Print this page
4853 illumos-gate is not lint-clean when built with openssl 1.0
Reviewed by Keith Wesolowski <keith.wesolowski@joyent.com>
Reviewed by Alexander Eremin <alexander.eremin@nexenta.com>

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libpkg/common/security.c
          +++ new/usr/src/lib/libpkg/common/security.c
↓ open down ↓ 102 lines elided ↑ open up ↑
 103  103  
 104  104          if ((ca_store = X509_STORE_new()) == NULL) {
 105  105                  pkgerr_add(err, PKGERR_NOMEM,
 106  106                      gettext(ERR_MEM));
 107  107                  ret = 1;
 108  108                  goto cleanup;
 109  109          }
 110  110  
 111  111          /* add all ca certs into the store */
 112  112          for (i = 0; i < sk_X509_num(cas); i++) {
 113      -                /* LINTED pointer cast may result in improper alignment */
 114  113                  ca_cert = sk_X509_value(cas, i);
 115  114                  if (X509_STORE_add_cert(ca_store, ca_cert) == 0) {
 116  115                          pkgerr_add(err, PKGERR_NOMEM, gettext(ERR_MEM));
 117  116                          ret = 1;
 118  117                          goto cleanup;
 119  118                  }
 120  119          }
 121  120  
 122  121          /* initialize context object used during the chain resolution */
 123  122  
↓ open down ↓ 43 lines elided ↑ open up ↑
 167  166  {
 168  167  
 169  168          X509_NAME       *xname;
 170  169          static char     sname[ATTR_MAX];
 171  170  
 172  171          xname = X509_get_subject_name(cert);
 173  172          if (X509_NAME_get_text_by_NID(xname,
 174  173              NID_commonName, sname,
 175  174              ATTR_MAX) <= 0) {
 176  175                  (void) strncpy(sname,
 177      -                    X509_NAME_oneline(xname,
 178      -                        NULL, 0), ATTR_MAX);
      176 +                    X509_NAME_oneline(xname, NULL, 0), ATTR_MAX);
 179  177                  sname[ATTR_MAX - 1] = '\0';
 180  178          }
 181  179          return (sname);
 182  180  }
 183  181  
 184  182  /*
 185  183   * Name:                get_display_name
 186  184   * Description: Retrieves a name used for identifying a certificate's issuer.
 187  185   *
 188  186   * Arguments:   cert - The certificate to get the name from
↓ open down ↓ 9 lines elided ↑ open up ↑
 198  196  {
 199  197  
 200  198          X509_NAME       *xname;
 201  199          static char     sname[ATTR_MAX];
 202  200  
 203  201          xname = X509_get_issuer_name(cert);
 204  202          if (X509_NAME_get_text_by_NID(xname,
 205  203              NID_commonName, sname,
 206  204              ATTR_MAX) <= 0) {
 207  205                  (void) strncpy(sname,
 208      -                    X509_NAME_oneline(xname,
 209      -                        NULL, 0), ATTR_MAX);
      206 +                    X509_NAME_oneline(xname, NULL, 0), ATTR_MAX);
 210  207                  sname[ATTR_MAX - 1] = '\0';
 211  208          }
 212  209          return (sname);
 213  210  }
 214  211  
 215  212  
 216  213  /*
 217  214   * Name:                get_serial_num
 218  215   * Description: Retrieves the serial number of an X509 cert
 219  216   *
↓ open down ↓ 63 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX