summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/LPdir_vms.c49
-rw-r--r--src/lib/libcrypto/ecdsa/ecdsatest.c5
-rw-r--r--src/lib/libcrypto/jpake/jpake.c29
-rw-r--r--src/lib/libcrypto/jpake/jpake.h2
-rw-r--r--src/lib/libcrypto/jpake/jpake_err.c4
-rw-r--r--src/lib/libcrypto/pqueue/pqueue.c5
-rw-r--r--src/lib/libcrypto/rand/rand_nw.c4
-rwxr-xr-xsrc/lib/libcrypto/vms_rms.h51
-rw-r--r--src/lib/libcrypto/x509v3/v3_addr.c6
-rw-r--r--src/lib/libcrypto/x509v3/v3_asid.c31
10 files changed, 140 insertions, 46 deletions
diff --git a/src/lib/libcrypto/LPdir_vms.c b/src/lib/libcrypto/LPdir_vms.c
index 85b427a623..7613bd254e 100644
--- a/src/lib/libcrypto/LPdir_vms.c
+++ b/src/lib/libcrypto/LPdir_vms.c
@@ -40,22 +40,18 @@
40#ifndef LPDIR_H 40#ifndef LPDIR_H
41#include "LPdir.h" 41#include "LPdir.h"
42#endif 42#endif
43#include "vms_rms.h"
43 44
44/* Because some compiler options hide this macor */ 45/* Some compiler options hide EVMSERR. */
45#ifndef EVMSERR 46#ifndef EVMSERR
46#define EVMSERR 65535 /* error for non-translatable VMS errors */ 47# define EVMSERR 65535 /* error for non-translatable VMS errors */
47#endif 48#endif
48 49
49struct LP_dir_context_st 50struct LP_dir_context_st
50{ 51{
51 unsigned long VMS_context; 52 unsigned long VMS_context;
52#ifdef NAML$C_MAXRSS 53 char filespec[ NAMX_MAXRSS+ 1];
53 char filespec[NAML$C_MAXRSS+1]; 54 char result[ NAMX_MAXRSS+ 1];
54 char result[NAML$C_MAXRSS+1];
55#else
56 char filespec[256];
57 char result[256];
58#endif
59 struct dsc$descriptor_d filespec_dsc; 55 struct dsc$descriptor_d filespec_dsc;
60 struct dsc$descriptor_d result_dsc; 56 struct dsc$descriptor_d result_dsc;
61}; 57};
@@ -66,6 +62,16 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
66 char *p, *r; 62 char *p, *r;
67 size_t l; 63 size_t l;
68 unsigned long flags = 0; 64 unsigned long flags = 0;
65
66/* Arrange 32-bit pointer to (copied) string storage, if needed. */
67#if __INITIAL_POINTER_SIZE == 64
68# pragma pointer_size save
69# pragma pointer_size 32
70 char *ctx_filespec_32p;
71# pragma pointer_size restore
72 char ctx_filespec_32[ NAMX_MAXRSS+ 1];
73#endif /* __INITIAL_POINTER_SIZE == 64 */
74
69#ifdef NAML$C_MAXRSS 75#ifdef NAML$C_MAXRSS
70 flags |= LIB$M_FIL_LONG_NAMES; 76 flags |= LIB$M_FIL_LONG_NAMES;
71#endif 77#endif
@@ -93,13 +99,7 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
93 99
94 filespeclen += 4; /* "*.*;" */ 100 filespeclen += 4; /* "*.*;" */
95 101
96 if (filespeclen > 102 if (filespeclen > NAMX_MAXRSS)
97#ifdef NAML$C_MAXRSS
98 NAML$C_MAXRSS
99#else
100 255
101#endif
102 )
103 { 103 {
104 errno = ENAMETOOLONG; 104 errno = ENAMETOOLONG;
105 return 0; 105 return 0;
@@ -115,14 +115,21 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
115 115
116 strcpy((*ctx)->filespec,directory); 116 strcpy((*ctx)->filespec,directory);
117 strcat((*ctx)->filespec,"*.*;"); 117 strcat((*ctx)->filespec,"*.*;");
118
119/* Arrange 32-bit pointer to (copied) string storage, if needed. */
120#if __INITIAL_POINTER_SIZE == 64
121# define CTX_FILESPEC ctx_filespec_32p
122 /* Copy the file name to storage with a 32-bit pointer. */
123 ctx_filespec_32p = ctx_filespec_32;
124 strcpy( ctx_filespec_32p, (*ctx)->filespec);
