/src/openssl/crypto/core_namemap.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include "internal/namemap.h" |
11 | | #include "internal/tsan_assist.h" |
12 | | #include "internal/hashtable.h" |
13 | | #include "internal/sizes.h" |
14 | | #include "crypto/context.h" |
15 | | |
16 | 4 | #define NAMEMAP_HT_BUCKETS 2048 |
17 | | |
18 | | HT_START_KEY_DEFN(namenum_key) |
19 | | HT_DEF_KEY_FIELD_CHAR_ARRAY(name, 64) |
20 | | HT_END_KEY_DEFN(NAMENUM_KEY) |
21 | | |
22 | | /*- |
23 | | * The namemap itself |
24 | | * ================== |
25 | | */ |
26 | | |
27 | | typedef char STRING; |
28 | | typedef STACK_OF(STRING) NAMES; |
29 | | |
30 | | DEFINE_STACK_OF(STRING) |
31 | | DEFINE_STACK_OF(NAMES) |
32 | | |
33 | | struct ossl_namemap_st { |
34 | | /* Flags */ |
35 | | unsigned int stored:1; /* If 1, it's stored in a library context */ |
36 | | |
37 | | HT *namenum_ht; /* Name->number mapping */ |
38 | | |
39 | | CRYPTO_RWLOCK *lock; |
40 | | STACK_OF(NAMES) *numnames; |
41 | | |
42 | | TSAN_QUALIFIER int max_number; /* Current max number */ |
43 | | }; |
44 | | |
45 | | static void name_string_free(char *name) |
46 | 1.10k | { |
47 | 1.10k | OPENSSL_free(name); |
48 | 1.10k | } |
49 | | |
50 | | static void names_free(NAMES *n) |
51 | 496 | { |
52 | 496 | sk_STRING_pop_free(n, name_string_free); |
53 | 496 | } |
54 | | |
55 | | /* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */ |
56 | | |
57 | | void *ossl_stored_namemap_new(OSSL_LIB_CTX *libctx) |
58 | 4 | { |
59 | 4 | OSSL_NAMEMAP *namemap = ossl_namemap_new(libctx); |
60 | | |
61 | 4 | if (namemap != NULL) |
62 | 4 | namemap->stored = 1; |
63 | | |
64 | 4 | return namemap; |
65 | 4 | } |
66 | | |
67 | | void ossl_stored_namemap_free(void *vnamemap) |
68 | 4 | { |
69 | 4 | OSSL_NAMEMAP *namemap = vnamemap; |
70 | | |
71 | 4 | if (namemap != NULL) { |
72 | | /* Pretend it isn't stored, or ossl_namemap_free() will do nothing */ |
73 | 4 | namemap->stored = 0; |
74 | 4 | ossl_namemap_free(namemap); |
75 | 4 | } |
76 | 4 | } |
77 | | |
78 | | /*- |
79 | | * API functions |
80 | | * ============= |
81 | | */ |
82 | | |
83 | | int ossl_namemap_empty(OSSL_NAMEMAP *namemap) |
84 | 38.7k | { |
85 | | #ifdef TSAN_REQUIRES_LOCKING |
86 | | /* No TSAN support */ |
87 | | int rv; |
88 | | |
89 | | if (namemap == NULL) |
90 | | return 1; |
91 | | |
92 | | if (!CRYPTO_THREAD_read_lock(namemap->lock)) |
93 | | return -1; |
94 | | rv = namemap->max_number == 0; |
95 | | CRYPTO_THREAD_unlock(namemap->lock); |
96 | | return rv; |
97 | | #else |
98 | | /* Have TSAN support */ |
99 | 38.7k | return namemap == NULL || tsan_load(&namemap->max_number) == 0; |
100 | 38.7k | #endif |
101 | 38.7k | } |
102 | | |
103 | | /* |
104 | | * Call the callback for all names in the namemap with the given number. |
105 | | * A return value 1 means that the callback was called for all names. A |
106 | | * return value of 0 means that the callback was not called for any names. |
107 | | */ |
108 | | int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, |
109 | | void (*fn)(const char *name, void *data), |
110 | | void *data) |
111 | 3.72k | { |
112 | 3.72k | int i; |
113 | 3.72k | NAMES *names; |
114 | | |
115 | 3.72k | if (namemap == NULL || number <= 0) |
116 | 0 | return 0; |
117 | | |
118 | | /* |
119 | | * We duplicate the NAMES stack under a read lock. Subsequently we call |
120 | | * the user function, so that we're not holding the read lock when in user |
121 | | * code. This could lead to deadlocks. |
122 | | */ |
123 | 3.72k | if (!CRYPTO_THREAD_read_lock(namemap->lock)) |
124 | 0 | return 0; |
125 | | |
