Fix typo in OCSP nonce extension.

Set correct type in ASN1_STRING for
INTEGER and ENUMERATED types.

Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
return -1 for invalid type rather than 0 (which is
often valid). -1 may also be valid but this is less
likely.

Load OCSP error strings in ERR_load_crypto_strings().

diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c
index b507c5ee44bb56c4189b0f97e3219ad38ba4d292..8a315fa37144c46423c0fc471d3a759b4de9cafa 100644 (file)
--- a/crypto/asn1/a_enum.c
+++ b/crypto/asn1/a_enum.c
@@ -114,7 +114,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
        if (i == V_ASN1_NEG_ENUMERATED)
                neg=1;
        else if (i != V_ASN1_ENUMERATED)
-               return(0);
+               return -1;
        
        if (a->length > sizeof(long))
                {
@@ -122,7 +122,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
                return(0xffffffffL);
                }
        if (a->data == NULL)
-               return(0);
+               return 0;
 
        for (i=0; i<a->length; i++)
                {

diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index c18376be48a09cdd16679cb971a927d9938c1aa4..b0fc97ea273a3e0debf1504f71a0524b87c676f1 100644 (file)
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -360,7 +360,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a)
        if (i == V_ASN1_NEG_INTEGER)
                neg=1;
        else if (i != V_ASN1_INTEGER)
-               return(0);
+               return -1;
        
        if (a->length > sizeof(long))
                {
@@ -368,7 +368,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a)
                return(0xffffffffL);
                }
        if (a->data == NULL)
-               return(0);
+               return 0;
 
        for (i=0; i<a->length; i++)
                {

diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 930ee7025b20a674891a10315adbf4723e49d925..22e5b4ab525ae15e2c5fad8312fb0de50ed200c6 100644 (file)
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -657,6 +657,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
        ASN1_TYPE *typ = NULL;
        int ret = 0;
        const ASN1_PRIMITIVE_FUNCS *pf;
+       ASN1_INTEGER **tint;
        pf = it->funcs;
        if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
        /* If ANY type clear type and set pointer to internal value */
@@ -700,7 +701,10 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
                case V_ASN1_NEG_INTEGER:
                case V_ASN1_ENUMERATED:
                case V_ASN1_NEG_ENUMERATED:
-               if(!c2i_ASN1_INTEGER((ASN1_INTEGER **)pval, &cont, len)) goto err;
+               tint = (ASN1_INTEGER **)pval;
+               if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err;
+               /* Fixup type to match the expected form */
+               (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
                break;
 
                case V_ASN1_OCTET_STRING:

diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
index d4f169ec011d9963a993f6b03905535eba7501a4..f465f260c26915ca5d6ed06e62b16eda694976da 100644 (file)
--- a/crypto/err/err_all.c
+++ b/crypto/err/err_all.c
@@ -83,6 +83,7 @@
 #include <openssl/rand.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#include <openssl/ocsp.h>
 #include <openssl/err.h>
 
 void ERR_load_crypto_strings(void)
@@ -122,5 +123,6 @@ void ERR_load_crypto_strings(void)
        ERR_load_RAND_strings();
        ERR_load_DSO_strings();
        ERR_load_ENGINE_strings();
+       ERR_load_OCSP_strings();
 #endif
        }

diff --git a/crypto/x509v3/v3_ocsp.c b/crypto/x509v3/v3_ocsp.c
index c65dbfa9f73b466b06cec155f455213ff90633dc..d21b6fbedb74e6876f4bf0cd069a709c5905058f 100644 (file)
--- a/crypto/x509v3/v3_ocsp.c
+++ b/crypto/x509v3/v3_ocsp.c
@@ -173,7 +173,7 @@ static void *ocsp_nonce_new(void)
 static int i2d_ocsp_nonce(void *a, unsigned char **pp)
 {
        ASN1_OCTET_STRING *os = a;
-       if(*pp) {
+       if(pp) {
                memcpy(*pp, os->data, os->length);
                *pp += os->length;
        }