这篇教程C++ BUF_MEM_grow_clean函数代码示例写得很实用,希望能帮到您。
本文整理汇总了C++中BUF_MEM_grow_clean函数的典型用法代码示例。如果您正苦于以下问题:C++ BUF_MEM_grow_clean函数的具体用法?C++ BUF_MEM_grow_clean怎么用?C++ BUF_MEM_grow_clean使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。 在下文中一共展示了BUF_MEM_grow_clean函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。 示例1: dtls1_process_out_of_seq_messagestatic intdtls1_process_out_of_seq_message(SSL *s, struct hm_header_st *msg_hdr, int *ok) { int i; unsigned char *p; /* make sure there's enough room to read this fragment */ if ( (int)msg_hdr->frag_len && !BUF_MEM_grow_clean(s->init_buf, (int)msg_hdr->frag_len + DTLS1_HM_HEADER_LENGTH + s->init_num)) { SSLerr(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE,ERR_R_BUF_LIB); goto err; } p = (unsigned char *)s->init_buf->data; /* read the body of the fragment (header has already been read */ if ( msg_hdr->frag_len > 0) { i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, &p[s->init_num], msg_hdr->frag_len,0); if (i <= 0) { *ok = 0; return i; } } if ( msg_hdr->seq > s->d1->handshake_read_seq) dtls1_buffer_handshake_fragment(s, msg_hdr); else OPENSSL_assert(msg_hdr->seq < s->d1->handshake_read_seq); return DTLS1_HM_FRAGMENT_RETRY;err: *ok = 0; return -1; }
开发者ID:174high,项目名称:openssl-0.9.8e_linux_porting,代码行数:39,
示例2: asn1_d2i_read_biostatic int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb){ BUF_MEM *b; unsigned char *p; int i; size_t want = HEADER_SIZE; int eos = 0; size_t off = 0; size_t len = 0; const unsigned char *q; long slen; int inf, tag, xclass; b = BUF_MEM_new(); if (b == NULL) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE); return -1; } ERR_clear_error(); for (;;) { if (want >= (len - off)) { want -= (len - off); if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE); goto err; } i = BIO_read(in, &(b->data[len]), want); if ((i < 0) && ((len - off) == 0)) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA); goto err; } if (i > 0) { if (len + i < len) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG); goto err; } len += i; } } /* else data already loaded */ p = (unsigned char *)&(b->data[off]); q = p; inf = ASN1_get_object(&q, &slen, &tag, &xclass, len - off); if (inf & 0x80) { unsigned long e; e = ERR_GET_REASON(ERR_peek_error()); if (e != ASN1_R_TOO_LONG) goto err; else ERR_clear_error(); /* clear error */ } i = q - p; /* header length */ off += i; /* end of data */ if (inf & 1) { /* no data body so go round again */ eos++; if (eos < 0) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG); goto err; } want = HEADER_SIZE; } else if (eos && (slen == 0) && (tag == V_ASN1_EOC)) { /* eos value, so go back and read another header */ eos--; if (eos <= 0) break; else want = HEADER_SIZE; } else { /* suck in slen bytes of data */ want = slen; if (want > (len - off)) { size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE; want -= (len - off); if (want > INT_MAX /* BIO_read takes an int length */ || len + want < len) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG); goto err; } while (want > 0) { /* * Read content in chunks of increasing size * so we can return an error for EOF without * having to allocate the entire content length * in one go. */ size_t chunk = want > chunk_max ? chunk_max : want; if (!BUF_MEM_grow_clean(b, len + chunk)) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE); goto err; } want -= chunk;//.........这里部分代码省略.........
