/foo/bar --sbin-path=/foo/bar/bin/nginx --conf-path=/foo/bar/etc/nginx/nginx.conf --with-cc=/foo/bar/bin/gcc --with-cpp=/foo/bar/bin/cpp --with-ld-opt='-L /foo/bar/lib' --with-cc-opt='-I /foo/bar/include' --with-threads --with-stream_ssl_module --with-stream --with-stream_ssl_prepared_module --with-http_ssl_module --with-http_v2_module --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-hhtp_degradation_module --with-http_slice_module --with-http_stub_satutus_module --with-http_perl_module --with-perl=/foo/bar/bin/perl --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --modules-path=/foo/bar/libexec/ngnx --lock-path=/var/run/nginx.lock --pid-path=/var/run/nginx.pid --builddir=/home/user/build