mirror of
https://github.com/nginx/nginx.git
synced 2024-12-23 15:40:03 -06:00
SSL: SSL_CTX_set_tmp_dh() error handling.
For example, it can fail due to weak DH parameters.
This commit is contained in:
parent
15769c3918
commit
02bd43d05b
@ -1376,7 +1376,13 @@ ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file)
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
SSL_CTX_set_tmp_dh(ssl->ctx, dh);
|
||||
if (SSL_CTX_set_tmp_dh(ssl->ctx, dh) != 1) {
|
||||
ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
|
||||
"SSL_CTX_set_tmp_dh(\"%s\") failed", file->data);
|
||||
DH_free(dh);
|
||||
BIO_free(bio);
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
DH_free(dh);
|
||||
BIO_free(bio);
|
||||
|
Loading…
Reference in New Issue
Block a user