Rewrite some code

Rewrite the -req-nodes flag from CA.pl (idea from Andy)
Rewrite ERR_string_error_n

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4478)

diff --git a/CHANGES b/CHANGES
index f1de3e70aa0480cf86dcd8def373214f9d75a136..892b7885c504009d81cd2cae27e8c6cd62f78338 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
 
+  *) Reimplement -newreq-nodes and ERR_error_string_n; the
+     original author does not agree with the license change.
+     [Rich Salz]
+
   *) Add ARIA AEAD TLS support.
      [Jon Spillett]
 

diff --git a/apps/CA.pl.in b/apps/CA.pl.in
index ddbc70d710f0adf2e59065c7dc4608de1116b8a3..b5c4f59446129cb287b10ab102cfe3a4e7e5295a 100644 (file)
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -127,13 +127,9 @@ if ($WHAT eq '-newcert' ) {
     # create a pre-certificate
     $RET = run("$REQ -x509 -precert -keyout $NEWKEY -out $NEWCERT $DAYS");
     print "Pre-cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;
-} elsif ($WHAT eq '-newreq' ) {
+} elsif ($WHAT =~ /\-newreq(\-nodes)?/ ) {
     # create a certificate request
-    $RET = run("$REQ -new -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
-    print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0;
-} elsif ($WHAT eq '-newreq-nodes' ) {
-    # create a certificate request
-    $RET = run("$REQ -new -nodes -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
+    $RET = run("$REQ -new $1 -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
     print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0;
 } elsif ($WHAT eq '-newca' ) {
     # create the directory hierarchy

diff --git a/crypto/err/err.c b/crypto/err/err.c
index 58a58c22b66d5bf78ce63e7552ab085ef18e1138..860b4673c14adaeacb3d16b8d9ae1f1897e11610 100644 (file)
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -542,45 +542,30 @@ void ERR_error_string_n(unsigned long e, char *buf, size_t len)
         return;
 
     l = ERR_GET_LIB(e);
-    f = ERR_GET_FUNC(e);
-    r = ERR_GET_REASON(e);
-
     ls = ERR_lib_error_string(e);
-    fs = ERR_func_error_string(e);
-    rs = ERR_reason_error_string(e);
-
-    if (ls == NULL)
+    if (ls == NULL) {
         BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
-    if (fs == NULL)
+        ls = lsbuf;
+    }
+
+    fs = ERR_func_error_string(e);
+    f = ERR_GET_FUNC(e);
+    if (fs == NULL) {
         BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
-    if (rs == NULL)
+        fs = fsbuf;
+    }
+
+    rs = ERR_reason_error_string(e);
+    r = ERR_GET_REASON(e);
+    if (rs == NULL) {
         BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
+        rs = rsbuf;
+    }
 
-    BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf,
-                 fs ? fs : fsbuf, rs ? rs : rsbuf);
+    BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, fs, rs);
     if (strlen(buf) == len - 1) {
-        /*
-         * output may be truncated; make sure we always have 5
-         * colon-separated fields, i.e. 4 colons ...
-         */
-#define NUM_COLONS 4
-        if (len > NUM_COLONS) { /* ... if possible */
-            int i;
-            char *s = buf;
-
-            for (i = 0; i < NUM_COLONS; i++) {
-                char *colon = strchr(s, ':');
-                if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) {
-                    /*
-                     * set colon no. i at last possible position (buf[len-1]
-                     * is the terminating 0)
-                     */
-                    colon = &buf[len - 1] - NUM_COLONS + i;
-                    *colon = ':';
-                }
-                s = colon + 1;
-            }
-        }
+        /* Didn't fit; use a minimal format. */
+        BIO_snprintf(buf, len, "err:%lx:%lx:%lx:%lx", e, l, f, r);
     }
 }
 
@@ -594,8 +579,7 @@ char *ERR_error_string(unsigned long e, char *ret)
 
     if (ret == NULL)
         ret = buf;
-    ERR_error_string_n(e, ret, 256);
-
+    ERR_error_string_n(e, ret, (int)sizeof(buf));
     return ret;
 }