diff options
| author | Richard Levitte <levitte@openssl.org> | 2000-06-08 11:00:37 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2000-06-08 11:00:37 +0000 |
| commit | d44c7dcf002c8ee3d99e3387024871eddaf2f646 (patch) | |
| tree | f9f32a92b13ff6ae76fc6f2c3e05a115c4e266ad /crypto | |
| parent | 5decfb7002045801b1cbc9a6ff5c99408727c4a7 (diff) | |
| download | openssl-d44c7dcf002c8ee3d99e3387024871eddaf2f646.tar.gz | |
Merge in code from main trunk to BRANCH_engine.
Diffstat (limited to 'crypto')
220 files changed, 2346 insertions, 1137 deletions
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index c77456b315..f6cadc530a 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -159,7 +159,7 @@ ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, if (len-- > 1) /* using one because of the bits left byte */ { - s=(unsigned char *)Malloc((int)len); + s=(unsigned char *)OPENSSL_malloc((int)len); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -173,7 +173,7 @@ ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, s=NULL; ret->length=(int)len; - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->type=V_ASN1_BIT_STRING; if (a != NULL) (*a)=ret; @@ -204,9 +204,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) { if (!value) return(1); /* Don't need to set */ if (a->data == NULL) - c=(unsigned char *)Malloc(w+1); + c=(unsigned char *)OPENSSL_malloc(w+1); else - c=(unsigned char *)Realloc(a->data,w+1); + c=(unsigned char *)OPENSSL_realloc(a->data,w+1); if (c == NULL) return(0); a->data=c; a->length=w+1; diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c index 8cde695804..3a0c0c7835 100644 --- a/crypto/asn1/a_bytes.c +++ b/crypto/asn1/a_bytes.c @@ -111,7 +111,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, if (len != 0) { - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -124,7 +124,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, else s=NULL; - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->length=(int)len; ret->data=s; ret->type=tag; @@ -218,8 +218,8 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, { if ((ret->length < len) || (ret->data == NULL)) { - if (ret->data != NULL) Free(ret->data); - s=(unsigned char *)Malloc((int)len + 1); + if (ret->data != NULL) OPENSSL_free(ret->data); + s=(unsigned char *)OPENSSL_malloc((int)len + 1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -235,7 +235,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, else { s=NULL; - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); } ret->length=(int)len; @@ -310,14 +310,14 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) if (!asn1_Finish(c)) goto err; a->length=num; - if (a->data != NULL) Free(a->data); + if (a->data != NULL) OPENSSL_free(a->data); a->data=(unsigned char *)b.data; if (os != NULL) ASN1_STRING_free(os); return(1); err: ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error); if (os != NULL) ASN1_STRING_free(os); - if (b.data != NULL) Free(b.data); + if (b.data != NULL) OPENSSL_free(b.data); return(0); } diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 3370aae998..8257b8639e 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -77,14 +77,14 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, unsigned char *str,*p; i=i2d(data,NULL); - if ((str=(unsigned char *)Malloc(i)) == NULL) return(0); + if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0); p=str; i2d(data,&p); EVP_DigestInit(&ctx,type); EVP_DigestUpdate(&ctx,str,i); EVP_DigestFinal(&ctx,md,len); - Free(str); + OPENSSL_free(str); return(1); } diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index 3202a816d0..c3bda58a5d 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -71,13 +71,13 @@ char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) if (x == NULL) return(NULL); i=(long)i2d(x,NULL); - b=(unsigned char *)Malloc((unsigned int)i+10); + b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (b == NULL) { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); p= b; ret=d2i(NULL,&p,i); - Free(b); + OPENSSL_free(b); return(ret); } diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c index ccf62e5a04..572ba2e1b2 100644 --- a/crypto/asn1/a_enum.c +++ b/crypto/asn1/a_enum.c @@ -168,9 +168,9 @@ ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp, goto err; } - /* We must Malloc stuff, even for 0 bytes otherwise it + /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -219,7 +219,7 @@ ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp, p+=len; } - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -242,8 +242,8 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) if (a->length < (sizeof(long)+1)) { if (a->data != NULL) - Free(a->data); - if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) + OPENSSL_free(a->data); + if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) memset((char *)a->data,0,sizeof(long)+1); } if (a->data == NULL) @@ -318,7 +318,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) else ret->type=V_ASN1_ENUMERATED; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)Malloc(len+4); + ret->data=(unsigned char *)OPENSSL_malloc(len+4); ret->length=BN_bn2bin(bn,ret->data); return(ret); err: diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index 84062170e8..314479a03d 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -212,10 +212,10 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, p=(char *)s->data; if ((p == NULL) || (s->length < 16)) { - p=Malloc(20); + p=OPENSSL_malloc(20); if (p == NULL) return(NULL); if (s->data != NULL) - Free(s->data); + OPENSSL_free(s->data); s->data=(unsigned char *)p; } diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c index 434610e8e1..b1aad81f77 100644 --- a/crypto/asn1/a_hdr.c +++ b/crypto/asn1/a_hdr.c @@ -115,5 +115,5 @@ void ASN1_HEADER_free(ASN1_HEADER *a) M_ASN1_OCTET_STRING_free(a->header); if (a->meth != NULL) a->meth->destroy(a->data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c index d9b8035e17..aee29a7790 100644 --- a/crypto/asn1/a_i2d_fp.c +++ b/crypto/asn1/a_i2d_fp.c @@ -86,7 +86,7 @@ int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) int i,j=0,n,ret=1; n=i2d(x,NULL); - b=(char *)Malloc(n); + b=(char *)OPENSSL_malloc(n); if (b == NULL) { ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); @@ -108,6 +108,6 @@ int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) j+=i; n-=i; } - Free(b); + OPENSSL_free(b); return(ret); } diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index c6a6b725c6..82db75f5e1 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -193,9 +193,9 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, goto err; } - /* We must Malloc stuff, even for 0 bytes otherwise it + /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -248,7 +248,7 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, memcpy(s,p,(int)len); } - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -297,9 +297,9 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, goto err; } - /* We must Malloc stuff, even for 0 bytes otherwise it + /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)Malloc((int)len+1); + s=(unsigned char *)OPENSSL_malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -317,7 +317,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, p+=len; } - if (ret->data != NULL) Free(ret->data); + if (ret->data != NULL) OPENSSL_free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -340,8 +340,8 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) if (a->length < (sizeof(long)+1)) { if (a->data != NULL) - Free(a->data); - if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) + OPENSSL_free(a->data); + if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) memset((char *)a->data,0,sizeof(long)+1); } if (a->data == NULL) @@ -416,7 +416,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) else ret->type=V_ASN1_INTEGER; j=BN_num_bits(bn); len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)Malloc(len+4); + ret->data=(unsigned char *)OPENSSL_malloc(len+4); ret->length=BN_bn2bin(bn,ret->data); return(ret); err: diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c index 7a710d5459..42f5d3b01e 100644 --- a/crypto/asn1/a_mbstr.c +++ b/crypto/asn1/a_mbstr.c @@ -183,7 +183,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, dest = *out; if(dest->data) { dest->length = 0; - Free(dest->data); + OPENSSL_free(dest->data); dest->data = NULL; } dest->type = str_type; @@ -228,7 +228,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, cpyfunc = cpy_utf8; break; } - if(!(p = Malloc(outlen + 1))) { + if(!(p = OPENSSL_malloc(outlen + 1))) { ASN1_STRING_free(dest); ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); return -1; @@ -258,8 +258,8 @@ static int traverse_string(const unsigned char *p, int len, int inform, value |= *p++; len -= 2; } else if(inform == MBSTRING_UNIV) { - value = *p++ << 24; - value |= *p++ << 16; + value = ((unsigned long)*p++) << 24; + value |= ((unsigned long)*p++) << 16; value |= *p++ << 8; value |= *p++; len -= 4; diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 09d56fb669..7e1300021e 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -222,8 +222,8 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, } if ((ret->data == NULL) || (ret->length < len)) { - if (ret->data != NULL) Free(ret->data); - ret->data=(unsigned char *)Malloc(len ? (int)len : 1); + if (ret->data != NULL) OPENSSL_free(ret->data); + ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; if (ret->data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } @@ -249,7 +249,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) { ASN1_OBJECT *ret; - ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT)); + ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); @@ -270,19 +270,19 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a) if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) { #ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ - if (a->sn != NULL) Free((void *)a->sn); - if (a->ln != NULL) Free((void *)a->ln); + if (a->sn != NULL) OPENSSL_free((void *)a->sn); + if (a->ln != NULL) OPENSSL_free((void *)a->ln); #endif a->sn=a->ln=NULL; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { - if (a->data != NULL) Free(a->data); + if (a->data != NULL) OPENSSL_free(a->data); a->data=NULL; a->length=0; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) - Free(a); + OPENSSL_free(a); } ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index c2481e7597..8cde848689 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -116,7 +116,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, } pStart = p; /* Catch the beg of Setblobs*/ - rgSetBlob = (MYBLOB *)Malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array + rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array we will store the SET blobs */ for (i=0; i<sk_num(a); i++) @@ -133,7 +133,7 @@ SetBlob /* Now we have to sort the blobs. I am using a simple algo. *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/ qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp); - pTempMem = Malloc(totSize); + pTempMem = OPENSSL_malloc(totSize); /* Copy to temp mem */ p = pTempMem; @@ -145,8 +145,8 @@ SetBlob /* Copy back to user mem*/ memcpy(pStart, pTempMem, totSize); - Free(pTempMem); - Free(rgSetBlob); + OPENSSL_free(pTempMem); + OPENSSL_free(rgSetBlob); return(r); } diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index cfb4bca4f1..4c651706d2 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -108,9 +108,9 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, } } inl=i2d(data,NULL); - buf_in=(unsigned char *)Malloc((unsigned int)inl); + buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl); outll=outl=EVP_PKEY_size(pkey); - buf_out=(unsigned char *)Malloc((unsigned int)outl); + buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl); if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; @@ -129,7 +129,7 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); goto err; } - if (signature->data != NULL) Free(signature->data); + if (signature->data != NULL) OPENSSL_free(signature->data); signature->data=buf_out; buf_out=NULL; signature->length=outl; @@ -141,8 +141,8 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, err: memset(&ctx,0,sizeof(ctx)); if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); Free(buf_in); } + { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) - { memset((char *)buf_out,0,outll); Free(buf_out); } + { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } return(outl); } diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index ab8417ffab..4a65e4097b 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -65,7 +65,8 @@ static STACK_OF(ASN1_STRING_TABLE) *stable = NULL; static void st_free(ASN1_STRING_TABLE *tbl); -static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b); +static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, + const ASN1_STRING_TABLE * const *b); static int table_cmp(ASN1_STRING_TABLE *a, ASN1_STRING_TABLE *b); @@ -173,7 +174,8 @@ static ASN1_STRING_TABLE tbl_standard[] = { {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} }; -static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b) +static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, + const ASN1_STRING_TABLE * const *b) { return (*a)->nid - (*b)->nid; } @@ -213,7 +215,7 @@ int ASN1_STRING_TABLE_add(int nid, return 0; } if(!(tmp = ASN1_STRING_TABLE_get(nid))) { - tmp = Malloc(sizeof(ASN1_STRING_TABLE)); + tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); if(!tmp) { ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE); @@ -241,7 +243,7 @@ void ASN1_STRING_TABLE_cleanup(void) static void st_free(ASN1_STRING_TABLE *tbl) { - if(tbl->flags & STABLE_FLAGS_MALLOC) Free(tbl); + if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); } IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c index 161ef81197..3620e60e99 100644 --- a/crypto/asn1/a_type.c +++ b/crypto/asn1/a_type.c @@ -282,7 +282,7 @@ void ASN1_TYPE_free(ASN1_TYPE *a) { if (a == NULL) return; ASN1_TYPE_component_free(a); - Free(a); + OPENSSL_free(a); } int ASN1_TYPE_get(ASN1_TYPE *a) diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index b855867dc1..2ee572e228 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -248,10 +248,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) p=(char *)s->data; if ((p == NULL) || (s->length < 14)) { - p=Malloc(20); + p=OPENSSL_malloc(20); if (p == NULL) return(NULL); if (s->data != NULL) - Free(s->data); + OPENSSL_free(s->data); s->data=(unsigned char *)p; } @@ -291,5 +291,12 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) } #undef g2 - return mktime(&tm)-offset*60; + return mktime(&tm)-offset*60; /* FIXME: mktime assumes the current timezone + * instead of UTC, and unless we rewrite OpenSSL + * in Lisp we cannot locally change the timezone + * without possibly interfering with other parts + * of the program. timegm, which uses UTC, is + * non-standard. + * Also time_t is inappropriate for general + * UTC times because it may a 32 bit type. */ } diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c index b5125af224..854278f136 100644 --- a/crypto/asn1/a_utf8.c +++ b/crypto/asn1/a_utf8.c @@ -133,7 +133,7 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val) if( ((p[1] & 0xc0) != 0x80) || ((p[2] & 0xc0) != 0x80) || ((p[3] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0x7) << 18; + value = ((unsigned long)(*p++ & 0x7)) << 18; value |= (*p++ & 0x3f) << 12; value |= (*p++ & 0x3f) << 6; value |= *p++ & 0x3f; @@ -145,9 +145,9 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val) || ((p[2] & 0xc0) != 0x80) || ((p[3] & 0xc0) != 0x80) || ((p[4] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0x3) << 24; - value |= (*p++ & 0x3f) << 18; - value |= (*p++ & 0x3f) << 12; + value = ((unsigned long)(*p++ & 0x3)) << 24; + value |= ((unsigned long)(*p++ & 0x3f)) << 18; + value |= ((unsigned long)(*p++ & 0x3f)) << 12; value |= (*p++ & 0x3f) << 6; value |= *p++ & 0x3f; if(value < 0x200000) return -4; @@ -159,10 +159,10 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val) || ((p[3] & 0xc0) != 0x80) || ((p[4] & 0xc0) != 0x80) || ((p[5] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0x1) << 30; - value |= (*p++ & 0x3f) << 24; - value |= (*p++ & 0x3f) << 18; - value |= (*p++ & 0x3f) << 12; + value = ((unsigned long)(*p++ & 0x1)) << 30; + value |= ((unsigned long)(*p++ & 0x3f)) << 24; + value |= ((unsigned long)(*p++ & 0x3f)) << 18; + value |= ((unsigned long)(*p++ & 0x3f)) << 12; value |= (*p++ & 0x3f) << 6; value |= *p++ & 0x3f; if(value < 0x4000000) return -4; diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index d4aede85c3..2a11927e5c 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -88,7 +88,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, } inl=i2d(data,NULL); - buf_in=Malloc((unsigned int)inl); + buf_in=OPENSSL_malloc((unsigned int)inl); if (buf_in == NULL) { ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); @@ -101,7 +101,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); memset(buf_in,0,(unsigned int)inl); - Free(buf_in); + OPENSSL_free(buf_in); if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, (unsigned int)signature->length,pkey) <= 0) diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index e137f6b7c7..50a0cfb162 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -245,6 +245,37 @@ typedef struct asn1_string_table_st { } ASN1_STRING_TABLE; DECLARE_STACK_OF(ASN1_STRING_TABLE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_STRING_TABLE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_STRING_TABLE_new_null() sk_new_null() + #define sk_ASN1_STRING_TABLE_free(a) sk_free(a) + #define sk_ASN1_STRING_TABLE_num(a) sk_num(a) + #define sk_ASN1_STRING_TABLE_value(a,b) ((ASN1_STRING_TABLE *) \ + sk_value((a),(b))) + #define sk_ASN1_STRING_TABLE_set(a,b,c) ((ASN1_STRING_TABLE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_STRING_TABLE_zero(a) sk_zero(a) + #define sk_ASN1_STRING_TABLE_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_STRING_TABLE_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_STRING_TABLE_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_STRING_TABLE_delete(a,b) ((ASN1_STRING_TABLE *) \ + sk_delete((a),(b))) + #define sk_ASN1_STRING_TABLE_delete_ptr(a,b) ((ASN1_STRING_TABLE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_STRING_TABLE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_STRING_TABLE_set_cmp_func(a,b) ((int (*) \ + (const ASN1_STRING_TABLE * const *,const ASN1_STRING_TABLE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_STRING_TABLE_dup(a) sk_dup(a) + #define sk_ASN1_STRING_TABLE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_STRING_TABLE_shift(a) ((ASN1_STRING_TABLE *)sk_shift(a)) + #define sk_ASN1_STRING_TABLE_pop(a) ((ASN1_STRING_TABLE *)sk_pop(a)) + #define sk_ASN1_STRING_TABLE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* size limits: this stuff is taken straight from RFC2459 */ @@ -294,6 +325,37 @@ typedef struct asn1_string_st ASN1_UTF8STRING; typedef int ASN1_NULL; DECLARE_STACK_OF(ASN1_INTEGER) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_INTEGER_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_INTEGER_new_null() sk_new_null() + #define sk_ASN1_INTEGER_free(a) sk_free(a) + #define sk_ASN1_INTEGER_num(a) sk_num(a) + #define sk_ASN1_INTEGER_value(a,b) ((ASN1_INTEGER *) \ + sk_value((a),(b))) + #define sk_ASN1_INTEGER_set(a,b,c) ((ASN1_INTEGER *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_INTEGER_zero(a) sk_zero(a) + #define sk_ASN1_INTEGER_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_INTEGER_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_INTEGER_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_INTEGER_delete(a,b) ((ASN1_INTEGER *) \ + sk_delete((a),(b))) + #define sk_ASN1_INTEGER_delete_ptr(a,b) ((ASN1_INTEGER *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_INTEGER_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_INTEGER_set_cmp_func(a,b) ((int (*) \ + (const ASN1_INTEGER * const *,const ASN1_INTEGER * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_INTEGER_dup(a) sk_dup(a) + #define sk_ASN1_INTEGER_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_INTEGER_shift(a) ((ASN1_INTEGER *)sk_shift(a)) + #define sk_ASN1_INTEGER_pop(a) ((ASN1_INTEGER *)sk_pop(a)) + #define sk_ASN1_INTEGER_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ASN1_INTEGER) typedef struct asn1_type_st @@ -325,6 +387,37 @@ typedef struct asn1_type_st } ASN1_TYPE; DECLARE_STACK_OF(ASN1_TYPE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_TYPE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_TYPE_new_null() sk_new_null() + #define sk_ASN1_TYPE_free(a) sk_free(a) + #define sk_ASN1_TYPE_num(a) sk_num(a) + #define sk_ASN1_TYPE_value(a,b) ((ASN1_TYPE *) \ + sk_value((a),(b))) + #define sk_ASN1_TYPE_set(a,b,c) ((ASN1_TYPE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_TYPE_zero(a) sk_zero(a) + #define sk_ASN1_TYPE_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_TYPE_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_TYPE_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_TYPE_delete(a,b) ((ASN1_TYPE *) \ + sk_delete((a),(b))) + #define sk_ASN1_TYPE_delete_ptr(a,b) ((ASN1_TYPE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_TYPE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_TYPE_set_cmp_func(a,b) ((int (*) \ + (const ASN1_TYPE * const *,const ASN1_TYPE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_TYPE_dup(a) sk_dup(a) + #define sk_ASN1_TYPE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_TYPE_shift(a) ((ASN1_TYPE *)sk_shift(a)) + #define sk_ASN1_TYPE_pop(a) ((ASN1_TYPE *)sk_pop(a)) + #define sk_ASN1_TYPE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ASN1_TYPE) typedef struct asn1_method_st @@ -546,6 +639,37 @@ ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, long length); DECLARE_STACK_OF(ASN1_OBJECT) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ASN1_OBJECT_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ASN1_OBJECT_new_null() sk_new_null() + #define sk_ASN1_OBJECT_free(a) sk_free(a) + #define sk_ASN1_OBJECT_num(a) sk_num(a) + #define sk_ASN1_OBJECT_value(a,b) ((ASN1_OBJECT *) \ + sk_value((a),(b))) + #define sk_ASN1_OBJECT_set(a,b,c) ((ASN1_OBJECT *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ASN1_OBJECT_zero(a) sk_zero(a) + #define sk_ASN1_OBJECT_push(a,b) sk_push((a),(char *)(b)) + #define sk_ASN1_OBJECT_unshift(a,b) sk_unshift((a),(b)) + #define sk_ASN1_OBJECT_find(a,b) sk_find((a), (char *)(b)) + #define sk_ASN1_OBJECT_delete(a,b) ((ASN1_OBJECT *) \ + sk_delete((a),(b))) + #define sk_ASN1_OBJECT_delete_ptr(a,b) ((ASN1_OBJECT *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ASN1_OBJECT_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ASN1_OBJECT_set_cmp_func(a,b) ((int (*) \ + (const ASN1_OBJECT * const *,const ASN1_OBJECT * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ASN1_OBJECT_dup(a) sk_dup(a) + #define sk_ASN1_OBJECT_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ASN1_OBJECT_shift(a) ((ASN1_OBJECT *)sk_shift(a)) + #define sk_ASN1_OBJECT_pop(a) ((ASN1_OBJECT *)sk_pop(a)) + #define sk_ASN1_OBJECT_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ASN1_OBJECT) ASN1_STRING * ASN1_STRING_new(void); diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index be8daa8688..11f8654c36 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -335,9 +335,9 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) { c=str->data; if (c == NULL) - str->data=Malloc(len+1); + str->data=OPENSSL_malloc(len+1); else - str->data=Realloc(c,len+1); + str->data=OPENSSL_realloc(c,len+1); if (str->data == NULL) { @@ -365,7 +365,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type) { ASN1_STRING *ret; - ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING)); + ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); @@ -381,8 +381,8 @@ ASN1_STRING *ASN1_STRING_type_new(int type) void ASN1_STRING_free(ASN1_STRING *a) { if (a == NULL) return; - if (a->data != NULL) Free(a->data); - Free(a); + if (a->data != NULL) OPENSSL_free(a->data); + OPENSSL_free(a); } int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index 653f5fe1c9..4512ba6cc6 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -340,7 +340,7 @@ err:\ /* New macros */ #define M_ASN1_New_Malloc(ret,type) \ - if ((ret=(type *)Malloc(sizeof(type))) == NULL) \ + if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \ { c.line=__LINE__; goto err2; } #define M_ASN1_New(arg,func) \ diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index 662a2626a1..2969d5f8e3 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -77,7 +77,7 @@ STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), } /* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a - * Malloc'ed buffer + * OPENSSL_malloc'ed buffer */ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, @@ -90,7 +90,7 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR); return NULL; } - if (!(safe = Malloc (safelen))) { + if (!(safe = OPENSSL_malloc (safelen))) { ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE); return NULL; } @@ -134,7 +134,7 @@ ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct) ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); return NULL; } - if (!(p = Malloc (octmp->length))) { + if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/asn1/f_enum.c b/crypto/asn1/f_enum.c index 3d0b1107cb..56e3cc8df2 100644 --- a/crypto/asn1/f_enum.c +++ b/crypto/asn1/f_enum.c @@ -153,15 +153,15 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)Malloc( + sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)Realloc(s, + sp=(unsigned char *)OPENSSL_realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); goto err; } s=sp; diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index cd57331c3f..6b090f6740 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -160,15 +160,15 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)Malloc( + sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)Realloc(s, + sp=(unsigned char *)OPENSSL_realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); goto err; } s=sp; diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c index 088313689a..968698a798 100644 --- a/crypto/asn1/f_string.c +++ b/crypto/asn1/f_string.c @@ -158,15 +158,15 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)Malloc( + sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)Realloc(s, + sp=(unsigned char *)OPENSSL_realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); goto err; } s=sp; diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c index 61eeb646f9..b1de17fe07 100644 --- a/crypto/asn1/i2d_dhp.c +++ b/crypto/asn1/i2d_dhp.c @@ -105,7 +105,7 @@ int i2d_DHparams(DH *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE); @@ -118,7 +118,7 @@ int i2d_DHparams(DH *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); ret=t; err: if (num[2] != NULL) BN_free(num[2]); diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c index 4021123ba3..157fb43893 100644 --- a/crypto/asn1/i2d_dsap.c +++ b/crypto/asn1/i2d_dsap.c @@ -94,7 +94,7 @@ int i2d_DSAparams(DSA *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE); @@ -107,7 +107,7 @@ int i2d_DSAparams(DSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); ret=t; err: *pp=p; diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c index 1250fa4b2d..88b1aac989 100644 --- a/crypto/asn1/i2d_r_pr.c +++ b/crypto/asn1/i2d_r_pr.c @@ -107,7 +107,7 @@ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp) i2d_ASN1_INTEGER(&bs,&p); - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); @@ -119,7 +119,7 @@ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; return(t); } diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c index 582b92ee4c..8178c2c3b3 100644 --- a/crypto/asn1/i2d_r_pu.c +++ b/crypto/asn1/i2d_r_pu.c @@ -93,7 +93,7 @@ int i2d_RSAPublicKey(RSA *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE); @@ -105,7 +105,7 @@ int i2d_RSAPublicKey(RSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; return(t); } diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c index e399ceaeb9..9922952ad7 100644 --- a/crypto/asn1/i2d_s_pr.c +++ b/crypto/asn1/i2d_s_pr.c @@ -104,7 +104,7 @@ int i2d_DSAPrivateKey(DSA *a, unsigned char **pp) i2d_ASN1_INTEGER(&bs,&p); - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); @@ -116,7 +116,7 @@ int i2d_DSAPrivateKey(DSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; return(t); } diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c index ca7f251b71..e6014b82a8 100644 --- a/crypto/asn1/i2d_s_pu.c +++ b/crypto/asn1/i2d_s_pu.c @@ -109,7 +109,7 @@ int i2d_DSAPublicKey(DSA *a, unsigned char **pp) ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)Malloc(max+4); + bs.data=(unsigned char *)OPENSSL_malloc(max+4); if (bs.data == NULL) { ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE); @@ -121,7 +121,7 @@ int i2d_DSAPublicKey(DSA *a, unsigned char **pp) bs.length=BN_bn2bin(num[i],bs.data); i2d_ASN1_INTEGER(&bs,&p); } - Free(bs.data); + OPENSSL_free(bs.data); *pp=p; if(all) return(t); else return(tot); diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 5a7d494ff0..63f408885f 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -139,8 +139,8 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) } if (pkey->private_key->data != NULL) - Free(pkey->private_key->data); - if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL) + OPENSSL_free(pkey->private_key->data); + if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); goto err; @@ -148,7 +148,7 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) zz=pkey->private_key->data; i2d_RSAPrivateKey(a,&zz); - if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL) + if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); goto err; @@ -182,7 +182,7 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) i2d_ASN1_OCTET_STRING(&os2,&p); ret=l[5]; err: - if (os2.data != NULL) Free(os2.data); + if (os2.data != NULL) OPENSSL_free(os2.data); if (alg != NULL) X509_ALGOR_free(alg); if (pkey != NULL) NETSCAPE_PKEY_free(pkey); r=r; @@ -338,7 +338,7 @@ static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a) M_ASN1_INTEGER_free(a->version); X509_ALGOR_free(a->algor); M_ASN1_OCTET_STRING_free(a->private_key); - Free(a); + OPENSSL_free(a); } #endif /* NO_RC4 */ diff --git a/crypto/asn1/nsseq.c b/crypto/asn1/nsseq.c index 417d024b81..6e7f09ba23 100644 --- a/crypto/asn1/nsseq.c +++ b/crypto/asn1/nsseq.c @@ -114,5 +114,5 @@ void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a) ASN1_OBJECT_free(a->type); if(a->certs) sk_X509_pop_free(a->certs, X509_free); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index a147ac3295..b7ed538eb2 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -103,7 +103,7 @@ void PBEPARAM_free (PBEPARAM *a) if(a==NULL) return; M_ASN1_OCTET_STRING_free(a->salt); M_ASN1_INTEGER_free (a->iter); - Free (a); + OPENSSL_free (a); } /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ @@ -123,7 +123,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, if(iter <= 0) iter = PKCS5_DEFAULT_ITER; ASN1_INTEGER_set (pbe->iter, iter); if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(pbe->salt->data = Malloc (saltlen))) { + if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index 1bbdb10c71..6a7b578c0e 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -104,7 +104,7 @@ void PBE2PARAM_free (PBE2PARAM *a) if(a==NULL) return; X509_ALGOR_free(a->keyfunc); X509_ALGOR_free(a->encryption); - Free (a); + OPENSSL_free (a); } int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp) @@ -158,7 +158,7 @@ void PBKDF2PARAM_free (PBKDF2PARAM *a) M_ASN1_INTEGER_free(a->iter); M_ASN1_INTEGER_free(a->keylength); X509_ALGOR_free(a->prf); - Free (a); + OPENSSL_free (a); } /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: @@ -210,7 +210,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr; if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(osalt->data = Malloc (saltlen))) goto merr; + if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr; osalt->length = saltlen; if (salt) memcpy (osalt->data, salt, saltlen); else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr; diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c index cba90e94a1..c170244616 100644 --- a/crypto/asn1/p7_dgst.c +++ b/crypto/asn1/p7_dgst.c @@ -116,6 +116,6 @@ void PKCS7_DIGEST_free(PKCS7_DIGEST *a) X509_ALGOR_free(a->md); PKCS7_free(a->contents); M_ASN1_OCTET_STRING_free(a->digest); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c index 83b0e15faa..38ccafbdb0 100644 --- a/crypto/asn1/p7_enc.c +++ b/crypto/asn1/p7_enc.c @@ -106,6 +106,6 @@ void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a) if (a == NULL) return; M_ASN1_INTEGER_free(a->version); PKCS7_ENC_CONTENT_free(a->enc_data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c index 582cc78b06..031178ab52 100644 --- a/crypto/asn1/p7_enc_c.c +++ b/crypto/asn1/p7_enc_c.c @@ -115,6 +115,6 @@ void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a) ASN1_OBJECT_free(a->content_type); X509_ALGOR_free(a->algorithm); M_ASN1_OCTET_STRING_free(a->enc_data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c index 4e734fdd28..60be3e5f66 100644 --- a/crypto/asn1/p7_evp.c +++ b/crypto/asn1/p7_evp.c @@ -114,6 +114,6 @@ void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a) M_ASN1_INTEGER_free(a->version); sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free); PKCS7_ENC_CONTENT_free(a->enc_data); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c index d21f7ddb84..4a7260a5c8 100644 --- a/crypto/asn1/p7_i_s.c +++ b/crypto/asn1/p7_i_s.c @@ -106,6 +106,6 @@ void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a) if (a == NULL) return; X509_NAME_free(a->issuer); M_ASN1_INTEGER_free(a->serial); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c index 9effc28622..90ead17dbc 100644 --- a/crypto/asn1/p7_lib.c +++ b/crypto/asn1/p7_lib.c @@ -152,7 +152,7 @@ PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length) { if ((*a)->asn1 != NULL) { - Free((*a)->asn1); + OPENSSL_free((*a)->asn1); (*a)->asn1=NULL; } (*a)->length=0; @@ -251,7 +251,7 @@ void PKCS7_free(PKCS7 *a) { ASN1_OBJECT_free(a->type); } - Free(a); + OPENSSL_free(a); } void PKCS7_content_free(PKCS7 *a) @@ -259,7 +259,7 @@ void PKCS7_content_free(PKCS7 *a) if(a == NULL) return; - if (a->asn1 != NULL) Free(a->asn1); + if (a->asn1 != NULL) OPENSSL_free(a->asn1); if (a->d.ptr != NULL) { diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c index b1abfa3b8f..5f6c88a2fa 100644 --- a/crypto/asn1/p7_recip.c +++ b/crypto/asn1/p7_recip.c @@ -118,7 +118,7 @@ void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a) X509_ALGOR_free(a->key_enc_algor); M_ASN1_OCTET_STRING_free(a->enc_key); if (a->cert != NULL) X509_free(a->cert); - Free(a); + OPENSSL_free(a); } IMPLEMENT_STACK_OF(PKCS7_RECIP_INFO) diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c index 3d18fedf8e..709eb24b27 100644 --- a/crypto/asn1/p7_s_e.c +++ b/crypto/asn1/p7_s_e.c @@ -140,6 +140,6 @@ void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a) sk_X509_pop_free(a->cert,X509_free); sk_X509_CRL_pop_free(a->crl,X509_CRL_free); sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c index f6f16a8715..c835f5475f 100644 --- a/crypto/asn1/p7_signd.c +++ b/crypto/asn1/p7_signd.c @@ -131,5 +131,5 @@ void PKCS7_SIGNED_free(PKCS7_SIGNED *a) sk_X509_pop_free(a->cert,X509_free); sk_X509_CRL_pop_free(a->crl,X509_CRL_free); sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c index f74658ffe6..248bf00945 100644 --- a/crypto/asn1/p7_signi.c +++ b/crypto/asn1/p7_signi.c @@ -143,7 +143,7 @@ void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a) sk_X509_ATTRIBUTE_pop_free(a->unauth_attr,X509_ATTRIBUTE_free); if (a->pkey != NULL) EVP_PKEY_free(a->pkey); - Free(a); + OPENSSL_free(a); } IMPLEMENT_STACK_OF(PKCS7_SIGNER_INFO) diff --git a/crypto/asn1/p8_key.c b/crypto/asn1/p8_key.c index 0b24374627..3a31248e14 100644 --- a/crypto/asn1/p8_key.c +++ b/crypto/asn1/p8_key.c @@ -94,7 +94,7 @@ X509 *X509_KEY_new(void) { X509_KEY *ret=NULL; - M_ASN1_New_Malloc(ret,X509_KEY); + M_ASN1_New_OPENSSL_malloc(ret,X509_KEY); ret->references=1; ret->type=NID M_ASN1_New(ret->cert_info,X509_CINF_new); @@ -126,6 +126,6 @@ void X509_KEY_free(X509 *a) X509_CINF_free(a->cert_info); X509_ALGOR_free(a->sig_alg); ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index 59cfbe7f28..fa6cbfb6f8 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -123,5 +123,5 @@ void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a) 0, a->pkey->value.octet_string->length); ASN1_TYPE_free (a->pkey); sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index e570ed1c47..ae18da96e3 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -99,7 +99,7 @@ int RSA_print(BIO *bp, RSA *x, int off) int i,ret=0; i=RSA_size(x); - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -133,7 +133,7 @@ int RSA_print(BIO *bp, RSA *x, int off) if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; ret=1; err: - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } #endif /* NO_RSA */ @@ -176,7 +176,7 @@ int DSA_print(BIO *bp, DSA *x, int off) i=BN_num_bytes(bn)*2; else i=256; - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -204,7 +204,7 @@ int DSA_print(BIO *bp, DSA *x, int off) if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err; ret=1; err: - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } #endif /* !NO_DSA */ @@ -284,7 +284,7 @@ int DHparams_print(BIO *bp, DH *x) int reason=ERR_R_BUF_LIB,i,ret=0; i=BN_num_bytes(x->p); - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -307,7 +307,7 @@ int DHparams_print(BIO *bp, DH *x) err: DHerr(DH_F_DHPARAMS_PRINT,reason); } - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } #endif @@ -337,7 +337,7 @@ int DSAparams_print(BIO *bp, DSA *x) int reason=ERR_R_BUF_LIB,i,ret=0; i=BN_num_bytes(x->p); - m=(unsigned char *)Malloc((unsigned int)i+10); + m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -352,7 +352,7 @@ int DSAparams_print(BIO *bp, DSA *x) if (!print(bp,"g:",x->g,m,4)) goto err; ret=1; err: - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); DSAerr(DSA_F_DSAPARAMS_PRINT,reason); return(ret); } diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 6ee1065ce9..314bdfb1c7 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -223,7 +223,7 @@ int X509_print(BIO *bp, X509 *x) ret=1; err: if (str != NULL) ASN1_STRING_free(str); - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index fe023842f8..853a8dfeef 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -111,7 +111,7 @@ void X509_ALGOR_free(X509_ALGOR *a) if (a == NULL) return; ASN1_OBJECT_free(a->algorithm); ASN1_TYPE_free(a->parameter); - Free(a); + OPENSSL_free(a); } IMPLEMENT_STACK_OF(X509_ALGOR) diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c index a874df79db..14e5ea27aa 100644 --- a/crypto/asn1/x_attrib.c +++ b/crypto/asn1/x_attrib.c @@ -160,6 +160,6 @@ void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a) sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free); else ASN1_TYPE_free(a->value.single); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c index b87c8fff17..339a110eef 100644 --- a/crypto/asn1/x_cinf.c +++ b/crypto/asn1/x_cinf.c @@ -196,6 +196,6 @@ void X509_CINF_free(X509_CINF *a) M_ASN1_BIT_STRING_free(a->issuerUID); M_ASN1_BIT_STRING_free(a->subjectUID); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c index 12a42d04c7..1f302d0e01 100644 --- a/crypto/asn1/x_crl.c +++ b/crypto/asn1/x_crl.c @@ -61,8 +61,10 @@ #include <openssl/asn1_mac.h> #include <openssl/x509.h> -static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b); -static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b); +static int X509_REVOKED_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b); +static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b); int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp) { M_ASN1_I2D_vars(a); @@ -100,7 +102,8 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) { int v1=0; long l=0; - int (*old_cmp)(X509_REVOKED **,X509_REVOKED **); + int (*old_cmp)(const X509_REVOKED * const *, + const X509_REVOKED * const *); M_ASN1_I2D_vars(a); old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp); @@ -283,7 +286,7 @@ void X509_REVOKED_free(X509_REVOKED *a) M_ASN1_INTEGER_free(a->serialNumber); M_ASN1_UTCTIME_free(a->revocationDate); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - Free(a); + OPENSSL_free(a); } void X509_CRL_INFO_free(X509_CRL_INFO *a) @@ -297,7 +300,7 @@ void X509_CRL_INFO_free(X509_CRL_INFO *a) M_ASN1_UTCTIME_free(a->nextUpdate); sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - Free(a); + OPENSSL_free(a); } void X509_CRL_free(X509_CRL *a) @@ -322,17 +325,19 @@ void X509_CRL_free(X509_CRL *a) X509_CRL_INFO_free(a->crl); X509_ALGOR_free(a->sig_alg); M_ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } -static int X509_REVOKED_cmp(X509_REVOKED **a, X509_REVOKED **b) +static int X509_REVOKED_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b) { return(ASN1_STRING_cmp( (ASN1_STRING *)(*a)->serialNumber, (ASN1_STRING *)(*b)->serialNumber)); } -static int X509_REVOKED_seq_cmp(X509_REVOKED **a, X509_REVOKED **b) +static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, + const X509_REVOKED * const *b) { return((*a)->sequence-(*b)->sequence); } diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c index 185cbd78a0..fbfd963b40 100644 --- a/crypto/asn1/x_exten.c +++ b/crypto/asn1/x_exten.c @@ -134,6 +134,6 @@ void X509_EXTENSION_free(X509_EXTENSION *a) if (a == NULL) return; ASN1_OBJECT_free(a->object); M_ASN1_OCTET_STRING_free(a->value); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c index 7fdc6f9dc8..5e62fc2f6f 100644 --- a/crypto/asn1/x_info.c +++ b/crypto/asn1/x_info.c @@ -66,7 +66,7 @@ X509_INFO *X509_INFO_new(void) { X509_INFO *ret=NULL; - ret=(X509_INFO *)Malloc(sizeof(X509_INFO)); + ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); if (ret == NULL) { ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); @@ -106,8 +106,8 @@ void X509_INFO_free(X509_INFO *x) if (x->x509 != NULL) X509_free(x->x509); if (x->crl != NULL) X509_CRL_free(x->crl); if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); - if (x->enc_data != NULL) Free(x->enc_data); - Free(x); + if (x->enc_data != NULL) OPENSSL_free(x->enc_data); + OPENSSL_free(x); } IMPLEMENT_STACK_OF(X509_INFO) diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c index 64baf5719d..b832deb928 100644 --- a/crypto/asn1/x_name.c +++ b/crypto/asn1/x_name.c @@ -217,7 +217,7 @@ X509_NAME *X509_NAME_new(void) ASN1_CTX c; M_ASN1_New_Malloc(ret,X509_NAME); - if ((ret->entries=sk_X509_NAME_ENTRY_new(NULL)) == NULL) + if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL) { c.line=__LINE__; goto err2; } M_ASN1_New(ret->bytes,BUF_MEM_new); ret->modified=1; @@ -246,7 +246,7 @@ void X509_NAME_free(X509_NAME *a) BUF_MEM_free(a->bytes); sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free); - Free(a); + OPENSSL_free(a); } void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) @@ -254,7 +254,7 @@ void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) if (a == NULL) return; ASN1_OBJECT_free(a->object); M_ASN1_BIT_STRING_free(a->value); - Free(a); + OPENSSL_free(a); } int X509_NAME_set(X509_NAME **xn, X509_NAME *name) diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index fe58919dbb..f1c6221ac3 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -146,6 +146,6 @@ void X509_PKEY_free(X509_PKEY *x) if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey); if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); - if ((x->key_data != NULL) && (x->key_free)) Free(x->key_data); - Free(x); + if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data); + OPENSSL_free(x); } diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 7a05d575c9..b2e2a51477 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -112,7 +112,7 @@ void X509_PUBKEY_free(X509_PUBKEY *a) X509_ALGOR_free(a->algor); M_ASN1_BIT_STRING_free(a->public_key); if (a->pkey != NULL) EVP_PKEY_free(a->pkey); - Free(a); + OPENSSL_free(a); } int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) @@ -156,14 +156,14 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) dsa->write_params=0; ASN1_TYPE_free(a->parameter); i=i2d_DSAparams(dsa,NULL); - p=(unsigned char *)Malloc(i); + p=(unsigned char *)OPENSSL_malloc(i); pp=p; i2d_DSAparams(dsa,&pp); a->parameter=ASN1_TYPE_new(); a->parameter->type=V_ASN1_SEQUENCE; a->parameter->value.sequence=ASN1_STRING_new(); ASN1_STRING_set(a->parameter->value.sequence,p,i); - Free(p); + OPENSSL_free(p); } else #endif @@ -173,7 +173,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err; - if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err; + if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err; p=s; i2d_PublicKey(pkey,&p); if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; @@ -181,7 +181,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; - Free(s); + OPENSSL_free(s); #if 0 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c index 0cd572ee73..0056009885 100644 --- a/crypto/asn1/x_req.c +++ b/crypto/asn1/x_req.c @@ -163,7 +163,7 @@ void X509_REQ_INFO_free(X509_REQ_INFO *a) X509_NAME_free(a->subject); X509_PUBKEY_free(a->pubkey); sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free); - Free(a); + OPENSSL_free(a); } int i2d_X509_REQ(X509_REQ *a, unsigned char **pp) @@ -230,7 +230,7 @@ void X509_REQ_free(X509_REQ *a) X509_REQ_INFO_free(a->req_info); X509_ALGOR_free(a->sig_alg); M_ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c index 3559bd5368..d79f147647 100644 --- a/crypto/asn1/x_sig.c +++ b/crypto/asn1/x_sig.c @@ -104,7 +104,7 @@ void X509_SIG_free(X509_SIG *a) if (a == NULL) return; X509_ALGOR_free(a->algor); M_ASN1_OCTET_STRING_free(a->digest); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c index 8f5e7e6380..4f01888f7d 100644 --- a/crypto/asn1/x_spki.c +++ b/crypto/asn1/x_spki.c @@ -109,7 +109,7 @@ void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a) if (a == NULL) return; X509_PUBKEY_free(a->pubkey); M_ASN1_IA5STRING_free(a->challenge); - Free(a); + OPENSSL_free(a); } int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp) @@ -161,6 +161,6 @@ void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a) NETSCAPE_SPKAC_free(a->spkac); X509_ALGOR_free(a->sig_algor); M_ASN1_BIT_STRING_free(a->signature); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c index 1a2f49ffdf..0f8f020b57 100644 --- a/crypto/asn1/x_val.c +++ b/crypto/asn1/x_val.c @@ -104,6 +104,6 @@ void X509_VAL_free(X509_VAL *a) if (a == NULL) return; M_ASN1_TIME_free(a->notBefore); M_ASN1_TIME_free(a->notAfter); - Free(a); + OPENSSL_free(a); } diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index 11e564ea30..ea71a29c9a 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -102,7 +102,7 @@ X509 *d2i_X509(X509 **a, unsigned char **pp, long length) M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF); M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - if (ret->name != NULL) Free(ret->name); + if (ret->name != NULL) OPENSSL_free(ret->name); ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509); @@ -152,8 +152,8 @@ void X509_free(X509 *a) M_ASN1_BIT_STRING_free(a->signature); X509_CERT_AUX_free(a->aux); - if (a->name != NULL) Free(a->name); - Free(a); + if (a->name != NULL) OPENSSL_free(a->name); + OPENSSL_free(a); } int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c index b9987ea968..42807cd334 100644 --- a/crypto/asn1/x_x509a.c +++ b/crypto/asn1/x_x509a.c @@ -112,7 +112,7 @@ void X509_CERT_AUX_free(X509_CERT_AUX *a) ASN1_UTF8STRING_free(a->alias); ASN1_OCTET_STRING_free(a->keyid); sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free); - Free(a); + OPENSSL_free(a); } int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp) diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c index 5695250195..cf67cadefd 100644 --- a/crypto/bf/bftest.c +++ b/crypto/bf/bftest.c @@ -442,7 +442,8 @@ static int test(void) { BF_set_key(&key,n,key_test); BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT); - if (memcmp(out,&(key_out[n-1][0]),8) != 0) + /* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */ + if (memcmp(out,&(key_out[i=n-1][0]),8) != 0) { printf("blowfish setkey error\n"); err=1; diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c index 33fa27ac6c..aafa85bd12 100644 --- a/crypto/bio/b_print.c +++ b/crypto/bio/b_print.c @@ -792,11 +792,11 @@ doapr_outch( if (*buffer == NULL) { if (*maxlen == 0) *maxlen = 1024; - *buffer = Malloc(*maxlen); + *buffer = OPENSSL_malloc(*maxlen); } while (*currlen >= *maxlen) { *maxlen += 1024; - *buffer = Realloc(*buffer, *maxlen); + *buffer = OPENSSL_realloc(*buffer, *maxlen); } /* What to do if *buffer is NULL? */ assert(*buffer != NULL); @@ -834,7 +834,7 @@ int BIO_printf (BIO *bio, const char *format, ...) ret=BIO_write(bio, hugebuf, (int)retlen); #ifdef USE_ALLOCATING_PRINT - Free(hugebuf); + OPENSSL_free(hugebuf); } CRYPTO_pop_info(); #endif diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index 6409f98f57..b2958788b6 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -267,14 +267,14 @@ static struct hostent *ghbn_dup(struct hostent *a) int i,j; MemCheck_off(); - ret=(struct hostent *)Malloc(sizeof(struct hostent)); + ret=(struct hostent *)OPENSSL_malloc(sizeof(struct hostent)); if (ret == NULL) return(NULL); memset(ret,0,sizeof(struct hostent)); for (i=0; a->h_aliases[i] != NULL; i++) ; i++; - ret->h_aliases = (char **)Malloc(i*sizeof(char *)); + ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *)); if (ret->h_aliases == NULL) goto err; memset(ret->h_aliases, 0, i*sizeof(char *)); @@ -282,25 +282,25 @@ static struct hostent *ghbn_dup(struct hostent *a) for (i=0; a->h_addr_list[i] != NULL; i++) ; i++; - ret->h_addr_list=(char **)Malloc(i*sizeof(char *)); + ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *)); if (ret->h_addr_list == NULL) goto err; memset(ret->h_addr_list, 0, i*sizeof(char *)); j=strlen(a->h_name)+1; - if ((ret->h_name=Malloc(j)) == NULL) goto err; + if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err; memcpy((char *)ret->h_name,a->h_name,j); for (i=0; a->h_aliases[i] != NULL; i++) { j=strlen(a->h_aliases[i])+1; - if ((ret->h_aliases[i]=Malloc(j)) == NULL) goto err; + if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err; memcpy(ret->h_aliases[i],a->h_aliases[i],j); } ret->h_length=a->h_length; ret->h_addrtype=a->h_addrtype; for (i=0; a->h_addr_list[i] != NULL; i++) { - if ((ret->h_addr_list[i]=Malloc(a->h_length)) == NULL) + if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL) goto err; memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length); } @@ -325,17 +325,17 @@ static void ghbn_free(struct hostent *a) if (a->h_aliases != NULL) { for (i=0; a->h_aliases[i] != NULL; i++) - Free(a->h_aliases[i]); - Free(a->h_aliases); + OPENSSL_free(a->h_aliases[i]); + OPENSSL_free(a->h_aliases); } if (a->h_addr_list != NULL) { for (i=0; a->h_addr_list[i] != NULL; i++) - Free(a->h_addr_list[i]); - Free(a->h_addr_list); + OPENSSL_free(a->h_addr_list[i]); + OPENSSL_free(a->h_addr_list); } - if (a->h_name != NULL) Free(a->h_name); - Free(a); + if (a->h_name != NULL) OPENSSL_free(a->h_name); + OPENSSL_free(a); } struct hostent *BIO_gethostbyname(const char *name) @@ -628,7 +628,7 @@ again: } ret=1; err: - if (str != NULL) Free(str); + if (str != NULL) OPENSSL_free(str); if ((ret == 0) && (s != INVALID_SOCKET)) { closesocket(s); @@ -667,7 +667,7 @@ int BIO_accept(int sock, char **addr) port=ntohs(from.sin_port); if (*addr == NULL) { - if ((p=Malloc(24)) == NULL) + if ((p=OPENSSL_malloc(24)) == NULL) { BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE); goto end; diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c index edffe92bce..e9916d29eb 100644 --- a/crypto/bio/bf_buff.c +++ b/crypto/bio/bf_buff.c @@ -95,12 +95,12 @@ static int buffer_new(BIO *bi) { BIO_F_BUFFER_CTX *ctx; - ctx=(BIO_F_BUFFER_CTX *)Malloc(sizeof(BIO_F_BUFFER_CTX)); + ctx=(BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX)); if (ctx == NULL) return(0); - ctx->ibuf=(char *)Malloc(DEFAULT_BUFFER_SIZE); - if (ctx->ibuf == NULL) { Free(ctx); return(0); } - ctx->obuf=(char *)Malloc(DEFAULT_BUFFER_SIZE); - if (ctx->obuf == NULL) { Free(ctx->ibuf); Free(ctx); return(0); } + ctx->ibuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); + if (ctx->ibuf == NULL) { OPENSSL_free(ctx); return(0); } + ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); + if (ctx->obuf == NULL) { OPENSSL_free(ctx->ibuf); OPENSSL_free(ctx); return(0); } ctx->ibuf_size=DEFAULT_BUFFER_SIZE; ctx->obuf_size=DEFAULT_BUFFER_SIZE; ctx->ibuf_len=0; @@ -120,9 +120,9 @@ static int buffer_free(BIO *a) if (a == NULL) return(0); b=(BIO_F_BUFFER_CTX *)a->ptr; - if (b->ibuf != NULL) Free(b->ibuf); - if (b->obuf != NULL) Free(b->obuf); - Free(a->ptr); + if (b->ibuf != NULL) OPENSSL_free(b->ibuf); + if (b->obuf != NULL) OPENSSL_free(b->obuf); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; @@ -319,9 +319,9 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_SET_BUFF_READ_DATA: if (num > ctx->ibuf_size) { - p1=Malloc((int)num); + p1=OPENSSL_malloc((int)num); if (p1 == NULL) goto malloc_error; - if (ctx->ibuf != NULL) Free(ctx->ibuf); + if (ctx->ibuf != NULL) OPENSSL_free(ctx->ibuf); ctx->ibuf=p1; } ctx->ibuf_off=0; @@ -353,21 +353,21 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) p2=ctx->obuf; if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) { - p1=(char *)Malloc((int)num); + p1=(char *)OPENSSL_malloc((int)num); if (p1 == NULL) goto malloc_error; } if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) { - p2=(char *)Malloc((int)num); + p2=(char *)OPENSSL_malloc((int)num); if (p2 == NULL) { - if (p1 != ctx->ibuf) Free(p1); + if (p1 != ctx->ibuf) OPENSSL_free(p1); goto malloc_error; } } if (ctx->ibuf != p1) { - Free(ctx->ibuf); + OPENSSL_free(ctx->ibuf); ctx->ibuf=p1; ctx->ibuf_off=0; ctx->ibuf_len=0; @@ -375,7 +375,7 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) } if (ctx->obuf != p2) { - Free(ctx->obuf); + OPENSSL_free(ctx->obuf); ctx->obuf=p2; ctx->obuf_off=0; ctx->obuf_len=0; diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c index 9b4bcb19d4..a4a60a0c6d 100644 --- a/crypto/bio/bf_nbio.c +++ b/crypto/bio/bf_nbio.c @@ -104,7 +104,7 @@ static int nbiof_new(BIO *bi) { NBIO_TEST *nt; - nt=(NBIO_TEST *)Malloc(sizeof(NBIO_TEST)); + nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)); nt->lrn= -1; nt->lwn= -1; bi->ptr=(char *)nt; @@ -117,7 +117,7 @@ static int nbiof_free(BIO *a) { if (a == NULL) return(0); if (a->ptr != NULL) - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h index 2e25516cf3..fa4e0e2225 100644 --- a/crypto/bio/bio.h +++ b/crypto/bio/bio.h @@ -59,8 +59,10 @@ #ifndef HEADER_BIO_H #define HEADER_BIO_H -#include <stdio.h> -#include <stdlib.h> +#ifndef NO_FP_API +# include <stdio.h> +#endif + #include <openssl/crypto.h> #ifdef __cplusplus @@ -262,6 +264,37 @@ struct bio_st }; DECLARE_STACK_OF(BIO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_BIO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_BIO_new_null() sk_new_null() + #define sk_BIO_free(a) sk_free(a) + #define sk_BIO_num(a) sk_num(a) + #define sk_BIO_value(a,b) ((BIO *) \ + sk_value((a),(b))) + #define sk_BIO_set(a,b,c) ((BIO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_BIO_zero(a) sk_zero(a) + #define sk_BIO_push(a,b) sk_push((a),(char *)(b)) + #define sk_BIO_unshift(a,b) sk_unshift((a),(b)) + #define sk_BIO_find(a,b) sk_find((a), (char *)(b)) + #define sk_BIO_delete(a,b) ((BIO *) \ + sk_delete((a),(b))) + #define sk_BIO_delete_ptr(a,b) ((BIO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_BIO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_BIO_set_cmp_func(a,b) ((int (*) \ + (const BIO * const *,const BIO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_BIO_dup(a) sk_dup(a) + #define sk_BIO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_BIO_shift(a) ((BIO *)sk_shift(a)) + #define sk_BIO_pop(a) ((BIO *)sk_pop(a)) + #define sk_BIO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ typedef struct bio_f_buffer_ctx_struct { @@ -476,11 +509,6 @@ size_t BIO_ctrl_get_write_guarantee(BIO *b); size_t BIO_ctrl_get_read_request(BIO *b); int BIO_ctrl_reset_read_request(BIO *b); -#ifdef NO_STDIO -#define NO_FP_API -#endif - - /* These two aren't currently implemented */ /* int BIO_get_ex_num(BIO *bio); */ /* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ @@ -491,6 +519,7 @@ int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, unsigned long BIO_number_read(BIO *bio); unsigned long BIO_number_written(BIO *bio); +# ifndef NO_FP_API # if defined(WIN16) && defined(_WINDLL) BIO_METHOD *BIO_s_file_internal(void); BIO *BIO_new_file_internal(char *filename, char *mode); @@ -506,6 +535,7 @@ BIO *BIO_new_fp(FILE *stream, int close_flag); # define BIO_new_file_internal BIO_new_file # define BIO_new_fp_internal BIO_s_file # endif /* FP_API */ +# endif BIO * BIO_new(BIO_METHOD *type); int BIO_set(BIO *a,BIO_METHOD *type); int BIO_free(BIO *a); diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index 77e43763cb..d8cb83aaab 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -70,7 +70,7 @@ BIO *BIO_new(BIO_METHOD *method) { BIO *ret=NULL; - ret=(BIO *)Malloc(sizeof(BIO)); + ret=(BIO *)OPENSSL_malloc(sizeof(BIO)); if (ret == NULL) { BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE); @@ -78,7 +78,7 @@ BIO *BIO_new(BIO_METHOD *method) } if (!BIO_set(ret,method)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } return(ret); @@ -133,7 +133,7 @@ int BIO_free(BIO *a) if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); ret=a->method->destroy(a); - Free(a); + OPENSSL_free(a); return(1); } diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index 09e8c90b53..4da5822062 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -145,7 +145,7 @@ BIO_ACCEPT *BIO_ACCEPT_new(void) { BIO_ACCEPT *ret; - if ((ret=(BIO_ACCEPT *)Malloc(sizeof(BIO_ACCEPT))) == NULL) + if ((ret=(BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL) return(NULL); memset(ret,0,sizeof(BIO_ACCEPT)); @@ -159,10 +159,10 @@ void BIO_ACCEPT_free(BIO_ACCEPT *a) if(a == NULL) return; - if (a->param_addr != NULL) Free(a->param_addr); - if (a->addr != NULL) Free(a->addr); + if (a->param_addr != NULL) OPENSSL_free(a->param_addr); + if (a->addr != NULL) OPENSSL_free(a->addr); if (a->bio_chain != NULL) BIO_free(a->bio_chain); - Free(a); + OPENSSL_free(a); } static void acpt_close_socket(BIO *bio) @@ -355,7 +355,7 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr) { b->init=1; if (data->param_addr != NULL) - Free(data->param_addr); + OPENSSL_free(data->param_addr); data->param_addr=BUF_strdup(ptr); } else if (num == 1) diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c index 94cc63c9fe..78c6ab4fdd 100644 --- a/crypto/bio/bss_bio.c +++ b/crypto/bio/bss_bio.c @@ -80,7 +80,7 @@ static int bio_new(BIO *bio) { struct bio_bio_st *b; - b = Malloc(sizeof *b); + b = OPENSSL_malloc(sizeof *b); if (b == NULL) return 0; @@ -108,10 +108,10 @@ static int bio_free(BIO *bio) if (b->buf != NULL) { - Free(b->buf); + OPENSSL_free(b->buf); } - Free(b); + OPENSSL_free(b); return 1; } @@ -464,7 +464,7 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr) { if (b->buf) { - Free(b->buf); + OPENSSL_free(b->buf); b->buf = NULL; } b->size = new_size; @@ -652,7 +652,7 @@ static int bio_make_pair(BIO *bio1, BIO *bio2) if (b1->buf == NULL) { - b1->buf = Malloc(b1->size); + b1->buf = OPENSSL_malloc(b1->size); if (b1->buf == NULL) { BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); @@ -664,7 +664,7 @@ static int bio_make_pair(BIO *bio1, BIO *bio2) if (b2->buf == NULL) { - b2->buf = Malloc(b2->size); + b2->buf = OPENSSL_malloc(b2->size); if (b2->buf == NULL) { BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index f0466adca3..1281a0af0d 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -165,7 +165,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) break; } if (c->param_port != NULL) - Free(c->param_port); + OPENSSL_free(c->param_port); c->param_port=BUF_strdup(p); } } @@ -322,7 +322,7 @@ BIO_CONNECT *BIO_CONNECT_new(void) { BIO_CONNECT *ret; - if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL) + if ((ret=(BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL) return(NULL); ret->state=BIO_CONN_S_BEFORE; ret->param_hostname=NULL; @@ -344,10 +344,10 @@ void BIO_CONNECT_free(BIO_CONNECT *a) return; if (a->param_hostname != NULL) - Free(a->param_hostname); + OPENSSL_free(a->param_hostname); if (a->param_port != NULL) - Free(a->param_port); - Free(a); + OPENSSL_free(a->param_port); + OPENSSL_free(a); } BIO_METHOD *BIO_s_connect(void) @@ -507,13 +507,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) if (num == 0) { if (data->param_hostname != NULL) - Free(data->param_hostname); + OPENSSL_free(data->param_hostname); data->param_hostname=BUF_strdup(ptr); } else if (num == 1) { if (data->param_port != NULL) - Free(data->param_port); + OPENSSL_free(data->param_port); data->param_port=BUF_strdup(ptr); } else if (num == 2) @@ -524,7 +524,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) sprintf(buf,"%d.%d.%d.