126 | 3.72k | names = sk_NAMES_value(namemap->numnames, number - 1); |
127 | 3.72k | if (names != NULL) |
128 | 3.72k | names = sk_STRING_dup(names); |
129 | | |
130 | 3.72k | CRYPTO_THREAD_unlock(namemap->lock); |
131 | | |
132 | 3.72k | if (names == NULL) |
133 | 0 | return 0; |
134 | | |
135 | 8.07k | for (i = 0; i < sk_STRING_num(names); i++) |
136 | 4.34k | fn(sk_STRING_value(names, i), data); |
137 | | |
138 | 3.72k | sk_STRING_free(names); |
139 | 3.72k | return i > 0; |
140 | 3.72k | } |
141 | | |
142 | | int ossl_namemap_name2num(const OSSL_NAMEMAP *namemap, const char *name) |
143 | 38.1k | { |
144 | 38.1k | int number = 0; |
145 | 38.1k | HT_VALUE *val; |
146 | 38.1k | NAMENUM_KEY key; |
147 | | |
148 | 38.1k | #ifndef FIPS_MODULE |
149 | 38.1k | if (namemap == NULL) |
150 | 0 | namemap = ossl_namemap_stored(NULL); |
151 | 38.1k | #endif |
152 | | |
153 | 38.1k | if (namemap == NULL) |
154 | 0 | return 0; |
155 | | |
156 | 38.1k | HT_INIT_KEY(&key); |
157 | 38.1k | HT_SET_KEY_STRING_CASE(&key, name, name); |
158 | | |
159 | 38.1k | val = ossl_ht_get(namemap->namenum_ht, TO_HT_KEY(&key)); |
160 | | |
161 | 38.1k | if (val != NULL) |
162 | | /* We store a (small) int directly instead of a pointer to it. */ |
163 | 33.8k | number = (int)(intptr_t)val->value; |
164 | | |
165 | 38.1k | return number; |
166 | 38.1k | } |
167 | | |
168 | | /* TODO: Optimize to avoid strndup() */ |
169 | | int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap, |
170 | | const char *name, size_t name_len) |
171 | 1.72k | { |
172 | 1.72k | char *tmp; |
173 | 1.72k | int ret; |
174 | | |
175 | 1.72k | if (name == NULL || (tmp = OPENSSL_strndup(name, name_len)) == NULL) |
176 | 0 | return 0; |
177 | | |
178 | 1.72k | ret = ossl_namemap_name2num(namemap, tmp); |
179 | 1.72k | OPENSSL_free(tmp); |
180 | 1.72k | return ret; |
181 | 1.72k | } |
182 | | |
183 | | const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number, |
184 | | size_t idx) |
185 | 0 | { |
186 | 0 | NAMES *names; |
187 | 0 | const char *ret = NULL; |
188 | |
|
189 | 0 | if (namemap == NULL || number <= 0) |
190 | 0 | return NULL; |
191 | | |
192 | 0 | if (!CRYPTO_THREAD_read_lock(namemap->lock)) |
193 | 0 | return NULL; |
194 | | |
195 | 0 | names = sk_NAMES_value(namemap->numnames, number - 1); |
196 | 0 | if (names != NULL) |
197 | 0 | ret = sk_STRING_value(names, idx); |
198 | |
|
199 | 0 | CRYPTO_THREAD_unlock(namemap->lock); |
200 | |
|
201 | 0 | return ret; |
202 | 0 | } |
203 | | |
204 | | /* This function is not thread safe, the namemap must be locked */ |
205 | | static int numname_insert(OSSL_NAMEMAP *namemap, int number, |
206 | | const char *name) |
207 | 1.10k | { |
208 | 1.10k | NAMES *names; |
209 | 1.10k | char *tmpname; |
210 | | |
211 | 1.10k | if (number > 0) { |
212 | 606 | names = sk_NAMES_value(namemap->numnames, number - 1); |
213 | 606 | if (!ossl_assert(names != NULL)) { |
214 | | /* cannot happen */ |
215 | 0 | return 0; |
216 | 0 | } |
217 | 606 | } else { |
218 | | /* a completely new entry */ |
219 | 496 | names = sk_STRING_new_null(); |
220 | 496 | if (names == NULL) |
221 | 0 | return 0; |
222 | 496 | } |
223 | | |
224 | 1.10k | if ((tmpname = OPENSSL_strdup(name)) == NULL) |
225 | 0 | goto err; |
226 | | |
227 | 1.10k | if (!sk_STRING_push(names, tmpname)) |
228 | 0 | goto err; |
229 | | |
230 | 1.10k | if (number <= 0) { |
231 | 496 | if (!sk_NAMES_push(namemap->numnames, names)) |
232 | 0 | goto err; |
233 | 496 | number = sk_NAMES_num(namemap->numnames); |
234 | 496 | } |
235 | 1.10k | return number; |
236 | | |
237 | 0 | err: |
238 | 0 | if (number <= 0) |
