[openssl] master update

Richard Levitte levitte at openssl.org
Fri Sep 13 07:30:36 UTC 2019


The branch master has been updated
       via  3c90534830fdb0cc0e790dd1d5fa2a90e1375e87 (commit)
       via  e5d4233fbd07eac52227c7ec5f479a46f15914bf (commit)
       via  14e275e8fb736be4ea83441b630515f7be97d06b (commit)
      from  1f86b8228b49938e0e368f361202570d7eab5806 (commit)


- Log -----------------------------------------------------------------
commit 3c90534830fdb0cc0e790dd1d5fa2a90e1375e87
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Aug 1 12:03:57 2019 +0200

    Document the deprecation of ERR_STATE and ERR_get_state()
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9462)

commit e5d4233fbd07eac52227c7ec5f479a46f15914bf
Author: Richard Levitte <levitte at openssl.org>
Date:   Fri Jul 26 18:11:55 2019 +0200

    Deprecate ERR_get_state()
    
    Internally, we still need this function, so we make it internal and
    then add a new ERR_get_state() that simply calls the internal variant,
    unless it's "removed" by configuration.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9462)

commit 14e275e8fb736be4ea83441b630515f7be97d06b
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Jul 25 21:57:48 2019 +0200

    Deprecate the public definition of ERR_STATE
    
    The intention is to make it opaque later on.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9462)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES                    |  5 +++++
 crypto/err/err.c           | 32 +++++++++++++++++++++++---------
 crypto/err/err_blocks.c    |  9 ++++++---
 crypto/err/err_locl.h      |  2 ++
 crypto/err/err_prn.c       |  3 +++
 fuzz/asn1.c                |  2 +-
 fuzz/asn1parse.c           |  2 +-
 fuzz/bignum.c              |  2 +-
 fuzz/bndiv.c               |  2 +-
 fuzz/client.c              |  2 +-
 fuzz/cms.c                 |  2 +-
 fuzz/conf.c                |  2 +-
 fuzz/crl.c                 |  2 +-
 fuzz/ct.c                  |  2 +-
 fuzz/server.c              |  2 +-
 fuzz/x509.c                |  2 +-
 include/openssl/err.h      | 14 ++++++++------
 include/openssl/ossl_typ.h |  2 ++
 util/libcrypto.num         |  2 +-
 19 files changed, 61 insertions(+), 30 deletions(-)

diff --git a/CHANGES b/CHANGES
index 7b325171fb..65b344efe4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,11 @@
 
  Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
 
+  *) Deprecated the public definition of ERR_STATE as well as the function
+     ERR_get_state().  This is done in preparation of making ERR_STATE an
+     opaque type.
+     [Richard Levitte]
+
   *) Added ERR functionality to give callers access to the stored function
      names that have replaced the older function code based functions.
 
diff --git a/crypto/err/err.c b/crypto/err/err.c
index deaa579090..51115fd00a 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -7,6 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
+/* TODO: When ERR_STATE becomes opaque, this musts be removed */
+#define OSSL_FORCE_ERR_STATE
+
 #include <stdio.h>
 #include <stdarg.h>
 #include <string.h>
@@ -24,6 +27,9 @@
 #include "e_os.h"
 #include "err_locl.h"
 
+/* Forward declaration in case it's not published because of configuration */
+ERR_STATE *ERR_get_state(void);
+
 static int err_load_strings(const ERR_STRING_DATA *str);
 
 static void ERR_STATE_free(ERR_STATE *s);
@@ -359,7 +365,7 @@ void ERR_clear_error(void)
     int i;
     ERR_STATE *es;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return;
 
@@ -482,7 +488,7 @@ static unsigned long get_error_values(int inc, int top, const char **file,
     ERR_STATE *es;
     unsigned long ret;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return 0;
 
@@ -679,7 +685,7 @@ DEFINE_RUN_ONCE_STATIC(err_do_init)
     return CRYPTO_THREAD_init_local(&err_thread_local, NULL);
 }
 
-ERR_STATE *ERR_get_state(void)
+ERR_STATE *err_get_state_int(void)
 {
     ERR_STATE *state;
     int saveerrno = get_last_sys_error();
@@ -718,6 +724,14 @@ ERR_STATE *ERR_get_state(void)
     return state;
 }
 
+#if !OPENSSL_API_3
+ERR_STATE *ERR_get_state(void)
+{
+    return err_get_state_int();
+}
+#endif
+
+
 /*
  * err_shelve_state returns the current thread local error state
  * and freezes the error module until err_unshelve_state is called.
@@ -780,7 +794,7 @@ static int err_set_error_data_int(char *data, size_t size, int flags,
 {
     ERR_STATE *es;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return 0;
 
@@ -825,7 +839,7 @@ void ERR_add_error_vdata(int num, va_list args)
     ERR_STATE *es;
 
     /* Get the current error data; if an allocated string get it. */
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return;
     i = es->top;
@@ -880,7 +894,7 @@ int ERR_set_mark(void)
 {
     ERR_STATE *es;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return 0;
 
@@ -894,7 +908,7 @@ int ERR_pop_to_mark(void)
 {
     ERR_STATE *es;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return 0;
 
@@ -915,7 +929,7 @@ int ERR_clear_last_mark(void)
     ERR_STATE *es;
     int top;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return 0;
 
@@ -936,7 +950,7 @@ void err_clear_last_constant_time(int clear)
     ERR_STATE *es;
     int top;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return;
 
diff --git a/crypto/err/err_blocks.c b/crypto/err/err_blocks.c
index cf1bb9708a..e50f580b33 100644
--- a/crypto/err/err_blocks.c
+++ b/crypto/err/err_blocks.c
@@ -7,6 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
+/* TODO: When ERR_STATE becomes opaque, this musts be removed */
+#define OSSL_FORCE_ERR_STATE
+
 #include <string.h>
 #include <openssl/err.h>
 #include "err_locl.h"
@@ -15,7 +18,7 @@ void ERR_new(void)
 {
     ERR_STATE *es;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return;
 
@@ -28,7 +31,7 @@ void ERR_set_debug(const char *file, int line, const char *func)
 {
     ERR_STATE *es;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return;
 
@@ -52,7 +55,7 @@ void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
     unsigned long flags = 0;
     size_t i;
 
-    es = ERR_get_state();
+    es = err_get_state_int();
     if (es == NULL)
         return;
     i = es->top;
diff --git a/crypto/err/err_locl.h b/crypto/err/err_locl.h
index d45a00e746..0374bf6a6f 100644
--- a/crypto/err/err_locl.h
+++ b/crypto/err/err_locl.h
@@ -66,3 +66,5 @@ static ossl_inline void err_clear(ERR_STATE *es, size_t i, int deall)
     es->err_file[i] = NULL;
     es->err_line[i] = -1;
 }
+
+ERR_STATE *err_get_state_int(void);
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
index 9ea3eb3dee..1e1531b91d 100644
--- a/crypto/err/err_prn.c
+++ b/crypto/err/err_prn.c
@@ -7,6 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
+/* TODO: When ERR_STATE becomes opaque, this musts be removed */
+#define OSSL_FORCE_ERR_STATE
+
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/crypto.h>
diff --git a/fuzz/asn1.c b/fuzz/asn1.c
index 54cd0fcf82..4a5458af3e 100644
--- a/fuzz/asn1.c
+++ b/fuzz/asn1.c
@@ -283,7 +283,7 @@ int FuzzerInitialize(int *argc, char ***argv)
 
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     FuzzerSetRand();
 
diff --git a/fuzz/asn1parse.c b/fuzz/asn1parse.c
index 8aab0d2f1c..ac888e535a 100644
--- a/fuzz/asn1parse.c
+++ b/fuzz/asn1parse.c
@@ -25,7 +25,7 @@ int FuzzerInitialize(int *argc, char ***argv)
 {
     bio_out = BIO_new_file("/dev/null", "w");
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     return 1;
 }
diff --git a/fuzz/bignum.c b/fuzz/bignum.c
index 3de6a89846..d7c3716aac 100644
--- a/fuzz/bignum.c
+++ b/fuzz/bignum.c
@@ -22,7 +22,7 @@
 int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
 
     return 1;
 }
diff --git a/fuzz/bndiv.c b/fuzz/bndiv.c
index 70636d4fee..d9467b5e8b 100644
--- a/fuzz/bndiv.c
+++ b/fuzz/bndiv.c
@@ -38,7 +38,7 @@ int FuzzerInitialize(int *argc, char ***argv)
     ctx = BN_CTX_new();
 
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
 
     return 1;
 }
diff --git a/fuzz/client.c b/fuzz/client.c
index 5483c6a00b..451989773a 100644
--- a/fuzz/client.c
+++ b/fuzz/client.c
@@ -44,7 +44,7 @@ int FuzzerInitialize(int *argc, char ***argv)
 
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL);
     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     idx = SSL_get_ex_data_X509_STORE_CTX_idx();
     FuzzerSetRand();
diff --git a/fuzz/cms.c b/fuzz/cms.c
index 479ce02e03..d464429a54 100644
--- a/fuzz/cms.c
+++ b/fuzz/cms.c
@@ -20,7 +20,7 @@
 int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     return 1;
 }
diff --git a/fuzz/conf.c b/fuzz/conf.c
index 0739080f0f..72e4b358fd 100644
--- a/fuzz/conf.c
+++ b/fuzz/conf.c
@@ -19,7 +19,7 @@
 int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     return 1;
 }
 
diff --git a/fuzz/crl.c b/fuzz/crl.c
index e174180c9e..9e18dcb94b 100644
--- a/fuzz/crl.c
+++ b/fuzz/crl.c
@@ -16,7 +16,7 @@
 int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     return 1;
 }
diff --git a/fuzz/ct.c b/fuzz/ct.c
index a735fff85e..b37b11039c 100644
--- a/fuzz/ct.c
+++ b/fuzz/ct.c
@@ -21,7 +21,7 @@ int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
     CRYPTO_free_ex_index(0, -1);
-    ERR_get_state();
+    ERR_clear_error();
     return 1;
 }
 
diff --git a/fuzz/server.c b/fuzz/server.c
index 953da48f5b..335f1f165d 100644
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -491,7 +491,7 @@ int FuzzerInitialize(int *argc, char ***argv)
 
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL);
     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     idx = SSL_get_ex_data_X509_STORE_CTX_idx();
     FuzzerSetRand();
diff --git a/fuzz/x509.c b/fuzz/x509.c
index 3dbeb236e3..858ad61bbf 100644
--- a/fuzz/x509.c
+++ b/fuzz/x509.c
@@ -19,7 +19,7 @@
 int FuzzerInitialize(int *argc, char ***argv)
 {
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
-    ERR_get_state();
+    ERR_clear_error();
     CRYPTO_free_ex_index(0, -1);
     FuzzerSetRand();
     return 1;
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 2b4a71a9a4..d7427898c8 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -38,11 +38,12 @@ extern "C" {
 # define ERR_TXT_MALLOCED        0x01
 # define ERR_TXT_STRING          0x02
 
-# define ERR_FLAG_MARK           0x01
-# define ERR_FLAG_CLEAR          0x02
+# if !OPENSSL_API_3 || defined(OSSL_FORCE_ERR_STATE)
+#  define ERR_FLAG_MARK           0x01
+#  define ERR_FLAG_CLEAR          0x02
 
-# define ERR_NUM_ERRORS  16
-typedef struct err_state_st {
+#  define ERR_NUM_ERRORS  16
+struct err_state_st {
     int err_flags[ERR_NUM_ERRORS];
     unsigned long err_buffer[ERR_NUM_ERRORS];
     char *err_data[ERR_NUM_ERRORS];
@@ -52,7 +53,8 @@ typedef struct err_state_st {
     int err_line[ERR_NUM_ERRORS];
     const char *err_func[ERR_NUM_ERRORS];
     int top, bottom;
-} ERR_STATE;
+};
+# endif
 
 /* library */
 # define ERR_LIB_NONE            1
@@ -331,7 +333,7 @@ int ERR_load_ERR_strings(void);
 
 DEPRECATEDIN_1_1_0(void ERR_remove_thread_state(void *))
 DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid))
-ERR_STATE *ERR_get_state(void);
+DEPRECATEDIN_3(ERR_STATE *ERR_get_state(void))
 
 int ERR_get_next_error_library(void);
 
diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h
index 530de2d20c..70d9144ba1 100644
--- a/include/openssl/ossl_typ.h
+++ b/include/openssl/ossl_typ.h
@@ -88,6 +88,8 @@ typedef struct bn_gencb_st BN_GENCB;
 
 typedef struct buf_mem_st BUF_MEM;
 
+typedef struct err_state_st ERR_STATE;
+
 typedef struct evp_cipher_st EVP_CIPHER;
 typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
 typedef struct evp_md_st EVP_MD;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index cadc4a57ba..71e650e933 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -2213,7 +2213,7 @@ EVP_PKEY_missing_parameters             2261	3_0_0	EXIST::FUNCTION:
 X509_REQ_INFO_new                       2262	3_0_0	EXIST::FUNCTION:
 EVP_rc2_cfb64                           2263	3_0_0	EXIST::FUNCTION:RC2
 PKCS7_get_smimecap                      2264	3_0_0	EXIST::FUNCTION:
-ERR_get_state                           2265	3_0_0	EXIST::FUNCTION:
+ERR_get_state                           2265	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3
 d2i_DSAPrivateKey_bio                   2266	3_0_0	EXIST::FUNCTION:DSA
 X509_PURPOSE_get_trust                  2267	3_0_0	EXIST::FUNCTION:
 EC_GROUP_get_point_conversion_form      2268	3_0_0	EXIST::FUNCTION:EC


More information about the openssl-commits mailing list