SSL: separate checks for errors in ngx_ssl_read_password_file(). Checking multiple errors at once is a bad practice, as in general it is not guaranteed that an object can be used after the error. In this particular case, checking errors after multiple allocations can result in excessive errors being logged when there is no memory available.

commit: 98bca89a08a60c6767d909aa2c330851c75c9f82 [log] [tgz]
author: Maxim Dounin <mdounin@mdounin.ru> Thu Jan 31 19:36:51 2019 +0300
committer: Maxim Dounin <mdounin@mdounin.ru> Thu Jan 31 19:36:51 2019 +0300
tree: da45cc084cba06dd2afa994a2de7458c7d99944c
parent: f6125c7ce156f95d3aa91bcb66d1c674ffdc32db [diff]
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 7002059..aa5ccdd 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c

@@ -947,10 +947,13 @@
         return NULL;
     }
 
-    cln = ngx_pool_cleanup_add(cf->temp_pool, 0);
     passwords = ngx_array_create(cf->temp_pool, 4, sizeof(ngx_str_t));
+    if (passwords == NULL) {
+        return NULL;
+    }
 
-    if (cln == NULL || passwords == NULL) {
+    cln = ngx_pool_cleanup_add(cf->temp_pool, 0);
+    if (cln == NULL) {
         return NULL;
     }
commit	98bca89a08a60c6767d909aa2c330851c75c9f82	[log] [tgz]
author	Maxim Dounin <mdounin@mdounin.ru>	Thu Jan 31 19:36:51 2019 +0300
committer	Maxim Dounin <mdounin@mdounin.ru>	Thu Jan 31 19:36:51 2019 +0300
tree	da45cc084cba06dd2afa994a2de7458c7d99944c
parent	f6125c7ce156f95d3aa91bcb66d1c674ffdc32db [diff]