Trying to figure out what needs to be released and how

Tue, 24 May 2011 00:53:11 -0700 

I'm trying to parse a certificate for the DNS names of the site it's for.  
Unfortunately, all the examples I can find don't bother releasing any of the
ram they acquire!   So I'm left trying to figure it out myself because I
need to parse a few hundred of these a second.   In addition, I can't seem
to find any api documentation at all that mentions most of these functions.  
I've muddled my way through it, but I still have unreleased ram in the cert
itself.  I assume something has set a reference count some where.   Pointers
to any good docs, or help with the code itself would be appreciated.


void ParseCert(const unsigned char *Buffer)
    {
    X509 *Cert = d2i_X509(NULL, &Buffer, 1590);
    if (!Cert)
        {
        printf("Failed to decode cert\n");
        exit(1);
        }

    STACK_OF(X509_EXTENSION) *Extensions = Cert->cert_info->extensions;
    int Nid = OBJ_sn2nid("subjectAltName");
    X509_EXTENSION *SubjAltName = X509v3_get_ext(Extensions,
X509v3_get_ext_by_NID(Extensions, Nid, -1));

    X509V3_EXT_METHOD *Method = X509V3_EXT_get(SubjAltName);
    if (!Method)
        {
        printf("Failed to get method");
        exit(1);
        }

    const unsigned char *ExtensionData = SubjAltName->value->data;

    ASN1_ITEM *Tmp; // I have no idea what this is
    if (Method->it)
        Tmp =  ASN1_item_d2i(NULL, &ExtensionData,
SubjAltName->value->length, ASN1_ITEM_ptr(Method->it));
    else
        Tmp = Method->d2i(NULL, &ExtensionData, SubjAltName->value->length);

    STACK_OF(CONF_VALUE) *Values = Method->i2v(Method, Tmp, NULL );
    int i;
    for (i = 0; i < sk_CONF_VALUE_num(Values); i++)
        {
        CONF_VALUE *Fields;
        Fields = sk_CONF_VALUE_value(Values, i);
        printf("%s: %s\n", Fields->name, Fields->value);
        }

    // Doesn't work
    //sk_CONF_VALUE_pop_free(Values, CONF_VALUE_free);

    if (Method->it)
        ASN1_item_free((ASN1_VALUE *)Tmp, ASN1_ITEM_ptr(Method->it));

    sk_CONF_VALUE_pop_free(Values, X509V3_conf_free);
    // Doesn't appear to be required
    //X509_EXTENSION_free(SubjAltName);
    X509_free(Cert);
    }

-- 
View this message in context: 
http://old.nabble.com/Trying-to-figure-out-what-needs-to-be-released-and-how-tp31684738p31684738.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to