Loading ssl/ssl_cert.c +25 −17 Original line number Diff line number Diff line /* * ! \file ssl/ssl_cert.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * Loading Loading @@ -124,7 +121,7 @@ #endif #include "internal/o_dir.h" #include <openssl/objects.h> #include <openssl/lhash.h> #include <openssl/bio.h> #include <openssl/pem.h> #include <openssl/x509v3.h> Loading Loading @@ -642,11 +639,23 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) return (add_client_CA(&(ctx->client_CA), x)); } static int xname_cmp(const X509_NAME *const *a, const X509_NAME *const *b) static int xname_sk_cmp(const X509_NAME *const *a, const X509_NAME *const *b) { return (X509_NAME_cmp(*a, *b)); } static int xname_cmp(const X509_NAME *a, const X509_NAME *b) { return X509_NAME_cmp(a, b); } static unsigned long xname_hash(const X509_NAME *a) { return X509_NAME_hash((X509_NAME *)a); } DEFINE_LHASH_OF(X509_NAME); /** * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; * it doesn't really have anything to do with clients (except that a common use Loading @@ -657,16 +666,14 @@ static int xname_cmp(const X509_NAME *const *a, const X509_NAME *const *b) */ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { BIO *in; BIO *in = BIO_new(BIO_s_file()); X509 *x = NULL; X509_NAME *xn = NULL; STACK_OF(X509_NAME) *ret = NULL, *sk; STACK_OF(X509_NAME) *ret = NULL; LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp); sk = sk_X509_NAME_new(xname_cmp); in = BIO_new(BIO_s_file()); if ((sk == NULL) || (in == NULL)) { if ((name_hash == NULL) || (in == NULL)) { SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE); goto err; } Loading @@ -690,10 +697,11 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) xn = X509_NAME_dup(xn); if (xn == NULL) goto err; if (sk_X509_NAME_find(sk, xn) >= 0) if (lh_X509_NAME_retrieve(name_hash, xn) != NULL) { /* Duplicate. */ X509_NAME_free(xn); else { sk_X509_NAME_push(sk, xn); } else { lh_X509_NAME_insert(name_hash, xn); sk_X509_NAME_push(ret, xn); } } Loading @@ -703,9 +711,9 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) sk_X509_NAME_pop_free(ret, X509_NAME_free); ret = NULL; done: sk_X509_NAME_free(sk); BIO_free(in); X509_free(x); lh_X509_NAME_free(name_hash); if (ret != NULL) ERR_clear_error(); return (ret); Loading @@ -729,7 +737,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, int ret = 1; int (*oldcmp) (const X509_NAME *const *a, const X509_NAME *const *b); oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp); oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_sk_cmp); in = BIO_new(BIO_s_file()); Loading Loading
ssl/ssl_cert.c +25 −17 Original line number Diff line number Diff line /* * ! \file ssl/ssl_cert.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * Loading Loading @@ -124,7 +121,7 @@ #endif #include "internal/o_dir.h" #include <openssl/objects.h> #include <openssl/lhash.h> #include <openssl/bio.h> #include <openssl/pem.h> #include <openssl/x509v3.h> Loading Loading @@ -642,11 +639,23 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) return (add_client_CA(&(ctx->client_CA), x)); } static int xname_cmp(const X509_NAME *const *a, const X509_NAME *const *b) static int xname_sk_cmp(const X509_NAME *const *a, const X509_NAME *const *b) { return (X509_NAME_cmp(*a, *b)); } static int xname_cmp(const X509_NAME *a, const X509_NAME *b) { return X509_NAME_cmp(a, b); } static unsigned long xname_hash(const X509_NAME *a) { return X509_NAME_hash((X509_NAME *)a); } DEFINE_LHASH_OF(X509_NAME); /** * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; * it doesn't really have anything to do with clients (except that a common use Loading @@ -657,16 +666,14 @@ static int xname_cmp(const X509_NAME *const *a, const X509_NAME *const *b) */ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { BIO *in; BIO *in = BIO_new(BIO_s_file()); X509 *x = NULL; X509_NAME *xn = NULL; STACK_OF(X509_NAME) *ret = NULL, *sk; STACK_OF(X509_NAME) *ret = NULL; LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp); sk = sk_X509_NAME_new(xname_cmp); in = BIO_new(BIO_s_file()); if ((sk == NULL) || (in == NULL)) { if ((name_hash == NULL) || (in == NULL)) { SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE); goto err; } Loading @@ -690,10 +697,11 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) xn = X509_NAME_dup(xn); if (xn == NULL) goto err; if (sk_X509_NAME_find(sk, xn) >= 0) if (lh_X509_NAME_retrieve(name_hash, xn) != NULL) { /* Duplicate. */ X509_NAME_free(xn); else { sk_X509_NAME_push(sk, xn); } else { lh_X509_NAME_insert(name_hash, xn); sk_X509_NAME_push(ret, xn); } } Loading @@ -703,9 +711,9 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) sk_X509_NAME_pop_free(ret, X509_NAME_free); ret = NULL; done: sk_X509_NAME_free(sk); BIO_free(in); X509_free(x); lh_X509_NAME_free(name_hash); if (ret != NULL) ERR_clear_error(); return (ret); Loading @@ -729,7 +737,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, int ret = 1; int (*oldcmp) (const X509_NAME *const *a, const X509_NAME *const *b); oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp); oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_sk_cmp); in = BIO_new(BIO_s_file()); Loading
Richard Levitte <levitte@openssl.org>Richard Levitte <levitte@openssl.org>