diff --git a/CHANGES b/CHANGES index 34ad6c80b887e..f1cfe73a80c17 100644 --- a/CHANGES +++ b/CHANGES @@ -4,19 +4,43 @@ Changes between 0.9.5a and 0.9.6 [xx XXX 2000] - *) Remove lots of duplicated code from the EVP library. For example *every* - cipher init() function handles the 'iv' in the same way according to the - cipher mode. They also all do nothing if the 'key' parameter is NULL and - for CFB and OFB modes they zero ctx->num. + *) New function BN_mod_exp_mont_word for small bases (roughly 20% + faster than BN_mod_exp_mont even though it does not use + windowing). + [Bodo Moeller] - Most of the routines have the same form and so can be declared in terms - of macros. + *) CygWin32 support. + [John Jarvie ] - By shifting this to the top level EVP_CipherInit() it can be removed from - all individual ciphers. If the cipher wants to handle IVs or keys - differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT - flags. - [Steve Henson] + *) The type-safe stack code has been rejigged. It is now only compiled + in when OpenSSL is configured with the DEBUG_SAFESTACK option and + by default all type-specific stack functions are "#define"d back to + standard stack functions. This results in more streamlined output + but retains the type-safety checking possibilities of the original + approach. + [Geoff Thorpe] + + *) The STACK code has been cleaned up, and certain type declarations + that didn't make a lot of sense have been brought in line. This has + also involved a cleanup of sorts in safestack.h to more correctly + map type-safe stack functions onto their plain stack counterparts. + This work has also resulted in a variety of "const"ifications of + lots of the code, especially "_cmp" operations which should normally + be prototyped with "const" parameters anyway. + [Geoff Thorpe] + + *) When generating bytes for the first time in md_rand.c, 'stir the pool' + by seeding with STATE_SIZE dummy bytes (with zero entropy count). + (The PRNG state consists of two parts, the large pool 'state' and 'md', + where all of 'md' is used each time the PRNG is used, but 'state' + is used only indexed by a cyclic counter. As entropy may not be + well distributed from the beginning, 'md' is important as a + chaining variable. However, the output function chains only half + of 'md', i.e. 80 bits. ssleay_rand_add, on the other hand, chains + all of 'md', and seeding with STATE_SIZE dummy bytes will result + in all of 'state' being rewritten, with the new values depending + on virtually all of 'md'. This overcomes the 80 bit limitation.) + [Bodo Moeller] *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when the handshake is continued after ssl_verify_cert_chain(); @@ -24,15 +48,29 @@ can lead to 'unexplainable' connection aborts later. [Bodo Moeller; problem tracked down by Lutz Jaenicke] - *) EVP cipher enhancement. Add hooks for extra EVP features. This will allow - various cipher parameters to be set in the EVP interface. Initially - support added for variable key length ciphers via the - EVP_CIPHER_CTX_set_key_length() function. Other cipher specific - parameters will be added later via the new catchall 'ctrl' function. + *) Major EVP API cipher revision. + Add hooks for extra EVP features. This allows various cipher + parameters to be set in the EVP interface. Support added for variable + key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and + setting of RC2 and RC5 parameters. + + Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length + ciphers. + + Remove lots of duplicated code from the EVP library. For example *every* + cipher init() function handles the 'iv' in the same way according to the + cipher mode. They also all do nothing if the 'key' parameter is NULL and + for CFB and OFB modes they zero ctx->num. + New functionality allows removal of S/MIME code RC2 hack. - Still needs support in other library functions, and allow parameter - setting for algorithms like RC2, RC5. + Most of the routines have the same form and so can be declared in terms + of macros. + + By shifting this to the top level EVP_CipherInit() it can be removed from + all individual ciphers. If the cipher wants to handle IVs or keys + differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT + flags. Change lots of functions like EVP_EncryptUpdate() to now return a value: although software versions of the algorithms cannot fail diff --git a/Configure b/Configure index 836002a8f0d5d..a2ad62c2ceed1 100755 --- a/Configure +++ b/Configure @@ -38,7 +38,10 @@ my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # 386 generate 80386 code # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through -# +# +# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items +# provided to stack calls. Generates unique stack functions for +# each possible stack type. # DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h # DES_RISC1 use different DES_ENCRYPT macro that helps reduce register # dependancies but needs to more registers, good for RISC CPU's @@ -104,8 +107,8 @@ my %table=( # Our development configs "purify", "purify gcc:-g -DPURIFY -Wall::(unknown):-lsocket -lnsl::::", "debug", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown):-lefence::::", -"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", -"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", +"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", +"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::", "debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::", "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", "debug-bodo", "gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", @@ -165,7 +168,7 @@ my %table=( # Sunos configs, assuming sparc for the gcc one. ##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown)::DES_UNROLL:::", -"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::", +"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):-liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::", #### IRIX 5.x configs # -mips2 flag is added by ./config when appropriate. @@ -175,11 +178,11 @@ my %table=( # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke # './Configure irix-[g]cc' manually. # -mips4 flag is added by ./config when appropriate. -"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::(unknown)::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", -"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::(unknown)::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", +"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", +"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::", # N64 ABI builds. -"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::(unknown)::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", -"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::(unknown)::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::", #### Unified HP-UX ANSI C configs. # Special notes: @@ -265,10 +268,10 @@ my %table=( # # # -"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::", -"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::", -"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::", -"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::", +"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::", +"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::", +"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::", +"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::", # assembler versions -- currently defunct: ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::", @@ -296,7 +299,7 @@ my %table=( "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::", # Linux on ARM -"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::dlfcn", +"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn", # UnixWare 2.0 "unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::", @@ -364,12 +367,14 @@ my %table=( "BC-32","bcc32:::::BN_LLONG DES_PTR RC4_INDEX:::", "BC-16","bcc:::(unknown)::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", -# CygWin32 +# Mingw32 # (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl # and its library files in util/pl/*) -"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:", "Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:", +# CygWin32 +"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:", + # Ultrix from Bernhard Simon "ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown)::::::", "ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown)::::::", @@ -388,7 +393,7 @@ my %table=( ); my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32 - BC-16 CygWin32 Mingw32); + BC-16 Mingw32); my $prefix=""; my $openssldir=""; @@ -435,6 +440,7 @@ my $openssl_other_defines=""; my $libs=""; my $target=""; my $options=""; +my $symlink=1; foreach (@ARGV) { s /^-no-/no-/; # some people just can't read the instructions @@ -450,6 +456,8 @@ foreach (@ARGV) { $no_threads=1; } elsif (/^threads$/) { $threads=1; } + elsif (/^no-symlinks$/) + { $symlink=0; } elsif (/^no-(.+)$/) { my $algo=$1; @@ -902,7 +910,8 @@ if($IsWindows) { EOF close(OUT); } else { - (system "make -f Makefile.ssl PERL=\'$perl\' links") == 0 or exit $?; + (system "make -f Makefile.ssl PERL=\'$perl\' links") == 0 or exit $? + if $symlink; ### (system 'make depend') == 0 or exit $? if $depflags ne ""; # Run "make depend" manually if you want to be able to delete # the source code files of ciphers you left out. diff --git a/FAQ b/FAQ index ff5ea089d3a9f..5ef591574c04a 100644 --- a/FAQ +++ b/FAQ @@ -21,6 +21,8 @@ OpenSSL - Frequently Asked Questions * Why can't I make an SSL connection using a DSA certificate? * How can I remove the passphrase on a private key? * Why can't the OpenSSH configure script detect OpenSSL? +* Why does the OpenSSL test fail with "bc: command not found"? +* Why does the OpenSSL test fail with "bc: 1 no implemented"? * Which is the current version of OpenSSL? @@ -305,3 +307,19 @@ applied to the OpenSSH distribution: fi LIBS="$LIBS -lcrypto" ----- snip:end ----- + + +* Why does the OpenSSL test fail with "bc: command not found"? + +You didn't install "bc", the Unix calculator. If you want to run the +tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor. + + +* Why does the OpenSSL test fail with "bc: 1 no implemented"? + +On some SCO installations or versions, bc has a bug that gets triggered when +you run the test suite (using "make test"). The message returned is "bc: +1 not implemented". The best way to deal with this is to find another +implementation of bc and compile/install it. For example, GNU bc (see +http://www.gnu.org/software/software.html for download instructions) can +be safely used. diff --git a/INSTALL.W32 b/INSTALL.W32 index 7b81ac0579efb..3e3009548619c 100644 --- a/INSTALL.W32 +++ b/INSTALL.W32 @@ -134,6 +134,52 @@ > cd out > ..\ms\test + GNU C (CygWin32) + --------------- + + CygWin32 provides a bash shell and GNU tools environment running on + NT 4.0, Windows 9x and Windows 2000. Consequently, a make of OpenSSL + with CygWin is closer to a GNU bash environment such as Linux rather + than other W32 makes that are based on a single makefile approach. + CygWin32 implements Posix/Unix calls through cygwin1.dll, and is + contrasted to Mingw32 which links dynamically to msvcrt.dll or + crtdll.dll. + + To build OpenSSL using CygWin32: + + * Install CygWin32 (see http://sourceware.cygnus.com/cygwin) + + * Install Perl and ensure it is in the path + + * Run the CygWin bash shell + + * $ tar zxvf openssl-x.x.x.tar.gz + $ cd openssl-x.x.x + $ ./Configure no-threads CygWin32 + [...] + $ make + [...] + $ make test + $ make install + + This will create a default install in /usr/local/ssl. + + CygWin32 Notes: + + "make test" and normal file operations may fail in directories + mounted as text (i.e. mount -t c:\somewhere /home) due to CygWin + stripping of carriage returns. To avoid this ensure that a binary + mount is used, e.g. mount -b c:\somewhere /home. + + As of version 1.1.1 CygWin32 is relatively unstable in its handling + of cr/lf issues. These make procedures succeeded with versions 1.1 and + the snapshot 20000524 (Slow!). + + "bc" is not provided in the CygWin32 distribution. This causes a + non-fatal error in "make test" but is otherwise harmless. If + desired, GNU bc can be built with CygWin32 without change. + + Troubleshooting --------------- diff --git a/Makefile.org b/Makefile.org index 62a300ff5cd79..c1a59c4bd8f71 100644 --- a/Makefile.org +++ b/Makefile.org @@ -299,6 +299,9 @@ tags: errors: perl util/mkerr.pl -recurse -write +stacks: + perl util/mkstack.pl -recurse + util/libeay.num:: perl util/mkdef.pl crypto update @@ -312,7 +315,7 @@ TABLE: Configure (echo 'Output of `Configure TABLE'"':"; \ perl Configure TABLE) > TABLE -update: depend errors util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE +update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE tar: @$(TAR) $(TARFLAGS) -cvf - \ diff --git a/TABLE b/TABLE index e066f0484c512..49f72e0d46443 100644 --- a/TABLE +++ b/TABLE @@ -1404,6 +1404,24 @@ $rmd160_obj = asm/rm86-elf.o $rc5_obj = asm/r586-elf.o $dso_scheme = dlfcn +*** linux-elf-arm +$cc = gcc +$cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall +$unistd = +$thread_cflag = -D_REENTRANT +$lflags = +$bn_ops = BN_LLONG +$bn_obj = +$des_obj = +$bf_obj = +$md5_obj = +$sha1_obj = +$cast_obj = +$rc4_obj = +$rmd160_obj = +$rc5_obj = +$dso_scheme = dlfcn + *** linux-ia64 $cc = gcc $cflags = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 9965b71edffa3..fb73899ccf303 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -135,7 +135,7 @@ $(DLIBCRYPTO): $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(RM) $(PROGRAM) $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS) - @(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; $(PERL) tools/c_rehash certs) + -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; $(PERL) tools/c_rehash certs) progs.h: progs.pl $(PERL) progs.pl $(E_EXE) >progs.h diff --git a/apps/apps.c b/apps/apps.c index a87d23bf3312e..f063d8312834b 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -91,8 +91,8 @@ int args_from_file(char *file, int *argc, char **argv[]) *argv=NULL; len=(unsigned int)stbuf.st_size; - if (buf != NULL) Free(buf); - buf=(char *)Malloc(len+1); + if (buf != NULL) OPENSSL_free(buf); + buf=(char *)OPENSSL_malloc(len+1); if (buf == NULL) return(0); len=fread(buf,1,len,fp); @@ -102,8 +102,8 @@ int args_from_file(char *file, int *argc, char **argv[]) i=0; for (p=buf; *p; p++) if (*p == '\n') i++; - if (arg != NULL) Free(arg); - arg=(char **)Malloc(sizeof(char *)*(i*2)); + if (arg != NULL) OPENSSL_free(arg); + arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2)); *argv=arg; num=0; @@ -266,7 +266,7 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) if (arg->count == 0) { arg->count=20; - arg->data=(char **)Malloc(sizeof(char *)*arg->count); + arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); } for (i=0; icount; i++) arg->data[i]=NULL; @@ -285,7 +285,7 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) if (num >= arg->count) { arg->count+=20; - arg->data=(char **)Realloc(arg->data, + arg->data=(char **)OPENSSL_realloc(arg->data, sizeof(char *)*arg->count); if (argc == 0) return(0); } diff --git a/apps/asn1pars.c b/apps/asn1pars.c index f104ebc1f08ae..2d64492ffd841 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -108,7 +108,7 @@ int MAIN(int argc, char **argv) argv++; if ((osk=sk_new_null()) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto end; } while (argc >= 1) diff --git a/apps/ca.c b/apps/ca.c index 62747ec47c486..69352654e2e1f 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -808,7 +808,7 @@ EF_ALIGNMENT=0; { if ((f=BN_bn2hex(serial)) == NULL) goto err; BIO_printf(bio_err,"next serial number is %s\n",f); - Free(f); + OPENSSL_free(f); } if ((attribs=CONF_get_section(conf,policy)) == NULL) @@ -819,7 +819,7 @@ EF_ALIGNMENT=0; if ((cert_sk=sk_X509_new_null()) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } if (spkac_file != NULL) @@ -836,7 +836,7 @@ EF_ALIGNMENT=0; if (!BN_add_word(serial,1)) goto err; if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } if (outfile) @@ -860,7 +860,7 @@ EF_ALIGNMENT=0; if (!BN_add_word(serial,1)) goto err; if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -879,7 +879,7 @@ EF_ALIGNMENT=0; if (!BN_add_word(serial,1)) goto err; if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -898,7 +898,7 @@ EF_ALIGNMENT=0; if (!BN_add_word(serial,1)) goto err; if (!sk_X509_push(cert_sk,x)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -1580,7 +1580,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, /* Ok, now we check the 'policy' stuff. */ if ((subject=X509_NAME_new()) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -1678,7 +1678,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, { if (push != NULL) X509_NAME_ENTRY_free(push); - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } } @@ -1700,7 +1700,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, row[DB_serial]=BN_bn2hex(serial); if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -1841,32 +1841,32 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, goto err; /* We now just add it to the database */ - row[DB_type]=(char *)Malloc(2); + row[DB_type]=(char *)OPENSSL_malloc(2); tm=X509_get_notAfter(ret); - row[DB_exp_date]=(char *)Malloc(tm->length+1); + row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1); memcpy(row[DB_exp_date],tm->data,tm->length); row[DB_exp_date][tm->length]='\0'; row[DB_rev_date]=NULL; /* row[DB_serial] done already */ - row[DB_file]=(char *)Malloc(8); + row[DB_file]=(char *)OPENSSL_malloc(8); /* row[DB_name] done already */ if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || (row[DB_file] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } strcpy(row[DB_file],"unknown"); row[DB_type][0]='V'; row[DB_type][1]='\0'; - if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) + if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -1886,7 +1886,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, ok=1; err: for (i=0; ilength+1); + row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1); memcpy(row[DB_exp_date],tm->data,tm->length); row[DB_exp_date][tm->length]='\0'; row[DB_rev_date]=NULL; /* row[DB_serial] done already */ - row[DB_file]=(char *)Malloc(8); + row[DB_file]=(char *)OPENSSL_malloc(8); /* row[DB_name] done already */ if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || (row[DB_file] == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } strcpy(row[DB_file],"unknown"); row[DB_type][0]='V'; row[DB_type][1]='\0'; - if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) + if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } @@ -2218,7 +2218,7 @@ static int do_revoke(X509 *x509, TXT_DB *db) revtm=X509_gmtime_adj(revtm,0); rrow[DB_type][0]='R'; rrow[DB_type][1]='\0'; - rrow[DB_rev_date]=(char *)Malloc(revtm->length+1); + rrow[DB_rev_date]=(char *)OPENSSL_malloc(revtm->length+1); memcpy(rrow[DB_rev_date],revtm->data,revtm->length); rrow[DB_rev_date][revtm->length]='\0'; ASN1_UTCTIME_free(revtm); @@ -2228,7 +2228,7 @@ static int do_revoke(X509 *x509, TXT_DB *db) for (i=0; ip); bits=BN_num_bits(dh->p); - data=(unsigned char *)Malloc(len); + data=(unsigned char *)OPENSSL_malloc(len); if (data == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); goto end; } l=BN_bn2bin(dh->p,data); @@ -285,7 +285,7 @@ int MAIN(int argc, char **argv) printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n"); printf("\t\treturn(NULL);\n"); printf("\treturn(dh);\n\t}\n"); - Free(data); + OPENSSL_free(data); } diff --git a/apps/dhparam.c b/apps/dhparam.c index 709547ff5e6f5..a738c5af67841 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -285,7 +285,7 @@ int MAIN(int argc, char **argv) DSA *dsa; BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err); + dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err); if (dsa == NULL) { ERR_print_errors(bio_err); @@ -432,10 +432,10 @@ int MAIN(int argc, char **argv) len=BN_num_bytes(dh->p); bits=BN_num_bits(dh->p); - data=(unsigned char *)Malloc(len); + data=(unsigned char *)OPENSSL_malloc(len); if (data == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); goto end; } printf("#ifndef HEADER_DH_H\n" @@ -472,7 +472,7 @@ int MAIN(int argc, char **argv) if (dh->length) printf("\tdh->length = %d;\n", dh->length); printf("\treturn(dh);\n\t}\n"); - Free(data); + OPENSSL_free(data); } diff --git a/apps/dsa.c b/apps/dsa.c index 4977671b8adc1..842e0c0d15ae9 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -283,8 +283,8 @@ int MAIN(int argc, char **argv) if(in != NULL) BIO_free(in); if(out != NULL) BIO_free(out); if(dsa != NULL) DSA_free(dsa); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); EXIT(ret); } #endif diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 4d4e1ad2b5008..a15d6ea309671 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -260,10 +260,10 @@ int MAIN(int argc, char **argv) bits_p=BN_num_bits(dsa->p); bits_q=BN_num_bits(dsa->q); bits_g=BN_num_bits(dsa->g); - data=(unsigned char *)Malloc(len+20); + data=(unsigned char *)OPENSSL_malloc(len+20); if (data == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); goto end; } l=BN_bn2bin(dsa->p,data); diff --git a/apps/enc.c b/apps/enc.c index 6531c58c542e7..49338aca0fdc7 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -343,11 +343,11 @@ int MAIN(int argc, char **argv) if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize); } - strbuf=Malloc(SIZE); - buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize)); + strbuf=OPENSSL_malloc(SIZE); + buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize)); if ((buff == NULL) || (strbuf == NULL)) { - BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); + BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); goto end; } @@ -581,13 +581,13 @@ int MAIN(int argc, char **argv) } end: ERR_print_errors(bio_err); - if (strbuf != NULL) Free(strbuf); - if (buff != NULL) Free(buff); + if (strbuf != NULL) OPENSSL_free(strbuf); + if (buff != NULL) OPENSSL_free(buff); if (in != NULL) BIO_free(in); if (out != NULL) BIO_free(out); if (benc != NULL) BIO_free(benc); if (b64 != NULL) BIO_free(b64); - if(pass) Free(pass); + if(pass) OPENSSL_free(pass); EXIT(ret); } diff --git a/apps/gendsa.c b/apps/gendsa.c index b1a1c4fcfae9f..1937613849fc0 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -211,7 +211,7 @@ int MAIN(int argc, char **argv) if (in != NULL) BIO_free(in); if (out != NULL) BIO_free(out); if (dsa != NULL) DSA_free(dsa); - if(passout) Free(passout); + if(passout) OPENSSL_free(passout); EXIT(ret); } #endif diff --git a/apps/genrsa.c b/apps/genrsa.c index 6fe578d69feb6..4cbccf8456e00 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -213,7 +213,7 @@ int MAIN(int argc, char **argv) err: if (rsa != NULL) RSA_free(rsa); if (out != NULL) BIO_free(out); - if(passout) Free(passout); + if(passout) OPENSSL_free(passout); if (ret != 0) ERR_print_errors(bio_err); EXIT(ret); diff --git a/apps/openssl.c b/apps/openssl.c index a2a263062dfb5..5f0ffa9fd4970 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -201,7 +201,7 @@ int main(int Argc, char *Argv[]) config=NULL; } if (prog != NULL) lh_free(prog); - if (arg.data != NULL) Free(arg.data); + if (arg.data != NULL) OPENSSL_free(arg.data); ERR_remove_state(0); EVP_cleanup(); diff --git a/apps/passwd.c b/apps/passwd.c index 4650ea503dde6..e991fefaa5e0a 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -200,7 +200,7 @@ int MAIN(int argc, char **argv) passwd_malloc_size = pw_maxlen + 2; /* longer than necessary so that we can warn about truncation */ - passwd = passwd_malloc = Malloc(passwd_malloc_size); + passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size); if (passwd_malloc == NULL) goto err; } @@ -266,9 +266,9 @@ int MAIN(int argc, char **argv) err: ERR_print_errors(bio_err); if (salt_malloc) - Free(salt_malloc); + OPENSSL_free(salt_malloc); if (passwd_malloc) - Free(passwd_malloc); + OPENSSL_free(passwd_malloc); if (in) BIO_free(in); if (out) @@ -399,7 +399,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, { if (*salt_malloc_p == NULL) { - *salt_p = *salt_malloc_p = Malloc(3); + *salt_p = *salt_malloc_p = OPENSSL_malloc(3); if (*salt_malloc_p == NULL) goto err; } @@ -422,7 +422,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) { - *salt_p = *salt_malloc_p = Malloc(9); + *salt_p = *salt_malloc_p = OPENSSL_malloc(9); if (*salt_malloc_p == NULL) goto err; } diff --git a/apps/pkcs12.c b/apps/pkcs12.c index a45b2da72f101..3f958943b4a37 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -565,8 +565,8 @@ int MAIN(int argc, char **argv) #endif BIO_free(in); BIO_free(out); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); EXIT(ret); } @@ -774,7 +774,7 @@ int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name) value = uni2asc(av->value.bmpstring->data, av->value.bmpstring->length); BIO_printf(out, "%s\n", value); - Free(value); + OPENSSL_free(value); break; case V_ASN1_OCTET_STRING: diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 3e59b74124a2a..b0914cd453375 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -254,8 +254,8 @@ int MAIN(int argc, char **argv) PKCS8_PRIV_KEY_INFO_free (p8inf); EVP_PKEY_free(pkey); BIO_free(out); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); return (0); } @@ -338,8 +338,8 @@ int MAIN(int argc, char **argv) EVP_PKEY_free(pkey); BIO_free(out); BIO_free(in); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); return (0); } diff --git a/apps/req.c b/apps/req.c index eb338eeb1b2b2..dd376949fda39 100644 --- a/apps/req.c +++ b/apps/req.c @@ -878,8 +878,8 @@ int MAIN(int argc, char **argv) EVP_PKEY_free(pkey); X509_REQ_free(req); X509_free(x509ss); - if(passargin && passin) Free(passin); - if(passargout && passout) Free(passout); + if(passargin && passin) OPENSSL_free(passin); + if(passargout && passout) OPENSSL_free(passout); OBJ_cleanup(); #ifndef NO_DSA if (dsa_params != NULL) DSA_free(dsa_params); diff --git a/apps/rsa.c b/apps/rsa.c index 9d4c2e6564050..1269f65703ef8 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -345,15 +345,15 @@ int MAIN(int argc, char **argv) i=1; size=i2d_Netscape_RSA(rsa,NULL,NULL); - if ((p=(unsigned char *)Malloc(size)) == NULL) + if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"Memory allocation failure\n"); goto end; } pp=p; i2d_Netscape_RSA(rsa,&p,NULL); BIO_write(out,(char *)pp,size); - Free(pp); + OPENSSL_free(pp); } #endif else if (outformat == FORMAT_PEM) { @@ -376,8 +376,8 @@ int MAIN(int argc, char **argv) if(in != NULL) BIO_free(in); if(out != NULL) BIO_free(out); if(rsa != NULL) RSA_free(rsa); - if(passin) Free(passin); - if(passout) Free(passout); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); EXIT(ret); } #else /* !NO_RSA */ diff --git a/apps/s_client.c b/apps/s_client.c index 010bf3d0011df..77df3d596e2d9 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -205,8 +205,8 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - if ( ((cbuf=Malloc(BUFSIZZ)) == NULL) || - ((sbuf=Malloc(BUFSIZZ)) == NULL)) + if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || + ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL)) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -551,7 +551,7 @@ int MAIN(int argc, char **argv) tv.tv_usec = 0; i=select(width,(void *)&readfds,(void *)&writefds, NULL,&tv); - if(!i && (!_kbhit() || !read_tty) ) continue; + if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; } else i=select(width,(void *)&readfds,(void *)&writefds, NULL,NULL); } @@ -717,7 +717,7 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 } #ifdef WINDOWS - else if (_kbhit()) + else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) #else else if (FD_ISSET(fileno(stdin),&readfds)) #endif @@ -781,8 +781,8 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 if (con != NULL) SSL_free(con); if (con2 != NULL) SSL_free(con2); if (ctx != NULL) SSL_CTX_free(ctx); - if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); } - if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); } + if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); } + if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); } if (bio_c_out != NULL) { BIO_free(bio_c_out); diff --git a/apps/s_server.c b/apps/s_server.c index 001b5be110414..17c16665ed015 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -289,7 +289,7 @@ static int ebcdic_new(BIO *bi) { EBCDIC_OUTBUFF *wbuf; - wbuf = (EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + 1024); + wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); wbuf->alloced = 1024; wbuf->buff[0] = '\0'; @@ -303,7 +303,7 @@ static int ebcdic_free(BIO *a) { if (a == NULL) return(0); if (a->ptr != NULL) - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -340,8 +340,8 @@ static int ebcdic_write(BIO *b, char *in, int inl) num = num + num; /* double the size */ if (num < inl) num = inl; - Free(wbuf); - wbuf=(EBCDIC_OUTBUFF *)Malloc(sizeof(EBCDIC_OUTBUFF) + num); + OPENSSL_free(wbuf); + wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); wbuf->alloced = num; wbuf->buff[0] = '\0'; @@ -794,7 +794,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) struct timeval tv; #endif - if ((buf=Malloc(bufsize)) == NULL) + if ((buf=OPENSSL_malloc(bufsize)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto err; @@ -1056,7 +1056,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (buf != NULL) { memset(buf,0,bufsize); - Free(buf); + OPENSSL_free(buf); } if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); @@ -1173,7 +1173,7 @@ static int www_body(char *hostname, int s, unsigned char *context) BIO *io,*ssl_bio,*sbio; long total_bytes; - buf=Malloc(bufsize); + buf=OPENSSL_malloc(bufsize); if (buf == NULL) return(0); io=BIO_new(BIO_f_buffer()); ssl_bio=BIO_new(BIO_f_ssl()); @@ -1502,7 +1502,7 @@ static int www_body(char *hostname, int s, unsigned char *context) if (ret >= 0) BIO_printf(bio_s_out,"ACCEPT\n"); - if (buf != NULL) Free(buf); + if (buf != NULL) OPENSSL_free(buf); if (io != NULL) BIO_free_all(io); /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ return(ret); diff --git a/apps/s_socket.c b/apps/s_socket.c index 081b1a57d1745..0238566a81969 100644 --- a/apps/s_socket.c +++ b/apps/s_socket.c @@ -241,7 +241,7 @@ int do_server(int port, int *ret, int (*cb)(), char *context) return(0); } i=(*cb)(name,sock, context); - if (name != NULL) Free(name); + if (name != NULL) OPENSSL_free(name); SHUTDOWN2(sock); if (i < 0) { @@ -372,9 +372,9 @@ static int do_accept(int acc_sock, int *sock, char **host) } else { - if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL) + if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL) { - perror("Malloc"); + perror("OPENSSL_malloc"); return(0); } strcpy(*host,h1->h_name); diff --git a/apps/smime.c b/apps/smime.c index 7dc66d6ecd566..e2fc828737117 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -443,7 +443,7 @@ int MAIN(int argc, char **argv) BIO_free(in); BIO_free(indata); BIO_free(out); - if(passin) Free(passin); + if(passin) OPENSSL_free(passin); return (ret); } diff --git a/apps/speed.c b/apps/speed.c index 1a87aa1407da4..27f89b577f79c 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -364,7 +364,7 @@ int MAIN(int argc, char **argv) rsa_key[i]=NULL; #endif - if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -372,7 +372,7 @@ int MAIN(int argc, char **argv) #ifndef NO_DES buf_as_des_cblock = (des_cblock *)buf; #endif - if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) + if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto end; @@ -1196,8 +1196,8 @@ int MAIN(int argc, char **argv) mret=0; end: ERR_print_errors(bio_err); - if (buf != NULL) Free(buf); - if (buf2 != NULL) Free(buf2); + if (buf != NULL) OPENSSL_free(buf); + if (buf2 != NULL) OPENSSL_free(buf2); #ifndef NO_RSA for (i=0; i 1) /* using one because of the bits left byte */ { - s=(unsigned char *)Malloc((int)len); + s=(unsigned char *)OPENSSL_malloc((int)len); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -173,7 +173,7 @@ ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, s=NULL; ret->length=(int)len; - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->type=V_ASN1_BIT_STRING; if (a != NULL) (*a)=ret; @@ -204,9 +204,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) { if (!value) return(1); /* Don't need to set */ if (a->data == NULL) - c=(unsigned char *)Malloc(w+1); + c=(unsigned char *)OPENSSL_malloc(w+1); else - c=(unsigned char *)Realloc(a->data,w+1); + c=(unsigned char *)OPENSSL_realloc(a->data,w+1); if (c == NULL) return(0); a->data=c; a->length=w+1; diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c index 8cde69580402b..3a0c0c783551b 100644 --- a/crypto/asn1/a_bytes.c +++ b/crypto/asn1/a_bytes.c @@ -111,7 +111,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, if (len != 0) { - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -124,7 +124,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, else s=NULL; - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->length=(int)len; ret->data=s; ret->type=tag; @@ -218,8 +218,8 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, { if ((ret->length < len) || (ret->data == NULL)) { - if (ret->data != NULL) Free(ret->data); - s=(unsigned char *)Malloc((int)len + 1); + if (ret->data != NULL) OPENSSL_free(ret->data); + s=(unsigned char *)OPENSSL_malloc((int)len + 1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -235,7 +235,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, else { s=NULL; - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); } ret->length=(int)len; @@ -310,14 +310,14 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) if (!asn1_Finish(c)) goto err; a->length=num; - if (a->data != NULL) Free(a->data); + if (a->data != NULL) OPENSSL_free(a->data); a->data=(unsigned char *)b.data; if (os != NULL) ASN1_STRING_free(os); return(1); err: ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error); if (os != NULL) ASN1_STRING_free(os); - if (b.data != NULL) Free(b.data); + if (b.data != NULL) OPENSSL_free(b.data); return(0); } diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 3370aae998d42..8257b8639e12f 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -77,14 +77,14 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, unsigned char *str,*p; i=i2d(data,NULL); - if ((str=(unsigned char *)Malloc(i)) == NULL) return(0); + if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0); p=str; i2d(data,&p); EVP_DigestInit(&ctx,type); EVP_DigestUpdate(&ctx,str,i); EVP_DigestFinal(&ctx,md,len); - Free(str); + OPENSSL_free(str); return(1); } diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index 3202a816d0ada..c3bda58a5d9ec 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -71,13 +71,13 @@ char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) if (x == NULL) return(NULL); i=(long)i2d(x,NULL); - b=(unsigned char *)Malloc((unsigned int)i+10); + b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (b == NULL) { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); p= b; ret=d2i(NULL,&p,i); - Free(b); + OPENSSL_free(b); return(ret); } diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c index ccf62e5a04401..572ba2e1b2c86 100644 --- a/crypto/asn1/a_enum.c +++ b/crypto/asn1/a_enum.c @@ -168,9 +168,9 @@ ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp, goto err; } - /* We must Malloc stuff, even for 0 bytes otherwise it + /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -219,7 +219,7 @@ ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp, p+=len; } - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -242,8 +242,8 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) if (a->length < (sizeof(long)+1)) { if (a->data != NULL) - Free(a->data); - if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) + OPENSSL_free(a->data); + if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) memset((char *)a->data,0,sizeof(long)+1); } if (a->data == NULL) @@ -318,7 +318,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) else ret->type=V_ASN1_ENUMERATED; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)Malloc(len+4); + ret->data=(unsigned char *)OPENSSL_malloc(len+4); ret->length=BN_bn2bin(bn,ret->data); return(ret); err: diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index 84062170e8389..314479a03dad4 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -212,10 +212,10 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, p=(char *)s->data; if ((p == NULL) || (s->length < 16)) { - p=Malloc(20); + p=OPENSSL_malloc(20); if (p == NULL) return(NULL); if (s->data != NULL) - Free(s->data); + OPENSSL_free(s->data); s->data=(unsigned char *)p; } diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c index 434610e8e124c..b1aad81f77314 100644 --- a/crypto/asn1/a_hdr.c +++ b/crypto/asn1/a_hdr.c @@ -115,5 +115,5 @@ void ASN1_HEADER_free(ASN1_HEADER *a) M_ASN1_OCTET_STRING_free(a->header); if (a->meth != NULL) a->meth->destroy(a->data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c index d9b8035e172c3..aee29a779000c 100644 --- a/crypto/asn1/a_i2d_fp.c +++ b/crypto/asn1/a_i2d_fp.c @@ -86,7 +86,7 @@ int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) int i,j=0,n,ret=1; n=i2d(x,NULL); - b=(char *)Malloc(n); + b=(char *)OPENSSL_malloc(n); if (b == NULL) { ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); @@ -108,6 +108,6 @@ int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) j+=i; n-=i; } - Free(b); + OPENSSL_free(b); return(ret); } diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index c6a6b725c68e1..82db75f5e1636 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -193,9 +193,9 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, goto err; } - /* We must Malloc stuff, even for 0 bytes otherwise it + /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -248,7 +248,7 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, memcpy(s,p,(int)len); } - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -297,9 +297,9 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, goto err; } - /* We must Malloc stuff, even for 0 bytes otherwise it + /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -317,7 +317,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, p+=len; } - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -340,8 +340,8 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) if (a->length < (sizeof(long)+1)) { if (a->data != NULL) - Free(a->data); - if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) + OPENSSL_free(a->data); + if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) memset((char *)a->data,0,sizeof(long)+1); } if (a->data == NULL) @@ -416,7 +416,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) else ret->type=V_ASN1_INTEGER; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)Malloc(len+4); + ret->data=(unsigned char *)OPENSSL_malloc(len+4); ret->length=BN_bn2bin(bn,ret->data); return(ret); err: diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c index 7a710d54590cd..42f5d3b01e2f8 100644 --- a/crypto/asn1/a_mbstr.c +++ b/crypto/asn1/a_mbstr.c @@ -183,7 +183,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, dest = *out; if(dest->data) { dest->length = 0; - Free(dest->data); + OPENSSL_free(dest->data); dest->data = NULL; } dest->type = str_type; @@ -228,7 +228,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, cpyfunc = cpy_utf8; break; } - if(!