diff options
author | Dr. David von Oheimb <dev@ddvo.net> | 2021-02-05 21:52:01 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-02-11 21:34:27 +0100 |
commit | c926a5ecb7a855c2ca1716e4c408410d2b2adccd (patch) | |
tree | 8dec479af59e8bdc9892ba60635375d70365a360 /crypto | |
parent | f1923a2147cdbfbc67ab54dfc15d2c6c4611ea9c (diff) |
X509_STORE_CTX_cleanup(): Use internally so no need to call explicitly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14088)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/pkcs7/pk7_doit.c | 2 | ||||
-rw-r--r-- | crypto/pkcs7/pk7_smime.c | 1 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.c | 12 |
3 files changed, 9 insertions, 6 deletions
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index e962e93688..a979544aeb 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -1053,10 +1053,8 @@ int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, i = X509_verify_cert(ctx); if (i <= 0) { ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB); - X509_STORE_CTX_cleanup(ctx); goto err; } - X509_STORE_CTX_cleanup(ctx); return PKCS7_signatureVerify(bio, p7, si, x509); err: diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index 8d89f7fd44..f6853513e0 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -289,7 +289,6 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, i = X509_verify_cert(cert_ctx); if (i <= 0) j = X509_STORE_CTX_get_error(cert_ctx); - X509_STORE_CTX_cleanup(cert_ctx); if (i <= 0) { ERR_raise_data(ERR_LIB_PKCS7, PKCS7_R_CERTIFICATE_VERIFY_ERROR, "Verify error: %s", diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index a0bf50a708..58598bbf1f 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -1317,7 +1317,7 @@ static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, */ static int check_crl_path(X509_STORE_CTX *ctx, X509 *x) { - X509_STORE_CTX crl_ctx; + X509_STORE_CTX crl_ctx = {0}; int ret; /* Don't allow recursive CRL path validation */ @@ -2313,6 +2313,12 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, { int ret = 1; + if (ctx == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + X509_STORE_CTX_cleanup(ctx); + ctx->store = store; ctx->cert = x509; ctx->untrusted = chain; @@ -2340,7 +2346,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if (store != NULL) ctx->cleanup = store->cleanup; else - ctx->cleanup = 0; + ctx->cleanup = NULL; if (store != NULL && store->check_issued != NULL) ctx->check_issued = store->check_issued; @@ -2463,7 +2469,7 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) * calls cleanup() for the same object twice! Thus we must zero the * pointers below after they're freed! */ - /* Seems to always be 0 in OpenSSL, do this at most once. */ + /* Seems to always be NULL in OpenSSL, do this at most once. */ if (ctx->cleanup != NULL) { ctx->cleanup(ctx); ctx->cleanup = NULL; |