GSTLS.m

rfm Fri, 14 Oct 2016 00:58:57 -0700

Author: rfm
Date: Fri Oct 14 09:57:57 2016
New Revision: 40148

URL: http://svn.gna.org/viewcvs/gnustep?rev=40148&view=rev
Log:
gnutls memory management fixup


Modified:
    libs/base/trunk/ChangeLog
    libs/base/trunk/Source/GSTLS.h
    libs/base/trunk/Source/GSTLS.m

Modified: libs/base/trunk/ChangeLog
URL: 
http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/ChangeLog?rev=40148&r1=40147&r2=40148&view=diff
==============================================================================
--- libs/base/trunk/ChangeLog   (original)
+++ libs/base/trunk/ChangeLog   Fri Oct 14 09:57:57 2016
@@ -1,7 +1,14 @@
+2016-10-14  Richard Frith-Macdonald <[email protected]>
+
+       * Headers/GNUstepBase/GSTLS.h:
+       * Source/GSTLS.m:
+       Fix for double free issues when assigning certificat/key to
+       credentials fails.
+
 2016-10-12  Niels Grewe <[email protected]>
 
-       * Source/NSRegularExpression.m: Fix crashes in libicu due to ignored 
error
-       codes. Also fix a few memory leaks.
+       * Source/NSRegularExpression.m: Fix crashes in libicu due to
+        * ignored error codes. Also fix a few memory leaks.
        * Tests/base/NSRegularExpression/basic.m: Test cases for this.
 
 2016-10-11  Niels Grewe <[email protected]>

Modified: libs/base/trunk/Source/GSTLS.h
URL: 
http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Source/GSTLS.h?rev=40148&r1=40147&r2=40148&view=diff
==============================================================================
--- libs/base/trunk/Source/GSTLS.h      (original)
+++ libs/base/trunk/Source/GSTLS.h      Fri Oct 14 09:57:57 2016
@@ -150,6 +150,7 @@
   GSTLSCertificateList                  *list;
   GSTLSDHParams                         *dhParams;
   BOOL                                  trust;
+  BOOL                                  freeCred;
   gnutls_certificate_credentials_t      certcred;
 }
 + (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca

Modified: libs/base/trunk/Source/GSTLS.m
URL: 
http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Source/GSTLS.m?rev=40148&r1=40147&r2=40148&view=diff
==============================================================================
--- libs/base/trunk/Source/GSTLS.m      (original)
+++ libs/base/trunk/Source/GSTLS.m      Fri Oct 14 09:57:57 2016
@@ -934,6 +934,13 @@
       k->password = [p copy];
       gnutls_x509_privkey_init(&k->key);
 
+#ifdef HAVE_GNUTLS_X509_PRIVKEY_IMPORT2
+      /* This function can read openssl proprietory key format,
+       * and uses the password if supplied.
+       */
+      ret = gnutls_x509_privkey_import2(k->key, &datum,
+        GNUTLS_X509_FMT_PEM, [k->password UTF8String], 0);
+#else
       if (nil == k->password)
         {
           ret = gnutls_x509_privkey_import(k->key, &datum,
@@ -941,15 +948,11 @@
         }
       else
         {
-#         ifdef HAVE_GNUTLS_X509_PRIVKEY_IMPORT2
-          ret = gnutls_x509_privkey_import2(k->key, &datum,
-                                            GNUTLS_X509_FMT_PEM,
-                                            [k->password UTF8String], 0);
-#         else
           ret = gnutls_x509_privkey_import_pkcs8(k->key, &datum,
             GNUTLS_X509_FMT_PEM, [k->password UTF8String], 0);
-#         endif
-        }
+        }
+#endif
+
       if (ret < 0)
         {
           NSLog(@"Unable to parse private key file '%@': %s",
@@ -1095,6 +1098,7 @@
       c->when = [NSDate timeIntervalSinceReferenceDate];
 
       gnutls_certificate_allocate_credentials(&c->certcred);
+      c->freeCred = YES;        // Need to free on dealloc
 
       /* Set the default trusted authority certificates.
        */
@@ -1245,6 +1249,7 @@
             [c->list certificateList], [c->list count], [c->key key]);
           if (ret < 0)
             {
+              c->freeCred = NO; // Already freed
               NSLog(@"Unable to set certificate for session: %s",
                 gnutls_strerror(ret));
               [c release];
@@ -1277,7 +1282,10 @@
 {
   if (nil != name)
     {
-      gnutls_certificate_free_credentials(certcred);
+      if (YES == freeCred)
+        {
+          gnutls_certificate_free_credentials(certcred);
+        }
       DESTROY(key);
       DESTROY(list);
       DESTROY(dhParams);


_______________________________________________
Gnustep-cvs mailing list
[email protected]
https://mail.gna.org/listinfo/gnustep-cvs

[Gnustep-cvs] r40148 - in /libs/base/trunk: ChangeLog Source/GSTLS.h Source/GSTLS.m

Reply via email to