Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
... and only *define* them in the source files that need them.
Use DEFINE_OR_DECLARE which is set appropriately for internal builds
and not non-deprecated builds.
Deprecate stack-of-block
Better documentation
Move some ASN1 struct typedefs to types.h
Update ParseC to handle this. Most of all, ParseC needed to be more
consistent. The handlers are "recursive", in so far that they are called
again and again until they terminate, which depends entirely on what the
"massager" returns. There's a comment at the beginning of ParseC that
explains how that works. {Richard Levtte}
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10669)
Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like
'*_lcl.h', '*_local.h', or '*_int.h'
This commit changes the different suffixes to '*_local.h' uniformly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Author: Remi Gacogne <rgacogne-github@coredump.fr>
GH334: Add an OCSP_SINGLERESP_get0_id() accessor to the OCSP_CERTID of
a OCSP_SINGLERESP. It is possible to do it the other way around using
OCSP_resp_find(), but this is more efficient when you have a tree indexed
by OCSP_CERTID, like haproxy does. (This is also RT4251)
Author: Marek Klein <kleinmrk@gmail.com>
GH556: OCSP_resp_get_produced_at() accessor to the producedAt of a
OCSP_BASICRESP
GH555: TS_STATUS_INFO_get_status(), TS_STATUS_INFO_get_text() and
TS_STATUS_INFO_get_failure_info() accessors for a TS_STATUS_INFO
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Most of the accessors existed and were already used so it was easy.
TS_VERIFY_CTX didn't have accessors/settors so I added the simple and
obvious ones, and changed the app to use them. Also, within crypto/ts,
replaced the functions with direct access to the structure members
since we generally aren't opaque within a directory.
Also fix RT3901.
Reviewed-by: Tim Hudson <tjh@openssl.org>
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
Remove old M_ASN1_ macros and replace any occurences with the corresponding
function.
Remove d2i_ASN1_bytes, d2i_ASN1_SET, i2d_ASN1_SET: no longer used internally.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte
Matt Caswell
Rich Salz
Dr. Matthias St. Pierre
FdaSilvaYY
Rich Salz
Dr. Stephen Henson
Nils Larsch
Ulf Möller