From 3dca75268619b0b918cd1da71f402c2dcd3ceddb Mon Sep 17 00:00:00 2001 From: tb Date: Mon, 24 Jun 2024 06:43:22 +0000 Subject: [PATCH] libcrypto: constify most error string tables These constitute the bulk of the remaining global mutable state in libcrypto. This commit moves most of them into data.rel.ro, leaving out ERR_str_{functs,libraries,reasons} (which require a slightly different approach) and SYS_str_reasons which is populated on startup. The main observation is that if ERR_load_strings() is called with a 0 lib argument, the ERR_STRING_DATA argument is not actually modified. We could use this fact to cast away const on the caller side and be done with it. We can make this cleaner by adding a helper ERR_load_const_strings() which explicitly avoids the assignment to str->error overriding the error code already set in the table. In order for this to work, we need to sprinkle some const in err/err.c. CMS called ERR_load_strings() with non-0 lib argument, but this didn't actually modify the error data since it ored in the value already stored in the table. Annoyingly, we need to cast const away once, namely in the call to lh_insert() in int_err_set_item(). Fixing this would require changing the public API and is going to be tricky since it requires that the LHASH_DOALL_FN_* types adjust. ok jsing --- lib/libcrypto/Makefile | 3 +- lib/libcrypto/asn1/asn1_err.c | 12 ++-- lib/libcrypto/bio/bio_err.c | 12 ++-- lib/libcrypto/bn/bn_err.c | 12 ++-- lib/libcrypto/buffer/buf_err.c | 12 ++-- lib/libcrypto/cms/cms_err.c | 12 ++-- lib/libcrypto/conf/conf_err.c | 12 ++-- lib/libcrypto/cpt_err.c | 12 ++-- lib/libcrypto/ct/ct_err.c | 12 ++-- lib/libcrypto/dh/dh_err.c | 14 ++-- lib/libcrypto/dsa/dsa_err.c | 12 ++-- lib/libcrypto/ec/ec_err.c | 13 ++-- lib/libcrypto/err/err.c | 47 +++++++----- lib/libcrypto/err/err_local.h | 123 ++++++++++++++++++++++++++++++++ lib/libcrypto/evp/evp_err.c | 12 ++-- lib/libcrypto/kdf/kdf_err.c | 12 ++-- lib/libcrypto/objects/obj_err.c | 12 ++-- lib/libcrypto/ocsp/ocsp_err.c | 12 ++-- lib/libcrypto/pem/pem_err.c | 12 ++-- lib/libcrypto/pkcs12/pk12err.c | 12 ++-- lib/libcrypto/pkcs7/pkcs7err.c | 12 ++-- lib/libcrypto/rand/rand_err.c | 12 ++-- lib/libcrypto/rsa/rsa_err.c | 12 ++-- lib/libcrypto/ts/ts_err.c | 12 ++-- lib/libcrypto/ui/ui_err.c | 12 ++-- lib/libcrypto/x509/x509_err.c | 20 +++--- 26 files changed, 321 insertions(+), 139 deletions(-) create mode 100644 lib/libcrypto/err/err_local.h diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 564dc011692..7b926db11cb 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.195 2024/05/24 19:16:53 tb Exp $ +# $OpenBSD: Makefile,v 1.196 2024/06/24 06:43:22 tb Exp $ LIB= crypto LIBREBUILD=y @@ -36,6 +36,7 @@ CFLAGS+= -I${LCRYPTO_SRC}/dh CFLAGS+= -I${LCRYPTO_SRC}/dsa CFLAGS+= -I${LCRYPTO_SRC}/ec CFLAGS+= -I${LCRYPTO_SRC}/ecdsa +CFLAGS+= -I${LCRYPTO_SRC}/err CFLAGS+= -I${LCRYPTO_SRC}/evp CFLAGS+= -I${LCRYPTO_SRC}/hidden CFLAGS+= -I${LCRYPTO_SRC}/hmac diff --git a/lib/libcrypto/asn1/asn1_err.c b/lib/libcrypto/asn1/asn1_err.c index 28570386f63..44809c76b1f 100644 --- a/lib/libcrypto/asn1/asn1_err.c +++ b/lib/libcrypto/asn1/asn1_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1_err.c,v 1.26 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: asn1_err.c,v 1.27 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason) -static ERR_STRING_DATA ASN1_str_functs[] = { +static const ERR_STRING_DATA ASN1_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA ASN1_str_reasons[] = { +static const ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_REASON(ASN1_R_ADDING_OBJECT) , "adding object"}, {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR) , "asn1 parse error"}, {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) , "asn1 sig parse error"}, @@ -206,8 +208,8 @@ ERR_load_ASN1_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) { - ERR_load_strings(0, ASN1_str_functs); - ERR_load_strings(0, ASN1_str_reasons); + ERR_load_const_strings(ASN1_str_functs); + ERR_load_const_strings(ASN1_str_reasons); } #endif } diff --git