Mechanical KNF in preparation for changing

author: beck <> 2021-10-28 11:55:43 +0000
committer: beck <> 2021-10-28 11:55:43 +0000
commit: 92391c1802f1d1cd2771f7e48fb0a19e975a26f5 (patch)
tree: 1f2e0d435ff5311db6957d62b59e97937f97ecbc /src/lib/libcrypto/ct/ct_log.c
parent: 2ad24edafbc4bd74a8da3d35534b4fad107e1473 (diff)
download: openbsd-92391c1802f1d1cd2771f7e48fb0a19e975a26f5.tar.gz
openbsd-92391c1802f1d1cd2771f7e48fb0a19e975a26f5.tar.bz2
openbsd-92391c1802f1d1cd2771f7e48fb0a19e975a26f5.zip
1 files changed, 191 insertions, 180 deletions
diff --git a/src/lib/libcrypto/ct/ct_log.c b/src/lib/libcrypto/ct/ct_log.c
index c1bca3e141..ee44de2bfc 100644
--- a/src/lib/libcrypto/ct/ct_log.c
+++ b/src/lib/libcrypto/ct/ct_log.c
@@ -22,9 +22,9 @@
 * Information about a CT log server.
 */
 struct ctlog_st {
-    char *name;
+        char *name;
-    uint8_t log_id[CT_V1_HASHLEN];
+        uint8_t log_id[CT_V1_HASHLEN];
-    EVP_PKEY *public_key;
+        EVP_PKEY *public_key;
 };
 /*
@@ -32,14 +32,14 @@ struct ctlog_st {
 * It takes ownership of any CTLOG instances added to it.
 */
 struct ctlog_store_st {
-    STACK_OF(CTLOG) *logs;
+        STACK_OF(CTLOG) *logs;
 };
 /* The context when loading a CT log list from a CONF file. */
 typedef struct ctlog_store_load_ctx_st {
-    CTLOG_STORE *log_store;
+        CTLOG_STORE *log_store;
-    CONF *conf;
+        CONF *conf;
-    size_t invalid_log_entries;
+        size_t invalid_log_entries;
 } CTLOG_STORE_LOAD_CTX;
 /*
@@ -54,95 +54,101 @@ static CTLOG_STORE_LOAD_CTX *ctlog_store_load_ctx_new(void);
 */
 static void ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx);
-static CTLOG_STORE_LOAD_CTX *ctlog_store_load_ctx_new(void)
+static CTLOG_STORE_LOAD_CTX *
+ctlog_store_load_ctx_new(void)
 {
-    CTLOG_STORE_LOAD_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+        CTLOG_STORE_LOAD_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
-    if (ctx == NULL)
+        if (ctx == NULL)
-        CTerr(CT_F_CTLOG_STORE_LOAD_CTX_NEW, ERR_R_MALLOC_FAILURE);
+                CTerr(CT_F_CTLOG_STORE_LOAD_CTX_NEW, ERR_R_MALLOC_FAILURE);
-    return ctx;
+        return ctx;
 }
-static void ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx)
+static void
+ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx)
 {
-    OPENSSL_free(ctx);
+        OPENSSL_free(ctx);
 }
 /* Converts a log's public key into a SHA256 log ID */
-static int ct_v1_log_id_from_pkey(EVP_PKEY *pkey,
+static int
-                                  unsigned char log_id[CT_V1_HASHLEN])
+ct_v1_log_id_from_pkey(EVP_PKEY *pkey, unsigned char log_id[CT_V1_HASHLEN])
 {
-    int ret = 0;
+        int ret = 0;
-    unsigned char *pkey_der = NULL;
+        unsigned char *pkey_der = NULL;
-    int pkey_der_len = i2d_PUBKEY(pkey, &pkey_der);
+        int pkey_der_len = i2d_PUBKEY(pkey, &pkey_der);
-    if (pkey_der_len <= 0) {
+        if (pkey_der_len <= 0) {
-        CTerr(CT_F_CT_V1_LOG_ID_FROM_PKEY, CT_R_LOG_KEY_INVALID);
+                CTerr(CT_F_CT_V1_LOG_ID_FROM_PKEY, CT_R_LOG_KEY_INVALID);
-        goto err;
+                goto err;
-    }
+        }
-    SHA256(pkey_der, pkey_der_len, log_id);
