[openssl] master update

Richard Levitte levitte at openssl.org
Wed Feb 17 13:38:58 UTC 2021


The branch master has been updated
       via  e5ac413b2d3d6bcff57446f06f3d05650921f182 (commit)
      from  3a962b2093a6226daa26e4d1855d4eb9f2e5035b (commit)


- Log -----------------------------------------------------------------
commit e5ac413b2d3d6bcff57446f06f3d05650921f182
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Feb 16 01:19:58 2021 +0100

    Fix backward incompatibility revolving around OSSL_HTTP_REQ_CTX_sendreq_d2i()
    
    The OSSL_HTTP_REQ_CTX API has a few changes compared to the older
    OCSP_REQ_CTX API which are not quite obvious at first sight.
    
    The old OCSP_REQ_CTX_nbio_d2i() took three arguments, of which one is
    an output argument, and return an int, while the newer
    OSSL_HTTP_REQ_CTX_sendreq_d2i() returns the value directly and thereby
    takes one less argument.
    
    The mapping from the old to the new wasn't quite right, this corrects
    it, along with a couple of X509 macros that needed the same kind of
    fix.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
    (Merged from https://github.com/openssl/openssl/pull/14196)

-----------------------------------------------------------------------

Summary of changes:
 include/openssl/ocsp.h.in |  4 ++--
 include/openssl/x509.h.in | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/include/openssl/ocsp.h.in b/include/openssl/ocsp.h.in
index c104b72d8e..3c5de15494 100644
--- a/include/openssl/ocsp.h.in
+++ b/include/openssl/ocsp.h.in
@@ -189,8 +189,8 @@ typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX;
         OSSL_HTTP_REQ_CTX_i2d(r, "application/ocsp-request", i, req)
 #   define OCSP_REQ_CTX_nbio(r) \
         OSSL_HTTP_REQ_CTX_nbio(r)
-#   define OCSP_REQ_CTX_nbio_d2i(r, i) \
-        OSSL_HTTP_REQ_CTX_sendreq_d2i(r, i)
+#   define OCSP_REQ_CTX_nbio_d2i(r, p, i)        \
+        ((*(p) = OSSL_HTTP_REQ_CTX_sendreq_d2i(r, i)) != NULL)
 #   define OCSP_REQ_CTX_get0_mem_bio(r) \
         OSSL_HTTP_REQ_CTX_get0_mem_bio(r)
 #   define OCSP_set_max_response_length(r, l) \
diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in
index 7fc1558b18..32aea0e0db 100644
--- a/include/openssl/x509.h.in
+++ b/include/openssl/x509.h.in
@@ -403,13 +403,13 @@ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
                      unsigned char *md, unsigned int *len);
 
 X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-# define X509_http_nbio(rctx, pcert) \
-    OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, (ASN1_VALUE **)(pcert), \
-                                  ASN1_ITEM_rptr(X509))
+# define X509_http_nbio(rctx, pcert)                                    \
+    ((*(pcert) =                                                        \
+      OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, ASN1_ITEM_rptr(X509))) != NULL)
 X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-# define X509_CRL_http_nbio(rctx, pcrl) \
-    OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, (ASN1_VALUE **)(pcrl), \
-                                  ASN1_ITEM_rptr(X509_CRL))
+# define X509_CRL_http_nbio(rctx, pcrl)                                 \
+    ((*(pcrl) =                                                         \
+      OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, ASN1_ITEM_rptr(X509_CRL))) != NULL)
 
 # ifndef OPENSSL_NO_STDIO
 X509 *d2i_X509_fp(FILE *fp, X509 **x509);


More information about the openssl-commits mailing list