Improve credential loading diagnostics, function parameter declarations, etc.#120
Open
DDvO wants to merge 10 commits into
Open
Improve credential loading diagnostics, function parameter declarations, etc.#120DDvO wants to merge 10 commits into
DDvO wants to merge 10 commits into
Conversation
… 'bool maybe_stdin'
…ORE_load_more_check_ex()
There was a problem hiding this comment.
Pull request overview
This PR updates credential/certificate/CRL loading to better support HTTP-sourced data and improves diagnostics/consistency across the credential-loading APIs, while also syncing the CMP HTTP test recipe with a newer upstream OpenSSL variant.
Changes:
- Extend cert/CRL loading logic to download and decode PEM/DER over HTTP (with updated logging and parameter conventions).
- Refactor/align credential-loading function signatures (OPTIONAL annotations, parameter naming, timeout plumbing).
- Update
80-test_cmp_http.tand test config to match newer upstream behavior (skip conditions, server host/port derivation, improved failure logs).
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| test/recipes/80-test_cmp_http.t | Updates CMP HTTP test harness logic (skip gates, server discovery, enhanced failure logging). |
| test/recipes/80-test_cmp_http_data/test.cnf | Adjusts port config to reference $server_port for dynamic substitution. |
| src/credential_loading.h | Updates/aligns credential-loading API declarations (OPTIONAL, formats, parameter naming). |
| src/credential_loading.c | Implements HTTP download+decode helpers and refactors credential/cert/CRL loading and diagnostics. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…aybe_stdin' parameter of FILES_load_certs_ex()
…and CREDENTIALS_load_ex() for consistency with header file
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
Comments suppressed due to low confidence (1)
src/credential_loading.c:908
- FILES_load_crl_ex() leaks the memory BIO returned by http_get_mem(): mem is not freed after PEM_read_bio_X509_CRL()/d2i_X509_CRL_bio(). Mirror the certificate-loading path and BIO_free(mem) in all cases (including decode failure).
BIO *mem = http_get_mem(uri, timeout, "-----BEGIN X509 CRL-----", &is_pem, desc);
if (mem != NULL) {
crl = is_pem ? PEM_read_bio_X509_CRL(mem, NULL, NULL, NULL) : d2i_X509_CRL_bio(mem, NULL);
if (crl == NULL)
LOG(FL_ERR, "Unable to decode %s from %s", desc, uri);
}
DDvO
force-pushed
the
improve_credential_loading
branch
from
d8a478e to
9341a74
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
Comments suppressed due to low confidence (1)
src/credential_loading.c:916
FILES_load_crl_ex()usesCONN_IS_HTTP(uri)/CONN_IS_HTTPS(uri)and callsCRL_check(uri, ...), buturiis an OPTIONAL parameter and may be NULL when reading from stdin. This can lead to crashes/undefined behavior (e.g.,%sformatting with a NULLsrc). Adduri != NULLguards for scheme checks and pass a non-NULL placeholder like"<stdin>"intoCRL_check()/ error messages whenuriis NULL.
LOG(FL_DEBUG, "Loading %s from %s", desc, uri != NULL ? uri : "<stdin>");
if (CONN_IS_HTTP(uri) || CONN_IS_HTTPS(uri)) {
bool is_pem;
BIO *mem = http_get_mem(uri, timeout, "-----BEGIN X509 CRL-----", &is_pem, desc);
if (mem != NULL) {
crl = is_pem ? PEM_read_bio_X509_CRL(mem, NULL, NULL, NULL) : d2i_X509_CRL_bio(mem, NULL);
BIO_free(mem);
if (crl == NULL)
LOG(FL_ERR, "Unable to decode %s from %s", desc, uri);
}
} else {
(void)load_key_certs_crls(libctx, propq,
uri, format, maybe_stdin, NULL, desc, false,
NULL, NULL, NULL, NULL, NULL, 0, &crl, NULL, 1);
}
if (!CRL_check(uri, crl, vpm) && vpm != NULL) {
X509_CRL_free(crl);
crl = NULL;
…m leaks, diagnostics, and indentation
…HTTP download of PEM/DER encoded data
DDvO
force-pushed
the
improve_credential_loading
branch
from
9341a74 to
9361201
Compare
…ree, mem leaks, diagnostics, and indentation
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
80-test_cmp_http.t: align with latest upstream OpenSSL version of that script, , fixing CI hangs for OpenSSL 3.6+ (this commit is also part of add support for ML-DSA and TPM2-held keys referenced via handle; OpenSSL 4.0 compat #119, repeated here to avoid needless CI failures)