SSL: return temporary RSA key only when the key length matches.

This change is mostly cosmetic, because in practice this callback is used only for 512-bit RSA keys. Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
author: Piotr Sikora <piotr@cloudflare.com> 2014-07-06 16:41:13 -0700
committer: Piotr Sikora <piotr@cloudflare.com> 2014-07-06 16:41:13 -0700
commit: bd058b9d2400fec147ed9717101af114eaf364ec (patch)
tree: 82c087ab98f25a374df71558054cedc62688c19a /src
parent: f0e05f3d89315c0513ab01573e822bee0e31dcc4 (diff)
download: nginx-bd058b9d2400fec147ed9717101af114eaf364ec.tar.gz
nginx-bd058b9d2400fec147ed9717101af114eaf364ec.tar.bz2
1 files changed, 6 insertions, 4 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 50691ade7..46934b2f6 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -652,10 +652,12 @@ ngx_ssl_rsa512_key_callback(ngx_ssl_conn_t *ssl_conn, int is_export,
 {
     static RSA  *key;
 
-    if (key_length == 512) {
-        if (key == NULL) {
-            key = RSA_generate_key(512, RSA_F4, NULL, NULL);
-        }
+    if (key_length != 512) {
+        return NULL;
+    }
+
+    if (key == NULL) {
+        key = RSA_generate_key(512, RSA_F4, NULL, NULL);
     }
 
     return key;
author	Piotr Sikora <piotr@cloudflare.com>	2014-07-06 16:41:13 -0700
committer	Piotr Sikora <piotr@cloudflare.com>	2014-07-06 16:41:13 -0700
commit	bd058b9d2400fec147ed9717101af114eaf364ec (patch)
tree	82c087ab98f25a374df71558054cedc62688c19a /src
parent	f0e05f3d89315c0513ab01573e822bee0e31dcc4 (diff)
download	nginx-bd058b9d2400fec147ed9717101af114eaf364ec.tar.gz nginx-bd058b9d2400fec147ed9717101af114eaf364ec.tar.bz2