Replace all use of ERR_add_error_data with ERR_asprintf_error_data.

This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
author: beck <> 2014-04-26 18:56:38 +0000
committer: beck <> 2014-04-26 18:56:38 +0000
commit: 47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2 (patch)
tree: dff54039de6c4454b05953e2ce78edfc5693e6b5 /src/lib/libcrypto/ocsp
parent: 8f710803a9e330d7e3f2e62116ae5b3fc02bd6cf (diff)
download: openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.tar.gz
openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.tar.bz2
openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.zip
2 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c
index 4bb6fce83c..b45eaf6767 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ht.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ht.c
@@ -259,9 +259,9 @@ static int parse_http_line1(char *line)
                {
                OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);
                if(!*q)
-                        ERR_add_error_data(2, "Code=", p);
+                        ERR_asprintf_error_data("Code=%s", p);
                else
-                        ERR_add_error_data(4, "Code=", p, ",Reason=", q);
+                        ERR_asprintf_error_data("Code=%s,Reason=%s", p, q);
                return 0;
                }
diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c
index 276718304d..0b181d5abe 100644
--- a/src/lib/libcrypto/ocsp/ocsp_vfy.c
+++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c
@@ -122,9 +122,9 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
                X509_STORE_CTX_cleanup(&ctx);
                if (ret <= 0)
                        {
-                        i = X509_STORE_CTX_get_error(&ctx);     
+                        i = X509_STORE_CTX_get_error(&ctx);
                        OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
-                        ERR_add_error_data(2, "Verify error:",
+                        ERR_asprintf_error_data("Verify error:%s",
                                        X509_verify_cert_error_string(i));
                        goto end;
                        }
@@ -421,7 +421,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st
                        {
                        ret = X509_STORE_CTX_get_error(&ctx);   
                        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
-                        ERR_add_error_data(2, "Verify error:",
+                        ERR_asprintf_error_data("Verify error:%s",
                                        X509_verify_cert_error_string(ret));
                        return 0;
                        }
author	beck <>	2014-04-26 18:56:38 +0000
committer	beck <>	2014-04-26 18:56:38 +0000
commit	47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2 (patch)
tree	dff54039de6c4454b05953e2ce78edfc5693e6b5 /src/lib/libcrypto/ocsp
parent	8f710803a9e330d7e3f2e62116ae5b3fc02bd6cf (diff)
download	openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.tar.gz openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.tar.bz2 openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.zip

diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c index 4bb6fce83c..b45eaf6767 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ht.c +++ b/src/lib/libcrypto/ocsp/ocsp_ht.c
@@ -259,9 +259,9 @@ static int parse_http_line1(char *line)
259	{	259	{
260	OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);	260	OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);
261	if(!*q)	261	if(!*q)
262	ERR_add_error_data(2, "Code=", p);	262	ERR_asprintf_error_data("Code=%s", p);
263	else	263	else
264	ERR_add_error_data(4, "Code=", p, ",Reason=", q);	264	ERR_asprintf_error_data("Code=%s,Reason=%s", p, q);
265	return 0;	265	return 0;
266	}	266	}
267		267


diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c index 276718304d..0b181d5abe 100644 --- a/src/lib/libcrypto/ocsp/ocsp_vfy.c +++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c
@@ -122,9 +122,9 @@ int OCSP_basic_verify(OCSP_BASICRESP bs, STACK_OF(X509) certs,
122	X509_STORE_CTX_cleanup(&ctx);	122	X509_STORE_CTX_cleanup(&ctx);
123	if (ret <= 0)	123	if (ret <= 0)
124	{	124	{
125	i = X509_STORE_CTX_get_error(&ctx);	125	i = X509_STORE_CTX_get_error(&ctx);
126	OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);	126	OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
127	ERR_add_error_data(2, "Verify error:",	127	ERR_asprintf_error_data("Verify error:%s",
128	X509_verify_cert_error_string(i));	128	X509_verify_cert_error_string(i));
129	goto end;	129	goto end;
130	}	130	}
@@ -421,7 +421,7 @@ int OCSP_request_verify(OCSP_REQUEST req, STACK_OF(X509) certs, X509_STORE *st
421	{	421	{
422	ret = X509_STORE_CTX_get_error(&ctx);	422	ret = X509_STORE_CTX_get_error(&ctx);
423	OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);	423	OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
424	ERR_add_error_data(2, "Verify error:",	424	ERR_asprintf_error_data("Verify error:%s",
425	X509_verify_cert_error_string(ret));	425	X509_verify_cert_error_string(ret));
426	return 0;	426	return 0;
427	}	427	}