merge 0.9.7b with local changes; crank majors for libssl/libcrypto

author: markus <> 2003-05-12 02:18:40 +0000
committer: markus <> 2003-05-12 02:18:40 +0000
commit: d4fcd82bb7f6d603bd61e19a81ba97337b89dfca (patch)
tree: d52e3a0f1f08f65ad283027e560e17ed0d720462 /src/lib/libcrypto/rand
parent: 582bbd139cd2afd58d10dc051c5b0b989b441074 (diff)
download: openbsd-d4fcd82bb7f6d603bd61e19a81ba97337b89dfca.tar.gz
openbsd-d4fcd82bb7f6d603bd61e19a81ba97337b89dfca.tar.bz2
openbsd-d4fcd82bb7f6d603bd61e19a81ba97337b89dfca.zip
9 files changed, 90 insertions, 41 deletions
diff --git a/src/lib/libcrypto/rand/Makefile.ssl b/src/lib/libcrypto/rand/Makefile.ssl
index 73b5f568e8..df80702373 100644
--- a/src/lib/libcrypto/rand/Makefile.ssl
+++ b/src/lib/libcrypto/rand/Makefile.ssl
@@ -70,7 +70,7 @@ lint:
        lint -DLINT $(INCLUDES) $(SRC)>fluff
 depend:
-        $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
 dclean:
        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
index a00ed70718..eeffc0df4c 100644
--- a/src/lib/libcrypto/rand/md_rand.c
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -177,10 +177,10 @@ RAND_METHOD *RAND_SSLeay(void)
 static void ssleay_rand_cleanup(void)
        {
-        memset(state,0,sizeof(state));
+        OPENSSL_cleanse(state,sizeof(state));
        state_num=0;
        state_index=0;
-        memset(md,0,MD_DIGEST_LENGTH);
+        OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
        md_count[0]=0;
        md_count[1]=0;
        entropy=0;
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 66e39991ec..606382dd21 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -87,7 +87,9 @@ extern int rand_predictable;
 int RAND_set_rand_method(const RAND_METHOD *meth);
 const RAND_METHOD *RAND_get_rand_method(void);
+#ifndef OPENSSL_NO_ENGINE
 int RAND_set_rand_engine(ENGINE *engine);
+#endif
 RAND_METHOD *RAND_SSLeay(void);
 void RAND_cleanup(void );
 int  RAND_bytes(unsigned char *buf,int num);
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
index 96019c07a6..895967476e 100644
--- a/src/lib/libcrypto/rand/rand_egd.c
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -94,7 +94,7 @@
 *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
 */
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(__DJGPP__)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS)
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
        {
        return(-1);
@@ -114,7 +114,7 @@ int RAND_egd_bytes(const char *path,int bytes)
 #include <sys/types.h>
 #include <sys/socket.h>
 #ifndef NO_SYS_UN_H
-# ifdef OPENSSL_SYS_VSWORKS
+# ifdef OPENSSL_SYS_VXWORKS
 #   include <streams/un.h>
 # else
 #   include <sys/un.h>
@@ -143,7 +143,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
        memset(&addr, 0, sizeof(addr));
        addr.sun_family = AF_UNIX;
-        if (strlen(path) > sizeof(addr.sun_path))
+        if (strlen(path) >= sizeof(addr.sun_path))
                return (-1);
        strlcpy(addr.sun_path,path,sizeof addr.sun_path);
        len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 5cf5dc1188..513e338985 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -60,19 +60,25 @@
 #include <time.h>
 #include "cryptlib.h"
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
 static ENGINE *funct_ref =NULL;
+#endif
 static const RAND_METHOD *default_RAND_meth = NULL;
 int RAND_set_rand_method(const RAND_METHOD *meth)
        {
+#ifndef OPENSSL_NO_ENGINE
        if(funct_ref)
                {
                ENGINE_finish(funct_ref);
                funct_ref = NULL;
                }
+#endif
        default_RAND_meth = meth;
        return 1;
        }
@@ -81,6 +87,7 @@ const RAND_METHOD *RAND_get_rand_method(void)
        {
        if (!default_RAND_meth)
                {
+#ifndef OPENSSL_NO_ENGINE
                ENGINE *e = ENGINE_get_default_RAND();
                if(e)
                        {
@@ -94,11 +101,13 @@ const RAND_METHOD *RAND_get_rand_method(void)
                if(e)
                        funct_ref = e;
                else
+#endif
                        default_RAND_meth = RAND_SSLeay();
                }
        return default_RAND_meth;
        }
+#ifndef OPENSSL_NO_ENGINE
 int RAND_set_rand_engine(ENGINE *engine)
        {
        const RAND_METHOD *tmp_meth = NULL;
@@ -118,6 +127,7 @@ int RAND_set_rand_engine(ENGINE *engine)
        funct_ref = engine;
        return 1;
        }
+#endif
 void RAND_cleanup(void)
        {
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
index fa2bab57c6..0599719dd1 100644
--- a/src/lib/libcrypto/rand/rand_unix.c
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -115,7 +115,7 @@
 #include <openssl/rand.h>
 #include "rand_lcl.h"
