[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Wed Aug 24 12:30:49 UTC 2016
The branch master has been updated
via c42b8a6e4bced8f6ecf0a0d9a0107e6e989da0c2 (commit)
via fe81a1b0515bf51983150dc7c428ed4c9fd31c7a (commit)
via 08f6ae5b2896a22e1e16de3e363d1ea314700b0b (commit)
from c74aea8d6ccdf07ce826a9451887739b8aa64096 (commit)
- Log -----------------------------------------------------------------
commit c42b8a6e4bced8f6ecf0a0d9a0107e6e989da0c2
Author: Matt Caswell <matt at openssl.org>
Date: Wed Aug 24 11:28:58 2016 +0100
Remove some dead code from rec_layer_s3.c
It is never valid to call ssl3_read_bytes with
type == SSL3_RT_CHANGE_CIPHER_SPEC, and in fact we check for valid values
for type near the beginning of the function. Therefore this check will never
be true and can be removed.
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit fe81a1b0515bf51983150dc7c428ed4c9fd31c7a
Author: Matt Caswell <matt at openssl.org>
Date: Wed Aug 24 11:25:23 2016 +0100
Remove useless assignment
The variable assignment c1 is never read before it is overwritten.
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 08f6ae5b2896a22e1e16de3e363d1ea314700b0b
Author: Matt Caswell <matt at openssl.org>
Date: Wed Aug 24 11:22:47 2016 +0100
Fix some resource leaks in the apps
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/cms.c | 15 +++++++++++++++
apps/req.c | 4 ++++
apps/spkac.c | 4 +++-
apps/x509.c | 4 ++++
crypto/bn/bn_mul.c | 3 +--
ssl/record/rec_layer_s3.c | 6 ------
6 files changed, 27 insertions(+), 9 deletions(-)
diff --git a/apps/cms.c b/apps/cms.c
index 52186d2..9c41a97 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -412,6 +412,11 @@ int cms_main(int argc, char **argv)
noout = print = 1;
break;
case OPT_SECRETKEY:
+ if (secret_key != NULL) {
+ /* Cannot be supplied twice */
+ BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
+ goto opthelp;
+ }
secret_key = OPENSSL_hexstr2buf(opt_arg(), <mp);
if (secret_key == NULL) {
BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
@@ -420,6 +425,11 @@ int cms_main(int argc, char **argv)
secret_keylen = (size_t)ltmp;
break;
case OPT_SECRETKEYID:
+ if (secret_keyid != NULL) {
+ /* Cannot be supplied twice */
+ BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
+ goto opthelp;
+ }
secret_keyid = OPENSSL_hexstr2buf(opt_arg(), <mp);
if (secret_keyid == NULL) {
BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
@@ -431,6 +441,11 @@ int cms_main(int argc, char **argv)
pwri_pass = (unsigned char *)opt_arg();
break;
case OPT_ECONTENT_TYPE:
+ if (econtent_type != NULL) {
+ /* Cannot be supplied twice */
+ BIO_printf(bio_err, "Invalid OID %s\n", opt_arg());
+ goto opthelp;
+ }
econtent_type = OBJ_txt2obj(opt_arg(), 0);
if (econtent_type == NULL) {
BIO_printf(bio_err, "Invalid OID %s\n", opt_arg());
diff --git a/apps/req.c b/apps/req.c
index 2666124..fb37f7d 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -295,6 +295,10 @@ int req_main(int argc, char **argv)
days = atoi(opt_arg());
break;
case OPT_SET_SERIAL:
+ if (serial != NULL) {
+ /* Cannot be supplied twice */
+ goto opthelp;
+ }
serial = s2i_ASN1_INTEGER(NULL, opt_arg());
if (serial == NULL)
goto opthelp;
diff --git a/apps/spkac.c b/apps/spkac.c
index b6fc46d..a365406 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -130,8 +130,10 @@ int spkac_main(int argc, char **argv)
spkstr = NETSCAPE_SPKI_b64_encode(spki);
out = bio_open_default(outfile, 'w', FORMAT_TEXT);
- if (out == NULL)
+ if (out == NULL) {
+ OPENSSL_free(spkstr);
goto end;
+ }
BIO_printf(out, "SPKAC=%s\n", spkstr);
OPENSSL_free(spkstr);
ret = 0;
diff --git a/apps/x509.c b/apps/x509.c
index 05aa554..9e51012 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -261,6 +261,10 @@ int x509_main(int argc, char **argv)
CAserial = opt_arg();
break;
case OPT_SET_SERIAL:
+ if (sno != NULL) {
+ /* Cannot be supplied twice */
+ goto opthelp;
+ }
if ((sno = s2i_ASN1_INTEGER(NULL, opt_arg())) == NULL)
goto opthelp;
break;
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index 66139ed..1ff8efe 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -729,9 +729,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
*/
if (l != NULL) {
lp = &(t[n2 + n]);
- c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n));
+ bn_add_words(lp, &(r[0]), &(l[0]), n);
} else {
- c1 = 0;
lp = &(r[0]);
}
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 52a8dcf..46870c0 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1159,12 +1159,6 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
* were actually expecting a CCS).
*/
- if (rr->type == SSL3_RT_HANDSHAKE && type == SSL3_RT_CHANGE_CIPHER_SPEC) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
-
/*
* Lets just double check that we've not got an SSLv2 record
*/
More information about the openssl-commits
mailing list