r3095 - in trunk/libmcrypto/source: . gnutls

mikma at minisip.org mikma at minisip.org
Sun Jan 7 16:29:48 CET 2007 

Author: mikma
Date: 2007-01-07 16:29:47 +0100 (Sun, 07 Jan 2007)
New Revision: 3095

Modified:
   trunk/libmcrypto/source/cert.cxx
   trunk/libmcrypto/source/gnutls/cert.cxx
Log:
* Fix leaks in ca_db.
* Make a copy of GNU TLS certificates before storing it in the CA db.


Modified: trunk/libmcrypto/source/cert.cxx
===================================================================
--- trunk/libmcrypto/source/cert.cxx	2007-01-07 14:44:34 UTC (rev 3094)
+++ trunk/libmcrypto/source/cert.cxx	2007-01-07 15:29:47 UTC (rev 3095)
@@ -116,6 +116,13 @@
 }
 
 ca_db::~ca_db(){
+	std::list<ca_db_item *>::iterator i;
+	std::list<ca_db_item *>::iterator last = items.end();
+
+	for( i = items.begin(); i != last; i++ ){
+		ca_db_item* item = *i;
+		delete item;
+	}
 }
 
 void ca_db::lock(){

Modified: trunk/libmcrypto/source/gnutls/cert.cxx
===================================================================
--- trunk/libmcrypto/source/gnutls/cert.cxx	2007-01-07 14:44:34 UTC (rev 3094)
+++ trunk/libmcrypto/source/gnutls/cert.cxx	2007-01-07 15:29:47 UTC (rev 3095)
@@ -946,6 +946,11 @@
 
 gtls_ca_db_item::~gtls_ca_db_item(){
 	if( certs ){
+		for( unsigned int i=0; i < num_certs; i++ ){
+			gnutls_x509_crt_deinit( certs[i] );
+			certs[i] = NULL;
+		}
+
 		delete[] certs;
 		certs = NULL;
 		num_certs = 0;
@@ -1164,7 +1169,31 @@
 	item->type = CERT_DB_ITEM_TYPE_OTHER;
 	item->num_certs = 1;
 	item->certs = new gnutls_x509_crt_t[item->num_certs];
-	item->certs[0] = dynamic_cast<gtls_certificate*>(cert)->get_certificate();
+	item->certs[0] = NULL;
+
+	int ret = gnutls_x509_crt_init( &item->certs[0] );
+
+	if( ret != 0 ){
+		throw certificate_exception_init( 
+		 	"Could not initialize the certificate structure" );
+	}
+        
+	gnutls_datum der;
+
+	der.size = cert->get_der_length();
+	der.data = new byte_t[ der.size ];
+	cert->get_der( der.data, &der.size );
+
+	ret = gnutls_x509_crt_import( item->certs[0], &der, GNUTLS_X509_FMT_DER );
+
+	delete[] der.data;
+	der.data = NULL;
+
+	if( ret != 0 ){
+	 	throw certificate_exception( 
+		 	"Could not import the given certificate" );
+	}
+
 	return item;
 }

More information about the Minisip-devel mailing list