From: Tomas Mraz Date: Thu, 21 Oct 2021 17:06:55 +0000 (+0200) Subject: X509_dup: Avoid duplicating the embedded EVP_PKEY X-Git-Tag: openssl-3.2.0-alpha1~3431 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e0c5184a56b6580127b39774f9e4e0f2caef696e;p=thirdparty%2Fopenssl.git X509_dup: Avoid duplicating the embedded EVP_PKEY The EVP_PKEY will be recreated from scratch which is OK. Fixes #16606 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16648) --- diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index d14de0e77e8..010578b19a3 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -104,23 +104,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, if (!ossl_x509_set0_libctx(ret, old->libctx, old->propq)) return 0; - if (old->cert_info.key != NULL) { - EVP_PKEY *pkey = X509_PUBKEY_get0(old->cert_info.key); - - if (pkey != NULL) { - pkey = EVP_PKEY_dup(pkey); - if (pkey == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!X509_PUBKEY_set(&ret->cert_info.key, pkey)) { - EVP_PKEY_free(pkey); - ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); - return 0; - } - EVP_PKEY_free(pkey); - } - } } break; case ASN1_OP_GET0_LIBCTX: @@ -130,6 +113,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, *libctx = ret->libctx; } break; + case ASN1_OP_GET0_PROPQ: { const char **propq = exarg; @@ -137,6 +121,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, *propq = ret->propq; } break; + default: break; }