SSL: return temporary RSA key only when the key length matches.
This change is mostly cosmetic, because in practice this callback
is used only for 512-bit RSA keys.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 50691ad..46934b2 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -652,10 +652,12 @@
{
static RSA *key;
- if (key_length == 512) {
- if (key == NULL) {
- key = RSA_generate_key(512, RSA_F4, NULL, NULL);
- }
+ if (key_length != 512) {
+ return NULL;
+ }
+
+ if (key == NULL) {
+ key = RSA_generate_key(512, RSA_F4, NULL, NULL);
}
return key;
