mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 06:45:38 +01:00
Don't use assertion for failures of mbedtls_x509_crt_x_acquire()
These functions may afil in a regular run, e.g. due to an out of memory error.
This commit is contained in:
parent
d92078fc55
commit
2224ccf390
@ -2328,9 +2328,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||||||
&peer_pk );
|
&peer_pk );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
/* Should never happen */
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
return( ret );
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
@ -2472,9 +2471,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
|||||||
&peer_pk );
|
&peer_pk );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
/* Should never happen */
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
return( ret );
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
|
|
||||||
@ -2822,9 +2820,8 @@ start_processing:
|
|||||||
&peer_pk );
|
&peer_pk );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
/* Should never happen */
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
return( ret );
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
|
|
||||||
|
@ -815,8 +815,11 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||||||
int ret;
|
int ret;
|
||||||
ret = mbedtls_x509_crt_pk_acquire( cur->cert, &pk );
|
ret = mbedtls_x509_crt_pk_acquire( cur->cert, &pk );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
}
|
||||||
#else
|
#else
|
||||||
/* Outside of ASYNC_PRIVATE, use private key context directly
|
/* Outside of ASYNC_PRIVATE, use private key context directly
|
||||||
* instead of querying for the public key context from the
|
* instead of querying for the public key context from the
|
||||||
@ -877,7 +880,10 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||||||
mbedtls_x509_crt_frame const *frame;
|
mbedtls_x509_crt_frame const *frame;
|
||||||
ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame );
|
ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_frame_acquire", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
}
|
||||||
sig_md = frame->sig_md;
|
sig_md = frame->sig_md;
|
||||||
mbedtls_x509_crt_frame_release( cur->cert );
|
mbedtls_x509_crt_frame_release( cur->cert );
|
||||||
}
|
}
|
||||||
@ -2999,7 +3005,10 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||||||
mbedtls_x509_crt_frame const *frame;
|
mbedtls_x509_crt_frame const *frame;
|
||||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_frame_acquire", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
dn_size = frame->subject_raw.len;
|
dn_size = frame->subject_raw.len;
|
||||||
|
|
||||||
@ -4247,9 +4256,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||||||
&peer_pk );
|
&peer_pk );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
/* Should never happen */
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
return( ret );
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
|
@ -6507,7 +6507,10 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||||||
mbedtls_pk_context *pk;
|
mbedtls_pk_context *pk;
|
||||||
ret = mbedtls_x509_crt_pk_acquire( chain, &pk );
|
ret = mbedtls_x509_crt_pk_acquire( chain, &pk );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
/* If certificate uses an EC key, make sure the curve is OK */
|
/* If certificate uses an EC key, make sure the curve is OK */
|
||||||
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) )
|
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) )
|
||||||
|
Loading…
Reference in New Issue
Block a user