[nginx] SSL: return temporary RSA key only when the key length m...

Maxim Dounin mdounin at mdounin.ru
Wed Jul 9 01:49:42 UTC 2014


details:   http://hg.nginx.org/nginx/rev/c7ecd097b883
branches:  
changeset: 5754:c7ecd097b883
user:      Piotr Sikora <piotr at cloudflare.com>
date:      Sun Jul 06 16:41:13 2014 -0700
description:
SSL: return temporary RSA key only when the key length matches.

This change is mostly cosmetic, because in practice this callback
is used only for 512-bit RSA keys.

Signed-off-by: Piotr Sikora <piotr at cloudflare.com>

diffstat:

 src/event/ngx_event_openssl.c |  10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

diffs (20 lines):

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -652,10 +652,12 @@ ngx_ssl_rsa512_key_callback(ngx_ssl_conn
 {
     static RSA  *key;
 
-    if (key_length == 512) {
-        if (key == NULL) {
-            key = RSA_generate_key(512, RSA_F4, NULL, NULL);
-        }
+    if (key_length != 512) {
+        return NULL;
+    }
+
+    if (key == NULL) {
+        key = RSA_generate_key(512, RSA_F4, NULL, NULL);
     }
 
     return key;



More information about the nginx-devel mailing list