Mercurial > hg > nginx-quic
changeset 5754:c7ecd097b883
SSL: return temporary RSA key only when the key length matches.
This change is mostly cosmetic, because in practice this callback
is used only for 512-bit RSA keys.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
author | Piotr Sikora <piotr@cloudflare.com> |
---|---|
date | Sun, 06 Jul 2014 16:41:13 -0700 |
parents | febce92c82f6 |
children | 8df08465fcfd |
files | src/event/ngx_event_openssl.c |
diffstat | 1 files changed, 6 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -652,10 +652,12 @@ ngx_ssl_rsa512_key_callback(ngx_ssl_conn { static RSA *key; - if (key_length == 512) { - if (key == NULL) { - key = RSA_generate_key(512, RSA_F4, NULL, NULL); - } + if (key_length != 512) { + return NULL; + } + + if (key == NULL) { + key = RSA_generate_key(512, RSA_F4, NULL, NULL); } return key;