Closed
Conversation
The cached X509_LOOKUP method data is no longer just the URI, but now includes the OSSL_STORE_CTX pointer, and required parameters to reopen the URI at any time. cache_objects() is modified to handle this, and only (re)open the URI when it wasn't previously opened, or when it was closed by an earlier call. This way, we can call OSSL_STORE_open_ex() in by_store_ctrl_ex(), and get to see possible errors when the URI is loaded. This assumes that if the URI could be opened once, it can be opened again. Fixes openssl#27461 Reviewed-by: David von Oheimb <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from openssl#27529) (cherry picked from commit 0c48ee2)
Originally from openssl#27507, with some changes. Co-authored-by: Richard Levitte <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> Reviewed-by: Richard Levitte <[email protected]> (Merged from openssl#27529) (cherry picked from commit 927deba)
It was used to pass libctx and propq, which would override the corresponding values passed to by_store_ctrl_ex(). This wasn't really reasonable to do either way, as it could potentially be a surprise to the user, who can reasonably expect that the URI is opened with the libctx and propq that was passed with the URI, and not with those passed later. Reviewed-by: David von Oheimb <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from openssl#27529) (cherry picked from commit af5952d)
This removes a couple of tests that check a relaxation of the 'file:' scheme implementation that isn't present before OpenSSL 3.6 Reviewed-by: David von Oheimb <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from openssl#27549)
paulidale
approved these changes
May 5, 2025
Member
|
Er, ok. I did the same work already, in #27550? |
Contributor
Author
|
Oh, so closing this one. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This cherry-picks the commits of #27529 and the fixup commit in #27549 needed for backporting.
In addition just had to align the number of tests planned in
test/recipes/25-test_verify.t.