mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
Precautions against using the PRNG uninitialized: RAND_bytes() now
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the same as RAND_seed() but takes an estimate of the entropy as an additional argument.
This commit is contained in:
parent
22e219d90f
commit
eb952088f0
5
CHANGES
5
CHANGES
@ -4,6 +4,11 @@
|
||||
|
||||
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
|
||||
|
||||
*) Precautions against using the PRNG uninitialized: RAND_bytes() now
|
||||
has a return value which indicated the quality of the random data
|
||||
(1 = ok, 0 = not seeded).
|
||||
[Ulf Möller]
|
||||
|
||||
*) Do more iterations of Rabin-Miller probable prime test (specifically,
|
||||
3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
|
||||
instead of only 2 for all lengths; see BN_prime_checks definition
|
||||
|
@ -75,6 +75,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits,
|
||||
BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
|
||||
static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
|
||||
BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
|
||||
|
||||
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add,
|
||||
BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg)
|
||||
{
|
||||
|
@ -81,9 +81,10 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
|
||||
|
||||
/* make a random number and set the top and bottom bits */
|
||||
time(&tim);
|
||||
RAND_seed(&tim,sizeof(tim));
|
||||
RAND_add(&tim,sizeof(tim),0);
|
||||
|
||||
RAND_bytes(buf,(int)bytes);
|
||||
if (RAND_bytes(buf,(int)bytes) <= 0)
|
||||
goto err;
|
||||
if (top)
|
||||
{
|
||||
if (bit == 0)
|
||||
|
@ -100,6 +100,7 @@ static ERR_STRING_DATA ERR_str_libraries[]=
|
||||
{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"},
|
||||
{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"},
|
||||
{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"},
|
||||
{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"},
|
||||
{0,NULL},
|
||||
};
|
||||
|
||||
|
@ -122,6 +122,7 @@ typedef struct err_state_st
|
||||
#define ERR_LIB_PKCS7 33
|
||||
#define ERR_LIB_X509V3 34
|
||||
#define ERR_LIB_PKCS12 35
|
||||
#define ERR_LIB_RAND 36
|
||||
|
||||
#define ERR_LIB_USER 128
|
||||
|
||||
@ -149,6 +150,7 @@ typedef struct err_state_st
|
||||
#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
|
||||
#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__)
|
||||
#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),ERR_file_name,__LINE__)
|
||||
#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__)
|
||||
|
||||
/* Borland C seems too stupid to be able to shift and do longs in
|
||||
* the pre-processor :-( */
|
||||
|
@ -116,5 +116,6 @@ void ERR_load_crypto_strings(void)
|
||||
ERR_load_CRYPTO_strings();
|
||||
ERR_load_PKCS7_strings();
|
||||
ERR_load_PKCS12_strings();
|
||||
ERR_load_RAND_strings();
|
||||
#endif
|
||||
}
|
||||
|
@ -21,6 +21,7 @@ L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c
|
||||
L RSAREF rsaref/rsaref.h rsaref/rsar_err.c
|
||||
L SSL ssl/ssl.h ssl/ssl_err.c
|
||||
L COMP crypto/comp/comp.h crypto/comp/comp_err.c
|
||||
L RAND crypto/rand/rand.h crypto/rand/rand_err.c
|
||||
|
||||
|
||||
F RSAREF_F_RSA_BN2BIN
|
||||
|
@ -267,8 +267,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
|
||||
return NULL;
|
||||
}
|
||||
p8->pkey->type = V_ASN1_OCTET_STRING;
|
||||
RAND_seed (p8->pkey->value.octet_string->data,
|
||||
p8->pkey->value.octet_string->length);
|
||||
