From 1f0ada29dbbd22c18c51187561c2eb01d2a776b2 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Tue, 10 Jun 2014 15:20:40 +0000 Subject: KNF. --- src/lib/libcrypto/engine/eng_aesni.c | 331 ++++++++++++------------- src/lib/libcrypto/engine/eng_all.c | 16 +- src/lib/libcrypto/engine/eng_cnf.c | 158 ++++++------ src/lib/libcrypto/engine/eng_ctrl.c | 313 ++++++++++++------------ src/lib/libcrypto/engine/eng_dyn.c | 346 ++++++++++++++------------- src/lib/libcrypto/engine/eng_err.c | 193 ++++++++------- src/lib/libcrypto/engine/eng_fat.c | 77 +++--- src/lib/libcrypto/engine/eng_init.c | 78 +++--- src/lib/libssl/src/crypto/engine/eng_aesni.c | 331 ++++++++++++------------- src/lib/libssl/src/crypto/engine/eng_all.c | 16 +- src/lib/libssl/src/crypto/engine/eng_cnf.c | 158 ++++++------ src/lib/libssl/src/crypto/engine/eng_ctrl.c | 313 ++++++++++++------------ src/lib/libssl/src/crypto/engine/eng_dyn.c | 346 ++++++++++++++------------- src/lib/libssl/src/crypto/engine/eng_err.c | 193 ++++++++------- src/lib/libssl/src/crypto/engine/eng_fat.c | 77 +++--- src/lib/libssl/src/crypto/engine/eng_init.c | 78 +++--- 16 files changed, 1512 insertions(+), 1512 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/engine/eng_aesni.c b/src/lib/libcrypto/engine/eng_aesni.c index d547d7f465..b1eade2d63 100644 --- a/src/lib/libcrypto/engine/eng_aesni.c +++ b/src/lib/libcrypto/engine/eng_aesni.c @@ -102,7 +102,8 @@ void ENGINE_load_aesni (void) /* On non-x86 CPUs it just returns. */ #ifdef COMPILE_HW_AESNI ENGINE *toadd = ENGINE_aesni(); - if (!toadd) return; + if (!toadd) + return; ENGINE_add (toadd); ENGINE_register_complete (toadd); ENGINE_free (toadd); @@ -112,32 +113,26 @@ void ENGINE_load_aesni (void) #ifdef COMPILE_HW_AESNI int aesni_set_encrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); + AES_KEY *key); int aesni_set_decrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); + AES_KEY *key); void aesni_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); + const AES_KEY *key); void aesni_decrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -void aesni_ecb_encrypt(const unsigned char *in, - unsigned char *out, - size_t length, - const AES_KEY *key, - int enc); -void aesni_cbc_encrypt(const unsigned char *in, - unsigned char *out, - size_t length, - const AES_KEY *key, - unsigned char *ivec, int enc); + const AES_KEY *key); + +void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const AES_KEY *key, int enc); +void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const AES_KEY *key, unsigned char *ivec, int enc); /* Function for ENGINE detection and control */ static int aesni_init(ENGINE *e); /* Cipher Stuff */ static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); + const int **nids, int nid); #define AESNI_MIN_ALIGN 16 #define AESNI_ALIGN(x) \ @@ -145,143 +140,146 @@ static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, /* Engine names */ static const char aesni_id[] = "aesni", - aesni_name[] = "Intel AES-NI engine", - no_aesni_name[] = "Intel AES-NI engine (no-aesni)"; + aesni_name[] = "Intel AES-NI engine", + no_aesni_name[] = "Intel AES-NI engine (no-aesni)"; /* The input and output encrypted as though 128bit cfb mode is being * used. The extra state information to record how much of the * 128bit block we have used is contained in *num; */ -static void aesni_cfb128_encrypt(const unsigned char *in, unsigned char *out, - unsigned int len, const void *key, - unsigned char ivec[16], int *num, - int enc) +static void +aesni_cfb128_encrypt(const unsigned char *in, unsigned char *out, + unsigned int len, const void *key, unsigned char ivec[16], int *num, + int enc) { - unsigned int n; - size_t l = 0; + unsigned int n; + size_t l = 0; - assert(in && out && key && ivec && num); + assert(in && out && key && ivec && num); - n = *num; + n = *num; - if (enc) { + if (enc) { #if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16%sizeof(size_t) == 0) do { /* always true actually */ - while (n && len) { - *(out++) = ivec[n] ^= *(in++); - --len; - n = (n+1) % 16; - } - while (len>=16) { - aesni_encrypt(ivec, ivec, key); - for (n=0; n<16; n+=sizeof(size_t)) { - *(size_t*)(out+n) = - *(size_t*)(ivec+n) ^= *(size_t*)(in+n); + if (16%sizeof(size_t) == 0) do { /* always true actually */ + while (n && len) { + *(out++) = ivec[n] ^= *(in++); + --len; + n = (n + 1) % 16; } - len -= 16; - out += 16; - in += 16; - } - n = 0; - if (len) { - aesni_encrypt(ivec, ivec, key); - while (len--) { - out[n] = ivec[n] ^= in[n]; - ++n; + while (len >= 16) { + aesni_encrypt(ivec, ivec, key); + for (n = 0; n < 16; n += sizeof(size_t)) { + *(size_t*)(out + n) = + *(size_t*)(ivec + n) ^= *(size_t*)(in + n); + } + len -= 16; + out += 16; + in += 16; } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ + n = 0; + if (len) { + aesni_encrypt(ivec, ivec, key); + while (len--) { + out[n] = ivec[n] ^= in[n]; + ++n; + } + } + *num = n; + return; + } while (0); + /* the rest would be commonly eliminated by x86* compiler */ #endif - while (l=16) { - aesni_encrypt(ivec, ivec, key); - for (n=0; n<16; n+=sizeof(size_t)) { - size_t t = *(size_t*)(in+n); - *(size_t*)(out+n) = *(size_t*)(ivec+n) ^ t; - *(size_t*)(ivec+n) = t; + while (l < len) { + if (n == 0) { + aesni_encrypt(ivec, ivec, key); } - len -= 16; - out += 16; - in += 16; + out[l] = ivec[n] ^= in[l]; + ++l; + n = (n + 1) % 16; } - n = 0; - if (len) { - aesni_encrypt(ivec, ivec, key); - while (len--) { + *num = n; + } else { +#if !defined(OPENSSL_SMALL_FOOTPRINT) + if (16%sizeof(size_t) == 0) do { /* always true actually */ + while (n && len) { unsigned char c; - out[n] = ivec[n] ^ (c = in[n]); ivec[n] = c; - ++n; + *(out++) = ivec[n] ^ (c = *(in++)); + ivec[n] = c; + --len; + n = (n + 1) % 16; } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ + while (len >= 16) { + aesni_encrypt(ivec, ivec, key); + for (n = 0; n < 16; n += sizeof(size_t)) { + size_t t = *(size_t*)(in + n); + *(size_t*)(out + n) = *(size_t*)(ivec + n) ^ t; + *(size_t*)(ivec + n) = t; + } + len -= 16; + out += 16; + in += 16; + } + n = 0; + if (len) { + aesni_encrypt(ivec, ivec, key); + while (len--) { + unsigned char c; + out[n] = ivec[n] ^ (c = in[n]); + ivec[n] = c; + ++n; + } + } + *num = n; + return; + } while (0); + /* the rest would be commonly eliminated by x86* compiler */ #endif - while (l=16) { + while (len >= 16) { aesni_encrypt(ivec, ivec, key); - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t*)(out+n) = - *(size_t*)(in+n) ^ *(size_t*)(ivec+n); + for (n = 0; n < 16; n += sizeof(size_t)) + *(size_t*)(out + n) = + *(size_t*)(in + n) ^ *(size_t*)(ivec + n); len -= 16; out += 16; - in += 16; + in += 16; } n = 0; if (len) { @@ -293,19 +291,19 @@ static void aesni_ofb128_encrypt(const unsigned char *in, unsigned char *out, } *num = n; return; - } while(0); + } while (0); /* the rest would be commonly eliminated by x86* compiler */ #endif - while (l 4) { engage = ((IA32CAP)OPENSSL_ia32cap_P >> 57) & 1; } else { @@ -326,10 +325,8 @@ aesni_bind_helper(ENGINE *e) /* Register everything or return with an error */ if (!ENGINE_set_id(e, aesni_id) || !ENGINE_set_name(e, engage ? aesni_name : no_aesni_name) || - !ENGINE_set_init_function(e, aesni_init) || - (engage && !ENGINE_set_ciphers (e, aesni_ciphers)) - ) + (engage && !ENGINE_set_ciphers (e, aesni_ciphers))) return 0; /* Everything looks good */ @@ -403,60 +400,72 @@ static int aesni_cipher_nids[] = { NID_aes_256_ofb, }; static int aesni_cipher_nids_num = - (sizeof(aesni_cipher_nids)/sizeof(aesni_cipher_nids[0])); + (sizeof(aesni_cipher_nids) / sizeof(aesni_cipher_nids[0])); -typedef struct -{ +typedef struct { AES_KEY ks; unsigned int _pad1[3]; } AESNI_KEY; static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *user_key, - const unsigned char *iv, int enc) + const unsigned char *iv, int enc) { int ret; AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); - if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE - || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE - || enc) - ret=aesni_set_encrypt_key(user_key, ctx->key_len * 8, key); + if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE || + (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE || + enc) + ret = aesni_set_encrypt_key(user_key, ctx->key_len * 8, key); else - ret=aesni_set_decrypt_key(user_key, ctx->key_len * 8, key); + ret = aesni_set_decrypt_key(user_key, ctx->key_len * 8, key); - if(ret < 0) { - EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED); + if (ret < 0) { + EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED); return 0; } return 1; } -static int aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); +static int +aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + aesni_ecb_encrypt(in, out, inl, key, ctx->encrypt); return 1; } -static int aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); - aesni_cbc_encrypt(in, out, inl, key, - ctx->iv, ctx->encrypt); + +static int +aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + + aesni_cbc_encrypt(in, out, inl, key, ctx->iv, ctx->encrypt); return 1; } -static int aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); - aesni_cfb128_encrypt(in, out, inl, key, ctx->iv, - &ctx->num, ctx->encrypt); +static int +aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + + aesni_cfb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num, + ctx->encrypt); return 1; } -static int aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + +static int +aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + aesni_ofb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num); return 1; } @@ -487,24 +496,23 @@ static const EVP_CIPHER aesni_##ksize##_##lmode = { \ NULL \ } -DECLARE_AES_EVP(128,ecb,ECB); -DECLARE_AES_EVP(128,cbc,CBC); -DECLARE_AES_EVP(128,cfb,CFB); -DECLARE_AES_EVP(128,ofb,OFB); +DECLARE_AES_EVP(128, ecb, ECB); +DECLARE_AES_EVP(128, cbc, CBC); +DECLARE_AES_EVP(128, cfb, CFB); +DECLARE_AES_EVP(128, ofb, OFB); -DECLARE_AES_EVP(192,ecb,ECB); -DECLARE_AES_EVP(192,cbc,CBC); -DECLARE_AES_EVP(192,cfb,CFB); -DECLARE_AES_EVP(192,ofb,OFB); +DECLARE_AES_EVP(192, ecb, ECB); +DECLARE_AES_EVP(192, cbc, CBC); +DECLARE_AES_EVP(192, cfb, CFB); +DECLARE_AES_EVP(192, ofb, OFB); -DECLARE_AES_EVP(256,ecb,ECB); -DECLARE_AES_EVP(256,cbc,CBC); -DECLARE_AES_EVP(256,cfb,CFB); -DECLARE_AES_EVP(256,ofb,OFB); +DECLARE_AES_EVP(256, ecb, ECB); +DECLARE_AES_EVP(256, cbc, CBC); +DECLARE_AES_EVP(256, cfb, CFB); +DECLARE_AES_EVP(256, ofb, OFB); static int -aesni_ciphers (ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) +aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) { /* No specific cipher => return a list of supported nids ... */ if (!cipher) { @@ -563,4 +571,3 @@ aesni_ciphers (ENGINE *e, const EVP_CIPHER **cipher, #endif /* COMPILE_HW_AESNI */ #endif /* !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) && !defined(OPENSSL_NO_AES) */ - diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c index fd36594a0b..eb933153e1 100644 --- a/src/lib/libcrypto/engine/eng_all.c +++ b/src/lib/libcrypto/engine/eng_all.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -59,8 +59,9 @@ #include "cryptlib.h" #include "eng_int.h" -void ENGINE_load_builtin_engines(void) - { +void +ENGINE_load_builtin_engines(void) +{ /* Some ENGINEs need this */ OPENSSL_cpuid_setup(); #if 0 @@ -85,15 +86,18 @@ void ENGINE_load_builtin_engines(void) #endif #endif ENGINE_register_all_complete(); - } +} #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) -void ENGINE_setup_bsd_cryptodev(void) { +void +ENGINE_setup_bsd_cryptodev(void) +{ static int bsd_cryptodev_default_loaded = 0; + if (!bsd_cryptodev_default_loaded) { ENGINE_load_cryptodev(); ENGINE_register_all_complete(); } - bsd_cryptodev_default_loaded=1; + bsd_cryptodev_default_loaded = 1; } #endif diff --git a/src/lib/libcrypto/engine/eng_cnf.c b/src/lib/libcrypto/engine/eng_cnf.c index afb704e93b..c0c6b3fdc4 100644 --- a/src/lib/libcrypto/engine/eng_cnf.c +++ b/src/lib/libcrypto/engine/eng_cnf.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -63,34 +63,37 @@ /* ENGINE config module */ -static char *skip_dot(char *name) - { +static char * +skip_dot(char *name) +{ char *p; + p = strchr(name, '.'); if (p) return p + 1; return name; - } +} static STACK_OF(ENGINE) *initialized_engines = NULL; -static int int_engine_init(ENGINE *e) - { +static int +int_engine_init(ENGINE *e) +{ if (!ENGINE_init(e)) return 0; if (!initialized_engines) initialized_engines = sk_ENGINE_new_null(); - if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) - { + if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) { ENGINE_finish(e); return 0; - } - return 1; } - + return 1; +} -static int int_engine_configure(char *name, char *value, const CONF *cnf) - { + +static int +int_engine_configure(char *name, char *value, const CONF *cnf) +{ int i; int ret = 0; long do_init = -1; @@ -107,19 +110,19 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) /* Value is a section containing ENGINE commands */ ecmds = NCONF_get_section(cnf, value); - if (!ecmds) - { - ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_SECTION_ERROR); + if (!ecmds) { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, + ENGINE_R_ENGINE_SECTION_ERROR); return 0; - } + } - for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) - { + for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) { ecmd = sk_CONF_VALUE_value(ecmds, i); ctrlname = skip_dot(ecmd->name); ctrlvalue = ecmd->value; #ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname, ctrlvalue); + fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", + ctrlname, ctrlvalue); #endif /* First handle some special pseudo ctrls */ @@ -130,8 +133,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) else if (!strcmp(ctrlname, "soft_load")) soft = 1; /* Load a dynamic ENGINE */ - else if (!strcmp(ctrlname, "dynamic_path")) - { + else if (!strcmp(ctrlname, "dynamic_path")) { e = ENGINE_by_id("dynamic"); if (!e) goto err; @@ -141,119 +143,111 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) goto err; if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) goto err; - } + } /* ... add other pseudos here ... */ - else - { + else { /* At this point we need an ENGINE structural reference * if we don't already have one. */ - if (!e) - { + if (!e) { e = ENGINE_by_id(name); - if (!e && soft) - { + if (!e && soft) { ERR_clear_error(); return 1; - } + } if (!e) goto err; - } + } /* Allow "EMPTY" to mean no value: this allows a valid * "value" to be passed to ctrls of type NO_INPUT */ if (!strcmp(ctrlvalue, "EMPTY")) ctrlvalue = NULL; - if (!strcmp(ctrlname, "init")) - { - if (!NCONF_get_number_e(cnf, value, "init", &do_init)) + if (!strcmp(ctrlname, "init")) { + if (!NCONF_get_number_e(cnf, value, "init", + &do_init)) goto err; - if (do_init == 1) - { + if (do_init == 1) { if (!int_engine_init(e)) goto err; - } - else if (do_init != 0) - { - ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE); + } else if (do_init != 0) { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, + ENGINE_R_INVALID_INIT_VALUE); goto err; - } } - else if (!strcmp(ctrlname, "default_algorithms")) - { + } + else if (!strcmp(ctrlname, "default_algorithms")) { if (!ENGINE_set_default_string(e, ctrlvalue)) goto err; - } - else if (!ENGINE_ctrl_cmd_string(e, - ctrlname, ctrlvalue, 0)) + } else if (!ENGINE_ctrl_cmd_string(e, + ctrlname, ctrlvalue, 0)) goto err; - } - - - } - if (e && (do_init == -1) && !int_engine_init(e)) - { + } + if (e && (do_init == -1) && !int_engine_init(e)) { ecmd = NULL; goto err; - } + } ret = 1; - err: - if (ret != 1) - { - ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_CONFIGURATION_ERROR); + +err: + if (ret != 1) { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, + ENGINE_R_ENGINE_CONFIGURATION_ERROR); if (ecmd) ERR_asprintf_error_data - ("section=%s, name=%s, value=%s", + ("section=%s, name=%s, value=%s", ecmd->section, ecmd->name, ecmd->value); - } + } if (e) ENGINE_free(e); return ret; - } +} -static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) - { +static int +int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) +{ STACK_OF(CONF_VALUE) *elist; CONF_VALUE *cval; int i; + #ifdef ENGINE_CONF_DEBUG fprintf(stderr, "Called engine module: name %s, value %s\n", - CONF_imodule_get_name(md), CONF_imodule_get_value(md)); + CONF_imodule_get_name(md), CONF_imodule_get_value(md)); #endif /* Value is a section containing ENGINEs to configure */ elist = NCONF_get_section(cnf, CONF_imodule_get_value(md)); - if (!elist) - { - ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); + if (!elist) { + ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, + ENGINE_R_ENGINES_SECTION_ERROR); return 0; - } + } - for (i = 0; i < sk_CONF_VALUE_num(elist); i++) - { + for (i = 0; i < sk_CONF_VALUE_num(elist); i++) { cval = sk_CONF_VALUE_value(elist, i); if (!int_engine_configure(cval->name, cval->value, cnf)) return 0; - } + } return 1; - } +} -static void int_engine_module_finish(CONF_IMODULE *md) - { +static void +int_engine_module_finish(CONF_IMODULE *md) +{ ENGINE *e; + while ((e = sk_ENGINE_pop(initialized_engines))) ENGINE_finish(e); sk_ENGINE_free(initialized_engines); initialized_engines = NULL; - } - - -void ENGINE_add_conf_module(void) - { - CONF_module_add("engines", - int_engine_module_init, - int_engine_module_finish); - } +} + +void +ENGINE_add_conf_module(void) +{ + CONF_module_add("engines", int_engine_module_init, + int_engine_module_finish); +} diff --git a/src/lib/libcrypto/engine/eng_ctrl.c b/src/lib/libcrypto/engine/eng_ctrl.c index d5017e2329..67a724202b 100644 --- a/src/lib/libcrypto/engine/eng_ctrl.c +++ b/src/lib/libcrypto/engine/eng_ctrl.