1 files changed, 38 insertions, 66 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index b8b9bc2390..2cfb615878 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -117,7 +117,6 @@
 #if defined(WIN32)
 #include <windows.h>
-#include <tchar.h>
 #endif
 #ifdef NeXT
@@ -130,7 +129,6 @@
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
 #include "ssl_locl.h"
-#include <openssl/fips.h>
 int SSL_get_ex_data_X509_STORE_CTX_idx(void)
        {
@@ -544,12 +542,12 @@ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *name_list)
        set_client_CA_list(&(ctx->client_CA),name_list);
        }
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
        {
        return(ctx->client_CA);
        }
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
        {
        if (s->type == SSL_ST_CONNECT)
                { /* we are in the client */
@@ -785,54 +783,36 @@ err:
 #else /* OPENSSL_SYS_WIN32 */
-#if defined(_WIN32_WCE)
-# ifndef UNICODE
-#  error "WinCE comes in UNICODE flavor only..."
-# endif
-# if _WIN32_WCE<101 && !defined(OPENSSL_NO_MULTIBYTE)
-#  define OPENSSL_NO_MULTIBYTE
-# endif
-# ifndef  FindFirstFile
-#  define FindFirstFile FindFirstFileW
-# endif
-# ifndef  FindNextFile
-#  define FindNextFile FindNextFileW
-# endif
-#endif
 int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                                       const char *dir)
        {
        WIN32_FIND_DATA FindFileData;
        HANDLE hFind;
-        int    ret = 0;
+        int ret = 0;
-        TCHAR *wdir = NULL;
+#ifdef OPENSSL_SYS_WINCE
-        size_t i,len_0 = strlen(dir)+1; /* len_0 accounts for trailing 0 */
+        WCHAR* wdir = NULL;
-        char   buf[1024],*slash;
+#endif
-        if (len_0 > (sizeof(buf)-14))   /* 14 is just some value... */
-                {
-                SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
-                return ret;
-                }
        CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
+        
-        if (sizeof(TCHAR) != sizeof(char))
+#ifdef OPENSSL_SYS_WINCE
-                {
+        /* convert strings to UNICODE */
-                wdir = (TCHAR *)malloc(len_0*sizeof(TCHAR));
+        {
+                BOOL result = FALSE;
+                int i;
+                wdir = malloc((strlen(dir)+1)*2);
                if (wdir == NULL)
                        goto err_noclose;
-#ifndef OPENSSL_NO_MULTIBYTE
+                for (i=0; i<(int)strlen(dir)+1; i++)
-                if (!MultiByteToWideChar(CP_ACP,0,dir,len_0,
+                        wdir[i] = (short)dir[i];
-                                        (WCHAR *)wdir,len_0))
+        }
 #endif
-                        for (i=0;i<len_0;i++) wdir[i]=(TCHAR)dir[i];
-                hFind = FindFirstFile(wdir, &FindFileData);
-                }
-        else    hFind = FindFirstFile((const TCHAR *)dir, &FindFileData);
+#ifdef OPENSSL_SYS_WINCE
+        hFind = FindFirstFile(wdir, &FindFileData);
+#else
+        hFind = FindFirstFile(dir, &FindFileData);
+#endif
        /* Note that a side effect is that the CAs will be sorted by name */
        if(hFind == INVALID_HANDLE_VALUE)
                {
@@ -841,34 +821,25 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
                goto err_noclose;
                }
+        
-        strncpy(buf,dir,sizeof(buf));   /* strcpy is safe too... */
+        do 
-        buf[len_0-1]='/';               /* no trailing zero!     */
+                {
-        slash=buf+len_0;
