diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2012-02-14 11:11:26 +0100 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2012-03-30 22:56:47 +0200 |
commit | 8e5613c2a8545a67cab2734569a8f088100d731b (patch) | |
tree | 42a77658488bad5ef3b2494d532d269ebfdb2bfb /src/openvpn/ssl_verify_polarssl.c | |
parent | 025f30d7c6434aaf0ab4af3744f76aaf8c0b71d6 (diff) | |
download | openvpn-8e5613c2a8545a67cab2734569a8f088100d731b.tar.gz openvpn-8e5613c2a8545a67cab2734569a8f088100d731b.tar.xz openvpn-8e5613c2a8545a67cab2734569a8f088100d731b.zip |
Migrated x509_get_sha1_hash to use the garbage collector
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'src/openvpn/ssl_verify_polarssl.c')
-rw-r--r-- | src/openvpn/ssl_verify_polarssl.c | 17 |
1 files changed, 3 insertions, 14 deletions
diff --git a/src/openvpn/ssl_verify_polarssl.c b/src/openvpn/ssl_verify_polarssl.c index 384fe84..d9d4fd5 100644 --- a/src/openvpn/ssl_verify_polarssl.c +++ b/src/openvpn/ssl_verify_polarssl.c @@ -48,7 +48,6 @@ verify_callback (void *session_obj, x509_cert *cert, int cert_depth, { struct tls_session *session = (struct tls_session *) session_obj; struct gc_arena gc = gc_new(); - unsigned char *sha1_hash = NULL; ASSERT (cert); ASSERT (session); @@ -56,9 +55,7 @@ verify_callback (void *session_obj, x509_cert *cert, int cert_depth, session->verified = false; /* Remember certificate hash */ - sha1_hash = x509_get_sha1_hash(cert); - cert_hash_remember (session, cert_depth, sha1_hash); - x509_free_sha1_hash(sha1_hash); + cert_hash_remember (session, cert_depth, x509_get_sha1_hash(cert, &gc)); /* did peer present cert which was signed by our root cert? */ if (!preverify_ok) @@ -141,20 +138,13 @@ x509_get_serial (x509_cert *cert, struct gc_arena *gc) } unsigned char * -x509_get_sha1_hash (x509_cert *cert) +x509_get_sha1_hash (x509_cert *cert, struct gc_arena *gc) { - unsigned char *sha1_hash = malloc(SHA_DIGEST_LENGTH); + unsigned char *sha1_hash = gc_malloc(SHA_DIGEST_LENGTH, false, gc); sha1(cert->tbs.p, cert->tbs.len, sha1_hash); return sha1_hash; } -void -x509_free_sha1_hash (unsigned char *hash) -{ - if (hash) - free(hash); -} - char * x509_get_subject(x509_cert *cert, struct gc_arena *gc) { @@ -173,7 +163,6 @@ x509_get_subject(x509_cert *cert, struct gc_arena *gc) return subject; } - /* * Save X509 fields to environment, using the naming convention: * |