diff options
author | nectar <nectar@FreeBSD.org> | 2002-07-30 13:38:06 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2002-07-30 13:38:06 +0000 |
commit | 2f13e0916590f8488178999aec4874ed5662a031 (patch) | |
tree | f3c141823975717e132c7687cf833f6378cc87d4 /crypto/openssl/crypto | |
parent | 0aed2eea83b351d68092e43b5a9496ce3dd5043d (diff) | |
download | FreeBSD-src-2f13e0916590f8488178999aec4874ed5662a031.zip FreeBSD-src-2f13e0916590f8488178999aec4874ed5662a031.tar.gz |
Import of OpenSSL 0.9.6e.
Diffstat (limited to 'crypto/openssl/crypto')
44 files changed, 233 insertions, 103 deletions
diff --git a/crypto/openssl/crypto/Makefile.ssl b/crypto/openssl/crypto/Makefile.ssl index 30f929a..f96154c 100644 --- a/crypto/openssl/crypto/Makefile.ssl +++ b/crypto/openssl/crypto/Makefile.ssl @@ -51,11 +51,11 @@ all: buildinf.h lib subdirs buildinf.h: ../Makefile.ssl ( echo "#ifndef MK1MF_BUILD"; \ - echo " /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */"; \ - echo " #define CFLAGS \"$(CC) $(CFLAG)\""; \ - echo " #define PLATFORM \"$(PLATFORM)\""; \ + echo ' /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \ + echo ' #define CFLAGS "$(CC) $(CFLAG)"'; \ + echo ' #define PLATFORM "$(PLATFORM)"'; \ echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \ - echo "#endif" ) >buildinf.h + echo '#endif' ) >buildinf.h testapps: if echo ${SDIRS} | fgrep ' des '; \ @@ -134,7 +134,7 @@ depend: @for i in $(SDIRS) ;\ do \ (cd $$i; echo "making depend in crypto/$$i..."; \ - $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' depend ); \ + $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ); \ done; clean: diff --git a/crypto/openssl/crypto/asn1/a_bitstr.c b/crypto/openssl/crypto/asn1/a_bitstr.c index cdedb29..ecc0d4b 100644 --- a/crypto/openssl/crypto/asn1/a_bitstr.c +++ b/crypto/openssl/crypto/asn1/a_bitstr.c @@ -89,8 +89,6 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) if (a == NULL) return(0); len=a->length; - ret=1+len; - if (pp == NULL) return(ret); if (len > 0) { @@ -118,6 +116,10 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) } else bits=0; + + ret=1+len; + if (pp == NULL) return(ret); + p= *pp; *(p++)=(unsigned char)bits; diff --git a/crypto/openssl/crypto/asn1/a_enum.c b/crypto/openssl/crypto/asn1/a_enum.c index 1428d1d..1057171 100644 --- a/crypto/openssl/crypto/asn1/a_enum.c +++ b/crypto/openssl/crypto/asn1/a_enum.c @@ -205,7 +205,18 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) else ret->type=V_ASN1_ENUMERATED; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)OPENSSL_malloc(len+4); + if (ret->length < len+4) + { + unsigned char *new_data= + OPENSSL_realloc(ret->data, len+4); + if (!new_data) + { + ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); + goto err; + } + ret->data=new_data; + } + ret->length=BN_bn2bin(bn,ret->data); return(ret); err: diff --git a/crypto/openssl/crypto/asn1/a_int.c b/crypto/openssl/crypto/asn1/a_int.c index 6f0413f..0a24bef 100644 --- a/crypto/openssl/crypto/asn1/a_int.c +++ b/crypto/openssl/crypto/asn1/a_int.c @@ -451,7 +451,16 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) else ret->type=V_ASN1_INTEGER; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)OPENSSL_malloc(len+4); + if (ret->length < len+4) + { + unsigned char *new_data= OPENSSL_realloc(ret->data, len+4); + if (!new_data) + { + ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); + goto err; + } + ret->data=new_data; + } ret->length=BN_bn2bin(bn,ret->data); return(ret); err: diff --git a/crypto/openssl/crypto/asn1/a_set.c b/crypto/openssl/crypto/asn1/a_set.c index caf5a14..5b0938e 100644 --- a/crypto/openssl/crypto/asn1/a_set.c +++ b/crypto/openssl/crypto/asn1/a_set.c @@ -116,7 +116,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, } pStart = p; /* Catch the beg of Setblobs*/ - rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array + if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array we will store the SET blobs */ for (i=0; i<sk_num(a); i++) @@ -133,7 +133,7 @@ SetBlob /* Now we have to sort the blobs. I am using a simple algo. *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/ qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp); - pTempMem = OPENSSL_malloc(totSize); + if (!