gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-2052 TSG-2050 修复中间证书缓存的 bug

Browse Source
This commit is contained in:
luwenpeng
2020-06-12 21:15:39 +08:00
committed by 卢文朋
parent 82f04dcc12
commit cf42953af5
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
platform/src/ssl_fetch_cert.cpp
View File

@@ -103,6 +103,8 @@ void ssl_fetch_trusted_cert_from_chain(STACK_OF(X509) * cert_chain, X509_STORE *
obj->type = X509_LU_X509; obj->type = X509_LU_X509;
obj->data.x509 = (X509 *)cert; obj->data.x509 = (X509 *)cert;
X509_OBJECT_up_ref_count(obj);
// not in trusted store // not in trusted store
if (X509_OBJECT_retrieve_match(X509_STORE_get0_objects(trusted_store), obj) == NULL) if (X509_OBJECT_retrieve_match(X509_STORE_get0_objects(trusted_store), obj) == NULL)
{ {
@@ -113,6 +115,9 @@ void ssl_fetch_trusted_cert_from_chain(STACK_OF(X509) * cert_chain, X509_STORE *
{ {
ret = 1; ret = 1;
} }
// https://man.openbsd.org/X509_OBJECT_up_ref_count.3
// https://groups.google.com/forum/m/#!msg/mailing.openssl.dev/9-PNIcR91Qo/FqnBOr8sBAAJ
//X509_OBJECT_free_contents(obj);
X509_OBJECT_free(obj); X509_OBJECT_free(obj);
subj = ssl_x509_subject(cert); subj = ssl_x509_subject(cert);