Merge pull request #4538 from julek-wolfssl/sk_free-refactor

Refactor sk_*_free functions and stack type
This commit is contained in:
David Garske 2021-11-12 10:30:14 -08:00 committed by GitHub
commit 25054bd87f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 340 additions and 481 deletions

View File

@ -2333,7 +2333,7 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
ctx->cm = NULL;
#ifdef OPENSSL_ALL
if (ctx->x509_store.objs != NULL) {
wolfSSL_sk_X509_OBJECT_free(ctx->x509_store.objs);
wolfSSL_sk_X509_OBJECT_pop_free(ctx->x509_store.objs, NULL);
ctx->x509_store.objs = NULL;
}
#endif
@ -2347,7 +2347,7 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
#endif
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
if (ctx->x509Chain) {
wolfSSL_sk_X509_free(ctx->x509Chain);
wolfSSL_sk_X509_pop_free(ctx->x509Chain, NULL);
ctx->x509Chain = NULL;
}
#endif
@ -3979,10 +3979,10 @@ void FreeX509(WOLFSSL_X509* x509)
XFREE(x509->authInfoCaIssuer, x509->heap, DYNAMIC_TYPE_X509_EXT);
}
if (x509->ext_sk != NULL) {
wolfSSL_sk_X509_EXTENSION_free(x509->ext_sk);
wolfSSL_sk_X509_EXTENSION_pop_free(x509->ext_sk, NULL);
}
if (x509->ext_sk_full != NULL) {
wolfSSL_sk_X509_EXTENSION_free(x509->ext_sk_full);
wolfSSL_sk_X509_EXTENSION_pop_free(x509->ext_sk_full, NULL);
}
#endif /* OPENSSL_ALL || WOLFSSL_QT */
#ifdef OPENSSL_EXTRA
@ -6953,6 +6953,8 @@ void FreeSuites(WOLFSSL* ssl)
{
#ifdef OPENSSL_ALL
if (ssl->suites != NULL) {
/* Enough to free stack structure since WOLFSSL_CIPHER
* isn't allocated separately. */
wolfSSL_sk_SSL_CIPHER_free(ssl->suites->stack);
}
#endif
@ -7251,10 +7253,12 @@ void SSL_ResourceFree(WOLFSSL* ssl)
}
#endif /* WOLFSSL_STATIC_MEMORY */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
/* Enough to free stack structure since WOLFSSL_CIPHER
* isn't allocated separately. */
wolfSSL_sk_CIPHER_free(ssl->supportedCiphers);
wolfSSL_sk_X509_free(ssl->peerCertChain);
wolfSSL_sk_X509_pop_free(ssl->peerCertChain, NULL);
#ifdef KEEP_OUR_CERT
wolfSSL_sk_X509_free(ssl->ourCertChain);
wolfSSL_sk_X509_pop_free(ssl->ourCertChain, NULL);
#endif
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
@ -11371,7 +11375,7 @@ int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl, int ret,
}
#endif
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
wolfSSL_sk_X509_free(store->chain);
wolfSSL_sk_X509_pop_free(store->chain, NULL);
store->chain = NULL;
#endif
#ifdef SESSION_CERTS

