From: Colin Leroy Date: Fri, 4 Jul 2008 15:42:14 +0000 (+0000) Subject: 2008-07-04 [colin] 3.5.0cvs5 X-Git-Tag: rel_3_6_0~152 X-Git-Url: http://git.claws-mail.org/?p=claws.git;a=commitdiff_plain;h=fba944f866cc5e8646c59cb14ca4515837b655b0 2008-07-04 [colin] 3.5.0cvs5 * src/filtering.c * src/common/ssl_certificate.c * src/common/ssl_certificate.h * src/etpan/imap-thread.c * src/etpan/nntp-thread.c Fix some leaks, thanks to Martin Zwickel Rename gnutls functions that do the same as OpenSSL ones, to avoid symbol clashing when Claws is built against GnuTLS and libetpan against OpenSSL --- diff --git a/ChangeLog b/ChangeLog index b93db7bbe..cf3ef1b2d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,16 @@ +2008-07-04 [colin] 3.5.0cvs5 + + * src/filtering.c + * src/common/ssl_certificate.c + * src/common/ssl_certificate.h + * src/etpan/imap-thread.c + * src/etpan/nntp-thread.c + Fix some leaks, thanks to Martin Zwickel + Rename gnutls functions that do the same + as OpenSSL ones, to avoid symbol clashing + when Claws is built against GnuTLS and + libetpan against OpenSSL + 2008-07-04 [paul] 3.5.0cvs4 * src/prefs_account.c diff --git a/PATCHSETS b/PATCHSETS index bfa56d7ec..28bff4da5 100644 --- a/PATCHSETS +++ b/PATCHSETS @@ -3416,3 +3416,4 @@ ( cvs diff -u -r 1.179.2.225 -r 1.179.2.226 src/imap.c; cvs diff -u -r 1.101.2.50 -r 1.101.2.51 src/news.c; cvs diff -u -r 1.56.2.61 -r 1.56.2.62 src/pop.c; cvs diff -u -r 1.105.2.132 -r 1.105.2.133 src/prefs_account.c; cvs diff -u -r 1.49.2.36 -r 1.49.2.37 src/prefs_account.h; cvs diff -u -r 1.204.2.172 -r 1.204.2.173 src/prefs_common.c; cvs diff -u -r 1.17.2.47 -r 1.17.2.48 src/send_message.c; cvs diff -u -r 1.23.2.17 -r 1.23.2.18 src/common/session.c; cvs diff -u -r 1.8.2.11 -r 1.8.2.12 src/common/session.h; cvs diff -u -r 1.11.2.24 -r 1.11.2.25 src/common/smtp.c; cvs diff -u -r 1.6.2.13 -r 1.6.2.14 src/common/smtp.h; cvs diff -u -r 1.13.2.18 -r 1.13.2.19 src/common/socket.h; cvs diff -u -r 1.9.2.28 -r 1.9.2.29 src/common/ssl.c; cvs diff -u -r 1.2.2.7 -r 1.2.2.8 src/common/ssl.h; cvs diff -u -r 1.4.2.27 -r 1.4.2.28 src/common/ssl_certificate.c; cvs diff -u -r 1.1.4.10 -r 1.1.4.11 src/common/ssl_certificate.h; cvs diff -u -r 1.1.4.101 -r 1.1.4.102 src/etpan/imap-thread.c; cvs diff -u -r 1.1.2.6 -r 1.1.2.7 src/etpan/nntp-thread.c; cvs diff -u -r 1.2.2.29 -r 1.2.2.30 src/gtk/inputdialog.c; ) > 3.5.0cvs2.patchset ( cvs diff -u -r 1.105.2.133 -r 1.105.2.134 src/prefs_account.c; ) > 3.5.0cvs3.patchset ( cvs diff -u -r 1.105.2.134 -r 1.105.2.135 src/prefs_account.c; ) > 3.5.0cvs4.patchset +( cvs diff -u -r 1.60.2.45 -r 1.60.2.46 src/filtering.c; cvs diff -u -r 1.4.2.28 -r 1.4.2.29 src/common/ssl_certificate.c; cvs diff -u -r 1.1.4.11 -r 1.1.4.12 src/common/ssl_certificate.h; cvs diff -u -r 1.1.4.102 -r 1.1.4.103 src/etpan/imap-thread.c; cvs diff -u -r 1.1.2.7 -r 1.1.2.8 src/etpan/nntp-thread.c; ) > 3.5.0cvs5.patchset diff --git a/configure.ac b/configure.ac index e1d5e6378..168d16b56 100644 --- a/configure.ac +++ b/configure.ac @@ -11,7 +11,7 @@ MINOR_VERSION=5 MICRO_VERSION=0 INTERFACE_AGE=0 BINARY_AGE=0 -EXTRA_VERSION=4 +EXTRA_VERSION=5 EXTRA_RELEASE= EXTRA_GTK2_VERSION= diff --git a/src/common/ssl_certificate.c b/src/common/ssl_certificate.c index ed44cf0d3..14d5c15d0 100644 --- a/src/common/ssl_certificate.c +++ b/src/common/ssl_certificate.c @@ -260,6 +260,7 @@ static SSLCertificate *ssl_certificate_new_lookup(gnutls_x509_crt x509_cert, gch X509_digest(cert->x509_cert, EVP_md5(), md, &n); cert->fingerprint = readable_fingerprint(md, (int)n); #else + n = 128; gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_MD5, md, &n); cert->fingerprint = readable_fingerprint(md, (int)n); #endif @@ -267,7 +268,7 @@ static SSLCertificate *ssl_certificate_new_lookup(gnutls_x509_crt x509_cert, gch } #ifdef USE_GNUTLS -static void i2d_X509_fp(FILE *fp, gnutls_x509_crt x509_cert) +static void gnutls_i2d_X509_fp(FILE *fp, gnutls_x509_crt x509_cert) { char output[10*1024]; size_t cert_size = 10*1024; @@ -283,7 +284,7 @@ static void i2d_X509_fp(FILE *fp, gnutls_x509_crt x509_cert) } } -size_t i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output) +size_t gnutls_i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output) { size_t cert_size = 10*1024; int r; @@ -302,7 +303,7 @@ size_t i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output) return cert_size; } -size_t i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output) +size_t gnutls_i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output) { size_t key_size = 10*1024; int r; @@ -321,7 +322,7 @@ size_t i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output) return key_size; } -static gnutls_x509_crt d2i_X509_fp(FILE *fp, int format) +static gnutls_x509_crt gnutls_d2i_X509_fp(FILE *fp, int format) { gnutls_x509_crt cert = NULL; gnutls_datum tmp; @@ -351,7 +352,7 @@ static gnutls_x509_crt d2i_X509_fp(FILE *fp, int format) return cert; } -static gnutls_x509_privkey d2i_key_fp(FILE *fp, int format) +static gnutls_x509_privkey gnutls_d2i_key_fp(FILE *fp, int format) { gnutls_x509_privkey key = NULL; gnutls_datum tmp; @@ -381,7 +382,7 @@ static gnutls_x509_privkey d2i_key_fp(FILE *fp, int format) return key; } -static gnutls_pkcs12_t d2i_PKCS12_fp(FILE *fp, int format) +static gnutls_pkcs12_t gnutls_d2i_PKCS12_fp(FILE *fp, int format) { gnutls_pkcs12_t p12 = NULL; gnutls_datum tmp; @@ -436,7 +437,11 @@ static void ssl_certificate_save (SSLCertificate *cert) debug_print("Can't save certificate !\n"); return; } +#ifdef USE_GNUTLS + gnutls_i2d_X509_fp(fp, cert->x509_cert); +#else i2d_X509_fp(fp, cert->x509_cert); +#endif g_free(file); fclose(fp); @@ -521,7 +526,11 @@ SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, const gc return NULL; } +#if USE_OPENSSL if ((tmp_x509 = d2i_X509_fp(fp, 0)) != NULL) { +#else + if ((tmp_x509 = gnutls_d2i_X509_fp(fp, 0)) != NULL) { +#endif cert = ssl_certificate_new_lookup(tmp_x509, fqdn_host, port, lookup); debug_print("got cert %p\n", cert); #if USE_OPENSSL @@ -581,20 +590,30 @@ static gboolean ssl_certificate_compare (SSLCertificate *cert_a, SSLCertificate output_b = malloc(cert_size_b); if ((r = gnutls_x509_crt_export(cert_a->x509_cert, GNUTLS_X509_FMT_DER, output_a, &cert_size_a)) < 0) { g_warning("couldn't gnutls_x509_crt_export a %s\n", gnutls_strerror(r)); + g_free(output_a); + g_free(output_b); return FALSE; } if ((r = gnutls_x509_crt_export(cert_b->x509_cert, GNUTLS_X509_FMT_DER, output_b, &cert_size_b)) < 0) { g_warning("couldn't gnutls_x509_crt_export b %s\n", gnutls_strerror(r)); + g_free(output_a); + g_free(output_b); return FALSE; } if (cert_size_a != cert_size_b) { g_warning("size differ %d %d\n", cert_size_a, cert_size_b); + g_free(output_a); + g_free(output_b); return FALSE; } if (memcmp(output_a, output_b, cert_size_a)) { g_warning("contents differ\n"); + g_free(output_a); + g_free(output_b); return FALSE; } + g_free(output_a); + g_free(output_b); return TRUE; #endif @@ -867,7 +886,7 @@ gnutls_x509_crt