#
5304d563 |
| 09-Nov-2023 |
Hugo Landau |
ERR: Add ERR_pop() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22674)
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
7a2bb210 |
| 03-Aug-2023 |
Hugo Landau |
QUIC TLS: Rethink error handling Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21547)
|
#
9c3ea4e1 |
| 30-May-2023 |
Tomas Mraz |
QUIC err handling: Save and restore error state We save the error state from the thread that encountered a permanent error condition caused by system or internal error to the QUIC_CH
QUIC err handling: Save and restore error state We save the error state from the thread that encountered a permanent error condition caused by system or internal error to the QUIC_CHANNEL. Then we restore it whenever we are returning to a user call when protocol is shutdown. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21087)
show more ...
|
#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
561e5cda |
| 06-Jul-2021 |
Pauli |
err: remove ERR_GET_FUNC() This is problematic in 3.0 because the function codes are all defined as zero. This leads to either every error matching or no error ever matching. Both a
err: remove ERR_GET_FUNC() This is problematic in 3.0 because the function codes are all defined as zero. This leads to either every error matching or no error ever matching. Both are problematic for users. The OTC vote resolved to remove this function completely. Fixes #15946 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16004)
show more ...
|
#
e3c50779 |
| 23-Jun-2021 |
Pauli |
err: add unable to get lock errors Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15871)
|
#
9379bf94 |
| 01-Jun-2021 |
Richard Levitte |
DECODER: use property definitions instead of getting implementation parameters The OSSL_DECODER library used to ask each decoder implementation for certain data in form of parameters to
DECODER: use property definitions instead of getting implementation parameters The OSSL_DECODER library used to ask each decoder implementation for certain data in form of parameters to place them correctly in the decoder chain, if at all. These parameters were duplicates of properties of those same implementations, and therefore unnecessarily redundant. Now that we have functionality to query property definition values, those duplicates are no longer needed, and are therefore not looked at any more. This adds the "global" error reason ERR_R_INVALID_PROPERTY_DEFINITION, which can be re-used elsewhere. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15570)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
#
de4a88a9 |
| 15-Feb-2021 |
Matt Caswell |
Duplicate the file and func error strings Errors raised from a provider that is subsequently unloaded from memory may have references to strings representing the file and function that
Duplicate the file and func error strings Errors raised from a provider that is subsequently unloaded from memory may have references to strings representing the file and function that are no longer present because the provider is no longer in memory. This can cause crashes. To avoid this we duplicate the file and func strings. Fixes #13623 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14213)
show more ...
|
Revision tags: openssl-3.0.0-alpha11 |
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
d6d42cda |
| 17-Oct-2020 |
Richard Levitte |
Use centralized fetching errors We've spread around FETCH_FAILED errors in quite a few places, and that gives somewhat crude error records, as there's no way to tell if the error was
Use centralized fetching errors We've spread around FETCH_FAILED errors in quite a few places, and that gives somewhat crude error records, as there's no way to tell if the error was unavailable algorithms or some other error at such high levels. As an alternative, we take recording of these kinds of errors down to the fetching functions, which are in a much better place to tell what kind of error it was, thereby relieving the higher level calls from having to guess. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13467)
show more ...
|
#
f6be9ae2 |
| 20-Nov-2020 |
Richard Levitte |
Switch deprecation method for ERR Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13460)
|
#
af2f14ac |
| 20-Nov-2020 |
Richard Levitte |
ERR: Drop or deprecate dangerous or overly confusing functions ERR_get_error_line() is deprecated, and ERR_get_error_func() and ERR_get_error_data() are removed in favor of ERR_get_error
ERR: Drop or deprecate dangerous or overly confusing functions ERR_get_error_line() is deprecated, and ERR_get_error_func() and ERR_get_error_data() are removed in favor of ERR_get_error_all(), since they pop the error record, leaving the caller with only partial error record data and no way to get the rest if the wish. If it's desirable to retrieve data piecemeal, the caller should consider using the diverse ERR_peek functions and finish off with ERR_get_error(). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13466)
show more ...
|
#
f5a46ed7 |
| 12-Nov-2020 |
Richard Levitte |
Modify the ERR init functions to use the internal ERR string loaders This deprecates all the ERR_load_ functions, and moves their definition to separate C source files that can easily be
Modify the ERR init functions to use the internal ERR string loaders This deprecates all the ERR_load_ functions, and moves their definition to separate C source files that can easily be removed when those functions are finally removed. This also reduces include/openssl/kdferr.h to include cryptoerr_legacy.h, moves the declaration of ERR_load_ERR_strings() from include/openssl/err.h to include/openssl/cryptoerr_legacy.h, and finally removes the declaration of ERR_load_DSO_strings(), which was entirely internal anyway. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
show more ...
|
#
4e08ea6f |
| 06-Nov-2020 |
Matt Caswell |
Allow multiple nested marks Previously we only ever allowed one mark to be set against an error in the statck. If we attempted to nest them, then we would end up clearing all the err
Allow multiple nested marks Previously we only ever allowed one mark to be set against an error in the statck. If we attempted to nest them, then we would end up clearing all the errors in the stack when we popped to the mark. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13335)
show more ...
|
#
b06e70b8 |
| 04-Nov-2020 |
Richard Levitte |
Really deprecate the old NAMEerr() macros Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13320)
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
30943516 |
| 08-Oct-2020 |
Richard Levitte |
Fix diverse ERR code conflicts There was a number of potential range conflicts between reason codes from different places. Library specific reason codes are allowed to start at 100,
Fix diverse ERR code conflicts There was a number of potential range conflicts between reason codes from different places. Library specific reason codes are allowed to start at 100, so it means that anything "global" is limited to the range 1..99. At the same time, we have the ERR_R_LIB_xxx reason codes, which have the same numbers as ERR_LIB_xxx, potential range 1..255. And then we have the common ERR_R_ reason codes, potential range in OpenSSL 1.1.1 is 1..99, where fatal reasons occupy 64..99. For OpenSSL 3.0-dev, the range for the common reason codes was pushed up to 64..99 in an attempt to reduce the conflicts with the ERR_R_LIB_xxx reason codes. Currently existing conflicts in OpenSSL 1.1.1: ERR_R_BUF_LIB and ERR_R_PASSED_INVALID_ARGUMENT have the same code. There are currently no existing conflicts in OpenSSL 3.0-dev, but considering that ERR_LIB_HTTP is 61, a few more modules and associated ERR_R_LIB_xxx are going to sniff awfully close to 64, where the common ERR_R_ codes currently start. To avoid these range conflicts, the strategy to recognise common reason codes is change to depend on a reason flag, ERR_RFLAG_COMMON, and the common error codes themselves have moved start at 256, giving them the potential range 256..2^18-1, and thus allowing ERR_R_LIB_xxx the full range of library codes, 1..255. The dual purpose ERR_R_FATAL is also handled in this change, by allowing the rflags and reason codes to overlap by 1 bit, and make both ERR_R_FATAL and ERR_RFLAG_FATAL have the same value, 2^18. With this change, there's no need to worry about reason code conflicts any more, every library specific range as well as the common range is 1..2^18-1. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13093)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
efffd8a6 |
| 11-Sep-2020 |
Matt Caswell |
Update err.h to use the new lhash generation code Generate the lhash macros for the ERR_STRING_DATA type Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://
Update err.h to use the new lhash generation code Generate the lhash macros for the ERR_STRING_DATA type Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12860)
show more ...
|