- {
- unsigned char *serverinfo = NULL;
- size_t serverinfo_length = 0;
- unsigned char* extension = 0;
- long extension_length = 0;
- char* name = NULL;
- char* header = NULL;
- char namePrefix[] = "SERVERINFO FOR ";
- int ret = 0;
- BIO *bin = NULL;
- size_t num_extensions = 0;
-
- if (ctx == NULL || file == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,ERR_R_PASSED_NULL_PARAMETER);
- goto end;
- }
-
- bin = BIO_new(BIO_s_file_internal());
- if (bin == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
- goto end;
- }
- if (BIO_read_filename(bin, file) <= 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
- goto end;
- }
-
- for (num_extensions=0;; num_extensions++)
- {
- if (PEM_read_bio(bin, &name, &header, &extension, &extension_length) == 0)
- {
- /* There must be at least one extension in this file */
- if (num_extensions == 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_NO_PEM_EXTENSIONS);
- goto end;
- }
- else /* End of file, we're done */
- break;
- }
- /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
- if (strlen(name) < strlen(namePrefix))
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT);
- goto end;
- }
- if (strncmp(name, namePrefix, strlen(namePrefix)) != 0)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_BAD_PREFIX);
- goto end;
- }
- /* Check that the decoded PEM data is plausible (valid length field) */
- if (extension_length < 4 || (extension[2] << 8) + extension[3] != extension_length - 4)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
- goto end;
- }
- /* Append the decoded extension to the serverinfo buffer */
- serverinfo = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
- if (serverinfo == NULL)
- {
- SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
- goto end;
- }
- memcpy(serverinfo + serverinfo_length, extension, extension_length);
- serverinfo_length += extension_length;
-
- OPENSSL_free(name); name = NULL;
- OPENSSL_free(header); header = NULL;
- OPENSSL_free(extension); extension = NULL;
- }
-
- ret = SSL_CTX_use_serverinfo(ctx, serverinfo, serverinfo_length);
-end:
- /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
- OPENSSL_free(name);
- OPENSSL_free(header);
- OPENSSL_free(extension);
- OPENSSL_free(serverinfo);
- if (bin != NULL)
- BIO_free(bin);
- return ret;
- }
-#endif /* OPENSSL_NO_STDIO */
-#endif /* OPENSSL_NO_TLSEXT */
+{
+ unsigned char *serverinfo = NULL;
+ size_t serverinfo_length = 0;
+ unsigned char *extension = 0;
+ long extension_length = 0;
+ char *name = NULL;
+ char *header = NULL;
+ char namePrefix[] = "SERVERINFO FOR ";
+ int ret = 0;
+ BIO *bin = NULL;
+ size_t num_extensions = 0;
+
+ if (ctx == NULL || file == NULL) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+ ERR_R_PASSED_NULL_PARAMETER);
+ goto end;
+ }
+
+ bin = BIO_new(BIO_s_file_internal());
+ if (bin == NULL) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
+ goto end;
+ }
+ if (BIO_read_filename(bin, file) <= 0) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
+ goto end;
+ }
+
+ for (num_extensions = 0;; num_extensions++) {
+ if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
+ == 0) {
+ /*
+ * There must be at least one extension in this file
+ */
+ if (num_extensions == 0) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+ SSL_R_NO_PEM_EXTENSIONS);
+ goto end;
+ } else /* End of file, we're done */
+ break;
+ }
+ /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
+ if (strlen(name) < strlen(namePrefix)) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+ SSL_R_PEM_NAME_TOO_SHORT);
+ goto end;
+ }
+ if (strncmp(name, namePrefix, strlen(namePrefix)) != 0) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+ SSL_R_PEM_NAME_BAD_PREFIX);
+ goto end;
+ }
+ /*
+ * Check that the decoded PEM data is plausible (valid length field)
+ */
+ if (extension_length < 4
+ || (extension[2] << 8) + extension[3] != extension_length - 4) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
+ goto end;
+ }
+ /* Append the decoded extension to the serverinfo buffer */
+ serverinfo =
+ OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
+ if (serverinfo == NULL) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ memcpy(serverinfo + serverinfo_length, extension, extension_length);
+ serverinfo_length += extension_length;
+
+ OPENSSL_free(name);
+ name = NULL;
+ OPENSSL_free(header);
+ header = NULL;
+ OPENSSL_free(extension);
+ extension = NULL;
+ }
+
+ ret = SSL_CTX_use_serverinfo(ctx, serverinfo, serverinfo_length);
+ end:
+ /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
+ OPENSSL_free(name);
+ OPENSSL_free(header);
+ OPENSSL_free(extension);
+ OPENSSL_free(serverinfo);
+ BIO_free(bin);
+ return ret;
+}
+#endif /* OPENSSL_NO_STDIO */