mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 02:05:31 +00:00
Don't use assertion for failures of mbedtls_x509_crt_x_acquire()
These functions may afil in a regular run, e.g. due to an out of memory error.
This commit is contained in:
parent
d92078fc55
commit
2224ccf390
|
@ -2328,9 +2328,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
&peer_pk );
|
||||
if( ret != 0 )
|
||||
{
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
@ -2472,9 +2471,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
|||
&peer_pk );
|
||||
if( ret != 0 )
|
||||
{
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
|
@ -2822,9 +2820,8 @@ start_processing:
|
|||
&peer_pk );
|
||||
if( ret != 0 )
|
||||
{
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
|
|
|
@ -815,8 +815,11 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||
int ret;
|
||||
ret = mbedtls_x509_crt_pk_acquire( cur->cert, &pk );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#else
|
||||
/* Outside of ASYNC_PRIVATE, use private key context directly
|
||||
* instead of querying for the public key context from the
|
||||
|
@ -877,7 +880,10 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||
mbedtls_x509_crt_frame const *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_frame_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
sig_md = frame->sig_md;
|
||||
mbedtls_x509_crt_frame_release( cur->cert );
|
||||
}
|
||||
|
@ -2999,7 +3005,10 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
mbedtls_x509_crt_frame const *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_frame_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
dn_size = frame->subject_raw.len;
|
||||
|
||||
|
@ -4247,9 +4256,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
&peer_pk );
|
||||
if( ret != 0 )
|
||||
{
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
|
|
@ -6507,7 +6507,10 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
mbedtls_pk_context *pk;
|
||||
ret = mbedtls_x509_crt_pk_acquire( chain, &pk );
|
||||
if( ret != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/* If certificate uses an EC key, make sure the curve is OK */
|
||||
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) )
|
||||
|
|
Loading…
Reference in a new issue