diff options
| author | jsing <> | 2014-04-15 17:24:25 +0000 |
|---|---|---|
| committer | jsing <> | 2014-04-15 17:24:25 +0000 |
| commit | 38d2a9c7ea9a14075bd1776e52b92232fae3d6d8 (patch) | |
| tree | dae53bcdf3b21ee61081268fa287e81ea8dad726 /src/lib/libcrypto/x509/by_dir.c | |
| parent | 94d2da095c9806d45b2591eded4d26e5ca5cc18e (diff) | |
| download | openbsd-38d2a9c7ea9a14075bd1776e52b92232fae3d6d8.tar.gz openbsd-38d2a9c7ea9a14075bd1776e52b92232fae3d6d8.tar.bz2 openbsd-38d2a9c7ea9a14075bd1776e52b92232fae3d6d8.zip | |
First pass at applying KNF to the OpenSSL code, which almost makes it
readable. This pass is whitespace only and can readily be verified using
tr and md5.
Diffstat (limited to 'src/lib/libcrypto/x509/by_dir.c')
| -rw-r--r-- | src/lib/libcrypto/x509/by_dir.c | 418 |
1 files changed, 193 insertions, 225 deletions
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c index f9d55c4e6d..b5512895a1 100644 --- a/src/lib/libcrypto/x509/by_dir.c +++ b/src/lib/libcrypto/x509/by_dir.c | |||
| @@ -73,37 +73,34 @@ | |||
| 73 | #include <openssl/x509.h> | 73 | #include <openssl/x509.h> |
| 74 | 74 | ||
| 75 | 75 | ||
| 76 | typedef struct lookup_dir_hashes_st | 76 | typedef struct lookup_dir_hashes_st { |
| 77 | { | ||
| 78 | unsigned long hash; | 77 | unsigned long hash; |
| 79 | int suffix; | 78 | int suffix; |
| 80 | } BY_DIR_HASH; | 79 | } BY_DIR_HASH; |
| 81 | 80 | ||
| 82 | typedef struct lookup_dir_entry_st | 81 | typedef struct lookup_dir_entry_st { |
| 83 | { | ||
| 84 | char *dir; | 82 | char *dir; |
| 85 | int dir_type; | 83 | int dir_type; |
| 86 | STACK_OF(BY_DIR_HASH) *hashes; | 84 | STACK_OF(BY_DIR_HASH) *hashes; |
| 87 | } BY_DIR_ENTRY; | 85 | } BY_DIR_ENTRY; |
| 88 | 86 | ||
| 89 | typedef struct lookup_dir_st | 87 | typedef struct lookup_dir_st { |
| 90 | { | ||
| 91 | BUF_MEM *buffer; | 88 | BUF_MEM *buffer; |
| 92 | STACK_OF(BY_DIR_ENTRY) *dirs; | 89 | STACK_OF(BY_DIR_ENTRY) *dirs; |
| 93 | } BY_DIR; | 90 | } BY_DIR; |
| 94 | 91 | ||
| 95 | DECLARE_STACK_OF(BY_DIR_HASH) | 92 | DECLARE_STACK_OF(BY_DIR_HASH) |
| 96 | DECLARE_STACK_OF(BY_DIR_ENTRY) | 93 | DECLARE_STACK_OF(BY_DIR_ENTRY) |
| 97 | 94 | ||
| 98 | static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | 95 | static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, |
| 99 | char **ret); | 96 | char **ret); |
| 100 | static int new_dir(X509_LOOKUP *lu); | 97 | static int new_dir(X509_LOOKUP *lu); |
| 101 | static void free_dir(X509_LOOKUP *lu); | 98 | static void free_dir(X509_LOOKUP *lu); |
| 102 | static int add_cert_dir(BY_DIR *ctx,const char *dir,int type); | 99 | static int add_cert_dir(BY_DIR *ctx, const char *dir, int type); |
| 103 | static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, | 100 | static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, |
| 104 | X509_OBJECT *ret); | 101 | X509_OBJECT *ret); |
| 105 | X509_LOOKUP_METHOD x509_dir_lookup= | 102 | |
| 106 | { | 103 | X509_LOOKUP_METHOD x509_dir_lookup = { |
| 107 | "Load certs from files in a directory", | 104 | "Load certs from files in a directory", |
| 108 | new_dir, /* new */ | 105 | new_dir, /* new */ |
| 109 | free_dir, /* free */ | 106 | free_dir, /* free */ |
| @@ -114,254 +111,237 @@ X509_LOOKUP_METHOD x509_dir_lookup= | |||
| 114 | NULL, /* get_by_issuer_serial */ | 111 | NULL, /* get_by_issuer_serial */ |
| 115 | NULL, /* get_by_fingerprint */ | 112 | NULL, /* get_by_fingerprint */ |
