/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
{
- X509_LOOKUP *ret;
+ X509_LOOKUP *ret = OPENSSL_zalloc(sizeof(*ret));
- ret = OPENSSL_zalloc(sizeof(*ret));
- if (ret == NULL)
+ if (ret == NULL) {
+ X509err(X509_F_X509_LOOKUP_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
+ }
ret->method = method;
- if ((method->new_item != NULL) && !method->new_item(ret)) {
+ if (method->new_item != NULL && method->new_item(ret) == 0) {
OPENSSL_free(ret);
return NULL;
}
X509_STORE *X509_STORE_new(void)
{
- X509_STORE *ret;
+ X509_STORE *ret = OPENSSL_zalloc(sizeof(*ret));
- if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
+ if (ret == NULL) {
+ X509err(X509_F_X509_STORE_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
- if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL)
+ }
+ if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL) {
+ X509err(X509_F_X509_STORE_NEW, ERR_R_MALLOC_FAILURE);
goto err;
+ }
ret->cache = 1;
- if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL)
+ if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL) {
+ X509err(X509_F_X509_STORE_NEW, ERR_R_MALLOC_FAILURE);
goto err;
+ }
- if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
+ if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) {
+ X509err(X509_F_X509_STORE_NEW, ERR_R_MALLOC_FAILURE);
goto err;
-
- if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
+ }
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) {
+ X509err(X509_F_X509_STORE_NEW, ERR_R_MALLOC_FAILURE);
goto err;
+ }
ret->lock = CRYPTO_THREAD_lock_new();
- if (ret->lock == NULL)
+ if (ret->lock == NULL) {
+ X509err(X509_F_X509_STORE_NEW, ERR_R_MALLOC_FAILURE);
goto err;
+ }
ret->references = 1;
return ret;
if (vfy == NULL)
return;
-
CRYPTO_DOWN_REF(&vfy->references, &i, vfy->lock);
REF_PRINT_COUNT("X509_STORE", vfy);
if (i > 0)
}
/* a new one */
lu = X509_LOOKUP_new(m);
- if (lu == NULL)
+ if (lu == NULL) {
+ X509err(X509_F_X509_STORE_ADD_LOOKUP, ERR_R_MALLOC_FAILURE);
return NULL;
- else {
- lu->store_ctx = v;
- if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
- return lu;
- else {
- X509_LOOKUP_free(lu);
- return NULL;
- }
}
+
+ lu->store_ctx = v;
+ if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
+ return lu;
+ /* malloc failed */
+ X509err(X509_F_X509_STORE_ADD_LOOKUP, ERR_R_MALLOC_FAILURE);
+ X509_LOOKUP_free(lu);
+ return NULL;
}
X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs,
X509_OBJECT stmp, *tmp;
int i, j;
+ if (ctx == NULL)
+ return 0;
+
CRYPTO_THREAD_write_lock(ctx->lock);
tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
CRYPTO_THREAD_unlock(ctx->lock);
X509 *x;
X509_OBJECT *obj;
+ if (ctx->ctx == NULL)
+ return NULL;
+
CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
if (idx < 0) {
X509_OBJECT *obj, *xobj = X509_OBJECT_new();
/* Always do lookup to possibly add new CRLs to cache */
- if (sk == NULL || xobj == NULL ||
- !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
+ if (sk == NULL
+ || xobj == NULL
+ || ctx->ctx == NULL
+ || !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
X509_OBJECT_free(xobj);
sk_X509_CRL_free(sk);
return NULL;
}
X509_OBJECT_free(obj);
+ if (ctx->ctx == NULL)
+ return 0;
+
/* Else find index of first cert accepted by 'check_issued' */
ret = 0;
CRYPTO_THREAD_write_lock(ctx->ctx->lock);