ssl_certificate_get_x509_from_pem_file(const gchar *file) if (is_file_exist(file)) { FILE *fp = g_fopen(file, "r"); if (fp) { - x509 = d2i_X509_fp(fp, 1); + x509 = gnutls_d2i_X509_fp(fp, 1); fclose(fp); return x509; } @@ -886,7 +905,7 @@ gnutls_x509_privkey ssl_certificate_get_pkey_from_pem_file(const gchar *file) if (is_file_exist(file)) { FILE *fp = g_fopen(file, "r"); if (fp) { - key = d2i_key_fp(fp, 1); + key = gnutls_d2i_key_fp(fp, 1); fclose(fp); return key; } @@ -1035,7 +1054,7 @@ void ssl_certificate_get_x509_and_pkey_from_p12_file(const gchar *file, const gc if (is_file_exist(file)) { FILE *fp = g_fopen(file, "r"); if (fp) { - p12 = d2i_PKCS12_fp(fp, 0); + p12 = gnutls_d2i_PKCS12_fp(fp, 0); fclose(fp); } } else { diff --git a/src/common/ssl_certificate.h b/src/common/ssl_certificate.h index 9a57fb3db..b40bc1de8 100644 --- a/src/common/ssl_certificate.h +++ b/src/common/ssl_certificate.h @@ -95,8 +95,8 @@ gnutls_x509_crt ssl_certificate_get_x509_from_pem_file(const gchar *file); gnutls_x509_privkey ssl_certificate_get_pkey_from_pem_file(const gchar *file); void ssl_certificate_get_x509_and_pkey_from_p12_file(const gchar *file, const gchar *password, gnutls_x509_crt *crt, gnutls_x509_privkey *key); -size_t i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output); -size_t i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output); +size_t gnutls_i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output); +size_t gnutls_i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output); #endif #endif /* USE_OPENSSL */ #endif /* SSL_CERTIFICATE_H */ diff --git a/src/etpan/imap-thread.c b/src/etpan/imap-thread.c index bae2e4f48..5f4ec07e7 100644 --- a/src/etpan/imap-thread.c +++ b/src/etpan/imap-thread.c @@ -591,8 +591,13 @@ static void connect_ssl_context_cb(struct mailstream_ssl_context * ssl_context, unsigned char *x509_der = NULL, *pkey_der = NULL; size_t x509_len, pkey_len; +#ifndef USE_GNUTLS x509_len = (size_t)i2d_X509(x509, &x509_der); pkey_len = (size_t)i2d_PrivateKey(pkey, &pkey_der); +#else + x509_len = (size_t)gnutls_i2d_X509(x509, &x509_der); + pkey_len = (size_t)gnutls_i2d_PrivateKey(pkey, &pkey_der); +#endif if (x509_len > 0 && pkey_len > 0) { if (mailstream_ssl_set_client_certificate_data(ssl_context, x509_der, x509_len) < 0 || mailstream_ssl_set_client_private_key_data(ssl_context, pkey_der, pkey_len) < 0) diff --git a/src/etpan/nntp-thread.c b/src/etpan/nntp-thread.c index 21b9b0fea..f21e383ce 100644 --- a/src/etpan/nntp-thread.c +++ b/src/etpan/nntp-thread.c @@ -442,8 +442,13 @@ static void connect_ssl_context_cb(struct mailstream_ssl_context * ssl_context, unsigned char *x509_der = NULL, *pkey_der = NULL; size_t x509_len, pkey_len; +#ifndef USE_GNUTLS x509_len = (size_t)i2d_X509(x509, &x509_der); pkey_len = (size_t)i2d_PrivateKey(pkey, &pkey_der); +#else + x509_len = (size_t)gnutls_i2d_X509(x509, &x509_der); + pkey_len = (size_t)gnutls_i2d_PrivateKey(pkey, &pkey_der); +#endif if (x509_len > 0 && pkey_len > 0) { if (mailstream_ssl_set_client_certificate_data(ssl_context, x509_der, x509_len) < 0 || mailstream_ssl_set_client_private_key_data(ssl_context, pkey_der, pkey_len) < 0) diff --git a/src/filtering.c b/src/filtering.c index b3eb8b54f..f73f5de65 100644 --- a/src/filtering.c +++ b/src/filtering.c @@ -794,6 +794,7 @@ static gboolean filter_msginfo(GSList * filtering_list, MsgInfo * info, PrefsAcc _("processing rule [ %s ]\n"), buf); } + g_free(buf); } if (filtering_match_condition(filtering, info, ac_prefs)) {