forked from wolfSSL/wolfssl
Fix for building with SESSION_CERTS
using pointer after free. Documented store->discardSessionCerts
.
This commit is contained in:
@ -8620,14 +8620,6 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
|
|||||||
wolfSSL_sk_X509_free(store->chain);
|
wolfSSL_sk_X509_free(store->chain);
|
||||||
store->chain = NULL;
|
store->chain = NULL;
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
|
||||||
XFREE(domain, ssl->heap, DYNAMIC_TYPE_STRING);
|
|
||||||
#ifdef OPENSSL_EXTRA
|
|
||||||
XFREE(x509, ssl->heap, DYNAMIC_TYPE_X509);
|
|
||||||
#endif
|
|
||||||
XFREE(store, ssl->heap, DYNAMIC_TYPE_X509_STORE);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef SESSION_CERTS
|
#ifdef SESSION_CERTS
|
||||||
if (store->discardSessionCerts) {
|
if (store->discardSessionCerts) {
|
||||||
WOLFSSL_MSG("Verify callback requested discard sess certs");
|
WOLFSSL_MSG("Verify callback requested discard sess certs");
|
||||||
@ -8637,6 +8629,13 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
#endif /* SESSION_CERTS */
|
#endif /* SESSION_CERTS */
|
||||||
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
|
XFREE(domain, ssl->heap, DYNAMIC_TYPE_STRING);
|
||||||
|
#ifdef OPENSSL_EXTRA
|
||||||
|
XFREE(x509, ssl->heap, DYNAMIC_TYPE_X509);
|
||||||
|
#endif
|
||||||
|
XFREE(store, ssl->heap, DYNAMIC_TYPE_X509_STORE);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
|
@ -1471,6 +1471,8 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
|
|||||||
* store->store: WOLFSSL_X509_STORE with CA cert chain
|
* store->store: WOLFSSL_X509_STORE with CA cert chain
|
||||||
* store->store->cm: WOLFSSL_CERT_MANAGER
|
* store->store->cm: WOLFSSL_CERT_MANAGER
|
||||||
* store->ex_data: The WOLFSSL object pointer
|
* store->ex_data: The WOLFSSL object pointer
|
||||||
|
* store->discardSessionCerts: When set to non-zero value session certs
|
||||||
|
will be discarded (only with SESSION_CERTS)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
printf("In verification callback, error = %d, %s\n", store->error,
|
printf("In verification callback, error = %d, %s\n", store->error,
|
||||||
|
Reference in New Issue
Block a user