(pTempMem = OPENSSL_malloc(totSize))) return 0; /* Copy to temp mem */ p = pTempMem; diff --git a/crypto/openssl/crypto/asn1/a_utctm.c b/crypto/openssl/crypto/asn1/a_utctm.c index 3ae7432..dd5955a 100644 --- a/crypto/openssl/crypto/asn1/a_utctm.c +++ b/crypto/openssl/crypto/asn1/a_utctm.c @@ -270,6 +270,9 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) { struct tm *tm; +#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_DARWIN) + struct tm data; +#endif int offset; int year; @@ -287,7 +290,8 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) t -= offset*60; /* FIXME: may overflow in extreme cases */ #if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_DARWIN) - { struct tm data; gmtime_r(&t, &data); tm = &data; } + gmtime_r(&t, &data); + tm = &data; #else tm = gmtime(&t); #endif diff --git a/crypto/openssl/crypto/asn1/asn1_lib.c b/crypto/openssl/crypto/asn1/asn1_lib.c index a8b651e..1fe3fbc 100644 --- a/crypto/openssl/crypto/asn1/asn1_lib.c +++ b/crypto/openssl/crypto/asn1/asn1_lib.c @@ -124,15 +124,13 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, (int)(omax+ *pp)); #endif -#if 0 - if ((p+ *plength) > (omax+ *pp)) + if (*plength > (omax - (*pp - p))) { ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough * the values are set correctly */ ret|=0x80; } -#endif *pp=p; return(ret|inf); err: @@ -159,6 +157,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) i= *p&0x7f; if (*(p++) & 0x80) { + if (i > sizeof(long)) + return 0; if (max-- == 0) return(0); while (i-- > 0) { @@ -170,6 +170,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) else ret=i; } + if (ret < 0) + return 0; *pp=p; *rl=ret; return(1); @@ -407,7 +409,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) void asn1_add_error(unsigned char *address, int offset) { - char buf1[16],buf2[16]; + char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; sprintf(buf1,"%lu",(unsigned long)address); sprintf(buf2,"%d",offset); diff --git a/crypto/openssl/crypto/asn1/d2i_dhp.c b/crypto/openssl/crypto/asn1/d2i_dhp.c index 635ae82..223ebbb 100644 --- a/crypto/openssl/crypto/asn1/d2i_dhp.c +++ b/crypto/openssl/crypto/asn1/d2i_dhp.c @@ -87,6 +87,7 @@ DH *d2i_DHparams(DH **a, unsigned char **pp, long length) } M_ASN1_BIT_STRING_free(bs); + bs = NULL; M_ASN1_D2I_Finish_2(a); diff --git a/crypto/openssl/crypto/asn1/d2i_dsap.c b/crypto/openssl/crypto/asn1/d2i_dsap.c index 9d4dea6..a68f35d 100644 --- a/crypto/openssl/crypto/asn1/d2i_dsap.c +++ b/crypto/openssl/crypto/asn1/d2i_dsap.c @@ -84,6 +84,7 @@ DSA *d2i_DSAparams(DSA **a, unsigned char **pp, long length) if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn; M_ASN1_BIT_STRING_free(bs); + bs = NULL; M_ASN1_D2I_Finish_2(a); diff --git a/crypto/openssl/crypto/asn1/d2i_r_pr.c b/crypto/openssl/crypto/asn1/d2i_r_pr.c index 6c8a45f..afd5adb 100644 --- a/crypto/openssl/crypto/asn1/d2i_r_pr.c +++ b/crypto/openssl/crypto/asn1/d2i_r_pr.c @@ -108,6 +108,7 @@ RSA *d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length) goto err_bn; M_ASN1_INTEGER_free(bs); + bs = NULL; M_ASN1_D2I_Finish_2(a); err_bn: diff --git a/crypto/openssl/crypto/asn1/t_pkey.c b/crypto/openssl/crypto/asn1/t_pkey.c index ae18da9..a97341d 100644 --- a/crypto/openssl/crypto/asn1/t_pkey.c +++ b/crypto/openssl/crypto/asn1/t_pkey.c @@ -96,10 +96,34 @@ int RSA_print(BIO *bp, RSA *x, int off) char str[128]; const char *s; unsigned char *m=NULL; - int i,ret=0; + int ret=0; + size_t buf_len=0, i; - i=RSA_size(x); - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); + if (x->n) + buf_len = (size_t)BN_num_bytes(x->n); + if (x->e) + if (buf_len < (i = (size_t)BN_num_bytes(x->e))) + buf_len = i; + if (x->d) + if (buf_len < (i = (size_t)BN_num_bytes(x->d))) + buf_len = i; + if (x->p) + if (buf_len < (i = (size_t)BN_num_bytes(x->p))) + buf_len = i; + if (x->q) + if (buf_len < (i = (size_t)BN_num_bytes(x->q))) + buf_len = i; + if (x->dmp1) + if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1))) + buf_len = i; + if (x->dmq1) + if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1))) + buf_len = i; + if (x->iqmp) + if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp))) + buf_len = i; + + m=(unsigned char *)OPENSSL_malloc(buf_len+10); if (m == NULL) { RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -161,22 +185,25 @@ int DSA_print(BIO *bp, DSA *x, int off) { char str[128]; unsigned char *m=NULL; - int i,ret=0; - BIGNUM *bn=NULL; + int ret=0; + size_t buf_len=0,i; - if (x->p != NULL) - bn=x->p; - else if (x->priv_key != NULL) - bn=x->priv_key; - else if (x->pub_key != NULL) - bn=x->pub_key; - - /* larger than needed but what the hell :-) */ - if (bn != NULL) - i=BN_num_bytes(bn)*2; - else - i=256; - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); + if (x->p) + buf_len = (size_t)BN_num_bytes(x->p); + if (x->q) + if (buf_len < (i = (size_t)BN_num_bytes(x->q))) + buf_len = i; + if (x->g) + if (buf_len < (i = (size_t)BN_num_bytes(x->g))) + buf_len = i; + if (x->priv_key) + if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key))) + buf_len = i; + if (x->pub_key) + if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key))) + buf_len = i; + + m=(unsigned char *)OPENSSL_malloc(buf_len+10); if (m == NULL) { DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -281,10 +308,15 @@ int DHparams_print_fp(FILE *fp, DH *x) int DHparams_print(BIO *bp, DH *x) { unsigned char *m=NULL; - int reason=ERR_R_BUF_LIB,i,ret=0; + int reason=ERR_R_BUF_LIB,ret=0; + size_t buf_len=0, i; - i=BN_num_bytes(x->p); - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); + if (x->p) + buf_len = (size_t)BN_num_bytes(x->p); + if (x->g) + if (buf_len < (i = (size_t)BN_num_bytes(x->g))) + buf_len = i; + m=(unsigned char *)OPENSSL_malloc(buf_len+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -334,10 +366,18 @@ int DSAparams_print_fp(FILE *fp, DSA *x) int DSAparams_print(BIO *bp, DSA *x) { unsigned char *m=NULL; - int reason=ERR_R_BUF_LIB,i,ret=0; + int reason=ERR_R_BUF_LIB,ret=0; + size_t buf_len=0, i; - i=BN_num_bytes(x->p); - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); + if (x->p) + buf_len = (size_t)BN_num_bytes(x->p); + if (x->q) + if (buf_len < (i = (size_t)BN_num_bytes(x->q))) + buf_len = i; + if (x->g) + if (buf_len < (i = (size_t)BN_num_bytes(x->g))) + buf_len = i; + m=(unsigned char *)OPENSSL_malloc(buf_len+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; diff --git a/crypto/openssl/crypto/asn1/x_pubkey.c b/crypto/openssl/crypto/asn1/x_pubkey.c index 4397a40..914bcda 100644 --- a/crypto/openssl/crypto/asn1/x_pubkey.c +++ b/crypto/openssl/crypto/asn1/x_pubkey.c @@ -156,7 +156,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) dsa->write_params=0; ASN1_TYPE_free(a->parameter); i=i2d_DSAparams(dsa,NULL); - p=(unsigned char *)OPENSSL_malloc(i); + if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err; pp=p; i2d_DSAparams(dsa,&pp); a->parameter=ASN1_TYPE_new(); diff --git a/crypto/openssl/crypto/bio/b_print.c b/crypto/openssl/crypto/bio/b_print.c index bbd5101..90011db 100644 --- a/crypto/openssl/crypto/bio/b_print.c +++ b/crypto/openssl/crypto/bio/b_print.c @@ -56,6 +56,13 @@ * [including the GNU Public Licence.] */ +/* disable assert() unless BIO_DEBUG has been defined */ +#ifndef BIO_DEBUG +# ifndef NDEBUG +# define NDEBUG +# endif +#endif + /* * Stolen from tjh's ssl/ssl_trc.c stuff. */ diff --git a/crypto/openssl/crypto/bio/bf_nbio.c b/crypto/openssl/crypto/bio/bf_nbio.c index 413ef5c..988cd5a 100644 --- a/crypto/openssl/crypto/bio/bf_nbio.c +++ b/crypto/openssl/crypto/bio/bf_nbio.c @@ -104,7 +104,7 @@ static int nbiof_new(BIO *bi) { NBIO_TEST *nt; - nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)); + if (!(nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)))) return(0); nt->lrn= -1; nt->lwn= -1; bi->ptr=(char *)nt; diff --git a/crypto/openssl/crypto/bio/bss_bio.c b/crypto/openssl/crypto/bio/bss_bio.c index d836e3b..2797049 100644 --- a/crypto/openssl/crypto/bio/bss_bio.c +++ b/crypto/openssl/crypto/bio/bss_bio.c @@ -7,9 +7,18 @@ * for which no specific BIO method is available. * See ssl/ssltest.c for some hints on how this can be used. */ +/* BIO_DEBUG implies BIO_PAIR_DEBUG */ +#ifdef BIO_DEBUG +# ifndef BIO_PAIR_DEBUG +# define BIO_PAIR_DEBUG +# endif +#endif + +/* disable assert() unless BIO_PAIR_DEBUG has been defined */ #ifndef BIO_PAIR_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG +# ifndef NDEBUG +# define NDEBUG +# endif #endif #include <assert.h> diff --git a/crypto/openssl/crypto/bn/bn.h b/crypto/openssl/crypto/bn/bn.h index 7ce9d8c..2ea9cd7 100644 --- a/crypto/openssl/crypto/bn/bn.h +++ b/crypto/openssl/crypto/bn/bn.h @@ -155,7 +155,7 @@ extern "C" { #define BN_BYTES 4 #define BN_BITS2 32 #define BN_BITS4 16 -#ifdef WIN32 +#ifdef _MSC_VER /* VC++ doesn't like the LL suffix */ #define BN_MASK (0xffffffffffffffffL) #else diff --git a/crypto/openssl/crypto/bn/bn_div.c b/crypto/openssl/crypto/bn/bn_div.c index 613a268..903ab2e 100644 --- a/crypto/openssl/crypto/bn/bn_div.c +++ b/crypto/openssl/crypto/bn/bn_div.c @@ -190,10 +190,10 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, /* First we normalise the numbers */ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); - BN_lshift(sdiv,divisor,norm_shift); + if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err; sdiv->neg=0; norm_shift+=BN_BITS2; - BN_lshift(snum,num,norm_shift); + if (!(BN_lshift(snum,num,norm_shift))) goto err; snum->neg=0; div_n=sdiv->top; num_n=snum->top; @@ -315,7 +315,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, tmp->top=j; j=wnum.top; - BN_sub(&wnum,&wnum,tmp); + if (!BN_sub(&wnum,&wnum,tmp)) goto err; snum->top=snum->top+wnum.top-j; @@ -323,7 +323,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, { q--; j=wnum.top; - BN_add(&wnum,&wnum,sdiv); + if (!BN_add(&wnum,&wnum,sdiv)) goto err; snum->top+=wnum.top-j; } *(resp--)=q; diff --git a/crypto/openssl/crypto/bn/bn_gcd.c b/crypto/openssl/crypto/bn/bn_gcd.c index 3982071..e8cc6c5 100644 --- a/crypto/openssl/crypto/bn/bn_gcd.c +++ b/crypto/openssl/crypto/bn/bn_gcd.c @@ -168,8 +168,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) R=in; if (R == NULL) goto err; - BN_zero(X); - BN_one(Y); + if (!BN_zero(X)) goto err; + if (!BN_one(Y)) goto err; if (BN_copy(A,a) == NULL) goto err; if (BN_copy(B,n) == NULL) goto err; sign=1; diff --git a/crypto/openssl/crypto/bn/bn_mont.c b/crypto/openssl/crypto/bn/bn_mont.c index 8cf1feb..1daf507 100644 --- a/crypto/openssl/crypto/bn/bn_mont.c +++ b/crypto/openssl/crypto/bn/bn_mont.c @@ -224,7 +224,7 @@ int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont, if (!BN_mul(t1,t2,&mont->N,ctx)) goto err; if (!BN_add(t2,a,t1)) goto err; - BN_rshift(ret,t2,mont->ri); + if (!BN_rshift(ret,t2,mont->ri)) goto err; #endif /* MONT_WORD */ if (BN_ucmp(ret, &(mont->N)) >= 0) @@ -284,8 +284,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) BN_ULONG buf[2]; mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; - BN_zero(R); - BN_set_bit(R,BN_BITS2); /* R */ + if (!(BN_zero(R))) goto err; + if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ buf[0]=mod->d[0]; /* tmod = N mod word size */ buf[1]=0; @@ -296,36 +296,44 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) /* Ri = R^-1 mod N*/ if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL) goto err; - BN_lshift(&Ri,&Ri,BN_BITS2); /* R*Ri */ + /* R*Ri */ + if (!(BN_lshift(&Ri,&Ri,BN_BITS2))) goto err; if (!BN_is_zero(&Ri)) - BN_sub_word(&Ri,1); + { + if (!BN_sub_word(&Ri,1)) goto err; + } else /* if N mod word size == 1 */ - BN_set_word(&Ri,BN_MASK2); /* Ri-- (mod word size) */ - BN_div(&Ri,NULL,&Ri,&tmod,ctx); /* Ni = (R*Ri-1)/N, - * keep only least significant word: */ + /* Ri-- (mod word size) */ + { + if (!BN_set_word(&Ri,BN_MASK2)) goto err; + } + /* Ni = (R*Ri-1)/N, keep only least significant word: */ + if (!