716
src/ssl.c

File diff suppressed because it is too large Load Diff

View File

@ -1410,7 +1410,7 @@ static void test_wolfSSL_CertManagerGetCerts(void)
#endif /* DEBUG_WOLFSSL_VERBOSE */
}
wolfSSL_X509_free(cert1);
sk_X509_free(sk);
sk_X509_pop_free(sk, NULL);
wolfSSL_CertManagerFree(cm);
printf(resultFmt, passed);
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
@ -8052,7 +8052,7 @@ static void test_wolfSSL_PKCS12(void)
-1, -1, 100, -1, 0)));
EVP_PKEY_free(pkey);
X509_free(cert);
sk_X509_free(ca);
sk_X509_pop_free(ca, NULL);
AssertIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
SSL_SUCCESS);
@ -8063,7 +8063,7 @@ static void test_wolfSSL_PKCS12(void)
2000, 1, 0)));
EVP_PKEY_free(pkey);
X509_free(cert);
sk_X509_free(ca);
sk_X509_pop_free(ca, NULL);
/* convert to DER then back and parse */
AssertNotNull(bio = BIO_new(BIO_s_mem()));
@ -8093,7 +8093,7 @@ static void test_wolfSSL_PKCS12(void)
2000, 1, 0)));
EVP_PKEY_free(pkey);
X509_free(cert);
sk_X509_free(ca);
sk_X509_pop_free(ca, NULL);
AssertIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
SSL_SUCCESS);
@ -8104,7 +8104,7 @@ static void test_wolfSSL_PKCS12(void)
X509_free(cert);
PKCS12_free(pkcs12);
PKCS12_free(pkcs12_2);
sk_X509_free(ca);
sk_X509_pop_free(ca, NULL);
#ifdef HAVE_ECC
/* test order of parsing */
@ -8152,7 +8152,7 @@ static void test_wolfSSL_PKCS12(void)
X509_free(cert);
BIO_free(bio);
PKCS12_free(pkcs12);
sk_X509_free(ca); /* TEST d2i_PKCS12_fp */
sk_X509_pop_free(ca, NULL); /* TEST d2i_PKCS12_fp */
/* test order of parsing */
f = XFOPEN(file, "rb");
@ -8184,7 +8184,7 @@ static void test_wolfSSL_PKCS12(void)
wolfSSL_EVP_PKEY_free(pkey);
wolfSSL_X509_free(cert);
sk_X509_free(ca);
sk_X509_pop_free(ca, NULL);
PKCS12_free(pkcs12);
#endif /* HAVE_ECC */
@ -8220,7 +8220,7 @@ static void test_wolfSSL_PKCS12(void)
wolfSSL_EVP_PKEY_free(pkey);
wolfSSL_X509_free(cert);
sk_X509_free(ca);
sk_X509_pop_free(ca, NULL);
BIO_free(bio);
PKCS12_free(pkcs12);
@ -29757,7 +29757,7 @@ static void test_wolfSSL_X509_INFO(void)
AssertNotNull(cert = BIO_new_file(cliCertFileExt, "rb"));
AssertNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
sk_X509_INFO_free(info_stack);
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
BIO_free(cert);
/* This case should fail due to invalid input. */
@ -30244,7 +30244,7 @@ static void test_wolfSSL_certs(void)
ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk);
AssertNotNull(ext);
X509_EXTENSION_free(ext);
sk_ASN1_OBJECT_free(sk);
sk_ASN1_OBJECT_pop_free(sk, NULL);
#else
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage,
&crit, NULL);
@ -32641,7 +32641,7 @@ static void test_wolfSSL_X509_LOOKUP_ctrl_file(void)
X509_free(issuer);
X509_STORE_CTX_free(ctx);
X509_STORE_free(str);
sk_X509_free(sk);
sk_X509_pop_free(sk, NULL);
X509_free(x509Svr);
AssertNotNull((str = wolfSSL_X509_STORE_new()));
@ -32657,7 +32657,7 @@ static void test_wolfSSL_X509_LOOKUP_ctrl_file(void)
}
X509_STORE_free(str);
sk_X509_free(sk);
sk_X509_pop_free(sk, NULL);
X509_free(cert1);
#ifdef HAVE_CRL
@ -32849,7 +32849,7 @@ static void test_wolfSSL_X509_STORE_CTX(void)
X509_STORE_CTX_free(ctx);
#ifdef OPENSSL_ALL
sk_X509_free(sk);
sk_X509_pop_free(sk, NULL);
#endif
X509_STORE_free(str);
X509_free(x509);
@ -32879,9 +32879,9 @@ static void test_wolfSSL_X509_STORE_CTX(void)
X509_STORE_free(str);
/* CTX certs not freed yet */
X509_free(x5092);
sk_X509_free(sk);
sk_X509_pop_free(sk, NULL);
/* sk3 is dup so free here */
sk_X509_free(sk3);
sk_X509_pop_free(sk3, NULL);
#endif
/* test X509_STORE_CTX_get/set_ex_data */
@ -39526,10 +39526,9 @@ static void test_wolfSSL_GENERAL_NAME_print(void)
AssertIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0);
wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
aia = (AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext);
AssertNotNull(aia);
AUTHORITY_INFO_ACCESS_free(aia);
AUTHORITY_INFO_ACCESS_pop_free(aia, NULL);
X509_free(x509);
/* test for GEN_IPADD */
@ -46072,11 +46071,11 @@ static void test_sk_X509(void)
AssertNotNull(s = sk_X509_new());
AssertIntEQ(sk_X509_num(s), 0);
sk_X509_free(s);
sk_X509_pop_free(s, NULL);
AssertNotNull(s = sk_X509_new_null());
AssertIntEQ(sk_X509_num(s), 0);
sk_X509_free(s);
sk_X509_pop_free(s, NULL);
AssertNotNull(s = sk_X509_new());
sk_X509_push(s, (X509*)1);
@ -48607,14 +48606,14 @@ static void test_wolfSSL_X509_STORE_get1_certs(void)
AssertNotNull(certs = X509_STORE_get1_certs(storeCtx, subject));
AssertIntEQ(1, wolfSSL_sk_X509_num(certs));
sk_X509_free(certs);
sk_X509_pop_free(certs, NULL);
/* Should not find the cert */
AssertNotNull(subject = X509_get_subject_name(svrX509));
AssertNotNull(certs = X509_STORE_get1_certs(storeCtx, subject));
AssertIntEQ(0, wolfSSL_sk_X509_num(certs));
sk_X509_free(certs);
sk_X509_pop_free(certs, NULL);
X509_STORE_free(store);
X509_STORE_CTX_free(storeCtx);

