Commit graph

119 commits

Author SHA1 Message Date
Dmitry-Me
eb507efba8 Comment "secure memcmp" implementation
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-02-01 08:32:58 -05:00
Rich Salz
769adcfe8b GH102: Extra volatile avoids GCC bug
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-01-30 20:19:19 -05:00
Rich Salz
98ab57644f GH102: Add volatile to CRYPTO_memcmp
Can't hurt and seems to prevent problems from some over-aggressive
(LTO?) compilers.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-30 14:37:43 -05:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
David Woodhouse
984d6c6052 Fix no-stdio build
Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

   +Replace FILE BIO's with dummy ops that fail.
   +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
    is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
    variable, since it can be larger than a 'long'. And we don't rely on the
    availability of strtoull().
   +Remove OPENSSL_stderr(); not used.
   +Make OPENSSL_showfatal() do nothing (currently without stdio there's
    nothing we can do).
   +Remove file-based functionality from ssl/. The function
    prototypes were already gone, but not the functions themselves.
   +Remove unviable conf functionality via SYS_UEFI
   +Add fallback definition of BUFSIZ.
   +Remove functions taking FILE * from header files.
   +Add missing DECLARE_PEM_write_fp_const
   +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
    so remove its prototype.
   +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
   +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
    build the verifier manually instead.
   +Eliminate compiler warning for unused do_pk8pkey_fp().
   +Disable TEST_ENG_OPENSSL_PKEY.
   +Disable GOST engine as is uses [f]printf all over the place.
   +Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-29 21:59:19 -04:00
Andy Polyakov
156561b0ad Fix pedantic warnings in mingw builds.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:05:40 +02:00
Gunnar Kudrjavets
4cd94416a4 RT3823: Improve the robustness of event logging
There are a couple of minor fixes here:

1) Handle the case when RegisterEventSource() fails (which it may for
various reasons) and do the work of logging the event only if it succeeds.

2) Handle the case when ReportEvent() fails and do our best in debug builds
to at least attempt somehow indicate that something has gone wrong. The
typical situation would be someone running tools like DbMon, DBWin32,
DebugView or just having the debugger attached. The intent is to make sure
that at least some data will be captured so that we can save hours and days
of debugging time.

3) Minor fix to change the MessageBox() flag to MB_ICONERROR. Though the
value of MB_ICONERROR is the same value as MB_ICONSTOP, the intent is
better conveyed by using MB_ICONERROR.

Testing performed:

1) Clean compilation for debug-VC-WIN32 and VC-WIN32.

2) Good test results (nmake -f ms\ntdll.mak test) for debug-VC-WIN32 and
VC-WIN32.

