OpenSSL update

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4552 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2003-09-12 13:46:48 +00:00 · 2003-09-12 13:46:48 +00:00 · bd96b4c8cc
commit bd96b4c8cc
parent ecf0c48d5a
17 changed files with 409 additions and 335 deletions
--- a/ext/openssl/openssl_missing.c
+++ b/ext/openssl/openssl_missing.c
@ -17,21 +17,13 @@
 int
 HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
 {
-    if (!out || !in) {
-	/* HMACerr(HMAC_CTX_COPY,HMAC_R_INPUT_NOT_INITIALIZED); */
-	return 0;
-    }
+    if (!out || !in) return 0;
    memcpy(out, in, sizeof(HMAC_CTX));

-    if (!EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx)) {
+    if (!EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx)
+	    || !EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx)
+	    || !EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx))
 	return 0;
-    }
-    if (!EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx)) {
-	return 0;
-    }
-    if (!EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx)) {
-	return 0;
-    }
    return 1;
 }
 #endif /* HAVE_HMAC_CTX_COPY */
@ -42,12 +34,12 @@ HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)

 int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data)
 {
-    return CRYPTO_set_ex_data(&str->ex_data,idx,data);
+    return CRYPTO_set_ex_data(&str->ex_data, idx, data);
 }
 
 void *X509_STORE_get_ex_data(X509_STORE *str, int idx)
 {
-    return CRYPTO_get_ex_data(&str->ex_data,idx);
+    return CRYPTO_get_ex_data(&str->ex_data, idx);
 }
 #endif

@ -55,9 +47,10 @@ void *X509_STORE_get_ex_data(X509_STORE *str, int idx)
 EVP_MD_CTX *
 EVP_MD_CTX_create(void)
 {
-    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
+    if (!ctx) return NULL;

-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, 0, sizeof(EVP_MD_CTX));

    return ctx;
 }
@ -68,7 +61,7 @@ int
 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 {
    /* FIXME!!! */
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, 0, sizeof(EVP_MD_CTX));

    return 1;
 }
@ -87,7 +80,7 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
 void
 EVP_MD_CTX_init(EVP_MD_CTX *ctx)
 {
-    memset(ctx,'\0',sizeof *ctx);
+    memset(ctx, 0, sizeof(EVP_MD_CTX));
 }
 #endif

@ -108,7 +101,7 @@ HMAC_CTX_cleanup(HMAC_CTX *ctx)
    EVP_MD_CTX_cleanup(&ctx->i_ctx);
    EVP_MD_CTX_cleanup(&ctx->o_ctx);
    EVP_MD_CTX_cleanup(&ctx->md_ctx);
-    memset(ctx,0,sizeof *ctx);
+    memset(ctx, 0, sizeof(HMAC_CTX));
 }
 #endif

@ -116,13 +109,12 @@ HMAC_CTX_cleanup(HMAC_CTX *ctx)
 int
 X509_CRL_set_version(X509_CRL *x, long version)
 {
-    if (x == NULL) return(0);
-    if (x->crl->version == NULL)
-	{
-	if ((x->crl->version=M_ASN1_INTEGER_new()) == NULL)
-	    return(0);
-	}
-    return(ASN1_INTEGER_set(x->crl->version,version));
+    if (x == NULL || x->crl == NULL) return 0;
+    if (x->crl->version == NULL) {
+	x->crl->version = M_ASN1_INTEGER_new();
+	if (x->crl->version == NULL) return 0;
+    }
+    return ASN1_INTEGER_set(x->crl->version, version);
 }
 #endif

@ -130,8 +122,8 @@ X509_CRL_set_version(X509_CRL *x, long version)
 int
 X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
 {
-    if ((x == NULL) || (x->crl == NULL)) return(0);
-    return(X509_NAME_set(&x->crl->issuer,name));
+    if (x == NULL || x->crl == NULL) return 0;
+    return X509_NAME_set(&x->crl->issuer, name);
 }
 #endif

