security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2025-01-24 20:37:27 +01:00
Code Issues Releases Wiki Activity

better memory management and extraction of the openssl initialization

Browse Source
This commit is contained in:
kakwa 2016-09-02 07:42:23 +02:00
parent 16a34d9c7d
commit 1454ea4880
3 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
inc/rfc3161.h
View File

@ -38,3 +38,4 @@ static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section, TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
const char *policy); const char *policy);
int add_oid_section(rfc3161_context *ct, CONF *conf); int add_oid_section(rfc3161_context *ct, CONF *conf);
void init_ssl();

1
src/lib/http.c
View File

@ -186,6 +186,7 @@ int http_server_start(char *conffile, char *conf_wd, bool stdout_dbg) {
rfc3161_context *ct = (rfc3161_context *)calloc(1, sizeof(rfc3161_context)); rfc3161_context *ct = (rfc3161_context *)calloc(1, sizeof(rfc3161_context));
ct->stdout_dbg = stdout_dbg; ct->stdout_dbg = stdout_dbg;
ct->loglevel = 8; ct->loglevel = 8;
init_ssl();
if (!set_params(ct, conffile, conf_wd)) if (!set_params(ct, conffile, conf_wd))
return EXIT_FAILURE; return EXIT_FAILURE;

16
src/lib/rfc3161.c
View File

@ -66,16 +66,19 @@ int add_oid_section(rfc3161_context *ct, CONF *conf) {
return 1; return 1;
} }
void init_ssl(){
SSL_load_error_strings();
ERR_load_BIO_strings();
SSL_library_init();
ERR_load_TS_strings();
}
TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section, TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
const char *policy) { const char *policy) {
unsigned long err_code; unsigned long err_code;
unsigned long err_code_prev = 0; unsigned long err_code_prev = 0;
TS_RESP_CTX *resp_ctx = NULL; TS_RESP_CTX *resp_ctx = NULL;
SSL_load_error_strings();
ERR_load_BIO_strings();
SSL_library_init();
if ((section = TS_CONF_get_tsa_section(conf, section)) == NULL) { if ((section = TS_CONF_get_tsa_section(conf, section)) == NULL) {
uts_logger(ct, LOG_ERR, "failed to get or use '%s' in section [ %s ]", uts_logger(ct, LOG_ERR, "failed to get or use '%s' in section [ %s ]",
"default_tsa", "tsa"); "default_tsa", "tsa");
@ -161,7 +164,6 @@ TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
end: end:
while ((err_code = ERR_get_error())) { while ((err_code = ERR_get_error())) {
if (err_code_prev != err_code) { if (err_code_prev != err_code) {
ERR_load_TS_strings();
uts_logger(ct, LOG_DEBUG, "OpenSSL exception: '%s'", uts_logger(ct, LOG_DEBUG, "OpenSSL exception: '%s'",
ERR_error_string(err_code, NULL)); ERR_error_string(err_code, NULL));
uts_logger(ct, LOG_ERR, "error '%s' in OpenSSL component '%s'", uts_logger(ct, LOG_ERR, "error '%s' in OpenSSL component '%s'",
@ -214,12 +216,12 @@ end:
BIGNUM *serial_bn = ASN1_INTEGER_to_BN(serial, NULL); BIGNUM *serial_bn = ASN1_INTEGER_to_BN(serial, NULL);
char *serial_hex = BN_bn2hex(serial_bn); char *serial_hex = BN_bn2hex(serial_bn);
BN_free(serial_bn); BN_free(serial_bn);
*serial_id = calloc(SERIAL_ID_SIZE, sizeof(char)); *serial_id = calloc(SERIAL_ID_SIZE + 1, sizeof(char));
strncpy(*serial_id, serial_hex, SERIAL_ID_SIZE); strncpy(*serial_id, serial_hex, SERIAL_ID_SIZE);
// replacing '\n' by '|' to log on one line only // replacing '\n' by '|' to log on one line only
char *temp = strstr(bptr->data, "\n"); char *temp = strstr(bptr->data, "\n");
while ((temp = strstr(bptr->data, "\n")) != NULL) { while (temp != NULL && (temp = strstr(bptr->data, "\n")) != NULL) {
temp[0] = '|'; temp[0] = '|';
} }
uts_logger(ct, LOG_DEBUG, uts_logger(ct, LOG_DEBUG,