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -63,95 +63,92 @@ static const char *int_no_description = ""; * ENGINE in question has asked us to take care of it (ie. the ENGINE did not * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */ -static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn) - { - if((defn->cmd_num == 0) || (defn->cmd_name == NULL)) +static int +int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn) +{ + if ((defn->cmd_num == 0) || (defn->cmd_name == NULL)) return 1; return 0; - } +} -static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s) - { +static int +int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s) +{ int idx = 0; - while(!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0)) - { + while (!int_ctrl_cmd_is_null(defn) && + (strcmp(defn->cmd_name, s) != 0)) { idx++; defn++; - } - if(int_ctrl_cmd_is_null(defn)) + } + if (int_ctrl_cmd_is_null(defn)) /* The given name wasn't found */ return -1; return idx; - } +} -static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) - { +static int +int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) +{ int idx = 0; /* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So * our searches don't need to take any longer than necessary. */ - while(!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) - { + while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) { idx++; defn++; - } - if(defn->cmd_num == num) + } + if (defn->cmd_num == num) return idx; /* The given cmd_num wasn't found */ return -1; - } +} -static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, - void (*f)(void)) - { +static int +int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) +{ int idx; int ret; char *s = (char *)p; + /* Take care of the easy one first (eg. it requires no searches) */ - if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) - { - if((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns)) + if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) { + if ((e->cmd_defns == NULL) || + int_ctrl_cmd_is_null(e->cmd_defns)) return 0; return e->cmd_defns->cmd_num; - } + } /* One or two commands require that "p" be a valid string buffer */ - if((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) || - (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) || - (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) - { - if(s == NULL) - { + if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) || + (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) || + (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) { + if (s == NULL) { ENGINEerr(ENGINE_F_INT_CTRL_HELPER, - ERR_R_PASSED_NULL_PARAMETER); + ERR_R_PASSED_NULL_PARAMETER); return -1; - } } + } /* Now handle cmd_name -> cmd_num conversion */ - if(cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) - { - if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_name( - e->cmd_defns, s)) < 0)) - { + if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) { + if ((e->cmd_defns == NULL) || + ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) { ENGINEerr(ENGINE_F_INT_CTRL_HELPER, - ENGINE_R_INVALID_CMD_NAME); + ENGINE_R_INVALID_CMD_NAME); return -1; - } - return e->cmd_defns[idx].cmd_num; } + return e->cmd_defns[idx].cmd_num; + } /* For the rest of the commands, the 'long' argument must specify a * valie command number - so we need to conduct a search. */ - if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns, - (unsigned int)i)) < 0)) - { + if ((e->cmd_defns == NULL) || + ((idx = int_ctrl_cmd_by_num(e->cmd_defns, (unsigned int)i)) < 0)) { ENGINEerr(ENGINE_F_INT_CTRL_HELPER, - ENGINE_R_INVALID_CMD_NUMBER); + ENGINE_R_INVALID_CMD_NUMBER); return -1; - } + } /* Now the logic splits depending on command type */ - switch(cmd) - { + switch (cmd) { case ENGINE_CTRL_GET_NEXT_CMD_TYPE: idx++; - if(int_ctrl_cmd_is_null(e->cmd_defns + idx)) + if (int_ctrl_cmd_is_null(e->cmd_defns + idx)) /* end-of-list */ return 0; else @@ -159,17 +156,17 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: return strlen(e->cmd_defns[idx].cmd_name); case ENGINE_CTRL_GET_NAME_FROM_CMD: - ret = snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, + ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1, "%s", e->cmd_defns[idx].cmd_name); if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1)) ret = -1; return ret; case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: - if(e->cmd_defns[idx].cmd_desc) + if (e->cmd_defns[idx].cmd_desc) return strlen(e->cmd_defns[idx].cmd_desc); return strlen(int_no_description); case ENGINE_CTRL_GET_DESC_FROM_CMD: - if(e->cmd_defns[idx].cmd_desc) { + if (e->cmd_defns[idx].cmd_desc) { ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_desc) + 1, "%s", e->cmd_defns[idx].cmd_desc); @@ -177,40 +174,40 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, ret = -1; return ret; } - ret = snprintf(s, strlen(int_no_description) + 1,"%s", + ret = snprintf(s, strlen(int_no_description) + 1, "%s", int_no_description); if (ret >= strlen(int_no_description) + 1) ret = -1; return ret; case ENGINE_CTRL_GET_CMD_FLAGS: return e->cmd_defns[idx].cmd_flags; - } + } + /* Shouldn't really be here ... */ - ENGINEerr(ENGINE_F_INT_CTRL_HELPER,ENGINE_R_INTERNAL_LIST_ERROR); + ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INTERNAL_LIST_ERROR); return -1; - } +} -int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) - { +int +ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) +{ int ctrl_exists, ref_exists; - if(e == NULL) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER); + + if (e == NULL) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, ERR_R_PASSED_NULL_PARAMETER); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); ref_exists = ((e->struct_ref > 0) ? 1 : 0); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); ctrl_exists = ((e->ctrl == NULL) ? 0 : 1); - if(!ref_exists) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_REFERENCE); + if (!ref_exists) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_REFERENCE); return 0; - } + } /* Intercept any "root-level" commands before trying to hand them on to * ctrl() handlers. */ - switch(cmd) - { + switch (cmd) { case ENGINE_CTRL_HAS_CTRL_FUNCTION: return ctrl_exists; case ENGINE_CTRL_GET_FIRST_CMD_TYPE: @@ -221,180 +218,172 @@ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: case ENGINE_CTRL_GET_DESC_FROM_CMD: case ENGINE_CTRL_GET_CMD_FLAGS: - if(ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL)) - return int_ctrl_helper(e,cmd,i,p,f); - if(!ctrl_exists) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION); + if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL)) + return int_ctrl_helper(e, cmd, i, p, f); + if (!ctrl_exists) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, + ENGINE_R_NO_CONTROL_FUNCTION); /* For these cmd-related functions, failure is indicated * by a -1 return value (because 0 is used as a valid * return in some places). */ return -1; - } + } default: break; - } + } /* Anything else requires a ctrl() handler to exist. */ - if(!ctrl_exists) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION); + if (!ctrl_exists) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION); return 0; - } - return e->ctrl(e, cmd, i, p, f); } + return e->ctrl(e, cmd, i, p, f); +} -int ENGINE_cmd_is_executable(ENGINE *e, int cmd) - { +int +ENGINE_cmd_is_executable(ENGINE *e, int cmd) +{ int flags; - if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0) - { + + if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, + NULL, NULL)) < 0) { ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE, - ENGINE_R_INVALID_CMD_NUMBER); + ENGINE_R_INVALID_CMD_NUMBER); return 0; - } - if(!(flags & ENGINE_CMD_FLAG_NO_INPUT) && - !(flags & ENGINE_CMD_FLAG_NUMERIC) && - !(flags & ENGINE_CMD_FLAG_STRING)) + } + if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) && + !(flags & ENGINE_CMD_FLAG_NUMERIC) && + !(flags & ENGINE_CMD_FLAG_STRING)) return 0; return 1; - } +} -int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, - long i, void *p, void (*f)(void), int cmd_optional) - { +int +ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, long i, void *p, + void (*f)(void), int cmd_optional) +{ int num; - if((e == NULL) || (cmd_name == NULL)) - { + if ((e == NULL) || (cmd_name == NULL)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, - ERR_R_PASSED_NULL_PARAMETER); + ERR_R_PASSED_NULL_PARAMETER); return 0; - } - if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e, - ENGINE_CTRL_GET_CMD_FROM_NAME, - 0, (void *)cmd_name, NULL)) <= 0)) - { + } + if ((e->ctrl == NULL) || + ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, + 0, (void *)cmd_name, NULL)) <= 0)) { /* If the command didn't *have* to be supported, we fake * success. This allows certain settings to be specified for * multiple ENGINEs and only require a change of ENGINE id * (without having to selectively apply settings). Eg. changing * from a hardware device back to the regular software ENGINE * without editing the config file, etc. */ - if(cmd_optional) - { + if (cmd_optional) { ERR_clear_error(); return 1; - } - ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, - ENGINE_R_INVALID_CMD_NAME); - return 0; } + ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ENGINE_R_INVALID_CMD_NAME); + return 0; + } + /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if (ENGINE_ctrl(e, num, i, p, f) > 0) - return 1; - return 0; - } + if (ENGINE_ctrl(e, num, i, p, f) > 0) + return 1; -int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, - int cmd_optional) - { + return 0; +} + +int +ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, + int cmd_optional) +{ int num, flags; long l; char *ptr; - if((e == NULL) || (cmd_name == NULL)) - { + + if ((e == NULL) || (cmd_name == NULL)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ERR_R_PASSED_NULL_PARAMETER); + ERR_R_PASSED_NULL_PARAMETER); return 0; - } - if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e, - ENGINE_CTRL_GET_CMD_FROM_NAME, - 0, (void *)cmd_name, NULL)) <= 0)) - { + } + if ((e->ctrl == NULL) || + ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0, + (void *)cmd_name, NULL)) <= 0)) { /* If the command didn't *have* to be supported, we fake * success. This allows certain settings to be specified for * multiple ENGINEs and only require a change of ENGINE id * (without having to selectively apply settings). Eg. changing * from a hardware device back to the regular software ENGINE * without editing the config file, etc. */ - if(cmd_optional) - { + if (cmd_optional) { ERR_clear_error(); return 1; - } + } ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_INVALID_CMD_NAME); + ENGINE_R_INVALID_CMD_NAME); return 0; - } - if(!ENGINE_cmd_is_executable(e, num)) - { + } + if (!ENGINE_cmd_is_executable(e, num)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_CMD_NOT_EXECUTABLE); + ENGINE_R_CMD_NOT_EXECUTABLE); return 0; - } - if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0) - { + } + if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, + NULL, NULL)) < 0) { /* Shouldn't happen, given that ENGINE_cmd_is_executable() * returned success. */ ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_INTERNAL_LIST_ERROR); + ENGINE_R_INTERNAL_LIST_ERROR); return 0; - } + } /* If the command takes no input, there must be no input. And vice * versa. */ - if(flags & ENGINE_CMD_FLAG_NO_INPUT) - { - if(arg != NULL) - { + if (flags & ENGINE_CMD_FLAG_NO_INPUT) { + if (arg != NULL) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_COMMAND_TAKES_NO_INPUT); + ENGINE_R_COMMAND_TAKES_NO_INPUT); return 0; - } + } /* We deliberately force the result of ENGINE_ctrl() to 0 or 1 * rather than returning it as "return data". This is to ensure * usage of these commands is consistent across applications and * that certain applications don't understand it one way, and * others another. */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) + if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; - } + } /* So, we require input */ - if(arg == NULL) - { + if (arg == NULL) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_COMMAND_TAKES_INPUT); + ENGINE_R_COMMAND_TAKES_INPUT); return 0; - } + } /* If it takes string input, that's easy */ - if(flags & ENGINE_CMD_FLAG_STRING) - { + if (flags & ENGINE_CMD_FLAG_STRING) { /* Same explanation as above */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) + if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; - } + } /* If it doesn't take numeric either, then it is unsupported for use in * a config-setting situation, which is what this function is for. This * should never happen though, because ENGINE_cmd_is_executable() was * used. */ - if(!(flags & ENGINE_CMD_FLAG_NUMERIC)) - { + if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_INTERNAL_LIST_ERROR); + ENGINE_R_INTERNAL_LIST_ERROR); return 0; - } + } l = strtol(arg, &ptr, 10); - if((arg == ptr) || (*ptr != '\0')) - { + if ((arg == ptr) || (*ptr != '\0')) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER); + ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER); return 0; - } + } /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0) + if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0) return 1; return 0; - } +} diff --git a/src/lib/libcrypto/engine/eng_dyn.c b/src/lib/libcrypto/engine/eng_dyn.c index e2de4603ee..0abb390b53 100644 --- a/src/lib/libcrypto/engine/eng_dyn.c +++ b/src/lib/libcrypto/engine/eng_dyn.