Mkae CT_log_new_from_base64 always return 0 on failure

In one failure case, it used to return -1. That failure case
(CTLOG_new() returning NULL) was not usefully distinct from all of the
other failure cases.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1407)

diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c
index 80bd45e2d9934d75be2e80f472769db01813f31b..d13d8f2af2e99849ea6568af2d77e699ba049ff0 100644 (file)
--- a/crypto/ct/ct_b64.c
+++ b/crypto/ct/ct_b64.c
@@ -149,7 +149,7 @@ int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *n
     *ct_log = CTLOG_new(pkey, name);
     if (*ct_log == NULL) {
         EVP_PKEY_free(pkey);
-        return -1;
+        return 0;
     }
 
     return 1;

diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index d77d1682f32b546648673b8bdc19dcccf43348ba..07068af2be66248091f0bc86bd76318a10c96cb3 100644 (file)
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -408,12 +408,15 @@ __owur int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
 
 /*
  * Creates a new CT log instance with the given |public_key| and |name|.
+ * Returns NULL if malloc fails or if |public_key| cannot be converted to DER.
  * Should be deleted by the caller using CTLOG_free when no longer needed.
  */
 CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
 
 /*
- * Creates a new CT |ct_log| instance with the given base64 public_key and |name|.
+ * Creates a new CTLOG instance with the base64-encoded SubjectPublicKeyInfo DER
+ * in |pkey_base64|. The |name| is a string to help users identify this log.
+ * Returns 1 on success, 0 on failure.
  * Should be deleted by the caller using CTLOG_free when no longer needed.
  */
 int CTLOG_new_from_base64(CTLOG ** ct_log,

diff --git a/util/libcrypto.num b/util/libcrypto.num
index 0c7cd9a8c0fbd7360b3284423bbccd951ff2b339..a02cc8de7698d3e5cf581d6fff89f13f29deaf9d 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -3484,7 +3484,6 @@ EVP_OpenFinal                           3432      1_1_0   EXIST::FUNCTION:RSA
 RAND_egd_bytes                          3433   1_1_0   EXIST::FUNCTION:EGD
 UI_method_get_writer                    3434   1_1_0   EXIST::FUNCTION:UI
 BN_secure_new                           3435   1_1_0   EXIST::FUNCTION:
-CTLOG_new_null                          3436   1_1_0   EXIST::FUNCTION:CT
 SHA1_Update                             3437   1_1_0   EXIST::FUNCTION:
 BIO_s_connect                           3438   1_1_0   EXIST::FUNCTION:SOCK
 EVP_MD_meth_get_init                    3439   1_1_0   EXIST::FUNCTION: