summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto')
-rw-r--r--src/lib/libcrypto/x509/by_dir.c67
1 files changed, 28 insertions, 39 deletions
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index 0ff60644f5..fa05f552f9 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: by_dir.c,v 1.40 2021/11/01 20:53:08 tb Exp $ */ 1/* $OpenBSD: by_dir.c,v 1.41 2021/11/10 14:34:21 schwarze Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -68,7 +68,6 @@
68#include <openssl/opensslconf.h> 68#include <openssl/opensslconf.h>
69 69
70#include <openssl/err.h> 70#include <openssl/err.h>
71#include <openssl/lhash.h>
72#include <openssl/x509.h> 71#include <openssl/x509.h>
73 72
74#include "x509_lcl.h" 73#include "x509_lcl.h"
@@ -116,7 +115,7 @@ static X509_LOOKUP_METHOD x509_dir_lookup = {
116X509_LOOKUP_METHOD * 115X509_LOOKUP_METHOD *
117X509_LOOKUP_hash_dir(void) 116X509_LOOKUP_hash_dir(void)
118{ 117{
119 return (&x509_dir_lookup); 118 return &x509_dir_lookup;
120} 119}
121 120
122static int 121static int
@@ -140,7 +139,7 @@ dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
140 ret = add_cert_dir(ld, argp, (int)argl); 139 ret = add_cert_dir(ld, argp, (int)argl);
141 break; 140 break;
142 } 141 }
143 return (ret); 142 return ret;
144} 143}
145 144
146static int 145static int
@@ -148,15 +147,18 @@ new_dir(X509_LOOKUP *lu)
148{ 147{
149 BY_DIR *a; 148 BY_DIR *a;
150 149
151 if ((a = malloc(sizeof(BY_DIR))) == NULL) 150 if ((a = malloc(sizeof(*a))) == NULL) {
152 return (0); 151 X509error(ERR_R_MALLOC_FAILURE);
152 return 0;
153 }
153 if ((a->buffer = BUF_MEM_new()) == NULL) { 154 if ((a->buffer = BUF_MEM_new()) == NULL) {
155 X509error(ERR_R_MALLOC_FAILURE);
154 free(a); 156 free(a);
155 return (0); 157 return 0;
156 } 158 }
157 a->dirs = NULL; 159 a->dirs = NULL;
158 lu->method_data = (char *)a; 160 lu->method_data = (char *)a;
159 return (1); 161 return 1;
160} 162}
161 163
162static void 164static void
@@ -180,8 +182,7 @@ static void
180by_dir_entry_free(BY_DIR_ENTRY *ent) 182by_dir_entry_free(BY_DIR_ENTRY *ent)
181{ 183{
182 free(ent->dir); 184 free(ent->dir);
183 if (ent->hashes) 185 sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
184 sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
185 free(ent); 186 free(ent);
186} 187}
187 188
@@ -191,10 +192,8 @@ free_dir(X509_LOOKUP *lu)
191 BY_DIR *a; 192 BY_DIR *a;
192 193
193 a = (BY_DIR *)lu->method_data; 194 a = (BY_DIR *)lu->method_data;
194 if (a->dirs != NULL) 195 sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
195 sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); 196 BUF_MEM_free(a->buffer);
196 if (a->buffer != NULL)
197 BUF_MEM_free(a->buffer);
198 free(a); 197 free(a);
199} 198}
200 199
@@ -215,6 +214,7 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
215 do { 214 do {
216 if ((*p == ':') || (*p == '\0')) { 215 if ((*p == ':') || (*p == '\0')) {
217 BY_DIR_ENTRY *ent; 216 BY_DIR_ENTRY *ent;
217
218 ss = s; 218 ss = s;
219 s = p + 1; 219 s = p + 1;
220 len = p - ss; 220 len = p - ss;
@@ -230,20 +230,20 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
230 continue; 230 continue;
231 if (ctx->dirs == NULL) { 231 if (ctx->dirs == NULL) {
232 ctx->dirs = sk_BY_DIR_ENTRY_new_null(); 232 ctx->dirs = sk_BY_DIR_ENTRY_new_null();
233 if (!ctx->dirs) { 233 if (ctx->dirs == NULL) {
234 X509error(ERR_R_MALLOC_FAILURE); 234 X509error(ERR_R_MALLOC_FAILURE);
235 return 0; 235 return 0;
236 } 236 }
237 } 237 }
238 ent = malloc(sizeof(BY_DIR_ENTRY)); 238 ent = malloc(sizeof(*ent));
239 if (!ent) { 239 if (ent == NULL) {
240 X509error(ERR_R_MALLOC_FAILURE); 240 X509error(ERR_R_MALLOC_FAILURE);
241 return 0; 241 return 0;
242 } 242 }
243 ent->dir_type = type; 243 ent->dir_type = type;
