diff --git a/lib/tls/mbedtls/wrapper/library/ssl_x509.c b/lib/tls/mbedtls/wrapper/library/ssl_x509.c index 03bceb522..933ee57dd 100644 --- a/lib/tls/mbedtls/wrapper/library/ssl_x509.c +++ b/lib/tls/mbedtls/wrapper/library/ssl_x509.c @@ -174,20 +174,14 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) int SSL_CTX_add_client_CA_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) { - X509 *x; + SSL_ASSERT1(ctx); - x = d2i_X509(NULL, d, len); - if (!x) { + if (!d2i_X509(&ctx->client_CA, d, len)) { SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); return 0; } - SSL_ASSERT1(ctx); - X509_free(ctx->client_CA); - - ctx->client_CA = x; - - return 1; + return 1; } /** diff --git a/lib/tls/mbedtls/wrapper/platform/ssl_pm.c b/lib/tls/mbedtls/wrapper/platform/ssl_pm.c index 2c810d968..de160a880 100755 --- a/lib/tls/mbedtls/wrapper/platform/ssl_pm.c +++ b/lib/tls/mbedtls/wrapper/platform/ssl_pm.c @@ -641,18 +641,15 @@ int x509_pm_load(X509 *x, const unsigned char *buffer, int len) unsigned char *load_buf; struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm; - if (x509_pm->x509_crt) - mbedtls_x509_crt_free(x509_pm->x509_crt); - if (!x509_pm->x509_crt) { x509_pm->x509_crt = ssl_mem_malloc(sizeof(mbedtls_x509_crt)); if (!x509_pm->x509_crt) { SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm->x509_crt)"); goto no_mem; } + mbedtls_x509_crt_init(x509_pm->x509_crt); } - mbedtls_x509_crt_init(x509_pm->x509_crt); if (buffer[0] != 0x30) { load_buf = ssl_mem_malloc((unsigned int)len + 1); if (!load_buf) { @@ -665,11 +662,8 @@ int x509_pm_load(X509 *x, const unsigned char *buffer, int len) ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, (unsigned int)len + 1); ssl_mem_free(load_buf); - } else { - // printf("parsing as der\n"); - + } else ret = mbedtls_x509_crt_parse_der(x509_pm->x509_crt, buffer, (unsigned int)len); - } if (ret) { printf("mbedtls_x509_crt_parse return -0x%x", -ret);