24784774 Upgrade 11.3-SRU to OpenSSL 1.0.2
20358335 memory leak in libcrypto
21297601 32-bit FIPS openssl(1) should link to the mediator link
21791492 Workaround to suppress the link check error should be removed
22021385 openssl ts sub-command dumps core
22021787 openssl s_client sub-command dumps core
22445522 openssl makefile contains undeclared dependency on rsync
22859741 Update OpenSSL FIPS module to 2.0.12
23230454 Use DES3 for pkcs12 certificate encryption
23285559 ssh libcrypto`solaris_locking_setup() atfork handler calls malloc()
24377801 solaris_dynlock_create() should check for a ret val of 0 from pthread_mutex_init
24943813 problem in LIBRARY/OPENSSL
# This patch was developed in house.
# The issue is fixed in the OpenSSL 1.1 release by the upstream,
# but the code base has changed and the same fix can't be applied
# without major code change.
--- a/apps/ts.c 2016-06-21 13:43:24.299079900 -0700
+++ b/apps/ts.c 2016-06-21 14:06:28.055910010 -0700
@@ -299,6 +299,9 @@
goto usage;
/* Load the config file for possible policy OIDs. */
conf = load_config_file(configfile);
+ if (conf == NULL) {
+ goto cleanup;
+ }
ret = !query_command(data, digest, md, policy, no_nonce, cert,
in, out, text);
break;
@@ -401,6 +404,7 @@
else
BIO_printf(bio_err, "error on line %ld of config file "
"'%s'\n", errorline, configfile);
+ goto errexit;
}
if (conf != NULL) {
@@ -410,18 +414,27 @@
p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
if (p != NULL) {
BIO *oid_bio = BIO_new_file(p, "r");
- if (!oid_bio)
+ if (!oid_bio) {
ERR_print_errors(bio_err);
- else {
+ goto errexit;
+ } else {
OBJ_create_objects(oid_bio);
BIO_free_all(oid_bio);
}
} else
ERR_clear_error();
- if (!add_oid_section(bio_err, conf))
+ if (!add_oid_section(bio_err, conf)) {
ERR_print_errors(bio_err);
+ goto errexit;
+ }
}
return conf;
+
+errexit:
+ if (conf != NULL) {
+ NCONF_free(conf);
+ }
+ return (NULL);
}
/*