From: Willem Toorop <willem@NLnetLabs.nl>
Date: Fri, 13 Jul 2012 08:35:57 +0000 (+0000)
Subject: Bugfix 457: add two functions to use EVP_PKEY_assign_DSA and EVP_PKEY_assign_RSA... 
X-Git-Tag: release-1.6.14rc1~56
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f2951eab003760449834613856577f4b606c0aa;p=thirdparty%2Fldns.git

Bugfix 457: add two functions to use EVP_PKEY_assign_DSA and EVP_PKEY_assign_RSA (to prevent memory leaks/unnecessary allocations):
	*	ldns_key_assign_dsa_key
	*	ldns_key_assign_rsa_key
and use those in ldns_key_new_frm_algorithm.
---

diff --git a/keys.c b/keys.c
index ed7f5e90..9b82efdf 100644
--- a/keys.c
+++ b/keys.c
@@ -431,8 +431,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
 				ldns_key_free(k);
 				return LDNS_STATUS_ERR;
 			}
-			ldns_key_set_rsa_key(k, rsa);
-			RSA_free(rsa);
+			ldns_key_assign_rsa_key(k, rsa);
 #endif /* HAVE_SSL */
 			break;
 		case LDNS_SIGN_DSA:
@@ -444,8 +443,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
 				ldns_key_free(k);
 				return LDNS_STATUS_ERR;
 			}
-			ldns_key_set_dsa_key(k, dsa);
-			DSA_free(dsa);
+			ldns_key_assign_dsa_key(k, dsa);
 #endif /* HAVE_SSL */
 			break;
 		case LDNS_SIGN_HMACMD5:
@@ -1007,6 +1005,22 @@ ldns_key_set_dsa_key(ldns_key *k, DSA *d)
 	EVP_PKEY_set1_DSA(key, d);
 	k->_key.key  = key;
 }
+
+void
+ldns_key_assign_rsa_key(ldns_key *k, RSA *r)
+{
+	EVP_PKEY *key = EVP_PKEY_new();
+	EVP_PKEY_assign_RSA(key, r);
+	k->_key.key = key;
+}
+
+void
+ldns_key_assign_dsa_key(ldns_key *k, DSA *d)
+{
+	EVP_PKEY *key = EVP_PKEY_new();
+	EVP_PKEY_assign_DSA(key, d);
+	k->_key.key  = key;
+}
 #endif /* splint */
 #endif /* HAVE_SSL */
 
diff --git a/ldns/keys.h b/ldns/keys.h
index c4bf5369..089b55cf 100644
--- a/ldns/keys.h
+++ b/ldns/keys.h
@@ -299,18 +299,37 @@ void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
 void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e);
 
 /**
- * Set the key's rsa data
+ * Set the key's rsa data.
+ * The rsa data should be freed by the user themselve.
  * \param[in] k the key
  * \param[in] r the rsa data
  */
 void ldns_key_set_rsa_key(ldns_key *k, RSA *r);
+
 /**
  * Set the key's dsa data
+ * The dsa data should be freed by the user themselve.
  * \param[in] k the key
  * \param[in] d the dsa data
  */
 void ldns_key_set_dsa_key(ldns_key *k, DSA *d);
 
+/**
+ * Assign the key's rsa data
+ * The rsa data will be freed automatically when the key is freed.
+ * \param[in] k the key
+ * \param[in] r the rsa data
+ */
+void ldns_key_assign_rsa_key(ldns_key *k, RSA *r);
+
+/**
+ * Assign the key's dsa data
+ * The dsa data will be freed automatically when the key is freed.
+ * \param[in] k the key
+ * \param[in] d the dsa data
+ */
+void ldns_key_assign_dsa_key(ldns_key *k, DSA *d);
+
 /** 
  * Get the PKEY id for GOST, loads GOST into openssl as a side effect.
  * Only available if GOST is compiled into the library and openssl.
diff --git a/ldns_symbols.def b/ldns_symbols.def
index 1ed0f9e2..9a1fe72b 100644
--- a/ldns_symbols.def
+++ b/ldns_symbols.def
@@ -201,6 +201,8 @@ ldns_key2rr
 ldns_key2str
 ldns_key_algorithm
 ldns_key_algo_supported
+ldns_key_assign_dsa_key
+ldns_key_assign_rsa_key
 ldns_key_buf2dsa
 ldns_key_buf2dsa_raw
 ldns_key_buf2rsa