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -84,45 +84,52 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx); static const char *engine_dynamic_id = "dynamic"; static const char *engine_dynamic_name = "Dynamic engine loading support"; static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = { - {DYNAMIC_CMD_SO_PATH, + { + DYNAMIC_CMD_SO_PATH, "SO_PATH", "Specifies the path to the new ENGINE shared library", ENGINE_CMD_FLAG_STRING}, - {DYNAMIC_CMD_NO_VCHECK, + { + DYNAMIC_CMD_NO_VCHECK, "NO_VCHECK", "Specifies to continue even if version checking fails (boolean)", ENGINE_CMD_FLAG_NUMERIC}, - {DYNAMIC_CMD_ID, + { + DYNAMIC_CMD_ID, "ID", "Specifies an ENGINE id name for loading", ENGINE_CMD_FLAG_STRING}, - {DYNAMIC_CMD_LIST_ADD, + { + DYNAMIC_CMD_LIST_ADD, "LIST_ADD", "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)", ENGINE_CMD_FLAG_NUMERIC}, - {DYNAMIC_CMD_DIR_LOAD, + { + DYNAMIC_CMD_DIR_LOAD, "DIR_LOAD", "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)", ENGINE_CMD_FLAG_NUMERIC}, - {DYNAMIC_CMD_DIR_ADD, + { + DYNAMIC_CMD_DIR_ADD, "DIR_ADD", "Adds a directory from which ENGINEs can be loaded", ENGINE_CMD_FLAG_STRING}, - {DYNAMIC_CMD_LOAD, + { + DYNAMIC_CMD_LOAD, "LOAD", "Load up the ENGINE specified by other settings", ENGINE_CMD_FLAG_NO_INPUT}, + {0, NULL, NULL, 0} - }; +}; static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = { {0, NULL, NULL, 0} - }; +}; /* Loading code stores state inside the ENGINE structure via the "ex_data" * element. We load all our state into a single structure and use that as a * single context in the "ex_data" stack. */ -struct st_dynamic_data_ctx - { +struct st_dynamic_data_ctx { /* The DSO object we load that supplies the ENGINE code */ DSO *dynamic_dso; /* The function pointer to the version checking shared library function */ @@ -147,13 +154,18 @@ struct st_dynamic_data_ctx int dir_load; /* A stack of directories from which ENGINEs could be loaded */ STACK_OF(OPENSSL_STRING) *dirs; - }; +}; /* This is the "ex_data" index we obtain and reserve for use with our context * structure. */ static int dynamic_ex_data_idx = -1; -static void int_free_str(char *s) { free(s); } +static void +int_free_str(char *s) +{ + free(s); +} + /* Because our ex_data element may or may not get allocated depending on whether * a "first-use" occurs before the ENGINE is freed, we have a memory leak * problem to solve. We can't declare a "new" handler for the ex_data as we @@ -161,35 +173,36 @@ static void int_free_str(char *s) { free(s); } * is a bug in the design of CRYPTO_EX_DATA). As such, we just declare a "free" * handler and that will get called if an ENGINE is being destroyed and there * was an ex_data element corresponding to our context type. */ -static void dynamic_data_ctx_free_func(void *parent, void *ptr, - CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) - { - if(ptr) - { +static void +dynamic_data_ctx_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp) +{ + if (ptr) { dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr; - if(ctx->dynamic_dso) + if (ctx->dynamic_dso) DSO_free(ctx->dynamic_dso); free((void *)ctx->DYNAMIC_LIBNAME); free((void *)ctx->engine_id); - if(ctx->dirs) + if (ctx->dirs) sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str); free(ctx); - } } +} /* Construct the per-ENGINE context. We create it blindly and then use a lock to * check for a race - if so, all but one of the threads "racing" will have * wasted their time. The alternative involves creating everything inside the * lock which is far worse. */ -static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) - { +static int +dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) +{ dynamic_data_ctx *c; + c = malloc(sizeof(dynamic_data_ctx)); - if(!c) - { - ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); + if (!c) { + ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); return 0; - } + } memset(c, 0, sizeof(dynamic_data_ctx)); c->dynamic_dso = NULL; c->v_check = NULL; @@ -202,89 +215,92 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) c->DYNAMIC_F2 = "bind_engine"; c->dir_load = 1; c->dirs = sk_OPENSSL_STRING_new_null(); - if(!c->dirs) - { - ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); + if (!c->dirs) { + ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); free(c); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, - dynamic_ex_data_idx)) == NULL) - { + if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, + dynamic_ex_data_idx)) == NULL) { /* Good, we're the first */ ENGINE_set_ex_data(e, dynamic_ex_data_idx, c); *ctx = c; c = NULL; - } + } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* If we lost the race to set the context, c is non-NULL and *ctx is the * context of the thread that won. */ free(c); return 1; - } +} /* This function retrieves the context structure from an ENGINE's "ex_data", or * if it doesn't exist yet, sets it up. */ -static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e) - { +static dynamic_data_ctx * +dynamic_get_data_ctx(ENGINE *e) +{ dynamic_data_ctx *ctx; - if(dynamic_ex_data_idx < 0) - { + if (dynamic_ex_data_idx < 0) { /* Create and register the ENGINE ex_data, and associate our * "free" function with it to ensure any allocated contexts get * freed when an ENGINE goes underground. */ int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, - dynamic_data_ctx_free_func); - if(new_idx == -1) - { - ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX,ENGINE_R_NO_INDEX); + dynamic_data_ctx_free_func); + if (new_idx == -1) { + ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX, + ENGINE_R_NO_INDEX); return NULL; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); /* Avoid a race by checking again inside this lock */ - if(dynamic_ex_data_idx < 0) - { + if (dynamic_ex_data_idx < 0) { /* Good, someone didn't beat us to it */ dynamic_ex_data_idx = new_idx; new_idx = -1; - } + } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* In theory we could "give back" the index here if * (new_idx>-1), but it's not possible and wouldn't gain us much * if it were. */ - } + } ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx); /* Check if the context needs to be created */ - if((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx)) + if ((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx)) /* "set_data" will set errors if necessary */ return NULL; return ctx; - } +} -static ENGINE *engine_dynamic(void) - { +static ENGINE * +engine_dynamic(void) +{ ENGINE *ret = ENGINE_new(); - if(!ret) + + if (!ret) return NULL; - if(!ENGINE_set_id(ret, engine_dynamic_id) || - !ENGINE_set_name(ret, engine_dynamic_name) || - !ENGINE_set_init_function(ret, dynamic_init) || - !ENGINE_set_finish_function(ret, dynamic_finish) || - !ENGINE_set_ctrl_function(ret, dynamic_ctrl) || - !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) || - !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) - { + + if (!ENGINE_set_id(ret, engine_dynamic_id) || + !ENGINE_set_name(ret, engine_dynamic_name) || + !ENGINE_set_init_function(ret, dynamic_init) || + !ENGINE_set_finish_function(ret, dynamic_finish) || + !ENGINE_set_ctrl_function(ret, dynamic_ctrl) || + !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) || + !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) { ENGINE_free(ret); return NULL; - } - return ret; } + return ret; +} -void ENGINE_load_dynamic(void) - { +void +ENGINE_load_dynamic(void) +{ ENGINE *toadd = engine_dynamic(); - if(!toadd) return; + + if (!toadd) + return; + ENGINE_add(toadd); /* If the "add" worked, it gets a structural reference. So either way, * we release our just-created reference. */ @@ -293,48 +309,47 @@ void ENGINE_load_dynamic(void) * already added (eg. someone calling ENGINE_load_blah then calling * ENGINE_load_builtin_engines() perhaps). */ ERR_clear_error(); - } +} -static int dynamic_init(ENGINE *e) - { +static int +dynamic_init(ENGINE *e) +{ /* We always return failure - the "dyanamic" engine itself can't be used * for anything. */ return 0; - } +} -static int dynamic_finish(ENGINE *e) - { +static int +dynamic_finish(ENGINE *e) +{ /* This should never be called on account of "dynamic_init" always * failing. */ return 0; - } +} -static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) - { +static int +dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) +{ dynamic_data_ctx *ctx = dynamic_get_data_ctx(e); int initialised; - - if(!ctx) - { - ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_NOT_LOADED); + + if (!ctx) { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_NOT_LOADED); return 0; - } + } initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1); /* All our control commands require the ENGINE to be uninitialised */ - if(initialised) - { - ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_ALREADY_LOADED); + if (initialised) { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_ALREADY_LOADED); return 0; - } - switch(cmd) - { + } + switch (cmd) { case DYNAMIC_CMD_SO_PATH: /* a NULL 'p' or a string of zero-length is the same thing */ - if(p && (strlen((const char *)p) < 1)) + if (p && (strlen((const char *)p) < 1)) p = NULL; free((void *)ctx->DYNAMIC_LIBNAME); - if(p) + if (p) ctx->DYNAMIC_LIBNAME = BUF_strdup(p); else ctx->DYNAMIC_LIBNAME = NULL; @@ -344,145 +359,138 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) return 1; case DYNAMIC_CMD_ID: /* a NULL 'p' or a string of zero-length is the same thing */ - if(p && (strlen((const char *)p) < 1)) + if (p && (strlen((const char *)p) < 1)) p = NULL; free((void *)ctx->engine_id); - if(p) + if (p) ctx->engine_id = BUF_strdup(p); else ctx->engine_id = NULL; return (ctx->engine_id ? 1 : 0); case DYNAMIC_CMD_LIST_ADD: - if((i < 0) || (i > 2)) - { + if ((i < 0) || (i > 2)) { ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_INVALID_ARGUMENT); + ENGINE_R_INVALID_ARGUMENT); return 0; - } + } ctx->list_add_value = (int)i; return 1; case DYNAMIC_CMD_LOAD: return dynamic_load(e, ctx); case DYNAMIC_CMD_DIR_LOAD: - if((i < 0) || (i > 2)) - { + if ((i < 0) || (i > 2)) { ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_INVALID_ARGUMENT); + ENGINE_R_INVALID_ARGUMENT); return 0; - } + } ctx->dir_load = (int)i; return 1; case DYNAMIC_CMD_DIR_ADD: /* a NULL 'p' or a string of zero-length is the same thing */ - if(!p || (strlen((const char *)p) < 1)) - { + if (!p || (strlen((const char *)p) < 1)) { ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_INVALID_ARGUMENT); + ENGINE_R_INVALID_ARGUMENT); return 0; - } + } { - char *tmp_str = BUF_strdup(p); - if(!tmp_str) - { - ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ERR_R_MALLOC_FAILURE); - return 0; + char *tmp_str = BUF_strdup(p); + if (!tmp_str) { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, + ERR_R_MALLOC_FAILURE); + return 0; } - sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1); + sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1); } return 1; default: break; - } - ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; } + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); + return 0; +} -static int int_load(dynamic_data_ctx *ctx) - { +static int +int_load(dynamic_data_ctx *ctx) +{ int num, loop; + /* Unless told not to, try a direct load */ - if((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso, - ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) + if ((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso, + ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) return 1; /* If we're not allowed to use 'dirs' or we have none, fail */ - if(!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1) + if (!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1) return 0; - for(loop = 0; loop < num; loop++) - { + for (loop = 0; loop < num; loop++) { const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop); - char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); - if(!merge) + char *merge = DSO_merge(ctx->dynamic_dso, + ctx->DYNAMIC_LIBNAME, s); + if (!merge) return 0; - if(DSO_load(ctx->dynamic_dso, merge, NULL, 0)) - { + if (DSO_load(ctx->dynamic_dso, merge, NULL, 0)) { /* Found what we're looking for */ free(merge); return 1; - } - free(merge); } - return 0; + free(merge); } + return 0; +} -static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) - { +static int +dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) +{ ENGINE cpy; dynamic_fns fns; - if(!ctx->dynamic_dso) + if (!ctx->dynamic_dso) ctx->dynamic_dso = DSO_new(); - if(!ctx->DYNAMIC_LIBNAME) - { - if(!ctx->engine_id) + if (!ctx->DYNAMIC_LIBNAME) { + if (!ctx->engine_id) return 0; - ctx->DYNAMIC_LIBNAME = - DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id); - } - if(!int_load(ctx)) - { + ctx->DYNAMIC_LIBNAME = DSO_convert_filename(ctx->dynamic_dso, + ctx->engine_id); + } + if (!int_load(ctx)) { ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_DSO_NOT_FOUND); + ENGINE_R_DSO_NOT_FOUND); DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; return 0; - } + } /* We have to find a bind function otherwise it'll always end badly */ - if(!(ctx->bind_engine = (dynamic_bind_engine)DSO_bind_func( - ctx->dynamic_dso, ctx->DYNAMIC_F2))) - { + if (!(ctx->bind_engine = (dynamic_bind_engine)DSO_bind_func( + ctx->dynamic_dso, ctx->DYNAMIC_F2))) { ctx->bind_engine = NULL; DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_DSO_FAILURE); + ENGINE_R_DSO_FAILURE); return 0; - } + } /* Do we perform version checking? */ - if(!ctx->no_vcheck) - { + if (!ctx->no_vcheck) { unsigned long vcheck_res = 0; /* Now we try to find a version checking function and decide how * to cope with failure if/when it fails. */ ctx->v_check = (dynamic_v_check_fn)DSO_bind_func( - ctx->dynamic_dso, ctx->DYNAMIC_F1); - if(ctx->v_check) + ctx->dynamic_dso, ctx->DYNAMIC_F1); + if (ctx->v_check) vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION); /* We fail if the version checker veto'd the load *or* if it is * deferring to us (by returning its version) and we think it is * too old. */ - if(vcheck_res < OSSL_DYNAMIC_OLDEST) - { + if (vcheck_res < OSSL_DYNAMIC_OLDEST) { /* Fail */ ctx->bind_engine = NULL; ctx->v_check = NULL; DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_VERSION_INCOMPATIBILITY); + ENGINE_R_VERSION_INCOMPATIBILITY); return 0; - } } + } /* First binary copy the ENGINE structure so that we can roll back if * the hand-over fails */ memcpy(&cpy, e, sizeof(ENGINE)); @@ -495,8 +503,8 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) fns.err_fns = ERR_get_implementation(); fns.ex_data_fns = CRYPTO_get_ex_data_implementation(); CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb, - &fns.mem_fns.realloc_cb, - &fns.mem_fns.free_cb); + &fns.mem_fns.realloc_cb, + &fns.mem_fns.free_cb); fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback(); fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback(); fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback(); @@ -507,37 +515,33 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) engine_set_all_null(e); /* Try to bind the ENGINE onto our own ENGINE structure */ - if(!ctx->bind_engine(e, ctx->engine_id, &fns)) - { + if (!ctx->bind_engine(e, ctx->engine_id, &fns)) { ctx->bind_engine = NULL; ctx->v_check = NULL; DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; - ENGINEerr(ENGINE_F_DYNAMIC_LOAD,ENGINE_R_INIT_FAILED); + ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_INIT_FAILED); /* Copy the original ENGINE structure back */ memcpy(e, &cpy, sizeof(ENGINE)); return 0; - } + } /* Do we try to add this ENGINE to the internal list too? */ - if(ctx->list_add_value > 0) - { - if(!ENGINE_add(e)) - { + if (ctx->list_add_value > 0) { + if (!ENGINE_add(e)) { /* Do we tolerate this or fail? */ - if(ctx->list_add_value > 1) - { + if (ctx->list_add_value > 1) { /* Fail - NB: By this time, it's too late to * rollback, and trying to do so allows the * bind_engine() code to have created leaks. We * just have to fail where we are, after the * ENGINE has changed. */ ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_CONFLICTING_ENGINE_ID); + ENGINE_R_CONFLICTING_ENGINE_ID); return 0; - } + } /* Tolerate */ ERR_clear_error(); - } } - return 1; } + return 1; +} diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c index 81c70acfa8..baf2b3d92d 100644 --- a/src/lib/libcrypto/engine/eng_err.c +++ b/src/lib/libcrypto/engine/eng_err.