LISTSERV 16.5 - XROOTD-DEV Archives

@simonmichal commented on this pull request.

> @@ -1045,6 +1045,7 @@ int XrdCryptosslX509SignProxyReq(XrdCryptoX509 *xcpi, XrdCryptoRSA *kcpi,
          // Notify what we added
          int crit = X509_EXTENSION_get_critical(xpiextdup);
          DEBUG("added extension '"<<s<<"', critical: " << crit);
+         X509_EXTENSION_free( xpiextdup );

My reasoning here was following:

X509_add_ext() is just a wrapper around X509v3_add_ext() (https://www.openssl.org/docs/man1.1.0/crypto/X509_add_ext.html)
from X509v3_add_ext() man:

X509v3_add_ext() adds extension ex to stack *x at position loc. If loc is -1 the new extension is added to the end. If *x is NULL a new stack will be allocated. The passed extension ex is duplicated internally so it must be freed after use.
(https://www.openssl.org/docs/man1.1.0/crypto/X509v3_add_ext.html)

I also checked the source code of X509v3_add_ext() and indeed it does duplicate the extension

Question: maybe in this case it does not make sense to duplicate the object with X509_EXTENSION_dup on our side? (line 1040)

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/xrootd/xrootd","title":"xrootd/xrootd","subtitle":"GitHub repository","main_image_url":"https://assets-cdn.github.com/images/email/message_cards/header.png","avatar_image_url":"https://assets-cdn.github.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/xrootd/xrootd"}},"updates":{"snippets":[{"icon":"PERSON","message":"@simonmichal commented on #862"}],"action":{"name":"View Pull Request","url":"https://github.com/xrootd/xrootd/pull/862#discussion_r234915828"}}} [ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/862#discussion_r234915828", "url": "https://github.com/xrootd/xrootd/pull/862#discussion_r234915828", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } }, { "@type": "MessageCard", "@context": "http://schema.org/extensions", "hideOriginalBody": "false", "originator": "AF6C5A86-E920-430C-9C59-A73278B5EFEB", "title": "@simonmichal commented on 862", "sections": [ { "text": "", "activityTitle": "**simonmichal**", "activityImage": "https://assets-cdn.github.com/images/email/message_cards/avatar.png", "activitySubtitle": "@simonmichal", "facts": [ ] } ], "potentialAction": [ { "targets": [ { "os": "default", "uri": "https://github.com/xrootd/xrootd/pull/862#discussion_r234915828" } ], "@type": "OpenUri", "name": "View on GitHub" }, { "name": "Unsubscribe", "@type": "HttpPOST", "target": "https://api.github.com", "body": "{\n\"commandName\": \"MuteNotification\",\n\"threadId\": 413440440\n}" } ], "themeColor": "26292E" } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1