RAND_add(p8->pkey->value.octet_string->data,
|
||||
p8->pkey->value.octet_string->length, 0);
|
||||
return p8;
|
||||
}
|
||||
|
||||
|
@ -73,7 +73,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
|
||||
int i;
|
||||
|
||||
if (npubk <= 0) return(0);
|
||||
RAND_bytes(key,EVP_MAX_KEY_LENGTH);
|
||||
if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) == -1) return(0);
|
||||
if (type->iv_len > 0)
|
||||
RAND_bytes(iv,type->iv_len);
|
||||
|
||||
|
@ -378,7 +378,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
|
||||
#endif
|
||||
kstr=(unsigned char *)buf;
|
||||
}
|
||||
RAND_seed(data,i);/* put in the RSA key. */
|
||||
RAND_add(data,i,0);/* put in the RSA key. */
|
||||
RAND_bytes(iv,8); /* Generate a salt */
|
||||
/* The 'iv' is used as the iv and as a salt. It is
|
||||
* NOT taken from the BytesToKey function */
|
||||
|
@ -161,7 +161,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
BIO_get_cipher_ctx(btmp, &ctx);
|
||||
keylen=EVP_CIPHER_key_length(evp_cipher);
|
||||
ivlen=EVP_CIPHER_iv_length(evp_cipher);
|
||||
RAND_bytes(key,keylen);
|
||||
if (RAND_bytes(key,keylen) <= 0)
|
||||
goto err;
|
||||
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
|
||||
if (ivlen > 0) RAND_bytes(iv,ivlen);
|
||||
EVP_CipherInit(ctx, evp_cipher, key, iv, 1);
|
||||
|
@ -22,8 +22,8 @@ TEST= randtest.c
|
||||
APPS=
|
||||
|
||||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC=md_rand.c randfile.c rand_lib.c
|
||||
LIBOBJ=md_rand.o randfile.o rand_lib.o
|
||||
LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c
|
||||
LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
|
@ -56,6 +56,8 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#define ENTROPY_NEEDED 32 /* require 128 bits of randomness */
|
||||
|
||||
#ifndef MD_RAND_DEBUG
|
||||
# ifndef NDEBUG
|
||||
# define NDEBUG
|
||||
@ -70,6 +72,7 @@
|
||||
#include "openssl/e_os.h"
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
|
||||
#if !defined(NO_SHA) && !defined(NO_SHA1)
|
||||
@ -135,17 +138,20 @@ static int state_num=0,state_index=0;
|
||||
static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
|
||||
static unsigned char md[MD_DIGEST_LENGTH];
|
||||
static long md_count[2]={0,0};
|
||||
static int entropy=0;
|
||||
|
||||
const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static void ssleay_rand_cleanup(void);
|
||||
static void ssleay_rand_seed(const void *buf, int num);
|
||||
static void ssleay_rand_bytes(unsigned char *buf, int num);
|
||||
static void ssleay_rand_add(const void *buf, int num, int entropy);
|
||||
static int ssleay_rand_bytes(unsigned char *buf, int num);
|
||||
|
||||
RAND_METHOD rand_ssleay_meth={
|
||||
ssleay_rand_seed,
|
||||
ssleay_rand_bytes,
|
||||
ssleay_rand_cleanup,
|
||||
ssleay_rand_add,
|
||||
};
|
||||
|
||||
RAND_METHOD *RAND_SSLeay(void)
|
||||
@ -161,9 +167,10 @@ static void ssleay_rand_cleanup(void)
|
||||
memset(md,0,MD_DIGEST_LENGTH);
|
||||
md_count[0]=0;
|
||||
md_count[1]=0;
|
||||
entropy=0;
|
||||
}
|
||||
|
||||
static void ssleay_rand_seed(const void *buf, int num)
|
||||
static void ssleay_rand_add(const void *buf, int num, int add)
|
||||
{
|
||||
int i,j,k,st_idx;
|
||||
long md_c[2];
|
||||
@ -276,11 +283,18 @@ static void ssleay_rand_seed(const void *buf, int num)
|
||||
#ifndef THREADS
|
||||
assert(md_c[1] == md_count[1]);
|
||||
#endif
|
||||
entropy += add;
|
||||
}
|
||||
|
||||
static void ssleay_rand_bytes(unsigned char *buf, int num)
|
||||
static void ssleay_rand_seed(const void *buf, int num)
