From 37e48b88adda9334fedf83e18f1bff72b4b9c8cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Sat, 5 Feb 2000 19:29:00 +0000 Subject: [PATCH] Generate just one error code if iterated SSL_CTX_get() fails. Avoid enabled 'assert()' in production library. --- Configure | 26 ++++++++++++------------ TABLE | 28 +++++++++++++------------- crypto/bn/Makefile.ssl | 6 ++++++ crypto/bn/bn_ctx.c | 28 ++++++++++++++++++++++---- crypto/bn/bn_err.c | 2 +- crypto/des/Makefile.ssl | 2 +- crypto/des/des.h | 2 +- crypto/des/rand_key.c | 5 +++-- crypto/evp/Makefile.ssl | 40 +++++++++++++++++++++++++++++++++---- doc/crypto/BN_CTX_new.pod | 4 ++++ doc/crypto/BN_CTX_start.pod | 4 +++- util/libeay.num | 3 +++ 12 files changed, 109 insertions(+), 41 deletions(-) diff --git a/Configure b/Configure index f3ef09ff1..553d90e4b 100755 --- a/Configure +++ b/Configure @@ -96,15 +96,15 @@ my %table=( # Our development configs "purify", "purify gcc:-g -DPURIFY -Wall::(unknown):-lsocket -lnsl::::", -"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown):-lefence::::", -"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", -"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", -"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::", +"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown):-lefence::::", +"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", +"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", +"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::", "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-bodo", "gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::", +"debug-bodo", "gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::", "dist", "cc:-O::(unknown):::::", # Basic configs that should work on any box @@ -122,8 +122,8 @@ my %table=( # but keep the assembler modules. "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o:", #### -"debug-solaris-sparcv8-gcc","gcc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o::", -"debug-solaris-sparcv9-gcc","gcc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o::", +"debug-solaris-sparcv8-gcc","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o::", +"debug-solaris-sparcv9-gcc","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o::", #### SPARC Solaris with Sun C setups # DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests @@ -136,8 +136,8 @@ my %table=( "solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:", "solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:", #### -"debug-solaris-sparcv8-cc","cc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o::", -"debug-solaris-sparcv9-cc","cc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:", +"debug-solaris-sparcv8-cc","cc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o::", +"debug-solaris-sparcv9-cc","cc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:", #### SPARC Linux setups "linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::", @@ -217,7 +217,7 @@ my %table=( # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # bn86-elf.o file file since it is hand tweaked assembler. "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", -"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", +"debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", "linux-mips", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::", "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::::", diff --git a/TABLE b/TABLE index 1d266a8c7..15e71fb53 100644 --- a/TABLE +++ b/TABLE @@ -36,7 +36,7 @@ $rc5_obj = *** BS2000-OSD $cc = c89 -$cflags = -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC +$cflags = -O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC $unistd = $thread_cflag = (unknown) $lflags = -lsocket -lnsl @@ -580,7 +580,7 @@ $rc5_obj = *** debug $cc = gcc -$cflags = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror +$cflags = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror $unistd = $thread_cflag = (unknown) $lflags = -lefence @@ -597,7 +597,7 @@ $rc5_obj = *** debug-ben $cc = gcc -$cflags = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe +$cflags = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe $unistd = $thread_cflag = (unknown) $lflags = @@ -614,7 +614,7 @@ $rc5_obj = *** debug-ben-debug $cc = gcc -$cflags = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe +$cflags = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe $unistd = $thread_cflag = (unknown) $lflags = @@ -631,7 +631,7 @@ $rc5_obj = *** debug-ben-strict $cc = gcc -$cflags = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe +$cflags = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe $unistd = $thread_cflag = (unknown) $lflags = @@ -648,7 +648,7 @@ $rc5_obj = *** debug-bodo $cc = gcc -$cflags = -DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall +$cflags = -DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall $unistd = $thread_cflag = -D_REENTRANT $lflags = @@ -665,7 +665,7 @@ $rc5_obj = asm/r586-elf.o *** debug-levitte-linux-elf $cc = gcc -$cflags = -DRL_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe +$cflags = -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe $unistd = $thread_cflag = -D_REENTRANT $lflags = @@ -682,7 +682,7 @@ $rc5_obj = *** debug-linux-elf $cc = gcc -$cflags = -DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall +$cflags = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall $unistd = $thread_cflag = -D_REENTRANT $lflags = -lefence @@ -716,7 +716,7 @@ $rc5_obj = asm/r586-elf.o *** debug-solaris-sparcv8-cc $cc = cc -$cflags = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W +$cflags = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W $unistd = $thread_cflag = -D_REENTRANT $lflags = -lsocket -lnsl @@ -733,7 +733,7 @@ $rc5_obj = *** debug-solaris-sparcv8-gcc $cc = gcc -$cflags = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN +$cflags = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN $unistd = $thread_cflag = -D_REENTRANT $lflags = -lsocket -lnsl @@ -750,7 +750,7 @@ $rc5_obj = *** debug-solaris-sparcv9-cc $cc = cc -$cflags = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC +$cflags = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC $unistd = $thread_cflag = -D_REENTRANT $lflags = -lsocket -lnsl @@ -767,7 +767,7 @@ $rc5_obj = *** debug-solaris-sparcv9-gcc $cc = gcc -$cflags = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN +$cflags = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN $unistd = $thread_cflag = -D_REENTRANT $lflags = -lsocket -lnsl @@ -784,7 +784,7 @@ $rc5_obj = *** debug-steve $cc = gcc -$cflags = -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe +$cflags = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe $unistd = $thread_cflag = -D_REENTRANT $lflags = @@ -801,7 +801,7 @@ $rc5_obj = asm/r586-elf.o *** debug-ulf $cc = gcc -$cflags = -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe +$cflags = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe $unistd = $thread_cflag = -D_REENTRANT $lflags = diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index 94da20bd5..3b7b29827 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -185,6 +185,12 @@ bn_blind.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h bn_blind.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h bn_blind.o: ../../include/openssl/stack.h ../cryptlib.h bn_lcl.h +bn_ctx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_ctx.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +bn_ctx.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +bn_ctx.o: ../../include/openssl/stack.h ../cryptlib.h bn_div.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_div.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 8b079e237..f72b075cc 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -54,6 +54,11 @@ * */ +#ifndef BN_CTX_DEBUG +# undef NDEBUG /* avoid conflicting definitions */ +# define NDEBUG +#endif + #include #include #include "cryptlib.h" @@ -101,14 +106,21 @@ void BN_CTX_free(BN_CTX *ctx) void BN_CTX_start(BN_CTX *ctx) { - ctx->pos[ctx->depth++] = ctx->tos; + if (ctx->depth < BN_CTX_NUM_POS) + ctx->pos[ctx->depth] = ctx->tos; + ctx->depth++; } BIGNUM *BN_CTX_get(BN_CTX *ctx) { - if (ctx->tos >= BN_CTX_NUM) + if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) { - BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); + if (!ctx->too_many) + { + BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); + /* disable error code until SSL_CTX_end is called: */ + ctx->too_many = 1; + } return NULL; } return (&(ctx->bn[ctx->tos++])); @@ -118,6 +130,14 @@ void BN_CTX_end(BN_CTX *ctx) { if (ctx == NULL) return; assert(ctx->depth > 0); + if (ctx->depth == 0) + /* should never happen, but we can tolerate it if not in + * debug mode (could be a 'goto err' in the calling function + * before BN_CTX_start was reached) */ + BN_CTX_start(ctx); + + ctx->too_many = 0; ctx->depth--; - ctx->tos = ctx->pos[ctx->depth]; + if (ctx->depth < BN_CTX_NUM_POS) + ctx->tos = ctx->pos[ctx->depth]; } diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index de3aaeb03..f3b9497dc 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -71,7 +71,7 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"}, {ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"}, {ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"}, -{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_GET"}, +{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"}, {ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, {ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, {ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl index 16eeb940d..e6a4c7cd8 100644 --- a/crypto/des/Makefile.ssl +++ b/crypto/des/Makefile.ssl @@ -189,7 +189,7 @@ pcbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h qud_cksm.o: ../../include/openssl/opensslconf.h des_locl.h rand_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h -rand_key.o: ../../include/openssl/opensslconf.h des_locl.h +rand_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h read2pwd.