Fix to the -revoke option in ca. It was leaking memory, crashing and just
authorDr. Stephen Henson <steve@openssl.org>
Mon, 8 Nov 1999 13:58:08 +0000 (13:58 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 8 Nov 1999 13:58:08 +0000 (13:58 +0000)
plain not working :-(

Also fix some memory leaks in the new X509_NAME code.

Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.

CHANGES
apps/app_rand.c
apps/ca.c
apps/req.c
apps/x509.c
crypto/asn1/a_strnid.c
crypto/asn1/x_x509a.c
crypto/x509/x509name.c
demos/ssl/cli.cpp
util/libeay.num

diff --git a/CHANGES b/CHANGES
index ef3392c..68881ef 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Fix the -revoke option in ca. It was freeing up memory twice,
+     leaking and not finding already revoked certificates.
+     [Steve Henson]
+
   *) Extensive changes to support certificate auxiliary information.
      This involves the use of X509_CERT_AUX structure and X509_AUX
      functions. An X509_AUX function such as PEM_read_X509_AUX()
index 2543a64..9e29e54 100644 (file)
  *
  */
 
+#include "apps.h"
 #include <openssl/bio.h>
 #include <openssl/rand.h>
 
-#include "apps.h"
 
 static int seeded = 0;
 
index 36c314e..93f992b 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1169,13 +1169,6 @@ bad:
        /*****************************************************************/
        if (dorevoke)
                {
-               in=BIO_new(BIO_s_file());
-               out=BIO_new(BIO_s_file());
-               if ((in == NULL) || (out == NULL))
-                       {
-                       ERR_print_errors(bio_err);
-                       goto err;
-                       }
                if (infile == NULL) 
                        {
                        BIO_printf(bio_err,"no input files\n");
@@ -1183,19 +1176,22 @@ bad:
                        }
                else
                        {
+                       X509 *revcert;
                        if (BIO_read_filename(in,infile) <= 0)
                                {
                                perror(infile);
                                BIO_printf(bio_err,"error trying to load '%s' certificate\n",infile);
                                goto err;
                                }
-                       x509=PEM_read_bio_X509(in,NULL,NULL,NULL);
-                       if (x509 == NULL)
+                       revcert=PEM_read_bio_X509(in,NULL,NULL,NULL);
+                       if (revcert == NULL)
                                {
                                BIO_printf(bio_err,"unable to load '%s' certificate\n",infile);
                                goto err;
                                }
-                       j=do_revoke(x509,db);
+                       j=do_revoke(revcert,db);
+                       if (j <= 0) goto err;
+                       X509_free(revcert);
 
                        strncpy(buf[0],dbfile,BSIZE-4);
                        strcat(buf[0],".new");
@@ -1207,10 +1203,6 @@ bad:
                                }
                        j=TXT_DB_write(out,db);
                        if (j <= 0) goto err;
-                       BIO_free(in);
-                       BIO_free(out);
-                       in=NULL;
-                       out=NULL;
                        strncpy(buf[1],dbfile,BSIZE-4);
                        strcat(buf[1],".old");
                        if (rename(dbfile,buf[1]) < 0)
@@ -2143,20 +2135,26 @@ static int add_oid_section(LHASH *hconf)
 
 static int do_revoke(X509 *x509, TXT_DB *db)
 {
-       ASN1_UTCTIME *tm=NULL;
+       ASN1_UTCTIME *tm=NULL, *revtm=NULL;
        char *row[DB_NUMBER],**rrow,**irow;
+       BIGNUM *bn = NULL;
        int ok=-1,i;
 
