[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sat Oct 7 17:50:49 UTC 2017


The branch master has been updated
       via  fa4dd546c531ba2ec886531aa5adfd480ed2a094 (commit)
      from  6447e8184cf6deca233d38ab3e9c9aa6ba60e9a5 (commit)


- Log -----------------------------------------------------------------
commit fa4dd546c531ba2ec886531aa5adfd480ed2a094
Author: Rich Salz <rsalz at openssl.org>
Date:   Fri Oct 6 11:06:12 2017 -0400

    Rewrite some code
    
    Rewrite the -req-nodes flag from CA.pl (idea from Andy)
    Rewrite ERR_string_error_n
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4478)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES          |  4 ++++
 apps/CA.pl.in    |  8 ++------
 crypto/err/err.c | 54 +++++++++++++++++++-----------------------------------
 3 files changed, 25 insertions(+), 41 deletions(-)

diff --git a/CHANGES b/CHANGES
index f1de3e7..892b788 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
 
+  *) Reimplement -newreq-nodes and ERR_error_string_n; the
+     original author does not agree with the license change.
+     [Rich Salz]
+
   *) Add ARIA AEAD TLS support.
      [Jon Spillett]
 
diff --git a/apps/CA.pl.in b/apps/CA.pl.in
index ddbc70d..b5c4f59 100644
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -127,13 +127,9 @@ if ($WHAT eq '-newcert' ) {
     # create a pre-certificate
     $RET = run("$REQ -x509 -precert -keyout $NEWKEY -out $NEWCERT $DAYS");
     print "Pre-cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;
-} elsif ($WHAT eq '-newreq' ) {
+} elsif ($WHAT =~ /\-newreq(\-nodes)?/ ) {
     # create a certificate request
-    $RET = run("$REQ -new -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
-    print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0;
-} elsif ($WHAT eq '-newreq-nodes' ) {
-    # create a certificate request
-    $RET = run("$REQ -new -nodes -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
+    $RET = run("$REQ -new $1 -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
     print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0;
 } elsif ($WHAT eq '-newca' ) {
     # create the directory hierarchy
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 58a58c2..860b467 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -542,45 +542,30 @@ void ERR_error_string_n(unsigned long e, char *buf, size_t len)
         return;
 
     l = ERR_GET_LIB(e);
-    f = ERR_GET_FUNC(e);
-    r = ERR_GET_REASON(e);
-
     ls = ERR_lib_error_string(e);
-    fs = ERR_func_error_string(e);
-    rs = ERR_reason_error_string(e);
-
-    if (ls == NULL)
+    if (ls == NULL) {
         BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
-    if (fs == NULL)
+        ls = lsbuf;
+    }
+
+    fs = ERR_func_error_string(e);
+    f = ERR_GET_FUNC(e);
+    if (fs == NULL) {
         BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
-    if (rs == NULL)
+        fs = fsbuf;
+    }
+
+    rs = ERR_reason_error_string(e);
+    r = ERR_GET_REASON(e);
+    if (rs == NULL) {
         BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
+        rs = rsbuf;
+    }
 
-    BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf,
-                 fs ? fs : fsbuf, rs ? rs : rsbuf);
+    BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, fs, rs);
     if (strlen(buf) == len - 1) {
-        /*
-         * output may be truncated; make sure we always have 5
-         * colon-separated fields, i.e. 4 colons ...
-         */
-#define NUM_COLONS 4
-        if (len > NUM_COLONS) { /* ... if possible */
-            int i;
-            char *s = buf;
-
-            for (i = 0; i < NUM_COLONS; i++) {
-                char *colon = strchr(s, ':');
-                if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) {
-                    /*
-                     * set colon no. i at last possible position (buf[len-1]
-                     * is the terminating 0)
-                     */
-                    colon = &buf[len - 1] - NUM_COLONS + i;
-                    *colon = ':';
-                }
-                s = colon + 1;
-            }
-        }
+        /* Didn't fit; use a minimal format. */
+        BIO_snprintf(buf, len, "err:%lx:%lx:%lx:%lx", e, l, f, r);
     }
 }
 
@@ -594,8 +579,7 @@ char *ERR_error_string(unsigned long e, char *ret)
 
     if (ret == NULL)
         ret = buf;
-    ERR_error_string_n(e, ret, 256);
-
+    ERR_error_string_n(e, ret, (int)sizeof(buf));
     return ret;
 }
 


More information about the openssl-commits mailing list