244 ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); 244 ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
245 ent->dir = strndup(ss, (size_t)len); 245 ent->dir = strndup(ss, (size_t)len);
246 if (!ent->dir || !ent->hashes) { 246 if (ent->dir == NULL || ent->hashes == NULL) {
247 X509error(ERR_R_MALLOC_FAILURE); 247 X509error(ERR_R_MALLOC_FAILURE);
248 by_dir_entry_free(ent); 248 by_dir_entry_free(ent);
249 return 0; 249 return 0;
@@ -281,7 +281,7 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
281 const char *postfix=""; 281 const char *postfix="";
282 282
283 if (name == NULL) 283 if (name == NULL)
284 return (0); 284 return 0;
285 285
286 stmp.type = type; 286 stmp.type = type;
287 if (type == X509_LU_X509) { 287 if (type == X509_LU_X509) {
@@ -311,6 +311,7 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
311 BY_DIR_ENTRY *ent; 311 BY_DIR_ENTRY *ent;
312 int idx; 312 int idx;
313 BY_DIR_HASH htmp, *hent; 313 BY_DIR_HASH htmp, *hent;
314
314 ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); 315 ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
315 j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1; 316 j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
316 if (!BUF_MEM_grow(b, j)) { 317 if (!BUF_MEM_grow(b, j)) {
@@ -359,10 +360,7 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
359 /* we have added it to the cache so now pull it out again */ 360 /* we have added it to the cache so now pull it out again */
360 CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); 361 CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
361 j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp); 362 j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
362 if (j != -1) 363 tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
363 tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
364 else
365 tmp = NULL;
366 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); 364 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
367 365
368 /* If a CRL, update the last file suffix added for this */ 366 /* If a CRL, update the last file suffix added for this */
@@ -372,16 +370,14 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
372 * Look for entry again in case another thread added 370 * Look for entry again in case another thread added
373 * an entry first. 371 * an entry first.
374 */ 372 */
375 if (!hent) { 373 if (hent == NULL) {
376 htmp.hash = h; 374 htmp.hash = h;
377 idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); 375 idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
378 if (idx >= 0) 376 hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
379 hent = sk_BY_DIR_HASH_value(
380 ent->hashes, idx);
381 } 377 }
382 if (!hent) { 378 if (hent == NULL) {
383 hent = malloc(sizeof(BY_DIR_HASH)); 379 hent = malloc(sizeof(*hent));
384 if (!hent) { 380 if (hent == NULL) {
385 X509error(ERR_R_MALLOC_FAILURE); 381 X509error(ERR_R_MALLOC_FAILURE);
386 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); 382 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
387 ok = 0; 383 ok = 0;
@@ -407,17 +403,10 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
407 ok = 1; 403 ok = 1;
408 ret->type = tmp->type; 404 ret->type = tmp->type;
409 memcpy(&ret->data, &tmp->data, sizeof(ret->data)); 405 memcpy(&ret->data, &tmp->data, sizeof(ret->data));
410 /*
411 * If we were going to up the reference count,
412 * we would need to do it on a perl 'type' basis
413 */
414 /* CRYPTO_add(&tmp->data.x509->references,1,
415 CRYPTO_LOCK_X509);*/
416 goto finish; 406 goto finish;
417 } 407 }
418 } 408 }
419finish: 409finish:
420 if (b != NULL) 410 BUF_MEM_free(b);
421 BUF_MEM_free(b); 411 return ok;
422 return (ok);
423} 412}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-28 20:24:56 +0000