%d", p[0],p[1],p[2],p[3]); if (data->param_hostname != NULL) - Free(data->param_hostname); + OPENSSL_free(data->param_hostname); data->param_hostname=BUF_strdup(buf); memcpy(&(data->ip[0]),ptr,4); } @@ -534,7 +534,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) sprintf(buf,"%d",*(int *)ptr); if (data->param_port != NULL) - Free(data->param_port); + OPENSSL_free(data->param_port); data->param_port=BUF_strdup(buf); data->port= *(int *)ptr; } diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c index a8e01a0f93..be2ad38383 100644 --- a/crypto/bio/bss_log.c +++ b/crypto/bio/bss_log.c @@ -160,7 +160,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl) char* pp; int priority; - if((buf= (char *)Malloc(inl+ 1)) == NULL){ + if((buf= (char *)OPENSSL_malloc(inl+ 1)) == NULL){ return(0); } strncpy(buf, in, inl); @@ -182,7 +182,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl) xsyslog(b, priority, pp); - Free(buf); + OPENSSL_free(buf); return(ret); } @@ -294,7 +294,7 @@ static void xsyslog(BIO *bp, int priority, const char *string) lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string); /* we know there's an 8 byte header. That's documented */ - opcdef_p = (struct opcdef *) Malloc(8 + len); + opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len); opcdef_p->opc$b_ms_type = OPC$_RQ_RQST; memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3); opcdef_p->opc$l_ms_rqstid = 0; @@ -307,7 +307,7 @@ static void xsyslog(BIO *bp, int priority, const char *string) sys$sndopr(opc_dsc, 0); - Free(opcdef_p); + OPENSSL_free(opcdef_p); } static void xcloselog(BIO* bp) diff --git a/crypto/bio/bss_rtcp.c b/crypto/bio/bss_rtcp.c index 4ad0739464..1a0078ad6e 100644 --- a/crypto/bio/bss_rtcp.c +++ b/crypto/bio/bss_rtcp.c @@ -156,7 +156,7 @@ static int rtcp_new(BIO *bi) bi->init=1; bi->num=0; bi->flags = 0; - bi->ptr=Malloc(sizeof(struct rpc_ctx)); + bi->ptr=OPENSSL_malloc(sizeof(struct rpc_ctx)); ctx = (struct rpc_ctx *) bi->ptr; ctx->filled = 0; ctx->pos = 0; @@ -166,7 +166,7 @@ static int rtcp_new(BIO *bi) static int rtcp_free(BIO *a) { if (a == NULL) return(0); - if ( a->ptr ) Free ( a->ptr ); + if ( a->ptr ) OPENSSL_free ( a->ptr ); a->ptr = NULL; return(1); } diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 009b0eb685..000ff48155 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -59,7 +59,7 @@ #ifndef HEADER_BN_H #define HEADER_BN_H -#ifndef WIN16 +#ifndef NO_FP_API #include <stdio.h> /* FILE */ #endif #include <openssl/opensslconf.h> @@ -364,6 +364,8 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx); int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, @@ -484,6 +486,7 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); #define BN_F_BN_DIV 107 #define BN_F_BN_EXPAND2 108 #define BN_F_BN_MOD_EXP_MONT 109 +#define BN_F_BN_MOD_EXP_MONT_WORD 117 #define BN_F_BN_MOD_INVERSE 110 #define BN_F_BN_MOD_MUL_RECIPROCAL 111 #define BN_F_BN_MPI2BN 112 diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 1b1bb06046..2d287e6d1b 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -67,7 +67,7 @@ BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod) bn_check_top(Ai); bn_check_top(mod); - if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL) + if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) { BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -91,7 +91,7 @@ void BN_BLINDING_free(BN_BLINDING *r) if (r->A != NULL) BN_free(r->A ); if (r->Ai != NULL) BN_free(r->Ai); - Free(r); + OPENSSL_free(r); } int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 46132fd180..b1a8d7571e 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -69,7 +69,7 @@ BN_CTX *BN_CTX_new(void) { BN_CTX *ret; - ret=(BN_CTX *)Malloc(sizeof(BN_CTX)); + ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX)); if (ret == NULL) { BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); @@ -102,7 +102,7 @@ void BN_CTX_free(BN_CTX *ctx) for (i=0; i < BN_CTX_NUM; i++) BN_clear_free(&(ctx->bn[i])); if (ctx->flags & BN_FLG_MALLOCED) - Free(ctx); + OPENSSL_free(ctx); } void BN_CTX_start(BN_CTX *ctx) diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index 988270bcf4..e0cbd70b7d 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -77,6 +77,7 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, {ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, +{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_MOD_EXP_MONT_WORD"}, {ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, {ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, {ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index 0c11601675..96f34fa529 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -66,6 +66,7 @@ # include <dlfcn.h> #endif + #define TABLE_SIZE 16 /* slow but works */ @@ -91,42 +92,6 @@ err: return(r); } -#if 0 -/* this one works - simple but works */ -int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx) - { - int i,bits,ret=0; - BIGNUM *v,*tmp; - - BN_CTX_start(ctx); - v = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - if (v == NULL || tmp == NULL) goto err; - - if (BN_copy(v,a) == NULL) goto err; - bits=BN_num_bits(p); - - if (BN_is_odd(p)) - { if (BN_copy(r,a) == NULL) goto err; } - else { if (!BN_one(r)) goto err; } - - for (i=1; i<bits; i++) - { - if (!BN_sqr(tmp,v,ctx)) goto err; - if (!BN_mod(v,tmp,m,ctx)) goto err; - if (BN_is_bit_set(p,i)) - { - if (!BN_mul(tmp,r,v,ctx)) goto err; - if (!BN_mod(r,tmp,m,ctx)) goto err; - } - } - ret=1; -err: - BN_CTX_end(ctx); - return(ret); - } - -#endif /* this one works - simple but works */ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx) @@ -163,6 +128,7 @@ err: return(ret); } + #ifdef ATALLA /* @@ -330,6 +296,7 @@ int BN_mod_exp_atalla(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m) } #endif /* def ATALLA */ + int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { @@ -354,7 +321,15 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, /* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */ if (BN_is_odd(m)) - { ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); } + { + if (a->top == 1) + { + BN_ULONG A = a->d[0]; + ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); + } + else + ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); + } else #endif #ifdef RECP_MUL_MOD @@ -370,7 +345,7 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, return(ret); } -/* #ifdef RECP_MUL_MOD */ + int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { @@ -485,9 +460,8 @@ err: BN_RECP_CTX_free(&recp); return(ret); } -/* #endif */ -/* #ifdef MONT_MUL_MOD */ + int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) { @@ -527,11 +501,9 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, /* If this is not done, things will break in the montgomery * part */ -#if 1 if (in_mont != NULL) mont=in_mont; else -#endif { if ((mont=BN_MONT_CTX_new()) == NULL) goto err; if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; @@ -541,7 +513,8 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, ts=1; if (BN_ucmp(a,m) >= 0) { - BN_mod(&(val[0]),a,m,ctx); + if (!BN_mod(&(val[0]),a,m,ctx)) + goto err; aa= &(val[0]); } else @@ -574,7 +547,7 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, wstart=bits-1; /* The top bit of the window */ wend=0; /* The bottom bit of the window */ - if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err; + if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err; for (;;) { if (BN_is_bit_set(p,wstart) == 0) @@ -635,7 +608,82 @@ err: BN_clear_free(&(val[i])); return(ret); } -/* #endif */ + +int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +/* if we had BN_mod_exp_mont_2, we could even use windowing in it */ + { + int b, bits, ret=0; + BIGNUM *d, *r, *t; + BN_MONT_CTX *mont = NULL; + + bn_check_top(p); + bn_check_top(m); + + if (!(m->d[0] & 1)) + { + BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); + return(0); + } + bits = BN_num_bits(p); + if (bits == 0) + { + BN_one(rr); + return(1); + } + BN_CTX_start(ctx); + d = BN_CTX_get(ctx); + r = BN_CTX_get(ctx); + t = BN_CTX_get(ctx); + if (d == NULL || r == NULL || t == NULL) goto err; + +#ifdef ATALLA + if (!tried_atalla) + { + BN_set_word(t, a); + if (BN_mod_exp_word_atalla(rr, t, p, m)) + return 1; + } +/* If it fails, try the other methods */ +#endif + + if (in_mont != NULL) + mont=in_mont; + else + { + if ((mont = BN_MONT_CTX_new()) == NULL) goto err; + if (!BN_MONT_CTX_set(mont, m, ctx)) goto err; + } + + if (!BN_to_montgomery(r, BN_value_one(), mont, ctx)) goto err; + for (b = bits-1; b >= 0; b--) + { + if (BN_is_bit_set(p, b)) + { + if (!BN_mul_word(r, a)) + goto err; + if (BN_ucmp(r, m) >= 0) + { + if (!BN_mod(t, r, m, ctx)) + goto err; + { BIGNUM *swap_tmp = r; r = t; t = swap_tmp; } + } + } + + if (b > 0) + { + if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) + goto err; + } + } + BN_from_montgomery(rr, r, mont, ctx); + ret = 1; +err: + if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); + BN_CTX_end(ctx); + return(ret); + } + /* The old fallback, simple version :-) */ int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 0e6b12d9c3..81e5d7d98e 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -264,22 +264,22 @@ void BN_clear_free(BIGNUM *a) { memset(a->d,0,a->max*sizeof(a->d[0])); if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) - Free(a->d); + OPENSSL_free(a->d); } i=BN_get_flags(a,BN_FLG_MALLOCED); memset(a,0,sizeof(BIGNUM)); if (i) - Free(a); + OPENSSL_free(a); } void BN_free(BIGNUM *a) { if (a == NULL) return; if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) - Free(a->d); + OPENSSL_free(a->d); a->flags|=BN_FLG_FREE; /* REMOVE? */ if (a->flags & BN_FLG_MALLOCED) - Free(a); + OPENSSL_free(a); } void BN_init(BIGNUM *a) @@ -291,7 +291,7 @@ BIGNUM *BN_new(void) { BIGNUM *ret; - if ((ret=(BIGNUM *)Malloc(sizeof(BIGNUM))) == NULL) + if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) { BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -325,7 +325,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return(NULL); } - a=A=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(words+1)); + a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); if (A == NULL) { BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); @@ -423,7 +423,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) case 0: ; /* ultrix cc workaround, see above */ } #endif - Free(b->d); + OPENSSL_free(b->d); } b->d=a; diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 598fecbf0c..b8eb2b7998 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -234,7 +234,7 @@ BN_MONT_CTX *BN_MONT_CTX_new(void) { BN_MONT_CTX *ret; - if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL) + if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL) return(NULL); BN_MONT_CTX_init(ret); @@ -260,7 +260,7 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) BN_free(&(mont->N)); BN_free(&(mont->Ni)); if (mont->flags & BN_FLG_MALLOCED) - Free(mont); + OPENSSL_free(mont); } int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 782a96e7e0..532e66bcc3 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -64,14 +64,14 @@ static const char *Hex="0123456789ABCDEF"; -/* Must 'Free' the returned data */ +/* Must 'OPENSSL_free' the returned data */ char *BN_bn2hex(const BIGNUM *a) { int i,j,v,z=0; char *buf; char *p; - buf=(char *)Malloc(a->top*BN_BYTES*2+2); + buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2); if (buf == NULL) { BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE); @@ -99,7 +99,7 @@ err: return(buf); } -/* Must 'Free' the returned data */ +/* Must 'OPENSSL_free' the returned data */ char *BN_bn2dec(const BIGNUM *a) { int i=0,num; @@ -110,8 +110,8 @@ char *BN_bn2dec(const BIGNUM *a) i=BN_num_bits(a)*3; num=(i/10+i/1000+3)+1; - bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); - buf=(char *)Malloc(num+3); + bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); + buf=(char *)OPENSSL_malloc(num+3); if ((buf == NULL) || (bn_data == NULL)) { BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); @@ -149,7 +149,7 @@ char *BN_bn2dec(const BIGNUM *a) } } err: - if (bn_data != NULL) Free(bn_data); + if (bn_data != NULL) OPENSSL_free(bn_data); if (t != NULL) BN_free(t); return(buf); } diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 943712c15b..b1163f7ec4 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -72,7 +72,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) bit=(bits-1)%8; mask=0xff<<bit; - buf=(unsigned char *)Malloc(bytes); + buf=(unsigned char *)OPENSSL_malloc(bytes); if (buf == NULL) { BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE); @@ -120,7 +120,7 @@ err: if (buf != NULL) { memset(buf,0,bytes); - Free(buf); + OPENSSL_free(buf); } return(ret); } diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index a8796bd0aa..d019941d6b 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -72,7 +72,7 @@ BN_RECP_CTX *BN_RECP_CTX_new(void) { BN_RECP_CTX *ret; - if ((ret=(BN_RECP_CTX *)Malloc(sizeof(BN_RECP_CTX))) == NULL) + if ((ret=(BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL) return(NULL); BN_RECP_CTX_init(ret); @@ -88,7 +88,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp) BN_free(&(recp->N)); BN_free(&(recp->Nr)); if (recp->flags & BN_FLG_MALLOCED) - Free(recp); + OPENSSL_free(recp); } int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c index c3a108ea52..b76ff3ad7a 100644 --- a/crypto/buffer/buffer.c +++ b/crypto/buffer/buffer.c @@ -64,7 +64,7 @@ BUF_MEM *BUF_MEM_new(void) { BUF_MEM *ret; - ret=Malloc(sizeof(BUF_MEM)); + ret=OPENSSL_malloc(sizeof(BUF_MEM)); if (ret == NULL) { BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE); @@ -84,9 +84,9 @@ void BUF_MEM_free(BUF_MEM *a) if (a->data != NULL) { memset(a->data,0,(unsigned int)a->max); - Free(a->data); + OPENSSL_free(a->data); } - Free(a); + OPENSSL_free(a); } int BUF_MEM_grow(BUF_MEM *str, int len) @@ -107,9 +107,9 @@ int BUF_MEM_grow(BUF_MEM *str, int len) } n=(len+3)/3*4; if (str->data == NULL) - ret=Malloc(n); + ret=OPENSSL_malloc(n); else - ret=Realloc(str->data,n); + ret=OPENSSL_realloc(str->data,n); if (ret == NULL) { BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); @@ -132,7 +132,7 @@ char *BUF_strdup(const char *str) if (str == NULL) return(NULL); n=strlen(str); - ret=Malloc(n+1); + ret=OPENSSL_malloc(n+1); if (ret == NULL) { BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE); diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c index acf2c3eeb5..76e40005c9 100644 --- a/crypto/cast/c_skey.c +++ b/crypto/cast/c_skey.c @@ -72,7 +72,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -void CAST_set_key(CAST_KEY *key, int len, unsigned char *data) +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) { CAST_LONG x[16]; CAST_LONG z[16]; diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h index 6cc5e8aa8c..e24e133099 100644 --- a/crypto/cast/cast.h +++ b/crypto/cast/cast.h @@ -82,7 +82,7 @@ typedef struct cast_key_st } CAST_KEY; -void CAST_set_key(CAST_KEY *key, int len, unsigned char *data); +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, int enc); void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c index a67ef23bc0..beb98ce8cc 100644 --- a/crypto/comp/comp_lib.c +++ b/crypto/comp/comp_lib.c @@ -8,7 +8,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) { COMP_CTX *ret; - if ((ret=(COMP_CTX *)Malloc(sizeof(COMP_CTX))) == NULL) + if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) { /* ZZZZZZZZZZZZZZZZ */ return(NULL); @@ -17,7 +17,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) ret->meth=meth; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } #if 0 @@ -37,7 +37,7 @@ void COMP_CTX_free(COMP_CTX *ctx) if (ctx->meth->finish != NULL) ctx->meth->finish(ctx); - Free(ctx); + OPENSSL_free(ctx); } int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h index 2f70634455..0adda45dd3 100644 --- a/crypto/conf/conf.h +++ b/crypto/conf/conf.h @@ -77,6 +77,37 @@ typedef struct } CONF_VALUE; DECLARE_STACK_OF(CONF_VALUE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_CONF_VALUE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_CONF_VALUE_new_null() sk_new_null() + #define sk_CONF_VALUE_free(a) sk_free(a) + #define sk_CONF_VALUE_num(a) sk_num(a) + #define sk_CONF_VALUE_value(a,b) ((CONF_VALUE *) \ + sk_value((a),(b))) + #define sk_CONF_VALUE_set(a,b,c) ((CONF_VALUE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_CONF_VALUE_zero(a) sk_zero(a) + #define sk_CONF_VALUE_push(a,b) sk_push((a),(char *)(b)) + #define sk_CONF_VALUE_unshift(a,b) sk_unshift((a),(b)) + #define sk_CONF_VALUE_find(a,b) sk_find((a), (char *)(b)) + #define sk_CONF_VALUE_delete(a,b) ((CONF_VALUE *) \ + sk_delete((a),(b))) + #define sk_CONF_VALUE_delete_ptr(a,b) ((CONF_VALUE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_CONF_VALUE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_CONF_VALUE_set_cmp_func(a,b) ((int (*) \ + (const CONF_VALUE * const *,const CONF_VALUE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_CONF_VALUE_dup(a) sk_dup(a) + #define sk_CONF_VALUE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_CONF_VALUE_shift(a) ((CONF_VALUE *)sk_shift(a)) + #define sk_CONF_VALUE_pop(a) ((CONF_VALUE *)sk_pop(a)) + #define sk_CONF_VALUE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ struct conf_st; typedef struct conf_st CONF; diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 29989270ab..8b6bc9accb 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -107,9 +107,9 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) if (v != NULL) { sk_CONF_VALUE_delete_ptr(ts,v); - Free(v->name); - Free(v->value); - Free(v); + OPENSSL_free(v->name); + OPENSSL_free(v->value); + OPENSSL_free(v); } return 1; } @@ -181,7 +181,7 @@ void _CONF_free_data(CONF *conf) { if (conf == NULL || conf->data == NULL) return; - conf->data->down_load=0; /* evil thing to make sure the 'Free()' + conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()' * works as expected */ lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data); @@ -212,13 +212,13 @@ static void value_free_stack(CONF_VALUE *a, LHASH *conf) for (i=sk_num(sk)-1; i>=0; i--) { vv=(CONF_VALUE *)sk_value(sk,i); - Free(vv->value); - Free(vv->name); - Free(vv); + OPENSSL_free(vv->value); + OPENSSL_free(vv->name); + OPENSSL_free(vv); } if (sk != NULL) sk_free(sk); - Free(a->section); - Free(a); + OPENSSL_free(a->section); + OPENSSL_free(a); } static unsigned long hash(CONF_VALUE *v) @@ -256,10 +256,10 @@ CONF_VALUE *_CONF_new_section(CONF *conf, char *section) if ((sk=sk_new_null()) == NULL) goto err; - if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL) + if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL) goto err; i=strlen(section)+1; - if ((v->section=(char *)Malloc(i)) == NULL) + if ((v->section=(char *)OPENSSL_malloc(i)) == NULL) goto err; memcpy(v->section,section,i); @@ -279,7 +279,7 @@ err: if (!ok) { if (sk != NULL) sk_free(sk); - if (v != NULL) Free(v); + if (v != NULL) OPENSSL_free(v); v=NULL; } return(v); diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 368a31a92f..773df32c68 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -59,6 +59,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include <stdio.h> +#include <string.h> #include <openssl/stack.h> #include <openssl/lhash.h> #include <openssl/conf.h> @@ -73,7 +74,7 @@ static void clear_comments(CONF *conf, char *p); static int str_copy(CONF *conf,char *section,char **to, char *from); static char *scan_quote(CONF *conf, char *p); static char *scan_dquote(CONF *conf, char *p); -#define scan_esc(p) (((IS_EOF((conf),(p)[1]))?(p+=1):(p+=2))) +#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2))) static CONF *def_create(CONF_METHOD *meth); static int def_init_default(CONF *conf); @@ -124,11 +125,11 @@ static CONF *def_create(CONF_METHOD *meth) { CONF *ret; - ret = (CONF *)Malloc(sizeof(CONF) + sizeof(unsigned short *)); + ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *)); if (ret) if (meth->init(ret) == 0) { - Free(ret); + OPENSSL_free(ret); ret = NULL; } return ret; @@ -162,7 +163,7 @@ static int def_destroy(CONF *conf) { if (def_destroy_data(conf)) { - Free(conf); + OPENSSL_free(conf); return 1; } return 0; @@ -198,7 +199,7 @@ static int def_load(CONF *conf, BIO *in, long *line) goto err; } - section=(char *)Malloc(10); + section=(char *)OPENSSL_malloc(10); if (section == NULL) { CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); @@ -345,14 +346,14 @@ again: p++; *p='\0'; - if (!(v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE)))) + if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { CONFerr(CONF_F_CONF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } if (psection == NULL) psection=section; - v->name=(char *)Malloc(strlen(pname)+1); + v->name=(char *)OPENSSL_malloc(strlen(pname)+1); v->value=NULL; if (v->name == NULL) { @@ -400,29 +401,29 @@ again: if (vv != NULL) { sk_CONF_VALUE_delete_ptr(ts,vv); - Free(vv->name); - Free(vv->value); - Free(vv); + OPENSSL_free(vv->name); + OPENSSL_free(vv->value); + OPENSSL_free(vv); } #endif v=NULL; } } if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) Free(section); + if (section != NULL) OPENSSL_free(section); return(1); err: if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) Free(section); + if (section != NULL) OPENSSL_free(section); if (line != NULL) *line=eline; sprintf(btmp,"%ld",eline); ERR_add_error_data(2,"line ",btmp); if ((h != conf->data) && (conf->data != NULL)) CONF_free(conf->data); if (v != NULL) { - if (v->name != NULL) Free(v->name); - if (v->value != NULL) Free(v->value); - if (v != NULL) Free(v); + if (v->name != NULL) OPENSSL_free(v->name); + if (v->value != NULL) OPENSSL_free(v->value); + if (v != NULL) OPENSSL_free(v); } return(0); } @@ -465,7 +466,7 @@ static void clear_comments(CONF *conf, char *p) } if (IS_ESC(conf,*p)) { - p=scan_esc(p); + p=scan_esc(conf,p); continue; } if (IS_EOF(conf,*p)) @@ -602,9 +603,9 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) buf->data[to++]= *(from++); } buf->data[to]='\0'; - if (*pto != NULL) Free(*pto); + if (*pto != NULL) OPENSSL_free(*pto); *pto=buf->data; - Free(buf); + OPENSSL_free(buf); return(1); err: if (buf != NULL) BUF_MEM_free(buf); @@ -624,7 +625,7 @@ static char *eat_alpha_numeric(CONF *conf, char *p) { if (IS_ESC(conf,*p)) { - p=scan_esc(p); + p=scan_esc(conf,p); continue; } if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p)) diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 0502a874a0..9ff520a6e5 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -130,7 +130,7 @@ int CRYPTO_get_new_lockid(char *name) return(0); i=sk_push(app_locks,str); if (!i) - Free(str); + OPENSSL_free(str); else i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ return(i); diff --git a/crypto/crypto.h b/crypto/crypto.h index 71f2f6fdf2..59b4c9b0ef 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -202,6 +202,37 @@ typedef struct crypto_ex_data_func_st } CRYPTO_EX_DATA_FUNCS; DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_CRYPTO_EX_DATA_FUNCS_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_CRYPTO_EX_DATA_FUNCS_new_null() sk_new_null() + #define sk_CRYPTO_EX_DATA_FUNCS_free(a) sk_free(a) + #define sk_CRYPTO_EX_DATA_FUNCS_num(a) sk_num(a) + #define sk_CRYPTO_EX_DATA_FUNCS_value(a,b) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_value((a),(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_set(a,b,c) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_set((a),(b),(char *)(c))) + #define sk_CRYPTO_EX_DATA_FUNCS_zero(a) sk_zero(a) + #define sk_CRYPTO_EX_DATA_FUNCS_push(a,b) sk_push((a),(char *)(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_unshift(a,b) sk_unshift((a),(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_find(a,b) sk_find((a), (char *)(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_delete(a,b) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_delete((a),(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(a,b) ((CRYPTO_EX_DATA_FUNCS *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(a,b) ((int (*) \ + (const CRYPTO_EX_DATA_FUNCS * const *,const CRYPTO_EX_DATA_FUNCS * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_CRYPTO_EX_DATA_FUNCS_dup(a) sk_dup(a) + #define sk_CRYPTO_EX_DATA_FUNCS_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_CRYPTO_EX_DATA_FUNCS_shift(a) ((CRYPTO_EX_DATA_FUNCS *)sk_shift(a)) + #define sk_CRYPTO_EX_DATA_FUNCS_pop(a) ((CRYPTO_EX_DATA_FUNCS *)sk_pop(a)) + #define sk_CRYPTO_EX_DATA_FUNCS_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA * entry. @@ -251,16 +282,17 @@ int CRYPTO_is_mem_check_on(void); #define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) #define is_MemCheck_on() CRYPTO_is_mem_check_on() -#define Malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) -#define Realloc(addr,num) \ +#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +#define OPENSSL_realloc(addr,num) \ CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) -#define Remalloc(addr,num) \ +#define OPENSSL_remalloc(addr,num) \ CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) -#define FreeFunc CRYPTO_free -#define Free(addr) CRYPTO_free(addr) +#define OPENSSL_freeFunc CRYPTO_free +#define OPENSSL_free(addr) CRYPTO_free(addr) -#define Malloc_locked(num) CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) -#define Free_locked(addr) CRYPTO_free_locked(addr) +#define OPENSSL_malloc_locked(num) \ + CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) +#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) /* Case insensiteve linking causes problems.... */ @@ -380,4 +412,3 @@ void ERR_load_CRYPTO_strings(void); } #endif #endif - diff --git a/crypto/des/des.c b/crypto/des/des.c index 0197489c9e..215d7413c0 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -374,8 +374,8 @@ void doencryption(void) if (buf == NULL) { - if ( (( buf=Malloc(BUFSIZE+8)) == NULL) || - ((obuf=Malloc(BUFSIZE+8)) == NULL)) + if ( (( buf=OPENSSL_malloc(BUFSIZE+8)) == NULL) || + ((obuf=OPENSSL_malloc(BUFSIZE+8)) == NULL)) { fputs("Not enough memory\n",stderr); Exit=10; diff --git a/crypto/des/des.h b/crypto/des/des.h index cf536e6428..2db9748cb4 100644 --- a/crypto/des/des.h +++ b/crypto/des/des.h @@ -67,7 +67,6 @@ #error <openssl/des.h> replaces <kerberos/des.h>. #endif -#include <stdio.h> #include <openssl/opensslconf.h> /* DES_LONG */ #include <openssl/e_os2.h> /* OPENSSL_EXTERN */ diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c index 7399ff7269..af2d9177d2 100644 --- a/crypto/des/enc_read.c +++ b/crypto/des/enc_read.c @@ -103,17 +103,17 @@ int des_enc_read(int fd, void *buf, int len, des_key_schedule sched, if (tmpbuf == NULL) { - tmpbuf=Malloc(BSIZE); + tmpbuf=OPENSSL_malloc(BSIZE); if (tmpbuf == NULL) return(-1); } if (net == NULL) { - net=Malloc(BSIZE); + net=OPENSSL_malloc(BSIZE); if (net == NULL) return(-1); } if (unnet == NULL) { - unnet=Malloc(BSIZE); + unnet=OPENSSL_malloc(BSIZE); if (unnet == NULL) return(-1); } /* left over data from last decrypt */ diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c index 4d3452724e..cc2b50fb50 100644 --- a/crypto/des/enc_writ.c +++ b/crypto/des/enc_writ.c @@ -95,7 +95,7 @@ int des_enc_write(int fd, const void *_buf, int len, if (outbuf == NULL) { - outbuf=Malloc(BSIZE+HDRSIZE); + outbuf=OPENSSL_malloc(BSIZE+HDRSIZE); if (outbuf == NULL) return(-1); } /* If we are sending less than 8 bytes, the same char will look diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 28817cb630..6915d79dcc 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -196,19 +196,26 @@ err: static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); -} + { + if (a->top == 1) + { + BN_ULONG A = a->d[0]; + return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); + } + else + return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx); + } + static int dh_init(DH *dh) -{ + { dh->flags |= DH_FLAG_CACHE_MONT_P; return(1); -} + } static int dh_finish(DH *dh) -{ + { if(dh->method_mont_p) BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); return(1); -} + } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index d4f193c8f0..2eedad6c38 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -135,7 +135,7 @@ DH *DH_new_method(ENGINE *engine) { DH_METHOD *meth; DH *ret; - ret=(DH *)Malloc(sizeof(DH)); + ret=(DH *)OPENSSL_malloc(sizeof(DH)); if (ret == NULL) { @@ -170,7 +170,7 @@ DH *DH_new_method(ENGINE *engine) ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -206,11 +206,11 @@ void DH_free(DH *r) if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); if (r->j != NULL) BN_clear_free(r->j); - if (r->seed) Free(r->seed); + if (r->seed) OPENSSL_free(r->seed); if (r->counter != NULL) BN_clear_free(r->counter); if (r->pub_key != NULL) BN_clear_free(r->pub_key); if (r->priv_key != NULL) BN_clear_free(r->priv_key); - Free(r); + OPENSSL_free(r); } int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c index d66c28455e..f0151253d7 100644 --- a/crypto/dh/dhtest.c +++ b/crypto/dh/dhtest.c @@ -140,7 +140,7 @@ int main(int argc, char *argv[]) BIO_puts(out,"\n"); alen=DH_size(a); - abuf=(unsigned char *)Malloc(alen); + abuf=(unsigned char *)OPENSSL_malloc(alen); aout=DH_compute_key(abuf,b->pub_key,a); BIO_puts(out,"key1 ="); @@ -152,7 +152,7 @@ int main(int argc, char *argv[]) BIO_puts(out,"\n"); blen=DH_size(b); - bbuf=(unsigned char *)Malloc(blen); + bbuf=(unsigned char *)OPENSSL_malloc(blen); bout=DH_compute_key(bbuf,a->pub_key,b); BIO_puts(out,"key2 ="); @@ -170,8 +170,8 @@ int main(int argc, char *argv[]) else ret=0; err: - if (abuf != NULL) Free(abuf); - if (bbuf != NULL) Free(bbuf); + if (abuf != NULL) OPENSSL_free(abuf); + if (bbuf != NULL) OPENSSL_free(bbuf); if(b != NULL) DH_free(b); if(a != NULL) DH_free(a); BIO_free(out); diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index c9b32b4db7..a76c8f7c7e 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -10,7 +10,7 @@ DSA_SIG *DSA_SIG_new(void) { DSA_SIG *ret; - ret = Malloc(sizeof(DSA_SIG)); + ret = OPENSSL_malloc(sizeof(DSA_SIG)); if (ret == NULL) { DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE); @@ -26,7 +26,7 @@ void DSA_SIG_free(DSA_SIG *r) if (r == NULL) return; if (r->r) BN_clear_free(r->r); if (r->s) BN_clear_free(r->s); - Free(r); + OPENSSL_free(r); } int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) @@ -35,7 +35,7 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) ASN1_INTEGER rbs,sbs; unsigned char *p; - rbs.data=Malloc(BN_num_bits(v->r)/8+1); + rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1); if (rbs.data == NULL) { DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); @@ -43,10 +43,10 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) } rbs.type=V_ASN1_INTEGER; rbs.length=BN_bn2bin(v->r,rbs.data); - sbs.data=Malloc(BN_num_bits(v->s)/8+1); + sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1); if (sbs.data == NULL) { - Free(rbs.data); + OPENSSL_free(rbs.data); DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); return(0); } @@ -64,8 +64,8 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) i2d_ASN1_INTEGER(&sbs,&p); } t=ASN1_object_size(1,len,V_ASN1_SEQUENCE); - Free(rbs.data); - Free(sbs.data); + OPENSSL_free(rbs.data); + OPENSSL_free(sbs.data); return(t); } diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index fd33461bcf..c91ff00d1e 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -140,7 +140,7 @@ DSA *DSA_new_method(ENGINE *engine) DSA_METHOD *meth; DSA *ret; - ret=(DSA *)Malloc(sizeof(DSA)); + ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); if (ret == NULL) { DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE); @@ -175,7 +175,7 @@ DSA *DSA_new_method(ENGINE *engine) ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -217,7 +217,7 @@ void DSA_free(DSA *r) if (r->priv_key != NULL) BN_clear_free(r->priv_key); if (r->kinv != NULL) BN_clear_free(r->kinv); if (r->r != NULL) BN_clear_free(r->r); - Free(r); + OPENSSL_free(r); } int DSA_size(DSA *r) diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index f41ebf1aa4..861f5fb84e 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -100,7 +100,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) * to stealing the "best available" method. Will fallback * to DSO_METH_null() in the worst case. */ default_DSO_meth = DSO_METHOD_openssl(); - ret = (DSO *)Malloc(sizeof(DSO)); + ret = (DSO *)OPENSSL_malloc(sizeof(DSO)); if(ret == NULL) { DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -112,7 +112,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) { /* sk_new doesn't generate any errors so we do */ DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); - Free(ret); + OPENSSL_free(ret); return(NULL); } if(meth == NULL) @@ -122,7 +122,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) ret->references = 1; if((ret->meth->init != NULL) && !ret->meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } return(ret); @@ -165,7 +165,7 @@ int DSO_free(DSO *dso) sk_free(dso->meth_data); - Free(dso); + OPENSSL_free(dso); return(1); } diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c index 212a255b4b..e204b6b07b 100644 --- a/crypto/dso/dso_win32.c +++ b/crypto/dso/dso_win32.c @@ -133,19 +133,19 @@ static int win32_load(DSO *dso, const char *filename) DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED); return(0); } - p = (HINSTANCE *)Malloc(sizeof(HINSTANCE)); + p = (HINSTANCE *)OPENSSL_malloc(sizeof(HINSTANCE)); if(p == NULL) { DSOerr(DSO_F_WIN32_LOAD,ERR_R_MALLOC_FAILURE); - FreeLibrary(h); + OPENSSL_freeLibrary(h); return(0); } *p = h; if(!sk_push(dso->meth_data, (char *)p)) { DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR); - FreeLibrary(h); - Free(p); + OPENSSL_freeLibrary(h); + OPENSSL_free(p); return(0); } return(1); @@ -167,7 +167,7 @@ static int win32_unload(DSO *dso) DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE); return(0); } - if(!FreeLibrary(p)) + if(!OPENSSL_freeLibrary(p)) { DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED); /* We should push the value back onto the stack in @@ -176,7 +176,7 @@ static int win32_unload(DSO *dso) return(0); } /* Cleanup */ - Free(p); + OPENSSL_free(p); return(1); } diff --git a/crypto/err/err.c b/crypto/err/err.c index 2e106a5dea..58c918d1da 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -230,7 +230,7 @@ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; static void build_SYS_str_reasons() { - /* Malloc cannot be used here, use static storage instead */ + /* OPENSSL_malloc cannot be used here, use static storage instead */ static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; int i; @@ -267,7 +267,7 @@ static void build_SYS_str_reasons() if (((p)->err_data[i] != NULL) && \ (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ { \ - Free((p)->err_data[i]); \ + OPENSSL_free((p)->err_data[i]); \ (p)->err_data[i]=NULL; \ } \ (p)->err_data_flags[i]=0; @@ -283,7 +283,7 @@ static void ERR_STATE_free(ERR_STATE *s) { err_clear_data(s,i); } - Free(s); + OPENSSL_free(s); } void ERR_load_ERR_strings(void) @@ -687,7 +687,7 @@ ERR_STATE *ERR_get_state(void) /* ret == the error state, if NULL, make a new one */ if (ret == NULL) { - ret=(ERR_STATE *)Malloc(sizeof(ERR_STATE)); + ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); if (ret == NULL) return(&fallback); ret->pid=pid; ret->top=0; @@ -757,7 +757,7 @@ void ERR_add_error_data(int num, ...) char *str,*p,*a; s=64; - str=Malloc(s+1); + str=OPENSSL_malloc(s+1); if (str == NULL) return; str[0]='\0'; @@ -773,10 +773,10 @@ void ERR_add_error_data(int num, ...) if (n > s) { s=n+20; - p=Realloc(str,s+1); + p=OPENSSL_realloc(str,s+1); if (p == NULL) { - Free(str); + OPENSSL_free(str); return; } else diff --git a/crypto/err/err.h b/crypto/err/err.h index e9eee99591..3b1b980d4f 100644 --- a/crypto/err/err.h +++ b/crypto/err/err.h @@ -61,6 +61,7 @@ #ifndef NO_FP_API #include <stdio.h> +#include <stdlib.h> #endif #ifdef __cplusplus diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c index e76387eaec..a275ef4c7d 100644 --- a/crypto/evp/bio_b64.c +++ b/crypto/evp/bio_b64.c @@ -113,7 +113,7 @@ static int b64_new(BIO *bi) { BIO_B64_CTX *ctx; - ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX)); + ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -133,7 +133,7 @@ static int b64_new(BIO *bi) static int b64_free(BIO *a) { if (a == NULL) return(0); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 1b7a21010c..129e2e30a4 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -105,7 +105,7 @@ static int enc_new(BIO *bi) { BIO_ENC_CTX *ctx; - ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX)); + ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX)); EVP_CIPHER_CTX_init(&ctx->cipher); if (ctx == NULL) return(0); @@ -129,7 +129,7 @@ static int enc_free(BIO *a) b=(BIO_ENC_CTX *)a->ptr; EVP_CIPHER_CTX_cleanup(&(b->cipher)); memset(a->ptr,0,sizeof(BIO_ENC_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index f21319c04e..194555be4e 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -96,7 +96,7 @@ static int md_new(BIO *bi) { EVP_MD_CTX *ctx; - ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX)); + ctx=(EVP_MD_CTX *)OPENSSL_malloc(sizeof(EVP_MD_CTX)); if (ctx == NULL) return(0); bi->init=0; @@ -108,7 +108,7 @@ static int md_new(BIO *bi) static int md_free(BIO *a) { if (a == NULL) return(0); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 4f9b703a36..a358aadbaf 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -187,7 +187,7 @@ static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - ctx=(BIO_OK_CTX *)Malloc(sizeof(BIO_OK_CTX)); + ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -209,7 +209,7 @@ static int ok_free(BIO *a) { if (a == NULL) return(0); memset(a->ptr,0,sizeof(BIO_OK_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c index 5f6b0f933f..72047f64da 100644 --- a/crypto/evp/e_bf.c +++ b/crypto/evp/e_bf.c @@ -63,15 +63,15 @@ #include "evp_locl.h" #include <openssl/objects.h> -static int bf_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8, 0, bf_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -static int bf_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key); return 1; diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c index e0a9430b13..e5af7fb4ed 100644 --- a/crypto/evp/e_cast.c +++ b/crypto/evp/e_cast.c @@ -64,16 +64,16 @@ #include <openssl/objects.h> #include "evp_locl.h" -static int cast_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks, NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8, EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -static int cast_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key); return 1; diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index 485133a234..f4e998b81c 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -63,33 +63,39 @@ #include <openssl/objects.h> #include "evp_locl.h" -static int des_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ -static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt); return 1; } -static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num); return 1; } -static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { - des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, ctx->encrypt); + des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, + (des_cblock *)ctx->iv, ctx->encrypt); return 1; } -static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { - des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); + des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, + (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); return 1; } @@ -100,8 +106,8 @@ BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8, NULL) -static int des_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index c11c2b6856..a9aba4ae70 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -63,15 +63,16 @@ #include <openssl/objects.h> #include "evp_locl.h" -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */ -static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), @@ -80,7 +81,8 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned return 1; } -static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ede3_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, @@ -88,7 +90,8 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned return 1; } -static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ede3_cbc_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, @@ -96,7 +99,8 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned return 1; } -static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { des_ede3_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, @@ -124,8 +128,8 @@ BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8, EVP_CIPHER_get_asn1_iv, NULL) -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; @@ -137,8 +141,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, return 1; } -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index c643a063a6..8d3c88deb7 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -64,14 +64,15 @@ #include <openssl/objects.h> #include "evp_locl.h" -static int idea_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); /* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special * case */ -static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) +static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) { BLOCK_CIPHER_ecb_loop() idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks); @@ -88,8 +89,8 @@ BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8, 0, idea_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -static int idea_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { if(!enc) { if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1; diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c index d507337df6..e0702cf818 100644 --- a/crypto/evp/e_null.c +++ b/crypto/evp/e_null.c @@ -61,10 +61,10 @@ #include <openssl/evp.h> #include <openssl/objects.h> -static int null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); + const unsigned char *in, unsigned int inl); static EVP_CIPHER n_cipher= { NID_undef, @@ -84,15 +84,15 @@ EVP_CIPHER *EVP_enc_null(void) return(&n_cipher); } -static int null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { memset(&(ctx->c),0,sizeof(ctx->c)); return 1; } static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + const unsigned char *in, unsigned int inl) { if (in != out) memcpy((char *)out,(char *)in,(int)inl); diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c index 4c3bf1e649..3955c3ef84 100644 --- a/crypto/evp/e_rc2.c +++ b/crypto/evp/e_rc2.c @@ -64,18 +64,21 @@ #include <openssl/objects.h> #include "evp_locl.h" -static int rc2_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); -static int rc2_meth_to_magic(const EVP_CIPHER *e); -static EVP_CIPHER *rc2_magic_to_meth(int i); +static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); +static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx); +static int rc2_magic_to_meth(int i); static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); +static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2, 8, EVP_RC2_KEY_SIZE, 8, - EVP_CIPH_VARIABLE_LENGTH, rc2_init_key, NULL, - rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, NULL) + EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + rc2_init_key, NULL, + rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, + rc2_ctrl) #define RC2_40_MAGIC 0xa0 #define RC2_64_MAGIC 0x78 @@ -85,7 +88,7 @@ static EVP_CIPHER r2_64_cbc_cipher= { NID_rc2_64_cbc, 8,8 /* 64 bit */,8, - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH, + EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, rc2_init_key, rc2_cbc_cipher, NULL, @@ -93,7 +96,7 @@ static EVP_CIPHER r2_64_cbc_cipher= sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)), rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, - NULL, + rc2_ctrl, NULL }; @@ -101,7 +104,7 @@ static EVP_CIPHER r2_40_cbc_cipher= { NID_rc2_40_cbc, 8,5 /* 40 bit */,8, - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH, + EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, rc2_init_key, rc2_cbc_cipher, NULL, @@ -109,7 +112,7 @@ static EVP_CIPHER r2_40_cbc_cipher= sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)), rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, - NULL, + rc2_ctrl, NULL }; @@ -123,34 +126,34 @@ EVP_CIPHER *EVP_rc2_40_cbc(void) return(&r2_40_cbc_cipher); } -static int rc2_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx), - key,EVP_CIPHER_key_length(ctx->cipher)*8); + key,ctx->c.rc2.key_bits); return 1; } -static int rc2_meth_to_magic(const EVP_CIPHER *e) +static int rc2_meth_to_magic(EVP_CIPHER_CTX *e) { int i; - i=EVP_CIPHER_key_length(e); - if (i == 16) return(RC2_128_MAGIC); - else if (i == 8) return(RC2_64_MAGIC); - else if (i == 5) return(RC2_40_MAGIC); + EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i); + if (i == 128) return(RC2_128_MAGIC); + else if (i == 64) return(RC2_64_MAGIC); + else if (i == 40) return(RC2_40_MAGIC); else return(0); } -static EVP_CIPHER *rc2_magic_to_meth(int i) +static int rc2_magic_to_meth(int i) { - if (i == RC2_128_MAGIC) return(EVP_rc2_cbc()); - else if (i == RC2_64_MAGIC) return(EVP_rc2_64_cbc()); - else if (i == RC2_40_MAGIC) return(EVP_rc2_40_cbc()); + if (i == RC2_128_MAGIC) return 128; + else if (i == RC2_64_MAGIC) return 64; + else if (i == RC2_40_MAGIC) return 40; else { EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE); - return(NULL); + return(0); } } @@ -158,25 +161,21 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) { long num=0; int i=0,l; - EVP_CIPHER *e; + int key_bits; + unsigned char iv[EVP_MAX_IV_LENGTH]; if (type != NULL) { l=EVP_CIPHER_CTX_iv_length(c); - i=ASN1_TYPE_get_int_octetstring(type,&num,c->oiv,l); + i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); if (i != l) return(-1); - else if (i > 0) - memcpy(c->iv,c->oiv,l); - e=rc2_magic_to_meth((int)num); - if (e == NULL) + key_bits =rc2_magic_to_meth((int)num); + if (!key_bits) return(-1); - if (e != EVP_CIPHER_CTX_cipher(c)) - { - EVP_CIPHER_CTX_cipher(c)=e; - EVP_CIPHER_CTX_set_key_length(c, EVP_CIPHER_key_length(c)); - rc2_init_key(c,NULL,NULL,1); - } + if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1); + EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL); + EVP_CIPHER_CTX_set_key_length(c, key_bits / 8); } return(i); } @@ -188,11 +187,36 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (type != NULL) { - num=rc2_meth_to_magic(EVP_CIPHER_CTX_cipher(c)); + num=rc2_meth_to_magic(c); j=EVP_CIPHER_CTX_iv_length(c); i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j); } return(i); } +static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { + switch(type) { + + case EVP_CTRL_INIT: + c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8; + return 1; + + case EVP_CTRL_GET_RC2_KEY_BITS: + *(int *)ptr = c->c.rc2.key_bits; + return 1; + + + case EVP_CTRL_SET_RC2_KEY_BITS: + if(arg > 0) { + c->c.rc2.key_bits = arg; + return 1; + } + return 0; + + default: + return -1; + } + } + #endif diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c index 42839aef6b..1c1e3b3857 100644 --- a/crypto/evp/e_rc4.c +++ b/crypto/evp/e_rc4.c @@ -63,10 +63,10 @@ #include <openssl/evp.h> #include <openssl/objects.h> -static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); + const unsigned char *in, unsigned int inl); static EVP_CIPHER r4_cipher= { NID_rc4, @@ -107,8 +107,8 @@ EVP_CIPHER *EVP_rc4_40(void) return(&r4_40_cipher); } -static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx)); RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx), @@ -117,7 +117,7 @@ static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, } static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + const unsigned char *in, unsigned int inl) { RC4(&(ctx->c.rc4.ks),inl,in,out); return 1; diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c index 3998e0c6c8..5885f1826b 100644 --- a/crypto/evp/e_rc5.c +++ b/crypto/evp/e_rc5.c @@ -64,55 +64,55 @@ #include <openssl/objects.h> #include "evp_locl.h" -static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); +static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, rc5.ks, RC5_32, rc5, NID_rc5, 8, EVP_RC5_32_12_16_KEY_SIZE, 8, - 0, r_32_12_16_init_key, NULL, - NULL, NULL, NULL) + EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + r_32_12_16_init_key, NULL, + NULL, NULL, rc5_ctrl) -#if 0 -static int r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); -static EVP_CIPHER rc5_32_12_16_cbc_cipher= - { - NID_rc5_cbc, - 8,EVP_RC5_32_12_16_KEY_SIZE,8, - EVP_CIPH_CBC_MODE, - r_32_12_16_cbc_init_key, - r_32_12_16_cbc_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5)), - NULL, - NULL, - NULL - }; -EVP_CIPHER *EVP_rc5_32_12_16_cbc(void) - { - return(&rc5_32_12_16_cbc_cipher); - } -#endif - -static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) + +static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { - RC5_32_set_key(&(ctx->c.rc5.ks),EVP_RC5_32_12_16_KEY_SIZE, - key,RC5_12_ROUNDS); - return 1; + switch(type) { + + case EVP_CTRL_INIT: + c->c.rc5.rounds = RC5_12_ROUNDS; + return 1; + + case EVP_CTRL_GET_RC5_ROUNDS: + *(int *)ptr = c->c.rc5.rounds; + return 1; + + + case EVP_CTRL_SET_RC5_ROUNDS: + switch(arg) { + case RC5_8_ROUNDS: + case RC5_12_ROUNDS: + case RC5_16_ROUNDS: + c->c.rc5.rounds = arg; + return 1; + + default: + EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); + return 0; + } + + default: + return -1; + } } -#if 0 -static int r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + +static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { - RC5_32_cbc_encrypt( - in,out,(long)inl, - &(ctx->c.rc5.ks),&(ctx->iv[0]), - ctx->encrypt); + RC5_32_set_key(&(ctx->c.rc5.ks),EVP_CIPHER_CTX_key_length(ctx), + key,ctx->c.rc5.rounds); return 1; } -#endif #endif diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c index e5dcdebe16..e5b15acc7d 100644 --- a/crypto/evp/e_xcbc_d.c +++ b/crypto/evp/e_xcbc_d.c @@ -62,10 +62,10 @@ #include <openssl/evp.h> #include <openssl/objects.h> -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv,int enc); +static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv,int enc); static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl); + const unsigned char *in, unsigned int inl); static EVP_CIPHER d_xcbc_cipher= { NID_desx_cbc, @@ -86,8 +86,8 @@ EVP_CIPHER *EVP_desx_cbc(void) return(&d_xcbc_cipher); } -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, - unsigned char *iv, int enc) +static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { des_cblock *deskey = (des_cblock *)key; @@ -99,7 +99,7 @@ static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, } static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - unsigned char *in, unsigned int inl) + const unsigned char *in, unsigned int inl) { des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks, (des_cblock *)&(ctx->iv[0]), diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index abb1490b81..56a7e08189 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -328,8 +328,10 @@ struct evp_cipher_st int key_len; /* Default value for variable length ciphers */ int iv_len; unsigned long flags; /* Various flags */ - int (*init)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, int); /* init key */ - int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, unsigned int);/* encrypt/decrypt data */ + int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); /* init key */ + int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */ int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ int ctx_size; /* how big the ctx needs to be */ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ @@ -589,6 +591,7 @@ void ERR_load_EVP_strings(void ); void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); #ifdef HEADER_BIO_H BIO_METHOD *BIO_f_md(void); @@ -738,6 +741,7 @@ void EVP_PBE_cleanup(void); /* Function codes. */ #define EVP_F_D2I_PKEY 100 #define EVP_F_EVP_CIPHERINIT 123 +#define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 #define EVP_F_EVP_DECRYPTFINAL 101 #define EVP_F_EVP_MD_CTX_COPY 110 @@ -759,12 +763,15 @@ void EVP_PBE_cleanup(void); #define EVP_F_PKCS5_PBE_KEYIVGEN 117 #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 #define EVP_F_RC2_MAGIC_TO_METH 109 +#define EVP_F_RC5_CTRL 125 /* Reason codes. */ #define EVP_R_BAD_DECRYPT 100 #define EVP_R_BN_DECODE_ERROR 112 #define EVP_R_BN_PUBKEY_ERROR 113 #define EVP_R_CIPHER_PARAMETER_ERROR 122 +#define EVP_R_CTRL_NOT_IMPLEMENTED 132 +#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 #define EVP_R_ENCODE_ERROR 115 @@ -772,6 +779,7 @@ void EVP_PBE_cleanup(void); #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DSA_KEY 129 +#define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INPUT_NOT_INITIALIZED 111 #define EVP_R_INVALID_KEY_LENGTH 130 #define EVP_R_IV_TOO_LARGE 102 @@ -784,6 +792,7 @@ void EVP_PBE_cleanup(void); #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 +#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 #define EVP_R_UNSUPPORTED_CIPHER 107 #define EVP_R_UNSUPPORTED_KEYLENGTH 123 #define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124 diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 4bf3a565a7..e2687f9879 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -73,10 +73,16 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, unsigned char *key, unsigned char *iv, int enc) { - if(enc) enc = 1; + if(enc && (enc != -1)) enc = 1; if (cipher) { ctx->cipher=cipher; ctx->key_len = cipher->key_len; + if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { + if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { + EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); + return 0; + } + } } else if(!ctx->cipher) { EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); return 0; @@ -108,7 +114,7 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; } - ctx->encrypt=enc; + if(enc != -1) ctx->encrypt=enc; ctx->buf_len=0; return 1; } @@ -301,6 +307,8 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) { + if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) + return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); if(c->key_len == keylen) return 1; if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { @@ -310,3 +318,24 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH); return 0; } + +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) +{ + int ret; + if(!ctx->cipher) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); + return 0; + } + + if(!ctx->cipher->ctrl) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); + return 0; + } + + ret = ctx->cipher->ctrl(ctx, type, arg, ptr); + if(ret == -1) { + EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); + return 0; + } + return ret; +} diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index d48d9442b2..a01412a07c 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -68,6 +68,7 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, {ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"}, +{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"}, {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"}, {ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, {ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"}, @@ -89,6 +90,7 @@ static ERR_STRING_DATA EVP_str_functs[]= {ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"}, {ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"}, {ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"}, +{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"}, {0,NULL} }; @@ -98,6 +100,8 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_BN_DECODE_ERROR ,"bn decode error"}, {EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"}, {EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"}, +{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"}, +{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"}, {EVP_R_DECODE_ERROR ,"decode error"}, {EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, {EVP_R_ENCODE_ERROR ,"encode error"}, @@ -105,6 +109,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"}, {EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"}, {EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"}, +{EVP_R_INITIALIZATION_ERROR ,"initialization error"}, {EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"}, {EVP_R_INVALID_KEY_LENGTH ,"invalid key length"}, {EVP_R_IV_TOO_LARGE ,"iv too large"}, @@ -117,6 +122,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"}, {EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, {EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"}, +{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"}, {EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, {EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"}, {EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"}, diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index d3a626003f..f3414b9a7b 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -67,7 +67,7 @@ for(i=0; i <= inl; i+=8) \ #define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \ -static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ BLOCK_CIPHER_ecb_loop() \ cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.##kname, ctx->encrypt);\ @@ -75,21 +75,21 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned } #define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \ -static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, &ctx->num);\ return 1;\ } #define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \ -static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, ctx->encrypt);\ return 1;\ } #define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \ -static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \ +static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, &ctx->num, ctx->encrypt);\ return 1;\ diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 187521eb58..229ac673a7 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -116,7 +116,7 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, { EVP_PBE_CTL *pbe_tmp; if (!pbe_algs) pbe_algs = sk_new ((int (*)())pbe_cmp); - if (!(pbe_tmp = (EVP_PBE_CTL*) Malloc (sizeof(EVP_PBE_CTL)))) { + if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) { EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE); return 0; } @@ -130,6 +130,6 @@ int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, void EVP_PBE_cleanup(void) { - sk_pop_free(pbe_algs, FreeFunc); + sk_pop_free(pbe_algs, OPENSSL_freeFunc); pbe_algs = NULL; } diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 892d1e91da..8df2874f3c 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -308,7 +308,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); len = i2d_DSAparams (pkey->pkey.dsa, NULL); - if (!(p = Malloc(len))) { + if (!(p = OPENSSL_malloc(len))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free (p8); return 0; @@ -317,7 +317,7 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) i2d_DSAparams (pkey->pkey.dsa, &q); params = ASN1_STRING_new(); ASN1_STRING_set(params, p, len); - Free(p); + OPENSSL_free(p); /* Get private key into integer */ if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 4cb387f8de..62398ed74d 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -180,7 +180,7 @@ EVP_PKEY *EVP_PKEY_new(void) { EVP_PKEY *ret; - ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY)); + ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); @@ -302,7 +302,7 @@ void EVP_PKEY_free(EVP_PKEY *x) } #endif EVP_PKEY_free_it(x); - Free(x); + OPENSSL_free(x); } static void EVP_PKEY_free_it(EVP_PKEY *x) diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index b9ca7892c2..85d5097644 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -76,8 +76,13 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, goto err; } + if(type) { + EVP_CIPHER_CTX_init(ctx); + EVP_DecryptInit(ctx,type,NULL,NULL); + } + size=RSA_size(priv->pkey.rsa); - key=(unsigned char *)Malloc(size+2); + key=(unsigned char *)OPENSSL_malloc(size+2); if (key == NULL) { /* ERROR */ @@ -87,18 +92,17 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, } i=EVP_PKEY_decrypt(key,ek,ekl,priv); - if (i != type->key_len) + if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) { /* ERROR */ goto err; } + if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err; - EVP_CIPHER_CTX_init(ctx); - EVP_DecryptInit(ctx,type,key,iv); ret=1; err: if (key != NULL) memset(key,0,size); - Free(key); + OPENSSL_free(key); return(ret); } diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c index d449e892bf..47efc0d3d8 100644 --- a/crypto/evp/p_seal.c +++ b/crypto/evp/p_seal.c @@ -73,17 +73,20 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, int i; if (npubk <= 0) return(0); + if(type) { + EVP_CIPHER_CTX_init(ctx); + EVP_EncryptInit(ctx,type,NULL,NULL); + } if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0) return(0); - if (type->iv_len > 0) - RAND_pseudo_bytes(iv,type->iv_len); + if (EVP_CIPHER_CTX_iv_length(ctx)) + RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); - EVP_CIPHER_CTX_init(ctx); - EVP_EncryptInit(ctx,type,key,iv); + if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0; for (i=0; i<npubk; i++) { - ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_key_length(type), + ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_CTX_key_length(ctx), pubk[i]); if (ekl[i] <= 0) return(-1); } diff --git a/crypto/ex_data.c b/crypto/ex_data.c index a057dd3b68..1ee88da2a8 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -77,7 +77,7 @@ int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); goto err; } - a=(CRYPTO_EX_DATA_FUNCS *)Malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); + a=(CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); if (a == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); @@ -93,7 +93,7 @@ int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long if (!sk_CRYPTO_EX_DATA_FUNCS_push(*skp,NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); - Free(a); + OPENSSL_free(a); goto err; } } diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c index 891a46532b..ecb9cb8b83 100644 --- a/crypto/idea/i_cbc.c +++ b/crypto/idea/i_cbc.c @@ -47,7 +47,7 @@ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or @@ -59,7 +59,7 @@ #include <openssl/idea.h> #include "idea_lcl.h" -void idea_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt) { register unsigned long tin0,tin1; diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c index dacf3f1be3..66d49d520e 100644 --- a/crypto/idea/i_cfb64.c +++ b/crypto/idea/i_cfb64.c @@ -64,9 +64,9 @@ * 64bit block we have used is contained in *num; */ -void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num, - int encrypt) +void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, IDEA_KEY_SCHEDULE *schedule, + unsigned char *ivec, int *num, int encrypt) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c index 93937d2063..fb613db595 100644 --- a/crypto/idea/i_ecb.c +++ b/crypto/idea/i_ecb.c @@ -70,7 +70,7 @@ const char *idea_options(void) return("idea(short)"); } -void idea_ecb_encrypt(unsigned char *in, unsigned char *out, +void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks) { unsigned long l0,l1,d[2]; diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c index afcbed2d14..e749e88e34 100644 --- a/crypto/idea/i_ofb64.c +++ b/crypto/idea/i_ofb64.c @@ -63,8 +63,9 @@ * used. The extra state information to record how much of the * 64bit block we have used is contained in *num; */ -void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num) +void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, IDEA_KEY_SCHEDULE *schedule, + unsigned char *ivec, int *num) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c index bbbda6b5c8..1c95bc9c7b 100644 --- a/crypto/idea/i_skey.c +++ b/crypto/idea/i_skey.c @@ -60,7 +60,7 @@ #include "idea_lcl.h" static IDEA_INT inverse(unsigned int xin); -void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks) +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) { int i; register IDEA_INT *kt,*kf,r0,r1,r2; diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h index f5efeae366..f14adf8398 100644 --- a/crypto/idea/idea.h +++ b/crypto/idea/idea.h @@ -80,16 +80,16 @@ typedef struct idea_key_st } IDEA_KEY_SCHEDULE; const char *idea_options(void); -void idea_ecb_encrypt(unsigned char *in, unsigned char *out, +void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); -void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks); +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); -void idea_cbc_encrypt(unsigned char *in, unsigned char *out, +void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); -void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, +void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num,int enc); -void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, +void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num); void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); #ifdef __cplusplus diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c index 08138b52c3..6008781e57 100644 --- a/crypto/lhash/lh_test.c +++ b/crypto/lhash/lh_test.c @@ -77,7 +77,7 @@ main() if (buf[0] == '\0') break; buf[256]='\0'; i=strlen(buf); - p=Malloc(i+1); + p=OPENSSL_malloc(i+1); memcpy(p,buf,i+1); lh_insert(conf,p); } diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 7eb92a18bc..7da14620a4 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -116,9 +116,9 @@ LHASH *lh_new(unsigned long (*h)(), int (*c)()) LHASH *ret; int i; - if ((ret=(LHASH *)Malloc(sizeof(LHASH))) == NULL) + if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL) goto err0; - if ((ret->b=(LHASH_NODE **)Malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) + if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) goto err1; for (i=0; i<MIN_NODES; i++) ret->b[i]=NULL; @@ -149,7 +149,7 @@ LHASH *lh_new(unsigned long (*h)(), int (*c)()) ret->error=0; return(ret); err1: - Free(ret); + OPENSSL_free(ret); err0: return(NULL); } @@ -168,12 +168,12 @@ void lh_free(LHASH *lh) while (n != NULL) { nn=n->next; - Free(n); + OPENSSL_free(n); n=nn; } } - Free(lh->b); - Free(lh); + OPENSSL_free(lh->b); + OPENSSL_free(lh); } void *lh_insert(LHASH *lh, void *data) @@ -190,7 +190,7 @@ void *lh_insert(LHASH *lh, void *data) if (*rn == NULL) { - if ((nn=(LHASH_NODE *)Malloc(sizeof(LHASH_NODE))) == NULL) + if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) { lh->error++; return(NULL); @@ -233,7 +233,7 @@ void *lh_delete(LHASH *lh, void *data) nn= *rn; *rn=nn->next; ret=nn->data; - Free(nn); + OPENSSL_free(nn); lh->num_delete++; } @@ -329,7 +329,7 @@ static void expand(LHASH *lh) if ((lh->p) >= lh->pmax) { j=(int)lh->num_alloc_nodes*2; - n=(LHASH_NODE **)Realloc(lh->b, + n=(LHASH_NODE **)OPENSSL_realloc(lh->b, (unsigned int)sizeof(LHASH_NODE *)*j); if (n == NULL) { @@ -357,7 +357,7 @@ static void contract(LHASH *lh) lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */ if (lh->p == 0) { - n=(LHASH_NODE **)Realloc(lh->b, + n=(LHASH_NODE **)OPENSSL_realloc(lh->b, (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax)); if (n == NULL) { diff --git a/crypto/mem.c b/crypto/mem.c index 5890e55774..3b5b2bbc68 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -252,8 +252,8 @@ void CRYPTO_free(void *str) void *CRYPTO_remalloc(void *a, int num, const char *file, int line) { - if (a != NULL) Free(a); - a=(char *)Malloc(num); + if (a != NULL) OPENSSL_free(a); + a=(char *)OPENSSL_malloc(num); return(a); } diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index 53b6530113..866c53e73a 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -279,7 +279,7 @@ static APP_INFO *pop_info() ret->next = NULL; if (next != NULL) next->references--; - Free(ret); + OPENSSL_free(ret); } } } @@ -295,7 +295,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) { MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - if ((ami = (APP_INFO *)Malloc(sizeof(APP_INFO))) == NULL) + if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL) { ret=0; goto err; @@ -304,7 +304,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) { if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL) { - Free(ami); + OPENSSL_free(ami); ret=0; goto err; } @@ -386,9 +386,9 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, if (is_MemCheck_on()) { MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - if ((m=(MEM *)Malloc(sizeof(MEM))) == NULL) + if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL) { - Free(addr); + OPENSSL_free(addr); MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ return; } @@ -396,8 +396,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, { if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) { - Free(addr); - Free(m); + OPENSSL_free(addr); + OPENSSL_free(m); addr=NULL; goto