[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Sat Sep 19 13:15:32 UTC 2015 

The branch master has been updated
       via  a760a3805b49736632f14297a1c489290d4c1a6b (commit)
       via  331bf00bed8c2839466b608e725c8aa5ef54622c (commit)
      from  4fe1cbdff89768c5d1983988ce1022674a438bbb (commit)


- Log -----------------------------------------------------------------
commit a760a3805b49736632f14297a1c489290d4c1a6b
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Tue Sep 15 15:29:02 2015 +0100

    Print out a list of disabled features.
    
    New option "openssl list -disabled" this lists a set of disabled features
    in a form which can be conveniently parsed by the test framework so it
    knows which tests to skip.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

commit 331bf00bed8c2839466b608e725c8aa5ef54622c
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Sep 17 23:50:13 2015 +0100

    Return shared OIDs when decoding.
    
    When an OID is decoded see if it exists in the registered OID table
    and if so return the shared OID instead of dynamically allocating
    an ASN1_OBJECT.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/openssl.c         | 37 ++++++++++++++++++++++++++++++++++++-
 crypto/asn1/a_object.c | 25 ++++++++++++++++++++++++-
 2 files changed, 60 insertions(+), 2 deletions(-)

diff --git a/apps/openssl.c b/apps/openssl.c
index 58a2d0f..e96c211 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -158,6 +158,7 @@ static LHASH_OF(FUNCTION) *prog_init(void);
 static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
 static void list_pkey(void);
 static void list_type(FUNC_TYPE ft);
+static void list_disabled(void);
 char *default_config_file = NULL;
 
 static CONF *config = NULL;
@@ -479,7 +480,7 @@ typedef enum HELPLIST_CHOICE {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
     OPT_COMMANDS, OPT_DIGEST_COMMANDS,
     OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS,
-    OPT_PK_ALGORITHMS
+    OPT_PK_ALGORITHMS, OPT_DISABLED
 } HELPLIST_CHOICE;
 
 OPTIONS list_options[] = {
@@ -494,6 +495,8 @@ OPTIONS list_options[] = {
      "List of cipher algorithms"},
     {"public-key-algorithms", OPT_PK_ALGORITHMS, '-',
      "List of public key algorithms"},
+    {"disabled", OPT_DISABLED, '-',
+     "List of disabled features"},
     {NULL}
 };
 
@@ -530,6 +533,9 @@ int list_main(int argc, char **argv)
         case OPT_PK_ALGORITHMS:
             list_pkey();
             break;
+        case OPT_DISABLED:
+            list_disabled();
+            break;
         }
     }
 
@@ -714,6 +720,35 @@ static int SortFnByName(const void *_f1, const void *_f2)
     return strcmp(f1->name, f2->name);
 }
 
+static void list_disabled(void)
+{
+BIO_puts(bio_out, "Disabled algorithms:\n");
+#ifdef OPENSSL_NO_DH
+    BIO_puts(bio_out, "DH\n");
+#endif
+#ifdef OPENSSL_NO_DSA
+    BIO_puts(bio_out, "DSA\n");
+#endif
+#ifdef OPENSSL_NO_RSA
+    BIO_puts(bio_out, "RSA\n");
+#endif
+#ifdef OPENSSL_NO_EC
+    BIO_puts(bio_out, "EC\n");
+#endif
+#ifdef OPENSSL_NO_EC2M
+    BIO_puts(bio_out, "EC2M\n");
+#endif
+#ifndef ZLIB
+    BIO_puts(bio_out, "ZLIB\n");
+#endif
+#ifdef OPENSSL_NO_PSK
+    BIO_puts(bio_out, "PSK\n");
+#endif
+#ifdef OPENSSL_NO_SRP
+    BIO_puts(bio_out, "SRP\n");
+#endif
+}
+
 static LHASH_OF(FUNCTION) *prog_init(void)
 {
     LHASH_OF(FUNCTION) *ret;
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 44473dc..80b5055 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -271,7 +271,7 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
                              long len)
 {
-    ASN1_OBJECT *ret = NULL;
+    ASN1_OBJECT *ret = NULL, tobj;
     const unsigned char *p;
     unsigned char *data;
     int i, length;
@@ -288,6 +288,29 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
     }
     /* Now 0 < len <= INT_MAX, so the cast is safe. */
     length = (int)len;
+    /*
+     * Try to lookup OID in table: these are all valid encodings so if we get
+     * a match we know the OID is valid.
+     */
+    tobj.nid = NID_undef;
+    tobj.data = p;
+    tobj.length = length;
+    tobj.flags = 0;
+    i = OBJ_obj2nid(&tobj);
+    if (i != NID_undef) {
+        /*
+         * Return shared registered OID object: this improves efficiency
+         * because we don't have to return a dynamically allocated OID
+         * and NID lookups can use the cached value.
+         */
+        ret = OBJ_nid2obj(i);
+        if (a) {
+            ASN1_OBJECT_free(*a);
+            *a = ret;
+        }
+        *pp += len;
+        return ret;
+    }
     for (i = 0; i < length; i++, p++) {
         if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
             ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);

More information about the openssl-commits mailing list