From 2e81cca480ed74abf8559d7e1bbe52f6be273786 Mon Sep 17 00:00:00 2001
From: Pierre-Louis Bonicoli <pierre-louis.bonicoli@gmx.fr>
Date: Sat, 12 Nov 2016 00:52:50 +0100
Subject: [PATCH] Check value returned by X509_OBJECT_new()
Reported by Alexander Couzens, thanks to him !
---
src/connection.c | 45 ++++++++++++++++++++++++---------------------
1 file changed, 24 insertions(+), 21 deletions(-)
diff --git a/src/connection.c b/src/connection.c
index a10a686..86377a9 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -1374,30 +1374,33 @@ static int bip_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
err == X509_V_ERR_CERT_HAS_EXPIRED ||
err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN)) {
- xobj = X509_OBJECT_new();
- if (X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509,
- X509_get_subject_name(err_cert), xobj) > 0 &&
- !X509_cmp(X509_OBJECT_get0_X509(xobj), err_cert)) {
- if (err == X509_V_ERR_CERT_HAS_EXPIRED)
- mylog(LOG_INFO, "Basic mode; Accepting "
- "*expired* peer certificate "
- "found in store.");
- else
- mylog(LOG_INFO, "Basic mode; Accepting peer "
- "certificate found in store.");
-
- result = 1;
- err = X509_V_OK;
- X509_STORE_CTX_set_error(ctx, err);
+ if (!(xobj = X509_OBJECT_new())) {
+ result = 0;
} else {
- mylog(LOG_INFO, "Basic mode; peer certificate NOT "
- "in store, rejecting it!");
- err = X509_V_ERR_CERT_REJECTED;
- X509_STORE_CTX_set_error(ctx, err);
+ if (X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509,
+ X509_get_subject_name(err_cert), xobj) > 0 &&
+ !X509_cmp(X509_OBJECT_get0_X509(xobj), err_cert)) {
+ if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+ mylog(LOG_INFO, "Basic mode; Accepting "
+ "*expired* peer certificate "
+ "found in store.");
+ else
+ mylog(LOG_INFO, "Basic mode; Accepting peer "
+ "certificate found in store.");
+
+ result = 1;
+ err = X509_V_OK;
+ X509_STORE_CTX_set_error(ctx, err);
+ } else {
+ mylog(LOG_INFO, "Basic mode; peer certificate NOT "
+ "in store, rejecting it!");
+ err = X509_V_ERR_CERT_REJECTED;
+ X509_STORE_CTX_set_error(ctx, err);
- link_add_untrusted(c->user_data, X509_dup(err_cert));
+ link_add_untrusted(c->user_data, X509_dup(err_cert));
+ }
+ X509_OBJECT_free(xobj);
}
- X509_OBJECT_free(xobj);
}
if (!result) {
--
2.13.3