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -68,106 +68,103 @@ #define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason) -static ERR_STRING_DATA ENGINE_str_functs[]= - { -{ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, -{ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, -{ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, -{ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"}, -{ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, -{ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, -{ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, -{ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"}, -{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, -{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, -{ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, -{ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH), "ENGINE_get_pkey_asn1_meth"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, -{ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, -{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, -{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, -{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, -{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, -{ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT), "ENGINE_load_ssl_client_cert"}, -{ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, -{ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, -{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, -{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, -{ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"}, -{ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, -{ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, -{ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, -{ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"}, -{ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, -{0,NULL} - }; +static ERR_STRING_DATA ENGINE_str_functs[]= { + {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, + {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, + {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, + {ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"}, + {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, + {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, + {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, + {ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"}, + {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, + {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, + {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, + {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH), "ENGINE_get_pkey_asn1_meth"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, + {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, + {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, + {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, + {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, + {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, + {ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT), "ENGINE_load_ssl_client_cert"}, + {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, + {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, + {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, + {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, + {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"}, + {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, + {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, + {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, + {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"}, + {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, + {0, NULL} +}; -static ERR_STRING_DATA ENGINE_str_reasons[]= - { -{ERR_REASON(ENGINE_R_ALREADY_LOADED) ,"already loaded"}, -{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),"argument is not a number"}, -{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) ,"cmd not executable"}, -{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT),"command takes input"}, -{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT),"command takes no input"}, -{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID),"conflicting engine id"}, -{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"}, -{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) ,"dh not implemented"}, -{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED),"dsa not implemented"}, -{ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"}, -{ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"}, -{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"}, -{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),"engine configuration error"}, -{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"}, -{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"}, -{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"}, -{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"}, -{ERR_REASON(ENGINE_R_FINISH_FAILED) ,"finish failed"}, -{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) ,"could not obtain hardware handle"}, -{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) ,"'id' or 'name' missing"}, -{ERR_REASON(ENGINE_R_INIT_FAILED) ,"init failed"}, -{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR),"internal list error"}, -{ERR_REASON(ENGINE_R_INVALID_ARGUMENT) ,"invalid argument"}, -{ERR_REASON(ENGINE_R_INVALID_CMD_NAME) ,"invalid cmd name"}, -{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) ,"invalid cmd number"}, -{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) ,"invalid init value"}, -{ERR_REASON(ENGINE_R_INVALID_STRING) ,"invalid string"}, -{ERR_REASON(ENGINE_R_NOT_INITIALISED) ,"not initialised"}, -{ERR_REASON(ENGINE_R_NOT_LOADED) ,"not loaded"}, -{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION),"no control function"}, -{ERR_REASON(ENGINE_R_NO_INDEX) ,"no index"}, -{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) ,"no load function"}, -{ERR_REASON(ENGINE_R_NO_REFERENCE) ,"no reference"}, -{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) ,"no such engine"}, -{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) ,"no unload function"}, -{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) ,"provide parameters"}, -{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"}, -{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"}, -{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"}, -{ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),"unimplemented public key method"}, -{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"}, -{0,NULL} - }; +static ERR_STRING_DATA ENGINE_str_reasons[]= { + {ERR_REASON(ENGINE_R_ALREADY_LOADED) , "already loaded"}, + {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER), "argument is not a number"}, + {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) , "cmd not executable"}, + {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"}, + {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"}, + {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"}, + {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED), "ctrl command not implemented"}, + {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) , "dh not implemented"}, + {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"}, + {ERR_REASON(ENGINE_R_DSO_FAILURE) , "DSO failure"}, + {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) , "dso not found"}, + {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"}, + {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR), "engine configuration error"}, + {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"}, + {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"}, + {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY), "failed loading private key"}, + {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY), "failed loading public key"}, + {ERR_REASON(ENGINE_R_FINISH_FAILED) , "finish failed"}, + {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) , "could not obtain hardware handle"}, + {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) , "'id' or 'name' missing"}, + {ERR_REASON(ENGINE_R_INIT_FAILED) , "init failed"}, + {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"}, + {ERR_REASON(ENGINE_R_INVALID_ARGUMENT) , "invalid argument"}, + {ERR_REASON(ENGINE_R_INVALID_CMD_NAME) , "invalid cmd name"}, + {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) , "invalid cmd number"}, + {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) , "invalid init value"}, + {ERR_REASON(ENGINE_R_INVALID_STRING) , "invalid string"}, + {ERR_REASON(ENGINE_R_NOT_INITIALISED) , "not initialised"}, + {ERR_REASON(ENGINE_R_NOT_LOADED) , "not loaded"}, + {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"}, + {ERR_REASON(ENGINE_R_NO_INDEX) , "no index"}, + {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) , "no load function"}, + {ERR_REASON(ENGINE_R_NO_REFERENCE) , "no reference"}, + {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) , "no such engine"}, + {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) , "no unload function"}, + {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) , "provide parameters"}, + {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"}, + {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"}, + {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"}, + {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD), "unimplemented public key method"}, + {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"}, + {0, NULL} +}; #endif -void ERR_load_ENGINE_strings(void) - { +void +ERR_load_ENGINE_strings(void) +{ #ifndef OPENSSL_NO_ERR - - if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) - { - ERR_load_strings(0,ENGINE_str_functs); - ERR_load_strings(0,ENGINE_str_reasons); - } -#endif + if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) { + ERR_load_strings(0, ENGINE_str_functs); + ERR_load_strings(0, ENGINE_str_reasons); } +#endif +} diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c index e01067566e..f5ad01b80e 100644 --- a/src/lib/libcrypto/engine/eng_fat.c +++ b/src/lib/libcrypto/engine/eng_fat.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -54,55 +54,58 @@ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by + * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ #include "eng_int.h" #include -int ENGINE_set_default(ENGINE *e, unsigned int flags) - { - if((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e)) +int +ENGINE_set_default(ENGINE *e, unsigned int flags) +{ + if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e)) return 0; - if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) + if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) return 0; #ifndef OPENSSL_NO_RSA - if((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) + if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) return 0; #endif #ifndef OPENSSL_NO_DSA - if((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) + if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) return 0; #endif #ifndef OPENSSL_NO_DH - if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) + if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) return 0; #endif #ifndef OPENSSL_NO_ECDH - if((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) + if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) return 0; #endif #ifndef OPENSSL_NO_ECDSA - if((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) + if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) return 0; #endif - if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) + if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) return 0; - if((flags & ENGINE_METHOD_PKEY_METHS) - && !ENGINE_set_default_pkey_meths(e)) + if ((flags & ENGINE_METHOD_PKEY_METHS) && + !ENGINE_set_default_pkey_meths(e)) return 0; - if((flags & ENGINE_METHOD_PKEY_ASN1_METHS) - && !ENGINE_set_default_pkey_asn1_meths(e)) + if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS) && + !ENGINE_set_default_pkey_asn1_meths(e)) return 0; return 1; - } +} /* Set default algorithms using a string */ -static int int_def_cb(const char *alg, int len, void *arg) - { +static int +int_def_cb(const char *alg, int len, void *arg) +{ unsigned int *pflags = arg; + if (!strncmp(alg, "ALL", len)) *pflags |= ENGINE_METHOD_ALL; else if (!strncmp(alg, "RSA", len)) @@ -123,7 +126,7 @@ static int int_def_cb(const char *alg, int len, void *arg) *pflags |= ENGINE_METHOD_DIGESTS; else if (!strncmp(alg, "PKEY", len)) *pflags |= - ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS; + ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS; else if (!strncmp(alg, "PKEY_CRYPTO", len)) *pflags |= ENGINE_METHOD_PKEY_METHS; else if (!strncmp(alg, "PKEY_ASN1", len)) @@ -131,24 +134,25 @@ static int int_def_cb(const char *alg, int len, void *arg) else return 0; return 1; - } +} - -int ENGINE_set_default_string(ENGINE *e, const char *def_list) - { +int +ENGINE_set_default_string(ENGINE *e, const char *def_list) +{ unsigned int flags = 0; - if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) - { + + if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) { ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING, - ENGINE_R_INVALID_STRING); + ENGINE_R_INVALID_STRING); ERR_asprintf_error_data("str=%s",def_list); return 0; - } - return ENGINE_set_default(e, flags); } + return ENGINE_set_default(e, flags); +} -int ENGINE_register_complete(ENGINE *e) - { +int +ENGINE_register_complete(ENGINE *e) +{ ENGINE_register_ciphers(e); ENGINE_register_digests(e); #ifndef OPENSSL_NO_RSA @@ -169,14 +173,15 @@ int ENGINE_register_complete(ENGINE *e) ENGINE_register_RAND(e); ENGINE_register_pkey_meths(e); return 1; - } +} -int ENGINE_register_all_complete(void) - { +int +ENGINE_register_all_complete(void) +{ ENGINE *e; - for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e)) + for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL)) ENGINE_register_complete(e); return 1; - } +} diff --git a/src/lib/libcrypto/engine/eng_init.c b/src/lib/libcrypto/engine/eng_init.c index 870c456668..540f8957ca 100644 --- a/src/lib/libcrypto/engine/eng_init.c +++ b/src/lib/libcrypto/engine/eng_init.