diff options
Diffstat (limited to 'main/openssl/crypto/ocsp')
-rw-r--r-- | main/openssl/crypto/ocsp/ocsp_ht.c | 16 | ||||
-rw-r--r-- | main/openssl/crypto/ocsp/ocsp_lib.c | 13 | ||||
-rw-r--r-- | main/openssl/crypto/ocsp/ocsp_vfy.c | 7 |
3 files changed, 29 insertions, 7 deletions
diff --git a/main/openssl/crypto/ocsp/ocsp_ht.c b/main/openssl/crypto/ocsp/ocsp_ht.c index af5fc166..09eb855d 100644 --- a/main/openssl/crypto/ocsp/ocsp_ht.c +++ b/main/openssl/crypto/ocsp/ocsp_ht.c @@ -158,6 +158,8 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, OCSP_REQ_CTX *rctx; rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); + if (!rctx) + return NULL; rctx->state = OHS_ERROR; rctx->mem = BIO_new(BIO_s_mem()); rctx->io = io; @@ -167,18 +169,21 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); - if (!rctx->iobuf) - return 0; + if (!rctx->mem || !rctx->iobuf) + goto err; if (!path) path = "/"; if (BIO_printf(rctx->mem, post_hdr, path) <= 0) - return 0; + goto err; if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) - return 0; + goto err; return rctx; + err: + OCSP_REQ_CTX_free(rctx); + return NULL; } /* Parse the HTTP response. This will look like this: @@ -490,6 +495,9 @@ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) ctx = OCSP_sendreq_new(b, path, req, -1); + if (!ctx) + return NULL; + do { rv = OCSP_sendreq_nbio(&resp, ctx); diff --git a/main/openssl/crypto/ocsp/ocsp_lib.c b/main/openssl/crypto/ocsp/ocsp_lib.c index a94dc838..5061c057 100644 --- a/main/openssl/crypto/ocsp/ocsp_lib.c +++ b/main/openssl/crypto/ocsp/ocsp_lib.c @@ -222,8 +222,19 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss if (!*ppath) goto mem_err; + p = host; + if(host[0] == '[') + { + /* ipv6 literal */ + host++; + p = strchr(host, ']'); + if(!p) goto parse_err; + *p = '\0'; + p++; + } + /* Look for optional ':' for port number */ - if ((p = strchr(host, ':'))) + if ((p = strchr(p, ':'))) { *p = 0; port = p + 1; diff --git a/main/openssl/crypto/ocsp/ocsp_vfy.c b/main/openssl/crypto/ocsp/ocsp_vfy.c index 27671830..fc0d4cc0 100644 --- a/main/openssl/crypto/ocsp/ocsp_vfy.c +++ b/main/openssl/crypto/ocsp/ocsp_vfy.c @@ -436,8 +436,11 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm if(!(flags & OCSP_NOINTERN)) { signer = X509_find_by_subject(req->optionalSignature->certs, nm); - *psigner = signer; - return 1; + if (signer) + { + *psigner = signer; + return 1; + } } signer = X509_find_by_subject(certs, nm); |