+        SHA256(pkey_der, pkey_der_len, log_id);
-    ret = 1;
+        ret = 1;
-err:
+ err:
-    OPENSSL_free(pkey_der);
+        OPENSSL_free(pkey_der);
-    return ret;
+        return ret;
 }
-CTLOG_STORE *CTLOG_STORE_new(void)
+CTLOG_STORE *
+CTLOG_STORE_new(void)
 {
-    CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret));
+        CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret));
-    if (ret == NULL) {
+        if (ret == NULL) {
-        CTerr(CT_F_CTLOG_STORE_NEW, ERR_R_MALLOC_FAILURE);
+                CTerr(CT_F_CTLOG_STORE_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
+                return NULL;
-    }
+        }
-    ret->logs = sk_CTLOG_new_null();
+        ret->logs = sk_CTLOG_new_null();
-    if (ret->logs == NULL)
+        if (ret->logs == NULL)
-        goto err;
+                goto err;
-    return ret;
+        return ret;
 err:
-    OPENSSL_free(ret);
+        OPENSSL_free(ret);
-    return NULL;
+        return NULL;
 }
-void CTLOG_STORE_free(CTLOG_STORE *store)
+void
+CTLOG_STORE_free(CTLOG_STORE *store)
 {
-    if (store != NULL) {
+        if (store != NULL) {
-        sk_CTLOG_pop_free(store->logs, CTLOG_free);
+                sk_CTLOG_pop_free(store->logs, CTLOG_free);
-        OPENSSL_free(store);
+                OPENSSL_free(store);
-    }
+        }
 }
-static int ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *section)
+static int
+ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *section)
 {
-    const char *description = NCONF_get_string(conf, section, "description");
+        const char *description = NCONF_get_string(conf, section, "description");
-    char *pkey_base64;
+        char *pkey_base64;
-    if (description == NULL) {
+        if (description == NULL) {
-        CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_DESCRIPTION);
+                CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_DESCRIPTION);
-        return 0;
+                return 0;
-    }
+        }
-    pkey_base64 = NCONF_get_string(conf, section, "key");
+        pkey_base64 = NCONF_get_string(conf, section, "key");
-    if (pkey_base64 == NULL) {
+        if (pkey_base64 == NULL) {
-        CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_KEY);
+                CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_KEY);
-        return 0;
+                return 0;
-    }
+        }
-    return CTLOG_new_from_base64(ct_log, pkey_base64, description);
+        return CTLOG_new_from_base64(ct_log, pkey_base64, description);
 }
-int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
+int
+CTLOG_STORE_load_default_file(CTLOG_STORE *store)
 {
-    const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);
+        const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);
-    if (fpath == NULL)
+        if (fpath == NULL)
-      fpath = CTLOG_FILE;
+                fpath = CTLOG_FILE;
-    return CTLOG_STORE_load_file(store, fpath);
+        return CTLOG_STORE_load_file(store, fpath);
 }
 /*
@@ -151,82 +157,83 @@ int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
 * the following log entries.
 * It may stop parsing and returns -1 on any internal (malloc) error.
