| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
For an OID of excessive length >= 2^12, a->length << 20L is undefined,
so add a cast to the target type of (unsigned long).
From Kenjiro Nakayama
|
| |
|
|
|
|
|
|
| |
This is undefined for a ca->type of ADDED_LNAME (2) and ADDED_NID (3)
when ca->type << 30L results in a shift into the sign bit, so add a
cast to the target type of unsigned long.
From Kenjiro Nakayama
|
| |
|
|
|
|
|
|
|
| |
lhash_local.h was previously needed since conf/conf_api.c and
objects/obj_dat.c were fiddling with lhash internals when deleting via a
callback. Since we no longer need to do that, inline the structs in
lhash.c and remove the header.
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This removes internals of these two special snowflakes and will allow
further simplifications. Unfortunately, there are some pieces of
software that actually use LHASH_OF() (looking at you, pound, Ruby, and
openssl(1)), so we get to keep exposing this garbage, at least for now.
Expose lh_error() as a symbol to replace a macro reaching into _LHASH.
lh_down_load() is no longer available. _LHASH and _STACK are now opaque,
LHASH_NODE becomes internal-only.
from jsing
|
| |
|
|
|
|
|
| |
This is another implementation detail that should never have leaked out
of the library. Only OBJ_create() ever used this.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The only reason this has still been part of the public API was that libssl
used it for cipher lookup. This was fixed by replacing the lookup by proper
bsearch() -- why OpenSSL felt the need to reinvent ANSI C API badly will
forever remain a mystery.
The stack code in libcrypto still uses a version of this. This should
be rewritten. It will be a bit easier once sk_find_ex() is removed.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Make these functions always fail. A copy of OBJ_bsearch_ex_() is kept
in stack.c, where it is still used by internal_find() for sk_find{,_ex}().
sk_find_ex() will be removed in the upcoming bump, and then we can
simplify or rewrite what's still needed.
ok jsing
|
| |
|
|
|
|
|
|
| |
It is now safe to call delete from an lhash doall callback - stop fiddling
wit hash table internals from lhash doall callers that previously has to
workaround this themselves.
ok tb@
|
| |
|
|
|
| |
With check_defer() gone, this is never set to anything but 0, so the two
conditional branches it is still involved in are dead code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This was a mechanism to ensure that OBJ_cleanup() doesn't remove the
ASN1_OBJECT associated with a custom cipher or digest (that was added
with EVP_add_{cipher,digest}(), while the latter is still referenced
in the OBJ_NAME table.
It had the effect that OBJ_cleanup() wasn't actually called ever from
OPENSSL_cleanup() (it is only called if you load the OID conf module).
Oh, and of course it was once part of the public API. I fixed that two
years ago, almost exactly to the day. Still mentioned in OBJ_create.3.
|
| |
|
|
|
| |
In all other places, the short name comes before the long name, so fix
the only exception.
|
| | |
|
| |
|
|
| |
Done.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
discussed with deraadt and jsing
|
| |
|
|
| |
No code change
|
| |
|
|
|
| |
First get the obj corresponding to nid, then inspect its sn and ln.
Shaves off 40 lines of code and will simplify locking.
|
| |
|
|
|
|
|
| |
This is now yet another identical copy of the same code...
Next step will be to dedup.
ok jsing
|
| |
|
|
|
|
|
| |
This is exactly the same as the previous OBJ_nid2ln() change modulo
s/ln/sn/g.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If nid is in the range of built-in NIDs, return the corresponding
long name, unless some genius left a hole. Otherwise perform a yolo
check if there are any user-added objects with matching nid in the
global hash.
This changes behavior in that we now push an OBJ_R_UNKNOWN_NID error
onto the stack even if there are no user-added objects.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This is s/sn/ln/g of the previous commit and eliminates another
OBJ_bsearch_() user, the last one in this file. The bsearch() uses
in this file are possibly the only ones that actually make sense
since we're searching tables of roughly 1000 entries.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Another OBJ_bsearch_() elimination.