| 116 | NULL, /* get_by_alias */ | 113 | NULL, /* get_by_alias */ |
| 117 | }; | 114 | }; |
| 118 | 115 | ||
| 119 | X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) | 116 | X509_LOOKUP_METHOD |
| 120 | { | 117 | *X509_LOOKUP_hash_dir(void) |
| 121 | return(&x509_dir_lookup); | 118 | { |
| 122 | } | 119 | return (&x509_dir_lookup); |
| 123 | 120 | } | |
| 124 | static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | 121 | |
| 125 | char **retp) | 122 | static int |
| 126 | { | 123 | dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, |
| 127 | int ret=0; | 124 | char **retp) |
| 125 | { | ||
| 126 | int ret = 0; | ||
| 128 | BY_DIR *ld; | 127 | BY_DIR *ld; |
| 129 | char *dir = NULL; | 128 | char *dir = NULL; |
| 130 | 129 | ||
| 131 | ld=(BY_DIR *)ctx->method_data; | 130 | ld = (BY_DIR *)ctx->method_data; |
| 132 | 131 | ||
| 133 | switch (cmd) | 132 | switch (cmd) { |
| 134 | { | ||
| 135 | case X509_L_ADD_DIR: | 133 | case X509_L_ADD_DIR: |
| 136 | if (argl == X509_FILETYPE_DEFAULT) | 134 | if (argl == X509_FILETYPE_DEFAULT) { |
| 137 | { | 135 | dir = (char *)getenv(X509_get_default_cert_dir_env()); |
| 138 | dir=(char *)getenv(X509_get_default_cert_dir_env()); | ||
| 139 | if (dir) | 136 | if (dir) |
| 140 | ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); | 137 | ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM); |
| 141 | else | 138 | else |
| 142 | ret=add_cert_dir(ld,X509_get_default_cert_dir(), | 139 | ret = add_cert_dir(ld, X509_get_default_cert_dir(), |
| 143 | X509_FILETYPE_PEM); | 140 | X509_FILETYPE_PEM); |
| 144 | if (!ret) | 141 | if (!ret) { |
| 145 | { | 142 | X509err(X509_F_DIR_CTRL, X509_R_LOADING_CERT_DIR); |
| 146 | X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); | ||
| 147 | } | ||
| 148 | } | 143 | } |
| 149 | else | 144 | } else |
| 150 | ret=add_cert_dir(ld,argp,(int)argl); | 145 | ret = add_cert_dir(ld, argp,(int)argl); |
| 151 | break; | 146 | break; |
| 152 | } | ||
| 153 | return(ret); | ||
| 154 | } | 147 | } |
| 148 | return (ret); | ||
| 149 | } | ||
| 155 | 150 | ||
| 156 | static int new_dir(X509_LOOKUP *lu) | 151 | static int |
| 157 | { | 152 | new_dir(X509_LOOKUP *lu) |
| 153 | { | ||
| 158 | BY_DIR *a; | 154 | BY_DIR *a; |
| 159 | 155 | ||
| 160 | if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) | 156 | if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) |
| 161 | return(0); | 157 | return (0); |
| 162 | if ((a->buffer=BUF_MEM_new()) == NULL) | 158 | if ((a->buffer = BUF_MEM_new()) == NULL) { |
| 163 | { | ||
| 164 | OPENSSL_free(a); | 159 | OPENSSL_free(a); |
| 165 | return(0); | 160 | return (0); |
| 166 | } | ||
| 167 | a->dirs=NULL; | ||
| 168 | lu->method_data=(char *)a; | ||
| 169 | return(1); | ||
| 170 | } | 161 | } |
| 171 | 162 | a->dirs = NULL; | |
| 172 | static void by_dir_hash_free(BY_DIR_HASH *hash) | 163 | lu->method_data = (char *)a; |
| 173 | { | 164 | return (1); |
| 165 | } | ||
| 166 | |||
| 167 | static void | ||
| 168 | by_dir_hash_free(BY_DIR_HASH *hash) | ||
| 169 | { | ||
| 174 | OPENSSL_free(hash); | 170 | OPENSSL_free(hash); |
| 175 | } | 171 | } |
| 176 | 172 | ||
| 177 | static int by_dir_hash_cmp(const BY_DIR_HASH * const *a, | 173 | static int |
| 178 | const BY_DIR_HASH * const *b) | 174 | by_dir_hash_cmp(const BY_DIR_HASH * const *a, |
| 179 | { | 175 | const BY_DIR_HASH * const *b) |
| 176 | { | ||