125#else /* __INITIAL_POINTER_SIZE == 64 */
126# define CTX_FILESPEC (*ctx)->filespec
127#endif /* __INITIAL_POINTER_SIZE == 64 [else] */
128
118 (*ctx)->filespec_dsc.dsc$w_length = filespeclen; 129 (*ctx)->filespec_dsc.dsc$w_length = filespeclen;
119 (*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T; 130 (*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
120 (*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S; 131 (*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S;
121 (*ctx)->filespec_dsc.dsc$a_pointer = (*ctx)->filespec; 132 (*ctx)->filespec_dsc.dsc$a_pointer = CTX_FILESPEC;
122 (*ctx)->result_dsc.dsc$w_length = 0;
123 (*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
124 (*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
125 (*ctx)->result_dsc.dsc$a_pointer = 0;
126 } 133 }
127 134
128 (*ctx)->result_dsc.dsc$w_length = 0; 135 (*ctx)->result_dsc.dsc$w_length = 0;
diff --git a/src/lib/libcrypto/ecdsa/ecdsatest.c b/src/lib/libcrypto/ecdsa/ecdsatest.c
index aa4e1481a8..26a4a9ee7c 100644
--- a/src/lib/libcrypto/ecdsa/ecdsatest.c
+++ b/src/lib/libcrypto/ecdsa/ecdsatest.c
@@ -168,10 +168,9 @@ int fbytes(unsigned char *buf, int num)
168 return 0; 168 return 0;
169 } 169 }
170 fbytes_counter ++; 170 fbytes_counter ++;
171 ret = BN_bn2bin(tmp, buf); 171 if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf))
172 if (ret == 0 || ret != num)
173 ret = 0; 172 ret = 0;
174 else 173 else
175 ret = 1; 174 ret = 1;
176 if (tmp) 175 if (tmp)
177 BN_free(tmp); 176 BN_free(tmp);
diff --git a/src/lib/libcrypto/jpake/jpake.c b/src/lib/libcrypto/jpake/jpake.c
index 086d9f47e0..8e4b633ccc 100644
--- a/src/lib/libcrypto/jpake/jpake.c
+++ b/src/lib/libcrypto/jpake/jpake.c
@@ -282,8 +282,37 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
282 return 1; 282 return 1;
283 } 283 }
284 284
285/* g^x is a legal value */
286static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx)
287 {
288 BIGNUM *t;
289 int res;
290
291 if(BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0)
292 return 0;
293
294 t = BN_new();
295 BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx);
296 res = BN_is_one(t);
297 BN_free(t);
298
299 return res;
300 }
301
285int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received) 302int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
286 { 303 {
304 if(!is_legal(received->p1.gx, ctx))
305 {
306 JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL);
307 return 0;
308 }
309
310 if(!is_legal(received->p2.gx, ctx))
311 {
312 JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL);
313 return 0;
314 }
315
287 /* verify their ZKP(xc) */ 316 /* verify their ZKP(xc) */
288 if(!verify_zkp(&received->p1, ctx->p.g, ctx)) 317 if(!verify_zkp(&received->p1, ctx->p.g, ctx))
289 { 318 {
diff --git a/src/lib/libcrypto/jpake/jpake.h b/src/lib/libcrypto/jpake/jpake.h
index 693ea188cb..fd143b4d9b 100644
--- a/src/lib/libcrypto/jpake/jpake.h
+++ b/src/lib/libcrypto/jpake/jpake.h
@@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void);
115#define JPAKE_F_VERIFY_ZKP 100 115#define JPAKE_F_VERIFY_ZKP 100
116 116
117/* Reason codes. */ 117/* Reason codes. */
