[openssl] master update

dev at ddvo.net dev at ddvo.net
Mon Feb 22 07:50:46 UTC 2021


The branch master has been updated
       via  7f90026b3fca9cfd3d9098d358d949d37509a2e5 (commit)
      from  4718326a46ad460fefc5cc240a8599af4b5993c7 (commit)


- Log -----------------------------------------------------------------
commit 7f90026b3fca9cfd3d9098d358d949d37509a2e5
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Thu Jan 21 12:36:58 2021 +0100

    Handle NULL result of ERR_reason_error_string() in some apps
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/13920)

-----------------------------------------------------------------------

Summary of changes:
 apps/pkey.c           | 11 ++---------
 apps/pkeyparam.c      | 10 ++--------
 apps/rsa.c            | 13 +++----------
 crypto/bio/b_sock2.c  |  2 +-
 crypto/cmp/cmp_util.c | 25 ++++++++++++++++++++-----
 test/cmp_ctx_test.c   |  6 +++---
 6 files changed, 31 insertions(+), 36 deletions(-)

diff --git a/apps/pkey.c b/apps/pkey.c
index 1a53447401..5cf0abe04b 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -258,15 +258,8 @@ int pkey_main(int argc, char **argv)
              * Note: at least for RSA keys if this function returns
              * -1, there will be no error reasons.
              */
-            unsigned long err;
-
-            BIO_printf(out, "Key is invalid\n");
-
-            while ((err = ERR_peek_error()) != 0) {
-                BIO_printf(out, "Detailed error: %s\n",
-                           ERR_reason_error_string(err));
-                ERR_get_error(); /* remove err from error stack */
-            }
+            BIO_printf(bio_err, "Key is invalid\n");
+            ERR_print_errors(bio_err);
             goto end;
         }
     }
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 42de552753..ef1a082d62 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -52,7 +52,6 @@ int pkeyparam_main(int argc, char **argv)
     int text = 0, noout = 0, ret = EXIT_FAILURE, check = 0, r;
     OPTION_CHOICE o;
     char *infile = NULL, *outfile = NULL, *prog;
-    unsigned long err;
 
     prog = opt_init(argc, argv, pkeyparam_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -125,13 +124,8 @@ int pkeyparam_main(int argc, char **argv)
              * Note: at least for RSA keys if this function returns
              * -1, there will be no error reasons.
              */
-            BIO_printf(out, "Parameters are invalid\n");
-
-            while ((err = ERR_peek_error()) != 0) {
-                BIO_printf(out, "Detailed error: %s\n",
-                           ERR_reason_error_string(err));
-                ERR_get_error(); /* remove err from error stack */
-            }
+            BIO_printf(bio_err, "Parameters are invalid\n");
+            ERR_print_errors(bio_err);
             goto end;
         }
     }
diff --git a/apps/rsa.c b/apps/rsa.c
index 499013bae4..251f84f210 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -259,7 +259,7 @@ int rsa_main(int argc, char **argv)
 
         pctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);
         if (pctx == NULL) {
-            BIO_printf(out, "RSA unable to create PKEY context\n");
+            BIO_printf(bio_err, "RSA unable to create PKEY context\n");
             ERR_print_errors(bio_err);
             goto end;
         }
@@ -269,15 +269,8 @@ int rsa_main(int argc, char **argv)
         if (r == 1) {
             BIO_printf(out, "RSA key ok\n");
         } else if (r == 0) {
-            unsigned long err;
-
-            while ((err = ERR_peek_error()) != 0 &&
-                   ERR_GET_LIB(err) == ERR_LIB_RSA &&
-                   ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
-                BIO_printf(out, "RSA key error: %s\n",
-                           ERR_reason_error_string(err));
-                ERR_get_error(); /* remove err from error stack */
-            }
+            BIO_printf(bio_err, "RSA key not ok\n");
+            ERR_print_errors(bio_err);
         } else if (r == -1) {
             ERR_print_errors(bio_err);
             goto end;
diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c
index c9f7c2cfe5..1817d9dd0f 100644
--- a/crypto/bio/b_sock2.c
+++ b/crypto/bio/b_sock2.c
@@ -175,7 +175,7 @@ int BIO_bind(int sock, const BIO_ADDR *addr, int options)
 # endif
 
     if (bind(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) != 0) {
-        ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+        ERR_raise_data(ERR_LIB_SYS, get_last_socket_error() /* may be 0 */,
                        "calling bind()");
         ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_BIND_SOCKET);
         return 0;
diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c
index d246047943..81c7d02d88 100644
--- a/crypto/cmp/cmp_util.c
+++ b/crypto/cmp/cmp_util.c
@@ -155,12 +155,27 @@ void OSSL_CMP_print_errors_cb(OSSL_CMP_log_cb_t log_fn)
     while ((err = ERR_get_error_all(&file, &line, &func, &data, &flags)) != 0) {
         const char *component =
             improve_location_name(func, ERR_lib_error_string(err));
+        unsigned long reason = ERR_GET_REASON(err);
+        const char *rs = NULL;
+        char rsbuf[256];
+
+#ifndef OPENSSL_NO_ERR
+        if (ERR_SYSTEM_ERROR(err)) {
+            if (openssl_strerror_r(reason, rsbuf, sizeof(rsbuf)))
+                rs = rsbuf;
+        } else {
+            rs = ERR_reason_error_string(err);
+        }
+#endif
+        if (rs == NULL) {
+            BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", reason);
+            rs = rsbuf;
+        }
+        if (data != NULL && (flags & ERR_TXT_STRING) != 0)
+            BIO_snprintf(msg, sizeof(msg), "%s:%s", rs, data);
+        else
+            BIO_snprintf(msg, sizeof(msg), "%s", rs);
 
-        if (!(flags & ERR_TXT_STRING))
-            data = NULL;
-        BIO_snprintf(msg, sizeof(msg), "%s%s%s", ERR_reason_error_string(err),
-                     data == NULL || *data == '\0' ? "" : " : ",
-                     data == NULL ? "" : data);
         if (log_fn == NULL) {
 #ifndef OPENSSL_NO_STDIO
             BIO *bio = BIO_new_fp(stderr, BIO_NOCLOSE);
diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c
index 3ea3013abe..e841f029ce 100644
--- a/test/cmp_ctx_test.c
+++ b/test/cmp_ctx_test.c
@@ -158,8 +158,8 @@ static int execute_CTX_print_errors_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture)
         ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
         base_err_msg_size += strlen("NULL_ARGUMENT");
         expected_size = base_err_msg_size;
-        ossl_cmp_add_error_data("data1"); /* should prepend separator " : " */
-        expected_size += strlen(" : " "data1");
+        ossl_cmp_add_error_data("data1"); /* should prepend separator ":" */
+        expected_size += strlen(":" "data1");
         ossl_cmp_add_error_data("data2"); /* should prepend separator " : " */
         expected_size += strlen(" : " "data2");
         ossl_cmp_add_error_line("new line"); /* should prepend separator "\n" */
@@ -169,7 +169,7 @@ static int execute_CTX_print_errors_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture)
             res = 0;
 
         ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS);
-        base_err_msg_size = strlen("INVALID_ARGS") + strlen(" : ");
+        base_err_msg_size = strlen("INVALID_ARGS") + strlen(":");
         expected_size = base_err_msg_size;
         while (expected_size < 4096) { /* force split */
             ERR_add_error_txt(STR_SEP, max_str_literal);


More information about the openssl-commits mailing list