 */
-static int ctlog_store_load_log(const char *log_name, int log_name_len,
+static int
-                                void *arg)
+ctlog_store_load_log(const char *log_name, int log_name_len, void *arg)
 {
-    CTLOG_STORE_LOAD_CTX *load_ctx = arg;
+        CTLOG_STORE_LOAD_CTX *load_ctx = arg;
-    CTLOG *ct_log = NULL;
+        CTLOG *ct_log = NULL;
-    /* log_name may not be null-terminated, so fix that before using it */
+        /* log_name may not be null-terminated, so fix that before using it */
-    char *tmp;
+        char *tmp;
-    int ret = 0;
+        int ret = 0;
-    /* log_name will be NULL for empty list entries */
+        /* log_name will be NULL for empty list entries */
-    if (log_name == NULL)
+        if (log_name == NULL)
-        return 1;
+                return 1;
-    tmp = OPENSSL_strndup(log_name, log_name_len);
+        tmp = OPENSSL_strndup(log_name, log_name_len);
-    if (tmp == NULL)
+        if (tmp == NULL)
-        goto mem_err;
+                goto mem_err;
-    ret = ctlog_new_from_conf(&ct_log, load_ctx->conf, tmp);
+        ret = ctlog_new_from_conf(&ct_log, load_ctx->conf, tmp);
-    OPENSSL_free(tmp);
+        OPENSSL_free(tmp);
-    if (ret < 0) {
+        if (ret < 0) {
-        /* Propagate any internal error */
+                /* Propagate any internal error */
-        return ret;
+                return ret;
-    }
+        }
-    if (ret == 0) {
+        if (ret == 0) {
-        /* If we can't load this log, record that fact and skip it */
+                /* If we can't load this log, record that fact and skip it */
-        ++load_ctx->invalid_log_entries;
+                ++load_ctx->invalid_log_entries;
-        return 1;
+                return 1;
-    }
+        }
-    if (!sk_CTLOG_push(load_ctx->log_store->logs, ct_log)) {
+        if (!sk_CTLOG_push(load_ctx->log_store->logs, ct_log)) {
-        goto mem_err;
+                goto mem_err;
-    }
+        }
-    return 1;
+        return 1;
 mem_err:
-    CTLOG_free(ct_log);
+        CTLOG_free(ct_log);
-    CTerr(CT_F_CTLOG_STORE_LOAD_LOG, ERR_R_MALLOC_FAILURE);
+        CTerr(CT_F_CTLOG_STORE_LOAD_LOG, ERR_R_MALLOC_FAILURE);
-    return -1;
+        return -1;
 }
-int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file)
+int
+CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file)
 {
-    int ret = 0;
+        int ret = 0;
-    char *enabled_logs;
+        char *enabled_logs;
-    CTLOG_STORE_LOAD_CTX* load_ctx = ctlog_store_load_ctx_new();
+        CTLOG_STORE_LOAD_CTX* load_ctx = ctlog_store_load_ctx_new();
-    if (load_ctx == NULL)
+        if (load_ctx == NULL)
-        return 0;
+                return 0;
-    load_ctx->log_store = store;
+        load_ctx->log_store = store;
-    load_ctx->conf = NCONF_new(NULL);
+        load_ctx->conf = NCONF_new(NULL);
-    if (load_ctx->conf == NULL)
+        if (load_ctx->conf == NULL)
-        goto end;
+                goto end;
-    if (NCONF_load(load_ctx->conf, file, NULL) <= 0) {
+        if (NCONF_load(load_ctx->conf, file, NULL) <= 0) {
-        CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
+                CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
-        goto end;
+                goto end;
-    }
+        }
-    enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs");
+        enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs");
-    if (enabled_logs == NULL) {
+        if (enabled_logs == NULL) {
-        CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
+                CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
-        goto end;
+                goto end;
-    }
+        }
-    if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) ||
+        if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) ||
-        load_ctx->invalid_log_entries > 0) {
+            load_ctx->invalid_log_entries > 0) {
-        CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
+                CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
-        goto end;
+                goto end;
-    }
+        }
-    ret = 1;
+        ret = 1;
 end:
-    NCONF_free(load_ctx->conf);
+        NCONF_free(load_ctx->conf);
-    ctlog_store_load_ctx_free(load_ctx);
+        ctlog_store_load_ctx_free(load_ctx);
-    return ret;
+        return ret;
 }
 /*
@@ -234,73 +241,77 @@ end:
 * Takes ownership of the public key.
 * Copies the name.
