Malformed response if the sct file is empty

grahamedgecombe / nginx-ct

Certificate Transparency module for nginx.

https://grahamedgecombe.com/projects/nginx-ct

ISC License

176 stars 29 forks source link

Malformed response if the sct file is empty #11

Closed farcaller closed 7 years ago

farcaller commented 8 years ago

If the directory has a few valid SCTs and an empty file, nginx will serve the response but it will be malformed. Specifically, Chrome will report 0 SCTs and CFNetwork (Safari) will fail to access the website at all.

Here's the test case, the good server and bad server:

good: https://patpat.vm.prod.zone/ bad: https://brokensct.patpat.vm.prod.zone/

The bad server has exactly the same config, with one empty file added to scts directory.

grahamedgecombe commented 7 years ago

Fixed in 49a49956364d58a85bed7ed8b529fdcadc2f586a with a patch provided by @agl