From: Pauli <paul.dale@oracle.com>
Date: Fri, 7 Aug 2020 02:59:49 +0000 (+1000)
Subject: conf: add an error if the openssl_conf section isn't found.
X-Git-Tag: openssl-3.0.0-alpha7~607
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33b4f731451bcd7321ddae002c7945cd83d52f78;p=thirdparty%2Fopenssl.git

conf: add an error if the openssl_conf section isn't found.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12602)
---

diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index daf2320a194..9c3c2d6878b 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -36,6 +36,8 @@ static const ERR_STRING_DATA CONF_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_SUCH_FILE), "no such file"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_VALUE), "no value"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NUMBER_TOO_LARGE), "number too large"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION),
+    "openssl conf references missing section"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_RECURSIVE_DIRECTORY_INCLUDE),
     "recursive directory include"},
     {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_SSL_COMMAND_SECTION_EMPTY),
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 64473417e9e..aebf38292a3 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -107,8 +107,13 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
     OSSL_TRACE1(CONF, "Configuration in section %s\n", vsection);
     values = NCONF_get_section(cnf, vsection);
 
-    if (!values)
+    if (values == NULL) {
+        if (!(flags & CONF_MFLAGS_SILENT)) {
+            CONFerr(0, CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION);
+            ERR_add_error_data(2, "openssl_conf=", vsection);
+        }
         return 0;
+    }
 
     for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
         vl = sk_CONF_VALUE_value(values, i);
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index cca13cc78f7..2fa2af529a6 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2276,6 +2276,8 @@ CONF_R_NO_SECTION:107:no section
 CONF_R_NO_SUCH_FILE:114:no such file
 CONF_R_NO_VALUE:108:no value
 CONF_R_NUMBER_TOO_LARGE:121:number too large
+CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION:124:\
+	openssl conf references missing section
 CONF_R_RECURSIVE_DIRECTORY_INCLUDE:111:recursive directory include
 CONF_R_SSL_COMMAND_SECTION_EMPTY:117:ssl command section empty
 CONF_R_SSL_COMMAND_SECTION_NOT_FOUND:118:ssl command section not found
diff --git a/include/openssl/conferr.h b/include/openssl/conferr.h
index 1afa12bd560..80bf53f3653 100644
--- a/include/openssl/conferr.h
+++ b/include/openssl/conferr.h
@@ -68,6 +68,7 @@ int ERR_load_CONF_strings(void);
 # define CONF_R_NO_SUCH_FILE                              114
 # define CONF_R_NO_VALUE                                  108
 # define CONF_R_NUMBER_TOO_LARGE                          121
+# define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION   124
 # define CONF_R_RECURSIVE_DIRECTORY_INCLUDE               111
 # define CONF_R_SSL_COMMAND_SECTION_EMPTY                 117
 # define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND             118