View File

@ -3770,22 +3770,24 @@ typedef struct Arrays {
#define MAX_DATE_SZ 32
#endif
#define STACK_TYPE_X509 0
#define STACK_TYPE_GEN_NAME 1
#define STACK_TYPE_BIO 2
#define STACK_TYPE_OBJ 3
#define STACK_TYPE_STRING 4
#define STACK_TYPE_CIPHER 5
#define STACK_TYPE_ACCESS_DESCRIPTION 6
#define STACK_TYPE_X509_EXT 7
#define STACK_TYPE_NULL 8
#define STACK_TYPE_X509_NAME 9
#define STACK_TYPE_CONF_VALUE 10
#define STACK_TYPE_X509_INFO 11
#define STACK_TYPE_BY_DIR_entry 12
#define STACK_TYPE_BY_DIR_hash 13
#define STACK_TYPE_X509_OBJ 14
#define STACK_TYPE_DIST_POINT 15
typedef enum {
STACK_TYPE_X509 = 0,
STACK_TYPE_GEN_NAME = 1,
STACK_TYPE_BIO = 2,
STACK_TYPE_OBJ = 3,
STACK_TYPE_STRING = 4,
STACK_TYPE_CIPHER = 5,
STACK_TYPE_ACCESS_DESCRIPTION = 6,
STACK_TYPE_X509_EXT = 7,
STACK_TYPE_NULL = 8,
STACK_TYPE_X509_NAME = 9,
STACK_TYPE_CONF_VALUE = 10,
STACK_TYPE_X509_INFO = 11,
STACK_TYPE_BY_DIR_entry = 12,
STACK_TYPE_BY_DIR_hash = 13,
STACK_TYPE_X509_OBJ = 14,
STACK_TYPE_DIST_POINT = 15
} WOLF_STACK_TYPE;
struct WOLFSSL_STACK {
unsigned long num; /* number of nodes in stack
@ -3818,7 +3820,7 @@ struct WOLFSSL_STACK {
} data;
void* heap; /* memory heap hint */
WOLFSSL_STACK* next;
byte type; /* Identifies type of stack. */
WOLF_STACK_TYPE type; /* Identifies type of stack. */
};
struct WOLFSSL_X509_NAME {