(BN_div(&Ri,NULL,&Ri,&tmod,ctx))) goto err; mont->n0=Ri.d[0]; BN_free(&Ri); } #else /* !MONT_WORD */ { /* bignum version */ mont->ri=BN_num_bits(mod); - BN_zero(R); - BN_set_bit(R,mont->ri); /* R = 2^ri */ + if (!(BN_zero(R))) goto err; + /* R = 2^ri */ + if (!(BN_set_bit(R,mont->ri))) goto err; /* Ri = R^-1 mod N*/ if ((BN_mod_inverse(&Ri,R,mod,ctx)) == NULL) goto err; - BN_lshift(&Ri,&Ri,mont->ri); /* R*Ri */ - BN_sub_word(&Ri,1); + /* R*Ri */ + if (!(BN_lshift(&Ri,&Ri,mont->ri))) goto err; + if (!(BN_sub_word(&Ri,1))) goto err; /* Ni = (R*Ri-1) / N */ - BN_div(&(mont->Ni),NULL,&Ri,mod,ctx); + if (!(BN_div(&(mont->Ni),NULL,&Ri,mod,ctx))) goto err; BN_free(&Ri); } #endif /* setup RR for conversions */ - BN_zero(&(mont->RR)); - BN_set_bit(&(mont->RR),mont->ri*2); - BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx); + if (!(BN_zero(&(mont->RR)))) goto err; + if (!(BN_set_bit(&(mont->RR),mont->ri*2))) goto err; + if (!(BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx))) goto err; return(1); err: @@ -336,9 +344,9 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) { if (to == from) return(to); - BN_copy(&(to->RR),&(from->RR)); - BN_copy(&(to->N),&(from->N)); - BN_copy(&(to->Ni),&(from->Ni)); + if (!(BN_copy(&(to->RR),&(from->RR)))) return NULL; + if (!(BN_copy(&(to->N),&(from->N)))) return NULL; + if (!(BN_copy(&(to->Ni),&(from->Ni)))) return NULL; to->ri=from->ri; to->n0=from->n0; return(to); diff --git a/crypto/openssl/crypto/bn/bn_mul.c b/crypto/openssl/crypto/bn/bn_mul.c index 3e8d8b9..9059271 100644 --- a/crypto/openssl/crypto/bn/bn_mul.c +++ b/crypto/openssl/crypto/bn/bn_mul.c @@ -634,7 +634,7 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) if ((al == 0) || (bl == 0)) { - BN_zero(r); + if (!BN_zero(r)) goto err; return(1); } top=al+bl; @@ -677,14 +677,14 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) { if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) { - bn_wexpand(b,al); + if (bn_wexpand(b,al) == NULL) goto err; b->d[bl]=0; bl++; i--; } else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) { - bn_wexpand(a,bl); + if (bn_wexpand(a,bl) == NULL) goto err; a->d[al]=0; al++; i++; @@ -699,16 +699,16 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) t = BN_CTX_get(ctx); if (al == j) /* exact multiple */ { - bn_wexpand(t,k*2); - bn_wexpand(rr,k*2); + if (bn_wexpand(t,k*2) == NULL) goto err; + if (bn_wexpand(rr,k*2) == NULL) goto err; bn_mul_recursive(rr->d,a->d,b->d,al,t->d); } else { - bn_wexpand(a,k); - bn_wexpand(b,k); - bn_wexpand(t,k*4); - bn_wexpand(rr,k*4); + if (bn_wexpand(a,k) == NULL ) goto err; + if (bn_wexpand(b,k) == NULL ) goto err; + if (bn_wexpand(t,k*4) == NULL ) goto err; + if (bn_wexpand(rr,k*4) == NULL ) goto err; for (i=a->top; i<k; i++) a->d[i]=0; for (i=b->top; i<k; i++) diff --git a/crypto/openssl/crypto/conf/Makefile.ssl b/crypto/openssl/crypto/conf/Makefile.ssl index f49f365..1a433ab 100644 --- a/crypto/openssl/crypto/conf/Makefile.ssl +++ b/crypto/openssl/crypto/conf/Makefile.ssl @@ -88,10 +88,12 @@ conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h conf_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h conf_def.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h -conf_def.o: ../../include/openssl/crypto.h ../../include/openssl/err.h -conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslv.h -conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -conf_def.o: ../../include/openssl/symhacks.h conf_def.h +conf_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h +conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +conf_def.o: ../cryptlib.h conf_def.h conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/err.h conf_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslv.h diff --git a/crypto/openssl/crypto/conf/conf_def.c b/crypto/openssl/crypto/conf/conf_def.c index 773df32..d43c9de 100644 --- a/crypto/openssl/crypto/conf/conf_def.c +++ b/crypto/openssl/crypto/conf/conf_def.c @@ -67,6 +67,7 @@ #include "conf_def.h" #include <openssl/buffer.h> #include <openssl/err.h> +#include "cryptlib.h" static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); @@ -180,12 +181,12 @@ static int def_destroy_data(CONF *conf) static int def_load(CONF *conf, BIO *in, long *line) { #define BUFSIZE 512 - char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again,n; long eline=0; + char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; diff --git a/crypto/openssl/crypto/cryptlib.c b/crypto/openssl/crypto/cryptlib.c index 8fd2d4d..832c6c0 100644 --- a/crypto/openssl/crypto/cryptlib.c +++ b/crypto/openssl/crypto/cryptlib.c @@ -491,3 +491,11 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason, #endif #endif + +void OpenSSLDie(const char *file,int line,const char *assertion) + { + fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n", + file,line,assertion); + abort(); + } + diff --git a/crypto/openssl/crypto/cryptlib.h b/crypto/openssl/crypto/cryptlib.h index 5eff5d3..576cbd6 100644 --- a/crypto/openssl/crypto/cryptlib.h +++ b/crypto/openssl/crypto/cryptlib.h @@ -89,6 +89,14 @@ extern "C" { #define X509_CERT_DIR_EVP "SSL_CERT_DIR" #define X509_CERT_FILE_EVP "SSL_CERT_FILE" +/* size of string represenations */ +#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) +#define HEX_SIZE(type) ((sizeof(type)*2) + +/* die if we have to */ +void OpenSSLDie(const char *file,int line,const char *assertion); +#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) + #ifdef __cplusplus } #endif diff --git a/crypto/openssl/crypto/des/des.h b/crypto/openssl/crypto/des/des.h index 6b8a7ee..0aaaceb 100644 --- a/crypto/openssl/crypto/des/des.h +++ b/crypto/openssl/crypto/des/des.h @@ -189,7 +189,7 @@ int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched, des_cblock *iv); char *des_fcrypt(const char *buf,const char *salt, char *ret); char *des_crypt(const char *buf,const char *salt); -#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) +#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(_UWIN) char *crypt(const char *buf,const char *salt); #endif void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits, diff --git a/crypto/openssl/crypto/dsa/dsa_asn1.c b/crypto/openssl/crypto/dsa/dsa_asn1.c index a76c8f7..649d17e 100644 --- a/crypto/openssl/crypto/dsa/dsa_asn1.c +++ b/crypto/openssl/crypto/dsa/dsa_asn1.c @@ -84,6 +84,7 @@ DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length) if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL) goto err_bn; M_ASN1_BIT_STRING_free(bs); + bs = NULL; M_ASN1_D2I_Finish_2(a); err_bn: diff --git a/crypto/openssl/crypto/dso/dso_dlfcn.c b/crypto/openssl/crypto/dso/dso_dlfcn.c index e709c72..acf09f5 100644 --- a/crypto/openssl/crypto/dso/dso_dlfcn.c +++ b/crypto/openssl/crypto/dso/dso_dlfcn.c @@ -112,7 +112,7 @@ DSO_METHOD *DSO_METHOD_dlfcn(void) * as we don't have autoconf yet, I'm implementing a hack that could * be hacked further relatively easily to deal with cases as we find * them. Initially this is to cope with OpenBSD. */ -#ifdef __OpenBSD__ +#if defined(__OpenBSD__) || defined(__NetBSD__) # ifdef DL_LAZY # define DLOPEN_FLAG DL_LAZY # else diff --git a/crypto/openssl/crypto/ebcdic.c b/crypto/openssl/crypto/ebcdic.c index 91a7a8b..a83536b 100644 --- a/crypto/openssl/crypto/ebcdic.c +++ b/crypto/openssl/crypto/ebcdic.c @@ -211,7 +211,7 @@ ascii2ebcdic(void *dest, const void *srce, size_t count) } #else /*CHARSET_EBCDIC*/ -#if defined(PEDANTIC) || defined(VMS) || defined(__VMS) +#if defined(PEDANTIC) || defined(VMS) || defined(__VMS) || defined(_DARWIN) static void *dummy=&dummy; #endif #endif diff --git a/crypto/openssl/crypto/evp/bio_enc.c b/crypto/openssl/crypto/evp/bio_enc.c index 831c71a..c425a97 100644 --- a/crypto/openssl/crypto/evp/bio_enc.c +++ b/crypto/openssl/crypto/evp/bio_enc.c @@ -106,8 +106,8 @@ static int enc_new(BIO *bi) BIO_ENC_CTX *ctx; ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX)); - EVP_CIPHER_CTX_init(&ctx->cipher); if (ctx == NULL) return(0); + EVP_CIPHER_CTX_init(&ctx->cipher); ctx->buf_len=0; ctx->buf_off=0; diff --git a/crypto/openssl/crypto/evp/c_allc.c b/crypto/openssl/crypto/evp/c_allc.c index f24d375..0820557 100644 --- a/crypto/openssl/crypto/evp/c_allc.c +++ b/crypto/openssl/crypto/evp/c_allc.c @@ -64,6 +64,10 @@ void OpenSSL_add_all_ciphers(void) { + static int done=0; + + if (done) return; + done=1; #ifndef NO_DES EVP_add_cipher(EVP_des_cfb()); EVP_add_cipher(EVP_des_ede_cfb()); diff --git a/crypto/openssl/crypto/evp/c_alld.c b/crypto/openssl/crypto/evp/c_alld.c index bbf059e..41695df 100644 --- a/crypto/openssl/crypto/evp/c_alld.c +++ b/crypto/openssl/crypto/evp/c_alld.c @@ -64,6 +64,10 @@ void OpenSSL_add_all_digests(void) { + static int done=0; + + if (done) return; + done=1; #ifndef NO_MD2 EVP_add_digest(EVP_md2()); #endif diff --git a/crypto/openssl/crypto/evp/evp.h b/crypto/openssl/crypto/evp/evp.h index 32d6e7c..dd1b8fa 100644 --- a/crypto/openssl/crypto/evp/evp.h +++ b/crypto/openssl/crypto/evp/evp.h @@ -228,7 +228,7 @@ typedef struct evp_pkey_md_st EVP_rsa_octet_string(),EVP_mdc2()) #define EVP_dsa_sha() \ EVP_PKEY_MD_add(NID_dsaWithSHA,\ - EVP_dsa(),EVP_mdc2()) + EVP_dsa(),EVP_sha()) #define EVP_dsa_sha1() \ EVP_PKEY_MD_add(NID_dsaWithSHA1,\ EVP_dsa(),EVP_sha1()) diff --git a/crypto/openssl/crypto/objects/o_names.c b/crypto/openssl/crypto/objects/o_names.c index dca9882..5eaf95b 100644 --- a/crypto/openssl/crypto/objects/o_names.c +++ b/crypto/openssl/crypto/objects/o_names.c @@ -61,6 +61,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), { MemCheck_off(); name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS)); + MemCheck_on(); + if (!name_funcs) return(0); name_funcs->hash_func = lh_strhash; name_funcs->cmp_func = (int (*)())strcmp; name_funcs->free_func = 0; /* NULL is often declared to @@ -68,6 +70,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), * to Compaq C is not really * compatible with a function * pointer. -- Richard Levitte*/ + MemCheck_off(); sk_NAME_FUNCS_push(name_funcs_stack,name_funcs); MemCheck_on(); } diff --git a/crypto/openssl/crypto/objects/obj_dat.c b/crypto/openssl/crypto/objects/obj_dat.c index d802c4d..41fdf6e 100644 --- a/crypto/openssl/crypto/objects/obj_dat.c +++ b/crypto/openssl/crypto/objects/obj_dat.c @@ -228,7 +228,7 @@ int OBJ_add_object(ASN1_OBJECT *obj) if (added == NULL) if (!init_added()) return(0); if ((o=OBJ_dup(obj)) == NULL) goto err; - ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); + if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err; if ((o->length != 0) && (obj->data != NULL)) ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->sn != NULL) @@ -428,7 +428,7 @@ int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name) unsigned long l; unsigned char *p; const char *s; - char tbuf[32]; + char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); diff --git a/crypto/openssl/crypto/opensslv.h b/crypto/openssl/crypto/opensslv.h index eb4b3d9..7ee8f76 100644 --- a/crypto/openssl/crypto/opensslv.h +++ b/crypto/openssl/crypto/opensslv.h @@ -25,8 +25,8 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x0090604fL -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6d 9 May 2002" +#define OPENSSL_VERSION_NUMBER 0x0090605fL +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6e 30 Jul 2002" #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/openssl/crypto/pem/pem2.h b/crypto/openssl/crypto/pem/pem2.h index 4e484bc..f31790d 100644 --- a/crypto/openssl/crypto/pem/pem2.h +++ b/crypto/openssl/crypto/pem/pem2.h @@ -61,7 +61,9 @@ extern "C" { #endif +#ifndef HEADER_PEM_H void ERR_load_PEM_strings(void); +#endif #ifdef __cplusplus } diff --git a/crypto/openssl/crypto/pem/pem_lib.c b/crypto/openssl/crypto/pem/pem_lib.c index e00af7c..01759f7 100644 --- a/crypto/openssl/crypto/pem/pem_lib.c +++ b/crypto/openssl/crypto/pem/pem_lib.c @@ -258,6 +258,7 