Changes between 0.9.1c and 0.9.2
+ *) Fix the various library and apps files to free up pkeys obtained from
+ EVP_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
+ [Steve Henson]
+
*) Fix reference counting in X509_PUBKEY_get(). This makes
demos/maurice/example2.c work, amongst others, probably.
[Steve Henson and Ben Laurie]
}
i=X509_REQ_verify(req,pkey);
- if (tmp) pkey=NULL;
+ if (tmp) {
+ EVP_PKEY_free(pkey);
+ pkey=NULL;
+ }
if (i < 0)
{
}
ERR_load_crypto_strings();
+ X509v3_add_netscape_extensions();
if (!X509_STORE_set_default_paths(ctx))
{
goto end;
}
i=X509_REQ_verify(req,pkey);
+ EVP_PKEY_free(pkey);
if (i < 0)
{
BIO_printf(bio_err,"Signature verification error\n");
else
BIO_printf(STDout,"Wrong Algorithm type");
BIO_printf(STDout,"\n");
+ EVP_PKEY_free(pkey);
}
else
#endif
if (Upkey != NULL) EVP_PKEY_free(Upkey);
if (CApkey != NULL) EVP_PKEY_free(CApkey);
if (rq != NULL) X509_REQ_free(rq);
+ X509v3_cleanup_extensions();
EXIT(ret);
}
#endif
BIO_printf(bp,"%12sUnknown Public Key:\n","");
+ EVP_PKEY_free(pkey);
+
/* may not be */
sprintf(str,"%8sAttributes:\n","");
if (BIO_puts(bp,str) <= 0) goto err;
#endif
BIO_printf(bp,"%12sUnknown Public Key:\n","");
+ EVP_PKEY_free(pkey);
+
n=X509_get_ext_count(x);
if (n > 0)
{
}
if (X509_verify(xs,pkey) <= 0)
{
+ EVP_PKEY_free(pkey);
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
ctx->current_cert=xs;
ok=(*cb)(0,ctx);
if (!ok) goto end;
}
+ EVP_PKEY_free(pkey);
pkey=NULL;
i=X509_cmp_current_time(X509_get_notBefore(xs));
}
ok=1;
end:
+ EVP_PKEY_free(pkey);
return(ok);
}
break;
else
{
+ EVP_PKEY_free(ktmp);
ktmp=NULL;
}
}
{
ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j));
EVP_PKEY_copy_parameters(ktmp2,ktmp);
+ EVP_PKEY_free(ktmp2);
}
- if (pkey != NULL)
- EVP_PKEY_copy_parameters(pkey,ktmp);
+ if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
+ EVP_PKEY_free(ktmp);
return(1);
}
break;
}
- if (EVP_PKEY_size(pkey) <= 512)
+ if (EVP_PKEY_size(pk) <= 512)
ret|=EVP_PKT_EXP;
+ if(pkey==NULL) EVP_PKEY_free(pk);
return(ret);
}