Mercurial > hg > nginx
view auto/lib/openssl/make @ 5659:3fb6615bb87f
Upstream: plugged potential memory leak on reload.
The SSL_CTX_set_cipher_list() may fail if there are no valid ciphers
specified in proxy_ssl_ciphers / uwsgi_ssl_ciphers, resulting in
SSL context leak.
In theory, ngx_pool_cleanup_add() may fail too, but this case is
intentionally left out for now as it's almost impossible and proper fix
will require changes to http ssl and mail ssl code as well.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Fri, 18 Apr 2014 20:13:24 +0400 |
| parents | f817f9d1cded |
| children | 83d54192e97b |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. case "$CC" in cl) cat << END >> $NGX_MAKEFILE $OPENSSL/openssl/include/openssl/ssl.h: $NGX_MAKEFILE \$(MAKE) -f auto/lib/openssl/makefile.msvc \ OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT" END ;; bcc32) ngx_opt=`echo "-DOPENSSL=\"$OPENSSL\" -DOPENSSL_OPT=\"$OPENSSL_OPT\"" \ | sed -e "s/\//$ngx_regex_dirsep/g"` cat << END >> $NGX_MAKEFILE `echo "$OPENSSL\\openssl\\lib\\libeay32.lib: \ $OPENSSL\\openssl\\include\\openssl\\ssl.h" \ | sed -e "s/\//$ngx_regex_dirsep/g"` `echo "$OPENSSL\\openssl\\lib\\ssleay32.lib: \ $OPENSSL\\openssl\\include\\openssl\\ssl.h" \ | sed -e "s/\//$ngx_regex_dirsep/g"` `echo "$OPENSSL\\openssl\\include\\openssl\\ssl.h: $NGX_MAKEFILE" \ | sed -e "s/\//$ngx_regex_dirsep/g"` \$(MAKE) -f auto/lib/openssl/makefile.bcc $ngx_opt END ;; *) case $USE_THREADS in NO) OPENSSL_OPT="$OPENSSL_OPT no-threads" ;; *) OPENSSL_OPT="$OPENSSL_OPT threads" ;; esac case $OPENSSL in /*) ngx_prefix="$OPENSSL/.openssl" ;; *) ngx_prefix="$PWD/$OPENSSL/.openssl" ;; esac cat << END >> $NGX_MAKEFILE $OPENSSL/.openssl/include/openssl/ssl.h: $NGX_MAKEFILE cd $OPENSSL \\ && if [ -f Makefile ]; then \$(MAKE) clean; fi \\ && ./config --prefix=$ngx_prefix no-shared $OPENSSL_OPT \\ && \$(MAKE) \\ && \$(MAKE) install LIBDIR=lib END ;; esac