开发者ID:4ker,项目名称:openssl,代码行数:101,
示例3: sizeofTXT_DB *TXT_DB_read(BIO *in, int num){ TXT_DB *ret = NULL; int er = 1; int esc = 0; long ln = 0; int i, add, n; int size = BUFSIZE; int offset = 0; char *p, **pp, *f; BUF_MEM *buf = NULL; if ((buf = BUF_MEM_new()) == NULL) goto err; if (!BUF_MEM_grow(buf, size)) goto err; if ((ret = (TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL) goto err; ret->num_fields = num; ret->index = NULL; ret->qual = NULL; if ((ret->data = sk_new_null()) == NULL) goto err; if ((ret->index = (LHASH **)OPENSSL_malloc(sizeof(LHASH *) * num)) == NULL) goto err; if ((ret->qual = (int (**)(char **))OPENSSL_malloc(sizeof(int (**)(char **)) * num)) == NULL) goto err; for (i = 0; i < num; i++) { ret->index[i] = NULL; ret->qual[i] = NULL; } add = (num + 1) * sizeof(char *); buf->data[size - 1] = '/0'; offset = 0; for (;;) { if (offset != 0) { size += BUFSIZE; if (!BUF_MEM_grow_clean(buf, size)) goto err; } buf->data[offset] = '/0'; BIO_gets(in, &(buf->data[offset]), size - offset); ln++; if (buf->data[offset] == '/0') break; if ((offset == 0) && (buf->data[0] == '#')) continue; i = strlen(&(buf->data[offset])); offset += i; if (buf->data[offset - 1] != '/n') continue; else { buf->data[offset - 1] = '/0'; /* blat the '/n' */ if (!(p = (char *)OPENSSL_malloc(add + offset))) goto err; offset = 0; } pp = (char **)p; p += add; n = 0; pp[n++] = p; i = 0; f = buf->data; esc = 0; for (;;) { if (*f == '/0') break; if (*f == '/t') { if (esc) p--; else { *(p++) = '/0'; f++; if (n >= num) break; pp[n++] = p; continue; } } esc = (*f == '//'); *(p++) = *(f++); } *(p++) = '/0'; if ((n != num) || (*f != '/0')) {#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporaty * fix :-( */ fprintf(stderr, "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)/n", ln, num, n, f);#endif er = 2; goto err; } pp[n] = p;//.........这里部分代码省略.........
开发者ID:GrayKing,项目名称:Leakfix-on-OpenSSL,代码行数:101,
示例4: PKCS7_dataFinalint PKCS7_dataFinal(PKCS7 *p7, BIO *bio) { int ret=0; int i,j; BIO *btmp; BUF_MEM *buf_mem=NULL; BUF_MEM *buf=NULL; PKCS7_SIGNER_INFO *si; EVP_MD_CTX *mdc,ctx_tmp; STACK_OF(X509_ATTRIBUTE) *sk; STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; ASN1_OCTET_STRING *os=NULL; EVP_MD_CTX_init(&ctx_tmp); i=OBJ_obj2nid(p7->type); p7->state=PKCS7_S_HEADER; switch (i) { case NID_pkcs7_signedAndEnveloped: /* XXXXXXXXXXXXXXXX */ si_sk=p7->d.signed_and_enveloped->signer_info; if (!(os=M_ASN1_OCTET_STRING_new())) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); goto err; } p7->d.signed_and_enveloped->enc_data->enc_data=os; break; case NID_pkcs7_enveloped: /* XXXXXXXXXXXXXXXX */ if (!(os=M_ASN1_OCTET_STRING_new())) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE); goto err; } p7->d.enveloped->enc_data->enc_data=os; break; case NID_pkcs7_signed: si_sk=p7->d.sign->signer_info; os=PKCS7_get_octet_string(p7->d.sign->contents); /* If detached data then the content is excluded */ if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { M_ASN1_OCTET_STRING_free(os); p7->d.sign->contents->d.data = NULL; } break; case NID_pkcs7_digest: os=PKCS7_get_octet_string(p7->d.digest->contents); /* If detached data then the content is excluded */ if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) { M_ASN1_OCTET_STRING_free(os); p7->d.digest->contents->d.data = NULL; } break; } if (si_sk != NULL) { if ((buf=BUF_MEM_new()) == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); goto err; } for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++) { si=sk_PKCS7_SIGNER_INFO_value(si_sk,i); if (si->pkey == NULL) continue; j=OBJ_obj2nid(si->digest_alg->algorithm); btmp=bio; btmp = PKCS7_find_digest(&mdc, btmp, j); if (btmp == NULL) goto err; /* We now have the EVP_MD_CTX, lets do the * signing. */ EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_BIO_LIB); goto err; } sk=si->auth_attr; /* If there are attributes, we add the digest * attribute and only sign the attributes */ if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) { unsigned char md_data[EVP_MAX_MD_SIZE], *abuf=NULL; unsigned int md_len, alen; ASN1_OCTET_STRING *digest; ASN1_UTCTIME *sign_time;//.........这里部分代码省略.........