239 | 0 | sk_STRING_free(names); |
240 | 0 | OPENSSL_free(tmpname); |
241 | 0 | return 0; |
242 | 1.10k | } |
243 | | |
244 | | /* This function is not thread safe, the namemap must be locked */ |
245 | | static int namemap_add_name(OSSL_NAMEMAP *namemap, int number, |
246 | | const char *name) |
247 | 2.38k | { |
248 | 2.38k | int ret; |
249 | 2.38k | HT_VALUE val = { 0 }; |
250 | 2.38k | NAMENUM_KEY key; |
251 | | |
252 | | /* If it already exists, we don't add it */ |
253 | 2.38k | if ((ret = ossl_namemap_name2num(namemap, name)) != 0) |
254 | 1.28k | return ret; |
255 | | |
256 | 1.10k | if ((number = numname_insert(namemap, number, name)) == 0) |
257 | 0 | return 0; |
258 | | |
259 | | /* Using tsan_store alone here is safe since we're under lock */ |
260 | 1.10k | tsan_store(&namemap->max_number, number); |
261 | | |
262 | 1.10k | HT_INIT_KEY(&key); |
263 | 1.10k | HT_SET_KEY_STRING_CASE(&key, name, name); |
264 | 1.10k | val.value = (void *)(intptr_t)number; |
265 | 1.10k | ret = ossl_ht_insert(namemap->namenum_ht, TO_HT_KEY(&key), &val, NULL); |
266 | 1.10k | if (!ossl_assert(ret != 0)) /* cannot happen as we are under write lock */ |
267 | 0 | return 0; |
268 | 1.10k | if (ret < 1) { |
269 | | /* unable to insert due to too many collisions */ |
270 | 0 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_NAMES); |
271 | 0 | return 0; |
272 | 0 | } |
273 | 1.10k | return number; |
274 | 1.10k | } |
275 | | |
276 | | int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number, |
277 | | const char *name) |
278 | 1.29k | { |
279 | 1.29k | int tmp_number; |
280 | | |
281 | 1.29k | #ifndef FIPS_MODULE |
282 | 1.29k | if (namemap == NULL) |
283 | 0 | namemap = ossl_namemap_stored(NULL); |
284 | 1.29k | #endif |
285 | | |
286 | 1.29k | if (name == NULL || *name == 0 || namemap == NULL) |
287 | 0 | return 0; |
288 | | |
289 | 1.29k | if (!CRYPTO_THREAD_write_lock(namemap->lock)) |
290 | 0 | return 0; |
291 | 1.29k | tmp_number = namemap_add_name(namemap, number, name); |
292 | 1.29k | CRYPTO_THREAD_unlock(namemap->lock); |
293 | 1.29k | return tmp_number; |
294 | 1.29k | } |
295 | | |
296 | | int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number, |
297 | | const char *names, const char separator) |
298 | 508 | { |
299 | 508 | char *tmp, *p, *q, *endp; |
300 | | |
301 | | /* Check that we have a namemap */ |
302 | 508 | if (!ossl_assert(namemap != NULL)) { |
303 | 0 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); |
304 | 0 | return 0; |
305 | 0 | } |
306 | | |
307 | 508 | if ((tmp = OPENSSL_strdup(names)) == NULL) |
308 | 0 | return 0; |
309 | | |
310 | 508 | if (!CRYPTO_THREAD_write_lock(namemap->lock)) { |
311 | 0 | OPENSSL_free(tmp); |
312 | 0 | return 0; |
313 | 0 | } |
314 | | /* |
315 | | * Check that no name is an empty string, and that all names have at |
316 | | * most one numeric identity together. |
317 | | */ |
318 | 1.59k | for (p = tmp; *p != '\0'; p = q) { |
319 | 1.09k | int this_number; |
320 | 1.09k | size_t l; |
321 | | |
322 | 1.09k | if ((q = strchr(p, separator)) == NULL) { |
323 | 508 | l = strlen(p); /* offset to \0 */ |
324 | 508 | q = p + l; |
325 | 582 | } else { |
326 | 582 | l = q - p; /* offset to the next separator */ |
327 | 582 | *q++ = '\0'; |
328 | 582 | } |
329 | | |
330 | 1.09k | if (*p == '\0') { |
331 | 0 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME); |
332 | 0 | number = 0; |
333 | 0 | goto end; |
334 | 0 | } |
335 | | |
336 | 1.09k | this_number = ossl_namemap_name2num(namemap, p); |
337 | | |
338 | 1.09k | if (number == 0) { |
339 | 782 | number = this_number; |