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -57,30 +57,31 @@ /* Initialise a engine type for use (or up its functional reference count * if it's already in use). This version is only used internally. */ -int engine_unlocked_init(ENGINE *e) - { +int +engine_unlocked_init(ENGINE *e) +{ int to_return = 1; - if((e->funct_ref == 0) && e->init) + if ((e->funct_ref == 0) && e->init) /* This is the first functional reference and the engine * requires initialisation so we do it now. */ to_return = e->init(e); - if(to_return) - { + if (to_return) { /* OK, we return a functional reference which is also a * structural reference. */ e->struct_ref++; e->funct_ref++; engine_ref_debug(e, 0, 1) engine_ref_debug(e, 1, 1) - } - return to_return; } + return to_return; +} /* Free a functional reference to a engine type. This version is only used * internally. */ -int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) - { +int +engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) +{ int to_return = 1; /* Reduce the functional reference count here so if it's the terminating @@ -91,58 +92,57 @@ int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) * 2 to 0 without either calling finish(). */ e->funct_ref--; engine_ref_debug(e, 1, -1); - if((e->funct_ref == 0) && e->finish) - { - if(unlock_for_handlers) + if ((e->funct_ref == 0) && e->finish) { + if (unlock_for_handlers) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); to_return = e->finish(e); - if(unlock_for_handlers) + if (unlock_for_handlers) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if(!to_return) + if (!to_return) return 0; - } + } /* Release the structural reference too */ - if(!engine_free_util(e, 0)) - { - ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH,ENGINE_R_FINISH_FAILED); + if (!engine_free_util(e, 0)) { + ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH, + ENGINE_R_FINISH_FAILED); return 0; - } - return to_return; } + return to_return; +} /* The API (locked) version of "init" */ -int ENGINE_init(ENGINE *e) - { +int +ENGINE_init(ENGINE *e) +{ int ret; - if(e == NULL) - { - ENGINEerr(ENGINE_F_ENGINE_INIT,ERR_R_PASSED_NULL_PARAMETER); + + if (e == NULL) { + ENGINEerr(ENGINE_F_ENGINE_INIT, ERR_R_PASSED_NULL_PARAMETER); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); ret = engine_unlocked_init(e); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); return ret; - } +} /* The API (locked) version of "finish" */ -int ENGINE_finish(ENGINE *e) - { +int +ENGINE_finish(ENGINE *e) +{ int to_return = 1; - if(e == NULL) - { - ENGINEerr(ENGINE_F_ENGINE_FINISH,ERR_R_PASSED_NULL_PARAMETER); + if (e == NULL) { + ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); to_return = engine_unlocked_finish(e, 1); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - if(!to_return) - { - ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED); + if (!to_return) { + ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED); return 0; - } - return to_return; } + return to_return; +} diff --git a/src/lib/libssl/src/crypto/engine/eng_aesni.c b/src/lib/libssl/src/crypto/engine/eng_aesni.c index d547d7f465..b1eade2d63 100644 --- a/src/lib/libssl/src/crypto/engine/eng_aesni.c +++ b/src/lib/libssl/src/crypto/engine/eng_aesni.c @@ -102,7 +102,8 @@ void ENGINE_load_aesni (void) /* On non-x86 CPUs it just returns. */ #ifdef COMPILE_HW_AESNI ENGINE *toadd = ENGINE_aesni(); - if (!toadd) return; + if (!toadd) + return; ENGINE_add (toadd); ENGINE_register_complete (toadd); ENGINE_free (toadd); @@ -112,32 +113,26 @@ void ENGINE_load_aesni (void) #ifdef COMPILE_HW_AESNI int aesni_set_encrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); + AES_KEY *key); int aesni_set_decrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); + AES_KEY *key); void aesni_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); + const AES_KEY *key); void aesni_decrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -void aesni_ecb_encrypt(const unsigned char *in, - unsigned char *out, - size_t length, - const AES_KEY *key, - int enc); -void aesni_cbc_encrypt(const unsigned char *in, - unsigned char *out, - size_t length, - const AES_KEY *key, - unsigned char *ivec, int enc); + const AES_KEY *key); + +void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const AES_KEY *key, int enc); +void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const AES_KEY *key, unsigned char *ivec, int enc); /* Function for ENGINE detection and control */ static int aesni_init(ENGINE *e); /* Cipher Stuff */ static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); + const int **nids, int nid); #define AESNI_MIN_ALIGN 16 #define AESNI_ALIGN(x) \ @@ -145,143 +140,146 @@ static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, /* Engine names */ static const char aesni_id[] = "aesni", - aesni_name[] = "Intel AES-NI engine", - no_aesni_name[] = "Intel AES-NI engine (no-aesni)"; + aesni_name[] = "Intel AES-NI engine", + no_aesni_name[] = "Intel AES-NI engine (no-aesni)"; /* The input and output encrypted as though 128bit cfb mode is being * used. The extra state information to record how much of the * 128bit block we have used is contained in *num; */ -static void aesni_cfb128_encrypt(const unsigned char *in, unsigned char *out, - unsigned int len, const void *key, - unsigned char ivec[16], int *num, - int enc) +static void +aesni_cfb128_encrypt(const unsigned char *in, unsigned char *out, + unsigned int len, const void *key, unsigned char ivec[16], int *num, + int enc) { - unsigned int n; - size_t l = 0; + unsigned int n; + size_t l = 0; - assert(in && out && key && ivec && num); + assert(in && out && key && ivec && num); - n = *num; + n = *num; - if (enc) { + if (enc) { #if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16%sizeof(size_t) == 0) do { /* always true actually */ - while (n && len) { - *(out++) = ivec[n] ^= *(in++); - --len; - n = (n+1) % 16; - } - while (len>=16) { - aesni_encrypt(ivec, ivec, key); - for (n=0; n<16; n+=sizeof(size_t)) { - *(size_t*)(out+n) = - *(size_t*)(ivec+n) ^= *(size_t*)(in+n); + if (16%sizeof(size_t) == 0) do { /* always true actually */ + while (n && len) { + *(out++) = ivec[n] ^= *(in++); + --len; + n = (n + 1) % 16; } - len -= 16; - out += 16; - in += 16; - } - n = 0; - if (len) { - aesni_encrypt(ivec, ivec, key); - while (len--) { - out[n] = ivec[n] ^= in[n]; - ++n; + while (len >= 16) { + aesni_encrypt(ivec, ivec, key); + for (n = 0; n < 16; n += sizeof(size_t)) { + *(size_t*)(out + n) = + *(size_t*)(ivec + n) ^= *(size_t*)(in + n); + } + len -= 16; + out += 16; + in += 16; } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ + n = 0; + if (len) { + aesni_encrypt(ivec, ivec, key); + while (len--) { + out[n] = ivec[n] ^= in[n]; + ++n; + } + } + *num = n; + return; + } while (0); + /* the rest would be commonly eliminated by x86* compiler */ #endif - while (l=16) { - aesni_encrypt(ivec, ivec, key); - for (n=0; n<16; n+=sizeof(size_t)) { - size_t t = *(size_t*)(in+n); - *(size_t*)(out+n) = *(size_t*)(ivec+n) ^ t; - *(size_t*)(ivec+n) = t; + while (l < len) { + if (n == 0) { + aesni_encrypt(ivec, ivec, key); } - len -= 16; - out += 16; - in += 16; + out[l] = ivec[n] ^= in[l]; + ++l; + n = (n + 1) % 16; } - n = 0; - if (len) { - aesni_encrypt(ivec, ivec, key); - while (len--) { + *num = n; + } else { +#if !defined(OPENSSL_SMALL_FOOTPRINT) + if (16%sizeof(size_t) == 0) do { /* always true actually */ + while (n && len) { unsigned char c; - out[n] = ivec[n] ^ (c = in[n]); ivec[n] = c; - ++n; + *(out++) = ivec[n] ^ (c = *(in++)); + ivec[n] = c; + --len; + n = (n + 1) % 16; } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ + while (len >= 16) { + aesni_encrypt(ivec, ivec, key); + for (n = 0; n < 16; n += sizeof(size_t)) { + size_t t = *(size_t*)(in + n); + *(size_t*)(out + n) = *(size_t*)(ivec + n) ^ t; + *(size_t*)(ivec + n) = t; + } + len -= 16; + out += 16; + in += 16; + } + n = 0; + if (len) { + aesni_encrypt(ivec, ivec, key); + while (len--) { + unsigned char c; + out[n] = ivec[n] ^ (c = in[n]); + ivec[n] = c; + ++n; + } + } + *num = n; + return; + } while (0); + /* the rest would be commonly eliminated by x86* compiler */ #endif - while (l=16) { + while (len >= 16) { aesni_encrypt(ivec, ivec, key); - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t*)(out+n) = - *(size_t*)(in+n) ^ *(size_t*)(ivec+n); + for (n = 0; n < 16; n += sizeof(size_t)) + *(size_t*)(out + n) = + *(size_t*)(in + n) ^ *(size_t*)(ivec + n); len -= 16; out += 16; - in += 16; + in += 16; } n = 0; if (len) { @@ -293,19 +291,19 @@ static void aesni_ofb128_encrypt(const unsigned char *in, unsigned char *out, } *num = n; return; - } while(0); + } while (0); /* the rest would be commonly eliminated by x86* compiler */ #endif - while (l 4) { engage = ((IA32CAP)OPENSSL_ia32cap_P >> 57) & 1; } else { @@ -326,10 +325,8 @@ aesni_bind_helper(ENGINE *e) /* Register everything or return with an error */ if (!ENGINE_set_id(e, aesni_id) || !ENGINE_set_name(e, engage ? aesni_name : no_aesni_name) || - !ENGINE_set_init_function(e, aesni_init) || - (engage && !ENGINE_set_ciphers (e, aesni_ciphers)) - ) + (engage && !ENGINE_set_ciphers (e, aesni_ciphers))) return 0; /* Everything looks good */ @@ -403,60 +400,72 @@ static int aesni_cipher_nids[] = { NID_aes_256_ofb, }; static int aesni_cipher_nids_num = - (sizeof(aesni_cipher_nids)/sizeof(aesni_cipher_nids[0])); + (sizeof(aesni_cipher_nids) / sizeof(aesni_cipher_nids[0])); -typedef struct -{ +typedef struct { AES_KEY ks; unsigned int _pad1[3]; } AESNI_KEY; static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *user_key, - const unsigned char *iv, int enc) + const unsigned char *iv, int enc) { int ret; AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); - if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE - || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE - || enc) - ret=aesni_set_encrypt_key(user_key, ctx->key_len * 8, key); + if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE || + (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE || + enc) + ret = aesni_set_encrypt_key(user_key, ctx->key_len * 8, key); else - ret=aesni_set_decrypt_key(user_key, ctx->key_len * 8, key); + ret = aesni_set_decrypt_key(user_key, ctx->key_len * 8, key); - if(ret < 0) { - EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED); + if (ret < 0) { + EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED); return 0; } return 1; } -static int aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); +static int +aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + aesni_ecb_encrypt(in, out, inl, key, ctx->encrypt); return 1; } -static int aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); - aesni_cbc_encrypt(in, out, inl, key, - ctx->iv, ctx->encrypt); + +static int +aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + + aesni_cbc_encrypt(in, out, inl, key, ctx->iv, ctx->encrypt); return 1; } -static int aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); - aesni_cfb128_encrypt(in, out, inl, key, ctx->iv, - &ctx->num, ctx->encrypt); +static int +aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + + aesni_cfb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num, + ctx->encrypt); return 1; } -static int aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + +static int +aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + AES_KEY *key = AESNI_ALIGN(ctx->cipher_data); + aesni_ofb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num); return 1; } @@ -487,24 +496,23 @@ static const EVP_CIPHER aesni_##ksize##_##lmode = { \ NULL \ } -DECLARE_AES_EVP(128,ecb,ECB); -DECLARE_AES_EVP(128,cbc,CBC); -DECLARE_AES_EVP(128,cfb,CFB); -DECLARE_AES_EVP(128,ofb,OFB); +DECLARE_AES_EVP(128, ecb, ECB); +DECLARE_AES_EVP(128, cbc, CBC); +DECLARE_AES_EVP(128, cfb, CFB); +DECLARE_AES_EVP(128, ofb, OFB); -DECLARE_AES_EVP(192,ecb,ECB); -DECLARE_AES_EVP(192,cbc,CBC); -DECLARE_AES_EVP(192,cfb,CFB); -DECLARE_AES_EVP(192,ofb,OFB); +DECLARE_AES_EVP(192, ecb, ECB); +DECLARE_AES_EVP(192, cbc, CBC); +DECLARE_AES_EVP(192, cfb, CFB); +DECLARE_AES_EVP(192, ofb, OFB); -DECLARE_AES_EVP(256,ecb,ECB); -DECLARE_AES_EVP(256,cbc,CBC); -DECLARE_AES_EVP(256,cfb,CFB); -DECLARE_AES_EVP(256,ofb,OFB); +DECLARE_AES_EVP(256, ecb, ECB); +DECLARE_AES_EVP(256, cbc, CBC); +DECLARE_AES_EVP(256, cfb, CFB); +DECLARE_AES_EVP(256, ofb, OFB); static int -aesni_ciphers (ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) +aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) { /* No specific cipher => return a list of supported nids ... */ if (!cipher) { @@ -563,4 +571,3 @@ aesni_ciphers (ENGINE *e, const EVP_CIPHER **cipher, #endif /* COMPILE_HW_AESNI */ #endif /* !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) && !defined(OPENSSL_NO_AES) */ - diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c index fd36594a0b..eb933153e1 100644 --- a/src/lib/libssl/src/crypto/engine/eng_all.c +++ b/src/lib/libssl/src/crypto/engine/eng_all.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -59,8 +59,9 @@ #include "cryptlib.h" #include "eng_int.h" -void ENGINE_load_builtin_engines(void) - { +void +ENGINE_load_builtin_engines(void) +{ /* Some ENGINEs need this */ OPENSSL_cpuid_setup(); #if 0 @@ -85,15 +86,18 @@ void ENGINE_load_builtin_engines(void) #endif #endif ENGINE_register_all_complete(); - } +} #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) -void ENGINE_setup_bsd_cryptodev(void) { +void +ENGINE_setup_bsd_cryptodev(void) +{ static int bsd_cryptodev_default_loaded = 0; + if (!bsd_cryptodev_default_loaded) { ENGINE_load_cryptodev(); ENGINE_register_all_complete(); } - bsd_cryptodev_default_loaded=1; + bsd_cryptodev_default_loaded = 1; } #endif diff --git a/src/lib/libssl/src/crypto/engine/eng_cnf.c b/src/lib/libssl/src/crypto/engine/eng_cnf.c index afb704e93b..c0c6b3fdc4 100644 --- a/src/lib/libssl/src/crypto/engine/eng_cnf.c +++ b/src/lib/libssl/src/crypto/engine/eng_cnf.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -63,34 +63,37 @@ /* ENGINE config module */ -static char *skip_dot(char *name) - { +static char * +skip_dot(char *name) +{ char *p; + p = strchr(name, '.'); if (p) return p + 1; return name; - } +} static STACK_OF(ENGINE) *initialized_engines = NULL; -static int int_engine_init(ENGINE *e) - { +static int +int_engine_init(ENGINE *e) +{ if (!ENGINE_init(e)) return 0; if (!initialized_engines) initialized_engines = sk_ENGINE_new_null(); - if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) - { + if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) { ENGINE_finish(e); return 0; - } - return 1; } - + return 1; +} -static int int_engine_configure(char *name, char *value, const CONF *cnf) - { + +static int +int_engine_configure(char *name, char *value, const CONF *cnf) +{ int i; int ret = 0; long do_init = -1; @@ -107,19 +110,19 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) /* Value is a section containing ENGINE commands */ ecmds = NCONF_get_section(cnf, value); - if (!ecmds) - { - ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_SECTION_ERROR); + if (!ecmds) { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, + ENGINE_R_ENGINE_SECTION_ERROR); return 0; - } + } - for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) - { + for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) { ecmd = sk_CONF_VALUE_value(ecmds, i); ctrlname = skip_dot(ecmd->name); ctrlvalue = ecmd->value; #ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname, ctrlvalue); + fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", + ctrlname, ctrlvalue); #endif /* First handle some special pseudo ctrls */ @@ -130,8 +133,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) else if (!strcmp(ctrlname, "soft_load")) soft = 1; /* Load a dynamic ENGINE */ - else if (!strcmp(ctrlname, "dynamic_path")) - { + else if (!strcmp(ctrlname, "dynamic_path")) { e = ENGINE_by_id("dynamic"); if (!e) goto err; @@ -141,119 +143,111 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) goto err; if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) goto err; - } + } /* ... add other pseudos here ... */ - else - { + else { /* At this point we need an ENGINE structural reference * if we don't already have one. */ - if (!e) - { + if (!e) { e = ENGINE_by_id(name); - if (!e && soft) - { + if (!e && soft) { ERR_clear_error(); return 1; - } + } if (!e) goto err; - } + } /* Allow "EMPTY" to mean no value: this allows a valid * "value" to be passed to ctrls of type NO_INPUT */ if (!strcmp(ctrlvalue, "EMPTY")) ctrlvalue = NULL; - if (!strcmp(ctrlname, "init")) - { - if (!NCONF_get_number_e(cnf, value, "init", &do_init)) + if (!strcmp(ctrlname, "init")) { + if (!NCONF_get_number_e(cnf, value, "init", + &do_init)) goto err; - if (do_init == 1) - { + if (do_init == 1) { if (!int_engine_init(e)) goto err; - } - else if (do_init != 0) - { - ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE); + } else if (do_init != 0) { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, + ENGINE_R_INVALID_INIT_VALUE); goto err; - } } - else if (!strcmp(ctrlname, "default_algorithms")) - { + } + else if (!strcmp(ctrlname, "default_algorithms")) { if (!ENGINE_set_default_string(e, ctrlvalue)) goto err; - } - else if (!ENGINE_ctrl_cmd_string(e, - ctrlname, ctrlvalue, 0)) + } else if (!ENGINE_ctrl_cmd_string(e, + ctrlname, ctrlvalue, 0)) goto err; - } - - - } - if (e && (do_init == -1) && !int_engine_init(e)) - { + } + if (e && (do_init == -1) && !int_engine_init(e)) { ecmd = NULL; goto err; - } + } ret = 1; - err: - if (ret != 1) - { - ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_CONFIGURATION_ERROR); + +err: + if (ret != 1) { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, + ENGINE_R_ENGINE_CONFIGURATION_ERROR); if (ecmd) ERR_asprintf_error_data - ("section=%s, name=%s, value=%s", + ("section=%s, name=%s, value=%s", ecmd->section, ecmd->name, ecmd->value); - } + } if (e) ENGINE_free(e); return ret; - } +} -static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) - { +static int +int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) +{ STACK_OF(CONF_VALUE) *elist; CONF_VALUE *cval; int i; + #ifdef ENGINE_CONF_DEBUG fprintf(stderr, "Called engine module: name %s, value %s\n", - CONF_imodule_get_name(md), CONF_imodule_get_value(md)); + CONF_imodule_get_name(md), CONF_imodule_get_value(md)); #endif /* Value is a section containing ENGINEs to configure */ elist = NCONF_get_section(cnf, CONF_imodule_get_value(md)); - if (!elist) - { - ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); + if (!elist) { + ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, + ENGINE_R_ENGINES_SECTION_ERROR); return 0; - } + } - for (i = 0; i < sk_CONF_VALUE_num(elist); i++) - { + for (i = 0; i < sk_CONF_VALUE_num(elist); i++) { cval = sk_CONF_VALUE_value(elist, i); if (!int_engine_configure(cval->name, cval->value, cnf)) return 0; - } + } return 1; - } +} -static void int_engine_module_finish(CONF_IMODULE *md) - { +static void +int_engine_module_finish(CONF_IMODULE *md) +{ ENGINE *e; + while ((e = sk_ENGINE_pop(initialized_engines))) ENGINE_finish(e); sk_ENGINE_free(initialized_engines); initialized_engines = NULL; - } - - -void ENGINE_add_conf_module(void) - { - CONF_module_add("engines", - int_engine_module_init, - int_engine_module_finish); - } +} + +void +ENGINE_add_conf_module(void) +{ + CONF_module_add("engines", int_engine_module_init, + int_engine_module_finish); +} diff --git a/src/lib/libssl/src/crypto/engine/eng_ctrl.c b/src/lib/libssl/src/crypto/engine/eng_ctrl.c index d5017e2329..67a724202b 100644 --- a/src/lib/libssl/src/crypto/engine/eng_ctrl.c +++ b/src/lib/libssl/src/crypto/engine/eng_ctrl.