diff options
| author | schwarze <> | 2021-11-26 13:05:03 +0000 |
|---|---|---|
| committer | schwarze <> | 2021-11-26 13:05:03 +0000 |
| commit | 6928d3654557eab5bb995a6ccafc4aab059a87a6 (patch) | |
| tree | 58639dc8041b9317fa3165ef125e2e5f8f84e116 /src | |
| parent | d8c1a7837c9fecfb84b1f4ed96a36dc642e33977 (diff) | |
| download | openbsd-6928d3654557eab5bb995a6ccafc4aab059a87a6.tar.gz openbsd-6928d3654557eab5bb995a6ccafc4aab059a87a6.tar.bz2 openbsd-6928d3654557eab5bb995a6ccafc4aab059a87a6.zip | |
Simplify the code in X509_get_pubkey_parameters(3)
by using X509_get0_pubkey(3) instead of X509_get_pubkey(3);
no functional change.
OK tb@
This is similar to the relevant part of the follwoing commit
from the OpenSSL 1.1.1 branch, which is still under a free licence,
but without the bug that commit introduced into this function in OpenSSL:
commit c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Mon Dec 14 13:13:32 2015 +0000
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_vfy.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index db2125b48d..93dac74c7b 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_vfy.c,v 1.98 2021/11/24 05:38:12 beck Exp $ */ | 1 | /* $OpenBSD: x509_vfy.c,v 1.99 2021/11/26 13:05:03 schwarze Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2079,17 +2079,15 @@ X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) | |||
| 2079 | return 1; | 2079 | return 1; |
| 2080 | 2080 | ||
| 2081 | for (i = 0; i < sk_X509_num(chain); i++) { | 2081 | for (i = 0; i < sk_X509_num(chain); i++) { |
| 2082 | ktmp = X509_get_pubkey(sk_X509_value(chain, i)); | 2082 | ktmp = X509_get0_pubkey(sk_X509_value(chain, i)); |
| 2083 | if (ktmp == NULL) { | 2083 | if (ktmp == NULL) { |
| 2084 | X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); | 2084 | X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); |
| 2085 | return 0; | 2085 | return 0; |
| 2086 | } | 2086 | } |
| 2087 | if (!EVP_PKEY_missing_parameters(ktmp)) | 2087 | if (!EVP_PKEY_missing_parameters(ktmp)) |
| 2088 | break; | 2088 | break; |
| 2089 | else { | 2089 | else |
| 2090 | EVP_PKEY_free(ktmp); | ||
| 2091 | ktmp = NULL; | 2090 | ktmp = NULL; |
| 2092 | } | ||
| 2093 | } | 2091 | } |
| 2094 | if (ktmp == NULL) { | 2092 | if (ktmp == NULL) { |
| 2095 | X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); | 2093 | X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); |
| @@ -2098,14 +2096,12 @@ X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) | |||
| 2098 | 2096 | ||
| 2099 | /* first, populate the other certs */ | 2097 | /* first, populate the other certs */ |
| 2100 | for (j = i - 1; j >= 0; j--) { | 2098 | for (j = i - 1; j >= 0; j--) { |
| 2101 | ktmp2 = X509_get_pubkey(sk_X509_value(chain, j)); | 2099 | ktmp2 = X509_get0_pubkey(sk_X509_value(chain, j)); |
| 2102 | EVP_PKEY_copy_parameters(ktmp2, ktmp); | 2100 | EVP_PKEY_copy_parameters(ktmp2, ktmp); |
| 2103 | EVP_PKEY_free(ktmp2); | ||
| 2104 | } | 2101 | } |
| 2105 | 2102 | ||
| 2106 | if (pkey != NULL) | 2103 | if (pkey != NULL) |
| 2107 | EVP_PKEY_copy_parameters(pkey, ktmp); | 2104 | EVP_PKEY_copy_parameters(pkey, ktmp); |
| 2108 | EVP_PKEY_free(ktmp); | ||
| 2109 | return 1; | 2105 | return 1; |
| 2110 | } | 2106 | } |
| 2111 | 2107 | ||