[openssl] master update
dev at ddvo.net
dev at ddvo.net
Sun Feb 28 10:47:08 UTC 2021
The branch master has been updated
via e60e974414a7e637ff2f946dc2aa24c381a32cc2 (commit)
via 46a11faf3b86ddd2fcc687a0fcfd982e6d201626 (commit)
via 859e5f16213b1b80d06a20872ac137bdea708c29 (commit)
via ed0a5ac9200466d876a847b82bf95694356cef99 (commit)
from d5a936c5b1c2f0c6f882c0cfd2ff34f8845260f7 (commit)
- Log -----------------------------------------------------------------
commit e60e974414a7e637ff2f946dc2aa24c381a32cc2
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Fri Feb 26 13:26:37 2021 +0100
apps/x509.c: Fix mem leaks in processing of -next_serial in print loop
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
commit 46a11faf3b86ddd2fcc687a0fcfd982e6d201626
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Fri Feb 26 12:48:43 2021 +0100
apps/x509.c: Improve print_name() and coding style of large print loop in x509_main()
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
commit 859e5f16213b1b80d06a20872ac137bdea708c29
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Fri Feb 26 11:51:43 2021 +0100
apps/x509.c: Improve indentation of the large print loop in x509_main()
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
commit ed0a5ac9200466d876a847b82bf95694356cef99
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Fri Feb 26 11:42:49 2021 +0100
apps/x509.c: Fix too eager call to X509_set_issuer_name() introduced recently
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
-----------------------------------------------------------------------
Summary of changes:
apps/crl.c | 3 +-
apps/include/apps.h | 3 +-
apps/lib/apps.c | 10 +-
apps/req.c | 17 +--
apps/x509.c | 319 ++++++++++++++++++++++------------------------------
5 files changed, 148 insertions(+), 204 deletions(-)
diff --git a/apps/crl.c b/apps/crl.c
index dd9d41e8ea..1f12e24a4b 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -286,8 +286,7 @@ int crl_main(int argc, char **argv)
if (num) {
for (i = 1; i <= num; i++) {
if (issuer == i) {
- print_name(bio_out, "issuer=", X509_CRL_get_issuer(x),
- get_nameopt());
+ print_name(bio_out, "issuer=", X509_CRL_get_issuer(x));
}
if (crlnumber == i) {
ASN1_INTEGER *crlnum;
diff --git a/apps/include/apps.h b/apps/include/apps.h
index 45a9c4e758..8c365c44bd 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -94,8 +94,7 @@ int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data);
int chopup_args(ARGS *arg, char *buf);
int dump_cert_text(BIO *out, X509 *x);
-void print_name(BIO *out, const char *title, const X509_NAME *nm,
- unsigned long lflags);
+void print_name(BIO *out, const char *title, const X509_NAME *nm);
void print_bignum_var(BIO *, const BIGNUM *, const char*,
int, unsigned char *);
void print_array(BIO *, const char *, int, const unsigned char *);
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 7c1015737d..634bebde42 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -188,9 +188,9 @@ unsigned long get_nameopt(void)
int dump_cert_text(BIO *out, X509 *x)
{
