The branch OpenSSL_1_0_1-stable has been updated
via 737d57d0725551e473d4da176c3c431f1f9d36df (commit)
from b5dbbebbc226181585760c8caa1ce8990acab2e7 (commit)
- Log -
commit 737d57d0725551e473d4da176c3c431f1f9d36df
Author: Viktor Dukhovni
Date: Fri Jan 1 00:51:12 2016 -0500
Fix X509_STORE_CTX_cleanup()
Reviewed-by: Dr. Stephen Henson
---
Summary of changes:
apps/pkcs12.c | 42 --
crypto/ts/ts_rsp_verify.c | 3 ++-
crypto/x509/x509_vfy.c| 39 ---
crypto/x509/x509_vfy.h| 2 +-
4 files changed, 43 insertions(+), 43 deletions(-)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index e41b445..cbb75b7 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -79,7 +79,8 @@ const EVP_CIPHER *enc;
# define CLCERTS 0x8
# define CACERTS 0x10
-int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
+static int get_cert_chain(X509 *cert, X509_STORE *store,
+ STACK_OF(X509) **chain);
int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen,
int options, char *pempass);
int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
@@ -594,7 +595,7 @@ int MAIN(int argc, char **argv)
vret = get_cert_chain(ucert, store, );
X509_STORE_free(store);
-if (!vret) {
+if (vret == X509_V_OK) {
/* Exclude verified certificate */
for (i = 1; i < sk_X509_num(chain2); i++)
sk_X509_push(certs, sk_X509_value(chain2, i));
@@ -602,7 +603,7 @@ int MAIN(int argc, char **argv)
X509_free(sk_X509_value(chain2, 0));
sk_X509_free(chain2);
} else {
-if (vret >= 0)
+if (vret != X509_V_ERR_UNSPECIFIED)
BIO_printf(bio_err, "Error %s getting chain.\n",
X509_verify_cert_error_string(vret));
else
@@ -906,36 +907,25 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag,
char *pass,
/* Given a single certificate return a verified chain or NULL if error */
-/* Hope this is OK */
-
-int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
+static int get_cert_chain(X509 *cert, X509_STORE *store,
+ STACK_OF(X509) **chain)
{
X509_STORE_CTX store_ctx;
-STACK_OF(X509) *chn;
+STACK_OF(X509) *chn = NULL;
int i = 0;
-/*
- * FIXME: Should really check the return status of X509_STORE_CTX_init
- * for an error, but how that fits into the return value of this function
- * is less obvious.
- */
-X509_STORE_CTX_init(_ctx, store, cert, NULL);
-if (X509_verify_cert(_ctx) <= 0) {
-i = X509_STORE_CTX_get_error(_ctx);
-if (i == 0)
-/*
- * avoid returning 0 if X509_verify_cert() did not set an
- * appropriate error value in the context
- */
-i = -1;
-chn = NULL;
-goto err;
-} else
+if (!X509_STORE_CTX_init(_ctx, store, cert, NULL)) {
+*chain = NULL;
+return X509_V_ERR_UNSPECIFIED;
+}
+
+if (X509_verify_cert(_ctx) > 0)
chn = X509_STORE_CTX_get1_chain(_ctx);
- err:
+else if ((i = X509_STORE_CTX_get_error(_ctx)) == 0)
+i = X509_V_ERR_UNSPECIFIED;
+
X509_STORE_CTX_cleanup(_ctx);
*chain = chn;
-
return i;
}
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index 1a3a7c5..e24b2d5 100644
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -255,7 +255,8 @@ static int TS_verify_cert(X509_STORE *store, STACK_OF(X509)
*untrusted,
/* chain is an out argument. */
*chain = NULL;
-X509_STORE_CTX_init(_ctx, store, signer, untrusted);
+if (!X509_STORE_CTX_init(_ctx, store, signer, untrusted))
+return 0;
X509_STORE_CTX_set_purpose(_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
i = X509_verify_cert(_ctx);
if (i <= 0) {
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 7009ae6..3bad523 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -2026,9 +2026,10 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE
*store, X509 *x509,
ctx->current_reasons = 0;
ctx->tree = NULL;
ctx->parent = NULL;
+/* Zero ex_data to make sure we're cleanup-safe */
+memset(>ex_data, 0, sizeof(ctx->ex_data));
ctx->param = X509_VERIFY_PARAM_new();
-
if (!ctx->param) {
X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
return 0;
@@ -2037,7 +2038,6 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE
*store, X509 *x509,
/*
*