        for (i=0; i<DB_NUMBER; i++)
                row[i]=NULL;
-       row[DB_name]=X509_NAME_oneline(x509->cert_info->subject,NULL,0);
-       row[DB_serial]=BN_bn2hex(ASN1_INTEGER_to_BN(x509->cert_info->serialNumber,NULL));
+       row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0);
+       bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
+       row[DB_serial]=BN_bn2hex(bn);
+       BN_free(bn);
        if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
                {
                BIO_printf(bio_err,"Malloc failure\n");
                goto err;
                }
-       rrow=TXT_DB_get_by_index(db,DB_name,row);
+       /* We have to lookup by serial number because name lookup
+        * skips revoked certs
+        */
+       rrow=TXT_DB_get_by_index(db,DB_serial,row);
        if (rrow == NULL)
                {
                BIO_printf(bio_err,"Adding Entry to DB for %s\n", row[DB_name]);
@@ -2207,16 +2205,15 @@ static int do_revoke(X509 *x509, TXT_DB *db)
                        }
 
                /* Revoke Certificate */
-               do_revoke(x509,db);
+               ok = do_revoke(x509,db);
 
-               ok=1;
                goto err;
 
                }
-       else if (index_serial_cmp(row,rrow))
+       else if (index_name_cmp(row,rrow))
                {
-               BIO_printf(bio_err,"ERROR:no same serial number %s\n",
-                          row[DB_serial]);
+               BIO_printf(bio_err,"ERROR:name does not match %s\n",
+                          row[DB_name]);
                goto err;
                }
        else if (rrow[DB_type][0]=='R')
@@ -2228,12 +2225,14 @@ static int do_revoke(X509 *x509, TXT_DB *db)
        else
                {
                BIO_printf(bio_err,"Revoking Certificate %s.\n", rrow[DB_serial]);
-               tm=X509_gmtime_adj(tm,0);
+               revtm = ASN1_UTCTIME_new();
+               revtm=X509_gmtime_adj(revtm,0);
                rrow[DB_type][0]='R';
                rrow[DB_type][1]='\0';
-               rrow[DB_rev_date]=(char *)Malloc(tm->length+1);
-               memcpy(rrow[DB_rev_date],tm->data,tm->length);
-               rrow[DB_rev_date][tm->length]='\0';
+               rrow[DB_rev_date]=(char *)Malloc(revtm->length+1);
+               memcpy(rrow[DB_rev_date],revtm->data,revtm->length);
+               rrow[DB_rev_date][revtm->length]='\0';
+               ASN1_UTCTIME_free(revtm);
                }
        ok=1;
 err:
@@ -2242,7 +2241,6 @@ err:
                if (row[i] != NULL) 
                        Free(row[i]);
                }
-       ASN1_UTCTIME_free(tm);
        return(ok);
 }
 
index a395c39..cf91012 100644 (file)
@@ -845,6 +845,7 @@ end:
        X509_free(x509ss);
        X509V3_EXT_cleanup();
        OBJ_cleanup();
+       ASN1_STRING_TABLE_cleanup();
 #ifndef NO_DSA
        if (dsa_params != NULL) DSA_free(dsa_params);
 #endif
index a7f25f0..f56244c 100644 (file)
@@ -268,6 +268,7 @@ int MAIN(int argc, char **argv)
                        if (--argc < 1) goto bad;
                        CAfile= *(++argv);
                        CA_flag= ++num;
+                       need_rand = 1;
                        }
                else if (strcmp(*argv,"-CAkey") == 0)
                        {
index cb37024..e2e100e 100644 (file)
@@ -188,6 +188,7 @@ void ASN1_STRING_TABLE_cleanup(void)
 {
        STACK_OF(ASN1_STRING_TABLE) *tmp;
        tmp = stable;
+       if(!tmp) return;
        stable = NULL;
        sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
 }
index 4b1f448..d8409fb 100644 (file)
@@ -117,6 +117,7 @@ void X509_CERT_AUX_free(X509_CERT_AUX *a)
        sk_ASN1_OBJECT_pop_free(a->othernotrust, ASN1_OBJECT_free);
        ASN1_UTF8STRING_free(a->alias);
        ASN1_TYPE_free(a->other);
+       Free((char *)a);
 }
 
