root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix loading more than one certificate in PEM format in X509_load_cert_file_ex() 

Fixes #22895

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22885)

(cherry picked from commit 20c680de9c)
This commit is contained in:
olszomal 2023-11-30 12:53:40 +01:00 committed by Tomas Mraz
parent 39d0e4b875
commit cafccb768b
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
crypto/x509/by_file.c
View File

@ -128,6 +128,17 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
count = 0;
goto err;
}
/*
* X509_STORE_add_cert() added a reference rather than a copy,
* so we need a fresh X509 object.
*/
X509_free(x);
x = X509_new_ex(libctx, propq);
if (x == NULL) {
ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
count = 0;
goto err;
}
count++;
}
} else if (type == X509_FILETYPE_ASN1) {