_gnutls_x509_crt_cpy: optimized and simplified

diff --git a/lib/x509.c b/lib/x509.c
index f2b5aee0e7a85f9a64fc8b5b5c3a9e6575cfcc53..219e065c80198cd2fe85682dde01af18371c9c3b 100644 (file)
--- a/lib/x509.c
+++ b/lib/x509.c
@@ -1554,7 +1554,7 @@ gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res,
                        goto cleanup;
                }
 
-               ret = _gnutls_x509_crt_cpy(new_list[i], ca_list[i]);
+               ret = _gnutls_x509_crt_cpy(new_list[i], ca_list[i], CRT_CPY_FAST);
                if (ret < 0) {
                        gnutls_assert();
                        goto cleanup;

diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index 21f4b42a34f36b52ae41707333390a7b63afcbc9..78833371578f3d70e10e0fdb17993539acf8799a 100644 (file)
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -447,7 +447,7 @@ gnutls_x509_trust_list_iter_get_ca(gnutls_x509_trust_list_t list,
                if (ret < 0)
                        return gnutls_assert_val(ret);
 
-               ret = _gnutls_x509_crt_cpy(*crt, list->node[(*iter)->node_index].trusted_cas[(*iter)->ca_index]);
+               ret = _gnutls_x509_crt_cpy(*crt, list->node[(*iter)->node_index].trusted_cas[(*iter)->ca_index], 0);
                if (ret < 0) {
                        gnutls_x509_crt_deinit(*crt);
                        return gnutls_assert_val(ret);
@@ -528,7 +528,7 @@ int ret;
                return NULL;
        }
 
-       ret = _gnutls_x509_crt_cpy(dst, src);
+       ret = _gnutls_x509_crt_cpy(dst, src, 0);
        if (ret < 0) {
                gnutls_x509_crt_deinit(dst);
                gnutls_assert();

diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 22206ffc8d30440d2af4ced79d65bc4ba55f7836..c160f74efc2cf64536f5e467bbd415920c0e66b3 100644 (file)
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -157,53 +157,43 @@ int gnutls_x509_crt_init(gnutls_x509_crt_t * cert)
  * _gnutls_x509_crt_cpy - This function copies a gnutls_x509_crt_t type
  * @dest: The data where to copy
  * @src: The data to be copied
+ * @flags: zero or CRT_CPY_FAST
  *
- * This function will copy an X.509 certificate structure.
+ * This function will copy an X.509 certificate structure. Unless 
+ * %CRT_CPY_FAST is specified this function does encode and decode
+ * the given source to allow copying modified structure.
  *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
  *   negative error value.
  -*/
-int _gnutls_x509_crt_cpy(gnutls_x509_crt_t dest, gnutls_x509_crt_t src)
+int _gnutls_x509_crt_cpy(gnutls_x509_crt_t dest, gnutls_x509_crt_t src, unsigned flags)
 {
        int ret;
-       size_t der_size = 0;
-       uint8_t *der;
        gnutls_datum_t tmp;
 
-       ret =
-           gnutls_x509_crt_export(src, GNUTLS_X509_FMT_DER, NULL,
-                                  &der_size);
-       if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
-               gnutls_assert();
-               return ret;
-       }
+       /* if no DER data are present don't consider the fast flag */
+       if (src->der.size == 0)
+               flags &= ~CRT_CPY_FAST;
 
-       der = gnutls_malloc(der_size);
-       if (der == NULL) {
-               gnutls_assert();
-               return GNUTLS_E_MEMORY_ERROR;
-       }
-
-       ret =
-           gnutls_x509_crt_export(src, GNUTLS_X509_FMT_DER, der,
-                                  &der_size);
-       if (ret < 0) {
-               gnutls_assert();
-               gnutls_free(der);
-               return ret;
+       if (!(flags & CRT_CPY_FAST)) {
+               ret =
+                   gnutls_x509_crt_export2(src, GNUTLS_X509_FMT_DER, &tmp);
+               if (ret < 0)
+                       return gnutls_assert_val(ret);
+       } else {
+               tmp.data = src->der.data;
+               tmp.size = src->der.size;
        }
 
-       tmp.data = der;
-       tmp.size = der_size;
        ret = gnutls_x509_crt_import(dest, &tmp, GNUTLS_X509_FMT_DER);
 
-       gnutls_free(der);
-
-       if (ret < 0) {
-               gnutls_assert();
-               return ret;
+       if (!(flags & CRT_CPY_FAST)) {
+               gnutls_free(tmp.data);
        }
 
+       if (ret < 0)
+               return gnutls_assert_val(ret);
+
        return 0;
 }
 

diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h
index 782365d8c47249f429f5ee3948b596c206a14a4e..27c0c0f35685f01cb647da32b4862cf4b7891609 100644 (file)
--- a/lib/x509/x509_int.h
+++ b/lib/x509/x509_int.h
@@ -126,7 +126,8 @@ typedef struct gnutls_x509_privkey_int {
        struct pin_info_st pin;
 } gnutls_x509_privkey_int;
 
-int _gnutls_x509_crt_cpy(gnutls_x509_crt_t dest, gnutls_x509_crt_t src);
+#define CRT_CPY_FAST 1
+int _gnutls_x509_crt_cpy(gnutls_x509_crt_t dest, gnutls_x509_crt_t src, unsigned flags);
 
 int _gnutls_x509_compare_raw_dn(const gnutls_datum_t * dn1,
                                const gnutls_datum_t * dn2);