Create a duplicate of the SSL_CTX's CERT in SSL_new instead of copying

 Changes between 0.9.2b and 0.9.3

  *) Create a duplicate of the SSL_CTX's CERT in SSL_new instead of

     copying pointers.  The cert_st handling is changed by this in

     various ways (and thus what used to be known as ctx->default_cert

     is now called ctx->cert, since we don't resort to s->ctx->[default_]cert

     any longer when s->cert does not give us what we need).

     ssl_cert_instantiate becomes obsolete by this change.

     As soon as we've got the new code right (possibly it already is?),

     we have solved a couple of bugs of the earlier code where s->cert

     was used as if it could not have been shared with other SSL structures.

     Note that using the SSL API in certain dirty ways now will result

     in different behaviour than observed with earlier library versions:

     Changing settings for an SSL_CTX *ctx after having done s = SSL_new(ctx)

     does not influence s as it used to.

     Projected further changes:

     In order to clean up things more thoroughly, inside SSL_SESSION

     we should not use CERT any longer, but a new structure SESS_CERT

     that holds per-session data, and CERT should hold only those

     values that can have meaningful defaults in an SSL_CTX.

     [Bodo Moeller]

  *) New function X509V3_EXT_i2d() to create an X509_EXTENSION structure

     from the internal representation. Various PKCS#7 fixes: remove some

     evil casts and set the enc_dig_alg field properly based on the signing

#endif

		0)

		{

		if (!ssl_cert_instantiate(&s->cert, s->ctx->default_cert)) 

		if (!ssl_cert_inst(&s->cert))

		    	{

			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);

			return(0);

	{

	CERT *cert;

	cert=ctx->default_cert;

	cert=ctx->cert;

	switch (cmd)

		{

	CERT *cert;

	unsigned long alg,mask,emask;

	/* Lets see which ciphers we can supported */

	if (s->cert != NULL)

	/* Let's see which ciphers we can support */

	cert=s->cert;

	else

		cert=s->ctx->default_cert;

	sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);

		{

		c=sk_SSL_CIPHER_value(have,i);

		ssl_set_cert_masks(cert,s->ctx->default_cert,c);

		ssl_set_cert_masks(cert,c);

		mask=cert->mask;

		emask=cert->export_mask;

					CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);

					s->session->cert=s->cert;

					}

				else

					{

					CRYPTO_add(&s->ctx->default_cert->references,1,CRYPTO_LOCK_SSL_CERT);

					s->session->cert=s->ctx->default_cert;

					}

				}

			ct=s->session->cert;

		if (type & SSL_kRSA)

			{

			rsa=cert->rsa_tmp;

			if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL))

			if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))

				{

				rsa=s->ctx->default_cert->rsa_tmp_cb(s,

				rsa=s->cert->rsa_tmp_cb(s,

				      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

				CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);

			if (type & SSL_kEDH)

			{

			dhp=cert->dh_tmp;

			if ((dhp == NULL) && (cert->dh_tmp_cb != NULL))

				dhp=cert->dh_tmp_cb(s,

			if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))

				dhp=s->cert->dh_tmp_cb(s,

				      !SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),

				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));

			if (dhp == NULL)

			if ((s->session->cert != NULL) &&

				(s->session->cert->rsa_tmp != NULL))

				rsa=s->session->cert->rsa_tmp;

			else if ((s->ctx->default_cert != NULL) &&

				(s->ctx->default_cert->rsa_tmp != NULL))

				rsa=s->ctx->default_cert->rsa_tmp;

			else if ((s->cert != NULL) &&

				(s->cert->rsa_tmp != NULL))

				rsa=s->cert->rsa_tmp;

			/* Don't do a callback because rsa_tmp should

			 * be sent already */

			if (rsa == NULL)

		X509_free(s->session->peer);

	s->session->peer=sk_X509_shift(sk);

	/* FIXME: s->session->cert could be a SSL_CTX's struct cert_st!

	 * struct cert_st is used for too many purposes.  It makes

	 * sense to use the same structure in both SSL_CTX and SSL,

	 * but then don't put any per-connection data in it. */

#if 0 /* This could become a workaround, but it would still be utterly ugly */

	if (!ssl_cert_instantiate(&s->cert, s->ctx->default_cert)) 

		{

		handle the error;

		}

#endif

	s->session->cert->cert_chain=sk;

	sk=NULL;

/**/	char *app_verify_arg;

	/* default values to use in SSL structures */

/**/	struct cert_st /* CERT */ *default_cert;

/**/	struct cert_st /* CERT */ *cert;

/**/	int read_ahead;

/**/	int verify_mode;

/**/	int verify_depth;

#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK	 216

#define SSL_F_SSL_BAD_METHOD				 160

#define SSL_F_SSL_BYTES_TO_CIPHER_LIST			 161

#define SSL_F_SSL_CERT_DUP				 221

#define SSL_F_SSL_CERT_INST				 222

#define SSL_F_SSL_CERT_INSTANTIATE			 214

#define SSL_F_SSL_CERT_NEW				 162

#define SSL_F_SSL_CHECK_PRIVATE_KEY			 163

#define SSL_R_INVALID_CHALLENGE_LENGTH			 158

#define SSL_R_LENGTH_MISMATCH				 159

#define SSL_R_LENGTH_TOO_SHORT				 160

#define SSL_R_LIBRARY_BUG				 274

#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 161

#define SSL_R_MISSING_DH_DSA_CERT			 162

#define SSL_R_MISSING_DH_KEY				 163

 * copied and put under another distribution licence

 * [including the GNU Public Licence.]

