mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-07 17:52:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix memory leak when ssl_verify_client is on

Browse Source
This commit is contained in:
Igor Sysoev 2008-04-28 08:50:39 +00:00
parent b39b9aa59a
commit 58d3821cf0
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/event/ngx_event_openssl.c
View File

@ -288,7 +288,7 @@ ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store)
char *subject, *issuer; char *subject, *issuer;
int err, depth; int err, depth;
X509 *cert; X509 *cert;
X509_NAME *name; X509_NAME *sname, *iname;
ngx_connection_t *c; ngx_connection_t *c;
ngx_ssl_conn_t *ssl_conn; ngx_ssl_conn_t *ssl_conn;
@ -301,17 +301,25 @@ ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store)
err = X509_STORE_CTX_get_error(x509_store); err = X509_STORE_CTX_get_error(x509_store);
depth = X509_STORE_CTX_get_error_depth(x509_store); depth = X509_STORE_CTX_get_error_depth(x509_store);
name = X509_get_subject_name(cert); sname = X509_get_subject_name(cert);
subject = name ? X509_NAME_oneline(name, NULL, 0) : "(none)"; subject = sname ? X509_NAME_oneline(sname, NULL, 0) : "(none)";
name = X509_get_issuer_name(cert); iname = X509_get_issuer_name(cert);
issuer = name ? X509_NAME_oneline(name, NULL, 0) : "(none)"; issuer = iname ? X509_NAME_oneline(iname, NULL, 0) : "(none)";
ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0,
"verify:%d, error:%d, depth:%d, " "verify:%d, error:%d, depth:%d, "
"subject:\"%s\",issuer: \"%s\"", "subject:\"%s\",issuer: \"%s\"",
ok, err, depth, subject, issuer); ok, err, depth, subject, issuer);
if (sname) {
OPENSSL_free(subject);
}
if (iname) {
OPENSSL_free(issuer);
}
return 1; return 1;
} }