err; } @@ -445,7 +445,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, { mm->app_info->references--; } - Free(mm); + OPENSSL_free(mm); } err: MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ @@ -481,7 +481,7 @@ void CRYPTO_dbg_free(void *addr, int before_p) { mp->app_info->references--; } - Free(mp); + OPENSSL_free(mp); } MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index d9389a5e5a..aa82a8a07c 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -20,6 +20,37 @@ typedef struct name_funcs_st } NAME_FUNCS; DECLARE_STACK_OF(NAME_FUNCS) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_NAME_FUNCS_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_NAME_FUNCS_new_null() sk_new_null() + #define sk_NAME_FUNCS_free(a) sk_free(a) + #define sk_NAME_FUNCS_num(a) sk_num(a) + #define sk_NAME_FUNCS_value(a,b) ((NAME_FUNCS *) \ + sk_value((a),(b))) + #define sk_NAME_FUNCS_set(a,b,c) ((NAME_FUNCS *) \ + sk_set((a),(b),(char *)(c))) + #define sk_NAME_FUNCS_zero(a) sk_zero(a) + #define sk_NAME_FUNCS_push(a,b) sk_push((a),(char *)(b)) + #define sk_NAME_FUNCS_unshift(a,b) sk_unshift((a),(b)) + #define sk_NAME_FUNCS_find(a,b) sk_find((a), (char *)(b)) + #define sk_NAME_FUNCS_delete(a,b) ((NAME_FUNCS *) \ + sk_delete((a),(b))) + #define sk_NAME_FUNCS_delete_ptr(a,b) ((NAME_FUNCS *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_NAME_FUNCS_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_NAME_FUNCS_set_cmp_func(a,b) ((int (*) \ + (const NAME_FUNCS * const *,const NAME_FUNCS * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_NAME_FUNCS_dup(a) sk_dup(a) + #define sk_NAME_FUNCS_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_NAME_FUNCS_shift(a) ((NAME_FUNCS *)sk_shift(a)) + #define sk_NAME_FUNCS_pop(a) ((NAME_FUNCS *)sk_pop(a)) + #define sk_NAME_FUNCS_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ IMPLEMENT_STACK_OF(NAME_FUNCS) static STACK_OF(NAME_FUNCS) *name_funcs_stack; @@ -59,7 +90,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(), int (*cmp_func)(), for (i=sk_NAME_FUNCS_num(name_funcs_stack); i<names_type_num; i++) { MemCheck_off(); - name_funcs = Malloc(sizeof(NAME_FUNCS)); + name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS)); name_funcs->hash_func = lh_strhash; name_funcs->cmp_func = (int (*)())strcmp; name_funcs->free_func = 0; /* NULL is often declared to @@ -156,7 +187,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) alias=type&OBJ_NAME_ALIAS; type&= ~OBJ_NAME_ALIAS; - onp=(OBJ_NAME *)Malloc(sizeof(OBJ_NAME)); + onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME)); if (onp == NULL) { /* ERROR */ @@ -181,7 +212,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) sk_NAME_FUNCS_value(name_funcs_stack,ret->type) ->free_func(ret->name,ret->type,ret->data); } - Free(ret); + OPENSSL_free(ret); } else { @@ -216,7 +247,7 @@ int OBJ_NAME_remove(const char *name, int type) sk_NAME_FUNCS_value(name_funcs_stack,ret->type) ->free_func(ret->name,ret->type,ret->data); } - Free(ret); + OPENSSL_free(ret); return(1); } else @@ -238,7 +269,7 @@ static void names_lh_free(OBJ_NAME *onp, int type) static void name_funcs_free(NAME_FUNCS *ptr) { - Free(ptr); + OPENSSL_free(ptr); } void OBJ_NAME_cleanup(int type) diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index da6df3762a..018ad5ef97 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -188,7 +188,7 @@ static void cleanup3(ADDED_OBJ *a) { if (--a->obj->nid == 0) ASN1_OBJECT_free(a->obj); - Free(a); + OPENSSL_free(a); } void OBJ_cleanup(void) @@ -220,13 +220,13 @@ int OBJ_add_object(ASN1_OBJECT *obj) if (added == NULL) if (!init_added()) return(0); if ((o=OBJ_dup(obj)) == NULL) goto err; - ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if ((o->length != 0) && (obj->data != NULL)) - ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->sn != NULL) - ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->ln != NULL) - ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); for (i=ADDED_DATA; i<=ADDED_NID; i++) { @@ -237,7 +237,7 @@ int OBJ_add_object(ASN1_OBJECT *obj) aop=(ADDED_OBJ *)lh_insert(added,ao[i]); /* memory leak, buit should not normally matter */ if (aop != NULL) - Free(aop); + OPENSSL_free(aop); } } o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| @@ -246,8 +246,8 @@ int OBJ_add_object(ASN1_OBJECT *obj) return(o->nid); err: for (i=ADDED_DATA; i<=ADDED_NID; i++) - if (ao[i] != NULL) Free(ao[i]); - if (o != NULL) Free(o); + if (ao[i] != NULL) OPENSSL_free(ao[i]); + if (o != NULL) OPENSSL_free(o); return(NID_undef); } @@ -400,7 +400,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) /* Work out total size */ j = ASN1_object_size(0,i,V_ASN1_OBJECT); - if((buf=(unsigned char *)Malloc(j)) == NULL) return NULL; + if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL; p = buf; /* Write out tag+length */ @@ -410,7 +410,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) p=buf; op=d2i_ASN1_OBJECT(NULL,&p,i); - Free(buf); + OPENSSL_free(buf); return op; } @@ -631,7 +631,7 @@ int OBJ_create(char *oid, char *sn, char *ln) i=a2d_ASN1_OBJECT(NULL,0,oid,-1); if (i <= 0) return(0); - if ((buf=(unsigned char *)Malloc(i)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL) { OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE); return(0); @@ -643,7 +643,7 @@ int OBJ_create(char *oid, char *sn, char *ln) ok=OBJ_add_object(op); err: ASN1_OBJECT_free(op); - Free(buf); + OPENSSL_free(buf); return(ok); } diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c index 1a1ba0fc06..0c71639eba 100644 --- a/crypto/objects/obj_lib.c +++ b/crypto/objects/obj_lib.c @@ -78,7 +78,7 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); return(NULL); } - r->data=Malloc(o->length); + r->data=OPENSSL_malloc(o->length); if (r->data == NULL) goto err; memcpy(r->data,o->data,o->length); @@ -88,7 +88,7 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) if (o->ln != NULL) { i=strlen(o->ln)+1; - r->ln=ln=Malloc(i); + r->ln=ln=OPENSSL_malloc(i); if (r->ln == NULL) goto err; memcpy(ln,o->ln,i); } @@ -98,7 +98,7 @@ ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) char *s; i=strlen(o->sn)+1; - r->sn=s=Malloc(i); + r->sn=s=OPENSSL_malloc(i); if (r->sn == NULL) goto err; memcpy(s,o->sn,i); } @@ -109,9 +109,9 @@ err: OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); if (r != NULL) { - if (ln != NULL) Free(ln); - if (r->data != NULL) Free(r->data); - Free(r); + if (ln != NULL) OPENSSL_free(ln); + if (r->data != NULL) OPENSSL_free(r->data); + OPENSSL_free(r); } return(NULL); } diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index b65239a920..1c5c6dea00 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -237,9 +237,9 @@ start: else { /* unknown */ } - if (name != NULL) Free(name); - if (header != NULL) Free(header); - if (data != NULL) Free(data); + if (name != NULL) OPENSSL_free(name); + if (header != NULL) OPENSSL_free(header); + if (data != NULL) OPENSSL_free(data); name=NULL; header=NULL; data=NULL; @@ -268,9 +268,9 @@ err: ret=NULL; } - if (name != NULL) Free(name); - if (header != NULL) Free(header); - if (data != NULL) Free(data); + if (name != NULL) OPENSSL_free(name); + if (header != NULL) OPENSSL_free(header); + if (data != NULL) OPENSSL_free(data); return(ret); } diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index b5e0a650f8..a17c3ed57f 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -242,9 +242,9 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, return(NULL); } if(check_pem(nm, name)) break; - Free(nm); - Free(header); - Free(data); + OPENSSL_free(nm); + OPENSSL_free(header); + OPENSSL_free(data); } if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err; @@ -289,9 +289,9 @@ p8err: if (ret == NULL) PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); err: - Free(nm); - Free(header); - Free(data); + OPENSSL_free(nm); + OPENSSL_free(header); + OPENSSL_free(data); return(ret); } @@ -344,7 +344,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, goto err; } /* dzise + 8 bytes are needed */ - data=(unsigned char *)Malloc((unsigned int)dsize+20); + data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); if (data == NULL) { PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); @@ -405,7 +405,7 @@ err: memset((char *)&ctx,0,sizeof(ctx)); memset(buf,0,PEM_BUFSIZE); memset(data,0,(unsigned int)dsize); - Free(data); + OPENSSL_free(data); return(ret); } @@ -583,7 +583,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; } - buf=(unsigned char *)Malloc(PEM_BUFSIZE*8); + buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8); if (buf == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -603,7 +603,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, } EVP_EncodeFinal(&ctx,buf,&outl); if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; - Free(buf); + OPENSSL_free(buf); if ( (BIO_write(bp,"-----END ",9) != 9) || (BIO_write(bp,name,nlen) != nlen) || (BIO_write(bp,"-----\n",6) != 6)) @@ -784,9 +784,9 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, *header=headerB->data; *data=(unsigned char *)dataB->data; *len=bl; - Free(nameB); - Free(headerB); - Free(dataB); + OPENSSL_free(nameB); + OPENSSL_free(headerB); + OPENSSL_free(dataB); return(1); err: BUF_MEM_free(nameB); diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index 126e29d375..2a6c513348 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -84,7 +84,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, j=RSA_size(pubk[i]->pkey.rsa); if (j > max) max=j; } - s=(char *)Malloc(max*2); + s=(char *)OPENSSL_malloc(max*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE); @@ -108,7 +108,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, ret=npubk; err: - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); memset(key,0,EVP_MAX_KEY_LENGTH); return(ret); } @@ -151,7 +151,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, } i=RSA_size(priv->pkey.rsa); if (i < 100) i=100; - s=(unsigned char *)Malloc(i*2); + s=(unsigned char *)OPENSSL_malloc(i*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE); @@ -172,7 +172,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, err: memset((char *)&(ctx->md),0,sizeof(ctx->md)); memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher)); - if (s != NULL) Free(s); + if (s != NULL) OPENSSL_free(s); return(ret); } #else /* !NO_RSA */ diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c index aabafb702d..42d598dd78 100644 --- a/crypto/pem/pem_sign.c +++ b/crypto/pem/pem_sign.c @@ -82,7 +82,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, int i,ret=0; unsigned int m_len; - m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2); + m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2); if (m == NULL) { PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE); @@ -96,7 +96,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, ret=1; err: /* ctx has been zeroed by EVP_SignFinal() */ - if (m != NULL) Free(m); + if (m != NULL) OPENSSL_free(m); return(ret); } diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c index f559351d18..b370c9cf3f 100644 --- a/crypto/pkcs12/p12_attr.c +++ b/crypto/pkcs12/p12_attr.c @@ -157,7 +157,7 @@ int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name, return 0; } ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen); - Free(uniname); + OPENSSL_free(uniname); return ret; } @@ -181,7 +181,7 @@ int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, ERR_R_MALLOC_FAILURE); return 0; } - if (!(bmp->data = Malloc (namelen))) { + if (!(bmp->data = OPENSSL_malloc (namelen))) { PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, ERR_R_MALLOC_FAILURE); return 0; diff --git a/crypto/pkcs12/p12_bags.c b/crypto/pkcs12/p12_bags.c index c358b06735..56547ef933 100644 --- a/crypto/pkcs12/p12_bags.c +++ b/crypto/pkcs12/p12_bags.c @@ -188,5 +188,5 @@ void PKCS12_BAGS_free (PKCS12_BAGS *a) } ASN1_OBJECT_free (a->type); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 778954b99f..9ba90bbbdf 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -65,7 +65,7 @@ /* Encrypt/Decrypt a buffer based on password and algor, result in a - * Malloc'ed buffer + * OPENSSL_malloc'ed buffer */ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, @@ -83,7 +83,7 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, return NULL; } - if(!(out = Malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { + if(!(out = OPENSSL_malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE); return NULL; } @@ -91,7 +91,7 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, EVP_CipherUpdate (&ctx, out, &i, in, inlen); outlen = i; if(!EVP_CipherFinal (&ctx, out + i, &i)) { - Free (out); + OPENSSL_free (out); PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR); return NULL; } @@ -139,7 +139,7 @@ char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(), else ret = d2i(NULL, &p, outlen); if (seq & 2) memset(out, 0, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); - Free (out); + OPENSSL_free (out); return ret; } @@ -166,7 +166,7 @@ ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(), PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); return NULL; } - if (!(in = Malloc (inlen))) { + if (!(in = OPENSSL_malloc (inlen))) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); return NULL; } @@ -177,10 +177,10 @@ ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(), if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data, &oct->length, 1)) { PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); - Free(in); + OPENSSL_free(in); return NULL; } - Free (in); + OPENSSL_free (in); return oct; } diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 743b5bd88d..b042dcf05c 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -92,7 +92,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, id, iter, n, out, md_type); if(unipass) { memset(unipass, 0, uniplen); /* Clear password from memory */ - Free(unipass); + OPENSSL_free(unipass); } return ret; } @@ -128,14 +128,14 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, #endif v = EVP_MD_block_size (md_type); u = EVP_MD_size (md_type); - D = Malloc (v); - Ai = Malloc (u); - B = Malloc (v + 1); + D = OPENSSL_malloc (v); + Ai = OPENSSL_malloc (u); + B = OPENSSL_malloc (v + 1); Slen = v * ((saltlen+v-1)/v); if(passlen) Plen = v * ((passlen+v-1)/v); else Plen = 0; Ilen = Slen + Plen; - I = Malloc (Ilen); + I = OPENSSL_malloc (Ilen); Ij = BN_new(); Bpl1 = BN_new(); if (!D || !Ai || !B || !I || !Ij || !Bpl1) { @@ -158,10 +158,10 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, } memcpy (out, Ai, min (n, u)); if (u >= n) { - Free (Ai); - Free (B); - Free (D); - Free (I); + OPENSSL_free (Ai); + OPENSSL_free (B); + OPENSSL_free (D); + OPENSSL_free (I); BN_free (Ij); BN_free (Bpl1); #ifdef DEBUG_KEYGEN diff --git a/crypto/pkcs12/p12_lib.c b/crypto/pkcs12/p12_lib.c index 7ca9c14908..7d464e3a32 100644 --- a/crypto/pkcs12/p12_lib.c +++ b/crypto/pkcs12/p12_lib.c @@ -107,5 +107,5 @@ void PKCS12_free (PKCS12 *a) M_ASN1_INTEGER_free(a->version); PKCS12_MAC_DATA_free (a->mac); PKCS7_free (a->authsafes); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/pkcs12/p12_mac.c b/crypto/pkcs12/p12_mac.c index f5ab0d6464..fbd1eca24f 100644 --- a/crypto/pkcs12/p12_mac.c +++ b/crypto/pkcs12/p12_mac.c @@ -106,5 +106,5 @@ void PKCS12_MAC_DATA_free (PKCS12_MAC_DATA *a) X509_SIG_free (a->dinfo); M_ASN1_OCTET_STRING_free(a->salt); M_ASN1_INTEGER_free(a->iter); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index a335a7b868..13d866da51 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -149,7 +149,7 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, } if (!saltlen) saltlen = PKCS12_SALT_LEN; p12->mac->salt->length = saltlen; - if (!(p12->mac->salt->data = Malloc (saltlen))) { + if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) { PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c index 6ae209693d..64ac32ee6f 100644 --- a/crypto/pkcs12/p12_sbag.c +++ b/crypto/pkcs12/p12_sbag.c @@ -226,7 +226,7 @@ void PKCS12_SAFEBAG_free (PKCS12_SAFEBAG *a) ASN1_OBJECT_free (a->type); sk_X509_ATTRIBUTE_pop_free (a->attrib, X509_ATTRIBUTE_free); - Free (a); + OPENSSL_free (a); } IMPLEMENT_STACK_OF(PKCS12_SAFEBAG) diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 2adcbc95e1..17f41b4549 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -67,7 +67,7 @@ unsigned char *asc2uni (const char *asc, unsigned char **uni, int *unilen) int ulen, i; unsigned char *unitmp; ulen = strlen(asc)*2 + 2; - if (!(unitmp = Malloc (ulen))) return NULL; + if (!(unitmp = OPENSSL_malloc (ulen))) return NULL; for (i = 0; i < ulen; i+=2) { unitmp[i] = 0; unitmp[i + 1] = asc[i>>1]; @@ -85,7 +85,7 @@ char *uni2asc (unsigned char *uni, int unilen) /* If no terminating zero allow for one */ if (uni[unilen - 1]) asclen++; uni++; - if (!(asctmp = Malloc (asclen))) return NULL; + if (!(asctmp = OPENSSL_malloc (asclen))) return NULL; for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i]; asctmp[asclen - 1] = 0; return asctmp; diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 4cf92b68ea..1e0dc3e189 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -124,6 +124,37 @@ ASN1_TYPE *rest; } PKCS12_SAFEBAG; DECLARE_STACK_OF(PKCS12_SAFEBAG) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS12_SAFEBAG_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS12_SAFEBAG_new_null() sk_new_null() + #define sk_PKCS12_SAFEBAG_free(a) sk_free(a) + #define sk_PKCS12_SAFEBAG_num(a) sk_num(a) + #define sk_PKCS12_SAFEBAG_value(a,b) ((PKCS12_SAFEBAG *) \ + sk_value((a),(b))) + #define sk_PKCS12_SAFEBAG_set(a,b,c) ((PKCS12_SAFEBAG *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS12_SAFEBAG_zero(a) sk_zero(a) + #define sk_PKCS12_SAFEBAG_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS12_SAFEBAG_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS12_SAFEBAG_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS12_SAFEBAG_delete(a,b) ((PKCS12_SAFEBAG *) \ + sk_delete((a),(b))) + #define sk_PKCS12_SAFEBAG_delete_ptr(a,b) ((PKCS12_SAFEBAG *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS12_SAFEBAG_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS12_SAFEBAG_set_cmp_func(a,b) ((int (*) \ + (const PKCS12_SAFEBAG * const *,const PKCS12_SAFEBAG * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS12_SAFEBAG_dup(a) sk_dup(a) + #define sk_PKCS12_SAFEBAG_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS12_SAFEBAG_shift(a) ((PKCS12_SAFEBAG *)sk_shift(a)) + #define sk_PKCS12_SAFEBAG_pop(a) ((PKCS12_SAFEBAG *)sk_pop(a)) + #define sk_PKCS12_SAFEBAG_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG) DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG) diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c index 4803966fd2..5447e69818 100644 --- a/crypto/pkcs7/bio_ber.c +++ b/crypto/pkcs7/bio_ber.c @@ -128,7 +128,7 @@ static int ber_new(BIO *bi) { BIO_BER_CTX *ctx; - ctx=(BIO_BER_CTX *)Malloc(sizeof(BIO_BER_CTX)); + ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX)); if (ctx == NULL) return(0); memset((char *)ctx,0,sizeof(BIO_BER_CTX)); @@ -146,7 +146,7 @@ static int ber_free(BIO *a) if (a == NULL) return(0); b=(BIO_BER_CTX *)a->ptr; memset(a->ptr,0,sizeof(BIO_BER_CTX)); - Free(a->ptr); + OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c index f22a708358..6ae264cbf9 100644 --- a/crypto/pkcs7/pk7_attr.c +++ b/crypto/pkcs7/pk7_attr.c @@ -23,7 +23,7 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR, V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(pp=(unsigned char *)Malloc(len))) { + if(!(pp=(unsigned char *)OPENSSL_malloc(len))) { PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); return 0; } @@ -38,7 +38,7 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); return 0; } - Free (pp); + OPENSSL_free (pp); return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, V_ASN1_SEQUENCE, seq); } diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index d93b27e737..7acd11e057 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -189,7 +189,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) EVP_PKEY_free(pkey); if (max < jj) max=jj; } - if ((tmp=(unsigned char *)Malloc(max)) == NULL) + if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE); goto err; @@ -203,12 +203,12 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) if (jj <= 0) { PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB); - Free(tmp); + OPENSSL_free(tmp); goto err; } M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); } - Free(tmp); + OPENSSL_free(tmp); memset(key, 0, keylen); if (out == NULL) @@ -374,7 +374,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } jj=EVP_PKEY_size(pkey); - tmp=(unsigned char *)Malloc(jj+10); + tmp=(unsigned char *)OPENSSL_malloc(jj+10); if (tmp == NULL) { PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE); @@ -456,7 +456,7 @@ err: out=NULL; } if (tmp != NULL) - Free(tmp); + OPENSSL_free(tmp); return(out); } @@ -578,13 +578,13 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL, i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - pp=(unsigned char *)Malloc(x); + pp=(unsigned char *)OPENSSL_malloc(x); p=pp; i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p, i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); EVP_SignUpdate(&ctx_tmp,pp,x); - Free(pp); + OPENSSL_free(pp); pp=NULL; } @@ -627,7 +627,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) (unsigned char *)buf_mem->data,buf_mem->length); #endif } - if (pp != NULL) Free(pp); + if (pp != NULL) OPENSSL_free(pp); pp=NULL; ret=1; @@ -772,13 +772,13 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); */ i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE); - pp=Malloc(i); + pp=OPENSSL_malloc(i); p=pp; i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE, V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE); EVP_VerifyUpdate(&mdc_tmp,pp,i); - Free(pp); + OPENSSL_free(pp); } os=si->enc_digest; diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index 3049e0adb1..7c6649cc14 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -74,6 +74,38 @@ char *param_name; /* Param name e.g. "micalg" */ char *param_value; /* Param value e.g. "sha1" */ } MIME_PARAM; +DECLARE_STACK_OF(MIME_PARAM) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_MIME_PARAM_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_MIME_PARAM_new_null() sk_new_null() + #define sk_MIME_PARAM_free(a) sk_free(a) + #define sk_MIME_PARAM_num(a) sk_num(a) + #define sk_MIME_PARAM_value(a,b) ((MIME_PARAM *) \ + sk_value((a),(b))) + #define sk_MIME_PARAM_set(a,b,c) ((MIME_PARAM *) \ + sk_set((a),(b),(char *)(c))) + #define sk_MIME_PARAM_zero(a) sk_zero(a) + #define sk_MIME_PARAM_push(a,b) sk_push((a),(char *)(b)) + #define sk_MIME_PARAM_unshift(a,b) sk_unshift((a),(b)) + #define sk_MIME_PARAM_find(a,b) sk_find((a), (char *)(b)) + #define sk_MIME_PARAM_delete(a,b) ((MIME_PARAM *) \ + sk_delete((a),(b))) + #define sk_MIME_PARAM_delete_ptr(a,b) ((MIME_PARAM *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_MIME_PARAM_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_MIME_PARAM_set_cmp_func(a,b) ((int (*) \ + (const MIME_PARAM * const *,const MIME_PARAM * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_MIME_PARAM_dup(a) sk_dup(a) + #define sk_MIME_PARAM_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_MIME_PARAM_shift(a) ((MIME_PARAM *)sk_shift(a)) + #define sk_MIME_PARAM_pop(a) ((MIME_PARAM *)sk_pop(a)) + #define sk_MIME_PARAM_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ IMPLEMENT_STACK_OF(MIME_PARAM) typedef struct { @@ -82,6 +114,38 @@ char *value; /* Value of line e.g. "text/plain" */ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ } MIME_HEADER; +DECLARE_STACK_OF(MIME_HEADER) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_MIME_HEADER_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_MIME_HEADER_new_null() sk_new_null() + #define sk_MIME_HEADER_free(a) sk_free(a) + #define sk_MIME_HEADER_num(a) sk_num(a) + #define sk_MIME_HEADER_value(a,b) ((MIME_HEADER *) \ + sk_value((a),(b))) + #define sk_MIME_HEADER_set(a,b,c) ((MIME_HEADER *) \ + sk_set((a),(b),(char *)(c))) + #define sk_MIME_HEADER_zero(a) sk_zero(a) + #define sk_MIME_HEADER_push(a,b) sk_push((a),(char *)(b)) + #define sk_MIME_HEADER_unshift(a,b) sk_unshift((a),(b)) + #define sk_MIME_HEADER_find(a,b) sk_find((a), (char *)(b)) + #define sk_MIME_HEADER_delete(a,b) ((MIME_HEADER *) \ + sk_delete((a),(b))) + #define sk_MIME_HEADER_delete_ptr(a,b) ((MIME_HEADER *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_MIME_HEADER_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_MIME_HEADER_set_cmp_func(a,b) ((int (*) \ + (const MIME_HEADER * const *,const MIME_HEADER * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_MIME_HEADER_dup(a) sk_dup(a) + #define sk_MIME_HEADER_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_MIME_HEADER_shift(a) ((MIME_HEADER *)sk_shift(a)) + #define sk_MIME_HEADER_pop(a) ((MIME_HEADER *)sk_pop(a)) + #define sk_MIME_HEADER_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ IMPLEMENT_STACK_OF(MIME_HEADER) static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); @@ -92,8 +156,10 @@ static char * strip_end(char *name); static MIME_HEADER *mime_hdr_new(char *name, char *value); static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value); static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio); -static int mime_hdr_cmp(MIME_HEADER **a, MIME_HEADER **b); -static int mime_param_cmp(MIME_PARAM **a, MIME_PARAM **b); +static int mime_hdr_cmp(const MIME_HEADER * const *a, + const MIME_HEADER * const *b); +static int mime_param_cmp(const MIME_PARAM * const *a, + const MIME_PARAM * const *b); static void mime_param_free(MIME_PARAM *param); static int mime_bound_check(char *line, int linelen, char *bound, int blen); static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); @@ -575,7 +641,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } } else tmpval = NULL; - mhdr = (MIME_HEADER *) Malloc(sizeof(MIME_HEADER)); + mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER)); if(!mhdr) return NULL; mhdr->name = tmpname; mhdr->value = tmpval; @@ -604,7 +670,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) if(!tmpval) return 0; } else tmpval = NULL; /* Parameter values are case sensitive so leave as is */ - mparam = (MIME_PARAM *) Malloc(sizeof(MIME_PARAM)); + mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM)); if(!mparam) return 0; mparam->param_name = tmpname; mparam->param_value = tmpval; @@ -612,12 +678,14 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) return 1; } -static int mime_hdr_cmp(MIME_HEADER **a, MIME_HEADER **b) +static int mime_hdr_cmp(const MIME_HEADER * const *a, + const MIME_HEADER * const *b) { return(strcmp((*a)->name, (*b)->name)); } -static int mime_param_cmp(MIME_PARAM **a, MIME_PARAM **b) +static int mime_param_cmp(const MIME_PARAM * const *a, + const MIME_PARAM * const *b) { return(strcmp((*a)->param_name, (*b)->param_name)); } @@ -646,17 +714,17 @@ static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name) static void mime_hdr_free(MIME_HEADER *hdr) { - if(hdr->name) Free(hdr->name); - if(hdr->value) Free(hdr->value); + if(hdr->name) OPENSSL_free(hdr->name); + if(hdr->value) OPENSSL_free(hdr->value); if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); - Free(hdr); + OPENSSL_free(hdr); } static void mime_param_free(MIME_PARAM *param) { - if(param->param_name) Free(param->param_name); - if(param->param_value) Free(param->param_value); - Free(param); + if(param->param_name) OPENSSL_free(param->param_name); + if(param->param_value) OPENSSL_free(param->param_value); + OPENSSL_free(param); } /* Check for a multipart boundary. Returns: diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h index f3f85f57af..9916a3b1d9 100644 --- a/crypto/pkcs7/pkcs7.h +++ b/crypto/pkcs7/pkcs7.h @@ -104,6 +104,37 @@ typedef struct pkcs7_signer_info_st } PKCS7_SIGNER_INFO; DECLARE_STACK_OF(PKCS7_SIGNER_INFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS7_SIGNER_INFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS7_SIGNER_INFO_new_null() sk_new_null() + #define sk_PKCS7_SIGNER_INFO_free(a) sk_free(a) + #define sk_PKCS7_SIGNER_INFO_num(a) sk_num(a) + #define sk_PKCS7_SIGNER_INFO_value(a,b) ((PKCS7_SIGNER_INFO *) \ + sk_value((a),(b))) + #define sk_PKCS7_SIGNER_INFO_set(a,b,c) ((PKCS7_SIGNER_INFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS7_SIGNER_INFO_zero(a) sk_zero(a) + #define sk_PKCS7_SIGNER_INFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS7_SIGNER_INFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS7_SIGNER_INFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS7_SIGNER_INFO_delete(a,b) ((PKCS7_SIGNER_INFO *) \ + sk_delete((a),(b))) + #define sk_PKCS7_SIGNER_INFO_delete_ptr(a,b) ((PKCS7_SIGNER_INFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS7_SIGNER_INFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS7_SIGNER_INFO_set_cmp_func(a,b) ((int (*) \ + (const PKCS7_SIGNER_INFO * const *,const PKCS7_SIGNER_INFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS7_SIGNER_INFO_dup(a) sk_dup(a) + #define sk_PKCS7_SIGNER_INFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS7_SIGNER_INFO_shift(a) ((PKCS7_SIGNER_INFO *)sk_shift(a)) + #define sk_PKCS7_SIGNER_INFO_pop(a) ((PKCS7_SIGNER_INFO *)sk_pop(a)) + #define sk_PKCS7_SIGNER_INFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) typedef struct pkcs7_recip_info_st @@ -116,6 +147,37 @@ typedef struct pkcs7_recip_info_st } PKCS7_RECIP_INFO; DECLARE_STACK_OF(PKCS7_RECIP_INFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS7_RECIP_INFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS7_RECIP_INFO_new_null() sk_new_null() + #define sk_PKCS7_RECIP_INFO_free(a) sk_free(a) + #define sk_PKCS7_RECIP_INFO_num(a) sk_num(a) + #define sk_PKCS7_RECIP_INFO_value(a,b) ((PKCS7_RECIP_INFO *) \ + sk_value((a),(b))) + #define sk_PKCS7_RECIP_INFO_set(a,b,c) ((PKCS7_RECIP_INFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS7_RECIP_INFO_zero(a) sk_zero(a) + #define sk_PKCS7_RECIP_INFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS7_RECIP_INFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS7_RECIP_INFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS7_RECIP_INFO_delete(a,b) ((PKCS7_RECIP_INFO *) \ + sk_delete((a),(b))) + #define sk_PKCS7_RECIP_INFO_delete_ptr(a,b) ((PKCS7_RECIP_INFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS7_RECIP_INFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS7_RECIP_INFO_set_cmp_func(a,b) ((int (*) \ + (const PKCS7_RECIP_INFO * const *,const PKCS7_RECIP_INFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS7_RECIP_INFO_dup(a) sk_dup(a) + #define sk_PKCS7_RECIP_INFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS7_RECIP_INFO_shift(a) ((PKCS7_RECIP_INFO *)sk_shift(a)) + #define sk_PKCS7_RECIP_INFO_pop(a) ((PKCS7_RECIP_INFO *)sk_pop(a)) + #define sk_PKCS7_RECIP_INFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) typedef struct pkcs7_signed_st @@ -214,6 +276,37 @@ typedef struct pkcs7_st } PKCS7; DECLARE_STACK_OF(PKCS7) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_PKCS7_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_PKCS7_new_null() sk_new_null() + #define sk_PKCS7_free(a) sk_free(a) + #define sk_PKCS7_num(a) sk_num(a) + #define sk_PKCS7_value(a,b) ((PKCS7 *) \ + sk_value((a),(b))) + #define sk_PKCS7_set(a,b,c) ((PKCS7 *) \ + sk_set((a),(b),(char *)(c))) + #define sk_PKCS7_zero(a) sk_zero(a) + #define sk_PKCS7_push(a,b) sk_push((a),(char *)(b)) + #define sk_PKCS7_unshift(a,b) sk_unshift((a),(b)) + #define sk_PKCS7_find(a,b) sk_find((a), (char *)(b)) + #define sk_PKCS7_delete(a,b) ((PKCS7 *) \ + sk_delete((a),(b))) + #define sk_PKCS7_delete_ptr(a,b) ((PKCS7 *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_PKCS7_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_PKCS7_set_cmp_func(a,b) ((int (*) \ + (const PKCS7 * const *,const PKCS7 * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_PKCS7_dup(a) sk_dup(a) + #define sk_PKCS7_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_PKCS7_shift(a) ((PKCS7 *)sk_shift(a)) + #define sk_PKCS7_pop(a) ((PKCS7 *)sk_pop(a)) + #define sk_PKCS7_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(PKCS7) DECLARE_PKCS12_STACK_OF(PKCS7) diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl index 2d4541f78e..d9e0b3782d 100644 --- a/crypto/rand/Makefile.ssl +++ b/crypto/rand/Makefile.ssl @@ -22,8 +22,8 @@ TEST= randtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c -LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o +LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c rand_win.c +LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o rand_win.o SRC= $(LIBSRC) diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index da4258c479..88a608ae36 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -109,9 +109,9 @@ * */ -#define ENTROPY_NEEDED 16 /* require 128 bits = 16 bytes of randomness */ +#define ENTROPY_NEEDED 20 /* require 160 bits = 20 bytes of randomness */ -#ifndef MD_RAND_DEBUG +#ifdef MD_RAND_DEBUG # ifndef NDEBUG # define NDEBUG # endif @@ -359,7 +359,7 @@ static void ssleay_rand_seed(const void *buf, int num) ssleay_rand_add(buf, num, num); } -static void ssleay_rand_initialize(void) +static void ssleay_rand_initialize(void) /* not exported in RAND_METHOD */ { unsigned long l; #ifndef GETPID_IS_MEANINGLESS @@ -411,6 +411,7 @@ static void ssleay_rand_initialize(void) static int ssleay_rand_bytes(unsigned char *buf, int num) { + static volatile int stirred_pool = 0; int i,j,k,st_num,st_idx; int ok; long md_c[2]; @@ -419,6 +420,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #ifndef GETPID_IS_MEANINGLESS pid_t curr_pid = getpid(); #endif + int do_stir_pool = 0; #ifdef PREDICT if (rand_predictable) @@ -455,6 +457,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) if (!initialized) ssleay_rand_initialize(); + if (!stirred_pool) + do_stir_pool = 1; + ok = (entropy >= ENTROPY_NEEDED); if (!ok) { @@ -464,12 +469,42 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) * Once we've had enough initial seeding we don't bother to * adjust the entropy count, though, because we're not ambitious * to provide *information-theoretic* randomness. + * + * NOTE: This approach fails if the program forks before + * we have enough entropy. Entropy should be collected + * in a separate input pool and be transferred to the + * output pool only when the entropy limit has been reached. */ entropy -= num; if (entropy < 0) entropy = 0; } + if (do_stir_pool) + { + /* Our output function chains only half of 'md', so we better + * make sure that the required entropy gets 'evenly distributed' + * through 'state', our randomness pool. The input function + * (ssleay_rand_add) chains all of 'md', which makes it more + * suitable for this purpose. + */ + + int n = STATE_SIZE; /* so that the complete pool gets accessed */ + while (n > 0) + { +#if MD_DIGEST_LENGTH > 20 +# error "Please adjust DUMMY_SEED." +#endif +#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */ + /* Note that the seed does not matter, it's just that + * ssleay_rand_add expects to have something to hash. */ + ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0); + n -= MD_DIGEST_LENGTH; + } + if (ok) + stirred_pool = 1; + } + st_idx=state_index; st_num=state_num; md_c[0] = md_count[0]; @@ -571,142 +606,3 @@ static int ssleay_rand_status(void) return ret; } - -#ifdef WINDOWS -#include <windows.h> -#include <openssl/rand.h> - -int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) - { - double add_entropy=0; - SYSTEMTIME t; - - switch (iMsg) - { - case WM_KEYDOWN: - { - static WPARAM key; - if (key != wParam) - add_entropy = 0.05; - key = wParam; - } - break; - case WM_MOUSEMOVE: - { - static int lastx,lasty,lastdx,lastdy; - int x,y,dx,dy; - - x=LOWORD(lParam); - y=HIWORD(lParam); - dx=lastx-x; - dy=lasty-y; - if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0) - add_entropy=.2; - lastx=x, lasty=y; - lastdx=dx, lastdy=dy; - } - break; - } - - GetSystemTime(&t); - RAND_add(&iMsg, sizeof(iMsg), add_entropy); - RAND_add(&wParam, sizeof(wParam), 0); - RAND_add(&lParam, sizeof(lParam), 0); - RAND_add(&t, sizeof(t), 0); - - return (RAND_status()); - } - -/***************************************************************************** - * Initialisation function for the SSL random generator. Takes the contents - * of the screen as random seed. - * - * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V. - * - * Code adapted from - * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>; - * the original copyright message is: - * - * (C) Copyright Microsoft Corp. 1993. All rights reserved. - * - * You have a royalty-free right to use, modify, reproduce and - * distribute the Sample Files (and/or any modified version) in - * any way you find useful, provided that you agree that - * Microsoft has no warranty obligations or liability for any - * Sample Application Files which are modified. - */ -/* - * I have modified the loading of bytes via RAND_seed() mechanism since - * the original would have been very very CPU intensive since RAND_seed() - * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same - * as that to digest 56 bytes. So under the old system, a screen of - * 1024*768*256 would have been CPU cost of approximately 49,000 56 byte MD5 - * digests or digesting 2.7 mbytes. What I have put in place would - * be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes - * or about 3.5 times as much. - * - eric - */ -void RAND_screen(void) -{ - HDC hScrDC; /* screen DC */ - HDC hMemDC; /* memory DC */ - HBITMAP hBitmap; /* handle for our bitmap */ - HBITMAP hOldBitmap; /* handle for previous bitmap */ - BITMAP bm; /* bitmap properties */ - unsigned int size; /* size of bitmap */ - char *bmbits; /* contents of bitmap */ - int w; /* screen width */ - int h; /* screen height */ - int y; /* y-coordinate of screen lines to grab */ - int n = 16; /* number of screen lines to grab at a time */ - - /* Create a screen DC and a memory DC compatible to screen DC */ - hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL); - hMemDC = CreateCompatibleDC(hScrDC); - - /* Get screen resolution */ - w = GetDeviceCaps(hScrDC, HORZRES); - h = GetDeviceCaps(hScrDC, VERTRES); - - /* Create a bitmap compatible with the screen DC */ - hBitmap = CreateCompatibleBitmap(hScrDC, w, n); - - /* Select new bitmap into memory DC */ - hOldBitmap = SelectObject(hMemDC, hBitmap); - - /* Get bitmap properties */ - GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm); - size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes; - - bmbits = Malloc(size); - if (bmbits) { - /* Now go through the whole screen, repeatedly grabbing n lines */ - for (y = 0; y < h-n; y += n) - { - unsigned char md[MD_DIGEST_LENGTH]; - - /* Bitblt screen DC to memory DC */ - BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY); - - /* Copy bitmap bits from memory DC to bmbits */ - GetBitmapBits(hBitmap, size, bmbits); - - /* Get the MD5 of the bitmap */ - MD(bmbits,size,md); - - /* Seed the random generator with the MD5 digest */ - RAND_seed(md, MD_DIGEST_LENGTH); - } - - Free(bmbits); - } - - /* Select old bitmap back into memory DC */ - hBitmap = SelectObject(hMemDC, hOldBitmap); - - /* Clean up */ - DeleteObject(hBitmap); - DeleteDC(hMemDC); - DeleteDC(hScrDC); -} -#endif diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index b4b12c2d74..0e149460f7 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -90,6 +90,7 @@ int RAND_write_file(const char *file); const char *RAND_file_name(char *file,int num); int RAND_status(void); int RAND_egd(const char *path); +int RAND_egd_bytes(const char *path,int bytes); void ERR_load_RAND_strings(void); #ifdef __cplusplus diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index 380c7828c3..02a0d86fa3 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -64,6 +64,11 @@ int RAND_egd(const char *path) { return(-1); } + +int RAND_egd_bytes(const char *path,int bytes) + { + return(-1); + } #else #include <openssl/opensslconf.h> #include OPENSSL_UNISTD @@ -107,4 +112,56 @@ int RAND_egd(const char *path) if (fd != -1) close(fd); return(ret); } + +int RAND_egd_bytes(const char *path,int bytes) + { + int ret = 0; + struct sockaddr_un addr; + int len, num; + int fd = -1; + unsigned char buf[255]; + + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + if (strlen(path) > sizeof(addr.sun_path)) + return (-1); + strcpy(addr.sun_path,path); + len = offsetof(struct sockaddr_un, sun_path) + strlen(path); + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd == -1) return (-1); + if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err; + + while(bytes > 0) + { + buf[0] = 1; + buf[1] = bytes < 255 ? bytes : 255; + write(fd, buf, 2); + if (read(fd, buf, 1) != 1) + { + ret=-1; + goto err; + } + if(buf[0] == 0) + goto err; + num = read(fd, buf, buf[0]); + if (num < 1) + { + ret=-1; + goto err; + } + RAND_seed(buf, num); + if (RAND_status() != 1) + { + ret=-1; + goto err; + } + ret += num; + bytes-=num; + } + err: + if (fd != -1) close(fd); + return(ret); + } + + #endif diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index d01b9852e9..830d6168e6 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -172,7 +172,7 @@ int RAND_write_file(const char *file) { char *tmpf; - tmpf = Malloc(strlen(file) + 4); /* to add ";-1" and a nul */ + tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ if (tmpf) { strcpy(tmpf, file); diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h index 099bc31b66..076c0a067c 100644 --- a/crypto/rc2/rc2.h +++ b/crypto/rc2/rc2.h @@ -80,17 +80,19 @@ typedef struct rc2_key_st } RC2_KEY; -void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits); -void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key, - int enc); +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); +void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, + int enc); void RC2_encrypt(unsigned long *data,RC2_KEY *key); void RC2_decrypt(unsigned long *data,RC2_KEY *key); -void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int enc); -void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num); +void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num, int enc); +void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num); #ifdef __cplusplus } diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c index 1202184e85..74f48d3d87 100644 --- a/crypto/rc2/rc2_cbc.c +++ b/crypto/rc2/rc2_cbc.c @@ -59,7 +59,7 @@ #include <openssl/rc2.h> #include "rc2_locl.h" -void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int encrypt) { register unsigned long tin0,tin1; diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c index 7d77b9186c..d3e8c2718a 100644 --- a/crypto/rc2/rc2_ecb.c +++ b/crypto/rc2/rc2_ecb.c @@ -70,8 +70,8 @@ const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT; * Date: 11 Feb 1996 06:45:03 GMT */ -void RC2_ecb_encrypt(unsigned char *in, unsigned char *out, RC2_KEY *ks, - int encrypt) +void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks, + int encrypt) { unsigned long l,d[2]; diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c index 7143c4e591..cab3080c73 100644 --- a/crypto/rc2/rc2_skey.c +++ b/crypto/rc2/rc2_skey.c @@ -90,7 +90,7 @@ static unsigned char key_table[256]={ * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ -void RC2_set_key(RC2_KEY *key, int len, unsigned char *data, int bits) +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) { int i,j; unsigned char *k; diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c index 5e3fa07d90..b3a0158a6e 100644 --- a/crypto/rc2/rc2cfb64.c +++ b/crypto/rc2/rc2cfb64.c @@ -64,8 +64,9 @@ * 64bit block we have used is contained in *num; */ -void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num, int encrypt) +void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num, int encrypt) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c index 42cdd40cdd..9e297867ed 100644 --- a/crypto/rc2/rc2ofb64.c +++ b/crypto/rc2/rc2ofb64.c @@ -63,8 +63,9 @@ * used. The extra state information to record how much of the * 64bit block we have used is contained in *num; */ -void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num) +void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rc5/rc5.h b/crypto/rc5/rc5.h index 38e901502b..fc4cea5e36 100644 --- a/crypto/rc5/rc5.h +++ b/crypto/rc5/rc5.h @@ -93,18 +93,21 @@ typedef struct rc5_key_st } RC5_32_KEY; -void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data, +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); -void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key, +void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, int enc); void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key); void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key); -void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *ks, unsigned char *iv, int enc); -void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num); +void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *ks, unsigned char *iv, + int enc); +void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num, int enc); +void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num); #ifdef __cplusplus } diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c index 17e877a146..1841892b2a 100644 --- a/crypto/rc5/rc5_ecb.c +++ b/crypto/rc5/rc5_ecb.c @@ -62,8 +62,8 @@ char *RC5_version="RC5" OPENSSL_VERSION_PTEXT; -void RC5_32_ecb_encrypt(unsigned char *in, unsigned char *out, RC5_32_KEY *ks, - int encrypt) +void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out, + RC5_32_KEY *ks, int encrypt) { unsigned long l,d[2]; diff --git a/crypto/rc5/rc5_enc.c b/crypto/rc5/rc5_enc.c index 1124fd22eb..f327d32a76 100644 --- a/crypto/rc5/rc5_enc.c +++ b/crypto/rc5/rc5_enc.c @@ -60,8 +60,9 @@ #include <openssl/rc5.h> #include "rc5_locl.h" -void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *ks, unsigned char *iv, int encrypt) +void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *ks, unsigned char *iv, + int encrypt) { register unsigned long tin0,tin1; register unsigned long tout0,tout1,xor0,xor1; diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c index 64e13487bf..a2e00a41c5 100644 --- a/crypto/rc5/rc5_skey.c +++ b/crypto/rc5/rc5_skey.c @@ -59,8 +59,8 @@ #include <openssl/rc5.h> #include "rc5_locl.h" -void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data, - int rounds) +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) { RC5_32_INT L[64],l,ll,A,B,*S,k; int i,j,m,c,t,ii,jj; diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c index 55e03087e2..3a8b60bc7a 100644 --- a/crypto/rc5/rc5cfb64.c +++ b/crypto/rc5/rc5cfb64.c @@ -64,8 +64,9 @@ * 64bit block we have used is contained in *num; */ -void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num, int encrypt) +void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num, int encrypt) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c index fd2ecddf6c..d412215f3c 100644 --- a/crypto/rc5/rc5ofb64.c +++ b/crypto/rc5/rc5ofb64.c @@ -63,8 +63,9 @@ * used. The extra state information to record how much of the * 64bit block we have used is contained in *num; */ -void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num) +void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num) { register unsigned long v0,v1,t; register int n= *num; diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 8deb536cc6..8b8a1e279a 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -109,7 +109,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from, BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -164,7 +164,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -184,7 +184,7 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from, if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -242,7 +242,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -265,7 +265,7 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from, num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -337,7 +337,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -359,7 +359,7 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from, if (ctx == NULL) goto err; num=BN_num_bytes(rsa->n); - buf=(unsigned char *)Malloc(num); + buf=(unsigned char *)OPENSSL_malloc(num); if (buf == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); @@ -411,7 +411,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 95e636d3f0..00c25adbc5 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -95,7 +95,7 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, * unsigned long can be larger */ for (i=0; i<sizeof(unsigned long)*8; i++) { - if (e_value & (1<<i)) + if (e_value & (1UL<<i)) BN_set_bit(rsa->e,i); } #else diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index c7c93234e2..55b4a82dee 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -155,7 +155,7 @@ RSA *RSA_new_method(ENGINE *engine) RSA_METHOD *meth; RSA *ret; - ret=(RSA *)Malloc(sizeof(RSA)); + ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); if (ret == NULL) { RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -193,7 +193,7 @@ RSA *RSA_new_method(ENGINE *engine) ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -237,8 +237,8 @@ void RSA_free(RSA *r) if (r->dmq1 != NULL) BN_clear_free(r->dmq1); if (r->iqmp != NULL) BN_clear_free(r->iqmp); if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->bignum_data != NULL) Free_locked(r->bignum_data); - Free(r); + if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); + OPENSSL_free(r); } int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, @@ -360,7 +360,7 @@ int RSA_memory_lock(RSA *r) j=1; for (i=0; i<6; i++) j+= (*t[i])->top; - if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) + if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) { RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); return(0); diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 1465c01f4f..fd0b7f361f 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -34,7 +34,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, return (0); } - dbmask = Malloc(emlen - SHA_DIGEST_LENGTH); + dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); if (dbmask == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -66,7 +66,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; - Free(dbmask); + OPENSSL_free(dbmask); return (1); } @@ -86,7 +86,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, } dblen = num - SHA_DIGEST_LENGTH; - db = Malloc(dblen); + db = OPENSSL_malloc(dblen); if (db == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -128,7 +128,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, memcpy(to, db + i, mlen); } } - Free(db); + OPENSSL_free(db); return (mlen); } diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index 61efb0b00f..c77f4381ff 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -81,7 +81,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); return(0); } - s=(unsigned char *)Malloc((unsigned int)j+1); + s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -96,7 +96,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, *siglen=i; memset(s,0,(unsigned int)j+1); - Free(s); + OPENSSL_free(s); return(ret); } @@ -114,7 +114,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, return(0); } - s=(unsigned char *)Malloc((unsigned int)siglen); + s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -138,7 +138,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, err: if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); memset(s,0,(unsigned int)siglen); - Free(s); + OPENSSL_free(s); return(ret); } diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 2b98348b38..cf00876292 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -117,7 +117,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, return(0); } if(type != NID_md5_sha1) { - s=(unsigned char *)Malloc((unsigned int)j+1); + s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); @@ -134,7 +134,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, if(type != NID_md5_sha1) { memset(s,0,(unsigned int)j+1); - Free(s); + OPENSSL_free(s); } return(ret); } @@ -156,7 +156,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); - s=(unsigned char *)Malloc((unsigned int)siglen); + s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); @@ -218,7 +218,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, err: if (sig != NULL) X509_SIG_free(sig); memset(s,0,(unsigned int)siglen); - Free(s); + OPENSSL_free(s); return(ret); } diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index da631581f6..228b4f8184 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -57,6 +57,8 @@ #include <openssl/stack.h> +#ifdef DEBUG_SAFESTACK + #define STACK_OF(type) struct stack_st_##type #define PREDECLARE_STACK_OF(type) STACK_OF(type); @@ -65,7 +67,8 @@ STACK_OF(type) \ { \ STACK stack; \ }; \ -STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)); \ +STACK_OF(type) *sk_##type##_new(int (*cmp)(const type * const *, \ + const type * const *)); \ STACK_OF(type) *sk_##type##_new_null(void); \ void sk_##type##_free(STACK_OF(type) *sk); \ int sk_##type##_num(const STACK_OF(type) *sk); \ @@ -76,10 +79,11 @@ int sk_##type##_push(STACK_OF(type) *sk,type *v); \ int sk_##type##_unshift(STACK_OF(type) *sk,type *v); \ int sk_##type##_find(STACK_OF(type) *sk,type *v); \ type *sk_##type##_delete(STACK_OF(type) *sk,int n); \ -void sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v); \ +type *sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v); \ int sk_##type##_insert(STACK_OF(type) *sk,type *v,int n); \ int (*sk_##type##_set_cmp_func(STACK_OF(type) *sk, \ - int (*cmp)(type **,type **)))(type **,type **); \ + int (*cmp)(const type * const *,const type * const *))) \ + (const type * const *,const type * const *); \ STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk); \ void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)); \ type *sk_##type##_shift(STACK_OF(type) *sk); \ @@ -87,8 +91,10 @@ type *sk_##type##_pop(STACK_OF(type) *sk); \ void sk_##type##_sort(STACK_OF(type) *sk); #define IMPLEMENT_STACK_OF(type) \ -STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)) \ - { return (STACK_OF(type) *)sk_new((int (*)())cmp); } \ +STACK_OF(type) *sk_##type##_new(int (*cmp)(const type * const *, \ + const type * const *)) \ + { return (STACK_OF(type) *)sk_new( \ + (int (*)(const char * const *,const char * const *))cmp); } \ STACK_OF(type) *sk_##type##_new_null() \ { return (STACK_OF(type) *)sk_new_null(); } \ void sk_##type##_free(STACK_OF(type) *sk) \ @@ -109,13 +115,15 @@ int sk_##type##_find(STACK_OF(type) *sk,type *v) \ { return sk_find((STACK *)sk,(char *)v); } \ type *sk_##type##_delete(STACK_OF(type) *sk,int n) \ { return (type *)sk_delete((STACK *)sk,n); } \ -void sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v) \ - { sk_delete_ptr((STACK *)sk,(char *)v); } \ +type *sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v) \ + { return (type *)sk_delete_ptr((STACK *)sk,(char *)v); } \ int sk_##type##_insert(STACK_OF(type) *sk,type *v,int n) \ { return sk_insert((STACK *)sk,(char *)v,n); } \ int (*sk_##type##_set_cmp_func(STACK_OF(type) *sk, \ - int (*cmp)(type **,type **)))(type **,type **) \ - { return (int (*)(type **,type **))sk_set_cmp_func((STACK *)sk,(int(*)(const void *, const void *))cmp); } \ + int (*cmp)(const type * const *,const type * const *))) \ + (const type * const *,const type * const *) \ + { return (int (*)(const type * const *,const type * const *))sk_set_cmp_func( \ + (STACK *)sk, (int(*)(const char * const *, const char * const *))cmp); } \ STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk) \ { return (STACK_OF(type) *)sk_dup((STACK *)sk); } \ void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)) \ @@ -127,4 +135,13 @@ type *sk_##type##_pop(STACK_OF(type) *sk) \ void sk_##type##_sort(STACK_OF(type) *sk) \ { sk_sort((STACK *)sk); } +#else + +#define STACK_OF(type) STACK +#define PREDECLARE_STACK_OF(type) /* nada */ +#define DECLARE_STACK_OF(type) /* nada */ +#define IMPLEMENT_STACK_OF(type) /* nada */ + +#endif + #endif /* ndef HEADER_SAFESTACK_H */ diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index 3e2f4d8786..d2c640075b 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -76,9 +76,10 @@ const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT; #include <errno.h> -int (*sk_set_cmp_func(STACK *sk, int (*c)(const void *,const void *)))(const void *, const void *) +int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *))) + (const char * const *, const char * const *) { - int (*old)(const void *,const void *)=sk->comp; + int (*old)(const char * const *,const char * const *)=sk->comp; if (sk->comp != c) sk->sorted=0; @@ -93,7 +94,7 @@ STACK *sk_dup(STACK *sk) char **s; if ((ret=sk_new(sk->comp)) == NULL) goto err; - s=(char **)Realloc((char *)ret->data, + s=(char **)OPENSSL_realloc((char *)ret->data, (unsigned int)sizeof(char *)*sk->num_alloc); if (s == NULL) goto err; ret->data=s; @@ -108,14 +109,14 @@ err: return(NULL); } -STACK *sk_new(int (*c)(const void *, const void *)) +STACK *sk_new(int (*c)(const char * const *, const char * const *)) { STACK *ret; int i; - if ((ret=(STACK *)Malloc(sizeof(STACK))) == NULL) + if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL) goto err0; - if ((ret->data=(char **)Malloc(sizeof(char *)*MIN_NODES)) == NULL) + if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL) goto err1; for (i=0; i<MIN_NODES; i++) ret->data[i]=NULL; @@ -125,7 +126,7 @@ STACK *sk_new(int (*c)(const void *, const void *)) ret->sorted=0; return(ret); err1: - Free(ret); + OPENSSL_free(ret); err0: return(NULL); } @@ -137,7 +138,7 @@ int sk_insert(STACK *st, char *data, int loc) if(st == NULL) return 0; if (st->num_alloc <= st->num+1) { - s=(char **)Realloc((char *)st->data, + s=(char **)OPENSSL_realloc((char *)st->data, (unsigned int)sizeof(char *)*st->num_alloc*2); if (s == NULL) return(0); @@ -218,13 +219,24 @@ int sk_find(STACK *st, char *data) } sk_sort(st); if (data == NULL) return(-1); - comp_func=st->comp; + /* This (and the "qsort" below) are the two places in OpenSSL + * where we need to convert from our standard (type **,type **) + * compare callback type to the (void *,void *) type required by + * bsearch. However, the "data" it is being called(back) with are + * not (type *) pointers, but the *pointers* to (type *) pointers, + * so we get our extra level of pointer dereferencing that way. */ + comp_func=(int (*)(const void *,const void *))(st->comp); r=(char **)bsearch(&data,(char *)st->data, st->num,sizeof(char *), comp_func); if (r == NULL) return(-1); i=(int)(r-st->data); for ( ; i>0; i--) - if ((*st->comp)(&(st->data[i-1]),&data) < 0) + /* This needs a cast because the type being pointed to from + * the "&" expressions are (char *) rather than (const char *). + * For an explanation, read: + * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */ + if ((*st->comp)((const char * const *)&(st->data[i-1]), + (const char * const *)&data) < 0) break; return(i); } @@ -275,17 +287,17 @@ void sk_pop_free(STACK *st, void (*func)(void *)) void sk_free(STACK *st) { if (st == NULL) return; - if (st->data != NULL) Free(st->data); - Free(st); + if (st->data != NULL) OPENSSL_free(st->data); + OPENSSL_free(st); } -int sk_num(STACK *st) +int sk_num(const STACK *st) { if(st == NULL) return -1; return st->num; } -char *sk_value(STACK *st, int i) +char *sk_value(const STACK *st, int i) { if(st == NULL) return NULL; return st->data[i]; @@ -303,7 +315,12 @@ void sk_sort(STACK *st) { int (*comp_func)(const void *,const void *); - comp_func=st->comp; + /* same comment as in sk_find ... previously st->comp was declared + * as a (void*,void*) callback type, but this made the population + * of the callback pointer illogical - our callbacks compare + * type** with type**, so we leave the casting until absolutely + * necessary (ie. "now"). */ + comp_func=(int (*)(const void *,const void *))(st->comp); qsort(st->data,st->num,sizeof(char *), comp_func); st->sorted=1; } diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h index a6665f3b30..6f5b4bdce2 100644 --- a/crypto/stack/stack.h +++ b/crypto/stack/stack.h @@ -70,21 +70,21 @@ typedef struct stack_st int sorted; int num_alloc; - int (*comp)(const void *, const void *); + int (*comp)(const char * const *, const char * const *); } STACK; - -#define sk_new_null() sk_new(NULL) +#define sk_new_null() sk_new((int (*)(const char * const *, \ + const char * const *))NULL) #define M_sk_num(sk) ((sk) ? (sk)->num:-1) #define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) -int sk_num(STACK *); -char *sk_value(STACK *, int); +int sk_num(const STACK *); +char *sk_value(const STACK *, int); char *sk_set(STACK *, int, char *); -STACK *sk_new(int (*cmp)(const void *, const void *)); +STACK *sk_new(int (*cmp)(const char * const *, const char * const *)); void sk_free(STACK *); void sk_pop_free(STACK *st, void (*func)(void *)); int sk_insert(STACK *sk,char *data,int where); @@ -96,7 +96,9 @@ int sk_unshift(STACK *st,char *data); char *sk_shift(STACK *st); char *sk_pop(STACK *st); void sk_zero(STACK *st); -int (*sk_set_cmp_func(STACK *sk, int (*c)(const void *,const void *)))(const void *, const void *); +int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *, + const char * const *))) + (const char * const *, const char * const *); STACK *sk_dup(STACK *st); void sk_sort(STACK *st); diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index 24713a3157..100165948c 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -699,7 +699,7 @@ void thread_setup(void) { int i; - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(HANDLE)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_cs[i]=CreateMutex(NULL,FALSE,NULL); @@ -716,7 +716,7 @@ void thread_cleanup(void) CRYPTO_set_locking_callback(NULL); for (i=0; i<CRYPTO_num_locks(); i++) CloseHandle(lock_cs[i]); - Free(lock_cs); + OPENSSL_free(lock_cs); } void win32_locking_callback(int mode, int type, char *file, int line) @@ -794,8 +794,8 @@ void thread_setup(void) { int i; - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(mutex_t)); - lock_count=Malloc(CRYPTO_num_locks() * sizeof(long)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t)); + lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_count[i]=0; @@ -821,8 +821,8 @@ void thread_cleanup(void) mutex_destroy(&(lock_cs[i])); fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i)); } - Free(lock_cs); - Free(lock_count); + OPENSSL_free(lock_cs); + OPENSSL_free(lock_count); fprintf(stderr,"done cleanup\n"); @@ -919,7 +919,7 @@ void thread_setup(void) arena=usinit(filename); unlink(filename); - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(usema_t *)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_cs[i]=usnewsema(arena,1); @@ -942,7 +942,7 @@ void thread_cleanup(void) usdumpsema(lock_cs[i],stdout,buf); usfreesema(lock_cs[i],arena); } - Free(lock_cs); + OPENSSL_free(lock_cs); } void irix_locking_callback(int mode, int type, char *file, int line) @@ -1002,8 +1002,8 @@ void thread_setup(void) { int i; - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); - lock_count=Malloc(CRYPTO_num_locks() * sizeof(long)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); + lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_count[i]=0; @@ -1026,8 +1026,8 @@ void thread_cleanup(void) fprintf(stderr,"%8ld:%s\n",lock_count[i], CRYPTO_get_lock_name(i)); } - Free(lock_cs); - Free(lock_count); + OPENSSL_free(lock_cs); + OPENSSL_free(lock_count); fprintf(stderr,"done cleanup\n"); } diff --git a/crypto/threads/th-lock.c b/crypto/threads/th-lock.c index 3ee978060c..553d2218de 100644 --- a/crypto/threads/th-lock.c +++ b/crypto/threads/th-lock.c @@ -113,7 +113,7 @@ void CRYPTO_thread_setup(void) { int i; - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(HANDLE)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_cs[i]=CreateMutex(NULL,FALSE,NULL); @@ -131,7 +131,7 @@ static void CRYPTO_thread_cleanup(void) CRYPTO_set_locking_callback(NULL); for (i=0; i<CRYPTO_num_locks(); i++) CloseHandle(lock_cs[i]); - Free(lock_cs); + OPENSSL_free(lock_cs); } void win32_locking_callback(int mode, int type, char *file, int line) @@ -164,11 +164,11 @@ void CRYPTO_thread_setup(void) int i; #ifdef USE_MUTEX - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(mutex_t)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t)); #else - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(rwlock_t)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t)); #endif - lock_count=Malloc(CRYPTO_num_locks() * sizeof(long)); + lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_count[i]=0; @@ -196,8 +196,8 @@ void CRYPTO_thread_cleanup(void) rwlock_destroy(&(lock_cs[i])); #endif } - Free(lock_cs); - Free(lock_count); + OPENSSL_free(lock_cs); + OPENSSL_free(lock_count); } void solaris_locking_callback(int mode, int type, char *file, int line) @@ -267,7 +267,7 @@ void