Commit graph

1271 commits

Author SHA1 Message Date
Geoff Thorpe
0b50ac1a0f bn: fix BN_DEBUG + BN_DEBUG_RAND support
Couple of updates to make this code work properly again;
* use OPENSSL_assert() instead of assert() (and #include <assert.h>)
* the circular-dependency-avoidance uses RAND_bytes() (not pseudo)

Change-Id: Iefb5a9dd73f71fd81c1268495c54a64378955354
Signed-off-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1672)
2017-02-01 02:06:38 +01:00
Andy Polyakov
3f4bcf5bb6 bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal.
CVE-2017-3732

Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-01-26 10:54:01 +00:00
Kurt Roeckx
eeab356c29 Don't call memcpy with NULL as source
Calling it with lenght 0 and NULL as source is undefined behaviour.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2089
2016-12-15 21:45:25 +01:00
Andy Polyakov
90fc4832a3 bn/asm/ppc-mont.pl: signal no-op in 32-bit bit build.
The bug was introduced in 80d27cdb84,
one too many instructions was removed. It went unnoticed, because
new subroutine introduced in previous commit is called in real-life
RSA/DSA/DH cases, while original code is called only in rare tests.
The bug was caught in test_fuzz.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-25 17:18:24 +01:00
Rich Salz
78e09b53a4 Check return value of some BN functions.
Factorise multiple bn_get_top(group->field) calls
Add missing checks on some conditional BN_copy return value
Add missing checks on some BN_copy return value
Add missing checks on a few bn_wexpand return value

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1626)
2016-11-15 18:54:28 -05:00
Richard Levitte
10b0b5ecd9 Revert "Move algorithm specific ppccap code from crypto/ppccap.c"
Now that we can link specifically with static libraries, the immediate
need to split ppccap.c (and eventually other *cap.c files) is no more.

This reverts commit e3fb4d3d52.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-10 16:24:02 +01:00
Andy Polyakov
2fac86d9ab bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-10 10:33:21 +00:00
Richard Levitte
e3fb4d3d52 Move algorithm specific ppccap code from crypto/ppccap.c
Having that code in one central object file turned out to cause
trouble when building test/modes_internal_test.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1883)
2016-11-09 02:40:36 +01:00
FdaSilvaYY
318447bceb Missing BN_RECP_CTX field init.
BN_RECP_CTX_new direclty use bn_init to avoid twice memset calls

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1879)
2016-11-08 17:44:32 -05:00
Rich Salz
e5e71f2857 Zero stack variable with DSA nonce
Thanks to Falko Strenzke for bringing this to our attention.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1882)
2016-11-08 17:20:13 -05:00
Andy Polyakov
80d27cdb84 ppccap.c: engage new multipplication and squaring subroutines.
[And remove FPU mutiplication subroutine.]

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-10-24 20:00:40 +02:00
Andy Polyakov
68f6d2a02c bn/asm/ppc-mont.pl: add optimized multiplication and squaring subroutines.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-10-24 20:00:33 +02:00
Andy Polyakov
0310becc82 bn/asm/ppc-mont.pl: prepare for extension.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-10-24 20:00:08 +02:00
David Benjamin
0e831db0a6 Fix up bn_prime.pl formatting.
Align at 5 characters, not 4. There are 5-digit numbers in the output.
Also avoid emitting an extra blank line and trailing whitespace.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-10-10 23:36:22 +01:00
David Benjamin
609b0852e4 Remove trailing whitespace from some files.
The prevailing style seems to not have trailing whitespace, but a few
lines do. This is mostly in the perlasm files, but a few C files got
them after the reformat. This is the result of:

  find . -name '*.pl' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//'
  find . -name '*.c' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//'
  find . -name '*.h' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//'

Then bn_prime.h was excluded since this is a generated file.

Note mkerr.pl has some changes in a heredoc for some help output, but
other lines there lack trailing whitespace too.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-10-10 23:36:21 +01:00
Andy Polyakov
cc2cb7bf63 bn/bn_lcl.h: improve interoperability with clang and Android NDK.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-13 13:34:12 +02:00
Rich Salz
01c09f9fde Misc BN fixes
Never output -0; make "negative zero" an impossibility.
Do better checking on BN_rand top/bottom requirements and #bits.
Update doc.
Ignoring trailing garbage in BN_asc2bn.

