worker process and memory leak ?
Igor Sysoev
is at rambler-co.ru
Sun Apr 27 22:19:34 MSD 2008
On Sun, Apr 27, 2008 at 08:04:44PM +0200, Chavelle Vincent wrote:
> Igor Sysoev wrote:
> >
> > Try the attached patch.
>
> [crit] 28813#0: *1 SSL_do_handshake() failed (SSL: error:140880DC:SSL
> routines:SSL3_GET_CERT_VERIFY:signature for non signing certificate)
> while reading client request line, client: x.x.x.x, server: x.x.x.x
> [notice] 28812#0: signal 17 (SIGCHLD) received
> [alert] 28812#0: worker process 28813 exited on signal 11
> [notice] 28812#0: start worker process 28817
Backout the previous patch and try the new one.
--
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/event/ngx_event_openssl.c
===================================================================
--- src/event/ngx_event_openssl.c (revision 1295)
+++ src/event/ngx_event_openssl.c (working copy)
@@ -288,7 +288,7 @@
char *subject, *issuer;
int err, depth;
X509 *cert;
- X509_NAME *name;
+ X509_NAME *sname, *iname;
ngx_connection_t *c;
ngx_ssl_conn_t *ssl_conn;
@@ -301,17 +301,25 @@
err = X509_STORE_CTX_get_error(x509_store);
depth = X509_STORE_CTX_get_error_depth(x509_store);
- name = X509_get_subject_name(cert);
- subject = name ? X509_NAME_oneline(name, NULL, 0) : "(none)";
+ sname = X509_get_subject_name(cert);
+ subject = sname ? X509_NAME_oneline(sname, NULL, 0) : "(none)";
- name = X509_get_issuer_name(cert);
- issuer = name ? X509_NAME_oneline(name, NULL, 0) : "(none)";
+ iname = X509_get_issuer_name(cert);
+ issuer = iname ? X509_NAME_oneline(iname, NULL, 0) : "(none)";
ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0,
"verify:%d, error:%d, depth:%d, "
"subject:\"%s\",issuer: \"%s\"",
ok, err, depth, subject, issuer);
+ if (sname) {
+ OPENSSL_free(subject);
+ }
+
+ if (iname) {
+ OPENSSL_free(issuer);
+ }
+
return 1;
}
More information about the nginx
mailing list