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -63,95 +63,92 @@ static const char *int_no_description = ""; * ENGINE in question has asked us to take care of it (ie. the ENGINE did not * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */ -static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn) - { - if((defn->cmd_num == 0) || (defn->cmd_name == NULL)) +static int +int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn) +{ + if ((defn->cmd_num == 0) || (defn->cmd_name == NULL)) return 1; return 0; - } +} -static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s) - { +static int +int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s) +{ int idx = 0; - while(!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0)) - { + while (!int_ctrl_cmd_is_null(defn) && + (strcmp(defn->cmd_name, s) != 0)) { idx++; defn++; - } - if(int_ctrl_cmd_is_null(defn)) + } + if (int_ctrl_cmd_is_null(defn)) /* The given name wasn't found */ return -1; return idx; - } +} -static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) - { +static int +int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) +{ int idx = 0; /* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So * our searches don't need to take any longer than necessary. */ - while(!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) - { + while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) { idx++; defn++; - } - if(defn->cmd_num == num) + } + if (defn->cmd_num == num) return idx; /* The given cmd_num wasn't found */ return -1; - } +} -static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, - void (*f)(void)) - { +static int +int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) +{ int idx; int ret; char *s = (char *)p; + /* Take care of the easy one first (eg. it requires no searches) */ - if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) - { - if((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns)) + if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) { + if ((e->cmd_defns == NULL) || + int_ctrl_cmd_is_null(e->cmd_defns)) return 0; return e->cmd_defns->cmd_num; - } + } /* One or two commands require that "p" be a valid string buffer */ - if((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) || - (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) || - (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) - { - if(s == NULL) - { + if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) || + (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) || + (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) { + if (s == NULL) { ENGINEerr(ENGINE_F_INT_CTRL_HELPER, - ERR_R_PASSED_NULL_PARAMETER); + ERR_R_PASSED_NULL_PARAMETER); return -1; - } } + } /* Now handle cmd_name -> cmd_num conversion */ - if(cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) - { - if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_name( - e->cmd_defns, s)) < 0)) - { + if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) { + if ((e->cmd_defns == NULL) || + ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) { ENGINEerr(ENGINE_F_INT_CTRL_HELPER, - ENGINE_R_INVALID_CMD_NAME); + ENGINE_R_INVALID_CMD_NAME); return -1; - } - return e->cmd_defns[idx].cmd_num; } + return e->cmd_defns[idx].cmd_num; + } /* For the rest of the commands, the 'long' argument must specify a * valie command number - so we need to conduct a search. */ - if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns, - (unsigned int)i)) < 0)) - { + if ((e->cmd_defns == NULL) || + ((idx = int_ctrl_cmd_by_num(e->cmd_defns, (unsigned int)i)) < 0)) { ENGINEerr(ENGINE_F_INT_CTRL_HELPER, - ENGINE_R_INVALID_CMD_NUMBER); + ENGINE_R_INVALID_CMD_NUMBER); return -1; - } + } /* Now the logic splits depending on command type */ - switch(cmd) - { + switch (cmd) { case ENGINE_CTRL_GET_NEXT_CMD_TYPE: idx++; - if(int_ctrl_cmd_is_null(e->cmd_defns + idx)) + if (int_ctrl_cmd_is_null(e->cmd_defns + idx)) /* end-of-list */ return 0; else @@ -159,17 +156,17 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: return strlen(e->cmd_defns[idx].cmd_name); case ENGINE_CTRL_GET_NAME_FROM_CMD: - ret = snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, + ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1, "%s", e->cmd_defns[idx].cmd_name); if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1)) ret = -1; return ret; case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: - if(e->cmd_defns[idx].cmd_desc) + if (e->cmd_defns[idx].cmd_desc) return strlen(e->cmd_defns[idx].cmd_desc); return strlen(int_no_description); case ENGINE_CTRL_GET_DESC_FROM_CMD: - if(e->cmd_defns[idx].cmd_desc) { + if (e->cmd_defns[idx].cmd_desc) { ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_desc) + 1, "%s", e->cmd_defns[idx].cmd_desc); @@ -177,40 +174,40 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, ret = -1; return ret; } - ret = snprintf(s, strlen(int_no_description) + 1,"%s", + ret = snprintf(s, strlen(int_no_description) + 1, "%s", int_no_description); if (ret >= strlen(int_no_description) + 1) ret = -1; return ret; case ENGINE_CTRL_GET_CMD_FLAGS: return e->cmd_defns[idx].cmd_flags; - } + } + /* Shouldn't really be here ... */ - ENGINEerr(ENGINE_F_INT_CTRL_HELPER,ENGINE_R_INTERNAL_LIST_ERROR); + ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INTERNAL_LIST_ERROR); return -1; - } +} -int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) - { +int +ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) +{ int ctrl_exists, ref_exists; - if(e == NULL) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER); + + if (e == NULL) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, ERR_R_PASSED_NULL_PARAMETER); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); ref_exists = ((e->struct_ref > 0) ? 1 : 0); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); ctrl_exists = ((e->ctrl == NULL) ? 0 : 1); - if(!ref_exists) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_REFERENCE); + if (!ref_exists) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_REFERENCE); return 0; - } + } /* Intercept any "root-level" commands before trying to hand them on to * ctrl() handlers. */ - switch(cmd) - { + switch (cmd) { case ENGINE_CTRL_HAS_CTRL_FUNCTION: return ctrl_exists; case ENGINE_CTRL_GET_FIRST_CMD_TYPE: @@ -221,180 +218,172 @@ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: case ENGINE_CTRL_GET_DESC_FROM_CMD: case ENGINE_CTRL_GET_CMD_FLAGS: - if(ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL)) - return int_ctrl_helper(e,cmd,i,p,f); - if(!ctrl_exists) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION); + if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL)) + return int_ctrl_helper(e, cmd, i, p, f); + if (!ctrl_exists) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, + ENGINE_R_NO_CONTROL_FUNCTION); /* For these cmd-related functions, failure is indicated * by a -1 return value (because 0 is used as a valid * return in some places). */ return -1; - } + } default: break; - } + } /* Anything else requires a ctrl() handler to exist. */ - if(!ctrl_exists) - { - ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION); + if (!ctrl_exists) { + ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION); return 0; - } - return e->ctrl(e, cmd, i, p, f); } + return e->ctrl(e, cmd, i, p, f); +} -int ENGINE_cmd_is_executable(ENGINE *e, int cmd) - { +int +ENGINE_cmd_is_executable(ENGINE *e, int cmd) +{ int flags; - if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0) - { + + if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, + NULL, NULL)) < 0) { ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE, - ENGINE_R_INVALID_CMD_NUMBER); + ENGINE_R_INVALID_CMD_NUMBER); return 0; - } - if(!(flags & ENGINE_CMD_FLAG_NO_INPUT) && - !(flags & ENGINE_CMD_FLAG_NUMERIC) && - !(flags & ENGINE_CMD_FLAG_STRING)) + } + if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) && + !(flags & ENGINE_CMD_FLAG_NUMERIC) && + !(flags & ENGINE_CMD_FLAG_STRING)) return 0; return 1; - } +} -int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, - long i, void *p, void (*f)(void), int cmd_optional) - { +int +ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, long i, void *p, + void (*f)(void), int cmd_optional) +{ int num; - if((e == NULL) || (cmd_name == NULL)) - { + if ((e == NULL) || (cmd_name == NULL)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, - ERR_R_PASSED_NULL_PARAMETER); + ERR_R_PASSED_NULL_PARAMETER); return 0; - } - if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e, - ENGINE_CTRL_GET_CMD_FROM_NAME, - 0, (void *)cmd_name, NULL)) <= 0)) - { + } + if ((e->ctrl == NULL) || + ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, + 0, (void *)cmd_name, NULL)) <= 0)) { /* If the command didn't *have* to be supported, we fake * success. This allows certain settings to be specified for * multiple ENGINEs and only require a change of ENGINE id * (without having to selectively apply settings). Eg. changing * from a hardware device back to the regular software ENGINE * without editing the config file, etc. */ - if(cmd_optional) - { + if (cmd_optional) { ERR_clear_error(); return 1; - } - ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, - ENGINE_R_INVALID_CMD_NAME); - return 0; } + ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ENGINE_R_INVALID_CMD_NAME); + return 0; + } + /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if (ENGINE_ctrl(e, num, i, p, f) > 0) - return 1; - return 0; - } + if (ENGINE_ctrl(e, num, i, p, f) > 0) + return 1; -int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, - int cmd_optional) - { + return 0; +} + +int +ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, + int cmd_optional) +{ int num, flags; long l; char *ptr; - if((e == NULL) || (cmd_name == NULL)) - { + + if ((e == NULL) || (cmd_name == NULL)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ERR_R_PASSED_NULL_PARAMETER); + ERR_R_PASSED_NULL_PARAMETER); return 0; - } - if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e, - ENGINE_CTRL_GET_CMD_FROM_NAME, - 0, (void *)cmd_name, NULL)) <= 0)) - { + } + if ((e->ctrl == NULL) || + ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0, + (void *)cmd_name, NULL)) <= 0)) { /* If the command didn't *have* to be supported, we fake * success. This allows certain settings to be specified for * multiple ENGINEs and only require a change of ENGINE id * (without having to selectively apply settings). Eg. changing * from a hardware device back to the regular software ENGINE * without editing the config file, etc. */ - if(cmd_optional) - { + if (cmd_optional) { ERR_clear_error(); return 1; - } + } ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_INVALID_CMD_NAME); + ENGINE_R_INVALID_CMD_NAME); return 0; - } - if(!ENGINE_cmd_is_executable(e, num)) - { + } + if (!ENGINE_cmd_is_executable(e, num)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_CMD_NOT_EXECUTABLE); + ENGINE_R_CMD_NOT_EXECUTABLE); return 0; - } - if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0) - { + } + if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, + NULL, NULL)) < 0) { /* Shouldn't happen, given that ENGINE_cmd_is_executable() * returned success. */ ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_INTERNAL_LIST_ERROR); + ENGINE_R_INTERNAL_LIST_ERROR); return 0; - } + } /* If the command takes no input, there must be no input. And vice * versa. */ - if(flags & ENGINE_CMD_FLAG_NO_INPUT) - { - if(arg != NULL) - { + if (flags & ENGINE_CMD_FLAG_NO_INPUT) { + if (arg != NULL) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_COMMAND_TAKES_NO_INPUT); + ENGINE_R_COMMAND_TAKES_NO_INPUT); return 0; - } + } /* We deliberately force the result of ENGINE_ctrl() to 0 or 1 * rather than returning it as "return data". This is to ensure * usage of these commands is consistent across applications and * that certain applications don't understand it one way, and * others another. */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) + if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; - } + } /* So, we require input */ - if(arg == NULL) - { + if (arg == NULL) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_COMMAND_TAKES_INPUT); + ENGINE_R_COMMAND_TAKES_INPUT); return 0; - } + } /* If it takes string input, that's easy */ - if(flags & ENGINE_CMD_FLAG_STRING) - { + if (flags & ENGINE_CMD_FLAG_STRING) { /* Same explanation as above */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) + if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; - } + } /* If it doesn't take numeric either, then it is unsupported for use in * a config-setting situation, which is what this function is for. This * should never happen though, because ENGINE_cmd_is_executable() was * used. */ - if(!(flags & ENGINE_CMD_FLAG_NUMERIC)) - { + if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_INTERNAL_LIST_ERROR); + ENGINE_R_INTERNAL_LIST_ERROR); return 0; - } + } l = strtol(arg, &ptr, 10); - if((arg == ptr) || (*ptr != '\0')) - { + if ((arg == ptr) || (*ptr != '\0')) { ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, - ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER); + ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER); return 0; - } + } /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0) + if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0) return 1; return 0; - } +} diff --git a/src/lib/libssl/src/crypto/engine/eng_dyn.c b/src/lib/libssl/src/crypto/engine/eng_dyn.c index e2de4603ee..0abb390b53 100644 --- a/src/lib/libssl/src/crypto/engine/eng_dyn.c +++ b/src/lib/libssl/src/crypto/engine/eng_dyn.c @@ -10,7 +10,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -84,45 +84,52 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx); static const char *engine_dynamic_id = "dynamic"; static const char *engine_dynamic_name = "Dynamic engine loading support"; static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = { - {DYNAMIC_CMD_SO_PATH, + { + DYNAMIC_CMD_SO_PATH, "SO_PATH", "Specifies the path to the new ENGINE shared library", ENGINE_CMD_FLAG_STRING}, - {DYNAMIC_CMD_NO_VCHECK, + { + DYNAMIC_CMD_NO_VCHECK, "NO_VCHECK", "Specifies to continue even if version checking fails (boolean)", ENGINE_CMD_FLAG_NUMERIC}, - {DYNAMIC_CMD_ID, + { + DYNAMIC_CMD_ID, "ID", "Specifies an ENGINE id name for loading", ENGINE_CMD_FLAG_STRING}, - {DYNAMIC_CMD_LIST_ADD, + { + DYNAMIC_CMD_LIST_ADD, "LIST_ADD", "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)", ENGINE_CMD_FLAG_NUMERIC}, - {DYNAMIC_CMD_DIR_LOAD, + { + DYNAMIC_CMD_DIR_LOAD, "DIR_LOAD", "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)", ENGINE_CMD_FLAG_NUMERIC}, - {DYNAMIC_CMD_DIR_ADD, + { + DYNAMIC_CMD_DIR_ADD, "DIR_ADD", "Adds a directory from which ENGINEs can be loaded", ENGINE_CMD_FLAG_STRING}, - {DYNAMIC_CMD_LOAD, + { + DYNAMIC_CMD_LOAD, "LOAD", "Load up the ENGINE specified by other settings", ENGINE_CMD_FLAG_NO_INPUT}, + {0, NULL, NULL, 0} - }; +}; static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = { {0, NULL, NULL, 0} - }; +}; /* Loading code stores state inside the ENGINE structure via the "ex_data" * element. We load all our state into a single structure and use that as a * single context in the "ex_data" stack. */ -struct st_dynamic_data_ctx - { +struct st_dynamic_data_ctx { /* The DSO object we load that supplies the ENGINE code */ DSO *dynamic_dso; /* The function pointer to the version checking shared library function */ @@ -147,13 +154,18 @@ struct st_dynamic_data_ctx int dir_load; /* A stack of directories from which ENGINEs could be loaded */ STACK_OF(OPENSSL_STRING) *dirs; - }; +}; /* This is the "ex_data" index we obtain and reserve for use with our context * structure. */ static int dynamic_ex_data_idx = -1; -static void int_free_str(char *s) { free(s); } +static void +int_free_str(char *s) +{ + free(s); +} + /* Because our ex_data element may or may not get allocated depending on whether * a "first-use" occurs before the ENGINE is freed, we have a memory leak * problem to solve. We can't declare a "new" handler for the ex_data as we @@ -161,35 +173,36 @@ static void int_free_str(char *s) { free(s); } * is a bug in the design of CRYPTO_EX_DATA). As such, we just declare a "free" * handler and that will get called if an ENGINE is being destroyed and there * was an ex_data element corresponding to our context type. */ -static void dynamic_data_ctx_free_func(void *parent, void *ptr, - CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) - { - if(ptr) - { +static void +dynamic_data_ctx_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp) +{ + if (ptr) { dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr; - if(ctx->dynamic_dso) + if (ctx->dynamic_dso) DSO_free(ctx->dynamic_dso); free((void *)ctx->DYNAMIC_LIBNAME); free((void *)ctx->engine_id); - if(ctx->dirs) + if (ctx->dirs) sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str); free(ctx); - } } +} /* Construct the per-ENGINE context. We create it blindly and then use a lock to * check for a race - if so, all but one of the threads "racing" will have * wasted their time. The alternative involves creating everything inside the * lock which is far worse. */ -static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) - { +static int +dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) +{ dynamic_data_ctx *c; + c = malloc(sizeof(dynamic_data_ctx)); - if(!c) - { - ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); + if (!c) { + ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); return 0; - } + } memset(c, 0, sizeof(dynamic_data_ctx)); c->dynamic_dso = NULL; c->v_check = NULL; @@ -202,89 +215,92 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) c->DYNAMIC_F2 = "bind_engine"; c->dir_load = 1; c->dirs = sk_OPENSSL_STRING_new_null(); - if(!c->dirs) - { - ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); + if (!c->dirs) { + ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); free(c); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, - dynamic_ex_data_idx)) == NULL) - { + if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, + dynamic_ex_data_idx)) == NULL) { /* Good, we're the first */ ENGINE_set_ex_data(e, dynamic_ex_data_idx, c); *ctx = c; c = NULL; - } + } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* If we lost the race to set the context, c is non-NULL and *ctx is the * context of the thread that won. */ free(c); return 1; - } +} /* This function retrieves the context structure from an ENGINE's "ex_data", or * if it doesn't exist yet, sets it up. */ -static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e) - { +static dynamic_data_ctx * +dynamic_get_data_ctx(ENGINE *e) +{ dynamic_data_ctx *ctx; - if(dynamic_ex_data_idx < 0) - { + if (dynamic_ex_data_idx < 0) { /* Create and register the ENGINE ex_data, and associate our * "free" function with it to ensure any allocated contexts get * freed when an ENGINE goes underground. */ int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, - dynamic_data_ctx_free_func); - if(new_idx == -1) - { - ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX,ENGINE_R_NO_INDEX); + dynamic_data_ctx_free_func); + if (new_idx == -1) { + ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX, + ENGINE_R_NO_INDEX); return NULL; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); /* Avoid a race by checking again inside this lock */ - if(dynamic_ex_data_idx < 0) - { + if (dynamic_ex_data_idx < 0) { /* Good, someone didn't beat us to it */ dynamic_ex_data_idx = new_idx; new_idx = -1; - } + } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* In theory we could "give back" the index here if * (new_idx>-1), but it's not possible and wouldn't gain us much * if it were. */ - } + } ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx); /* Check if the context needs to be created */ - if((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx)) + if ((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx)) /* "set_data" will set errors if necessary */ return NULL; return ctx; - } +} -static ENGINE *engine_dynamic(void) - { +static ENGINE * +engine_dynamic(void) +{ ENGINE *ret = ENGINE_new(); - if(!ret) + + if (!ret) return NULL; - if(!ENGINE_set_id(ret, engine_dynamic_id) || - !ENGINE_set_name(ret, engine_dynamic_name) || - !ENGINE_set_init_function(ret, dynamic_init) || - !ENGINE_set_finish_function(ret, dynamic_finish) || - !ENGINE_set_ctrl_function(ret, dynamic_ctrl) || - !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) || - !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) - { + + if (!ENGINE_set_id(ret, engine_dynamic_id) || + !ENGINE_set_name(ret, engine_dynamic_name) || + !ENGINE_set_init_function(ret, dynamic_init) || + !ENGINE_set_finish_function(ret, dynamic_finish) || + !ENGINE_set_ctrl_function(ret, dynamic_ctrl) || + !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) || + !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) { ENGINE_free(ret); return NULL; - } - return ret; } + return ret; +} -void ENGINE_load_dynamic(void) - { +void +ENGINE_load_dynamic(void) +{ ENGINE *toadd = engine_dynamic(); - if(!toadd) return; + + if (!toadd) + return; + ENGINE_add(toadd); /* If the "add" worked, it gets a structural reference. So either way, * we release our just-created reference. */ @@ -293,48 +309,47 @@ void ENGINE_load_dynamic(void) * already added (eg. someone calling ENGINE_load_blah then calling * ENGINE_load_builtin_engines() perhaps). */ ERR_clear_error(); - } +} -static int dynamic_init(ENGINE *e) - { +static int +dynamic_init(ENGINE *e) +{ /* We always return failure - the "dyanamic" engine itself can't be used * for anything. */ return 0; - } +} -static int dynamic_finish(ENGINE *e) - { +static int +dynamic_finish(ENGINE *e) +{ /* This should never be called on account of "dynamic_init" always * failing. */ return 0; - } +} -static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) - { +static int +dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) +{ dynamic_data_ctx *ctx = dynamic_get_data_ctx(e); int initialised; - - if(!ctx) - { - ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_NOT_LOADED); + + if (!ctx) { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_NOT_LOADED); return 0; - } + } initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1); /* All our control commands require the ENGINE to be uninitialised */ - if(initialised) - { - ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_ALREADY_LOADED); + if (initialised) { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_ALREADY_LOADED); return 0; - } - switch(cmd) - { + } + switch (cmd) { case DYNAMIC_CMD_SO_PATH: /* a NULL 'p' or a string of zero-length is the same thing */ - if(p && (strlen((const char *)p) < 1)) + if (p && (strlen((const char *)p) < 1)) p = NULL; free((void *)ctx->DYNAMIC_LIBNAME); - if(p) + if (p) ctx->DYNAMIC_LIBNAME = BUF_strdup(p); else ctx->DYNAMIC_LIBNAME = NULL; @@ -344,145 +359,138 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) return 1; case DYNAMIC_CMD_ID: /* a NULL 'p' or a string of zero-length is the same thing */ - if(p && (strlen((const char *)p) < 1)) + if (p && (strlen((const char *)p) < 1)) p = NULL; free((void *)ctx->engine_id); - if(p) + if (p) ctx->engine_id = BUF_strdup(p); else ctx->engine_id = NULL; return (ctx->engine_id ? 1 : 0); case DYNAMIC_CMD_LIST_ADD: - if((i < 0) || (i > 2)) - { + if ((i < 0) || (i > 2)) { ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_INVALID_ARGUMENT); + ENGINE_R_INVALID_ARGUMENT); return 0; - } + } ctx->list_add_value = (int)i; return 1; case DYNAMIC_CMD_LOAD: return dynamic_load(e, ctx); case DYNAMIC_CMD_DIR_LOAD: - if((i < 0) || (i > 2)) - { + if ((i < 0) || (i > 2)) { ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_INVALID_ARGUMENT); + ENGINE_R_INVALID_ARGUMENT); return 0; - } + } ctx->dir_load = (int)i; return 1; case DYNAMIC_CMD_DIR_ADD: /* a NULL 'p' or a string of zero-length is the same thing */ - if(!p || (strlen((const char *)p) < 1)) - { + if (!p || (strlen((const char *)p) < 1)) { ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ENGINE_R_INVALID_ARGUMENT); + ENGINE_R_INVALID_ARGUMENT); return 0; - } + } { - char *tmp_str = BUF_strdup(p); - if(!tmp_str) - { - ENGINEerr(ENGINE_F_DYNAMIC_CTRL, - ERR_R_MALLOC_FAILURE); - return 0; + char *tmp_str = BUF_strdup(p); + if (!tmp_str) { + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, + ERR_R_MALLOC_FAILURE); + return 0; } - sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1); + sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1); } return 1; default: break; - } - ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; } + ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); + return 0; +} -static int int_load(dynamic_data_ctx *ctx) - { +static int +int_load(dynamic_data_ctx *ctx) +{ int num, loop; + /* Unless told not to, try a direct load */ - if((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso, - ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) + if ((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso, + ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) return 1; /* If we're not allowed to use 'dirs' or we have none, fail */ - if(!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1) + if (!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1) return 0; - for(loop = 0; loop < num; loop++) - { + for (loop = 0; loop < num; loop++) { const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop); - char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); - if(!merge) + char *merge = DSO_merge(ctx->dynamic_dso, + ctx->DYNAMIC_LIBNAME, s); + if (!merge) return 0; - if(DSO_load(ctx->dynamic_dso, merge, NULL, 0)) - { + if (DSO_load(ctx->dynamic_dso, merge, NULL, 0)) { /* Found what we're looking for */ free(merge); return 1; - } - free(merge); } - return 0; + free(merge); } + return 0; +} -static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) - { +static int +dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) +{ ENGINE cpy; dynamic_fns fns; - if(!ctx->dynamic_dso) + if (!ctx->dynamic_dso) ctx->dynamic_dso = DSO_new(); - if(!ctx->DYNAMIC_LIBNAME) - { - if(!ctx->engine_id) + if (!ctx->DYNAMIC_LIBNAME) { + if (!ctx->engine_id) return 0; - ctx->DYNAMIC_LIBNAME = - DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id); - } - if(!int_load(ctx)) - { + ctx->DYNAMIC_LIBNAME = DSO_convert_filename(ctx->dynamic_dso, + ctx->engine_id); + } + if (!int_load(ctx)) { ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_DSO_NOT_FOUND); + ENGINE_R_DSO_NOT_FOUND); DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; return 0; - } + } /* We have to find a bind function otherwise it'll always end badly */ - if(!(ctx->bind_engine = (dynamic_bind_engine)DSO_bind_func( - ctx->dynamic_dso, ctx->DYNAMIC_F2))) - { + if (!(ctx->bind_engine = (dynamic_bind_engine)DSO_bind_func( + ctx->dynamic_dso, ctx->DYNAMIC_F2))) { ctx->bind_engine = NULL; DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_DSO_FAILURE); + ENGINE_R_DSO_FAILURE); return 0; - } + } /* Do we perform version checking? */ - if(!ctx->no_vcheck) - { + if (!ctx->no_vcheck) { unsigned long vcheck_res = 0; /* Now we try to find a version checking function and decide how * to cope with failure if/when it fails. */ ctx->v_check = (dynamic_v_check_fn)DSO_bind_func( - ctx->dynamic_dso, ctx->DYNAMIC_F1); - if(ctx->v_check) + ctx->dynamic_dso, ctx->DYNAMIC_F1); + if (ctx->v_check) vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION); /* We fail if the version checker veto'd the load *or* if it is * deferring to us (by returning its version) and we think it is * too old. */ - if(vcheck_res < OSSL_DYNAMIC_OLDEST) - { + if (vcheck_res < OSSL_DYNAMIC_OLDEST) { /* Fail */ ctx->bind_engine = NULL; ctx->v_check = NULL; DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_VERSION_INCOMPATIBILITY); + ENGINE_R_VERSION_INCOMPATIBILITY); return 0; - } } + } /* First binary copy the ENGINE structure so that we can roll back if * the hand-over fails */ memcpy(&cpy, e, sizeof(ENGINE)); @@ -495,8 +503,8 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) fns.err_fns = ERR_get_implementation(); fns.ex_data_fns = CRYPTO_get_ex_data_implementation(); CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb, - &fns.mem_fns.realloc_cb, - &fns.mem_fns.free_cb); + &fns.mem_fns.realloc_cb, + &fns.mem_fns.free_cb); fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback(); fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback(); fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback(); @@ -507,37 +515,33 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) engine_set_all_null(e); /* Try to bind the ENGINE onto our own ENGINE structure */ - if(!ctx->bind_engine(e, ctx->engine_id, &fns)) - { + if (!ctx->bind_engine(e, ctx->engine_id, &fns)) { ctx->bind_engine = NULL; ctx->v_check = NULL; DSO_free(ctx->dynamic_dso); ctx->dynamic_dso = NULL; - ENGINEerr(ENGINE_F_DYNAMIC_LOAD,ENGINE_R_INIT_FAILED); + ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_INIT_FAILED); /* Copy the original ENGINE structure back */ memcpy(e, &cpy, sizeof(ENGINE)); return 0; - } + } /* Do we try to add this ENGINE to the internal list too? */ - if(ctx->list_add_value > 0) - { - if(!ENGINE_add(e)) - { + if (ctx->list_add_value > 0) { + if (!ENGINE_add(e)) { /* Do we tolerate this or fail? */ - if(ctx->list_add_value > 1) - { + if (ctx->list_add_value > 1) { /* Fail - NB: By this time, it's too late to * rollback, and trying to do so allows the * bind_engine() code to have created leaks. We * just have to fail where we are, after the * ENGINE has changed. */ ENGINEerr(ENGINE_F_DYNAMIC_LOAD, - ENGINE_R_CONFLICTING_ENGINE_ID); + ENGINE_R_CONFLICTING_ENGINE_ID); return 0; - } + } /* Tolerate */ ERR_clear_error(); - } } - return 1; } + return 1; +} diff --git a/src/lib/libssl/src/crypto/engine/eng_err.c b/src/lib/libssl/src/crypto/engine/eng_err.c index 81c70acfa8..baf2b3d92d 100644 --- a/src/lib/libssl/src/crypto/engine/eng_err.c +++ b/src/lib/libssl/src/crypto/engine/eng_err.