|
||||
{
|
||||
ssleay_rand_add(buf, num, num);
|
||||
}
|
||||
|
||||
static int ssleay_rand_bytes(unsigned char *buf, int num)
|
||||
{
|
||||
int i,j,k,st_num,st_idx;
|
||||
int ok;
|
||||
long md_c[2];
|
||||
unsigned char local_md[MD_DIGEST_LENGTH];
|
||||
MD_CTX m;
|
||||
@ -299,7 +313,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
|
||||
|
||||
for (i=0; i<num; i++)
|
||||
buf[i]=val++;
|
||||
return;
|
||||
return(1);
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -326,15 +340,15 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
/* put in some default random data, we need more than
|
||||
* just this */
|
||||
RAND_seed(&m,sizeof(m));
|
||||
RAND_add(&m,sizeof(m),0);
|
||||
#ifndef GETPID_IS_MEANINGLESS
|
||||
l=curr_pid;
|
||||
RAND_seed(&l,sizeof(l));
|
||||
RAND_add(&l,sizeof(l),0);
|
||||
l=getuid();
|
||||
RAND_seed(&l,sizeof(l));
|
||||
RAND_add(&l,sizeof(l),0);
|
||||
#endif
|
||||
l=time(NULL);
|
||||
RAND_seed(&l,sizeof(l));
|
||||
RAND_add(&l,sizeof(l),0);
|
||||
|
||||
#ifdef DEVRANDOM
|
||||
/*
|
||||
@ -365,6 +379,8 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
|
||||
init=0;
|
||||
}
|
||||
|
||||
ok = (entropy >= ENTROPY_NEEDED);
|
||||
|
||||
st_idx=state_index;
|
||||
st_num=state_num;
|
||||
md_c[0] = md_count[0];
|
||||
@ -426,6 +442,13 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
|
||||
memset(&m,0,sizeof(m));
|
||||
if (ok)
|
||||
return(1);
|
||||
else
|
||||
{
|
||||
RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
|
||||
return(0);
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef WINDOWS
|
||||
|
@ -66,24 +66,41 @@ extern "C" {
|
||||
typedef struct rand_meth_st
|
||||
{
|
||||
void (*seed)(const void *buf, int num);
|
||||
void (*bytes)(unsigned char *buf, int num);
|
||||
int (*bytes)(unsigned char *buf, int num);
|
||||
void (*cleanup)(void);
|
||||
void (*add)(const void *buf, int num, int entropy);
|
||||
} RAND_METHOD;
|
||||
|
||||
void RAND_set_rand_method(RAND_METHOD *meth);
|
||||
RAND_METHOD *RAND_get_rand_method(void );
|
||||
RAND_METHOD *RAND_SSLeay(void);
|
||||
void RAND_cleanup(void );
|
||||
void RAND_bytes(unsigned char *buf,int num);
|
||||
int RAND_bytes(unsigned char *buf,int num);
|
||||
void RAND_seed(const void *buf,int num);
|
||||
void RAND_add(const void *buf,int num,int entropy);
|
||||
int RAND_load_file(const char *file,long max_bytes);
|
||||
int RAND_write_file(const char *file);
|
||||
char *RAND_file_name(char *file,int num);
|
||||
#ifdef WINDOWS
|
||||
void RAND_screen(void);
|
||||
#endif
|
||||
void ERR_load_RAND_strings(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
|
||||
/* Error codes for the RAND functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define RAND_F_SSLEAY_RAND_BYTES 100
|
||||
|
||||
/* Reason codes. */
|
||||
#define RAND_R_PRNG_NOT_SEEDED 100
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
|
93
crypto/rand/rand_err.c
Normal file
93
crypto/rand/rand_err.c
Normal file
@ -0,0 +1,93 @@
|
||||
/* crypto/rand/rand_err.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
/* NOTE: this file was auto generated by the mkerr.pl script: any changes
|
||||
* made to it will be overwritten when the script next updates this file.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rand.h>
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
#ifndef NO_ERR
|
||||
static ERR_STRING_DATA RAND_str_functs[]=
|
||||
{
|
||||
{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "ssleay_rand_bytes"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