(p = Malloc(outlen + 1))) { + if(!(p = OPENSSL_malloc(outlen + 1))) { ASN1_STRING_free(dest); ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); return -1; @@ -258,8 +258,8 @@ static int traverse_string(const unsigned char *p, int len, int inform, value |= *p++; len -= 2; } else if(inform == MBSTRING_UNIV) { - value = *p++ << 24; - value |= *p++ << 16; + value = ((unsigned long)*p++) << 24; + value |= ((unsigned long)*p++) << 16; value |= *p++ << 8; value |= *p++; len -= 4; diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 09d56fb669006..7e1300021ec39 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -222,8 +222,8 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, } if ((ret->data == NULL) || (ret->length < len)) { - if (ret->data != NULL) Free(ret->data); - ret->data=(unsigned char *)Malloc(len ? (int)len : 1); + if (ret->data != NULL) OPENSSL_free(ret->data); + ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; if (ret->data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } @@ -249,7 +249,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) { ASN1_OBJECT *ret; - ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT)); + ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); @@ -270,19 +270,19 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a) if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) { #ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ - if (a->sn != NULL) Free((void *)a->sn); - if (a->ln != NULL) Free((void *)a->ln); + if (a->sn != NULL) OPENSSL_free((void *)a->sn); + if (a->ln != NULL) OPENSSL_free((void *)a->ln); #endif a->sn=a->ln=NULL; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { - if (a->data != NULL) Free(a->data); + if (a->data != NULL) OPENSSL_free(a->data); a->data=NULL; a->length=0; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) - Free(a); + OPENSSL_free(a); } ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index c2481e7597406..8cde8486894c3 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -116,7 +116,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, } pStart = p; /* Catch the beg of Setblobs*/ - rgSetBlob = (MYBLOB *)Malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array + rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array we will store the SET blobs */ for (i=0; idata != NULL) Free(signature->data); + if (signature->data != NULL) OPENSSL_free(signature->data); signature->data=buf_out; buf_out=NULL; signature->length=outl; @@ -141,8 +141,8 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, err: memset(&ctx,0,sizeof(ctx)); if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); Free(buf_in); } + { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) - { memset((char *)buf_out,0,outll); Free(buf_out); } + { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } return(outl); } diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index ab8417ffabc4b..4a65e4097b107 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -65,7 +65,8 @@ static STACK_OF(ASN1_STRING_TABLE) *stable = NULL; static void st_free(ASN1_STRING_TABLE *tbl); -static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b); +static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, + const ASN1_STRING_TABLE * const *b); static int table_cmp(ASN1_STRING_TABLE *a, ASN1_STRING_TABLE *b); @@ -173,7 +174,8 @@ static ASN1_STRING_TABLE tbl_standard[] = { {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} }; -static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b) +static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, + const ASN1_STRING_TABLE * const *b) { return (*a)->nid - (*b)->nid; } @@ -213,7 +215,7 @@ int ASN1_STRING_TABLE_add(int nid, return 0; } if(!(tmp = ASN1_STRING_TABLE_get(nid))) { - tmp = Malloc(sizeof(ASN1_STRING_TABLE)); + tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); if(!tmp) { ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE); @@ -241,7 +243,7 @@ void ASN1_STRING_TABLE_cleanup(void) static void st_free(ASN1_STRING_TABLE *tbl) { - if(tbl->flags & STABLE_FLAGS_MALLOC) Free(tbl); + if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); } IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c index 161ef81197374..3620e60e99ada 100644 --- a/crypto/asn1/a_type.c +++ b/crypto/asn1/a_type.c @@ -282,7 +282,7 @@ void ASN1_TYPE_free(ASN1_TYPE *a) { if (a == NULL) return; ASN1_TYPE_component_free(a); - Free(a); + OPENSSL_free(a); } int ASN1_TYPE_get(ASN1_TYPE *a) diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index b855867dc1d30..2ee572e2281aa 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -248,10 +248,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) p=(char *)s->data; if ((p == NULL) || (s->length < 14)) { - p=Malloc(20); + p=OPENSSL_malloc(20); if (p == NULL) return(NULL); if (s->data != NULL) - Free(s->data); + OPENSSL_free(s->data); s->data=(unsigned char *)p; } @@ -291,5 +291,12 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) } #undef g2 - return mktime(&tm)-offset*60; + return mktime(&tm)-offset*60; /* FIXME: mktime assumes the current timezone + * instead of UTC, and unless we rewrite OpenSSL + * in Lisp we cannot locally change the timezone + * without possibly interfering with other parts + * of the program. timegm, which uses UTC, is + * non-standard. + * Also time_t is inappropriate for general + * UTC times because it may a 32 bit type. */ } diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c index b5125af2243e6..854278f136e75 100644 --- a/crypto/asn1/a_utf8.c +++ b/crypto/asn1/a_utf8.c @@ -133,7 +133,7 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val) if( ((p[1] & 0xc0) != 0x80) || ((p[2] & 0xc0) != 0x80) || ((p[3] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0x7) << 18; + value = ((unsigned long)(*p++ & 0x7)) << 18; value |= (*p++ & 0x3f) << 12; value |= (*p++ & 0x3f) << 6; value |= *p++ & 0x3f; @@ -145,9 +145,9 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val) || ((p[2] & 0xc0) != 0x80) || ((p[3] & 0xc0) != 0x80) || ((p[4] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0x3) << 24; - value |= (*p++ & 0x3f) << 18; - value |= (*p++ & 0x3f) << 12; + value = ((unsigned long)(*p++ & 0x3)) << 24; + value |= ((unsigned long)(*p++ & 0x3f)) << 18; + value |= ((unsigned long)(*p++ & 0x3f)) << 12; value |= (*p++ & 0x3f) << 6; value |= *p++ & 0x3f; if(value < 0x200000) return -4; @@ -159,10 +159,10 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val) || ((p[3] & 0xc0) != 0x80) || ((p[4] & 0xc0) != 0x80) || ((p[5] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0x1) << 30; - value |= (*p++ & 0x3f) << 24; - value |= (*p++ & 0x3f) << 18; - value |= (*p++ & 0x3f) << 12; + value = ((unsigned long)(*p++ & 0x1)) << 30; + value |= ((unsigned long)(*p++ & 0x3f)) << 24; + value |= ((unsigned long)(*p++ & 0x3f)) << 18; + value |= ((unsigned long)(*p++ & 0x3f)) << 12; value |= (*p++ & 0x3f) << 6; value |= *p++ & 0x3f; if(value < 0x4000000) return -4; diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index d4aede85c37e1..2a11927e5c1c2 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -88,7 +88,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, } inl=i2d(data,NULL); - buf_in=Malloc((unsigned int)inl); + buf_in=OPENSSL_malloc((unsigned int)inl); if (buf_in == NULL) { ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); @@ -101,7 +101,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); memset(buf_in,0,(unsigned int)inl); - Free(buf_in); + OPENSSL_free(buf_in); if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, (unsigned int)signature->length,pkey) <= 0) diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index e137f6b7c7074..50a0cfb16250f 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -245,6 +245,37 @@ typedef struct asn1_string_table_st { } ASN1_STRING_TABLE; DECLARE_STACK_OF(ASN1_STRING_TABLE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_STRING_TABLE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_STRING_TABLE_new_null() sk_new_null() + #define sk_ASN1_STRING_TABLE_free(a) sk_free(a) + #define sk_ASN1_STRING_TABLE_num(a) sk_num(a) + #define sk_ASN1_STRING_TABLE_value(a,b) ((ASN1_STRING_TABLE *) \ + sk_value((a),(b))) + #define sk_ASN1_STRING_TABLE_set(a,b,c) ((ASN1_STRING_TABLE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_STRING_TABLE_zero(a) sk_zero(a) + #define sk_ASN1_STRING_TABLE_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_STRING_TABLE_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_STRING_TABLE_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_STRING_TABLE_delete(a,b) ((ASN1_STRING_TABLE *) \ + sk_delete((a),(b))) + #define sk_ASN1_STRING_TABLE_delete_ptr(a,b) ((ASN1_STRING_TABLE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_STRING_TABLE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_STRING_TABLE_set_cmp_func(a,b) ((int (*) \ + (const ASN1_STRING_TABLE * const *,const ASN1_STRING_TABLE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_STRING_TABLE_dup(a) sk_dup(a) + #define sk_ASN1_STRING_TABLE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_STRING_TABLE_shift(a) ((ASN1_STRING_TABLE *)sk_shift(a)) + #define sk_ASN1_STRING_TABLE_pop(a) ((ASN1_STRING_TABLE *)sk_pop(a)) + #define sk_ASN1_STRING_TABLE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* size limits: this stuff is taken straight from RFC2459 */ @@ -294,6 +325,37 @@ typedef struct asn1_string_st ASN1_UTF8STRING; typedef int ASN1_NULL; DECLARE_STACK_OF(ASN1_INTEGER) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_INTEGER_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_INTEGER_new_null() sk_new_null() + #define sk_ASN1_INTEGER_free(a) sk_free(a) + #define sk_ASN1_INTEGER_num(a) sk_num(a) + #define sk_ASN1_INTEGER_value(a,b) ((ASN1_INTEGER *) \ + sk_value((a),(b))) + #define sk_ASN1_INTEGER_set(a,b,c) ((ASN1_INTEGER *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_INTEGER_zero(a) sk_zero(a) + #define sk_ASN1_INTEGER_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_INTEGER_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_INTEGER_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_INTEGER_delete(a,b) ((ASN1_INTEGER *) \ + sk_delete((a),(b))) + #define sk_ASN1_INTEGER_delete_ptr(a,b) ((ASN1_INTEGER *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_INTEGER_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_INTEGER_set_cmp_func(a,b) ((int (*) \ + (const ASN1_INTEGER * const *,const ASN1_INTEGER * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_INTEGER_dup(a) sk_dup(a) + #define sk_ASN1_INTEGER_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_INTEGER_shift(a) ((ASN1_INTEGER *)sk_shift(a)) + #define sk_ASN1_INTEGER_pop(a) ((ASN1_INTEGER *)sk_pop(a)) + #define sk_ASN1_INTEGER_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ASN1_INTEGER) typedef struct asn1_type_st @@ -325,6 +387,37 @@ typedef struct asn1_type_st } ASN1_TYPE; DECLARE_STACK_OF(ASN1_TYPE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_TYPE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_TYPE_new_null() sk_new_null() + #define sk_ASN1_TYPE_free(a) sk_free(a) + #define sk_ASN1_TYPE_num(a) sk_num(a) + #define sk_ASN1_TYPE_value(a,b) ((ASN1_TYPE *) \ + sk_value((a),(b))) + #define sk_ASN1_TYPE_set(a,b,c) ((ASN1_TYPE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_TYPE_zero(a) sk_zero(a) + #define sk_ASN1_TYPE_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_TYPE_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_TYPE_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_TYPE_delete(a,b) ((ASN1_TYPE *) \ + sk_delete((a),(b))) + #define sk_ASN1_TYPE_delete_ptr(a,b) ((ASN1_TYPE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_TYPE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_TYPE_set_cmp_func(a,b) ((int (*) \ + (const ASN1_TYPE * const *,const ASN1_TYPE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_TYPE_dup(a) sk_dup(a) + #define sk_ASN1_TYPE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_TYPE_shift(a) ((ASN1_TYPE *)sk_shift(a)) + #define sk_ASN1_TYPE_pop(a) ((ASN1_TYPE *)sk_pop(a)) + #define sk_ASN1_TYPE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ASN1_TYPE) typedef struct asn1_method_st @@ -546,6 +639,37 @@ ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, long length); DECLARE_STACK_OF(ASN1_OBJECT) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_OBJECT_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_OBJECT_new_null() sk_new_null() + #define sk_ASN1_OBJECT_free(a) sk_free(a) + #define sk_ASN1_OBJECT_num(a) sk_num(a) + #define sk_ASN1_OBJECT_value(a,b) ((ASN1_OBJECT *) \ + sk_value((a),(b))) + #define sk_ASN1_OBJECT_set(a,b,c) ((ASN1_OBJECT *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_OBJECT_zero(a) sk_zero(a) + #define sk_ASN1_OBJECT_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_OBJECT_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_OBJECT_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_OBJECT_delete(a,b) ((ASN1_OBJECT *) \ + sk_delete((a),(b))) + #define sk_ASN1_OBJECT_delete_ptr(a,b) ((ASN1_OBJECT *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_OBJECT_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_OBJECT_set_cmp_func(a,b) ((int (*) \ + (const ASN1_OBJECT * const *,const ASN1_OBJECT * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_OBJECT_dup(a) sk_dup(a) + #define sk_ASN1_OBJECT_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_OBJECT_shift(a) ((ASN1_OBJECT *)sk_shift(a)) + #define sk_ASN1_OBJECT_pop(a) ((ASN1_OBJECT *)sk_pop(a)) + #define sk_ASN1_OBJECT_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ASN1_OBJECT) ASN1_STRING * ASN1_STRING_new(void); diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index be8daa8688dd1..11f8654c36e4c 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -335,9 +335,9 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) { c=str->data; if (c == NULL) - str->data=Malloc(len+1); + str->data=OPENSSL_malloc(len+1); else - str->data=Realloc(c,len+1); + str->data=OPENSSL_realloc(c,len+1); if (str->data == NULL) { @@ -365,7 +365,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type) { ASN1_STRING *ret; - ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING)); + ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); @@ -381,8 +381,8 @@ ASN1_STRING *ASN1_STRING_type_new(int type) void ASN1_STRING_free(ASN1_STRING *a) { if (a == NULL) return; - if (a->data != NULL) Free(a->data); - Free(a); + if (a->data != NULL) OPENSSL_free(a->data); + OPENSSL_free(a); } int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index 653f5fe1c948e..4512ba6cc6042 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -340,7 +340,7 @@ err:\ /* New macros */ #define M_ASN1_New_Malloc(ret,type) \ - if ((ret=(type *)Malloc(sizeof(type))) == NULL) \ + if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \ { c.line=__LINE__; goto err2; } #define M_ASN1_New(arg,func) \ diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index 662a2626a1969..2969d5f8e361f 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -77,7 +77,7 @@ STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), } /* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a - * Malloc'ed buffer + * OPENSSL_malloc'ed buffer */ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, @@ -90,7 +90,7 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR); return NULL; } - if (!(safe = Malloc (safelen))) { + if (!(safe = OPENSSL_malloc (safelen))) { ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE); return NULL; } @@ -134,7 +134,7 @@ ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct) ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); return NULL; } - if (!(p = Malloc (octmp->length))) { + if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/asn1/f_enum.c b/crypto/asn1/f_enum.c index 3d0b1107cba6b..56e3cc8df2b79 100644 --- a/crypto/asn1/f_enum.c +++ b/crypto/asn1/f_enum.c @@ -153,15 +153,15 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)Malloc( + sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)Realloc(s, + sp=(unsigned char *)OPENSSL_realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); goto err; } s=sp; diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index cd57331c3f0a5..6b090f6740c2c 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -160,15 +160,15 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)Malloc( + sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)Realloc(s, + sp=(unsigned char *)OPENSSL_realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); goto err; } s=sp; diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c index 088313689ab25..968698a798877 100644 --- a/crypto/asn1/f_string.c +++ b/crypto/asn1/f_string.c @@ -158,15 +158,15 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)Malloc( + sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)Realloc(s, + sp=(unsigned char *)OPENSSL_realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); goto err; } s=sp; diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c index 61eeb646f9e2e..b1de17fe075f4 100644 --- a/crypto/asn1/i2d_dhp.c +++ b/crypto/asn1/i2d_dhp.c @@ -105,7 +105,7 @@ int i2d_DHparams(DH *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE); @@ -118,7 +118,7 @@ int i2d_DHparams(DH *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); ret=t; err: if (num[2] != NULL) BN_free(num[2]); diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c index 4021123ba3f34..157fb43893fcf 100644 --- a/crypto/asn1/i2d_dsap.c +++ b/crypto/asn1/i2d_dsap.c @@ -94,7 +94,7 @@ int i2d_DSAparams(DSA *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE); @@ -107,7 +107,7 @@ int i2d_DSAparams(DSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); ret=t; err: *pp=p; diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c index 1250fa4b2dd83..88b1aac989825 100644 --- a/crypto/asn1/i2d_r_pr.c +++ b/crypto/asn1/i2d_r_pr.c @@ -107,7 +107,7 @@ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp) i2d_ASN1_INTEGER(&bs,&p); - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); @@ -119,7 +119,7 @@ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; return(t); } diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c index 582b92ee4c197..8178c2c3b3e0a 100644 --- a/crypto/asn1/i2d_r_pu.c +++ b/crypto/asn1/i2d_r_pu.c @@ -93,7 +93,7 @@ int i2d_RSAPublicKey(RSA *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE); @@ -105,7 +105,7 @@ int i2d_RSAPublicKey(RSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; return(t); } diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c index e399ceaeb91d4..9922952ad77bb 100644 --- a/crypto/asn1/i2d_s_pr.c +++ b/crypto/asn1/i2d_s_pr.c @@ -104,7 +104,7 @@ int i2d_DSAPrivateKey(DSA *a, unsigned char **pp) i2d_ASN1_INTEGER(&bs,&p); - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); @@ -116,7 +116,7 @@ int i2d_DSAPrivateKey(DSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; return(t); } diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c index ca7f251b719ec..e6014b82a84c5 100644 --- a/crypto/asn1/i2d_s_pu.c +++ b/crypto/asn1/i2d_s_pu.c @@ -109,7 +109,7 @@ int i2d_DSAPublicKey(DSA *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE); @@ -121,7 +121,7 @@ int i2d_DSAPublicKey(DSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; if(all) return(t); else return(tot); diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 5a7d494ff06f3..63f408885fd3c 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -139,8 +139,8 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) } if (pkey->private_key->data != NULL) - Free(pkey->private_key->data); - if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL) + OPENSSL_free(pkey->private_key->data); + if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); goto err; @@ -148,7 +148,7 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) zz=pkey->private_key->data; i2d_RSAPrivateKey(a,&zz); - if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL) + if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); goto err; @@ -182,7 +182,7 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) i2d_ASN1_OCTET_STRING(&os2,&p); ret=l[5]; err: - if (os2.data != NULL) Free(os2.data); + if (os2.data != NULL) OPENSSL_free(os2.data); if (alg != NULL) X509_ALGOR_free(alg); if (pkey != NULL) NETSCAPE_PKEY_free(pkey); r=r; @@ -338,7 +338,7 @@ static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a) M_ASN1_INTEGER_free(a->version); X509_ALGOR_free(a->algor); M_ASN1_OCTET_STRING_free(a->private_key); - Free(a); + OPENSSL_free(a); } #endif /* NO_RC4 */ diff --git a/crypto/asn1/nsseq.c b/crypto/asn1/nsseq.c index 417d024b81179..6e7f09ba236eb 100644 --- a/crypto/asn1/nsseq.c +++ b/crypto/asn1/nsseq.c @@ -114,5 +114,5 @@ void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a) ASN1_OBJECT_free(a->type); if(a->certs) sk_X509_pop_free(a->certs, X509_free); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index a147ac329536c..b7ed538eb2c80 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -103,7 +103,7 @@ void PBEPARAM_free (PBEPARAM *a) if(a==NULL) return; M_ASN1_OCTET_STRING_free(a->salt); M_ASN1_INTEGER_free (a->iter); - Free (a); + OPENSSL_free (a); } /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ @@ -123,7 +123,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, if(iter <= 0) iter = PKCS5_DEFAULT_ITER; ASN1_INTEGER_set (pbe->iter, iter); if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(pbe->salt->data = Malloc (saltlen))) { + if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index 1bbdb10c716a5..6a7b578c0e229 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -104,7 +104,7 @@ void PBE2PARAM_free (PBE2PARAM *a) if(a==NULL) return; X509_ALGOR_free(a->keyfunc); X509_ALGOR_free(a->encryption); - Free (a); + OPENSSL_free (a); } int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp) @@ -158,7 +158,7 @@ void PBKDF2PARAM_free (PBKDF2PARAM *a) M_ASN1_INTEGER_free(a->iter); M_ASN1_INTEGER_free(a->keylength); X509_ALGOR_free(a->prf); - Free (a); + OPENSSL_free (a); } /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: @@ -210,7 +210,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr; if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(osalt->data = Malloc (saltlen))) goto merr; + if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr; osalt->length = saltlen; if (salt) memcpy (osalt->data, salt, saltlen); else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr; diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c index cba90e94a1e0e..c170244616b0b 100644 --- a/crypto/asn1/p7_dgst.c +++ b/crypto/asn1/p7_dgst.c @@ -116,6 +116,6 @@ void PKCS7_DIGEST_free(PKCS7_DIGEST *a) X509_ALGOR_free(a->md); PKCS7_free(a->contents); M_ASN1_OCTET_STRING_free(a->digest); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c index 83b0e15faa7e9..38ccafbdb0dda 100644 --- a/crypto/asn1/p7_enc.c +++ b/crypto/asn1/p7_enc.c @@ -106,6 +106,6 @@ void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a) if (a == NULL) return; M_ASN1_INTEGER_free(a->version); PKCS7_ENC_CONTENT_free(a->enc_data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c index 582cc78b069dc..031178ab52c0f 100644 --- a/crypto/asn1/p7_enc_c.c +++ b/crypto/asn1/p7_enc_c.c @@ -115,6 +115,6 @@ void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a) ASN1_OBJECT_free(a->content_type); X509_ALGOR_free(a->algorithm); M_ASN1_OCTET_STRING_free(a->enc_data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c index 4e734fdd289e7..60be3e5f66036 100644 --- a/crypto/asn1/p7_evp.c +++ b/crypto/asn1/p7_evp.c @@ -114,6 +114,6 @@ void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a) M_ASN1_INTEGER_free(a->version); sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free); PKCS7_ENC_CONTENT_free(a->enc_data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c index d21f7ddb846a4..4a7260a5c84fc 100644 --- a/crypto/asn1/p7_i_s.c +++ b/crypto/asn1/p7_i_s.c @@ -106,6 +106,6 @@ void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a) if (a == NULL) return; X509_NAME_free(a->issuer); M_ASN1_INTEGER_free(a->serial); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c index 9effc28622bac..90ead17dbc756 100644 --- a/crypto/asn1/p7_lib.c +++ b/crypto/asn1/p7_lib.c @@ -152,7 +152,7 @@ PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length) { if ((*a)->asn1 != NULL) { - Free((*a)->asn1); + OPENSSL_free((*a)->asn1); (*a)->asn1=NULL; } (*a)->length=0; @@ -251,7 +251,7 @@ void PKCS7_free(PKCS7 *a) { ASN1_OBJECT_free(a->type); } - Free(a); + OPENSSL_free(a); } void PKCS7_content_free(PKCS7 *a) @@ -259,7 +259,7 @@ void PKCS7_content_free(PKCS7 *a) if(a == NULL) return; - if (a->asn1 != NULL) Free(a->asn1); + if (a->asn1 != NULL) OPENSSL_free(a->asn1); if (a->d.ptr != NULL) { diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c index b1abfa3b8f2bb..5f6c88a2fa476 100644 --- a/crypto/asn1/p7_recip.c +++ b/crypto/asn1/p7_recip.c @@ -118,7 +118,7 @@ void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a) X509_ALGOR_free(a->key_enc_algor); M_ASN1_OCTET_STRING_free(a->enc_key); if (a->cert != NULL) X509_free(a->cert); - Free(a); + OPENSSL_free(a); } IMPLEMENT_STACK_OF(PKCS7_RECIP_INFO) diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c index 3d18fedf8e5be..709eb24b27cc7 100644 --- a/crypto/asn1/p7_s_e.c +++ b/crypto/asn1/p7_s_e.c @@ -140,6 +140,6 @@ void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a) sk_X509_pop_free(a->cert,X509_free); sk_X509_CRL_pop_free(a->crl,X509_CRL_free); sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c index f6f16a87158dc..c835f5475f973 100644 --- a/crypto/asn1/p7_signd.c +++ b/crypto/asn1/p7_signd.c @@ -131,5 +131,5 @@ void PKCS7_SIGNED_free(PKCS7_SIGNED *a) sk_X509_pop_free(a->cert,X509_free); sk_X509_CRL_pop_free(a->crl,X509_CRL_free); sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c index f74658ffe6890..248bf00945469 100644 --- a/crypto/asn1/p7_signi.c +++ b/crypto/asn1/p7_signi.c @@ -143,7 +143,7 @@ void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a) sk_X509_ATTRIBUTE_pop_free(a->unauth_attr,X509_ATTRIBUTE_free); if (a->pkey != NULL) EVP_PKEY_free(a->pkey); - Free(a); + OPENSSL_free(a); } IMPLEMENT_STACK_OF(PKCS7_SIGNER_INFO) diff --git a/crypto/asn1/p8_key.c b/crypto/asn1/p8_key.c index 0b243746279c1..3a31248e14bed 100644 --- a/crypto/asn1/p8_key.c +++ b/crypto/asn1/p8_key.c @@ -94,7 +94,7 @@ X509 *X509_KEY_new(void) { X509_KEY *ret=NULL; - M_ASN1_New_Malloc(ret,X509_KEY); + M_ASN1_New_OPENSSL_malloc(ret,X509_KEY); ret->references=1; ret->type=NID M_ASN1_New(ret->cert_info,X509_CINF_new); @@ -126,6 +126,6 @@ void X509_KEY_free(X509 *a) X509_CINF_free(a->cert_info); X509_ALGOR_free(a->sig_alg); ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index 59cfbe7f28053..fa6cbfb6f8856 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -123,5 +123,5 @@ void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a) 0, a->pkey->value.octet_string->length); ASN1_TYPE_free (a->pkey); sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index e570ed1c47380..ae18da96e3d19 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -99,7 +99,7 @@ int RSA_print(BIO *bp, RSA *x, int off) int i,ret=0; i=RSA_size(x); - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -133,7 +133,7 @@ int RSA_print(BIO *bp, RSA *x, int off) if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; ret=1; err: - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } #endif /* NO_RSA */ @@ -176,7 +176,7 @@ int DSA_print(BIO *bp, DSA *x, int off) i=BN_num_bytes(bn)*2; else i=256; - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -204,7 +204,7 @@ int DSA_print(BIO *bp, DSA *x, int off) if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err; ret=1; err: - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } #endif /* !NO_DSA */ @@ -284,7 +284,7 @@ int DHparams_print(BIO *bp, DH *x) int reason=ERR_R_BUF_LIB,i,ret=0; i=BN_num_bytes(x->p); - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -307,7 +307,7 @@ int DHparams_print(BIO *bp, DH *x) err: DHerr(DH_F_DHPARAMS_PRINT,reason); } - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } #endif @@ -337,7 +337,7 @@ int DSAparams_print(BIO *bp, DSA *x) int reason=ERR_R_BUF_LIB,i,ret=0; i=BN_num_bytes(x->p); - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -352,7 +352,7 @@ int DSAparams_print(BIO *bp, DSA *x) if (!print(bp,"g:",x->g,m,4)) goto err; ret=1; err: - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); DSAerr(DSA_F_DSAPARAMS_PRINT,reason); return(ret); } diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 6ee1065ce9468..314bdfb1c713d 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -223,7 +223,7 @@ int X509_print(BIO *bp, X509 *x) ret=1; err: if (str != NULL) ASN1_STRING_free(str); - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index fe023842f84a3..853a8dfeef49b 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -111,7 +111,7 @@ void X509_ALGOR_free(X509_ALGOR *a) if (a == NULL) return; ASN1_OBJECT_free(a->algorithm); ASN1_TYPE_free(a->parameter); - Free(a); + OPENSSL_free(a); } IMPLEMENT_STACK_OF(X509_ALGOR) diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c index a874df79db60d..14e5ea27aa766 100644 --- a/crypto/asn1/x_attrib.c +++ b/crypto/asn1/x_attrib.c @@ -160,6 +160,6 @@ void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a) sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free); else ASN1_TYPE_free(a->value.single); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c index b87c8fff1713f..339a110eefd62 100644 --- a/crypto/asn1/x_cinf.c +++ b/crypto/asn1/x_cinf.c @@ -196,6 +196,6 @@ void X509_CINF_free(X509_CINF *a) M_ASN1_BIT_STRING_free(a->issuerUID); M_ASN1_BIT_STRING_free(a->subjectUID); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c index 12a42d04c75b1..1f302d0e01eb3 100644 --- a/crypto/asn1/x_crl.c +++ b/crypto/asn1/x_crl.c @@ -61,8 +61,10 @@ #include #include -static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b); -static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b); +static int X509_REVOKED_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b); +static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b); int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp) { M_ASN1_I2D_vars(a); @@ -100,7 +102,8 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) { int v1=0; long l=0; - int (*old_cmp)(X509_REVOKED **,X509_REVOKED **); + int (*old_cmp)(const X509_REVOKED * const *, + const X509_REVOKED * const *); M_ASN1_I2D_vars(a); old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp); @@ -283,7 +286,7 @@ void X509_REVOKED_free(X509_REVOKED *a) M_ASN1_INTEGER_free(a->serialNumber); M_ASN1_UTCTIME_free(a->revocationDate); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - Free(a); + OPENSSL_free(a); } void X509_CRL_INFO_free(X509_CRL_INFO *a) @@ -297,7 +300,7 @@ void X509_CRL_INFO_free(X509_CRL_INFO *a) M_ASN1_UTCTIME_free(a->nextUpdate); sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - Free(a); + OPENSSL_free(a); } void X509_CRL_free(X509_CRL *a) @@ -322,17 +325,19 @@ void X509_CRL_free(X509_CRL *a) X509_CRL_INFO_free(a->crl); X509_ALGOR_free(a->sig_alg); M_ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } -static int X509_REVOKED_cmp(X509_REVOKED **a, X509_REVOKED **b) +static int X509_REVOKED_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b) { return(ASN1_STRING_cmp( (ASN1_STRING *)(*a)->serialNumber, (ASN1_STRING *)(*b)->serialNumber)); } -static int X509_REVOKED_seq_cmp(X509_REVOKED **a, X509_REVOKED **b) +static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b) { return((*a)->sequence-(*b)->sequence); } diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c index 185cbd78a0fa2..fbfd963b40639 100644 --- a/crypto/asn1/x_exten.c +++ b/crypto/asn1/x_exten.c @@ -134,6 +134,6 @@ void X509_EXTENSION_free(X509_EXTENSION *a) if (a == NULL) return; ASN1_OBJECT_free(a->object); M_ASN1_OCTET_STRING_free(a->value); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c index 7fdc6f9dc81c7..5e62fc2f6f1a4 100644 --- a/crypto/asn1/x_info.c +++ b/crypto/asn1/x_info.c @@ -66,7 +66,7 @@ X509_INFO *X509_INFO_new(void) { X509_INFO *ret=NULL; - ret=(X509_INFO *)Malloc(sizeof(X509_INFO)); + ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); if (ret == NULL) { ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); @@ -106,8 +106,8 @@ void X509_INFO_free(X509_INFO *x) if (x->x509 != NULL) X509_free(x->x509); if (x->crl != NULL) X509_CRL_free(x->crl); if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); - if (x->enc_data != NULL) Free(x->enc_data); - Free(x); + if (x->enc_data != NULL) OPENSSL_free(x->enc_data); + OPENSSL_free(x); } IMPLEMENT_STACK_OF(X509_INFO) diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c index 64baf5719d86e..b832deb928b0f 100644 --- a/crypto/asn1/x_name.c +++ b/crypto/asn1/x_name.c @@ -217,7 +217,7 @@ X509_NAME *X509_NAME_new(void) ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_NAME); - if ((ret->entries=sk_X509_NAME_ENTRY_new(NULL)) == NULL) + if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL) { c.line=__LINE__; goto err2; } M_ASN1_New(ret->bytes,BUF_MEM_new); ret->modified=1; @@ -246,7 +246,7 @@ void X509_NAME_free(X509_NAME *a) BUF_MEM_free(a->bytes); sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free); - Free(a); + OPENSSL_free(a); } void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) @@ -254,7 +254,7 @@ void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) if (a == NULL) return; ASN1_OBJECT_free(a->object); M_ASN1_BIT_STRING_free(a->value); - Free(a); + OPENSSL_free(a); } int X509_NAME_set(X509_NAME **xn, X509_NAME *name) diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index fe58919dbbaed..f1c6221ac3f1c 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -146,6 +146,6 @@ void X509_PKEY_free(X509_PKEY *x) if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey); if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); - if ((x->key_data != NULL) && (x->key_free)) Free(x->key_data); - Free(x); + if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data); + OPENSSL_free(x); } diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 7a05d575c992d..b2e2a51477709 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -112,7 +112,7 @@ void X509_PUBKEY_free(X509_PUBKEY *a) X509_ALGOR_free(a->algor); M_ASN1_BIT_STRING_free(a->public_key); if (a->pkey != NULL) EVP_PKEY_free(a->pkey); - Free(a); + OPENSSL_free(a); } int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) @@ -156,14 +156,14 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) dsa->write_params=0; ASN1_TYPE_free(a->parameter); i=i2d_DSAparams(dsa,NULL); - p=(unsigned char *)Malloc(i); + p=(unsigned char *)OPENSSL_malloc(i); pp=p; i2d_DSAparams(dsa,&pp); a->parameter=ASN1_TYPE_new(); a->parameter->type=V_ASN1_SEQUENCE; a->parameter->value.sequence=ASN1_STRING_new(); ASN1_STRING_set(a->parameter->value.sequence,p,i); - Free(p); + OPENSSL_free(p); } else #endif @@ -173,7 +173,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err; - if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err; + if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err; p=s; i2d_PublicKey(pkey,&p); if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; @@ -181,7 +181,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; - Free(s); + OPENSSL_free(s); #if 0 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c index 0cd572ee73b21..0056009885acf 100644 --- a/crypto/asn1/x_req.c +++ b/crypto/asn1/x_req.c @@ -163,7 +163,7 @@ void X509_REQ_INFO_free(X509_REQ_INFO *a) X509_NAME_free(a->subject); X509_PUBKEY_free(a->pubkey); sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free); - Free(a); + OPENSSL_free(a); } int i2d_X509_REQ(X509_REQ *a, unsigned char **pp) @@ -230,7 +230,7 @@ void X509_REQ_free(X509_REQ *a) X509_REQ_INFO_free(a->req_info); X509_ALGOR_free(a->sig_alg); M_ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c index 3559bd536853d..d79f147647cc6 100644 --- a/crypto/asn1/x_sig.c +++ b/crypto/asn1/x_sig.c @@ -104,7 +104,7 @@ void X509_SIG_free(X509_SIG *a) if (a == NULL) return; X509_ALGOR_free(a->algor); M_ASN1_OCTET_STRING_free(a->digest); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c index 8f5e7e6380a28..4f01888f7d53c 100644 --- a/crypto/asn1/x_spki.c +++ b/crypto/asn1/x_spki.c @@ -109,7 +109,7 @@ void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a) if (a == NULL) return; X509_PUBKEY_free(a->pubkey); M_ASN1_IA5STRING_free(a->challenge); - Free(a); + OPENSSL_free(a); } int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp) @@ -161,6 +161,6 @@ void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a) NETSCAPE_SPKAC_free(a->spkac); X509_ALGOR_free(a->sig_algor); M_ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c index 1a2f49ffdfd2e..0f8f020b57d33 100644 --- a/crypto/asn1/x_val.c +++ b/crypto/asn1/x_val.c @@ -104,6 +104,6 @@ void X509_VAL_free(X509_VAL *a) if (a == NULL) return; M_ASN1_TIME_free(a->notBefore); M_ASN1_TIME_free(a->notAfter); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index 11e564ea30a8c..ea71a29c9ab19 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -102,7 +102,7 @@ X509 *d2i_X509(X509 **a, unsigned char **pp, long length) M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF); M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - if (ret->name != NULL) Free(ret->name); + if (ret->name != NULL) OPENSSL_free(ret->name); ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509); @@ -152,8 +152,8 @@ void X509_free(X509 *a) M_ASN1_BIT_STRING_free(a->signature); X509_CERT_AUX_free(a->aux); - if (a->name != NULL) Free(a->name); - Free(a); + if (a->name != NULL) OPENSSL_free(a->name); + OPENSSL_free(a); } int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c index b9987ea96890e..42807cd334654 100644 --- a/crypto/asn1/x_x509a.c +++ b/crypto/asn1/x_x509a.c @@ -112,7 +112,7 @@ void X509_CERT_AUX_free(X509_CERT_AUX *a) ASN1_UTF8STRING_free(a->alias); ASN1_OCTET_STRING_free(a->keyid); sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free); - Free(a); + OPENSSL_free(a); } int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp) diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c index 569525019548a..cf67cadefd420 100644 --- a/crypto/bf/bftest.c +++ b/crypto/bf/bftest.c @@ -442,7 +442,8 @@ static int test(void) { BF_set_key(&key,n,key_test); BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT); - if (memcmp(out,&(key_out[n-1][0]),8) != 0) + /* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */ + if (memcmp(out,&(key_out[i=n-1][0]),8) != 0) { printf("blowfish setkey error\n"); err=1; diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c index 33fa27ac6c944..aafa85bd12a55 100644 --- a/crypto/bio/b_print.c +++ b/crypto/bio/b_print.c @@ -792,11 +792,11 @@ doapr_outch( if (*buffer == NULL) { if (*maxlen == 0) *maxlen = 1024; - *buffer = Malloc(*maxlen); + *buffer = OPENSSL_malloc(*maxlen); } while (*currlen >= *maxlen) { *maxlen += 1024; - *buffer = Realloc(*buffer, *maxlen); + *buffer = OPENSSL_realloc(*buffer, *maxlen); } /* What to do if *buffer is NULL? */ assert(*buffer != NULL); @@ -834,7 +834,7 @@ int BIO_printf (BIO *bio, const char *format, ...) ret=BIO_write(bio, hugebuf, (int)retlen); #ifdef USE_ALLOCATING_PRINT - Free(hugebuf); + OPENSSL_free(hugebuf); } CRYPTO_pop_info(); #endif diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index 6409f98f57007..b2958788b658b 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -267,14 +267,14 @@ static struct hostent *ghbn_dup(struct hostent *a) int i,j; MemCheck_off(); - ret=(struct hostent *)Malloc(sizeof(struct hostent)); + ret=(struct hostent *)OPENSSL_malloc(sizeof(struct hostent)); if (ret == NULL) return(NULL); memset(ret,0,sizeof(struct hostent)); for (i=0; a->h_aliases[i] != NULL; i++) ; i++; - ret->h_aliases = (char **)Malloc(i*sizeof(char *)); + ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *)); if (ret->h_aliases == NULL) goto err; memset(ret->h_aliases, 0, i*sizeof(char *)); @@ -282,25 +282,25 @@ static struct hostent *ghbn_dup(struct hostent *a) for (i=0; a->h_addr_list[i] != NULL; i++) ; i++; - ret->h_addr_list=(char **)Malloc(i*sizeof(char *)); + ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *)); if (ret->h_addr_list == NULL) goto err; memset(ret->h_addr_list, 0, i*sizeof(char *)); j=strlen(a->h_name)+1; - if ((ret->h_name=Malloc(j)) == NULL) goto err; + if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err; memcpy((char *)ret->h_name,a->h_name,j); for (i=0; a->h_aliases[i] != NULL; i++) { j=strlen(a->h_aliases[i])+1; - if ((ret->h_aliases[i]=Malloc(j)) == NULL) goto err; + if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err; memcpy(ret->h_aliases[i],a->h_aliases[i],j); } ret->h_length=a->h_length; ret->h_addrtype=a->h_addrtype; for (i=0; a->h_addr_list[i] != NULL; i++) { - if ((ret->h_addr_list[i]=Malloc(a->h_length)) == NULL) + if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL) goto err; memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length); } @@ -325,17 +325,17 @@ static void ghbn_free(struct hostent *a) if (a->h_aliases != NULL) { for (i=0; a->h_aliases[i] != NULL; i++) - Free(a->h_aliases[i]); - Free(a->h_aliases); + OPENSSL_free(a->h_aliases[i]); + OPENSSL_free(a->h_aliases); } if (a->h_addr_list != NULL) { for (i=0; a->h_addr_list[i] != NULL; i++) - Free(a->h_addr_list[i]); - Free(a->h_addr_list); + OPENSSL_free(a->h_addr_list[i]); + OPENSSL_free(a->h_addr_list); } - if (a->h_name != NULL) Free(a->h_name); - Free(a); + if (a->h_name != NULL) OPENSSL_free(a->h_name); + OPENSSL_free(a); } struct hostent *BIO_gethostbyname(const char *name) @@ -628,7 +628,7 @@ int BIO_get_accept_socket(char *host, int bind_mode) } ret=1; err: - if (str != NULL) Free(str); + if (str != NULL) OPENSSL_free(str); if ((ret == 0) && (s != INVALID_SOCKET)) { closesocket(s); @@ -667,7 +667,7 @@ int BIO_accept(int sock, char **addr) port=ntohs(from.sin_port); if (*addr == NULL) { - if ((p=Malloc(24)) == NULL) + if ((p=OPENSSL_malloc(24)) == NULL) { BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE); goto end; diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c index edffe92bce9b0..e9916d29eb7de 100644 --- a/crypto/bio/bf_buff.c +++ b/crypto/bio/bf_buff.c @@ -95,12 +95,12 @@ static int buffer_new(BIO *bi) { BIO_F_BUFFER_CTX *ctx; - ctx=(BIO_F_BUFFER_CTX *)Malloc(sizeof(BIO_F_BUFFER_CTX)); + ctx=(BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX)); if (ctx == NULL) return(0); - ctx->ibuf=(char *)Malloc(DEFAULT_BUFFER_SIZE); - if (ctx->ibuf == NULL) { Free(ctx); return(0); } - ctx->obuf=(char *)Malloc(DEFAULT_BUFFER_SIZE); - if (ctx->obuf == NULL) { Free(ctx->ibuf); Free(ctx); return(0); } + ctx->ibuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); + if (ctx->ibuf == NULL) { OPENSSL_free(ctx); return(0); } + ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); + if (ctx->obuf == NULL) { OPENSSL_free(ctx->ibuf); OPENSSL_free(ctx); return(0); } ctx->ibuf_size=DEFAULT_BUFFER_SIZE; ctx->obuf_size=DEFAULT_BUFFER_SIZE; ctx->ibuf_len=0; @@ -120,9 +120,9 @@ static int buffer_free(BIO *a) if (a == NULL) return(0); b=(BIO_F_BUFFER_CTX *)a->ptr; - if (b->ibuf != NULL) Free(b->ibuf); - if (b->obuf != NULL) Free(b->obuf); - Free(a->ptr); + if (b->ibuf != NULL) OPENSSL_free(b->ibuf); + if (b->obuf != NULL) OPENSSL_free(b->obuf); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -319,9 +319,9 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_SET_BUFF_READ_DATA: if (num > ctx->ibuf_size) { - p1=Malloc((int)num); + p1=OPENSSL_malloc((int)num); if (p1 == NULL) goto malloc_error; - if (ctx->ibuf != NULL) Free(ctx->ibuf); + if (ctx->ibuf != NULL) OPENSSL_free(ctx->ibuf); ctx->ibuf=p1; } ctx->ibuf_off=0; @@ -353,21 +353,21 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) p2=ctx->obuf; if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) { - p1=(char *)Malloc((int)num); + p1=(char *)OPENSSL_malloc((int)num); if (p1 == NULL) goto malloc_error; } if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) { - p2=(char *)Malloc((int)num); + p2=(char *)OPENSSL_malloc((int)num); if (p2 == NULL) { - if (p1 != ctx->ibuf) Free(p1); + if (p1 != ctx->ibuf) OPENSSL_free(p1); goto malloc_error; } } if (ctx->ibuf != p1) { - Free(ctx->ibuf); + OPENSSL_free(ctx->ibuf); ctx->ibuf=p1; ctx->ibuf_off=0; ctx->ibuf_len=0; @@ -375,7 +375,7 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) } if (ctx->obuf != p2) { - Free(ctx->obuf); + OPENSSL_free(ctx->obuf); ctx->obuf=p2; ctx->obuf_off=0; ctx->obuf_len=0; diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c index 9b4bcb19d4379..a4a60a0c6dbd2 100644 --- a/crypto/bio/bf_nbio.c +++ b/crypto/bio/bf_nbio.c @@ -104,7 +104,7 @@ static int nbiof_new(BIO *bi) { NBIO_TEST *nt; - nt=(NBIO_TEST *)Malloc(sizeof(NBIO_TEST)); + nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)); nt->lrn= -1; nt->lwn= -1; bi->ptr=(char *)nt; @@ -117,7 +117,7 @@ static int nbiof_free(BIO *a) { if (a == NULL) return(0); if (a->ptr != NULL) - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h index 2e25516cf379b..fa4e0e2225f0b 100644 --- a/crypto/bio/bio.h +++ b/crypto/bio/bio.h @@ -59,8 +59,10 @@ #ifndef HEADER_BIO_H #define HEADER_BIO_H -#include -#include +#ifndef NO_FP_API +# include +#endif + #include #ifdef __cplusplus @@ -262,6 +264,37 @@ struct bio_st }; DECLARE_STACK_OF(BIO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_BIO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_BIO_new_null() sk_new_null() + #define sk_BIO_free(a) sk_free(a) + #define sk_BIO_num(a) sk_num(a) + #define sk_BIO_value(a,b) ((BIO *) \ + sk_value((a),(b))) + #define sk_BIO_set(a,b,c) ((BIO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_BIO_zero(a) sk_zero(a) + #define sk_BIO_push(a,b) sk_push((a),(char *)(b)) + #define sk_BIO_unshift(a,b) sk_unshift((a),(b)) + #define sk_BIO_find(a,b) sk_find((a), (char *)(b)) + #define sk_BIO_delete(a,b) ((BIO *) \ + sk_delete((a),(b))) + #define sk_BIO_delete_ptr(a,b) ((BIO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_BIO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_BIO_set_cmp_func(a,b) ((int (*) \ + (const BIO * const *,const BIO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_BIO_dup(a) sk_dup(a) + #define sk_BIO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_BIO_shift(a) ((BIO *)sk_shift(a)) + #define sk_BIO_pop(a) ((BIO *)sk_pop(a)) + #define sk_BIO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ typedef struct bio_f_buffer_ctx_struct { @@ -476,11 +509,6 @@ size_t BIO_ctrl_get_write_guarantee(BIO *b); size_t BIO_ctrl_get_read_request(BIO *b); int BIO_ctrl_reset_read_request(BIO *b); -#ifdef NO_STDIO -#define NO_FP_API -#endif - - /* These two aren't currently implemented */ /* int BIO_get_ex_num(BIO *bio); */ /* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ @@ -491,6 +519,7 @@ int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, unsigned long BIO_number_read(BIO *bio); unsigned long BIO_number_written(BIO *bio); +# ifndef NO_FP_API # if defined(WIN16) && defined(_WINDLL) BIO_METHOD *BIO_s_file_internal(void); BIO *BIO_new_file_internal(char *filename, char *mode); @@ -506,6 +535,7 @@ BIO *BIO_new_fp(FILE *stream, int close_flag); # define BIO_new_file_internal BIO_new_file # define BIO_new_fp_internal BIO_s_file # endif /* FP_API */ +# endif BIO * BIO_new(BIO_METHOD *type); int BIO_set(BIO *a,BIO_METHOD *type); int BIO_free(BIO *a); diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index 77e43763cb041..d8cb83aaabaf8 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -70,7 +70,7 @@ BIO *BIO_new(BIO_METHOD *method) { BIO *ret=NULL; - ret=(BIO *)Malloc(sizeof(BIO)); + ret=(BIO *)OPENSSL_malloc(sizeof(BIO)); if (ret == NULL) { BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE); @@ -78,7 +78,7 @@ BIO *BIO_new(BIO_METHOD *method) } if (!BIO_set(ret,method)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } return(ret); @@ -133,7 +133,7 @@ int BIO_free(BIO *a) if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); ret=a->method->destroy(a); - Free(a); + OPENSSL_free(a); return(1); } diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index 09e8c90b536fa..4da5822062c17 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -145,7 +145,7 @@ BIO_ACCEPT *BIO_ACCEPT_new(void) { BIO_ACCEPT *ret; - if ((ret=(BIO_ACCEPT *)Malloc(sizeof(BIO_ACCEPT))) == NULL) + if ((ret=(BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL) return(NULL); memset(ret,0,sizeof(BIO_ACCEPT)); @@ -159,10 +159,10 @@ void BIO_ACCEPT_free(BIO_ACCEPT *a) if(a == NULL) return; - if (a->param_addr != NULL) Free(a->param_addr); - if (a->addr != NULL) Free(a->addr); + if (a->param_addr != NULL) OPENSSL_free(a->param_addr); + if (a->addr != NULL) OPENSSL_free(a->addr); if (a->bio_chain != NULL) BIO_free(a->bio_chain); - Free(a); + OPENSSL_free(a); } static void acpt_close_socket(BIO *bio) @@ -355,7 +355,7 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr) { b->init=1; if (data->param_addr != NULL) - Free(data->param_addr); + OPENSSL_free(data->param_addr); data->param_addr=BUF_strdup(ptr); } else if (num == 1) diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c index 94cc63c9fe6f9..78c6ab4fdd97e 100644 --- a/crypto/bio/bss_bio.c +++ b/crypto/bio/bss_bio.c @@ -80,7 +80,7 @@ static int bio_new(BIO *bio) { struct bio_bio_st *b; - b = Malloc(sizeof *b); + b = OPENSSL_malloc(sizeof *b); if (b == NULL) return 0; @@ -108,10 +108,10 @@ static int bio_free(BIO *bio) if (b->buf != NULL) { - Free(b->buf); + OPENSSL_free(b->buf); } - Free(b); + OPENSSL_free(b); return 1; } @@ -464,7 +464,7 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr) { if (b->buf) { - Free(b->buf); + OPENSSL_free(b->buf); b->buf = NULL; } b->size = new_size; @@ -652,7 +652,7 @@ static int bio_make_pair(BIO *bio1, BIO *bio2) if (b1->buf == NULL) { - b1->buf = Malloc(b1->size); + b1->buf = OPENSSL_malloc(b1->size); if (b1->buf == NULL) { BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); @@ -664,7 +664,7 @@ static int bio_make_pair(BIO *bio1, BIO *bio2) if (b2->buf == NULL) { - b2->buf = Malloc(b2->size); + b2->buf = OPENSSL_malloc(b2->size); if (b2->buf == NULL) { BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index f0466adca3045..1281a0af0dc8e 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -165,7 +165,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) break; } if (c->param_port != NULL) - Free(c->param_port); + OPENSSL_free(c->param_port); c->param_port=BUF_strdup(p); } } @@ -322,7 +322,7 @@ BIO_CONNECT *BIO_CONNECT_new(void) { BIO_CONNECT *ret; - if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL) + if ((ret=(BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL) return(NULL); ret->state=BIO_CONN_S_BEFORE; ret->param_hostname=NULL; @@ -344,10 +344,10 @@ void BIO_CONNECT_free(BIO_CONNECT *a) return; if (a->param_hostname != NULL) - Free(a->param_hostname); + OPENSSL_free(a->param_hostname); if (a->param_port != NULL) - Free(a->param_port); - Free(a); + OPENSSL_free(a->param_port); + OPENSSL_free(a); } BIO_METHOD *BIO_s_connect(void) @@ -507,13 +507,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) if (num == 0) { if (data->param_hostname != NULL) - Free(data->param_hostname); + OPENSSL_free(data->param_hostname); data->param_hostname=BUF_strdup(ptr); } else if (num == 1) { if (data->param_port != NULL) - Free(data->param_port); + OPENSSL_free(data->param_port); data->param_port=BUF_strdup(ptr); } else if (num == 2) @@ -524,7 +524,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) sprintf(buf,"%d.%d.%d.%d", p[0],p[1],p[2],p[3]); if (data->param_hostname != NULL) - Free(data->param_hostname); + OPENSSL_free(data->param_hostname); data->param_hostname=BUF_strdup(buf); memcpy(&(data->ip[0]),ptr,4); } @@ -534,7 +534,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) sprintf(buf,"%d",*(int *)ptr); if (data->param_port != NULL) - Free(data->param_port); + OPENSSL_free(data->param_port); data->param_port=BUF_strdup(buf); data->port= *(int *)ptr; } diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c index a8e01a0f93010..be2ad38383b29 100644 --- a/crypto/bio/bss_log.c +++ b/crypto/bio/bss_log.c @@ -160,7 +160,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl) char* pp; int priority; - if((buf= (char *)Malloc(inl+ 1)) == NULL){ + if((buf= (char *)OPENSSL_malloc(inl+ 1)) == NULL){ return(0); } strncpy(buf, in, inl); @@ -182,7 +182,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl) xsyslog(b, priority, pp); - Free(buf); + OPENSSL_free(buf); return(ret); } @@ -294,7 +294,7 @@ static void xsyslog(BIO *bp, int priority, const char *string) lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string); /* we know there's an 8 byte header. That's documented */ - opcdef_p = (struct opcdef *) Malloc(8 + len); + opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len); opcdef_p->opc$b_ms_type = OPC$_RQ_RQST; memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3); opcdef_p->opc$l_ms_rqstid = 0; @@ -307,7 +307,7 @@ static void xsyslog(BIO *bp, int priority, const char *string) sys$sndopr(opc_dsc, 0); - Free(opcdef_p); + OPENSSL_free(opcdef_p); } static void xcloselog(BIO* bp) diff --git a/crypto/bio/bss_rtcp.c b/crypto/bio/bss_rtcp.c index 4ad0739464b9d..1a0078ad6e161 100644 --- a/crypto/bio/bss_rtcp.c +++ b/crypto/bio/bss_rtcp.c @@ -156,7 +156,7 @@ static int rtcp_new(BIO *bi) bi->init=1; bi->num=0; bi->flags = 0; - bi->ptr=Malloc(sizeof(struct rpc_ctx)); + bi->ptr=OPENSSL_malloc(sizeof(struct rpc_ctx)); ctx = (struct rpc_ctx *) bi->ptr; ctx->filled = 0; ctx->pos = 0; @@ -166,7 +166,7 @@ static int rtcp_new(BIO *bi) static int rtcp_free(BIO *a) { if (a == NULL) return(0); - if ( a->ptr ) Free ( a->ptr ); + if ( a->ptr ) OPENSSL_free ( a->ptr ); a->ptr = NULL; return(1); } diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 009b0eb6856f5..000ff48155f07 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -59,7 +59,7 @@ #ifndef HEADER_BN_H #define HEADER_BN_H -#ifndef WIN16 +#ifndef NO_FP_API #include /* FILE */ #endif #include @@ -364,6 +364,8 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx); int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, @@ -484,6 +486,7 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); #define BN_F_BN_DIV 107 #define BN_F_BN_EXPAND2 108 #define BN_F_BN_MOD_EXP_MONT 109 +#define BN_F_BN_MOD_EXP_MONT_WORD 117 #define BN_F_BN_MOD_INVERSE 110 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 #define BN_F_BN_MPI2BN 112 diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 1b1bb060463f2..2d287e6d1bb15 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -67,7 +67,7 @@ BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod) bn_check_top(Ai); bn_check_top(mod); - if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL) + if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) { BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -91,7 +91,7 @@ void BN_BLINDING_free(BN_BLINDING *r) if (r->A != NULL) BN_free(r->A ); if (r->Ai != NULL) BN_free(r->Ai); - Free(r); + OPENSSL_free(r); } int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 46132fd1806a0..b1a8d7571e83a 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -69,7 +69,7 @@ BN_CTX *BN_CTX_new(void) { BN_CTX *ret; - ret=(BN_CTX *)Malloc(sizeof(BN_CTX)); + ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX)); if (ret == NULL) { BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); @@ -102,7 +102,7 @@ void BN_CTX_free(BN_CTX *ctx) for (i=0; i < BN_CTX_NUM; i++) BN_clear_free(&(ctx->bn[i])); if (ctx->flags & BN_FLG_MALLOCED) - Free(ctx); + OPENSSL_free(ctx); } void BN_CTX_start(BN_CTX *ctx) diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index 988270bcf4f7c..e0cbd70b7dbec 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -77,6 +77,7 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, {ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, +{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_MOD_EXP_MONT_WORD"}, {ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, {ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, {ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index 0c11601675493..96f34fa529b7c 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -66,6 +66,7 @@ # include #endif + #define TABLE_SIZE 16 /* slow but works */ @@ -91,42 +92,6 @@ int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx) return(r); } -#if 0 -/* this one works - simple but works */ -int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx) - { - int i,bits,ret=0; - BIGNUM *v,*tmp; - - BN_CTX_start(ctx); - v = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - if (v == NULL || tmp == NULL) goto err; - - if (BN_copy(v,a) == NULL) goto err; - bits=BN_num_bits(p); - - if (BN_is_odd(p)) - { if (BN_copy(r,a) == NULL) goto err; } - else { if (!BN_one(r)) goto err; } - - for (i=1; id[m->top-1]&BN_TBIT) && BN_is_odd(m)) */ if (BN_is_odd(m)) - { ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); } + { + if (a->top == 1) + { + BN_ULONG A = a->d[0]; + ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); + } + else + ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); + } else #endif #ifdef RECP_MUL_MOD @@ -370,7 +345,7 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, return(ret); } -/* #ifdef RECP_MUL_MOD */ + int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { @@ -485,9 +460,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_RECP_CTX_free(&recp); return(ret); } -/* #endif */ -/* #ifdef MONT_MUL_MOD */ + int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) { @@ -527,11 +501,9 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, /* If this is not done, things will break in the montgomery * part */ -#if 1 if (in_mont != NULL) mont=in_mont; else -#endif { if ((mont=BN_MONT_CTX_new()) == NULL) goto err; if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; @@ -541,7 +513,8 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, ts=1; if (BN_ucmp(a,m) >= 0) { - BN_mod(&(val[0]),a,m,ctx); + if (!BN_mod(&(val[0]),a,m,ctx)) + goto err; aa= &(val[0]); } else @@ -574,7 +547,7 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, wstart=bits-1; /* The top bit of the window */ wend=0; /* The bottom bit of the window */ - if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err; + if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err; for (;;) { if (BN_is_bit_set(p,wstart) == 0) @@ -635,7 +608,82 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, BN_clear_free(&(val[i])); return(ret); } -/* #endif */ + +int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +/* if we had BN_mod_exp_mont_2, we could even use windowing in it */ + { + int b, bits, ret=0; + BIGNUM *d, *r, *t; + BN_MONT_CTX *mont = NULL; + + bn_check_top(p); + bn_check_top(m); + + if (!(m->d[0] & 1)) + { + BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); + return(0); + } + bits = BN_num_bits(p); + if (bits == 0) + { + BN_one(rr); + return(1); + } + BN_CTX_start(ctx); + d = BN_CTX_get(ctx); + r = BN_CTX_get(ctx); + t = BN_CTX_get(ctx); + if (d == NULL || r == NULL || t == NULL) goto err; + +#ifdef ATALLA + if (!tried_atalla) + { + BN_set_word(t, a); + if (BN_mod_exp_word_atalla(rr, t, p, m)) + return 1; + } +/* If it fails, try the other methods */ +#endif + + if (in_mont != NULL) + mont=in_mont; + else + { + if ((mont = BN_MONT_CTX_new()) == NULL) goto err; + if (!BN_MONT_CTX_set(mont, m, ctx)) goto err; + } + + if (!BN_to_montgomery(r, BN_value_one(), mont, ctx)) goto err; + for (b = bits-1; b >= 0; b--) + { + if (BN_is_bit_set(p, b)) + { + if (!BN_mul_word(r, a)) + goto err; + if (BN_ucmp(r, m) >= 0) + { + if (!BN_mod(t, r, m, ctx)) + goto err; + { BIGNUM *swap_tmp = r; r = t; t = swap_tmp; } + } + } + + if (b > 0) + { + if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) + goto err; + } + } + BN_from_montgomery(rr, r, mont, ctx); + ret = 1; +err: + if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); + BN_CTX_end(ctx); + return(ret); + } + /* The old fallback, simple version :-) */ int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 0e6b12d9c3639..81e5d7d98e8d8 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -264,22 +264,22 @@ void BN_clear_free(BIGNUM *a) { memset(a->d,0,a->max*sizeof(a->d[0])); if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) - Free(a->d); + OPENSSL_free(a->d); } i=BN_get_flags(a,BN_FLG_MALLOCED); memset(a,0,sizeof(BIGNUM)); if (i) - Free(a); + OPENSSL_free(a); } void BN_free(BIGNUM *a) { if (a == NULL) return; if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) - Free(a->d); + OPENSSL_free(a->d); a->flags|=BN_FLG_FREE; /* REMOVE? */ if (a->flags & BN_FLG_MALLOCED) - Free(a); + OPENSSL_free(a); } void BN_init(BIGNUM *a) @@ -291,7 +291,7 @@ BIGNUM *BN_new(void) { BIGNUM *ret; - if ((ret=(BIGNUM *)Malloc(sizeof(BIGNUM))) == NULL) + if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) { BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -325,7 +325,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return(NULL); } - a=A=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(words+1)); + a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); if (A == NULL) { BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); @@ -423,7 +423,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) case 0: ; /* ultrix cc workaround, see above */ } #endif - Free(b->d); + OPENSSL_free(b->d); } b->d=a; diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 598fecbf0c89f..b8eb2b7998e23 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -234,7 +234,7 @@ BN_MONT_CTX *BN_MONT_CTX_new(void) { BN_MONT_CTX *ret; - if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL) + if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL) return(NULL); BN_MONT_CTX_init(ret); @@ -260,7 +260,7 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) BN_free(&(mont->N)); BN_free(&(mont->Ni)); if (mont->flags & BN_FLG_MALLOCED) - Free(mont); + OPENSSL_free(mont); } int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 782a96e7e0a69..532e66bcc3976 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -64,14 +64,14 @@ static const char *Hex="0123456789ABCDEF"; -/* Must 'Free' the returned data */ +/* Must 'OPENSSL_free' the returned data */ char *BN_bn2hex(const BIGNUM *a) { int i,j,v,z=0; char *buf; char *p; - buf=(char *)Malloc(a->top*BN_BYTES*2+2); + buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2); if (buf == NULL) { BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE); @@ -99,7 +99,7 @@ char *BN_bn2hex(const BIGNUM *a) return(buf); } -/* Must 'Free' the returned data */ +/* Must 'OPENSSL_free' the returned data */ char *BN_bn2dec(const BIGNUM *a) { int i=0,num; @@ -110,8 +110,8 @@ char *BN_bn2dec(const BIGNUM *a) i=BN_num_bits(a)*3; num=(i/10+i/1000+3)+1; - bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); - buf=(char *)Malloc(num+3); + bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); + buf=(char *)OPENSSL_malloc(num+3); if ((buf == NULL) || (bn_data == NULL)) { BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); @@ -149,7 +149,7 @@ char *BN_bn2dec(const BIGNUM *a) } } err: - if (bn_data != NULL) Free(bn_data); + if (bn_data != NULL) OPENSSL_free(bn_data); if (t != NULL) BN_free(t); return(buf); } diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 943712c15b8f2..b1163f7ec4417 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -72,7 +72,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) bit=(bits-1)%8; mask=0xff<N)); BN_free(&(recp->Nr)); if (recp->flags & BN_FLG_MALLOCED) - Free(recp); + OPENSSL_free(recp); } int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c index c3a108ea52115..b76ff3ad7acf2 100644 --- a/crypto/buffer/buffer.c +++ b/crypto/buffer/buffer.c @@ -64,7 +64,7 @@ BUF_MEM *BUF_MEM_new(void) { BUF_MEM *ret; - ret=Malloc(sizeof(BUF_MEM)); + ret=OPENSSL_malloc(sizeof(BUF_MEM)); if (ret == NULL) { BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE); @@ -84,9 +84,9 @@ void BUF_MEM_free(BUF_MEM *a) if (a->data != NULL) { memset(a->data,0,(unsigned int)a->max); - Free(a->data); + OPENSSL_free(a->data); } - Free(a); + OPENSSL_free(a); } int BUF_MEM_grow(BUF_MEM *str, int len) @@ -107,9 +107,9 @@ int BUF_MEM_grow(BUF_MEM *str, int len) } n=(len+3)/3*4; if (str->data == NULL) - ret=Malloc(n); + ret=OPENSSL_malloc(n); else - ret=Realloc(str->data,n); + ret=OPENSSL_realloc(str->data,n); if (ret == NULL) { BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); @@ -132,7 +132,7 @@ char *BUF_strdup(const char *str) if (str == NULL) return(NULL); n=strlen(str); - ret=Malloc(n+1); + ret=OPENSSL_malloc(n+1); if (ret == NULL) { BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE); diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c index acf2c3eeb51e3..76e40005c9983 100644 --- a/crypto/cast/c_skey.c +++ b/crypto/cast/c_skey.c @@ -72,7 +72,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -void CAST_set_key(CAST_KEY *key, int len, unsigned char *data) +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) { CAST_LONG x[16]; CAST_LONG z[16]; diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h index 6cc5e8aa8cf04..e24e13309979f 100644 --- a/crypto/cast/cast.h +++ b/crypto/cast/cast.h @@ -82,7 +82,7 @@ typedef struct cast_key_st } CAST_KEY; -void CAST_set_key(CAST_KEY *key, int len, unsigned char *data); +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, int enc); void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c index a67ef23bc0fd2..beb98ce8ccc8c 100644 --- a/crypto/comp/comp_lib.c +++ b/crypto/comp/comp_lib.c @@ -8,7 +8,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) { COMP_CTX *ret; - if ((ret=(COMP_CTX *)Malloc(sizeof(COMP_CTX))) == NULL) + if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) { /* ZZZZZZZZZZZZZZZZ */ return(NULL); @@ -17,7 +17,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) ret->meth=meth; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } #if 0 @@ -37,7 +37,7 @@ void COMP_CTX_free(COMP_CTX *ctx) if (ctx->meth->finish != NULL) ctx->meth->finish(ctx); - Free(ctx); + OPENSSL_free(ctx); } int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h index 2f70634455b95..0adda45dd3e04 100644 --- a/crypto/conf/conf.h +++ b/crypto/conf/conf.h @@ -77,6 +77,37 @@ typedef struct } CONF_VALUE; DECLARE_STACK_OF(CONF_VALUE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_CONF_VALUE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_CONF_VALUE_new_null() sk_new_null() + #define sk_CONF_VALUE_free(a) sk_free(a) + #define sk_CONF_VALUE_num(a) sk_num(a) + #define sk_CONF_VALUE_value(a,b) ((CONF_VALUE *) \ + sk_value((a),(b))) + #define sk_CONF_VALUE_set(a,b,c) ((CONF_VALUE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_CONF_VALUE_zero(a) sk_zero(a) + #define sk_CONF_VALUE_push(a,b) sk_push((a),(char *)(b)) + #define sk_CONF_VALUE_unshift(a,b) sk_unshift((a),(b)) + #define sk_CONF_VALUE_find(a,b) sk_find((a), (char *)(b)) + #define sk_CONF_VALUE_delete(a,b) ((CONF_VALUE *) \ + sk_delete((a),(b))) + #define sk_CONF_VALUE_delete_ptr(a,b) ((CONF_VALUE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_CONF_VALUE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_CONF_VALUE_set_cmp_func(a,b) ((int (*) \ + (const CONF_VALUE * const *,const CONF_VALUE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_CONF_VALUE_dup(a) sk_dup(a) + #define sk_CONF_VALUE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_CONF_VALUE_shift(a) ((CONF_VALUE *)sk_shift(a)) + #define sk_CONF_VALUE_pop(a) ((CONF_VALUE *)sk_pop(a)) + #define sk_CONF_VALUE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ struct conf_st; typedef struct conf_st CONF; diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 29989270ab2c5..8b6bc9accb169 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -107,9 +107,9 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) if (v != NULL) { sk_CONF_VALUE_delete_ptr(ts,v); - Free(v->name); - Free(v->value); - Free(v); + OPENSSL_free(v->name); + OPENSSL_free(v->value); + OPENSSL_free(v); } return 1; } @@ -181,7 +181,7 @@ void _CONF_free_data(CONF *conf) { if (conf == NULL || conf->data == NULL) return; - conf->data->down_load=0; /* evil thing to make sure the 'Free()' + conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()' * works as expected */ lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data); @@ -212,13 +212,13 @@ static void value_free_stack(CONF_VALUE *a, LHASH *conf) for (i=sk_num(sk)-1; i>=0; i--) { vv=(CONF_VALUE *)sk_value(sk,i); - Free(vv->value); - Free(vv->name); - Free(vv); + OPENSSL_free(vv->value); + OPENSSL_free(vv->name); + OPENSSL_free(vv); } if (sk != NULL) sk_free(sk); - Free(a->section); - Free(a); + OPENSSL_free(a->section); + OPENSSL_free(a); } static unsigned long hash(CONF_VALUE *v) @@ -256,10 +256,10 @@ CONF_VALUE *_CONF_new_section(CONF *conf, char *section) if ((sk=sk_new_null()) == NULL) goto err; - if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL) + if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL) goto err; i=strlen(section)+1; - if ((v->section=(char *)Malloc(i)) == NULL) + if ((v->section=(char *)OPENSSL_malloc(i)) == NULL) goto err; memcpy(v->section,section,i); @@ -279,7 +279,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, char *section) if (!ok) { if (sk != NULL) sk_free(sk); - if (v != NULL) Free(v); + if (v != NULL) OPENSSL_free(v); v=NULL; } return(v); diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 368a31a92f070..773df32c681bb 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -59,6 +59,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include +#include #include #include #include @@ -73,7 +74,7 @@ static void clear_comments(CONF *conf, char *p); static int str_copy(CONF *conf,char *section,char **to, char *from); static char *scan_quote(CONF *conf, char *p); static char *scan_dquote(CONF *conf, char *p); -#define scan_esc(p) (((IS_EOF((conf),(p)[1]))?(p+=1):(p+=2))) +#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2))) static CONF *def_create(CONF_METHOD *meth); static int def_init_default(CONF *conf); @@ -124,11 +125,11 @@ static CONF *def_create(CONF_METHOD *meth) { CONF *ret; - ret = (CONF *)Malloc(sizeof(CONF) + sizeof(unsigned short *)); + ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *)); if (ret) if (meth->init(ret) == 0) { - Free(ret); + OPENSSL_free(ret); ret = NULL; } return ret; @@ -162,7 +163,7 @@ static int def_destroy(CONF *conf) { if (def_destroy_data(conf)) { - Free(conf); + OPENSSL_free(conf); return 1; } return 0; @@ -198,7 +199,7 @@ static int def_load(CONF *conf, BIO *in, long *line) goto err; } - section=(char *)Malloc(10); + section=(char *)OPENSSL_malloc(10); if (section == NULL) { CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); @@ -345,14 +346,14 @@ static int def_load(CONF *conf, BIO *in, long *line) p++; *p='\0'; - if (!(v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE)))) + if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { CONFerr(CONF_F_CONF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } if (psection == NULL) psection=section; - v->name=(char *)Malloc(strlen(pname)+1); + v->name=(char *)OPENSSL_malloc(strlen(pname)+1); v->value=NULL; if (v->name == NULL) { @@ -400,29 +401,29 @@ static int def_load(CONF *conf, BIO *in, long *line) if (vv != NULL) { sk_CONF_VALUE_delete_ptr(ts,vv); - Free(vv->name); - Free(vv->value); - Free(vv); + OPENSSL_free(vv->name); + OPENSSL_free(vv->value); + OPENSSL_free(vv); } #endif v=NULL; } } if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) Free(section); + if (section != NULL) OPENSSL_free(section); return(1); err: if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) Free(section); + if (section != NULL) OPENSSL_free(section); if (line != NULL) *line=eline; sprintf(btmp,"%ld",eline); ERR_add_error_data(2,"line ",btmp); if ((h != conf->data) && (conf->data != NULL)) CONF_free(conf->data); if (v != NULL) { - if (v->name != NULL) Free(v->name); - if (v->value != NULL) Free(v->value); - if (v != NULL) Free(v); + if (v->name != NULL) OPENSSL_free(v->name); + if (v->value != NULL) OPENSSL_free(v->value); + if (v != NULL) OPENSSL_free(v); } return(0); } @@ -465,7 +466,7 @@ static void clear_comments(CONF *conf, char *p) } if (IS_ESC(conf,*p)) { - p=scan_esc(p); + p=scan_esc(conf,p); continue; } if (IS_EOF(conf,*p)) @@ -602,9 +603,9 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) buf->data[to++]= *(from++); } buf->data[to]='\0'; - if (*pto != NULL) Free(*pto); + if (*pto != NULL) OPENSSL_free(*pto); *pto=buf->data; - Free(buf); + OPENSSL_free(buf); return(1); err: if (buf != NULL) BUF_MEM_free(buf); @@ -624,7 +625,7 @@ static char *eat_alpha_numeric(CONF *conf, char *p) { if (IS_ESC(conf,*p)) { - p=scan_esc(p); + p=scan_esc(conf,p); continue; } if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p)) diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 0502a874a0683..9ff520a6e5cc8 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -130,7 +130,7 @@ int CRYPTO_get_new_lockid(char *name) return(0); i=sk_push(app_locks,str); if (!i) - Free(str); + OPENSSL_free(str); else i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ return(i); diff --git a/crypto/crypto.h b/crypto/crypto.h index 71f2f6fdf244c..59b4c9b0ef221 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -202,6 +202,37 @@ typedef struct crypto_ex_data_func_st } CRYPTO_EX_DATA_FUNCS; DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_CRYPTO_EX_DATA_FUNCS_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_CRYPTO_EX_DATA_FUNCS_new_null() sk_new_null() + #define sk_CRYPTO_EX_DATA_FUNCS_free(a) sk_free(a) + #define sk_CRYPTO_EX_DATA_FUNCS_num(a) sk_num(a) + #define sk_CRYPTO_EX_DATA_FUNCS_value(a,b) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_value((a),(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_set(a,b,c) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_set((a),(b),(char *)(c))) + #define sk_CRYPTO_EX_DATA_FUNCS_zero(a) sk_zero(a) + #define sk_CRYPTO_EX_DATA_FUNCS_push(a,b) sk_push((a),(char *)(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_unshift(a,b) sk_unshift((a),(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_find(a,b) sk_find((a), (char *)(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_delete(a,b) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_delete((a),(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(a,b) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(a,b) ((int (*) \ + (const CRYPTO_EX_DATA_FUNCS * const *,const CRYPTO_EX_DATA_FUNCS * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_dup(a) sk_dup(a) + #define sk_CRYPTO_EX_DATA_FUNCS_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_shift(a) ((CRYPTO_EX_DATA_FUNCS *)sk_shift(a)) + #define sk_CRYPTO_EX_DATA_FUNCS_pop(a) ((CRYPTO_EX_DATA_FUNCS *)sk_pop(a)) + #define sk_CRYPTO_EX_DATA_FUNCS_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA * entry. @@ -251,16 +282,17 @@ int CRYPTO_is_mem_check_on(void); #define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) #define is_MemCheck_on() CRYPTO_is_mem_check_on() -#define Malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) -#define Realloc(addr,num) \ +#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +#define OPENSSL_realloc(addr,num) \ CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) -#define Remalloc(addr,num) \ +#define OPENSSL_remalloc(addr,num) \ CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) -#define FreeFunc CRYPTO_free -#define Free(addr) CRYPTO_free(addr) +#define OPENSSL_freeFunc CRYPTO_free +#define OPENSSL_free(addr) CRYPTO_free(addr) -#define Malloc_locked(num) CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) -#define Free_locked(addr) CRYPTO_free_locked(addr) +#define OPENSSL_malloc_locked(num) \ + CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) +#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) /* Case insensiteve linking causes problems.... */ @@ -380,4 +412,3 @@ void ERR_load_CRYPTO_strings(void); } #endif #endif - diff --git a/crypto/des/des.c b/crypto/des/des.c index 0197489c9ed42..215d7413c0766 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -374,8 +374,8 @@ void doencryption(void) if (buf == NULL) { - if ( (( buf=Malloc(BUFSIZE+8)) == NULL) || - ((obuf=Malloc(BUFSIZE+8)) == NULL)) + if ( (( buf=OPENSSL_malloc(BUFSIZE+8)) == NULL) || + ((obuf=OPENSSL_malloc(BUFSIZE+8)) == NULL)) { fputs("Not enough memory\n",stderr); Exit=10; diff --git a/crypto/des/des.h b/crypto/des/des.h index cf536e642895c..2db9748cb410f 100644 --- a/crypto/des/des.h +++ b/crypto/des/des.h @@ -67,7 +67,6 @@ #error replaces . #endif -#include #include /* DES_LONG */ #include /* OPENSSL_EXTERN */ diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c index 7399ff7269837..af2d9177d2a21 100644 --- a/crypto/des/enc_read.c +++ b/crypto/des/enc_read.c @@ -103,17 +103,17 @@ int des_enc_read(int fd, void *buf, int len, des_key_schedule sched, if (tmpbuf == NULL) { - tmpbuf=Malloc(BSIZE); + tmpbuf=OPENSSL_malloc(BSIZE); if (tmpbuf == NULL) return(-1); } if (net == NULL) { - net=Malloc(BSIZE); + net=OPENSSL_malloc(BSIZE); if (net == NULL) return(-1); } if (unnet == NULL) { - unnet=Malloc(BSIZE); + unnet=OPENSSL_malloc(BSIZE); if (unnet == NULL) return(-1); } /* left over data from last decrypt */ diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c index 4d3452724ecf7..cc2b50fb50929 100644 --- a/crypto/des/enc_writ.c +++ b/crypto/des/enc_writ.c @@ -95,7 +95,7 @@ int des_enc_write(int fd, const void *_buf, int len, if (outbuf == NULL) { - outbuf=Malloc(BSIZE+HDRSIZE); + outbuf=OPENSSL_malloc(BSIZE+HDRSIZE); if (outbuf == NULL) return(-1); } /* If we are sending less than 8 bytes, the same char will look diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 28817cb6306b8..6915d79dcc2ec 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -196,19 +196,26 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); -} + { + if (a->top == 1) + { + BN_ULONG A = a->d[0]; + return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); + } + else + return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx); + } + static int dh_init(DH *dh) -{ + { dh->flags |= DH_FLAG_CACHE_MONT_P; return(1); -} + } static int dh_finish(DH *dh) -{ + { if(dh->method_mont_p) BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); return(1); -} + } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index d4f193c8f0964..2eedad6c38a13 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -135,7 +135,7 @@ DH *DH_new_method(ENGINE *engine) { DH_METHOD *meth; DH *ret; - ret=(DH *)Malloc(sizeof(DH)); + ret=(DH *)OPENSSL_malloc(sizeof(DH)); if (ret == NULL) { @@ -170,7 +170,7 @@ DH *DH_new_method(ENGINE *engine) ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -206,11 +206,11 @@ void DH_free(DH *r) if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); if (r->j != NULL) BN_clear_free(r->j); - if (r->seed) Free(r->seed); + if (r->seed) OPENSSL_free(r->seed); if (r->counter != NULL) BN_clear_free(r->counter); if (r->pub_key != NULL) BN_clear_free(r->pub_key); if (r->priv_key != NULL) BN_clear_free(r->priv_key); - Free(r); + OPENSSL_free(r); } int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c index d66c28455ec01..f0151253d788e 100644 --- a/crypto/dh/dhtest.c +++ b/crypto/dh/dhtest.c @@ -140,7 +140,7 @@ int main(int argc, char *argv[]) BIO_puts(out,"\n"); alen=DH_size(a); - abuf=(unsigned char *)Malloc(alen); + abuf=(unsigned char *)OPENSSL_malloc(alen); aout=DH_compute_key(abuf,b->pub_key,a); BIO_puts(out,"key1 ="); @@ -152,7 +152,7 @@ int main(int argc, char *argv[]) BIO_puts(out,"\n"); blen=DH_size(b); - bbuf=(unsigned char *)Malloc(blen); + bbuf=(unsigned char *)OPENSSL_malloc(blen); bout=DH_compute_key(bbuf,a->pub_key,b); BIO_puts(out,"key2 ="); @@ -170,8 +170,8 @@ int main(int argc, char *argv[]) else ret=0; err: - if (abuf != NULL) Free(abuf); - if (bbuf != NULL) Free(bbuf); + if (abuf != NULL) OPENSSL_free(abuf); + if (bbuf != NULL) OPENSSL_free(bbuf); if(b != NULL) DH_free(b); if(a != NULL) DH_free(a); BIO_free(out); diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index c9b32b4db78c5..a76c8f7c7eb38 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -10,7 +10,7 @@ DSA_SIG *DSA_SIG_new(void) { DSA_SIG *ret; - ret = Malloc(sizeof(DSA_SIG)); + ret = OPENSSL_malloc(sizeof(DSA_SIG)); if (ret == NULL) { DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE); @@ -26,7 +26,7 @@ void DSA_SIG_free(DSA_SIG *r) if (r == NULL) return; if (r->r) BN_clear_free(r->r); if (r->s) BN_clear_free(r->s); - Free(r); + OPENSSL_free(r); } int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) @@ -35,7 +35,7 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) ASN1_INTEGER rbs,sbs; unsigned char *p; - rbs.data=Malloc(BN_num_bits(v->r)/8+1); + rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1); if (rbs.data == NULL) { DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); @@ -43,10 +43,10 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) } rbs.type=V_ASN1_INTEGER; rbs.length=BN_bn2bin(v->r,rbs.data); - sbs.data=Malloc(BN_num_bits(v->s)/8+1); + sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1); if (sbs.data == NULL) { - Free(rbs.data); + OPENSSL_free(rbs.data); DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); return(0); } @@ -64,8 +64,8 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) i2d_ASN1_INTEGER(&sbs,&p); } t=ASN1_object_size(1,len,V_ASN1_SEQUENCE); - Free(rbs.data); - Free(sbs.data); + OPENSSL_free(rbs.data); + OPENSSL_free(sbs.data); return(t); } diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index fd33461bcfd45..c91ff00d1e88e 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -140,7 +140,7 @@ DSA *DSA_new_method(ENGINE *engine) DSA_METHOD *meth; DSA *ret; - ret=(DSA *)Malloc(sizeof(DSA)); + ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); if (ret == NULL) { DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE); @@ -175,7 +175,7 @@ DSA *DSA_new_method(ENGINE *engine) ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -217,7 +217,7 @@ void DSA_free(DSA *r) if (r->priv_key != NULL) BN_clear_free(r->priv_key); if (r->kinv != NULL) BN_clear_free(r->kinv); if (r->r != NULL) BN_clear_free(r->r); - Free(r); + OPENSSL_free(r); } int DSA_size(DSA *r) diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index f41ebf1aa4792..861f5fb84e906 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -100,7 +100,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) * to stealing the "best available" method. Will fallback * to DSO_METH_null() in the worst case. */ default_DSO_meth = DSO_METHOD_openssl(); - ret = (DSO *)Malloc(sizeof(DSO)); + ret = (DSO *)OPENSSL_malloc(sizeof(DSO)); if(ret == NULL) { DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -112,7 +112,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) { /* sk_new doesn't generate any errors so we do */ DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); - Free(ret); + OPENSSL_free(ret); return(NULL); } if(meth == NULL) @@ -122,7 +122,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) ret->references = 1; if((ret->meth->init != NULL) && !ret->meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } return(ret); @@ -165,7 +165,7 @@ int DSO_free(DSO *dso) sk_free(dso->meth_data); - Free(dso); + OPENSSL_free(dso); return(1); } diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c index 212a255b4b387..e204b6b07bd91 100644 --- a/crypto/dso/dso_win32.c +++ b/crypto/dso/dso_win32.c @@ -133,19 +133,19 @@ static int win32_load(DSO *dso, const char *filename) DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED); return(0); } - p = (HINSTANCE *)Malloc(sizeof(HINSTANCE)); + p = (HINSTANCE *)OPENSSL_malloc(sizeof(HINSTANCE)); if(p == NULL) { DSOerr(DSO_F_WIN32_LOAD,ERR_R_MALLOC_FAILURE); - FreeLibrary(h); + OPENSSL_freeLibrary(h); return(0); } *p = h; if(!sk_push(dso->meth_data, (char *)p)) { DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR); - FreeLibrary(h); - Free(p); + OPENSSL_freeLibrary(h); + OPENSSL_free(p); return(0); } return(1); @@ -167,7 +167,7 @@ static int win32_unload(DSO *dso) DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE); return(0); } - if(!FreeLibrary(p)) + if(!OPENSSL_freeLibrary(p)) { DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED); /* We should push the value back onto the stack in @@ -176,7 +176,7 @@ static int win32_unload(DSO *dso) return(0); } /* Cleanup */ - Free(p); + OPENSSL_free(p); return(1); } diff --git a/crypto/err/err.c b/crypto/err/err.c index 2e106a5deacc1..58c918d1dadd6 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -230,7 +230,7 @@ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; static void build_SYS_str_reasons() { - /* Malloc cannot be used here, use static storage instead */ + /* OPENSSL_malloc cannot be used here, use static storage instead */ static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; int i; @@ -267,7 +267,7 @@ static void build_SYS_str_reasons() if (((p)->err_data[i] != NULL) && \ (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ { \ - Free((p)->err_data[i]); \ + OPENSSL_free((p)->err_data[i]); \ (p)->err_data[i]=NULL; \ } \ (p)->err_data_flags[i]=0; @@ -283,7 +283,7 @@ static void ERR_STATE_free(ERR_STATE *s) { err_clear_data(s,i); } - Free(s); + OPENSSL_free(s); } void ERR_load_ERR_strings(void) @@ -687,7 +687,7 @@ ERR_STATE *ERR_get_state(void) /* ret == the error state, if NULL, make a new one */ if (ret == NULL) { - ret=(ERR_STATE *)Malloc(sizeof(ERR_STATE)); + ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); if (ret == NULL) return(&fallback); ret->pid=pid; ret->top=0; @@ -757,7 +757,7 @@ void ERR_add_error_data(int num, ...) char *str,*p,*a; s=64; - str=Malloc(s+1); + str=OPENSSL_malloc(s+1); if (str == NULL) return; str[0]='\0'; @@ -773,10 +773,10 @@ void ERR_add_error_data(int num, ...) if (n > s) { s=n+20; - p=Realloc(str,s+1); + p=OPENSSL_realloc(str,s+1); if (p == NULL) { - Free(str); + OPENSSL_free(str); return; } else diff --git a/crypto/err/err.h b/crypto/err/err.h index e9eee99591da6..3b1b980d4fa94 100644 --- a/crypto/err/err.h +++ b/crypto/err/err.h @@ -61,6 +61,7 @@ #ifndef NO_FP_API #include +#include #endif #ifdef __cplusplus diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c index e76387eaece4d..a275ef4c7d0a1 100644 --- a/crypto/evp/bio_b64.c +++ b/crypto/evp/bio_b64.c @@ -113,7 +113,7 @@ static int b64_new(BIO *bi) { BIO_B64_CTX *ctx; - ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX)); + ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -133,7 +133,7 @@ static int b64_new(BIO *bi) static int b64_free(BIO *a) { if (a == NULL) return(0); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 1b7a21010c623..129e2e30a4086 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -105,7 +105,7 @@ static int enc_new(BIO *bi) { BIO_ENC_CTX *ctx; - ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX)); + ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX)); EVP_CIPHER_CTX_init(&ctx->cipher); if (ctx == NULL) return(0); @@ -129,7 +129,7 @@ static int enc_free(BIO *a) b=(BIO_ENC_CTX *)a->ptr; EVP_CIPHER_CTX_cleanup(&(b->cipher)); memset(a->ptr,0,sizeof(BIO_ENC_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index f21319c04edf7..194555be4e19d 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -96,7 +96,7 @@ static int md_new(BIO *bi) { EVP_MD_CTX *ctx; - ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX)); + ctx=(EVP_MD_CTX *)OPENSSL_malloc(sizeof(EVP_MD_CTX)); if (ctx == NULL) return(0); bi->init=0; @@ -108,7 +108,7 @@ static int md_new(BIO *bi) static int md_free(BIO *a) { if (a == NULL) return(0); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 4f9b703a36a65..a358aadbaf9d9 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -187,7 +187,7 @@ static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - ctx=(BIO_OK_CTX *)Malloc(sizeof(BIO_OK_CTX)); + ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -209,7 +209,7 @@ static int ok_free(BIO *a) { if (a == NULL) return(0); memset(a->ptr,0,sizeof(BIO_OK_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c index 5f6b0f933f855..72047f64dabb0 100644 --- a/crypto/evp/e_bf.c +++ b/crypto/evp/e_bf.c @@ -63,15 +63,15 @@ #include "evp_locl.h" #include -static int bf_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8, 0, bf_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -static int bf_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key); return 1; diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c index e0a9430b134b1..e5af7fb4eddc8 100644 --- a/crypto/evp/e_cast.c +++ b/crypto/evp/e_cast.c @@ -64,16 +64,16 @@ #include #include "evp_locl.h" -static int cast_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks, NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8, EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -static int cast_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key); return 1; diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index 485133a234345..f4e998b81c8a6 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -63,33 +63,39 @@ #include #include "evp_locl.h" -static int des_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ -static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt); return 1; } -static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num); return 1; } -static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { - des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, ctx->encrypt); + des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, + (des_cblock *)ctx->iv, ctx->encrypt); return 1; } -static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { - des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); + des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, + (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); return 1; } @@ -100,8 +106,8 @@ BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8, NULL) -static int des_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index c11c2b6856969..a9aba4ae700e2 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -63,15 +63,16 @@ #include #include "evp_locl.h" -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */ -static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), @@ -80,7 +81,8 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned return 1; } -static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ede3_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, @@ -88,7 +90,8 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned return 1; } -static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ede3_cbc_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, @@ -96,7 +99,8 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned return 1; } -static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ede3_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, @@ -124,8 +128,8 @@ BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8, EVP_CIPHER_get_asn1_iv, NULL) -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; @@ -137,8 +141,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, return 1; } -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index c643a063a6580..8d3c88deb710f 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -64,14 +64,15 @@ #include #include "evp_locl.h" -static int idea_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); /* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special * case */ -static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks); @@ -88,8 +89,8 @@ BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8, 0, idea_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -static int idea_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { if(!enc) { if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1; diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c index d507337df6438..e0702cf818eeb 100644 --- a/crypto/evp/e_null.c +++ b/crypto/evp/e_null.c @@ -61,10 +61,10 @@ #include #include -static int null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); + const unsigned char *in, unsigned int inl); static EVP_CIPHER n_cipher= { NID_undef, @@ -84,15 +84,15 @@ EVP_CIPHER *EVP_enc_null(void) return(&n_cipher); } -static int null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { memset(&(ctx->c),0,sizeof(ctx->c)); return 1; } static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + const unsigned char *in, unsigned int inl) { if (in != out) memcpy((char *)out,(char *)in,(int)inl); diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c index 4c3bf1e64993a..3955c3ef848e8 100644 --- a/crypto/evp/e_rc2.c +++ b/crypto/evp/e_rc2.c @@ -64,18 +64,21 @@ #include #include "evp_locl.h" -static int rc2_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); -static int rc2_meth_to_magic(const EVP_CIPHER *e); -static EVP_CIPHER *rc2_magic_to_meth(int i); +static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); +static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx); +static int rc2_magic_to_meth(int i); static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); +static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2, 8, EVP_RC2_KEY_SIZE, 8, - EVP_CIPH_VARIABLE_LENGTH, rc2_init_key, NULL, - rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, NULL) + EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + rc2_init_key, NULL, + rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, + rc2_ctrl) #define RC2_40_MAGIC 0xa0 #define RC2_64_MAGIC 0x78 @@ -85,7 +88,7 @@ static EVP_CIPHER r2_64_cbc_cipher= { NID_rc2_64_cbc, 8,8 /* 64 bit */,8, - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH, + EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, rc2_init_key, rc2_cbc_cipher, NULL, @@ -93,7 +96,7 @@ static EVP_CIPHER r2_64_cbc_cipher= sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)), rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, - NULL, + rc2_ctrl, NULL }; @@ -101,7 +104,7 @@ static EVP_CIPHER r2_40_cbc_cipher= { NID_rc2_40_cbc, 8,5 /* 40 bit */,8, - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH, + EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, rc2_init_key, rc2_cbc_cipher, NULL, @@ -109,7 +112,7 @@ static EVP_CIPHER r2_40_cbc_cipher= sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)), rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, - NULL, + rc2_ctrl, NULL }; @@ -123,34 +126,34 @@ EVP_CIPHER *EVP_rc2_40_cbc(void) return(&r2_40_cbc_cipher); } -static int rc2_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx), - key,EVP_CIPHER_key_length(ctx->cipher)*8); + key,ctx->c.rc2.key_bits); return 1; } -static int rc2_meth_to_magic(const EVP_CIPHER *e) +static int rc2_meth_to_magic(EVP_CIPHER_CTX *e) { int i; - i=EVP_CIPHER_key_length(e); - if (i == 16) return(RC2_128_MAGIC); - else if (i == 8) return(RC2_64_MAGIC); - else if (i == 5) return(RC2_40_MAGIC); + EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i); + if (i == 128) return(RC2_128_MAGIC); + else if (i == 64) return(RC2_64_MAGIC); + else if (i == 40) return(RC2_40_MAGIC); else return(0); } -static EVP_CIPHER *rc2_magic_to_meth(int i) +static int rc2_magic_to_meth(int i) { - if (i == RC2_128_MAGIC) return(EVP_rc2_cbc()); - else if (i == RC2_64_MAGIC) return(EVP_rc2_64_cbc()); - else if (i == RC2_40_MAGIC) return(EVP_rc2_40_cbc()); + if (i == RC2_128_MAGIC) return 128; + else if (i == RC2_64_MAGIC) return 64; + else if (i == RC2_40_MAGIC) return 40; else { EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE); - return(NULL); + return(0); } } @@ -158,25 +161,21 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { long num=0; int i=0,l; - EVP_CIPHER *e; + int key_bits; + unsigned char iv[EVP_MAX_IV_LENGTH]; if (type != NULL) { l=EVP_CIPHER_CTX_iv_length(c); - i=ASN1_TYPE_get_int_octetstring(type,&num,c->oiv,l); + i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); if (i != l) return(-1); - else if (i > 0) - memcpy(c->iv,c->oiv,l); - e=rc2_magic_to_meth((int)num); - if (e == NULL) + key_bits =rc2_magic_to_meth((int)num); + if (!key_bits) return(-1); - if (e != EVP_CIPHER_CTX_cipher(c)) - { - EVP_CIPHER_CTX_cipher(c)=e; - EVP_CIPHER_CTX_set_key_length(c, EVP_CIPHER_key_length(c)); - rc2_init_key(c,NULL,NULL,1); - } + if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1); + EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL); + EVP_CIPHER_CTX_set_key_length(c, key_bits / 8); } return(i); } @@ -188,11 +187,36 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (type != NULL) { - num=rc2_meth_to_magic(EVP_CIPHER_CTX_cipher(c)); + num=rc2_meth_to_magic(c); j=EVP_CIPHER_CTX_iv_length(c); i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j); } return(i); } +static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { + switch(type) { + + case EVP_CTRL_INIT: + c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8; + return 1; + + case EVP_CTRL_GET_RC2_KEY_BITS: + *(int *)ptr = c->c.rc2.key_bits; + return 1; + + + case EVP_CTRL_SET_RC2_KEY_BITS: + if(arg > 0) { + c->c.rc2.key_bits = arg; + return 1; + } + return 0; + + default: + return -1; + } + } + #endif diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c index 42839aef6bcf8..1c1e3b38575a3 100644 --- a/crypto/evp/e_rc4.c +++ b/crypto/evp/e_rc4.c @@ -63,10 +63,10 @@ #include #include -static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); + const unsigned char *in, unsigned int inl); static EVP_CIPHER r4_cipher= { NID_rc4, @@ -107,8 +107,8 @@ EVP_CIPHER *EVP_rc4_40(void) return(&r4_40_cipher); } -static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx)); RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx), @@ -117,7 +117,7 @@ static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, } static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + const unsigned char *in, unsigned int inl) { RC4(&(ctx->c.rc4.ks),inl,in,out); return 1; diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c index 3998e0c6c820a..5885f1826b2a0 100644 --- a/crypto/evp/e_rc5.c +++ b/crypto/evp/e_rc5.c @@ -64,55 +64,55 @@ #include #include "evp_locl.h" -static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); +static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, rc5.ks, RC5_32, rc5, NID_rc5, 8, EVP_RC5_32_12_16_KEY_SIZE, 8, - 0, r_32_12_16_init_key, NULL, - NULL, NULL, NULL) + EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + r_32_12_16_init_key, NULL, + NULL, NULL, rc5_ctrl) -#if 0 -static int r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); -static EVP_CIPHER rc5_32_12_16_cbc_cipher= - { - NID_rc5_cbc, - 8,EVP_RC5_32_12_16_KEY_SIZE,8, - EVP_CIPH_CBC_MODE, - r_32_12_16_cbc_init_key, - r_32_12_16_cbc_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5)), - NULL, - NULL, - NULL - }; -EVP_CIPHER *EVP_rc5_32_12_16_cbc(void) - { - return(&rc5_32_12_16_cbc_cipher); - } -#endif - -static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) + +static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { - RC5_32_set_key(&(ctx->c.rc5.ks),EVP_RC5_32_12_16_KEY_SIZE, - key,RC5_12_ROUNDS); - return 1; + switch(type) { + + case EVP_CTRL_INIT: + c->c.rc5.rounds = RC5_12_ROUNDS; + return 1; + + case EVP_CTRL_GET_RC5_ROUNDS: + *(int *)ptr = c->c.rc5.rounds; + return 1; + + + case EVP_CTRL_SET_RC5_ROUNDS: + switch(arg) { + case RC5_8_ROUNDS: + case RC5_12_ROUNDS: + case RC5_16_ROUNDS: + c->c.rc5.rounds = arg; + return 1; + + default: + EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); + return 0; + } + + default: + return -1; + } } -#if 0 -static int r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + +static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { - RC5_32_cbc_encrypt( - in,out,(long)inl, - &(ctx->c.rc5.ks),&(ctx->iv[0]), - ctx->encrypt); + RC5_32_set_key(&(ctx->c.rc5.ks),EVP_CIPHER_CTX_key_length(ctx), + key,ctx->c.rc5.rounds); return 1; } -#endif #endif diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c index e5dcdebe16f62..e5b15acc7d417 100644 --- a/crypto/evp/e_xcbc_d.c +++ b/crypto/evp/e_xcbc_d.c @@ -62,10 +62,10 @@ #include #include -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); + const unsigned char *in, unsigned int inl); static EVP_CIPHER d_xcbc_cipher= { NID_desx_cbc, @@ -86,8 +86,8 @@ EVP_CIPHER *EVP_desx_cbc(void) return(&d_xcbc_cipher); } -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; @@ -99,7 +99,7 @@ static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, } static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + const unsigned char *in, unsigned int inl) { des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks, (des_cblock *)&(ctx->iv[0]), diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index abb1490b81525..56a7e081899e9 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -328,8 +328,10 @@ struct evp_cipher_st int key_len; /* Default value for variable length ciphers */ int iv_len; unsigned long flags; /* Various flags */ - int (*init)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, int); /* init key */ - int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, unsigned int);/* encrypt/decrypt data */ + int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); /* init key */ + int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */ int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ int ctx_size; /* how big the ctx needs to be */ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ @@ -589,6 +591,7 @@ void ERR_load_EVP_strings(void ); void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); #ifdef HEADER_BIO_H BIO_METHOD *BIO_f_md(void); @@ -738,6 +741,7 @@ void EVP_PBE_cleanup(void); /* Function codes. */ #define EVP_F_D2I_PKEY 100 #define EVP_F_EVP_CIPHERINIT 123 +#define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 #define EVP_F_EVP_DECRYPTFINAL 101 #define EVP_F_EVP_MD_CTX_COPY 110 @@ -759,12 +763,15 @@ void EVP_PBE_cleanup(void); #define EVP_F_PKCS5_PBE_KEYIVGEN 117 #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 #define EVP_F_RC2_MAGIC_TO_METH 109 +#define EVP_F_RC5_CTRL 125 /* Reason codes. */ #define EVP_R_BAD_DECRYPT 100 #define EVP_R_BN_DECODE_ERROR 112 #define EVP_R_BN_PUBKEY_ERROR 113 #define EVP_R_CIPHER_PARAMETER_ERROR 122 +#define EVP_R_CTRL_NOT_IMPLEMENTED 132 +#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 #define EVP_R_ENCODE_ERROR 115 @@ -772,6 +779,7 @@ void EVP_PBE_cleanup(void); #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DSA_KEY 129 +#define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INPUT_NOT_INITIALIZED 111 #define EVP_R_INVALID_KEY_LENGTH 130 #define EVP_R_IV_TOO_LARGE 102 @@ -784,6 +792,7 @@ void EVP_PBE_cleanup(void); #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 +#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 #define EVP_R_UNSUPPORTED_CIPHER 107 #define EVP_R_UNSUPPORTED_KEYLENGTH 123 #define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124 diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 4bf3a565a70a7..e2687f9879ddf 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -73,10 +73,16 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, unsigned char *key, unsigned char *iv, int enc) { - if(enc) enc = 1; + if(enc && (enc != -1)) enc = 1; if (cipher) { ctx->cipher=cipher; ctx->key_len = cipher->key_len; + if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { + if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { + EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); + return 0; + } + } } else if(!ctx->cipher) { EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); return 0; @@ -108,7 +114,7 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; } - ctx->encrypt=enc; + if(enc != -1) ctx->encrypt=enc; ctx->buf_len=0; return 1; } @@ -301,6 +307,8 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) { + if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) + return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); if(c->key_len == keylen) return 1; if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { @@ -310,3 +318,24 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH); return 0; } + +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) +{ + int ret; + if(!ctx->cipher) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); + return 0; + } + + if(!ctx->cipher->ctrl) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); + return 0; + } + + ret = ctx->cipher->ctrl(ctx, type, arg, ptr); + if(ret == -1) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); + return 0; + } + return ret; +} diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index d48d9442b2b8c..a01412a07c76e 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -68,6 +68,7 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, {ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"}, +{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"}, {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"}, {ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, {ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"}, @@ -89,6 +90,7 @@ static ERR_STRING_DATA EVP_str_functs[]= {ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"}, {ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"}, {ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"}, +{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"}, {0,NULL} }; @@ -98,6 +100,8 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_BN_DECODE_ERROR ,"bn decode error"}, {EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"}, {EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"}, +{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"}, +{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"}, {EVP_R_DECODE_ERROR ,"decode error"}, {EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, {EVP_R_ENCODE_ERROR ,"encode error"}, @@ -105,6 +109,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"}, {EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"}, {EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"}, +{EVP_R_INITIALIZATION_ERROR ,"initialization error"}, {EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"}, {EVP_R_INVALID_KEY_LENGTH ,"invalid key length"}, {EVP_R_IV_TOO_LARGE ,"iv too large"}, @@ -117,6 +122,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"}, {EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, {EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"}, +{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"}, {EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, {EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"}, {EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"}, diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index d3a626003f76b..f3414b9a7be58 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -67,7 +67,7 @@ for(i=0; i <= inl; i+=8) \ #define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \ -static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ BLOCK_CIPHER_ecb_loop() \ cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.##kname, ctx->encrypt);\ @@ -75,21 +75,21 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned } #define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \ -static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, &ctx->num);\ return 1;\ } #define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \ -static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, ctx->encrypt);\ return 1;\ } #define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \ -static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, &ctx->num, ctx->encrypt);\ return 1;\ diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 187521eb58d34..229ac673a7bea 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -116,7 +116,7 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, { EVP_PBE_CTL *pbe_tmp; if (!pbe_algs) pbe_algs = sk_new ((int (*)())pbe_cmp); - if (!(pbe_tmp = (EVP_PBE_CTL*) Malloc (sizeof(EVP_PBE_CTL)))) { + if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) { EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE); return 0; } @@ -130,6 +130,6 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, void EVP_PBE_cleanup(void) { - sk_pop_free(pbe_algs, FreeFunc); + sk_pop_free(pbe_algs, OPENSSL_freeFunc); pbe_algs = NULL; } diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 892d1e91daa6d..8df2874f3c564 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -308,7 +308,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); len = i2d_DSAparams (pkey->pkey.dsa, NULL); - if (!(p = Malloc(len))) { + if (!(p = OPENSSL_malloc(len))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free (p8); return 0; @@ -317,7 +317,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) i2d_DSAparams (pkey->pkey.dsa, &q); params = ASN1_STRING_new(); ASN1_STRING_set(params, p, len); - Free(p); + OPENSSL_free(p); /* Get private key into integer */ if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 4cb387f8de1d5..62398ed74dcd9 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -180,7 +180,7 @@ EVP_PKEY *EVP_PKEY_new(void) { EVP_PKEY *ret; - ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY)); + ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); @@ -302,7 +302,7 @@ void EVP_PKEY_free(EVP_PKEY *x) } #endif EVP_PKEY_free_it(x); - Free(x); + OPENSSL_free(x); } static void EVP_PKEY_free_it(EVP_PKEY *x) diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index b9ca7892c2e92..85d5097644a51 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -76,8 +76,13 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, goto err; } + if(type) { + EVP_CIPHER_CTX_init(ctx); + EVP_DecryptInit(ctx,type,NULL,NULL); + } + size=RSA_size(priv->pkey.rsa); - key=(unsigned char *)Malloc(size+2); + key=(unsigned char *)OPENSSL_malloc(size+2); if (key == NULL) { /* ERROR */ @@ -87,18 +92,17 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, } i=EVP_PKEY_decrypt(key,ek,ekl,priv); - if (i != type->key_len) + if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) { /* ERROR */ goto err; } + if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err; - EVP_CIPHER_CTX_init(ctx); - EVP_DecryptInit(ctx,type,key,iv); ret=1; err: if (key != NULL) memset(key,0,size); - Free(key); + OPENSSL_free(key); return(ret); } diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c index d449e892bf7f7..47efc0d3d880d 100644 --- a/crypto/evp/p_seal.c +++ b/crypto/evp/p_seal.c @@ -73,17 +73,20 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, int i; if (npubk <= 0) return(0); + if(type) { + EVP_CIPHER_CTX_init(ctx); + EVP_EncryptInit(ctx,type,NULL,NULL); + } if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0) return(0); - if (type->iv_len > 0) - RAND_pseudo_bytes(iv,type->iv_len); + if (EVP_CIPHER_CTX_iv_length(ctx)) + RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); - EVP_CIPHER_CTX_init(ctx); - EVP_EncryptInit(ctx,type,key,iv); + if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0; for (i=0; i #include "idea_lcl.h" -void idea_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt) { register unsigned long tin0,tin1; diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c index dacf3f1be3791..66d49d520eb39 100644 --- a/crypto/idea/i_cfb64.c +++ b/crypto/idea/i_cfb64.c @@ -64,9 +64,9 @@ * 64bit block we have used is contained in *num; */ -void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num, - int encrypt) +void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, IDEA_KEY_SCHEDULE *schedule, + unsigned char *ivec, int *num, int encrypt) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c index 93937d2063533..fb613db595c43 100644 --- a/crypto/idea/i_ecb.c +++ b/crypto/idea/i_ecb.c @@ -70,7 +70,7 @@ const char *idea_options(void) return("idea(short)"); } -void idea_ecb_encrypt(unsigned char *in, unsigned char *out, +void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks) { unsigned long l0,l1,d[2]; diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c index afcbed2d148c4..e749e88e34ae7 100644 --- a/crypto/idea/i_ofb64.c +++ b/crypto/idea/i_ofb64.c @@ -63,8 +63,9 @@ * used. The extra state information to record how much of the * 64bit block we have used is contained in *num; */ -void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num) +void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, IDEA_KEY_SCHEDULE *schedule, + unsigned char *ivec, int *num) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c index bbbda6b5c8729..1c95bc9c7b887 100644 --- a/crypto/idea/i_skey.c +++ b/crypto/idea/i_skey.c @@ -60,7 +60,7 @@ #include "idea_lcl.h" static IDEA_INT inverse(unsigned int xin); -void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks) +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) { int i; register IDEA_INT *kt,*kf,r0,r1,r2; diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h index f5efeae366d9f..f14adf83985e2 100644 --- a/crypto/idea/idea.h +++ b/crypto/idea/idea.h @@ -80,16 +80,16 @@ typedef struct idea_key_st } IDEA_KEY_SCHEDULE; const char *idea_options(void); -void idea_ecb_encrypt(unsigned char *in, unsigned char *out, +void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); -void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks); +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); -void idea_cbc_encrypt(unsigned char *in, unsigned char *out, +void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); -void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, +void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num,int enc); -void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, +void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num); void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); #ifdef __cplusplus diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c index 08138b52c3136..6008781e57990 100644 --- a/crypto/lhash/lh_test.c +++ b/crypto/lhash/lh_test.c @@ -77,7 +77,7 @@ main() if (buf[0] == '\0') break; buf[256]='\0'; i=strlen(buf); - p=Malloc(i+1); + p=OPENSSL_malloc(i+1); memcpy(p,buf,i+1); lh_insert(conf,p); } diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 7eb92a18bca2c..7da14620a478f 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -116,9 +116,9 @@ LHASH *lh_new(unsigned long (*h)(), int (*c)()) LHASH *ret; int i; - if ((ret=(LHASH *)Malloc(sizeof(LHASH))) == NULL) + if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL) goto err0; - if ((ret->b=(LHASH_NODE **)Malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) + if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) goto err1; for (i=0; ib[i]=NULL; @@ -149,7 +149,7 @@ LHASH *lh_new(unsigned long (*h)(), int (*c)()) ret->error=0; return(ret); err1: - Free(ret); + OPENSSL_free(ret); err0: return(NULL); } @@ -168,12 +168,12 @@ void lh_free(LHASH *lh) while (n != NULL) { nn=n->next; - Free(n); + OPENSSL_free(n); n=nn; } } - Free(lh->b); - Free(lh); + OPENSSL_free(lh->b); + OPENSSL_free(lh); } void *lh_insert(LHASH *lh, void *data) @@ -190,7 +190,7 @@ void *lh_insert(LHASH *lh, void *data) if (*rn == NULL) { - if ((nn=(LHASH_NODE *)Malloc(sizeof(LHASH_NODE))) == NULL) + if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) { lh->error++; return(NULL); @@ -233,7 +233,7 @@ void *lh_delete(LHASH *lh, void *data) nn= *rn; *rn=nn->next; ret=nn->data; - Free(nn); + OPENSSL_free(nn); lh->num_delete++; } @@ -329,7 +329,7 @@ static void expand(LHASH *lh) if ((lh->p) >= lh->pmax) { j=(int)lh->num_alloc_nodes*2; - n=(LHASH_NODE **)Realloc(lh->b, + n=(LHASH_NODE **)OPENSSL_realloc(lh->b, (unsigned int)sizeof(LHASH_NODE *)*j); if (n == NULL) { @@ -357,7 +357,7 @@ static void contract(LHASH *lh) lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */ if (lh->p == 0) { - n=(LHASH_NODE **)Realloc(lh->b, + n=(LHASH_NODE **)OPENSSL_realloc(lh->b, (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax)); if (n == NULL) { diff --git a/crypto/mem.c b/crypto/mem.c index 5890e5577406c..3b5b2bbc68145 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -252,8 +252,8 @@ void CRYPTO_free(void *str) void *CRYPTO_remalloc(void *a, int num, const char *file, int line) { - if (a != NULL) Free(a); - a=(char *)Malloc(num); + if (a != NULL) OPENSSL_free(a); + a=(char *)OPENSSL_malloc(num); return(a); } diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index 53b6530113567..866c53e73a927 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -279,7 +279,7 @@ static APP_INFO *pop_info() ret->next = NULL; if (next != NULL) next->references--; - Free(ret); + OPENSSL_free(ret); } } } @@ -295,7 +295,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) { MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - if ((ami = (APP_INFO *)Malloc(sizeof(APP_INFO))) == NULL) + if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL) { ret=0; goto err; @@ -304,7 +304,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) { if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL) { - Free(ami); + OPENSSL_free(ami); ret=0; goto err; } @@ -386,9 +386,9 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, if (is_MemCheck_on()) { MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - if ((m=(MEM *)Malloc(sizeof(MEM))) == NULL) + if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL) { - Free(addr); + OPENSSL_free(addr); MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ return; } @@ -396,8 +396,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, { if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) { - Free(addr); - Free(m); + OPENSSL_free(addr); + OPENSSL_free(m); addr=NULL; goto err; } @@ -445,7 +445,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, { mm->app_info->references--; } - Free(mm); + OPENSSL_free(mm); } err: MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ @@ -481,7 +481,7 @@ void CRYPTO_dbg_free(void *addr, int before_p) { mp->app_info->references--; } - Free(mp); + OPENSSL_free(mp); } MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index d9389a5e5a3a8..aa82a8a07cc13 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -20,6 +20,37 @@ typedef struct name_funcs_st } NAME_FUNCS; DECLARE_STACK_OF(NAME_FUNCS) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_NAME_FUNCS_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_NAME_FUNCS_new_null() sk_new_null() + #define sk_NAME_FUNCS_free(a) sk_free(a) + #define sk_NAME_FUNCS_num(a) sk_num(a) + #define sk_NAME_FUNCS_value(a,b) ((NAME_FUNCS *) \ + sk_value((a),(b))) + #define sk_NAME_FUNCS_set(a,b,c) ((NAME_FUNCS *) \ + sk_set((a),(b),(char *)(c))) + #define sk_NAME_FUNCS_zero(a) sk_zero(a) + #define sk_NAME_FUNCS_push(a,b) sk_push((a),(char *)(b)) + #define sk_NAME_FUNCS_unshift(a,b) sk_unshift((a),(b)) + #define sk_NAME_FUNCS_find(a,b) sk_find((a), (char *)(b)) + #define sk_NAME_FUNCS_delete(a,b) ((NAME_FUNCS *) \ + sk_delete((a),(b))) + #define sk_NAME_FUNCS_delete_ptr(a,b) ((NAME_FUNCS *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_NAME_FUNCS_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_NAME_FUNCS_set_cmp_func(a,b) ((int (*) \ + (const NAME_FUNCS * const *,const NAME_FUNCS * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_NAME_FUNCS_dup(a) sk_dup(a) + #define sk_NAME_FUNCS_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_NAME_FUNCS_shift(a) ((NAME_FUNCS *)sk_shift(a)) + #define sk_NAME_FUNCS_pop(a) ((NAME_FUNCS *)sk_pop(a)) + #define sk_NAME_FUNCS_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ IMPLEMENT_STACK_OF(NAME_FUNCS) static STACK_OF(NAME_FUNCS) *name_funcs_stack; @@ -59,7 +90,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(), int (*cmp_func)(), for (i=sk_NAME_FUNCS_num(name_funcs_stack); ihash_func = lh_strhash; name_funcs->cmp_func = (int (*)())strcmp; name_funcs->free_func = 0; /* NULL is often declared to @@ -156,7 +187,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) alias=type&OBJ_NAME_ALIAS; type&= ~OBJ_NAME_ALIAS; - onp=(OBJ_NAME *)Malloc(sizeof(OBJ_NAME)); + onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME)); if (onp == NULL) { /* ERROR */ @@ -181,7 +212,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) sk_NAME_FUNCS_value(name_funcs_stack,ret->type) ->free_func(ret->name,ret->type,ret->data); } - Free(ret); + OPENSSL_free(ret); } else { @@ -216,7 +247,7 @@ int OBJ_NAME_remove(const char *name, int type) sk_NAME_FUNCS_value(name_funcs_stack,ret->type) ->free_func(ret->name,ret->type,ret->data); } - Free(ret); + OPENSSL_free(ret); return(1); } else @@ -238,7 +269,7 @@ static void names_lh_free(OBJ_NAME *onp, int type) static void name_funcs_free(NAME_FUNCS *ptr) { - Free(ptr); + OPENSSL_free(ptr); } void OBJ_NAME_cleanup(int type) diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index da6df3762ad56..018ad5ef979bf 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -188,7 +188,7 @@ static void cleanup3(ADDED_OBJ *a) { if (--a->obj->nid == 0) ASN1_OBJECT_free(a->obj); - Free(a); + OPENSSL_free(a); } void OBJ_cleanup(void) @@ -220,13 +220,13 @@ int OBJ_add_object(ASN1_OBJECT *obj) if (added == NULL) if (!init_added()) return(0); if ((o=OBJ_dup(obj)) == NULL) goto err; - ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if ((o->length != 0) && (obj->data != NULL)) - ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->sn != NULL) - ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->ln != NULL) - ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); for (i=ADDED_DATA; i<=ADDED_NID; i++) { @@ -237,7 +237,7 @@ int OBJ_add_object(ASN1_OBJECT *obj) aop=(ADDED_OBJ *)lh_insert(added,ao[i]); /* memory leak, buit should not normally matter */ if (aop != NULL) - Free(aop); + OPENSSL_free(aop); } } o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| @@ -246,8 +246,8 @@ int OBJ_add_object(ASN1_OBJECT *obj) return(o->nid); err: for (i=ADDED_DATA; i<=ADDED_NID; i++) - if (ao[i] != NULL) Free(ao[i]); - if (o != NULL) Free(o); + if (ao[i] != NULL) OPENSSL_free(ao[i]); + if (o != NULL) OPENSSL_free(o); return(NID_undef); } @@ -400,7 +400,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) /* Work out total size */ j = ASN1_object_size(0,i,V_ASN1_OBJECT); - if((buf=(unsigned char *)Malloc(j)) == NULL) return NULL; + if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL; p = buf; /* Write out tag+length */ @@ -410,7 +410,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) p=buf; op=d2i_ASN1_OBJECT(NULL,&p,i); - Free(buf); + OPENSSL_free(buf); return op; } @@ -631,7 +631,7 @@ int OBJ_create(char *oid, char *sn, char *ln) i=a2d_ASN1_OBJECT(NULL,0,oid,-1); if (i <= 0) return(0); - if ((buf=(unsigned char *)Malloc(i)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL) { OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE); return(0); @@ -643,7 +643,7 @@ int OBJ_create(char *oid, char *sn, char *ln) ok=OBJ_add_object(op); err: ASN1_OBJECT_free(op); - Free(buf); + OPENSSL_free(buf); return(ok); } diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c index 1a1ba0fc063cf..0c71639ebaff1 100644 --- a/crypto/objects/obj_lib.c +++ b/crypto/objects/obj_lib.c @@ -78,7 +78,7 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); return(NULL); } - r->data=Malloc(o->length); + r->data=OPENSSL_malloc(o->length); if (r->data == NULL) goto err; memcpy(r->data,o->data,o->length); @@ -88,7 +88,7 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) if (o->ln != NULL) { i=strlen(o->ln)+1; - r->ln=ln=Malloc(i); + r->ln=ln=OPENSSL_malloc(i); if (r->ln == NULL) goto err; memcpy(ln,o->ln,i); } @@ -98,7 +98,7 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) char *s; i=strlen(o->sn)+1; - r->sn=s=Malloc(i); + r->sn=s=OPENSSL_malloc(i); if (r->sn == NULL) goto err; memcpy(s,o->sn,i); } @@ -109,9 +109,9 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); if (r != NULL) { - if (ln != NULL) Free(ln); - if (r->data != NULL) Free(r->data); - Free(r); + if (ln != NULL) OPENSSL_free(ln); + if (r->data != NULL) OPENSSL_free(r->data); + OPENSSL_free(r); } return(NULL); } diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index b65239a9200fc..1c5c6dea000e1 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -237,9 +237,9 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe else { /* unknown */ } - if (name != NULL) Free(name); - if (header != NULL) Free(header); - if (data != NULL) Free(data); + if (name != NULL) OPENSSL_free(name); + if (header != NULL) OPENSSL_free(header); + if (data != NULL) OPENSSL_free(data); name=NULL; header=NULL; data=NULL; @@ -268,9 +268,9 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe ret=NULL; } - if (name != NULL) Free(name); - if (header != NULL) Free(header); - if (data != NULL) Free(data); + if (name != NULL) OPENSSL_free(name); + if (header != NULL) OPENSSL_free(header); + if (data != NULL) OPENSSL_free(data); return(ret); } diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index b5e0a650f8ded..a17c3ed57f11f 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -242,9 +242,9 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, return(NULL); } if(check_pem(nm, name)) break; - Free(nm); - Free(header); - Free(data); + OPENSSL_free(nm); + OPENSSL_free(header); + OPENSSL_free(data); } if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err; @@ -289,9 +289,9 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, if (ret == NULL) PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); err: - Free(nm); - Free(header); - Free(data); + OPENSSL_free(nm); + OPENSSL_free(header); + OPENSSL_free(data); return(ret); } @@ -344,7 +344,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, goto err; } /* dzise + 8 bytes are needed */ - data=(unsigned char *)Malloc((unsigned int)dsize+20); + data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); if (data == NULL) { PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); @@ -405,7 +405,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, memset((char *)&ctx,0,sizeof(ctx)); memset(buf,0,PEM_BUFSIZE); memset(data,0,(unsigned int)dsize); - Free(data); + OPENSSL_free(data); return(ret); } @@ -583,7 +583,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; } - buf=(unsigned char *)Malloc(PEM_BUFSIZE*8); + buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8); if (buf == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -603,7 +603,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, } EVP_EncodeFinal(&ctx,buf,&outl); if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; - Free(buf); + OPENSSL_free(buf); if ( (BIO_write(bp,"-----END ",9) != 9) || (BIO_write(bp,name,nlen) != nlen) || (BIO_write(bp,"-----\n",6) != 6)) @@ -784,9 +784,9 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, *header=headerB->data; *data=(unsigned char *)dataB->data; *len=bl; - Free(nameB); - Free(headerB); - Free(dataB); + OPENSSL_free(nameB); + OPENSSL_free(headerB); + OPENSSL_free(dataB); return(1); err: BUF_MEM_free(nameB); diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index 126e29d375d0a..2a6c5133481af 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -84,7 +84,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, j=RSA_size(pubk[i]->pkey.rsa); if (j > max) max=j; } - s=(char *)Malloc(max*2); + s=(char *)OPENSSL_malloc(max*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE); @@ -108,7 +108,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, ret=npubk; err: - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); memset(key,0,EVP_MAX_KEY_LENGTH); return(ret); } @@ -151,7 +151,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, } i=RSA_size(priv->pkey.rsa); if (i < 100) i=100; - s=(unsigned char *)Malloc(i*2); + s=(unsigned char *)OPENSSL_malloc(i*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE); @@ -172,7 +172,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, err: memset((char *)&(ctx->md),0,sizeof(ctx->md)); memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher)); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); return(ret); } #else /* !NO_RSA */ diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c index aabafb702df03..42d598dd78c31 100644 --- a/crypto/pem/pem_sign.c +++ b/crypto/pem/pem_sign.c @@ -82,7 +82,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, int i,ret=0; unsigned int m_len; - m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2); + m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2); if (m == NULL) { PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE); @@ -96,7 +96,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, ret=1; err: /* ctx has been zeroed by EVP_SignFinal() */ - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c index f559351d1834a..b370c9cf3f3f1 100644 --- a/crypto/pkcs12/p12_attr.c +++ b/crypto/pkcs12/p12_attr.c @@ -157,7 +157,7 @@ int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name, return 0; } ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen); - Free(uniname); + OPENSSL_free(uniname); return ret; } @@ -181,7 +181,7 @@ int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, ERR_R_MALLOC_FAILURE); return 0; } - if (!(bmp->data = Malloc (namelen))) { + if (!(bmp->data = OPENSSL_malloc (namelen))) { PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, ERR_R_MALLOC_FAILURE); return 0; diff --git a/crypto/pkcs12/p12_bags.c b/crypto/pkcs12/p12_bags.c index c358b0673553a..56547ef933f37 100644 --- a/crypto/pkcs12/p12_bags.c +++ b/crypto/pkcs12/p12_bags.c @@ -188,5 +188,5 @@ void PKCS12_BAGS_free (PKCS12_BAGS *a) } ASN1_OBJECT_free (a->type); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 778954b99fe50..9ba90bbbdfef4 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -65,7 +65,7 @@ /* Encrypt/Decrypt a buffer based on password and algor, result in a - * Malloc'ed buffer + * OPENSSL_malloc'ed buffer */ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, @@ -83,7 +83,7 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, return NULL; } - if(!(out = Malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { + if(!(out = OPENSSL_malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE); return NULL; } @@ -91,7 +91,7 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, EVP_CipherUpdate (&ctx, out, &i, in, inlen); outlen = i; if(!EVP_CipherFinal (&ctx, out + i, &i)) { - Free (out); + OPENSSL_free (out); PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR); return NULL; } @@ -139,7 +139,7 @@ char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(), else ret = d2i(NULL, &p, outlen); if (seq & 2) memset(out, 0, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); - Free (out); + OPENSSL_free (out); return ret; } @@ -166,7 +166,7 @@ ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(), PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); return NULL; } - if (!(in = Malloc (inlen))) { + if (!(in = OPENSSL_malloc (inlen))) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); return NULL; } @@ -177,10 +177,10 @@ ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(), if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data, &oct->length, 1)) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); - Free(in); + OPENSSL_free(in); return NULL; } - Free (in); + OPENSSL_free (in); return oct; } diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 743b5bd88df7e..b042dcf05c959 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -92,7 +92,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, id, iter, n, out, md_type); if(unipass) { memset(unipass, 0, uniplen); /* Clear password from memory */ - Free(unipass); + OPENSSL_free(unipass); } return ret; } @@ -128,14 +128,14 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, #endif v = EVP_MD_block_size (md_type); u = EVP_MD_size (md_type); - D = Malloc (v); - Ai = Malloc (u); - B = Malloc (v + 1); + D = OPENSSL_malloc (v); + Ai = OPENSSL_malloc (u); + B = OPENSSL_malloc (v + 1); Slen = v * ((saltlen+v-1)/v); if(passlen) Plen = v * ((passlen+v-1)/v); else Plen = 0; Ilen = Slen + Plen; - I = Malloc (Ilen); + I = OPENSSL_malloc (Ilen); Ij = BN_new(); Bpl1 = BN_new(); if (!D || !Ai || !B || !I || !Ij || !Bpl1) { @@ -158,10 +158,10 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, } memcpy (out, Ai, min (n, u)); if (u >= n) { - Free (Ai); - Free (B); - Free (D); - Free (I); + OPENSSL_free (Ai); + OPENSSL_free (B); + OPENSSL_free (D); + OPENSSL_free (I); BN_free (Ij); BN_free (Bpl1); #ifdef DEBUG_KEYGEN diff --git a/crypto/pkcs12/p12_lib.c b/crypto/pkcs12/p12_lib.c index 7ca9c14908a23..7d464e3a32b15 100644 --- a/crypto/pkcs12/p12_lib.c +++ b/crypto/pkcs12/p12_lib.c @@ -107,5 +107,5 @@ void PKCS12_free (PKCS12 *a) M_ASN1_INTEGER_free(a->version); PKCS12_MAC_DATA_free (a->mac); PKCS7_free (a->authsafes); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/pkcs12/p12_mac.c b/crypto/pkcs12/p12_mac.c index f5ab0d6464a04..fbd1eca24ff7b 100644 --- a/crypto/pkcs12/p12_mac.c +++ b/crypto/pkcs12/p12_mac.c @@ -106,5 +106,5 @@ void PKCS12_MAC_DATA_free (PKCS12_MAC_DATA *a) X509_SIG_free (a->dinfo); M_ASN1_OCTET_STRING_free(a->salt); M_ASN1_INTEGER_free(a->iter); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index a335a7b868a09..13d866da51290 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -149,7 +149,7 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, } if (!saltlen) saltlen = PKCS12_SALT_LEN; p12->mac->salt->length = saltlen; - if (!(p12->mac->salt->data = Malloc (saltlen))) { + if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) { PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c index 6ae209693d784..64ac32ee6fdb8 100644 --- a/crypto/pkcs12/p12_sbag.c +++ b/crypto/pkcs12/p12_sbag.c @@ -226,7 +226,7 @@ void PKCS12_SAFEBAG_free (PKCS12_SAFEBAG *a) ASN1_OBJECT_free (a->type); sk_X509_ATTRIBUTE_pop_free (a->attrib, X509_ATTRIBUTE_free); - Free (a); + OPENSSL_free (a); } IMPLEMENT_STACK_OF(PKCS12_SAFEBAG) diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 2adcbc95e1a87..17f41b45496b1 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -67,7 +67,7 @@ unsigned char *asc2uni (const char *asc, unsigned char **uni, int *unilen) int ulen, i; unsigned char *unitmp; ulen = strlen(asc)*2 + 2; - if (!(unitmp = Malloc (ulen))) return NULL; + if (!(unitmp = OPENSSL_malloc (ulen))) return NULL; for (i = 0; i < ulen; i+=2) { unitmp[i] = 0; unitmp[i + 1] = asc[i>>1]; @@ -85,7 +85,7 @@ char *uni2asc (unsigned char *uni, int unilen) /* If no terminating zero allow for one */ if (uni[unilen - 1]) asclen++; uni++; - if (!(asctmp = Malloc (asclen))) return NULL; + if (!(asctmp = OPENSSL_malloc (asclen))) return NULL; for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i]; asctmp[asclen - 1] = 0; return asctmp; diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 4cf92b68eaa1c..1e0dc3e189a0f 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -124,6 +124,37 @@ ASN1_TYPE *rest; } PKCS12_SAFEBAG; DECLARE_STACK_OF(PKCS12_SAFEBAG) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS12_SAFEBAG_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS12_SAFEBAG_new_null() sk_new_null() + #define sk_PKCS12_SAFEBAG_free(a) sk_free(a) + #define sk_PKCS12_SAFEBAG_num(a) sk_num(a) + #define sk_PKCS12_SAFEBAG_value(a,b) ((PKCS12_SAFEBAG *) \ + sk_value((a),(b))) + #define sk_PKCS12_SAFEBAG_set(a,b,c) ((PKCS12_SAFEBAG *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS12_SAFEBAG_zero(a) sk_zero(a) + #define sk_PKCS12_SAFEBAG_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS12_SAFEBAG_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS12_SAFEBAG_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS12_SAFEBAG_delete(a,b) ((PKCS12_SAFEBAG *) \ + sk_delete((a),(b))) + #define sk_PKCS12_SAFEBAG_delete_ptr(a,b) ((PKCS12_SAFEBAG *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS12_SAFEBAG_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS12_SAFEBAG_set_cmp_func(a,b) ((int (*) \ + (const PKCS12_SAFEBAG * const *,const PKCS12_SAFEBAG * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS12_SAFEBAG_dup(a) sk_dup(a) + #define sk_PKCS12_SAFEBAG_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS12_SAFEBAG_shift(a) ((PKCS12_SAFEBAG *)sk_shift(a)) + #define sk_PKCS12_SAFEBAG_pop(a) ((PKCS12_SAFEBAG *)sk_pop(a)) + #define sk_PKCS12_SAFEBAG_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG) DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG) diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c index 4803966fd2b1e..5447e69818619 100644 --- a/crypto/pkcs7/bio_ber.c +++ b/crypto/pkcs7/bio_ber.c @@ -128,7 +128,7 @@ static int ber_new(BIO *bi) { BIO_BER_CTX *ctx; - ctx=(BIO_BER_CTX *)Malloc(sizeof(BIO_BER_CTX)); + ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX)); if (ctx == NULL) return(0); memset((char *)ctx,0,sizeof(BIO_BER_CTX)); @@ -146,7 +146,7 @@ static int ber_free(BIO *a) if (a == NULL) return(0); b=(BIO_BER_CTX *)a->ptr; memset(a->ptr,0,sizeof(BIO_BER_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c index f22a708358d38..6ae264cbf98e6 100644 --- a/crypto/pkcs7/pk7_attr.c +++ b/crypto/pkcs7/pk7_attr.c @@ -23,7 +23,7 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR, V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(pp=(unsigned char *)Malloc(len))) { + if(!(pp=(unsigned char *)OPENSSL_malloc(len))) { PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); return 0; } @@ -38,7 +38,7 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); return 0; } - Free (pp); + OPENSSL_free (pp); return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, V_ASN1_SEQUENCE, seq); } diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index d93b27e7376e6..7acd11e057d78 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -189,7 +189,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) EVP_PKEY_free(pkey); if (max < jj) max=jj; } - if ((tmp=(unsigned char *)Malloc(max)) == NULL) + if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE); goto err; @@ -203,12 +203,12 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) if (jj <= 0) { PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB); - Free(tmp); + OPENSSL_free(tmp); goto err; } M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); } - Free(tmp); + OPENSSL_free(tmp); memset(key, 0, keylen); if (out == NULL) @@ -374,7 +374,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } jj=EVP_PKEY_size(pkey); - tmp=(unsigned char *)Malloc(jj+10); + tmp=(unsigned char *)OPENSSL_malloc(jj+10); if (tmp == NULL) { PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE); @@ -456,7 +456,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) out=NULL; } if (tmp != NULL) - Free(tmp); + OPENSSL_free(tmp); return(out); } @@ -578,13 +578,13 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL, i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - pp=(unsigned char *)Malloc(x); + pp=(unsigned char *)OPENSSL_malloc(x); p=pp; i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p, i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); EVP_SignUpdate(&ctx_tmp,pp,x); - Free(pp); + OPENSSL_free(pp); pp=NULL; } @@ -627,7 +627,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) (unsigned char *)buf_mem->data,buf_mem->length); #endif } - if (pp != NULL) Free(pp); + if (pp != NULL) OPENSSL_free(pp); pp=NULL; ret=1; @@ -772,13 +772,13 @@ for (ii=0; iienc_digest; diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index 3049e0adb12d8..7c6649cc1475b 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -74,6 +74,38 @@ char *param_name; /* Param name e.g. "micalg" */ char *param_value; /* Param value e.g. "sha1" */ } MIME_PARAM; +DECLARE_STACK_OF(MIME_PARAM) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_MIME_PARAM_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_MIME_PARAM_new_null() sk_new_null() + #define sk_MIME_PARAM_free(a) sk_free(a) + #define sk_MIME_PARAM_num(a) sk_num(a) + #define sk_MIME_PARAM_value(a,b) ((MIME_PARAM *) \ + sk_value((a),(b))) + #define sk_MIME_PARAM_set(a,b,c) ((MIME_PARAM *) \ + sk_set((a),(b),(char *)(c))) + #define sk_MIME_PARAM_zero(a) sk_zero(a) + #define sk_MIME_PARAM_push(a,b) sk_push((a),(char *)(b)) + #define sk_MIME_PARAM_unshift(a,b) sk_unshift((a),(b)) + #define sk_MIME_PARAM_find(a,b) sk_find((a), (char *)(b)) + #define sk_MIME_PARAM_delete(a,b) ((MIME_PARAM *) \ + sk_delete((a),(b))) + #define sk_MIME_PARAM_delete_ptr(a,b) ((MIME_PARAM *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_MIME_PARAM_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_MIME_PARAM_set_cmp_func(a,b) ((int (*) \ + (const MIME_PARAM * const *,const MIME_PARAM * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_MIME_PARAM_dup(a) sk_dup(a) + #define sk_MIME_PARAM_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_MIME_PARAM_shift(a) ((MIME_PARAM *)sk_shift(a)) + #define sk_MIME_PARAM_pop(a) ((MIME_PARAM *)sk_pop(a)) + #define sk_MIME_PARAM_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ IMPLEMENT_STACK_OF(MIME_PARAM) typedef struct { @@ -82,6 +114,38 @@ char *value; /* Value of line e.g. "text/plain" */ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ } MIME_HEADER; +DECLARE_STACK_OF(MIME_HEADER) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_MIME_HEADER_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_MIME_HEADER_new_null() sk_new_null() + #define sk_MIME_HEADER_free(a) sk_free(a) + #define sk_MIME_HEADER_num(a) sk_num(a) + #define sk_MIME_HEADER_value(a,b) ((MIME_HEADER *) \ + sk_value((a),(b))) + #define sk_MIME_HEADER_set(a,b,c) ((MIME_HEADER *) \ + sk_set((a),(b),(char *)(c))) + #define sk_MIME_HEADER_zero(a) sk_zero(a) + #define sk_MIME_HEADER_push(a,b) sk_push((a),(char *)(b)) + #define sk_MIME_HEADER_unshift(a,b) sk_unshift((a),(b)) + #define sk_MIME_HEADER_find(a,b) sk_find((a), (char *)(b)) + #define sk_MIME_HEADER_delete(a,b) ((MIME_HEADER *) \ + sk_delete((a),(b))) + #define sk_MIME_HEADER_delete_ptr(a,b) ((MIME_HEADER *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_MIME_HEADER_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_MIME_HEADER_set_cmp_func(a,b) ((int (*) \ + (const MIME_HEADER * const *,const MIME_HEADER * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_MIME_HEADER_dup(a) sk_dup(a) + #define sk_MIME_HEADER_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_MIME_HEADER_shift(a) ((MIME_HEADER *)sk_shift(a)) + #define sk_MIME_HEADER_pop(a) ((MIME_HEADER *)sk_pop(a)) + #define sk_MIME_HEADER_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ IMPLEMENT_STACK_OF(MIME_HEADER) static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); @@ -92,8 +156,10 @@ static char * strip_end(char *name); static MIME_HEADER *mime_hdr_new(char *name, char *value); static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value); static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio); -static int mime_hdr_cmp(MIME_HEADER **a, MIME_HEADER **b); -static int mime_param_cmp(MIME_PARAM **a, MIME_PARAM **b); +static int mime_hdr_cmp(const MIME_HEADER * const *a, + const MIME_HEADER * const *b); +static int mime_param_cmp(const MIME_PARAM * const *a, + const MIME_PARAM * const *b); static void mime_param_free(MIME_PARAM *param); static int mime_bound_check(char *line, int linelen, char *bound, int blen); static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); @@ -575,7 +641,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } } else tmpval = NULL; - mhdr = (MIME_HEADER *) Malloc(sizeof(MIME_HEADER)); + mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER)); if(!mhdr) return NULL; mhdr->name = tmpname; mhdr->value = tmpval; @@ -604,7 +670,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) if(!tmpval) return 0; } else tmpval = NULL; /* Parameter values are case sensitive so leave as is */ - mparam = (MIME_PARAM *) Malloc(sizeof(MIME_PARAM)); + mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM)); if(!mparam) return 0; mparam->param_name = tmpname; mparam->param_value = tmpval; @@ -612,12 +678,14 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) return 1; } -static int mime_hdr_cmp(MIME_HEADER **a, MIME_HEADER **b) +static int mime_hdr_cmp(const MIME_HEADER * const *a, + const MIME_HEADER * const *b) { return(strcmp((*a)->name, (*b)->name)); } -static int mime_param_cmp(MIME_PARAM **a, MIME_PARAM **b) +static int mime_param_cmp(const MIME_PARAM * const *a, + const MIME_PARAM * const *b) { return(strcmp((*a)->param_name, (*b)->param_name)); } @@ -646,17 +714,17 @@ static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name) static void mime_hdr_free(MIME_HEADER *hdr) { - if(hdr->name) Free(hdr->name); - if(hdr->value) Free(hdr->value); + if(hdr->name) OPENSSL_free(hdr->name); + if(hdr->value) OPENSSL_free(hdr->value); if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); - Free(hdr); + OPENSSL_free(hdr); } static void mime_param_free(MIME_PARAM *param) { - if(param->param_name) Free(param->param_name); - if(param->param_value) Free(param->param_value); - Free(param); + if(param->param_name) OPENSSL_free(param->param_name); + if(param->param_value) OPENSSL_free(param->param_value); + OPENSSL_free(param); } /* Check for a multipart boundary. Returns: diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h index f3f85f57afb3c..9916a3b1d99cb 100644 --- a/crypto/pkcs7/pkcs7.h +++ b/crypto/pkcs7/pkcs7.h @@ -104,6 +104,37 @@ typedef struct pkcs7_signer_info_st } PKCS7_SIGNER_INFO; DECLARE_STACK_OF(PKCS7_SIGNER_INFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS7_SIGNER_INFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS7_SIGNER_INFO_new_null() sk_new_null() + #define sk_PKCS7_SIGNER_INFO_free(a) sk_free(a) + #define sk_PKCS7_SIGNER_INFO_num(a) sk_num(a) + #define sk_PKCS7_SIGNER_INFO_value(a,b) ((PKCS7_SIGNER_INFO *) \ + sk_value((a),(b))) + #define sk_PKCS7_SIGNER_INFO_set(a,b,c) ((PKCS7_SIGNER_INFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS7_SIGNER_INFO_zero(a) sk_zero(a) + #define sk_PKCS7_SIGNER_INFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS7_SIGNER_INFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS7_SIGNER_INFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS7_SIGNER_INFO_delete(a,b) ((PKCS7_SIGNER_INFO *) \ + sk_delete((a),(b))) + #define sk_PKCS7_SIGNER_INFO_delete_ptr(a,b) ((PKCS7_SIGNER_INFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS7_SIGNER_INFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS7_SIGNER_INFO_set_cmp_func(a,b) ((int (*) \ + (const PKCS7_SIGNER_INFO * const *,const PKCS7_SIGNER_INFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS7_SIGNER_INFO_dup(a) sk_dup(a) + #define sk_PKCS7_SIGNER_INFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS7_SIGNER_INFO_shift(a) ((PKCS7_SIGNER_INFO *)sk_shift(a)) + #define sk_PKCS7_SIGNER_INFO_pop(a) ((PKCS7_SIGNER_INFO *)sk_pop(a)) + #define sk_PKCS7_SIGNER_INFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) typedef struct pkcs7_recip_info_st @@ -116,6 +147,37 @@ typedef struct pkcs7_recip_info_st } PKCS7_RECIP_INFO; DECLARE_STACK_OF(PKCS7_RECIP_INFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS7_RECIP_INFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS7_RECIP_INFO_new_null() sk_new_null() + #define sk_PKCS7_RECIP_INFO_free(a) sk_free(a) + #define sk_PKCS7_RECIP_INFO_num(a) sk_num(a) + #define sk_PKCS7_RECIP_INFO_value(a,b) ((PKCS7_RECIP_INFO *) \ + sk_value((a),(b))) + #define sk_PKCS7_RECIP_INFO_set(a,b,c) ((PKCS7_RECIP_INFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS7_RECIP_INFO_zero(a) sk_zero(a) + #define sk_PKCS7_RECIP_INFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS7_RECIP_INFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS7_RECIP_INFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS7_RECIP_INFO_delete(a,b) ((PKCS7_RECIP_INFO *) \ + sk_delete((a),(b))) + #define sk_PKCS7_RECIP_INFO_delete_ptr(a,b) ((PKCS7_RECIP_INFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS7_RECIP_INFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS7_RECIP_INFO_set_cmp_func(a,b) ((int (*) \ + (const PKCS7_RECIP_INFO * const *,const PKCS7_RECIP_INFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS7_RECIP_INFO_dup(a) sk_dup(a) + #define sk_PKCS7_RECIP_INFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS7_RECIP_INFO_shift(a) ((PKCS7_RECIP_INFO *)sk_shift(a)) + #define sk_PKCS7_RECIP_INFO_pop(a) ((PKCS7_RECIP_INFO *)sk_pop(a)) + #define sk_PKCS7_RECIP_INFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) typedef struct pkcs7_signed_st @@ -214,6 +276,37 @@ typedef struct pkcs7_st } PKCS7; DECLARE_STACK_OF(PKCS7) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS7_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS7_new_null() sk_new_null() + #define sk_PKCS7_free(a) sk_free(a) + #define sk_PKCS7_num(a) sk_num(a) + #define sk_PKCS7_value(a,b) ((PKCS7 *) \ + sk_value((a),(b))) + #define sk_PKCS7_set(a,b,c) ((PKCS7 *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS7_zero(a) sk_zero(a) + #define sk_PKCS7_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS7_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS7_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS7_delete(a,b) ((PKCS7 *) \ + sk_delete((a),(b))) + #define sk_PKCS7_delete_ptr(a,b) ((PKCS7 *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS7_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS7_set_cmp_func(a,b) ((int (*) \ + (const PKCS7 * const *,const PKCS7 * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS7_dup(a) sk_dup(a) + #define sk_PKCS7_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS7_shift(a) ((PKCS7 *)sk_shift(a)) + #define sk_PKCS7_pop(a) ((PKCS7 *)sk_pop(a)) + #define sk_PKCS7_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS7) DECLARE_PKCS12_STACK_OF(PKCS7) diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl index 2d4541f78edcc..d9e0b3782dd1c 100644 --- a/crypto/rand/Makefile.ssl +++ b/crypto/rand/Makefile.ssl @@ -22,8 +22,8 @@ TEST= randtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c -LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o +LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c rand_win.c +LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o rand_win.o SRC= $(LIBSRC) diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index da4258c479ca1..88a608ae36b16 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -109,9 +109,9 @@ * */ -#define ENTROPY_NEEDED 16 /* require 128 bits = 16 bytes of randomness */ +#define ENTROPY_NEEDED 20 /* require 160 bits = 20 bytes of randomness */ -#ifndef MD_RAND_DEBUG +#ifdef MD_RAND_DEBUG # ifndef NDEBUG # define NDEBUG # endif @@ -359,7 +359,7 @@ static void ssleay_rand_seed(const void *buf, int num) ssleay_rand_add(buf, num, num); } -static void ssleay_rand_initialize(void) +static void ssleay_rand_initialize(void) /* not exported in RAND_METHOD */ { unsigned long l; #ifndef GETPID_IS_MEANINGLESS @@ -411,6 +411,7 @@ static void ssleay_rand_initialize(void) static int ssleay_rand_bytes(unsigned char *buf, int num) { + static volatile int stirred_pool = 0; int i,j,k,st_num,st_idx; int ok; long md_c[2]; @@ -419,6 +420,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #ifndef GETPID_IS_MEANINGLESS pid_t curr_pid = getpid(); #endif + int do_stir_pool = 0; #ifdef PREDICT if (rand_predictable) @@ -455,6 +457,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) if (!initialized) ssleay_rand_initialize(); + if (!stirred_pool) + do_stir_pool = 1; + ok = (entropy >= ENTROPY_NEEDED); if (!ok) { @@ -464,12 +469,42 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) * Once we've had enough initial seeding we don't bother to * adjust the entropy count, though, because we're not ambitious * to provide *information-theoretic* randomness. + * + * NOTE: This approach fails if the program forks before + * we have enough entropy. Entropy should be collected + * in a separate input pool and be transferred to the + * output pool only when the entropy limit has been reached. */ entropy -= num; if (entropy < 0) entropy = 0; } + if (do_stir_pool) + { + /* Our output function chains only half of 'md', so we better + * make sure that the required entropy gets 'evenly distributed' + * through 'state', our randomness pool. The input function + * (ssleay_rand_add) chains all of 'md', which makes it more + * suitable for this purpose. + */ + + int n = STATE_SIZE; /* so that the complete pool gets accessed */ + while (n > 0) + { +#if MD_DIGEST_LENGTH > 20 +# error "Please adjust DUMMY_SEED." +#endif +#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */ + /* Note that the seed does not matter, it's just that + * ssleay_rand_add expects to have something to hash. */ + ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0); + n -= MD_DIGEST_LENGTH; + } + if (ok) + stirred_pool = 1; + } + st_idx=state_index; st_num=state_num; md_c[0] = md_count[0]; @@ -571,142 +606,3 @@ static int ssleay_rand_status(void) return ret; } - -#ifdef WINDOWS -#include -#include - -int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) - { - double add_entropy=0; - SYSTEMTIME t; - - switch (iMsg) - { - case WM_KEYDOWN: - { - static WPARAM key; - if (key != wParam) - add_entropy = 0.05; - key = wParam; - } - break; - case WM_MOUSEMOVE: - { - static int lastx,lasty,lastdx,lastdy; - int x,y,dx,dy; - - x=LOWORD(lParam); - y=HIWORD(lParam); - dx=lastx-x; - dy=lasty-y; - if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0) - add_entropy=.2; - lastx=x, lasty=y; - lastdx=dx, lastdy=dy; - } - break; - } - - GetSystemTime(&t); - RAND_add(&iMsg, sizeof(iMsg), add_entropy); - RAND_add(&wParam, sizeof(wParam), 0); - RAND_add(&lParam, sizeof(lParam), 0); - RAND_add(&t, sizeof(t), 0); - - return (RAND_status()); - } - -/***************************************************************************** - * Initialisation function for the SSL random generator. Takes the contents - * of the screen as random seed. - * - * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V. - * - * Code adapted from - * ; - * the original copyright message is: - * - * (C) Copyright Microsoft Corp. 1993. All rights reserved. - * - * You have a royalty-free right to use, modify, reproduce and - * distribute the Sample Files (and/or any modified version) in - * any way you find useful, provided that you agree that - * Microsoft has no warranty obligations or liability for any - * Sample Application Files which are modified. - */ -/* - * I have modified the loading of bytes via RAND_seed() mechanism since - * the original would have been very very CPU intensive since RAND_seed() - * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same - * as that to digest 56 bytes. So under the old system, a screen of - * 1024*768*256 would have been CPU cost of approximately 49,000 56 byte MD5 - * digests or