[xmlsec] X509 aux data with OpenSSL engine
Aleksey Sanin
aleksey at aleksey.com
Fri May 2 11:30:13 PDT 2003
I also think the second option is better. Can you try the attached
patch, please? I'll check it in if it will work for you.
Aleksey
-------------- next part --------------
Index: app.c
===================================================================
RCS file: /cvs/gnome/xmlsec/src/openssl/app.c,v
retrieving revision 1.29
diff -u -r1.29 app.c
--- app.c 15 Apr 2003 03:36:29 -0000 1.29
+++ app.c 2 May 2003 18:28:06 -0000
@@ -337,7 +337,6 @@
"filename=%s", xmlSecErrorsSafeString(filename));
goto done;
}
- sk_X509_push(chain, cert);
data = xmlSecOpenSSLEvpKeyAdopt(pKey);
if(data == NULL) {
@@ -371,8 +370,9 @@
xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
goto done;
}
-
- ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(x509Data, tmpcert);
+ sk_X509_push(chain, tmpcert);
+
+ ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(x509Data, cert);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -383,6 +383,7 @@
X509_free(tmpcert);
goto done;
}
+ cert = NULL;
for(i = 0; i < sk_X509_num(chain); ++i) {
xmlSecAssert2(sk_X509_value(chain, i), NULL);
@@ -458,6 +459,9 @@
}
if(chain != NULL) {
sk_X509_pop_free(chain, X509_free);
+ }
+ if(cert != NULL) {
+ X509_free(cert);
}
if(p12 != NULL) {
PKCS12_free(p12);
More information about the xmlsec
mailing list