| 180 | if ((*a)->hash > (*b)->hash) | 177 | if ((*a)->hash > (*b)->hash) |
| 181 | return 1; | 178 | return 1; |
| 182 | if ((*a)->hash < (*b)->hash) | 179 | if ((*a)->hash < (*b)->hash) |
| 183 | return -1; | 180 | return -1; |
| 184 | return 0; | 181 | return 0; |
| 185 | } | 182 | } |
| 186 | 183 | ||
| 187 | static void by_dir_entry_free(BY_DIR_ENTRY *ent) | 184 | static void |
| 188 | { | 185 | by_dir_entry_free(BY_DIR_ENTRY *ent) |
| 186 | { | ||
| 189 | if (ent->dir) | 187 | if (ent->dir) |
| 190 | OPENSSL_free(ent->dir); | 188 | OPENSSL_free(ent->dir); |
| 191 | if (ent->hashes) | 189 | if (ent->hashes) |
| 192 | sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free); | 190 | sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free); |
| 193 | OPENSSL_free(ent); | 191 | OPENSSL_free(ent); |
| 194 | } | 192 | } |
| 195 | 193 | ||
| 196 | static void free_dir(X509_LOOKUP *lu) | 194 | static void |
| 197 | { | 195 | free_dir(X509_LOOKUP *lu) |
| 196 | { | ||
| 198 | BY_DIR *a; | 197 | BY_DIR *a; |
| 199 | 198 | ||
| 200 | a=(BY_DIR *)lu->method_data; | 199 | a = (BY_DIR *)lu->method_data; |
| 201 | if (a->dirs != NULL) | 200 | if (a->dirs != NULL) |
| 202 | sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); | 201 | sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); |
| 203 | if (a->buffer != NULL) | 202 | if (a->buffer != NULL) |
| 204 | BUF_MEM_free(a->buffer); | 203 | BUF_MEM_free(a->buffer); |
| 205 | OPENSSL_free(a); | 204 | OPENSSL_free(a); |
| 205 | } | ||
| 206 | |||
| 207 | static int | ||
| 208 | add_cert_dir(BY_DIR *ctx, const char *dir, int type) | ||
| 209 | { | ||
| 210 | int j, len; | ||
| 211 | const char *s, *ss, *p; | ||
| 212 | |||
| 213 | if (dir == NULL || !*dir) { | ||
| 214 | X509err(X509_F_ADD_CERT_DIR, X509_R_INVALID_DIRECTORY); | ||
| 215 | return 0; | ||
| 206 | } | 216 | } |
| 207 | 217 | ||
| 208 | static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) | 218 | s = dir; |
| 209 | { | 219 | p = s; |
| 210 | int j,len; | 220 | do { |
| 211 | const char *s,*ss,*p; | 221 | if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) { |
| 212 | |||
| 213 | if (dir == NULL || !*dir) | ||
| 214 | { | ||
| 215 | X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY); | ||
| 216 | return 0; | ||
| 217 | } | ||
| 218 | |||
| 219 | s=dir; | ||
| 220 | p=s; | ||
| 221 | do | ||
| 222 | { | ||
| 223 | if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) | ||
| 224 | { | ||
| 225 | BY_DIR_ENTRY *ent; | 222 | BY_DIR_ENTRY *ent; |
| 226 | ss=s; | 223 | ss = s; |
| 227 | s=p+1; | 224 | s = p + 1; |
| 228 | len=(int)(p-ss); | 225 | len = (int)(p - ss); |
| 229 | if (len == 0) continue; | 226 | if (len == 0) |
| 230 | for (j=0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) | 227 | continue; |
| 231 | { | 228 | for (j = 0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) { |
| 232 | ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j); | 229 | ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j); |
| 233 | if (strlen(ent->dir) == (size_t)len && | 230 | if (strlen(ent->dir) == (size_t)len && |
| 234 | strncmp(ent->dir,ss,(unsigned int)len) == 0) | 231 | strncmp(ent->dir, ss, |
| 232 | (unsigned int)len) == 0) | ||
| 235 | break; | 233 | break; |
| 236 | } | 234 | } |
| 237 | if (j < sk_BY_DIR_ENTRY_num(ctx->dirs)) | 235 | if (j < sk_BY_DIR_ENTRY_num(ctx->dirs)) |