OBJ_sn2nid() is very similar to OBJ_obj2nid(). First it tries to retrieve
an object identifier with matching "short name" from the global hash of
added objects and then searches the table of built-in objects.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Continue with OBJ_bsearch_() elimination.
OBJ_obj2nid() first checks if the object identifier passed in has a nid
and if so, it returns that. Otherwise, it looks into the global hash of
added objects (of course without locking) for a match and then returns
the nid thereof. As a last attempt, it searches the table of built-in
object identifiers.
The last two steps can be cleaned up and simplified quite a bit by using
C99 initializers, bsearch() and an appropriate comparison function. Then
it becomes obvious that bsearch() already returns a pointer to the nid
we're looking for, so there is no point in converting that into its
corresponding obj and returning the nid thereof.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is no need for a helper function to obfuscate lh_ADDED_OBJ_new().
Just call the real thing directly.
Adding an object with a NID of NID_undef basically amounts to disabling
a built-in OID. It does so in an incoherent fashion and the caller can't
easily tell success from failure of the operation. Arguably the result is
a corrupted objects table.
Let's not allow adding such an object in an attempt at keeping things
slightly more coherent.
Issue noted and initial diff by schwarze while writing documentation
ok schwarze
|
| | |
|
| |
|
|
| |
ok jsing
|
| | |
|
| | |
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
This also avoids more undefined behavior with memcmp().
ok jsing
PS: Unsolicited advice for no one in particular: there is this awesome tool
called grep. If someone reports an issue, you might want to use it to find
more instances.
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
Instead of adding a NUL termination to OBJ_obj2txt(), move the aobj == NULL
or aobj->data == NULL checks to i2t_ASN1_OBJECT_internal(). The only other
caller, i2t_ASN1_OBJECT(), fails on aobj == NULL and aobj->length == 0, and
the latter condition is implied by aobj->data.
Cleaner solution for obj_dat.c r1.52
suggested by/ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
OBJ_obj2txt() is often called without error checking and is used for
reporting unexpected or malformed objects. As such, we should ensure
buf is a string even on failure. This had long been the case before it
was lost in a recent rewrite. If obj and obj->data are both non-NULL
this is already taken care of by i2t_ASN1_OBJECT_internal(), so many
callers were still safe.
ok miod
|
| |
|
|
|
|
|
| |
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
| |
|
|
|
|
|
|
|
|
|
| |
The current OBJ_txt2obj() implementation converts the text to ASN.1
object content octets, builds a full DER encoding from it, then feeds
the entire thing back through the DER to ASN.1 object conversion. Rather
than doing this crazy dance, provide an t2i_ASN1_OBJECT_internal() function
that converts the text to ASN.1 object content octets, then creates a new
ASN1_OBJECT and attaches the content octets to it.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
Rewrite the ASN1_OBJECT content to ascii/text conversion code using CBB and
CBS. Currently there is a strange split with i2t_ASN1_OBJECT() calling
OBJ_obj2txt() which implements the conversion, while OBJ_txt2obj() calls
back into the misnamed a2d_ASN1_OBJECT() function. Move the conversion
code into asn1/a_object.c and have OBJ_txt2obj() call that instead.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current implementation uses an unsigned long, then switches to BN once
the arc exceeds its size. However, the complexity of BN_bn2dec() is
quadratic in the length of number being converted. This means that OIDs
with excessively large arcs take a lot of computation to convert to text.
While the X.660 specification states that arcs are unbounded, in reality
they are not overly large numbers - 640K^W64 bits ought to be enough for
any arc. Remove BN entirely, switch from unsigned long to uin64_t and fail
if an arc exceeds this size.
Identified via oss-fuzz timeouts - should fix #41028 and #44372.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
Currently OBJ_obj2nid() with NID_undef returns NID_ccitt - this is due to
doing a lookup on an empty value and having NID_undef conflict with an
uninitialised NID value.
Somewhat based on OpenSSL 0fb99904809.
ok tb@
|
| |
|
|
|
|
|
|
| |
OBJ_length() turns the int obj->length into a size_t, so add
an overflow check. While obj->length should never be negative,
who knows...
ok jsing
|
