1 files changed, 53 insertions, 165 deletions
diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c
index e63bbe8dba..fef0afb29f 100644
--- a/src/lib/libcrypto/cryptlib.c
+++ b/src/lib/libcrypto/cryptlib.c
@@ -480,8 +480,6 @@ const char *CRYPTO_get_lock_name(int type)
                return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
        }
-int OPENSSL_NONPIC_relocated=0;
 #if defined(_WIN32) && defined(_WINDLL)
 /* All we really need to do is remove the 'error' state when a thread
@@ -493,21 +491,6 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
        switch(fdwReason)
                {
        case DLL_PROCESS_ATTACH:
-#if defined(_WIN32_WINNT)
-                {
-                IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL;
-                IMAGE_NT_HEADERS *nt_headers;
-                if (dos_header->e_magic==IMAGE_DOS_SIGNATURE)
-                        {
-                        nt_headers = (IMAGE_NT_HEADERS *)((char *)dos_header
-                                                + dos_header->e_lfanew);
-                        if (nt_headers->Signature==IMAGE_NT_SIGNATURE &&
-                            hinstDLL!=(HINSTANCE)(nt_headers->OptionalHeader.ImageBase))
-                                OPENSSL_NONPIC_relocated=1;
-                        }
-                }
-#endif
                break;
        case DLL_THREAD_ATTACH:
                break;
@@ -521,160 +504,18 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
        }
 #endif
-#if defined(_WIN32)
-#include <tchar.h>
-#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-static int IsService(void)
-{ HWINSTA h;
-  DWORD len;
-  WCHAR *name;
-    (void)GetDesktopWindow(); /* return value is ignored */
-    h = GetProcessWindowStation();
-    if (h==NULL) return -1;
-    if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) ||
-        GetLastError() != ERROR_INSUFFICIENT_BUFFER)
-        return -1;
-    if (len>512) return -1;             /* paranoia */
-    len++,len&=~1;                      /* paranoia */
-#ifdef _MSC_VER
-    name=(WCHAR *)_alloca(len+sizeof(WCHAR));
-#else
-    name=(WCHAR *)alloca(len+sizeof(WCHAR));
-#endif
-    if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
-        return -1;
-    len++,len&=~1;                      /* paranoia */
-    name[len/sizeof(WCHAR)]=L'\0';      /* paranoia */
-#if 1
-    /* This doesn't cover "interactive" services [working with real
-     * WinSta0's] nor programs started non-interactively by Task
-     * Scheduler [those are working with SAWinSta]. */
-    if (wcsstr(name,L"Service-0x"))     return 1;
-#else
-    /* This covers all non-interactive programs such as services. */
-    if (!wcsstr(name,L"WinSta0"))       return 1;
-#endif
-    else                                return 0;
-}
-#endif
-void OPENSSL_showfatal (const char *fmta,...)
-{ va_list ap;
-  TCHAR buf[256];
-  const TCHAR *fmt;
-  HANDLE h;
-    if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
-        GetFileType(h)!=FILE_TYPE_UNKNOWN)
-    {   /* must be console application */
-        va_start (ap,fmta);
-        vfprintf (stderr,fmta,ap);
-        va_end (ap);
-        return;
-    }
-    if (sizeof(TCHAR)==sizeof(char))
-        fmt=(const TCHAR *)fmta;
-    else do
-    { int    keepgoing;
-      size_t len_0=strlen(fmta)+1,i;
-      WCHAR *fmtw;
-#ifdef _MSC_VER
-        fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR));
-#else
-        fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR));
-#endif
-        if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; }
-#ifndef OPENSSL_NO_MULTIBYTE
-        if (!MultiByteToWideChar(CP_ACP,0,fmta,len_0,fmtw,len_0))
-#endif
-            for (i=0;i<len_0;i++) fmtw[i]=(WCHAR)fmta[i];
-        for (i=0;i<len_0;i++)
-        {   if (fmtw[i]==L'%') do
-            {   keepgoing=0;
-                switch (fmtw[i+1])
-                {   case L'0': case L'1': case L'2': case L'3': case L'4':
-                    case L'5': case L'6': case L'7': case L'8': case L'9':
