File kdelibs-fix-x509-store-ctx-used-twice.patch of Package kdelibs3

Overview Repositories Revisions Requests Users Attributes Meta

File kdelibs-fix-x509-store-ctx-used-twice.patch of Package kdelibs3

diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.cc kdelibs-3.5.10/kio/kssl/ksslcertificate.cc
--- kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.cc	2022-12-02 13:17:24.723336768 +0900
+++ kdelibs-3.5.10/kio/kssl/ksslcertificate.cc	2022-12-02 17:43:52.244391573 +0900
@@ -691,7 +691,7 @@
 #ifdef KSSL_HAVE_SSL
 	X509_STORE *certStore;
 	X509_LOOKUP *certLookup;
-	X509_STORE_CTX *certStoreCTX;
+	X509_STORE_CTX *certStoreCTX, *certStoreCTXServer;
 	int rc = 0;
 
 	if (!d->m_cert)
@@ -747,24 +747,32 @@
 
 		// This is the checking code
 		certStoreCTX = d->kossl->X509_STORE_CTX_new();
+		certStoreCTXServer = d->kossl->X509_STORE_CTX_new();
 
 		// this is a bad error - could mean no free memory.
 		// This may be the wrong thing to do here
-		if (!certStoreCTX) {
+		if ((!certStoreCTX) || (!certStoreCTXServer)) {
 			kdDebug(7029) << "KSSL couldn't create an X509 store context." << endl;
 			d->kossl->X509_STORE_free(certStore);
+			if (certStoreCTX)
+			  d->kossl->X509_STORE_CTX_free(certStoreCTX);
+			if (certStoreCTXServer)
+			  d->kossl->X509_STORE_CTX_free(certStoreCTXServer);
 			continue;
 		}
 
 		d->kossl->X509_STORE_CTX_init(certStoreCTX, certStore, d->m_cert, NULL);
+		d->kossl->X509_STORE_CTX_init(certStoreCTXServer, certStore, d->m_cert, NULL);
 		if (d->_chain.isValid()) {
 			d->kossl->X509_STORE_CTX_set_chain(certStoreCTX, (STACK_OF(X509)*)d->_chain.rawChain());
+			d->kossl->X509_STORE_CTX_set_chain(certStoreCTXServer, (STACK_OF(X509)*)d->_chain.rawChain());
 		}
 
 		//kdDebug(7029) << "KSSL setting CRL.............." << endl;
 		// int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
 
 		d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, purposeToOpenSSL(purpose));
+		d->kossl->X509_STORE_CTX_set_purpose(certStoreCTXServer, purposeToOpenSSL(purpose));
 
 		KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0;
 		KSSL_X509CallBack_ca_found = false;
@@ -789,23 +797,24 @@
 		if (	(ksslv != KSSLCertificate::Ok) &&
 			(ksslv != KSSLCertificate::Irrelevant) &&
 			purpose == KSSLCertificate::SSLServer) {
-			d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX,
+			d->kossl->X509_STORE_CTX_set_purpose(certStoreCTXServer,
 						X509_PURPOSE_NS_SSL_SERVER);
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-                        X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK);
+                        X509_STORE_CTX_set_error(certStoreCTXServer, X509_V_OK);
 #else
-			certStoreCTX->error = X509_V_OK;
+			certStoreCTXServer->error = X509_V_OK;
 #endif
-			rc = d->kossl->X509_verify_cert(certStoreCTX);
+			rc = d->kossl->X509_verify_cert(certStoreCTXServer);
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-			errcode = X509_STORE_CTX_get_error(certStoreCTX);
+			errcode = X509_STORE_CTX_get_error(certStoreCTXServer);
 #else
-			errcode = certStoreCTX->error;
+			errcode = certStoreCTXServer->error;
 #endif
 			ksslv = processError(errcode);
 		}
 		d->kossl->X509_STORE_CTX_free(certStoreCTX);
+		d->kossl->X509_STORE_CTX_free(certStoreCTXServer);
 		d->kossl->X509_STORE_free(certStore);
 		// end of checking code
 		//

Places

File kdelibs-fix-x509-store-ctx-used-twice.patch of Package kdelibs3

Places