Mercurial > hg > nginx-vendor-current

diff src/http/ngx_http_request.c @ 372:6639b93e81b2 NGINX_0_6_30
nginx 0.6.30 *) Change: now if an "include" directive pattern does not match any file, then nginx does not issue an error. *) Feature: now the time in directives may be specified without spaces, for example, "1h50m". *) Bugfix: memory leaks if the "ssl_verify_client" directive was on. Thanks to Chavelle Vincent. *) Bugfix: the "sub_filter" directive might set text to change into output. *) Bugfix: the "error_page" directive did not take into account arguments in redirected URI. *) Bugfix: now nginx always opens files in binary mode under Cygwin. *) Bugfix: nginx could not be built on OpenBSD; bug appeared in 0.6.15.
author: Igor Sysoev <http://sysoev.ru>
date: Tue, 29 Apr 2008 00:00:00 +0400
parents: babd3d9efb62
children: edf1cb6c328e
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -1419,6 +1419,7 @@ ngx_http_process_request(ngx_http_reques
 
     if (c->ssl) {
         long                      rc;
+        X509                     *cert;
         ngx_http_ssl_srv_conf_t  *sscf;
 
         sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
@@ -1438,9 +1439,9 @@ ngx_http_process_request(ngx_http_reques
                 return;
             }
 
-            if (SSL_get_peer_certificate(c->ssl->connection)
-                == NULL)
-            {
+            cert = SSL_get_peer_certificate(c->ssl->connection);
+
+            if (cert == NULL) {
                 ngx_log_error(NGX_LOG_INFO, c->log, 0,
                               "client sent no required SSL certificate");
 
@@ -1450,6 +1451,8 @@ ngx_http_process_request(ngx_http_reques
                 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
                 return;
             }
+
+            X509_free(cert);
         }
     }
author	Igor Sysoev <http://sysoev.ru>
date	Tue, 29 Apr 2008 00:00:00 +0400
parents	babd3d9efb62
children	edf1cb6c328e