From: Richard Levitte <levitte@openssl.org>
Date: Tue, 16 Feb 2021 00:19:58 +0000 (+0100)
Subject: Fix backward incompatibility revolving around OSSL_HTTP_REQ_CTX_sendreq_d2i()
X-Git-Tag: openssl-3.0.0-alpha12~14
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e5ac413b2d3d6bcff57446f06f3d05650921f182;p=thirdparty%2Fopenssl.git

Fix backward incompatibility revolving around OSSL_HTTP_REQ_CTX_sendreq_d2i()

The OSSL_HTTP_REQ_CTX API has a few changes compared to the older
OCSP_REQ_CTX API which are not quite obvious at first sight.

The old OCSP_REQ_CTX_nbio_d2i() took three arguments, of which one is
an output argument, and return an int, while the newer
OSSL_HTTP_REQ_CTX_sendreq_d2i() returns the value directly and thereby
takes one less argument.

The mapping from the old to the new wasn't quite right, this corrects
it, along with a couple of X509 macros that needed the same kind of
fix.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/14196)
---

diff --git a/include/openssl/ocsp.h.in b/include/openssl/ocsp.h.in
index c104b72d8e3..3c5de154943 100644
--- a/include/openssl/ocsp.h.in
+++ b/include/openssl/ocsp.h.in
@@ -189,8 +189,8 @@ typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX;
         OSSL_HTTP_REQ_CTX_i2d(r, "application/ocsp-request", i, req)
 #   define OCSP_REQ_CTX_nbio(r) \
         OSSL_HTTP_REQ_CTX_nbio(r)
-#   define OCSP_REQ_CTX_nbio_d2i(r, i) \
-        OSSL_HTTP_REQ_CTX_sendreq_d2i(r, i)
+#   define OCSP_REQ_CTX_nbio_d2i(r, p, i)        \
+        ((*(p) = OSSL_HTTP_REQ_CTX_sendreq_d2i(r, i)) != NULL)
 #   define OCSP_REQ_CTX_get0_mem_bio(r) \
         OSSL_HTTP_REQ_CTX_get0_mem_bio(r)
 #   define OCSP_set_max_response_length(r, l) \
diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in
index 7fc1558b18d..32aea0e0db0 100644
--- a/include/openssl/x509.h.in
+++ b/include/openssl/x509.h.in
@@ -403,13 +403,13 @@ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
                      unsigned char *md, unsigned int *len);
 
 X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-# define X509_http_nbio(rctx, pcert) \
-    OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, (ASN1_VALUE **)(pcert), \
-                                  ASN1_ITEM_rptr(X509))
+# define X509_http_nbio(rctx, pcert)                                    \
+    ((*(pcert) =                                                        \
+      OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, ASN1_ITEM_rptr(X509))) != NULL)
 X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-# define X509_CRL_http_nbio(rctx, pcrl) \
-    OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, (ASN1_VALUE **)(pcrl), \
-                                  ASN1_ITEM_rptr(X509_CRL))
+# define X509_CRL_http_nbio(rctx, pcrl)                                 \
+    ((*(pcrl) =                                                         \
+      OSSL_HTTP_REQ_CTX_sendreq_d2i(rctx, ASN1_ITEM_rptr(X509_CRL))) != NULL)
 
 # ifndef OPENSSL_NO_STDIO
 X509 *d2i_X509_fp(FILE *fp, X509 **x509);