Submitted by: Julia Lawall <julia@diku.dk> (a25f33d2) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+10 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,10 @@

		Changes between 0.9.8k and 1.0 [xx XXX xxxx]

		*) The function EVP_PKEY_sign() returns <=0 on error: check return code
		correctly.
		[Julia Lawall <julia@diku.dk>]

		*) Update verify callback code in apps/s_cb.c and apps/verify.c, it
		needlessly dereferenced structures, used obsolete functions and
		didn't handle all updated verify codes correctly.
		@@ -819,6 +823,12 @@

		Changes between 0.9.8k and 0.9.8l [xx XXX xxxx]

		*) The functions ENGINE_ctrl(), OPENSSL_isservice(),
		CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
		fixes for a few places where the return code is not checked
		correctly.
		[Julia Lawall <julia@diku.dk>]

		*) Add --strict-warnings option to Configure script to include devteam
		warnings in other configurations.
		[Steve Henson]

+1 −1

Original line number	Diff line number	Diff line
		@@ -649,7 +649,7 @@ static ASN1_INTEGER *create_nonce(int bits)

		/* Generating random byte sequence. */
		if (len > (int)sizeof(buf)) goto err;
		if (!RAND_bytes(buf, len)) goto err;
		if (RAND_bytes(buf, len) <= 0) goto err;

		/* Find the first non-zero byte and creating ASN1_INTEGER object. */
		for (i = 0; i < len && !buf[i]; ++i);

+2 −2

Original line number	Diff line number	Diff line
		@@ -344,7 +344,7 @@ int cms_Receipt_verify(CMS_ContentInfo cms, CMS_ContentInfo req_cms)

		/* Get original receipt request details */

		if (!CMS_get1_ReceiptRequest(osi, &rr))
		if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)
		{
		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
		goto err;
		@@ -385,7 +385,7 @@ ASN1_OCTET_STRING cms_encode_Receipt(CMS_SignerInfo si)

		/* Get original receipt request details */

		if (!CMS_get1_ReceiptRequest(si, &rr))
		if (CMS_get1_ReceiptRequest(si, &rr) <= 0)
		{
		CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
		goto err;

+1 −1

Original line number	Diff line number	Diff line
		@@ -860,7 +860,7 @@ void OPENSSL_showfatal (const char *fmta,...)

		#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
		/* this -------------v--- guards NT-specific calls */
		if (GetVersion() < 0x80000000 && OPENSSL_isservice())
		if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)
		{ HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
		const TCHAR *pmsg=buf;
		ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);

+4 −4

Original line number	Diff line number	Diff line
		@@ -280,7 +280,7 @@ int ENGINE_ctrl_cmd(ENGINE e, const char cmd_name,
		}
		/* Force the result of the control command to 0 or 1, for the reasons
		* mentioned before. */
		if (ENGINE_ctrl(e, num, i, p, f))
		if (ENGINE_ctrl(e, num, i, p, f) > 0)
		return 1;
		return 0;
		}
		@@ -345,7 +345,7 @@ int ENGINE_ctrl_cmd_string(ENGINE e, const char cmd_name, const char *arg,
		* usage of these commands is consistent across applications and
		* that certain applications don't understand it one way, and
		* others another. */
		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
		return 1;
		return 0;
		}
		@@ -360,7 +360,7 @@ int ENGINE_ctrl_cmd_string(ENGINE e, const char cmd_name, const char *arg,
		if(flags & ENGINE_CMD_FLAG_STRING)
		{
		/* Same explanation as above */
		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
		return 1;
		return 0;
		}
		@@ -383,7 +383,7 @@ int ENGINE_ctrl_cmd_string(ENGINE e, const char cmd_name, const char *arg,
		}
		/* Force the result of the control command to 0 or 1, for the reasons
		* mentioned before. */
		if(ENGINE_ctrl(e, num, l, NULL, NULL))
		if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
		return 1;
		return 0;
		}