| 238 | continue; | 236 | continue; |
| 239 | if (ctx->dirs == NULL) | 237 | if (ctx->dirs == NULL) { |
| 240 | { | ||
| 241 | ctx->dirs = sk_BY_DIR_ENTRY_new_null(); | 238 | ctx->dirs = sk_BY_DIR_ENTRY_new_null(); |
| 242 | if (!ctx->dirs) | 239 | if (!ctx->dirs) { |
| 243 | { | 240 | X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE); |
| 244 | X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE); | ||
| 245 | return 0; | 241 | return 0; |
| 246 | } | ||
| 247 | } | 242 | } |
| 243 | } | ||
| 248 | ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY)); | 244 | ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY)); |
| 249 | if (!ent) | 245 | if (!ent) |
| 250 | return 0; | 246 | return 0; |
| 251 | ent->dir_type = type; | 247 | ent->dir_type = type; |
| 252 | ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); | 248 | ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); |
| 253 | ent->dir = OPENSSL_malloc((unsigned int)len+1); | 249 | ent->dir = OPENSSL_malloc((unsigned int)len + 1); |
| 254 | if (!ent->dir || !ent->hashes) | 250 | if (!ent->dir || !ent->hashes) { |
| 255 | { | ||
| 256 | by_dir_entry_free(ent); | 251 | by_dir_entry_free(ent); |
| 257 | return 0; | 252 | return 0; |
| 258 | } | 253 | } |
| 259 | strncpy(ent->dir,ss,(unsigned int)len); | 254 | strncpy(ent->dir, ss,(unsigned int)len); |
| 260 | ent->dir[len] = '\0'; | 255 | ent->dir[len] = '\0'; |
| 261 | if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) | 256 | if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) { |
| 262 | { | ||
| 263 | by_dir_entry_free(ent); | 257 | by_dir_entry_free(ent); |
| 264 | return 0; | 258 | return 0; |
| 265 | } | ||
| 266 | } | 259 | } |
| 267 | } while (*p++ != '\0'); | 260 | } |
| 261 | } while (*p++ != '\0'); | ||
| 268 | return 1; | 262 | return 1; |
| 269 | } | 263 | } |
| 270 | 264 | ||
| 271 | static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, | 265 | static int |
| 272 | X509_OBJECT *ret) | 266 | get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, |
| 273 | { | 267 | X509_OBJECT *ret) |
| 268 | { | ||
| 274 | BY_DIR *ctx; | 269 | BY_DIR *ctx; |
| 275 | union { | 270 | union { |
| 276 | struct { | 271 | struct { |
| 277 | X509 st_x509; | 272 | X509 st_x509; |
| 278 | X509_CINF st_x509_cinf; | 273 | X509_CINF st_x509_cinf; |
| 279 | } x509; | 274 | } x509; |
| 280 | struct { | 275 | struct { |
| 281 | X509_CRL st_crl; | 276 | X509_CRL st_crl; |
| 282 | X509_CRL_INFO st_crl_info; | 277 | X509_CRL_INFO st_crl_info; |
| 283 | } crl; | 278 | } crl; |
| 284 | } data; | 279 | } data; |
| 285 | int ok=0; | 280 | int ok = 0; |
| 286 | int i,j,k; | 281 | int i, j, k; |
| 287 | unsigned long h; | 282 | unsigned long h; |
| 288 | BUF_MEM *b=NULL; | 283 | BUF_MEM *b = NULL; |
| 289 | X509_OBJECT stmp,*tmp; | 284 | X509_OBJECT stmp, *tmp; |
| 290 | const char *postfix=""; | 285 | const char *postfix=""; |
| 291 | 286 | ||
| 292 | if (name == NULL) return(0); | 287 | if (name == NULL) |
| 288 | return (0); | ||
| 293 | 289 | ||
| 294 | stmp.type=type; | 290 | stmp.type = type; |
| 295 | if (type == X509_LU_X509) | 291 | if (type == X509_LU_X509) { |
| 296 | { | 292 | data.x509.st_x509.cert_info = &data.x509.st_x509_cinf; |
| 297 | data.x509.st_x509.cert_info= &data.x509.st_x509_cinf; | 293 | data.x509.st_x509_cinf.subject = name; |
| 298 | data.x509.st_x509_cinf.subject=name; | 294 | stmp.data.x509 = &data.x509.st_x509; |
| 299 | stmp.data.x509= &data.x509.st_x509; | ||
| 300 | postfix=""; | 295 | postfix=""; |
| 301 | } | 296 | } else if (type == X509_LU_CRL) { |
| 302 | else if (type == X509_LU_CRL) | 297 | data.crl.st_crl.crl = &data.crl.st_crl_info; |
| 303 | { | 298 | data.crl.st_crl_info.issuer = name; |
| 304 | data.crl.st_crl.crl= &data.crl.st_crl_info; | 299 | stmp.data.crl = &data.crl.st_crl; |
| 305 | data.crl.st_crl_info.issuer=name; | ||
| 306 | stmp.data.crl= &data.crl.st_crl; | ||
| 307 | postfix="r"; | 300 | postfix="r"; |
| 308 | } | 301 | } else { |
| 309 | else | 302 | X509err(X509_F_GET_CERT_BY_SUBJECT, X509_R_WRONG_LOOKUP_TYPE); |
| 310 | { | ||
| 311 | X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE); | ||
| 312 | goto finish; | 303 | goto finish; |
| 313 | } | 304 | } |
| 314 | 305 | ||
| 315 | if ((b=BUF_MEM_new()) == NULL) | 306 | if ((b = BUF_MEM_new()) == NULL) { |
| 316 | { | 307 | X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_BUF_LIB); |
| 317 | X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB); | ||
| 318 | goto finish; | 308 | goto finish; |
| 319 | } | 309 | } |
| 320 | 310 | ||
| 321 | ctx=(BY_DIR *)xl->method_data; | 311 | ctx = (BY_DIR *)xl->method_data; |
| 322 | 312 | ||
| 323 | h=X509_NAME_hash(name); | 313 | h = X509_NAME_hash(name); |
| 324 | for (i=0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) | 314 | for (i = 0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) { |
| 325 | { | ||
| 326 | BY_DIR_ENTRY *ent; | 315 | BY_DIR_ENTRY *ent; |
| 327 | int idx; | 316 | int idx; |
| 328 | BY_DIR_HASH htmp, *hent; | 317 | BY_DIR_HASH htmp, *hent; |
| 329 | ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); | 318 | ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); |
| 330 | j=strlen(ent->dir)+1+8+6+1+1; | 319 | j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1; |
| 331 | if (!BUF_MEM_grow(b,j)) | 320 | if (!BUF_MEM_grow(b, j)) { |
| 332 | { | 321 | X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE); |
| 333 | X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE); | ||
| 334 | goto finish; | 322 | goto finish; |
| 335 | } | 323 | } |
| 336 | if (type == X509_LU_CRL && ent->hashes) | 324 | if (type == X509_LU_CRL && ent->hashes) { |
| 337 | { | ||
| 338 | htmp.hash = h; | 325 | htmp.hash = h; |
| 339 | CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); | 326 | CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); |
| 340 | idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); | 327 | idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); |
| 341 | if (idx >= 0) | 328 | if (idx >= 0) { |
| 342 | { | ||
| 343 | hent = sk_BY_DIR_HASH_value(ent->hashes, idx); | 329 | hent = sk_BY_DIR_HASH_value(ent->hashes, idx); |
| 344 | k = hent->suffix; | 330 | k = hent->suffix; |
| 345 | } | 331 | } else { |
| 346 | else | ||
| 347 | { | ||
| 348 | hent = NULL; | 332 | hent = NULL; |
| 349 | k=0; | 333 | k = 0; |
| 350 | } | ||
| 351 | CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); | ||
| 352 | } | 334 | } |
| 353 | else | 335 | CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); |
| 354 | { | 336 | } else { |
| 355 | k = 0; | 337 | k = 0; |
| 356 | hent = NULL; | 338 | hent = NULL; |
| 357 | } | 339 | } |
| 358 | for (;;) | 340 | for (;;) { |
| 359 | { | ||
| 360 | char c = '/'; | 341 | char c = '/'; |
| 361 | #ifdef OPENSSL_SYS_VMS | 342 | #ifdef OPENSSL_SYS_VMS |
