Commit d3b5cb53 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Check return value of gmtime() and add error codes 

where it fails in ASN1_TIME_set().

Edit asn1.h so the new error code is the same in 0.9.7
and 0.9.8, rebuild new error codes.

Clear error queue in req.c if *_min or *_max is absent.
parent 97e6bf6b

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -381,6 +381,10 @@ TODO: bug: pad x with leading zeros if necessary 
 

 Changes between 0.9.7 and 0.9.7a  [XX xxx 2003]



  *) Under Win32 gmtime() can return NULL: check return value in

     OPENSSL_gmtime(). Add error code for case where gmtime() fails.

     [Steve Henson]



  *) DSA routines: under certain error conditions uninitialized BN objects

     could be freed. Solution: make sure initialization is performed early

     enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,

apps/req.c

+6 −0
Original line number Diff line number Diff line
@@ -1318,11 +1318,17 @@ start: for (;;) 


			sprintf(buf,"%s_min",v->name);

			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))

				{

				ERR_clear_error();

				n_min = -1;

				}



			sprintf(buf,"%s_max",v->name);

			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))

				{

				ERR_clear_error();

				n_max = -1;

				}



			if (!add_DN_object(subj,v->value,def,value,nid,

				n_min,n_max, chtype))

crypto/asn1/a_time.c

+3 −0
Original line number Diff line number Diff line
@@ -105,7 +105,10 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) 


	ts=OPENSSL_gmtime(&t,&data);

	if (ts == NULL)

		{

		ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);

		return NULL;

		}

	if((ts->tm_year >= 50) && (ts->tm_year < 150))

					return ASN1_UTCTIME_set(s, t);

	return ASN1_GENERALIZEDTIME_set(s,t);

crypto/asn1/asn1.h

+31 −30
Original line number Diff line number Diff line
@@ -965,8 +965,8 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_F_A2I_ASN1_ENUMERATED			 101

#define ASN1_F_A2I_ASN1_INTEGER				 102

#define ASN1_F_A2I_ASN1_STRING				 103

#define ASN1_F_APPEND_TAG				 177

#define ASN1_F_ASN1_CB					 178

#define ASN1_F_APPEND_TAG				 176

#define ASN1_F_ASN1_CB					 177

#define ASN1_F_ASN1_CHECK_TLEN				 104

#define ASN1_F_ASN1_COLLATE_PRIMITIVE			 105

#define ASN1_F_ASN1_COLLECT				 106
@@ -977,7 +977,7 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_F_ASN1_DUP					 111

#define ASN1_F_ASN1_ENUMERATED_SET			 112

#define ASN1_F_ASN1_ENUMERATED_TO_BN			 113

#define ASN1_F_ASN1_GENERATE_V3				 182

#define ASN1_F_ASN1_GENERATE_V3				 178

#define ASN1_F_ASN1_GET_OBJECT				 114

#define ASN1_F_ASN1_HEADER_NEW				 115

#define ASN1_F_ASN1_I2D_BIO				 116
@@ -999,6 +999,7 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_F_ASN1_TEMPLATE_D2I			 131

#define ASN1_F_ASN1_TEMPLATE_EX_D2I			 132

#define ASN1_F_ASN1_TEMPLATE_NEW			 133

#define ASN1_F_ASN1_TIME_SET				 175

#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING		 134

#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING		 135

#define ASN1_F_ASN1_UNPACK_STRING			 136
@@ -1028,15 +1029,14 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_F_D2I_X509_PKEY				 159

#define ASN1_F_I2D_ASN1_TIME				 160

#define ASN1_F_I2D_DSA_PUBKEY				 161

#define ASN1_F_I2D_ECDSA_PUBKEY				 174

#define ASN1_F_I2D_EC_PUBKEY				 176

#define ASN1_F_I2D_EC_PUBKEY				 181

#define ASN1_F_I2D_NETSCAPE_RSA				 162

#define ASN1_F_I2D_PRIVATEKEY				 163

#define ASN1_F_I2D_PUBLICKEY				 164

#define ASN1_F_I2D_RSA_PUBKEY				 165

#define ASN1_F_LONG_C2I					 166

#define ASN1_F_OID_MODULE_INIT				 175

#define ASN1_F_PARSE_TAGGING				 181

#define ASN1_F_OID_MODULE_INIT				 174

#define ASN1_F_PARSE_TAGGING				 182

#define ASN1_F_PKCS5_PBE2_SET				 167

#define ASN1_F_X509_CINF_NEW				 168

#define ASN1_F_X509_CRL_ADD0_REVOKED			 169
@@ -1059,8 +1059,9 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_R_DATA_IS_WRONG				 109