 */
-CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name)
+CTLOG *
+CTLOG_new(EVP_PKEY *public_key, const char *name)
 {
-    CTLOG *ret = OPENSSL_zalloc(sizeof(*ret));
+        CTLOG *ret = OPENSSL_zalloc(sizeof(*ret));
-    if (ret == NULL) {
+        if (ret == NULL) {
-        CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);
+                CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
+                return NULL;
-    }
+        }
-    ret->name = OPENSSL_strdup(name);
+        ret->name = OPENSSL_strdup(name);
-    if (ret->name == NULL) {
+        if (ret->name == NULL) {
-        CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);
+                CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);
-        goto err;
+                goto err;
-    }
+        }
-    if (ct_v1_log_id_from_pkey(public_key, ret->log_id) != 1)
+        if (ct_v1_log_id_from_pkey(public_key, ret->log_id) != 1)
-        goto err;
+                goto err;
-    ret->public_key = public_key;
+        ret->public_key = public_key;
-    return ret;
+        return ret;
-err:
+ err:
-    CTLOG_free(ret);
+        CTLOG_free(ret);
-    return NULL;
+        return NULL;
 }
 /* Frees CT log and associated structures */
-void CTLOG_free(CTLOG *log)
+void
+CTLOG_free(CTLOG *log)
 {
-    if (log != NULL) {
+        if (log != NULL) {
-        OPENSSL_free(log->name);
+                OPENSSL_free(log->name);
-        EVP_PKEY_free(log->public_key);
+                EVP_PKEY_free(log->public_key);
-        OPENSSL_free(log);
+                OPENSSL_free(log);
-    }
+        }
 }
-const char *CTLOG_get0_name(const CTLOG *log)
+const char *
+CTLOG_get0_name(const CTLOG *log)
 {
-    return log->name;
+        return log->name;
 }
-void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+void
-                       size_t *log_id_len)
+CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id, size_t *log_id_len)
 {
-    *log_id = log->log_id;
+        *log_id = log->log_id;
-    *log_id_len = CT_V1_HASHLEN;
+        *log_id_len = CT_V1_HASHLEN;
 }
-EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log)
+EVP_PKEY *
+CTLOG_get0_public_key(const CTLOG *log)
 {
-    return log->public_key;
+        return log->public_key;
 }
 /*
 * Given a log ID, finds the matching log.
 * Returns NULL if no match found.
 */
-const CTLOG *CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store,
+const CTLOG
-                                        const uint8_t *log_id,
+*CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store, const uint8_t *log_id,
-                                        size_t log_id_len)
+    size_t log_id_len)
 {
-    int i;
+        int i;
-    for (i = 0; i < sk_CTLOG_num(store->logs); ++i) {
+        for (i = 0; i < sk_CTLOG_num(store->logs); ++i) {
-        const CTLOG *log = sk_CTLOG_value(store->logs, i);
+                const CTLOG *log = sk_CTLOG_value(store->logs, i);
-        if (memcmp(log->log_id, log_id, log_id_len) == 0)
+                if (memcmp(log->log_id, log_id, log_id_len) == 0)
-            return log;
+                        return log;
-    }
+        }
-    return NULL;
+        return NULL;
 }
author	beck <>	2021-10-28 11:55:43 +0000
committer	beck <>	2021-10-28 11:55:43 +0000
commit	92391c1802f1d1cd2771f7e48fb0a19e975a26f5 (patch)
tree	1f2e0d435ff5311db6957d62b59e97937f97ecbc /src/lib/libcrypto/ct/ct_log.c
parent	2ad24edafbc4bd74a8da3d35534b4fad107e1473 (diff)
download	openbsd-92391c1802f1d1cd2771f7e48fb0a19e975a26f5.tar.gz openbsd-92391c1802f1d1cd2771f7e48fb0a19e975a26f5.tar.bz2 openbsd-92391c1802f1d1cd2771f7e48fb0a19e975a26f5.zip

diff --git a/src/lib/libcrypto/ct/ct_log.c b/src/lib/libcrypto/ct/ct_log.c index c1bca3e141..ee44de2bfc 100644 --- a/src/lib/libcrypto/ct/ct_log.c +++ b/src/lib/libcrypto/ct/ct_log.c
@@ -22,9 +22,9 @@
22	* Information about a CT log server.	22	* Information about a CT log server.
23	*/	23	*/
24	struct ctlog_st {	24	struct ctlog_st {
25	char *name;	25	char *name;
26	uint8_t log_id[CT_V1_HASHLEN];	26	uint8_t log_id[CT_V1_HASHLEN];
27	EVP_PKEY *public_key;	27	EVP_PKEY *public_key;
28	};	28	};
29		29
30	/*	30	/*
@@ -32,14 +32,14 @@ struct ctlog_st {
32	* It takes ownership of any CTLOG instances added to it.	32	* It takes ownership of any CTLOG instances added to it.
