|
|
29af2c |
From 9e4497d1dd2a337be1f69e0cfb24ce8080690ccf Mon Sep 17 00:00:00 2001
|
|
|
29af2c |
From: Stephen Gallagher <sgallagh@redhat.com>
|
|
|
29af2c |
Date: Wed, 28 Nov 2018 09:16:29 -0500
|
|
|
29af2c |
Subject: [PATCH 4/4] Properly check all return values
|
|
|
29af2c |
|
|
|
29af2c |
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
|
29af2c |
---
|
|
|
29af2c |
src/authority.c | 1 +
|
|
|
29af2c |
src/service.c | 1 +
|
|
|
29af2c |
src/x509.c | 1 +
|
|
|
29af2c |
3 files changed, 3 insertions(+)
|
|
|
29af2c |
|
|
|
29af2c |
diff --git a/src/authority.c b/src/authority.c
|
|
|
29af2c |
index b735868416b7fb5d016f0854baf0f27cd5f98b26..4e0dccc6c1210beffb38acd9f7dfb6108ca4a4ad 100644
|
|
|
29af2c |
--- a/src/authority.c
|
|
|
29af2c |
+++ b/src/authority.c
|
|
|
29af2c |
@@ -178,10 +178,11 @@ create_private_CA (TALLOC_CTX *mem_ctx,
|
|
|
29af2c |
}
|
|
|
29af2c |
sk_X509_EXTENSION_push (ca_certinfo->extensions, ex);
|
|
|
29af2c |
|
|
|
29af2c |
/* Finalize the CSR */
|
|
|
29af2c |
ret = sscg_x509v3_csr_finalize (ca_certinfo, pkey, csr);
|
|
|
29af2c |
+ CHECK_OK (ret);
|
|
|
29af2c |
|
|
|
29af2c |
if (options->verbosity >= SSCG_DEBUG)
|
|
|
29af2c |
{
|
|
|
29af2c |
fprintf (stderr, "DEBUG: Writing CA CSR to ./debug-ca.csr\n");
|
|
|
29af2c |
BIO *ca_csr_out = BIO_new_file ("./debug-ca.csr", "w");
|
|
|
29af2c |
diff --git a/src/service.c b/src/service.c
|
|
|
29af2c |
index b292e94063f032fd3c34a8134702063ea46bfa0c..34c976dbe905528000b181c24d1fa95da3cd1377 100644
|
|
|
29af2c |
--- a/src/service.c
|
|
|
29af2c |
+++ b/src/service.c
|
|
|
29af2c |
@@ -124,10 +124,11 @@ create_service_cert (TALLOC_CTX *mem_ctx,
|
|
|
29af2c |
ret = sscg_x509v3_csr_new (tmp_ctx, svc_certinfo, pkey, &csr;;
|
|
|
29af2c |
CHECK_OK (ret);
|
|
|
29af2c |
|
|
|
29af2c |
/* Finalize the CSR */
|
|
|
29af2c |
ret = sscg_x509v3_csr_finalize (svc_certinfo, pkey, csr);
|
|
|
29af2c |
+ CHECK_OK (ret);
|
|
|
29af2c |
|
|
|
29af2c |
if (options->verbosity >= SSCG_DEBUG)
|
|
|
29af2c |
{
|
|
|
29af2c |
fprintf (stderr,
|
|
|
29af2c |
"DEBUG: Writing service certificate CSR to ./debug-svc.csr\n");
|
|
|
29af2c |
diff --git a/src/x509.c b/src/x509.c
|
|
|
29af2c |
index 6d152fc969d745cc5cf085116c8688866f9d6ab4..18f0627bc64e7cb503a9e81c36dbe726186d1144 100644
|
|
|
29af2c |
--- a/src/x509.c
|
|
|
29af2c |
+++ b/src/x509.c
|
|
|
29af2c |
@@ -39,10 +39,11 @@ sscg_generate_serial (TALLOC_CTX *mem_ctx, struct sscg_bignum **serial)
|
|
|
29af2c |
{
|
|
|
29af2c |
return ENOMEM;
|
|
|
29af2c |
}
|
|
|
29af2c |
|
|
|
29af2c |
ret = sscg_init_bignum (tmp_ctx, 0, &bn);
|
|
|
29af2c |
+ CHECK_OK (ret);
|
|
|
29af2c |
|
|
|
29af2c |
/* We'll create a random number of sizeof(unsigned long) - 1 bits
|
|
|
29af2c |
to use as the serial. We use unsigned long to ensure that it
|
|
|
29af2c |
could be printed by BN_get_word() later. We omit the last bit
|
|
|
29af2c |
in order to ensure that we can't randomly get 0xffffffffL, which
|
|
|
29af2c |
--
|
|
|
29af2c |
2.19.1
|
|
|
29af2c |
|