118#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108
119#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109
118#define JPAKE_R_G_TO_THE_X4_IS_ONE 105 120#define JPAKE_R_G_TO_THE_X4_IS_ONE 105
119#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106 121#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106
120#define JPAKE_R_HASH_OF_KEY_MISMATCH 107 122#define JPAKE_R_HASH_OF_KEY_MISMATCH 107
diff --git a/src/lib/libcrypto/jpake/jpake_err.c b/src/lib/libcrypto/jpake/jpake_err.c
index 1b95067967..a9a9dee75c 100644
--- a/src/lib/libcrypto/jpake/jpake_err.c
+++ b/src/lib/libcrypto/jpake/jpake_err.c
@@ -1,6 +1,6 @@
1/* crypto/jpake/jpake_err.c */ 1/* crypto/jpake/jpake_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]=
80 80
81static ERR_STRING_DATA JPAKE_str_reasons[]= 81static ERR_STRING_DATA JPAKE_str_reasons[]=
82 { 82 {
83{ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),"g to the x3 is not legal"},
84{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),"g to the x4 is not legal"},
83{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"}, 85{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"},
84{ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"}, 86{ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"},
85{ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"}, 87{ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"},
diff --git a/src/lib/libcrypto/pqueue/pqueue.c b/src/lib/libcrypto/pqueue/pqueue.c
index 99a6fb874d..eab13a1250 100644
--- a/src/lib/libcrypto/pqueue/pqueue.c
+++ b/src/lib/libcrypto/pqueue/pqueue.c
@@ -167,14 +167,13 @@ pqueue_pop(pqueue_s *pq)
167pitem * 167pitem *
168pqueue_find(pqueue_s *pq, unsigned char *prio64be) 168pqueue_find(pqueue_s *pq, unsigned char *prio64be)
169 { 169 {
170 pitem *next, *prev = NULL; 170 pitem *next;
171 pitem *found = NULL; 171 pitem *found = NULL;
172 172
173 if ( pq->items == NULL) 173 if ( pq->items == NULL)
174 return NULL; 174 return NULL;
175 175
176 for ( next = pq->items; next->next != NULL; 176 for ( next = pq->items; next->next != NULL; next = next->next)
177 prev = next, next = next->next)
178 { 177 {
179 if ( memcmp(next->priority, prio64be,8) == 0) 178 if ( memcmp(next->priority, prio64be,8) == 0)
180 { 179 {
diff --git a/src/lib/libcrypto/rand/rand_nw.c b/src/lib/libcrypto/rand/rand_nw.c
index f177ffbe82..8d5b8d2e32 100644
--- a/src/lib/libcrypto/rand/rand_nw.c
+++ b/src/lib/libcrypto/rand/rand_nw.c
@@ -160,8 +160,8 @@ int RAND_poll(void)
160 rdtsc 160 rdtsc
161 mov tsc, eax 161 mov tsc, eax
162 } 162 }
163#else 163#elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
164 asm volatile("rdtsc":"=A" (tsc)); 164 asm volatile("rdtsc":"=a"(tsc)::"edx");
165#endif 165#endif
166 166
167 RAND_add(&tsc, sizeof(tsc), 1); 167 RAND_add(&tsc, sizeof(tsc), 1);
diff --git a/src/lib/libcrypto/vms_rms.h b/src/lib/libcrypto/vms_rms.h
new file mode 100755
index 0000000000..00a00d993f
--- /dev/null
+++ b/src/lib/libcrypto/vms_rms.h
@@ -0,0 +1,51 @@
1
2#ifdef NAML$C_MAXRSS
3
4# define CC_RMS_NAMX cc$rms_naml
5# define FAB_NAMX fab$l_naml
6# define FAB_OR_NAML( fab, naml) naml
7# define FAB_OR_NAML_DNA naml$l_long_defname
