From 75c13e7830653eee4b61dd96ceea7c446c381316 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 23 Feb 2017 22:12:28 +0000 Subject: Tidy up certificate type handling. The certificate types used to be held in a fixed length array or (if it was too long) a malloced buffer. This was done to retain binary compatibility. The code can be simplified now SSL is opaque by always using a malloced buffer. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2733) --- ssl/ssl_cert.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'ssl/ssl_cert.c') diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index a75fb6564a..70aa697564 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -164,12 +164,11 @@ CERT *ssl_cert_dup(CERT *cert) /* Shared sigalgs also NULL */ ret->shared_sigalgs = NULL; /* Copy any custom client certificate types */ - if (cert->ctypes) { - ret->ctypes = OPENSSL_malloc(cert->ctype_num); - if (ret->ctypes == NULL) + if (cert->ctype) { + ret->ctype = OPENSSL_memdup(cert->ctype, cert->ctype_len); + if (ret->ctype == NULL) goto err; - memcpy(ret->ctypes, cert->ctypes, cert->ctype_num); - ret->ctype_num = cert->ctype_num; + ret->ctype_len = cert->ctype_len; } ret->cert_flags = cert->cert_flags; @@ -252,7 +251,7 @@ void ssl_cert_free(CERT *c) OPENSSL_free(c->conf_sigalgs); OPENSSL_free(c->client_sigalgs); OPENSSL_free(c->shared_sigalgs); - OPENSSL_free(c->ctypes); + OPENSSL_free(c->ctype); X509_STORE_free(c->verify_store); X509_STORE_free(c->chain_store); custom_exts_free(&c->cli_ext); -- cgit v1.2.3