- print_name(out, "subject=", X509_get_subject_name(x), get_nameopt());
+ print_name(out, "subject=", X509_get_subject_name(x));
BIO_puts(out, "\n");
- print_name(out, "issuer=", X509_get_issuer_name(x), get_nameopt());
+ print_name(out, "issuer=", X509_get_issuer_name(x));
BIO_puts(out, "\n");
return 0;
@@ -1071,14 +1071,14 @@ static int set_table_opts(unsigned long *flags, const char *arg,
return 0;
}
-void print_name(BIO *out, const char *title, const X509_NAME *nm,
- unsigned long lflags)
+void print_name(BIO *out, const char *title, const X509_NAME *nm)
{
char *buf;
char mline = 0;
int indent = 0;
+ unsigned long lflags = get_nameopt();
- if (title)
+ if (title != NULL)
BIO_puts(out, title);
if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
mline = 1;
diff --git a/apps/req.c b/apps/req.c
index 881cbb45c7..4056b18f51 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -921,9 +921,8 @@ int req_main(int argc, char **argv)
if (subj != NULL && !newreq && !gen_x509) {
if (verbose) {
- BIO_printf(bio_err, "Modifying subject of certificate request\n");
- print_name(bio_err, "Old subject=",
- X509_REQ_get_subject_name(req), get_nameopt());
+ BIO_printf(out, "Modifying subject of certificate request\n");
+ print_name(out, "Old subject=", X509_REQ_get_subject_name(req));
}
if (!X509_REQ_set_subject_name(req, fsubj)) {
@@ -932,8 +931,7 @@ int req_main(int argc, char **argv)
}
if (verbose) {
- print_name(bio_err, "New subject=",
- X509_REQ_get_subject_name(req), get_nameopt());
+ print_name(out, "New subject=", X509_REQ_get_subject_name(req));
}
}
@@ -996,12 +994,9 @@ int req_main(int argc, char **argv)
}
if (subject) {
- if (gen_x509)
- print_name(out, "subject=", X509_get_subject_name(new_x509),
- get_nameopt());
- else
- print_name(out, "subject=", X509_REQ_get_subject_name(req),
- get_nameopt());
+ print_name(out, "subject=", gen_x509
+ ? X509_get_subject_name(new_x509)
+ : X509_REQ_get_subject_name(req));
}
if (modulus) {
diff --git a/apps/x509.c b/apps/x509.c
index 67895c8169..1108ff7ad4 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -245,6 +245,7 @@ int x509_main(int argc, char **argv)
int ext_copy = EXT_COPY_UNSET;
X509V3_CTX ext_ctx;
EVP_PKEY *signkey = NULL, *CAkey = NULL, *pubkey = NULL;
+ EVP_PKEY *pkey;
int newcert = 0;
char *subj = NULL, *digestname = NULL;
X509_NAME *fsubj = NULL;
@@ -270,7 +271,7 @@ int x509_main(int argc, char **argv)
int next_serial = 0, subject_hash = 0, issuer_hash = 0, ocspid = 0;
int noout = 0, CA_createserial = 0, email = 0;
int ocsp_uri = 0, trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0;
- int ret = 1, i, num = 0, badsig = 0, clrext = 0, nocert = 0;
+ int ret = 1, i, j, num = 0, badsig = 0, clrext = 0, nocert = 0;
int text = 0, serial = 0, subject = 0, issuer = 0, startdate = 0, ext = 0;
int enddate = 0;
time_t checkoffset = 0;
@@ -403,30 +404,25 @@ int x509_main(int argc, char **argv)
subj = opt_arg();
break;
case OPT_ADDTRUST:
+ if (trust == NULL && (trust = sk_ASN1_OBJECT_new_null()) == NULL)
+ goto end;
if ((objtmp = OBJ_txt2obj(opt_arg(), 0)) == NULL) {