digesting 2.7 mbytes. What I have put in place would - * be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes - * or about 3.5 times as much. - * - eric - */ -void RAND_screen(void) -{ - HDC hScrDC; /* screen DC */ - HDC hMemDC; /* memory DC */ - HBITMAP hBitmap; /* handle for our bitmap */ - HBITMAP hOldBitmap; /* handle for previous bitmap */ - BITMAP bm; /* bitmap properties */ - unsigned int size; /* size of bitmap */ - char *bmbits; /* contents of bitmap */ - int w; /* screen width */ - int h; /* screen height */ - int y; /* y-coordinate of screen lines to grab */ - int n = 16; /* number of screen lines to grab at a time */ - - /* Create a screen DC and a memory DC compatible to screen DC */ - hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL); - hMemDC = CreateCompatibleDC(hScrDC); - - /* Get screen resolution */ - w = GetDeviceCaps(hScrDC, HORZRES); - h = GetDeviceCaps(hScrDC, VERTRES); - - /* Create a bitmap compatible with the screen DC */ - hBitmap = CreateCompatibleBitmap(hScrDC, w, n); - - /* Select new bitmap into memory DC */ - hOldBitmap = SelectObject(hMemDC, hBitmap); - - /* Get bitmap properties */ - GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm); - size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes; - - bmbits = Malloc(size); - if (bmbits) { - /* Now go through the whole screen, repeatedly grabbing n lines */ - for (y = 0; y < h-n; y += n) - { - unsigned char md[MD_DIGEST_LENGTH]; - - /* Bitblt screen DC to memory DC */ - BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY); - - /* Copy bitmap bits from memory DC to bmbits */ - GetBitmapBits(hBitmap, size, bmbits); - - /* Get the MD5 of the bitmap */ - MD(bmbits,size,md); - - /* Seed the random generator with the MD5 digest */ - RAND_seed(md, MD_DIGEST_LENGTH); - } - - Free(bmbits); - } - - /* Select old bitmap back into memory DC */ - hBitmap = SelectObject(hMemDC, hOldBitmap); - - /* Clean up */ - DeleteObject(hBitmap); - DeleteDC(hMemDC); - DeleteDC(hScrDC); -} -#endif diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index b4b12c2d74479..0e149460f74ed 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -90,6 +90,7 @@ int RAND_write_file(const char *file); const char *RAND_file_name(char *file,int num); int RAND_status(void); int RAND_egd(const char *path); +int RAND_egd_bytes(const char *path,int bytes); void ERR_load_RAND_strings(void); #ifdef __cplusplus diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index 380c7828c3035..02a0d86fa330a 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -64,6 +64,11 @@ int RAND_egd(const char *path) { return(-1); } + +int RAND_egd_bytes(const char *path,int bytes) + { + return(-1); + } #else #include #include OPENSSL_UNISTD @@ -107,4 +112,56 @@ int RAND_egd(const char *path) if (fd != -1) close(fd); return(ret); } + +int RAND_egd_bytes(const char *path,int bytes) + { + int ret = 0; + struct sockaddr_un addr; + int len, num; + int fd = -1; + unsigned char buf[255]; + + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + if (strlen(path) > sizeof(addr.sun_path)) + return (-1); + strcpy(addr.sun_path,path); + len = offsetof(struct sockaddr_un, sun_path) + strlen(path); + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd == -1) return (-1); + if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err; + + while(bytes > 0) + { + buf[0] = 1; + buf[1] = bytes < 255 ? bytes : 255; + write(fd, buf, 2); + if (read(fd, buf, 1) != 1) + { + ret=-1; + goto err; + } + if(buf[0] == 0) + goto err; + num = read(fd, buf, buf[0]); + if (num < 1) + { + ret=-1; + goto err; + } + RAND_seed(buf, num); + if (RAND_status() != 1) + { + ret=-1; + goto err; + } + ret += num; + bytes-=num; + } + err: + if (fd != -1) close(fd); + return(ret); + } + + #endif diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index d01b9852e9473..830d6168e6e82 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -172,7 +172,7 @@ int RAND_write_file(const char *file) { char *tmpf; - tmpf = Malloc(strlen(file) + 4); /* to add ";-1" and a nul */ + tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ if (tmpf) { strcpy(tmpf, file); diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h index 099bc31b66b99..076c0a067ceef 100644 --- a/crypto/rc2/rc2.h +++ b/crypto/rc2/rc2.h @@ -80,17 +80,19 @@ typedef struct rc2_key_st } RC2_KEY; -void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits); -void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key, - int enc); +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); +void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, + int enc); void RC2_encrypt(unsigned long *data,RC2_KEY *key); void RC2_decrypt(unsigned long *data,RC2_KEY *key); -void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int enc); -void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num); +void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num, int enc); +void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num); #ifdef __cplusplus } diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c index 1202184e85eb2..74f48d3d87b3d 100644 --- a/crypto/rc2/rc2_cbc.c +++ b/crypto/rc2/rc2_cbc.c @@ -59,7 +59,7 @@ #include #include "rc2_locl.h" -void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int encrypt) { register unsigned long tin0,tin1; diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c index 7d77b9186ca8b..d3e8c2718a30b 100644 --- a/crypto/rc2/rc2_ecb.c +++ b/crypto/rc2/rc2_ecb.c @@ -70,8 +70,8 @@ const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT; * Date: 11 Feb 1996 06:45:03 GMT */ -void RC2_ecb_encrypt(unsigned char *in, unsigned char *out, RC2_KEY *ks, - int encrypt) +void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks, + int encrypt) { unsigned long l,d[2]; diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c index 7143c4e591a91..cab3080c73dc7 100644 --- a/crypto/rc2/rc2_skey.c +++ b/crypto/rc2/rc2_skey.c @@ -90,7 +90,7 @@ static unsigned char key_table[256]={ * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ -void RC2_set_key(RC2_KEY *key, int len, unsigned char *data, int bits) +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) { int i,j; unsigned char *k; diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c index 5e3fa07d90724..b3a0158a6e65c 100644 --- a/crypto/rc2/rc2cfb64.c +++ b/crypto/rc2/rc2cfb64.c @@ -64,8 +64,9 @@ * 64bit block we have used is contained in *num; */ -void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num, int encrypt) +void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num, int encrypt) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c index 42cdd40cdd982..9e297867ed569 100644 --- a/crypto/rc2/rc2ofb64.c +++ b/crypto/rc2/rc2ofb64.c @@ -63,8 +63,9 @@ * used. The extra state information to record how much of the * 64bit block we have used is contained in *num; */ -void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num) +void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rc5/rc5.h b/crypto/rc5/rc5.h index 38e901502b946..fc4cea5e36a5a 100644 --- a/crypto/rc5/rc5.h +++ b/crypto/rc5/rc5.h @@ -93,18 +93,21 @@ typedef struct rc5_key_st } RC5_32_KEY; -void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data, +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); -void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key, +void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, int enc); void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key); void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key); -void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *ks, unsigned char *iv, int enc); -void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num); +void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *ks, unsigned char *iv, + int enc); +void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num, int enc); +void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num); #ifdef __cplusplus } diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c index 17e877a146a73..1841892b2a8d2 100644 --- a/crypto/rc5/rc5_ecb.c +++ b/crypto/rc5/rc5_ecb.c @@ -62,8 +62,8 @@ char *RC5_version="RC5" OPENSSL_VERSION_PTEXT; -void RC5_32_ecb_encrypt(unsigned char *in, unsigned char *out, RC5_32_KEY *ks, - int encrypt) +void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out, + RC5_32_KEY *ks, int encrypt) { unsigned long l,d[2]; diff --git a/crypto/rc5/rc5_enc.c b/crypto/rc5/rc5_enc.c index 1124fd22eb09e..f327d32a76608 100644 --- a/crypto/rc5/rc5_enc.c +++ b/crypto/rc5/rc5_enc.c @@ -60,8 +60,9 @@ #include #include "rc5_locl.h" -void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *ks, unsigned char *iv, int encrypt) +void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *ks, unsigned char *iv, + int encrypt) { register unsigned long tin0,tin1; register unsigned long tout0,tout1,xor0,xor1; diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c index 64e13487bfc62..a2e00a41c5501 100644 --- a/crypto/rc5/rc5_skey.c +++ b/crypto/rc5/rc5_skey.c @@ -59,8 +59,8 @@ #include #include "rc5_locl.h" -void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data, - int rounds) +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) { RC5_32_INT L[64],l,ll,A,B,*S,k; int i,j,m,c,t,ii,jj; diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c index 55e03087e2e0e..3a8b60bc7a875 100644 --- a/crypto/rc5/rc5cfb64.c +++ b/crypto/rc5/rc5cfb64.c @@ -64,8 +64,9 @@ * 64bit block we have used is contained in *num; */ -void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num, int encrypt) +void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num, int encrypt) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c index fd2ecddf6ca4b..d412215f3c335 100644 --- a/crypto/rc5/rc5ofb64.c +++ b/crypto/rc5/rc5ofb64.c @@ -63,8 +63,9 @@ * used. The extra state information to record how much of the * 64bit block we have used is contained in *num; */ -void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num) +void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 8deb536cc6efd..8b8a1e279a7e3 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -109,7 +109,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from, BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -164,7 +164,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from, if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -184,7 +184,7 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from, if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -242,7 +242,7 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from, if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -265,7 +265,7 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from, num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -337,7 +337,7 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from, if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -359,7 +359,7 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from, if (ctx == NULL) goto err; num=BN_num_bytes(rsa->n); - buf=(unsigned char *)Malloc(num); + buf=(unsigned char *)OPENSSL_malloc(num); if (buf == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); @@ -411,7 +411,7 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from, if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 95e636d3f0233..00c25adbc5884 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -95,7 +95,7 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, * unsigned long can be larger */ for (i=0; ie,i); } #else diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index c7c93234e2f6c..55b4a82dee96d 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -155,7 +155,7 @@ RSA *RSA_new_method(ENGINE *engine) RSA_METHOD *meth; RSA *ret; - ret=(RSA *)Malloc(sizeof(RSA)); + ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); if (ret == NULL) { RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -193,7 +193,7 @@ RSA *RSA_new_method(ENGINE *engine) ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -237,8 +237,8 @@ void RSA_free(RSA *r) if (r->dmq1 != NULL) BN_clear_free(r->dmq1); if (r->iqmp != NULL) BN_clear_free(r->iqmp); if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->bignum_data != NULL) Free_locked(r->bignum_data); - Free(r); + if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); + OPENSSL_free(r); } int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, @@ -360,7 +360,7 @@ int RSA_memory_lock(RSA *r) j=1; for (i=0; i<6; i++) j+= (*t[i])->top; - if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) + if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) { RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); return(0); diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 1465c01f4f440..fd0b7f361fbba 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -34,7 +34,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, return (0); } - dbmask = Malloc(emlen - SHA_DIGEST_LENGTH); + dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); if (dbmask == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -66,7 +66,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; - Free(dbmask); + OPENSSL_free(dbmask); return (1); } @@ -86,7 +86,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, } dblen = num - SHA_DIGEST_LENGTH; - db = Malloc(dblen); + db = OPENSSL_malloc(dblen); if (db == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -128,7 +128,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, memcpy(to, db + i, mlen); } } - Free(db); + OPENSSL_free(db); return (mlen); } diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index 61efb0b00fd71..c77f4381ffb11 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -81,7 +81,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); return(0); } - s=(unsigned char *)Malloc((unsigned int)j+1); + s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -96,7 +96,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, *siglen=i; memset(s,0,(unsigned int)j+1); - Free(s); + OPENSSL_free(s); return(ret); } @@ -114,7 +114,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, return(0); } - s=(unsigned char *)Malloc((unsigned int)siglen); + s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -138,7 +138,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, err: if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); memset(s,0,(unsigned int)siglen); - Free(s); + OPENSSL_free(s); return(ret); } diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 2b98348b38fbe..cf008762924d5 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -117,7 +117,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, return(0); } if(type != NID_md5_sha1) { - s=(unsigned char *)Malloc((unsigned int)j+1); + s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); @@ -134,7 +134,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, if(type != NID_md5_sha1) { memset(s,0,(unsigned int)j+1); - Free(s); + OPENSSL_free(s); } return(ret); } @@ -156,7 +156,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); - s=(unsigned char *)Malloc((unsigned int)siglen); + s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); @@ -218,7 +218,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, err: if (sig != NULL) X509_SIG_free(sig); memset(s,0,(unsigned int)siglen); - Free(s); + OPENSSL_free(s); return(ret); } diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index da631581f6eae..228b4f8184d41 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -57,6 +57,8 @@ #include +#ifdef DEBUG_SAFESTACK + #define STACK_OF(type) struct stack_st_##type #define PREDECLARE_STACK_OF(type) STACK_OF(type); @@ -65,7 +67,8 @@ STACK_OF(type) \ { \ STACK stack; \ }; \ -STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)); \ +STACK_OF(type) *sk_##type##_new(int (*cmp)(const type * const *, \ + const type * const *)); \ STACK_OF(type) *sk_##type##_new_null(void); \ void sk_##type##_free(STACK_OF(type) *sk); \ int sk_##type##_num(const STACK_OF(type) *sk); \ @@ -76,10 +79,11 @@ int sk_##type##_push(STACK_OF(type) *sk,type *v); \ int sk_##type##_unshift(STACK_OF(type) *sk,type *v); \ int sk_##type##_find(STACK_OF(type) *sk,type *v); \ type *sk_##type##_delete(STACK_OF(type) *sk,int n); \ -void sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v); \ +type *sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v); \ int sk_##type##_insert(STACK_OF(type) *sk,type *v,int n); \ int (*sk_##type##_set_cmp_func(STACK_OF(type) *sk, \ - int (*cmp)(type **,type **)))(type **,type **); \ + int (*cmp)(const type * const *,const type * const *))) \ + (const type * const *,const type * const *); \ STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk); \ void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)); \ type *sk_##type##_shift(STACK_OF(type) *sk); \ @@ -87,8 +91,10 @@ type *sk_##type##_pop(STACK_OF(type) *sk); \ void sk_##type##_sort(STACK_OF(type) *sk); #define IMPLEMENT_STACK_OF(type) \ -STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)) \ - { return (STACK_OF(type) *)sk_new((int (*)())cmp); } \ +STACK_OF(type) *sk_##type##_new(int (*cmp)(const type * const *, \ + const type * const *)) \ + { return (STACK_OF(type) *)sk_new( \ + (int (*)(const char * const *,const char * const *))cmp); } \ STACK_OF(type) *sk_##type##_new_null() \ { return (STACK_OF(type) *)sk_new_null(); } \ void sk_##type##_free(STACK_OF(type) *sk) \ @@ -109,13 +115,15 @@ int sk_##type##_find(STACK_OF(type) *sk,type *v) \ { return sk_find((STACK *)sk,(char *)v); } \ type *sk_##type##_delete(STACK_OF(type) *sk,int n) \ { return (type *)sk_delete((STACK *)sk,n); } \ -void sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v) \ - { sk_delete_ptr((STACK *)sk,(char *)v); } \ +type *sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v) \ + { return (type *)sk_delete_ptr((STACK *)sk,(char *)v); } \ int sk_##type##_insert(STACK_OF(type) *sk,type *v,int n) \ { return sk_insert((STACK *)sk,(char *)v,n); } \ int (*sk_##type##_set_cmp_func(STACK_OF(type) *sk, \ - int (*cmp)(type **,type **)))(type **,type **) \ - { return (int (*)(type **,type **))sk_set_cmp_func((STACK *)sk,(int(*)(const void *, const void *))cmp); } \ + int (*cmp)(const type * const *,const type * const *))) \ + (const type * const *,const type * const *) \ + { return (int (*)(const type * const *,const type * const *))sk_set_cmp_func( \ + (STACK *)sk, (int(*)(const char * const *, const char * const *))cmp); } \ STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk) \ { return (STACK_OF(type) *)sk_dup((STACK *)sk); } \ void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)) \ @@ -127,4 +135,13 @@ type *sk_##type##_pop(STACK_OF(type) *sk) \ void sk_##type##_sort(STACK_OF(type) *sk) \ { sk_sort((STACK *)sk); } +#else + +#define STACK_OF(type) STACK +#define PREDECLARE_STACK_OF(type) /* nada */ +#define DECLARE_STACK_OF(type) /* nada */ +#define IMPLEMENT_STACK_OF(type) /* nada */ + +#endif + #endif /* ndef HEADER_SAFESTACK_H */ diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index 3e2f4d8786329..d2c640075b33f 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -76,9 +76,10 @@ const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT; #include -int (*sk_set_cmp_func(STACK *sk, int (*c)(const void *,const void *)))(const void *, const void *) +int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *))) + (const char * const *, const char * const *) { - int (*old)(const void *,const void *)=sk->comp; + int (*old)(const char * const *,const char * const *)=sk->comp; if (sk->comp != c) sk->sorted=0; @@ -93,7 +94,7 @@ STACK *sk_dup(STACK *sk) char **s; if ((ret=sk_new(sk->comp)) == NULL) goto err; - s=(char **)Realloc((char *)ret->data, + s=(char **)OPENSSL_realloc((char *)ret->data, (unsigned int)sizeof(char *)*sk->num_alloc); if (s == NULL) goto err; ret->data=s; @@ -108,14 +109,14 @@ STACK *sk_dup(STACK *sk) return(NULL); } -STACK *sk_new(int (*c)(const void *, const void *)) +STACK *sk_new(int (*c)(const char * const *, const char * const *)) { STACK *ret; int i; - if ((ret=(STACK *)Malloc(sizeof(STACK))) == NULL) + if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL) goto err0; - if ((ret->data=(char **)Malloc(sizeof(char *)*MIN_NODES)) == NULL) + if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL) goto err1; for (i=0; idata[i]=NULL; @@ -125,7 +126,7 @@ STACK *sk_new(int (*c)(const void *, const void *)) ret->sorted=0; return(ret); err1: - Free(ret); + OPENSSL_free(ret); err0: return(NULL); } @@ -137,7 +138,7 @@ int sk_insert(STACK *st, char *data, int loc) if(st == NULL) return 0; if (st->num_alloc <= st->num+1) { - s=(char **)Realloc((char *)st->data, + s=(char **)OPENSSL_realloc((char *)st->data, (unsigned int)sizeof(char *)*st->num_alloc*2); if (s == NULL) return(0); @@ -218,13 +219,24 @@ int sk_find(STACK *st, char *data) } sk_sort(st); if (data == NULL) return(-1); - comp_func=st->comp; + /* This (and the "qsort" below) are the two places in OpenSSL + * where we need to convert from our standard (type **,type **) + * compare callback type to the (void *,void *) type required by + * bsearch. However, the "data" it is being called(back) with are + * not (type *) pointers, but the *pointers* to (type *) pointers, + * so we get our extra level of pointer dereferencing that way. */ + comp_func=(int (*)(const void *,const void *))(st->comp); r=(char **)bsearch(&data,(char *)st->data, st->num,sizeof(char *), comp_func); if (r == NULL) return(-1); i=(int)(r-st->data); for ( ; i>0; i--) - if ((*st->comp)(&(st->data[i-1]),&data) < 0) + /* This needs a cast because the type being pointed to from + * the "&" expressions are (char *) rather than (const char *). + * For an explanation, read: + * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */ + if ((*st->comp)((const char * const *)&(st->data[i-1]), + (const char * const *)&data) < 0) break; return(i); } @@ -275,17 +287,17 @@ void sk_pop_free(STACK *st, void (*func)(void *)) void sk_free(STACK *st) { if (st == NULL) return; - if (st->data != NULL) Free(st->data); - Free(st); + if (st->data != NULL) OPENSSL_free(st->data); + OPENSSL_free(st); } -int sk_num(STACK *st) +int sk_num(const STACK *st) { if(st == NULL) return -1; return st->num; } -char *sk_value(STACK *st, int i) +char *sk_value(const STACK *st, int i) { if(st == NULL) return NULL; return st->data[i]; @@ -303,7 +315,12 @@ void sk_sort(STACK *st) { int (*comp_func)(const void *,const void *); - comp_func=st->comp; + /* same comment as in sk_find ... previously st->comp was declared + * as a (void*,void*) callback type, but this made the population + * of the callback pointer illogical - our callbacks compare + * type** with type**, so we leave the casting until absolutely + * necessary (ie. "now"). */ + comp_func=(int (*)(const void *,const void *))(st->comp); qsort(st->data,st->num,sizeof(char *), comp_func); st->sorted=1; } diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h index a6665f3b30f20..6f5b4bdce27cd 100644 --- a/crypto/stack/stack.h +++ b/crypto/stack/stack.h @@ -70,21 +70,21 @@ typedef struct stack_st int sorted; int num_alloc; - int (*comp)(const void *, const void *); + int (*comp)(const char * const *, const char * const *); } STACK; - -#define sk_new_null() sk_new(NULL) +#define sk_new_null() sk_new((int (*)(const char * const *, \ + const char * const *))NULL) #define M_sk_num(sk) ((sk) ? (sk)->num:-1) #define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) -int sk_num(STACK *); -char *sk_value(STACK *, int); +int sk_num(const STACK *); +char *sk_value(const STACK *, int); char *sk_set(STACK *, int, char *); -STACK *sk_new(int (*cmp)(const void *, const void *)); +STACK *sk_new(int (*cmp)(const char * const *, const char * const *)); void sk_free(STACK *); void sk_pop_free(STACK *st, void (*func)(void *)); int sk_insert(STACK *sk,char *data,int where); @@ -96,7 +96,9 @@ int sk_unshift(STACK *st,char *data); char *sk_shift(STACK *st); char *sk_pop(STACK *st); void sk_zero(STACK *st); -int (*sk_set_cmp_func(STACK *sk, int (*c)(const void *,const void *)))(const void *, const void *); +int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *, + const char * const *))) + (const char * const *, const char * const *); STACK *sk_dup(STACK *st); void sk_sort(STACK *st); diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index 24713a3157398..100165948c028 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -699,7 +699,7 @@ void thread_setup(void) { int i; - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(HANDLE)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE)); for (i=0; inum_fields=num; ret->index=NULL; ret->qual=NULL; if ((ret->data=sk_new_null()) == NULL) goto err; - if ((ret->index=(LHASH **)Malloc(sizeof(LHASH *)*num)) == NULL) + if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) goto err; - if ((ret->qual=(int (**)())Malloc(sizeof(int (**)())*num)) == NULL) + if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL) goto err; for (i=0; idata[offset-1]='\0'; /* blat the '\n' */ - p=(char *)Malloc(add+offset); + p=(char *)OPENSSL_malloc(add+offset); offset=0; } pp=(char **)p; @@ -177,12 +177,12 @@ TXT_DB *TXT_DB_read(BIO *in, int num) if (er) { #if !defined(NO_STDIO) && !defined(WIN16) - if (er == 1) fprintf(stderr,"Malloc failure\n"); + if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n"); #endif if (ret->data != NULL) sk_free(ret->data); - if (ret->index != NULL) Free(ret->index); - if (ret->qual != NULL) Free(ret->qual); - if (ret != NULL) Free(ret); + if (ret->index != NULL) OPENSSL_free(ret->index); + if (ret->qual != NULL) OPENSSL_free(ret->qual); + if (ret != NULL) OPENSSL_free(ret); return(NULL); } else @@ -349,10 +349,10 @@ void TXT_DB_free(TXT_DB *db) { for (i=db->num_fields-1; i>=0; i--) if (db->index[i] != NULL) lh_free(db->index[i]); - Free(db->index); + OPENSSL_free(db->index); } if (db->qual != NULL) - Free(db->qual); + OPENSSL_free(db->qual); if (db->data != NULL) { for (i=sk_num(db->data)-1; i>=0; i--) @@ -364,7 +364,7 @@ void TXT_DB_free(TXT_DB *db) if (max == NULL) /* new row */ { for (n=0; nnum_fields; n++) - if (p[n] != NULL) Free(p[n]); + if (p[n] != NULL) OPENSSL_free(p[n]); } else { @@ -372,12 +372,12 @@ void TXT_DB_free(TXT_DB *db) { if (((p[n] < (char *)p) || (p[n] > max)) && (p[n] != NULL)) - Free(p[n]); + OPENSSL_free(p[n]); } } - Free(sk_value(db->data,i)); + OPENSSL_free(sk_value(db->data,i)); } sk_free(db->data); } - Free(db); + OPENSSL_free(db); } diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index 14d12c56bd709..c5920cc7dd9e4 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -146,11 +146,11 @@ static int new_dir(X509_LOOKUP *lu) { BY_DIR *a; - if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL) + if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) return(0); if ((a->buffer=BUF_MEM_new()) == NULL) { - Free(a); + OPENSSL_free(a); return(0); } a->num_dirs=0; @@ -168,11 +168,11 @@ static void free_dir(X509_LOOKUP *lu) a=(BY_DIR *)lu->method_data; for (i=0; inum_dirs; i++) - if (a->dirs[i] != NULL) Free(a->dirs[i]); - if (a->dirs != NULL) Free(a->dirs); - if (a->dirs_type != NULL) Free(a->dirs_type); + if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]); + if (a->dirs != NULL) OPENSSL_free(a->dirs); + if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type); if (a->buffer != NULL) BUF_MEM_free(a->buffer); - Free(a); + OPENSSL_free(a); } static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) @@ -204,9 +204,9 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) { ctx->num_dirs_alloced+=10; - pp=(char **)Malloc(ctx->num_dirs_alloced* + pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced* sizeof(char *)); - ip=(int *)Malloc(ctx->num_dirs_alloced* + ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced* sizeof(int)); if ((pp == NULL) || (ip == NULL)) { @@ -218,14 +218,14 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)* sizeof(int)); if (ctx->dirs != NULL) - Free(ctx->dirs); + OPENSSL_free(ctx->dirs); if (ctx->dirs_type != NULL) - Free(ctx->dirs_type); + OPENSSL_free(ctx->dirs_type); ctx->dirs=pp; ctx->dirs_type=ip; } ctx->dirs_type[ctx->num_dirs]=type; - ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1); + ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1); if (ctx->dirs[ctx->num_dirs] == NULL) return(0); strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len); ctx->dirs[ctx->num_dirs][len]='\0'; diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index a0aaad8366a49..1dae31a233c18 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -143,6 +143,37 @@ typedef struct X509_algor_st } X509_ALGOR; DECLARE_STACK_OF(X509_ALGOR) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_ALGOR_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_ALGOR_new_null() sk_new_null() + #define sk_X509_ALGOR_free(a) sk_free(a) + #define sk_X509_ALGOR_num(a) sk_num(a) + #define sk_X509_ALGOR_value(a,b) ((X509_ALGOR *) \ + sk_value((a),(b))) + #define sk_X509_ALGOR_set(a,b,c) ((X509_ALGOR *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_ALGOR_zero(a) sk_zero(a) + #define sk_X509_ALGOR_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_ALGOR_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_ALGOR_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_ALGOR_delete(a,b) ((X509_ALGOR *) \ + sk_delete((a),(b))) + #define sk_X509_ALGOR_delete_ptr(a,b) ((X509_ALGOR *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_ALGOR_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_ALGOR_set_cmp_func(a,b) ((int (*) \ + (const X509_ALGOR * const *,const X509_ALGOR * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_ALGOR_dup(a) sk_dup(a) + #define sk_X509_ALGOR_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_ALGOR_shift(a) ((X509_ALGOR *)sk_shift(a)) + #define sk_X509_ALGOR_pop(a) ((X509_ALGOR *)sk_pop(a)) + #define sk_X509_ALGOR_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_ALGOR) typedef struct X509_val_st @@ -173,6 +204,37 @@ typedef struct X509_name_entry_st } X509_NAME_ENTRY; DECLARE_STACK_OF(X509_NAME_ENTRY) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_NAME_ENTRY_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_NAME_ENTRY_new_null() sk_new_null() + #define sk_X509_NAME_ENTRY_free(a) sk_free(a) + #define sk_X509_NAME_ENTRY_num(a) sk_num(a) + #define sk_X509_NAME_ENTRY_value(a,b) ((X509_NAME_ENTRY *) \ + sk_value((a),(b))) + #define sk_X509_NAME_ENTRY_set(a,b,c) ((X509_NAME_ENTRY *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_NAME_ENTRY_zero(a) sk_zero(a) + #define sk_X509_NAME_ENTRY_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_NAME_ENTRY_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_NAME_ENTRY_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_NAME_ENTRY_delete(a,b) ((X509_NAME_ENTRY *) \ + sk_delete((a),(b))) + #define sk_X509_NAME_ENTRY_delete_ptr(a,b) ((X509_NAME_ENTRY *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_NAME_ENTRY_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_NAME_ENTRY_set_cmp_func(a,b) ((int (*) \ + (const X509_NAME_ENTRY * const *,const X509_NAME_ENTRY * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_NAME_ENTRY_dup(a) sk_dup(a) + #define sk_X509_NAME_ENTRY_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_NAME_ENTRY_shift(a) ((X509_NAME_ENTRY *)sk_shift(a)) + #define sk_X509_NAME_ENTRY_pop(a) ((X509_NAME_ENTRY *)sk_pop(a)) + #define sk_X509_NAME_ENTRY_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) /* we always keep X509_NAMEs in 2 forms. */ @@ -189,6 +251,37 @@ typedef struct X509_name_st } X509_NAME; DECLARE_STACK_OF(X509_NAME) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_NAME_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_NAME_new_null() sk_new_null() + #define sk_X509_NAME_free(a) sk_free(a) + #define sk_X509_NAME_num(a) sk_num(a) + #define sk_X509_NAME_value(a,b) ((X509_NAME *) \ + sk_value((a),(b))) + #define sk_X509_NAME_set(a,b,c) ((X509_NAME *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_NAME_zero(a) sk_zero(a) + #define sk_X509_NAME_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_NAME_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_NAME_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_NAME_delete(a,b) ((X509_NAME *) \ + sk_delete((a),(b))) + #define sk_X509_NAME_delete_ptr(a,b) ((X509_NAME *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_NAME_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_NAME_set_cmp_func(a,b) ((int (*) \ + (const X509_NAME * const *,const X509_NAME * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_NAME_dup(a) sk_dup(a) + #define sk_X509_NAME_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_NAME_shift(a) ((X509_NAME *)sk_shift(a)) + #define sk_X509_NAME_pop(a) ((X509_NAME *)sk_pop(a)) + #define sk_X509_NAME_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ #define X509_EX_V_NETSCAPE_HACK 0x8000 #define X509_EX_V_INIT 0x0001 @@ -203,6 +296,37 @@ typedef struct X509_extension_st } X509_EXTENSION; DECLARE_STACK_OF(X509_EXTENSION) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_EXTENSION_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_EXTENSION_new_null() sk_new_null() + #define sk_X509_EXTENSION_free(a) sk_free(a) + #define sk_X509_EXTENSION_num(a) sk_num(a) + #define sk_X509_EXTENSION_value(a,b) ((X509_EXTENSION *) \ + sk_value((a),(b))) + #define sk_X509_EXTENSION_set(a,b,c) ((X509_EXTENSION *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_EXTENSION_zero(a) sk_zero(a) + #define sk_X509_EXTENSION_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_EXTENSION_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_EXTENSION_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_EXTENSION_delete(a,b) ((X509_EXTENSION *) \ + sk_delete((a),(b))) + #define sk_X509_EXTENSION_delete_ptr(a,b) ((X509_EXTENSION *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_EXTENSION_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_EXTENSION_set_cmp_func(a,b) ((int (*) \ + (const X509_EXTENSION * const *,const X509_EXTENSION * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_EXTENSION_dup(a) sk_dup(a) + #define sk_X509_EXTENSION_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_EXTENSION_shift(a) ((X509_EXTENSION *)sk_shift(a)) + #define sk_X509_EXTENSION_pop(a) ((X509_EXTENSION *)sk_pop(a)) + #define sk_X509_EXTENSION_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_EXTENSION) /* a sequence of these are used */ @@ -218,6 +342,37 @@ typedef struct x509_attributes_st } X509_ATTRIBUTE; DECLARE_STACK_OF(X509_ATTRIBUTE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_ATTRIBUTE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_ATTRIBUTE_new_null() sk_new_null() + #define sk_X509_ATTRIBUTE_free(a) sk_free(a) + #define sk_X509_ATTRIBUTE_num(a) sk_num(a) + #define sk_X509_ATTRIBUTE_value(a,b) ((X509_ATTRIBUTE *) \ + sk_value((a),(b))) + #define sk_X509_ATTRIBUTE_set(a,b,c) ((X509_ATTRIBUTE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_ATTRIBUTE_zero(a) sk_zero(a) + #define sk_X509_ATTRIBUTE_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_ATTRIBUTE_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_ATTRIBUTE_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_ATTRIBUTE_delete(a,b) ((X509_ATTRIBUTE *) \ + sk_delete((a),(b))) + #define sk_X509_ATTRIBUTE_delete_ptr(a,b) ((X509_ATTRIBUTE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_ATTRIBUTE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_ATTRIBUTE_set_cmp_func(a,b) ((int (*) \ + (const X509_ATTRIBUTE * const *,const X509_ATTRIBUTE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_ATTRIBUTE_dup(a) sk_dup(a) + #define sk_X509_ATTRIBUTE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_ATTRIBUTE_shift(a) ((X509_ATTRIBUTE *)sk_shift(a)) + #define sk_X509_ATTRIBUTE_pop(a) ((X509_ATTRIBUTE *)sk_pop(a)) + #define sk_X509_ATTRIBUTE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) typedef struct X509_req_info_st @@ -289,6 +444,37 @@ typedef struct x509_st } X509; DECLARE_STACK_OF(X509) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_new_null() sk_new_null() + #define sk_X509_free(a) sk_free(a) + #define sk_X509_num(a) sk_num(a) + #define sk_X509_value(a,b) ((X509 *) \ + sk_value((a),(b))) + #define sk_X509_set(a,b,c) ((X509 *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_zero(a) sk_zero(a) + #define sk_X509_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_delete(a,b) ((X509 *) \ + sk_delete((a),(b))) + #define sk_X509_delete_ptr(a,b) ((X509 *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_set_cmp_func(a,b) ((int (*) \ + (const X509 * const *,const X509 * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_dup(a) sk_dup(a) + #define sk_X509_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_shift(a) ((X509 *)sk_shift(a)) + #define sk_X509_pop(a) ((X509 *)sk_pop(a)) + #define sk_X509_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509) /* This is used for a table of trust checking functions */ @@ -303,6 +489,37 @@ typedef struct x509_trust_st { } X509_TRUST; DECLARE_STACK_OF(X509_TRUST) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_TRUST_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_TRUST_new_null() sk_new_null() + #define sk_X509_TRUST_free(a) sk_free(a) + #define sk_X509_TRUST_num(a) sk_num(a) + #define sk_X509_TRUST_value(a,b) ((X509_TRUST *) \ + sk_value((a),(b))) + #define sk_X509_TRUST_set(a,b,c) ((X509_TRUST *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_TRUST_zero(a) sk_zero(a) + #define sk_X509_TRUST_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_TRUST_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_TRUST_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_TRUST_delete(a,b) ((X509_TRUST *) \ + sk_delete((a),(b))) + #define sk_X509_TRUST_delete_ptr(a,b) ((X509_TRUST *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_TRUST_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_TRUST_set_cmp_func(a,b) ((int (*) \ + (const X509_TRUST * const *,const X509_TRUST * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_TRUST_dup(a) sk_dup(a) + #define sk_X509_TRUST_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_TRUST_shift(a) ((X509_TRUST *)sk_shift(a)) + #define sk_X509_TRUST_pop(a) ((X509_TRUST *)sk_pop(a)) + #define sk_X509_TRUST_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* standard trust ids */ @@ -338,6 +555,37 @@ typedef struct X509_revoked_st } X509_REVOKED; DECLARE_STACK_OF(X509_REVOKED) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_REVOKED_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_REVOKED_new_null() sk_new_null() + #define sk_X509_REVOKED_free(a) sk_free(a) + #define sk_X509_REVOKED_num(a) sk_num(a) + #define sk_X509_REVOKED_value(a,b) ((X509_REVOKED *) \ + sk_value((a),(b))) + #define sk_X509_REVOKED_set(a,b,c) ((X509_REVOKED *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_REVOKED_zero(a) sk_zero(a) + #define