mirror of https://github.com/openssl/openssl.git
Compare commits
8 Commits
e91b426a4b
...
6caeed6a72
| Author | SHA1 | Date |
|---|---|---|
Neil Horman
|
6caeed6a72 | |
Michael Baentsch
|
296f1f6dd8 | |
|
Michael Baentsch
|
fd7fc90346 | |
Tomas Mraz
|
fcb5e20ac7 | |
Ingo Franzki
|
b9ff440dd6 | |
|
Ingo Franzki
|
f77fafd16e | |
|
Neil Horman
|
c5ef9164a6 | |
|
Neil Horman
|
da3989acc8 |
|
|
@ -93,7 +93,6 @@ EOF
|
|||
|
||||
my %cmd_disabler = (
|
||||
ciphers => "sock",
|
||||
genrsa => "rsa",
|
||||
gendsa => "dsa",
|
||||
dsaparam => "dsa",
|
||||
gendh => "dh",
|
||||
|
|
@ -107,7 +106,7 @@ EOF
|
|||
# [2] = preprocessor conditional for excluding irrespective of deprecation
|
||||
# rsa => [ "pkey", "3_0", "rsa" ],
|
||||
# genrsa => [ "genpkey", "3_0", "rsa" ],
|
||||
rsautl => [ "pkeyutl", "3_0", "rsa" ],
|
||||
rsautl => [ "pkeyutl", "3_0", "" ],
|
||||
# dhparam => [ "pkeyparam", "3_0", "dh" ],
|
||||
# dsaparam => [ "pkeyparam", "3_0", "dsa" ],
|
||||
# dsa => [ "pkey", "3_0", "dsa" ],
|
||||
|
|
|
|||
|
|
@ -261,10 +261,12 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
|
|||
|
||||
cipher = ctx->op.ciph.cipher;
|
||||
desc = cipher->description != NULL ? cipher->description : "";
|
||||
ERR_set_mark();
|
||||
ret = cipher->encrypt(ctx->op.ciph.algctx, out, outlen, (out == NULL ? 0 : *outlen), in, inlen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_ASYM_CIPHER_FAILURE,
|
||||
"%s encrypt:%s", cipher->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
|
||||
legacy:
|
||||
|
|
@ -309,10 +311,12 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
|
|||
|
||||
cipher = ctx->op.ciph.cipher;
|
||||
desc = cipher->description != NULL ? cipher->description : "";
|
||||
ERR_set_mark();
|
||||
ret = cipher->decrypt(ctx->op.ciph.algctx, out, outlen, (out == NULL ? 0 : *outlen), in, inlen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_ASYM_CIPHER_FAILURE,
|
||||
"%s decrypt:%s", cipher->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
|
||||
return ret;
|
||||
|
||||
|
|
|
|||
|
|
@ -460,10 +460,12 @@ void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
|
|||
return NULL;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
ret = keymgmt->gen(genctx, cb, cbarg);
|
||||
if (ret == NULL)
|
||||
if (ret == NULL && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_KEYMGMT_FAILURE,
|
||||
"%s key generation:%s", keymgmt->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -426,10 +426,12 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
|
|||
return 0;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_sign_update(pctx->op.sig.algctx, data, dsize);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_sign_update:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
|
||||
legacy:
|
||||
|
|
@ -474,10 +476,12 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
|
|||
return 0;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_verify_update(pctx->op.sig.algctx, data, dsize);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_verify_update:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
|
||||
legacy:
|
||||
|
|
@ -527,11 +531,13 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
|||
pctx = dctx;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
r = signature->digest_sign_final(pctx->op.sig.algctx, sigret, siglen,
|
||||
sigret == NULL ? 0 : *siglen);
|
||||
if (!r)
|
||||
if (!r && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_sign_final:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
if (dctx == NULL && sigret != NULL)
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
else
|
||||
|
|
@ -638,11 +644,13 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
|
