Make sure applications free up pkey structures and add netscape extension
authorDr. Stephen Henson <steve@openssl.org>
Sun, 3 Jan 1999 01:08:33 +0000 (01:08 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 3 Jan 1999 01:08:33 +0000 (01:08 +0000)
handling to x509.c

CHANGES
apps/req.c
apps/x509.c
crypto/asn1/t_req.c
crypto/asn1/t_x509.c
crypto/x509/x509_vfy.c
crypto/x509/x509type.c

diff --git a/CHANGES b/CHANGES
index 8d1294d..7ab80cf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,10 @@
 
  Changes between 0.9.1c and 0.9.2
 
 
  Changes between 0.9.1c and 0.9.2
 
+  *) Fix the various library and apps files to free up pkeys obtained from
+     EVP_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
+     [Steve Henson]
+
   *) Fix reference counting in X509_PUBKEY_get(). This makes
      demos/maurice/example2.c work, amongst others, probably.
      [Steve Henson and Ben Laurie]
   *) Fix reference counting in X509_PUBKEY_get(). This makes
      demos/maurice/example2.c work, amongst others, probably.
      [Steve Henson and Ben Laurie]
index 17f58d0..525995d 100644 (file)
@@ -663,7 +663,10 @@ loop:
                        }
 
                i=X509_REQ_verify(req,pkey);
                        }
 
                i=X509_REQ_verify(req,pkey);
-               if (tmp) pkey=NULL;
+               if (tmp) {
+                       EVP_PKEY_free(pkey);
+                       pkey=NULL;
+               }
 
                if (i < 0)
                        {
 
                if (i < 0)
                        {
index 1d7bad1..71af49f 100644 (file)
@@ -305,6 +305,7 @@ bad:
                }
 
        ERR_load_crypto_strings();
                }
 
        ERR_load_crypto_strings();
+       X509v3_add_netscape_extensions();
 
        if (!X509_STORE_set_default_paths(ctx))
                {
 
        if (!X509_STORE_set_default_paths(ctx))
                {
@@ -368,6 +369,7 @@ bad:
                        goto end;
                        }
                i=X509_REQ_verify(req,pkey);
                        goto end;
                        }
                i=X509_REQ_verify(req,pkey);
+               EVP_PKEY_free(pkey);
                if (i < 0)
                        {
                        BIO_printf(bio_err,"Signature verification error\n");
                if (i < 0)
                        {
                        BIO_printf(bio_err,"Signature verification error\n");
@@ -481,6 +483,7 @@ bad:
                                else
                                        BIO_printf(STDout,"Wrong Algorithm type");
                                BIO_printf(STDout,"\n");
                                else
                                        BIO_printf(STDout,"Wrong Algorithm type");
                                BIO_printf(STDout,"\n");
+                               EVP_PKEY_free(pkey);
                                }
                        else
 #endif
                                }
                        else
 #endif
@@ -688,6 +691,7 @@ end:
        if (Upkey != NULL) EVP_PKEY_free(Upkey);
        if (CApkey != NULL) EVP_PKEY_free(CApkey);
        if (rq != NULL) X509_REQ_free(rq);
        if (Upkey != NULL) EVP_PKEY_free(Upkey);
        if (CApkey != NULL) EVP_PKEY_free(CApkey);
        if (rq != NULL) X509_REQ_free(rq);
+       X509v3_cleanup_extensions();
        EXIT(ret);
        }
 
        EXIT(ret);
        }
 
index 7df749a..5caee74 100644 (file)
@@ -138,6 +138,8 @@ X509_REQ *x;
 #endif
                BIO_printf(bp,"%12sUnknown Public Key:\n","");
 
 #endif
                BIO_printf(bp,"%12sUnknown Public Key:\n","");
 
+       EVP_PKEY_free(pkey);
+
        /* may not be */
        sprintf(str,"%8sAttributes:\n","");
        if (BIO_puts(bp,str) <= 0) goto err;
        /* may not be */
        sprintf(str,"%8sAttributes:\n","");
        if (BIO_puts(bp,str) <= 0) goto err;
index 9a8c8bf..4bf1bd4 100644 (file)
@@ -182,6 +182,8 @@ X509 *x;
 #endif
                BIO_printf(bp,"%12sUnknown Public Key:\n","");
 
 #endif
                BIO_printf(bp,"%12sUnknown Public Key:\n","");
 
+       EVP_PKEY_free(pkey);
+
        n=X509_get_ext_count(x);
        if (n > 0)
                {
        n=X509_get_ext_count(x);
        if (n > 0)
                {
index f8c0865..f5face1 100644 (file)
@@ -345,11 +345,13 @@ X509_STORE_CTX *ctx;
                                }
                        if (X509_verify(xs,pkey) <= 0)
                                {
                                }
                        if (X509_verify(xs,pkey) <= 0)
                                {
+                               EVP_PKEY_free(pkey);
                                ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
                                ctx->current_cert=xs;
                                ok=(*cb)(0,ctx);
                                if (!ok) goto end;
                                }
                                ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
                                ctx->current_cert=xs;
                                ok=(*cb)(0,ctx);
                                if (!ok) goto end;
                                }
+                       EVP_PKEY_free(pkey);
                        pkey=NULL;
 
                        i=X509_cmp_current_time(X509_get_notBefore(xs));
                        pkey=NULL;
 
                        i=X509_cmp_current_time(X509_get_notBefore(xs));
@@ -403,6 +405,7 @@ X509_STORE_CTX *ctx;
                }
        ok=1;
 end:
                }
        ok=1;
 end:
+       EVP_PKEY_free(pkey);
        return(ok);
        }
 
        return(ok);
        }
 
@@ -492,6 +495,7 @@ STACK *chain;
                        break;
                else
                        {
                        break;
                else
                        {
+                       EVP_PKEY_free(ktmp);
                        ktmp=NULL;
                        }
                }
                        ktmp=NULL;
                        }
                }
@@ -506,10 +510,11 @@ STACK *chain;
                {
                ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j));
                EVP_PKEY_copy_parameters(ktmp2,ktmp);
                {
                ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j));
                EVP_PKEY_copy_parameters(ktmp2,ktmp);
+               EVP_PKEY_free(ktmp2);
                }
        
                }
        
-       if (pkey != NULL)
-               EVP_PKEY_copy_parameters(pkey,ktmp);
+       if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
+       EVP_PKEY_free(ktmp);
        return(1);
        }
 
        return(1);
        }
 
index 42c23bc..5274ded 100644 (file)
@@ -108,8 +108,9 @@ EVP_PKEY *pkey;
                break;
                }
 
                break;
                }
 
-       if (EVP_PKEY_size(pkey) <= 512)
+       if (EVP_PKEY_size(pk) <= 512)
                ret|=EVP_PKT_EXP;
                ret|=EVP_PKT_EXP;
+       if(pkey==NULL) EVP_PKEY_free(pk);
        return(ret);
        }
 
        return(ret);
        }