#define ASN1_R_DECODE_ERROR				 110

#define ASN1_R_DECODING_ERROR				 111

#define ASN1_R_DEPTH_EXCEEDED				 173

#define ASN1_R_DEPTH_EXCEEDED				 174

#define ASN1_R_ENCODE_ERROR				 112

#define ASN1_R_ERROR_GETTING_TIME			 173

#define ASN1_R_ERROR_LOADING_SECTION			 172

#define ASN1_R_ERROR_PARSING_SET_ELEMENT		 113

#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS		 114
@@ -1073,57 +1074,57 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_R_FIELD_MISSING				 121

#define ASN1_R_FIRST_NUM_TOO_LARGE			 122

#define ASN1_R_HEADER_TOO_LONG				 123

#define ASN1_R_ILLEGAL_BITSTRING_FORMAT			 174

#define ASN1_R_ILLEGAL_BOOLEAN				 175

#define ASN1_R_ILLEGAL_BITSTRING_FORMAT			 175

#define ASN1_R_ILLEGAL_BOOLEAN				 176

#define ASN1_R_ILLEGAL_CHARACTERS			 124

#define ASN1_R_ILLEGAL_FORMAT				 176

#define ASN1_R_ILLEGAL_HEX				 177

#define ASN1_R_ILLEGAL_IMPLICIT_TAG			 178

#define ASN1_R_ILLEGAL_INTEGER				 179

#define ASN1_R_ILLEGAL_NESTED_TAGGING			 180

#define ASN1_R_ILLEGAL_FORMAT				 177

#define ASN1_R_ILLEGAL_HEX				 178

#define ASN1_R_ILLEGAL_IMPLICIT_TAG			 179

#define ASN1_R_ILLEGAL_INTEGER				 180

#define ASN1_R_ILLEGAL_NESTED_TAGGING			 181

#define ASN1_R_ILLEGAL_NULL				 125

#define ASN1_R_ILLEGAL_NULL_VALUE			 181

#define ASN1_R_ILLEGAL_OBJECT				 182

#define ASN1_R_ILLEGAL_NULL_VALUE			 182

#define ASN1_R_ILLEGAL_OBJECT				 183

#define ASN1_R_ILLEGAL_OPTIONAL_ANY			 126

#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE		 170

#define ASN1_R_ILLEGAL_TAGGED_ANY			 127

#define ASN1_R_ILLEGAL_TIME_VALUE			 183

#define ASN1_R_INTEGER_NOT_ASCII_FORMAT			 184

#define ASN1_R_ILLEGAL_TIME_VALUE			 184

#define ASN1_R_INTEGER_NOT_ASCII_FORMAT			 185

#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG		 128

#define ASN1_R_INVALID_BMPSTRING_LENGTH			 129

#define ASN1_R_INVALID_DIGIT				 130

#define ASN1_R_INVALID_MODIFIER				 185

#define ASN1_R_INVALID_NUMBER				 186

#define ASN1_R_INVALID_MODIFIER				 186

#define ASN1_R_INVALID_NUMBER				 187

#define ASN1_R_INVALID_SEPARATOR			 131

#define ASN1_R_INVALID_TIME_FORMAT			 132

#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH		 133

#define ASN1_R_INVALID_UTF8STRING			 134

#define ASN1_R_IV_TOO_LARGE				 135

#define ASN1_R_LENGTH_ERROR				 136

#define ASN1_R_LIST_ERROR				 187

#define ASN1_R_LIST_ERROR				 188

#define ASN1_R_MISSING_EOC				 137

#define ASN1_R_MISSING_SECOND_NUMBER			 138

#define ASN1_R_MISSING_VALUE				 188

#define ASN1_R_MISSING_VALUE				 189

#define ASN1_R_MSTRING_NOT_UNIVERSAL			 139

#define ASN1_R_MSTRING_WRONG_TAG			 140

#define ASN1_R_NON_HEX_CHARACTERS			 141

#define ASN1_R_NOT_ASCII_FORMAT				 189

#define ASN1_R_NOT_ASCII_FORMAT				 190

#define ASN1_R_NOT_ENOUGH_DATA				 142

#define ASN1_R_NO_MATCHING_CHOICE_TYPE			 143

#define ASN1_R_NULL_IS_WRONG_LENGTH			 144

#define ASN1_R_OBJECT_NOT_ASCII_FORMAT			 190

#define ASN1_R_OBJECT_NOT_ASCII_FORMAT			 191

#define ASN1_R_ODD_NUMBER_OF_CHARS			 145

#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 146

#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 147

#define ASN1_R_SEQUENCE_LENGTH_MISMATCH			 148

