]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c85a509)
Fix OSSL_STORE to consider cached info in the EOF check.
authorRichard Levitte <levitte@openssl.org>
Thu, 10 Jul 2025 15:55:50 +0000 (17:55 +0200)
committerDr. David von Oheimb <dev@ddvo.net>
Sat, 26 Jul 2025 09:35:49 +0000 (11:35 +0200)
OSSL_STORE_load() called OSSL_STORE_eof() before checking if there is
cached OSSL_STORE_INFO to consider.  To fix this issue, the cached info
check is moved to OSSL_STORE_eof(), as that seems to make most common
sense.

This solves an issue with PKCS#12 files, where the cached info was never
considered because the underlying file IO layer signaled that EOF is
reached.

Fixes #28010

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/28016)

(cherry picked from commit 1f3af48c312a5f94612e9a822b78a3afdadc27c1)

crypto/store/store_lib.c patch | blob | blame | history

diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index 0b55123d814a818a5ea7d72e9844cca1bda051ab..fbd8dd77669364d183e63336def68cfd7bdb971b 100644 (file)
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -428,12 +428,6 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
     if (ctx->loader != NULL)
         OSSL_TRACE(STORE, "Loading next object\n");
 
-    if (ctx->cached_info != NULL
-        && sk_OSSL_STORE_INFO_num(ctx->cached_info) == 0) {
-        sk_OSSL_STORE_INFO_free(ctx->cached_info);
-        ctx->cached_info = NULL;
-    }
-
     if (ctx->cached_info != NULL) {
         v = sk_OSSL_STORE_INFO_shift(ctx->cached_info);
     } else {
@@ -556,14 +550,23 @@ int OSSL_STORE_error(OSSL_STORE_CTX *ctx)
 
 int OSSL_STORE_eof(OSSL_STORE_CTX *ctx)
 {
-    int ret = 1;
+    int ret = 0;
 
-    if (ctx->fetched_loader != NULL)
-        ret = ctx->loader->p_eof(ctx->loader_ctx);
+    if (ctx->cached_info != NULL
+        && sk_OSSL_STORE_INFO_num(ctx->cached_info) == 0) {
+        sk_OSSL_STORE_INFO_free(ctx->cached_info);
+        ctx->cached_info = NULL;
+    }
+
+    if (ctx->cached_info == NULL) {
+        ret = 1;
+        if (ctx->fetched_loader != NULL)
+            ret = ctx->loader->p_eof(ctx->loader_ctx);
 #ifndef OPENSSL_NO_DEPRECATED_3_0
-    if (ctx->fetched_loader == NULL)
-        ret = ctx->loader->eof(ctx->loader_ctx);
+        if (ctx->fetched_loader == NULL)
+            ret = ctx->loader->eof(ctx->loader_ctx);
 #endif
+    }
     return ret != 0;
 }
 
Mirror of https://github.com/openssl/openssl.git