| 362 | c = ent->dir[strlen(ent->dir)-1]; | 343 | c = ent->dir[strlen(ent->dir) - 1]; |
| 363 | if (c != ':' && c != '>' && c != ']') | 344 | if (c != ':' && c != '>' && c != ']') { |
| 364 | { | ||
| 365 | /* If no separator is present, we assume the | 345 | /* If no separator is present, we assume the |
| 366 | directory specifier is a logical name, and | 346 | directory specifier is a logical name, and |
| 367 | add a colon. We really should use better | 347 | add a colon. We really should use better |
| @@ -369,112 +349,100 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, | |||
| 369 | but this will do for now... | 349 | but this will do for now... |
| 370 | -- Richard Levitte */ | 350 | -- Richard Levitte */ |
| 371 | c = ':'; | 351 | c = ':'; |
| 372 | } | 352 | } else { |
| 373 | else | ||
| 374 | { | ||
| 375 | c = '\0'; | 353 | c = '\0'; |
| 376 | } | 354 | } |
| 377 | #endif | 355 | #endif |
| 378 | if (c == '\0') | 356 | if (c == '\0') { |
| 379 | { | ||
| 380 | /* This is special. When c == '\0', no | 357 | /* This is special. When c == '\0', no |
| 381 | directory separator should be added. */ | 358 | directory separator should be added. */ |
| 382 | (void) snprintf(b->data,b->max, | 359 | (void) snprintf(b->data, b->max, |
| 383 | "%s%08lx.%s%d",ent->dir,h, | 360 | "%s%08lx.%s%d", ent->dir, h, |
| 384 | postfix,k); | 361 | postfix, k); |
| 385 | } | 362 | } else { |
| 386 | else | 363 | (void) snprintf(b->data, b->max, |
| 387 | { | 364 | "%s%c%08lx.%s%d", ent->dir, c, h, |
| 388 | (void) snprintf(b->data,b->max, | 365 | postfix, k); |
| 389 | "%s%c%08lx.%s%d",ent->dir,c,h, | 366 | } |
| 390 | postfix,k); | ||
| 391 | } | ||
| 392 | #ifndef OPENSSL_NO_POSIX_IO | 367 | #ifndef OPENSSL_NO_POSIX_IO |
| 393 | #ifdef _WIN32 | 368 | #ifdef _WIN32 |
| 394 | #define stat _stat | 369 | #define stat _stat |
| 395 | #endif | 370 | #endif |
| 396 | { | 371 | { |
| 397 | struct stat st; | 372 | struct stat st; |
| 398 | if (stat(b->data,&st) < 0) | 373 | if (stat(b->data, &st) < 0) |
| 399 | break; | 374 | break; |
| 400 | } | 375 | } |
| 401 | #endif | 376 | #endif |
| 402 | /* found one. */ | 377 | /* found one. */ |
| 403 | if (type == X509_LU_X509) | 378 | if (type == X509_LU_X509) { |
| 404 | { | 379 | if ((X509_load_cert_file(xl, b->data, |
| 405 | if ((X509_load_cert_file(xl,b->data, | ||
| 406 | ent->dir_type)) == 0) | 380 | ent->dir_type)) == 0) |
| 407 | break; | 381 | break; |
| 408 | } | 382 | } else if (type == X509_LU_CRL) { |
| 409 | else if (type == X509_LU_CRL) | 383 | if ((X509_load_crl_file(xl, b->data, |
| 410 | { | ||
| 411 | if ((X509_load_crl_file(xl,b->data, | ||
| 412 | ent->dir_type)) == 0) | 384 | ent->dir_type)) == 0) |
| 413 | break; | 385 | break; |
| 414 | } | 386 | } |
| 415 | /* else case will caught higher up */ | 387 | /* else case will caught higher up */ |
| 416 | k++; | 388 | k++; |
| 417 | } | 389 | } |
| 418 | 390 | ||
| 419 | /* we have added it to the cache so now pull | 391 | /* we have added it to the cache so now pull |
| 420 | * it out again */ | 392 | * it out again */ |
| 421 | CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); | 393 | CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); |
| 422 | j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp); | 394 | j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp); |
