summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2025-03-06 07:17:45 +0000
committertb <>2025-03-06 07:17:45 +0000
commit7ba73de5bad4e9854b7bc986be7422f1442cf0f0 (patch)
treedf2c2d15eb592c99b1647a2aa8e6635bb7807ccc
parent7cf910209b8c19059d2454d770b7774814cfdc6e (diff)
downloadopenbsd-7ba73de5bad4e9854b7bc986be7422f1442cf0f0.tar.gz
openbsd-7ba73de5bad4e9854b7bc986be7422f1442cf0f0.tar.bz2
openbsd-7ba73de5bad4e9854b7bc986be7422f1442cf0f0.zip
Garbage collect X509V3_section_free()
Historically, X509V3_section_free() could be customized by the conf db method to release memory allocated by X509V3_get_section(). This is no longer supported, so it is always a noop and can be removed. ok jsing
-rw-r--r--src/lib/libcrypto/asn1/asn1_gen.c7
-rw-r--r--src/lib/libcrypto/x509/x509_alt.c3
-rw-r--r--src/lib/libcrypto/x509/x509_conf.c8
-rw-r--r--src/lib/libcrypto/x509/x509_cpols.c4
-rw-r--r--src/lib/libcrypto/x509/x509_crld.c8
-rw-r--r--src/lib/libcrypto/x509/x509_local.h3
6 files changed, 8 insertions, 25 deletions
diff --git a/src/lib/libcrypto/asn1/asn1_gen.c b/src/lib/libcrypto/asn1/asn1_gen.c
index 0b4cfe00a9..f74cf9ae74 100644
--- a/src/lib/libcrypto/asn1/asn1_gen.c
+++ b/src/lib/libcrypto/asn1/asn1_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_gen.c,v 1.24 2024/08/31 10:03:03 tb Exp $ */ 1/* $OpenBSD: asn1_gen.c,v 1.25 2025/03/06 07:17:45 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2002. 3 * project 2002.
4 */ 4 */
@@ -486,10 +486,7 @@ asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
486 486
487 bad: 487 bad:
488 free(der); 488 free(der);
489 if (sk) 489 sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
490 sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
491 if (sect)
492 X509V3_section_free(cnf, sect);
493 490
494 return ret; 491 return ret;
495} 492}
diff --git a/src/lib/libcrypto/x509/x509_alt.c b/src/lib/libcrypto/x509/x509_alt.c
index 8981e4c4fb..e19a49ca86 100644
--- a/src/lib/libcrypto/x509/x509_alt.c
+++ b/src/lib/libcrypto/x509/x509_alt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_alt.c,v 1.17 2024/07/13 15:08:58 tb Exp $ */ 1/* $OpenBSD: x509_alt.c,v 1.18 2025/03/06 07:17:45 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -794,7 +794,6 @@ do_dirname(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx)
794 if (!ret) 794 if (!ret)
795 X509_NAME_free(nm); 795 X509_NAME_free(nm);
796 gen->d.dirn = nm; 796 gen->d.dirn = nm;
797 X509V3_section_free(ctx, sk);
798 797
799 return ret; 798 return ret;
800} 799}
diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c
index 51f92d43e4..1047540a88 100644
--- a/src/lib/libcrypto/x509/x509_conf.c
+++ b/src/lib/libcrypto/x509/x509_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_conf.c,v 1.27 2024/08/31 10:04:50 tb Exp $ */ 1/* $OpenBSD: x509_conf.c,v 1.28 2025/03/06 07:17:45 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -415,12 +415,6 @@ X509V3_get_section(X509V3_CTX *ctx, const char *section)
415} 415}
416 416
417void 417void
418X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
419{
420 return;
421}
422
423void
424X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf) 418X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
425{ 419{
426 ctx->db = conf; 420 ctx->db = conf;
diff --git a/src/lib/libcrypto/x509/x509_cpols.c b/src/lib/libcrypto/x509/x509_cpols.c
index 7a701ea659..a8aa9a3eb6 100644
--- a/src/lib/libcrypto/x509/x509_cpols.c
+++ b/src/lib/libcrypto/x509/x509_cpols.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_cpols.c,v 1.13 2024/07/13 15:08:58 tb Exp $ */ 1/* $OpenBSD: x509_cpols.c,v 1.14 2025/03/06 07:17:45 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -468,7 +468,6 @@ r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
468 goto err; 468 goto err;
469 } 469 }
470 pol = policy_section(ctx, polsect, ia5org); 470 pol = policy_section(ctx, polsect, ia5org);
471 X509V3_section_free(ctx, polsect);
472 if (!pol) 471 if (!pol)
473 goto err; 472 goto err;
474 } else { 473 } else {
@@ -551,7 +550,6 @@ policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org)
551 goto err; 550 goto err;
552 } 551 }
553 qual = notice_section(ctx, unot, ia5org); 552 qual = notice_section(ctx, unot, ia5org);
554 X509V3_section_free(ctx, unot);
555 if (qual == NULL) 553 if (qual == NULL)
556 goto err; 554 goto err;
557 555
diff --git a/src/lib/libcrypto/x509/x509_crld.c b/src/lib/libcrypto/x509/x509_crld.c
index e9252a247a..1510576e83 100644
--- a/src/lib/libcrypto/x509/x509_crld.c
+++ b/src/lib/libcrypto/x509/x509_crld.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_crld.c,v 1.7 2024/07/13 15:08:58 tb Exp $ */ 1/* $OpenBSD: x509_crld.c,v 1.8 2025/03/06 07:17:45 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -133,9 +133,7 @@ gnames_from_sectname(X509V3_CTX *ctx, char *sect)
133 return NULL; 133 return NULL;
134 } 134 }
135 gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); 135 gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
136 if (*sect == '@') 136 if (*sect != '@')
137 X509V3_section_free(ctx, gnsect);
138 else
139 sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free); 137 sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
140 return gens; 138 return gens;
141} 139}
@@ -164,7 +162,6 @@ set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf)
164 return -1; 162 return -1;
165 } 163 }
166 ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); 164 ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
167 X509V3_section_free(ctx, dnsect);
168 rnm = nm->entries; 165 rnm = nm->entries;
169 nm->entries = NULL; 166 nm->entries = NULL;
170 X509_NAME_free(nm); 167 X509_NAME_free(nm);
@@ -337,7 +334,6 @@ v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
337 if (!dpsect) 334 if (!dpsect)
338 goto err; 335 goto err;
339 point = crldp_from_section(ctx, dpsect); 336 point = crldp_from_section(ctx, dpsect);
340 X509V3_section_free(ctx, dpsect);
341 if (!point) 337 if (!point)
342 goto err; 338 goto err;
343 if (!sk_DIST_POINT_push(crld, point)) { 339 if (!sk_DIST_POINT_push(crld, point)) {
diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index 09092f7fdc..f055bb3446 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_local.h,v 1.36 2025/02/21 05:44:28 tb Exp $ */ 1/* $OpenBSD: x509_local.h,v 1.37 2025/03/06 07:17:45 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2013. 3 * project 2013.
4 */ 4 */
@@ -454,7 +454,6 @@ int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool);
454int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint); 454int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint);
455 455
456STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, const char *section); 456STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, const char *section);
457void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
458 457
459const X509V3_EXT_METHOD *x509v3_ext_method_authority_key_identifier(void); 458const X509V3_EXT_METHOD *x509v3_ext_method_authority_key_identifier(void);
460const X509V3_EXT_METHOD *x509v3_ext_method_basic_constraints(void); 459const X509V3_EXT_METHOD *x509v3_ext_method_basic_constraints(void);