Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 1974:f32cc6df6bd6
fix memory leak when ssl_verify_client is on
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Wed, 23 Apr 2008 18:57:25 +0000 |
parents | 291689a7e5dc |
children | 38fa1d3a31b7 72b09c4dd8f7 |
comparison
equal
deleted
inserted
replaced
1973:54e4d1b6c183 | 1974:f32cc6df6bd6 |
---|---|
1417 | 1417 |
1418 #if (NGX_HTTP_SSL) | 1418 #if (NGX_HTTP_SSL) |
1419 | 1419 |
1420 if (c->ssl) { | 1420 if (c->ssl) { |
1421 long rc; | 1421 long rc; |
1422 X509 *cert; | |
1422 ngx_http_ssl_srv_conf_t *sscf; | 1423 ngx_http_ssl_srv_conf_t *sscf; |
1423 | 1424 |
1424 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); | 1425 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module); |
1425 | 1426 |
1426 if (sscf->verify) { | 1427 if (sscf->verify) { |
1436 | 1437 |
1437 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); | 1438 ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR); |
1438 return; | 1439 return; |
1439 } | 1440 } |
1440 | 1441 |
1441 if (SSL_get_peer_certificate(c->ssl->connection) | 1442 cert = SSL_get_peer_certificate(c->ssl->connection); |
1442 == NULL) | 1443 |
1443 { | 1444 if (cert == NULL) { |
1444 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1445 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1445 "client sent no required SSL certificate"); | 1446 "client sent no required SSL certificate"); |
1446 | 1447 |
1447 ngx_ssl_remove_cached_session(sscf->ssl.ctx, | 1448 ngx_ssl_remove_cached_session(sscf->ssl.ctx, |
1448 (SSL_get0_session(c->ssl->connection))); | 1449 (SSL_get0_session(c->ssl->connection))); |
1449 | 1450 |
1450 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); | 1451 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT); |
1451 return; | 1452 return; |
1452 } | 1453 } |
1454 | |
1455 X509_free(cert); | |
1453 } | 1456 } |
1454 } | 1457 } |
1455 | 1458 |
1456 #endif | 1459 #endif |
1457 | 1460 |