SSL: free pkey on SSL_CTX_set0_tmp_dh_pkey() failure. The behaviour was changed in OpenSSL 3.0.1: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=bf17b7b

commit: d550bc0eebc55079157fe2574bfdb0104d29225d [log] [tgz]
author: Sergey Kandaurov <pluknet@nginx.com> Mon Jan 17 17:05:12 2022 +0300
committer: Sergey Kandaurov <pluknet@nginx.com> Mon Jan 17 17:05:12 2022 +0300
tree: e8ebdec7baf835bdf8af72b6f9403abfea94ea7a
parent: 9ba1985c9c91e07e968508f8fba6a092c556e327 [diff]
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 33977af..daa28ff 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c

@@ -1383,6 +1383,9 @@
     if (SSL_CTX_set0_tmp_dh_pkey(ssl->ctx, dh) != 1) {
         ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
                       "SSL_CTX_set0_tmp_dh_pkey(\%s\") failed", file->data);
+#if (OPENSSL_VERSION_NUMBER >= 0x3000001fL)
+        EVP_PKEY_free(dh);
+#endif
         BIO_free(bio);
         return NGX_ERROR;
     }
commit	d550bc0eebc55079157fe2574bfdb0104d29225d	[log] [tgz]
author	Sergey Kandaurov <pluknet@nginx.com>	Mon Jan 17 17:05:12 2022 +0300
committer	Sergey Kandaurov <pluknet@nginx.com>	Mon Jan 17 17:05:12 2022 +0300
tree	e8ebdec7baf835bdf8af72b6f9403abfea94ea7a
parent	9ba1985c9c91e07e968508f8fba6a092c556e327 [diff]