diff options
author | Richard Levitte <levitte@openssl.org> | 2017-06-29 21:47:54 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2017-06-29 22:11:40 +0200 |
commit | 5ee407460b3b68aa4695f17cf8c43e0d07cb18a8 (patch) | |
tree | 74b5bced7daa6b7b76b47a0c9d786df922fd3f91 /crypto | |
parent | 6f9c5062682c0f30d62af54b15ad6904e4dd8cb6 (diff) | |
download | openssl-5ee407460b3b68aa4695f17cf8c43e0d07cb18a8.tar.gz |
STORE: Make sure the loader to be registered is complete
Most of the loader function pointers are crucial, they must be defined
unconditionally. Therefore, let's make sure OSSL_STORE_register_loader
refuses to register incomplete loaders
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3805)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/err/openssl.txt | 1 | ||||
-rw-r--r-- | crypto/store/store_err.c | 2 | ||||
-rw-r--r-- | crypto/store/store_register.c | 8 |
3 files changed, 11 insertions, 0 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 87aea05511..4eaef1ae11 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1990,6 +1990,7 @@ OSSL_STORE_R_BAD_PASSWORD_READ:115:bad password read OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC:113:error verifying pkcs12 mac OSSL_STORE_R_INVALID_SCHEME:106:invalid scheme OSSL_STORE_R_IS_NOT_A:112:is not a +OSSL_STORE_R_LOADER_INCOMPLETE:116:loader incomplete OSSL_STORE_R_NOT_A_CERTIFICATE:100:not a certificate OSSL_STORE_R_NOT_A_CRL:101:not a crl OSSL_STORE_R_NOT_A_KEY:102:not a key diff --git a/crypto/store/store_err.c b/crypto/store/store_err.c index aad643b163..86a15c9a97 100644 --- a/crypto/store/store_err.c +++ b/crypto/store/store_err.c @@ -85,6 +85,8 @@ static const ERR_STRING_DATA OSSL_STORE_str_reasons[] = { {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_INVALID_SCHEME), "invalid scheme"}, {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_IS_NOT_A), "is not a"}, + {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_LOADER_INCOMPLETE), + "loader incomplete"}, {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CERTIFICATE), "not a certificate"}, {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CRL), "not a crl"}, diff --git a/crypto/store/store_register.c b/crypto/store/store_register.c index c7feec39d6..7af1925f23 100644 --- a/crypto/store/store_register.c +++ b/crypto/store/store_register.c @@ -153,6 +153,14 @@ int ossl_store_register_loader_int(OSSL_STORE_LOADER *loader) return 0; } + /* Check that functions we absolutely require are present */ + if (loader->open == NULL || loader->load == NULL || loader->eof == NULL + || loader->error == NULL || loader->close == NULL) { + OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT, + OSSL_STORE_R_LOADER_INCOMPLETE); + return 0; + } + if (!RUN_ONCE(®istry_init, do_registry_init)) { OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT, ERR_R_MALLOC_FAILURE); |