diff options
| author | Roman Arutyunyan <arut@nginx.com> | 2020-08-18 16:22:00 +0300 |
|---|---|---|
| committer | Roman Arutyunyan <arut@nginx.com> | 2020-08-18 16:22:00 +0300 |
| commit | fd6df645ebf2de0ba7bcd8df2dfd7337f5ab516f (patch) | |
| tree | e80276b4b7c41ed0d6c4f960064d59f50d7ddb62 /src/event/ngx_event_openssl_stapling.c | |
| parent | ff1941d6ddb014da8b085c7ca9ba1098b4ec35a5 (diff) | |
| parent | b2d09a4cdd865a8997f68fbaa1e928f0dc0b6ef0 (diff) | |
| download | nginx-fd6df645ebf2de0ba7bcd8df2dfd7337f5ab516f.tar.gz nginx-fd6df645ebf2de0ba7bcd8df2dfd7337f5ab516f.zip | |
Merged with the default branch.
Diffstat (limited to 'src/event/ngx_event_openssl_stapling.c')
| -rw-r--r-- | src/event/ngx_event_openssl_stapling.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c index 0e79d6cc4..9d92421d6 100644 --- a/src/event/ngx_event_openssl_stapling.c +++ b/src/event/ngx_event_openssl_stapling.c @@ -883,6 +883,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) ocsp = ngx_pcalloc(c->pool, sizeof(ngx_ssl_ocsp_t)); if (ocsp == NULL) { + X509_free(cert); return NGX_ERROR; } @@ -899,6 +900,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) if (ocsp->certs) { ocsp->certs = X509_chain_up_ref(ocsp->certs); if (ocsp->certs == NULL) { + X509_free(cert); return NGX_ERROR; } } @@ -910,6 +912,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) if (store == NULL) { ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_CTX_get_cert_store() failed"); + X509_free(cert); return NGX_ERROR; } @@ -917,6 +920,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) if (store_ctx == NULL) { ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "X509_STORE_CTX_new() failed"); + X509_free(cert); return NGX_ERROR; } @@ -926,6 +930,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "X509_STORE_CTX_init() failed"); X509_STORE_CTX_free(store_ctx); + X509_free(cert); return NGX_ERROR; } @@ -933,6 +938,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) if (rc <= 0) { ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "X509_verify_cert() failed"); X509_STORE_CTX_free(store_ctx); + X509_free(cert); return NGX_ERROR; } @@ -941,12 +947,15 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c) ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "X509_STORE_CTX_get1_chain() failed"); X509_STORE_CTX_free(store_ctx); + X509_free(cert); return NGX_ERROR; } X509_STORE_CTX_free(store_ctx); } + X509_free(cert); + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "ssl ocsp validate, certs:%d", sk_X509_num(ocsp->certs)); |