diff options
author | Igor Sysoev <igor@sysoev.ru> | 2008-04-28 12:50:39 +0400 |
---|---|---|
committer | Igor Sysoev <igor@sysoev.ru> | 2008-04-28 12:50:39 +0400 |
commit | 58d3821cf08be9cd22e8f366eea4b31cee5d240f (patch) | |
tree | 052071211b33666942d460ae7fdcc2698a028343 | |
parent | b39b9aa59abd0d42cbe4627325d0864a9138bac7 (diff) |
fix memory leak when ssl_verify_client is on
-rw-r--r-- | src/event/ngx_event_openssl.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 2ce06ca0d..a2304ef27 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -288,7 +288,7 @@ ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store) char *subject, *issuer; int err, depth; X509 *cert; - X509_NAME *name; + X509_NAME *sname, *iname; ngx_connection_t *c; ngx_ssl_conn_t *ssl_conn; @@ -301,17 +301,25 @@ ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store) err = X509_STORE_CTX_get_error(x509_store); depth = X509_STORE_CTX_get_error_depth(x509_store); - name = X509_get_subject_name(cert); - subject = name ? X509_NAME_oneline(name, NULL, 0) : "(none)"; + sname = X509_get_subject_name(cert); + subject = sname ? X509_NAME_oneline(sname, NULL, 0) : "(none)"; - name = X509_get_issuer_name(cert); - issuer = name ? X509_NAME_oneline(name, NULL, 0) : "(none)"; + iname = X509_get_issuer_name(cert); + issuer = iname ? X509_NAME_oneline(iname, NULL, 0) : "(none)"; ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, "verify:%d, error:%d, depth:%d, " "subject:\"%s\",issuer: \"%s\"", ok, err, depth, subject, issuer); + if (sname) { + OPENSSL_free(subject); + } + + if (iname) { + OPENSSL_free(issuer); + } + return 1; } |