Port this commit from boringSSL: https://boringssl.googlesource.com/boringssl/+/899b9b19a4cd3fe526aaf5047ab9234cdca19f7d%5E!/
        Ensure |BN_div| never gives negative zero in the no_branch code.

        Have |bn_correct_top| fix |bn->neg| if the input is zero so that we
        don't have negative zeros lying around.

        Thanks to Brian Smith for noticing.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-09-06 10:42:01 -04:00
Andy Polyakov
947716c187 MIPS assembly pack: adapt it for MIPS[32|64]R6.
MIPS[32|64]R6 is binary and source incompatible with previous MIPS ISA
specifications. Fortunately it's still possible to resolve differences
in source code with standard pre-processor and switching to trap-free
version of addition and subtraction instructions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-09-02 13:33:17 +02:00
Andy Polyakov
68b4a6e91f crypto/bn/*: x86[_64] division instruction doesn't handle constants, change constraint from 'g' to 'r'.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-31 16:45:00 +02:00
Andy Polyakov
fca8f5ded8 bn/asm/ppc.pl: harmonize .size directive in bn_mul_words.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-29 23:12:05 +02:00
Matt Caswell
fe81a1b051 Remove useless assignment
The variable assignment c1 is never read before it is overwritten.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-24 11:25:23 +01:00
David Benjamin
2338ad8885 Fix math in BN_bn2dec comment.
The bound on log(2)/3 on the second line is incorrect and has an extra
zero compared to the divisions in the third line. log(2)/3 = 0.10034...
which is bounded by 0.101 and not 0.1001. The divisions actually
correspond to 0.101 which is fine. The third line also dropped a factor
of three.

The actual code appears to be fine. Just the comments are wrong.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-23 20:37:58 +01:00
Matt Caswell
4d94bd362d Check for malloc error in bn_x931p.c
Ensure BN_CTX_get() has been successful

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-23 00:19:15 +01:00
Andy Polyakov
3ba1ef829c bn/asm/x86[_64]-mont*.pl: implement slightly alternative page-walking.
Original strategy for page-walking was adjust stack pointer and then
touch pages in order. This kind of asks for double-fault, because
if touch fails, then signal will be delivered to frame above adjusted
stack pointer. But touching pages prior adjusting stack pointer would
upset valgrind. As compromise let's adjust stack pointer in pages,
touching top of the stack. This still asks for double-fault, but at
least prevents corruption of neighbour stack if allocation is to
overstep the guard page.

Also omit predict-non-taken hints as they reportedly trigger illegal
instructions in some VM setups.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-22 14:58:32 +02:00
Kazuki Yamaguchi
099e2968ed Fix overflow check in BN_bn2dec()
Fix an off by one error in the overflow check added by 07bed46f33
("Check for errors in BN_bn2dec()").

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-22 13:38:48 +01:00
Dr. Stephen Henson
07bed46f33 Check for errors in BN_bn2dec()
If an oversize BIGNUM is presented to BN_bn2dec() it can cause
BN_div_word() to fail and not reduce the value of 't' resulting
in OOB writes to the bn_data buffer and eventually crashing.

Fix by checking return value of BN_div_word() and checking writes
don't overflow buffer.

Thanks to Shi Lei for reporting this bug.

CVE-2016-2182

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-16 00:19:19 +01:00
Jakub Zelenka
0818dbadf3 Never return -1 from BN_exp
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1455)
2016-08-14 20:52:13 +01:00
Rich Salz
2301d91dd5 Change callers to use the new constants.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1429)
2016-08-10 10:07:37 -04:00
klemens
6025001707 spelling fixes, just comments and readme.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)
2016-08-05 19:07:30 -04:00
FdaSilvaYY
700b814549 Fix some style issues...
extra spacing and 80 cols

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1366)
2016-08-02 09:59:23 +02:00
Kurt Roeckx
69588edbaa Check for errors allocating the error strings.
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
2016-07-20 19:20:53 +02:00
FdaSilvaYY
e8aa8b6c8f Fix a few if(, for(, while( inside code.
Fix some indentation at the same time

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
2016-07-20 07:21:53 -04:00
Rich Salz
aebb9aac48 RT4593: Add space after comma (doc nits)
Update find-doc-nits to find errors in SYNOPSIS (the most common
place where they were missing).

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-19 09:29:53 -04:00
Richard Levitte
0483f58652 Simplify INCLUDE statements in build.info files
Now that INCLUDE considers both the source and build trees, no need
for the rel2abs perl fragment hacks any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 18:36:08 +02:00
Matt Caswell
3ce2fdabe6 Convert memset calls to OPENSSL_cleanse
Ensure things really do get cleared when we intend them to.

Addresses an OCAP Audit issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-30 15:51:57 +01:00
FdaSilvaYY
02e112a885 Whitespace cleanup in crypto
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-29 09:56:39 -04:00
David Benjamin
d70a562714 Handle BN_mod_word failures.
As of 37258dadaa and the corresponding upstream
change, BN_mod_word may fail, like BN_div_word. Handle this properly. Thanks to
Brian Smith for pointing this out. See BoringSSL's
44bedc348d9491e63c7ed1438db100a4b8a830be.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1251
2016-06-25 11:01:34 +02:00
David Benjamin
748e85308e Fix BN_is_prime* calls.
This function returns a tri-state -1 on error. See BoringSSL's
53409ee3d7595ed37da472bc73b010cd2c8a5ffd.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1251
2016-06-25 11:01:30 +02:00
FdaSilvaYY
823146d65f Useless header include of openssl/rand.h
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
Matt Caswell
d356dc5619 Add some missing return value checks
Some misc return value checks

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:38:39 +01:00
Andy Polyakov
7d6284057b bn/bn_add.c: favour counted loops over ifs and breaks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 12:35:39 +02:00
Kurt Roeckx
f3cf2251de Avoid creating illegal pointers
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1179
2016-06-11 16:43:53 +02:00
Rich Salz
53934822ac Clean up "generic" intro pod files.
Files like dh.pod, etc., mostly duplicated the API-specific pod files.
Removed the duplicated content; that often mean the whole file could
be removed.  Some of the content about internals got moved into README
files in the source tree.  Some content (e.g., err.pod) got moved
into other pod pages.

Annotate generic pages, remove dup NAME

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-09 16:39:19 -04:00
Matt Caswell
37258dadaa Fix BN_mod_word bug
On systems where we do not have BN_ULLONG (e.g. typically 64 bit systems)
then BN_mod_word() can return incorrect results if the supplied modulus is
too big.

RT#4501

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-07 21:55:31 +01:00
Matt Caswell
02d6070430 Fix test failures when using enable-ubsan
Numerous test failures were occuring when Configured with enable-ubsan
although they could all be traced back to one issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-02 15:36:22 +01:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:27:25 -04:00
Andy Polyakov
cfe1d9929e x86_64 assembly pack: tolerate spaces in source directory name.
[as it is now quoting $output is not required, but done just in case]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-29 14:12:51 +02:00
Andy Polyakov
bb83c8796b bn/bn_exp.c: explain 'volatile' in MOD_EXP_CTIME_COPY_FROM_PREBUF.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-27 22:58:49 +02:00
huangqinjin
58c03e3b92 fix BN_hex2bn()/BN_dec2bn() memory leak
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-27 10:04:26 +01:00
Richard Levitte
7030e35d07 build.info files: add quotes around any spec that may contain spaces
RT#4492

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-25 11:50:44 +02:00
Todd Short
e0a675e211 Clean up RAND_bytes() calls
When RAND_pseudo_bytes() was replaced with RAND_bytes(), this case
was not reduced to a simple RAND_bytes() call.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1117)
2016-05-24 08:55:12 -04:00
Rich Salz
0cd0a820ab Remove unused error/function codes.
Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 15:04:23 -04:00
Richard Levitte
f3fcd4d5e7 VMS: remove last VAX vestiges
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-23 19:36:55 +02:00
Kurt Roeckx
1544583bbc Avoid creating an illegal pointer
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1106
2016-05-22 12:05:15 +02:00
Kurt Roeckx
acc600928d Avoid creating an illegal pointer
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1106
2016-05-22 12:05:13 +02:00
Rich Salz
6aa36e8e5a Add OpenSSL copyright to .pl files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-21 08:23:39 -04:00
Rich Salz
b6cff313cb Manual fixes after copyright consolidation
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 17:38:18 -04:00
Rich Salz
4f22f40507 Copyright consolidation 06/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:51:04 -04:00
Rich Salz
49445f21da Use OPENSSL_hexchar2int
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-16 15:21:10 -04:00
Viktor Dukhovni
5c4328f04f Fold threads.h into crypto.h making API public
Document thread-safe lock creation