#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED			 149

#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG		 195

#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG		 192

#define ASN1_R_SHORT_LINE				 150

#define ASN1_R_STRING_TOO_LONG				 151

#define ASN1_R_STRING_TOO_SHORT				 152

#define ASN1_R_TAG_VALUE_TOO_HIGH			 153

#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154

#define ASN1_R_TIME_NOT_ASCII_FORMAT			 191

#define ASN1_R_TIME_NOT_ASCII_FORMAT			 193

#define ASN1_R_TOO_LONG					 155

#define ASN1_R_TYPE_NOT_CONSTRUCTED			 156

#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 157
@@ -1133,13 +1134,13 @@ void ERR_load_ASN1_strings(void); 
#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 161

#define ASN1_R_UNKNOWN_OBJECT_TYPE			 162

#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 163

#define ASN1_R_UNKNOWN_TAG				 192

#define ASN1_R_UNKOWN_FORMAT				 193

#define ASN1_R_UNKNOWN_TAG				 194

#define ASN1_R_UNKOWN_FORMAT				 195

#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE		 164

#define ASN1_R_UNSUPPORTED_CIPHER			 165

#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 166

#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 167

#define ASN1_R_UNSUPPORTED_TYPE				 194

#define ASN1_R_UNSUPPORTED_TYPE				 196

#define ASN1_R_WRONG_TAG				 168

#define ASN1_R_WRONG_TYPE				 169

crypto/asn1/asn1_err.c

+2 −1
Original line number Diff line number Diff line
@@ -104,6 +104,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= 
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0),	"ASN1_TEMPLATE_D2I"},

{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0),	"ASN1_TEMPLATE_EX_D2I"},

{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0),	"ASN1_TEMPLATE_NEW"},

{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0),	"ASN1_TIME_set"},

{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),	"ASN1_TYPE_get_int_octetstring"},

{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),	"ASN1_TYPE_get_octetstring"},

{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0),	"ASN1_unpack_string"},
@@ -133,7 +134,6 @@ static ERR_STRING_DATA ASN1_str_functs[]= 
{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),	"d2i_X509_PKEY"},

{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),	"I2D_ASN1_TIME"},

{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0),	"i2d_DSA_PUBKEY"},

{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0),	"I2D_ECDSA_PUBKEY"},

{ERR_PACK(0,ASN1_F_I2D_EC_PUBKEY,0),	"i2d_EC_PUBKEY"},

{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0),	"i2d_Netscape_RSA"},

{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),	"i2d_PrivateKey"},
@@ -169,6 +169,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= 
{ASN1_R_DECODING_ERROR                   ,"decoding error"},

{ASN1_R_DEPTH_EXCEEDED                   ,"depth exceeded"},

{ASN1_R_ENCODE_ERROR                     ,"encode error"},

{ASN1_R_ERROR_GETTING_TIME               ,"error getting time"},

{ASN1_R_ERROR_LOADING_SECTION            ,"error loading section"},

{ASN1_R_ERROR_PARSING_SET_ELEMENT        ,"error parsing set element"},

{ASN1_R_ERROR_SETTING_CIPHER_PARAMS      ,"error setting cipher params"},