mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-02 12:14:38 +02:00
Always keep original x509 pointer with proper refcounts even for self signed trusted CA
This commit is contained in:
Colton Willey
@@ -1102,11 +1102,9 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
|
|||||||
if ((store->owned = wolfSSL_sk_X509_new_null()) == NULL)
|
if ((store->owned = wolfSSL_sk_X509_new_null()) == NULL)
|
||||||
goto err_exit;
|
goto err_exit;
|
||||||
|
|
||||||
#if !defined(WOLFSSL_SIGNER_DER_CERT)
|
|
||||||
if ((store->trusted = wolfSSL_sk_X509_new_null()) == NULL)
|
if ((store->trusted = wolfSSL_sk_X509_new_null()) == NULL)
|
||||||
goto err_exit;
|
goto err_exit;
|
||||||
#endif
|
#endif
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef HAVE_CRL
|
#ifdef HAVE_CRL
|
||||||
store->crl = store->cm->crl;
|
store->crl = store->cm->crl;
|
||||||
@@ -1196,20 +1194,18 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
|
|||||||
}
|
}
|
||||||
#if defined(OPENSSL_EXTRA)
|
#if defined(OPENSSL_EXTRA)
|
||||||
if (store->certs != NULL) {
|
if (store->certs != NULL) {
|
||||||
wolfSSL_sk_X509_free(store->certs);
|
wolfSSL_sk_X509_pop_free(store->certs, wolfSSL_X509_free);
|
||||||
store->certs = NULL;
|
store->certs = NULL;
|
||||||
}
|
}
|
||||||
if (store->owned != NULL) {
|
if (store->owned != NULL) {
|
||||||
wolfSSL_sk_X509_pop_free(store->owned, wolfSSL_X509_free);
|
wolfSSL_sk_X509_pop_free(store->owned, wolfSSL_X509_free);
|
||||||
store->owned = NULL;
|
store->owned = NULL;
|
||||||
}
|
}
|
||||||
#if !defined(WOLFSSL_SIGNER_DER_CERT)
|
|
||||||
if (store->trusted != NULL) {
|
if (store->trusted != NULL) {
|
||||||
wolfSSL_sk_X509_free(store->trusted);
|
wolfSSL_sk_X509_pop_free(store->trusted, wolfSSL_X509_free);
|
||||||
store->trusted = NULL;
|
store->trusted = NULL;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#endif
|
|
||||||
#ifdef OPENSSL_ALL
|
#ifdef OPENSSL_ALL
|
||||||
if (store->objs != NULL) {
|
if (store->objs != NULL) {
|
||||||
X509StoreFreeObjList(store, store->objs);
|
X509StoreFreeObjList(store, store->objs);
|
||||||
@@ -1406,7 +1402,6 @@ int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509)
|
|||||||
* CA=TRUE */
|
* CA=TRUE */
|
||||||
if (wolfSSL_X509_NAME_cmp(&x509->issuer, &x509->subject) == 0) {
|
if (wolfSSL_X509_NAME_cmp(&x509->issuer, &x509->subject) == 0) {
|
||||||
result = X509StoreAddCa(store, x509, WOLFSSL_USER_CA);
|
result = X509StoreAddCa(store, x509, WOLFSSL_USER_CA);
|
||||||
#if !defined(WOLFSSL_SIGNER_DER_CERT)
|
|
||||||
if (result == WOLFSSL_SUCCESS && store->trusted != NULL) {
|
if (result == WOLFSSL_SUCCESS && store->trusted != NULL) {
|
||||||
result = wolfSSL_X509_up_ref(x509);
|
result = wolfSSL_X509_up_ref(x509);
|
||||||
if (result == WOLFSSL_SUCCESS) {
|
if (result == WOLFSSL_SUCCESS) {
|
||||||
@@ -1419,7 +1414,6 @@ int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (store->certs != NULL) {
|
if (store->certs != NULL) {
|
||||||
|
|||||||
Reference in New Issue
Block a user