提交 05f0fb9f 编写于 作者: D Dr. Stephen Henson

Add X509_up_ref function.

Reviewed-by: NRich Salz <rsalz@openssl.org>
上级 65cbf983
...@@ -206,7 +206,7 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip, ...@@ -206,7 +206,7 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype)) if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
return 0; return 0;
CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509); X509_up_ref(recip);
CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY); CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
ktri->pkey = pk; ktri->pkey = pk;
ktri->recip = recip; ktri->recip = recip;
......
...@@ -457,7 +457,7 @@ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) ...@@ -457,7 +457,7 @@ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
int r; int r;
r = CMS_add0_cert(cms, cert); r = CMS_add0_cert(cms, cert);
if (r > 0) if (r > 0)
CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); X509_up_ref(cert);
return r; return r;
} }
...@@ -542,7 +542,7 @@ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms) ...@@ -542,7 +542,7 @@ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
sk_X509_pop_free(certs, X509_free); sk_X509_pop_free(certs, X509_free);
return NULL; return NULL;
} }
CRYPTO_add(&cch->d.certificate->references, 1, CRYPTO_LOCK_X509); X509_up_ref(cch->d.certificate);
} }
} }
return certs; return certs;
......
...@@ -285,7 +285,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, ...@@ -285,7 +285,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
X509_check_purpose(signer, -1, -1); X509_check_purpose(signer, -1, -1);
CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY); CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509); X509_up_ref(signer);
si->pkey = pk; si->pkey = pk;
si->signer = signer; si->signer = signer;
...@@ -485,7 +485,7 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms) ...@@ -485,7 +485,7 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer) void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
{ {
if (signer) { if (signer) {
CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509); X509_up_ref(signer);
EVP_PKEY_free(si->pkey); EVP_PKEY_free(si->pkey);
si->pkey = X509_get_pubkey(signer); si->pkey = X509_get_pubkey(signer);
} }
......
...@@ -138,7 +138,7 @@ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert) ...@@ -138,7 +138,7 @@ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
if (!sk_X509_push(sig->certs, cert)) if (!sk_X509_push(sig->certs, cert))
return 0; return 0;
CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); X509_up_ref(cert);
return 1; return 1;
} }
......
...@@ -213,7 +213,7 @@ int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert) ...@@ -213,7 +213,7 @@ int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
if (!sk_X509_push(resp->certs, cert)) if (!sk_X509_push(resp->certs, cert))
return 0; return 0;
CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); X509_up_ref(cert);
return 1; return 1;
} }
......
...@@ -308,7 +308,7 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) ...@@ -308,7 +308,7 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE); PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
return 0; return 0;
} }
CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x509);
if (!sk_X509_push(*sk, x509)) { if (!sk_X509_push(*sk, x509)) {
X509_free(x509); X509_free(x509);
return 0; return 0;
...@@ -545,7 +545,7 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) ...@@ -545,7 +545,7 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x509);
p7i->cert = x509; p7i->cert = x509;
return 1; return 1;
......
...@@ -251,8 +251,7 @@ X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[], ...@@ -251,8 +251,7 @@ X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
STORE_R_FAILED_GETTING_CERTIFICATE); STORE_R_FAILED_GETTING_CERTIFICATE);
return 0; return 0;
} }
CRYPTO_add(&object->data.x509.certificate->references, 1, X509_up_ref(object->data.x509.certificate);
CRYPTO_LOCK_X509);
#ifdef REF_PRINT #ifdef REF_PRINT
REF_PRINT("X509", data); REF_PRINT("X509", data);
#endif #endif
...@@ -276,7 +275,7 @@ int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[], ...@@ -276,7 +275,7 @@ int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
return 0; return 0;
} }
CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509); X509_up_ref(data);
#ifdef REF_PRINT #ifdef REF_PRINT
REF_PRINT("X509", data); REF_PRINT("X509", data);
#endif #endif
...@@ -378,8 +377,7 @@ X509 *STORE_list_certificate_next(STORE *s, void *handle) ...@@ -378,8 +377,7 @@ X509 *STORE_list_certificate_next(STORE *s, void *handle)
STORE_R_FAILED_LISTING_CERTIFICATES); STORE_R_FAILED_LISTING_CERTIFICATES);
return 0; return 0;
} }
CRYPTO_add(&object->data.x509.certificate->references, 1, X509_up_ref(object->data.x509.certificate);
CRYPTO_LOCK_X509);
#ifdef REF_PRINT #ifdef REF_PRINT
REF_PRINT("X509", data); REF_PRINT("X509", data);
#endif #endif
......
...@@ -209,7 +209,7 @@ int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer) ...@@ -209,7 +209,7 @@ int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
} }
X509_free(ctx->signer_cert); X509_free(ctx->signer_cert);
ctx->signer_cert = signer; ctx->signer_cert = signer;
CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509); X509_up_ref(ctx->signer_cert);
return 1; return 1;
} }
......
...@@ -212,7 +212,7 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs, ...@@ -212,7 +212,7 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
/* Return the signer certificate if needed. */ /* Return the signer certificate if needed. */
if (signer_out) { if (signer_out) {
*signer_out = signer; *signer_out = signer;
CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509); X509_up_ref(signer);
} }
ret = 1; ret = 1;
......
...@@ -487,7 +487,7 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain) ...@@ -487,7 +487,7 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
ret = sk_X509_dup(chain); ret = sk_X509_dup(chain);
for (i = 0; i < sk_X509_num(ret); i++) { for (i = 0; i < sk_X509_num(ret); i++) {
X509 *x = sk_X509_value(ret, i); X509 *x = sk_X509_value(ret, i);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x);
} }
return ret; return ret;
} }
...@@ -406,7 +406,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a) ...@@ -406,7 +406,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a)
default: default:
break; break;
case X509_LU_X509: case X509_LU_X509:
CRYPTO_add(&a->data.x509->references, 1, CRYPTO_LOCK_X509); X509_up_ref(a->data.x509);
break; break;
case X509_LU_CRL: case X509_LU_CRL:
X509_CRL_up_ref(a->data.crl); X509_CRL_up_ref(a->data.crl);
...@@ -521,7 +521,7 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) ...@@ -521,7 +521,7 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
for (i = 0; i < cnt; i++, idx++) { for (i = 0; i < cnt; i++, idx++) {
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
x = obj->data.x509; x = obj->data.x509;
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x);
if (!sk_X509_push(sk, x)) { if (!sk_X509_push(sk, x)) {
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
X509_free(x); X509_free(x);
...@@ -676,7 +676,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) ...@@ -676,7 +676,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
} }
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
if (*issuer) if (*issuer)
CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509); X509_up_ref(*issuer);
return ret; return ret;
} }
......
...@@ -150,3 +150,8 @@ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) ...@@ -150,3 +150,8 @@ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
return (0); return (0);
return (X509_PUBKEY_set(&(x->cert_info->key), pkey)); return (X509_PUBKEY_set(&(x->cert_info->key), pkey));
} }
void X509_up_ref(X509 *x)
{
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
}
...@@ -172,7 +172,7 @@ static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) ...@@ -172,7 +172,7 @@ static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x)
break; break;
} }
if (i < sk_X509_num(certs)) if (i < sk_X509_num(certs))
CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509); X509_up_ref(xtmp);
else else
xtmp = NULL; xtmp = NULL;
sk_X509_pop_free(certs, X509_free); sk_X509_pop_free(certs, X509_free);
...@@ -212,7 +212,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ...@@ -212,7 +212,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
goto end; goto end;
} }
CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509); X509_up_ref(ctx->cert);
ctx->last_untrusted = 1; ctx->last_untrusted = 1;
/* We use a temporary STACK so we can chop and hack at it */ /* We use a temporary STACK so we can chop and hack at it */
...@@ -262,7 +262,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ...@@ -262,7 +262,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
goto end; goto end;
} }
CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509); X509_up_ref(xtmp);
(void)sk_X509_delete_ptr(sktmp, xtmp); (void)sk_X509_delete_ptr(sktmp, xtmp);
ctx->last_untrusted++; ctx->last_untrusted++;
x = xtmp; x = xtmp;
...@@ -566,7 +566,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) ...@@ -566,7 +566,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
{ {
*issuer = find_issuer(ctx, ctx->other_ctx, x); *issuer = find_issuer(ctx, ctx->other_ctx, x);
if (*issuer) { if (*issuer) {
CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509); X509_up_ref(*issuer);
return 1; return 1;
} else } else
return 0; return 0;
......
