diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-06-02 15:58:14 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-06-02 16:03:03 +0200 |
| commit | ad2794930fa93d53d6f6aff945935c3db9c64a5f (patch) | |
| tree | 4ef8a0507d3bf66af5a933b78384256420c22013 /lib | |
| parent | 51747a93243bd928c68f138febf55f4c7c3bf1bb (diff) | |
| download | gnutls-ad2794930fa93d53d6f6aff945935c3db9c64a5f.tar.gz | |
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Part2: made gnutls_x509_crt_get_subject() and gnutls_x509_crt_get_issuer()
return a constant value and avoid leaks.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/x509/common.h | 4 | ||||
| -rw-r--r-- | lib/x509/x509.c | 22 | ||||
| -rw-r--r-- | lib/x509/x509_int.h | 9 |
3 files changed, 23 insertions, 12 deletions
diff --git a/lib/x509/common.h b/lib/x509/common.h index bbb8b12f7a..3250276f3d 100644 --- a/lib/x509/common.h +++ b/lib/x509/common.h @@ -74,10 +74,6 @@ #define ASN1_NULL "\x05\x00" #define ASN1_NULL_SIZE 2 -typedef struct gnutls_x509_dn_st { - ASN1_TYPE asn; -} gnutls_x509_dn_st; - int _gnutls_x509_set_time(ASN1_TYPE c2, const char *where, time_t tim, int general); diff --git a/lib/x509/x509.c b/lib/x509/x509.c index af109015ab..b16f56cad7 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -2289,15 +2289,21 @@ int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert, gnutls_datum_t * dn) } static int -get_dn(gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t * dn) +get_dn(gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t * dn, unsigned subject) { - *dn = gnutls_calloc(1, sizeof(gnutls_x509_dn_st)); - if (*dn == NULL) - return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); + gnutls_x509_dn_st *store; + + if (subject) + store = &cert->dn; + else + store = &cert->idn; - (*dn)->asn = asn1_find_node(cert->cert, whom); - if (!(*dn)->asn) + store->asn = asn1_find_node(cert->cert, whom); + if (!store->asn) return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND; + + *dn = store; + return 0; } @@ -2318,7 +2324,7 @@ get_dn(gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t * dn) int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn) { - return get_dn(cert, "tbsCertificate.subject.rdnSequence", dn); + return get_dn(cert, "tbsCertificate.subject.rdnSequence", dn, 1); } /** @@ -2338,7 +2344,7 @@ gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn) int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn) { - return get_dn(cert, "tbsCertificate.issuer.rdnSequence", dn); + return get_dn(cert, "tbsCertificate.issuer.rdnSequence", dn, 0); } /** diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h index d904848ef9..bf7b20fbfa 100644 --- a/lib/x509/x509_int.h +++ b/lib/x509/x509_int.h @@ -61,6 +61,10 @@ typedef struct gnutls_x509_crl_int { gnutls_datum_t raw_issuer_dn; } gnutls_x509_crl_int; +typedef struct gnutls_x509_dn_st { + ASN1_TYPE asn; +} gnutls_x509_dn_st; + typedef struct gnutls_x509_crt_int { ASN1_TYPE cert; int use_extensions; @@ -74,6 +78,11 @@ typedef struct gnutls_x509_crt_int { gnutls_datum_t der; struct pin_info_st pin; + + /* backwards compatibility for gnutls_x509_crt_get_subject() + * and gnutls_x509_crt_get_issuer() */ + gnutls_x509_dn_st dn; + gnutls_x509_dn_st idn; } gnutls_x509_crt_int; typedef struct gnutls_x509_crq_int { |