artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6602a29) | patch
Make X509_VERIFY_PARAM_set1_policies() less bad
authortb <tb@openbsd.org>
Fri, 29 Mar 2024 04:50:11 +0000 (04:50 +0000)
committertb <tb@openbsd.org>
Fri, 29 Mar 2024 04:50:11 +0000 (04:50 +0000)
commita16560b15467a9f2226f5c334760bb7f0f702fc0
tree1d130a3acf6c609f31245112c81d4b7fe32f8acatree | snapshot
parent6602a2998f4cc8475b15a048d5302446c29ead80commit | diff
Make X509_VERIFY_PARAM_set1_policies() less bad

If any OBJ_dup() fails along the way, a partially copied policy stack
would remain on the params object. This makes no sense. Implement and
use an sk_ASN1_OBJECT_deep_copy(), that copies the full stack or else
returns NULL.

Remove unnecessary NULL check and streamline some other logic.

ok jsing
lib/libcrypto/x509/x509_vpm.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim