{
struct cafile_entry *dst = NULL;
X509_STORE *store = NULL;
- STACK_OF(X509_OBJECT) *objs;
+ STACK_OF(X509_OBJECT) *objs = NULL;
int i;
if (!src)
if (!store)
goto err;
- objs = X509_STORE_get0_objects(src->ca_store);
+ objs = X509_STORE_get1_objects(src->ca_store);
for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
X509 *cert;
X509_CRL *crl;
}
}
dst = ssl_store_create_cafile_entry(src->path, store, src->type);
-
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
return dst;
err:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
X509_STORE_free(store);
ha_free(&dst);
*/
int __ssl_store_load_locations_file(char *path, int create_if_none, enum cafile_type type, int shuterror)
{
+ STACK_OF(X509_OBJECT) *objs = NULL;
X509_STORE *store = ssl_store_get0_locations_file(path);
/* If this function is called by the CLI, we should not call the
* X509_STORE_load_locations function because it performs forbidden disk
* accesses. */
if (!store && create_if_none) {
- STACK_OF(X509_OBJECT) *objs;
int cert_count = 0;
struct stat buf;
struct cafile_entry *ca_e;
}
}
- objs = X509_STORE_get0_objects(store);
+ objs = X509_STORE_get1_objects(store);
cert_count = sk_X509_OBJECT_num(objs);
if (cert_count == 0) {
if (!shuterror)
}
ebst_insert(&cafile_tree, &ca_e->node);
}
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
return (store != NULL);
err:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
X509_STORE_free(store);
store = NULL;
return 0;
struct buffer *out = alloc_trash_chunk();
int i = 0;
X509 *cert;
- STACK_OF(X509_OBJECT) *objs;
+ STACK_OF(X509_OBJECT) *objs = NULL;
int retval = 0;
int ca_index = ctx->ca_index;
int show_all = ctx->show_all;
if (!cafile_entry->ca_store)
goto end;
- objs = X509_STORE_get0_objects(cafile_entry->ca_store);
+ objs = X509_STORE_get1_objects(cafile_entry->ca_store);
for (i = ca_index; i < sk_X509_OBJECT_num(objs); i++) {
cert = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
}
end:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
free_trash_chunk(out);
return 1; /* end, don't come back */
end_no_putchk:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
free_trash_chunk(out);
return 1;
yield:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
/* save the current state */
ctx->ca_index = i;
free_trash_chunk(out);
STACK_OF(X509_OBJECT) *objs;
if (cafile_entry && cafile_entry->ca_store) {
- objs = X509_STORE_get0_objects(cafile_entry->ca_store);
+ objs = X509_STORE_get1_objects(cafile_entry->ca_store);
if (objs)
cert_count = sk_X509_OBJECT_num(objs);
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
}
return cert_count;
}
struct buffer *out = alloc_trash_chunk();
int i;
X509_CRL *crl;
- STACK_OF(X509_OBJECT) *objs;
+ STACK_OF(X509_OBJECT) *objs = NULL;
int retval = 0;
int index = ctx->index;
if (!cafile_entry->ca_store)
goto end;
- objs = X509_STORE_get0_objects(cafile_entry->ca_store);
+ objs = X509_STORE_get1_objects(cafile_entry->ca_store);
for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
crl = X509_OBJECT_get0_X509_CRL(sk_X509_OBJECT_value(objs, i));
if (!crl)
}
end:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
if (applet_putchk(appctx, out) == -1)
goto yield;
end_no_putchk:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
free_trash_chunk(out);
return 1;
yield:
+ sk_X509_OBJECT_pop_free(objs, X509_OBJECT_free);
free_trash_chunk(out);
return 0; /* should come back */
}
if (store_ctx && store) {
int i;
X509_OBJECT *obj;
- STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
+ STACK_OF(X509_OBJECT) *objs = X509_STORE_get1_objects(store);
for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
obj = sk_X509_OBJECT_value(objs, i);
switch (X509_OBJECT_get_type(obj)) {
skn = sk_X509_NAME_new_null();
/* take x509 from cafile_tree */
- objs = X509_STORE_get0_objects(ca_e->ca_store);
+ objs = X509_STORE_get1_objects(ca_e->ca_store);
for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
x = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
if (!x)
projects / thirdparty / haproxy.git / commitdiff