sk_X509_REVOKED_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_REVOKED_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_REVOKED_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_REVOKED_delete(a,b) ((X509_REVOKED *) \ + sk_delete((a),(b))) + #define sk_X509_REVOKED_delete_ptr(a,b) ((X509_REVOKED *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_REVOKED_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_REVOKED_set_cmp_func(a,b) ((int (*) \ + (const X509_REVOKED * const *,const X509_REVOKED * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_REVOKED_dup(a) sk_dup(a) + #define sk_X509_REVOKED_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_REVOKED_shift(a) ((X509_REVOKED *)sk_shift(a)) + #define sk_X509_REVOKED_pop(a) ((X509_REVOKED *)sk_pop(a)) + #define sk_X509_REVOKED_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_REVOKED) typedef struct X509_crl_info_st @@ -361,6 +609,37 @@ typedef struct X509_crl_st } X509_CRL; DECLARE_STACK_OF(X509_CRL) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_CRL_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_CRL_new_null() sk_new_null() + #define sk_X509_CRL_free(a) sk_free(a) + #define sk_X509_CRL_num(a) sk_num(a) + #define sk_X509_CRL_value(a,b) ((X509_CRL *) \ + sk_value((a),(b))) + #define sk_X509_CRL_set(a,b,c) ((X509_CRL *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_CRL_zero(a) sk_zero(a) + #define sk_X509_CRL_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_CRL_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_CRL_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_CRL_delete(a,b) ((X509_CRL *) \ + sk_delete((a),(b))) + #define sk_X509_CRL_delete_ptr(a,b) ((X509_CRL *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_CRL_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_CRL_set_cmp_func(a,b) ((int (*) \ + (const X509_CRL * const *,const X509_CRL * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_CRL_dup(a) sk_dup(a) + #define sk_X509_CRL_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_CRL_shift(a) ((X509_CRL *)sk_shift(a)) + #define sk_X509_CRL_pop(a) ((X509_CRL *)sk_pop(a)) + #define sk_X509_CRL_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_CRL) typedef struct private_key_st @@ -399,6 +678,37 @@ typedef struct X509_info_st } X509_INFO; DECLARE_STACK_OF(X509_INFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_INFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_INFO_new_null() sk_new_null() + #define sk_X509_INFO_free(a) sk_free(a) + #define sk_X509_INFO_num(a) sk_num(a) + #define sk_X509_INFO_value(a,b) ((X509_INFO *) \ + sk_value((a),(b))) + #define sk_X509_INFO_set(a,b,c) ((X509_INFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_INFO_zero(a) sk_zero(a) + #define sk_X509_INFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_INFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_INFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_INFO_delete(a,b) ((X509_INFO *) \ + sk_delete((a),(b))) + #define sk_X509_INFO_delete_ptr(a,b) ((X509_INFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_INFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_INFO_set_cmp_func(a,b) ((int (*) \ + (const X509_INFO * const *,const X509_INFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_INFO_dup(a) sk_dup(a) + #define sk_X509_INFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_INFO_shift(a) ((X509_INFO *)sk_shift(a)) + #define sk_X509_INFO_pop(a) ((X509_INFO *)sk_pop(a)) + #define sk_X509_INFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ #endif /* The next 2 structures and their 8 routines were sent to me by @@ -659,11 +969,14 @@ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_digest(X509 *data,const EVP_MD *type,unsigned char *md,unsigned int *len); -int X509_CRL_digest(X509_CRL *data,const EVP_MD *type,unsigned char *md,unsigned int *len); -int X509_REQ_digest(X509_REQ *data,const EVP_MD *type,unsigned char *md,unsigned int *len); -int X509_NAME_digest(X509_NAME *data,const EVP_MD *type, - unsigned char *md,unsigned int *len); +int X509_digest(const X509 *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); +int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); +int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); +int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); #endif #ifndef NO_FP_API @@ -963,20 +1276,20 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req, int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); -int X509_issuer_and_serial_cmp(X509 *a, X509 *b); +int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); unsigned long X509_issuer_and_serial_hash(X509 *a); -int X509_issuer_name_cmp(X509 *a, X509 *b); +int X509_issuer_name_cmp(const X509 *a, const X509 *b); unsigned long X509_issuer_name_hash(X509 *a); -int X509_subject_name_cmp(X509 *a,X509 *b); +int X509_subject_name_cmp(const X509 *a, const X509 *b); unsigned long X509_subject_name_hash(X509 *x); -int X509_cmp (X509 *a, X509 *b); -int X509_NAME_cmp (X509_NAME *a, X509_NAME *b); +int X509_cmp(const X509 *a, const X509 *b); +int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); unsigned long X509_NAME_hash(X509_NAME *x); -int X509_CRL_cmp(X509_CRL *a,X509_CRL *b); +int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); #ifndef NO_FP_API int X509_print_fp(FILE *bp,X509 *x); int X509_CRL_print_fp(FILE *bp,X509_CRL *x); diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index a8a5ca8b03e61..b147d573d2f96 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -63,7 +63,7 @@ #include #include -int X509_issuer_and_serial_cmp(X509 *a, X509 *b) +int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) { int i; X509_CINF *ai,*bi; @@ -97,17 +97,17 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) } #endif -int X509_issuer_name_cmp(X509 *a, X509 *b) +int X509_issuer_name_cmp(const X509 *a, const X509 *b) { return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); } -int X509_subject_name_cmp(X509 *a, X509 *b) +int X509_subject_name_cmp(const X509 *a, const X509 *b) { return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); } -int X509_CRL_cmp(X509_CRL *a, X509_CRL *b) +int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) { return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); } @@ -139,19 +139,25 @@ unsigned long X509_subject_name_hash(X509 *x) #ifndef NO_SHA /* Compare two certificates: they must be identical for - * this to work. + * this to work. NB: Although "cmp" operations are generally + * prototyped to take "const" arguments (eg. for use in + * STACKs), the way X509 handling is - these operations may + * involve ensuring the hashes are up-to-date and ensuring + * certain cert information is cached. So this is the point + * where the "depth-first" constification tree has to halt + * with an evil cast. */ -int X509_cmp(X509 *a, X509 *b) +int X509_cmp(const X509 *a, const X509 *b) { /* ensure hash is valid */ - X509_check_purpose(a, -1, 0); - X509_check_purpose(b, -1, 0); + X509_check_purpose((X509 *)a, -1, 0); + X509_check_purpose((X509 *)b, -1, 0); return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); } #endif -int X509_NAME_cmp(X509_NAME *a, X509_NAME *b) +int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) { int i,j; X509_NAME_ENTRY *na,*nb; @@ -198,14 +204,14 @@ unsigned long X509_NAME_hash(X509_NAME *x) i=i2d_X509_NAME(x,NULL); if (i > sizeof(str)) - p=Malloc(i); + p=OPENSSL_malloc(i); else p=str; pp=p; i2d_X509_NAME(x,&pp); MD5((unsigned char *)p,i,&(md[0])); - if (p != str) Free(p); + if (p != str) OPENSSL_free(p); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index a20006d67e2b3..5e5458568fc09 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -68,7 +68,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *ret; - ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP)); + ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP)); if (ret == NULL) return(NULL); ret->init=0; @@ -78,7 +78,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) ret->store_ctx=NULL; if ((method->new_item != NULL) && !method->new_item(ret)) { - Free(ret); + OPENSSL_free(ret); return(NULL); } return(ret); @@ -90,7 +90,7 @@ void X509_LOOKUP_free(X509_LOOKUP *ctx) if ( (ctx->method != NULL) && (ctx->method->free != NULL)) ctx->method->free(ctx); - Free(ctx); + OPENSSL_free(ctx); } int X509_LOOKUP_init(X509_LOOKUP *ctx) @@ -197,7 +197,7 @@ X509_STORE *X509_STORE_new(void) { X509_STORE *ret; - if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL) + if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL) return(NULL); ret->certs=lh_new(x509_object_hash,x509_object_cmp); ret->cache=1; @@ -223,7 +223,7 @@ static void cleanup(X509_OBJECT *a) else abort(); - Free(a); + OPENSSL_free(a); } void X509_STORE_free(X509_STORE *vfy) @@ -247,7 +247,7 @@ void X509_STORE_free(X509_STORE *vfy) CRYPTO_free_ex_data(x509_store_meth,vfy,&vfy->ex_data); lh_doall(vfy->certs,cleanup); lh_free(vfy->certs); - Free(vfy); + OPENSSL_free(vfy); } X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) @@ -384,7 +384,7 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h, int type, X509_STORE_CTX *X509_STORE_CTX_new(void) { X509_STORE_CTX *ctx; - ctx = (X509_STORE_CTX *)Malloc(sizeof(X509_STORE_CTX)); + ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); if(ctx) memset(ctx, 0, sizeof(X509_STORE_CTX)); return ctx; } @@ -392,7 +392,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) void X509_STORE_CTX_free(X509_STORE_CTX *ctx) { X509_STORE_CTX_cleanup(ctx); - Free(ctx); + OPENSSL_free(ctx); } void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c index 691b71f031583..6a3ba8eb15432 100644 --- a/crypto/x509/x509_obj.c +++ b/crypto/x509/x509_obj.c @@ -91,7 +91,7 @@ int i; if(b) { buf=b->data; - Free(b); + OPENSSL_free(b); } strncpy(buf,"NO X509_NAME",len); return buf; @@ -210,7 +210,7 @@ int i; if (b != NULL) { p=b->data; - Free(b); + OPENSSL_free(b); } else p=buf; diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index baef8790eb94d..7eca1bd57a3df 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -83,7 +83,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ri=ret->req_info; ri->version->length=1; - ri->version->data=(unsigned char *)Malloc(1); + ri->version->data=(unsigned char *)OPENSSL_malloc(1); if (ri->version->data == NULL) goto err; ri->version->data[0]=0; /* version == 0 */ @@ -188,7 +188,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, /* Generate encoding of extensions */ len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(p = Malloc(len))) goto err; + if(!(p = OPENSSL_malloc(len))) goto err; q = p; i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); @@ -204,7 +204,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; return 1; err: - if(p) Free(p); + if(p) OPENSSL_free(p); X509_ATTRIBUTE_free(attr); ASN1_TYPE_free(at); return 0; diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index c779aaf94d614..a7b1543461b9e 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -61,7 +61,8 @@ #include -static int tr_cmp(X509_TRUST **a, X509_TRUST **b); +static int tr_cmp(const X509_TRUST * const *a, + const X509_TRUST * const *b); static void trtable_free(X509_TRUST *p); static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); @@ -88,7 +89,8 @@ IMPLEMENT_STACK_OF(X509_TRUST) static STACK_OF(X509_TRUST) *trtable = NULL; -static int tr_cmp(X509_TRUST **a, X509_TRUST **b) +static int tr_cmp(const X509_TRUST * const *a, + const X509_TRUST * const *b) { return (*a)->trust - (*b)->trust; } @@ -152,15 +154,15 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), idx = X509_TRUST_get_by_id(id); /* Need a new entry */ if(idx == -1) { - if(!(trtmp = Malloc(sizeof(X509_TRUST)))) { + if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; } else trtmp = X509_TRUST_get0(idx); - /* Free existing name if dynamic */ - if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) Free(trtmp->name); + /* OPENSSL_free existing name if dynamic */ + if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name); /* dup supplied name */ if(!(trtmp->name = BUF_strdup(name))) { X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); @@ -196,8 +198,8 @@ static void trtable_free(X509_TRUST *p) if (p->flags & X509_TRUST_DYNAMIC) { if (p->flags & X509_TRUST_DYNAMIC_NAME) - Free(p->name); - Free(p); + OPENSSL_free(p->name); + OPENSSL_free(p); } } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 3ddb2303d3809..e9311d5ea8393 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -612,7 +612,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) int ret=1; if (x == NULL) return(0); - obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); + obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); @@ -630,7 +630,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { /* oops, put it back */ lh_delete(ctx->certs,obj); X509_OBJECT_free_contents(obj); - Free(obj); + OPENSSL_free(obj); lh_insert(ctx->certs,r); X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; @@ -647,7 +647,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) int ret=1; if (x == NULL) return(0); - obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); + obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE); @@ -665,7 +665,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { /* oops, put it back */ lh_delete(ctx->certs,obj); X509_OBJECT_free_contents(obj); - Free(obj); + OPENSSL_free(obj); lh_insert(ctx->certs,r); X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h index 9173943dcda99..313b8678027f4 100644 --- a/crypto/x509/x509_vfy.h +++ b/crypto/x509/x509_vfy.h @@ -128,6 +128,37 @@ typedef struct x509_object_st typedef struct x509_lookup_st X509_LOOKUP; DECLARE_STACK_OF(X509_LOOKUP) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_LOOKUP_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_LOOKUP_new_null() sk_new_null() + #define sk_X509_LOOKUP_free(a) sk_free(a) + #define sk_X509_LOOKUP_num(a) sk_num(a) + #define sk_X509_LOOKUP_value(a,b) ((X509_LOOKUP *) \ + sk_value((a),(b))) + #define sk_X509_LOOKUP_set(a,b,c) ((X509_LOOKUP *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_LOOKUP_zero(a) sk_zero(a) + #define sk_X509_LOOKUP_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_LOOKUP_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_LOOKUP_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_LOOKUP_delete(a,b) ((X509_LOOKUP *) \ + sk_delete((a),(b))) + #define sk_X509_LOOKUP_delete_ptr(a,b) ((X509_LOOKUP *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_LOOKUP_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_LOOKUP_set_cmp_func(a,b) ((int (*) \ + (const X509_LOOKUP * const *,const X509_LOOKUP * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_LOOKUP_dup(a) sk_dup(a) + #define sk_X509_LOOKUP_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_LOOKUP_shift(a) ((X509_LOOKUP *)sk_shift(a)) + #define sk_X509_LOOKUP_pop(a) ((X509_LOOKUP *)sk_pop(a)) + #define sk_X509_LOOKUP_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* This is a static that defines the function interface */ typedef struct x509_lookup_method_st diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c index b35c3f92e7f47..fd0a534d88e55 100644 --- a/crypto/x509/x509spki.c +++ b/crypto/x509/x509spki.c @@ -82,7 +82,7 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) int spki_len; NETSCAPE_SPKI *spki; if(len <= 0) len = strlen(str); - if (!(spki_der = Malloc(len + 1))) { + if (!(spki_der = OPENSSL_malloc(len + 1))) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE); return NULL; } @@ -90,12 +90,12 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) if(spki_len < 0) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, X509_R_BASE64_DECODE_ERROR); - Free(spki_der); + OPENSSL_free(spki_der); return NULL; } p = spki_der; spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); - Free(spki_der); + OPENSSL_free(spki_der); return spki; } @@ -107,8 +107,8 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) char *b64_str; int der_len; der_len = i2d_NETSCAPE_SPKI(spki, NULL); - der_spki = Malloc(der_len); - b64_str = Malloc(der_len * 2); + der_spki = OPENSSL_malloc(der_len); + b64_str = OPENSSL_malloc(der_len * 2); if(!der_spki || !b64_str) { X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); return NULL; @@ -116,6 +116,6 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) p = der_spki; i2d_NETSCAPE_SPKI(spki, &p); EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len); - Free(der_spki); + OPENSSL_free(der_spki); return b64_str; } diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index b67ca243dc3e8..dd5796e205d2f 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -411,25 +411,25 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne) (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); } -int X509_digest(X509 *data, const EVP_MD *type, unsigned char *md, +int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); } -int X509_CRL_digest(X509_CRL *data, const EVP_MD *type, unsigned char *md, +int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len)); } -int X509_REQ_digest(X509_REQ *data, const EVP_MD *type, unsigned char *md, +int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len)); } -int X509_NAME_digest(X509_NAME *data, const EVP_MD *type, unsigned char *md, +int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c index 96c04fe4f57c5..877ae7da7b14a 100644 --- a/crypto/x509v3/v3_akey.c +++ b/crypto/x509v3/v3_akey.c @@ -132,7 +132,7 @@ void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a) M_ASN1_OCTET_STRING_free(a->keyid); sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free); M_ASN1_INTEGER_free (a->serial); - Free (a); + OPENSSL_free (a); } static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, @@ -142,7 +142,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, if(akeyid->keyid) { tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); X509V3_add_value("keyid", tmp, &extlist); - Free(tmp); + OPENSSL_free(tmp); } if(akeyid->issuer) extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); @@ -150,7 +150,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, tmp = hex_to_string(akeyid->serial->data, akeyid->serial->length); X509V3_add_value("serial", tmp, &extlist); - Free(tmp); + OPENSSL_free(tmp); } return extlist; } diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c index 1e3edc205f8dc..c576b8e955cde 100644 --- a/crypto/x509v3/v3_bcons.c +++ b/crypto/x509v3/v3_bcons.c @@ -123,7 +123,7 @@ void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a) { if (a == NULL) return; M_ASN1_INTEGER_free (a->pathlen); - Free (a); + OPENSSL_free (a); } static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index b2f03010cce7f..bdc9c1cbc1328 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -167,7 +167,7 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, X509_EXTENSION *ext; /* Convert internal representation to DER */ ext_len = method->i2d(ext_struc, NULL); - if(!(ext_der = Malloc(ext_len))) goto merr; + if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr; p = ext_der; method->i2d(ext_struc, &p); if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr; @@ -255,7 +255,7 @@ extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct); err: ASN1_OBJECT_free(obj); M_ASN1_OCTET_STRING_free(oct); -if(ext_der) Free(ext_der); +if(ext_der) OPENSSL_free(ext_der); return extension; } diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c index da9dbe1c10c0a..8203ed7571a77 100644 --- a/crypto/x509v3/v3_cpols.c +++ b/crypto/x509v3/v3_cpols.c @@ -401,7 +401,7 @@ void POLICYINFO_free(POLICYINFO *a) if (a == NULL) return; ASN1_OBJECT_free(a->policyid); sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free); - Free (a); + OPENSSL_free (a); } static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, @@ -451,7 +451,7 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) if(i) BIO_puts(out, ", "); tmp = i2s_ASN1_INTEGER(NULL, num); BIO_puts(out, tmp); - Free(tmp); + OPENSSL_free(tmp); } BIO_puts(out, "\n"); } @@ -553,7 +553,7 @@ void POLICYQUALINFO_free(POLICYQUALINFO *a) } ASN1_OBJECT_free(a->pqualid); - Free (a); + OPENSSL_free (a); } int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp) @@ -599,7 +599,7 @@ void USERNOTICE_free(USERNOTICE *a) if (a == NULL) return; NOTICEREF_free(a->noticeref); M_DISPLAYTEXT_free(a->exptext); - Free (a); + OPENSSL_free (a); } int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp) @@ -653,7 +653,7 @@ void NOTICEREF_free(NOTICEREF *a) if (a == NULL) return; M_DISPLAYTEXT_free(a->organization); sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free); - Free (a); + OPENSSL_free (a); } IMPLEMENT_STACK_OF(POLICYQUALINFO) diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c index e459d2595ac52..4fd61f2cf39c7 100644 --- a/crypto/x509v3/v3_crld.c +++ b/crypto/x509v3/v3_crld.c @@ -213,7 +213,7 @@ void DIST_POINT_free(DIST_POINT *a) DIST_POINT_NAME_free(a->distpoint); M_ASN1_BIT_STRING_free(a->reasons); sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free); - Free (a); + OPENSSL_free (a); } int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp) @@ -256,7 +256,7 @@ void DIST_POINT_NAME_free(DIST_POINT_NAME *a) if (a == NULL) return; sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free); sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free); - Free (a); + OPENSSL_free (a); } DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c index 894afa7e036b4..2de1c4b42867e 100644 --- a/crypto/x509v3/v3_genn.c +++ b/crypto/x509v3/v3_genn.c @@ -211,7 +211,7 @@ void GENERAL_NAME_free(GENERAL_NAME *a) break; } - Free (a); + OPENSSL_free (a); } /* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as @@ -286,6 +286,6 @@ void OTHERNAME_free(OTHERNAME *a) if (a == NULL) return; ASN1_OBJECT_free(a->type_id); ASN1_TYPE_free(a->value); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c index af3525f33e721..f3bba38269317 100644 --- a/crypto/x509v3/v3_ia5.c +++ b/crypto/x509v3/v3_ia5.c @@ -82,7 +82,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { char *tmp; if(!ia5 || !ia5->length) return NULL; - tmp = Malloc(ia5->length + 1); + tmp = OPENSSL_malloc(ia5->length + 1); memcpy(tmp, ia5->data, ia5->length); tmp[ia5->length] = 0; return tmp; diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c index 78d2135046ec9..9ada0b310b353 100644 --- a/crypto/x509v3/v3_info.c +++ b/crypto/x509v3/v3_info.c @@ -94,7 +94,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method if(!ret) break; vtmp = sk_CONF_VALUE_value(ret, i); i2t_ASN1_OBJECT(objtmp, 80, desc->method); - ntmp = Malloc(strlen(objtmp) + strlen(vtmp->name) + 5); + ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5); if(!ntmp) { X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); @@ -103,7 +103,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method strcpy(ntmp, objtmp); strcat(ntmp, " - "); strcat(ntmp, vtmp->name); - Free(vtmp->name); + OPENSSL_free(vtmp->name); vtmp->name = ntmp; } @@ -140,7 +140,7 @@ static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD ctmp.value = cnf->value; if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp))) goto err; - if(!(objtmp = Malloc(objlen + 1))) { + if(!(objtmp = OPENSSL_malloc(objlen + 1))) { X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); goto err; } @@ -150,10 +150,10 @@ static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD if(!acc->method) { X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); - Free(objtmp); + OPENSSL_free(objtmp); goto err; } - Free(objtmp); + OPENSSL_free(objtmp); } return ainfo; @@ -204,7 +204,7 @@ void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a) if (a == NULL) return; ASN1_OBJECT_free(a->method); GENERAL_NAME_free(a->location); - Free (a); + OPENSSL_free (a); } STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void) diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c index dcdf7d607d2c3..8f90970297e4b 100644 --- a/crypto/x509v3/v3_lib.c +++ b/crypto/x509v3/v3_lib.c @@ -66,7 +66,8 @@ static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL; -static int ext_cmp(X509V3_EXT_METHOD **a, X509V3_EXT_METHOD **b); +static int ext_cmp(const X509V3_EXT_METHOD * const *a, + const X509V3_EXT_METHOD * const *b); static void ext_list_free(X509V3_EXT_METHOD *ext); int X509V3_EXT_add(X509V3_EXT_METHOD *ext) @@ -82,7 +83,8 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext) return 1; } -static int ext_cmp(X509V3_EXT_METHOD **a, X509V3_EXT_METHOD **b) +static int ext_cmp(const X509V3_EXT_METHOD * const *a, + const X509V3_EXT_METHOD * const *b) { return ((*a)->ext_nid - (*b)->ext_nid); } @@ -125,7 +127,7 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); return 0; } - if(!(tmpext = (X509V3_EXT_METHOD *)Malloc(sizeof(X509V3_EXT_METHOD)))) { + if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); return 0; } @@ -143,7 +145,7 @@ void X509V3_EXT_cleanup(void) static void ext_list_free(X509V3_EXT_METHOD *ext) { - if(ext->ext_flags & X509V3_EXT_DYNAMIC) Free(ext); + if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext); } /* Legacy function: we don't need to add standard extensions diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c index 30a62c6090f72..47f9e8f123a96 100644 --- a/crypto/x509v3/v3_pku.c +++ b/crypto/x509v3/v3_pku.c @@ -121,7 +121,7 @@ void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a) if (a == NULL) return; M_ASN1_GENERALIZEDTIME_free(a->notBefore); M_ASN1_GENERALIZEDTIME_free(a->notAfter); - Free (a); + OPENSSL_free (a); } static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index bee624c6be9a1..dbc4fb1f16000 100644 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -133,7 +133,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent) err: sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - if(value) Free(value); + if(value) OPENSSL_free(value); method->ext_free(ext_str); return ok; } diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 7b4055f1fa299..d84d0130aead6 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -63,18 +63,19 @@ static void x509v3_cache_extensions(X509 *x); -static int ca_check(X509 *x); -static int check_ssl_ca(X509 *x); -static int check_purpose_ssl_client(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_ssl_server(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_ns_ssl_server(X509_PURPOSE *xp, X509 *x, int ca); -static int purpose_smime(X509 *x, int ca); -static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); -static int no_check(X509_PURPOSE *xp, X509 *x, int ca); - -static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); +static int ca_check(const X509 *x); +static int check_ssl_ca(const X509 *x); +static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca); +static int purpose_smime(const X509 *x, int ca); +static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca); +static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca); + +static int xp_cmp(const X509_PURPOSE * const *a, + const X509_PURPOSE * const *b); static void xptable_free(X509_PURPOSE *p); static X509_PURPOSE xstandard[] = { @@ -93,15 +94,19 @@ IMPLEMENT_STACK_OF(X509_PURPOSE) static STACK_OF(X509_PURPOSE) *xptable = NULL; -static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b) +static int xp_cmp(const X509_PURPOSE * const *a, + const X509_PURPOSE * const *b) { return (*a)->purpose - (*b)->purpose; } +/* As much as I'd like to make X509_check_purpose use a "const" X509* + * I really can't because it does recalculate hashes and do other non-const + * things. */ int X509_check_purpose(X509 *x, int id, int ca) { int idx; - X509_PURPOSE *pt; + const X509_PURPOSE *pt; if(!(x->ex_flags & EXFLAG_SET)) { CRYPTO_w_lock(CRYPTO_LOCK_X509); x509v3_cache_extensions(x); @@ -153,7 +158,7 @@ int X509_PURPOSE_get_by_id(int purpose) } int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(X509_PURPOSE *, X509 *, int), + int (*ck)(const X509_PURPOSE *, const X509 *, int), char *name, char *sname, void *arg) { int idx; @@ -166,17 +171,17 @@ int X509_PURPOSE_add(int id, int trust, int flags, idx = X509_PURPOSE_get_by_id(id); /* Need a new entry */ if(idx == -1) { - if(!(ptmp = Malloc(sizeof(X509_PURPOSE)))) { + if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; } else ptmp = X509_PURPOSE_get0(idx); - /* Free existing name if dynamic */ + /* OPENSSL_free existing name if dynamic */ if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) { - Free(ptmp->name); - Free(ptmp->sname); + OPENSSL_free(ptmp->name); + OPENSSL_free(ptmp->sname); } /* dup supplied name */ ptmp->name = BUF_strdup(name); @@ -215,10 +220,10 @@ static void xptable_free(X509_PURPOSE *p) if (p->flags & X509_PURPOSE_DYNAMIC) { if (p->flags & X509_PURPOSE_DYNAMIC_NAME) { - Free(p->name); - Free(p->sname); + OPENSSL_free(p->name); + OPENSSL_free(p->sname); } - Free(p); + OPENSSL_free(p); } } @@ -343,7 +348,7 @@ static void x509v3_cache_extensions(X509 *x) #define ns_reject(x, usage) \ (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage))) -static int ca_check(X509 *x) +static int ca_check(const X509 *x) { /* keyUsage if present should allow cert signing */ if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0; @@ -358,7 +363,7 @@ static int ca_check(X509 *x) } /* Check SSL CA: common checks for SSL client and server */ -static int check_ssl_ca(X509 *x) +static int check_ssl_ca(const X509 *x) { int ca_ret; ca_ret = ca_check(x); @@ -373,7 +378,7 @@ static int check_ssl_ca(X509 *x) } -static int check_purpose_ssl_client(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca) { if(xku_reject(x,XKU_SSL_CLIENT)) return 0; if(ca) return check_ssl_ca(x); @@ -384,7 +389,7 @@ static int check_purpose_ssl_client(X509_PURPOSE *xp, X509 *x, int ca) return 1; } -static int check_purpose_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) { if(xku_reject(x,XKU_SSL_SERVER|XKU_SGC)) return 0; if(ca) return check_ssl_ca(x); @@ -397,7 +402,7 @@ static int check_purpose_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) } -static int check_purpose_ns_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) { int ret; ret = check_purpose_ssl_server(xp, x, ca); @@ -408,7 +413,7 @@ static int check_purpose_ns_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) } /* common S/MIME checks */ -static int purpose_smime(X509 *x, int ca) +static int purpose_smime(const X509 *x, int ca) { if(xku_reject(x,XKU_SMIME)) return 0; if(ca) { @@ -432,7 +437,7 @@ static int purpose_smime(X509 *x, int ca) return 1; } -static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca) { int ret; ret = purpose_smime(x, ca); @@ -441,7 +446,7 @@ static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca) return ret; } -static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca) { int ret; ret = purpose_smime(x, ca); @@ -450,7 +455,7 @@ static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca) return ret; } -static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca) { if(ca) { int ca_ret; @@ -461,7 +466,7 @@ static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) return 1; } -static int no_check(X509_PURPOSE *xp, X509 *x, int ca) +static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca) { return 1; } diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c index 20ba8ac8d6bbc..bfecacd3367d4 100644 --- a/crypto/x509v3/v3_sxnet.c +++ b/crypto/x509v3/v3_sxnet.c @@ -132,7 +132,7 @@ void SXNET_free(SXNET *a) if (a == NULL) return; M_ASN1_INTEGER_free(a->version); sk_SXNETID_pop_free(a->ids, SXNETID_free); - Free (a); + OPENSSL_free (a); } int i2d_SXNETID(SXNETID *a, unsigned char **pp) @@ -176,7 +176,7 @@ void SXNETID_free(SXNETID *a) if (a == NULL) return; M_ASN1_INTEGER_free(a->zone); M_ASN1_OCTET_STRING_free(a->user); - Free (a); + OPENSSL_free (a); } static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, @@ -192,7 +192,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, id = sk_SXNETID_value(sx->ids, i); tmp = i2s_ASN1_INTEGER(NULL, id->zone); BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); - Free(tmp); + OPENSSL_free(tmp); M_ASN1_OCTET_STRING_print(out, id->user); } return 1; diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index 4c2c4a9483913..3f567180c597e 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -75,7 +75,7 @@ int X509V3_add_value(const char *name, const char *value, char *tname = NULL, *tvalue = NULL; if(name && !(tname = BUF_strdup(name))) goto err; if(value && !(tvalue = BUF_strdup(value))) goto err;; - if(!(vtmp = (CONF_VALUE *)Malloc(sizeof(CONF_VALUE)))) goto err; + if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; if(!*extlist && !(*extlist = sk_CONF_VALUE_new(NULL))) goto err; vtmp->section = NULL; vtmp->name = tname; @@ -84,9 +84,9 @@ int X509V3_add_value(const char *name, const char *value, return 1; err: X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE); - if(vtmp) Free(vtmp); - if(tname) Free(tname); - if(tvalue) Free(tvalue); + if(vtmp) OPENSSL_free(vtmp); + if(tname) OPENSSL_free(tname); + if(tvalue) OPENSSL_free(tvalue); return 0; } @@ -101,10 +101,10 @@ int X509V3_add_value_uchar(const char *name, const unsigned char *value, void X509V3_conf_free(CONF_VALUE *conf) { if(!conf) return; - if(conf->name) Free(conf->name); - if(conf->value) Free(conf->value); - if(conf->section) Free(conf->section); - Free(conf); + if(conf->name) OPENSSL_free(conf->name); + if(conf->value) OPENSSL_free(conf->value); + if(conf->section) OPENSSL_free(conf->section); + OPENSSL_free(conf); } int X509V3_add_value_bool(const char *name, int asn1_bool, @@ -176,7 +176,7 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, if(!aint) return 1; if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0; ret = X509V3_add_value(name, strtmp, extlist); - Free(strtmp); + OPENSSL_free(strtmp); return ret; } @@ -298,11 +298,11 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line) } X509V3_add_value(ntmp, NULL, &values); } -Free(linebuf); +OPENSSL_free(linebuf); return values; err: -Free(linebuf); +OPENSSL_free(linebuf); sk_CONF_VALUE_pop_free(values, X509V3_conf_free); return NULL; @@ -325,7 +325,7 @@ static char *strip_spaces(char *name) /* hex string utilities */ -/* Given a buffer of length 'len' return a Malloc'ed string with its +/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its * hex representation */ @@ -336,7 +336,7 @@ char *hex_to_string(unsigned char *buffer, long len) int i; static char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; - if(!(tmp = Malloc(len * 3 + 1))) { + if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); return NULL; } @@ -362,14 +362,14 @@ unsigned char *string_to_hex(char *str, long *len) X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } - if(!