|
|
|
|
BasedOnStyle: Google
|
|
|
|
|
MaxEmptyLinesToKeep: 3
|
|
|
|
|
AllowShortIfStatementsOnASingleLine: false
|
|
|
|
|
AllowShortLoopsOnASingleLine: false
|
|
|
|
|
DerivePointerAlignment: false
|
|
|
|
|
PointerAlignment: Right
|
|
|
|
|
# TODO(davidben): The default for Google style is now Regroup, but the default
|
|
|
|
|
# IncludeCategories does not recognize <openssl/header.h>. We should
|
|
|
|
|
# reconfigure IncludeCategories to match. For now, keep it at Preserve.
|
|
|
|
|
IncludeBlocks: Preserve
|
|
|
|
|
TypenameMacros: ['LHASH_OF', 'STACK_OF']
|
|
|
|
|
StatementMacros:
|
Reject missing required fields in i2d functions.
See also 006906cddda37e24a66443199444ef4476697477 from OpenSSL, though
this CL uses a different strategy from upstream. Upstream makes
ASN1_item_ex_i2d continue to allow optionals and checks afterwards at
every non-optional call site. This CL pushes down an optional parameter
and says functions cannot omit items unless explicitly allowed.
I think this is a better default, though it is a larger change. Fields
are only optional when they come from an ASN1_TEMPLATE with the OPTIONAL
flag. Upstream's strategy misses top-level calls.
This CL additionally adds checks for optional ASN1_TEMPLATEs in contexts
where it doesn't make sense. Only fields of SEQUENCEs and SETs may be
OPTIONAL, but the ASN1_ITEM/ASN1_TEMPLATE split doesn't quite match
ASN.1 itself. ASN1_TEMPLATE is additionally responsible for
explicit/implicit tagging, and SEQUENCE/SET OF. That means CHOICE arms
and the occasional top-level type (ASN1_ITEM_TEMPLATE) use ASN1_TEMPLATE
but will get confused if marked optional.
As part of this, i2d_FOO(NULL) now returns -1 rather than "successfully"
writing 0 bytes. If we want to allow NULL at the top-level, that's not
too hard to arrange, but our CBB-based i2d functions do not.
Update-Note: Structures with missing mandatory fields can no longer be
encoded. Note that, apart from the cases already handled by preceding
CLs, tasn_new.c will fill in non-NULL empty objects everywhere. The main
downstream impact I've seen of this particular change is in combination
with other bugs. Consider a caller that does:
GENERAL_NAME *name = GENERAL_NAME_new();
name->type = GEN_DNS;
name->d.dNSName = DoSomethingComplicated(...);
Suppose DoSomethingComplicated() was actually fallible and returned
NULL, but the caller forgot to check. They'd now construct a
GENERAL_NAME with a missing field. Previously, this would silently
serialize some garbage (omitted field) or empty string. Now we fail to
encode, but the true error was the uncaught DoSomethingComplicated()
failure. (Which likely was itself a bug.)
