yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 17:05:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add guards for MBEDTLS_X509_CRL_PARSE_C in sample

Browse Source 
Add checks in `ssl_server2` that `MBEDTLS_X509_CRL_PARSE_C` is defined
to fix compilation issue. Fixes #560.
This commit is contained in:
Ron Eldor 2019-04-04 15:02:01 +03:00
parent 57773d4ede
commit 80d0419189
2 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -83,6 +83,8 @@ Bugfix
extensions in CSRs and CRTs that caused these bitstrings to not be encoded extensions in CSRs and CRTs that caused these bitstrings to not be encoded
correctly as trailing zeroes were not accounted for as unused bits in the correctly as trailing zeroes were not accounted for as unused bits in the
leading content octet. Fixes #1610. leading content octet. Fixes #1610.
* Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl
sni entry parameter. Reported by inestlerode in #560.
Changes Changes
* Reduce RAM consumption during session renegotiation by not storing * Reduce RAM consumption during session renegotiation by not storing

21
programs/ssl/ssl_server2.c
View File

@ -282,8 +282,14 @@ int main( void )
#endif /* MBEDTLS_SSL_CACHE_C */ #endif /* MBEDTLS_SSL_CACHE_C */
#if defined(SNI_OPTION) #if defined(SNI_OPTION)
#if defined(MBEDTLS_X509_CRL_PARSE_C)
#define SNI_CRL ",crl"
#else
#define SNI_CRL ""
#endif
#define USAGE_SNI \ #define USAGE_SNI \
" sni=%%s name1,cert1,key1,ca1,crl1,auth1[,...]\n" \ " sni=%%s name1,cert1,key1,ca1"SNI_CRL",auth1[,...]\n" \
" default: disabled\n" " default: disabled\n"
#else #else
#define USAGE_SNI "" #define USAGE_SNI ""
@ -654,10 +660,10 @@ void sni_free( sni_entry *head )
mbedtls_x509_crt_free( cur->ca ); mbedtls_x509_crt_free( cur->ca );
mbedtls_free( cur->ca ); mbedtls_free( cur->ca );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_free( cur->crl ); mbedtls_x509_crl_free( cur->crl );
mbedtls_free( cur->crl ); mbedtls_free( cur->crl );
#endif
next = cur->next; next = cur->next;
mbedtls_free( cur ); mbedtls_free( cur );
cur = next; cur = next;
@ -676,7 +682,10 @@ sni_entry *sni_parse( char *sni_string )
sni_entry *cur = NULL, *new = NULL; sni_entry *cur = NULL, *new = NULL;
char *p = sni_string; char *p = sni_string;
char *end = p; char *end = p;
char *crt_file, *key_file, *ca_file, *crl_file, *auth_str; char *crt_file, *key_file, *ca_file, *auth_str;
#if defined(MBEDTLS_X509_CRL_PARSE_C)
char *crl_file;
#endif
while( *end != '\0' ) while( *end != '\0' )
++end; ++end;
@ -694,7 +703,9 @@ sni_entry *sni_parse( char *sni_string )
GET_ITEM( crt_file ); GET_ITEM( crt_file );
GET_ITEM( key_file ); GET_ITEM( key_file );
GET_ITEM( ca_file ); GET_ITEM( ca_file );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
GET_ITEM( crl_file ); GET_ITEM( crl_file );
#endif
GET_ITEM( auth_str ); GET_ITEM( auth_str );
if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL || if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ||
@ -719,6 +730,7 @@ sni_entry *sni_parse( char *sni_string )
goto error; goto error;
} }
#if defined(MBEDTLS_X509_CRL_PARSE_C)
if( strcmp( crl_file, "-" ) != 0 ) if( strcmp( crl_file, "-" ) != 0 )
{ {
if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL ) if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL )
@ -729,6 +741,7 @@ sni_entry *sni_parse( char *sni_string )
if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 ) if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 )
goto error; goto error;
} }
#endif
if( strcmp( auth_str, "-" ) != 0 ) if( strcmp( auth_str, "-" ) != 0 )
{ {