From: Peiwei Hu Date: Tue, 24 May 2022 16:14:35 +0000 (+0800) Subject: Fix the checks of X509_LOOKUP_* functions X-Git-Tag: openssl-3.2.0-alpha1~2490 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e22ea36fa8296b402348da8f5ab5e258be8402cf;p=thirdparty%2Fopenssl.git Fix the checks of X509_LOOKUP_* functions Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18400) --- diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 16161964b0f..53303303b43 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -1334,8 +1334,8 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, if (lookup == NULL) goto end; if (CAfile != NULL) { - if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, - libctx, propq)) { + if (X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, + libctx, propq) <= 0) { BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto end; } @@ -1350,7 +1350,7 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, if (lookup == NULL) goto end; if (CApath != NULL) { - if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) { + if (X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM) <= 0) { BIO_printf(bio_err, "Error loading directory %s\n", CApath); goto end; } diff --git a/apps/ts.c b/apps/ts.c index 2cebaa8263a..78c3aacced7 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -991,7 +991,7 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) { + if (X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM) <= 0) { BIO_printf(bio_err, "Error loading directory %s\n", CApath); goto err; } @@ -1003,8 +1003,8 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, libctx, - propq)) { + if (X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, libctx, + propq) <= 0) { BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto err; } @@ -1016,7 +1016,7 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_load_store_ex(lookup, CAstore, libctx, propq)) { + if (X509_LOOKUP_load_store_ex(lookup, CAstore, libctx, propq) <= 0) { BIO_printf(bio_err, "Error loading store URI %s\n", CAstore); goto err; } diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c index 4c2bc4defa3..7838b703d46 100644 --- a/crypto/x509/x509_d2.c +++ b/crypto/x509/x509_d2.c @@ -50,7 +50,7 @@ int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, if (file == NULL || (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file())) == NULL || X509_LOOKUP_load_file_ex(lookup, file, X509_FILETYPE_PEM, libctx, - propq) == 0) + propq) <= 0) return 0; return 1; @@ -67,7 +67,7 @@ int X509_STORE_load_path(X509_STORE *ctx, const char *path) if (path == NULL || (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir())) == NULL - || X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) == 0) + || X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) <= 0) return 0; return 1;