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h read2pwd.o: ../../include/openssl/opensslconf.h des_locl.h read_pwd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h diff --git a/crypto/des/des.h b/crypto/des/des.h index b49200243..98a9c4127 100644 --- a/crypto/des/des.h +++ b/crypto/des/des.h @@ -186,7 +186,7 @@ void des_pcbc_encrypt(const unsigned char *input,unsigned char *output, DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[], long length,int out_count,des_cblock *seed); void des_random_seed(des_cblock *key); -void des_random_key(des_cblock *ret); +int des_random_key(des_cblock *ret); int des_read_password(des_cblock *key,const char *prompt,int verify); int des_read_2passwords(des_cblock *key1,des_cblock *key2, const char *prompt,int verify); diff --git a/crypto/des/rand_key.c b/crypto/des/rand_key.c index a63e8411b..7816a8f25 100644 --- a/crypto/des/rand_key.c +++ b/crypto/des/rand_key.c @@ -61,8 +61,9 @@ void des_random_seed(des_cblock *key) RAND_seed(key, sizeof(des_cblock)); } -void des_random_key(des_cblock *ret) +int des_random_key(des_cblock *ret) { - RAND_bytes((unsigned char *)ret, sizeof(des_cblock)); + int r = RAND_bytes((unsigned char *)ret, sizeof(des_cblock)); des_set_odd_parity(ret); + return r; } diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl index e64902cb0..1150e8892 100644 --- a/crypto/evp/Makefile.ssl +++ b/crypto/evp/Makefile.ssl @@ -178,13 +178,45 @@ c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h c_all.o: ../../include/openssl/idea.h ../../include/openssl/md2.h c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h -c_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h c_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h c_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -c_all.o: ../../include/openssl/stack.h ../../include/openssl/x509.h -c_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +c_all.o: ../../include/openssl/stack.h ../cryptlib.h +c_allc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_allc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +c_allc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h +c_allc.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +c_allc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h +c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +c_allc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +c_allc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_allc.o: ../../include/openssl/stack.h ../../include/openssl/x509.h +c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +c_alld.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +c_alld.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +c_alld.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h +c_alld.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +c_alld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h +c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +c_alld.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +c_alld.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +c_alld.o: ../../include/openssl/stack.h ../../include/openssl/x509.h +c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h diff --git a/doc/crypto/BN_CTX_new.pod b/doc/crypto/BN_CTX_new.pod index 2a02da03b..c94d8c610 100644 --- a/doc/crypto/BN_CTX_new.pod +++ b/doc/crypto/BN_CTX_new.pod @@ -27,6 +27,10 @@ B. BN_CTX_free() frees the components of the B, and if it was created by BN_CTX_new(), also the structure itself. +If L has been used on the B, +L must be called before the B +may be freed by BN_CTX_free(). + =head1 RETURN VALUES diff --git a/doc/crypto/BN_CTX_start.pod b/doc/crypto/BN_CTX_start.pod index 3e1032375..c30552b12 100644 --- a/doc/crypto/BN_CTX_start.pod +++ b/doc/crypto/BN_CTX_start.pod @@ -36,7 +36,9 @@ BN_CTX_start() and BN_CTX_end() return no values. BN_CTX_get() returns a pointer to the B, or B on error. Once BN_CTX_get() has failed, the subsequent calls will return B as well, so it is sufficient to check the return value of the last -BN_CTX_get() call. +BN_CTX_get() call. In case of an error, an error code is set, which +can be obtained by L. + =head1 SEE ALSO diff --git a/util/libeay.num b/util/libeay.num index 6e8777d48..1d345d3e4 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -2213,3 +2213,6 @@ sk_CRYPTO_EX_DATA_FUNCS_insert 2237 sk_CRYPTO_EX_DATA_FUNCS_zero 2238 BN_pseudo_rand 2239 BN_is_prime_fasttest 2240 +BN_CTX_end 2241 +BN_CTX_start 2242 +BN_CTX_get 2243