yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-04-30 06:06:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow change of CRT frame returned by x509_crt_frame_acquire()

Browse source
This commit is contained in:
Hanno Becker 2019-05-20 16:26:34 +01:00
parent 9219f9e7b8
commit 5f268b3cf6
4 changed files with 16 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
include/mbedtls/x509_crt.h
View file

@ -792,7 +792,7 @@ int mbedtls_x509_crt_get_ext_key_usage( mbedtls_x509_crt const *crt,
int mbedtls_x509_crt_flush_cache( mbedtls_x509_crt const *crt ); int mbedtls_x509_crt_flush_cache( mbedtls_x509_crt const *crt );
static inline int mbedtls_x509_crt_frame_acquire( mbedtls_x509_crt const *crt, static inline int mbedtls_x509_crt_frame_acquire( mbedtls_x509_crt const *crt,
mbedtls_x509_crt_frame **frame_ptr ) mbedtls_x509_crt_frame const **frame_ptr )
{ {
int ret; int ret;
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)

4
library/ssl_srv.c
View file

@ -874,7 +874,7 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
mbedtls_md_type_t sig_md; mbedtls_md_type_t sig_md;
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame ); ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -2996,7 +2996,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
while( crt != NULL && crt->raw.p != NULL ) while( crt != NULL && crt->raw.p != NULL )
{ {
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );

24
library/x509_crt.c
View file

@ -288,7 +288,7 @@ int mbedtls_x509_crt_get_subject_alt_names( mbedtls_x509_crt const *crt,
mbedtls_x509_sequence **subj_alt ) mbedtls_x509_sequence **subj_alt )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
mbedtls_x509_sequence *seq; mbedtls_x509_sequence *seq;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@ -311,7 +311,7 @@ int mbedtls_x509_crt_get_ext_key_usage( mbedtls_x509_crt const *crt,
mbedtls_x509_sequence **ext_key_usage ) mbedtls_x509_sequence **ext_key_usage )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
mbedtls_x509_sequence *seq; mbedtls_x509_sequence *seq;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@ -334,7 +334,7 @@ int mbedtls_x509_crt_get_subject( mbedtls_x509_crt const *crt,
mbedtls_x509_name **subject ) mbedtls_x509_name **subject )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
mbedtls_x509_name *name; mbedtls_x509_name *name;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@ -357,7 +357,7 @@ int mbedtls_x509_crt_get_issuer( mbedtls_x509_crt const *crt,
mbedtls_x509_name **issuer ) mbedtls_x509_name **issuer )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
mbedtls_x509_name *name; mbedtls_x509_name *name;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@ -380,7 +380,7 @@ int mbedtls_x509_crt_get_frame( mbedtls_x509_crt const *crt,
mbedtls_x509_crt_frame *dst ) mbedtls_x509_crt_frame *dst )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
@ -2426,7 +2426,7 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
unsigned int usage ) unsigned int usage )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 ) if( ret != 0 )
return( MBEDTLS_ERR_X509_FATAL_ERROR ); return( MBEDTLS_ERR_X509_FATAL_ERROR );
@ -2474,7 +2474,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
size_t usage_len ) size_t usage_len )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
unsigned ext_types; unsigned ext_types;
unsigned char *p, *end; unsigned char *p, *end;
x509_crt_check_ext_key_usage_cb_ctx_t cb_ctx = { usage_oid, usage_len }; x509_crt_check_ext_key_usage_cb_ctx_t cb_ctx = { usage_oid, usage_len };
@ -2534,7 +2534,7 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt,
const mbedtls_x509_crl *crl ) const mbedtls_x509_crl *crl )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 ) if( ret != 0 )
@ -2569,7 +2569,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial,
return( flags ); return( flags );
{ {
mbedtls_x509_crt_frame *ca; mbedtls_x509_crt_frame const *ca;
ret = mbedtls_x509_crt_frame_acquire( ca_crt, &ca ); ret = mbedtls_x509_crt_frame_acquire( ca_crt, &ca );
if( ret != 0 ) if( ret != 0 )
return( MBEDTLS_X509_BADCRL_NOT_TRUSTED ); return( MBEDTLS_X509_BADCRL_NOT_TRUSTED );
@ -2846,7 +2846,7 @@ check_signature:
parent_valid = parent_match = path_len_ok = 0; parent_valid = parent_match = path_len_ok = 0;
{ {
mbedtls_x509_crt_frame *parent; mbedtls_x509_crt_frame const *parent;
ret = mbedtls_x509_crt_frame_acquire( parent_crt, &parent ); ret = mbedtls_x509_crt_frame_acquire( parent_crt, &parent );
if( ret != 0 ) if( ret != 0 )
@ -3139,7 +3139,7 @@ find_parent:
{ {
mbedtls_x509_crt_sig_info child_sig; mbedtls_x509_crt_sig_info child_sig;
{ {
mbedtls_x509_crt_frame *child; mbedtls_x509_crt_frame const *child;
ret = mbedtls_x509_crt_frame_acquire( child_crt, &child ); ret = mbedtls_x509_crt_frame_acquire( child_crt, &child );
if( ret != 0 ) if( ret != 0 )
@ -3340,7 +3340,7 @@ static int x509_crt_verify_name( const mbedtls_x509_crt *crt,
uint32_t *flags ) uint32_t *flags )
{ {
int ret; int ret;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame ); ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 ) if( ret != 0 )

2
tests/suites/test_suite_x509parse.function
View file

@ -143,7 +143,7 @@ int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint
verify_print_context *ctx = (verify_print_context *) data; verify_print_context *ctx = (verify_print_context *) data;
char *p = ctx->p; char *p = ctx->p;
size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p; size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p;
mbedtls_x509_crt_frame *frame; mbedtls_x509_crt_frame const *frame;
mbedtls_x509_name *subject; mbedtls_x509_name *subject;
((void) flags); ((void) flags);