- BIO_printf(bio_err,
- "%s: Invalid trust object value %s\n",
+ BIO_printf(bio_err, "%s: Invalid trust object value %s\n",
prog, opt_arg());
goto opthelp;
}
- if (trust == NULL && (trust = sk_ASN1_OBJECT_new_null()) == NULL)
- goto end;
sk_ASN1_OBJECT_push(trust, objtmp);
- objtmp = NULL;
trustout = 1;
break;
case OPT_ADDREJECT:
+ if (reject == NULL && (reject = sk_ASN1_OBJECT_new_null()) == NULL)
+ goto end;
if ((objtmp = OBJ_txt2obj(opt_arg(), 0)) == NULL) {
- BIO_printf(bio_err,
- "%s: Invalid reject object value %s\n",
+ BIO_printf(bio_err, "%s: Invalid reject object value %s\n",
prog, opt_arg());
goto opthelp;
}
- if (reject == NULL
- && (reject = sk_ASN1_OBJECT_new_null()) == NULL)
- goto end;
sk_ASN1_OBJECT_push(reject, objtmp);
- objtmp = NULL;
trustout = 1;
break;
case OPT_SETALIAS:
@@ -674,32 +670,24 @@ int x509_main(int argc, char **argv)
}
if (reqfile) {
- EVP_PKEY *pkey;
-
req = load_csr(infile, informat, "certificate request input");
if (req == NULL)
goto end;
if ((pkey = X509_REQ_get0_pubkey(req)) == NULL) {
- BIO_printf(bio_err, "Error unpacking public key\n");
+ BIO_printf(bio_err, "Error unpacking public key from CSR\n");
goto end;
}
i = do_X509_REQ_verify(req, pkey, vfyopts);
- if (i < 0) {
- BIO_printf(bio_err,
- "Error while verifying certificate request self-signature\n");
- goto end;
- }
- if (i == 0) {
- BIO_printf(bio_err,
- "Certificate request self-signature did not match the contents\n");
+ if (i <= 0) {
+ BIO_printf(bio_err, i < 0
+ ? "Error while verifying certificate request self-signature\n"
+ : "Certificate request self-signature did not match the contents\n");
goto end;
- } else {
- BIO_printf(bio_err, "Certificate request self-signature ok\n");
}
+ BIO_printf(out, "Certificate request self-signature ok\n");
- print_name(bio_err, "subject=", X509_REQ_get_subject_name(req),
- get_nameopt());
+ print_name(out, "subject=", X509_REQ_get_subject_name(req));
} else if (!x509toreq && ext_copy != EXT_COPY_UNSET) {
BIO_printf(bio_err, "Warning: ignoring -copy_extensions since neither -x509toreq nor -req is given\n");
}
@@ -768,19 +756,13 @@ int x509_main(int argc, char **argv)
X509_reject_clear(x);
if (trust != NULL) {
- for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) {
- objtmp = sk_ASN1_OBJECT_value(trust, i);
- X509_add1_trust_object(x, objtmp);
- }
- objtmp = NULL;
+ for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++)
+ X509_add1_trust_object(x, sk_ASN1_OBJECT_value(trust, i));
}
if (reject != NULL) {
- for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++) {
- objtmp = sk_ASN1_OBJECT_value(reject, i);
- X509_add1_reject_object(x, objtmp);
- }
- objtmp = NULL;
+ for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++)
+ X509_add1_reject_object(x, sk_ASN1_OBJECT_value(reject, i));
}
if (clrext && ext_names != NULL)
@@ -793,10 +775,6 @@ int x509_main(int argc, char **argv)
X509_EXTENSION_free(X509_delete_ext(x, i));
}
- if ((reqfile || newcert || signkey != NULL || CAfile != NULL)
- && !preserve_dates && !set_cert_times(x, NULL, NULL, days))