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-16 12:16:26 -04:00
Andy Polyakov
c6cb8e3ca4 Alpha assembly pack: make it work on Linux.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-04 08:51:08 +02:00
Dmitry-Me
399de49699 Improve comment
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-03 12:30:09 +02:00
Matt Caswell
b8f1c116a3 Don't free the BIGNUM passed to BN_mpi2bn
Commit 91fb42dd fixed a leak but introduced a problem where a parameter
is erroneously freed instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-29 09:05:23 +01:00
Matt Caswell
d71eb667c4 Don't leak memory on error in BN_generate_prime_ex
In BN_generate_prime_ex() we do some sanity checks first and return
with an error if they fail. We should do that *before* allocating any
resources to avoid a memory leak.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-28 13:13:09 +01:00
Matt Caswell
91fb42ddbe Free a BIGNUM on error in BN_mpi2bn
In the BN_mpi2bn() function, a failure of a call to BN_bin2bn() could
result in the leak of a previously allocated BIGNUM value.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-28 13:13:09 +01:00
Rich Salz
3fb2cf1ad1 Update copyright; generated files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20 10:33:15 -04:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Rich Salz
e0a651945c Copyright consolidation: perl files
Add copyright to most .pl files
This does NOT cover any .pl file that has other copyright in it.
Most of those are Andy's but some are public domain.
Fix typo's in some existing files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20 09:45:40 -04:00
Rich Salz
9021a5dfb3 Rename some lowercase API's
Make OBJ_name_cmp internal
Rename idea_xxx to IDEA_xxx
Rename get_rfc_xxx to BN_get_rfc_xxx
Rename v3_addr and v3_asid functions to X509v3_...

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-18 08:22:00 -04:00
Andy Polyakov
20b88bb160 PPC assembly pack: remove branch hints.
As it turns out branch hints grew as kind of a misconception. In
addition their interpretation by GNU assembler is affected by
assembler flags and can end up with opposite meaning on different
processors. As we have to loose quite a lot on misinterprerations,
especially on newer processors, we just omit them altogether.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-07 21:27:24 +02:00
Andy Polyakov
463a7b8cb0 Clean-up *_DEBUG options.
Since NDEBUG is defined unconditionally on command line for release
builds, we can omit *_DEBUG options in favour of effective "all-on"
in debug builds exercised though CI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 21:18:00 +02:00
Richard Levitte
007c80eae4 Remove the remainder of util/mk1mf.pl and companion scripts
This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-21 11:02:00 +01:00
Rich Salz
23d38992fc Remove ultrix/mips support.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-17 15:29:15 -04:00
Emilia Kasper
0a86f66821 On Windows, page walking is known as __chkstk.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-15 23:56:23 +01:00
Emilia Kasper
1bf80d9302 Explain *cough*-dows
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-15 23:56:17 +01:00
Andy Polyakov
6bfb7db35a build.info/Makefile.in: Itanium fixups.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-14 13:50:43 +01:00
Richard Levitte
f425f9dcff Add $(LIB_CFLAGS) for any build.info generator that uses $(CFLAGS)
The reason to do so is that some of the generators detect PIC flags
like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-13 00:02:55 +01:00
Andy Polyakov
12940f08f4 crypto/*/build.info: SPARC-specific fixups.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-11 15:29:55 +01:00
Richard Levitte
a5aa63a456 Fix some assembler generating scripts for better unification
Some of these scripts would recognise an output parameter if it looks
like a file path.  That works both in both the classic and new build
schemes.  Some fo these scripts would only recognise it if it's a
basename (i.e. no directory component).  Those need to be corrected,
as the output parameter in the new build scheme is more likely to
contain a directory component than not.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-11 00:54:31 +01:00
Richard Levitte
f0667b1430 Add include directory options for assembler files that include from crypto/
Closes RT#4406

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 20:30:47 +01:00
Richard Levitte
5b14d5b5a0 Make sure the effect of "pic" / "no-pic" is used with assembler compilations
Before the 'Introduce the "pic" / "no-pic" config option' commit, the
shared_cflag value for the chosen config would be part of the make
variable CFLAG, which got replicated into CFLAGS and ASFLAGS.

Since said commit, the shared_cflag value has become a make variable
of its own, SHARED_CFLAG (which is left empty in a "no-pic" build).

However, ASFLAGS was forgotten.  That's what's corrected with this
change.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-09 12:33:23 +01:00
Alessandro Ghedini
0b1a07c8a7 Convert RSA blinding to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 23:52:48 +00:00
Andy Polyakov
eb77e8886d SPARCv9 assembly pack: unify build rules and argument handling.
Make all scripts produce .S, make interpretation of $(CFLAGS)
pre-processor's responsibility, start accepting $(PERLASM_SCHEME).
[$(PERLASM_SCHEME) is redundant in this case, because there are
no deviataions between Solaris and Linux assemblers. This is
purely to unify .pl->.S handling across all targets.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-08 15:51:06 +01:00
Alessandro Ghedini
d188a53617 Convert CRYPTO_LOCK_{DH,DSA,RSA} to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 09:07:32 -05:00
Richard Levitte
6bd7a4d96c Unified - adapt the generation of bignum assembler to use GENERATE
This gets rid of the BEGINRAW..ENDRAW sections in crypto/bn/build.info.

This also moves the assembler generating perl scripts to take the
output file name as last command line argument, where necessary.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 18:25:56 +01:00
Andy Polyakov
adc4f1fc25 bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.
Some OSes, *cough*-dows, insist on stack being "wired" to
physical memory in strictly sequential manner, i.e. if stack
allocation spans two pages, then reference to farmost one can
be punishable by SEGV. But page walking can do good even on
other OSes, because it guarantees that villain thread hits
the guard page before it can make damage to innocent one...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 14:58:14 +01:00
David Benjamin
bdbd3aea59 Consistently use arm_arch.h constants in armcap assembly code.
Most of the assembly uses constants from arm_arch.h, but a few references to
ARMV7_NEON don't. Consistently use the macros everywhere.

Signed-off-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-02 12:57:28 +01:00
Andy Polyakov
317be63875 bn/asm/x86_64-mont5.pl: unify gather procedure in hardly used path
and reorganize/harmonize post-conditions.

Additional hardening following on from CVE-2016-0702

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 13:34:22 +00:00
Andy Polyakov
8fc8f486f7 crypto/bn/x86_64-mont5.pl: constant-time gather procedure.
At the same time remove miniscule bias in final subtraction.
Performance penalty varies from platform to platform, and even with
key length. For rsa2048 sign it was observed to be 4% for Sandy
Bridge and 7% on Broadwell.

CVE-2016-0702

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 13:34:22 +00:00
Andy Polyakov
d6d422e1ec bn/asm/rsaz-avx2.pl: constant-time gather procedure.
Performance penalty is 2%.

CVE-2016-0702

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 13:34:22 +00:00
Andy Polyakov
5ea08bd2fe bn/asm/rsax-x86_64.pl: constant-time gather procedure.
Performance penalty is 2% on Linux and 5% on Windows.

CVE-2016-0702

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 13:34:22 +00:00
Andy Polyakov
d6482a82bc bn/bn_exp.c: constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF.
Performance penalty varies from platform to platform, and even
key length. For rsa2048 sign it was observed to reach almost 10%.

CVE-2016-0702

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 13:34:22 +00:00
Matt Caswell
99ba9fd02f Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption
In the BN_hex2bn function the number of hex digits is calculated using
an int value |i|. Later |bn_expand| is called with a value of |i * 4|.
For large values of |i| this can result in |bn_expand| not allocating any
memory because |i * 4| is negative. This leaves ret->d as NULL leading
to a subsequent NULL ptr deref. For very large values of |i|, the
calculation |i * 4| could be a positive value smaller than |i|. In this
case memory is allocated to ret->d, but it is insufficiently sized
leading to heap corruption. A similar issue exists in BN_dec2bn.

This could have security consequences if BN_hex2bn/BN_dec2bn is ever
called by user applications with very large untrusted hex/dec data. This is
anticipated to be a rare occurrence.

All OpenSSL internal usage of this function uses data that is not expected
to be untrusted, e.g. config file data or application command line
arguments. If user developed applications generate config file data based
on untrusted data then it is possible that this could also lead to security
consequences. This is also anticipated to be a rare.

Issue reported by Guido Vranken.

CVE-2016-0797

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-29 16:32:18 +00:00
David Woodhouse
78c830785c RT4339: Fix handling of <internal/bn_conf.h>
The entire contents of <internal/bn_conf.h> are unwanted in the UEFI
build because we have to do it differently there. To support building
for both 32-bit and 64-bit platforms without re-running the OpenSSL
Configure script, the EDK2 environment defines THIRTY_TWO_BIT or
SIXTY_FOUR_BIT for itself according to the target platform.

The current setup is broken, though. It checks for OPENSSL_SYS_UEFI but
before it's actually defined, since opensslconf.h hasn't yet been
included.

Let's fix that by including opensslconf.h. And also let's move the
bn_conf.h doesn't even need to *exist* in the UEFI build environment.

This is also GH PR736.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-02-23 13:18:23 -05:00
FdaSilvaYY
a2d0baa2d9 GH678: Add a few more zalloc
Remove some duplicated NULL/zero init.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-02-22 12:13:37 -05:00
Richard Levitte
45502bfe19 Always build library object files with shared library cflags
This takes us away from the idea that we know exactly how our static
libraries are going to get used.  Instead, we make them available to
build shareable things with, be it other shared libraries or DSOs.

On the other hand, we also have greater control of when the shared
library cflags.  They will never be used with object files meant got
binaries, such as apps/openssl or test/test*.

With unified, we take this a bit further and prepare for having to
deal with extra cflags specifically to be used with DSOs (dynamic
engines), libraries and binaries (applications).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-20 16:51:31 +01:00
Richard Levitte
ce192ebed0 Remove all special make depend flags, as well as OPENSSL_DOING_MAKEDEPEND
All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it be consistent, no matter what
the local configuration was.  Now that the dependencies are gone from
the versioned Makefile.ins, it makes much more sense to use the exact
same flags as when compiling the object files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-18 23:43:09 +01:00
Rich Salz
d63a5e5e7d Remove outdated DEBUG flags.
Add -DBIO_DEBUG to --strict-warnings.
Remove comments about outdated debugging ifdef guards.
Remove md_rand ifdef guarding an assert; it doesn't seem used.
Remove the conf guards in conf_api since we use OPENSSL_assert, not assert.
For pkcs12 stuff put OPENSSL_ in front of the macro name.
Merge TLS_DEBUG into SSL_DEBUG.
Various things just turned on/off asserts, mainly for checking non-NULL
arguments, which is now removed: camellia, bn_ctx, crypto/modes.
Remove some old debug code, that basically just printed things to stderr:
  DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG,
  RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG.
Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-18 17:14:50 -05:00
Richard Levitte
4418e0302f In the unified scheme, there is no $(TOP), use $(SRCDIR) instead
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-18 00:38:26 +01:00
Richard Levitte
de72be2e57 Pass $(CC) to perlasm scripts via the environment
It seems that on some platforms, the perlasm scripts call the C
compiler for certain checks.  These scripts need the environment
variable CC to have the C compiler command.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-13 19:21:36 +01:00
Rich Salz
3577398360 Missing header include.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-11 08:47:57 -05:00
Richard Levitte
5caef3b502 Add inclusion directory crypto/include for BN compilations
Some files in crypto/bn depend on internal/bn_conf.h, and so does
test/bntest.  Therefore, we add another inclusion directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-11 14:39:57 +01:00
Richard Levitte
567a9e6fe0 unified build scheme: add a "unified" template for Unix Makefile
This also adds all the raw sections needed for some files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 14:36:04 +01:00
Rich Salz
effaf4dee9 Use NON_EMPTY_TRANSLATION_UNIT, consistently.
This also closes RT 4123

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 20:13:29 -05:00
Andy Polyakov
6bc1dfd651 bn/Makefile.in: remove obsolete rules.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-08 15:54:36 +01:00
FdaSilvaYY
0d4fb84390 GH601: Various spelling fixes.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-05 15:25:50 -05:00
Dr. Stephen Henson
85a4807f94 New BN functions.
Add new function BN_bn2binpad() which checks the length of the output
buffer and pads the result with zeroes if necessary.