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, PKCS8_PRIV_KEY_INFO *p8inf; p8inf=d2i_PKCS8_PRIV_KEY_INFO( (PKCS8_PRIV_KEY_INFO **) x, &p, len); + if(!p8inf) goto p8err; ret = (char *)EVP_PKCS82PKEY(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf); } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { diff --git a/crypto/openssl/crypto/perlasm/x86nasm.pl b/crypto/openssl/crypto/perlasm/x86nasm.pl index b4da364..519d8a5 100644 --- a/crypto/openssl/crypto/perlasm/x86nasm.pl +++ b/crypto/openssl/crypto/perlasm/x86nasm.pl @@ -209,7 +209,7 @@ sub using486 sub main'file { - push(@out, "segment .text\n"); + push(@out, "segment .text use32\n"); } sub main'function_begin diff --git a/crypto/openssl/crypto/pkcs12/pkcs12.h b/crypto/openssl/crypto/pkcs12/pkcs12.h index fefa1a6..08bf15a 100644 --- a/crypto/openssl/crypto/pkcs12/pkcs12.h +++ b/crypto/openssl/crypto/pkcs12/pkcs12.h @@ -141,8 +141,8 @@ union { #define PKCS12_ERROR 0 #define PKCS12_OK 1 -#define M_PKCS12_bag_type(bag) OBJ_obj2nid(bag->type) -#define M_PKCS12_cert_bag_type(bag) OBJ_obj2nid(bag->value.bag->type) +#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type) +#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type) #define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type #define M_PKCS12_x5092certbag(x509) \ diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c index b209a86..a45cf76 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -621,7 +621,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL, i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - pp=(unsigned char *)OPENSSL_malloc(x); + if (!(pp=(unsigned char *)OPENSSL_malloc(x))) goto err; p=pp; i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p, i2d_X509_ATTRIBUTE, @@ -817,7 +817,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); */ i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE); - pp=OPENSSL_malloc(i); + if (!(pp=OPENSSL_malloc(i))) goto err; p=pp; i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE); diff --git a/crypto/openssl/crypto/pkcs7/verify.c b/crypto/openssl/crypto/pkcs7/verify.c index 49fc8d8..bd27006 100644 --- a/crypto/openssl/crypto/pkcs7/verify.c +++ b/crypto/openssl/crypto/pkcs7/verify.c @@ -179,10 +179,11 @@ char *argv[]; { ASN1_UTCTIME *tm; char *str1,*str2; + int rc; si=sk_PKCS7_SIGNER_INFO_value(sk,i); - i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si); - if (i <= 0) + rc=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si); + if (rc <= 0) goto err; printf("signer info\n"); if ((tm=get_signed_time(si)) != NULL) diff --git a/crypto/openssl/crypto/rsa/rsa_eay.c b/crypto/openssl/crypto/rsa/rsa_eay.c index cafdc41..0112b5c 100644 --- a/crypto/openssl/crypto/rsa/rsa_eay.c +++ b/crypto/openssl/crypto/rsa/rsa_eay.c @@ -476,10 +476,10 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) int ret=0; BN_CTX *ctx; - if ((ctx=BN_CTX_new()) == NULL) goto err; BN_init(&m1); BN_init(&r1); BN_init(&vrfy); + if ((ctx=BN_CTX_new()) == NULL) goto err; if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) { diff --git a/crypto/openssl/crypto/txt_db/txt_db.c b/crypto/openssl/crypto/txt_db/txt_db.c index 3b04fe2..92fcbde 100644 --- a/crypto/openssl/crypto/txt_db/txt_db.c +++ b/crypto/openssl/crypto/txt_db/txt_db.c @@ -122,7 +122,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) else { buf->data[offset-1]='\0'; /* blat the '\n' */ - p=(char *)OPENSSL_malloc(add+offset); + if (!(p=(char *)OPENSSL_malloc(add+offset))) goto err; offset=0; } pp=(char **)p; diff --git a/crypto/openssl/crypto/x509v3/v3_ia5.c b/crypto/openssl/crypto/x509v3/v3_ia5.c index f3bba38..f941445 100644 --- a/crypto/openssl/crypto/x509v3/v3_ia5.c +++ b/crypto/openssl/crypto/x509v3/v3_ia5.c @@ -82,7 +82,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { char *tmp; if(!ia5 || !ia5->length) return NULL; - tmp = OPENSSL_malloc(ia5->length + 1); + if (!(tmp = OPENSSL_malloc(ia5->length + 1))) return NULL; memcpy(tmp, ia5->data, ia5->length); tmp[ia5->length] = 0; return tmp; |