|||
|
||||
if (sigret != NULL)
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_sign(pctx->op.sig.algctx, sigret, siglen,
|
||||
sigret == NULL ? 0 : *siglen, tbs, tbslen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_sign:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
}
|
||||
} else {
|
||||
|
|
@ -693,10 +701,12 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
|
|||
pctx = dctx;
|
||||
}
|
||||
|
||||
ERR_set_mark();
|
||||
r = signature->digest_verify_final(pctx->op.sig.algctx, sig, siglen);
|
||||
if (!r)
|
||||
if (!r && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_verify_final:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
if (dctx == NULL)
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
else
|
||||
|
|
@ -769,10 +779,12 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
|
|||
int ret;
|
||||
|
||||
ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
|
||||
ERR_set_mark();
|
||||
ret = signature->digest_verify(pctx->op.sig.algctx, sigret, siglen, tbs, tbslen);
|
||||
if (ret <= 0)
|
||||
if (ret <= 0 && ERR_count_to_mark() == 0)
|
||||
ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
|
||||
"%s digest_verify:%s", signature->type_name, desc);
|
||||
ERR_clear_last_mark();
|
||||
return ret;
|
||||
}
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -2419,6 +2419,11 @@ static int core_pop_error_to_mark(const OSSL_CORE_HANDLE *handle)
|
|||
return ERR_pop_to_mark();
|
||||
}
|
||||
|
||||
static int core_count_to_mark(const OSSL_CORE_HANDLE *handle)
|
||||
{
|
||||
return ERR_count_to_mark();
|
||||
}
|
||||
|
||||
static void core_indicator_get_callback(OPENSSL_CORE_CTX *libctx,
|
||||
OSSL_INDICATOR_CALLBACK **cb)
|
||||
{
|
||||
|
|
@ -2600,6 +2605,7 @@ static const OSSL_DISPATCH core_dispatch_[] = {
|
|||
{ OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK,
|
||||
(void (*)(void))core_clear_last_error_mark },
|
||||
{ OSSL_FUNC_CORE_POP_ERROR_TO_MARK, (void (*)(void))core_pop_error_to_mark },
|
||||
{ OSSL_FUNC_CORE_COUNT_TO_MARK, (void (*)(void))core_count_to_mark },
|
||||
{ OSSL_FUNC_BIO_NEW_FILE, (void (*)(void))ossl_core_bio_new_file },
|
||||
{ OSSL_FUNC_BIO_NEW_MEMBUF, (void (*)(void))ossl_core_bio_new_mem_buf },
|
||||
{ OSSL_FUNC_BIO_READ_EX, (void (*)(void))ossl_core_bio_read_ex },
|
||||
|
|
|
|||
|
|
@ -154,6 +154,10 @@ provider):
|
|||
core_new_error OSSL_FUNC_CORE_NEW_ERROR
|
||||
core_set_error_debug OSSL_FUNC_CORE_SET_ERROR_DEBUG
|
||||
core_vset_error OSSL_FUNC_CORE_VSET_ERROR
|
||||
core_set_error_mark OSSL_FUNC_CORE_SET_ERROR_MARK
|
||||
core_clear_last_error_mark OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK
|
||||
core_pop_error_to_mark OSSL_FUNC_CORE_POP_ERROR_TO_MARK
|
||||
core_count_to_mark OSSL_FUNC_CORE_COUNT_TO_MARK
|
||||
core_obj_add_sigid OSSL_FUNC_CORE_OBJ_ADD_SIGID
|
||||
core_obj_create OSSL_FUNC_CORE_OBJ_CREATE
|
||||
CRYPTO_malloc OSSL_FUNC_CRYPTO_MALLOC
|
||||
|
|
@ -270,6 +274,33 @@ error occurred or was reported.
|
|||
|
||||
This corresponds to the OpenSSL function L<ERR_vset_error(3)>.
|
||||
|
||||
=item core_set_error_mark()
|
||||
|
||||
sets a mark on the current topmost error record if there is one.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_set_mark(3)>.
|
||||
|
||||
=item core_clear_last_error_mark()
|
||||
|
||||
removes the last mark added if there is one.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_clear_last_mark(3)>.
|
||||
|
||||
=item core_pop_error_to_mark()
|
||||
|
||||
pops the top of the error stack until a mark is found. The mark is then removed.
|
||||
If there is no mark, the whole stack is removed.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_pop_to_mark(3)>.
