[openssl-commits] [openssl] master update

Viktor Dukhovni viktor at openssl.org
Thu Apr 19 02:30:35 UTC 2018 

The branch master has been updated
       via  a4107d73d597a6f8754f7cf5c8c53d2097bea652 (commit)
      from  cb1b2cafe11f2008b0acc91726a6a6760f16fe28 (commit)


- Log -----------------------------------------------------------------
commit a4107d73d597a6f8754f7cf5c8c53d2097bea652
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date:   Wed Apr 18 19:52:26 2018 -0400

    Add missing index_index() when reloading OCSP responder
    
    Also, future-proof index_index() return codes by requiring success
    to return a positive value.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.c | 3 +++
 apps/ca.c   | 4 ++--
 apps/ocsp.c | 5 +++--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/apps/apps.c b/apps/apps.c
index 5a32dc0..6ae8523 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1597,6 +1597,9 @@ CA_DB *load_index(const char *dbfile, DB_ATTR *db_attr)
     return retdb;
 }
 
+/*
+ * Returns > 0 on success, <= 0 on error
+ */
 int index_index(CA_DB *db)
 {
     if (!TXT_DB_create_index(db->db, DB_serial, NULL,
diff --git a/apps/ca.c b/apps/ca.c
index d530cf5..1c053b5 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -498,7 +498,7 @@ end_of_options:
         if (db == NULL)
             goto end;
 
-        if (!index_index(db))
+        if (index_index(db) <= 0)
             goto end;
 
         if (get_certificate_status(ser_status, db) != 1)
@@ -672,7 +672,7 @@ end_of_options:
         BIO_printf(bio_err, "generating index\n");
     }
 
-    if (!index_index(db))
+    if (index_index(db) <= 0)
         goto end;
 
     /*****************************************************************/
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 3c5534a..83461c7 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -559,7 +559,7 @@ int ocsp_main(int argc, char **argv)
 
     if (ridx_filename != NULL) {
         rdb = load_index(ridx_filename, NULL);
-        if (rdb == NULL || !index_index(rdb)) {
+        if (rdb == NULL || index_index(rdb) <= 0) {
             ret = 1;
             goto end;
         }
@@ -582,10 +582,11 @@ redo_accept:
         if (index_changed(rdb)) {
             CA_DB *newrdb = load_index(ridx_filename, NULL);
 
-            if (newrdb != NULL) {
+            if (newrdb != NULL && index_index(newrdb) > 0) {
                 free_index(rdb);
                 rdb = newrdb;
             } else {
+                free_index(newrdb);
                 log_message(LOG_ERR, "error reloading updated index: %s",
                             ridx_filename);
             }

More information about the openssl-commits mailing list