33	*/	33	*/
34	struct ctlog_store_st {	34	struct ctlog_store_st {
35	STACK_OF(CTLOG) *logs;	35	STACK_OF(CTLOG) *logs;
36	};	36	};
37		37
38	/* The context when loading a CT log list from a CONF file. */	38	/* The context when loading a CT log list from a CONF file. */
39	typedef struct ctlog_store_load_ctx_st {	39	typedef struct ctlog_store_load_ctx_st {
40	CTLOG_STORE *log_store;	40	CTLOG_STORE *log_store;
41	CONF *conf;	41	CONF *conf;
42	size_t invalid_log_entries;	42	size_t invalid_log_entries;
43	} CTLOG_STORE_LOAD_CTX;	43	} CTLOG_STORE_LOAD_CTX;
44		44
45	/*	45	/*
@@ -54,95 +54,101 @@ static CTLOG_STORE_LOAD_CTX *ctlog_store_load_ctx_new(void);
54	*/	54	*/
55	static void ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx);	55	static void ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx);
56		56
57	static CTLOG_STORE_LOAD_CTX *ctlog_store_load_ctx_new(void)	57	static CTLOG_STORE_LOAD_CTX *
		58	ctlog_store_load_ctx_new(void)
58	{	59	{
59	CTLOG_STORE_LOAD_CTX ctx = OPENSSL_zalloc(sizeof(ctx));	60	CTLOG_STORE_LOAD_CTX ctx = OPENSSL_zalloc(sizeof(ctx));
60		61
61	if (ctx == NULL)	62	if (ctx == NULL)
62	CTerr(CT_F_CTLOG_STORE_LOAD_CTX_NEW, ERR_R_MALLOC_FAILURE);	63	CTerr(CT_F_CTLOG_STORE_LOAD_CTX_NEW, ERR_R_MALLOC_FAILURE);
63		64
64	return ctx;	65	return ctx;
65	}	66	}
66		67
67	static void ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx)	68	static void
		69	ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX* ctx)
68	{	70	{
69	OPENSSL_free(ctx);	71	OPENSSL_free(ctx);
70	}	72	}
71		73
72	/* Converts a log's public key into a SHA256 log ID */	74	/* Converts a log's public key into a SHA256 log ID */
73	static int ct_v1_log_id_from_pkey(EVP_PKEY *pkey,	75	static int
74	unsigned char log_id[CT_V1_HASHLEN])	76	ct_v1_log_id_from_pkey(EVP_PKEY *pkey, unsigned char log_id[CT_V1_HASHLEN])
75	{	77	{
76	int ret = 0;	78	int ret = 0;
77	unsigned char *pkey_der = NULL;	79	unsigned char *pkey_der = NULL;
78	int pkey_der_len = i2d_PUBKEY(pkey, &pkey_der);	80	int pkey_der_len = i2d_PUBKEY(pkey, &pkey_der);
79		81
80	if (pkey_der_len <= 0) {	82	if (pkey_der_len <= 0) {
81	CTerr(CT_F_CT_V1_LOG_ID_FROM_PKEY, CT_R_LOG_KEY_INVALID);	83	CTerr(CT_F_CT_V1_LOG_ID_FROM_PKEY, CT_R_LOG_KEY_INVALID);
82	goto err;	84	goto err;
83	}	85	}
84		86
85	SHA256(pkey_der, pkey_der_len, log_id);	87	SHA256(pkey_der, pkey_der_len, log_id);
86	ret = 1;	88	ret = 1;
87	err:	89	err:
88	OPENSSL_free(pkey_der);	90	OPENSSL_free(pkey_der);
89	return ret;	91	return ret;
90	}	92	}
91		93
92	CTLOG_STORE *CTLOG_STORE_new(void)	94	CTLOG_STORE *
		95	CTLOG_STORE_new(void)
93	{	96	{
94	CTLOG_STORE ret = OPENSSL_zalloc(sizeof(ret));	97	CTLOG_STORE ret = OPENSSL_zalloc(sizeof(ret));
95		98
96	if (ret == NULL) {	99	if (ret == NULL) {