static ERR_STRING_DATA RAND_str_reasons[]=
|
||||
{
|
||||
{RAND_R_PRNG_NOT_SEEDED ,"prng not seeded"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
void ERR_load_RAND_strings(void)
|
||||
{
|
||||
static int init=1;
|
||||
|
||||
if (init)
|
||||
{
|
||||
init=0;
|
||||
#ifndef NO_ERR
|
||||
ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
|
||||
ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
|
||||
#endif
|
||||
|
||||
}
|
||||
}
|
@ -89,9 +89,16 @@ void RAND_seed(const void *buf, int num)
|
||||
rand_meth->seed(buf,num);
|
||||
}
|
||||
|
||||
void RAND_bytes(unsigned char *buf, int num)
|
||||
void RAND_add(const void *buf, int num, int entropy)
|
||||
{
|
||||
if (rand_meth != NULL)
|
||||
rand_meth->bytes(buf,num);
|
||||
rand_meth->add(buf,num,entropy);
|
||||
}
|
||||
|
||||
int RAND_bytes(unsigned char *buf, int num)
|
||||
{
|
||||
if (rand_meth != NULL)
|
||||
return rand_meth->bytes(buf,num);
|
||||
return(-1);
|
||||
}
|
||||
|
||||
|
@ -91,7 +91,7 @@ int RAND_load_file(const char *file, long bytes)
|
||||
|
||||
i=stat(file,&sb);
|
||||
/* If the state fails, put some crap in anyway */
|
||||
RAND_seed(&sb,sizeof(sb));
|
||||
RAND_add(&sb,sizeof(sb),0);
|
||||
ret+=sizeof(sb);
|
||||
if (i < 0) return(0);
|
||||
if (bytes <= 0) return(ret);
|
||||
@ -104,7 +104,7 @@ int RAND_load_file(const char *file, long bytes)
|
||||
i=fread(buf,1,n,in);
|
||||
if (i <= 0) break;
|
||||
/* even if n != i, use the full array */
|
||||
RAND_seed(buf,n);
|
||||
RAND_add(buf,n,i);
|
||||
ret+=i;
|
||||
bytes-=n;
|
||||
if (bytes <= 0) break;
|
||||
|
@ -50,7 +50,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
|
||||
emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
|
||||
db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
|
||||
memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
|
||||
RAND_bytes(seed, SHA_DIGEST_LENGTH);
|
||||
if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
|
||||
return (0);
|
||||
#ifdef PKCS_TESTVECT
|
||||
memcpy(seed,
|
||||
"\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
|
||||
|
@ -155,12 +155,14 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
|
||||
/* pad out with non-zero random data */
|
||||
j=tlen-3-flen;
|
||||
|
||||
RAND_bytes(p,j);
|
||||
if (RAND_bytes(p,j) <= 0)
|
||||
return(0);
|
||||
for (i=0; i<j; i++)
|
||||
{
|
||||
if (*p == '\0')
|
||||
do {
|
||||
RAND_bytes(p,1);
|
||||
if (RAND_bytes(p,1) <= 0)
|
||||
return(0);
|
||||
} while (*p == '\0');
|
||||
p++;
|
||||
}
|
||||
|
@ -82,12 +82,14 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
|
||||
/* pad out with non-zero random data */
|
||||
j=tlen-3-8-flen;
|
||||
|
||||
RAND_bytes(p,j);
|
||||
if (RAND_bytes(p,j) <= 0)
|
||||
return(0);
|
||||
for (i=0; i<j; i++)
|
||||
{
|
||||
if (*p == '\0')
|
||||
do {
|
||||
RAND_bytes(p,1);
|
||||
if (RAND_bytes(p,1) <= 0)
|
||||
return(0);
|
||||
} while (*p == '\0');
|
||||
p++;
|
||||
}
|
||||
|
@ -76,7 +76,7 @@ static ERR_STRING_DATA X509_str_functs[]=
|
||||
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0), "X509_ATTRIBUTE_create_by_NID"},
|
||||
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0), "X509_ATTRIBUTE_create_by_OBJ"},
|
||||
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_IGET_DATA,0), "X509_ATTRIBUTE_iget_data"},
|
||||
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_ISET_DATA,0), "X509_ATTRIBUTE_iset_data"},
|
||||
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_ISET_DATA,0), "X509_ATTRIBUTE_ISET_DATA"},
|
||||
{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"},
|
||||
{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
|
||||
{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
|
||||
|
@ -102,7 +102,7 @@ int ssl23_connect(SSL *s)
|
||||
int ret= -1;
|
||||
int new_state,state;
|
||||
|
||||
RAND_seed(&Time,sizeof(Time));
|
||||
RAND_add(&Time,sizeof(Time),0);
|
||||
ERR_clear_error();
|
||||
clear_sys_error();
|
||||
|
||||
|
@ -101,7 +101,7 @@ int ssl23_accept(SSL *s)
|
||||
int ret= -1;
|
||||
int new_state,state;
|
||||
|
||||
RAND_seed(&Time,sizeof(Time));
|
||||
RAND_add(&Time,sizeof(Time),0);
|
||||
ERR_clear_error();
|
||||
clear_sys_error();
|
||||
|
||||
|
@ -108,7 +108,7 @@ int ssl2_connect(SSL *s)
|
||||
void (*cb)()=NULL;
|
||||
int new_state,state;
|
||||
|
||||
RAND_seed(&l,sizeof(l));
|
||||
RAND_add(&l,sizeof(l),0);
|
||||
ERR_clear_error();
|
||||
clear_sys_error();
|
||||
|
||||
|
@ -109,7 +109,7 @@ int ssl2_accept(SSL *s)
|
||||
void (*cb)()=NULL;
|
||||
int new_state,state;
|
||||
|
||||
RAND_seed(&l,sizeof(l));
|
||||
RAND_add(&l,sizeof(l),0);
|
||||
ERR_clear_error();
|
||||
clear_sys_error();
|
||||
|
||||
|
@ -110,7 +110,7 @@ int ssl3_connect(SSL *s)
|
||||
int ret= -1;
|
||||
int new_state,state,skip=0;;
|
||||
|
||||
RAND_seed(&Time,sizeof(Time));
|
||||
RAND_add(&Time,sizeof(Time),0);
|
||||
ERR_clear_error();
|
||||
clear_sys_error();
|
||||
|
||||
|
@ -113,7 +113,7 @@ int ssl3_accept(SSL *s)
|
||||
int ret= -1;
|
||||
int new_state,state,skip=0;
|
||||
|
||||
RAND_seed(&Time,sizeof(Time));
|
||||
RAND_add(&Time,sizeof(Time),0);
|
||||
ERR_clear_error();
|
||||
clear_sys_error();
|
||||
|
||||
|
@ -1311,7 +1311,6 @@ int SSL_COMP_add_compression_method(int id,char *cm);
|
||||
#define SSL_R_BAD_AUTHENTICATION_TYPE 102
|
||||
#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
|
||||
#define SSL_R_BAD_CHECKSUM 104
|
||||
#define SSL_R_BAD_HELLO_REQUEST 105
|
||||
#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
|
||||
#define SSL_R_BAD_DECOMPRESSION 107
|
||||
#define SSL_R_BAD_DH_G_LENGTH 108
|
||||
@ -1319,6 +1318,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
|
||||
#define SSL_R_BAD_DH_P_LENGTH 110
|
||||
#define SSL_R_BAD_DIGEST_LENGTH 111
|
||||
#define SSL_R_BAD_DSA_SIGNATURE 112
|
||||
#define SSL_R_BAD_HELLO_REQUEST 105
|
||||
#define SSL_R_BAD_LENGTH 271
|
||||
#define SSL_R_BAD_MAC_DECODE 113
|
||||
#define SSL_R_BAD_MESSAGE_TYPE 114
|
||||
|
@ -205,7 +205,6 @@ static ERR_STRING_DATA SSL_str_reasons[]=
|
||||
{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
|
||||
{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
|
||||
{SSL_R_BAD_CHECKSUM ,"bad checksum"},
|
||||
{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"},
|
||||
{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
|
||||
{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
|
||||
{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
|
||||
@ -213,6 +212,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
|
||||
{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
|
||||
{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
|
||||
{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
|
||||
{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"},
|
||||
{SSL_R_BAD_LENGTH ,"bad length"},
|
||||
{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
|
||||
{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
|
||||
|
Loading…
Reference in New Issue
Block a user