@ -144,8 +136,8 @@ X509_CRL_sort(X509_CRL *c)
    /* sort the data so it will be written in serial
     * number order */
    sk_X509_REVOKED_sort(c->crl->revoked);
-    for (i=0; i<sk_X509_REVOKED_num(c->crl->revoked); i++){
-	r=sk_X509_REVOKED_value(c->crl->revoked,i);
+    for (i=0; i<sk_X509_REVOKED_num(c->crl->revoked); i++) {
+	r=sk_X509_REVOKED_value(c->crl->revoked, i);
 	r->sequence=i;
    }
    return 1;
@ -165,13 +157,12 @@ int
 X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
 {
    X509_CRL_INFO *inf;
+    
    inf = crl->crl;
-    if(!inf->revoked)
+    if (!inf->revoked)
 	inf->revoked = sk_X509_REVOKED_new(OSSL_X509_REVOKED_cmp);
-    if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
-	/* ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE); */
+    if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev))
 	return 0;
-    }
    return 1;
 }
 #endif
@ -181,7 +172,6 @@ int
 BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
 {
    if (!BN_sqr(r, (BIGNUM*)a, ctx)) return 0;
-    /* r->neg == 0,  thus we don't need BN_nnmod */
    return BN_mod(r, r, m, ctx);
 }
 #endif
@ -189,11 +179,8 @@ BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
 #if !defined(HAVE_BN_MOD_ADD) || !defined(HAVE_BN_MOD_SUB)
 int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
 {
-    /* like BN_mod, but returns non-negative remainder
-     * (i.e.,  0 <= r < |d|  always holds) */
-    if (!(BN_mod(r,m,d,ctx))) return 0;
+    if (!BN_mod(r,m,d,ctx)) return 0;
    if (!r->neg) return 1;
-    /* now   -|d| < r < 0,  so we have to set  r := r + |d| */
    return (d->neg ? BN_sub : BN_add)(r, r, d);
 }
 #endif
@ -216,6 +203,54 @@ BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX
 }
 #endif

+#if !defined(HAVE_BN_RAND_RANGE) || !defined(HAVE_BN_PSEUDO_RAND_RANGE)
+static int
+bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
+{
+    int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
+    int n;
+
+    if (range->neg || BN_is_zero(range)) return 0;
+
+    n = BN_num_bits(range);
+
+    if (n == 1) {
+	if (!BN_zero(r)) return 0;
+    } else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
+	do {
+	    if (!bn_rand(r, n + 1, -1, 0)) return 0;
+	    if (BN_cmp(r ,range) >= 0) {
+		if (!BN_sub(r, r, range)) return 0;
+		if (BN_cmp(r, range) >= 0)
+		    if (!BN_sub(r, r, range)) return 0;
+	    }
+	} while (BN_cmp(r, range) >= 0);
+    } else {
+	do {
+	    if (!bn_rand(r, n, -1, 0)) return 0;
+	} while (BN_cmp(r, range) >= 0);
+    }
+
+    return 1;
+}
+#endif
+
+#if !defined(HAVE_BN_RAND_RANGE)
+int
+BN_rand_range(BIGNUM *r, BIGNUM *range)
+{
+    return bn_rand_range(0, r, range);
+}
+#endif
+
+#if !defined(HAVE_BN_PSEUDO_RAND_RANGE)
+int
+BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range)
+{
+    return bn_rand_range(1, r, range);
+}
+#endif
+
 #if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE)
 #define OPENSSL_CONF "openssl.cnf"
 char *
@ -250,30 +285,31 @@ PEM_def_callback(char *buf, int num, int w, void *key)
 {
    int i,j;
    const char *prompt;
-    if(key){
+    
+    if (key) {
 	i = strlen(key);
 	i = (i > num) ? num : i;
 	memcpy(buf, key, i);
-	return(i);
+	return i;
    }

    prompt = EVP_get_pw_prompt();
-    if (prompt == NULL) prompt= "Enter PEM pass phrase:";
-    for(;;){
+    if (prompt == NULL) prompt = "Enter PEM pass phrase:";
+    for (;;) {
 	i = EVP_read_pw_string(buf, num, prompt, w);
-	if(i != 0){
-	    memset(buf,0,(unsigned int)num);
+	if (i != 0) {
+	    memset(buf, 0, (unsigned int)num);
 	    return(-1);
 	}
 	j = strlen(buf);
-	if(j < OSSL_PASS_MIN_LENGTH){
+	if (j < OSSL_PASS_MIN_LENGTH) {
 	    fprintf(stderr,
 		    "phrase is too short, needs to be at least %d chars\n",
 		    OSSL_PASS_MIN_LENGTH);
 	}
 	else break;
    }
-    return(j);
+    return j;
 }
 #endif