340 | 782 | } else if (this_number != 0 && this_number != number) { |
341 | 0 | ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES, |
342 | 0 | "\"%s\" has an existing different identity %d (from \"%s\")", |
343 | 0 | p, this_number, names); |
344 | 0 | number = 0; |
345 | 0 | goto end; |
346 | 0 | } |
347 | 1.09k | } |
348 | 508 | endp = p; |
349 | | |
350 | | /* Now that we have checked, register all names */ |
351 | 1.59k | for (p = tmp; p < endp; p = q) { |
352 | 1.09k | int this_number; |
353 | | |
354 | 1.09k | q = p + strlen(p) + 1; |
355 | | |
356 | 1.09k | this_number = namemap_add_name(namemap, number, p); |
357 | 1.09k | if (number == 0) { |
358 | 260 | number = this_number; |
359 | 830 | } else if (this_number != number) { |
360 | 0 | ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR, |
361 | 0 | "Got number %d when expecting %d", |
362 | 0 | this_number, number); |
363 | 0 | number = 0; |
364 | 0 | goto end; |
365 | 0 | } |
366 | 1.09k | } |
367 | | |
368 | 508 | end: |
369 | 508 | CRYPTO_THREAD_unlock(namemap->lock); |
370 | 508 | OPENSSL_free(tmp); |
371 | 508 | return number; |
372 | 508 | } |
373 | | |
374 | | /*- |
375 | | * Pre-population |
376 | | * ============== |
377 | | */ |
378 | | |
379 | | #ifndef FIPS_MODULE |
380 | | #include <openssl/evp.h> |
381 | | |
382 | | /* Creates an initial namemap with names found in the legacy method db */ |
383 | | static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name, |
384 | | void *arg) |
385 | 512 | { |
386 | 512 | int num = 0; |
387 | 512 | ASN1_OBJECT *obj; |
388 | | |
389 | 512 | if (base_nid != NID_undef) { |
390 | 8 | num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(base_nid)); |
391 | 8 | num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(base_nid)); |
392 | 8 | } |
393 | | |
394 | 512 | if (nid != NID_undef) { |
395 | 420 | num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(nid)); |
396 | 420 | num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(nid)); |
397 | 420 | if ((obj = OBJ_nid2obj(nid)) != NULL) { |
398 | 420 | char txtoid[OSSL_MAX_NAME_SIZE]; |
399 | | |
400 | 420 | if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0) |
401 | 418 | num = ossl_namemap_add_name(arg, num, txtoid); |
402 | 420 | } |
403 | 420 | } |
404 | 512 | if (pem_name != NULL) |
405 | 22 | num = ossl_namemap_add_name(arg, num, pem_name); |
406 | 512 | } |
407 | | |
408 | | static void get_legacy_cipher_names(const OBJ_NAME *on, void *arg) |
409 | 362 | { |
410 | 362 | const EVP_CIPHER *cipher = (void *)OBJ_NAME_get(on->name, on->type); |
411 | | |
412 | 362 | if (cipher != NULL) |
413 | 362 | get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg); |
414 | 362 | } |
415 | | |
416 | | static void get_legacy_md_names(const OBJ_NAME *on, void *arg) |
417 | 118 | { |
418 | 118 | const EVP_MD *md = (void *)OBJ_NAME_get(on->name, on->type); |
419 | | |
420 | 118 | if (md != NULL) |
421 | 118 | get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg); |
422 | 118 | } |
423 | | |
424 | | static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth, |
425 | | void *arg) |
426 | 30 | { |
427 | 30 | int nid = 0, base_nid = 0, flags = 0; |
428 | 30 | const char *pem_name = NULL; |
429 | | |
430 | 30 | EVP_PKEY_asn1_get0_info(&nid, &base_nid, &flags, NULL, &pem_name, ameth); |
431 | 30 | if (nid != NID_undef) { |
432 | 30 | if ((flags & ASN1_PKEY_ALIAS) == 0) { |
433 | 20 | switch (nid) { |
434 | 2 | case EVP_PKEY_DHX: |
435 | | /* We know that the name "DHX" is used too */ |
436 | 2 | get_legacy_evp_names(0, nid, "DHX", arg); |
