[openssl] openssl-3.0 update

tomas at openssl.org tomas at openssl.org
Mon Oct 25 12:34:17 UTC 2021 

The branch openssl-3.0 has been updated
       via  c5eae99ae7a9efaf2f554221638b9f0d13761c79 (commit)
      from  97c3d21311c5f46fb7b07f92a49387d9548e37e6 (commit)


- Log -----------------------------------------------------------------
commit c5eae99ae7a9efaf2f554221638b9f0d13761c79
Author: Tomas Mraz <tomas at openssl.org>
Date:   Thu Oct 21 19:06:55 2021 +0200

    X509_dup: Avoid duplicating the embedded EVP_PKEY
    
    The EVP_PKEY will be recreated from scratch which is OK.
    
    Fixes #16606
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16648)
    
    (cherry picked from commit e0c5184a56b6580127b39774f9e4e0f2caef696e)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x_x509.c | 19 ++-----------------
 1 file changed, 2 insertions(+), 17 deletions(-)

diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index d14de0e77e..010578b19a 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -104,23 +104,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
 
             if (!ossl_x509_set0_libctx(ret, old->libctx, old->propq))
                 return 0;
-            if (old->cert_info.key != NULL) {
-                EVP_PKEY *pkey = X509_PUBKEY_get0(old->cert_info.key);
-
-                if (pkey != NULL) {
-                    pkey = EVP_PKEY_dup(pkey);
-                    if (pkey == NULL) {
-                        ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
-                        return 0;
-                    }
-                    if (!X509_PUBKEY_set(&ret->cert_info.key, pkey)) {
-                        EVP_PKEY_free(pkey);
-                        ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
-                        return 0;
-                    }
-                    EVP_PKEY_free(pkey);
-                }
-            }
         }
         break;
     case ASN1_OP_GET0_LIBCTX:
@@ -130,6 +113,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             *libctx = ret->libctx;
         }
         break;
+
     case ASN1_OP_GET0_PROPQ:
         {
             const char **propq = exarg;
@@ -137,6 +121,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             *propq = ret->propq;
         }
         break;
+
     default:
         break;
     }

More information about the openssl-commits mailing list