View File

@ -528,6 +528,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define sk_X509_OBJECT_new wolfSSL_sk_X509_OBJECT_new
#define sk_X509_OBJECT_free wolfSSL_sk_X509_OBJECT_free
#define sk_X509_OBJECT_pop_free wolfSSL_sk_X509_OBJECT_pop_free
#define sk_X509_EXTENSION_num wolfSSL_sk_X509_EXTENSION_num
#define sk_X509_EXTENSION_value wolfSSL_sk_X509_EXTENSION_value
@ -1306,7 +1307,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define DIST_POINT_new wolfSSL_DIST_POINT_new
#define DIST_POINT_free wolfSSL_DIST_POINT_free
#define DIST_POINTS_free wolfSSL_DIST_POINTS_free
#define CRL_DIST_POINTS_free wolfSSL_sk_DIST_POINT_free
#define CRL_DIST_POINTS_free(cdp) wolfSSL_sk_DIST_POINT_pop_free((cdp), NULL)
#define sk_DIST_POINT_push wolfSSL_sk_DIST_POINT_push
#define sk_DIST_POINT_value wolfSSL_sk_DIST_POINT_value
#define sk_DIST_POINT_num wolfSSL_sk_DIST_POINT_num
@ -1325,6 +1326,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define GENERAL_NAMES_free wolfSSL_GENERAL_NAMES_free
#define AUTHORITY_INFO_ACCESS_free wolfSSL_AUTHORITY_INFO_ACCESS_free
#define AUTHORITY_INFO_ACCESS_pop_free wolfSSL_AUTHORITY_INFO_ACCESS_pop_free
#define sk_ACCESS_DESCRIPTION_pop_free wolfSSL_sk_ACCESS_DESCRIPTION_pop_free
#define sk_ACCESS_DESCRIPTION_free wolfSSL_sk_ACCESS_DESCRIPTION_free
#define ACCESS_DESCRIPTION_free wolfSSL_ACCESS_DESCRIPTION_free

View File

@ -1383,6 +1383,9 @@ WOLFSSL_API void wolfSSL_DIST_POINTS_free(WOLFSSL_DIST_POINTS* dp);
WOLFSSL_API int wolfSSL_sk_ACCESS_DESCRIPTION_num(WOLFSSL_STACK* sk);
WOLFSSL_API void wolfSSL_AUTHORITY_INFO_ACCESS_free(
WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION)* sk);
WOLFSSL_API void wolfSSL_AUTHORITY_INFO_ACCESS_pop_free(
WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION)* sk,
void (*f) (WOLFSSL_ACCESS_DESCRIPTION*));
WOLFSSL_API WOLFSSL_ACCESS_DESCRIPTION* wolfSSL_sk_ACCESS_DESCRIPTION_value(
WOLFSSL_STACK* sk, int idx);
WOLFSSL_API void wolfSSL_sk_ACCESS_DESCRIPTION_free(WOLFSSL_STACK* sk);
@ -4235,6 +4238,8 @@ WOLFSSL_API int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_OBJECT_new(void);
WOLFSSL_API void wolfSSL_sk_X509_OBJECT_free(WOLFSSL_STACK* s);
WOLFSSL_API void wolfSSL_sk_X509_OBJECT_pop_free(WOLFSSL_STACK* s,
void (*f) (WOLFSSL_X509_OBJECT*));
WOLFSSL_API int wolfSSL_sk_X509_OBJECT_push(WOLFSSL_STACK* sk, WOLFSSL_X509_OBJECT* obj);
WOLFSSL_API WOLFSSL_X509_INFO *wolfSSL_X509_INFO_new(void);
@ -4563,6 +4568,7 @@ WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer,
WOLFSSL_X509 *subject);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING)* wolfSSL_sk_WOLFSSL_STRING_new(void);
WOLFSSL_API void wolfSSL_WOLFSSL_STRING_free(WOLFSSL_STRING s);
WOLFSSL_API void wolfSSL_sk_WOLFSSL_STRING_free(WOLF_STACK_OF(WOLFSSL_STRING)* sk);
WOLFSSL_API WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value(
WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx);