diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-04-26 14:57:05 +0200 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-05-04 18:16:48 +0200 |
commit | 6e328484ab17f671134077962ce1aa392e512423 (patch) | |
tree | afb1a57a0f7fb9ec90399f38359679587ec3befe | |
parent | 7031f5821c4380d9c1f60a92734c940fdedfb488 (diff) |
OSSL_STORE_expect(): Improve error handling and documentation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15029)
-rw-r--r-- | crypto/store/store_lib.c | 5 | ||||
-rw-r--r-- | doc/man3/OSSL_STORE_expect.pod | 10 |
2 files changed, 11 insertions, 4 deletions
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 1a62d7f6ff..2c7c9f3226 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -241,6 +241,11 @@ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type) { int ret = 1; + if (ctx == NULL + || expected_type < 0 || expected_type > OSSL_STORE_INFO_CRL) { + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_INVALID_ARGUMENT); + return 0; + } if (ctx->loading) { ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED); return 0; diff --git a/doc/man3/OSSL_STORE_expect.pod b/doc/man3/OSSL_STORE_expect.pod index ac414e9701..8b79f35337 100644 --- a/doc/man3/OSSL_STORE_expect.pod +++ b/doc/man3/OSSL_STORE_expect.pod @@ -21,11 +21,13 @@ OSSL_STORE_find OSSL_STORE_expect() helps applications filter what OSSL_STORE_load() returns by specifying a B<OSSL_STORE_INFO> type. -For example, if C<file:/foo/bar/store.pem> contains several different objects -and only the certificates are interesting, the application can simply say +By default, no expectations on the types of objects to be loaded are made. +I<expected_type> may be 0 to indicate explicitly that no expectation is made, +or it may be any of the known object types (see +L<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS>) except for B<OSSL_STORE_INFO_NAME>. +For example, if C<file:/foo/bar/store.pem> contains several objects of different +type and only certificates are interesting, the application can simply say that it expects the type B<OSSL_STORE_INFO_CERT>. -All known object types (see L<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS>) -except for B<OSSL_STORE_INFO_NAME> are supported. OSSL_STORE_find() helps applications specify a criterion for a more fine grained search of objects. |