|
@@ -209,10 +209,10 @@ static int ocsp_request ( struct ocsp_check *ocsp ) {
|
209
|
209
|
static int ocsp_uri_string ( struct ocsp_check *ocsp ) {
|
210
|
210
|
struct x509_ocsp_responder *responder =
|
211
|
211
|
&ocsp->cert->extensions.auth_info.ocsp;
|
212
|
|
- struct uri path_uri;
|
213
|
|
- char *path_base64_string;
|
214
|
|
- char *path_uri_string;
|
215
|
|
- size_t path_len;
|
|
212
|
+ char *base64;
|
|
213
|
+ char *sep;
|
|
214
|
+ size_t base64_len;
|
|
215
|
+ size_t uri_len;
|
216
|
216
|
size_t len;
|
217
|
217
|
int rc;
|
218
|
218
|
|
|
@@ -224,46 +224,44 @@ static int ocsp_uri_string ( struct ocsp_check *ocsp ) {
|
224
|
224
|
goto err_no_uri;
|
225
|
225
|
}
|
226
|
226
|
|
227
|
|
- /* Base64-encode the request as the URI path */
|
228
|
|
- path_len = ( base64_encoded_len ( ocsp->request.builder.len )
|
229
|
|
- + 1 /* NUL */ );
|
230
|
|
- path_base64_string = malloc ( path_len );
|
231
|
|
- if ( ! path_base64_string ) {
|
|
227
|
+ /* Calculate base64-encoded request length */
|
|
228
|
+ base64_len = ( base64_encoded_len ( ocsp->request.builder.len )
|
|
229
|
+ + 1 /* NUL */ );
|
|
230
|
+
|
|
231
|
+ /* Allocate and construct the base64-encoded request */
|
|
232
|
+ base64 = malloc ( base64_len );
|
|
233
|
+ if ( ! base64 ) {
|
232
|
234
|
rc = -ENOMEM;
|
233
|
|
- goto err_path_base64;
|
|
235
|
+ goto err_alloc_base64;
|
234
|
236
|
}
|
235
|
237
|
base64_encode ( ocsp->request.builder.data, ocsp->request.builder.len,
|
236
|
|
- path_base64_string, path_len );
|
|
238
|
+ base64, base64_len );
|
237
|
239
|
|
238
|
|
- /* URI-encode the Base64-encoded request */
|
239
|
|
- memset ( &path_uri, 0, sizeof ( path_uri ) );
|
240
|
|
- path_uri.path = path_base64_string;
|
241
|
|
- path_uri_string = format_uri_alloc ( &path_uri );
|
242
|
|
- if ( ! path_uri_string ) {
|
243
|
|
- rc = -ENOMEM;
|
244
|
|
- goto err_path_uri;
|
245
|
|
- }
|
|
240
|
+ /* Calculate URI-encoded base64-encoded request length */
|
|
241
|
+ uri_len = ( uri_encode ( URI_PATH, base64, ( base64_len - 1 /* NUL */ ),
|
|
242
|
+ NULL, 0 ) + 1 /* NUL */ );
|
246
|
243
|
|
247
|
|
- /* Construct URI string */
|
248
|
|
- len = ( responder->uri.len + strlen ( path_uri_string ) + 1 /* NUL */ );
|
|
244
|
+ /* Allocate and construct the URI string */
|
|
245
|
+ len = ( responder->uri.len + 1 /* possible "/" */ + uri_len );
|
249
|
246
|
ocsp->uri_string = zalloc ( len );
|
250
|
247
|
if ( ! ocsp->uri_string ) {
|
251
|
248
|
rc = -ENOMEM;
|
252
|
|
- goto err_ocsp_uri;
|
|
249
|
+ goto err_alloc_uri;
|
253
|
250
|
}
|
254
|
251
|
memcpy ( ocsp->uri_string, responder->uri.data, responder->uri.len );
|
255
|
|
- strcpy ( &ocsp->uri_string[responder->uri.len], path_uri_string );
|
|
252
|
+ sep = &ocsp->uri_string[ responder->uri.len - 1 ];
|
|
253
|
+ if ( *sep != '/' )
|
|
254
|
+ *(++sep) = '/';
|
|
255
|
+ uri_encode ( URI_PATH, base64, base64_len, ( sep + 1 ), uri_len );
|
256
|
256
|
DBGC2 ( ocsp, "OCSP %p \"%s\" URI is %s\n",
|
257
|
257
|
ocsp, x509_name ( ocsp->cert ), ocsp->uri_string );
|
258
|
258
|
|
259
|
259
|
/* Success */
|
260
|
260
|
rc = 0;
|
261
|
261
|
|
262
|
|
- err_ocsp_uri:
|
263
|
|
- free ( path_uri_string );
|
264
|
|
- err_path_uri:
|
265
|
|
- free ( path_base64_string );
|
266
|
|
- err_path_base64:
|
|
262
|
+ err_alloc_uri:
|
|
263
|
+ free ( base64 );
|
|
264
|
+ err_alloc_base64:
|
267
|
265
|
err_no_uri:
|
268
|
266
|
return rc;
|
269
|
267
|
}
|