Correctly handle missing DSA parameters.

[openssl.git] / crypto / x509 / by_dir.c

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 14d12c56bd709e47198ecb8b73547624c7f08a3a..6398d35a0a938984fda4abf772eb49b0203aed59 100644 (file)
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -65,9 +65,7 @@
 #ifndef NO_SYS_TYPES_H
 # include <sys/types.h>
 #endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
+#ifndef OPENSSL_NO_POSIX_IO
 # include <sys/stat.h>
 #endif
 
@@ -114,7 +112,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
        {
        int ret=0;
        BY_DIR *ld;
-       char *dir;
+       char *dir = NULL;
 
        ld=(BY_DIR *)ctx->method_data;
 
@@ -123,17 +121,16 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
        case X509_L_ADD_DIR:
                if (argl == X509_FILETYPE_DEFAULT)
                        {
-                       ret=add_cert_dir(ld,X509_get_default_cert_dir(),
-                               X509_FILETYPE_PEM);
+                       dir=(char *)getenv(X509_get_default_cert_dir_env());
+                       if (dir)
+                               ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+                       else
+                               ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+                                       X509_FILETYPE_PEM);
                        if (!ret)
                                {
                                X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
                                }
-                       else
-                               {
-                               dir=(char *)Getenv(X509_get_default_cert_dir_env());
-                               ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
-                               }
                        }
                else
                        ret=add_cert_dir(ld,argp,(int)argl);
@@ -146,11 +143,11 @@ static int new_dir(X509_LOOKUP *lu)
        {
        BY_DIR *a;
 
-       if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
+       if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
                return(0);
        if ((a->buffer=BUF_MEM_new()) == NULL)
                {
-               Free(a);
+               OPENSSL_free(a);
                return(0);
                }
        a->num_dirs=0;
@@ -168,11 +165,11 @@ static void free_dir(X509_LOOKUP *lu)
 
        a=(BY_DIR *)lu->method_data;
        for (i=0; i<a->num_dirs; i++)
-               if (a->dirs[i] != NULL) Free(a->dirs[i]);
-       if (a->dirs != NULL) Free(a->dirs);
-       if (a->dirs_type != NULL) Free(a->dirs_type);
+               if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]);
+       if (a->dirs != NULL) OPENSSL_free(a->dirs);
+       if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type);
        if (a->buffer != NULL) BUF_MEM_free(a->buffer);
-       Free(a);
+       OPENSSL_free(a);
        }
 
 static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
@@ -204,9 +201,9 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
                        if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
                                {
                                ctx->num_dirs_alloced+=10;
-                               pp=(char **)Malloc(ctx->num_dirs_alloced*
+                               pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced*
                                        sizeof(char *));
-                               ip=(int *)Malloc(ctx->num_dirs_alloced*
+                               ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced*
                                        sizeof(int));
                                if ((pp == NULL) || (ip == NULL))
                                        {
@@ -218,14 +215,14 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
                                memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
                                        sizeof(int));
                                if (ctx->dirs != NULL)
-                                       Free(ctx->dirs);
+                                       OPENSSL_free(ctx->dirs);
                                if (ctx->dirs_type != NULL)
-                                       Free(ctx->dirs_type);
+                                       OPENSSL_free(ctx->dirs_type);
                                ctx->dirs=pp;
                                ctx->dirs_type=ip;
                                }
                        ctx->dirs_type[ctx->num_dirs]=type;
-                       ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
+                       ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1);
                        if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
                        strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
                        ctx->dirs[ctx->num_dirs][len]='\0';
@@ -255,7 +252,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
        int i,j,k;
        unsigned long h;
        BUF_MEM *b=NULL;
-       struct stat st;
        X509_OBJECT stmp,*tmp;
        const char *postfix="";
 
@@ -302,11 +298,46 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
                k=0;
                for (;;)
                        {
-                       sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
-                               postfix,k);
+                       char c = '/';
+#ifdef OPENSSL_SYS_VMS
+                       c = ctx->dirs[i][strlen(ctx->dirs[i])-1];
+                       if (c != ':' && c != '>' && c != ']')
+                               {
+                               /* If no separator is present, we assume the
+                                  directory specifier is a logical name, and
+                                  add a colon.  We really should use better
+                                  VMS routines for merging things like this,
+                                  but this will do for now...
+                                  -- Richard Levitte */
+                               c = ':';
+                               }
+                       else
+                               {
+                               c = '\0';
+                               }
+#endif
+                       if (c == '\0')
+                               {
+                               /* This is special.  When c == '\0', no
+                                  directory separator should be added. */
+                               BIO_snprintf(b->data,b->max,
+                                       "%s%08lx.%s%d",ctx->dirs[i],h,
+                                       postfix,k);
+                               }
+                       else
+                               {
+                               BIO_snprintf(b->data,b->max,
+                                       "%s%c%08lx.%s%d",ctx->dirs[i],c,h,
+                                       postfix,k);
+                               }
                        k++;
+#ifndef OPENSSL_NO_POSIX_IO
+                       {
+                       struct stat st;
                        if (stat(b->data,&st) < 0)
                                break;
+                       }
+#endif
                        /* found one. */
                        if (type == X509_LU_X509)
                                {
@@ -326,7 +357,9 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
                /* we have added it to the cache so now pull
                 * it out again */
                CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
-               tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,&stmp);
+               j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp);
+               if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j);
+               else tmp = NULL;
                CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
 
                if (tmp != NULL)