New functions BN_bn2lebinpad() and BN_lebin2bn() which use little endian
format.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-02 17:17:38 +00:00
Richard Levitte
777a288270 unified build scheme: add build.info files
Now that we have the foundation for the "unified" build scheme in
place, we add build.info files.  They have been generated from the
Makefiles in the same directories.  Things that are platform specific
will appear in later commits.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-01 12:46:58 +01:00
Richard Levitte
9fe2bb77c4 unified build scheme: a first introduction
The "unified" build scheme revolves around small information files,
build.info, which each describe their own bit of everything that needs
to be built, using a mini-language described in Configurations/README.

The information in build.info file contain references to source files
and final result.  Object files are not mentioned at all, they are
simply from source files.  Because of this, all the *_obj items in
Configurations/*.conf are renamed to *_asm_src and the files listed
in the values are change from object files to their corresponding
source files.  For the sake of the other build schemes, Configure
generates corresponding *_obj entries in %target.

Furthermore, the "unified" build scheme supports having a build
directory tree separate from the source directry tree.

All paths in a build.info file is assumed to be relative to its
location, either within the source tree or within the build tree.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-01 12:46:58 +01:00
Rich Salz
94af0cd7f3 Move more BN internals to bn_lcl.h
There was an unused macro in ssl_locl.h that used an internal
type, so I removed it.
Move bio_st from bio.h to ossl_type.h

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-01-30 16:54:35 -05:00
Rich Salz
ced2c2c598 Templatize util/domd
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-29 16:56:07 -05:00
Emilia Kasper
d8ca44ba41 Always DPURIFY
The use of the uninitialized buffer in the RNG has no real security
benefits and is only a nuisance when using memory sanitizers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-29 16:33:13 +01:00
Viktor Dukhovni
7eba4e6207 Restore NUMPRIMES as a numeric literal
This fixes clang compilation problem with size_t NUMPRIMES and int
loop counters.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-28 06:36:55 -05:00
Rich Salz
b4f35e5e07 Remove EIGHT_BIT and SIXTEEN_BIT
Also cleaned up bn_prime.pl to current coding style.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-01-27 19:10:13 -05:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Rich Salz
dc193c9c5e Move & split opensslconf.h.in
Move opensslconf.h.in to include/openssl.
Split off DES,BN,RC4 stuff into separate header file
templates in crypto/include/internal/*_conf.h.in

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-25 09:44:08 -05:00
Rich Salz
8cef1212f3 Consolidate "make update"
Rename 'update' to 'generate'.  Rather than recurse, just explicitly
call the three generate targets directly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-20 09:09:14 -05:00
Rich Salz
ee6d9f4eb6 Remove some old makefile targets
Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-17 14:47:32 -05:00
Rich Salz
d10dac1187 Move Makefiles to Makefile.in
Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-12 16:26:56 -05:00
Viktor Dukhovni
8707e3be0c Update comment as bn_dup_expand is gone
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 12:53:39 -05:00
Viktor Dukhovni
98186eb4e4 Backwards-compatibility subject to OPENSSL_API_COMPAT
Provide backwards-compatiblity for functions, macros and include
files if OPENSSL_API_COMPAT is either not defined or defined less
than the version number of the release in which the feature was
deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:53:18 -05:00
Andy Polyakov
b859d70d4a bn/asm/bn-c64xplus.asm: update commentary.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 10:30:03 +01:00
Matt Caswell
79caf5d323 Fix URLs mangled by reformat
Some URLs in the source code ended up getting mangled by indent. This fixes
it. Based on a patch supplied by Arnaud Lacombe <al@aerilon.ca>

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-19 20:33:00 +00:00
Emilia Kasper
d911097d7c Fix a ** 0 mod 1 = 0 for real this time.
Commit 2b0180c37f attempted to do this but
only hit one of many BN_mod_exp codepaths. Fix remaining variants and add
a test for each method.

Thanks to Hanno Boeck for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-12-14 17:39:39 +01:00
Andy Polyakov
b974943234 x86_64 assembly pack: tune clang version detection even further.
RT#4171

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-13 22:18:18 +01:00
Andy Polyakov
a285992763 ARMv4 assembly pack: allow Thumb2 even in iOS build,
and engage it in most modules.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-07 12:06:06 +01:00
Andy Polyakov
29851264f1 bn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-03 13:12:01 +00:00
Rich Salz
d59c7c81e3 Remove BN_init
Rename it to be an internal function bn_init.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-11-30 16:10:12 -05:00
Matt Caswell
fd7d252060 Tighten up BN_with_flags usage and avoid a reachable assert
The function rsa_ossl_mod_exp uses the function BN_with_flags to create a
temporary copy (local_r1) of a BIGNUM (r1) with modified flags. This
temporary copy shares some state with the original r1. If the state of r1
gets updated then local_r1's state will be stale. This was occurring in the
function so that when local_r1 was freed a call to bn_check_top was made
which failed an assert due to the stale state. To resolve this we must free
local_r1 immediately after we have finished using it and not wait until the
end of the function.

