(ie. where top may be zero, or it may be one if the corresponding word is
set to zero). Note, this only affects the macros in bn.h, there are probably
similar corrections required in some c files.
Also, clarify the audit-related macros at the top of the header. Mental
note: I must not forget to clean all this out before 0.9.8 is released ...
that gets built before objects barfs all over the place because it
uses a new NID that hasn't had a chance of getting defined yet (in
this case, it was about a couple of new EC curves, and therefore a
couple of new corresponding NIDs).
I'm placing objects first in SDIRS! There.
of libcrypto, then it is possible that when they are loaded they will share
the same static data as the loading application/library. This means it will
be too late to set memory/ERR/ex_data/[etc] callbacks, but entirely
unnecessary to try.
This change (and a great part of this comment) was implemented in
0.9.8-dev a long time ago, but slightly differently. In 0.9.8-dev, a
specific function that just returns a pointer to some static object is
used. For 0.9.7x, we couldn't do that, since the way we handle feature
freezes is, among other, to not add any more non-static functions.
Instead, we use the function ERR_get_implementation() and compare the
returned value with fns->err_fns, a member of fns that already is
there, and which therefore can safely be used in this manner.
What happens is that if the loaded ENGINE's return value from this
function matches the loading application/library's return value - they
share static data. If they don't match, the loaded ENGINE has its own
copy of libcrypto's static data and so the callbacks need to be set.
against inconsistent BIGNUMs coming out of any of its API functions. So
this change no longer "fixes" the bn_print.c functions, but it makes for
cleaner code. This patch was a part of ticket 697.
PR: 697
Submitted by: Otto Moerbeek
Reviewed by: Geoff Thorpe
ticket 697 (though uses a different solution than the proposed one). This
problem was initially raised by Otto Moerbeek.
PR: 697
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
and bn_add_words to avoid using fake bignums to window other bignums that
can lead to corruption. This change allows all bignum tests to pass with
BN_DEBUG and BN_DEBUG_RAND debugging and valgrind. NB: This should be
tested on a few different architectures and configuration targets, as the
bignum code this deals with is quite preprocessor (and assembly) sensitive.
Submitted by: Nils Narsch
Reviewed by: Geoff Thorpe, Ulf Moeller
sure the current length is used to calculate the new buffer length instead
of using the old length (prior to any variable substitution).
Submitted by: Nils Larsch
generally a more efficient comparison than comparing two integers, and the
first of these two loops was off-by-one (copying one too many values). This
change also removes a superfluous assignment that would set an unused word
to zero (and potentially allow an overrun in some cases).
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
(where it was impossible to create an EC certificate with a compressed
public key), and has some style improvements based on some comments from
Steve Henson about use of the ASN1 macros.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
constant BIGNUMs. It turns out that this trips up different but equally
useful compiler warnings to -Wcast-qual, and so wasn't worth the ugliness
it created. (Thanks to Ulf for the forehead-slap.)
and structures as constant without having to cast away const at any point.
There is still plenty of other code that makes gcc's "-Wcast-qual" unhappy,
but crypto/bn/ is now ok. Purists are welcome to suggest alternatives.
constructing BIGNUM structures with pointers offset into other bignums
(among other things). This corrects some of it that is too plainly insane,
and tries to ensure that bignums are normalised when passed to other
functions.
structures being passed in to or out of API functions, and this corrects a
couple of cases found so far.
Also, lop off a couple of bytes of white-space.
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
except internally to the allocator BN_CTX_new(), as such this deprecates
the use of BN_CTX_init() in the API. Moreover, the structure definition of
BN_CTX is taken out of bn_lcl.h and moved into bn_ctx.c itself.
NDEBUG should probably only be "forced" in the top-level configuration, but
until it is I will avoid removing it from bn_ctx.c which might surprise
people with massive slow-downs in their keygens. So I've left it in
bn_ctx.c but tidied up the preprocessor logic a touch and made it more
tolerant of debugging efforts.
choice but to have to cast away "const" qualifiers from their prototypes.
This does not remove constification restrictions from hash/compare
callbacks, but allows destructor commands to be run over a tables' elements
without bad casts.
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.
In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.
Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).
However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
be) precompiled out in the API headers. This change is to ensure that if
it is defined when compiling openssl, the deprecated functions aren't
implemented either.
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().
The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().
The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
compression identity is already present among the registered
compression methods, and if so, reject the addition request.
Declare SSL_COMP_get_compression_method() so it can be used properly.
Change ssltest.c so it checks what compression methods are available
and enumerates them. As a side-effect, built-in compression methods
will be automagically loaded that way. Additionally, change the
identities for ZLIB and RLE to be conformant to
draft-ietf-tls-compression-05.txt.
Finally, make update.
Next on my list: have the built-in compression methods added
"automatically" instead of requiring that the author call
SSL_COMP_add_compression_method() or
SSL_COMP_get_compression_methods().
