The branch master has been updated via 569d0646096e6c7e07b9b89b04204eef934c3b69 (commit) via 6ef020c988bb508842dfcd517a4b41cae214f641 (commit) via 24854e0117000b81319665154c93e15743bf7de6 (commit) via 690b462126048d4d8ea3376cf13b4833d9f8801d (commit) from 15b083e44e122b8448002a8579e860f0be622e19 (commit)
- Log ----------------------------------------------------------------- commit 569d0646096e6c7e07b9b89b04204eef934c3b69 Author: Matt Caswell <m...@openssl.org> Date: Tue May 17 15:08:43 2016 +0100 Add some error messages for malloc fails Reviewed-by: Richard Levitte <levi...@openssl.org> commit 6ef020c988bb508842dfcd517a4b41cae214f641 Author: Matt Caswell <m...@openssl.org> Date: Wed May 4 11:28:38 2016 +0100 Better checks for malloc failure in various METHOD functions A number of the METHOD functions weren't properly handling malloc failures. Reviewed-by: Richard Levitte <levi...@openssl.org> commit 24854e0117000b81319665154c93e15743bf7de6 Author: Matt Caswell <m...@openssl.org> Date: Wed May 4 11:14:48 2016 +0100 Fix some malloc failures in b_addr.c There were some unchecked calls to OPENSSL_strdup(). Reviewed-by: Richard Levitte <levi...@openssl.org> commit 690b462126048d4d8ea3376cf13b4833d9f8801d Author: Matt Caswell <m...@openssl.org> Date: Wed May 4 10:49:06 2016 +0100 Add some check for malloc failure in the CAPI engine In the CAPI engine there were some unchecked calls to OPENSSL_strdup(). GH Issue #830 Reviewed-by: Richard Levitte <levi...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/bio/b_addr.c | 22 ++++++++++++++++++---- crypto/dh/dh_err.c | 3 +++ crypto/dh/dh_meth.c | 23 +++++++++++++++++++++-- crypto/dsa/dsa_err.c | 3 +++ crypto/dsa/dsa_meth.c | 23 +++++++++++++++++++++-- crypto/rsa/rsa_err.c | 11 +++++++---- crypto/rsa/rsa_meth.c | 23 +++++++++++++++++++++-- crypto/ui/ui_err.c | 1 + crypto/ui/ui_lib.c | 8 +++++++- engines/e_capi.c | 32 ++++++++++++++++++++++++++------ include/openssl/dh.h | 3 +++ include/openssl/dsa.h | 3 +++ include/openssl/rsa.h | 11 +++++++---- include/openssl/ui.h | 1 + 14 files changed, 142 insertions(+), 25 deletions(-) diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index bb6719e..3a9a00c 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -228,21 +228,35 @@ static int addr_strings(const BIO_ADDR *ap, int numeric, ntohs(BIO_ADDR_rawport(ap))); } - if (hostname) + if (hostname != NULL) *hostname = OPENSSL_strdup(host); - if (service) + if (service != NULL) *service = OPENSSL_strdup(serv); } else { #endif - if (hostname) + if (hostname != NULL) *hostname = OPENSSL_strdup(inet_ntoa(ap->s_in.sin_addr)); - if (service) { + if (service != NULL) { char serv[6]; /* port is 16 bits => max 5 decimal digits */ BIO_snprintf(serv, sizeof(serv), "%d", ntohs(ap->s_in.sin_port)); *service = OPENSSL_strdup(serv); } } + if ((hostname != NULL && *hostname == NULL) + || (service != NULL && *service == NULL)) { + if (hostname != NULL) { + OPENSSL_free(*hostname); + *hostname = NULL; + } + if (service != NULL) { + OPENSSL_free(*service); + *service = NULL; + } + BIOerr(BIO_F_ADDR_STRINGS, ERR_R_MALLOC_FAILURE); + return 0; + } + return 1; } diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c index a1bada9..e1e5b49 100644 --- a/crypto/dh/dh_err.c +++ b/crypto/dh/dh_err.c @@ -30,6 +30,9 @@ static ERR_STRING_DATA DH_str_functs[] = { {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "dh_cms_decrypt"}, {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "dh_cms_set_peerkey"}, {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "dh_cms_set_shared_info"}, + {ERR_FUNC(DH_F_DH_METH_DUP), "DH_meth_dup"}, + {ERR_FUNC(DH_F_DH_METH_NEW), "DH_meth_new"}, + {ERR_FUNC(DH_F_DH_METH_SET1_NAME), "DH_meth_set1_name"}, {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, {ERR_FUNC(DH_F_DH_PARAM_DECODE), "dh_param_decode"}, {ERR_FUNC(DH_F_DH_PRIV_DECODE), "dh_priv_decode"}, diff --git a/crypto/dh/dh_meth.c b/crypto/dh/dh_meth.c index 11fd8e3..afd47ab 100644 --- a/crypto/dh/dh_meth.c +++ b/crypto/dh/dh_meth.c @@ -9,6 +9,7 @@ #include "dh_locl.h" #include <string.h> +#include <openssl/err.h> DH_METHOD *DH_meth_new(const char *name, int flags) { @@ -16,6 +17,11 @@ DH_METHOD *DH_meth_new(const char *name, int flags) if (dhm != NULL) { dhm->name = OPENSSL_strdup(name); + if (dhm->name == NULL) { + OPENSSL_free(dhm); + DHerr(DH_F_DH_METH_NEW, ERR_R_MALLOC_FAILURE); + return NULL; + } dhm->flags = flags; } @@ -40,6 +46,11 @@ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm) if (ret != NULL) { memcpy(ret, dhm, sizeof(*dhm)); ret->name = OPENSSL_strdup(dhm->name); + if (ret->name == NULL) { + OPENSSL_free(ret); + DHerr(DH_F_DH_METH_DUP, ERR_R_MALLOC_FAILURE); + return NULL; + } } return ret; @@ -52,10 +63,18 @@ const char *DH_meth_get0_name(const DH_METHOD *dhm) int DH_meth_set1_name(DH_METHOD *dhm, const char *name) { + char *tmpname; + + tmpname = OPENSSL_strdup(name); + if (tmpname == NULL) { + DHerr(DH_F_DH_METH_SET1_NAME, ERR_R_MALLOC_FAILURE); + return 0; + } + OPENSSL_free(dhm->name); - dhm->name = OPENSSL_strdup(name); + dhm->name = tmpname; - return dhm->name != NULL; + return 1; } int DH_meth_get_flags(DH_METHOD *dhm) diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c index 9c5ae98..038a031 100644 --- a/crypto/dsa/dsa_err.c +++ b/crypto/dsa/dsa_err.c @@ -33,6 +33,9 @@ static ERR_STRING_DATA DSA_str_functs[] = { {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"}, {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, + {ERR_FUNC(DSA_F_DSA_METH_DUP), "DSA_meth_dup"}, + {ERR_FUNC(DSA_F_DSA_METH_NEW), "DSA_meth_new"}, + {ERR_FUNC(DSA_F_DSA_METH_SET1_NAME), "DSA_meth_set1_name"}, {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "dsa_param_decode"}, {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, diff --git a/crypto/dsa/dsa_meth.c b/crypto/dsa/dsa_meth.c index 4379d9d..5ce9339 100644 --- a/crypto/dsa/dsa_meth.c +++ b/crypto/dsa/dsa_meth.c @@ -17,6 +17,7 @@ #include "dsa_locl.h" #include <string.h> +#include <openssl/err.h> DSA_METHOD *DSA_meth_new(const char *name, int flags) { @@ -24,6 +25,11 @@ DSA_METHOD *DSA_meth_new(const char *name, int flags) if (dsam != NULL) { dsam->name = OPENSSL_strdup(name); + if (dsam->name == NULL) { + OPENSSL_free(dsam); + DSAerr(DSA_F_DSA_METH_NEW, ERR_R_MALLOC_FAILURE); + return NULL; + } dsam->flags = flags; } @@ -48,6 +54,11 @@ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam) if (ret != NULL) { memcpy(ret, dsam, sizeof(*dsam)); ret->name = OPENSSL_strdup(dsam->name); + if (ret->name == NULL) { + OPENSSL_free(ret); + DSAerr(DSA_F_DSA_METH_DUP, ERR_R_MALLOC_FAILURE); + return NULL; + } } return ret; @@ -60,10 +71,18 @@ const char *DSA_meth_get0_name(const DSA_METHOD *dsam) int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name) { + char *tmpname; + + tmpname = OPENSSL_strdup(name); + if (tmpname == NULL) { + DSAerr(DSA_F_DSA_METH_SET1_NAME, ERR_R_MALLOC_FAILURE); + return 0; + } + OPENSSL_free(dsam->name); - dsam->name = OPENSSL_strdup(name); + dsam->name = tmpname; - return dsam->name != NULL; + return 1; } int DSA_meth_get_flags(DSA_METHOD *dsam) diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index d23aa3d..54aea98 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -41,13 +41,12 @@ static ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY_EX), "RSA_check_key_ex"}, {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "rsa_cms_decrypt"}, - {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"}, - {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"}, - {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"}, - {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"}, {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "rsa_item_verify"}, {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, + {ERR_FUNC(RSA_F_RSA_METH_DUP), "RSA_meth_dup"}, + {ERR_FUNC(RSA_F_RSA_METH_NEW), "RSA_meth_new"}, + {ERR_FUNC(RSA_F_RSA_METH_SET1_NAME), "RSA_meth_set1_name"}, {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "rsa_mgf1_to_md"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, @@ -57,6 +56,10 @@ static ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_null_public_decrypt"}, {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_null_public_encrypt"}, {ERR_FUNC(RSA_F_RSA_OAEP_TO_CTX), "RSA_OAEP_TO_CTX"}, + {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"}, + {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"}, + {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"}, + {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1), diff --git a/crypto/rsa/rsa_meth.c b/crypto/rsa/rsa_meth.c index b0b38cc..bce5ee8 100644 --- a/crypto/rsa/rsa_meth.c +++ b/crypto/rsa/rsa_meth.c @@ -9,6 +9,7 @@ #include <string.h> #include "rsa_locl.h" +#include <openssl/err.h> RSA_METHOD *RSA_meth_new(const char *name, int flags) { @@ -16,6 +17,11 @@ RSA_METHOD *RSA_meth_new(const char *name, int flags) if (meth != NULL) { meth->name = OPENSSL_strdup(name); + if (meth->name == NULL) { + OPENSSL_free(meth); + RSAerr(RSA_F_RSA_METH_NEW, ERR_R_MALLOC_FAILURE); + return NULL; + } meth->flags = flags; } @@ -40,6 +46,11 @@ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth) if (ret != NULL) { memcpy(ret, meth, sizeof(*meth)); ret->name = OPENSSL_strdup(meth->name); + if (ret->name == NULL) { + OPENSSL_free(ret); + RSAerr(RSA_F_RSA_METH_DUP, ERR_R_MALLOC_FAILURE); + return NULL; + } } return ret; @@ -52,10 +63,18 @@ const char *RSA_meth_get0_name(const RSA_METHOD *meth) int RSA_meth_set1_name(RSA_METHOD *meth, const char *name) { + char *tmpname; + + tmpname = OPENSSL_strdup(name); + if (tmpname == NULL) { + RSAerr(RSA_F_RSA_METH_SET1_NAME, ERR_R_MALLOC_FAILURE); + return 0; + } + OPENSSL_free(meth->name); - meth->name = OPENSSL_strdup(name); + meth->name = tmpname; - return meth->name != NULL; + return 1; } int RSA_meth_get_flags(RSA_METHOD *meth) diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c index e97dd06..fbcb886 100644 --- a/crypto/ui/ui_err.c +++ b/crypto/ui/ui_err.c @@ -21,6 +21,7 @@ static ERR_STRING_DATA UI_str_functs[] = { {ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "general_allocate_boolean"}, {ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "general_allocate_prompt"}, {ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"}, + {ERR_FUNC(UI_F_UI_CREATE_METHOD), "UI_create_method"}, {ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"}, {ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"}, {ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"}, diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index a5d8aac..1213892 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -536,8 +536,14 @@ UI_METHOD *UI_create_method(char *name) { UI_METHOD *ui_method = OPENSSL_zalloc(sizeof(*ui_method)); - if (ui_method != NULL) + if (ui_method != NULL) { ui_method->name = OPENSSL_strdup(name); + if (ui_method->name == NULL) { + OPENSSL_free(ui_method); + UIerr(UI_F_UI_CREATE_METHOD, ERR_R_MALLOC_FAILURE); + return NULL; + } + } return ui_method; } diff --git a/engines/e_capi.c b/engines/e_capi.c index f1a4406..f2d5c3e 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -295,6 +295,7 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) int ret = 1; CAPI_CTX *ctx; BIO *out; + LPSTR tmpstr; if (capi_idx == -1) { CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_ENGINE_NOT_INITIALIZED); return 0; @@ -323,9 +324,15 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) break; case CAPI_CMD_STORE_NAME: - OPENSSL_free(ctx->storename); - ctx->storename = OPENSSL_strdup(p); - CAPI_trace(ctx, "Setting store name to %s\n", p); + tmpstr = OPENSSL_strdup(p); + if (tmpstr != NULL) { + OPENSSL_free(ctx->storename); + ctx->storename = tmpstr; + CAPI_trace(ctx, "Setting store name to %s\n", p); + } else { + CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE); + ret = 0; + } break; case CAPI_CMD_STORE_FLAGS: @@ -345,8 +352,14 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) break; case CAPI_CMD_DEBUG_FILE: - ctx->debug_file = OPENSSL_strdup(p); - CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file); + tmpstr = OPENSSL_strdup(p); + if (tmpstr != NULL) { + ctx->debug_file = tmpstr; + CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file); + } else { + CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE); + ret = 0; + } break; case CAPI_CMD_KEYTYPE: @@ -1625,6 +1638,8 @@ static void capi_ctx_free(CAPI_CTX * ctx) static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type, int check) { + LPSTR tmpcspname; + CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type); if (check) { HCRYPTPROV hprov; @@ -1648,8 +1663,13 @@ static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type, } CryptReleaseContext(hprov, 0); } + tmpcspname = OPENSSL_strdup(pname); + if (tmpcspname == NULL) { + CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, ERR_R_MALLOC_FAILURE); + return 0; + } OPENSSL_free(ctx->cspname); - ctx->cspname = OPENSSL_strdup(pname); + ctx->cspname = tmpcspname; ctx->csptype = type; return 1; } diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 0d6870b..852aeaf 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -298,6 +298,9 @@ void ERR_load_DH_strings(void); # define DH_F_DH_CMS_DECRYPT 114 # define DH_F_DH_CMS_SET_PEERKEY 115 # define DH_F_DH_CMS_SET_SHARED_INFO 116 +# define DH_F_DH_METH_DUP 117 +# define DH_F_DH_METH_NEW 118 +# define DH_F_DH_METH_SET1_NAME 119 # define DH_F_DH_NEW_METHOD 105 # define DH_F_DH_PARAM_DECODE 107 # define DH_F_DH_PRIV_DECODE 110 diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index c8751d0..f9034d9 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -242,6 +242,9 @@ void ERR_load_DSA_strings(void); # define DSA_F_DSA_BUILTIN_PARAMGEN2 126 # define DSA_F_DSA_DO_SIGN 112 # define DSA_F_DSA_DO_VERIFY 113 +# define DSA_F_DSA_METH_DUP 127 +# define DSA_F_DSA_METH_NEW 128 +# define DSA_F_DSA_METH_SET1_NAME 129 # define DSA_F_DSA_NEW_METHOD 103 # define DSA_F_DSA_PARAM_DECODE 119 # define DSA_F_DSA_PRINT_FP 105 diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index 7ed0d24..1f14fd7 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -484,13 +484,12 @@ void ERR_load_RSA_strings(void); # define RSA_F_RSA_CHECK_KEY 123 # define RSA_F_RSA_CHECK_KEY_EX 160 # define RSA_F_RSA_CMS_DECRYPT 159 -# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 101 -# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 102 -# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 103 -# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 104 # define RSA_F_RSA_GENERATE_KEY 105 # define RSA_F_RSA_ITEM_VERIFY 148 # define RSA_F_RSA_MEMORY_LOCK 130 +# define RSA_F_RSA_METH_DUP 161 +# define RSA_F_RSA_METH_NEW 162 +# define RSA_F_RSA_METH_SET1_NAME 163 # define RSA_F_RSA_MGF1_TO_MD 157 # define RSA_F_RSA_NEW_METHOD 106 # define RSA_F_RSA_NULL 124 @@ -500,6 +499,10 @@ void ERR_load_RSA_strings(void); # define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 # define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 # define RSA_F_RSA_OAEP_TO_CTX 158 +# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 101 +# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 102 +# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 103 +# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 104 # define RSA_F_RSA_PADDING_ADD_NONE 107 # define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 # define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 154 diff --git a/include/openssl/ui.h b/include/openssl/ui.h index 482c3fb..c6c20b5 100644 --- a/include/openssl/ui.h +++ b/include/openssl/ui.h @@ -341,6 +341,7 @@ void ERR_load_UI_strings(void); # define UI_F_GENERAL_ALLOCATE_BOOLEAN 108 # define UI_F_GENERAL_ALLOCATE_PROMPT 109 # define UI_F_GENERAL_ALLOCATE_STRING 100 +# define UI_F_UI_CREATE_METHOD 112 # define UI_F_UI_CTRL 111 # define UI_F_UI_DUP_ERROR_STRING 101 # define UI_F_UI_DUP_INFO_STRING 102 _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits