fivedev/harbour-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2025-01-28 13:46 UTC+0100 Przemyslaw Czerpak (druzus/at/poczta.onet.pl)

Browse Source 
* contrib/hbssl/hbssl.h
  * contrib/hbssl/evppkey.c
  * contrib/hbssl/rsa.c
    * reenabled hb_RSA_par_remove() for old OpenSSL() versions (<=0.9.6) which
      do not support RSA_up_ref()

  * contrib/hbssl/ssl.c
    ! use
         x509 = X509_dup( x509 );
         X509_check_purpose( x509, -1, 0 );
      instead of
         X509_up_ref( x509 );
      in OpenSSL versions prior 0x10100000L - they do not support X509_up_ref()

  * contrib/hbssl/x509.c
    * check passed parameters more strictly
    * return NIL when X509 certificate cannot be allocated/accessed
This commit is contained in:
Przemysław Czerpak
2025-01-28 13:46:38 +01:00
parent 08819f56f2
commit a8117990d8
6 changed files with 54 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
ChangeLog.txt
View File

@@ -7,6 +7,25 @@
Entries may not always be in chronological/commit order.
See license at the end of file. */
2025-01-28 13:46 UTC+0100 Przemyslaw Czerpak (druzus/at/poczta.onet.pl)
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* reenabled hb_RSA_par_remove() for old OpenSSL() versions (<=0.9.6) which
do not support RSA_up_ref()
* contrib/hbssl/ssl.c
! use
x509 = X509_dup( x509 );
X509_check_purpose( x509, -1, 0 );
instead of
X509_up_ref( x509 );
in OpenSSL versions prior 0x10100000L - they do not support X509_up_ref()
* contrib/hbssl/x509.c
* check passed parameters more strictly
* return NIL when X509 certificate cannot be allocated/accessed
2025-01-28 12:23 UTC+0100 Przemyslaw Czerpak (druzus/at/poczta.onet.pl)
* contrib/hbssl/bio.c
! do not leave dummy BIO declaration for OpenSSL < 1.1.0

4
contrib/hbssl/evppkey.c
View File

@@ -238,7 +238,11 @@ HB_FUNC( EVP_PKEY_ASSIGN_RSA )
res = EVP_PKEY_assign_RSA( pkey, key );
if( res != 0 )
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
RSA_up_ref( key );
#else
hb_RSA_par_remove( 2 );
#endif
}
hb_retni( res );
}

1
contrib/hbssl/hbssl.h
View File

@@ -219,6 +219,7 @@ extern void hb_X509_ret( X509 * x509 );
extern HB_BOOL hb_RSA_is( int iParam );
extern RSA * hb_RSA_par( int iParam );
extern void hb_RSA_par_remove( int iParam );
extern void hb_RSA_ret( RSA * rsa );
extern HB_BOOL hb_EVP_MD_is( int iParam );

8
contrib/hbssl/rsa.c
View File

@@ -81,6 +81,14 @@ RSA * hb_RSA_par( int iParam )
return ph ? ( RSA * ) *ph : NULL;
}
void hb_RSA_par_remove( int iParam )
{
void ** ph = ( void ** ) hb_parptrGC( &s_gcRSA_funcs, iParam );
if( ph && * ph )
*ph = NULL;
}
void hb_RSA_ret( RSA * rsa )
{
void ** ph = ( void ** ) hb_gcAllocate( sizeof( RSA * ), &s_gcRSA_funcs );

11
contrib/hbssl/ssl.c
View File

@@ -72,6 +72,9 @@
#endif
#include "hbssl.h"
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#include <openssl/x509v3.h>
#endif
#include "hbapiitm.h"
#include "hbvm.h"
@@ -1433,7 +1436,15 @@ HB_FUNC( SSL_GET_CERTIFICATE )
X509 * x509 = SSL_get_certificate( ssl );
if( x509 )
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
X509_up_ref( x509 );
#else
x509 = X509_dup( x509 );
if( x509 )
X509_check_purpose( x509, -1, 0 );
#endif
}
hb_X509_ret( x509 );
}
}

15
contrib/hbssl/x509.c
View File

@@ -85,7 +85,9 @@ static const HB_GC_FUNCS s_gcX509_funcs =
HB_BOOL hb_X509_is( int iParam )
{
return hb_parptrGC( &s_gcX509_funcs, iParam ) != NULL;
PHB_X509 ph = ( PHB_X509 ) hb_parptrGC( &s_gcX509_funcs, iParam );
return ph && ph->pX509;
}
X509 * hb_X509_par( int iParam )
@@ -97,11 +99,16 @@ X509 * hb_X509_par( int iParam )
void hb_X509_ret( X509 * x509 )
{
PHB_X509 ph = ( PHB_X509 ) hb_gcAllocate( sizeof( HB_X509 ), &s_gcX509_funcs );
if( x509 )
{
PHB_X509 ph = ( PHB_X509 ) hb_gcAllocate( sizeof( HB_X509 ), &s_gcX509_funcs );
ph->pX509 = x509;
ph->pX509 = x509;
hb_retptrGC( ( void * ) ph );
hb_retptrGC( ( void * ) ph );
}
else
hb_ret();
}
HB_FUNC( X509_GET_SUBJECT_NAME )