@@ -422,31 +422,42 @@ ngx_http_auth_jwt_create_loc_conf(ngx_conf_t *cf)
422422static ngx_int_t
423423loadAuthKey (ngx_conf_t * cf , ngx_http_auth_jwt_loc_conf_t * conf ) {
424424 FILE * keyFile = fopen ((const char * )conf -> auth_jwt_keyfile_path .data , "rb" );
425+ unsigned long keySize ;
426+ unsigned long keySizeRead ;
425427
426428 // Check if file exists or is correctly opened
427429 if (keyFile == NULL )
428430 {
429- ngx_log_error (NGX_LOG_ERR , cf -> log , 0 , "failed to open pub key file" );
431+ ngx_log_error (NGX_LOG_ERR , cf -> log , 0 , "failed to open public key file" );
430432 return NGX_ERROR ;
431433 }
432434
433435 // Read file length
434436 fseek (keyFile , 0 , SEEK_END );
435- long keySize = ftell (keyFile );
437+ keySize = ftell (keyFile );
436438 fseek (keyFile , 0 , SEEK_SET );
437439
438440 if (keySize == 0 )
439441 {
440- ngx_log_error (NGX_LOG_ERR , cf -> log , 0 , "invalid key file size, check the key file " );
442+ ngx_log_error (NGX_LOG_ERR , cf -> log , 0 , "invalid public key file size of 0 " );
441443 return NGX_ERROR ;
442444 }
443445
444446 conf -> _auth_jwt_keyfile .data = ngx_palloc (cf -> pool , keySize );
445- fread (conf -> _auth_jwt_keyfile .data , 1 , keySize , keyFile );
446- conf -> _auth_jwt_keyfile .len = (int )keySize ;
447-
447+ keySizeRead = fread (conf -> _auth_jwt_keyfile .data , 1 , keySize , keyFile );
448448 fclose (keyFile );
449- return NGX_OK ;
449+
450+ if (keySizeRead == keySize )
451+ {
452+ conf -> _auth_jwt_keyfile .len = (int )keySize ;
453+
454+ return NGX_OK ;
455+ }
456+ else {
457+ ngx_log_error (NGX_LOG_ERR , cf -> log , 0 , "public key size %i does not match expected size of %i" , keySizeRead , keySize );
458+
459+ return NGX_ERROR ;
460+ }
450461}
451462
452463static char *
0 commit comments