+                char buf[1024];
+                int r;
-        do      {
+                
-                const TCHAR *fnam=FindFileData.cFileName;
+#ifdef OPENSSL_SYS_WINCE
-                size_t flen_0=_tcslen(fnam)+1;
+                if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf)
+#else
-                if (flen_0 > (sizeof(buf)-len_0))
+                if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf)
+#endif
                        {
                        SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
                        goto err;
                        }
-                /* else strcpy would be safe too... */
+                
+                r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,FindFileData.cFileName);
-                if (sizeof(TCHAR) != sizeof(char))
+                if (r <= 0 || r >= sizeof buf)
-                        {
+                        goto err;
-#ifndef OPENSSL_NO_MULTIBYTE
-                        if (!WideCharToMultiByte(CP_ACP,0,
-                                                (WCHAR *)fnam,flen_0,
-                                                slash,sizeof(buf)-len_0,
-                                                NULL,0))
-#endif
-                                for (i=0;i<flen_0;i++) slash[i]=(char)fnam[i];
-                        }
-                else    strncpy(slash,(const char *)fnam,sizeof(buf)-len_0);
                if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
                        goto err;
                }
@@ -878,9 +849,10 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
 err:    
        FindClose(hFind);
 err_noclose:
+#ifdef OPENSSL_SYS_WINCE
        if (wdir != NULL)
                free(wdir);
+#endif
        CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
        return ret;
        }

diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index b8b9bc2390..2cfb615878 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c
@@ -117,7 +117,6 @@
117		117
118	#if defined(WIN32)	118	#if defined(WIN32)
119	#include <windows.h>	119	#include <windows.h>
120	#include <tchar.h>
121	#endif	120	#endif
122		121
123	#ifdef NeXT	122	#ifdef NeXT
@@ -130,7 +129,6 @@
130	#include <openssl/pem.h>	129	#include <openssl/pem.h>
131	#include <openssl/x509v3.h>	130	#include <openssl/x509v3.h>
132	#include "ssl_locl.h"	131	#include "ssl_locl.h"
133	#include <openssl/fips.h>
134		132
135	int SSL_get_ex_data_X509_STORE_CTX_idx(void)	133	int SSL_get_ex_data_X509_STORE_CTX_idx(void)
136	{	134	{
@@ -544,12 +542,12 @@ void SSL_CTX_set_client_CA_list(SSL_CTX ctx,STACK_OF(X509_NAME) name_list)
544	set_client_CA_list(&(ctx->client_CA),name_list);	542	set_client_CA_list(&(ctx->client_CA),name_list);
545	}	543	}
546		544
547	STACK_OF(X509_NAME) SSL_CTX_get_client_CA_list(const SSL_CTX ctx)	545	STACK_OF(X509_NAME) SSL_CTX_get_client_CA_list(SSL_CTX ctx)
548	{	546	{
549	return(ctx->client_CA);	547	return(ctx->client_CA);
550	}	548	}
551		549
552	STACK_OF(X509_NAME) SSL_get_client_CA_list(const SSL s)	550	STACK_OF(X509_NAME) SSL_get_client_CA_list(SSL s)
553	{	551	{
554	if (s->type == SSL_ST_CONNECT)	552	if (s->type == SSL_ST_CONNECT)
555	{ /* we are in the client */	553	{ /* we are in the client */
@@ -785,54 +783,36 @@ err:
785		783
786	#else /* OPENSSL_SYS_WIN32 */	784	#else /* OPENSSL_SYS_WIN32 */
787		785
788	#if defined(_WIN32_WCE)
789	# ifndef UNICODE
790	# error "WinCE comes in UNICODE flavor only..."
