wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Code review fixes.

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2021-08-09 17:19:54 +02:00
parent 72f1d0adac
commit 6a5f40d698
4 changed files with 22 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/internal.c
View File

@@ -2195,8 +2195,11 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
ctx->x509_store.objs = NULL; ctx->x509_store.objs = NULL;
} }
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \
defined(WOLFSSL_WPAS_SMALL)
wolfSSL_X509_STORE_free(ctx->x509_store_pt); wolfSSL_X509_STORE_free(ctx->x509_store_pt);
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
wolfSSL_sk_X509_NAME_pop_free(ctx->ca_names, NULL); wolfSSL_sk_X509_NAME_pop_free(ctx->ca_names, NULL);
ctx->ca_names = NULL; ctx->ca_names = NULL;
#endif #endif
@@ -10297,7 +10300,7 @@ static void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nam
XSTRNCPY(name->name, dCert->subject, ASN_NAME_MAX); XSTRNCPY(name->name, dCert->subject, ASN_NAME_MAX);
name->name[ASN_NAME_MAX - 1] = '\0'; name->name[ASN_NAME_MAX - 1] = '\0';
name->sz = (int)XSTRLEN(name->name) + 1; name->sz = (int)XSTRLEN(name->name) + 1;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
name->rawLen = min(dCert->subjectRawLen, ASN_NAME_MAX); name->rawLen = min(dCert->subjectRawLen, ASN_NAME_MAX);
XMEMCPY(name->raw, dCert->subjectRaw, name->rawLen); XMEMCPY(name->raw, dCert->subjectRaw, name->rawLen);
#endif #endif
@@ -10306,7 +10309,8 @@ static void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nam
XSTRNCPY(name->name, dCert->issuer, ASN_NAME_MAX); XSTRNCPY(name->name, dCert->issuer, ASN_NAME_MAX);
name->name[ASN_NAME_MAX - 1] = '\0'; name->name[ASN_NAME_MAX - 1] = '\0';
name->sz = (int)XSTRLEN(name->name) + 1; name->sz = (int)XSTRLEN(name->name) + 1;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)) && defined(WOLFSSL_CERT_EXT) #if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) \
&& (defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
name->rawLen = min(dCert->issuerRawLen, ASN_NAME_MAX); name->rawLen = min(dCert->issuerRawLen, ASN_NAME_MAX);
if (name->rawLen) { if (name->rawLen) {
XMEMCPY(name->raw, dCert->issuerRaw, name->rawLen); XMEMCPY(name->raw, dCert->issuerRaw, name->rawLen);
@@ -23055,6 +23059,7 @@ exit_dpk:
if (wolfSSL_sk_X509_NAME_push(ssl->ca_names, name) if (wolfSSL_sk_X509_NAME_push(ssl->ca_names, name)
== WOLFSSL_FAILURE) { == WOLFSSL_FAILURE) {
FreeDecodedCert(&cert); FreeDecodedCert(&cert);
wolfSSL_X509_NAME_free(name);
return MEMORY_ERROR; return MEMORY_ERROR;
} }

16
src/ssl.c
View File

@@ -16203,7 +16203,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return SSL_CA_NAMES(ssl); return SSL_CA_NAMES(ssl);
} }
#if !defined(NO_RSA) && !defined(NO_CERTS) #if !defined(NO_CERTS)
int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509) int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509)
{ {
WOLFSSL_X509_NAME *nameCopy = NULL; WOLFSSL_X509_NAME *nameCopy = NULL;
@@ -16326,7 +16326,7 @@ cleanup:
} }
#endif #endif
#endif /* !NO_BIO */ #endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || HAVE_WEBSERVER */ #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
@@ -19156,10 +19156,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
if ((ssl == NULL) || (ssl->session.chain.count == 0)) if ((ssl == NULL) || (ssl->session.chain.count == 0))
return NULL; return NULL;
if (ssl->peerCertChain == NULL) sk = wolfSSL_sk_X509_new();
sk = wolfSSL_sk_X509_new();
else /* Try to re-use old chain if available */
sk = ssl->peerCertChain;
i = ssl->session.chain.count-1; i = ssl->session.chain.count-1;
for (; i >= 0; i--) { for (; i >= 0; i--) {
x509 = wolfSSL_X509_new(); x509 = wolfSSL_X509_new();
@@ -19199,6 +19196,8 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
wolfSSL_sk_X509_shift(sk); wolfSSL_sk_X509_shift(sk);
} }
#endif #endif
if (ssl->peerCertChain != NULL)
wolfSSL_sk_X509_free(ssl->peerCertChain);
/* This is Free'd when ssl is Free'd */ /* This is Free'd when ssl is Free'd */
ssl->peerCertChain = sk; ssl->peerCertChain = sk;
return sk; return sk;
@@ -58242,7 +58241,8 @@ int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer,
* START OF X509_STORE APIs * START OF X509_STORE APIs
******************************************************************************/ ******************************************************************************/
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \
defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void) WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
{ {
WOLFSSL_X509_STORE* store = NULL; WOLFSSL_X509_STORE* store = NULL;
@@ -58435,7 +58435,7 @@ int wolfSSL_X509_STORE_set_ex_data_with_cleanup(
#endif /* HAVE_EX_DATA_CLEANUP_HOOKS */ #endif /* HAVE_EX_DATA_CLEANUP_HOOKS */
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER || WOLFSSL_WPAS_SMALL */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA

3
wolfcrypt/src/asn.c
View File

@@ -6543,7 +6543,8 @@ int GetName(DecodedCert* cert, int nameType, int maxIdx)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY) !defined(WOLFCRYPT_ONLY)
if (nameType == ISSUER) { if (nameType == ISSUER) {
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)) && defined(WOLFSSL_CERT_EXT) #if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) && \
(defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
dName->rawLen = min(cert->issuerRawLen, ASN_NAME_MAX); dName->rawLen = min(cert->issuerRawLen, ASN_NAME_MAX);
XMEMCPY(dName->raw, cert->issuerRaw, dName->rawLen); XMEMCPY(dName->raw, cert->issuerRaw, dName->rawLen);
#endif #endif

6
wolfssl/ssl.h
View File

@@ -561,7 +561,8 @@ struct WOLFSSL_X509_STORE {
int cache; /* stunnel dereference */ int cache; /* stunnel dereference */
WOLFSSL_CERT_MANAGER* cm; WOLFSSL_CERT_MANAGER* cm;
WOLFSSL_X509_LOOKUP lookup; WOLFSSL_X509_LOOKUP lookup;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \
defined(WOLFSSL_WPAS_SMALL)
int isDynamic; int isDynamic;
WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */
#endif #endif
@@ -574,7 +575,8 @@ struct WOLFSSL_X509_STORE {
#ifdef HAVE_EX_DATA #ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data; WOLFSSL_CRYPTO_EX_DATA ex_data;
#endif #endif
#ifdef HAVE_CRL #if (defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \
defined(WOLFSSL_WPAS_SMALL)) && defined(HAVE_CRL)
WOLFSSL_X509_CRL *crl; /* points to cm->crl */ WOLFSSL_X509_CRL *crl; /* points to cm->crl */
#endif #endif
#ifndef SINGLE_THREADED #ifndef SINGLE_THREADED