开发者ID:jameshilliard,项目名称:actiontec_opensrc_mi424wr-rev-ef_fw-20-20-8,代码行数:101,
示例5: asn1_d2i_read_biostatic int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) { BUF_MEM *b; unsigned char *p; int i; int ret=-1; ASN1_const_CTX c; int want=HEADER_SIZE; int eos=0;#if defined(__GNUC__) && defined(__ia64) /* pathetic compiler bug in all known versions as of Nov. 2002 */ long off=0;#else int off=0;#endif int len=0; b=BUF_MEM_new(); if (b == NULL) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); return -1; } ERR_clear_error(); for (;;) { if (want >= (len-off)) { want-=(len-off); if (!BUF_MEM_grow_clean(b,len+want)) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } i=BIO_read(in,&(b->data[len]),want); if ((i < 0) && ((len-off) == 0)) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_NOT_ENOUGH_DATA); goto err; } if (i > 0) len+=i; } /* else data already loaded */ p=(unsigned char *)&(b->data[off]); c.p=p; c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass), len-off); if (c.inf & 0x80) { unsigned long e; e=ERR_GET_REASON(ERR_peek_error()); if (e != ASN1_R_TOO_LONG) goto err; else ERR_clear_error(); /* clear error */ } i=(int)(c.p-p);/* header length */ off+=i; /* end of data */ if (c.inf & 1) { /* no data body so go round again */ eos++; want=HEADER_SIZE; } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) { /* eos value, so go back and read another header */ eos--; if (eos <= 0) break; else want=HEADER_SIZE; } else { /* suck in c.slen bytes of data */ want=(int)c.slen; if (want > (len-off)) { want-=(len-off); if (!BUF_MEM_grow_clean(b,len+want)) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } while (want > 0) { i=BIO_read(in,&(b->data[len]),want); if (i <= 0) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA); goto err; }//.........这里部分代码省略.........
开发者ID:imgits,项目名称:rkanalyzer,代码行数:101,
示例6: ssl23_get_client_hello//.........这里部分代码省略......... i = (d-(unsigned char *)s->init_buf->data) - 4; l2n3((long)i, d_len); /* get the data reused from the init_buf */ s->s3->tmp.reuse_message=1; s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; s->s3->tmp.message_size=i; } /* imaginary new state (for program structure): */ /* s->state = SSL23_SR_CLNT_HELLO_C */ if (type == 1) {#ifdef OPENSSL_NO_SSL2 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); goto err;#else /* we are talking sslv2 */ /* we need to clean up the SSLv3/TLSv1 setup and put in the * sslv2 stuff. */ if (s->s2 == NULL) { if (!ssl2_new(s)) goto err; } else ssl2_clear(s); if (s->s3 != NULL) ssl3_free(s); if (!BUF_MEM_grow_clean(s->init_buf, SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) { goto err; } s->state=SSL2_ST_GET_CLIENT_HELLO_A; if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) s->s2->ssl2_rollback=0; else /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 * (SSL 3.0 draft/RFC 2246, App. E.2) */ s->s2->ssl2_rollback=1; /* setup the n bytes we have read so we get them from * the sslv2 buffer */ s->rstate=SSL_ST_READ_HEADER; s->packet_length=n; s->packet= &(s->s2->rbuf[0]); memcpy(s->packet,buf,n); s->s2->rbuf_left=n; s->s2->rbuf_offs=0; s->method=SSLv2_server_method(); s->handshake_func=s->method->ssl_accept;#endif } if ((type == 2) || (type == 3)) { /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ if (!ssl_init_wbio_buffer(s,1)) goto err;
开发者ID:1310701102,项目名称:sl4a,代码行数:67,
