diff options
| author |   tobhe <tobhe@openbsd.org> | 2020-04-06 20:23:16 +0000 |
|---|---|---|
| committer | tobhe <tobhe@openbsd.org> | 2020-04-06 20:23:16 +0000 |
| commit | 82576a8f09c74301d767b49340abb83a885c171a (patch) | |
| tree | 0098cfa1afd82b453666cdfcc009c1f59ddb0386 | |
| parent | wi(4): tsleep(9) -> tsleep_nsec(9); ok stsp@ (diff) | |
| download | wireguard-openbsd-82576a8f09c74301d767b49340abb83a885c171a.tar.xz wireguard-openbsd-82576a8f09c74301d767b49340abb83a885c171a.zip | |
Fix pubkey leak in CA process for ASN1_DN IDs.
ok markus@
| -rw-r--r-- | sbin/iked/ca.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/sbin/iked/ca.c b/sbin/iked/ca.c index f750c9261cd..46d123a3623 100644 --- a/sbin/iked/ca.c +++ b/sbin/iked/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.55 2020/04/01 21:09:26 tobhe Exp $ */ +/* $OpenBSD: ca.c,v 1.56 2020/04/06 20:23:16 tobhe Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -1383,8 +1383,6 @@ ca_validate_pubkey(struct iked *env, struct iked_static_id *id, ca_sslerror(__func__); done: ibuf_release(idp.id_buf); - if (peerkey != NULL) - EVP_PKEY_free(peerkey); if (localkey != NULL) EVP_PKEY_free(localkey); if (peerrsa != NULL) @@ -1393,8 +1391,11 @@ ca_validate_pubkey(struct iked *env, struct iked_static_id *id, EC_KEY_free(peerec); if (localrsa != NULL) RSA_free(localrsa); - if (rawcert != NULL) + if (rawcert != NULL) { BIO_free(rawcert); + if (peerkey != NULL) + EVP_PKEY_free(peerkey); + } return (ret); } @@ -1407,6 +1408,7 @@ ca_validate_cert(struct iked *env, struct iked_static_id *id, X509_STORE_CTX csc; BIO *rawcert = NULL; X509 *cert = NULL; + EVP_PKEY *pkey; int ret = -1, result, error; X509_NAME *subject; const char *errstr = "failed"; @@ -1429,8 +1431,13 @@ ca_validate_cert(struct iked *env, struct iked_static_id *id, } if (id != NULL) { - if ((ret = ca_validate_pubkey(env, id, X509_get_pubkey(cert), - 0)) == 0) { + if ((pkey = X509_get_pubkey(cert)) == NULL) { + errstr = "no public key in cert"; + goto done; + } + ret = ca_validate_pubkey(env, id, pkey, 0); + EVP_PKEY_free(pkey); + if (ret == 0) { errstr = "in public key file, ok"; goto done; } |