|
||||
|
||||
=item core_count_to_mark()
|
||||
|
||||
returns the number of entries on the error stack above the most recently
|
||||
marked entry, not including that entry. If there is no mark in the error stack,
|
||||
the number of entries in the error stack is returned.
|
||||
|
||||
This corresponds to the OpenSSL function L<ERR_count_to_mark(3)>.
|
||||
|
||||
=back
|
||||
|
||||
The core_obj_create() function registers a new OID and associated short name
|
||||
|
|
|
|||
|
|
@ -590,10 +590,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
|
|||
SSL *server;
|
||||
BIO *in;
|
||||
BIO *out;
|
||||
#if !defined(OPENSSL_NO_EC) \
|
||||
|| (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0))
|
||||
BIO *bio_buf;
|
||||
#endif
|
||||
SSL_CTX *ctx;
|
||||
int ret;
|
||||
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
|
|
|
|||
|
|
@ -253,6 +253,10 @@ OSSL_CORE_MAKE_FUNC(int, provider_up_ref,
|
|||
OSSL_CORE_MAKE_FUNC(int, provider_free,
|
||||
(const OSSL_CORE_HANDLE *prov, int deactivate))
|
||||
|
||||
/* Additional error functions provided by the core */
|
||||
# define OSSL_FUNC_CORE_COUNT_TO_MARK 120
|
||||
OSSL_CORE_MAKE_FUNC(int, core_count_to_mark, (const OSSL_CORE_HANDLE *prov))
|
||||
|
||||
/* Functions provided by the provider to the Core, reserved numbers 1024-1535 */
|
||||
# define OSSL_FUNC_PROVIDER_TEARDOWN 1024
|
||||
OSSL_CORE_MAKE_FUNC(void, provider_teardown, (void *provctx))
|
||||
|
|
|
|||
|
|
@ -65,6 +65,7 @@ static OSSL_FUNC_core_vset_error_fn *c_vset_error;
|
|||
static OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark;
|
||||
static OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark;
|
||||
static OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark;
|
||||
static OSSL_FUNC_core_count_to_mark_fn *c_count_to_mark;
|
||||
static OSSL_FUNC_CRYPTO_malloc_fn *c_CRYPTO_malloc;
|
||||
static OSSL_FUNC_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
|
||||
static OSSL_FUNC_CRYPTO_free_fn *c_CRYPTO_free;
|
||||
|
|
@ -834,6 +835,9 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,
|
|||
case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
|
||||
set_func(c_pop_error_to_mark, OSSL_FUNC_core_pop_error_to_mark(in));
|
||||
break;
|
||||
case OSSL_FUNC_CORE_COUNT_TO_MARK:
|
||||
set_func(c_count_to_mark, OSSL_FUNC_core_count_to_mark(in));
|
||||
break;
|
||||
case OSSL_FUNC_CRYPTO_MALLOC:
|
||||
set_func(c_CRYPTO_malloc, OSSL_FUNC_CRYPTO_malloc(in));
|
||||
break;
|
||||
|
|
@ -1072,6 +1076,11 @@ int ERR_pop_to_mark(void)
|
|||
return c_pop_error_to_mark(NULL);
|
||||
}
|
||||
|
||||
int ERR_count_to_mark(void)
|
||||
{
|
||||
return c_count_to_mark != NULL ? c_count_to_mark(NULL) : 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* This must take a library context, since it's called from the depths
|
||||
* of crypto/initthread.c code, where it's (correctly) assumed that the
|
||||
|
|
|
|||
|
|
@ -627,28 +627,17 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
|
|||
const unsigned char *adin, size_t adinlen)
|
||||
{
|
||||
int fork_id;
|
||||
int reseed_required = 0;
|
||||
int reseed_required = 1;
|
||||
int ret = 0;
|
||||
|
||||
if (!ossl_prov_is_running())
|
||||
return 0;
|
||||
|
||||
if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
|
||||
fork_id = openssl_get_fork_id();
|
||||
|
||||
if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
|
||||
return 0;
|
||||
|
||||
if (drbg->state != EVP_RAND_STATE_READY) {
|
||||
/* try to recover from previous errors */
|
||||
rand_drbg_restart(drbg);
|
||||
|
||||
if (drbg->state == EVP_RAND_STATE_ERROR) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_IN_ERROR_STATE);
|
||||
goto err;
|
||||
}
|
||||
if (drbg->state == EVP_RAND_STATE_UNINITIALISED) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_INSTANTIATED);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
if (strength > drbg->strength) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_INSUFFICIENT_DRBG_STRENGTH);
|
||||
goto err;
|
||||
|
|
@ -663,28 +652,49 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
|
|||
goto err;
|
||||
}
|
||||
|
||||
fork_id = openssl_get_fork_id();
|
||||
if (drbg->state != EVP_RAND_STATE_READY)
|
||||
goto reseed;
|
||||
|
||||
if (drbg->fork_id != fork_id) {
|
||||
drbg->fork_id = fork_id;
|
||||
reseed_required = 1;
|
||||
}
|
||||
if (prediction_resistance)
|
||||
goto reseed;
|
||||
|
||||
if (drbg->fork_id != fork_id)
|
||||
goto reseed;
|
||||
|
||||
if (drbg->reseed_interval > 0
|
||||
&& drbg->generate_counter >= drbg->reseed_interval)
|
||||
goto reseed;
|
||||
|
||||
if (drbg->reseed_interval > 0) {
|
||||
if (drbg->generate_counter >= drbg->reseed_interval)
|
||||
reseed_required = 1;
|
||||
}
|
||||
if (drbg->reseed_time_interval > 0) {
|
||||
time_t now = time(NULL);
|
||||
if (now < drbg->reseed_time
|
||||
|| now - drbg->reseed_time >= drbg->reseed_time_interval)
|
||||
reseed_required = 1;
|
||||
goto reseed;
|
||||
}
|
||||
|
||||
if (drbg->parent != NULL
|
||||
&& get_parent_reseed_count(drbg) != drbg->parent_reseed_counter)
|
||||
reseed_required = 1;
|
||||
goto reseed;
|
||||
|
||||
if (reseed_required || prediction_resistance) {
|
||||
reseed_required = 0;
|
||||
/*
|
||||
* From here to the end of the function, if we are doing locking, we do so
|
||||
* under the write lock
|
||||
*/
|
||||
reseed:
|
||||
if (drbg->lock != NULL) {
|
||||
/* switch to write lock */
|
||||
CRYPTO_THREAD_unlock(drbg->lock);
|
||||
if (!CRYPTO_THREAD_write_lock(drbg->lock))
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (reseed_required) {
|
||||
drbg->fork_id = fork_id;
|
||||
/*
|
||||
* Note that ossl_prov_drbg_reseed_unlocked also handles
|
||||
* the need for restart for us
|
||||
*/
|
||||
if (!ossl_prov_drbg_reseed_unlocked(drbg, prediction_resistance, NULL,
|
||||
0, adin, adinlen)) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_RESEED_ERROR);
|
||||
|
|
|
|||
|
|
@ -81,15 +81,6 @@ struct prov_drbg_st {
|
|||
OSSL_FUNC_rand_get_seed_fn *parent_get_seed;
|
||||
OSSL_FUNC_rand_clear_seed_fn *parent_clear_seed;
|
||||
|
||||
/*
|
||||
* Stores the return value of openssl_get_fork_id() as of when we last
|
||||
* reseeded. The DRBG reseeds automatically whenever drbg->fork_id !=
|
||||
* openssl_get_fork_id(). Used to provide fork-safety and reseed this
|
||||
* DRBG in the child process.
|
||||
*/
|
||||
int fork_id;
|
||||
unsigned short flags; /* various external flags */
|
||||
|
||||
/*
|
||||
* The following parameters are setup by the per-type "init" function.
|
||||
*
|
||||
|
|
@ -110,11 +101,11 @@ struct prov_drbg_st {
|
|||
* clarification.