3) Stepped through relevant changes using WinDBG and exercised the impacted
code paths.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-09-21 14:29:41 -04:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Dr. Stephen Henson
1c7b2c0ed5 use unit64_t for CPUID and timestamp code
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-05-14 02:06:17 +01:00
Dr. Stephen Henson
bdcb1a2cf5 more OSSL_NELEM cases
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-04 13:03:49 +01:00
Gilles Khouzam
bed2edf1cb RT3820: Don't call GetDesktopWindow()
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-02 08:01:07 -04:00
Rich Salz
63c574f6a6 OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS
Remove OPENSSL_NO_BUF_FREELISTS. This was turned on by default,
so the work here is removing the 'maintain our own freelist' code.
Also removed a minor old Windows-multibyte/widechar conversion flag.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-01-27 16:43:53 -05:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Andy Polyakov
90b9c78b30 crypto/cryptlib.c: make it indent-friendly.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:07 +00:00
Rich Salz
6d23cf9744 RT3548: Remove unsupported platforms
This last one for this ticket.  Removes WIN16.
So long, MS_CALLBACK and MS_FAR.  We won't miss you.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-12 17:30:54 -05:00
Dr. Stephen Henson
c603c723ce Remove OPENSSL_FIPSCANISTER code.
OPENSSL_FIPSCANISTER is only set if the fips module is being built
(as opposed to being used). Since the fips module wont be built in
master this is redundant.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:25:16 +00:00
Dr. Stephen Henson
a4cc3c8041 Avoid Windows 8 Getversion deprecated errors.
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
2014-02-25 13:40:33 +00:00
Andy Polyakov
99cda4376e cryptlib.c: fix typo in OPENSSL_showfatal. 2013-04-04 15:57:43 +02:00
Ben Laurie
7c770d572a Add and use a constant-time memcmp.
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)
2013-02-06 14:16:55 +00:00
Andy Polyakov
a006fef78e Improve WINCE support.
Submitted by: Pierre Delaage
2013-01-19 21:23:13 +01:00
Andy Polyakov
f91926a240 cryptlib.c: fix logical error. 2012-12-01 18:24:20 +00:00
Andy Polyakov
cccf27c89a cryptlib.c: revert typo. 2012-11-17 21:42:57 +00:00
Andy Polyakov
c5cd28bd64 Extend OPENSSL_ia32cap_P with extra word to accomodate AVX2 capability. 2012-11-17 19:04:15 +00:00
Ben Laurie
71fa451343 Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
Andy Polyakov
a985410d2d cryptlib.c: sscanf warning. 2012-01-15 17:13:57 +00:00
Andy Polyakov
5d13669a2c cryptlib.c: make even non-Windows builds "strtoull-agnostic". 2012-01-14 18:46:15 +00:00
Andy Polyakov
ff6f9f96fd cryptlib.c, etc.: fix linker warnings in 64-bit Darwin build. 2011-11-12 13:10:00 +00:00
Andy Polyakov
181fbb77f3 cryptlib.c: remove stdio dependency in Windows fipscanister.lib. 2011-10-23 19:41:00 +00:00
Andy Polyakov
2667162d33 cryptlib.c: OPENSSL_ia32cap environment variable to interpret ~ as cpuid mask. 2011-07-23 12:10:26 +00:00
Dr. Stephen Henson
9a4be82388 PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
2011-06-22 15:38:21 +00:00
Dr. Stephen Henson
06b433acad Add FIPS support to the WIN32 build system. 2011-02-03 23:12:04 +00:00
Dr. Stephen Henson
ad6019d6c0 Move locking and thread ID functions into new files lock.c and thr_id.c,
redirect locking to minimal FIPS_lock() function where required.
2011-01-27 14:27:24 +00:00
Dr. Stephen Henson
e322fa2872 PR: 2376
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve

Cleanup alloca use, fix Win32 target for OpenWatcom.
2010-11-19 00:12:01 +00:00
Andy Polyakov
471d0eb397 cryptlib.c: allow application to override OPENSSL_isservice.
PR: 2194
2010-03-29 10:06:01 +00:00
Dr. Stephen Henson
a25f33d28a Submitted by: Julia Lawall <julia@diku.dk>
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:29:29 +00:00
Dr. Stephen Henson
c869da8839 Update from 1.0.0-stable 2009-07-27 21:10:00 +00:00
Andy Polyakov
6022fe81a2 cryptlib.c: refine logic in OpenSSLDie (addenum to commit#18118). 2009-05-04 06:23:05 +00:00
Andy Polyakov
3b58c74c98 Avoid double dialogs in OpenSSLDie on Windows. 2009-05-03 14:16:40 +00:00
Andy Polyakov
f00fdcd14d cryptlib.c: eliminate dependency on _strtoui64, older Windows CRT don't have it. 2009-05-02 12:51:37 +00:00
Richard Levitte
d1417be75c Make the NULL definition of OPENSSL_ia32cap_loc() compatible with the
declaration in crypto.h.
2009-04-29 13:40:28 +00:00
Andy Polyakov
e303f55fc7 Expand OPENSS_ia32cap to 64 bits. 2009-04-26 17:49:41 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
0f7efbc859 Ooops... remove code accidentally commited from FIPS version. 2008-10-14 15:44:14 +00:00
Dr. Stephen Henson
30661b1b01 Add missing lock definitions. 2008-10-14 15:22:11 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs,
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
version some time soon.
2008-07-03 19:59:25 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Bodo Möller
4bd4afa34e Change use of CRYPTO_THREADID so that we always use both the ulong and
ptr members.

(So if the id_callback is bogus, we still have &errno.)
2008-05-19 20:45:25 +00:00
Geoff Thorpe
f7ccba3edf There was a need to support thread ID types that couldn't be reliably cast
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used.  This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
2008-03-28 02:49:43 +00:00
Dr. Stephen Henson
56c7754cab Avoid warnings. 2008-02-28 14:05:01 +00:00