Commit Graph

363 Commits

Author SHA1 Message Date
Andy Polyakov
57ebe74831 engine/e_capi.c: fix various warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:06:06 +02:00
Andy Polyakov
16a9542a17 Fix prototypes in e_ossttest.c.
Problem was exposed in mingw64 build, or in other words on P64 platform.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:05:29 +02:00
Andy Polyakov
8be7438f16 Rationalize .gitignore and harmonize pair of Makefiles.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:02:35 +02:00
Matt Caswell
51a6081719 Change ossltest engine to manually allocate cipher_data
The ossltest engine wraps the built-in implementation of aes128-cbc.
Normally in an engine the cipher_data structure is automatically allocated
by the EVP layer. However this relies on the engine specifying up front
the size of that cipher_data structure. In the case of ossltest this value
isn't available at compile time. This change makes the ossltest engine
allocate its own cipher_data structure instead of leaving it to the EVP
layer.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-25 15:13:57 +01:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Rich Salz
b51bce9420 Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-02 22:05:37 -04:00
Rich Salz
22dc08d00a BN_bin2bn handle leading zero's
If a binary sequence is all zero's, call BN_zero.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-26 07:00:43 -04:00
Rich Salz
ade44dcb16 Remove Gost94 signature algorithm.
This was obsolete in 2001.  This is not the same as Gost94 digest.
Thanks to Dmitry Belyavsky <beldmit@gmail.com> for review and advice.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-11 18:23:29 -04:00
Matt Caswell
6142f5c640 make update
Run a "make update" for the OSSLTest Engine changes

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-11 20:27:46 +01:00
Richard Levitte
c0cbb4c19b Use dynamic engine for libssl test harness
Use a dynamic engine for ossltest engine so that we can build it without
subsequently deploying it during install. We do not want people accidentally
using this engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-11 20:27:46 +01:00
Matt Caswell
2d5d70b155 Add OSSLTest Engine
This engine is for testing purposes only. It provides crippled crypto
implementations and therefore must not be used in any instance where
security is required.

This will be used by the forthcoming libssl test harness which will operate
as a man-in-the-middle proxy. The test harness will be able to modify
TLS packets and read their contents. By using this test engine packets are
not encrypted and MAC codes always verify.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-11 20:27:46 +01:00
Matt Caswell
90e7cdff3a Fix error check in GOST engine
The return value of i2d functions can be negative if an error occurs.
Therefore don't assign the return value to an unsigned type and *then*
check if it is negative.

RT#3862

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-26 10:35:22 +01:00
Richard Levitte
8b822d2566 Fix update and depend in engines/
The update: target in engines/ didn't recurse into engines/ccgost.
The update: and depend: targets in engines/ccgost needed a fixup.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-23 06:33:41 +02:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Rich Salz
75ebbd9aa4 Use p==NULL not !p (in if statements, mainly)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-11 10:06:38 -04:00
Rich Salz
86885c2895 Use "==0" instead of "!strcmp" etc
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-06 22:37:53 -04:00
Rich Salz
16f8d4ebf0 memset, memcpy, sizeof consistency fixes
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy.  Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Richard Levitte
31ff45aa97 Remove obsolete make variables
ONEDIRS, EDIRS and WDIRS aren't used anywhere.  Most probably remains
from a build system of the past, it's time they get put to rest.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-02 21:51:45 +02:00
Rich Salz
25aaa98aa2 free NULL cleanup -- coda
After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Rich Salz
efa7dd6444 free NULL cleanup 11
Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c free NULL cleanup 7
This gets BN_.*free:
    BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
    BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free

Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 21:37:06 -04:00
Rich Salz
4b45c6e52b free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
        CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:57:32 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Viktor Dukhovni
61986d32f3 Code style: space after 'if'
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Emilia Kasper
6824941440 Initialize variable
newsig may be used (freed) uninitialized on a malloc error.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-15 14:19:12 +02:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
06affe3dac Initialised 'ok' and redo the logic.
The logic with how 'ok' was calculated didn't quite convey what's "ok",
so the logic is slightly redone to make it less confusing.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-30 05:31:58 +02:00
Rich Salz
c5ba2d9904 free NULL cleanup
EVP_.*free; this gets:
        EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
        EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
        EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-28 10:54:15 -04:00
Rich Salz
8fdc3734c0 free NULL cleanup.
This gets EC_GROUP_clear_free EC_GROUP_free, EC_KEY_free,
EC_POINT_clear_free, EC_POINT_free

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-25 18:35:24 -04:00
Rich Salz
ca3a82c3b3 free NULL cleanup
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Matt Caswell
8817e2e0c9 Fix return checks in GOST engine
Filled in lots of return value checks that were missing the GOST engine, and
added appropriate error handling.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:33:37 +00:00
Matt Caswell
7b611e5fe8 Fix misc NULL derefs in sureware engine
Fix miscellaneous NULL pointer derefs in the sureware engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:33:31 +00:00
Rich Salz
d64070838e free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets DH_free, DSA_free, RSA_free

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 23:17:16 -04:00
Dr. Stephen Henson
2e43027757 make ASN1_OBJECT opaque
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 17:35:58 +00:00
Edgar Pek
bcfa19a8d1 Fix null-pointer dereference
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-22 13:20:10 +01:00
Richard Levitte
774ccae63c Transfer a fix from 1.0.1
manually picked from e7b85bc402
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-02-13 13:39:05 +01:00
Rich Salz
fbf08b79ff Remove X509_PAIR
Unused type; a pair X509 certificates. Intended for LDAP support.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-06 10:55:31 -05:00
Rich Salz
6f91b017bb Live code cleanup: remove #if 1 stuff
For code bracketed by "#if 1" then remove the alternate
"#else .. #endif" lines.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-06 10:54:20 -05:00
Ben Laurie
4de8385796 Build correctly for me on FreeBSD 10.
Reviewed-by: Rich Salz

Don't debug.
2015-01-30 22:23:17 +00:00
Rich Salz
d6fbb19409 Dead code removal #if 0 engines
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-30 13:24:35 -05:00
Richard Levitte
132536f96e VMS adjustments:
catch up with the Unix build.
A number of new tests, among others test/tocsp.com
Define INTERNAL in ssl/ssl-lib.com to allow for '#include "internal/foo.h"'

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-01-30 14:43:57 +01:00
Rich Salz
33fc38ff8e Make output consistency: remove blank line
When you use "-s" in the make flag, you see that engines outputs
a blank line because EDIRS isn't set.  This is a debug echo that
isn't needed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-29 12:09:14 -05:00
Richard Levitte
c6ef15c494 clang on Linux x86_64 complains about unreachable code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-29 01:54:09 +01:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Matt Caswell
35a1cc90bc More comment realignment
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
50e735f9e5 Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00