|
||||
*/
|
||||
|
||||
unsigned int strength;
|
||||
size_t max_request;
|
||||
size_t min_entropylen, max_entropylen;
|
||||
size_t min_noncelen, max_noncelen;
|
||||
size_t max_perslen, max_adinlen;
|
||||
unsigned int strength;
|
||||
|
||||
/*
|
||||
* Counts the number of generate requests since the last reseed
|
||||
|
|
@ -127,6 +118,15 @@ struct prov_drbg_st {
|
|||
* This value is ignored if it is zero.
|
||||
*/
|
||||
unsigned int reseed_interval;
|
||||
|
||||
/*
|
||||
* Stores the return value of openssl_get_fork_id() as of when we last
|
||||
* reseeded. The DRBG reseeds automatically whenever drbg->fork_id !=
|
||||
* openssl_get_fork_id(). Used to provide fork-safety and reseed this
|
||||
* DRBG in the child process.
|
||||
*/
|
||||
int fork_id;
|
||||
|
||||
/* Stores the time when the last reseeding occurred */
|
||||
time_t reseed_time;
|
||||
/*
|
||||
|
|
@ -148,8 +148,8 @@ struct prov_drbg_st {
|
|||
unsigned int reseed_next_counter;
|
||||
unsigned int parent_reseed_counter;
|
||||
|
||||
size_t seedlen;
|
||||
DRBG_STATUS state;
|
||||
size_t seedlen;
|
||||
|
||||
/* DRBG specific data */
|
||||
void *data;
|
||||
|
|
@ -161,6 +161,8 @@ struct prov_drbg_st {
|
|||
OSSL_INOUT_CALLBACK *get_nonce_fn;
|
||||
OSSL_CALLBACK *cleanup_nonce_fn;
|
||||
|
||||
unsigned short flags; /* various external flags */
|
||||
|
||||
OSSL_FIPS_IND_DECLARE
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -48,6 +48,7 @@ static OSSL_FUNC_core_vset_error_fn *c_vset_error;
|
|||
static OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark;
|
||||
static OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark;
|
||||
static OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark;
|
||||
static OSSL_FUNC_core_count_to_mark_fn *c_count_to_mark;
|
||||
#endif
|
||||
|
||||
/* Parameters we provide to the core */
|
||||
|
|
@ -234,6 +235,9 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
|
|||
case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
|
||||
set_func(c_pop_error_to_mark, OSSL_FUNC_core_pop_error_to_mark(tmp));
|
||||
break;
|
||||
case OSSL_FUNC_CORE_COUNT_TO_MARK:
|
||||
set_func(c_count_to_mark, OSSL_FUNC_core_count_to_mark(in));
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
@ -301,4 +305,9 @@ int ERR_pop_to_mark(void)
|
|||
{
|
||||
return c_pop_error_to_mark(NULL);
|
||||
}
|
||||
|
||||
int ERR_count_to_mark(void)
|
||||
{
|
||||
return c_count_to_mark != NULL ? c_count_to_mark(NULL) : 0;
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -23,9 +23,19 @@ print <<"_____";
|
|||
#ifndef OPENSSL_NO_STDIO
|
||||
# include <stdio.h>
|
||||
#endif
|
||||
_____
|
||||
|
||||
if (${name_uc} eq "RSA") {
|
||||
print("#include <openssl/rsa.h>");
|
||||
}
|
||||
else {
|
||||
print <<"_____";
|
||||
#ifndef OPENSSL_NO_${name_uc}
|
||||
# include <openssl/$name.h>
|
||||
#endif
|
||||
_____
|
||||
}
|
||||
print <<"_____";
|
||||
|
||||
int main(void)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1984,7 +1984,7 @@ static int test_tlsext_status_type(void)
|
|||
if (!create_ssl_ctx_pair(libctx, TLS_server_method(), TLS_client_method(),
|
||||
TLS1_VERSION, 0,
|
||||
&sctx, &cctx, leaf, skey))
|
||||
return 0;
|
||||
goto end;
|
||||
if (SSL_CTX_use_certificate_chain_file(sctx, leaf_chain) <= 0)
|
||||
goto end;
|
||||
if (SSL_CTX_get_tlsext_status_type(cctx) != -1)
|
||||
|
|
|
|||
Loading…
Reference in New Issue