[Swan-commit] Changes to ref refs/heads/master
Andrew Cagney
cagney at vault.libreswan.fi
Tue May 15 01:55:24 UTC 2018
New commits:
commit ebe1863e0b03c1b7565f33df3ab0017b43693d22
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri May 11 16:16:14 2018 -0400
x509: directly import the certificate from the payload
Instead of first building an array of pointers to SECItems pointing at
CERT_DERs, import each certificate directly. This way a CERT_DER in a
PCKS7 payload (a pointer to an internal buffer) doesn't need to be
saved while the rest of the array is being constructed - instead it
can be imported immediately.
Replaces crt_tmp_import() and cert_payloads_to_si_ders() with
import_der_certs() and import_cert_payloads().
Add notes, such as around a FIPS check, pointing to a possibly missing
CERT_DestroyCertificate() call.
Also fix a memory leak where an array (containing cert pointers) was
never returned to NSS.
More information about the Swan-commit
mailing list