CRYPTO_thread_setup(void) arena=usinit(filename); unlink(filename); - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(usema_t *)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_cs[i]=usnewsema(arena,1); @@ -290,7 +290,7 @@ void CRYPTO_thread_cleanup(void) usdumpsema(lock_cs[i],stdout,buf); usfreesema(lock_cs[i],arena); } - Free(lock_cs); + OPENSSL_free(lock_cs); } void irix_locking_callback(int mode, int type, char *file, int line) @@ -324,8 +324,8 @@ void CRYPTO_thread_setup(void) { int i; - lock_cs=Malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); - lock_count=Malloc(CRYPTO_num_locks() * sizeof(long)); + lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); + lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); for (i=0; i<CRYPTO_num_locks(); i++) { lock_count[i]=0; @@ -345,8 +345,8 @@ void thread_cleanup(void) { pthread_mutex_destroy(&(lock_cs[i])); } - Free(lock_cs); - Free(lock_count); + OPENSSL_free(lock_cs); + OPENSSL_free(lock_count); } void pthreads_locking_callback(int mode, int type, char *file, diff --git a/crypto/tmdiff.c b/crypto/tmdiff.c index 0ad8a9ed8d..7773928666 100644 --- a/crypto/tmdiff.c +++ b/crypto/tmdiff.c @@ -134,7 +134,7 @@ char *ms_time_new(void) { MS_TM *ret; - ret=(MS_TM *)Malloc(sizeof(MS_TM)); + ret=(MS_TM *)OPENSSL_malloc(sizeof(MS_TM)); if (ret == NULL) return(NULL); memset(ret,0,sizeof(MS_TM)); @@ -147,7 +147,7 @@ char *ms_time_new(void) void ms_time_free(char *a) { if (a != NULL) - Free(a); + OPENSSL_free(a); } void ms_time_get(char *a) diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c index 33acc81f3f..3b04fe280c 100644 --- a/crypto/txt_db/txt_db.c +++ b/crypto/txt_db/txt_db.c @@ -83,16 +83,16 @@ TXT_DB *TXT_DB_read(BIO *in, int num) if ((buf=BUF_MEM_new()) == NULL) goto err; if (!BUF_MEM_grow(buf,size)) goto err; - if ((ret=(TXT_DB *)Malloc(sizeof(TXT_DB))) == NULL) + if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL) goto err; ret->num_fields=num; ret->index=NULL; ret->qual=NULL; if ((ret->data=sk_new_null()) == NULL) goto err; - if ((ret->index=(LHASH **)Malloc(sizeof(LHASH *)*num)) == NULL) + if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) goto err; - if ((ret->qual=(int (**)())Malloc(sizeof(int (**)())*num)) == NULL) + if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL) goto err; for (i=0; i<num; i++) { @@ -122,7 +122,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) else { buf->data[offset-1]='\0'; /* blat the '\n' */ - p=(char *)Malloc(add+offset); + p=(char *)OPENSSL_malloc(add+offset); offset=0; } pp=(char **)p; @@ -177,12 +177,12 @@ err: if (er) { #if !defined(NO_STDIO) && !defined(WIN16) - if (er == 1) fprintf(stderr,"Malloc failure\n"); + if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n"); #endif if (ret->data != NULL) sk_free(ret->data); - if (ret->index != NULL) Free(ret->index); - if (ret->qual != NULL) Free(ret->qual); - if (ret != NULL) Free(ret); + if (ret->index != NULL) OPENSSL_free(ret->index); + if (ret->qual != NULL) OPENSSL_free(ret->qual); + if (ret != NULL) OPENSSL_free(ret); return(NULL); } else @@ -349,10 +349,10 @@ void TXT_DB_free(TXT_DB *db) { for (i=db->num_fields-1; i>=0; i--) if (db->index[i] != NULL) lh_free(db->index[i]); - Free(db->index); + OPENSSL_free(db->index); } if (db->qual != NULL) - Free(db->qual); + OPENSSL_free(db->qual); if (db->data != NULL) { for (i=sk_num(db->data)-1; i>=0; i--) @@ -364,7 +364,7 @@ void TXT_DB_free(TXT_DB *db) if (max == NULL) /* new row */ { for (n=0; n<db->num_fields; n++) - if (p[n] != NULL) Free(p[n]); + if (p[n] != NULL) OPENSSL_free(p[n]); } else { @@ -372,12 +372,12 @@ void TXT_DB_free(TXT_DB *db) { if (((p[n] < (char *)p) || (p[n] > max)) && (p[n] != NULL)) - Free(p[n]); + OPENSSL_free(p[n]); } } - Free(sk_value(db->data,i)); + OPENSSL_free(sk_value(db->data,i)); } sk_free(db->data); } - Free(db); + OPENSSL_free(db); } diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index 14d12c56bd..c5920cc7dd 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -146,11 +146,11 @@ static int new_dir(X509_LOOKUP *lu) { BY_DIR *a; - if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL) + if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) return(0); if ((a->buffer=BUF_MEM_new()) == NULL) { - Free(a); + OPENSSL_free(a); return(0); } a->num_dirs=0; @@ -168,11 +168,11 @@ static void free_dir(X509_LOOKUP *lu) a=(BY_DIR *)lu->method_data; for (i=0; i<a->num_dirs; i++) - if (a->dirs[i] != NULL) Free(a->dirs[i]); - if (a->dirs != NULL) Free(a->dirs); - if (a->dirs_type != NULL) Free(a->dirs_type); + if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]); + if (a->dirs != NULL) OPENSSL_free(a->dirs); + if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type); if (a->buffer != NULL) BUF_MEM_free(a->buffer); - Free(a); + OPENSSL_free(a); } static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) @@ -204,9 +204,9 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) { ctx->num_dirs_alloced+=10; - pp=(char **)Malloc(ctx->num_dirs_alloced* + pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced* sizeof(char *)); - ip=(int *)Malloc(ctx->num_dirs_alloced* + ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced* sizeof(int)); if ((pp == NULL) || (ip == NULL)) { @@ -218,14 +218,14 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)* sizeof(int)); if (ctx->dirs != NULL) - Free(ctx->dirs); + OPENSSL_free(ctx->dirs); if (ctx->dirs_type != NULL) - Free(ctx->dirs_type); + OPENSSL_free(ctx->dirs_type); ctx->dirs=pp; ctx->dirs_type=ip; } ctx->dirs_type[ctx->num_dirs]=type; - ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1); + ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1); if (ctx->dirs[ctx->num_dirs] == NULL) return(0); strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len); ctx->dirs[ctx->num_dirs][len]='\0'; diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index a0aaad8366..1dae31a233 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -143,6 +143,37 @@ typedef struct X509_algor_st } X509_ALGOR; DECLARE_STACK_OF(X509_ALGOR) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_ALGOR_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_ALGOR_new_null() sk_new_null() + #define sk_X509_ALGOR_free(a) sk_free(a) + #define sk_X509_ALGOR_num(a) sk_num(a) + #define sk_X509_ALGOR_value(a,b) ((X509_ALGOR *) \ + sk_value((a),(b))) + #define sk_X509_ALGOR_set(a,b,c) ((X509_ALGOR *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_ALGOR_zero(a) sk_zero(a) + #define sk_X509_ALGOR_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_ALGOR_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_ALGOR_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_ALGOR_delete(a,b) ((X509_ALGOR *) \ + sk_delete((a),(b))) + #define sk_X509_ALGOR_delete_ptr(a,b) ((X509_ALGOR *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_ALGOR_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_ALGOR_set_cmp_func(a,b) ((int (*) \ + (const X509_ALGOR * const *,const X509_ALGOR * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_ALGOR_dup(a) sk_dup(a) + #define sk_X509_ALGOR_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_ALGOR_shift(a) ((X509_ALGOR *)sk_shift(a)) + #define sk_X509_ALGOR_pop(a) ((X509_ALGOR *)sk_pop(a)) + #define sk_X509_ALGOR_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_ALGOR) typedef struct X509_val_st @@ -173,6 +204,37 @@ typedef struct X509_name_entry_st } X509_NAME_ENTRY; DECLARE_STACK_OF(X509_NAME_ENTRY) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_NAME_ENTRY_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_NAME_ENTRY_new_null() sk_new_null() + #define sk_X509_NAME_ENTRY_free(a) sk_free(a) + #define sk_X509_NAME_ENTRY_num(a) sk_num(a) + #define sk_X509_NAME_ENTRY_value(a,b) ((X509_NAME_ENTRY *) \ + sk_value((a),(b))) + #define sk_X509_NAME_ENTRY_set(a,b,c) ((X509_NAME_ENTRY *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_NAME_ENTRY_zero(a) sk_zero(a) + #define sk_X509_NAME_ENTRY_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_NAME_ENTRY_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_NAME_ENTRY_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_NAME_ENTRY_delete(a,b) ((X509_NAME_ENTRY *) \ + sk_delete((a),(b))) + #define sk_X509_NAME_ENTRY_delete_ptr(a,b) ((X509_NAME_ENTRY *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_NAME_ENTRY_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_NAME_ENTRY_set_cmp_func(a,b) ((int (*) \ + (const X509_NAME_ENTRY * const *,const X509_NAME_ENTRY * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_NAME_ENTRY_dup(a) sk_dup(a) + #define sk_X509_NAME_ENTRY_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_NAME_ENTRY_shift(a) ((X509_NAME_ENTRY *)sk_shift(a)) + #define sk_X509_NAME_ENTRY_pop(a) ((X509_NAME_ENTRY *)sk_pop(a)) + #define sk_X509_NAME_ENTRY_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) /* we always keep X509_NAMEs in 2 forms. */ @@ -189,6 +251,37 @@ typedef struct X509_name_st } X509_NAME; DECLARE_STACK_OF(X509_NAME) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_NAME_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_NAME_new_null() sk_new_null() + #define sk_X509_NAME_free(a) sk_free(a) + #define sk_X509_NAME_num(a) sk_num(a) + #define sk_X509_NAME_value(a,b) ((X509_NAME *) \ + sk_value((a),(b))) + #define sk_X509_NAME_set(a,b,c) ((X509_NAME *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_NAME_zero(a) sk_zero(a) + #define sk_X509_NAME_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_NAME_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_NAME_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_NAME_delete(a,b) ((X509_NAME *) \ + sk_delete((a),(b))) + #define sk_X509_NAME_delete_ptr(a,b) ((X509_NAME *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_NAME_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_NAME_set_cmp_func(a,b) ((int (*) \ + (const X509_NAME * const *,const X509_NAME * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_NAME_dup(a) sk_dup(a) + #define sk_X509_NAME_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_NAME_shift(a) ((X509_NAME *)sk_shift(a)) + #define sk_X509_NAME_pop(a) ((X509_NAME *)sk_pop(a)) + #define sk_X509_NAME_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ #define X509_EX_V_NETSCAPE_HACK 0x8000 #define X509_EX_V_INIT 0x0001 @@ -203,6 +296,37 @@ typedef struct X509_extension_st } X509_EXTENSION; DECLARE_STACK_OF(X509_EXTENSION) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_EXTENSION_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_EXTENSION_new_null() sk_new_null() + #define sk_X509_EXTENSION_free(a) sk_free(a) + #define sk_X509_EXTENSION_num(a) sk_num(a) + #define sk_X509_EXTENSION_value(a,b) ((X509_EXTENSION *) \ + sk_value((a),(b))) + #define sk_X509_EXTENSION_set(a,b,c) ((X509_EXTENSION *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_EXTENSION_zero(a) sk_zero(a) + #define sk_X509_EXTENSION_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_EXTENSION_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_EXTENSION_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_EXTENSION_delete(a,b) ((X509_EXTENSION *) \ + sk_delete((a),(b))) + #define sk_X509_EXTENSION_delete_ptr(a,b) ((X509_EXTENSION *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_EXTENSION_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_EXTENSION_set_cmp_func(a,b) ((int (*) \ + (const X509_EXTENSION * const *,const X509_EXTENSION * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_EXTENSION_dup(a) sk_dup(a) + #define sk_X509_EXTENSION_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_EXTENSION_shift(a) ((X509_EXTENSION *)sk_shift(a)) + #define sk_X509_EXTENSION_pop(a) ((X509_EXTENSION *)sk_pop(a)) + #define sk_X509_EXTENSION_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_EXTENSION) /* a sequence of these are used */ @@ -218,6 +342,37 @@ typedef struct x509_attributes_st } X509_ATTRIBUTE; DECLARE_STACK_OF(X509_ATTRIBUTE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_ATTRIBUTE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_ATTRIBUTE_new_null() sk_new_null() + #define sk_X509_ATTRIBUTE_free(a) sk_free(a) + #define sk_X509_ATTRIBUTE_num(a) sk_num(a) + #define sk_X509_ATTRIBUTE_value(a,b) ((X509_ATTRIBUTE *) \ + sk_value((a),(b))) + #define sk_X509_ATTRIBUTE_set(a,b,c) ((X509_ATTRIBUTE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_ATTRIBUTE_zero(a) sk_zero(a) + #define sk_X509_ATTRIBUTE_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_ATTRIBUTE_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_ATTRIBUTE_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_ATTRIBUTE_delete(a,b) ((X509_ATTRIBUTE *) \ + sk_delete((a),(b))) + #define sk_X509_ATTRIBUTE_delete_ptr(a,b) ((X509_ATTRIBUTE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_ATTRIBUTE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_ATTRIBUTE_set_cmp_func(a,b) ((int (*) \ + (const X509_ATTRIBUTE * const *,const X509_ATTRIBUTE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_ATTRIBUTE_dup(a) sk_dup(a) + #define sk_X509_ATTRIBUTE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_ATTRIBUTE_shift(a) ((X509_ATTRIBUTE *)sk_shift(a)) + #define sk_X509_ATTRIBUTE_pop(a) ((X509_ATTRIBUTE *)sk_pop(a)) + #define sk_X509_ATTRIBUTE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) typedef struct X509_req_info_st @@ -289,6 +444,37 @@ typedef struct x509_st } X509; DECLARE_STACK_OF(X509) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_new_null() sk_new_null() + #define sk_X509_free(a) sk_free(a) + #define sk_X509_num(a) sk_num(a) + #define sk_X509_value(a,b) ((X509 *) \ + sk_value((a),(b))) + #define sk_X509_set(a,b,c) ((X509 *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_zero(a) sk_zero(a) + #define sk_X509_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_delete(a,b) ((X509 *) \ + sk_delete((a),(b))) + #define sk_X509_delete_ptr(a,b) ((X509 *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_set_cmp_func(a,b) ((int (*) \ + (const X509 * const *,const X509 * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_dup(a) sk_dup(a) + #define sk_X509_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_shift(a) ((X509 *)sk_shift(a)) + #define sk_X509_pop(a) ((X509 *)sk_pop(a)) + #define sk_X509_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509) /* This is used for a table of trust checking functions */ @@ -303,6 +489,37 @@ typedef struct x509_trust_st { } X509_TRUST; DECLARE_STACK_OF(X509_TRUST) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_TRUST_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_TRUST_new_null() sk_new_null() + #define sk_X509_TRUST_free(a) sk_free(a) + #define sk_X509_TRUST_num(a) sk_num(a) + #define sk_X509_TRUST_value(a,b) ((X509_TRUST *) \ + sk_value((a),(b))) + #define sk_X509_TRUST_set(a,b,c) ((X509_TRUST *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_TRUST_zero(a) sk_zero(a) + #define sk_X509_TRUST_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_TRUST_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_TRUST_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_TRUST_delete(a,b) ((X509_TRUST *) \ + sk_delete((a),(b))) + #define sk_X509_TRUST_delete_ptr(a,b) ((X509_TRUST *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_TRUST_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_TRUST_set_cmp_func(a,b) ((int (*) \ + (const X509_TRUST * const *,const X509_TRUST * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_TRUST_dup(a) sk_dup(a) + #define sk_X509_TRUST_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_TRUST_shift(a) ((X509_TRUST *)sk_shift(a)) + #define sk_X509_TRUST_pop(a) ((X509_TRUST *)sk_pop(a)) + #define sk_X509_TRUST_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* standard trust ids */ @@ -338,6 +555,37 @@ typedef struct X509_revoked_st } X509_REVOKED; DECLARE_STACK_OF(X509_REVOKED) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_REVOKED_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_REVOKED_new_null() sk_new_null() + #define sk_X509_REVOKED_free(a) sk_free(a) + #define sk_X509_REVOKED_num(a) sk_num(a) + #define sk_X509_REVOKED_value(a,b) ((X509_REVOKED *) \ + sk_value((a),(b))) + #define sk_X509_REVOKED_set(a,b,c) ((X509_REVOKED *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_REVOKED_zero(a) sk_zero(a) + #define sk_X509_REVOKED_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_REVOKED_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_REVOKED_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_REVOKED_delete(a,b) ((X509_REVOKED *) \ + sk_delete((a),(b))) + #define sk_X509_REVOKED_delete_ptr(a,b) ((X509_REVOKED *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_REVOKED_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_REVOKED_set_cmp_func(a,b) ((int (*) \ + (const X509_REVOKED * const *,const X509_REVOKED * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_REVOKED_dup(a) sk_dup(a) + #define sk_X509_REVOKED_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_REVOKED_shift(a) ((X509_REVOKED *)sk_shift(a)) + #define sk_X509_REVOKED_pop(a) ((X509_REVOKED *)sk_pop(a)) + #define sk_X509_REVOKED_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_REVOKED) typedef struct X509_crl_info_st @@ -361,6 +609,37 @@ typedef struct X509_crl_st } X509_CRL; DECLARE_STACK_OF(X509_CRL) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_CRL_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_CRL_new_null() sk_new_null() + #define sk_X509_CRL_free(a) sk_free(a) + #define sk_X509_CRL_num(a) sk_num(a) + #define sk_X509_CRL_value(a,b) ((X509_CRL *) \ + sk_value((a),(b))) + #define sk_X509_CRL_set(a,b,c) ((X509_CRL *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_CRL_zero(a) sk_zero(a) + #define sk_X509_CRL_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_CRL_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_CRL_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_CRL_delete(a,b) ((X509_CRL *) \ + sk_delete((a),(b))) + #define sk_X509_CRL_delete_ptr(a,b) ((X509_CRL *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_CRL_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_CRL_set_cmp_func(a,b) ((int (*) \ + (const X509_CRL * const *,const X509_CRL * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_CRL_dup(a) sk_dup(a) + #define sk_X509_CRL_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_CRL_shift(a) ((X509_CRL *)sk_shift(a)) + #define sk_X509_CRL_pop(a) ((X509_CRL *)sk_pop(a)) + #define sk_X509_CRL_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(X509_CRL) typedef struct private_key_st @@ -399,6 +678,37 @@ typedef struct X509_info_st } X509_INFO; DECLARE_STACK_OF(X509_INFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_INFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_INFO_new_null() sk_new_null() + #define sk_X509_INFO_free(a) sk_free(a) + #define sk_X509_INFO_num(a) sk_num(a) + #define sk_X509_INFO_value(a,b) ((X509_INFO *) \ + sk_value((a),(b))) + #define sk_X509_INFO_set(a,b,c) ((X509_INFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_INFO_zero(a) sk_zero(a) + #define sk_X509_INFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_INFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_INFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_INFO_delete(a,b) ((X509_INFO *) \ + sk_delete((a),(b))) + #define sk_X509_INFO_delete_ptr(a,b) ((X509_INFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_INFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_INFO_set_cmp_func(a,b) ((int (*) \ + (const X509_INFO * const *,const X509_INFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_INFO_dup(a) sk_dup(a) + #define sk_X509_INFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_INFO_shift(a) ((X509_INFO *)sk_shift(a)) + #define sk_X509_INFO_pop(a) ((X509_INFO *)sk_pop(a)) + #define sk_X509_INFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ #endif /* The next 2 structures and their 8 routines were sent to me by @@ -659,11 +969,14 @@ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_digest(X509 *data,const EVP_MD *type,unsigned char *md,unsigned int *len); -int X509_CRL_digest(X509_CRL *data,const EVP_MD *type,unsigned char *md,unsigned int *len); -int X509_REQ_digest(X509_REQ *data,const EVP_MD *type,unsigned char *md,unsigned int *len); -int X509_NAME_digest(X509_NAME *data,const EVP_MD *type, - unsigned char *md,unsigned int *len); +int X509_digest(const X509 *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); +int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); +int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); +int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, + unsigned char *md, unsigned int *len); #endif #ifndef NO_FP_API @@ -963,20 +1276,20 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req, int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); -int X509_issuer_and_serial_cmp(X509 *a, X509 *b); +int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); unsigned long X509_issuer_and_serial_hash(X509 *a); -int X509_issuer_name_cmp(X509 *a, X509 *b); +int X509_issuer_name_cmp(const X509 *a, const X509 *b); unsigned long X509_issuer_name_hash(X509 *a); -int X509_subject_name_cmp(X509 *a,X509 *b); +int X509_subject_name_cmp(const X509 *a, const X509 *b); unsigned long X509_subject_name_hash(X509 *x); -int X509_cmp (X509 *a, X509 *b); -int X509_NAME_cmp (X509_NAME *a, X509_NAME *b); +int X509_cmp(const X509 *a, const X509 *b); +int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); unsigned long X509_NAME_hash(X509_NAME *x); -int X509_CRL_cmp(X509_CRL *a,X509_CRL *b); +int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); #ifndef NO_FP_API int X509_print_fp(FILE *bp,X509 *x); int X509_CRL_print_fp(FILE *bp,X509_CRL *x); diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index a8a5ca8b03..b147d573d2 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -63,7 +63,7 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> -int X509_issuer_and_serial_cmp(X509 *a, X509 *b) +int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) { int i; X509_CINF *ai,*bi; @@ -97,17 +97,17 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) } #endif -int X509_issuer_name_cmp(X509 *a, X509 *b) +int X509_issuer_name_cmp(const X509 *a, const X509 *b) { return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); } -int X509_subject_name_cmp(X509 *a, X509 *b) +int X509_subject_name_cmp(const X509 *a, const X509 *b) { return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); } -int X509_CRL_cmp(X509_CRL *a, X509_CRL *b) +int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) { return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); } @@ -139,19 +139,25 @@ unsigned long X509_subject_name_hash(X509 *x) #ifndef NO_SHA /* Compare two certificates: they must be identical for - * this to work. + * this to work. NB: Although "cmp" operations are generally + * prototyped to take "const" arguments (eg. for use in + * STACKs), the way X509 handling is - these operations may + * involve ensuring the hashes are up-to-date and ensuring + * certain cert information is cached. So this is the point + * where the "depth-first" constification tree has to halt + * with an evil cast. */ -int X509_cmp(X509 *a, X509 *b) +int X509_cmp(const X509 *a, const X509 *b) { /* ensure hash is valid */ - X509_check_purpose(a, -1, 0); - X509_check_purpose(b, -1, 0); + X509_check_purpose((X509 *)a, -1, 0); + X509_check_purpose((X509 *)b, -1, 0); return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); } #endif -int X509_NAME_cmp(X509_NAME *a, X509_NAME *b) +int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) { int i,j; X509_NAME_ENTRY *na,*nb; @@ -198,14 +204,14 @@ unsigned long X509_NAME_hash(X509_NAME *x) i=i2d_X509_NAME(x,NULL); if (i > sizeof(str)) - p=Malloc(i); + p=OPENSSL_malloc(i); else p=str; pp=p; i2d_X509_NAME(x,&pp); MD5((unsigned char *)p,i,&(md[0])); - if (p != str) Free(p); + if (p != str) OPENSSL_free(p); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index a20006d67e..5e5458568f 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -68,7 +68,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *ret; - ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP)); + ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP)); if (ret == NULL) return(NULL); ret->init=0; @@ -78,7 +78,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) ret->store_ctx=NULL; if ((method->new_item != NULL) && !method->new_item(ret)) { - Free(ret); + OPENSSL_free(ret); return(NULL); } return(ret); @@ -90,7 +90,7 @@ void X509_LOOKUP_free(X509_LOOKUP *ctx) if ( (ctx->method != NULL) && (ctx->method->free != NULL)) ctx->method->free(ctx); - Free(ctx); + OPENSSL_free(ctx); } int X509_LOOKUP_init(X509_LOOKUP *ctx) @@ -197,7 +197,7 @@ X509_STORE *X509_STORE_new(void) { X509_STORE *ret; - if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL) + if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL) return(NULL); ret->certs=lh_new(x509_object_hash,x509_object_cmp); ret->cache=1; @@ -223,7 +223,7 @@ static void cleanup(X509_OBJECT *a) else abort(); - Free(a); + OPENSSL_free(a); } void X509_STORE_free(X509_STORE *vfy) @@ -247,7 +247,7 @@ void X509_STORE_free(X509_STORE *vfy) CRYPTO_free_ex_data(x509_store_meth,vfy,&vfy->ex_data); lh_doall(vfy->certs,cleanup); lh_free(vfy->certs); - Free(vfy); + OPENSSL_free(vfy); } X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) @@ -384,7 +384,7 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h, int type, X509_STORE_CTX *X509_STORE_CTX_new(void) { X509_STORE_CTX *ctx; - ctx = (X509_STORE_CTX *)Malloc(sizeof(X509_STORE_CTX)); + ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); if(ctx) memset(ctx, 0, sizeof(X509_STORE_CTX)); return ctx; } @@ -392,7 +392,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) void X509_STORE_CTX_free(X509_STORE_CTX *ctx) { X509_STORE_CTX_cleanup(ctx); - Free(ctx); + OPENSSL_free(ctx); } void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c index 691b71f031..6a3ba8eb15 100644 --- a/crypto/x509/x509_obj.c +++ b/crypto/x509/x509_obj.c @@ -91,7 +91,7 @@ int i; if(b) { buf=b->data; - Free(b); + OPENSSL_free(b); } strncpy(buf,"NO X509_NAME",len); return buf; @@ -210,7 +210,7 @@ int i; if (b != NULL) { p=b->data; - Free(b); + OPENSSL_free(b); } else p=buf; diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index baef8790eb..7eca1bd57a 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -83,7 +83,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ri=ret->req_info; ri->version->length=1; - ri->version->data=(unsigned char *)Malloc(1); + ri->version->data=(unsigned char *)OPENSSL_malloc(1); if (ri->version->data == NULL) goto err; ri->version->data[0]=0; /* version == 0 */ @@ -188,7 +188,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, /* Generate encoding of extensions */ len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(p = Malloc(len))) goto err; + if(!(p = OPENSSL_malloc(len))) goto err; q = p; i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); @@ -204,7 +204,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; return 1; err: - if(p) Free(p); + if(p) OPENSSL_free(p); X509_ATTRIBUTE_free(attr); ASN1_TYPE_free(at); return 0; diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index c779aaf94d..a7b1543461 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -61,7 +61,8 @@ #include <openssl/x509v3.h> -static int tr_cmp(X509_TRUST **a, X509_TRUST **b); +static int tr_cmp(const X509_TRUST * const *a, + const X509_TRUST * const *b); static void trtable_free(X509_TRUST *p); static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); @@ -88,7 +89,8 @@ IMPLEMENT_STACK_OF(X509_TRUST) static STACK_OF(X509_TRUST) *trtable = NULL; -static int tr_cmp(X509_TRUST **a, X509_TRUST **b) +static int tr_cmp(const X509_TRUST * const *a, + const X509_TRUST * const *b) { return (*a)->trust - (*b)->trust; } @@ -152,15 +154,15 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), idx = X509_TRUST_get_by_id(id); /* Need a new entry */ if(idx == -1) { - if(!(trtmp = Malloc(sizeof(X509_TRUST)))) { + if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; } else trtmp = X509_TRUST_get0(idx); - /* Free existing name if dynamic */ - if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) Free(trtmp->name); + /* OPENSSL_free existing name if dynamic */ + if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name); /* dup supplied name */ if(!(trtmp->name = BUF_strdup(name))) { X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); @@ -196,8 +198,8 @@ static void trtable_free(X509_TRUST *p) if (p->flags & X509_TRUST_DYNAMIC) { if (p->flags & X509_TRUST_DYNAMIC_NAME) - Free(p->name); - Free(p); + OPENSSL_free(p->name); + OPENSSL_free(p); } } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 3ddb2303d3..e9311d5ea8 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -612,7 +612,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) int ret=1; if (x == NULL) return(0); - obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); + obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); @@ -630,7 +630,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { /* oops, put it back */ lh_delete(ctx->certs,obj); X509_OBJECT_free_contents(obj); - Free(obj); + OPENSSL_free(obj); lh_insert(ctx->certs,r); X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; @@ -647,7 +647,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) int ret=1; if (x == NULL) return(0); - obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); + obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE); @@ -665,7 +665,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { /* oops, put it back */ lh_delete(ctx->certs,obj); X509_OBJECT_free_contents(obj); - Free(obj); + OPENSSL_free(obj); lh_insert(ctx->certs,r); X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h index 9173943dcd..313b867802 100644 --- a/crypto/x509/x509_vfy.h +++ b/crypto/x509/x509_vfy.h @@ -128,6 +128,37 @@ typedef struct x509_object_st typedef struct x509_lookup_st X509_LOOKUP; DECLARE_STACK_OF(X509_LOOKUP) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_LOOKUP_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_LOOKUP_new_null() sk_new_null() + #define sk_X509_LOOKUP_free(a) sk_free(a) + #define sk_X509_LOOKUP_num(a) sk_num(a) + #define sk_X509_LOOKUP_value(a,b) ((X509_LOOKUP *) \ + sk_value((a),(b))) + #define sk_X509_LOOKUP_set(a,b,c) ((X509_LOOKUP *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_LOOKUP_zero(a) sk_zero(a) + #define sk_X509_LOOKUP_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_LOOKUP_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_LOOKUP_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_LOOKUP_delete(a,b) ((X509_LOOKUP *) \ + sk_delete((a),(b))) + #define sk_X509_LOOKUP_delete_ptr(a,b) ((X509_LOOKUP *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_LOOKUP_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_LOOKUP_set_cmp_func(a,b) ((int (*) \ + (const X509_LOOKUP * const *,const X509_LOOKUP * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_LOOKUP_dup(a) sk_dup(a) + #define sk_X509_LOOKUP_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_LOOKUP_shift(a) ((X509_LOOKUP *)sk_shift(a)) + #define sk_X509_LOOKUP_pop(a) ((X509_LOOKUP *)sk_pop(a)) + #define sk_X509_LOOKUP_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* This is a static that defines the function interface */ typedef struct x509_lookup_method_st diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c index b35c3f92e7..fd0a534d88 100644 --- a/crypto/x509/x509spki.c +++ b/crypto/x509/x509spki.c @@ -82,7 +82,7 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) int spki_len; NETSCAPE_SPKI *spki; if(len <= 0) len = strlen(str); - if (!(spki_der = Malloc(len + 1))) { + if (!