- goto end;
-
issuer_cert = x;
if (CAfile != NULL) {
issuer_cert = xca;
@@ -809,8 +787,12 @@ int x509_main(int argc, char **argv)
if (sno != NULL && !X509_set_serialNumber(x, sno))
goto end;
- if (!X509_set_issuer_name(x, X509_get_subject_name(issuer_cert)))
- goto end;
+ if (reqfile || newcert || signkey != NULL || CAfile != NULL) {
+ if (!preserve_dates && !set_cert_times(x, NULL, NULL, days))
+ goto end;
+ if (!X509_set_issuer_name(x, X509_get_subject_name(issuer_cert)))
+ goto end;
+ }
X509V3_set_ctx(&ext_ctx, issuer_cert, x, req, NULL, X509V3_CTX_REPLACE);
if (extconf != NULL) {
@@ -824,6 +806,12 @@ int x509_main(int argc, char **argv)
/* At this point the contents of the certificate x have been finished. */
+ pkey = X509_get0_pubkey(x);
+ if ((print_pubkey != 0 || modulus != 0) && pkey == NULL) {
+ BIO_printf(bio_err, "Error getting public key\n");
+ goto end;
+ }
+
if (x509toreq) { /* also works in conjunction with -req */
if (signkey == NULL) {
BIO_printf(bio_err, "Must specify request key using -signkey\n");
@@ -888,159 +876,123 @@ int x509_main(int argc, char **argv)
corrupt_signature(signature);
}
- if (num) { /* TODO remove this needless guard and extra indentation below */
- /* Process print options in the given order, as indicated by index i */
- for (i = 1; i <= num; i++) {
- if (issuer == i) {
- print_name(out, "issuer=", X509_get_issuer_name(x),
- get_nameopt());
- } else if (subject == i) {
- print_name(out, "subject=",
- X509_get_subject_name(x), get_nameopt());
- } else if (serial == i) {
- BIO_printf(out, "serial=");
- i2a_ASN1_INTEGER(out, X509_get0_serialNumber(x));
- BIO_printf(out, "\n");
- } else if (next_serial == i) {
- ASN1_INTEGER *ser = X509_get_serialNumber(x);
- BIGNUM *bnser = ASN1_INTEGER_to_BN(ser, NULL);
-
- if (!bnser)
- goto end;
- if (!BN_add_word(bnser, 1))
- goto end;
- ser = BN_to_ASN1_INTEGER(bnser, NULL);
- if (!ser)
- goto end;
+ /* Process print options in the given order, as indicated by index i */
+ for (i = 1; i <= num; i++) {
+ if (i == issuer) {
+ print_name(out, "issuer=", X509_get_issuer_name(x));
+ } else if (i == subject) {
+ print_name(out, "subject=", X509_get_subject_name(x));
+ } else if (i == serial) {
+ BIO_printf(out, "serial=");
+ i2a_ASN1_INTEGER(out, X509_get0_serialNumber(x));
+ BIO_printf(out, "\n");
+ } else if (i == next_serial) {
+ ASN1_INTEGER *ser;
+ BIGNUM *bnser = ASN1_INTEGER_to_BN(X509_get0_serialNumber(x), NULL);
+
+ if (bnser == NULL)
+ goto end;
+ if (!BN_add_word(bnser, 1)
+ || (ser = BN_to_ASN1_INTEGER(bnser, NULL)) == NULL) {
BN_free(bnser);
- i2a_ASN1_INTEGER(out, ser);
- ASN1_INTEGER_free(ser);
- BIO_puts(out, "\n");
- } else if (email == i || ocsp_uri == i) {
- STACK_OF(OPENSSL_STRING) *emlst;
- int j;
-
- if (email == i)
- emlst = X509_get1_email(x);
- else
- emlst = X509_get1_ocsp(x);
- for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
- BIO_printf(out, "%s\n",
- sk_OPENSSL_STRING_value(emlst, j));
- X509_email_free(emlst);
- } else if (aliasout == i) {
- unsigned char *alstr;
-
- alstr = X509_alias_get0(x, NULL);