| 423 | if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j); | 395 | if (j != -1) |
| 424 | else tmp = NULL; | 396 | tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j); |
| 397 | else tmp = NULL; | ||
| 425 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); | 398 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); |
| 426 | 399 | ||
| 427 | 400 | ||
| 428 | /* If a CRL, update the last file suffix added for this */ | 401 | /* If a CRL, update the last file suffix added for this */ |
| 429 | 402 | ||
| 430 | if (type == X509_LU_CRL) | 403 | if (type == X509_LU_CRL) { |
| 431 | { | ||
| 432 | CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); | 404 | CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); |
| 433 | /* Look for entry again in case another thread added | 405 | /* Look for entry again in case another thread added |
| 434 | * an entry first. | 406 | * an entry first. |
| 435 | */ | 407 | */ |
| 436 | if (!hent) | 408 | if (!hent) { |
| 437 | { | ||
| 438 | htmp.hash = h; | 409 | htmp.hash = h; |
| 439 | idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); | 410 | idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); |
| 440 | if (idx >= 0) | 411 | if (idx >= 0) |
| 441 | hent = | 412 | hent = sk_BY_DIR_HASH_value( |
| 442 | sk_BY_DIR_HASH_value(ent->hashes, idx); | 413 | ent->hashes, idx); |
| 443 | } | 414 | } |
| 444 | if (!hent) | 415 | if (!hent) { |
| 445 | { | ||
| 446 | hent = OPENSSL_malloc(sizeof(BY_DIR_HASH)); | 416 | hent = OPENSSL_malloc(sizeof(BY_DIR_HASH)); |
| 447 | hent->hash = h; | 417 | hent->hash = h; |
| 448 | hent->suffix = k; | 418 | hent->suffix = k; |
| 449 | if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) | 419 | if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { |
| 450 | { | ||
| 451 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); | 420 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); |
| 452 | OPENSSL_free(hent); | 421 | OPENSSL_free(hent); |
| 453 | ok = 0; | 422 | ok = 0; |
| 454 | goto finish; | 423 | goto finish; |
| 455 | } | ||
| 456 | } | 424 | } |
| 457 | else if (hent->suffix < k) | 425 | } else if (hent->suffix < k) |
| 458 | hent->suffix = k; | 426 | hent->suffix = k; |
| 459 | 427 | ||
| 460 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); | 428 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); |
| 461 | 429 | ||
| 462 | } | 430 | } |
| 463 | 431 | ||
| 464 | if (tmp != NULL) | 432 | if (tmp != NULL) { |
| 465 | { | 433 | ok = 1; |
| 466 | ok=1; | 434 | ret->type = tmp->type; |
| 467 | ret->type=tmp->type; | 435 | memcpy(&ret->data, &tmp->data, sizeof(ret->data)); |
| 468 | memcpy(&ret->data,&tmp->data,sizeof(ret->data)); | ||
| 469 | /* If we were going to up the reference count, | 436 | /* If we were going to up the reference count, |
| 470 | * we would need to do it on a perl 'type' | 437 | * we would need to do it on a perl 'type' |
| 471 | * basis */ | 438 | * basis */ |
| 472 | /* CRYPTO_add(&tmp->data.x509->references,1, | 439 | /* CRYPTO_add(&tmp->data.x509->references,1, |
| 473 | CRYPTO_LOCK_X509);*/ | 440 | CRYPTO_LOCK_X509);*/ |
| 474 | goto finish; | 441 | goto finish; |
| 475 | } | ||
| 476 | } | 442 | } |
| 477 | finish: | ||
| 478 | if (b != NULL) BUF_MEM_free(b); | ||
| 479 | return(ok); | ||
| 480 | } | 443 | } |
| 444 | finish: | ||
| 445 | if (b != NULL) | ||
| 446 | BUF_MEM_free(b); | ||
| 447 | return (ok); | ||
| 448 | } | ||