a/lib/libcrypto/bio/bio_err.c b/lib/libcrypto/bio/bio_err.c index 36fabca21c8..4541adb240b 100644 --- a/lib/libcrypto/bio/bio_err.c +++ b/lib/libcrypto/bio/bio_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_err.c,v 1.20 2023/07/05 21:23:37 beck Exp $ */ +/* $OpenBSD: bio_err.c,v 1.21 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason) -static ERR_STRING_DATA BIO_str_functs[] = { +static const ERR_STRING_DATA BIO_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA BIO_str_reasons[] = { +static const ERR_STRING_DATA BIO_str_reasons[] = { {ERR_REASON(BIO_R_ACCEPT_ERROR) , "accept error"}, {ERR_REASON(BIO_R_BAD_FOPEN_MODE) , "bad fopen mode"}, {ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP) , "bad hostname lookup"}, @@ -112,8 +114,8 @@ ERR_load_BIO_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) { - ERR_load_strings(0, BIO_str_functs); - ERR_load_strings(0, BIO_str_reasons); + ERR_load_const_strings(BIO_str_functs); + ERR_load_const_strings(BIO_str_reasons); } #endif } diff --git a/lib/libcrypto/bn/bn_err.c b/lib/libcrypto/bn/bn_err.c index 6fd6030a0c6..3ee6b4311f8 100644 --- a/lib/libcrypto/bn/bn_err.c +++ b/lib/libcrypto/bn/bn_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_err.c,v 1.17 2023/07/08 12:21:58 beck Exp $ */ +/* $OpenBSD: bn_err.c,v 1.18 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason) -static ERR_STRING_DATA BN_str_functs[]= { +static const ERR_STRING_DATA BN_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA BN_str_reasons[]= { +static const ERR_STRING_DATA BN_str_reasons[] = { {ERR_REASON(BN_R_ARG2_LT_ARG3) , "arg2 lt arg3"}, {ERR_REASON(BN_R_BAD_RECIPROCAL) , "bad reciprocal"}, {ERR_REASON(BN_R_BIGNUM_TOO_LONG) , "bignum too long"}, @@ -100,8 +102,8 @@ ERR_load_BN_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(BN_str_functs[0].error) == NULL) { - ERR_load_strings(0, BN_str_functs); - ERR_load_strings(0, BN_str_reasons); + ERR_load_const_strings(BN_str_functs); + ERR_load_const_strings(BN_str_reasons); } #endif } diff --git a/lib/libcrypto/buffer/buf_err.c b/lib/libcrypto/buffer/buf_err.c index 3b045cf589a..8637a06a76a 100644 --- a/lib/libcrypto/buffer/buf_err.c +++ b/lib/libcrypto/buffer/buf_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: buf_err.c,v 1.13 2023/07/08 08:26:26 beck Exp $ */ +/* $OpenBSD: buf_err.c,v 1.14 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason) -static ERR_STRING_DATA BUF_str_functs[] = { +static const ERR_STRING_DATA BUF_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA BUF_str_reasons[] = { +static const ERR_STRING_DATA BUF_str_reasons[] = { {0, NULL} }; @@ -81,8 +83,8 @@ ERR_load_BUF_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) { - ERR_load_strings(0, BUF_str_functs); - ERR_load_strings(0, BUF_str_reasons); + ERR_load_const_strings(BUF_str_functs); + ERR_load_const_strings(BUF_str_reasons); } #endif } diff --git a/lib/libcrypto/cms/cms_err.c b/lib/libcrypto/cms/cms_err.c index 5758a26db5d..5431ab4bb81 100644 --- a/lib/libcrypto/cms/cms_err.c +++ b/lib/libcrypto/cms/cms_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms_err.c,v 1.14 2023/07/08 08:26:26 beck Exp $ */ +/* $OpenBSD: cms_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ /* * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * @@ -11,17 +11,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason) -static ERR_STRING_DATA CMS_str_functs[] = { +static const ERR_STRING_DATA CMS_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA CMS_str_reasons[] = { +static const ERR_STRING_DATA CMS_str_reasons[] = { {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ADD_SIGNER_ERROR), "add signer error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_ALREADY_PRESENT), "certificate already present"}, @@ -155,8 +157,8 @@ ERR_load_CMS_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(CMS_str_functs[0].error) == NULL) { - ERR_load_strings(ERR_LIB_CMS, CMS_str_functs); - ERR_load_strings(ERR_LIB_CMS, CMS_str_reasons); + ERR_load_const_strings(CMS_str_functs); + ERR_load_const_strings(CMS_str_reasons); } #endif