From 23b271da846673040b4059875fbc17aea527797e Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Thu, 28 Dec 2017 09:35:10 -0700
Subject: [PATCH] clean up after rebase

---
 src/internal.c          |  5 +++--
 src/ssl.c               | 43 +++++++++++++++++++++++++++--------------
 tests/api.c             |  2 ++
 wolfssl/openssl/rsa.h   |  1 +
 wolfssl/wolfcrypt/asn.h |  2 --
 5 files changed, 34 insertions(+), 19 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 47aa2e0f9..684f1b8ea 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1506,7 +1506,6 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
         while (ctx->ca_names != NULL) {
             WOLFSSL_STACK *next = ctx->ca_names->next;
             wolfSSL_X509_NAME_free(ctx->ca_names->data.name);
-            XFREE(ctx->ca_names->data.name, NULL, DYNAMIC_TYPE_OPENSSL);
             XFREE(ctx->ca_names, NULL, DYNAMIC_TYPE_OPENSSL);
             ctx->ca_names = next;
         }
@@ -2765,8 +2764,10 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
 #ifdef OPENSSL_EXTRA
         {
             int i;
-            if (name->fullName.fullName != NULL)
+            if (name->fullName.fullName != NULL) {
                 XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509);
+                name->fullName.fullName = NULL;
+            }
             for (i = 0; i < MAX_NAME_ENTRIES; i++) {
                 /* free ASN1 string data */
                 if (name->extra[i].set && name->extra[i].data.data != NULL) {
diff --git a/src/ssl.c b/src/ssl.c
index dd0c4d67d..094d93072 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -20453,8 +20453,11 @@ WOLFSSL_RSA* wolfSSL_RSA_new(void)
             rng = NULL;
         }
 
-        if (initGlobalRNG)
+        external->ownRng = 1;
+        if (rng == NULL && initGlobalRNG) {
+            external->ownRng = 0;
             rng = &globalRNG;
+        }
 
         if (rng == NULL) {
             WOLFSSL_MSG("wolfSSL_RSA_new no WC_RNG for blinding");
@@ -20481,10 +20484,15 @@ void wolfSSL_RSA_free(WOLFSSL_RSA* rsa)
         if (rsa->internal) {
 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && \
     !defined(HAVE_FAST_RSA) && defined(WC_RSA_BLINDING)
-            WC_RNG* rng = ((RsaKey*)rsa->internal)->rng;
-            if (rng != NULL && rng != &globalRNG) {
-                wc_FreeRng(rng);
-                XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
+            WC_RNG* rng;
+
+            /* check if RNG is owned before freeing it */
+            if (rsa->ownRng) {
+                rng = ((RsaKey*)rsa->internal)->rng;
+                if (rng != NULL && rng != &globalRNG) {
+                    wc_FreeRng(rng);
+                    XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
+                }
             }
 #endif /* WC_RSA_BLINDING */
             wc_FreeRsaKey((RsaKey*)rsa->internal);
@@ -21812,15 +21820,18 @@ int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
 
     WOLFSSL_MSG("wolfSSL_HMAC_Update");
 
-    if (ctx == NULL || data == NULL) {
-        WOLFSSL_MSG("no ctx or data");
+    if (ctx == NULL) {
+        WOLFSSL_MSG("no ctx");
         return SSL_FAILURE;
     }
-    WOLFSSL_MSG("updating hmac");
-    hmac_error = wc_HmacUpdate(&ctx->hmac, data, (word32)len);
-    if (hmac_error < 0){
-        WOLFSSL_MSG("hmac update error");
-        return SSL_FAILURE;
+
+    if (data) {
+        WOLFSSL_MSG("updating hmac");
+        hmac_error = wc_HmacUpdate(&ctx->hmac, data, (word32)len);
+        if (hmac_error < 0){
+            WOLFSSL_MSG("hmac update error");
+            return SSL_FAILURE;
+        }
     }
 
     return SSL_SUCCESS;
@@ -21924,9 +21935,11 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *k
     pkey->ownRsa = 0; /* pkey does not own RSA */
     pkey->type = EVP_PKEY_RSA;
 #ifdef WC_RSA_BLINDING
-    if (wc_RsaSetRNG((RsaKey*)(pkey->rsa->internal), &(pkey->rng)) != 0) {
-        WOLFSSL_MSG("Error setting RSA rng");
-        return SSL_FAILURE;
+    if (key->ownRng == 0) {
+        if (wc_RsaSetRNG((RsaKey*)(pkey->rsa->internal), &(pkey->rng)) != 0) {
+            WOLFSSL_MSG("Error setting RSA rng");
+            return SSL_FAILURE;
+        }
     }
 #endif
     return 1;
diff --git a/tests/api.c b/tests/api.c
index ad6e6f59a..850a76311 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -14863,6 +14863,8 @@ static void test_wolfSSL_ERR_put_error(void)
 
     printf(testingFmt, "wolfSSL_ERR_put_error()");
 
+
+    ERR_clear_error(); /* clear out any error nodes */
     ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0);
     AssertIntEQ(ERR_get_error_line(&file, &line), 0);
     ERR_put_error(0,SYS_F_BIND, 1, "this file", 1);
diff --git a/wolfssl/openssl/rsa.h b/wolfssl/openssl/rsa.h
index 7be55008a..650fe1e57 100644
--- a/wolfssl/openssl/rsa.h
+++ b/wolfssl/openssl/rsa.h
@@ -57,6 +57,7 @@ struct WOLFSSL_RSA {
     void*          internal;  /* our RSA */
     char           inSet;     /* internal set from external ? */
     char           exSet;     /* external set from internal ? */
+    char           ownRng;    /* flag for if the rng should be free'd */
 };
 
 
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index 6174d17c8..75a5f254c 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -188,8 +188,6 @@ enum Misc_ASN {
     MAX_KEYUSAGE_SZ     = 18,      /* Max encoded Key Usage length */
     MAX_EXTKEYUSAGE_SZ  = 12 + (6 * (8 + 2)), /* Max encoded ExtKeyUsage
                         (SEQ/LEN + OBJID + OCTSTR/LEN + SEQ + (6 * (SEQ + OID))) */
-    MAX_OID_SZ          = 32,      /* Max DER length of OID*/
-    MAX_OID_STRING_SZ   = 64,      /* Max string length representation of OID*/
     MAX_CERTPOL_NB      = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
     MAX_CERTPOL_SZ      = CTC_MAX_CERTPOL_SZ,
 #endif