[openssl] master update
tmraz at fedoraproject.org
tmraz at fedoraproject.org
Wed Nov 11 15:07:45 UTC 2020
The branch master has been updated
via d8701e25239dc3d0c9d871e53873f592420f71d0 (commit)
via 368d9e030fac7355f0d1d24fb5059bf0c848fe4f (commit)
via 69d16b70cf84f0e290990de424274fde20420b78 (commit)
from 122e81f0705e74a2019c482e5122bbd9195ea1af (commit)
- Log -----------------------------------------------------------------
commit d8701e25239dc3d0c9d871e53873f592420f71d0
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Tue Nov 3 18:51:38 2020 +0100
Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
Also check for malloc failure and do not add '/' when
$OPENSSL_CONF_INCLUDE already ends with directory separator.
Fixes #13302
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
commit 368d9e030fac7355f0d1d24fb5059bf0c848fe4f
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Tue Nov 3 18:34:16 2020 +0100
Add ossl_is_absolute_path function to detect absolute paths
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
commit 69d16b70cf84f0e290990de424274fde20420b78
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Tue Nov 3 18:15:46 2020 +0100
Avoid duplicate ends_with_dirsep functions
Refactor them into inline ossl_ends_with_dirsep function in
internal/cryptlib.h.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
-----------------------------------------------------------------------
Summary of changes:
crypto/conf/conf_def.c | 11 ++++--
doc/internal/man3/ossl_ends_with_dirsep.pod | 45 ++++++++++++++++++++++++
engines/e_loader_attic.c | 16 +--------
include/internal/cryptlib.h | 30 ++++++++++++++++
providers/implementations/storemgmt/file_store.c | 17 ++-------
5 files changed, 87 insertions(+), 32 deletions(-)
create mode 100644 doc/internal/man3/ossl_ends_with_dirsep.pod
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 63dfaef4d8..dd2d16647a 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -414,12 +414,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
if (!str_copy(conf, psection, &include, p))
goto err;
- if (include_dir != NULL) {
+ if (include_dir != NULL && !ossl_is_absolute_path(include)) {
size_t newlen = strlen(include_dir) + strlen(include) + 2;
include_path = OPENSSL_malloc(newlen);
+ if (include_path == NULL) {
+ CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(include);
+ goto err;
+ }
+
OPENSSL_strlcpy(include_path, include_dir, newlen);
- OPENSSL_strlcat(include_path, "/", newlen);
+ if (!ossl_ends_with_dirsep(include_path))
+ OPENSSL_strlcat(include_path, "/", newlen);
OPENSSL_strlcat(include_path, include, newlen);
OPENSSL_free(include);
} else {
diff --git a/doc/internal/man3/ossl_ends_with_dirsep.pod b/doc/internal/man3/ossl_ends_with_dirsep.pod
new file mode 100644
index 0000000000..d19ce7a3b9
--- /dev/null
+++ b/doc/internal/man3/ossl_ends_with_dirsep.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ossl_ends_with_dirsep, ossl_is_absolute_path
+- internal functions to work with paths
+
+=head1 SYNOPSIS
+
+ #include "internal/cryptlib.h"
+
+ int ossl_ends_with_dirsep(const char *path);
+
+ int ossl_is_absolute_path(const char *path);
+
+=head1 DESCRIPTION
+
+ossl_ends_with_dirsep() detects whether the I<path> ends with a directory
+separator in a platform agnostic way.
+
+ossl_is_absolute_path() detects whether the I<path> is absolute path in
+a platform agnostic way.
+
+=head1 RETURN VALUES
+
+ossl_ends_with_dirsep() returns 1 if the I<path> ends with a directory
+separator, 0 otherwise.
+
+ossl_is_absolute_path() returns 1 if the I<path> is absolute, 0 otherwise.
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
+
diff --git a/engines/e_loader_attic.c b/engines/e_loader_attic.c
index 4f238b9cb2..176c159c8c 100644
--- a/engines/e_loader_attic.c
+++ b/engines/e_loader_attic.c
@@ -1424,27 +1424,13 @@ static int file_read_asn1(BIO *bp, unsigned char **data, long *len)
return 1;
}
-static int ends_with_dirsep(const char *uri)
-{
- if (*uri != '\0')
- uri += strlen(uri) - 1;
-#if defined(__VMS)
- if (*uri == ']' || *uri == '>' || *uri == ':')
- return 1;
-#elif defined(_WIN32)
- if (*uri == '\\')
- return 1;
-#endif
- return *uri == '/';
-}
-
static int file_name_to_uri(OSSL_STORE_LOADER_CTX *ctx, const char *name,
char **data)
{
assert(name != NULL);
assert(data != NULL);
{
- const char *pathsep = ends_with_dirsep(ctx->uri) ? "" : "/";
+ const char *pathsep = ossl_ends_with_dirsep(ctx->uri) ? "" : "/";
long calculated_length = strlen(ctx->uri) + strlen(pathsep)
+ strlen(name) + 1 /* \0 */;
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
index e070618547..eae10dfb6c 100644
--- a/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h
@@ -253,4 +253,34 @@ char *openssl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep);
unsigned char *openssl_hexstr2buf_sep(const char *str, long *buflen,
const char sep);
+static ossl_inline int ossl_ends_with_dirsep(const char *path)
+{
+ if (*path != '\0')
+ path += strlen(path) - 1;
+# if defined __VMS
+ if (*path == ']' || *path == '>' || *path == ':')
+ return 1;
+# elif defined _WIN32
+ if (*path == '\\')
+ return 1;
+# endif
+ return *path == '/';
+}
+
+static ossl_inline int ossl_is_absolute_path(const char *path)
+{
+# if defined __VMS
+ if (strchr(path, ':') != NULL
+ || ((path[0] == '[' || path[0] == '<')
+ && path[1] != '.' && path[1] != '-'
+ && path[1] != ']' && path[1] != '>'))
+ return 1;
+# elif defined _WIN32
+ if (path[0] == '\\'
+ || (path[0] != '\0' && path[1] == ':'))
+ return 1;
+# endif
+ return path[0] == '/';
+}
+
#endif
diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c
index 3b6c50c9e5..5607f169cc 100644
--- a/providers/implementations/storemgmt/file_store.c
+++ b/providers/implementations/storemgmt/file_store.c
@@ -24,6 +24,7 @@
#include <openssl/params.h>
#include <openssl/decoder.h>
#include <openssl/store.h> /* The OSSL_STORE_INFO type numbers */
+#include "internal/cryptlib.h"
#include "internal/o_dir.h"
#include "crypto/pem.h" /* For PVK and "blob" PEM headers */
#include "crypto/decoder.h"
@@ -647,27 +648,13 @@ static int file_load_file(struct file_ctx_st *ctx,
* --------------------------------------
*/
-static int ends_with_dirsep(const char *uri)
-{
- if (*uri != '\0')
- uri += strlen(uri) - 1;
-#if defined(__VMS)
- if (*uri == ']' || *uri == '>' || *uri == ':')
- return 1;
-#elif defined(_WIN32)
- if (*uri == '\\')
- return 1;
-#endif
- return *uri == '/';
-}
-
static char *file_name_to_uri(struct file_ctx_st *ctx, const char *name)
{
char *data = NULL;
assert(name != NULL);
{
- const char *pathsep = ends_with_dirsep(ctx->uri) ? "" : "/";
+ const char *pathsep = ossl_ends_with_dirsep(ctx->uri) ? "" : "/";
long calculated_length = strlen(ctx->uri) + strlen(pathsep)
+ strlen(name) + 1 /* \0 */;
More information about the openssl-commits
mailing list