diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-01-29 19:51:59 +0100 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-01-31 19:17:50 +0100 |
commit | 53649022509129bce8036c8fb4978dbce9432a86 (patch) | |
tree | 29ba2902fa11c6132e1f5494fd3107a5d1f0c57c /crypto/x509 | |
parent | a727627922b8a9ec6628ffaa2054b4b3833d674b (diff) |
Fixed d2i_X509 in-place not re-hashing the ex_flags
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8116)
Diffstat (limited to 'crypto/x509')
-rw-r--r-- | crypto/x509/x_x509.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 596e1e41e5..bf0270ef71 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -40,12 +40,35 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, switch (operation) { + case ASN1_OP_D2I_PRE: + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); + X509_CERT_AUX_free(ret->aux); + ASN1_OCTET_STRING_free(ret->skid); + AUTHORITY_KEYID_free(ret->akid); + CRL_DIST_POINTS_free(ret->crldp); + policy_cache_free(ret->policy_cache); + GENERAL_NAMES_free(ret->altname); + NAME_CONSTRAINTS_free(ret->nc); +#ifndef OPENSSL_NO_RFC3779 + sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); + ASIdentifiers_free(ret->rfc3779_asid); +#endif + + /* fall thru */ + case ASN1_OP_NEW_POST: + ret->ex_cached = 0; + ret->ex_kusage = 0; + ret->ex_xkusage = 0; + ret->ex_nscert = 0; ret->ex_flags = 0; ret->ex_pathlen = -1; ret->ex_pcpathlen = -1; ret->skid = NULL; ret->akid = NULL; + ret->policy_cache = NULL; + ret->altname = NULL; + ret->nc = NULL; #ifndef OPENSSL_NO_RFC3779 ret->rfc3779_addr = NULL; ret->rfc3779_asid = NULL; |