8# define FAB_OR_NAML_DNS naml$l_long_defname_size
9# define FAB_OR_NAML_FNA naml$l_long_filename
10# define FAB_OR_NAML_FNS naml$l_long_filename_size
11# define NAMX_ESA naml$l_long_expand
12# define NAMX_ESL naml$l_long_expand_size
13# define NAMX_ESS naml$l_long_expand_alloc
14# define NAMX_NOP naml$b_nop
15# define SET_NAMX_NO_SHORT_UPCASE( nam) nam.naml$v_no_short_upcase = 1
16
17# if __INITIAL_POINTER_SIZE == 64
18# define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (__char_ptr32) -1; \
19 fab.fab$l_fna = (__char_ptr32) -1;
20# else /* __INITIAL_POINTER_SIZE == 64 */
21# define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (char *) -1; \
22 fab.fab$l_fna = (char *) -1;
23# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
24
25# define NAMX_MAXRSS NAML$C_MAXRSS
26# define NAMX_STRUCT NAML
27
28#else /* def NAML$C_MAXRSS */
29
30# define CC_RMS_NAMX cc$rms_nam
31# define FAB_NAMX fab$l_nam
32# define FAB_OR_NAML( fab, naml) fab
33# define FAB_OR_NAML_DNA fab$l_dna
34# define FAB_OR_NAML_DNS fab$b_dns
35# define FAB_OR_NAML_FNA fab$l_fna
36# define FAB_OR_NAML_FNS fab$b_fns
37# define NAMX_ESA nam$l_esa
38# define NAMX_ESL nam$b_esl
39# define NAMX_ESS nam$b_ess
40# define NAMX_NOP nam$b_nop
41# define NAMX_DNA_FNA_SET(fab)
42# define NAMX_MAXRSS NAM$C_MAXRSS
43# define NAMX_STRUCT NAM
44# ifdef NAM$M_NO_SHORT_UPCASE
45# define SET_NAMX_NO_SHORT_UPCASE( nam) naml.naml$v_no_short_upcase = 1
46# else /* def NAM$M_NO_SHORT_UPCASE */
47# define SET_NAMX_NO_SHORT_UPCASE( nam)
48# endif /* def NAM$M_NO_SHORT_UPCASE [else] */
49
50#endif /* def NAML$C_MAXRSS [else] */
51
diff --git a/src/lib/libcrypto/x509v3/v3_addr.c b/src/lib/libcrypto/x509v3/v3_addr.c
index 9087d66e0a..0d70e8696d 100644
--- a/src/lib/libcrypto/x509v3/v3_addr.c
+++ b/src/lib/libcrypto/x509v3/v3_addr.c
@@ -177,12 +177,18 @@ static int i2r_address(BIO *out,
177 unsigned char addr[ADDR_RAW_BUF_LEN]; 177 unsigned char addr[ADDR_RAW_BUF_LEN];
178 int i, n; 178 int i, n;
179 179
180 if (bs->length < 0)
181 return 0;
180 switch (afi) { 182 switch (afi) {
181 case IANA_AFI_IPV4: 183 case IANA_AFI_IPV4:
184 if (bs->length > 4)
185 return 0;
182 addr_expand(addr, bs, 4, fill); 186 addr_expand(addr, bs, 4, fill);
183 BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]); 187 BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
184 break; 188 break;
185 case IANA_AFI_IPV6: 189 case IANA_AFI_IPV6:
190 if (bs->length > 16)
191 return 0;
186 addr_expand(addr, bs, 16, fill); 192 addr_expand(addr, bs, 16, fill);
187 for (n = 16; n > 1 && addr[n-1] == 0x00 && addr[n-2] == 0x00; n -= 2) 193 for (n = 16; n > 1 && addr[n-1] == 0x00 && addr[n-2] == 0x00; n -= 2)
188 ; 194 ;
diff --git a/src/lib/libcrypto/x509v3/v3_asid.c b/src/lib/libcrypto/x509v3/v3_asid.c
index 56702f86b9..3f434c0603 100644
--- a/src/lib/libcrypto/x509v3/v3_asid.c
+++ b/src/lib/libcrypto/x509v3/v3_asid.c
@@ -61,7 +61,6 @@
61 61
62#include <stdio.h> 62#include <stdio.h>
63#include <string.h> 63#include <string.h>
64#include <assert.h>
65#include "cryptlib.h" 64#include "cryptlib.h"
66#include <openssl/conf.h> 65#include <openssl/conf.h>
67#include <openssl/asn1.h> 66#include <openssl/asn1.h>
