Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(483)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: runtime/bin/security_context.cc

Issue 2923163004: Fixed memory leak in SetTrustedCertificates in SecurityContext (Closed)
Patch Set: Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED) 5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED)
6 6
7 #include "bin/security_context.h" 7 #include "bin/security_context.h"
8 8
9 #include <openssl/bio.h> 9 #include <openssl/bio.h>
10 #include <openssl/err.h> 10 #include <openssl/err.h>
(...skipping 210 matching lines...) Expand 10 before | Expand all | Expand 10 after
221 // file, or that the file isn't PEM. In the first case, status will be 221 // file, or that the file isn't PEM. In the first case, status will be
222 // non-zero indicating success. In the second case, status will be 0, 222 // non-zero indicating success. In the second case, status will be 0,
223 // indicating that we should try to read as PKCS12. If there is some other 223 // indicating that we should try to read as PKCS12. If there is some other
224 // error, we return it up to the caller. 224 // error, we return it up to the caller.
225 return SecureSocketUtils::NoPEMStartLine() ? status : 0; 225 return SecureSocketUtils::NoPEMStartLine() ? status : 0;
226 } 226 }
227 227
228 228
229 void SSLCertContext::SetTrustedCertificatesBytes(Dart_Handle cert_bytes, 229 void SSLCertContext::SetTrustedCertificatesBytes(Dart_Handle cert_bytes,
230 const char* password) { 230 const char* password) {
231 ScopedMemBIO bio(cert_bytes); 231 int status = 0;
232 int status = SetTrustedCertificatesBytesPEM(context(), bio.bio()); 232 {
233 if (status == 0) { 233 ScopedMemBIO bio(cert_bytes);
234 if (SecureSocketUtils::NoPEMStartLine()) { 234 status = SetTrustedCertificatesBytesPEM(context(), bio.bio());
235 if (status == 0) {
236 if (SecureSocketUtils::NoPEMStartLine()) {
237 ERR_clear_error();
238 BIO_reset(bio.bio());
239 status =
240 SetTrustedCertificatesBytesPKCS12(context(), bio.bio(), password);
241 }
242 } else {
243 // The PEM file was successfully parsed.
235 ERR_clear_error(); 244 ERR_clear_error();
236 BIO_reset(bio.bio());
237 status =
238 SetTrustedCertificatesBytesPKCS12(context(), bio.bio(), password);
239 } 245 }
240 } else {
241 // The PEM file was successfully parsed.
242 ERR_clear_error();
243 } 246 }
244
245 SecureSocketUtils::CheckStatus(status, "TlsException", 247 SecureSocketUtils::CheckStatus(status, "TlsException",
246 "Failure trusting builtin roots"); 248 "Failure trusting builtin roots");
247 } 249 }
248 250
249 251
250 static int SetClientAuthoritiesPKCS12(SSL_CTX* context, 252 static int SetClientAuthoritiesPKCS12(SSL_CTX* context,
251 BIO* bio, 253 BIO* bio,
252 const char* password) { 254 const char* password) {
253 ScopedPKCS12 p12(d2i_PKCS12_bio(bio, NULL)); 255 ScopedPKCS12 p12(d2i_PKCS12_bio(bio, NULL));
254 if (p12.get() == NULL) { 256 if (p12.get() == NULL) {
(...skipping 600 matching lines...) Expand 10 before | Expand all | Expand 10 after
855 Dart_ThrowException(DartUtils::NewDartArgumentError( 857 Dart_ThrowException(DartUtils::NewDartArgumentError(
856 "Non-boolean is_server argument passed to SetAlpnProtocols")); 858 "Non-boolean is_server argument passed to SetAlpnProtocols"));
857 } 859 }
858 } 860 }
859 861
860 } // namespace bin 862 } // namespace bin
861 } // namespace dart 863 } // namespace dart
862 864
863 #endif // !defined(DART_IO_DISABLED) && 865 #endif // !defined(DART_IO_DISABLED) &&
864 // !defined(DART_IO_SECURE_SOCKET_DISABLED) 866 // !defined(DART_IO_SECURE_SOCKET_DISABLED)
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698