From 8d2dbe6ac077279e6a957356245d6bd138e03705 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 26 Dec 2012 16:04:03 +0000
Subject: [PATCH] New function X509_chain_up_ref to dup and up the reference
 count of a STACK_OF(X509): replace equivalent functionality in several places
 by the equivalent call. (backport from HEAD)

---
 crypto/ts/ts_rsp_sign.c |  8 +-------
 crypto/x509/x509_cmp.c  | 18 +++++++++++++++++-
 ssl/ssl_cert.c          | 17 ++---------------
 3 files changed, 20 insertions(+), 23 deletions(-)

diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index b0f023c9d2..df09e17834 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -233,7 +233,6 @@ int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
 
 int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
 	{
-	int i;
 
 	if (ctx->certs)
 		{
@@ -241,16 +240,11 @@ int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
 		ctx->certs = NULL;
 		}
 	if (!certs) return 1;
-	if (!(ctx->certs = sk_X509_dup(certs))) 
+	if (!(ctx->certs = X509_chain_up_ref(certs))) 
 		{
 		TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
-	for (i = 0; i < sk_X509_num(ctx->certs); ++i)
-		{
-		X509 *cert = sk_X509_value(ctx->certs, i);
-		CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509);
-		}
 
 	return 1;
 	}
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 4f18a1bcdd..7b294b1d5e 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -310,6 +310,7 @@ ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
 	return x->cert_info->key->public_key;
 	}
 
+
 int X509_check_private_key(X509 *x, EVP_PKEY *k)
 	{
 	EVP_PKEY *xk;
@@ -464,4 +465,19 @@ int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags)
 	sign_nid = OBJ_obj2nid(crl->crl->sig_alg->algorithm);
 	return check_suite_b(pk, sign_nid, &flags);
 	}
-
+/* Not strictly speaking an "up_ref" as a STACK doesn't have a reference
+ * count but it has the same effect by duping the STACK and upping the ref
+ * of each X509 structure.
+ */
+STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
+	{
+	STACK_OF(X509) *ret;
+	int i;
+	ret = sk_X509_dup(chain);
+	for (i = 0; i < sk_X509_num(ret); i++)
+		{
+		X509 *x = sk_X509_value(ret, i);
+		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+		}
+	return ret;
+	}
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index eb41cfda93..470ac17098 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -321,18 +321,12 @@ CERT *ssl_cert_dup(CERT *cert)
 
 		if (cpk->chain)
 			{
-			int j;
-			rpk->chain = sk_X509_dup(cpk->chain);
+			rpk->chain = X509_chain_up_ref(cpk->chain);
 			if (!rpk->chain)
 				{
 				SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
-			for (j = 0; j < sk_X509_num(rpk->chain); j++)
-				{
-				X509 *x = sk_X509_value(rpk->chain, j);
-				CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-				}
 			}
 		rpk->valid_flags = 0;
                 if (cert->pkeys[i].authz != NULL)
@@ -562,18 +556,11 @@ int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain)
 int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain)
 	{
 	STACK_OF(X509) *dchain;
-	X509 *x;
-	int i;
 	if (!chain)
 		return ssl_cert_set0_chain(c, NULL);
-	dchain = sk_X509_dup(chain);
+	dchain = X509_chain_up_ref(chain);
 	if (!dchain)
 		return 0;
-	for (i = 0; i < sk_X509_num(dchain); i++)
-		{
-		x = sk_X509_value(dchain, i);
-		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-		}
 	if (!ssl_cert_set0_chain(c, dchain))
 		{
 		sk_X509_pop_free(dchain, X509_free);
-- 
2.25.1