(hexbuf = Malloc(strlen(str) >> 1))) goto err; + if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; for(p = (unsigned char *)str, q = hexbuf; *p;) { ch = *p++; if(ch == ':') continue; cl = *p++; if(!cl) { X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS); - Free(hexbuf); + OPENSSL_free(hexbuf); return NULL; } if(isupper(ch)) ch = tolower(ch); @@ -391,12 +391,12 @@ unsigned char *string_to_hex(char *str, long *len) return hexbuf; err: - if(hexbuf) Free(hexbuf); + if(hexbuf) OPENSSL_free(hexbuf); X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE); return NULL; badhex: - Free(hexbuf); + OPENSSL_free(hexbuf); X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT); return NULL; diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index f2225d3980db2..d3952c897799f 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -132,6 +132,37 @@ typedef struct v3_ext_method X509V3_EXT_METHOD; typedef struct v3_ext_ctx X509V3_CTX; DECLARE_STACK_OF(X509V3_EXT_METHOD) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509V3_EXT_METHOD_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509V3_EXT_METHOD_new_null() sk_new_null() + #define sk_X509V3_EXT_METHOD_free(a) sk_free(a) + #define sk_X509V3_EXT_METHOD_num(a) sk_num(a) + #define sk_X509V3_EXT_METHOD_value(a,b) ((X509V3_EXT_METHOD *) \ + sk_value((a),(b))) + #define sk_X509V3_EXT_METHOD_set(a,b,c) ((X509V3_EXT_METHOD *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509V3_EXT_METHOD_zero(a) sk_zero(a) + #define sk_X509V3_EXT_METHOD_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509V3_EXT_METHOD_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509V3_EXT_METHOD_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509V3_EXT_METHOD_delete(a,b) ((X509V3_EXT_METHOD *) \ + sk_delete((a),(b))) + #define sk_X509V3_EXT_METHOD_delete_ptr(a,b) ((X509V3_EXT_METHOD *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509V3_EXT_METHOD_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509V3_EXT_METHOD_set_cmp_func(a,b) ((int (*) \ + (const X509V3_EXT_METHOD * const *,const X509V3_EXT_METHOD * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509V3_EXT_METHOD_dup(a) sk_dup(a) + #define sk_X509V3_EXT_METHOD_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509V3_EXT_METHOD_shift(a) ((X509V3_EXT_METHOD *)sk_shift(a)) + #define sk_X509V3_EXT_METHOD_pop(a) ((X509V3_EXT_METHOD *)sk_pop(a)) + #define sk_X509V3_EXT_METHOD_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* ext_flags values */ #define X509V3_EXT_DYNAMIC 0x1 @@ -186,9 +217,71 @@ typedef struct ACCESS_DESCRIPTION_st { } ACCESS_DESCRIPTION; DECLARE_STACK_OF(GENERAL_NAME) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_GENERAL_NAME_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_GENERAL_NAME_new_null() sk_new_null() + #define sk_GENERAL_NAME_free(a) sk_free(a) + #define sk_GENERAL_NAME_num(a) sk_num(a) + #define sk_GENERAL_NAME_value(a,b) ((GENERAL_NAME *) \ + sk_value((a),(b))) + #define sk_GENERAL_NAME_set(a,b,c) ((GENERAL_NAME *) \ + sk_set((a),(b),(char *)(c))) + #define sk_GENERAL_NAME_zero(a) sk_zero(a) + #define sk_GENERAL_NAME_push(a,b) sk_push((a),(char *)(b)) + #define sk_GENERAL_NAME_unshift(a,b) sk_unshift((a),(b)) + #define sk_GENERAL_NAME_find(a,b) sk_find((a), (char *)(b)) + #define sk_GENERAL_NAME_delete(a,b) ((GENERAL_NAME *) \ + sk_delete((a),(b))) + #define sk_GENERAL_NAME_delete_ptr(a,b) ((GENERAL_NAME *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_GENERAL_NAME_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_GENERAL_NAME_set_cmp_func(a,b) ((int (*) \ + (const GENERAL_NAME * const *,const GENERAL_NAME * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_GENERAL_NAME_dup(a) sk_dup(a) + #define sk_GENERAL_NAME_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_GENERAL_NAME_shift(a) ((GENERAL_NAME *)sk_shift(a)) + #define sk_GENERAL_NAME_pop(a) ((GENERAL_NAME *)sk_pop(a)) + #define sk_GENERAL_NAME_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(GENERAL_NAME) DECLARE_STACK_OF(ACCESS_DESCRIPTION) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ACCESS_DESCRIPTION_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ACCESS_DESCRIPTION_new_null() sk_new_null() + #define sk_ACCESS_DESCRIPTION_free(a) sk_free(a) + #define sk_ACCESS_DESCRIPTION_num(a) sk_num(a) + #define sk_ACCESS_DESCRIPTION_value(a,b) ((ACCESS_DESCRIPTION *) \ + sk_value((a),(b))) + #define sk_ACCESS_DESCRIPTION_set(a,b,c) ((ACCESS_DESCRIPTION *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ACCESS_DESCRIPTION_zero(a) sk_zero(a) + #define sk_ACCESS_DESCRIPTION_push(a,b) sk_push((a),(char *)(b)) + #define sk_ACCESS_DESCRIPTION_unshift(a,b) sk_unshift((a),(b)) + #define sk_ACCESS_DESCRIPTION_find(a,b) sk_find((a), (char *)(b)) + #define sk_ACCESS_DESCRIPTION_delete(a,b) ((ACCESS_DESCRIPTION *) \ + sk_delete((a),(b))) + #define sk_ACCESS_DESCRIPTION_delete_ptr(a,b) ((ACCESS_DESCRIPTION *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ACCESS_DESCRIPTION_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ACCESS_DESCRIPTION_set_cmp_func(a,b) ((int (*) \ + (const ACCESS_DESCRIPTION * const *,const ACCESS_DESCRIPTION * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ACCESS_DESCRIPTION_dup(a) sk_dup(a) + #define sk_ACCESS_DESCRIPTION_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ACCESS_DESCRIPTION_shift(a) ((ACCESS_DESCRIPTION *)sk_shift(a)) + #define sk_ACCESS_DESCRIPTION_pop(a) ((ACCESS_DESCRIPTION *)sk_pop(a)) + #define sk_ACCESS_DESCRIPTION_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) typedef struct DIST_POINT_NAME_st { @@ -204,6 +297,37 @@ STACK_OF(GENERAL_NAME) *CRLissuer; } DIST_POINT; DECLARE_STACK_OF(DIST_POINT) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_DIST_POINT_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_DIST_POINT_new_null() sk_new_null() + #define sk_DIST_POINT_free(a) sk_free(a) + #define sk_DIST_POINT_num(a) sk_num(a) + #define sk_DIST_POINT_value(a,b) ((DIST_POINT *) \ + sk_value((a),(b))) + #define sk_DIST_POINT_set(a,b,c) ((DIST_POINT *) \ + sk_set((a),(b),(char *)(c))) + #define sk_DIST_POINT_zero(a) sk_zero(a) + #define sk_DIST_POINT_push(a,b) sk_push((a),(char *)(b)) + #define sk_DIST_POINT_unshift(a,b) sk_unshift((a),(b)) + #define sk_DIST_POINT_find(a,b) sk_find((a), (char *)(b)) + #define sk_DIST_POINT_delete(a,b) ((DIST_POINT *) \ + sk_delete((a),(b))) + #define sk_DIST_POINT_delete_ptr(a,b) ((DIST_POINT *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_DIST_POINT_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_DIST_POINT_set_cmp_func(a,b) ((int (*) \ + (const DIST_POINT * const *,const DIST_POINT * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_DIST_POINT_dup(a) sk_dup(a) + #define sk_DIST_POINT_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_DIST_POINT_shift(a) ((DIST_POINT *)sk_shift(a)) + #define sk_DIST_POINT_pop(a) ((DIST_POINT *)sk_pop(a)) + #define sk_DIST_POINT_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(DIST_POINT) typedef struct AUTHORITY_KEYID_st { @@ -220,6 +344,37 @@ typedef struct SXNET_ID_st { } SXNETID; DECLARE_STACK_OF(SXNETID) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_SXNETID_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_SXNETID_new_null() sk_new_null() + #define sk_SXNETID_free(a) sk_free(a) + #define sk_SXNETID_num(a) sk_num(a) + #define sk_SXNETID_value(a,b) ((SXNETID *) \ + sk_value((a),(b))) + #define sk_SXNETID_set(a,b,c) ((SXNETID *) \ + sk_set((a),(b),(char *)(c))) + #define sk_SXNETID_zero(a) sk_zero(a) + #define sk_SXNETID_push(a,b) sk_push((a),(char *)(b)) + #define sk_SXNETID_unshift(a,b) sk_unshift((a),(b)) + #define sk_SXNETID_find(a,b) sk_find((a), (char *)(b)) + #define sk_SXNETID_delete(a,b) ((SXNETID *) \ + sk_delete((a),(b))) + #define sk_SXNETID_delete_ptr(a,b) ((SXNETID *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_SXNETID_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_SXNETID_set_cmp_func(a,b) ((int (*) \ + (const SXNETID * const *,const SXNETID * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_SXNETID_dup(a) sk_dup(a) + #define sk_SXNETID_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_SXNETID_shift(a) ((SXNETID *)sk_shift(a)) + #define sk_SXNETID_pop(a) ((SXNETID *)sk_pop(a)) + #define sk_SXNETID_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(SXNETID) typedef struct SXNET_st { @@ -247,6 +402,37 @@ typedef struct POLICYQUALINFO_st { } POLICYQUALINFO; DECLARE_STACK_OF(POLICYQUALINFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_POLICYQUALINFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_POLICYQUALINFO_new_null() sk_new_null() + #define sk_POLICYQUALINFO_free(a) sk_free(a) + #define sk_POLICYQUALINFO_num(a) sk_num(a) + #define sk_POLICYQUALINFO_value(a,b) ((POLICYQUALINFO *) \ + sk_value((a),(b))) + #define sk_POLICYQUALINFO_set(a,b,c) ((POLICYQUALINFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_POLICYQUALINFO_zero(a) sk_zero(a) + #define sk_POLICYQUALINFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_POLICYQUALINFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_POLICYQUALINFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_POLICYQUALINFO_delete(a,b) ((POLICYQUALINFO *) \ + sk_delete((a),(b))) + #define sk_POLICYQUALINFO_delete_ptr(a,b) ((POLICYQUALINFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_POLICYQUALINFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_POLICYQUALINFO_set_cmp_func(a,b) ((int (*) \ + (const POLICYQUALINFO * const *,const POLICYQUALINFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_POLICYQUALINFO_dup(a) sk_dup(a) + #define sk_POLICYQUALINFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_POLICYQUALINFO_shift(a) ((POLICYQUALINFO *)sk_shift(a)) + #define sk_POLICYQUALINFO_pop(a) ((POLICYQUALINFO *)sk_pop(a)) + #define sk_POLICYQUALINFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(POLICYQUALINFO) typedef struct POLICYINFO_st { @@ -255,6 +441,37 @@ typedef struct POLICYINFO_st { } POLICYINFO; DECLARE_STACK_OF(POLICYINFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_POLICYINFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_POLICYINFO_new_null() sk_new_null() + #define sk_POLICYINFO_free(a) sk_free(a) + #define sk_POLICYINFO_num(a) sk_num(a) + #define sk_POLICYINFO_value(a,b) ((POLICYINFO *) \ + sk_value((a),(b))) + #define sk_POLICYINFO_set(a,b,c) ((POLICYINFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_POLICYINFO_zero(a) sk_zero(a) + #define sk_POLICYINFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_POLICYINFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_POLICYINFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_POLICYINFO_delete(a,b) ((POLICYINFO *) \ + sk_delete((a),(b))) + #define sk_POLICYINFO_delete_ptr(a,b) ((POLICYINFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_POLICYINFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_POLICYINFO_set_cmp_func(a,b) ((int (*) \ + (const POLICYINFO * const *,const POLICYINFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_POLICYINFO_dup(a) sk_dup(a) + #define sk_POLICYINFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_POLICYINFO_shift(a) ((POLICYINFO *)sk_shift(a)) + #define sk_POLICYINFO_pop(a) ((POLICYINFO *)sk_pop(a)) + #define sk_POLICYINFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(POLICYINFO) #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ @@ -334,7 +551,8 @@ typedef struct x509_purpose_st { int purpose; int trust; /* Default trust ID */ int flags; - int (*check_purpose)(struct x509_purpose_st *, X509 *, int); + int (*check_purpose)(const struct x509_purpose_st *, + const X509 *, int); char *name; char *sname; void *usr_data; @@ -352,6 +570,37 @@ typedef struct x509_purpose_st { #define X509_PURPOSE_MAX 7 DECLARE_STACK_OF(X509_PURPOSE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_PURPOSE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_PURPOSE_new_null() sk_new_null() + #define sk_X509_PURPOSE_free(a) sk_free(a) + #define sk_X509_PURPOSE_num(a) sk_num(a) + #define sk_X509_PURPOSE_value(a,b) ((X509_PURPOSE *) \ + sk_value((a),(b))) + #define sk_X509_PURPOSE_set(a,b,c) ((X509_PURPOSE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_PURPOSE_zero(a) sk_zero(a) + #define sk_X509_PURPOSE_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_PURPOSE_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_PURPOSE_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_PURPOSE_delete(a,b) ((X509_PURPOSE *) \ + sk_delete((a),(b))) + #define sk_X509_PURPOSE_delete_ptr(a,b) ((X509_PURPOSE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_PURPOSE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_PURPOSE_set_cmp_func(a,b) ((int (*) \ + (const X509_PURPOSE * const *,const X509_PURPOSE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_PURPOSE_dup(a) sk_dup(a) + #define sk_X509_PURPOSE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_PURPOSE_shift(a) ((X509_PURPOSE *)sk_shift(a)) + #define sk_X509_PURPOSE_pop(a) ((X509_PURPOSE *)sk_pop(a)) + #define sk_X509_PURPOSE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ void ERR_load_X509V3_strings(void); int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp); @@ -536,7 +785,7 @@ X509_PURPOSE * X509_PURPOSE_get0(int idx); int X509_PURPOSE_get_by_sname(char *sname); int X509_PURPOSE_get_by_id(int id); int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(X509_PURPOSE *, X509 *, int), + int (*ck)(const X509_PURPOSE *, const X509 *, int), char *name, char *sname, void *arg); char *X509_PURPOSE_get0_name(X509_PURPOSE *xp); char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); diff --git a/demos/b64.c b/demos/b64.c index ad86bc9b49ad7..8e248e7e72854 100644 --- a/demos/b64.c +++ b/demos/b64.c @@ -177,11 +177,11 @@ char **argv; if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize); } - strbuf=Malloc(SIZE); - buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize)); + strbuf=OPENSSL_malloc(SIZE); + buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize)); if ((buff == NULL) || (strbuf == NULL)) { - BIO_printf(bio_err,"Malloc failure\n"); + BIO_printf(bio_err,"OPENSSL_malloc failure\n"); goto end; } @@ -259,8 +259,8 @@ char **argv; BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out)); } end: - if (strbuf != NULL) Free(strbuf); - if (buff != NULL) Free(buff); + if (strbuf != NULL) OPENSSL_free(strbuf); + if (buff != NULL) OPENSSL_free(buff); if (in != NULL) BIO_free(in); if (out != NULL) BIO_free(out); if (benc != NULL) BIO_free(benc); diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod index 2fc61b6c2172b..76b9ccc302b0e 100644 --- a/doc/apps/openssl.pod +++ b/doc/apps/openssl.pod @@ -83,9 +83,10 @@ CRL to PKCS#7 Conversion. Message Digest Calculation. -=item L|dh(1)> +=item B -Diffie-Hellman Data Management. +Diffie-Hellman Parameter Management. +Obsoleted by L|dhparam(1)>. =item L|dsa(1)> @@ -103,9 +104,14 @@ Encoding with Ciphers. Error Number to Error String Conversion. -=item L|gendh(1)> +=item L|dhparam(1)> + +Generation and Management of Diffie-Hellman Parameters. + +=item B Generation of Diffie-Hellman Parameters. +Obsoleted by L|dhparam(1)>. =item L|gendsa(1)> diff --git a/doc/apps/req.pod b/doc/apps/req.pod index fde6ff2e9fe46..7c7a5d86b3089 100644 --- a/doc/apps/req.pod +++ b/doc/apps/req.pod @@ -158,6 +158,7 @@ when the B<-x509> option is being used this specifies the number of days to certify the certificate for. The default is 30 days. =item B<-extensions section> + =item B<-reqexts section> these options specify alternative sections to include certificate diff --git a/doc/crypto/RSA_public_encrypt.pod b/doc/crypto/RSA_public_encrypt.pod index 910c4752b8d5c..02edb7aa756f8 100644 --- a/doc/crypto/RSA_public_encrypt.pod +++ b/doc/crypto/RSA_public_encrypt.pod @@ -47,7 +47,7 @@ Encrypting user data directly with RSA is insecure. =back B must be less than RSA_size(B) - 11 for the PKCS #1 v1.5 -based padding modes, and less than RSA_size(B) - 21 for +based padding modes, and less than RSA_size(B) - 41 for RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded prior to calling RSA_public_encrypt(). diff --git a/e_os.h b/e_os.h index 4c39cb02380fb..948a8bfd7e1b6 100644 --- a/e_os.h +++ b/e_os.h @@ -108,11 +108,11 @@ extern "C" { # define MS_STATIC #endif -#if defined(_WIN32) && !defined(WIN32) +#if defined(_WIN32) && !defined(WIN32) && !defined(__CYGWIN32__) # define WIN32 #endif -#if defined(WIN32) || defined(WIN16) +#if (defined(WIN32) || defined(WIN16)) && !defined(__CYGWIN32__) # ifndef WINDOWS # define WINDOWS # endif @@ -136,7 +136,7 @@ extern "C" { #define clear_sys_error() errno=0 #endif -#ifdef WINDOWS +#if defined(WINDOWS) && !defined(__CYGWIN32__) #define get_last_socket_error() WSAGetLastError() #define clear_socket_error() WSASetLastError(0) #define readsocket(s,b,n) recv((s),(b),(n),0) @@ -170,7 +170,7 @@ extern "C" { # define NO_FP_API #endif -#if defined(WINDOWS) || defined(MSDOS) +#if (defined(WINDOWS) || defined(MSDOS)) && !defined(__CYGWIN32__) # ifndef S_IFDIR # define S_IFDIR _S_IFDIR @@ -403,9 +403,8 @@ extern HINSTANCE _hInstance; #endif #endif -#if defined(sun) && !defined(__svr4__) -#define memmove(s1,s2,b) bcopy((s2),(s1),(n)) -#define strtoul(s,e,b) ((unsigned long int)strtol((s),(e),(b))) +#if defined(sun) && !defined(__svr4__) && !defined(__SVR4) +#define memmove(s1,s2,n) bcopy((s2),(s1),(n)) #endif /***********************************************/ diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index ae99a6aceb0ab..f6396db82edc1 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -105,7 +105,7 @@ static int ssl_new(BIO *bi) { BIO_SSL *bs; - bs=(BIO_SSL *)Malloc(sizeof(BIO_SSL)); + bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL)); if (bs == NULL) { BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE); @@ -133,7 +133,7 @@ static int ssl_free(BIO *a) a->flags=0; } if (a->ptr != NULL) - Free(a->ptr); + OPENSSL_free(a->ptr); return(1); } diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 6a3bbb10b953a..930769be0d197 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -297,7 +297,7 @@ int ssl23_get_client_hello(SSL *s) if (n <= 0) return(n); p=s->packet; - if ((buf=Malloc(n)) == NULL) + if ((buf=OPENSSL_malloc(n)) == NULL) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); goto err; @@ -559,10 +559,10 @@ int ssl23_get_client_hello(SSL *s) } s->init_num=0; - if (buf != buf_space) Free(buf); + if (buf != buf_space) OPENSSL_free(buf); s->first_packet=1; return(SSL_accept(s)); err: - if (buf != buf_space) Free(buf); + if (buf != buf_space) OPENSSL_free(buf); return(-1); } diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c index a9458e7fa7208..35acdf8276d21 100644 --- a/ssl/s2_enc.c +++ b/ssl/s2_enc.c @@ -80,11 +80,11 @@ int ssl2_enc_init(SSL *s, int client) if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; rs= s->enc_read_ctx; diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 5ddba23a06620..8c9d992541bdb 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -267,12 +267,12 @@ int ssl2_new(SSL *s) { SSL2_STATE *s2; - if ((s2=Malloc(sizeof *s2)) == NULL) goto err; + if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; memset(s2,0,sizeof *s2); - if ((s2->rbuf=Malloc( + if ((s2->rbuf=OPENSSL_malloc( SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; - if ((s2->wbuf=Malloc( + if ((s2->wbuf=OPENSSL_malloc( SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; s->s2=s2; @@ -281,9 +281,9 @@ int ssl2_new(SSL *s) err: if (s2 != NULL) { - if (s2->wbuf != NULL) Free(s2->wbuf); - if (s2->rbuf != NULL) Free(s2->rbuf); - Free(s2); + if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); + if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); + OPENSSL_free(s2); } return(0); } @@ -296,10 +296,10 @@ void ssl2_free(SSL *s) return; s2=s->s2; - if (s2->rbuf != NULL) Free(s2->rbuf); - if (s2->wbuf != NULL) Free(s2->wbuf); + if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); + if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); memset(s2,0,sizeof *s2); - Free(s2); + OPENSSL_free(s2); s->s2=NULL; } diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 332e284451180..1ed02540aec4d 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -898,7 +898,7 @@ static int request_certificate(SSL *s) EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); - buf2=Malloc((unsigned int)i); + buf2=OPENSSL_malloc((unsigned int)i); if (buf2 == NULL) { SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); @@ -907,7 +907,7 @@ static int request_certificate(SSL *s) p2=buf2; i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2); EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i); - Free(buf2); + OPENSSL_free(buf2); pkey=X509_get_pubkey(x509); if (pkey == NULL) goto end; diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 03e0c38770b10..d92c164b0fa91 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -567,7 +567,7 @@ int ssl3_setup_buffers(SSL *s) extra=SSL3_RT_MAX_EXTRA; else extra=0; - if ((p=Malloc(SSL3_RT_MAX_PACKET_SIZE+extra)) + if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE+extra)) == NULL) goto err; s->s3->rbuf.buf=p; @@ -575,7 +575,7 @@ int ssl3_setup_buffers(SSL *s) if (s->s3->wbuf.buf == NULL) { - if ((p=Malloc(SSL3_RT_MAX_PACKET_SIZE)) + if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE)) == NULL) goto err; s->s3->wbuf.buf=p; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 6a09d6aa8a1e9..19777079477a5 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -69,7 +69,7 @@ static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); static int ssl3_get_server_hello(SSL *s); static int ssl3_get_certificate_request(SSL *s); -static int ca_dn_cmp(X509_NAME **a,X509_NAME **b); +static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); static int ssl3_get_server_done(SSL *s); static int ssl3_send_client_verify(SSL *s); static int ssl3_send_client_certificate(SSL *s); @@ -1275,7 +1275,7 @@ fclose(out); return(ret); } -static int ca_dn_cmp(X509_NAME **a, X509_NAME **b) +static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b) { return(X509_NAME_cmp(*a,*b)); } diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index df4acab3d0281..012a4b8740772 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -150,7 +150,7 @@ int ssl3_change_cipher_state(SSL *s, int which) { if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; dd= s->enc_read_ctx; s->read_hash=m; @@ -170,7 +170,7 @@ int ssl3_change_cipher_state(SSL *s, int which) } if (s->s3->rrec.comp == NULL) s->s3->rrec.comp=(unsigned char *) - Malloc(SSL3_RT_MAX_PLAIN_LENGTH); + OPENSSL_malloc(SSL3_RT_MAX_PLAIN_LENGTH); if (s->s3->rrec.comp == NULL) goto err; } @@ -181,7 +181,7 @@ int ssl3_change_cipher_state(SSL *s, int which) { if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; dd= s->enc_write_ctx; s->write_hash=m; @@ -300,7 +300,7 @@ int ssl3_setup_key_block(SSL *s) ssl3_cleanup_key_block(s); - if ((p=Malloc(num)) == NULL) + if ((p=OPENSSL_malloc(num)) == NULL) goto err; s->s3->tmp.key_block_length=num; @@ -320,7 +320,7 @@ void ssl3_cleanup_key_block(SSL *s) { memset(s->s3->tmp.key_block,0, s->s3->tmp.key_block_length); - Free(s->s3->tmp.key_block); + OPENSSL_free(s->s3->tmp.key_block); s->s3->tmp.key_block=NULL; } s->s3->tmp.key_block_length=0; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 7ada26cbb693b..9b664ab4cb76d 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -648,7 +648,7 @@ int ssl3_new(SSL *s) { SSL3_STATE *s3; - if ((s3=Malloc(sizeof *s3)) == NULL) goto err; + if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; memset(s3,0,sizeof *s3); s->s3=s3; @@ -666,11 +666,11 @@ void ssl3_free(SSL *s) ssl3_cleanup_key_block(s); if (s->s3->rbuf.buf != NULL) - Free(s->s3->rbuf.buf); + OPENSSL_free(s->s3->rbuf.buf); if (s->s3->wbuf.buf != NULL) - Free(s->s3->wbuf.buf); + OPENSSL_free(s->s3->wbuf.buf); if (s->s3->rrec.comp != NULL) - Free(s->s3->rrec.comp); + OPENSSL_free(s->s3->rrec.comp); #ifndef NO_DH if (s->s3->tmp.dh != NULL) DH_free(s->s3->tmp.dh); @@ -678,7 +678,7 @@ void ssl3_free(SSL *s) if (s->s3->tmp.ca_names != NULL) sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); memset(s->s3,0,sizeof *s->s3); - Free(s->s3); + OPENSSL_free(s->s3); s->s3=NULL; } @@ -692,7 +692,7 @@ void ssl3_clear(SSL *s) if (s->s3->rrec.comp != NULL) { - Free(s->s3->rrec.comp); + OPENSSL_free(s->s3->rrec.comp); s->s3->rrec.comp=NULL; } #ifndef NO_DH diff --git a/ssl/ssl.h b/ssl/ssl.h index f7c91b80e08bd..16fe6940b8248 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -183,6 +183,37 @@ typedef struct ssl_cipher_st } SSL_CIPHER; DECLARE_STACK_OF(SSL_CIPHER) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_SSL_CIPHER_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_SSL_CIPHER_new_null() sk_new_null() + #define sk_SSL_CIPHER_free(a) sk_free(a) + #define sk_SSL_CIPHER_num(a) sk_num(a) + #define sk_SSL_CIPHER_value(a,b) ((SSL_CIPHER *) \ + sk_value((a),(b))) + #define sk_SSL_CIPHER_set(a,b,c) ((SSL_CIPHER *) \ + sk_set((a),(b),(char *)(c))) + #define sk_SSL_CIPHER_zero(a) sk_zero(a) + #define sk_SSL_CIPHER_push(a,b) sk_push((a),(char *)(b)) + #define sk_SSL_CIPHER_unshift(a,b) sk_unshift((a),(b)) + #define sk_SSL_CIPHER_find(a,b) sk_find((a), (char *)(b)) + #define sk_SSL_CIPHER_delete(a,b) ((SSL_CIPHER *) \ + sk_delete((a),(b))) + #define sk_SSL_CIPHER_delete_ptr(a,b) ((SSL_CIPHER *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_SSL_CIPHER_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_SSL_CIPHER_set_cmp_func(a,b) ((int (*) \ + (const SSL_CIPHER * const *,const SSL_CIPHER * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_SSL_CIPHER_dup(a) sk_dup(a) + #define sk_SSL_CIPHER_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_SSL_CIPHER_shift(a) ((SSL_CIPHER *)sk_shift(a)) + #define sk_SSL_CIPHER_pop(a) ((SSL_CIPHER *)sk_pop(a)) + #define sk_SSL_CIPHER_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ typedef struct ssl_st SSL; typedef struct ssl_ctx_st SSL_CTX; @@ -362,6 +393,37 @@ typedef struct ssl_comp_st } SSL_COMP; DECLARE_STACK_OF(SSL_COMP) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_SSL_COMP_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_SSL_COMP_new_null() sk_new_null() + #define sk_SSL_COMP_free(a) sk_free(a) + #define sk_SSL_COMP_num(a) sk_num(a) + #define sk_SSL_COMP_value(a,b) ((SSL_COMP *) \ + sk_value((a),(b))) + #define sk_SSL_COMP_set(a,b,c) ((SSL_COMP *) \ + sk_set((a),(b),(char *)(c))) + #define sk_SSL_COMP_zero(a) sk_zero(a) + #define sk_SSL_COMP_push(a,b) sk_push((a),(char *)(b)) + #define sk_SSL_COMP_unshift(a,b) sk_unshift((a),(b)) + #define sk_SSL_COMP_find(a,b) sk_find((a), (char *)(b)) + #define sk_SSL_COMP_delete(a,b) ((SSL_COMP *) \ + sk_delete((a),(b))) + #define sk_SSL_COMP_delete_ptr(a,b) ((SSL_COMP *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_SSL_COMP_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_SSL_COMP_set_cmp_func(a,b) ((int (*) \ + (const SSL_COMP * const *,const SSL_COMP * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_SSL_COMP_dup(a) sk_dup(a) + #define sk_SSL_COMP_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_SSL_COMP_shift(a) ((SSL_COMP *)sk_shift(a)) + #define sk_SSL_COMP_pop(a) ((SSL_COMP *)sk_pop(a)) + #define sk_SSL_COMP_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ struct ssl_ctx_st { diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index e77cdddfd3f86..fa6456e4f5e89 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -92,7 +92,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) /* Note that I cheat in the following 2 assignments. I know * that if the ASN1_INTEGER passed to ASN1_INTEGER_set - * is > sizeof(long)+1, the buffer will not be re-Malloc()ed. + * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed. * This is a bit evil but makes things simple, no dynamic allocation * to clean up :-) */ a.version.length=LSIZE2; @@ -223,13 +223,13 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, ai.data=NULL; ai.length=0; M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); version=(int)ASN1_INTEGER_get(aip); - if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; } + if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } /* we don't care about the version right now :-) */ M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); ssl_version=(int)ASN1_INTEGER_get(aip); ret->ssl_version=ssl_version; - if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; } + if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } os.data=NULL; os.length=0; M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); @@ -291,14 +291,14 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, else ret->key_arg_length=os.length; memcpy(ret->key_arg,os.data,ret->key_arg_length); - if (os.data != NULL) Free(os.data); + if (os.data != NULL) OPENSSL_free(os.data); ai.length=0; M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1); if (ai.data != NULL) { ret->time=ASN1_INTEGER_get(aip); - Free(ai.data); ai.data=NULL; ai.length=0; + OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } else ret->time=time(NULL); @@ -308,7 +308,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, if (ai.data != NULL) { ret->timeout=ASN1_INTEGER_get(aip); - Free(ai.data); ai.data=NULL; ai.length=0; + OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } else ret->timeout=3; @@ -330,7 +330,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); ret->sid_ctx_length=os.length; memcpy(ret->sid_ctx,os.data,os.length); - Free(os.data); os.data=NULL; os.length=0; + OPENSSL_free(os.data); os.data=NULL; os.length=0; } else ret->sid_ctx_length=0; @@ -340,7 +340,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, if (ai.data != NULL) { ret->verify_result=ASN1_INTEGER_get(aip); - Free(ai.data); ai.data=NULL; ai.length=0; + OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } else ret->verify_result=X509_V_OK; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index e134e6f3e0e64..7579a3432d92a 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -143,7 +143,7 @@ CERT *ssl_cert_new(void) { CERT *ret; - ret=(CERT *)Malloc(sizeof(CERT)); + ret=(CERT *)OPENSSL_malloc(sizeof(CERT)); if (ret == NULL) { SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE); @@ -162,7 +162,7 @@ CERT *ssl_cert_dup(CERT *cert) CERT *ret; int i; - ret = (CERT *)Malloc(sizeof(CERT)); + ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); if (ret == NULL) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); @@ -331,7 +331,7 @@ void ssl_cert_free(CERT *c) EVP_PKEY_free(c->pkeys[i].publickey); #endif } - Free(c); + OPENSSL_free(c); } int ssl_cert_inst(CERT **o) @@ -367,7 +367,7 @@ SESS_CERT *ssl_sess_cert_new(void) { SESS_CERT *ret; - ret = Malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof *ret); if (ret == NULL) { SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); @@ -426,7 +426,7 @@ void ssl_sess_cert_free(SESS_CERT *sc) DH_free(sc->peer_dh_tmp); #endif - Free(sc); + OPENSSL_free(sc); } int ssl_set_peer_cert_type(SESS_CERT *sc,int type) @@ -568,7 +568,7 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x) return(add_client_CA(&(ctx->client_CA),x)); } -static int xname_cmp(X509_NAME **a,X509_NAME **b) +static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) { return(X509_NAME_cmp(*a,*b)); } @@ -649,7 +649,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, X509 *x=NULL; X509_NAME *xn=NULL; int ret=1; - int (*oldcmp)(X509_NAME **a, X509_NAME **b); + int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b); oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index a5b2b970567e7..ce73213b127f7 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -518,7 +518,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p, curr = curr->next; } - number_uses = Malloc((max_strength_bits + 1) * sizeof(int)); + number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); if (!number_uses) { SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE); @@ -545,7 +545,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p, ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i, list, head_p, tail_p); - Free(number_uses); + OPENSSL_free(number_uses); return(1); } @@ -738,7 +738,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, * it is used for allocation. */ num_of_ciphers = ssl_method->num_ciphers(); - list = (CIPHER_ORDER *)Malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); + list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); if (list == NULL) { SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); @@ -759,10 +759,10 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; ca_list = - (SSL_CIPHER **)Malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); + (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); if (ca_list == NULL) { - Free(list); + OPENSSL_free(list); SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); return(NULL); /* Failure */ } @@ -788,11 +788,11 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail, ca_list); - Free(ca_list); /* Not needed anymore */ + OPENSSL_free(ca_list); /* Not needed anymore */ if (!ok) { /* Rule processing failure */ - Free(list); + OPENSSL_free(list); return(NULL); } /* @@ -801,7 +801,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, */ if ((cipherstack = sk_SSL_CIPHER_new(NULL)) == NULL) { - Free(list); + OPENSSL_free(list); return(NULL); } @@ -819,7 +819,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, #endif } } - Free(list); /* Not needed any longer */ + OPENSSL_free(list); /* Not needed any longer */ /* * The following passage is a little bit odd. If pointer variables @@ -976,8 +976,8 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) if (buf == NULL) { len=128; - buf=Malloc(len); - if (buf == NULL) return("Malloc Error"); + buf=OPENSSL_malloc(len); + if (buf == NULL) return("OPENSSL_malloc Error"); } else if (len < 128) return("Buffer too small"); @@ -1037,7 +1037,8 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) return(NULL); } -static int sk_comp_cmp(SSL_COMP **a,SSL_COMP **b) +static int sk_comp_cmp(const SSL_COMP * const *a, + const SSL_COMP * const *b) { return((*a)->id-(*b)->id); } @@ -1052,7 +1053,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) SSL_COMP *comp; STACK_OF(SSL_COMP) *sk; - comp=(SSL_COMP *)Malloc(sizeof(SSL_COMP)); + comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); comp->id=id; comp->method=cm; if (ssl_comp_methods == NULL) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c515c41b4e750..ee840f09c593e 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -183,7 +183,7 @@ SSL *SSL_new(SSL_CTX *ctx) return(NULL); } - s=(SSL *)Malloc(sizeof(SSL)); + s=(SSL *)OPENSSL_malloc(sizeof(SSL)); if (s == NULL) goto err; memset(s,0,sizeof(SSL)); @@ -239,7 +239,7 @@ SSL *SSL_new(SSL_CTX *ctx) ssl_cert_free(s->cert); if (s->ctx != NULL) SSL_CTX_free(s->ctx); /* decrement reference count */ - Free(s); + OPENSSL_free(s); } SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -375,7 +375,7 @@ void SSL_free(SSL *s) if (s->method != NULL) s->method->ssl_free(s); - Free(s); + OPENSSL_free(s); } void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio) @@ -874,7 +874,7 @@ long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)()) } } -int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b) +int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) { long l; @@ -885,7 +885,8 @@ int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b) return((l > 0)?1:-1); } -int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp) +int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, + const SSL_CIPHER * const *bp) { long l; @@ -1099,7 +1100,7 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; } - ret=(SSL_CTX *)Malloc(sizeof(SSL_CTX)); + ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX)); if (ret == NULL) goto err; @@ -1195,7 +1196,7 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) } static void SSL_COMP_free(SSL_COMP *comp) - { Free(comp); } + { OPENSSL_free(comp); } void SSL_CTX_free(SSL_CTX *a) { @@ -1236,7 +1237,7 @@ void SSL_CTX_free(SSL_CTX *a) sk_X509_pop_free(a->extra_certs,X509_free); if (a->comp_methods != NULL) sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free); - Free(a); + OPENSSL_free(a); } void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) @@ -1759,13 +1760,13 @@ void ssl_clear_cipher_ctx(SSL *s) if (s->enc_read_ctx != NULL) { EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); - Free(s->enc_read_ctx); + OPENSSL_free(s->enc_read_ctx); s->enc_read_ctx=NULL; } if (s->enc_write_ctx != NULL) { EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); - Free(s->enc_write_ctx); + OPENSSL_free(s->enc_write_ctx); s->enc_write_ctx=NULL; } if (s->expand != NULL) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 9a52bab254ab0..d70fff4627d68 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -423,8 +423,9 @@ void ssl_sess_cert_free(SESS_CERT *sc); int ssl_set_peer_cert_type(SESS_CERT *c, int type); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, unsigned char *session,int len); -int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b); -int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp); +int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b); +int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, + const SSL_CIPHER * const *bp); STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, STACK_OF(SSL_CIPHER) **skp); int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 9e01f72753213..416def8908e82 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -111,7 +111,7 @@ SSL_SESSION *SSL_SESSION_new(void) { SSL_SESSION *ss; - ss=(SSL_SESSION *)Malloc(sizeof(SSL_SESSION)); + ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION)); if (ss == NULL) { SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE); @@ -310,7 +310,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) #if 0 /* This is way too late. */ /* If a thread got the session, then 'swaped', and another got - * it and then due to a time-out decided to 'Free' it we could + * it and then due to a time-out decided to 'OPENSSL_free' it we could * be in trouble. So I'll increment it now, then double decrement * later - am I speaking rubbish?. */ CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); @@ -474,7 +474,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) if (ss->peer != NULL) X509_free(ss->peer); if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); memset(ss,0,sizeof(*ss)); - Free(ss); + OPENSSL_free(ss); } int SSL_set_session(SSL *s, SSL_SESSION *session) diff --git a/ssl/ssltest.c b/ssl/ssltest.c index caf5876e5a2f3..2ef8a50785b77 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -1193,7 +1193,7 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) ret=0; err: /* We have to set the BIO's to NULL otherwise they will be - * Free()ed twice. Once when th s_ssl is SSL_free()ed and + * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and * again when c_ssl is SSL_free()ed. * This is a hack required because s_ssl and c_ssl are sharing the same * BIO structure and SSL_set_bio() and SSL_free() automatically diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 279e45db5dd59..0d34357eb474e 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -178,7 +178,7 @@ int tls1_change_cipher_state(SSL *s, int which) { if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; dd= s->enc_read_ctx; s->read_hash=m; @@ -197,7 +197,7 @@ int tls1_change_cipher_state(SSL *s, int which) } if (s->s3->rrec.comp == NULL) s->s3->rrec.comp=(unsigned char *) - Malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); + OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); if (s->s3->rrec.comp == NULL) goto err; } @@ -208,7 +208,7 @@ int tls1_change_cipher_state(SSL *s, int which) { if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; dd= s->enc_write_ctx; s->write_hash=m; @@ -355,9 +355,9 @@ int tls1_setup_key_block(SSL *s) ssl3_cleanup_key_block(s); - if ((p1=(unsigned char *)Malloc(num)) == NULL) + if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL) goto err; - if ((p2=(unsigned char *)Malloc(num)) == NULL) + if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL) goto err; s->s3->tmp.key_block_length=num; @@ -374,7 +374,7 @@ printf("pre-master\n"); #endif tls1_generate_key_block(s,p1,p2,num); memset(p2,0,num); - Free(p2); + OPENSSL_free(p2); #ifdef TLS_DEBUG printf("\nkey block\n"); { int z; for (z=0; z$report") or die; @@ -76,16 +77,18 @@ print "Checking compiler...\n"; if (open(TEST,">cctest.c")) { - print TEST "#include \nmain(){printf(\"Hello world\\n\");}\n"; + print TEST "#include \n#include \nmain(){printf(\"Hello world\\n\");}\n"; close(TEST); system("$cc -o cctest cctest.c"); if (`./cctest` !~ /Hello world/) { print OUT "Compiler doesn't work.\n"; + print OUT $not_our_fault; goto err; } system("ar r cctest.a /dev/null"); if (not -f "cctest.a") { print OUT "Check your archive tool (ar).\n"; + print OUT $not_our_fault; goto err; } } else { @@ -102,6 +105,7 @@ } else { print OUT "Can't compile test program!\n"; } + print OUT $not_our_fault; goto err; } } else { @@ -133,6 +137,13 @@ goto err; } +if (`echo 4+1 | bc` != 5) +{ + print OUT "Can't run bc! Test skipped.\n"; + print OUT $not_our_fault; + goto err; +} + print "Running make test...\n"; if (system("make test 2>&1 | tee maketest.log") > 255) { diff --git a/util/ssleay.num b/util/ssleay.num index 32b2e960c4aa3..047950d899345 100755 --- a/util/ssleay.num +++ b/util/ssleay.num @@ -169,51 +169,13 @@ SSL_set_tmp_rsa_callback 186 SSL_set_tmp_dh_callback 187 SSL_add_dir_cert_subjects_to_stack 188 SSL_set_session_id_context 189 -sk_SSL_CIPHER_new 190 -sk_SSL_CIPHER_new_null 191 -sk_SSL_CIPHER_free 192 -sk_SSL_CIPHER_num 193 -sk_SSL_CIPHER_value 194 -sk_SSL_CIPHER_set 195 -sk_SSL_CIPHER_zero 196 -sk_SSL_CIPHER_push 197 -sk_SSL_CIPHER_pop 198 -sk_SSL_CIPHER_find 199 -sk_SSL_CIPHER_delete 200 -sk_SSL_CIPHER_delete_ptr 201 -sk_SSL_CIPHER_set_cmp_func 202 -sk_SSL_CIPHER_dup 203 -sk_SSL_CIPHER_pop_free 204 -sk_SSL_CIPHER_shift 205 -sk_SSL_COMP_new 206 -sk_SSL_COMP_new_null 207 -sk_SSL_COMP_free 208 -sk_SSL_COMP_num 209 -sk_SSL_COMP_value 210 -sk_SSL_COMP_set 211 -sk_SSL_COMP_zero 212 -sk_SSL_COMP_push 213 -sk_SSL_COMP_pop 214 -sk_SSL_COMP_find 215 -sk_SSL_COMP_delete 216 -sk_SSL_COMP_delete_ptr 217 -sk_SSL_COMP_set_cmp_func 218 -sk_SSL_COMP_dup 219 -sk_SSL_COMP_pop_free 220 -sk_SSL_COMP_shift 221 SSL_CTX_use_certificate_chain_file 222 -sk_SSL_COMP_insert 223 -sk_SSL_CIPHER_insert 224 SSL_CTX_set_verify_depth 225 SSL_set_verify_depth 226 -sk_SSL_CIPHER_unshift 227 SSL_CTX_get_verify_depth 228 SSL_get_verify_depth 229 -sk_SSL_COMP_unshift 230 SSL_CTX_set_session_id_context 231 SSL_CTX_set_cert_verify_callback 232 -sk_SSL_COMP_sort 233 -sk_SSL_CIPHER_sort 234 SSL_CTX_set_default_passwd_cb_userdata 235 SSL_set_purpose 236 SSL_CTX_set_trust 237