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2))
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS))
 #include <sys/types.h>
 #include <sys/time.h>
@@ -233,7 +233,7 @@ int RAND_poll(void)
        if (n > 0)
                {
                RAND_add(tmpbuf,sizeof tmpbuf,n);
-                memset(tmpbuf,0,n);
+                OPENSSL_cleanse(tmpbuf,n);
                }
 #endif
@@ -255,3 +255,10 @@ int RAND_poll(void)
 #endif
 #endif
+#if defined(OPENSSL_SYS_VXWORKS)
+int RAND_poll(void)
+{
+    return 0;
+}
+#endif
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c
index c1b955b06f..113b58678f 100644
--- a/src/lib/libcrypto/rand/rand_win.c
+++ b/src/lib/libcrypto/rand/rand_win.c
@@ -125,7 +125,7 @@
 * http://developer.intel.com/design/security/rng/redist_license.htm
 */
 #define PROV_INTEL_SEC 22
-#define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider"
+#define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider")
 static void readtimer(void);
 static void readscreen(void);
@@ -170,7 +170,9 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
 typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
 #include <lmcons.h>
+#ifndef OPENSSL_SYS_WINCE
 #include <lmstats.h>
+#endif
 #if 1 /* The NET API is Unicode only.  It requires the use of the UNICODE
       * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
       * was added to the Platform SDK to allow the NET API to be used in
@@ -209,20 +211,32 @@ int RAND_poll(void)
        osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
        GetVersionEx( &osverinfo ) ;
+#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO
+        /* poll the CryptoAPI PRNG */
+        /* The CryptoAPI returns sizeof(buf) bytes of randomness */
+        if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+                {
+                if (CryptGenRandom(hProvider, sizeof(buf), buf))
+                        RAND_add(buf, sizeof(buf), sizeof(buf));
+                CryptReleaseContext(hProvider, 0); 
+                }
+#endif
        /* load functions dynamically - not available on all systems */
-        advapi = LoadLibrary("ADVAPI32.DLL");
+        advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
-        kernel = LoadLibrary("KERNEL32.DLL");
+        kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
-        user = LoadLibrary("USER32.DLL");
+        user = LoadLibrary(TEXT("USER32.DLL"));
-        netapi = LoadLibrary("NETAPI32.DLL");
+        netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
+#ifndef OPENSSL_SYS_WINCE
 #if 1 /* There was previously a problem with NETSTATGET.  Currently, this
       * section is still experimental, but if all goes well, this conditional
       * will be removed
       */
        if (netapi)
                {
-                netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
+                netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet"));
-                netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
+                netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree"));
                }
        if (netstatget && netfree)
@@ -249,7 +263,9 @@ int RAND_poll(void)
        if (netapi)
                FreeLibrary(netapi);
 #endif /* 1 */
+#endif /* !OPENSSL_SYS_WINCE */
 
+#ifndef OPENSSL_SYS_WINCE
        /* It appears like this can cause an exception deep within ADVAPI32.DLL
         * at random times on Windows 2000.  Reported by Jeffrey Altman.  
         * Only use it on NT.
@@ -280,30 +296,40 @@ int RAND_poll(void)
                        bufsz += 8192;
                        length = bufsz;
-                        rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, "Global",
+                        rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"),
                                NULL, NULL, buf, &length);
                        }
                if (rc == ERROR_SUCCESS)
                        {
                        /* For entropy count assume only least significant
                         * byte of each DWORD is random.
-                         */
+                         */
                        RAND_add(&length, sizeof(length), 0);
                        RAND_add(buf, length, length / 4.0);
+                        /* Close the Registry Key to allow Windows to cleanup/close
+                         * the open handle
+                         * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened
+                         *       when the RegQueryValueEx above is done.  However, if
+                         *       it is not explicitly closed, it can cause disk
+                         *       partition manipulation problems.
