summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509v3
diff options
context:
space:
mode:
authorbeck <>2014-04-26 18:56:38 +0000
committerbeck <>2014-04-26 18:56:38 +0000
commit47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2 (patch)
treedff54039de6c4454b05953e2ce78edfc5693e6b5 /src/lib/libcrypto/x509v3
parent8f710803a9e330d7e3f2e62116ae5b3fc02bd6cf (diff)
downloadopenbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.tar.gz
openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.tar.bz2
openbsd-47bb6e76785f0b1c4d19d8d0a02f3eb3813f96e2.zip
Replace all use of ERR_add_error_data with ERR_asprintf_error_data.
This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
Diffstat (limited to 'src/lib/libcrypto/x509v3')
-rw-r--r--src/lib/libcrypto/x509v3/v3_akey.c2
-rw-r--r--src/lib/libcrypto/x509v3/v3_alt.c8
-rw-r--r--src/lib/libcrypto/x509v3/v3_conf.c12
-rw-r--r--src/lib/libcrypto/x509v3/v3_info.c4
-rw-r--r--src/lib/libcrypto/x509v3/x509v3.h5
5 files changed, 15 insertions, 16 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c
index 6d5c576e23..a5d760d469 100644
--- a/src/lib/libcrypto/x509v3/v3_akey.c
+++ b/src/lib/libcrypto/x509v3/v3_akey.c
@@ -139,7 +139,7 @@ v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
139 } else { 139 } else {
140 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, 140 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
141 X509V3_R_UNKNOWN_OPTION); 141 X509V3_R_UNKNOWN_OPTION);
142 ERR_add_error_data(2, "name=", cnf->name); 142 ERR_asprintf_error_data("name=%s", cnf->name);
143 return NULL; 143 return NULL;
144 } 144 }
145 } 145 }
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index e61ed673c0..61b0c90fad 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -479,7 +479,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
479 if (!(obj = OBJ_txt2obj(value, 0))) { 479 if (!(obj = OBJ_txt2obj(value, 0))) {
480 X509V3err(X509V3_F_A2I_GENERAL_NAME, 480 X509V3err(X509V3_F_A2I_GENERAL_NAME,
481 X509V3_R_BAD_OBJECT); 481 X509V3_R_BAD_OBJECT);
482 ERR_add_error_data(2, "value=", value); 482 ERR_asprintf_error_data("value=%s", value);
483 goto err; 483 goto err;
484 } 484 }
485 gen->d.rid = obj; 485 gen->d.rid = obj;
@@ -494,7 +494,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
494 if (gen->d.ip == NULL) { 494 if (gen->d.ip == NULL) {
495 X509V3err(X509V3_F_A2I_GENERAL_NAME, 495 X509V3err(X509V3_F_A2I_GENERAL_NAME,
496 X509V3_R_BAD_IP_ADDRESS); 496 X509V3_R_BAD_IP_ADDRESS);
497 ERR_add_error_data(2, "value=", value); 497 ERR_asprintf_error_data("value=%s", value);
498 goto err; 498 goto err;
499 } 499 }
500 break; 500 break;
@@ -572,7 +572,7 @@ v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
572 else { 572 else {
573 X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, 573 X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,
574 X509V3_R_UNSUPPORTED_OPTION); 574 X509V3_R_UNSUPPORTED_OPTION);
575 ERR_add_error_data(2, "name=", name); 575 ERR_asprintf_error_data("name=%s", name);
576 return NULL; 576 return NULL;
577 } 577 }
578 578
@@ -620,7 +620,7 @@ do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
620 sk = X509V3_get_section(ctx, value); 620 sk = X509V3_get_section(ctx, value);
621 if (!sk) { 621 if (!sk) {
622 X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND); 622 X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
623 ERR_add_error_data(2, "section=", value); 623 ERR_asprintf_error_data("section=%s", value);
624 X509_NAME_free(nm); 624 X509_NAME_free(nm);
625 return 0; 625 return 0;
626 } 626 }
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
index daacf8d5df..e22aa50fcd 100644
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ b/src/lib/libcrypto/x509v3/v3_conf.c
@@ -94,7 +94,7 @@ X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value)
94 if (!ret) { 94 if (!ret) {