Bug: 429
Change-Id: I37fe618761be64a619be9fdc8d416f24ecbb8c46
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49350
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
3 years ago
|
|
|
- "ASN1_SEQUENCE_END"
|
|
|
|
|
- "DECLARE_ASN1_ALLOC_FUNCTIONS"
|
|
|
|
|
- "DECLARE_ASN1_ALLOC_FUNCTIONS_name"
|
|
|
|
|
- "DECLARE_ASN1_ENCODE_FUNCTIONS"
|
|
|
|
|
- "DECLARE_ASN1_ENCODE_FUNCTIONS_const"
|
|
|
|
|
- "DECLARE_ASN1_FUNCTIONS"
|
|
|
|
|
- "DECLARE_ASN1_FUNCTIONS_const"
|
|
|
|
|
- "DECLARE_ASN1_FUNCTIONS_fname"
|
|
|
|
|
- "DECLARE_ASN1_FUNCTIONS_name"
|
|
|
|
|
- "DECLARE_PEM_read"
|
|
|
|
|
- "DECLARE_PEM_read_bio"
|
|
|
|
|
- "DECLARE_PEM_read_fp"
|
|
|
|
|
- "DECLARE_PEM_rw"
|
|
|
|
|
- "DECLARE_PEM_rw_cb"
|
|
|
|
|
- "DECLARE_PEM_rw_const"
|
|
|
|
|
- "DECLARE_PEM_write"
|
|
|
|
|
- "DECLARE_PEM_write_bio"
|
|
|
|
|
- "DECLARE_PEM_write_bio_const"
|
|
|
|
|
- "DECLARE_PEM_write_cb"
|
|
|
|
|
- "DECLARE_PEM_write_cb_bio"
|
|
|
|
|
- "DECLARE_PEM_write_cb_fp"
|
|
|
|
|
- "DECLARE_PEM_write_const"
|
|
|
|
|
- "DECLARE_PEM_write_fp"
|
|
|
|
|
- "DECLARE_PEM_write_fp_const"
|
|
|
|
|
- "IMPLEMENT_ASN1_ALLOC_FUNCTIONS"
|
|
|
|
|
- "IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname"
|
|
|
|
|
- "IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname"
|
|
|
|
|
- "IMPLEMENT_ASN1_DUP_FUNCTION"
|
|
|
|
|
- "IMPLEMENT_ASN1_DUP_FUNCTION_const"
|
|
|
|
|
- "IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname"
|
|
|
|
|
- "IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname"
|
|
|
|
|
- "IMPLEMENT_ASN1_FUNCTIONS"
|
|
|
|
|
- "IMPLEMENT_ASN1_FUNCTIONS_const"
|
|
|
|
|
- "IMPLEMENT_ASN1_FUNCTIONS_const_fname"
|
|
|
|
|
- "IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name"
|
|
|
|
|
- "IMPLEMENT_ASN1_FUNCTIONS_fname"
|
|
|
|
|
- "IMPLEMENT_ASN1_FUNCTIONS_name"
|
|
|
|
|
- "IMPLEMENT_ASN1_TYPE_ex"
|
|
|
|
|
- "IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS"
|
|
|
|
|
- "IMPLEMENT_PEM_read"
|
|
|
|
|
- "IMPLEMENT_PEM_read_bio"
|
|
|
|
|
- "IMPLEMENT_PEM_read_fp"
|
|
|
|
|
- "IMPLEMENT_PEM_rw"
|
|
|
|
|
- "IMPLEMENT_PEM_rw_cb"
|
|
|
|
|
- "IMPLEMENT_PEM_rw_const"
|
|
|
|
|
- "IMPLEMENT_PEM_write"
|
|
|
|
|
- "IMPLEMENT_PEM_write_bio"
|
|
|
|
|
- "IMPLEMENT_PEM_write_bio_const"
|
|
|
|
|
- "IMPLEMENT_PEM_write_cb"
|
|
|
|
|
- "IMPLEMENT_PEM_write_cb_bio"
|
|
|
|
|
- "IMPLEMENT_PEM_write_cb_bio_const"
|
|
|
|
|
- "IMPLEMENT_PEM_write_cb_const"
|
|
|
|
|
- "IMPLEMENT_PEM_write_cb_fp"
|
|
|
|
|
- "IMPLEMENT_PEM_write_cb_fp_const"
|
|
|
|
|
- "IMPLEMENT_PEM_write_const"
|
|
|
|
|
- "IMPLEMENT_PEM_write_fp"
|
|
|
|
|
- "IMPLEMENT_PEM_write_fp_const"
|
|
|
|
|
- "ASN1_ADB_END"
|
|
|
|
|
- "ASN1_CHOICE_END"
|
|
|
|
|
- "ASN1_ITEM_TEMPLATE_END"
|
|
|
|
|
- "ASN1_SEQUENCE_END"
|
|
|
|
|
- "ASN1_SEQUENCE_END_cb"
|
|
|
|
|
- "ASN1_SEQUENCE_END_enc"
|
|
|
|
|
- "ASN1_SEQUENCE_END_ref"
|
|
|
|
|
# This isn't quite right, but it causes clang-format to do a slightly better
|
|
|
|
|
# job with this macro.
|
|
|
|
|
- "ASN1_EX_TEMPLATE_TYPE"
|
