diff options
| author | Matt Caswell <matt@openssl.org> | 2020-09-24 10:42:23 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-10-01 09:25:20 +0100 |
| commit | d8652be06e2778e8898453a391deb7253e1a35a2 (patch) | |
| tree | fe40e22edb39642aa7ae633320c1900388f2e7ee /ssl | |
| parent | aedac96c1172ca9a9efe72e027e935504b599e2f (diff) | |
| download | openssl-new-d8652be06e2778e8898453a391deb7253e1a35a2.tar.gz | |
Run the withlibctx.pl script
Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_cert.c | 14 | ||||
| -rw-r--r-- | ssl/ssl_conf.c | 7 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 28 | ||||
| -rw-r--r-- | ssl/ssl_rsa.c | 12 | ||||
| -rw-r--r-- | ssl/statem/extensions.c | 12 | ||||
| -rw-r--r-- | ssl/statem/extensions_srvr.c | 27 | ||||
| -rw-r--r-- | ssl/statem/statem_clnt.c | 9 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 17 | ||||
| -rw-r--r-- | ssl/statem/statem_srvr.c | 9 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 13 |
10 files changed, 67 insertions, 81 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index ace164f673..e6a9f57f11 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -380,7 +380,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) else verify_store = s->ctx->cert_store; - ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq); + ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE); return 0; @@ -605,9 +605,9 @@ static unsigned long xname_hash(const X509_NAME *a) return X509_NAME_hash((X509_NAME *)a); } -STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, - OPENSSL_CTX *libctx, - const char *propq) +STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, + OPENSSL_CTX *libctx, + const char *propq) { BIO *in = BIO_new(BIO_s_file()); X509 *x = NULL; @@ -621,7 +621,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, goto err; } - x = X509_new_with_libctx(libctx, propq); + x = X509_new_ex(libctx, propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); goto err; @@ -676,7 +676,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { - return SSL_load_client_CA_file_with_libctx(file, NULL, NULL); + return SSL_load_client_CA_file_ex(file, NULL, NULL); } int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, @@ -881,7 +881,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) untrusted = cpk->chain; } - xs_ctx = X509_STORE_CTX_new_with_libctx(real_ctx->libctx, ctx->propq); + xs_ctx = X509_STORE_CTX_new_ex(real_ctx->libctx, ctx->propq); if (xs_ctx == NULL) { SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE); goto err; diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index acf9385785..26071cc2a1 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -492,13 +492,12 @@ static int do_store(SSL_CONF_CTX *cctx, return 0; } - if (CAfile != NULL && !X509_STORE_load_file_with_libctx(*st, CAfile, - libctx, propq)) + if (CAfile != NULL && !X509_STORE_load_file_ex(*st, CAfile, libctx, propq)) return 0; if (CApath != NULL && !X509_STORE_load_path(*st, CApath)) return 0; - if (CAstore != NULL && !X509_STORE_load_store_with_libctx(*st, CAstore, - libctx, propq)) + if (CAstore != NULL && !X509_STORE_load_store_ex(*st, CAstore, libctx, + propq)) return 0; return 1; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 64ecdccb8f..6f5d2fee28 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3123,8 +3123,8 @@ static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) * via ssl.h. */ -SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, - const SSL_METHOD *meth) +SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, + const SSL_METHOD *meth) { SSL_CTX *ret = NULL; @@ -3178,7 +3178,7 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, if (ret->cert_store == NULL) goto err; #ifndef OPENSSL_NO_CT - ret->ctlog_store = CTLOG_STORE_new_with_libctx(libctx, propq); + ret->ctlog_store = CTLOG_STORE_new_ex(libctx, propq); if (ret->ctlog_store == NULL) goto err; #endif @@ -3331,7 +3331,7 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) { - return SSL_CTX_new_with_libctx(NULL, NULL, meth); + return SSL_CTX_new_ex(NULL, NULL, meth); } int SSL_CTX_up_ref(SSL_CTX *ctx) @@ -4290,8 +4290,8 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) { - return X509_STORE_set_default_paths_with_libctx(ctx->cert_store, - ctx->libctx, ctx->propq); + return X509_STORE_set_default_paths_ex(ctx->cert_store, ctx->libctx, + ctx->propq); } int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx) @@ -4323,8 +4323,8 @@ int SSL_CTX_set_default_verify_file(SSL_CTX *ctx) /* We ignore errors, in case the directory doesn't exist */ ERR_set_mark(); - X509_LOOKUP_load_file_with_libctx(lookup, NULL, X509_FILETYPE_DEFAULT, - ctx->libctx, ctx->propq); + X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx, + ctx->propq); ERR_pop_to_mark(); @@ -4342,7 +4342,7 @@ int SSL_CTX_set_default_verify_store(SSL_CTX *ctx) /* We ignore errors, in case the directory doesn't exist */ ERR_set_mark(); - X509_LOOKUP_add_store_with_libctx(lookup, NULL, ctx->libctx, ctx->propq); + X509_LOOKUP_add_store_ex(lookup, NULL, ctx->libctx, ctx->propq); ERR_pop_to_mark(); @@ -4351,8 +4351,8 @@ int SSL_CTX_set_default_verify_store(SSL_CTX *ctx) int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile) { - return X509_STORE_load_file_with_libctx(ctx->cert_store, CAfile, - ctx->libctx, ctx->propq); + return X509_STORE_load_file_ex(ctx->cert_store, CAfile, ctx->libctx, + ctx->propq); } int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath) @@ -4362,8 +4362,8 @@ int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath) int SSL_CTX_load_verify_store(SSL_CTX *ctx, const char *CAstore) { - return X509_STORE_load_store_with_libctx(ctx->cert_store, CAstore, - ctx->libctx, ctx->propq); + return X509_STORE_load_store_ex(ctx->cert_store, CAstore, ctx->libctx, + ctx->propq); } int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, @@ -5194,7 +5194,7 @@ int ssl_validate_ct(SSL *s) } } - ctx = CT_POLICY_EVAL_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq); + ctx = CT_POLICY_EVAL_CTX_new_ex(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_VALIDATE_CT, ERR_R_MALLOC_FAILURE); diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 76270b677e..51604b8a87 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -64,7 +64,7 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); goto end; } - x = X509_new_with_libctx(ssl->ctx->libctx, ssl->ctx->propq); + x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); goto end; @@ -98,7 +98,7 @@ int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) X509 *x; int ret; - x = X509_new_with_libctx(ssl->ctx->libctx, ssl->ctx->propq); + x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); return 0; @@ -398,7 +398,7 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); goto end; } - x = X509_new_with_libctx(ctx->libctx, ctx->propq); + x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); goto end; @@ -428,7 +428,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) X509 *x; int ret; - x = X509_new_with_libctx(ctx->libctx, ctx->propq); + x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); return 0; @@ -634,7 +634,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) goto end; } - x = X509_new_with_libctx(real_ctx->libctx, real_ctx->propq); + x = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (x == NULL) { SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE); goto end; @@ -673,7 +673,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) } while (1) { - ca = X509_new_with_libctx(real_ctx->libctx, real_ctx->propq); + ca = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (ca == NULL) { SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE); goto end; diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index ec38b2f6a0..65c6de1373 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1596,10 +1596,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, goto err; } - mackey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC", - s->ctx->propq, - finishedkey, - hashsize); + mackey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, finishedkey, + hashsize); if (mackey == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER, ERR_R_INTERNAL_ERROR); @@ -1610,9 +1609,8 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, binderout = tmpbinder; bindersize = hashsize; - if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - mackey) <= 0 + if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->libctx, + s->ctx->propq, mackey) <= 0 || EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0 || EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0 || bindersize != hashsize) { diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 46a8e44442..9ec48ef56a 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -767,11 +767,10 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, /* Verify the HMAC of the cookie */ hctx = EVP_MD_CTX_create(); - pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC", - s->ctx->propq, - s->session_ctx->ext.cookie_hmac_key, - sizeof(s->session_ctx->ext - .cookie_hmac_key)); + pkey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, + s->session_ctx->ext.cookie_hmac_key, + sizeof(s->session_ctx->ext.cookie_hmac_key)); if (hctx == NULL || pkey == NULL) { EVP_MD_CTX_free(hctx); EVP_PKEY_free(pkey); @@ -781,8 +780,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } hmaclen = SHA256_DIGEST_LENGTH; - if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", - s->ctx->libctx, s->ctx->propq, pkey) <= 0 + if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx, + s->ctx->propq, pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, data, rawlen - SHA256_DIGEST_LENGTH) <= 0 || hmaclen != SHA256_DIGEST_LENGTH) { @@ -1860,20 +1859,18 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, /* HMAC the cookie */ hctx = EVP_MD_CTX_create(); - pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC", - s->ctx->propq, - s->session_ctx->ext.cookie_hmac_key, - sizeof(s->session_ctx->ext - .cookie_hmac_key)); + pkey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, + s->session_ctx->ext.cookie_hmac_key, + sizeof(s->session_ctx->ext.cookie_hmac_key)); if (hctx == NULL || pkey == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, ERR_R_MALLOC_FAILURE); goto err; } - if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", - s->ctx->libctx, s->ctx->propq, - pkey) <= 0 + if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx, + s->ctx->propq, pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, cookie, totcookielen) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a3e7b5ad0a..cb5130c713 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1854,7 +1854,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) } certstart = certbytes; - x = X509_new_with_libctx(s->ctx->libctx, s->ctx->propq); + x = X509_new_ex(s->ctx->libctx, s->ctx->propq); if (x == NULL) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE); @@ -2373,10 +2373,9 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) goto err; } - if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestVerifyInit_ex(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 618a58d659..ef4067a749 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -316,10 +316,8 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_with_libctx(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestSignInit_ex(mctx, &pctx, md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB); goto err; @@ -512,10 +510,9 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) OSSL_TRACE1(TLS, "Using client verify alg %s\n", md == NULL ? "n/a" : EVP_MD_name(md)); - if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestVerifyInit_ex(mctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB); goto err; @@ -1003,8 +1000,8 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk) chain_store = s->ctx->cert_store; if (chain_store != NULL) { - X509_STORE_CTX *xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, - s->ctx->propq); + X509_STORE_CTX *xs_ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, + s->ctx->propq); if (xs_ctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN, diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index a1a28e905a..2da037a248 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2803,10 +2803,9 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestSignInit_ex(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); @@ -3673,7 +3672,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) } certstart = certbytes; - x = X509_new_with_libctx(s->ctx->libctx, s->ctx->propq); + x = X509_new_ex(s->ctx->libctx, s->ctx->propq); if (x == NULL) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 52b4ffe132..fbef9c1a86 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -373,11 +373,9 @@ int tls1_change_cipher_state(SSL *s, int which) if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) { if (mac_type == EVP_PKEY_HMAC) { - mac_key = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, - "HMAC", - s->ctx->propq, - mac_secret, - *mac_secret_size); + mac_key = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, mac_secret, + *mac_secret_size); } else { /* * If its not HMAC then the only other types of MAC we support are @@ -388,9 +386,8 @@ int tls1_change_cipher_state(SSL *s, int which) (int)*mac_secret_size); } if (mac_key == NULL - || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m), - s->ctx->libctx, s->ctx->propq, - mac_key) <= 0) { + || EVP_DigestSignInit_ex(mac_ctx, NULL, EVP_MD_name(m), + s->ctx->libctx, s->ctx->propq, mac_key) <= 0) { EVP_PKEY_free(mac_key); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); |