97	CTerr(CT_F_CTLOG_STORE_NEW, ERR_R_MALLOC_FAILURE);	100	CTerr(CT_F_CTLOG_STORE_NEW, ERR_R_MALLOC_FAILURE);
98	return NULL;	101	return NULL;
99	}	102	}
100		103
101	ret->logs = sk_CTLOG_new_null();	104	ret->logs = sk_CTLOG_new_null();
102	if (ret->logs == NULL)	105	if (ret->logs == NULL)
103	goto err;	106	goto err;
104		107
105	return ret;	108	return ret;
106	err:	109	err:
107	OPENSSL_free(ret);	110	OPENSSL_free(ret);
108	return NULL;	111	return NULL;
109	}	112	}
110		113
111	void CTLOG_STORE_free(CTLOG_STORE *store)	114	void
		115	CTLOG_STORE_free(CTLOG_STORE *store)
112	{	116	{
113	if (store != NULL) {	117	if (store != NULL) {
114	sk_CTLOG_pop_free(store->logs, CTLOG_free);	118	sk_CTLOG_pop_free(store->logs, CTLOG_free);
115	OPENSSL_free(store);	119	OPENSSL_free(store);
116	}	120	}
117	}	121	}
118		122
119	static int ctlog_new_from_conf(CTLOG *ct_log, const CONF conf, const char *section)	123	static int
		124	ctlog_new_from_conf(CTLOG *ct_log, const CONF conf, const char *section)
120	{	125	{
121	const char *description = NCONF_get_string(conf, section, "description");	126	const char *description = NCONF_get_string(conf, section, "description");
122	char *pkey_base64;	127	char *pkey_base64;
123		128
124	if (description == NULL) {	129	if (description == NULL) {
125	CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_DESCRIPTION);	130	CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_DESCRIPTION);
126	return 0;	131	return 0;
127	}	132	}
128		133
129	pkey_base64 = NCONF_get_string(conf, section, "key");	134	pkey_base64 = NCONF_get_string(conf, section, "key");
130	if (pkey_base64 == NULL) {	135	if (pkey_base64 == NULL) {
131	CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_KEY);	136	CTerr(CT_F_CTLOG_NEW_FROM_CONF, CT_R_LOG_CONF_MISSING_KEY);
132	return 0;	137	return 0;
133	}	138	}
134		139
135	return CTLOG_new_from_base64(ct_log, pkey_base64, description);	140	return CTLOG_new_from_base64(ct_log, pkey_base64, description);
136	}	141	}
137		142
138	int CTLOG_STORE_load_default_file(CTLOG_STORE *store)	143	int
		144	CTLOG_STORE_load_default_file(CTLOG_STORE *store)
139	{	145	{
140	const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);	146	const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);
141		147
142	if (fpath == NULL)	148	if (fpath == NULL)
143	fpath = CTLOG_FILE;	149	fpath = CTLOG_FILE;
144		150
145	return CTLOG_STORE_load_file(store, fpath);	151	return CTLOG_STORE_load_file(store, fpath);
146	}	152	}
147		153
148	/*	154	/*
@@ -151,82 +157,83 @@ int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
151	* the following log entries.	157	* the following log entries.
152	* It may stop parsing and returns -1 on any internal (malloc) error.	158	* It may stop parsing and returns -1 on any internal (malloc) error.