@@ -172,11 +171,11 @@ static int ASIdOrRange_cmp(const ASIdOrRange * const *a_,
172{ 171{
173 const ASIdOrRange *a = *a_, *b = *b_; 172 const ASIdOrRange *a = *a_, *b = *b_;
174 173
175 assert((a->type == ASIdOrRange_id && a->u.id != NULL) || 174 OPENSSL_assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
176 (a->type == ASIdOrRange_range && a->u.range != NULL && 175 (a->type == ASIdOrRange_range && a->u.range != NULL &&
177 a->u.range->min != NULL && a->u.range->max != NULL)); 176 a->u.range->min != NULL && a->u.range->max != NULL));
178 177
179 assert((b->type == ASIdOrRange_id && b->u.id != NULL) || 178 OPENSSL_assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
180 (b->type == ASIdOrRange_range && b->u.range != NULL && 179 (b->type == ASIdOrRange_range && b->u.range != NULL &&
181 b->u.range->min != NULL && b->u.range->max != NULL)); 180 b->u.range->min != NULL && b->u.range->max != NULL));
182 181
@@ -215,7 +214,7 @@ int v3_asid_add_inherit(ASIdentifiers *asid, int which)
215 if (*choice == NULL) { 214 if (*choice == NULL) {
216 if ((*choice = ASIdentifierChoice_new()) == NULL) 215 if ((*choice = ASIdentifierChoice_new()) == NULL)
217 return 0; 216 return 0;
218 assert((*choice)->u.inherit == NULL); 217 OPENSSL_assert((*choice)->u.inherit == NULL);
219 if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL) 218 if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL)
220 return 0; 219 return 0;
221 (*choice)->type = ASIdentifierChoice_inherit; 220 (*choice)->type = ASIdentifierChoice_inherit;
@@ -250,7 +249,7 @@ int v3_asid_add_id_or_range(ASIdentifiers *asid,
250 if (*choice == NULL) { 249 if (*choice == NULL) {
251 if ((*choice = ASIdentifierChoice_new()) == NULL) 250 if ((*choice = ASIdentifierChoice_new()) == NULL)
252 return 0; 251 return 0;
253 assert((*choice)->u.asIdsOrRanges == NULL); 252 OPENSSL_assert((*choice)->u.asIdsOrRanges == NULL);
254 (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp); 253 (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp);
255 if ((*choice)->u.asIdsOrRanges == NULL) 254 if ((*choice)->u.asIdsOrRanges == NULL)
256 return 0; 255 return 0;
@@ -286,7 +285,7 @@ static void extract_min_max(ASIdOrRange *aor,
286 ASN1_INTEGER **min, 285 ASN1_INTEGER **min,
287 ASN1_INTEGER **max) 286 ASN1_INTEGER **max)
288{ 287{
289 assert(aor != NULL && min != NULL && max != NULL); 288 OPENSSL_assert(aor != NULL && min != NULL && max != NULL);
290 switch (aor->type) { 289 switch (aor->type) {
291 case ASIdOrRange_id: 290 case ASIdOrRange_id:
292 *min = aor->u.id; 291 *min = aor->u.id;
@@ -373,7 +372,7 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
373int v3_asid_is_canonical(ASIdentifiers *asid) 372int v3_asid_is_canonical(ASIdentifiers *asid)
374{ 373{
375 return (asid == NULL || 374 return (asid == NULL ||
376 (ASIdentifierChoice_is_canonical(asid->asnum) || 375 (ASIdentifierChoice_is_canonical(asid->asnum) &&
377 ASIdentifierChoice_is_canonical(asid->rdi))); 376 ASIdentifierChoice_is_canonical(asid->rdi)));
378} 377}
379 378
@@ -395,7 +394,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
395 /* 394 /*
396 * We have a list. Sort it. 395 * We have a list. Sort it.
