From 58532ae0477026b029a7e1446fa25fa1654ede00 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Tue, 6 Mar 2012 13:22:32 +0000
Subject: oops, revert unrelated patches

---
 crypto/engine/eng_cryptodev.c | 23 ++++++---------------
 crypto/x509v3/v3_asid.c       | 47 +++++++------------------------------------
 2 files changed, 13 insertions(+), 57 deletions(-)

(limited to 'crypto')

diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 09ef3292b5..eef1e2d814 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -186,7 +186,6 @@ get_dev_crypto(void)
 
 	if ((fd = open_dev_crypto()) == -1)
 		return (-1);
-#ifndef CRIOGET_NOT_NEEDED
 	if (ioctl(fd, CRIOGET, &retfd) == -1)
 		return (-1);
 
@@ -195,19 +194,9 @@ get_dev_crypto(void)
 		close(retfd);
 		return (-1);
 	}
-#else
-        retfd = fd;
-#endif
 	return (retfd);
 }
 
-static void put_dev_crypto(int fd)
-{
-#ifndef CRIOGET_NOT_NEEDED
-	close(fd);
-#endif
-}
-
 /* Caching version for asym operations */
 static int
 get_asym_dev_crypto(void)
@@ -293,7 +282,7 @@ get_cryptodev_ciphers(const int **cnids)
 		    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
 			nids[count++] = ciphers[i].nid;
 	}
-	put_dev_crypto(fd);
+	close(fd);
 
 	if (count > 0)
 		*cnids = nids;
@@ -330,7 +319,7 @@ get_cryptodev_digests(const int **cnids)
 		    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
 			nids[count++] = digests[i].nid;
 	}
-	put_dev_crypto(fd);
+	close(fd);
 
 	if (count > 0)
 		*cnids = nids;
@@ -468,7 +457,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	sess->cipher = cipher;
 
 	if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
-		put_dev_crypto(state->d_fd);
+		close(state->d_fd);
 		state->d_fd = -1;
 		return (0);
 	}
@@ -505,7 +494,7 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
 	} else {
 		ret = 1;
 	}
-	put_dev_crypto(state->d_fd);
+	close(state->d_fd);
 	state->d_fd = -1;
 
 	return (ret);
@@ -1095,11 +1084,11 @@ ENGINE_load_cryptodev(void)
 	 * find out what asymmetric crypto algorithms we support
 	 */
 	if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
-		put_dev_crypto(fd);
+		close(fd);
 		ENGINE_free(engine);
 		return;
 	}
-	put_dev_crypto(fd);
+	close(fd);
 
 	if (!ENGINE_set_id(engine, "cryptodev") ||
 	    !ENGINE_set_name(engine, "BSD cryptodev engine") ||
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index d2011f18f9..cff04a3558 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -358,20 +358,6 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
       goto done;
   }
 
-  /*
-   * Check for inverted range.
-   */
-  i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
-  {
-    ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
-    ASN1_INTEGER *a_min, *a_max;
-    if (a != NULL && a->type == ASIdOrRange_range) {
-      extract_min_max(a, &a_min, &a_max);
-      if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
-	goto done;
-    }
-  }
-
   ret = 1;
 
  done:
@@ -406,18 +392,9 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
     return 1;
 
   /*
-   * If not a list, or if empty list, it's broken.
-   */
-  if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
-      sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) {
-    X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
-	      X509V3_R_EXTENSION_VALUE_ERROR);
-    return 0;
-  }
-
-  /*
-   * We have a non-empty list.  Sort it.
+   * We have a list.  Sort it.
    */
+  OPENSSL_assert(choice->type == ASIdentifierChoice_asIdsOrRanges);
   sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
 
   /*
@@ -437,13 +414,6 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
      */
     OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
 
-    /*
-     * Punt inverted ranges.
-     */
-    if (ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
-	ASN1_INTEGER_cmp(b_min, b_max) > 0)
-      goto done;
-
     /*
      * Check for overlaps.
      */
@@ -528,7 +498,6 @@ static void *v2i_ASIdentifiers(struct v3_ext_method *method,
 			       struct v3_ext_ctx *ctx,
 			       STACK_OF(CONF_VALUE) *values)
 {
-  ASN1_INTEGER *min = NULL, *max = NULL;
   ASIdentifiers *asid = NULL;
   int i;
 
@@ -539,6 +508,7 @@ static void *v2i_ASIdentifiers(struct v3_ext_method *method,
 
   for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
     CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
+    ASN1_INTEGER *min = NULL, *max = NULL;
     int i1, i2, i3, is_range, which;
 
     /*
@@ -608,19 +578,18 @@ static void *v2i_ASIdentifiers(struct v3_ext_method *method,
       max = s2i_ASN1_INTEGER(NULL, s + i2);
       OPENSSL_free(s);
       if (min == NULL || max == NULL) {
+	ASN1_INTEGER_free(min);
+	ASN1_INTEGER_free(max);
 	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
 	goto err;
       }
-      if (ASN1_INTEGER_cmp(min, max) > 0) {
-	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_EXTENSION_VALUE_ERROR);
-	goto err;
-      }
     }
     if (!v3_asid_add_id_or_range(asid, which, min, max)) {
+      ASN1_INTEGER_free(min);
+      ASN1_INTEGER_free(max);
       X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
       goto err;
     }
-    min = max = NULL;
   }
 
   /*
@@ -632,8 +601,6 @@ static void *v2i_ASIdentifiers(struct v3_ext_method *method,
 
  err:
   ASIdentifiers_free(asid);
-  ASN1_INTEGER_free(min);
-  ASN1_INTEGER_free(max);
   return NULL;
 }
 
-- 
cgit v1.2.3