Mercurial > hg > nginx

comparison src/http/ngx_http_request.c @ 1974:f32cc6df6bd6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix memory leak when ssl_verify_client is on
author Igor Sysoev <igor@sysoev.ru>
date Wed, 23 Apr 2008 18:57:25 +0000
parents 291689a7e5dc
children 38fa1d3a31b7 72b09c4dd8f7
comparison
equal deleted inserted replaced
1973:54e4d1b6c183 1974:f32cc6df6bd6
1417 1417
1418 #if (NGX_HTTP_SSL) 1418 #if (NGX_HTTP_SSL)
1419 1419
1420 if (c->ssl) { 1420 if (c->ssl) {
1421 long rc; 1421 long rc;
1422 X509 *cert;
1422 ngx_http_ssl_srv_conf_t *sscf; 1423 ngx_http_ssl_srv_conf_t *sscf;
1423 1424
1424 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); 1425 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
1425 1426
1426 if (sscf->verify) { 1427 if (sscf->verify) {
1436 1437
1437 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); 1438 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR);
1438 return; 1439 return;
1439 } 1440 }
1440 1441
1441 if (SSL_get_peer_certificate(c->ssl->connection) 1442 cert = SSL_get_peer_certificate(c->ssl->connection);
1442 == NULL) 1443
1443 { 1444 if (cert == NULL) {
1444 ngx_log_error(NGX_LOG_INFO, c->log, 0, 1445 ngx_log_error(NGX_LOG_INFO, c->log, 0,
1445 "client sent no required SSL certificate"); 1446 "client sent no required SSL certificate");
1446 1447
1447 ngx_ssl_remove_cached_session(sscf->ssl.ctx, 1448 ngx_ssl_remove_cached_session(sscf->ssl.ctx,
1448 (SSL_get0_session(c->ssl->connection))); 1449 (SSL_get0_session(c->ssl->connection)));
1449 1450
1450 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); 1451 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
1451 return; 1452 return;
1452 } 1453 }
1454
1455 X509_free(cert);
1453 } 1456 }
1454 } 1457 }
1455 1458
1456 #endif 1459 #endif
1457 1460