This problem prompted a review of all BN_with_flag usage within the
codebase. All other usage appears to be correct, although often not
obviously so. This commit refactors things to make it much clearer for
these other uses.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-11-26 10:20:36 +00:00
Andy Polyakov
76eba0d94b x86_64 assembly pack: tune clang version detection.
RT#4142

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-11-23 16:00:06 +01:00
Pascal Cuoq
9f6795e7d2 BN_usub: Don't copy when r and a the same
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>

RT #4100, MR #1264
2015-11-20 22:29:53 +01:00
Andy Polyakov
e4693b4e2a bn/asm/ppc64-mont.pl: adapt for little-endian.
The problem remained unnoticed so far, because it's never called by default.
You have to craft OPENSSL_ppccap environment variable to trigger the problem.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-11-16 13:40:41 +01:00
Andy Polyakov
9d0e4dc635 bn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple percent faster]. Triggered by RT#4128, but solves the problem by real modulo-scheduling.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-16 13:10:45 +01:00
Matt Caswell
90945fa31a Continue standardising malloc style for libcrypto
Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-11-09 22:48:41 +00:00
Dr. Stephen Henson
b8fb59897b Rebuild error source files.
Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-11-05 15:48:37 +00:00
Rich Salz
b0700d2c8d Replace "SSLeay" in API with OpenSSL
All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-30 17:21:42 -04:00
Pascal Cuoq
94b3664a52 BN_GF2m_mod_inv(): check bn_wexpand return value
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>

MR #1276, RT #4107
2015-10-29 20:34:24 +01:00
Ben Laurie
2f1a5d1694 Fix undeclared variable warnings.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-10-24 16:42:51 +01:00
Alessandro Ghedini
d900a015b5 Fix typos
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-23 19:52:08 +02:00
Alessandro Ghedini
3f6c769187 Fix memory leaks and other mistakes on errors
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-23 19:52:08 +02:00
Richard Levitte
5212d39bd9 Only include SRP headers when OPENSSL_NO_SRP is undefined
[fixes github issue #447]

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-10-22 23:45:45 +02:00
Pascal Cuoq
f92768e6f5 Set flags to 0 before calling BN_with_flags()
BN_with_flags() will read the dest->flags to keep the BN_FLG_MALLOCED but
overwrites everything else.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231
2015-10-07 18:54:12 +02:00
Alessandro Ghedini
2d28462373 Fix travis builds on master
-Allow mingw debug builds to fail on Travis CI
-Fix Travis email notifications config
-Rename a variable to avoid a bogus warning with old GCC
 error: declaration of ``dup'' shadows a global declaration [-Werror=shadow]
-Disable pedantic ms-format warnings with mingw
-Properly define const DH parameters
-Restore --debug flag in Travis CI builds; -d would get incorrectly passed
 to ./Configure in mingw debug builds.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-06 12:30:47 -04:00
Andy Polyakov
8eed3289b2 bn/asm/armv4-mont.pl: boost NEON performance.
Close difference gap on Cortex-A9, which resulted in further improvement
even on other processors.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-30 17:48:30 +02:00
Andy Polyakov
11208dcfb9 ARMv4 assembly pack: implement support for Thumb2.
As some of ARM processors, more specifically Cortex-Mx series, are
Thumb2-only, we need to support Thumb2-only builds even in assembly.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-25 13:34:02 +02:00
Dr. Stephen Henson
37f3a3b327 make no-dh work
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-20 12:50:55 +01:00
Ben Laurie
df2ee0e27d Enable -Wmissing-variable-declarations and
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require
any code changes).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-11 04:51:55 +01:00
Rich Salz
8e704858f2 RT3955: Reduce some stack usage
Use malloc/free instead of big onstack buffers.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-05 17:40:48 -04:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Rich Salz
b51bce9420 Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-02 22:05:37 -04:00