Browse Source

Latest update - 7454

master
Hakase 1 month ago
parent
commit
f924949dff
Signed by: Hakase <hakase@hakase.app> GPG Key ID: BB2821A9E0DF48C9
4 changed files with 32 additions and 4 deletions
  1. 1
    1
      auto/make
  2. 1
    1
      src/core/ngx_conf_file.c
  3. 1
    0
      src/event/ngx_event_connect.h
  4. 29
    2
      src/event/ngx_event_openssl.c

+ 1
- 1
auto/make View File

@@ -229,7 +229,7 @@ build:	binary modules
229 229
 binary:	$NGX_OBJS${ngx_dirsep}nginx$ngx_binext
230 230
 
231 231
 $NGX_OBJS${ngx_dirsep}nginx$ngx_binext:	$ngx_deps$ngx_spacer
232
-	\$(LINK) $ngx_long_start$ngx_binout$NGX_OBJS${ngx_dirsep}nginx$ngx_long_cont$ngx_objs$ngx_libs$ngx_link$ngx_main_link
232
+	\$(LINK) $ngx_long_start$ngx_binout$NGX_OBJS${ngx_dirsep}nginx$ngx_binext$ngx_long_cont$ngx_objs$ngx_libs$ngx_link$ngx_main_link
233 233
 	$ngx_rcc
234 234
 $ngx_long_end
235 235
 

+ 1
- 1
src/core/ngx_conf_file.c View File

@@ -310,7 +310,7 @@ ngx_conf_parse(ngx_conf_t *cf, ngx_str_t *filename)
310 310
                 goto failed;
311 311
             }
312 312
 
313
-            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, rv);
313
+            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "%s", rv);
314 314
 
315 315
             goto failed;
316 316
         }

+ 1
- 0
src/event/ngx_event_connect.h View File

@@ -63,6 +63,7 @@ struct ngx_peer_connection_s {
63 63
     unsigned                         cached:1;
64 64
     unsigned                         transparent:1;
65 65
     unsigned                         so_keepalive:1;
66
+    unsigned                         down:1;
66 67
 
67 68
                                      /* ngx_connection_log_error_e */
68 69
     unsigned                         log_error:2;

+ 29
- 2
src/event/ngx_event_openssl.c View File

@@ -68,6 +68,7 @@ static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp,
68 68
 static int ngx_ssl_session_ticket_key_callback(ngx_ssl_conn_t *ssl_conn,
69 69
     unsigned char *name, unsigned char *iv, EVP_CIPHER_CTX *ectx,
70 70
     HMAC_CTX *hctx, int enc);
71
+static void ngx_ssl_session_ticket_keys_cleanup(void *data);
71 72
 #endif
72 73
 
73 74
 #ifndef X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
@@ -954,10 +955,13 @@ ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file)
954 955
         return NULL;
955 956
     }
956 957
 
957
-    cln = ngx_pool_cleanup_add(cf->temp_pool, 0);
958 958
     passwords = ngx_array_create(cf->temp_pool, 4, sizeof(ngx_str_t));
959
+    if (passwords == NULL) {
960
+        return NULL;
961
+    }
959 962
 
960
-    if (cln == NULL || passwords == NULL) {
963
+    cln = ngx_pool_cleanup_add(cf->temp_pool, 0);
964
+    if (cln == NULL) {
961 965
         return NULL;
962 966
     }
963 967
 
@@ -3523,6 +3527,7 @@ ngx_ssl_session_ticket_keys(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *paths)
3523 3527
     ngx_uint_t                     i;
3524 3528
     ngx_array_t                   *keys;
3525 3529
     ngx_file_info_t                fi;
3530
+    ngx_pool_cleanup_t            *cln;
3526 3531
     ngx_ssl_session_ticket_key_t  *key;
3527 3532
 
3528 3533
     if (paths == NULL) {
@@ -3535,6 +3540,14 @@ ngx_ssl_session_ticket_keys(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *paths)
3535 3540
         return NGX_ERROR;
3536 3541
     }
3537 3542
 
3543
+    cln = ngx_pool_cleanup_add(cf->pool, 0);
3544
+    if (cln == NULL) {
3545
+        return NGX_ERROR;
3546
+    }
3547
+
3548
+    cln->handler = ngx_ssl_session_ticket_keys_cleanup;
3549
+    cln->data = keys;
3550
+
3538 3551
     path = paths->elts;
3539 3552
     for (i = 0; i < paths->nelts; i++) {
3540 3553
 
@@ -3606,6 +3619,8 @@ ngx_ssl_session_ticket_keys(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *paths)
3606 3619
             ngx_log_error(NGX_LOG_ALERT, cf->log, ngx_errno,
3607 3620
                           ngx_close_file_n " \"%V\" failed", &file.name);
3608 3621
         }
3622
+
3623
+        ngx_explicit_memzero(&buf, 80);
3609 3624
     }
3610 3625
 
3611 3626
     if (SSL_CTX_set_ex_data(ssl->ctx, ngx_ssl_session_ticket_keys_index, keys)
@@ -3636,6 +3651,8 @@ failed:
3636 3651
                       ngx_close_file_n " \"%V\" failed", &file.name);
3637 3652
     }
3638 3653
 
3654
+    ngx_explicit_memzero(&buf, 80);
3655
+
3639 3656
     return NGX_ERROR;
3640 3657
 }
3641 3658
 
@@ -3764,6 +3781,16 @@ ngx_ssl_session_ticket_key_callback(ngx_ssl_conn_t *ssl_conn,
3764 3781
     }
3765 3782
 }
3766 3783
 
3784
+
3785
+static void
3786
+ngx_ssl_session_ticket_keys_cleanup(void *data)
3787
+{
3788
+    ngx_array_t  *keys = data;
3789
+
3790
+    ngx_explicit_memzero(keys->elts,
3791
+                         keys->nelts * sizeof(ngx_ssl_session_ticket_key_t));
3792
+}
3793
+
3767 3794
 #else
3768 3795
 
3769 3796
 ngx_int_t

Loading…
Cancel
Save