Commit 5ee40746 authored by Richard Levitte's avatar Richard Levitte
Browse files

STORE: Make sure the loader to be registered is complete 



Most of the loader function pointers are crucial, they must be defined
unconditionally.  Therefore, let's make sure OSSL_STORE_register_loader
refuses to register incomplete loaders

Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3805)
parent 6f9c5062

crypto/err/openssl.txt

+1 −0
Original line number Diff line number Diff line
@@ -1990,6 +1990,7 @@ OSSL_STORE_R_BAD_PASSWORD_READ:115:bad password read 
OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC:113:error verifying pkcs12 mac

OSSL_STORE_R_INVALID_SCHEME:106:invalid scheme

OSSL_STORE_R_IS_NOT_A:112:is not a

OSSL_STORE_R_LOADER_INCOMPLETE:116:loader incomplete

OSSL_STORE_R_NOT_A_CERTIFICATE:100:not a certificate

OSSL_STORE_R_NOT_A_CRL:101:not a crl

OSSL_STORE_R_NOT_A_KEY:102:not a key

crypto/store/store_err.c

+2 −0
Original line number Diff line number Diff line
@@ -85,6 +85,8 @@ static const ERR_STRING_DATA OSSL_STORE_str_reasons[] = { 
    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_INVALID_SCHEME),

    "invalid scheme"},

    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_IS_NOT_A), "is not a"},

    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_LOADER_INCOMPLETE),

    "loader incomplete"},

    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CERTIFICATE),

    "not a certificate"},

    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CRL), "not a crl"},

crypto/store/store_register.c

+8 −0
Original line number Diff line number Diff line
@@ -153,6 +153,14 @@ int ossl_store_register_loader_int(OSSL_STORE_LOADER *loader) 
        return 0;

    }



    /* Check that functions we absolutely require are present */

    if (loader->open == NULL || loader->load == NULL || loader->eof == NULL

        || loader->error == NULL || loader->close == NULL) {

        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT,

                      OSSL_STORE_R_LOADER_INCOMPLETE);

        return 0;

    }



    if (!RUN_ONCE(&registry_init, do_registry_init)) {

        OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT,

                      ERR_R_MALLOC_FAILURE);

include/openssl/storeerr.h

+1 −0
Original line number Diff line number Diff line
@@ -62,6 +62,7 @@ int ERR_load_OSSL_STORE_strings(void); 
# define OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC          113

# define OSSL_STORE_R_INVALID_SCHEME                      106

# define OSSL_STORE_R_IS_NOT_A                            112

# define OSSL_STORE_R_LOADER_INCOMPLETE                   116

# define OSSL_STORE_R_NOT_A_CERTIFICATE                   100

# define OSSL_STORE_R_NOT_A_CRL                           101

# define OSSL_STORE_R_NOT_A_KEY                           102