diff options
author | Rich Salz <rsalz@openssl.org> | 2017-04-20 15:33:42 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-04-20 15:33:42 -0400 |
commit | c0452248ea1a59a41023a4765ef7d9825e80a62b (patch) | |
tree | acf05d2312af49b5cc0b60f9ba38a720458fac3c /CHANGES | |
parent | 0444c52a5ff3c2c09f8d7f0f5b464e10231de032 (diff) |
Ignore dups in X509_STORE_add_*
X509_STORE_add_cert and X509_STORE_add_crl are changed to return
success if the object to be added was already found in the store, rather
than returning an error.
Raise errors if empty or malformed files are read when loading certificates
and CRLs.
Remove NULL checks and allow a segv to occur.
Add error handing for all calls to X509_STORE_add_c{ert|tl}
Refactor these two routines into one.
Bring the unit test for duplicate certificates up to date using the test
framework.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2830)
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -22,6 +22,12 @@ platform rather than 'mingw'. [Richard Levitte] + *) The functions X509_STORE_add_cert and X509_STORE_add_crl return + success if they are asked to add an object which already exists + in the store. This change cascades to other functions which load + certificates and CRLs. + [Paul Dale] + *) x86_64 assembly pack: annotate code with DWARF CFI directives to facilitate stack unwinding even from assembly subroutines. [Andy Polyakov] |