(spki_der = OPENSSL_malloc(len + 1))) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE); return NULL; } @@ -90,12 +90,12 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) if(spki_len < 0) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, X509_R_BASE64_DECODE_ERROR); - Free(spki_der); + OPENSSL_free(spki_der); return NULL; } p = spki_der; spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); - Free(spki_der); + OPENSSL_free(spki_der); return spki; } @@ -107,8 +107,8 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) char *b64_str; int der_len; der_len = i2d_NETSCAPE_SPKI(spki, NULL); - der_spki = Malloc(der_len); - b64_str = Malloc(der_len * 2); + der_spki = OPENSSL_malloc(der_len); + b64_str = OPENSSL_malloc(der_len * 2); if(!der_spki || !b64_str) { X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); return NULL; @@ -116,6 +116,6 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) p = der_spki; i2d_NETSCAPE_SPKI(spki, &p); EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len); - Free(der_spki); + OPENSSL_free(der_spki); return b64_str; } diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index b67ca243dc..dd5796e205 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -411,25 +411,25 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne) (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); } -int X509_digest(X509 *data, const EVP_MD *type, unsigned char *md, +int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); } -int X509_CRL_digest(X509_CRL *data, const EVP_MD *type, unsigned char *md, +int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len)); } -int X509_REQ_digest(X509_REQ *data, const EVP_MD *type, unsigned char *md, +int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len)); } -int X509_NAME_digest(X509_NAME *data, const EVP_MD *type, unsigned char *md, +int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c index 96c04fe4f5..877ae7da7b 100644 --- a/crypto/x509v3/v3_akey.c +++ b/crypto/x509v3/v3_akey.c @@ -132,7 +132,7 @@ void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a) M_ASN1_OCTET_STRING_free(a->keyid); sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free); M_ASN1_INTEGER_free (a->serial); - Free (a); + OPENSSL_free (a); } static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, @@ -142,7 +142,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, if(akeyid->keyid) { tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); X509V3_add_value("keyid", tmp, &extlist); - Free(tmp); + OPENSSL_free(tmp); } if(akeyid->issuer) extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); @@ -150,7 +150,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, tmp = hex_to_string(akeyid->serial->data, akeyid->serial->length); X509V3_add_value("serial", tmp, &extlist); - Free(tmp); + OPENSSL_free(tmp); } return extlist; } diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c index 1e3edc205f..c576b8e955 100644 --- a/crypto/x509v3/v3_bcons.c +++ b/crypto/x509v3/v3_bcons.c @@ -123,7 +123,7 @@ void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a) { if (a == NULL) return; M_ASN1_INTEGER_free (a->pathlen); - Free (a); + OPENSSL_free (a); } static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index b2f03010cc..bdc9c1cbc1 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -167,7 +167,7 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, X509_EXTENSION *ext; /* Convert internal representation to DER */ ext_len = method->i2d(ext_struc, NULL); - if(!(ext_der = Malloc(ext_len))) goto merr; + if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr; p = ext_der; method->i2d(ext_struc, &p); if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr; @@ -255,7 +255,7 @@ extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct); err: ASN1_OBJECT_free(obj); M_ASN1_OCTET_STRING_free(oct); -if(ext_der) Free(ext_der); +if(ext_der) OPENSSL_free(ext_der); return extension; } diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c index da9dbe1c10..8203ed7571 100644 --- a/crypto/x509v3/v3_cpols.c +++ b/crypto/x509v3/v3_cpols.c @@ -401,7 +401,7 @@ void POLICYINFO_free(POLICYINFO *a) if (a == NULL) return; ASN1_OBJECT_free(a->policyid); sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free); - Free (a); + OPENSSL_free (a); } static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, @@ -451,7 +451,7 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) if(i) BIO_puts(out, ", "); tmp = i2s_ASN1_INTEGER(NULL, num); BIO_puts(out, tmp); - Free(tmp); + OPENSSL_free(tmp); } BIO_puts(out, "\n"); } @@ -553,7 +553,7 @@ void POLICYQUALINFO_free(POLICYQUALINFO *a) } ASN1_OBJECT_free(a->pqualid); - Free (a); + OPENSSL_free (a); } int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp) @@ -599,7 +599,7 @@ void USERNOTICE_free(USERNOTICE *a) if (a == NULL) return; NOTICEREF_free(a->noticeref); M_DISPLAYTEXT_free(a->exptext); - Free (a); + OPENSSL_free (a); } int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp) @@ -653,7 +653,7 @@ void NOTICEREF_free(NOTICEREF *a) if (a == NULL) return; M_DISPLAYTEXT_free(a->organization); sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free); - Free (a); + OPENSSL_free (a); } IMPLEMENT_STACK_OF(POLICYQUALINFO) diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c index e459d2595a..4fd61f2cf3 100644 --- a/crypto/x509v3/v3_crld.c +++ b/crypto/x509v3/v3_crld.c @@ -213,7 +213,7 @@ void DIST_POINT_free(DIST_POINT *a) DIST_POINT_NAME_free(a->distpoint); M_ASN1_BIT_STRING_free(a->reasons); sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free); - Free (a); + OPENSSL_free (a); } int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp) @@ -256,7 +256,7 @@ void DIST_POINT_NAME_free(DIST_POINT_NAME *a) if (a == NULL) return; sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free); sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free); - Free (a); + OPENSSL_free (a); } DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c index 894afa7e03..2de1c4b428 100644 --- a/crypto/x509v3/v3_genn.c +++ b/crypto/x509v3/v3_genn.c @@ -211,7 +211,7 @@ void GENERAL_NAME_free(GENERAL_NAME *a) break; } - Free (a); + OPENSSL_free (a); } /* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as @@ -286,6 +286,6 @@ void OTHERNAME_free(OTHERNAME *a) if (a == NULL) return; ASN1_OBJECT_free(a->type_id); ASN1_TYPE_free(a->value); - Free (a); + OPENSSL_free (a); } diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c index af3525f33e..f3bba38269 100644 --- a/crypto/x509v3/v3_ia5.c +++ b/crypto/x509v3/v3_ia5.c @@ -82,7 +82,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { char *tmp; if(!ia5 || !ia5->length) return NULL; - tmp = Malloc(ia5->length + 1); + tmp = OPENSSL_malloc(ia5->length + 1); memcpy(tmp, ia5->data, ia5->length); tmp[ia5->length] = 0; return tmp; diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c index 78d2135046..9ada0b310b 100644 --- a/crypto/x509v3/v3_info.c +++ b/crypto/x509v3/v3_info.c @@ -94,7 +94,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method if(!ret) break; vtmp = sk_CONF_VALUE_value(ret, i); i2t_ASN1_OBJECT(objtmp, 80, desc->method); - ntmp = Malloc(strlen(objtmp) + strlen(vtmp->name) + 5); + ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5); if(!ntmp) { X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); @@ -103,7 +103,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method strcpy(ntmp, objtmp); strcat(ntmp, " - "); strcat(ntmp, vtmp->name); - Free(vtmp->name); + OPENSSL_free(vtmp->name); vtmp->name = ntmp; } @@ -140,7 +140,7 @@ static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD ctmp.value = cnf->value; if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp))) goto err; - if(!(objtmp = Malloc(objlen + 1))) { + if(!(objtmp = OPENSSL_malloc(objlen + 1))) { X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); goto err; } @@ -150,10 +150,10 @@ static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD if(!acc->method) { X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); - Free(objtmp); + OPENSSL_free(objtmp); goto err; } - Free(objtmp); + OPENSSL_free(objtmp); } return ainfo; @@ -204,7 +204,7 @@ void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a) if (a == NULL) return; ASN1_OBJECT_free(a->method); GENERAL_NAME_free(a->location); - Free (a); + OPENSSL_free (a); } STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void) diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c index dcdf7d607d..8f90970297 100644 --- a/crypto/x509v3/v3_lib.c +++ b/crypto/x509v3/v3_lib.c @@ -66,7 +66,8 @@ static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL; -static int ext_cmp(X509V3_EXT_METHOD **a, X509V3_EXT_METHOD **b); +static int ext_cmp(const X509V3_EXT_METHOD * const *a, + const X509V3_EXT_METHOD * const *b); static void ext_list_free(X509V3_EXT_METHOD *ext); int X509V3_EXT_add(X509V3_EXT_METHOD *ext) @@ -82,7 +83,8 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext) return 1; } -static int ext_cmp(X509V3_EXT_METHOD **a, X509V3_EXT_METHOD **b) +static int ext_cmp(const X509V3_EXT_METHOD * const *a, + const X509V3_EXT_METHOD * const *b) { return ((*a)->ext_nid - (*b)->ext_nid); } @@ -125,7 +127,7 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); return 0; } - if(!(tmpext = (X509V3_EXT_METHOD *)Malloc(sizeof(X509V3_EXT_METHOD)))) { + if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); return 0; } @@ -143,7 +145,7 @@ void X509V3_EXT_cleanup(void) static void ext_list_free(X509V3_EXT_METHOD *ext) { - if(ext->ext_flags & X509V3_EXT_DYNAMIC) Free(ext); + if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext); } /* Legacy function: we don't need to add standard extensions diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c index 30a62c6090..47f9e8f123 100644 --- a/crypto/x509v3/v3_pku.c +++ b/crypto/x509v3/v3_pku.c @@ -121,7 +121,7 @@ void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a) if (a == NULL) return; M_ASN1_GENERALIZEDTIME_free(a->notBefore); M_ASN1_GENERALIZEDTIME_free(a->notAfter); - Free (a); + OPENSSL_free (a); } static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index bee624c6be..dbc4fb1f16 100644 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -133,7 +133,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent) err: sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - if(value) Free(value); + if(value) OPENSSL_free(value); method->ext_free(ext_str); return ok; } diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 7b4055f1fa..d84d0130ae 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -63,18 +63,19 @@ static void x509v3_cache_extensions(X509 *x); -static int ca_check(X509 *x); -static int check_ssl_ca(X509 *x); -static int check_purpose_ssl_client(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_ssl_server(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_ns_ssl_server(X509_PURPOSE *xp, X509 *x, int ca); -static int purpose_smime(X509 *x, int ca); -static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca); -static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca); -static int no_check(X509_PURPOSE *xp, X509 *x, int ca); - -static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b); +static int ca_check(const X509 *x); +static int check_ssl_ca(const X509 *x); +static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca); +static int purpose_smime(const X509 *x, int ca); +static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca); +static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca); +static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca); + +static int xp_cmp(const X509_PURPOSE * const *a, + const X509_PURPOSE * const *b); static void xptable_free(X509_PURPOSE *p); static X509_PURPOSE xstandard[] = { @@ -93,15 +94,19 @@ IMPLEMENT_STACK_OF(X509_PURPOSE) static STACK_OF(X509_PURPOSE) *xptable = NULL; -static int xp_cmp(X509_PURPOSE **a, X509_PURPOSE **b) +static int xp_cmp(const X509_PURPOSE * const *a, + const X509_PURPOSE * const *b) { return (*a)->purpose - (*b)->purpose; } +/* As much as I'd like to make X509_check_purpose use a "const" X509* + * I really can't because it does recalculate hashes and do other non-const + * things. */ int X509_check_purpose(X509 *x, int id, int ca) { int idx; - X509_PURPOSE *pt; + const X509_PURPOSE *pt; if(!(x->ex_flags & EXFLAG_SET)) { CRYPTO_w_lock(CRYPTO_LOCK_X509); x509v3_cache_extensions(x); @@ -153,7 +158,7 @@ int X509_PURPOSE_get_by_id(int purpose) } int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(X509_PURPOSE *, X509 *, int), + int (*ck)(const X509_PURPOSE *, const X509 *, int), char *name, char *sname, void *arg) { int idx; @@ -166,17 +171,17 @@ int X509_PURPOSE_add(int id, int trust, int flags, idx = X509_PURPOSE_get_by_id(id); /* Need a new entry */ if(idx == -1) { - if(!(ptmp = Malloc(sizeof(X509_PURPOSE)))) { + if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; } else ptmp = X509_PURPOSE_get0(idx); - /* Free existing name if dynamic */ + /* OPENSSL_free existing name if dynamic */ if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) { - Free(ptmp->name); - Free(ptmp->sname); + OPENSSL_free(ptmp->name); + OPENSSL_free(ptmp->sname); } /* dup supplied name */ ptmp->name = BUF_strdup(name); @@ -215,10 +220,10 @@ static void xptable_free(X509_PURPOSE *p) if (p->flags & X509_PURPOSE_DYNAMIC) { if (p->flags & X509_PURPOSE_DYNAMIC_NAME) { - Free(p->name); - Free(p->sname); + OPENSSL_free(p->name); + OPENSSL_free(p->sname); } - Free(p); + OPENSSL_free(p); } } @@ -343,7 +348,7 @@ static void x509v3_cache_extensions(X509 *x) #define ns_reject(x, usage) \ (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage))) -static int ca_check(X509 *x) +static int ca_check(const X509 *x) { /* keyUsage if present should allow cert signing */ if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0; @@ -358,7 +363,7 @@ static int ca_check(X509 *x) } /* Check SSL CA: common checks for SSL client and server */ -static int check_ssl_ca(X509 *x) +static int check_ssl_ca(const X509 *x) { int ca_ret; ca_ret = ca_check(x); @@ -373,7 +378,7 @@ static int check_ssl_ca(X509 *x) } -static int check_purpose_ssl_client(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca) { if(xku_reject(x,XKU_SSL_CLIENT)) return 0; if(ca) return check_ssl_ca(x); @@ -384,7 +389,7 @@ static int check_purpose_ssl_client(X509_PURPOSE *xp, X509 *x, int ca) return 1; } -static int check_purpose_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) { if(xku_reject(x,XKU_SSL_SERVER|XKU_SGC)) return 0; if(ca) return check_ssl_ca(x); @@ -397,7 +402,7 @@ static int check_purpose_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) } -static int check_purpose_ns_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) { int ret; ret = check_purpose_ssl_server(xp, x, ca); @@ -408,7 +413,7 @@ static int check_purpose_ns_ssl_server(X509_PURPOSE *xp, X509 *x, int ca) } /* common S/MIME checks */ -static int purpose_smime(X509 *x, int ca) +static int purpose_smime(const X509 *x, int ca) { if(xku_reject(x,XKU_SMIME)) return 0; if(ca) { @@ -432,7 +437,7 @@ static int purpose_smime(X509 *x, int ca) return 1; } -static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca) { int ret; ret = purpose_smime(x, ca); @@ -441,7 +446,7 @@ static int check_purpose_smime_sign(X509_PURPOSE *xp, X509 *x, int ca) return ret; } -static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca) { int ret; ret = purpose_smime(x, ca); @@ -450,7 +455,7 @@ static int check_purpose_smime_encrypt(X509_PURPOSE *xp, X509 *x, int ca) return ret; } -static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) +static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca) { if(ca) { int ca_ret; @@ -461,7 +466,7 @@ static int check_purpose_crl_sign(X509_PURPOSE *xp, X509 *x, int ca) return 1; } -static int no_check(X509_PURPOSE *xp, X509 *x, int ca) +static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca) { return 1; } diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c index 20ba8ac8d6..bfecacd336 100644 --- a/crypto/x509v3/v3_sxnet.c +++ b/crypto/x509v3/v3_sxnet.c @@ -132,7 +132,7 @@ void SXNET_free(SXNET *a) if (a == NULL) return; M_ASN1_INTEGER_free(a->version); sk_SXNETID_pop_free(a->ids, SXNETID_free); - Free (a); + OPENSSL_free (a); } int i2d_SXNETID(SXNETID *a, unsigned char **pp) @@ -176,7 +176,7 @@ void SXNETID_free(SXNETID *a) if (a == NULL) return; M_ASN1_INTEGER_free(a->zone); M_ASN1_OCTET_STRING_free(a->user); - Free (a); + OPENSSL_free (a); } static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, @@ -192,7 +192,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, id = sk_SXNETID_value(sx->ids, i); tmp = i2s_ASN1_INTEGER(NULL, id->zone); BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); - Free(tmp); + OPENSSL_free(tmp); M_ASN1_OCTET_STRING_print(out, id->user); } return 1; diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index 4c2c4a9483..3f567180c5 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -75,7 +75,7 @@ int X509V3_add_value(const char *name, const char *value, char *tname = NULL, *tvalue = NULL; if(name && !(tname = BUF_strdup(name))) goto err; if(value && !(tvalue = BUF_strdup(value))) goto err;; - if(!(vtmp = (CONF_VALUE *)Malloc(sizeof(CONF_VALUE)))) goto err; + if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; if(!*extlist && !(*extlist = sk_CONF_VALUE_new(NULL))) goto err; vtmp->section = NULL; vtmp->name = tname; @@ -84,9 +84,9 @@ int X509V3_add_value(const char *name, const char *value, return 1; err: X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE); - if(vtmp) Free(vtmp); - if(tname) Free(tname); - if(tvalue) Free(tvalue); + if(vtmp) OPENSSL_free(vtmp); + if(tname) OPENSSL_free(tname); + if(tvalue) OPENSSL_free(tvalue); return 0; } @@ -101,10 +101,10 @@ int X509V3_add_value_uchar(const char *name, const unsigned char *value, void X509V3_conf_free(CONF_VALUE *conf) { if(!conf) return; - if(conf->name) Free(conf->name); - if(conf->value) Free(conf->value); - if(conf->section) Free(conf->section); - Free(conf); + if(conf->name) OPENSSL_free(conf->name); + if(conf->value) OPENSSL_free(conf->value); + if(conf->section) OPENSSL_free(conf->section); + OPENSSL_free(conf); } int X509V3_add_value_bool(const char *name, int asn1_bool, @@ -176,7 +176,7 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, if(!aint) return 1; if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0; ret = X509V3_add_value(name, strtmp, extlist); - Free(strtmp); + OPENSSL_free(strtmp); return ret; } @@ -298,11 +298,11 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line) } X509V3_add_value(ntmp, NULL, &values); } -Free(linebuf); +OPENSSL_free(linebuf); return values; err: -Free(linebuf); +OPENSSL_free(linebuf); sk_CONF_VALUE_pop_free(values, X509V3_conf_free); return NULL; @@ -325,7 +325,7 @@ static char *strip_spaces(char *name) /* hex string utilities */ -/* Given a buffer of length 'len' return a Malloc'ed string with its +/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its * hex representation */ @@ -336,7 +336,7 @@ char *hex_to_string(unsigned char *buffer, long len) int i; static char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; - if(!(tmp = Malloc(len * 3 + 1))) { + if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); return NULL; } @@ -362,14 +362,14 @@ unsigned char *string_to_hex(char *str, long *len) X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } - if(!(hexbuf = Malloc(strlen(str) >> 1))) goto err; + if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; for(p = (unsigned char *)str, q = hexbuf; *p;) { ch = *p++; if(ch == ':') continue; cl = *p++; if(!cl) { X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS); - Free(hexbuf); + OPENSSL_free(hexbuf); return NULL; } if(isupper(ch)) ch = tolower(ch); @@ -391,12 +391,12 @@ unsigned char *string_to_hex(char *str, long *len) return hexbuf; err: - if(hexbuf) Free(hexbuf); + if(hexbuf) OPENSSL_free(hexbuf); X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE); return NULL; badhex: - Free(hexbuf); + OPENSSL_free(hexbuf); X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT); return NULL; diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index f2225d3980..d3952c8977 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -132,6 +132,37 @@ typedef struct v3_ext_method X509V3_EXT_METHOD; typedef struct v3_ext_ctx X509V3_CTX; DECLARE_STACK_OF(X509V3_EXT_METHOD) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509V3_EXT_METHOD_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509V3_EXT_METHOD_new_null() sk_new_null() + #define sk_X509V3_EXT_METHOD_free(a) sk_free(a) + #define sk_X509V3_EXT_METHOD_num(a) sk_num(a) + #define sk_X509V3_EXT_METHOD_value(a,b) ((X509V3_EXT_METHOD *) \ + sk_value((a),(b))) + #define sk_X509V3_EXT_METHOD_set(a,b,c) ((X509V3_EXT_METHOD *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509V3_EXT_METHOD_zero(a) sk_zero(a) + #define sk_X509V3_EXT_METHOD_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509V3_EXT_METHOD_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509V3_EXT_METHOD_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509V3_EXT_METHOD_delete(a,b) ((X509V3_EXT_METHOD *) \ + sk_delete((a),(b))) + #define sk_X509V3_EXT_METHOD_delete_ptr(a,b) ((X509V3_EXT_METHOD *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509V3_EXT_METHOD_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509V3_EXT_METHOD_set_cmp_func(a,b) ((int (*) \ + (const X509V3_EXT_METHOD * const *,const X509V3_EXT_METHOD * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509V3_EXT_METHOD_dup(a) sk_dup(a) + #define sk_X509V3_EXT_METHOD_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509V3_EXT_METHOD_shift(a) ((X509V3_EXT_METHOD *)sk_shift(a)) + #define sk_X509V3_EXT_METHOD_pop(a) ((X509V3_EXT_METHOD *)sk_pop(a)) + #define sk_X509V3_EXT_METHOD_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ /* ext_flags values */ #define X509V3_EXT_DYNAMIC 0x1 @@ -186,9 +217,71 @@ typedef struct ACCESS_DESCRIPTION_st { } ACCESS_DESCRIPTION; DECLARE_STACK_OF(GENERAL_NAME) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_GENERAL_NAME_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_GENERAL_NAME_new_null() sk_new_null() + #define sk_GENERAL_NAME_free(a) sk_free(a) + #define sk_GENERAL_NAME_num(a) sk_num(a) + #define sk_GENERAL_NAME_value(a,b) ((GENERAL_NAME *) \ + sk_value((a),(b))) + #define sk_GENERAL_NAME_set(a,b,c) ((GENERAL_NAME *) \ + sk_set((a),(b),(char *)(c))) + #define sk_GENERAL_NAME_zero(a) sk_zero(a) + #define sk_GENERAL_NAME_push(a,b) sk_push((a),(char *)(b)) + #define sk_GENERAL_NAME_unshift(a,b) sk_unshift((a),(b)) + #define sk_GENERAL_NAME_find(a,b) sk_find((a), (char *)(b)) + #define sk_GENERAL_NAME_delete(a,b) ((GENERAL_NAME *) \ + sk_delete((a),(b))) + #define sk_GENERAL_NAME_delete_ptr(a,b) ((GENERAL_NAME *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_GENERAL_NAME_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_GENERAL_NAME_set_cmp_func(a,b) ((int (*) \ + (const GENERAL_NAME * const *,const GENERAL_NAME * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_GENERAL_NAME_dup(a) sk_dup(a) + #define sk_GENERAL_NAME_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_GENERAL_NAME_shift(a) ((GENERAL_NAME *)sk_shift(a)) + #define sk_GENERAL_NAME_pop(a) ((GENERAL_NAME *)sk_pop(a)) + #define sk_GENERAL_NAME_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(GENERAL_NAME) DECLARE_STACK_OF(ACCESS_DESCRIPTION) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_ACCESS_DESCRIPTION_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_ACCESS_DESCRIPTION_new_null() sk_new_null() + #define sk_ACCESS_DESCRIPTION_free(a) sk_free(a) + #define sk_ACCESS_DESCRIPTION_num(a) sk_num(a) + #define sk_ACCESS_DESCRIPTION_value(a,b) ((ACCESS_DESCRIPTION *) \ + sk_value((a),(b))) + #define sk_ACCESS_DESCRIPTION_set(a,b,c) ((ACCESS_DESCRIPTION *) \ + sk_set((a),(b),(char *)(c))) + #define sk_ACCESS_DESCRIPTION_zero(a) sk_zero(a) + #define sk_ACCESS_DESCRIPTION_push(a,b) sk_push((a),(char *)(b)) + #define sk_ACCESS_DESCRIPTION_unshift(a,b) sk_unshift((a),(b)) + #define sk_ACCESS_DESCRIPTION_find(a,b) sk_find((a), (char *)(b)) + #define sk_ACCESS_DESCRIPTION_delete(a,b) ((ACCESS_DESCRIPTION *) \ + sk_delete((a),(b))) + #define sk_ACCESS_DESCRIPTION_delete_ptr(a,b) ((ACCESS_DESCRIPTION *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_ACCESS_DESCRIPTION_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_ACCESS_DESCRIPTION_set_cmp_func(a,b) ((int (*) \ + (const ACCESS_DESCRIPTION * const *,const ACCESS_DESCRIPTION * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_ACCESS_DESCRIPTION_dup(a) sk_dup(a) + #define sk_ACCESS_DESCRIPTION_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_ACCESS_DESCRIPTION_shift(a) ((ACCESS_DESCRIPTION *)sk_shift(a)) + #define sk_ACCESS_DESCRIPTION_pop(a) ((ACCESS_DESCRIPTION *)sk_pop(a)) + #define sk_ACCESS_DESCRIPTION_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) typedef struct DIST_POINT_NAME_st { @@ -204,6 +297,37 @@ STACK_OF(GENERAL_NAME) *CRLissuer; } DIST_POINT; DECLARE_STACK_OF(DIST_POINT) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_DIST_POINT_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_DIST_POINT_new_null() sk_new_null() + #define sk_DIST_POINT_free(a) sk_free(a) + #define sk_DIST_POINT_num(a) sk_num(a) + #define sk_DIST_POINT_value(a,b) ((DIST_POINT *) \ + sk_value((a),(b))) + #define sk_DIST_POINT_set(a,b,c) ((DIST_POINT *) \ + sk_set((a),(b),(char *)(c))) + #define sk_DIST_POINT_zero(a) sk_zero(a) + #define sk_DIST_POINT_push(a,b) sk_push((a),(char *)(b)) + #define sk_DIST_POINT_unshift(a,b) sk_unshift((a),(b)) + #define sk_DIST_POINT_find(a,b) sk_find((a), (char *)(b)) + #define sk_DIST_POINT_delete(a,b) ((DIST_POINT *) \ + sk_delete((a),(b))) + #define sk_DIST_POINT_delete_ptr(a,b) ((DIST_POINT *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_DIST_POINT_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_DIST_POINT_set_cmp_func(a,b) ((int (*) \ + (const DIST_POINT * const *,const DIST_POINT * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_DIST_POINT_dup(a) sk_dup(a) + #define sk_DIST_POINT_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_DIST_POINT_shift(a) ((DIST_POINT *)sk_shift(a)) + #define sk_DIST_POINT_pop(a) ((DIST_POINT *)sk_pop(a)) + #define sk_DIST_POINT_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(DIST_POINT) typedef struct AUTHORITY_KEYID_st { @@ -220,6 +344,37 @@ typedef struct SXNET_ID_st { } SXNETID; DECLARE_STACK_OF(SXNETID) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_SXNETID_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_SXNETID_new_null() sk_new_null() + #define sk_SXNETID_free(a) sk_free(a) + #define sk_SXNETID_num(a) sk_num(a) + #define sk_SXNETID_value(a,b) ((SXNETID *) \ + sk_value((a),(b))) + #define sk_SXNETID_set(a,b,c) ((SXNETID *) \ + sk_set((a),(b),(char *)(c))) + #define sk_SXNETID_zero(a) sk_zero(a) + #define sk_SXNETID_push(a,b) sk_push((a),(char *)(b)) + #define sk_SXNETID_unshift(a,b) sk_unshift((a),(b)) + #define sk_SXNETID_find(a,b) sk_find((a), (char *)(b)) + #define sk_SXNETID_delete(a,b) ((SXNETID *) \ + sk_delete((a),(b))) + #define sk_SXNETID_delete_ptr(a,b) ((SXNETID *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_SXNETID_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_SXNETID_set_cmp_func(a,b) ((int (*) \ + (const SXNETID * const *,const SXNETID * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_SXNETID_dup(a) sk_dup(a) + #define sk_SXNETID_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_SXNETID_shift(a) ((SXNETID *)sk_shift(a)) + #define sk_SXNETID_pop(a) ((SXNETID *)sk_pop(a)) + #define sk_SXNETID_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(SXNETID) typedef struct SXNET_st { @@ -247,6 +402,37 @@ typedef struct POLICYQUALINFO_st { } POLICYQUALINFO; DECLARE_STACK_OF(POLICYQUALINFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_POLICYQUALINFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_POLICYQUALINFO_new_null() sk_new_null() + #define sk_POLICYQUALINFO_free(a) sk_free(a) + #define sk_POLICYQUALINFO_num(a) sk_num(a) + #define sk_POLICYQUALINFO_value(a,b) ((POLICYQUALINFO *) \ + sk_value((a),(b))) + #define sk_POLICYQUALINFO_set(a,b,c) ((POLICYQUALINFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_POLICYQUALINFO_zero(a) sk_zero(a) + #define sk_POLICYQUALINFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_POLICYQUALINFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_POLICYQUALINFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_POLICYQUALINFO_delete(a,b) ((POLICYQUALINFO *) \ + sk_delete((a),(b))) + #define sk_POLICYQUALINFO_delete_ptr(a,b) ((POLICYQUALINFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_POLICYQUALINFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_POLICYQUALINFO_set_cmp_func(a,b) ((int (*) \ + (const POLICYQUALINFO * const *,const POLICYQUALINFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_POLICYQUALINFO_dup(a) sk_dup(a) + #define sk_POLICYQUALINFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_POLICYQUALINFO_shift(a) ((POLICYQUALINFO *)sk_shift(a)) + #define sk_POLICYQUALINFO_pop(a) ((POLICYQUALINFO *)sk_pop(a)) + #define sk_POLICYQUALINFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(POLICYQUALINFO) typedef struct POLICYINFO_st { @@ -255,6 +441,37 @@ typedef struct POLICYINFO_st { } POLICYINFO; DECLARE_STACK_OF(POLICYINFO) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_POLICYINFO_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_POLICYINFO_new_null() sk_new_null() + #define sk_POLICYINFO_free(a) sk_free(a) + #define sk_POLICYINFO_num(a) sk_num(a) + #define sk_POLICYINFO_value(a,b) ((POLICYINFO *) \ + sk_value((a),(b))) + #define sk_POLICYINFO_set(a,b,c) ((POLICYINFO *) \ + sk_set((a),(b),(char *)(c))) + #define sk_POLICYINFO_zero(a) sk_zero(a) + #define sk_POLICYINFO_push(a,b) sk_push((a),(char *)(b)) + #define sk_POLICYINFO_unshift(a,b) sk_unshift((a),(b)) + #define sk_POLICYINFO_find(a,b) sk_find((a), (char *)(b)) + #define sk_POLICYINFO_delete(a,b) ((POLICYINFO *) \ + sk_delete((a),(b))) + #define sk_POLICYINFO_delete_ptr(a,b) ((POLICYINFO *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_POLICYINFO_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_POLICYINFO_set_cmp_func(a,b) ((int (*) \ + (const POLICYINFO * const *,const POLICYINFO * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_POLICYINFO_dup(a) sk_dup(a) + #define sk_POLICYINFO_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_POLICYINFO_shift(a) ((POLICYINFO *)sk_shift(a)) + #define sk_POLICYINFO_pop(a) ((POLICYINFO *)sk_pop(a)) + #define sk_POLICYINFO_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ DECLARE_ASN1_SET_OF(POLICYINFO) #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ @@ -334,7 +551,8 @@ typedef struct x509_purpose_st { int purpose; int trust; /* Default trust ID */ int flags; - int (*check_purpose)(struct x509_purpose_st *, X509 *, int); + int (*check_purpose)(const struct x509_purpose_st *, + const X509 *, int); char *name; char *sname; void *usr_data; @@ -352,6 +570,37 @@ typedef struct x509_purpose_st { #define X509_PURPOSE_MAX 7 DECLARE_STACK_OF(X509_PURPOSE) +/* This block of defines is updated by a perl script, please do not touch! */ +#ifndef DEBUG_SAFESTACK + #define sk_X509_PURPOSE_new(a) sk_new((int (*) \ + (const char * const *, const char * const *))(a)) + #define sk_X509_PURPOSE_new_null() sk_new_null() + #define sk_X509_PURPOSE_free(a) sk_free(a) + #define sk_X509_PURPOSE_num(a) sk_num(a) + #define sk_X509_PURPOSE_value(a,b) ((X509_PURPOSE *) \ + sk_value((a),(b))) + #define sk_X509_PURPOSE_set(a,b,c) ((X509_PURPOSE *) \ + sk_set((a),(b),(char *)(c))) + #define sk_X509_PURPOSE_zero(a) sk_zero(a) + #define sk_X509_PURPOSE_push(a,b) sk_push((a),(char *)(b)) + #define sk_X509_PURPOSE_unshift(a,b) sk_unshift((a),(b)) + #define sk_X509_PURPOSE_find(a,b) sk_find((a), (char *)(b)) + #define sk_X509_PURPOSE_delete(a,b) ((X509_PURPOSE *) \ + sk_delete((a),(b))) + #define sk_X509_PURPOSE_delete_ptr(a,b) ((X509_PURPOSE *) \ + sk_delete_ptr((a),(char *)(b))) + #define sk_X509_PURPOSE_insert(a,b,c) sk_insert((a),(char *)(b),(c)) + #define sk_X509_PURPOSE_set_cmp_func(a,b) ((int (*) \ + (const X509_PURPOSE * const *,const X509_PURPOSE * const *)) \ + sk_set_cmp_func((a),(int (*) \ + (const char * const *, const char * const *))(b))) + #define sk_X509_PURPOSE_dup(a) sk_dup(a) + #define sk_X509_PURPOSE_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b)) + #define sk_X509_PURPOSE_shift(a) ((X509_PURPOSE *)sk_shift(a)) + #define sk_X509_PURPOSE_pop(a) ((X509_PURPOSE *)sk_pop(a)) + #define sk_X509_PURPOSE_sort(a) sk_sort(a) +#endif /* !DEBUG_SAFESTACK */ +/* End of perl script block, you may now edit :-) */ void ERR_load_X509V3_strings(void); int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp); @@ -536,7 +785,7 @@ X509_PURPOSE * X509_PURPOSE_get0(int idx); int X509_PURPOSE_get_by_sname(char *sname); int X509_PURPOSE_get_by_id(int id); int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(X509_PURPOSE *, X509 *, int), + int (*ck)(const X509_PURPOSE *, const X509 *, int), char *name, char *sname, void *arg); char *X509_PURPOSE_get0_name(X509_PURPOSE *xp); char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); |