95 X509V3err(X509V3_F_X509V3_EXT_NCONF, 95 X509V3err(X509V3_F_X509V3_EXT_NCONF,
96 X509V3_R_ERROR_IN_EXTENSION); 96 X509V3_R_ERROR_IN_EXTENSION);
97 ERR_add_error_data(4, "name=", name, ", value=", value); 97 ERR_asprintf_error_data("name=%s, value=%s", name, value);
98 } 98 }
99 return ret; 99 return ret;
100} 100}
@@ -142,8 +142,8 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
142 if (sk_CONF_VALUE_num(nval) <= 0) { 142 if (sk_CONF_VALUE_num(nval) <= 0) {
143 X509V3err(X509V3_F_DO_EXT_NCONF, 143 X509V3err(X509V3_F_DO_EXT_NCONF,
144 X509V3_R_INVALID_EXTENSION_STRING); 144 X509V3_R_INVALID_EXTENSION_STRING);
145 ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), 145 ERR_asprintf_error_data("name=%s,section=%s",
146 ",section=", value); 146 OBJ_nid2sn(ext_nid), value);
147 return NULL; 147 return NULL;
148 } 148 }
149 ext_struc = method->v2i(method, ctx, nval); 149 ext_struc = method->v2i(method, ctx, nval);
@@ -165,7 +165,7 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
165 } else { 165 } else {
166 X509V3err(X509V3_F_DO_EXT_NCONF, 166 X509V3err(X509V3_F_DO_EXT_NCONF,
167 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); 167 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
168 ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); 168 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
169 return NULL; 169 return NULL;
170 } 170 }
171 171
@@ -283,7 +283,7 @@ v3_generic_extension(const char *ext, char *value, int crit, int gen_type,
283 if (!(obj = OBJ_txt2obj(ext, 0))) { 283 if (!(obj = OBJ_txt2obj(ext, 0))) {
284 X509V3err(X509V3_F_V3_GENERIC_EXTENSION, 284 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
285 X509V3_R_EXTENSION_NAME_ERROR); 285 X509V3_R_EXTENSION_NAME_ERROR);
286 ERR_add_error_data(2, "name=", ext); 286 ERR_asprintf_error_data("name=%s", ext);
287 goto err; 287 goto err;
288 } 288 }
289 289
@@ -295,7 +295,7 @@ v3_generic_extension(const char *ext, char *value, int crit, int gen_type,
295 if (ext_der == NULL) { 295 if (ext_der == NULL) {
296 X509V3err(X509V3_F_V3_GENERIC_EXTENSION, 296 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
297 X509V3_R_EXTENSION_VALUE_ERROR); 297 X509V3_R_EXTENSION_VALUE_ERROR);
298 ERR_add_error_data(2, "value=", value); 298 ERR_asprintf_error_data("value=%s", value);
299 goto err; 299 goto err;
300 } 300 }
301 301
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index 7853e3e23b..9ae1596b1f 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -184,12 +184,10 @@ v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
184 if (!acc->method) { 184 if (!acc->method) {
185 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 185 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
186 X509V3_R_BAD_OBJECT); 186 X509V3_R_BAD_OBJECT);
187 ERR_add_error_data(2, "value=", objtmp); 187 ERR_asprintf_error_data("value=%s", objtmp);
188 free(objtmp);
189 goto err; 188 goto err;
190 } 189 }
191 free(objtmp); 190 free(objtmp);
192
193 } 191 }
194 return ainfo; 192 return ainfo;
195 193
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h
index b308abe7cd..dda5344b33 100644
--- a/src/lib/libcrypto/x509v3/x509v3.h
+++ b/src/lib/libcrypto/x509v3/x509v3.h
@@ -379,8 +379,9 @@ struct ISSUING_DIST_POINT_st
379/* onlysomereasons present */ 379/* onlysomereasons present */
380#define IDP_REASONS 0x40 380#define IDP_REASONS 0x40
381 381
382#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ 382#define X509V3_conf_err(val) ERR_asprintf_error_data( \
383",name:", val->name, ",value:", val->value); 383 "section:%s,name:%s,value:%s", val->section, \
384 val->name, val->value);
384 385
385#define X509V3_set_ctx_test(ctx) \ 386#define X509V3_set_ctx_test(ctx) \
386 X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) 387 X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)