commit a792f8804773f9c6c8fa55a8d9a502d56bd79b2b
author David Benjamin <davidben@google.com> Mon Mar 11 15:59:01 2024 -0400
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Mon Mar 11 21:49:17 2024 +0000
tree b4778df848e1fadf463dfd92f488b166d49bd664
parent ddb002fc522a7ab7939a892862febcccd62f23e4

Fix a number of cases overwriting certificates, keys, etc. with SSL_CREDENTIAL

Field-by-field setters make the worst APIs. This fixes the following:

- Calling SSL_CTX_set_chain_and_key twice should override the old one
  (Regression from SSL_CREDENTIAL.)

- Various APIs forgot to clear the old chain before appending new ones.
  (Regression from SSL_CREDENTIAL.)

- Switching between a custom private key and a concrete one should not
  leave the old one lying around. (I think this was always broken.)

Add tests for all of these cases.

Change-Id: Ief7b3aecf2ada3b123d79d4eddf464c65d5f7d0d
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66907
Commit-Queue: David Benjamin <davidben@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>

ssl/internal.h

diff --git a/ssl/internal.h b/ssl/internal.h
index 0e55739..0c2c2f8 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1640,6 +1640,10 @@
   bool SetLeafCert(bssl::UniquePtr<CRYPTO_BUFFER> leaf,
                    bool discard_key_on_mismatch);
 
+  // ClearIntermediateCerts clears intermediate certificates in the certificate
+  // chain, while preserving the leaf.
+  void ClearIntermediateCerts();
+
   // AppendIntermediateCert appends |cert| to the certificate chain. If there is
   // no leaf certificate configured, it leaves a placeholder null in |chain|. It
   // returns one on success and zero on error.