Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 8328:018a09b766ef
SSL: X509_NAME_oneline() error handling.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sat, 20 Feb 2021 18:02:49 +0300 |
parents | 7efae6b4cfb0 |
children | 3bed5797a1b7 |
comparison
equal
deleted
inserted
replaced
8327:549b13cd793b | 8328:018a09b766ef |
---|---|
1017 cert = X509_STORE_CTX_get_current_cert(x509_store); | 1017 cert = X509_STORE_CTX_get_current_cert(x509_store); |
1018 err = X509_STORE_CTX_get_error(x509_store); | 1018 err = X509_STORE_CTX_get_error(x509_store); |
1019 depth = X509_STORE_CTX_get_error_depth(x509_store); | 1019 depth = X509_STORE_CTX_get_error_depth(x509_store); |
1020 | 1020 |
1021 sname = X509_get_subject_name(cert); | 1021 sname = X509_get_subject_name(cert); |
1022 subject = sname ? X509_NAME_oneline(sname, NULL, 0) : "(none)"; | 1022 |
1023 if (sname) { | |
1024 subject = X509_NAME_oneline(sname, NULL, 0); | |
1025 if (subject == NULL) { | |
1026 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, | |
1027 "X509_NAME_oneline() failed"); | |
1028 } | |
1029 | |
1030 } else { | |
1031 subject = NULL; | |
1032 } | |
1023 | 1033 |
1024 iname = X509_get_issuer_name(cert); | 1034 iname = X509_get_issuer_name(cert); |
1025 issuer = iname ? X509_NAME_oneline(iname, NULL, 0) : "(none)"; | 1035 |
1036 if (iname) { | |
1037 issuer = X509_NAME_oneline(iname, NULL, 0); | |
1038 if (issuer == NULL) { | |
1039 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, | |
1040 "X509_NAME_oneline() failed"); | |
1041 } | |
1042 | |
1043 } else { | |
1044 issuer = NULL; | |
1045 } | |
1026 | 1046 |
1027 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1047 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1028 "verify:%d, error:%d, depth:%d, " | 1048 "verify:%d, error:%d, depth:%d, " |
1029 "subject:\"%s\", issuer:\"%s\"", | 1049 "subject:\"%s\", issuer:\"%s\"", |
1030 ok, err, depth, subject, issuer); | 1050 ok, err, depth, |
1031 | 1051 subject ? subject : "(none)", |
1032 if (sname) { | 1052 issuer ? issuer : "(none)"); |
1053 | |
1054 if (subject) { | |
1033 OPENSSL_free(subject); | 1055 OPENSSL_free(subject); |
1034 } | 1056 } |
1035 | 1057 |
1036 if (iname) { | 1058 if (issuer) { |
1037 OPENSSL_free(issuer); | 1059 OPENSSL_free(issuer); |
1038 } | 1060 } |
1039 #endif | 1061 #endif |
1040 | 1062 |
1041 return 1; | 1063 return 1; |
4898 X509_free(cert); | 4920 X509_free(cert); |
4899 return NGX_ERROR; | 4921 return NGX_ERROR; |
4900 } | 4922 } |
4901 | 4923 |
4902 p = X509_NAME_oneline(name, NULL, 0); | 4924 p = X509_NAME_oneline(name, NULL, 0); |
4925 if (p == NULL) { | |
4926 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "X509_NAME_oneline() failed"); | |
4927 X509_free(cert); | |
4928 return NGX_ERROR; | |
4929 } | |
4903 | 4930 |
4904 for (len = 0; p[len]; len++) { /* void */ } | 4931 for (len = 0; p[len]; len++) { /* void */ } |
4905 | 4932 |
4906 s->len = len; | 4933 s->len = len; |
4907 s->data = ngx_pnalloc(pool, len); | 4934 s->data = ngx_pnalloc(pool, len); |
4941 X509_free(cert); | 4968 X509_free(cert); |
4942 return NGX_ERROR; | 4969 return NGX_ERROR; |
4943 } | 4970 } |
4944 | 4971 |
4945 p = X509_NAME_oneline(name, NULL, 0); | 4972 p = X509_NAME_oneline(name, NULL, 0); |
4973 if (p == NULL) { | |
4974 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "X509_NAME_oneline() failed"); | |
4975 X509_free(cert); | |
4976 return NGX_ERROR; | |
4977 } | |
4946 | 4978 |
4947 for (len = 0; p[len]; len++) { /* void */ } | 4979 for (len = 0; p[len]; len++) { /* void */ } |
4948 | 4980 |
4949 s->len = len; | 4981 s->len = len; |
4950 s->data = ngx_pnalloc(pool, len); | 4982 s->data = ngx_pnalloc(pool, len); |