Commit graph

32 commits

Author SHA1 Message Date
Bernd Edlinger
2459dc1bd0 Fix error handling at openssl_strerror_r
When bufsize == 0, openssl_strerror_r should return 0 (if _GNU_SOURCE is defined),
to be consistent with non-_GNU_SOURCE variants, which exhibit the same behavior.
Fix a few cases, where the return value of openssl_strerror_r was ignored.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9163)

(cherry picked from commit e7a4682d0b)
2019-06-18 13:58:52 +02:00
Andy Polyakov
f20aa69e33 crypto/*: address standard-compilance nits.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/6745)
2018-07-20 13:40:30 +02:00
Andy Polyakov
fa339c69a6 store/loader_file.c: fix char-subscripts warning.
This happens on systems that perform is* character classifictions as
array lookup, e.g. NetBSD.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6584)
2018-06-25 16:47:36 +02:00
Andy Polyakov
7747a49f24 store/loader_file.c: rename variables causing conflicts with Android NDK.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5589)
2018-03-13 19:31:44 +01:00
Richard Levitte
93d2f9fa4a STORE 'file' scheme loader: Add search capibility
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23 07:40:42 +01:00
Richard Levitte
fac8673b8a STORE: Add the possibility to search for specific information
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23 07:40:42 +01:00
Richard Levitte
6541d9e264 STORE 'file' scheme loader: Add info type expectation
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23 07:40:42 +01:00
Richard Levitte
072bfcc90b STORE: Add the possibility to specify an expected info type
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23 07:40:42 +01:00
FdaSilvaYY
a0fda2cf2d Address some code-analysis issues.
Expression '...' is always true.
The 'b->init' variable is assigned values twice successively

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4753)
2017-12-08 10:49:41 -05:00
Richard Levitte
94b5d7aae9 Fix OSSL_STORE's 'file' loader: make sure peekbuf is initialised
This quiets down complaints about the use of uninitialised memory

[extended tests]

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4340)
2017-09-05 17:07:20 +02:00
Pauli
07016a8a31 Move e_os.h to be the very first include.
cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:44 +10:00
Pauli
a1df06b363 This has been added to avoid the situation where some host ctype.h functions
return true for characters > 127.  I.e. they are allowing extended ASCII
characters through which then cause problems.  E.g. marking superscript '2' as
a number then causes the common (ch - '0') conversion to number to fail
miserably.  Likewise letters with diacritical marks can also cause problems.

If a non-ASCII character set is being used (currently only EBCDIC), it is
adjusted for.

The implementation uses a single table with a bit for each of the defined
classes.  These functions accept an int argument and fail for
values out of range or for characters outside of the ASCII set.  They will
work for both signed and unsigned character inputs.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4102)
2017-08-22 09:45:25 +10:00
Bernd Edlinger
358d446f25 Use OPENSSL_secure_clear_free in STORE file_load
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4044)
2017-07-29 19:31:11 +02:00
Benjamin Kaduk
7af42628c1 Improve style
Spaces around operators.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3860)
2017-07-27 14:32:13 -05:00
Richard Levitte
1145995323 OSSL_STORE "file" scheme loader: check that a DOS device is correctly named
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Richard Levitte
6eaebfaab5 OSSL_STORE "file" scheme loader: check for absolute path in URI later
If we have a local file with a name starting with 'file:', we don't
want to check if the part after 'file:' is absolute.  Instead, mark
each possibility for absolute check if needed, and perform the
absolute check later on, when checking each actual path.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Richard Levitte
ae9c39d83a OSSL_STORE: Treat URIs as files first (with exceptions), then as full URIs
To handle paths that contain devices (for example, C:/foo/bar.pem on
Windows), try to "open" the URI using the file scheme loader first,
and failing that, check if the device is really a scheme we know.

The "file" scheme does the same kind of thing to pick out the path
part of the URI.

An exception to this special treatment is if the URI has an authority
part (something that starts with "//" directly after what looks like a
scheme).  Such URIs will never be treated as plain file paths.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Richard Levitte
ba476aa32c OSSL_STORE: spell error reason correctly
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Richard Levitte
71d57be52e For Windows, use _stat rather than stat
This allows for better flexibility with mixed /M compiler flags

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3930)
2017-07-14 12:35:26 +02:00
Richard Levitte
479af76798 Fix style in crypto/store/loader_file.c
With added commenting to describe the individual decoders a little
more.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3930)
2017-07-14 12:35:26 +02:00
Richard Levitte
11d66064f3 STORE 'file' scheme loader: fix try_decode_params() to check ambiguity
The way try_decode_params works in raw more, it would take the first ASN1
that could decode and return a STORE_INFO with the resulting EVP_PKEY.
This change has it go through all the matching ASN1 methods and properly
check if there's more than one match, i.e. an ambiguity.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3863)
2017-07-05 22:38:00 +02:00
Richard Levitte
86e6cbd643 STORE 'file' scheme loader: DNS name in URI is case insensitive
...  so compare accordingly with "//localhost"

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3827)
2017-07-02 11:54:40 +02:00
Richard Levitte
4c17819c41 Add internal functions to fetch PEM data from an opened BIO
store_attach_pem_bio() creates a STORE_CTX with the 'file' scheme
loader backend in PEM reading mode on an already opened BIO.
store_detach_pem_bio() detaches the STORE_CTX from the BIO and
destroys it (without destroying the BIO).

These two functions can be used in place of STORE_open() and
STORE_close(), and are present as internal support for other OpenSSL
functions.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2745)
2017-06-29 19:25:39 +02:00
Richard Levitte
7852f588a6 Make it possible to tell the file loader to use secure memory
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3483)
2017-06-29 19:19:40 +02:00
Richard Levitte
6fc1d33c90 STORE 'file' scheme loader: refactor the treatment of matches
Sometimes, 'file_load' couldn't really distinguish if a file handler
matched the data and produced an error or if it didn't match the data
at all.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:33 +02:00
Richard Levitte
f91ded1fc4 STORE: add ENGINE information to loaders
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:32 +02:00
Richard Levitte
970f467ac3 STORE 'file' scheme loader: Add directory listing capability
This has it recognised when the given path is a directory.  In that
case, the file loader will give back a series of names, all as URI
formatted as possible given the incoming URI.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:32 +02:00
Richard Levitte
7ad2ef366c STORE 'file' scheme loader: Add handler for encrypted PKCS#8 data
Add a separate handler for encrypted PKCS#8 data.  This uses the new
restart functionality.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:32 +02:00
Richard Levitte
1aabc2445b STORE 'file' scheme loader: refactor file_load to support decoding restart
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:32 +02:00
Richard Levitte
a09003ea22 STORE 'file' scheme loader: add support for the PKCS#12 container
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:31 +02:00
Richard Levitte
e61ec2d9ba STORE 'file' scheme loader: add support for containers
Containers are objects that are containers for a bunch of other
objects with types we recognise but aren't readable in a stream.  Such
containers are read and parsed, and their content is cached, to be
served one object at a time.

This extends the FILE_HANDLER type to include a function to destroy
the cache and a function to simulate the EOF check.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:31 +02:00
Richard Levitte
9c6da42d0c Add a STORE loader for the "file" scheme
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:31 +02:00