diff options
| author | tb <> | 2021-10-31 16:47:27 +0000 |
|---|---|---|
| committer | tb <> | 2021-10-31 16:47:27 +0000 |
| commit | 9088131a0bf4a9930c61b7096992aa4e3fec2959 (patch) | |
| tree | 3c9769bd20746b2b91b2bda913b17dee8a2a1288 /src/usr.bin/openssl/s_server.c | |
| parent | 5975302da7b3560abf4c50749b73f63f7772d1b6 (diff) | |
| download | openbsd-9088131a0bf4a9930c61b7096992aa4e3fec2959.tar.gz openbsd-9088131a0bf4a9930c61b7096992aa4e3fec2959.tar.bz2 openbsd-9088131a0bf4a9930c61b7096992aa4e3fec2959.zip | |
Various minor adjustments to make openssl(1) compile with opaque
structs in X509.
Diffstat (limited to 'src/usr.bin/openssl/s_server.c')
| -rw-r--r-- | src/usr.bin/openssl/s_server.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c index 84fb114292..233b8fdced 100644 --- a/src/usr.bin/openssl/s_server.c +++ b/src/usr.bin/openssl/s_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s_server.c,v 1.52 2021/10/23 14:52:51 tb Exp $ */ | 1 | /* $OpenBSD: s_server.c,v 1.53 2021/10/31 16:47:27 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2337,7 +2337,7 @@ cert_status_cb(SSL *s, void *arg) | |||
| 2337 | STACK_OF(OPENSSL_STRING) *aia = NULL; | 2337 | STACK_OF(OPENSSL_STRING) *aia = NULL; |
| 2338 | X509 *x = NULL; | 2338 | X509 *x = NULL; |
| 2339 | X509_STORE_CTX *inctx = NULL; | 2339 | X509_STORE_CTX *inctx = NULL; |
| 2340 | X509_OBJECT obj; | 2340 | X509_OBJECT *obj = NULL; |
| 2341 | OCSP_REQUEST *req = NULL; | 2341 | OCSP_REQUEST *req = NULL; |
| 2342 | OCSP_RESPONSE *resp = NULL; | 2342 | OCSP_RESPONSE *resp = NULL; |
| 2343 | OCSP_CERTID *id = NULL; | 2343 | OCSP_CERTID *id = NULL; |
| @@ -2378,8 +2378,10 @@ cert_status_cb(SSL *s, void *arg) | |||
| 2378 | SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), | 2378 | SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), |
| 2379 | NULL, NULL)) | 2379 | NULL, NULL)) |
| 2380 | goto err; | 2380 | goto err; |
| 2381 | if ((obj = X509_OBJECT_new()) == NULL) | ||
| 2382 | goto done; | ||
| 2381 | if (X509_STORE_get_by_subject(inctx, X509_LU_X509, | 2383 | if (X509_STORE_get_by_subject(inctx, X509_LU_X509, |
| 2382 | X509_get_issuer_name(x), &obj) <= 0) { | 2384 | X509_get_issuer_name(x), obj) <= 0) { |
| 2383 | BIO_puts(err, | 2385 | BIO_puts(err, |
| 2384 | "cert_status: Can't retrieve issuer certificate.\n"); | 2386 | "cert_status: Can't retrieve issuer certificate.\n"); |
| 2385 | X509_STORE_CTX_cleanup(inctx); | 2387 | X509_STORE_CTX_cleanup(inctx); |
| @@ -2388,8 +2390,9 @@ cert_status_cb(SSL *s, void *arg) | |||
| 2388 | req = OCSP_REQUEST_new(); | 2390 | req = OCSP_REQUEST_new(); |
| 2389 | if (!req) | 2391 | if (!req) |
| 2390 | goto err; | 2392 | goto err; |
| 2391 | id = OCSP_cert_to_id(NULL, x, X509_OBJECT_get0_X509(&obj)); | 2393 | id = OCSP_cert_to_id(NULL, x, X509_OBJECT_get0_X509(obj)); |
| 2392 | X509_OBJECT_free_contents(&obj); | 2394 | X509_OBJECT_free(obj); |
| 2395 | obj = NULL; | ||
| 2393 | X509_STORE_CTX_free(inctx); | 2396 | X509_STORE_CTX_free(inctx); |
| 2394 | inctx = NULL; | 2397 | inctx = NULL; |
| 2395 | if (!id) | 2398 | if (!id) |
| @@ -2421,6 +2424,7 @@ cert_status_cb(SSL *s, void *arg) | |||
| 2421 | ret = SSL_TLSEXT_ERR_OK; | 2424 | ret = SSL_TLSEXT_ERR_OK; |
| 2422 | done: | 2425 | done: |
| 2423 | X509_STORE_CTX_free(inctx); | 2426 | X509_STORE_CTX_free(inctx); |
| 2427 | X509_OBJECT_free(obj); | ||
| 2424 | if (ret != SSL_TLSEXT_ERR_OK) | 2428 | if (ret != SSL_TLSEXT_ERR_OK) |
| 2425 | ERR_print_errors(err); | 2429 | ERR_print_errors(err); |
| 2426 | if (aia) { | 2430 | if (aia) { |