 */

/* ====================================================================

 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    openssl-core@OpenSSL.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 */

#include <stdio.h>

#include <sys/types.h>

	return(ret);

	}

CERT *ssl_cert_dup(CERT *cert)

	{

	CERT *ret;

	int i;

	ret = (CERT *)Malloc(sizeof(CERT));

	if (ret == NULL)

		{

		SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);

		return(NULL);

		}

	memset(ret, 0, sizeof(CERT));

	ret->cert_type = cert->cert_type;

	ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];

	/* or ret->key = ret->pkeys + (cert->key - cert->pkeys),

	 * if you find that more readable */

	ret->valid = cert->valid;

	ret->mask = cert->mask;

	ret->export_mask = cert->export_mask;

#ifndef NO_RSA

	if (cert->rsa_tmp != NULL)

		{

		ret->rsa_tmp = cert->rsa_tmp;

		CRYPTO_add(&ret->rsa_tmp->references, 1, CRYPTO_LOCK_RSA);

		}

	ret->rsa_tmp_cb = cert->rsa_tmp_cb;

#endif

#ifndef NO_DH

	if (cert->dh_tmp != NULL)

		{

		/* DH parameters don't have a reference count (and cannot

		 * reasonably be shared anyway, as the secret exponent may

		 * be created just when it is needed -- earlier library

		 * versions did not pay attention to this) */

		ret->dh_tmp = DHparams_dup(cert->dh_tmp);

		if (ret->dh_tmp == NULL)

			{

			SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_DH_LIB);

			goto err;

			}

		}

	ret->dh_tmp_cb = cert->dh_tmp_cb;

#endif

	for (i = 0; i < SSL_PKEY_NUM; i++)

		{

		if (cert->pkeys[i].x509 != NULL)

			{

			ret->pkeys[i].x509 = cert->pkeys[i].x509;

			CRYPTO_add(&ret->pkeys[i].x509->references, 1,

				CRYPTO_LOCK_X509);

			}

		if (cert->pkeys[i].privatekey != NULL)

			{

			ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;

			CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,

				CRYPTO_LOCK_EVP_PKEY);

			switch(i) 

				{

				/* If there was anything special to do for

				 * certain types of keys, we'd do it here.

				 * (Nothing at the moment, I think.) */

			case SSL_PKEY_RSA_ENC:

			case SSL_PKEY_RSA_SIGN:

				/* We have an RSA key. */

				break;

			case SSL_PKEY_DSA_SIGN:

				/* We have a DSA key. */

				break;

			case SSL_PKEY_DH_RSA:

			case SSL_PKEY_DH_DSA:

				/* We have a DH key. */

				break;

			default:

				/* Can't happen. */

				SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);

				}

			}

		}

	/* ret->cert_chain should not exist: that's pure per-connection data.

	 * Anyway, we never use this function when it is non-NULL,

	 * so we just don't look at it. */

	/* ret->extra_certs *should* exist, but currently the own certificate

	 * chain is held inside SSL_CTX */

	ret->references=1;

	return(ret);

err:

#ifndef NO_RSA

	if (ret->rsa_tmp != NULL)

		RSA_free(ret->rsa_tmp);

#endif

#ifndef NO_DH

	if (ret->dh_tmp != NULL)

		DH_free(ret->dh_tmp);

#endif

	for (i = 0; i < SSL_PKEY_NUM; i++)

		{

		if (ret->pkeys[i].x509 != NULL)

			X509_free(ret->pkeys[i].x509);

		if (ret->pkeys[i].privatekey != NULL)

			EVP_PKEY_free(ret->pkeys[i].privatekey);

		}

	return NULL;

	}

void ssl_cert_free(CERT *c)

	{

	int i;

	Free(c);

	}

#if 1

int ssl_cert_inst(CERT **o)

	{

	/* Create a CERT if there isn't already one

	 * (which cannot really happen, as it is initially created in

	 * SSL_CTX_new; but the earlier code usually allows for that one

	 * being non-existant, so we follow that behaviour, as it might

	 * turn out that there actually is a reason for it.). */

	if (o == NULL) 

		{

		SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);

		return(0);

		}

	if (*o == NULL)

		{

		if ((*o = ssl_cert_new()) == NULL)

			{

			SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);

			return(0);

			}

		}

	return(1);

	}

#else /* Not needed any longer: SSL's always have their own copy */

int ssl_cert_instantiate(CERT **o, CERT *d)

	{

	CERT *n;

	*o = n;

	return(1);

	}

#endif

int ssl_set_cert_type(CERT *c,int type)

	{