From 92b289e100fce864f01a7c1834ef9415150fb260 Mon Sep 17 00:00:00 2001
From: kakwa <carpentier.pf@gmail.com>
Date: Fri, 2 Sep 2016 07:42:23 +0200
Subject: [PATCH] better memory management and extraction of the openssl
 initialization

---
 inc/rfc3161.h     |  1 +
 src/lib/http.c    |  1 +
 src/lib/rfc3161.c | 16 +++++++++-------
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/inc/rfc3161.h b/inc/rfc3161.h
index 6a09efc..b28348f 100644
--- a/inc/rfc3161.h
+++ b/inc/rfc3161.h
@@ -38,3 +38,4 @@ static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
 TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
                           const char *policy);
 int add_oid_section(rfc3161_context *ct, CONF *conf);
+void init_ssl();
diff --git a/src/lib/http.c b/src/lib/http.c
index 1329cf0..839dde2 100644
--- a/src/lib/http.c
+++ b/src/lib/http.c
@@ -186,6 +186,7 @@ int http_server_start(char *conffile, char *conf_wd, bool stdout_dbg) {
     rfc3161_context *ct = (rfc3161_context *)calloc(1, sizeof(rfc3161_context));
     ct->stdout_dbg = stdout_dbg;
     ct->loglevel = 8;
+    init_ssl();
     if (!set_params(ct, conffile, conf_wd))
         return EXIT_FAILURE;
 
diff --git a/src/lib/rfc3161.c b/src/lib/rfc3161.c
index afd951f..cb013a2 100644
--- a/src/lib/rfc3161.c
+++ b/src/lib/rfc3161.c
@@ -66,16 +66,19 @@ int add_oid_section(rfc3161_context *ct, CONF *conf) {
     return 1;
 }
 
+void init_ssl(){
+    SSL_load_error_strings();
+    ERR_load_BIO_strings();
+    SSL_library_init();
+    ERR_load_TS_strings();
+}
+
 TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
                           const char *policy) {
     unsigned long err_code;
     unsigned long err_code_prev = 0;
     TS_RESP_CTX *resp_ctx = NULL;
 
-    SSL_load_error_strings();
-    ERR_load_BIO_strings();
-    SSL_library_init();
-
     if ((section = TS_CONF_get_tsa_section(conf, section)) == NULL) {
         uts_logger(ct, LOG_ERR, "failed to get or use '%s' in section [ %s ]",
                    "default_tsa", "tsa");
@@ -161,7 +164,6 @@ TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
 end:
     while ((err_code = ERR_get_error())) {
         if (err_code_prev != err_code) {
-            ERR_load_TS_strings();
             uts_logger(ct, LOG_DEBUG, "OpenSSL exception: '%s'",
                        ERR_error_string(err_code, NULL));
             uts_logger(ct, LOG_ERR, "error '%s' in OpenSSL component '%s'",
@@ -214,12 +216,12 @@ end:
     BIGNUM *serial_bn = ASN1_INTEGER_to_BN(serial, NULL);
     char *serial_hex = BN_bn2hex(serial_bn);
     BN_free(serial_bn);
-    *serial_id = calloc(SERIAL_ID_SIZE, sizeof(char));
+    *serial_id = calloc(SERIAL_ID_SIZE + 1, sizeof(char));
     strncpy(*serial_id, serial_hex, SERIAL_ID_SIZE);
 
     // replacing '\n' by '|' to log on one line only
     char *temp = strstr(bptr->data, "\n");
-    while ((temp = strstr(bptr->data, "\n")) != NULL) {
+    while (temp != NULL && (temp = strstr(bptr->data, "\n")) != NULL) {
         temp[0] = '|';
     }
     uts_logger(ct, LOG_DEBUG,