oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Try harder to free certificate.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18771 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-10-21 18:58:19 +00:00
parent 412c62d2de
commit 3dacad01fd
1 changed files with 23 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
lib/hx509/cms.c
View File

@@ -705,14 +705,14 @@ hx509_cms_verify_signed(hx509_context context,
"SignerInfo have signed attributes " "SignerInfo have signed attributes "
"but messageDigest (signature) " "but messageDigest (signature) "
"is missing"); "is missing");
continue; goto next_sigature;
} }
if (attr->value.len != 1) { if (attr->value.len != 1) {
ret = HX509_CRYPTO_SIGNATURE_MISSING; ret = HX509_CRYPTO_SIGNATURE_MISSING;
hx509_set_error_string(context, 0, ret, hx509_set_error_string(context, 0, ret,
"SignerInfo have more then one " "SignerInfo have more then one "
"messageDigest (signature)"); "messageDigest (signature)");
continue; goto next_sigature;
} }
ret = decode_MessageDigest(attr->value.val[0].data, ret = decode_MessageDigest(attr->value.val[0].data,
@@ -723,7 +723,7 @@ hx509_cms_verify_signed(hx509_context context,
hx509_set_error_string(context, 0, ret, hx509_set_error_string(context, 0, ret,
"Failed to decode " "Failed to decode "
"messageDigest (signature)"); "messageDigest (signature)");
continue; goto next_sigature;
} }
ret = _hx509_verify_signature(NULL, ret = _hx509_verify_signature(NULL,
@@ -734,7 +734,7 @@ hx509_cms_verify_signed(hx509_context context,
if (ret) { if (ret) {
hx509_set_error_string(context, 0, ret, hx509_set_error_string(context, 0, ret,
"Failed to verify messageDigest"); "Failed to verify messageDigest");
continue; goto next_sigature;
} }
/* /*
@@ -749,7 +749,8 @@ hx509_cms_verify_signed(hx509_context context,
ret = HX509_CMS_DATA_OID_MISMATCH; ret = HX509_CMS_DATA_OID_MISMATCH;
hx509_set_error_string(context, 0, ret, hx509_set_error_string(context, 0, ret,
"More then one oid in signedAttrs"); "More then one oid in signedAttrs");
continue; goto next_sigature;
} }
ret = decode_ContentType(attr->value.val[0].data, ret = decode_ContentType(attr->value.val[0].data,
attr->value.val[0].length, attr->value.val[0].length,
@@ -759,7 +760,7 @@ hx509_cms_verify_signed(hx509_context context,
hx509_set_error_string(context, 0, ret, hx509_set_error_string(context, 0, ret,
"Failed to decode " "Failed to decode "
"oid in signedAttrs"); "oid in signedAttrs");
continue; goto next_sigature;
} }
match_oid = &decode_oid; match_oid = &decode_oid;
} }
@@ -770,7 +771,7 @@ hx509_cms_verify_signed(hx509_context context,
der_free_oid(&decode_oid); der_free_oid(&decode_oid);
ret = ENOMEM; ret = ENOMEM;
hx509_clear_error_string(context); hx509_clear_error_string(context);
continue; goto next_sigature;
} }
ASN1_MALLOC_ENCODE(CMSAttributes, ASN1_MALLOC_ENCODE(CMSAttributes,
@@ -783,7 +784,7 @@ hx509_cms_verify_signed(hx509_context context,
der_free_oid(&decode_oid); der_free_oid(&decode_oid);
free(signed_data); free(signed_data);
hx509_clear_error_string(context); hx509_clear_error_string(context);
continue; goto next_sigature;
} }
if (size != signed_data->length) if (size != signed_data->length)
_hx509_abort("internal ASN.1 encoder error"); _hx509_abort("internal ASN.1 encoder error");
@@ -792,8 +793,6 @@ hx509_cms_verify_signed(hx509_context context,
signed_data = sd.encapContentInfo.eContent; signed_data = sd.encapContentInfo.eContent;
match_oid = oid_id_pkcs7_data(); match_oid = oid_id_pkcs7_data();
} }
if (ret)
return ret;
if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) { if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) {
ret = HX509_CMS_DATA_OID_MISMATCH; ret = HX509_CMS_DATA_OID_MISMATCH;
@@ -814,23 +813,23 @@ hx509_cms_verify_signed(hx509_context context,
der_free_octet_string(signed_data); der_free_octet_string(signed_data);
free(signed_data); free(signed_data);
} }
if (ret) { if (ret)
hx509_cert_free(cert); goto next_sigature;
continue;
}
ret = hx509_verify_path(context, ctx, cert, certs); ret = hx509_verify_path(context, ctx, cert, certs);
if (ret) { if (ret)
hx509_cert_free(cert); goto next_sigature;
continue;
}
ret = hx509_certs_add(context, *signer_certs, hx509_cert_ref(cert)); ret = hx509_certs_add(context, *signer_certs, hx509_cert_ref(cert));
if (ret) { if (ret)
hx509_cert_free(cert); goto next_sigature;
continue;
}
found_valid_sig++; found_valid_sig++;
next_sigature:
if (cert)
hx509_cert_free(cert);
cert = NULL;
} }
if (found_valid_sig == 0) { if (found_valid_sig == 0) {
return ret; return ret;