return 1; diff --git a/lib/libcrypto/conf/conf_err.c b/lib/libcrypto/conf/conf_err.c index 9a44f22fa2f..5100847d890 100644 --- a/lib/libcrypto/conf/conf_err.c +++ b/lib/libcrypto/conf/conf_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_err.c,v 1.16 2024/04/09 13:56:30 beck Exp $ */ +/* $OpenBSD: conf_err.c,v 1.17 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason) -static ERR_STRING_DATA CONF_str_functs[]= { +static const ERR_STRING_DATA CONF_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA CONF_str_reasons[]= { +static const ERR_STRING_DATA CONF_str_reasons[] = { {ERR_REASON(CONF_R_ERROR_LOADING_DSO) , "error loading dso"}, {ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL) , "list cannot be null"}, {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET), "missing close square bracket"}, @@ -98,8 +100,8 @@ ERR_load_CONF_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) { - ERR_load_strings(0, CONF_str_functs); - ERR_load_strings(0, CONF_str_reasons); + ERR_load_const_strings(CONF_str_functs); + ERR_load_const_strings(CONF_str_reasons); } #endif } diff --git a/lib/libcrypto/cpt_err.c b/lib/libcrypto/cpt_err.c index ff4e5c4bc52..459b99d433c 100644 --- a/lib/libcrypto/cpt_err.c +++ b/lib/libcrypto/cpt_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cpt_err.c,v 1.15 2023/07/08 08:28:23 beck Exp $ */ +/* $OpenBSD: cpt_err.c,v 1.16 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,12 +60,14 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason) -static ERR_STRING_DATA CRYPTO_str_functs[] = { +static const ERR_STRING_DATA CRYPTO_str_functs[] = { {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"}, {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"}, {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"}, @@ -79,7 +81,7 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = { {0, NULL} }; -static ERR_STRING_DATA CRYPTO_str_reasons[] = { +static const ERR_STRING_DATA CRYPTO_str_reasons[] = { {ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"}, {ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK), "no dynlock create callback"}, {0, NULL} @@ -92,8 +94,8 @@ ERR_load_CRYPTO_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) { - ERR_load_strings(0, CRYPTO_str_functs); - ERR_load_strings(0, CRYPTO_str_reasons); + ERR_load_const_strings(CRYPTO_str_functs); + ERR_load_const_strings(CRYPTO_str_reasons); } #endif } diff --git a/lib/libcrypto/ct/ct_err.c b/lib/libcrypto/ct/ct_err.c index 2597874bd3b..494f88b8986 100644 --- a/lib/libcrypto/ct/ct_err.c +++ b/lib/libcrypto/ct/ct_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ct_err.c,v 1.7 2022/07/12 14:42:48 kn Exp $ */ +/* $OpenBSD: ct_err.c,v 1.8 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -56,9 +56,11 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA CT_str_functs[] = { +static const ERR_STRING_DATA CT_str_functs[] = { {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW, 0), "CTLOG_new"}, {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW_FROM_BASE64, 0), "CTLOG_new_from_base64"}, @@ -101,7 +103,7 @@ static ERR_STRING_DATA CT_str_functs[] = { {0, NULL} }; -static ERR_STRING_DATA CT_str_reasons[] = { +static const ERR_STRING_DATA CT_str_reasons[] = { {ERR_PACK(ERR_LIB_CT, 0, CT_R_BASE64_DECODE_ERROR), "base64 decode error"}, {ERR_PACK(ERR_LIB_CT, 0, CT_R_INVALID_LOG_ID_LENGTH), @@ -140,8 +142,8 @@ int ERR_load_CT_strings(void) { if (ERR_func_error_string(CT_str_functs[0].error) == NULL) { - ERR_load_strings(0, CT_str_functs); - ERR_load_strings(0, CT_str_reasons); + ERR_load_const_strings(CT_str_functs); + ERR_load_const_strings(CT_str_reasons); } return 1; } diff --git a/lib/libcrypto/dh/dh_err.c b/lib/libcrypto/dh/dh_err.c index 52fec7848b6..568eff57522 100644 --- a/lib/libcrypto/dh/dh_err.c +++ b/lib/libcrypto/dh/dh_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_err.c,v 1.21 2024/05/19 08:22:40 tb Exp $ */ +/* $OpenBSD: dh_err.c,v 1.22 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -57,20 +57,22 @@ #include -#include #include +#include + +#include "err_local.h" #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason) -static ERR_STRING_DATA DH_str_functs[] = { +static const ERR_STRING_DATA DH_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA DH_str_reasons[] = { +static const ERR_STRING_DATA DH_str_reasons[] = { {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, {ERR_REASON(DH_R_BN_DECODE_ERROR) ,"bn decode error"}, {ERR_REASON(DH_R_BN_ERROR) ,"bn error"}, @@ -104,8 +106,8 @@ ERR_load_DH_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(DH_str_functs[0].error) == NULL) { - ERR_load_strings(0, DH_str_functs); - ERR_load_strings(0, DH_str_reasons); + ERR_load_const_strings(DH_str_functs); + ERR_load_const_strings(DH_str_reasons); } #endif } diff --git a/lib/libcrypto/dsa/dsa_err.c b/lib/libcrypto/dsa/dsa_err.c index 048fa8df4bc..b7670f895b8 100644 --- a/lib/libcrypto/dsa/dsa_err.c +++ b/lib/libcrypto/dsa/dsa_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_err.c,v 1.21 2024/05/19 08:22:40 tb Exp $ */ +/* $OpenBSD: dsa_err.c,v 1.22 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason) -static ERR_STRING_DATA DSA_str_functs[] = { +static const ERR_STRING_DATA DSA_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA DSA_str_reasons[] = { +static const ERR_STRING_DATA DSA_str_reasons[] = { {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, {ERR_REASON(DSA_R_BN_DECODE_ERROR) ,"bn decode error"}, {ERR_REASON(DSA_R_BN_ERROR) ,"bn error"}, @@ -94,8 +96,8 @@ ERR_load_DSA_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) { - ERR_load_strings(0, DSA_str_functs); - ERR_load_strings(0, DSA_str_reasons); + ERR_load_const_strings(DSA_str_functs); + ERR_load_const_strings(DSA_str_reasons); } #endif } diff --git a/lib/libcrypto/ec/ec_err.c b/lib/libcrypto/ec/ec_err.c index 7ecbb665692..2a6c419b57e 100644 --- a/lib/libcrypto/ec/ec_err.c +++ b/lib/libcrypto/ec/ec_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_err.c,v 1.19 2024/05/19 08:26:03 tb Exp $ */ +/* $OpenBSD: ec_err.c,v 1.20 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason) -static ERR_STRING_DATA EC_str_functs[] = { +static const ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA EC_str_reasons[] = { +static const ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"}, {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"}, {ERR_REASON(EC_R_BAD_SIGNATURE), "bad signature"}, @@ -140,10 +142,9 @@ void ERR_load_EC_strings(void) { #ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(EC_str_functs[0].error) == NULL) { - ERR_load_strings(0, EC_str_functs); - ERR_load_strings(0, EC_str_reasons); + ERR_load_const_strings(EC_str_functs); + ERR_load_const_strings(EC_str_reasons); } #endif } diff --git a/lib/libcrypto/err/err.c b/lib/libcrypto/err/err.c index a7b13a54042..583293e793e 100644 --- a/lib/libcrypto/err/err.c +++ b/lib/libcrypto/err/err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err.c,v 1.60 2024/03/02 11:37:13 tb Exp $ */ +/* $OpenBSD: err.c,v 1.61 2024/06/24 06:43:22 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -244,9 +244,9 @@ struct st_ERR_FNS { /* Works on the "error_hash" string table */ LHASH_OF(ERR_STRING_DATA) *(*cb_err_get)(int create); void (*cb_err_del)(void); - ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); - ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *); - ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *); + const ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); + const ERR_STRING_DATA *(*cb_err_set_item)(const ERR_STRING_DATA *); + const ERR_STRING_DATA *(*cb_err_del_item)(const ERR_STRING_DATA *); /* Works on the "thread_hash" error-state table */ LHASH_OF(ERR_STATE) *(*cb_thread_get)(int create); void (*cb_thread_release)(LHASH_OF(ERR_STATE) **hash); @@ -260,9 +260,9 @@ struct st_ERR_FNS { /* Predeclarations of the "err_defaults" functions */ static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create); static void int_err_del(void); -static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); -static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *); -static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *); +static const ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); +static const ERR_STRING_DATA *int_err_set_item(const ERR_STRING_DATA *); +static const ERR_STRING_DATA *int_err_del_item(const ERR_STRING_DATA *); static LHASH_OF(ERR_STATE) *int_thread_get(int create); static void int_thread_release(LHASH_OF(ERR_STATE) **hash); static ERR_STATE *int_thread_get_item(const ERR_STATE *); @@ -369,7 +369,7 @@ int_err_del(void) CRYPTO_w_unlock(CRYPTO_LOCK_ERR); } -static ERR_STRING_DATA * +static const ERR_STRING_DATA * int_err_get_item(const ERR_STRING_DATA *d) { ERR_STRING_DATA *p; @@ -387,10 +387,10 @@ int_err_get_item(const ERR_STRING_DATA *d) return p; } -static ERR_STRING_DATA * -int_err_set_item(ERR_STRING_DATA *d) +static const ERR_STRING_DATA * +int_err_set_item(const ERR_STRING_DATA *d) { - ERR_STRING_DATA *p; + const ERR_STRING_DATA *p; LHASH_OF(ERR_STRING_DATA) *hash; err_fns_check(); @@ -399,14 +399,14 @@ int_err_set_item(ERR_STRING_DATA *d) return NULL; CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STRING_DATA_insert(hash, d); + p = lh_ERR_STRING_DATA_insert(hash, (void *)d); CRYPTO_w_unlock(CRYPTO_LOCK_ERR); return p; } -static ERR_STRING_DATA * -int_err_del_item(ERR_STRING_DATA *d) +static const ERR_STRING_DATA * +int_err_del_item(const ERR_STRING_DATA *d) { ERR_STRING_DATA *p; LHASH_OF(ERR_STRING_DATA) *hash; @@ -692,6 +692,16 @@ ERR_load_strings(int lib, ERR_STRING_DATA *str) } LCRYPTO_ALIAS(ERR_load_strings); +void +ERR_load_const_strings(const ERR_STRING_DATA *str) +{ + ERR_load_ERR_strings(); + while (str->error) { + ERRFN(err_set_item)(str); + str++; + } +} + void ERR_unload_strings(int lib, ERR_STRING_DATA *str) { @@ -964,7 +974,8 @@ LCRYPTO_ALIAS(ERR_error_string); const char * ERR_lib_error_string(unsigned long e) { - ERR_STRING_DATA d, *p; + const ERR_STRING_DATA *p; + ERR_STRING_DATA d; unsigned long l; if (!OPENSSL_init_crypto(0, NULL)) @@ -981,7 +992,8 @@ LCRYPTO_ALIAS(ERR_lib_error_string); const char * ERR_func_error_string(unsigned long e) { - ERR_STRING_DATA d, *p; + const ERR_STRING_DATA *p; + ERR_STRING_DATA d; unsigned long l, f; err_fns_check(); @@ -996,7 +1008,8 @@ LCRYPTO_ALIAS(ERR_func_error_string); const char * ERR_reason_error_string(unsigned long e) { - ERR_STRING_DATA d, *p = NULL; + const ERR_STRING_DATA *p = NULL; + ERR_STRING_DATA d; unsigned long l, r; err_fns_check(); diff --git a/lib/libcrypto/err/err_local.h b/lib/libcrypto/err/err_local.h new file mode 100644 index 00000000000..d091b979ccb --- /dev/null +++ b/lib/libcrypto/err/err_local.h @@ -0,0 +1,123 @@ +/* $OpenBSD: err_local.h,v 1.1 2024/06/24 06:43:22 tb Exp $ */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include + +#ifndef HEADER_ERR_LOCAL_H +#define HEADER_ERR_LOCAL_H + +__BEGIN_HIDDEN_DECLS + +void ERR_load_const_strings(const ERR_STRING_DATA *str); + +__END_HIDDEN_DECLS + +#endif /* HEADER_ERR_LOCAL_H */ diff --git a/lib/libcrypto/evp/evp_err.c b/lib/libcrypto/evp/evp_err.c index 07515f4d992..a41339c775c 100644 --- a/lib/libcrypto/evp/evp_err.c +++ b/lib/libcrypto/evp/evp_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_err.c,v 1.33 2024/04/09 13:52:41 beck Exp $ */ +/* $OpenBSD: evp_err.c,v 1.34 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason) -static ERR_STRING_DATA EVP_str_functs[] = { +static const ERR_STRING_DATA EVP_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA EVP_str_reasons[] = { +static const ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) , "aes iv setup failed"}, {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) , "aes key setup failed"}, {ERR_REASON(EVP_R_ASN1_LIB) , "asn1 lib"}, @@ -159,8 +161,8 @@ ERR_load_EVP_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) { - ERR_load_strings(0, EVP_str_functs); - ERR_load_strings(0, EVP_str_reasons); + ERR_load_const_strings(EVP_str_functs); + ERR_load_const_strings(EVP_str_reasons); } #endif } diff --git a/lib/libcrypto/kdf/kdf_err.c b/lib/libcrypto/kdf/kdf_err.c index 4dd323701af..fc38e08136b 100644 --- a/lib/libcrypto/kdf/kdf_err.c +++ b/lib/libcrypto/kdf/kdf_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kdf_err.c,v 1.9 2022/07/12 14:42:49 kn Exp $ */ +/* $OpenBSD: kdf_err.c,v 1.10 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. * @@ -56,16 +56,18 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA KDF_str_functs[] = { +static const ERR_STRING_DATA KDF_str_functs[] = { {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, {0, NULL}, }; -static ERR_STRING_DATA KDF_str_reasons[] = { +static const ERR_STRING_DATA KDF_str_reasons[] = { {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), "missing message digest"}, @@ -81,8 +83,8 @@ ERR_load_KDF_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(KDF_str_functs[0].error) == NULL) { - ERR_load_strings(0, KDF_str_functs); - ERR_load_strings(0, KDF_str_reasons); + ERR_load_const_strings(KDF_str_functs); + ERR_load_const_strings(KDF_str_reasons); } #endif return 1; diff --git a/lib/libcrypto/objects/obj_err.c b/lib/libcrypto/objects/obj_err.c index 04cb4218c24..514fb0d4f03 100644 --- a/lib/libcrypto/objects/obj_err.c +++ b/lib/libcrypto/objects/obj_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_err.c,v 1.14 2023/07/08 12:27:51 beck Exp $ */ +/* $OpenBSD: obj_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason) -static ERR_STRING_DATA OBJ_str_functs[] = { +static const ERR_STRING_DATA OBJ_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA OBJ_str_reasons[] = { +static const ERR_STRING_DATA OBJ_str_reasons[] = { {ERR_REASON(OBJ_R_MALLOC_FAILURE) , "malloc failure"}, {ERR_REASON(OBJ_R_UNKNOWN_NID) , "unknown nid"}, {0, NULL} @@ -83,8 +85,8 @@ ERR_load_OBJ_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) { - ERR_load_strings(0, OBJ_str_functs); - ERR_load_strings(0, OBJ_str_reasons); + ERR_load_const_strings(OBJ_str_functs); + ERR_load_const_strings(OBJ_str_reasons); } #endif } diff --git a/lib/libcrypto/ocsp/ocsp_err.c b/lib/libcrypto/ocsp/ocsp_err.c index 865091f5429..ca8f8f22b2f 100644 --- a/lib/libcrypto/ocsp/ocsp_err.c +++ b/lib/libcrypto/ocsp/ocsp_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp_err.c,v 1.10 2023/07/08 10:44:00 beck Exp $ */ +/* $OpenBSD: ocsp_err.c,v 1.11 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason) -static ERR_STRING_DATA OCSP_str_functs[]= { +static const ERR_STRING_DATA OCSP_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA OCSP_str_reasons[]= { +static const ERR_STRING_DATA OCSP_str_reasons[] = { {ERR_REASON(OCSP_R_BAD_DATA) , "bad data"}, {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"}, {ERR_REASON(OCSP_R_DIGEST_ERR) , "digest err"}, @@ -111,8 +113,8 @@ ERR_load_OCSP_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) { - ERR_load_strings(0, OCSP_str_functs); - ERR_load_strings(0, OCSP_str_reasons); + ERR_load_const_strings(OCSP_str_functs); + ERR_load_const_strings(OCSP_str_reasons); } #endif } diff --git a/lib/libcrypto/pem/pem_err.c b/lib/libcrypto/pem/pem_err.c index a94e2d5ebb2..05025c8ee07 100644 --- a/lib/libcrypto/pem/pem_err.c +++ b/lib/libcrypto/pem/pem_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pem_err.c,v 1.14 2023/07/07 13:40:44 beck Exp $ */ +/* $OpenBSD: pem_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason) -static ERR_STRING_DATA PEM_str_functs[] = { +static const ERR_STRING_DATA PEM_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA PEM_str_reasons[] = { +static const ERR_STRING_DATA PEM_str_reasons[] = { {ERR_REASON(PEM_R_BAD_BASE64_DECODE) , "bad base64 decode"}, {ERR_REASON(PEM_R_BAD_DECRYPT) , "bad decrypt"}, {ERR_REASON(PEM_R_BAD_END_LINE) , "bad end line"}, @@ -109,8 +111,8 @@ ERR_load_PEM_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) { - ERR_load_strings(0, PEM_str_functs); - ERR_load_strings(0, PEM_str_reasons); + ERR_load_const_strings(PEM_str_functs); + ERR_load_const_strings(PEM_str_reasons); } #endif } diff --git a/lib/libcrypto/pkcs12/pk12err.c b/lib/libcrypto/pkcs12/pk12err.c index 3af03528a23..c04c83c4f1a 100644 --- a/lib/libcrypto/pkcs12/pk12err.c +++ b/lib/libcrypto/pkcs12/pk12err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pk12err.c,v 1.14 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: pk12err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason) -static ERR_STRING_DATA PKCS12_str_functs[]= { +static const ERR_STRING_DATA PKCS12_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA PKCS12_str_reasons[]= { +static const ERR_STRING_DATA PKCS12_str_reasons[] = { {ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE), "cant pack structure"}, {ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"}, {ERR_REASON(PKCS12_R_DECODE_ERROR) , "decode error"}, @@ -103,8 +105,8 @@ ERR_load_PKCS12_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) { - ERR_load_strings(0, PKCS12_str_functs); - ERR_load_strings(0, PKCS12_str_reasons); + ERR_load_const_strings(PKCS12_str_functs); + ERR_load_const_strings(PKCS12_str_reasons); } #endif } diff --git a/lib/libcrypto/pkcs7/pkcs7err.c b/lib/libcrypto/pkcs7/pkcs7err.c index d3ca0ec6dfa..d4e6d7cf77c 100644 --- a/lib/libcrypto/pkcs7/pkcs7err.c +++ b/lib/libcrypto/pkcs7/pkcs7err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs7err.c,v 1.15 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: pkcs7err.c,v 1.16 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason) -static ERR_STRING_DATA PKCS7_str_functs[]= { +static const ERR_STRING_DATA PKCS7_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA PKCS7_str_reasons[]= { +static const ERR_STRING_DATA PKCS7_str_reasons[] = { {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"}, {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"}, {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"}, @@ -135,8 +137,8 @@ ERR_load_PKCS7_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) { - ERR_load_strings(0, PKCS7_str_functs); - ERR_load_strings(0, PKCS7_str_reasons); + ERR_load_const_strings(PKCS7_str_functs); + ERR_load_const_strings(PKCS7_str_reasons); } #endif } diff --git a/lib/libcrypto/rand/rand_err.c b/lib/libcrypto/rand/rand_err.c index b156c0c87ce..1f0e2512078 100644 --- a/lib/libcrypto/rand/rand_err.c +++ b/lib/libcrypto/rand/rand_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rand_err.c,v 1.17 2023/07/07 12:01:32 beck Exp $ */ +/* $OpenBSD: rand_err.c,v 1.18 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason) -static ERR_STRING_DATA RAND_str_functs[] = { +static const ERR_STRING_DATA RAND_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA RAND_str_reasons[] = { +static const ERR_STRING_DATA RAND_str_reasons[] = { {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"}, {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, @@ -86,8 +88,8 @@ ERR_load_RAND_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) { - ERR_load_strings(0, RAND_str_functs); - ERR_load_strings(0, RAND_str_reasons); + ERR_load_const_strings(RAND_str_functs); + ERR_load_const_strings(RAND_str_reasons); } #endif } diff --git a/lib/libcrypto/rsa/rsa_err.c b/lib/libcrypto/rsa/rsa_err.c index 8b541689009..934a59f663a 100644 --- a/lib/libcrypto/rsa/rsa_err.c +++ b/lib/libcrypto/rsa/rsa_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_err.c,v 1.22 2023/07/08 12:26:45 beck Exp $ */ +/* $OpenBSD: rsa_err.c,v 1.23 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason) -static ERR_STRING_DATA RSA_str_functs[] = { +static const ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA RSA_str_reasons[] = { +static const ERR_STRING_DATA RSA_str_reasons[] = { {ERR_REASON(RSA_R_ALGORITHM_MISMATCH) , "algorithm mismatch"}, {ERR_REASON(RSA_R_BAD_E_VALUE) , "bad e value"}, {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"}, @@ -150,8 +152,8 @@ ERR_load_RSA_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) { - ERR_load_strings(0, RSA_str_functs); - ERR_load_strings(0, RSA_str_reasons); + ERR_load_const_strings(RSA_str_functs); + ERR_load_const_strings(RSA_str_reasons); } #endif } diff --git a/lib/libcrypto/ts/ts_err.c b/lib/libcrypto/ts/ts_err.c index bb8209a85c2..c0dcc730990 100644 --- a/lib/libcrypto/ts/ts_err.c +++ b/lib/libcrypto/ts/ts_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ts_err.c,v 1.7 2023/07/07 07:25:21 beck Exp $ */ +/* $OpenBSD: ts_err.c,v 1.8 2024/06/24 06:43:22 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason) -static ERR_STRING_DATA TS_str_functs[] = { +static const ERR_STRING_DATA TS_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA TS_str_reasons[]= { +static const ERR_STRING_DATA TS_str_reasons[] = { {ERR_REASON(TS_R_BAD_PKCS7_TYPE) , "bad pkcs7 type"}, {ERR_REASON(TS_R_BAD_TYPE) , "bad type"}, {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"}, @@ -116,8 +118,8 @@ ERR_load_TS_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(TS_str_functs[0].error) == NULL) { - ERR_load_strings(0, TS_str_functs); - ERR_load_strings(0, TS_str_reasons); + ERR_load_const_strings(TS_str_functs); + ERR_load_const_strings(TS_str_reasons); } #endif } diff --git a/lib/libcrypto/ui/ui_err.c b/lib/libcrypto/ui/ui_err.c index 3f875da7767..656fa428878 100644 --- a/lib/libcrypto/ui/ui_err.c +++ b/lib/libcrypto/ui/ui_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ui_err.c,v 1.12 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: ui_err.c,v 1.13 2024/06/24 06:43:23 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -60,17 +60,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason) -static ERR_STRING_DATA UI_str_functs[] = { +static const ERR_STRING_DATA UI_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA UI_str_reasons[] = { +static const ERR_STRING_DATA UI_str_reasons[] = { {ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS), "common ok and cancel characters"}, {ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"}, {ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"}, @@ -88,8 +90,8 @@ ERR_load_UI_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(UI_str_functs[0].error) == NULL) { - ERR_load_strings(0, UI_str_functs); - ERR_load_strings(0, UI_str_reasons); + ERR_load_const_strings(UI_str_functs); + ERR_load_const_strings(UI_str_reasons); } #endif } diff --git a/lib/libcrypto/x509/x509_err.c b/lib/libcrypto/x509/x509_err.c index 2cbd349350c..cff045b105d 100644 --- a/lib/libcrypto/x509/x509_err.c +++ b/lib/libcrypto/x509/x509_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_err.c,v 1.22 2023/05/14 17:20:26 tb Exp $ */ +/* $OpenBSD: x509_err.c,v 1.23 2024/06/24 06:43:23 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * @@ -61,17 +61,19 @@ #include #include +#include "err_local.h" + #ifndef OPENSSL_NO_ERR #define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason) -static ERR_STRING_DATA X509_str_functs[] = { +static const ERR_STRING_DATA X509_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA X509_str_reasons[] = { +static const ERR_STRING_DATA X509_str_reasons[] = { {ERR_REASON(X509_R_BAD_X509_FILETYPE) , "bad x509 filetype"}, {ERR_REASON(X509_R_BASE64_DECODE_ERROR) , "base64 decode error"}, {ERR_REASON(X509_R_CANT_CHECK_DH_KEY) , "cant check dh key"}, @@ -108,12 +110,12 @@ static ERR_STRING_DATA X509_str_reasons[] = { #define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason) -static ERR_STRING_DATA X509V3_str_functs[] = { +static const ERR_STRING_DATA X509V3_str_functs[] = { {ERR_FUNC(0xfff), "CRYPTO_internal"}, {0, NULL} }; -static ERR_STRING_DATA X509V3_str_reasons[] = { +static const ERR_STRING_DATA X509V3_str_reasons[] = { {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"}, {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"}, {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"}, @@ -192,8 +194,8 @@ ERR_load_X509_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(X509_str_functs[0].error) == NULL) { - ERR_load_strings(0, X509_str_functs); - ERR_load_strings(0, X509_str_reasons); + ERR_load_const_strings(X509_str_functs); + ERR_load_const_strings(X509_str_reasons); } #endif } @@ -205,8 +207,8 @@ ERR_load_X509V3_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) { - ERR_load_strings(0, X509V3_str_functs); - ERR_load_strings(0, X509V3_str_reasons); + ERR_load_const_strings(X509V3_str_functs); + ERR_load_const_strings(X509V3_str_reasons); } #endif } -- 2.20.1