_gnutls_copy_certificate_auth_info: simplified and avoid multiple allocations

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 10 Oct 2017 07:59:17 +0000 (09:59 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Mon, 19 Feb 2018 14:29:36 +0000 (15:29 +0100)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 10 Oct 2017 07:59:17 +0000 (09:59 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 19 Feb 2018 14:29:36 +0000 (15:29 +0100)
diff --git a/lib/auth/cert.c b/lib/auth/cert.c

index 6d618a3532778a4a64014e335a3ecf95caca6078..2d024650895b256e8c60629356a226af69f36e44 100644 (file)
--- a/lib/auth/cert.c
+++ b/lib/auth/cert.c
@@ -69,14 +69,12 @@ _gnutls_selected_certs_set(gnutls_session_t session,
  typedef enum CertificateSigType { RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64
  } CertificateSigType;
  
-/* Copies data from a internal certificate struct (gnutls_pcert_st) to 
- * exported certificate struct (cert_auth_info_t)
+/* Moves data from a internal certificate struct (gnutls_pcert_st) to 
+ * another internal certificate struct (cert_auth_info_t), and deinitializes
+ * the former.
   */
-int _gnutls_copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts)
+int _gnutls_pcert_to_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts)
  {
-       /* Copy peer's information to auth_info_t
-        */
-       int ret;
         size_t i, j;
  
         if (info->raw_certificate_list != NULL) {
@@ -98,32 +96,18 @@ int _gnutls_copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st *
                 return GNUTLS_E_MEMORY_ERROR;
         }
  
+       info->cert_type = certs[0].type;
+       info->ncerts = ncerts;
+
         for (i = 0; i < ncerts; i++) {
-               if (certs[i].cert.size > 0) {
-                       ret =
-                           _gnutls_set_datum(&info->raw_certificate_list[i],
-                                             certs[i].cert.data,
-                                             certs[i].cert.size);
-                       if (ret < 0) {
-                               gnutls_assert();
-                               goto clear;
-                       }
-               }
+               info->raw_certificate_list[i].data = certs[i].cert.data;
+               info->raw_certificate_list[i].size = certs[i].cert.size;
+               certs[i].cert.data = NULL;
+               gnutls_pcert_deinit(&certs[i]);
         }
-       info->ncerts = ncerts;
-       info->cert_type = certs[0].type;
+       gnutls_free(certs);
  
         return 0;
-
- clear:
-
-       for (j = 0; j < i; j++)
-               _gnutls_free_datum(&info->raw_certificate_list[j]);
-
-       gnutls_free(info->raw_certificate_list);
-       info->raw_certificate_list = NULL;
-
-       return ret;
  }
  
  /* returns 0 if the algo_to-check exists in the pk_algos list,
@@ -837,7 +821,7 @@ _gnutls_proc_x509_server_crt(gnutls_session_t session,
         }
  
         ret =
-            _gnutls_copy_certificate_auth_info(info,
+            _gnutls_pcert_to_auth_info(info,
                                         peer_certificate_list,
                                         peer_certificate_list_size);
         if (ret < 0) {
@@ -845,7 +829,7 @@ _gnutls_proc_x509_server_crt(gnutls_session_t session,
                 goto cleanup;
         }
  
-       ret = 0;
+       return 0;
  
   cleanup:
         CLEAR_CERTS;
diff --git a/lib/auth/cert.h b/lib/auth/cert.h

index be999c946c578e9d958e3d80ba9355668f829529..5d78148793b693834d97722b3dc3db927ca29b59 100644 (file)
--- a/lib/auth/cert.h
+++ b/lib/auth/cert.h
@@ -128,7 +128,7 @@ _gnutls_select_client_cert(gnutls_session_t session,
                            const uint8_t * _data, size_t _data_size,
                            gnutls_pk_algorithm_t * pk_algos, int pk_algos_length);
  
-int _gnutls_copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts);
+int _gnutls_pcert_to_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts);
  
  int
  _gnutls_server_select_cert(gnutls_session_t session, const gnutls_cipher_suite_entry_st *cs);
diff --git a/lib/tls13/certificate.c b/lib/tls13/certificate.c

index 147100be88a70f013cf204225e292a6ffd6651b6..8099cd74b82efe1782c5d9d4c4d9038be0d81635 100644 (file)
--- a/lib/tls13/certificate.c
+++ b/lib/tls13/certificate.c
@@ -322,7 +322,7 @@ parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size)
         }
  
         ret =
-            _gnutls_copy_certificate_auth_info(info,
+            _gnutls_pcert_to_auth_info(info,
                                         peer_certificate_list,
                                         peer_certificate_list_size);
         if (ret < 0) {
@@ -330,7 +330,7 @@ parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size)
                 goto cleanup;
         }
  
-       ret = 0;
+       return 0;
  
   cleanup:
         for(x=0;x<peer_certificate_list_size;x++)
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 10 Oct 2017 07:59:17 +0000 (09:59 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Mon, 19 Feb 2018 14:29:36 +0000 (15:29 +0100)
lib/auth/cert.c		patch \| blob \| blame \| history
lib/auth/cert.h		patch \| blob \| blame \| history
lib/tls13/certificate.c		patch \| blob \| blame \| history