791	# endif
792	# if _WIN32_WCE<101 && !defined(OPENSSL_NO_MULTIBYTE)
793	# define OPENSSL_NO_MULTIBYTE
794	# endif
795	# ifndef FindFirstFile
796	# define FindFirstFile FindFirstFileW
797	# endif
798	# ifndef FindNextFile
799	# define FindNextFile FindNextFileW
800	# endif
801	#endif
802
803	int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,	786	int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
804	const char *dir)	787	const char *dir)
805	{	788	{
806	WIN32_FIND_DATA FindFileData;	789	WIN32_FIND_DATA FindFileData;
807	HANDLE hFind;	790	HANDLE hFind;
808	int ret = 0;	791	int ret = 0;
809	TCHAR *wdir = NULL;	792	#ifdef OPENSSL_SYS_WINCE
810	size_t i,len_0 = strlen(dir)+1; /* len_0 accounts for trailing 0 */	793	WCHAR* wdir = NULL;
811	char buf[1024],*slash;	794	#endif
812
813	if (len_0 > (sizeof(buf)-14)) /* 14 is just some value... */
814	{
815	SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
816	return ret;
817	}
818		795
819	CRYPTO_w_lock(CRYPTO_LOCK_READDIR);	796	CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
820		797
821	if (sizeof(TCHAR) != sizeof(char))	798	#ifdef OPENSSL_SYS_WINCE
822	{	799	/* convert strings to UNICODE */
823	wdir = (TCHAR )malloc(len_0sizeof(TCHAR));	800	{
		801	BOOL result = FALSE;
		802	int i;
		803	wdir = malloc((strlen(dir)+1)*2);
824	if (wdir == NULL)	804	if (wdir == NULL)
825	goto err_noclose;	805	goto err_noclose;
826	#ifndef OPENSSL_NO_MULTIBYTE	806	for (i=0; i<(int)strlen(dir)+1; i++)
827	if (!MultiByteToWideChar(CP_ACP,0,dir,len_0,	807	wdir[i] = (short)dir[i];
828	(WCHAR *)wdir,len_0))	808	}
829	#endif	809	#endif
830	for (i=0;i<len_0;i++) wdir[i]=(TCHAR)dir[i];
831
832	hFind = FindFirstFile(wdir, &FindFileData);
833	}
834	else hFind = FindFirstFile((const TCHAR *)dir, &FindFileData);
835		810
		811	#ifdef OPENSSL_SYS_WINCE
		812	hFind = FindFirstFile(wdir, &FindFileData);
		813	#else
		814	hFind = FindFirstFile(dir, &FindFileData);
		815	#endif
836	/* Note that a side effect is that the CAs will be sorted by name */	816	/* Note that a side effect is that the CAs will be sorted by name */
837	if(hFind == INVALID_HANDLE_VALUE)	817	if(hFind == INVALID_HANDLE_VALUE)
838	{	818	{
@@ -841,34 +821,25 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
841	SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);	821	SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
842	goto err_noclose;	822	goto err_noclose;
843	}	823	}
844		824
845	strncpy(buf,dir,sizeof(buf)); /* strcpy is safe too... */	825	do
846	buf[len_0-1]='/'; /* no trailing zero! */	826	{
847	slash=buf+len_0;	827	char buf[1024];
848		828	int r;
849	do {	829
850	const TCHAR *fnam=FindFileData.cFileName;	830	#ifdef OPENSSL_SYS_WINCE
851	size_t flen_0=_tcslen(fnam)+1;	831	if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf)
852		832	#else
853	if (flen_0 > (sizeof(buf)-len_0))	833	if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf)
		834	#endif
854	{	835	{
855	SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);	836	SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
856	goto err;	837	goto err;
857	}	838	}
858	/* else strcpy would be safe too... */	839
859		840	r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,FindFileData.cFileName);
860	if (sizeof(TCHAR) != sizeof(char))	841	if (r <= 0 \|\| r >= sizeof buf)
861	{	842	goto err;
862	#ifndef OPENSSL_NO_MULTIBYTE
863	if (!WideCharToMultiByte(CP_ACP,0,
864	(WCHAR *)fnam,flen_0,
865	slash,sizeof(buf)-len_0,
866	NULL,0))
867	#endif
868	for (i=0;i<flen_0;i++) slash[i]=(char)fnam[i];
869	}
870	else strncpy(slash,(const char *)fnam,sizeof(buf)-len_0);
871
872	if(!SSL_add_file_cert_subjects_to_stack(stack,buf))	843	if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
873	goto err;	844	goto err;
874	}	845	}
@@ -878,9 +849,10 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
878	err:	849	err:
879	FindClose(hFind);	850	FindClose(hFind);
880	err_noclose:	851	err_noclose:
		852	#ifdef OPENSSL_SYS_WINCE
881	if (wdir != NULL)	853	if (wdir != NULL)
882	free(wdir);	854	free(wdir);
883		855	#endif
884	CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);	856	CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
885	return ret;	857	return ret;
886	}	858	}