397 */ 396 */
398 assert(choice->type == ASIdentifierChoice_asIdsOrRanges); 397 OPENSSL_assert(choice->type == ASIdentifierChoice_asIdsOrRanges);
399 sk_ASIdOrRange_sort(choice->u.asIdsOrRanges); 398 sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
400 399
401 /* 400 /*
@@ -413,7 +412,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
413 /* 412 /*
414 * Make sure we're properly sorted (paranoia). 413 * Make sure we're properly sorted (paranoia).
415 */ 414 */
416 assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0); 415 OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
417 416
418 /* 417 /*
419 * Check for overlaps. 418 * Check for overlaps.
@@ -472,7 +471,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
472 } 471 }
473 } 472 }
474 473
475 assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */ 474 OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
476 475
477 ret = 1; 476 ret = 1;
478 477
@@ -709,9 +708,9 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
709 int i, ret = 1, inherit_as = 0, inherit_rdi = 0; 708 int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
710 X509 *x; 709 X509 *x;
711 710
712 assert(chain != NULL && sk_X509_num(chain) > 0); 711 OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
713 assert(ctx != NULL || ext != NULL); 712 OPENSSL_assert(ctx != NULL || ext != NULL);
714 assert(ctx == NULL || ctx->verify_cb != NULL); 713 OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
715 714
716 /* 715 /*
717 * Figure out where to start. If we don't have an extension to 716 * Figure out where to start. If we don't have an extension to
@@ -724,7 +723,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
724 } else { 723 } else {
725 i = 0; 724 i = 0;
726 x = sk_X509_value(chain, i); 725 x = sk_X509_value(chain, i);
727 assert(x != NULL); 726 OPENSSL_assert(x != NULL);
728 if ((ext = x->rfc3779_asid) == NULL) 727 if ((ext = x->rfc3779_asid) == NULL)
729 goto done; 728 goto done;
730 } 729 }
@@ -757,7 +756,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
757 */ 756 */
758 for (i++; i < sk_X509_num(chain); i++) { 757 for (i++; i < sk_X509_num(chain); i++) {
759 x = sk_X509_value(chain, i); 758 x = sk_X509_value(chain, i);
760 assert(x != NULL); 759 OPENSSL_assert(x != NULL);
761 if (x->rfc3779_asid == NULL) { 760 if (x->rfc3779_asid == NULL) {
762 if (child_as != NULL || child_rdi != NULL) 761 if (child_as != NULL || child_rdi != NULL)
763 validation_err(X509_V_ERR_UNNESTED_RESOURCE); 762 validation_err(X509_V_ERR_UNNESTED_RESOURCE);
@@ -800,7 +799,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
800 /* 799 /*
801 * Trust anchor can't inherit. 800 * Trust anchor can't inherit.
802 */ 801 */
803 assert(x != NULL); 802 OPENSSL_assert(x != NULL);
804 if (x->rfc3779_asid != NULL) { 803 if (x->rfc3779_asid != NULL) {
805 if (x->rfc3779_asid->asnum != NULL && 804 if (x->rfc3779_asid->asnum != NULL &&
806 x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit) 805 x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-29 07:08:30 +0000