(and that malloc can be called with an int argument).
- Use proper prototypes (with argument list) for various function pointers,
avoid casts (however there are still many such cases left in these files).
- Avoid collissions in app_info_cmp if sizeof int != sizeof long.
- Use CRYPTO_LOCK_MALLOC in mem_dbg.c.
- Made CRYPTO_MDEBUG even less used in crypto.h, giving
MemCheck_start() and MemCheck_stop() only one possible definition.
- Made the values of the debug function pointers in mem.c dependent
on the existence of the CRYPTO_MDEBUG macro, and made the rest of
the code understand the NULL case.
That's it. With this code, the old behvior of the debug functionality
is restored, but you can still opt to have it on, even when the
library wasn't compiled with a defined CRYPTO_MDEBUG.
- Moved the handling of compile-time defaults from crypto.h to
mem_dbg.c, since it doesn't make sense for the library users to try
to affect this without recompiling libcrypto.
- Made sure V_CRYPTO_MDEBUG_TIME and V_CRYPTO_MDEBUG_THREAD had clear
and constant definitions.
- Aesthetic correction.
With this change, the following is provided and present at all times
(meaning CRYPTO_MDEBUG is no longer required to get this functionality):
- hooks to provide your own allocation and deallocation routines.
They have to have the same interface as malloc(), realloc() and
free(). They are registered by calling CRYPTO_set_mem_functions()
with the function pointers.
- hooks to provide your own memory debugging routines. The have to
have the same interface as as the CRYPTO_dbg_*() routines. They
are registered by calling CRYPTO_set_mem_debug_functions() with
the function pointers.
I moved everything that was already built into OpenSSL and did memory
debugging to a separate file (mem_dbg.c), to make it clear what is
what.
With this, the relevance of the CRYPTO_MDEBUG has changed. The only
thing in crypto/crypto.h that it affects is the definition of the
MemCheck_start and MemCheck_stop macros.
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
new purpose getting function.
Update the ca-cert.pem and pca-cert.pem "CA" certificates so they
really are CA certificate: that is they have the appropriate extensions.
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1. Added code to the memory leak detecting code to give the user the
possibility to add information, thereby forming a traceback.
2. Make the memory leak detecting code multithread-safe.
The idea is that we're actually dealing with two separate critical
sections, one containing the hash tables with the information, the
other containing the current memory checking mode. Those should not
be handled with the same lock, especially since their handling overlap.
Hence, the added second lock.
