diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-10-06 11:06:12 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-10-07 11:26:35 -0400 |
| commit | fa4dd546c531ba2ec886531aa5adfd480ed2a094 (patch) | |
| tree | 5fabd6cb65e4d2801b33607816a265567f9dd883 | |
| parent | 6447e8184cf6deca233d38ab3e9c9aa6ba60e9a5 (diff) | |
Rewrite some code
Rewrite the -req-nodes flag from CA.pl (idea from Andy)
Rewrite ERR_string_error_n
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4478)
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | apps/CA.pl.in | 8 | ||||
| -rw-r--r-- | crypto/err/err.c | 54 |
3 files changed, 25 insertions, 41 deletions
@@ -9,6 +9,10 @@ Changes between 1.1.0f and 1.1.1 [xx XXX xxxx] + *) Reimplement -newreq-nodes and ERR_error_string_n; the + original author does not agree with the license change. + [Rich Salz] + *) Add ARIA AEAD TLS support. [Jon Spillett] diff --git a/apps/CA.pl.in b/apps/CA.pl.in index ddbc70d710..b5c4f59446 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -127,13 +127,9 @@ if ($WHAT eq '-newcert' ) { # create a pre-certificate $RET = run("$REQ -x509 -precert -keyout $NEWKEY -out $NEWCERT $DAYS"); print "Pre-cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0; -} elsif ($WHAT eq '-newreq' ) { +} elsif ($WHAT =~ /\-newreq(\-nodes)?/ ) { # create a certificate request - $RET = run("$REQ -new -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}"); - print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0; -} elsif ($WHAT eq '-newreq-nodes' ) { - # create a certificate request - $RET = run("$REQ -new -nodes -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}"); + $RET = run("$REQ -new $1 -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}"); print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0; } elsif ($WHAT eq '-newca' ) { # create the directory hierarchy diff --git a/crypto/err/err.c b/crypto/err/err.c index 58a58c22b6..860b4673c1 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -542,45 +542,30 @@ void ERR_error_string_n(unsigned long e, char *buf, size_t len) return; l = ERR_GET_LIB(e); - f = ERR_GET_FUNC(e); - r = ERR_GET_REASON(e); - ls = ERR_lib_error_string(e); - fs = ERR_func_error_string(e); - rs = ERR_reason_error_string(e); - - if (ls == NULL) + if (ls == NULL) { BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); - if (fs == NULL) + ls = lsbuf; + } + + fs = ERR_func_error_string(e); + f = ERR_GET_FUNC(e); + if (fs == NULL) { BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); - if (rs == NULL) + fs = fsbuf; + } + + rs = ERR_reason_error_string(e); + r = ERR_GET_REASON(e); + if (rs == NULL) { BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); + rs = rsbuf; + } - BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf, - fs ? fs : fsbuf, rs ? rs : rsbuf); + BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, fs, rs); if (strlen(buf) == len - 1) { - /* - * output may be truncated; make sure we always have 5 - * colon-separated fields, i.e. 4 colons ... - */ -#define NUM_COLONS 4 - if (len > NUM_COLONS) { /* ... if possible */ - int i; - char *s = buf; - - for (i = 0; i < NUM_COLONS; i++) { - char *colon = strchr(s, ':'); - if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) { - /* - * set colon no. i at last possible position (buf[len-1] - * is the terminating 0) - */ - colon = &buf[len - 1] - NUM_COLONS + i; - *colon = ':'; - } - s = colon + 1; - } - } + /* Didn't fit; use a minimal format. */ + BIO_snprintf(buf, len, "err:%lx:%lx:%lx:%lx", e, l, f, r); } } @@ -594,8 +579,7 @@ char *ERR_error_string(unsigned long e, char *ret) if (ret == NULL) ret = buf; - ERR_error_string_n(e, ret, 256); - + ERR_error_string_n(e, ret, (int)sizeof(buf)); return ret; } |