Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:belphegor_belbel:KDE3
kdelibs3
kdelibs-fix-x509-store-ctx-used-twice.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File kdelibs-fix-x509-store-ctx-used-twice.patch of Package kdelibs3
diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.cc kdelibs-3.5.10/kio/kssl/ksslcertificate.cc --- kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.cc 2022-12-02 13:17:24.723336768 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslcertificate.cc 2022-12-02 17:43:52.244391573 +0900 @@ -691,7 +691,7 @@ #ifdef KSSL_HAVE_SSL X509_STORE *certStore; X509_LOOKUP *certLookup; - X509_STORE_CTX *certStoreCTX; + X509_STORE_CTX *certStoreCTX, *certStoreCTXServer; int rc = 0; if (!d->m_cert) @@ -747,24 +747,32 @@ // This is the checking code certStoreCTX = d->kossl->X509_STORE_CTX_new(); + certStoreCTXServer = d->kossl->X509_STORE_CTX_new(); // this is a bad error - could mean no free memory. // This may be the wrong thing to do here - if (!certStoreCTX) { + if ((!certStoreCTX) || (!certStoreCTXServer)) { kdDebug(7029) << "KSSL couldn't create an X509 store context." << endl; d->kossl->X509_STORE_free(certStore); + if (certStoreCTX) + d->kossl->X509_STORE_CTX_free(certStoreCTX); + if (certStoreCTXServer) + d->kossl->X509_STORE_CTX_free(certStoreCTXServer); continue; } d->kossl->X509_STORE_CTX_init(certStoreCTX, certStore, d->m_cert, NULL); + d->kossl->X509_STORE_CTX_init(certStoreCTXServer, certStore, d->m_cert, NULL); if (d->_chain.isValid()) { d->kossl->X509_STORE_CTX_set_chain(certStoreCTX, (STACK_OF(X509)*)d->_chain.rawChain()); + d->kossl->X509_STORE_CTX_set_chain(certStoreCTXServer, (STACK_OF(X509)*)d->_chain.rawChain()); } //kdDebug(7029) << "KSSL setting CRL.............." << endl; // int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, purposeToOpenSSL(purpose)); + d->kossl->X509_STORE_CTX_set_purpose(certStoreCTXServer, purposeToOpenSSL(purpose)); KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; KSSL_X509CallBack_ca_found = false; @@ -789,23 +797,24 @@ if ( (ksslv != KSSLCertificate::Ok) && (ksslv != KSSLCertificate::Irrelevant) && purpose == KSSLCertificate::SSLServer) { - d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, + d->kossl->X509_STORE_CTX_set_purpose(certStoreCTXServer, X509_PURPOSE_NS_SSL_SERVER); #if OPENSSL_VERSION_NUMBER >= 0x10100000L - X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + X509_STORE_CTX_set_error(certStoreCTXServer, X509_V_OK); #else - certStoreCTX->error = X509_V_OK; + certStoreCTXServer->error = X509_V_OK; #endif - rc = d->kossl->X509_verify_cert(certStoreCTX); + rc = d->kossl->X509_verify_cert(certStoreCTXServer); #if OPENSSL_VERSION_NUMBER >= 0x10100000L - errcode = X509_STORE_CTX_get_error(certStoreCTX); + errcode = X509_STORE_CTX_get_error(certStoreCTXServer); #else - errcode = certStoreCTX->error; + errcode = certStoreCTXServer->error; #endif ksslv = processError(errcode); } d->kossl->X509_STORE_CTX_free(certStoreCTX); + d->kossl->X509_STORE_CTX_free(certStoreCTXServer); d->kossl->X509_STORE_free(certStore); // end of checking code //
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor