mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-10 20:25:47 +00:00
Don't allow change of CRT frame returned by x509_crt_frame_acquire()
This commit is contained in:
parent
9219f9e7b8
commit
5f268b3cf6
|
@ -792,7 +792,7 @@ int mbedtls_x509_crt_get_ext_key_usage( mbedtls_x509_crt const *crt,
|
|||
int mbedtls_x509_crt_flush_cache( mbedtls_x509_crt const *crt );
|
||||
|
||||
static inline int mbedtls_x509_crt_frame_acquire( mbedtls_x509_crt const *crt,
|
||||
mbedtls_x509_crt_frame **frame_ptr )
|
||||
mbedtls_x509_crt_frame const **frame_ptr )
|
||||
{
|
||||
int ret;
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
|
|
|
@ -874,7 +874,7 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||
mbedtls_md_type_t sig_md;
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
@ -2996,7 +2996,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
|
||||
while( crt != NULL && crt->raw.p != NULL )
|
||||
{
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
|
|
@ -288,7 +288,7 @@ int mbedtls_x509_crt_get_subject_alt_names( mbedtls_x509_crt const *crt,
|
|||
mbedtls_x509_sequence **subj_alt )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
mbedtls_x509_sequence *seq;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
|
@ -311,7 +311,7 @@ int mbedtls_x509_crt_get_ext_key_usage( mbedtls_x509_crt const *crt,
|
|||
mbedtls_x509_sequence **ext_key_usage )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
mbedtls_x509_sequence *seq;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
|
@ -334,7 +334,7 @@ int mbedtls_x509_crt_get_subject( mbedtls_x509_crt const *crt,
|
|||
mbedtls_x509_name **subject )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
mbedtls_x509_name *name;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
|
@ -357,7 +357,7 @@ int mbedtls_x509_crt_get_issuer( mbedtls_x509_crt const *crt,
|
|||
mbedtls_x509_name **issuer )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
mbedtls_x509_name *name;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
|
@ -380,7 +380,7 @@ int mbedtls_x509_crt_get_frame( mbedtls_x509_crt const *crt,
|
|||
mbedtls_x509_crt_frame *dst )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
@ -2426,7 +2426,7 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
|
|||
unsigned int usage )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_X509_FATAL_ERROR );
|
||||
|
@ -2474,7 +2474,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
|
|||
size_t usage_len )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
unsigned ext_types;
|
||||
unsigned char *p, *end;
|
||||
x509_crt_check_ext_key_usage_cb_ctx_t cb_ctx = { usage_oid, usage_len };
|
||||
|
@ -2534,7 +2534,7 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt,
|
|||
const mbedtls_x509_crl *crl )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
|
@ -2569,7 +2569,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial,
|
|||
return( flags );
|
||||
|
||||
{
|
||||
mbedtls_x509_crt_frame *ca;
|
||||
mbedtls_x509_crt_frame const *ca;
|
||||
ret = mbedtls_x509_crt_frame_acquire( ca_crt, &ca );
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_X509_BADCRL_NOT_TRUSTED );
|
||||
|
@ -2846,7 +2846,7 @@ check_signature:
|
|||
|
||||
parent_valid = parent_match = path_len_ok = 0;
|
||||
{
|
||||
mbedtls_x509_crt_frame *parent;
|
||||
mbedtls_x509_crt_frame const *parent;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( parent_crt, &parent );
|
||||
if( ret != 0 )
|
||||
|
@ -3139,7 +3139,7 @@ find_parent:
|
|||
{
|
||||
mbedtls_x509_crt_sig_info child_sig;
|
||||
{
|
||||
mbedtls_x509_crt_frame *child;
|
||||
mbedtls_x509_crt_frame const *child;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( child_crt, &child );
|
||||
if( ret != 0 )
|
||||
|
@ -3340,7 +3340,7 @@ static int x509_crt_verify_name( const mbedtls_x509_crt *crt,
|
|||
uint32_t *flags )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
|
|
|
@ -143,7 +143,7 @@ int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint
|
|||
verify_print_context *ctx = (verify_print_context *) data;
|
||||
char *p = ctx->p;
|
||||
size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
mbedtls_x509_crt_frame const *frame;
|
||||
mbedtls_x509_name *subject;
|
||||
((void) flags);
|
||||
|
||||
|
|
Loading…
Reference in a new issue