示例7: str_copy//.........这里部分代码省略......... v = '/b'; else if (v == 't') v = '/t'; buf->data[to++] = v; } else if (IS_EOF(conf, *from)) break; else if (*from == '$') { size_t newsize; /* try to expand it */ rrp = NULL; s = &(from[1]); if (*s == '{') q = '}'; else if (*s == '(') q = ')'; else q = 0; if (q) s++; cp = section; e = np = s; while (IS_ALNUM(conf, *e)) e++; if ((e[0] == ':') && (e[1] == ':')) { cp = np; rrp = e; rr = *e; *rrp = '/0'; e += 2; np = e; while (IS_ALNUM(conf, *e)) e++; } r = *e; *e = '/0'; rp = e; if (q) { if (r != q) { CONFerr(CONF_F_STR_COPY, CONF_R_NO_CLOSE_BRACE); goto err; } e++; } /*- * So at this point we have * np which is the start of the name string which is * '/0' terminated. * cp which is the start of the section string which is * '/0' terminated. * e is the 'next point after'. * r and rr are the chars replaced by the '/0' * rp and rrp is where 'r' and 'rr' came from. */ p = _CONF_get_string(conf, cp, np); if (rrp != NULL) *rrp = rr; *rp = r; if (p == NULL) { CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE); goto err; } newsize = strlen(p) + buf->length - (e - from); if (newsize > MAX_CONF_VALUE_LENGTH) { CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG); goto err; } if (!BUF_MEM_grow_clean(buf, newsize)) { CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE); goto err; } while (*p) buf->data[to++] = *(p++); /* * Since we change the pointer 'from', we also have to change the * perceived length of the string it points at. /RL */ len -= e - from; from = e; /* * In case there were no braces or parenthesis around the * variable reference, we have to put back the character that was * replaced with a '/0'. /RL */ *rp = r; } else buf->data[to++] = *(from++); } buf->data[to] = '/0'; OPENSSL_free(*pto); *pto = buf->data; OPENSSL_free(buf); return 1; err: BUF_MEM_free(buf); return 0;}
开发者ID:FreeBSDFoundation,项目名称:freebsd,代码行数:101,
示例8: tls_get_message_headerint tls_get_message_header(SSL *s, int *mt){ /* s->init_num < SSL3_HM_HEADER_LENGTH */ int skip_message, i, recvd_type, al; unsigned char *p; unsigned long l; p = (unsigned char *)s->init_buf->data; do { while (s->init_num < SSL3_HM_HEADER_LENGTH) { i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &recvd_type, &p[s->init_num], SSL3_HM_HEADER_LENGTH - s->init_num, 0); if (i <= 0) { s->rwstate = SSL_READING; return 0; } if (recvd_type == SSL3_RT_CHANGE_CIPHER_SPEC) { s->s3->tmp.message_type = *mt = SSL3_MT_CHANGE_CIPHER_SPEC; s->init_num = i - 1; s->s3->tmp.message_size = i; return 1; } else if (recvd_type != SSL3_RT_HANDSHAKE) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_TLS_GET_MESSAGE_HEADER, SSL_R_CCS_RECEIVED_EARLY); goto f_err; } s->init_num += i; } skip_message = 0; if (!s->server) if (p[0] == SSL3_MT_HELLO_REQUEST) /* * The server may always send 'Hello Request' messages -- * we are doing a handshake anyway now, so ignore them if * their format is correct. Does not count for 'Finished' * MAC. */ if (p[1] == 0 && p[2] == 0 && p[3] == 0) { s->init_num = 0; skip_message = 1; if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, SSL3_HM_HEADER_LENGTH, s, s->msg_callback_arg); } } while (skip_message); /* s->init_num == SSL3_HM_HEADER_LENGTH */ *mt = *p; s->s3->tmp.message_type = *(p++); if(RECORD_LAYER_is_sslv2_record(&s->rlayer)) { /* * Only happens with SSLv3+ in an SSLv2 backward compatible * ClientHello */ /* * Total message size is the remaining record bytes to read * plus the SSL3_HM_HEADER_LENGTH bytes that we already read */ l = RECORD_LAYER_get_rrec_length(&s->rlayer) + SSL3_HM_HEADER_LENGTH; if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l)) { SSLerr(SSL_F_TLS_GET_MESSAGE_HEADER, ERR_R_BUF_LIB); goto err; } s->s3->tmp.message_size = l; s->init_msg = s->init_buf->data; s->init_num = SSL3_HM_HEADER_LENGTH; } else { n2l3(p, l); /* BUF_MEM_grow takes an 'int' parameter */ if (l > (INT_MAX - SSL3_HM_HEADER_LENGTH)) { al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_TLS_GET_MESSAGE_HEADER, SSL_R_EXCESSIVE_MESSAGE_SIZE); goto f_err; } if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l + SSL3_HM_HEADER_LENGTH)) { SSLerr(SSL_F_TLS_GET_MESSAGE_HEADER, ERR_R_BUF_LIB); goto err; } s->s3->tmp.message_size = l; s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH; s->init_num = 0; } return 1; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: return 0;}