- if (alstr)
- BIO_printf(out, "%s\n", alstr);
- else
- BIO_puts(out, "<No Alias>\n");
- } else if (subject_hash == i) {
- BIO_printf(out, "%08lx\n", X509_subject_name_hash(x));
+ goto end;
+ }
+ BN_free(bnser);
+ i2a_ASN1_INTEGER(out, ser);
+ ASN1_INTEGER_free(ser);
+ BIO_puts(out, "\n");
+ } else if (i == email || i == ocsp_uri) {
+ STACK_OF(OPENSSL_STRING) *emlst =
+ i == email ? X509_get1_email(x) : X509_get1_ocsp(x);
+
+ for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
+ BIO_printf(out, "%s\n", sk_OPENSSL_STRING_value(emlst, j));
+ X509_email_free(emlst);
+ } else if (i == aliasout) {
+ unsigned char *alstr = X509_alias_get0(x, NULL);
+
+ if (alstr)
+ BIO_printf(out, "%s\n", alstr);
+ else
+ BIO_puts(out, "<No Alias>\n");
+ } else if (i == subject_hash) {
+ BIO_printf(out, "%08lx\n", X509_subject_name_hash(x));
#ifndef OPENSSL_NO_MD5
- } else if (subject_hash_old == i) {
- BIO_printf(out, "%08lx\n", X509_subject_name_hash_old(x));
+ } else if (i == subject_hash_old) {
+ BIO_printf(out, "%08lx\n", X509_subject_name_hash_old(x));
#endif
- } else if (issuer_hash == i) {
- BIO_printf(out, "%08lx\n", X509_issuer_name_hash(x));
+ } else if (i == issuer_hash) {
+ BIO_printf(out, "%08lx\n", X509_issuer_name_hash(x));
#ifndef OPENSSL_NO_MD5
- } else if (issuer_hash_old == i) {
- BIO_printf(out, "%08lx\n", X509_issuer_name_hash_old(x));
+ } else if (i == issuer_hash_old) {
+ BIO_printf(out, "%08lx\n", X509_issuer_name_hash_old(x));
#endif
- } else if (pprint == i) {
- X509_PURPOSE *ptmp;
- int j;
-
- BIO_printf(out, "Certificate purposes:\n");
- for (j = 0; j < X509_PURPOSE_get_count(); j++) {
- ptmp = X509_PURPOSE_get0(j);
- purpose_print(out, x, ptmp);
- }
- } else if (modulus == i) {
- EVP_PKEY *pkey;
-
- pkey = X509_get0_pubkey(x);
- if (pkey == NULL) {
- BIO_printf(bio_err,
- "Modulus unavailable: cannot get key\n");
- goto end;
- }
- BIO_printf(out, "Modulus=");
- if (EVP_PKEY_is_a(pkey, "RSA")) {
- BIGNUM *n;
-
- /* Every RSA key has an 'n' */
- EVP_PKEY_get_bn_param(pkey, "n", &n);
- BN_print(out, n);
- BN_free(n);
- } else if (EVP_PKEY_is_a(pkey, "DSA")) {
- BIGNUM *dsapub;
-
- /* Every DSA key has an 'pub' */
- EVP_PKEY_get_bn_param(pkey, "pub", &dsapub);
- BN_print(out, dsapub);
- BN_free(dsapub);
- } else {
- BIO_printf(out, "No modulus for this public key type");
- }
- BIO_printf(out, "\n");
- } else if (print_pubkey == i) {
- EVP_PKEY *pkey;
-
- pkey = X509_get0_pubkey(x);
- if (pkey == NULL) {
- BIO_printf(bio_err, "Error getting public key\n");
- goto end;
- }
- PEM_write_bio_PUBKEY(out, pkey);
- } else if (text == i) {
- X509_print_ex(out, x, get_nameopt(), certflag);
- } else if (startdate == i) {
- BIO_puts(out, "notBefore=");
- ASN1_TIME_print(out, X509_get0_notBefore(x));
- BIO_puts(out, "\n");
- } else if (enddate == i) {
- BIO_puts(out, "notAfter=");
- ASN1_TIME_print(out, X509_get0_notAfter(x));
- BIO_puts(out, "\n");
- } else if (fingerprint == i) {
- int j;
- unsigned int n;
- unsigned char md[EVP_MAX_MD_SIZE];
- const EVP_MD *fdig = digest;
-
- if (fdig == NULL)