 int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp)
index bd7b985..b4ceb65 100644 (file)
@@ -175,27 +175,36 @@ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
                        unsigned char *bytes, int len, int loc, int set)
 {
        X509_NAME_ENTRY *ne;
+       int ret;
        ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
        if(!ne) return 0;
-       return X509_NAME_add_entry(name, ne, loc, set);
+       ret = X509_NAME_add_entry(name, ne, loc, set);
+       X509_NAME_ENTRY_free(ne);
+       return ret;
 }
 
 int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
                        unsigned char *bytes, int len, int loc, int set)
 {
        X509_NAME_ENTRY *ne;
+       int ret;
        ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
        if(!ne) return 0;
-       return X509_NAME_add_entry(name, ne, loc, set);
+       ret = X509_NAME_add_entry(name, ne, loc, set);
+       X509_NAME_ENTRY_free(ne);
+       return ret;
 }
 
 int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
                        unsigned char *bytes, int len, int loc, int set)
 {
        X509_NAME_ENTRY *ne;
+       int ret;
        ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
        if(!ne) return 0;
-       return X509_NAME_add_entry(name, ne, loc, set);
+       ret = X509_NAME_add_entry(name, ne, loc, set);
+       X509_NAME_ENTRY_free(ne);
+       return ret;
 }
 
 /* if set is -1, append to previous set, 0 'a new one', and 1,
@@ -267,6 +276,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
                char *field, int type, unsigned char *bytes, int len)
        {
        ASN1_OBJECT *obj;
+       X509_NAME_ENTRY *nentry;
 
        obj=OBJ_txt2obj(field, 0);
        if (obj == NULL)
@@ -275,13 +285,16 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
                                                X509_R_INVALID_FIELD_NAME);
                return(NULL);
                }
-       return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+       nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
+       ASN1_OBJECT_free(obj);
+       return nentry;
        }
 
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
             int type, unsigned char *bytes, int len)
        {
        ASN1_OBJECT *obj;
+       X509_NAME_ENTRY *nentry;
 
        obj=OBJ_nid2obj(nid);
        if (obj == NULL)
@@ -289,7 +302,9 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
                X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
                return(NULL);
                }
-       return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+       nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
+       ASN1_OBJECT_free(obj);
+       return nentry;
        }
 
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
index b3d7269..daea2bd 100644 (file)
@@ -14,7 +14,6 @@
 #include <arpa/inet.h>
 #include <netdb.h>
 
-#include "rsa.h"       /* SSLeay stuff */
 #include <openssl/crypto.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
index 939b6e9..c8a84e4 100755 (executable)
@@ -1998,3 +1998,25 @@ X509_NAME_add_entry_by_txt              2022
 X509_NAME_add_entry_by_NID              2023
 X509_NAME_add_entry_by_OBJ              2024
 X509_NAME_ENTRY_create_by_txt           2025
+PEM_read_X509_AUX                       2026
+X509_CERT_AUX_free                      2027
+X509_alias_set                          2028
+PEM_read_bio_X509_AUX                   2029
+X509_trust_set_bit_asc                  2030
+d2i_X509_AUX                            2031
+X509_CERT_AUX_print                     2032
+ASN1_BIT_STRING_num_asc                 2033
+X509_CERT_AUX_new                       2034
+ASN1_BIT_STRING_set_asc                 2035
+i2d_X509_CERT_AUX                       2036
+PEM_write_X509_AUX                      2037
+X509_notrust_set_bit                    2038
+X509_add_notrust_object                 2039
+PEM_write_bio_X509_AUX                  2040
+X509_alias_get                          2041
+X509_trust_set_bit                      2042
+d2i_X509_CERT_AUX                       2043
+X509_notrust_set_bit_asc                2044
+i2d_X509_AUX                            2045
+ASN1_BIT_STRING_name_print              2046
+X509_add_trust_object                   2047