-                    case L'.': case L'*':
-                    case L'-':  i++; keepgoing=1; break;
-                    case L's':  fmtw[i+1]=L'S';   break;
-                    case L'S':  fmtw[i+1]=L's';   break;
-                    case L'c':  fmtw[i+1]=L'C';   break;
-                    case L'C':  fmtw[i+1]=L'c';   break;
-                }
-            } while (keepgoing);
-        }
-        fmt = (const TCHAR *)fmtw;
-    } while (0);
-    va_start (ap,fmta);
-    _vsntprintf (buf,sizeof(buf)/sizeof(TCHAR)-1,fmt,ap);
-    buf [sizeof(buf)/sizeof(TCHAR)-1] = _T('\0');
-    va_end (ap);
-#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-    /* this -------------v--- guards NT-specific calls */
-    if (GetVersion() < 0x80000000 && IsService())
-    {   HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
-        const TCHAR *pmsg=buf;
-        ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
-        DeregisterEventSource(h);
-    }
-    else
-#endif
-    {   MSGBOXPARAMS         m;
-        m.cbSize             = sizeof(m);
-        m.hwndOwner          = NULL;
-        m.lpszCaption        = _T("OpenSSL: FATAL");
-        m.dwStyle            = MB_OK;
-        m.hInstance          = NULL;
-        m.lpszIcon           = IDI_ERROR;
-        m.dwContextHelpId    = 0;
-        m.lpfnMsgBoxCallback = NULL;
-        m.dwLanguageId       = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US);
-        m.lpszText           = buf;
-        MessageBoxIndirect (&m);
-    }
-}
-#else
-void OPENSSL_showfatal (const char *fmta,...)
-{ va_list ap;
-    va_start (ap,fmta);
-    vfprintf (stderr,fmta,ap);
-    va_end (ap);
-}
-#endif
 void OpenSSLDie(const char *file,int line,const char *assertion)
        {
-        OPENSSL_showfatal(
+        fprintf(stderr,
                "%s(%d): OpenSSL internal error, assertion failed: %s\n",
                file,line,assertion);
        abort();
        }
-void *OPENSSL_stderr(void)      { return stderr; }
 #ifdef OPENSSL_FIPS
-void fips_w_lock(void)          { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
-void fips_w_unlock(void)        { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
-void fips_r_lock(void)          { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
-void fips_r_unlock(void)        { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); }
 static int fips_started = 0;
+static int fips_mode = 0;
+static void *fips_rand_check = 0;
 static unsigned long fips_thread = 0;
 void fips_set_started(void)
@@ -735,10 +576,57 @@ int fips_clear_owning_thread(void)
        return ret;
        }
-unsigned char *fips_signature_witness(void)
+void fips_set_mode(int onoff)
+        {
+        int owning_thread = fips_is_owning_thread();
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
+                fips_mode = onoff;
+                if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
+                }
+        }
+void fips_set_rand_check(void *rand_check)
+        {
+        int owning_thread = fips_is_owning_thread();
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
+                fips_rand_check = rand_check;
+                if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
+                }
+        }
+int FIPS_mode(void)
+        {
+        int ret = 0;
+        int owning_thread = fips_is_owning_thread();
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
+                ret = fips_mode;
+                if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
+                }
+        return ret;
+        }
+void *FIPS_rand_check(void)
        {
-        extern unsigned char FIPS_signature[];
+        void *ret = 0;
-        return FIPS_signature;
+        int owning_thread = fips_is_owning_thread();
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
+                ret = fips_rand_check;
+                if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
+                }
+        return ret;
