fix(x509.c): fixed -checkend return values#29155
fix(x509.c): fixed -checkend return values#29155snowdroppe wants to merge 2 commits intoopenssl:masterfrom
Conversation
1c6d6a8 to
48fb90f
Compare
|
Force push to comply with styling guide |
beldmit
left a comment
There was a problem hiding this comment.
First, I'm not sure it's worth introducing this change.
To distinguish an error because of, say, wrong format, you still need to parse output.
Second, if this change is introduced, we need to document it
The current documentation reads I agree that return codes may mask other errors and am happy to take the organisation's direction on how it should behave.
Valid point as a lot of scripts currently depend on the return code to check for expired / near expired certs. I'll update it according to what is agreed. Is #28928 a better thread to discuss the intent? |
shahsb
left a comment
There was a problem hiding this comment.
Thanks @snowdroppe for your efforts on this!
It'll LGTM after the suggested fixes!
48fb90f to
7e4838e
Compare
|
Pushed new commit which rebases to master and implements the above suggestions. Pending review, I will rebase again and squash into a single commit. |
55ddb4e to
a61ba99
Compare
|
I believe the PR is now in a fit state for review. Please let me know if there are any additional actions on me. |
a61ba99 to
02d242c
Compare
Fixes openssl#28928 Also adds functionality to -checkend to account for -multi behaviour. Man page and unit tests updated accordingly.
02d242c to
d0f2c06
Compare
|
The unit tests trigger an overflow on the checkend |
|
Fixed workflow issues:
|
|
@beldmit Could you kindly re-approve the workflow checks please? I believe I addressed the previous erros. Thanks! |
|
@beldmit I believe the workflow checks are successful and this is ready to be considered for merge. Please let me know if there's anything else I should do. The failing style check is unrelated to the changes within this PR: |
|
This needs to go into 3.6 branch as well. |
|
This pull request is ready to merge |
Fixes #28928 Also adds functionality to -checkend to account for -multi behaviour. Man page and unit tests updated accordingly. Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #29155)
Fixes #28928 Also adds functionality to -checkend to account for -multi behaviour. Man page and unit tests updated accordingly. Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #29155) (cherry picked from commit 679a101)
|
Squashed and merged to the master and 3.6 branches. Thank you for your contribution. |
Fixes openssl#28928 Also adds functionality to -checkend to account for -multi behaviour. Man page and unit tests updated accordingly. Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from openssl#29155)
3.6.1 CHANGES.md includes the following: * #28760 "Improve the CPUINFO display for RISC-V" * #28797 "Fix regression when X509_V_FLAG_CRL_CHECK_ALL is set" * #28955 "Fix for TLS handshake issue with GnuTLS #28902" * #29155 "fix(x509.c): fixed -checkend return values" * #29214 "s390x: Check and fail on invalid malformed ECDSA signatures" * #29245 "Clang format 3.6" * #29251 "Fix change of behavior of the single stapled OCSP response API" 3.6.1 NEWS.md includes the following: * #28797 "Fix regression when X509_V_FLAG_CRL_CHECK_ALL is set" * #28955 "Fix for TLS handshake issue with GnuTLS #28902" Co-Authored-by: Tomáš Mráz <[email protected]> Signed-off-by: Eugene Syromiatnikov <[email protected]> Reviewed-by: Nikola Pajkovsky <[email protected]> Reviewed-by: Neil Horman <[email protected]> Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> MergeDate: Mon Jan 26 20:01:30 2026
Fixes #28928
Before
After