153	*/	159	*/
154	static int ctlog_store_load_log(const char *log_name, int log_name_len,	160	static int
155	void *arg)	161	ctlog_store_load_log(const char log_name, int log_name_len, void arg)
156	{	162	{
157	CTLOG_STORE_LOAD_CTX *load_ctx = arg;	163	CTLOG_STORE_LOAD_CTX *load_ctx = arg;
158	CTLOG *ct_log = NULL;	164	CTLOG *ct_log = NULL;
159	/* log_name may not be null-terminated, so fix that before using it */	165	/* log_name may not be null-terminated, so fix that before using it */
160	char *tmp;	166	char *tmp;
161	int ret = 0;	167	int ret = 0;
162		168
163	/* log_name will be NULL for empty list entries */	169	/* log_name will be NULL for empty list entries */
164	if (log_name == NULL)	170	if (log_name == NULL)
165	return 1;	171	return 1;
166		172
167	tmp = OPENSSL_strndup(log_name, log_name_len);	173	tmp = OPENSSL_strndup(log_name, log_name_len);
168	if (tmp == NULL)	174	if (tmp == NULL)
169	goto mem_err;	175	goto mem_err;
170		176
171	ret = ctlog_new_from_conf(&ct_log, load_ctx->conf, tmp);	177	ret = ctlog_new_from_conf(&ct_log, load_ctx->conf, tmp);
172	OPENSSL_free(tmp);	178	OPENSSL_free(tmp);
173		179
174	if (ret < 0) {	180	if (ret < 0) {
175	/* Propagate any internal error */	181	/* Propagate any internal error */
176	return ret;	182	return ret;
177	}	183	}
178	if (ret == 0) {	184	if (ret == 0) {
179	/* If we can't load this log, record that fact and skip it */	185	/* If we can't load this log, record that fact and skip it */
180	++load_ctx->invalid_log_entries;	186	++load_ctx->invalid_log_entries;
181	return 1;	187	return 1;
182	}	188	}
183		189
184	if (!sk_CTLOG_push(load_ctx->log_store->logs, ct_log)) {	190	if (!sk_CTLOG_push(load_ctx->log_store->logs, ct_log)) {
185	goto mem_err;	191	goto mem_err;
186	}	192	}
187	return 1;	193	return 1;
188		194
189	mem_err:	195	mem_err:
190	CTLOG_free(ct_log);	196	CTLOG_free(ct_log);
191	CTerr(CT_F_CTLOG_STORE_LOAD_LOG, ERR_R_MALLOC_FAILURE);	197	CTerr(CT_F_CTLOG_STORE_LOAD_LOG, ERR_R_MALLOC_FAILURE);
192	return -1;	198	return -1;
193	}	199	}
194		200
195	int CTLOG_STORE_load_file(CTLOG_STORE store, const char file)	201	int
		202	CTLOG_STORE_load_file(CTLOG_STORE store, const char file)
196	{	203	{
197	int ret = 0;	204	int ret = 0;
198	char *enabled_logs;	205	char *enabled_logs;
199	CTLOG_STORE_LOAD_CTX* load_ctx = ctlog_store_load_ctx_new();	206	CTLOG_STORE_LOAD_CTX* load_ctx = ctlog_store_load_ctx_new();
200		207
201	if (load_ctx == NULL)	208	if (load_ctx == NULL)
202	return 0;	209	return 0;
203	load_ctx->log_store = store;	210	load_ctx->log_store = store;
204	load_ctx->conf = NCONF_new(NULL);	211	load_ctx->conf = NCONF_new(NULL);
205	if (load_ctx->conf == NULL)	212	if (load_ctx->conf == NULL)
206	goto end;	213	goto end;
207		214
208	if (NCONF_load(load_ctx->conf, file, NULL) <= 0) {	215	if (NCONF_load(load_ctx->conf, file, NULL) <= 0) {
209	CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);	216	CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
210	goto end;	217	goto end;
211	}	218	}
212		219
213	enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs");	220	enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs");
214	if (enabled_logs == NULL) {	221	if (enabled_logs == NULL) {
215	CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);	222	CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
216	goto end;	223	goto end;
217	}	224	}
218		225
219	if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) \|\|	226	if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) \|\|
220	load_ctx->invalid_log_entries > 0) {	227	load_ctx->invalid_log_entries > 0) {
221	CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);	228	CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
222	goto end;	229	goto end;
223	}	230	}
224		231
225	ret = 1;	232	ret = 1;
226	end:	233	end:
227	NCONF_free(load_ctx->conf);	234	NCONF_free(load_ctx->conf);
228	ctlog_store_load_ctx_free(load_ctx);	235	ctlog_store_load_ctx_free(load_ctx);
229	return ret;	236	return ret;
230	}	237	}
231		238
232	/*	239	/*
@@ -234,73 +241,77 @@ end:
234	* Takes ownership of the public key.	241	* Takes ownership of the public key.
235	* Copies the name.	242	* Copies the name.
236	*/	243	*/
237	CTLOG CTLOG_new(EVP_PKEY public_key, const char *name)	244	CTLOG *
		245	CTLOG_new(EVP_PKEY public_key, const char name)
238	{	246	{
239	CTLOG ret = OPENSSL_zalloc(sizeof(ret));	247	CTLOG ret = OPENSSL_zalloc(sizeof(ret));
240		248
241	if (ret == NULL) {	249	if (ret == NULL) {
242	CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);	250	CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);
243	return NULL;	251	return NULL;
244	}	252	}
245		253
246	ret->name = OPENSSL_strdup(name);	254	ret->name = OPENSSL_strdup(name);
247	if (ret->name == NULL) {	255	if (ret->name == NULL) {
248	CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);	256	CTerr(CT_F_CTLOG_NEW, ERR_R_MALLOC_FAILURE);
249	goto err;	257	goto err;
250	}	258	}
251		259
252	if (ct_v1_log_id_from_pkey(public_key, ret->log_id) != 1)	260	if (ct_v1_log_id_from_pkey(public_key, ret->log_id) != 1)
253	goto err;	261	goto err;
254		262
255	ret->public_key = public_key;	263	ret->public_key = public_key;
256	return ret;	264	return ret;
257	err:	265	err:
258	CTLOG_free(ret);	266	CTLOG_free(ret);
259	return NULL;	267	return NULL;
260	}	268	}
261		269
262	/* Frees CT log and associated structures */	270	/* Frees CT log and associated structures */
263	void CTLOG_free(CTLOG *log)	271	void
		272	CTLOG_free(CTLOG *log)
264	{	273	{
265	if (log != NULL) {	274	if (log != NULL) {
266	OPENSSL_free(log->name);	275	OPENSSL_free(log->name);
267	EVP_PKEY_free(log->public_key);	276	EVP_PKEY_free(log->public_key);
268	OPENSSL_free(log);	277	OPENSSL_free(log);
269	}	278	}
270	}	279	}
271		280
272	const char CTLOG_get0_name(const CTLOG log)	281	const char *
		282	CTLOG_get0_name(const CTLOG *log)
273	{	283	{
274	return log->name;	284	return log->name;
275	}	285	}
276		286
277	void CTLOG_get0_log_id(const CTLOG log, const uint8_t *log_id,	287	void
278	size_t *log_id_len)	288	CTLOG_get0_log_id(const CTLOG log, const uint8_t log_id, size_t log_id_len)
279	{	289	{
280	*log_id = log->log_id;	290	*log_id = log->log_id;
281	*log_id_len = CT_V1_HASHLEN;	291	*log_id_len = CT_V1_HASHLEN;
282	}	292	}
283		293
284	EVP_PKEY CTLOG_get0_public_key(const CTLOG log)	294	EVP_PKEY *
		295	CTLOG_get0_public_key(const CTLOG *log)
285	{	296	{
286	return log->public_key;	297	return log->public_key;
287	}	298	}
288		299
289	/*	300	/*
290	* Given a log ID, finds the matching log.	301	* Given a log ID, finds the matching log.
291	* Returns NULL if no match found.	302	* Returns NULL if no match found.
292	*/	303	*/
293	const CTLOG CTLOG_STORE_get0_log_by_id(const CTLOG_STORE store,	304	const CTLOG
294	const uint8_t *log_id,	305	CTLOG_STORE_get0_log_by_id(const CTLOG_STORE store, const uint8_t *log_id,
295	size_t log_id_len)	306	size_t log_id_len)
296	{	307	{
297	int i;	308	int i;
298		309
299	for (i = 0; i < sk_CTLOG_num(store->logs); ++i) {	310	for (i = 0; i < sk_CTLOG_num(store->logs); ++i) {
300	const CTLOG *log = sk_CTLOG_value(store->logs, i);	311	const CTLOG *log = sk_CTLOG_value(store->logs, i);
301	if (memcmp(log->log_id, log_id, log_id_len) == 0)	312	if (memcmp(log->log_id, log_id, log_id_len) == 0)
302	return log;	313	return log;
303	}	314	}
304		315
305	return NULL;	316	return NULL;
306	}	317	}