        }
 #endif /* OPENSSL_FIPS */

diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c index e63bbe8dba..fef0afb29f 100644 --- a/src/lib/libcrypto/cryptlib.c +++ b/src/lib/libcrypto/cryptlib.c
@@ -480,8 +480,6 @@ const char *CRYPTO_get_lock_name(int type)
480	return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));	480	return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
481	}	481	}
482		482
483	int OPENSSL_NONPIC_relocated=0;
484
485	#if defined(_WIN32) && defined(_WINDLL)	483	#if defined(_WIN32) && defined(_WINDLL)
486		484
487	/* All we really need to do is remove the 'error' state when a thread	485	/* All we really need to do is remove the 'error' state when a thread
@@ -493,21 +491,6 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
493	switch(fdwReason)	491	switch(fdwReason)
494	{	492	{
495	case DLL_PROCESS_ATTACH:	493	case DLL_PROCESS_ATTACH:
496	#if defined(_WIN32_WINNT)
497	{
498	IMAGE_DOS_HEADER dos_header = (IMAGE_DOS_HEADER )hinstDLL;
499	IMAGE_NT_HEADERS *nt_headers;
500
501	if (dos_header->e_magic==IMAGE_DOS_SIGNATURE)
502	{
503	nt_headers = (IMAGE_NT_HEADERS )((char )dos_header
504	+ dos_header->e_lfanew);
505	if (nt_headers->Signature==IMAGE_NT_SIGNATURE &&
506	hinstDLL!=(HINSTANCE)(nt_headers->OptionalHeader.ImageBase))
507	OPENSSL_NONPIC_relocated=1;
508	}
509	}
510	#endif
511	break;	494	break;
512	case DLL_THREAD_ATTACH:	495	case DLL_THREAD_ATTACH:
513	break;	496	break;
@@ -521,160 +504,18 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
521	}	504	}
522	#endif	505	#endif
523		506
524	#if defined(_WIN32)
525	#include <tchar.h>
526
527	#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
528	static int IsService(void)
529	{ HWINSTA h;
530	DWORD len;
531	WCHAR *name;
532
533	(void)GetDesktopWindow(); /* return value is ignored */
534
535	h = GetProcessWindowStation();
536	if (h==NULL) return -1;
537
538	if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) \|\|
539	GetLastError() != ERROR_INSUFFICIENT_BUFFER)
540	return -1;
541
542	if (len>512) return -1; /* paranoia */
543	len++,len&=~1; /* paranoia */
544	#ifdef _MSC_VER
545	name=(WCHAR *)_alloca(len+sizeof(WCHAR));
546	#else
547	name=(WCHAR *)alloca(len+sizeof(WCHAR));
548	#endif
549	if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
550	return -1;
551
552	len++,len&=~1; /* paranoia */
553	name[len/sizeof(WCHAR)]=L'\0'; /* paranoia */
554	#if 1
555	/* This doesn't cover "interactive" services [working with real
556	* WinSta0's] nor programs started non-interactively by Task
557	* Scheduler [those are working with SAWinSta]. */
558	if (wcsstr(name,L"Service-0x")) return 1;
559	#else
560	/* This covers all non-interactive programs such as services. */
561	if (!wcsstr(name,L"WinSta0")) return 1;
562	#endif
563	else return 0;
564	}
565	#endif
566
567	void OPENSSL_showfatal (const char *fmta,...)
568	{ va_list ap;
569	TCHAR buf[256];
570	const TCHAR *fmt;
571	HANDLE h;
572
573	if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
574	GetFileType(h)!=FILE_TYPE_UNKNOWN)
575	{ /* must be console application */
576	va_start (ap,fmta);
577	vfprintf (stderr,fmta,ap);
578	va_end (ap);
579	return;
580	}
581
582	if (sizeof(TCHAR)==sizeof(char))
583	fmt=(const TCHAR *)fmta;
584	else do
585	{ int keepgoing;
586	size_t len_0=strlen(fmta)+1,i;
587	WCHAR *fmtw;
588
589	#ifdef _MSC_VER
590	fmtw = (WCHAR )_alloca (len_0sizeof(WCHAR));
591	#else
592	fmtw = (WCHAR )alloca (len_0sizeof(WCHAR));
593	#endif
594	if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; }
595
596	#ifndef OPENSSL_NO_MULTIBYTE
597	if (!MultiByteToWideChar(CP_ACP,0,fmta,len_0,fmtw,len_0))
598	#endif
599	for (i=0;i<len_0;i++) fmtw[i]=(WCHAR)fmta[i];
600
601	for (i=0;i<len_0;i++)
602	{ if (fmtw[i]==L'%') do
603	{ keepgoing=0;
604	switch (fmtw[i+1])
605	{ case L'0': case L'1': case L'2': case L'3': case L'4':
606	case L'5': case L'6': case L'7': case L'8': case L'9':
607	case L'.': case L'*':
608	case L'-': i++; keepgoing=1; break;
609	case L's': fmtw[i+1]=L'S'; break;
610	case L'S': fmtw[i+1]=L's'; break;
611	case L'c': fmtw[i+1]=L'C'; break;
612	case L'C': fmtw[i+1]=L'c'; break;
613	}
614	} while (keepgoing);
615	}
616	fmt = (const TCHAR *)fmtw;
617	} while (0);
618
619	va_start (ap,fmta);
620	_vsntprintf (buf,sizeof(buf)/sizeof(TCHAR)-1,fmt,ap);
621	buf [sizeof(buf)/sizeof(TCHAR)-1] = _T('\0');
622	va_end (ap);
623
624	#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
625	/* this -------------v--- guards NT-specific calls */
626	if (GetVersion() < 0x80000000 && IsService())
627	{ HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
628	const TCHAR *pmsg=buf;
629	ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
630	DeregisterEventSource(h);
631	}
632	else
633	#endif
634	{ MSGBOXPARAMS m;
635
636	m.cbSize = sizeof(m);
637	m.hwndOwner = NULL;
638	m.lpszCaption = _T("OpenSSL: FATAL");
639	m.dwStyle = MB_OK;
640	m.hInstance = NULL;
641	m.lpszIcon = IDI_ERROR;
642	m.dwContextHelpId = 0;
643	m.lpfnMsgBoxCallback = NULL;
644	m.dwLanguageId = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US);
645	m.lpszText = buf;
646
647	MessageBoxIndirect (&m);
648	}
649	}
650	#else
651	void OPENSSL_showfatal (const char *fmta,...)
652	{ va_list ap;
653
654	va_start (ap,fmta);
655	vfprintf (stderr,fmta,ap);
656	va_end (ap);
657	}
658	#endif
659
660	void OpenSSLDie(const char file,int line,const char assertion)	507	void OpenSSLDie(const char file,int line,const char assertion)
661	{	508	{
662	OPENSSL_showfatal(	509	fprintf(stderr,
663	"%s(%d): OpenSSL internal error, assertion failed: %s\n",	510	"%s(%d): OpenSSL internal error, assertion failed: %s\n",
664	file,line,assertion);	511	file,line,assertion);
665	abort();	512	abort();
666	}	513	}
667		514
668	void *OPENSSL_stderr(void) { return stderr; }
669
670	#ifdef OPENSSL_FIPS	515	#ifdef OPENSSL_FIPS
671
672	void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
673	void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
674	void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
675	void fips_r_unlock(void) { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); }
676
677	static int fips_started = 0;	516	static int fips_started = 0;
		517	static int fips_mode = 0;
		518	static void *fips_rand_check = 0;
678	static unsigned long fips_thread = 0;	519	static unsigned long fips_thread = 0;
679		520
680	void fips_set_started(void)	521	void fips_set_started(void)
@@ -735,10 +576,57 @@ int fips_clear_owning_thread(void)
735	return ret;	576	return ret;
736	}	577	}
737		578
738	unsigned char *fips_signature_witness(void)	579	void fips_set_mode(int onoff)
		580	{
		581	int owning_thread = fips_is_owning_thread();
		582
		583	if (fips_is_started())
		584	{
		585	if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
		586	fips_mode = onoff;
		587	if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
		588	}
		589	}
		590
		591	void fips_set_rand_check(void *rand_check)
		592	{
		593	int owning_thread = fips_is_owning_thread();
		594
		595	if (fips_is_started())
		596	{
		597	if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
		598	fips_rand_check = rand_check;
		599	if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
		600	}
		601	}
		602
		603	int FIPS_mode(void)
		604	{
		605	int ret = 0;
		606	int owning_thread = fips_is_owning_thread();
		607
		608	if (fips_is_started())
		609	{
		610	if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
		611	ret = fips_mode;
		612	if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
		613	}
		614	return ret;
		615	}
		616
		617	void *FIPS_rand_check(void)
739	{	618	{
740	extern unsigned char FIPS_signature[];	619	void *ret = 0;
741	return FIPS_signature;	620	int owning_thread = fips_is_owning_thread();
		621
		622	if (fips_is_started())
		623	{
		624	if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
		625	ret = fips_rand_check;
		626	if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
		627	}
		628	return ret;
742	}	629	}
		630
743	#endif /* OPENSSL_FIPS */	631	#endif /* OPENSSL_FIPS */
744		632