mirror of https://github.com/wolfSSL/wolfssl.git
sb fixes for crl and ocsp
parent
04d0c581b1
commit
b2b45d3f4a
|
@ -4295,7 +4295,8 @@ static int DecodeSingleResponse(byte* source,
|
|||
break;
|
||||
case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED):
|
||||
cs->status = CERT_REVOKED;
|
||||
GetLength(source, &idx, &length, size);
|
||||
if (GetLength(source, &idx, &length, size) < 0)
|
||||
return ASN_PARSE_E;
|
||||
idx += length;
|
||||
break;
|
||||
case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN):
|
||||
|
|
7
src/io.c
7
src/io.c
|
@ -506,6 +506,10 @@ static INLINE int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
|
|||
}
|
||||
|
||||
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
|
||||
if (*sockfd < 0) {
|
||||
CYASSL_MSG("bad socket fd, out of fds?");
|
||||
return -1;
|
||||
}
|
||||
XMEMSET(&addr, 0, sizeof(SOCKADDR_IN_T));
|
||||
|
||||
addr.sin_family = AF_INET_V;
|
||||
|
@ -672,7 +676,7 @@ int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
|
|||
byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
|
||||
{
|
||||
char domainName[80], path[80];
|
||||
int port, httpBufSz, sfd;
|
||||
int port, httpBufSz, sfd = -1;
|
||||
int ocspRespSz = 0;
|
||||
byte* httpBuf = NULL;
|
||||
|
||||
|
@ -725,6 +729,7 @@ int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
|
|||
}
|
||||
} else {
|
||||
CYASSL_MSG("OCSP Responder connection failed");
|
||||
close(sfd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
|
@ -274,7 +274,7 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
|
|||
}
|
||||
|
||||
if (ocsp->useOverrideUrl || cert->extAuthInfo == NULL) {
|
||||
if (ocsp->overrideUrl != NULL) {
|
||||
if (ocsp->overrideUrl[0] != '\0') {
|
||||
url = ocsp->overrideUrl;
|
||||
urlSz = (int)XSTRLEN(url);
|
||||
}
|
||||
|
@ -299,7 +299,7 @@ int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert)
|
|||
ocspReqBuf, ocspReqSz, &ocspRespBuf);
|
||||
}
|
||||
|
||||
if (result >= 0) {
|
||||
if (result >= 0 && ocspRespBuf) {
|
||||
InitOcspResponse(&ocspResponse, certStatus, ocspRespBuf, result);
|
||||
OcspResponseDecode(&ocspResponse);
|
||||
|
||||
|
|
10
src/ssl.c
10
src/ssl.c
|
@ -955,7 +955,10 @@ int CyaSSL_Init(void)
|
|||
ret = BAD_MUTEX_ERROR;
|
||||
}
|
||||
if (ret == 0) {
|
||||
LockMutex(&count_mutex);
|
||||
if (LockMutex(&count_mutex) != 0) {
|
||||
CYASSL_MSG("Bad Lock Mutex count");
|
||||
return BAD_MUTEX_ERROR;
|
||||
}
|
||||
initRefCount++;
|
||||
UnLockMutex(&count_mutex);
|
||||
}
|
||||
|
@ -3018,7 +3021,10 @@ int CyaSSL_Cleanup(void)
|
|||
|
||||
CYASSL_ENTER("CyaSSL_Cleanup");
|
||||
|
||||
LockMutex(&count_mutex);
|
||||
if (LockMutex(&count_mutex) != 0) {
|
||||
CYASSL_MSG("Bad Lock Mutex count");
|
||||
return BAD_MUTEX_ERROR;
|
||||
}
|
||||
|
||||
release = initRefCount-- == 1;
|
||||
if (initRefCount < 0)
|
||||
|
|
Loading…
Reference in New Issue