- fdig = EVP_sha1();
-
- if (!X509_digest(x, fdig, md, &n)) {
- BIO_printf(bio_err, "Out of memory\n");
- goto end;
- }
- BIO_printf(out, "%s Fingerprint=",
- OBJ_nid2sn(EVP_MD_type(fdig)));
- for (j = 0; j < (int)n; j++) {
- BIO_printf(out, "%02X%c", md[j], (j + 1 == (int)n)
- ? '\n' : ':');
- }
- } else if (ocspid == i) {
- X509_ocspid_print(out, x);
- } else if (ext == i) {
- print_x509v3_exts(out, x, ext_names);
+ } else if (i == pprint) {
+ BIO_printf(out, "Certificate purposes:\n");
+ for (j = 0; j < X509_PURPOSE_get_count(); j++)
+ purpose_print(out, x, X509_PURPOSE_get0(j));
+ } else if (i == modulus) {
+ BIO_printf(out, "Modulus=");
+ if (EVP_PKEY_is_a(pkey, "RSA")) {
+ BIGNUM *n;
+
+ /* Every RSA key has an 'n' */
+ EVP_PKEY_get_bn_param(pkey, "n", &n);
+ BN_print(out, n);
+ BN_free(n);
+ } else if (EVP_PKEY_is_a(pkey, "DSA")) {
+ BIGNUM *dsapub;
+
+ /* Every DSA key has a 'pub' */
+ EVP_PKEY_get_bn_param(pkey, "pub", &dsapub);
+ BN_print(out, dsapub);
+ BN_free(dsapub);
+ } else {
+ BIO_printf(out, "No modulus for this public key type");
}
+ BIO_printf(out, "\n");
+ } else if (i == print_pubkey) {
+ PEM_write_bio_PUBKEY(out, pkey);
+ } else if (i == text) {
+ X509_print_ex(out, x, get_nameopt(), certflag);
+ } else if (i == startdate) {
+ BIO_puts(out, "notBefore=");
+ ASN1_TIME_print(out, X509_get0_notBefore(x));
+ BIO_puts(out, "\n");
+ } else if (i == enddate) {
+ BIO_puts(out, "notAfter=");
+ ASN1_TIME_print(out, X509_get0_notAfter(x));
+ BIO_puts(out, "\n");
+ } else if (i == fingerprint) {
+ unsigned int n;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ const EVP_MD *fdig = digest;
+
+ if (fdig == NULL)
+ fdig = EVP_sha1();
+
+ if (!X509_digest(x, fdig, md, &n)) {
+ BIO_printf(bio_err, "Out of memory\n");
+ goto end;
+ }
+ BIO_printf(out, "%s Fingerprint=", OBJ_nid2sn(EVP_MD_type(fdig)));
+ for (j = 0; j < (int)n; j++)
+ BIO_printf(out, "%02X%c", md[j], (j + 1 == (int)n) ? '\n' : ':');
+ } else if (i == ocspid) {
+ X509_ocspid_print(out, x);
+ } else if (i == ext) {
+ print_x509v3_exts(out, x, ext_names);
}
}
if (checkend) {
time_t tcheck = time(NULL) + checkoffset;
- if (X509_cmp_time(X509_get0_notAfter(x), &tcheck) < 0) {
+ ret = X509_cmp_time(X509_get0_notAfter(x), &tcheck) < 0;
+ if (ret)
BIO_printf(out, "Certificate will expire\n");
- ret = 1;
- } else {
+ else
BIO_printf(out, "Certificate will not expire\n");
- ret = 0;
- }
goto end;
}
@@ -1087,7 +1039,6 @@ int x509_main(int argc, char **argv)
ASN1_INTEGER_free(sno);
sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
- ASN1_OBJECT_free(objtmp);
release_engine(e);
clear_free(passin);
return ret;
@@ -1152,7 +1103,7 @@ static int callb(int ok, X509_STORE_CTX *ctx)
return 0;
} else {
err_cert = X509_STORE_CTX_get_current_cert(ctx);
- print_name(bio_err, NULL, X509_get_subject_name(err_cert), 0);
+ print_name(bio_err, "subject=", X509_get_subject_name(err_cert));
BIO_printf(bio_err,
"Error with certificate - error %d at depth %d\n%s\n", err,
X509_STORE_CTX_get_error_depth(ctx),
More information about the openssl-commits
mailing list