diff options
| author | Adam Langley <agl@google.com> | 2015-05-11 17:20:37 -0700 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2015-05-12 23:06:14 +0000 |
| commit | e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5 (patch) | |
| tree | 6e43e34595ecf887c26c32b86d8ab097fe8cac64 /src/ssl/ssl_rsa.c | |
| parent | b3106a0cc1493bbe0505c0ec0ce3da4ca90a29ae (diff) | |
| download | external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.zip external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.tar.gz external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.tar.bz2 | |
external/boringssl: bump revision.
This change bumps the BoringSSL revision to the current tip-of-tree.
Change-Id: I91d5bf467e16e8d86cb19a4de873985f524e5faa
Diffstat (limited to 'src/ssl/ssl_rsa.c')
| -rw-r--r-- | src/ssl/ssl_rsa.c | 91 |
1 files changed, 15 insertions, 76 deletions
diff --git a/src/ssl/ssl_rsa.c b/src/ssl/ssl_rsa.c index 3d1bc62..87f4c1c 100644 --- a/src/ssl/ssl_rsa.c +++ b/src/ssl/ssl_rsa.c @@ -64,7 +64,7 @@ #include <openssl/pem.h> #include <openssl/x509.h> -#include "ssl_locl.h" +#include "internal.h" static int ssl_set_cert(CERT *c, X509 *x509); static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); @@ -74,10 +74,6 @@ int SSL_use_certificate(SSL *ssl, X509 *x) { OPENSSL_PUT_ERROR(SSL, SSL_use_certificate, ERR_R_PASSED_NULL_PARAMETER); return 0; } - if (!ssl_cert_inst(&ssl->cert)) { - OPENSSL_PUT_ERROR(SSL, SSL_use_certificate, ERR_R_MALLOC_FAILURE); - return 0; - } return ssl_set_cert(ssl->cert, x); } @@ -118,12 +114,8 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) { ret = SSL_use_certificate(ssl, x); end: - if (x != NULL) { - X509_free(x); - } - if (in != NULL) { - BIO_free(in); - } + X509_free(x); + BIO_free(in); return ret; } @@ -152,11 +144,6 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) { return 0; } - if (!ssl_cert_inst(&ssl->cert)) { - OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey, ERR_R_MALLOC_FAILURE); - return 0; - } - pkey = EVP_PKEY_new(); if (pkey == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_use_RSAPrivateKey, ERR_R_EVP_LIB); @@ -182,12 +169,6 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { } if (c->pkeys[i].x509 != NULL) { - EVP_PKEY *pktmp; - pktmp = X509_get_pubkey(c->pkeys[i].x509); - EVP_PKEY_copy_parameters(pktmp, pkey); - EVP_PKEY_free(pktmp); - ERR_clear_error(); - /* Sanity-check that the private key and the certificate match, unless the * key is opaque (in case of, say, a smartcard). */ if (!EVP_PKEY_is_opaque(pkey) && @@ -198,10 +179,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { } } - if (c->pkeys[i].privatekey != NULL) { - EVP_PKEY_free(c->pkeys[i].privatekey); - } - c->pkeys[i].privatekey = EVP_PKEY_dup(pkey); + EVP_PKEY_free(c->pkeys[i].privatekey); + c->pkeys[i].privatekey = EVP_PKEY_up_ref(pkey); c->key = &(c->pkeys[i]); return 1; @@ -244,9 +223,7 @@ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) { RSA_free(rsa); end: - if (in != NULL) { - BIO_free(in); - } + BIO_free(in); return ret; } @@ -275,11 +252,6 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) { return 0; } - if (!ssl_cert_inst(&ssl->cert)) { - OPENSSL_PUT_ERROR(SSL, SSL_use_PrivateKey, ERR_R_MALLOC_FAILURE); - return 0; - } - ret = ssl_set_pkey(ssl->cert, pkey); return ret; } @@ -320,9 +292,7 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) { EVP_PKEY_free(pkey); end: - if (in != NULL) { - BIO_free(in); - } + BIO_free(in); return ret; } @@ -349,10 +319,6 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { ERR_R_PASSED_NULL_PARAMETER); return 0; } - if (!ssl_cert_inst(&ctx->cert)) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_certificate, ERR_R_MALLOC_FAILURE); - return 0; - } return ssl_set_cert(ctx->cert, x); } @@ -375,9 +341,6 @@ static int ssl_set_cert(CERT *c, X509 *x) { } if (c->pkeys[i].privatekey != NULL) { - EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey); - ERR_clear_error(); - /* Sanity-check that the private key and the certificate match, unless the * key is opaque (in case of, say, a smartcard). */ if (!EVP_PKEY_is_opaque(c->pkeys[i].privatekey) && @@ -394,9 +357,7 @@ static int ssl_set_cert(CERT *c, X509 *x) { EVP_PKEY_free(pkey); - if (c->pkeys[i].x509 != NULL) { - X509_free(c->pkeys[i].x509); - } + X509_free(c->pkeys[i].x509); c->pkeys[i].x509 = X509_up_ref(x); c->key = &(c->pkeys[i]); @@ -441,12 +402,8 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) { ret = SSL_CTX_use_certificate(ctx, x); end: - if (x != NULL) { - X509_free(x); - } - if (in != NULL) { - BIO_free(in); - } + X509_free(x); + BIO_free(in); return ret; } @@ -475,11 +432,6 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) { return 0; } - if (!ssl_cert_inst(&ctx->cert)) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey, ERR_R_MALLOC_FAILURE); - return 0; - } - pkey = EVP_PKEY_new(); if (pkey == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_RSAPrivateKey, ERR_R_EVP_LIB); @@ -531,9 +483,7 @@ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) { RSA_free(rsa); end: - if (in != NULL) { - BIO_free(in); - } + BIO_free(in); return ret; } @@ -560,11 +510,6 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { return 0; } - if (!ssl_cert_inst(&ctx->cert)) { - OPENSSL_PUT_ERROR(SSL, SSL_CTX_use_PrivateKey, ERR_R_MALLOC_FAILURE); - return 0; - } - return ssl_set_pkey(ctx->cert, pkey); } @@ -604,9 +549,7 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) { EVP_PKEY_free(pkey); end: - if (in != NULL) { - BIO_free(in); - } + BIO_free(in); return ret; } @@ -668,7 +611,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) { * certificates. */ X509 *ca; int r; - unsigned long err; + uint32_t err; SSL_CTX_clear_chain_certs(ctx); @@ -697,11 +640,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) { } end: - if (x != NULL) { - X509_free(x); - } - if (in != NULL) { - BIO_free(in); - } + X509_free(x); + BIO_free(in); return ret; } |