Klaus Demo nginx / 439e288
fix memory leak when ssl_verify_client is on Igor Sysoev 14 years ago
2 changed file(s) with 15 addition(s) and 3 deletion(s). Raw diff Collapse all Expand all
17771777
17781778 name = X509_get_subject_name(cert);
17791779 if (name == NULL) {
1780 X509_free(cert);
17801781 return NGX_ERROR;
17811782 }
17821783
17881789 s->data = ngx_palloc(pool, len);
17891790 if (s->data == NULL) {
17901791 OPENSSL_free(p);
1792 X509_free(cert);
17911793 return NGX_ERROR;
17921794 }
17931795
17941796 ngx_memcpy(s->data, p, len);
17951797
17961798 OPENSSL_free(p);
1799 X509_free(cert);
17971800
17981801 return NGX_OK;
17991802 }
18161819
18171820 name = X509_get_issuer_name(cert);
18181821 if (name == NULL) {
1822 X509_free(cert);
18191823 return NGX_ERROR;
18201824 }
18211825
18271831 s->data = ngx_palloc(pool, len);
18281832 if (s->data == NULL) {
18291833 OPENSSL_free(p);
1834 X509_free(cert);
18301835 return NGX_ERROR;
18311836 }
18321837
18331838 ngx_memcpy(s->data, p, len);
18341839
18351840 OPENSSL_free(p);
1841 X509_free(cert);
18361842
18371843 return NGX_OK;
18381844 }
18541860
18551861 bio = BIO_new(BIO_s_mem());
18561862 if (bio == NULL) {
1863 X509_free(cert);
18571864 return NGX_ERROR;
18581865 }
18591866
18641871 s->data = ngx_palloc(pool, len);
18651872 if (s->data == NULL) {
18661873 BIO_free(bio);
1874 X509_free(cert);
18671875 return NGX_ERROR;
18681876 }
18691877
18701878 BIO_read(bio, s->data, len);
18711879 BIO_free(bio);
1880 X509_free(cert);
18721881
18731882 return NGX_OK;
18741883 }
14181418
14191419 if (c->ssl) {
14201420 long rc;
1421 X509 *cert;
14211422 ngx_http_ssl_srv_conf_t *sscf;
14221423
14231424 sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
14371438 return;
14381439 }
14391440
1440 if (SSL_get_peer_certificate(c->ssl->connection)
1441 == NULL)
1442 {
1441 cert = SSL_get_peer_certificate(c->ssl->connection);
1442
1443 if (cert == NULL) {
14431444 ngx_log_error(NGX_LOG_INFO, c->log, 0,
14441445 "client sent no required SSL certificate");
14451446
14491450 ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
14501451 return;
14511452 }
1453
1454 X509_free(cert);
14521455 }
14531456 }
14541457