437 | | /* FALLTHRU */ |
438 | 20 | default: |
439 | 20 | get_legacy_evp_names(0, nid, pem_name, arg); |
440 | 20 | } |
441 | 20 | } else { |
442 | | /* |
443 | | * Treat aliases carefully, some of them are undesirable, or |
444 | | * should not be treated as such for providers. |
445 | | */ |
446 | | |
447 | 10 | switch (nid) { |
448 | 2 | case EVP_PKEY_SM2: |
449 | | /* |
450 | | * SM2 is a separate keytype with providers, not an alias for |
451 | | * EC. |
452 | | */ |
453 | 2 | get_legacy_evp_names(0, nid, pem_name, arg); |
454 | 2 | break; |
455 | 8 | default: |
456 | | /* Use the short name of the base nid as the common reference */ |
457 | 8 | get_legacy_evp_names(base_nid, nid, pem_name, arg); |
458 | 10 | } |
459 | 10 | } |
460 | 30 | } |
461 | 30 | } |
462 | | #endif |
463 | | |
464 | | /*- |
465 | | * Constructors / destructors |
466 | | * ========================== |
467 | | */ |
468 | | |
469 | | OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx) |
470 | 38.7k | { |
471 | 38.7k | #ifndef FIPS_MODULE |
472 | 38.7k | int nms; |
473 | 38.7k | #endif |
474 | 38.7k | OSSL_NAMEMAP *namemap = |
475 | 38.7k | ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX); |
476 | | |
477 | 38.7k | if (namemap == NULL) |
478 | 0 | return NULL; |
479 | | |
480 | 38.7k | #ifndef FIPS_MODULE |
481 | 38.7k | nms = ossl_namemap_empty(namemap); |
482 | 38.7k | if (nms < 0) { |
483 | | /* |
484 | | * Could not get lock to make the count, so maybe internal objects |
485 | | * weren't added. This seems safest. |
486 | | */ |
487 | 0 | return NULL; |
488 | 0 | } |
489 | 38.7k | if (nms == 1) { |
490 | 2 | int i, end; |
491 | | |
492 | | /* Before pilfering, we make sure the legacy database is populated */ |
493 | 2 | OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
494 | 2 | | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); |
495 | | |
496 | 2 | OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, |
497 | 2 | get_legacy_cipher_names, namemap); |
498 | 2 | OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, |
499 | 2 | get_legacy_md_names, namemap); |
500 | | |
501 | | /* We also pilfer data from the legacy EVP_PKEY_ASN1_METHODs */ |
502 | 32 | for (i = 0, end = EVP_PKEY_asn1_get_count(); i < end; i++) |
503 | 30 | get_legacy_pkey_meth_names(EVP_PKEY_asn1_get0(i), namemap); |
504 | 2 | } |
505 | 38.7k | #endif |
506 | | |
507 | 38.7k | return namemap; |
508 | 38.7k | } |
509 | | |
510 | | OSSL_NAMEMAP *ossl_namemap_new(OSSL_LIB_CTX *libctx) |
511 | 4 | { |
512 | 4 | OSSL_NAMEMAP *namemap; |
513 | 4 | HT_CONFIG htconf = { NULL, NULL, NULL, NAMEMAP_HT_BUCKETS, 1, 1 }; |
514 | | |
515 | 4 | htconf.ctx = libctx; |
516 | | |
517 | 4 | if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) == NULL) |
518 | 0 | goto err; |
519 | | |
520 | 4 | if ((namemap->lock = CRYPTO_THREAD_lock_new()) == NULL) |
521 | 0 | goto err; |
522 | | |
523 | 4 | if ((namemap->namenum_ht = ossl_ht_new(&htconf)) == NULL) |
524 | 0 | goto err; |
525 | | |
526 | 4 | if ((namemap->numnames = sk_NAMES_new_null()) == NULL) |
527 | 0 | goto err; |
528 | | |
529 | 4 | return namemap; |
530 | | |
531 | 0 | err: |
532 | 0 | ossl_namemap_free(namemap); |
533 | 0 | return NULL; |
534 | 4 | } |
535 | | |
536 | | void ossl_namemap_free(OSSL_NAMEMAP *namemap) |
537 | 4 | { |
538 | 4 | if (namemap == NULL || namemap->stored) |
539 | 0 | return; |
540 | | |
541 | 4 | sk_NAMES_pop_free(namemap->numnames, names_free); |
542 | | |
543 | 4 | ossl_ht_free(namemap->namenum_ht); |
544 | | |
545 | 4 | CRYPTO_THREAD_lock_free(namemap->lock); |
546 | 4 | OPENSSL_free(namemap); |
547 | 4 | } |