[openssl-commits] [openssl] master update

Richard Levitte levitte at openssl.org
Tue Aug 15 12:29:24 UTC 2017 

The branch master has been updated
       via  140dab3d3a099feb38d5987adb471c61a8eabb4b (commit)
       via  e1a4ff7678ef8fd2d67416f84a7408e826c7dccc (commit)
      from  9237173eeba0a99de0d7a50f7b4a6149e983f866 (commit)


- Log -----------------------------------------------------------------
commit 140dab3d3a099feb38d5987adb471c61a8eabb4b
Author: Richard Levitte <levitte at openssl.org>
Date:   Sat Aug 5 14:56:13 2017 +0200

    Clear error stack on successful OSSL_STORE_open()
    
    Since OSSL_STORE_open() tries with the 'file' scheme loader first, and
    then on the loader implied by the URI if the former fails, the former
    leaves an error on the error stack.  This is confusing, so let's clear
    the error stack on success.  The implementation uses ERR_set_mark,
    ERR_pop_to_mark and ERR_clear_last_mark to make sure caller errors are
    preserved as much as possible.
    
    Fixes #4089
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4094)

commit e1a4ff7678ef8fd2d67416f84a7408e826c7dccc
Author: Richard Levitte <levitte at openssl.org>
Date:   Sat Aug 5 21:47:00 2017 +0200

    Add ERR_clear_last_mark()
    
    This allows callers to set a mark, and then clear it without removing
    the errors.  Useful in case an error is encountered that should be
    returned up the call stack.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4094)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES                  |  4 ++++
 crypto/err/err.c         | 23 +++++++++++++++++++++++
 crypto/store/store_lib.c | 21 ++++++++++++++++-----
 include/openssl/err.h    |  1 +
 util/libcrypto.num       |  1 +
 5 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/CHANGES b/CHANGES
index ce2d9c5..f9b58f9 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
 
+  *) Add ERR_clear_last_mark(), to allow callers to clear the last mark
+     without clearing the errors.
+     [Richard Levitte]
+
   *) Add "atfork" functions.  If building on a system that without
      pthreads, see doc/man3/OPENSSL_fork_prepare.pod for application
      requirements.  The RAND facility now uses/requires this.
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 9db3530..07911e2 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -812,3 +812,26 @@ int ERR_pop_to_mark(void)
     es->err_flags[es->top] &= ~ERR_FLAG_MARK;
     return 1;
 }
+
+int ERR_clear_last_mark(void)
+{
+    ERR_STATE *es;
+    int top;
+
+    es = ERR_get_state();
+    if (es == NULL)
+        return 0;
+
+    top = es->top;
+    while (es->bottom != top
+           && (es->err_flags[top] & ERR_FLAG_MARK) == 0) {
+        top -= 1;
+        if (top == -1)
+            top = ERR_NUM_ERRORS - 1;
+    }
+
+    if (es->bottom == top)
+        return 0;
+    es->err_flags[top] &= ~ERR_FLAG_MARK;
+    return 1;
+}
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index b982e9c..6f789eb 100644
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -64,28 +64,39 @@ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
         }
     }
 
+    ERR_set_mark();
+
     /* Try each scheme until we find one that could open the URI */
     for (i = 0; loader_ctx == NULL && i < schemes_n; i++) {
         if ((loader = ossl_store_get0_loader_int(schemes[i])) != NULL)
             loader_ctx = loader->open(loader, uri, ui_method, ui_data);
     }
     if (loader_ctx == NULL)
-        goto done;
+        goto err;
 
     if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
         OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_OPEN, ERR_R_MALLOC_FAILURE);
-        goto done;
+        goto err;
     }
 
     ctx->loader = loader;
     ctx->loader_ctx = loader_ctx;
-    loader_ctx = NULL;
     ctx->ui_method = ui_method;
     ctx->ui_data = ui_data;
     ctx->post_process = post_process;
     ctx->post_process_data = post_process_data;
 
- done:
+    /*
+     * If the attempt to open with the 'file' scheme loader failed and the
+     * other scheme loader succeeded, the failure to open with the 'file'
+     * scheme loader leaves an error on the error stack.  Let's remove it.
+     */
+    ERR_pop_to_mark();
+
+    return ctx;
+
+ err:
+    ERR_clear_last_mark();
     if (loader_ctx != NULL) {
         /*
          * We ignore a returned error because we will return NULL anyway in
@@ -94,7 +105,7 @@ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
          */
         (void)loader->close(loader_ctx);
     }
-    return ctx;
+    return NULL;
 }
 
 int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ...)
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 8b266f9..a602660 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -262,6 +262,7 @@ int ERR_get_next_error_library(void);
 
 int ERR_set_mark(void);
 int ERR_pop_to_mark(void);
+int ERR_clear_last_mark(void);
 
 #ifdef  __cplusplus
 }
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 995cbc6..c7f1905 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4381,3 +4381,4 @@ ASN1_TIME_cmp_time_t                    4324	1_1_1	EXIST::FUNCTION:
 ASN1_TIME_compare                       4325	1_1_1	EXIST::FUNCTION:
 EVP_PKEY_CTX_ctrl_uint64                4326	1_1_1	EXIST::FUNCTION:
 EVP_DigestFinalXOF                      4327	1_1_1	EXIST::FUNCTION:
+ERR_clear_last_mark                     4328	1_1_1	EXIST::FUNCTION:

More information about the openssl-commits mailing list