+                         */
+                        RegCloseKey(HKEY_PERFORMANCE_DATA);
                        }
                if (buf)
                        free(buf);
                }
 #endif
+#endif /* !OPENSSL_SYS_WINCE */
        if (advapi)
                {
                acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
-                        "CryptAcquireContextA");
+                        TEXT("CryptAcquireContextA"));
                gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
-                        "CryptGenRandom");
+                        TEXT("CryptGenRandom"));
                release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
-                        "CryptReleaseContext");
+                        TEXT("CryptReleaseContext"));
                }
        if (acquire && gen && release)
@@ -357,9 +383,9 @@ int RAND_poll(void)
                GETFOREGROUNDWINDOW win;
                GETQUEUESTATUS queue;
-                win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
+                win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow"));
-                cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
+                cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo"));
-                queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
+                queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus"));
                if (win)
                        {
@@ -430,17 +456,17 @@ int RAND_poll(void)
                MODULEENTRY32 m;
                snap = (CREATETOOLHELP32SNAPSHOT)
-                        GetProcAddress(kernel, "CreateToolhelp32Snapshot");
+                        GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
-                heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
+                heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First"));
-                heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
+                heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next"));
-                heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
+                heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst"));
-                heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
+                heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext"));
-                process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
+                process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First"));
-                process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
+                process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next"));
-                thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
+                thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First"));
-                thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
+                thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next"));
-                module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
+                module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First"));
-                module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
+                module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next"));
                if (snap && heap_first && heap_next && heaplist_first &&
                        heaplist_next && process_first && process_next &&
@@ -575,7 +601,7 @@ static void readtimer(void)
        DWORD w;
        LARGE_INTEGER l;
        static int have_perfc = 1;
-#ifdef _MSC_VER
+#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
        static int have_tsc = 1;
        DWORD cyclecount;
@@ -628,6 +654,7 @@ static void readtimer(void)
 static void readscreen(void)
 {
+#ifndef OPENSSL_SYS_WINCE
  HDC           hScrDC;         /* screen DC */
  HDC           hMemDC;         /* memory DC */
  HBITMAP       hBitmap;        /* handle for our bitmap */
@@ -641,7 +668,7 @@ static void readscreen(void)
  int           n = 16;         /* number of screen lines to grab at a time */
  /* Create a screen DC and a memory DC compatible to screen DC */
-  hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+  hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL);
  hMemDC = CreateCompatibleDC(hScrDC);
  /* Get screen resolution */
@@ -688,6 +715,7 @@ static void readscreen(void)
  DeleteObject(hBitmap);
  DeleteDC(hMemDC);
  DeleteDC(hScrDC);
+#endif /* !OPENSSL_SYS_WINCE */
 }
 #endif
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index 311dd27a7b..cfbec2ac1f 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -132,7 +132,7 @@ int RAND_load_file(const char *file, long bytes)
                        }
                }
        fclose(in);
-        memset(buf,0,BUFSIZE);
+        OPENSSL_cleanse(buf,BUFSIZE);
 err:
        return(ret);
        }
@@ -210,7 +210,7 @@ int RAND_write_file(const char *file)
 #endif /* OPENSSL_SYS_VMS */
        fclose(out);
-        memset(buf,0,BUFSIZE);
+        OPENSSL_cleanse(buf,BUFSIZE);
 err:
        return (rand_err ? -1 : ret);
        }
@@ -225,8 +225,8 @@ const char *RAND_file_name(char *buf, size_t size)
                s=getenv("RANDFILE");
        if (s != NULL && *s && strlen(s) + 1 < size)
                {
-                strlcpy(buf,s,size);
+                if (strlcpy(buf,s,size) >= size)
-                ok = 1;
+                        return NULL;
                }
        else
                {
diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c
index b64de616db..701932e6ee 100644
--- a/src/lib/libcrypto/rand/randtest.c
+++ b/src/lib/libcrypto/rand/randtest.c
@@ -60,6 +60,8 @@
 #include <stdlib.h>
 #include <openssl/rand.h>
+#include "../e_os.h"
 /* some FIPS 140-1 random number test */
 /* some simple tests */
@@ -209,6 +211,6 @@ int main()
        printf("test 4 done\n");
 err:
        err=((err)?1:0);
-        exit(err);
+        EXIT(err);
        return(err);
        }
author	markus <>	2003-05-12 02:18:40 +0000
committer	markus <>	2003-05-12 02:18:40 +0000
commit	d4fcd82bb7f6d603bd61e19a81ba97337b89dfca (patch)
tree	d52e3a0f1f08f65ad283027e560e17ed0d720462 /src/lib/libcrypto/rand
parent	582bbd139cd2afd58d10dc051c5b0b989b441074 (diff)
download	openbsd-d4fcd82bb7f6d603bd61e19a81ba97337b89dfca.tar.gz openbsd-d4fcd82bb7f6d603bd61e19a81ba97337b89dfca.tar.bz2 openbsd-d4fcd82bb7f6d603bd61e19a81ba97337b89dfca.zip