...@@ -249,7 +249,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, ...@@ -249,7 +249,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
level++; level++;
x = sk_X509_value(certs, i); x = sk_X509_value(certs, i);
cache = policy_cache_set(x); cache = policy_cache_set(x);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x);
level->cert = x; level->cert = x;
if (!cache->anyPolicy) if (!cache->anyPolicy)
......
...@@ -798,6 +798,7 @@ X509_NAME *X509_get_subject_name(X509 *a); ...@@ -798,6 +798,7 @@ X509_NAME *X509_get_subject_name(X509 *a);
int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
void X509_up_ref(X509 *x);
EVP_PKEY *X509_get_pubkey(X509 *x); EVP_PKEY *X509_get_pubkey(X509 *x);
ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ ); int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
......
...@@ -1359,7 +1359,7 @@ int ssl3_get_server_certificate(SSL *s) ...@@ -1359,7 +1359,7 @@ int ssl3_get_server_certificate(SSL *s)
s->session->peer_type = i; s->session->peer_type = i;
X509_free(s->session->peer); X509_free(s->session->peer);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x);
s->session->peer = x; s->session->peer = x;
s->session->verify_result = s->verify_result; s->session->verify_result = s->verify_result;
......
...@@ -250,7 +250,7 @@ CERT *ssl_cert_dup(CERT *cert) ...@@ -250,7 +250,7 @@ CERT *ssl_cert_dup(CERT *cert)
CERT_PKEY *rpk = ret->pkeys + i; CERT_PKEY *rpk = ret->pkeys + i;
if (cpk->x509 != NULL) { if (cpk->x509 != NULL) {
rpk->x509 = cpk->x509; rpk->x509 = cpk->x509;
CRYPTO_add(&rpk->x509->references, 1, CRYPTO_LOCK_X509); X509_up_ref(rpk->x509);
} }
if (cpk->privatekey != NULL) { if (cpk->privatekey != NULL) {
...@@ -463,7 +463,7 @@ int ssl_cert_add1_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x) ...@@ -463,7 +463,7 @@ int ssl_cert_add1_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x)
{ {
if (!ssl_cert_add0_chain_cert(s, ctx, x)) if (!ssl_cert_add0_chain_cert(s, ctx, x))
return 0; return 0;
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x);
return 1; return 1;
} }
......
...@@ -825,7 +825,7 @@ X509 *SSL_get_peer_certificate(const SSL *s) ...@@ -825,7 +825,7 @@ X509 *SSL_get_peer_certificate(const SSL *s)
if (r == NULL) if (r == NULL)
return (r); return (r);
CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509); X509_up_ref(r);
return (r); return (r);
} }
......
...@@ -415,7 +415,7 @@ static int ssl_set_cert(CERT *c, X509 *x) ...@@ -415,7 +415,7 @@ static int ssl_set_cert(CERT *c, X509 *x)
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
X509_free(c->pkeys[i].x509); X509_free(c->pkeys[i].x509);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); X509_up_ref(x);
c->pkeys[i].x509 = x; c->pkeys[i].x509 = x;
c->key = &(c->pkeys[i]); c->key = &(c->pkeys[i]);
......
...@@ -266,7 +266,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) ...@@ -266,7 +266,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
dest->references = 1; dest->references = 1;
if (src->peer != NULL) if (src->peer != NULL)
CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509); X509_up_ref(src->peer);
if (src->peer_chain != NULL) { if (src->peer_chain != NULL) {
dest->peer_chain = X509_chain_up_ref(src->peer_chain); dest->peer_chain = X509_chain_up_ref(src->peer_chain);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册