diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lockdown.c | 8 | ||||
| -rw-r--r-- | src/userpref.c | 32 |
2 files changed, 25 insertions, 15 deletions
diff --git a/src/lockdown.c b/src/lockdown.c index bc430c9..88ab7b0 100644 --- a/src/lockdown.c +++ b/src/lockdown.c | |||
| @@ -954,10 +954,12 @@ lockdownd_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datu | |||
| 954 | 954 | ||
| 955 | if (LOCKDOWN_E_SUCCESS == ret) { | 955 | if (LOCKDOWN_E_SUCCESS == ret) { |
| 956 | /* if everything went well, export in PEM format */ | 956 | /* if everything went well, export in PEM format */ |
| 957 | size_t export_size = 0; | ||
| 957 | gnutls_datum_t dev_pem = { NULL, 0 }; | 958 | gnutls_datum_t dev_pem = { NULL, 0 }; |
| 958 | gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &dev_pem.size); | 959 | gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &export_size); |
| 959 | dev_pem.data = gnutls_malloc(dev_pem.size); | 960 | dev_pem.data = gnutls_malloc(export_size); |
| 960 | gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &dev_pem.size); | 961 | gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &export_size); |
| 962 | dev_pem.size = export_size; | ||
| 961 | 963 | ||
| 962 | gnutls_datum_t pem_root_cert = { NULL, 0 }; | 964 | gnutls_datum_t pem_root_cert = { NULL, 0 }; |
| 963 | gnutls_datum_t pem_host_cert = { NULL, 0 }; | 965 | gnutls_datum_t pem_host_cert = { NULL, 0 }; |
diff --git a/src/userpref.c b/src/userpref.c index 4b6dd98..b930693 100644 --- a/src/userpref.c +++ b/src/userpref.c | |||
| @@ -289,29 +289,37 @@ static userpref_error_t userpref_gen_keys_and_cert(void) | |||
| 289 | gnutls_x509_crt_sign(host_cert, root_cert, root_privkey); | 289 | gnutls_x509_crt_sign(host_cert, root_cert, root_privkey); |
| 290 | 290 | ||
| 291 | /* export to PEM format */ | 291 | /* export to PEM format */ |
| 292 | size_t root_key_export_size = 0; | ||
| 293 | size_t host_key_export_size = 0; | ||
| 292 | gnutls_datum_t root_key_pem = { NULL, 0 }; | 294 | gnutls_datum_t root_key_pem = { NULL, 0 }; |
| 293 | gnutls_datum_t host_key_pem = { NULL, 0 }; | 295 | gnutls_datum_t host_key_pem = { NULL, 0 }; |
| 294 | 296 | ||
| 295 | gnutls_x509_privkey_export(root_privkey, GNUTLS_X509_FMT_PEM, NULL, &root_key_pem.size); | 297 | gnutls_x509_privkey_export(root_privkey, GNUTLS_X509_FMT_PEM, NULL, &root_key_export_size); |
| 296 | gnutls_x509_privkey_export(host_privkey, GNUTLS_X509_FMT_PEM, NULL, &host_key_pem.size); | 298 | gnutls_x509_privkey_export(host_privkey, GNUTLS_X509_FMT_PEM, NULL, &host_key_export_size); |
| 297 | 299 | ||
| 298 | root_key_pem.data = gnutls_malloc(root_key_pem.size); | 300 | root_key_pem.data = gnutls_malloc(root_key_export_size); |
| 299 | host_key_pem.data = gnutls_malloc(host_key_pem.size); | 301 | host_key_pem.data = gnutls_malloc(host_key_export_size); |
| 300 | 302 | ||
| 301 | gnutls_x509_privkey_export(root_privkey, GNUTLS_X509_FMT_PEM, root_key_pem.data, &root_key_pem.size); | 303 | gnutls_x509_privkey_export(root_privkey, GNUTLS_X509_FMT_PEM, root_key_pem.data, &root_key_export_size); |
| 302 | gnutls_x509_privkey_export(host_privkey, GNUTLS_X509_FMT_PEM, host_key_pem.data, &host_key_pem.size); | 304 | root_key_pem.size = root_key_export_size; |
| 305 | gnutls_x509_privkey_export(host_privkey, GNUTLS_X509_FMT_PEM, host_key_pem.data, &host_key_export_size); | ||
| 306 | host_key_pem.size = host_key_export_size; | ||
| 303 | 307 | ||
| 308 | size_t root_cert_export_size = 0; | ||
| 309 | size_t host_cert_export_size = 0; | ||
| 304 | gnutls_datum_t root_cert_pem = { NULL, 0 }; | 310 | gnutls_datum_t root_cert_pem = { NULL, 0 }; |
| 305 | gnutls_datum_t host_cert_pem = { NULL, 0 }; | 311 | gnutls_datum_t host_cert_pem = { NULL, 0 }; |
| 306 | 312 | ||
| 307 | gnutls_x509_crt_export(root_cert, GNUTLS_X509_FMT_PEM, NULL, &root_cert_pem.size); | 313 | gnutls_x509_crt_export(root_cert, GNUTLS_X509_FMT_PEM, NULL, &root_cert_export_size); |
| 308 | gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, NULL, &host_cert_pem.size); | 314 | gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, NULL, &host_cert_export_size); |
| 309 | 315 | ||
| 310 | root_cert_pem.data = gnutls_malloc(root_cert_pem.size); | 316 | root_cert_pem.data = gnutls_malloc(root_cert_export_size); |
| 311 | host_cert_pem.data = gnutls_malloc(host_cert_pem.size); | 317 | host_cert_pem.data = gnutls_malloc(host_cert_export_size); |
| 312 | 318 | ||
| 313 | gnutls_x509_crt_export(root_cert, GNUTLS_X509_FMT_PEM, root_cert_pem.data, &root_cert_pem.size); | 319 | gnutls_x509_crt_export(root_cert, GNUTLS_X509_FMT_PEM, root_cert_pem.data, &root_cert_export_size); |
| 314 | gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, host_cert_pem.data, &host_cert_pem.size); | 320 | root_cert_pem.size = root_cert_export_size; |
| 321 | gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, host_cert_pem.data, &host_cert_export_size); | ||
| 322 | host_cert_pem.size = host_cert_export_size; | ||
| 315 | 323 | ||
| 316 | if (NULL != root_cert_pem.data && 0 != root_cert_pem.size && | 324 | if (NULL != root_cert_pem.data && 0 != root_cert_pem.size && |
| 317 | NULL != host_cert_pem.data && 0 != host_cert_pem.size) | 325 | NULL != host_cert_pem.data && 0 != host_cert_pem.size) |