开发者ID:wsjacky,项目名称:openssl,代码行数:98,
示例9: asn1_d2i_ex_primitive//.........这里部分代码省略......... } if (oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER; } if (tag == -1) { tag = utype; aclass = V_ASN1_UNIVERSAL; } p = *in; /* Check header */ ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; ret = 0; /* SEQUENCE, SET and "OTHER" are left in encoded form */ if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* Clear context cache for type OTHER because the auto clear * when we have a exact match wont work */ if (utype == V_ASN1_OTHER) { asn1_tlc_clear(ctx); } /* SEQUENCE and SET must be constructed */ else if (!cst) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } cont = *in; /* If indefinite length constructed find the real end */ if (inf) { if (!asn1_find_end(&p, plen, inf)) goto err; len = p - cont; } else { len = p - cont + plen; p += plen; buf.data = NULL; } } else if (cst) { buf.length = 0; buf.max = 0; buf.data = NULL; /* Should really check the internal tags are correct but * some things may get this wrong. The relevant specs * say that constructed string types should be OCTET STRINGs * internally irrespective of the type. So instead just check * for UNIVERSAL class and ignore the tag. */ if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) { free_cont = 1; goto err; } len = buf.length; /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); return 0; } buf.data[len] = 0; cont = (const unsigned char *)buf.data; free_cont = 1; } else { cont = p; len = plen; p += plen; } /* We now have content length and type: translate into a structure */ if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err; *in = p; ret = 1; err: if (free_cont && buf.data) OPENSSL_free(buf.data); return ret; }
开发者ID:RafaelRMachado,项目名称:MinnowBoard,代码行数:101,
示例10: ssl3_output_cert_chainunsigned long ssl3_output_cert_chain(SSL *s, X509 *x) { unsigned char *p; int n,i; unsigned long l=7; BUF_MEM *buf; X509_STORE_CTX xs_ctx; X509_OBJECT obj; int no_chain; if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs) no_chain = 1; else no_chain = 0; /* TLSv1 sends a chain with nothing in it, instead of an alert */ buf=s->init_buf; if (!BUF_MEM_grow_clean(buf,10)) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } if (x != NULL) { if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); return(0); } for (;;) { n=i2d_X509(x,NULL); if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } p=(unsigned char *)&(buf->data[l]); l2n3(n,p); i2d_X509(x,&p); l+=n+3; if (no_chain) break; if (X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)) == 0) break; i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509, X509_get_issuer_name(x),&obj); if (i <= 0) break; x=obj.data.x509; /* Count is one too high since the X509_STORE_get uped the * ref count */ X509_free(x); } if (!no_chain) X509_STORE_CTX_cleanup(&xs_ctx); } /* Thawte special :-) */ if (s->ctx->extra_certs != NULL) for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++) { x=sk_X509_value(s->ctx->extra_certs,i); n=i2d_X509(x,NULL); if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } p=(unsigned char *)&(buf->data[l]); l2n3(n,p); i2d_X509(x,&p); l+=n+3; } l-=7; p=(unsigned char *)&(buf->data[4]); l2n3(l,p); l+=3; p=(unsigned char *)&(buf->data[0]); *(p++)=SSL3_MT_CERTIFICATE; l2n3(l,p); l+=4; return(l); }
开发者ID:174high,项目名称:openssl-0.9.8e_linux_porting,代码行数:89,
示例11: dtls1_output_cert_chainunsigned long dtls1_output_cert_chain(SSL *s, X509 *x) { unsigned char *p; int n,i; unsigned long l= 3 + DTLS1_HM_HEADER_LENGTH; BUF_MEM *buf; X509_STORE_CTX xs_ctx; X509_OBJECT obj; /* TLSv1 sends a chain with nothing in it, instead of an alert */ buf=s->init_buf; if (!BUF_MEM_grow_clean(buf,10)) { SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } if (x != NULL) { if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) { SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); return(0); } for (;;) { n=i2d_X509(x,NULL); if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) { SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } p=(unsigned char *)&(buf->data[l]); l2n3(n,p); i2d_X509(x,&p); l+=n+3; if (X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)) == 0) break; i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509, X509_get_issuer_name(x),&obj); if (i <= 0) break; x=obj.data.x509; /* Count is one too high since the X509_STORE_get uped the * ref count */ X509_free(x); } X509_STORE_CTX_cleanup(&xs_ctx); } /* Thawte special :-) */ if (s->ctx->extra_certs != NULL) for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++) { x=sk_X509_value(s->ctx->extra_certs,i); n=i2d_X509(x,NULL); if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) { SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } p=(unsigned char *)&(buf->data[l]); l2n3(n,p); i2d_X509(x,&p); l+=n+3; } l-= (3 + DTLS1_HM_HEADER_LENGTH); p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]); l2n3(l,p); l+=3; p=(unsigned char *)&(buf->data[0]); p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l); l+=DTLS1_HM_HEADER_LENGTH; return(l); }
开发者ID:mxOBS,项目名称:debian_openssl,代码行数:79,
示例12: ssl3_get_message/* Obtain handshake message of message type 'mt' (any if mt == -1), * maximum acceptable body length 'max'. * The first four bytes (msg_type and length) are read in state 'st1', * the body is read in state 'stn'. */long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok){ uint8_t *p; uint32_t l; long n; int i, al; CBS cbs; uint8_t message_type; if (s->s3->tmp.reuse_message) { s->s3->tmp.reuse_message = 0; if ((mt >= 0) && (s->s3->tmp.message_type != mt)) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } *ok = 1; s->state = stn; s->init_msg = s->init_buf->data + 4; s->init_num = (int)s->s3->tmp.message_size; return s->init_num; } p = (uint8_t *)s->init_buf->data; if (s->state == st1) /* s->init_num < 4 */ { int skip_message; do { while (s->init_num < 4) { i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num], 4 - s->init_num, 0); if (i <= 0) { s->rwstate = SSL_READING; *ok = 0; return i; } s->init_num += i; } skip_message = 0; if (!s->server && p[0] == SSL3_MT_HELLO_REQUEST) { /* * The server may always send 'Hello Request' * messages -- we are doing a handshake anyway * now, so ignore them if their format is * correct. Does not count for 'Finished' MAC. */ if (p[1] == 0 && p[2] == 0 && p[3] == 0) { s->init_num = 0; skip_message = 1; if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, 4, s, s->msg_callback_arg); } } } while (skip_message); /* s->init_num == 4 */ if ((mt >= 0) && (*p != mt)) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } /* XXX remove call to n2l3 */ CBS_init(&cbs, p, 4); if (!CBS_get_u8(&cbs, &message_type) || !CBS_get_u24(&cbs, &l)) { SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); goto err; } s->s3->tmp.message_type = message_type; if (l > (unsigned long)max) { al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); goto f_err; } if (l && !BUF_MEM_grow_clean(s->init_buf, l + 4)) { SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); goto err; } s->s3->tmp.message_size = l; s->state = stn; s->init_msg = s->init_buf->data + 4; s->init_num = 0; } /* next state (stn) */ p = s->init_msg;//.........这里部分代码省略.........
开发者ID:vigortls,项目名称:vigortls,代码行数:101,
示例13: asn1_collate_primitive |
