mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-05 14:25:33 +00:00
Merge remote-tracking branch 'origin/pr/2542' into mbedtls-2.16
* origin/pr/2542: Add guards for MBEDTLS_X509_CRL_PARSE_C in sample
This commit is contained in:
commit
9cfc9ceaf9
|
@ -36,6 +36,8 @@ Bugfix
|
||||||
public macro MBEDTLS_X509_ID_FLAG. This could lead to invalid evaluation
|
public macro MBEDTLS_X509_ID_FLAG. This could lead to invalid evaluation
|
||||||
in case operators binding less strongly than subtraction were used
|
in case operators binding less strongly than subtraction were used
|
||||||
for the parameter.
|
for the parameter.
|
||||||
|
* Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl
|
||||||
|
sni entry parameter. Reported by inestlerode in #560.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Return from various debugging routines immediately if the
|
* Return from various debugging routines immediately if the
|
||||||
|
|
|
@ -251,8 +251,14 @@ int main( void )
|
||||||
#endif /* MBEDTLS_SSL_CACHE_C */
|
#endif /* MBEDTLS_SSL_CACHE_C */
|
||||||
|
|
||||||
#if defined(SNI_OPTION)
|
#if defined(SNI_OPTION)
|
||||||
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
|
#define SNI_CRL ",crl"
|
||||||
|
#else
|
||||||
|
#define SNI_CRL ""
|
||||||
|
#endif
|
||||||
|
|
||||||
#define USAGE_SNI \
|
#define USAGE_SNI \
|
||||||
" sni=%%s name1,cert1,key1,ca1,crl1,auth1[,...]\n" \
|
" sni=%%s name1,cert1,key1,ca1"SNI_CRL",auth1[,...]\n" \
|
||||||
" default: disabled\n"
|
" default: disabled\n"
|
||||||
#else
|
#else
|
||||||
#define USAGE_SNI ""
|
#define USAGE_SNI ""
|
||||||
|
@ -622,10 +628,10 @@ void sni_free( sni_entry *head )
|
||||||
|
|
||||||
mbedtls_x509_crt_free( cur->ca );
|
mbedtls_x509_crt_free( cur->ca );
|
||||||
mbedtls_free( cur->ca );
|
mbedtls_free( cur->ca );
|
||||||
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
mbedtls_x509_crl_free( cur->crl );
|
mbedtls_x509_crl_free( cur->crl );
|
||||||
mbedtls_free( cur->crl );
|
mbedtls_free( cur->crl );
|
||||||
|
#endif
|
||||||
next = cur->next;
|
next = cur->next;
|
||||||
mbedtls_free( cur );
|
mbedtls_free( cur );
|
||||||
cur = next;
|
cur = next;
|
||||||
|
@ -644,7 +650,10 @@ sni_entry *sni_parse( char *sni_string )
|
||||||
sni_entry *cur = NULL, *new = NULL;
|
sni_entry *cur = NULL, *new = NULL;
|
||||||
char *p = sni_string;
|
char *p = sni_string;
|
||||||
char *end = p;
|
char *end = p;
|
||||||
char *crt_file, *key_file, *ca_file, *crl_file, *auth_str;
|
char *crt_file, *key_file, *ca_file, *auth_str;
|
||||||
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
|
char *crl_file;
|
||||||
|
#endif
|
||||||
|
|
||||||
while( *end != '\0' )
|
while( *end != '\0' )
|
||||||
++end;
|
++end;
|
||||||
|
@ -662,7 +671,9 @@ sni_entry *sni_parse( char *sni_string )
|
||||||
GET_ITEM( crt_file );
|
GET_ITEM( crt_file );
|
||||||
GET_ITEM( key_file );
|
GET_ITEM( key_file );
|
||||||
GET_ITEM( ca_file );
|
GET_ITEM( ca_file );
|
||||||
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
GET_ITEM( crl_file );
|
GET_ITEM( crl_file );
|
||||||
|
#endif
|
||||||
GET_ITEM( auth_str );
|
GET_ITEM( auth_str );
|
||||||
|
|
||||||
if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ||
|
if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ||
|
||||||
|
@ -687,6 +698,7 @@ sni_entry *sni_parse( char *sni_string )
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
if( strcmp( crl_file, "-" ) != 0 )
|
if( strcmp( crl_file, "-" ) != 0 )
|
||||||
{
|
{
|
||||||
if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL )
|
if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL )
|
||||||
|
@ -697,6 +709,7 @@ sni_entry *sni_parse( char *sni_string )
|
||||||
if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 )
|
if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 )
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
if( strcmp( auth_str, "-" ) != 0 )
|
if( strcmp( auth_str, "-" ) != 0 )
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue