Commit Graph

471 Commits

Author SHA1 Message Date
Andy Polyakov
7a53360031 engines/e_capi.c: accommodate recent DSA_SIG_[get|set]0 changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-27 23:32:09 +02:00
Matt Caswell
25b9d11c00 Handle inability to create AFALG socket
Some Linux platforms have a suitably recent kernel to support AFALG, but
apparently you still can't actually create an afalg socket. This extends
the afalg_chk_platform() function to additionally check whether we can
create an AFALG socket. We also amend the afalgtest to not report a
failure to load the engine as a test failure. A failure to load is almost
certainly due to platform environmental issues, and not an OpenSSL problem.

RT 4434

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-13 17:28:40 +01:00
Jeffrey Walton
2a7de0fd5d Fixes to get -ansi working
Various fixes to get the following to compile:

./config no-asm -ansi -D_DEFAULT_SOURCE

RT4479
RT4480

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-08 20:18:04 +01:00
Rich Salz
56989dcd0e Fix some GitHub issues.
GH1180: Local variable sometimes unused
GH1181: Missing close paren.

Thanks to <wipedout@yandex.ru> for reporting these.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-07 11:08:33 -04:00
Rich Salz
b8a9af6881 Remove/rename some old files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:29:57 -04:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:27:25 -04:00
FdaSilvaYY
b2b361f6af Raise an Err when CRYPTO_THREAD_lock_new fails
Add missing error raise call, as it is done everywhere else.
and as CRYPTO_THREAD_lock_new don't do it internally.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-01 13:14:49 +01:00
Andy Polyakov
cfe1d9929e x86_64 assembly pack: tolerate spaces in source directory name.
[as it is now quoting $output is not required, but done just in case]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-29 14:12:51 +02:00
Richard Levitte
7030e35d07 build.info files: add quotes around any spec that may contain spaces
RT#4492

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-25 11:50:44 +02:00
Rich Salz
0447316581 GH919: Fix wrappers for two headers
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-24 11:04:38 -04:00
Rich Salz
6aa36e8e5a Add OpenSSL copyright to .pl files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-21 08:23:39 -04:00
Matt Caswell
690b462126 Add some check for malloc failure in the CAPI engine
In the CAPI engine there were some unchecked calls to OPENSSL_strdup().

GH Issue #830

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-18 10:47:15 +01:00
Rich Salz
b6cff313cb Manual fixes after copyright consolidation
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 17:38:18 -04:00
Rich Salz
440e5d805f Copyright consolidation 02/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:20:27 -04:00
Matt Caswell
8aac5d2e5a Fix RSA dasync engine bug
When RSA went opaque a bug was introduced into the dasync engine where
the wrong function was being set for the rsa_priv_dec operation.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-05-17 16:37:45 +01:00
Richard Levitte
3c01ed680e Add missing initialiser in e_chil.c
RT#2616

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-16 18:03:40 +02:00
Dr. Stephen Henson
538dbbc6f7 typo
RT#4442

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-11 20:37:39 +01:00
Andy Polyakov
b1a07c3854 Remove obsolete defined(__INTEL__) condition.
This macro was defined by no-longer-supported __MWERKS__ compiler.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-02 12:35:01 +02:00
Matt Caswell
f0483bf7d2 Fix capi engine for no-dsa
The capi engine was failing to compile on Windows if the no-dsa option
was selected.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-22 14:42:15 +01:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Matt Caswell
627537ddf3 Fix AFALG kernel and headers mismatch problem
During Configure we attempt to check the kernel version of this platform
to see whether we can compile the AFALG engine. If the kernel version
looks recent enough then we enable AFALG. However when we compile
e_afalg.c we check the version of the linux headers. If there is a
mismatch between the linux headers and the currently running kernel then
we don't compile the AFLAG engine and continue. This was causing a link
error.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 10:09:31 +01:00
Matt Caswell
5158c763f5 Remove OPENSSL_NO_AES guards
no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES
guards can be removed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 21:25:24 +01:00
Richard Levitte
7e74eaa661 Rename internal symbol to follow internal naming pattern
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-13 15:23:47 +02:00
Matt Caswell
b3599dbb6a Rename int_*() functions to *_int()
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:59:03 +01:00
Matt Caswell
342c21cd8b Rename lots of *_intern or *_internal function to int_*
There was a lot of naming inconsistency, so we try and standardise on
one form.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:52:34 +01:00
Richard Levitte
e9c2b10014 Fix forgotten adaptation to opaque RSA and RSA_METHOD
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-07 02:17:35 +02:00
Richard Levitte
b72c912137 Make the RSA_METHOD structure opaque
Move rsa_meth_st away from public headers.
Add RSA_METHOD creator/destructor functions.
Add RSA_METHOD accessor/writer functions.
Adapt all other source to use the creator, destructor, accessors and writers.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:20 +02:00
Richard Levitte
6c13488c4e Make sure the rand_byte buffer in padlock engine is cleansed.
Submitted by Michael McConville <mmcco@mykolab.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 17:01:37 +02:00
Matt Caswell
aa05e7caea Rename get/set_app_data to get0/set0_app_data
Also fixed a style issue

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
a517f7fcdc Various DSA opacity fixups
Numerous fixups based on feedback of the DSA opacity changes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
6e9fa57c6d Make DSA_METHOD opaque
Move the dsa_method structure out of the public header file, and provide
getter and setter functions for creating and modifying custom DSA_METHODs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Rich Salz
921de151d2 Move dso.h to internal
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-23 09:12:11 -04:00
Richard Levitte
007c80eae4 Remove the remainder of util/mk1mf.pl and companion scripts
This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-21 11:02:00 +01:00
Matt Caswell
6bf73e53b7 Fix no-deprecated
The no-deprecated build was failing because afalg was relying on a
transitive include that does not exist in a no-deprecated build.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-18 17:07:11 +00:00
Matt Caswell
a57bfe43e3 Resolved unresolved symbols with no-hw
Compiling on Windows with no-hw was resulting in unresolved symbols
in the padlock engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-18 12:09:27 +00:00
Andy Polyakov
d43a8fdcd4 engines/Makefile.in: some [older] shell complain about 'for i ;',
but not if there is reference to empty variable.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-14 13:50:43 +01:00
Richard Levitte
f425f9dcff Add $(LIB_CFLAGS) for any build.info generator that uses $(CFLAGS)
The reason to do so is that some of the generators detect PIC flags
like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-13 00:02:55 +01:00
Matt Caswell
256ed966d3 Fix a memory leak in the afalg engine
The AFALG engine created a global EVP_CIPHER instance but was not freeing
it up when the engine was destroyed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 15:17:20 +00:00
Richard Levitte
9ee3a5bb24 Don't add engines if configured "no-engine"
Similarly, don't add e_capi if configured "no-capieng"

Also, indent a little deeper, for clarity.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 12:51:07 +01:00
Richard Levitte
707059a9ad Don't add afalg engine if configured "no-engine"
Also, indent a little deeper, for clarity.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 12:51:07 +01:00
Richard Levitte
5b14d5b5a0 Make sure the effect of "pic" / "no-pic" is used with assembler compilations
Before the 'Introduce the "pic" / "no-pic" config option' commit, the
shared_cflag value for the chosen config would be part of the make
variable CFLAG, which got replicated into CFLAGS and ASFLAGS.

Since said commit, the shared_cflag value has become a make variable
of its own, SHARED_CFLAG (which is left empty in a "no-pic" build).

However, ASFLAGS was forgotten.  That's what's corrected with this
change.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-09 12:33:23 +01:00
Richard Levitte
71a07ca7bf Convert the dynlocks in e_chil to the new Thread API locks
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 11:04:36 +01:00
Matt Caswell
af48aa7197 Remove another lock from e_chil
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-09 11:04:27 +01:00
Matt Caswell
0231a02963 Move chil engine to the new thread api
Move the chil engine to use the new thread API. As I don't have access to
the hardware I can't test this :-(. I think its ok...

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-09 11:04:14 +01:00
Alessandro Ghedini
2f78195677 Use correct function ID in error path
This fixes "make update".

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 01:20:53 +00:00
Richard Levitte
a8a355402c Adapt e_capi to the DSA_SIG_get0() API
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 23:24:03 +01:00
Richard Levitte
6a6462f0f1 Fix engine/asm/e_padlock-x86.pl for newer semantics
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-08 11:13:02 +01:00
Matt Caswell
e38c2e8535 Refactor dasync cipher implementations to improve code reuse
Move out most of the boiler plate code that is common between aes128-cbc
and aes128-cbc-hmac-sha1 into helper functions to improve code reuse.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00
Matt Caswell
11780ac3e2 Move the _hidden_* static variables in dasync to be constructed in bind
The _hidden_* variables were being created on-the-fly. It is better to
create them once up front during bind to avoid any potential race
conditions.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00
Matt Caswell
44ab2dfdf9 Rename EVP_CIPHER_CTX_cipher_data to EVP_CIPHER_CTX_get_cipher_data
We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes
more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00