Since the public and private DRBG are per thread we don't need one
per ssl object anymore. It could also try to get entropy from a DRBG
that's really from an other thread because the SSL object moved to an
other thread.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5547)
Since return is inconsistent, I removed unnecessary parentheses and
unified them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)
Give each SSL object it's own DRBG, chained to the parent global
DRBG which is used only as a source of randomness into the per-SSL
DRBG. This is used for all session, ticket, and pre-master secret keys.
It is NOT used for ECDH key generation which use only the global
DRBG. (Doing that without changing the API is tricky, if not impossible.)
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4050)
This uses memset() to clear all of the SRP_CTX when free'ing or
initializing it as well as in error paths instead of having a series
of NULL and zero assignments as it is safer.
It also changes SSL_SRP_CTX_init() to reset all the SRP_CTX to zero
in case or error, previously it could retain pointers to freed
memory, potentially leading to a double free.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3467)
Ownership and lifetime rules of SRP_CTX.info are confusing and different
from those of SRP_CTX.login, making it difficult to use correctly.
This makes the ownership and lifetime be the same as those of SRP_CTX.login,
thet is a copy is made when setting it and is freed when SRP_CTX is freed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3467)
Run util/openssl-format-source on ssl/
Some comments and hand-formatted tables were fixed up
manually by disabling auto-formatting.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
The |passwd| variable in the code can be NULL if it goes to the err label.
Therefore we cannot call strlen on it without first checking that it is non
NULL.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Follow the same convention the other OPENSSL_NO_xxx header files
do, and use #error instead of making the header file be a no-op.
Reviewed-by: Matt Caswell <matt@openssl.org>
This gets BN_.*free:
BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
Reviewed-by: Richard Levitte <levitte@openssl.org>
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Remove unnecessary code for srp and to add some comments to
s_client.
- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable
- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Make SRP conformant to rfc 5054.
Changes are:
- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
