[Swan-commit] Changes to ref refs/heads/master

Andrew Cagney cagney at vault.libreswan.fi
Tue May 15 01:55:24 UTC 2018

New commits:
commit ebe1863e0b03c1b7565f33df3ab0017b43693d22
Author: Andrew Cagney <cagney at gnu.org>
Date:   Fri May 11 16:16:14 2018 -0400

    x509: directly import the certificate from the payload
    Instead of first building an array of pointers to SECItems pointing at
    CERT_DERs, import each certificate directly.  This way a CERT_DER in a
    PCKS7 payload (a pointer to an internal buffer) doesn't need to be
    saved while the rest of the array is being constructed - instead it
    can be imported immediately.
    Replaces crt_tmp_import() and cert_payloads_to_si_ders() with
    import_der_certs() and import_cert_payloads().
    Add notes, such as around a FIPS check, pointing to a possibly missing
    CERT_DestroyCertificate() call.
    Also fix a memory leak where an array (containing cert pointers) was
    never returned to NSS.

More information about the Swan-commit mailing list