From 46160e6fb957a3f4141c13cba75d03c05b240968 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Tue, 16 Jul 2019 12:54:24 -0400 Subject: [PATCH] Deprecate SYSerr, add new FUNCerr macro Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9072) --- CHANGES | 8 ++++---- apps/apps.c | 2 +- crypto/bio/b_addr.c | 12 ++++++------ crypto/bio/b_sock.c | 12 ++++++------ crypto/bio/b_sock2.c | 24 ++++++++++++------------ crypto/bio/bss_acpt.c | 2 +- crypto/bio/bss_conn.c | 6 +++--- crypto/bio/bss_file.c | 8 ++++---- crypto/conf/conf_def.c | 2 +- crypto/err/openssl.ec | 1 + crypto/store/loader_file.c | 2 +- engines/e_devcrypto.c | 16 ++++++++-------- include/openssl/err.h | 5 ++++- ssl/ssl_cert.c | 2 +- ssl/ssl_lib.c | 2 +- 15 files changed, 54 insertions(+), 50 deletions(-) diff --git a/CHANGES b/CHANGES index a5e345108c..e517aceba9 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,10 @@ Changes between 1.1.1 and 3.0.0 [xx XXX xxxx] + *) Added a new FUNCerr() macro that takes a function name. + The macro SYSerr() is deprecated. + [Rich Salz] + *) {CRYPTO,OPENSSL}_mem_debug_{push,pop} are now no-ops and have been deprecated. [Rich Salz] @@ -45,10 +49,6 @@ *) Support SM2 signing and verification schemes with X509 certificate. [Paul Yang] - *) The macro SYSerr() was changed to take a function name, not - a numeric value; the SYS_F_xxx defines were removed. - [Rich Salz] - *) Use SHA256 as the default digest for TS query in the ts app. [Tomas Mraz] diff --git a/apps/apps.c b/apps/apps.c index d4d8febd51..43af5ad2a4 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1388,7 +1388,7 @@ CA_DB *load_index(const char *dbfile, DB_ATTR *db_attr) #ifndef OPENSSL_NO_POSIX_IO BIO_get_fp(in, &dbfp); if (fstat(fileno(dbfp), &dbst) == -1) { - SYSerr("fstat", errno); + FUNCerr("fstat", errno); ERR_add_error_data(1, dbfile); ERR_print_errors(bio_err); goto err; diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index 66f16fb13c..e2354e3421 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -207,7 +207,7 @@ static int addr_strings(const BIO_ADDR *ap, int numeric, flags)) != 0) { # ifdef EAI_SYSTEM if (ret == EAI_SYSTEM) { - SYSerr("getnameinfo", get_last_socket_error()); + FUNCerr("getnameinfo", get_last_socket_error()); BIOerr(BIO_F_ADDR_STRINGS, ERR_R_SYS_LIB); } else # endif @@ -700,7 +700,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, switch ((gai_ret = getaddrinfo(host, service, &hints, res))) { # ifdef EAI_SYSTEM case EAI_SYSTEM: - SYSerr("getaddrinfo", get_last_socket_error()); + FUNCerr("getaddrinfo", get_last_socket_error()); BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB); break; # endif @@ -804,12 +804,12 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, */ # if defined(OPENSSL_SYS_VXWORKS) /* h_errno doesn't exist on VxWorks */ - SYSerr("gethostbyname", 1000 ); + FUNCerr("gethostbyname", 1000 ); # else - SYSerr("gethostbyname", 1000 + h_errno); + FUNCerr("gethostbyname", 1000 + h_errno); # endif #else - SYSerr("gethostbyname", get_last_socket_error()); + FUNCerr("gethostbyname", get_last_socket_error()); #endif ret = 0; goto err; @@ -855,7 +855,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, se = getservbyname(service, proto); if (se == NULL) { - SYSerr("getservbyname", get_last_socket_error()); + FUNCerr("getservbyname", get_last_socket_error()); goto err; } } else { diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index f6ad9f03a9..46a2ff7dbc 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -129,7 +129,7 @@ int BIO_sock_init(void) * probed at run-time with DSO_global_lookup. */ if (WSAStartup(0x0202, &wsa_state) != 0) { - SYSerr("wsastartup", get_last_socket_error()); + FUNCerr("wsastartup", get_last_socket_error()); BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP); return -1; } @@ -189,7 +189,7 @@ int BIO_socket_ioctl(int fd, long type, void *arg) i = ioctlsocket(fd, type, ARG); # endif /* __DJGPP__ */ if (i < 0) - SYSerr("ioctlsocket", get_last_socket_error()); + FUNCerr("ioctlsocket", get_last_socket_error()); return i; } @@ -240,7 +240,7 @@ int BIO_accept(int sock, char **ip_port) ret = -2; goto end; } - SYSerr("accept", get_last_socket_error()); + FUNCerr("accept", get_last_socket_error()); BIOerr(BIO_F_BIO_ACCEPT, BIO_R_ACCEPT_ERROR); goto end; } @@ -305,7 +305,7 @@ int BIO_socket_nbio(int s, int mode) l = fcntl(s, F_GETFL, 0); if (l == -1) { - SYSerr("fcntl", get_last_sys_error()); + FUNCerr("fcntl", get_last_sys_error()); ret = -1; } else { # if defined(O_NONBLOCK) @@ -323,7 +323,7 @@ int BIO_socket_nbio(int s, int mode) ret = fcntl(s, F_SETFL, l); if (ret < 0) { - SYSerr("fcntl", get_last_sys_error()); + FUNCerr("fcntl", get_last_sys_error()); } } # else @@ -346,7 +346,7 @@ int BIO_sock_info(int sock, ret = getsockname(sock, BIO_ADDR_sockaddr_noconst(info->addr), &addr_len); if (ret == -1) { - SYSerr("getsockname", get_last_socket_error()); + FUNCerr("getsockname", get_last_socket_error()); BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_GETSOCKNAME_ERROR); return 0; } diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c index 88c7b0f52e..ee269513c6 100644 --- a/crypto/bio/b_sock2.c +++ b/crypto/bio/b_sock2.c @@ -46,7 +46,7 @@ int BIO_socket(int domain, int socktype, int protocol, int options) sock = socket(domain, socktype, protocol); if (sock == -1) { - SYSerr("socket", get_last_socket_error()); + FUNCerr("socket", get_last_socket_error()); BIOerr(BIO_F_BIO_SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET); return INVALID_SOCKET; } @@ -89,7 +89,7 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options) if (options & BIO_SOCK_KEEPALIVE) { if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (const void *)&on, sizeof(on)) != 0) { - SYSerr("setsockopt", get_last_socket_error()); + FUNCerr("setsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_CONNECT, BIO_R_UNABLE_TO_KEEPALIVE); return 0; } @@ -98,7 +98,7 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options) if (options & BIO_SOCK_NODELAY) { if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (const void *)&on, sizeof(on)) != 0) { - SYSerr("setsockopt", get_last_socket_error()); + FUNCerr("setsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_CONNECT, BIO_R_UNABLE_TO_NODELAY); return 0; } @@ -107,7 +107,7 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options) if (connect(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) == -1) { if (!BIO_sock_should_retry(-1)) { - SYSerr("connect", get_last_socket_error()); + FUNCerr("connect", get_last_socket_error()); BIOerr(BIO_F_BIO_CONNECT, BIO_R_CONNECT_ERROR); } return 0; @@ -150,7 +150,7 @@ int BIO_bind(int sock, const BIO_ADDR *addr, int options) if (options & BIO_SOCK_REUSEADDR) { if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (const void *)&on, sizeof(on)) != 0) { - SYSerr("setsockopt", get_last_socket_error()); + FUNCerr("setsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_BIND, BIO_R_UNABLE_TO_REUSEADDR); return 0; } @@ -158,7 +158,7 @@ int BIO_bind(int sock, const BIO_ADDR *addr, int options) # endif if (bind(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) != 0) { - SYSerr("bind", get_last_socket_error()); + FUNCerr("bind", get_last_socket_error()); BIOerr(BIO_F_BIO_BIND, BIO_R_UNABLE_TO_BIND_SOCKET); return 0; } @@ -217,7 +217,7 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options) if (getsockopt(sock, SOL_SOCKET, SO_TYPE, (void *)&socktype, &socktype_len) != 0 || socktype_len != sizeof(socktype)) { - SYSerr("getsockopt", get_last_socket_error()); + FUNCerr("getsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_LISTEN, BIO_R_GETTING_SOCKTYPE); return 0; } @@ -228,7 +228,7 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options) if (options & BIO_SOCK_KEEPALIVE) { if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (const void *)&on, sizeof(on)) != 0) { - SYSerr("setsockopt", get_last_socket_error()); + FUNCerr("setsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_KEEPALIVE); return 0; } @@ -237,7 +237,7 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options) if (options & BIO_SOCK_NODELAY) { if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (const void *)&on, sizeof(on)) != 0) { - SYSerr("setsockopt", get_last_socket_error()); + FUNCerr("setsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_NODELAY); return 0; } @@ -252,7 +252,7 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options) on = options & BIO_SOCK_V6_ONLY ? 1 : 0; if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (const void *)&on, sizeof(on)) != 0) { - SYSerr("setsockopt", get_last_socket_error()); + FUNCerr("setsockopt", get_last_socket_error()); BIOerr(BIO_F_BIO_LISTEN, BIO_R_LISTEN_V6_ONLY); return 0; } @@ -263,7 +263,7 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options) return 0; if (socktype != SOCK_DGRAM && listen(sock, MAX_LISTEN) == -1) { - SYSerr("listen", get_last_socket_error()); + FUNCerr("listen", get_last_socket_error()); BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_LISTEN_SOCKET); return 0; } @@ -290,7 +290,7 @@ int BIO_accept_ex(int accept_sock, BIO_ADDR *addr_, int options) BIO_ADDR_sockaddr_noconst(addr), &len); if (accepted_sock == -1) { if (!BIO_sock_should_retry(accepted_sock)) { - SYSerr("accept", get_last_socket_error()); + FUNCerr("accept", get_last_socket_error()); BIOerr(BIO_F_BIO_ACCEPT_EX, BIO_R_ACCEPT_ERROR); } return INVALID_SOCKET; diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index 739bd1ac5f..c47b75095a 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -226,7 +226,7 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c) BIO_ADDRINFO_socktype(c->addr_iter), BIO_ADDRINFO_protocol(c->addr_iter), 0); if (ret == (int)INVALID_SOCKET) { - SYSerr("socket", get_last_socket_error()); + FUNCerr("socket", get_last_socket_error()); ERR_add_error_data(4, "hostname=", c->param_addr, " service=", c->param_serv); diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 6909601f99..330c64f818 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -138,7 +138,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) BIO_ADDRINFO_socktype(c->addr_iter), BIO_ADDRINFO_protocol(c->addr_iter), 0); if (ret == (int)INVALID_SOCKET) { - SYSerr("socket", get_last_socket_error()); + FUNCerr("socket", get_last_socket_error()); ERR_add_error_data(4, "hostname=", c->param_hostname, " service=", c->param_service); @@ -170,7 +170,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) ERR_clear_error(); break; } else { - SYSerr("connect", get_last_socket_error()); + FUNCerr("connect", get_last_socket_error()); ERR_add_error_data(4, "hostname=", c->param_hostname, " service=", c->param_service); @@ -186,7 +186,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) i = BIO_sock_error(b->num); if (i) { BIO_clear_retry_flags(b); - SYSerr("connect", i); + FUNCerr("connect", i); ERR_add_error_data(4, "hostname=", c->param_hostname, " service=", c->param_service); diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index d0afd10214..5a0b248394 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -69,7 +69,7 @@ BIO *BIO_new_file(const char *filename, const char *mode) fp_flags |= BIO_FP_TEXT; if (file == NULL) { - SYSerr("fopen", get_last_sys_error()); + FUNCerr("fopen", get_last_sys_error()); ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); if (errno == ENOENT # ifdef ENXIO @@ -149,7 +149,7 @@ static int file_read(BIO *b, char *out, int outl) if (ret == 0 && (b->flags & BIO_FLAGS_UPLINK_INTERNAL ? UP_ferror((FILE *)b->ptr) : ferror((FILE *)b->ptr))) { - SYSerr("fread", get_last_sys_error()); + FUNCerr("fread", get_last_sys_error()); BIOerr(BIO_F_FILE_READ, ERR_R_SYS_LIB); ret = -1; } @@ -288,7 +288,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) # endif fp = openssl_fopen(ptr, p); if (fp == NULL) { - SYSerr("fopen", get_last_sys_error()); + FUNCerr("fopen", get_last_sys_error()); ERR_add_error_data(5, "fopen('", ptr, "','", p, "')"); BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB); ret = 0; @@ -316,7 +316,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) st = b->flags & BIO_FLAGS_UPLINK_INTERNAL ? UP_fflush(b->ptr) : fflush((FILE *)b->ptr); if (st == EOF) { - SYSerr("fflush", get_last_sys_error()); + FUNCerr("fflush", get_last_sys_error()); ERR_add_error_data(1, "fflush()"); BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB); ret = 0; diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index f82dd3cc62..d6cd315479 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -673,7 +673,7 @@ static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx, BIO *next; if (stat(include, &st) < 0) { - SYSerr("stat", errno); + FUNCerr("stat", errno); ERR_add_error_data(1, include); /* missing include file is not fatal error */ return NULL; diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 04e76df6f7..925ed65b96 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -3,6 +3,7 @@ # The INPUT HEADER is scanned for declarations # LIBNAME INPUT HEADER ERROR-TABLE FILE L ERR NONE NONE +L FUNC NONE NONE L BN include/openssl/bn.h crypto/bn/bn_err.c L RSA include/openssl/rsa.h crypto/rsa/rsa_err.c L DH include/openssl/dh.h crypto/dh/dh_err.c diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c index 480c57d1cb..ab59fabfec 100644 --- a/crypto/store/loader_file.c +++ b/crypto/store/loader_file.c @@ -824,7 +824,7 @@ static OSSL_STORE_LOADER_CTX *file_open(const OSSL_STORE_LOADER *loader, } if (stat(path_data[i].path, &st) < 0) { - SYSerr("stat", errno); + FUNCerr("stat", errno); ERR_add_error_data(1, path_data[i].path); } else { path = path_data[i].path; diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c index 0054319d83..aa5c1a6cbf 100644 --- a/engines/e_devcrypto.c +++ b/engines/e_devcrypto.c @@ -72,7 +72,7 @@ void engine_load_devcrypto_int(void); static int clean_devcrypto_session(struct session_op *sess) { if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } memset(sess, 0, sizeof(struct session_op)); @@ -208,7 +208,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, cipher_ctx->mode = cipher_d->flags & EVP_CIPH_MODE; cipher_ctx->blocksize = cipher_d->blocksize; if (ioctl(cfd, CIOCGSESSION, &cipher_ctx->sess) < 0) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } @@ -260,7 +260,7 @@ static int cipher_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #endif if (ioctl(cfd, CIOCCRYPT, &cryp) < 0) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } @@ -704,7 +704,7 @@ static int digest_init(EVP_MD_CTX *ctx) memset(&digest_ctx->sess, 0, sizeof(digest_ctx->sess)); digest_ctx->sess.mac = digest_d->devcryptoid; if (ioctl(cfd, CIOCGSESSION, &digest_ctx->sess) < 0) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } return 1; @@ -743,7 +743,7 @@ static int digest_update(EVP_MD_CTX *ctx, const void *data, size_t count) return 1; } - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } @@ -758,7 +758,7 @@ static int digest_final(EVP_MD_CTX *ctx, unsigned char *md) if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) { memcpy(md, digest_ctx->digest_res, EVP_MD_CTX_size(ctx)); } else if (digest_op(digest_ctx, NULL, 0, md, COP_FLAG_FINAL) < 0) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } @@ -777,14 +777,14 @@ static int digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) return 1; if (!digest_init(to)) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } cphash.src_ses = digest_from->sess.ses; cphash.dst_ses = digest_to->sess.ses; if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) { - SYSerr("ioctl", errno); + FUNCerr("ioctl", errno); return 0; } return 1; diff --git a/include/openssl/err.h b/include/openssl/err.h index c24b457036..3fa243ca45 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -105,7 +105,10 @@ typedef struct err_state_st { # define ERR_LIB_USER 128 -# define SYSerr(f,r) ERR_PUT_func_error(ERR_LIB_SYS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) +# if ! OPENSSL_API_3 +# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,0,(r),OPENSSL_FILE,OPENSSL_LINE) +#endif +# define FUNCerr(f,r) ERR_PUT_func_error(ERR_LIB_SYS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,0,(r),OPENSSL_FILE,OPENSSL_LINE) # define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,0,(r),OPENSSL_FILE,OPENSSL_LINE) # define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,0,(r),OPENSSL_FILE,OPENSSL_LINE) diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 86400ff9a0..3afa5e5387 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -766,7 +766,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, } if (errno) { - SYSerr("readdir", get_last_sys_error()); + FUNCerr("readdir", get_last_sys_error()); ERR_add_error_data(3, "OPENSSL_DIR_read(&ctx, '", dir, "')"); SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB); goto err; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 9125fbfcd5..a943414255 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2075,7 +2075,7 @@ ossl_ssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size, int flags) else #endif #ifdef OPENSSL_NO_KTLS - SYSerr("sendfile", get_last_sys_error()); + FUNCerr("sendfile", get_last_sys_error()); #else SSLerr(SSL_F_SSL_SENDFILE, SSL_R_UNINITIALIZED); #endif