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -68,106 +68,103 @@ #define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0) #define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason) -static ERR_STRING_DATA ENGINE_str_functs[]= - { -{ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, -{ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, -{ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, -{ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"}, -{ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, -{ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, -{ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, -{ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"}, -{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, -{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, -{ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, -{ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH), "ENGINE_get_pkey_asn1_meth"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"}, -{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, -{ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, -{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, -{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, -{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, -{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, -{ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT), "ENGINE_load_ssl_client_cert"}, -{ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, -{ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"}, -{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, -{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, -{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, -{ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"}, -{ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, -{ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, -{ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, -{ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"}, -{ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, -{0,NULL} - }; +static ERR_STRING_DATA ENGINE_str_functs[]= { + {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"}, + {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"}, + {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"}, + {ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"}, + {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"}, + {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"}, + {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"}, + {ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"}, + {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"}, + {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"}, + {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"}, + {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH), "ENGINE_get_pkey_asn1_meth"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"}, + {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, + {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, + {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, + {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, + {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, + {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, + {ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT), "ENGINE_load_ssl_client_cert"}, + {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, + {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"}, + {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"}, + {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"}, + {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"}, + {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"}, + {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"}, + {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"}, + {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"}, + {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"}, + {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"}, + {0, NULL} +}; -static ERR_STRING_DATA ENGINE_str_reasons[]= - { -{ERR_REASON(ENGINE_R_ALREADY_LOADED) ,"already loaded"}, -{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),"argument is not a number"}, -{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) ,"cmd not executable"}, -{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT),"command takes input"}, -{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT),"command takes no input"}, -{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID),"conflicting engine id"}, -{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"}, -{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) ,"dh not implemented"}, -{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED),"dsa not implemented"}, -{ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"}, -{ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"}, -{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"}, -{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),"engine configuration error"}, -{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"}, -{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"}, -{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"}, -{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"}, -{ERR_REASON(ENGINE_R_FINISH_FAILED) ,"finish failed"}, -{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) ,"could not obtain hardware handle"}, -{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) ,"'id' or 'name' missing"}, -{ERR_REASON(ENGINE_R_INIT_FAILED) ,"init failed"}, -{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR),"internal list error"}, -{ERR_REASON(ENGINE_R_INVALID_ARGUMENT) ,"invalid argument"}, -{ERR_REASON(ENGINE_R_INVALID_CMD_NAME) ,"invalid cmd name"}, -{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) ,"invalid cmd number"}, -{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) ,"invalid init value"}, -{ERR_REASON(ENGINE_R_INVALID_STRING) ,"invalid string"}, -{ERR_REASON(ENGINE_R_NOT_INITIALISED) ,"not initialised"}, -{ERR_REASON(ENGINE_R_NOT_LOADED) ,"not loaded"}, -{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION),"no control function"}, -{ERR_REASON(ENGINE_R_NO_INDEX) ,"no index"}, -{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) ,"no load function"}, -{ERR_REASON(ENGINE_R_NO_REFERENCE) ,"no reference"}, -{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) ,"no such engine"}, -{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) ,"no unload function"}, -{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) ,"provide parameters"}, -{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"}, -{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"}, -{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"}, -{ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),"unimplemented public key method"}, -{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"}, -{0,NULL} - }; +static ERR_STRING_DATA ENGINE_str_reasons[]= { + {ERR_REASON(ENGINE_R_ALREADY_LOADED) , "already loaded"}, + {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER), "argument is not a number"}, + {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) , "cmd not executable"}, + {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"}, + {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"}, + {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"}, + {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED), "ctrl command not implemented"}, + {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) , "dh not implemented"}, + {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"}, + {ERR_REASON(ENGINE_R_DSO_FAILURE) , "DSO failure"}, + {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) , "dso not found"}, + {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"}, + {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR), "engine configuration error"}, + {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"}, + {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"}, + {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY), "failed loading private key"}, + {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY), "failed loading public key"}, + {ERR_REASON(ENGINE_R_FINISH_FAILED) , "finish failed"}, + {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) , "could not obtain hardware handle"}, + {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) , "'id' or 'name' missing"}, + {ERR_REASON(ENGINE_R_INIT_FAILED) , "init failed"}, + {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"}, + {ERR_REASON(ENGINE_R_INVALID_ARGUMENT) , "invalid argument"}, + {ERR_REASON(ENGINE_R_INVALID_CMD_NAME) , "invalid cmd name"}, + {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) , "invalid cmd number"}, + {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) , "invalid init value"}, + {ERR_REASON(ENGINE_R_INVALID_STRING) , "invalid string"}, + {ERR_REASON(ENGINE_R_NOT_INITIALISED) , "not initialised"}, + {ERR_REASON(ENGINE_R_NOT_LOADED) , "not loaded"}, + {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"}, + {ERR_REASON(ENGINE_R_NO_INDEX) , "no index"}, + {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) , "no load function"}, + {ERR_REASON(ENGINE_R_NO_REFERENCE) , "no reference"}, + {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) , "no such engine"}, + {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) , "no unload function"}, + {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) , "provide parameters"}, + {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"}, + {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"}, + {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"}, + {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD), "unimplemented public key method"}, + {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"}, + {0, NULL} +}; #endif -void ERR_load_ENGINE_strings(void) - { +void +ERR_load_ENGINE_strings(void) +{ #ifndef OPENSSL_NO_ERR - - if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) - { - ERR_load_strings(0,ENGINE_str_functs); - ERR_load_strings(0,ENGINE_str_reasons); - } -#endif + if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) { + ERR_load_strings(0, ENGINE_str_functs); + ERR_load_strings(0, ENGINE_str_reasons); } +#endif +} diff --git a/src/lib/libssl/src/crypto/engine/eng_fat.c b/src/lib/libssl/src/crypto/engine/eng_fat.c index e01067566e..f5ad01b80e 100644 --- a/src/lib/libssl/src/crypto/engine/eng_fat.c +++ b/src/lib/libssl/src/crypto/engine/eng_fat.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -54,55 +54,58 @@ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by + * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ #include "eng_int.h" #include -int ENGINE_set_default(ENGINE *e, unsigned int flags) - { - if((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e)) +int +ENGINE_set_default(ENGINE *e, unsigned int flags) +{ + if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e)) return 0; - if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) + if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) return 0; #ifndef OPENSSL_NO_RSA - if((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) + if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) return 0; #endif #ifndef OPENSSL_NO_DSA - if((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) + if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) return 0; #endif #ifndef OPENSSL_NO_DH - if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) + if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) return 0; #endif #ifndef OPENSSL_NO_ECDH - if((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) + if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) return 0; #endif #ifndef OPENSSL_NO_ECDSA - if((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) + if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) return 0; #endif - if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) + if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) return 0; - if((flags & ENGINE_METHOD_PKEY_METHS) - && !ENGINE_set_default_pkey_meths(e)) + if ((flags & ENGINE_METHOD_PKEY_METHS) && + !ENGINE_set_default_pkey_meths(e)) return 0; - if((flags & ENGINE_METHOD_PKEY_ASN1_METHS) - && !ENGINE_set_default_pkey_asn1_meths(e)) + if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS) && + !ENGINE_set_default_pkey_asn1_meths(e)) return 0; return 1; - } +} /* Set default algorithms using a string */ -static int int_def_cb(const char *alg, int len, void *arg) - { +static int +int_def_cb(const char *alg, int len, void *arg) +{ unsigned int *pflags = arg; + if (!strncmp(alg, "ALL", len)) *pflags |= ENGINE_METHOD_ALL; else if (!strncmp(alg, "RSA", len)) @@ -123,7 +126,7 @@ static int int_def_cb(const char *alg, int len, void *arg) *pflags |= ENGINE_METHOD_DIGESTS; else if (!strncmp(alg, "PKEY", len)) *pflags |= - ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS; + ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS; else if (!strncmp(alg, "PKEY_CRYPTO", len)) *pflags |= ENGINE_METHOD_PKEY_METHS; else if (!strncmp(alg, "PKEY_ASN1", len)) @@ -131,24 +134,25 @@ static int int_def_cb(const char *alg, int len, void *arg) else return 0; return 1; - } +} - -int ENGINE_set_default_string(ENGINE *e, const char *def_list) - { +int +ENGINE_set_default_string(ENGINE *e, const char *def_list) +{ unsigned int flags = 0; - if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) - { + + if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) { ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING, - ENGINE_R_INVALID_STRING); + ENGINE_R_INVALID_STRING); ERR_asprintf_error_data("str=%s",def_list); return 0; - } - return ENGINE_set_default(e, flags); } + return ENGINE_set_default(e, flags); +} -int ENGINE_register_complete(ENGINE *e) - { +int +ENGINE_register_complete(ENGINE *e) +{ ENGINE_register_ciphers(e); ENGINE_register_digests(e); #ifndef OPENSSL_NO_RSA @@ -169,14 +173,15 @@ int ENGINE_register_complete(ENGINE *e) ENGINE_register_RAND(e); ENGINE_register_pkey_meths(e); return 1; - } +} -int ENGINE_register_all_complete(void) - { +int +ENGINE_register_all_complete(void) +{ ENGINE *e; - for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e)) + for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL)) ENGINE_register_complete(e); return 1; - } +} diff --git a/src/lib/libssl/src/crypto/engine/eng_init.c b/src/lib/libssl/src/crypto/engine/eng_init.c index 870c456668..540f8957ca 100644 --- a/src/lib/libssl/src/crypto/engine/eng_init.c +++ b/src/lib/libssl/src/crypto/engine/eng_init.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -57,30 +57,31 @@ /* Initialise a engine type for use (or up its functional reference count * if it's already in use). This version is only used internally. */ -int engine_unlocked_init(ENGINE *e) - { +int +engine_unlocked_init(ENGINE *e) +{ int to_return = 1; - if((e->funct_ref == 0) && e->init) + if ((e->funct_ref == 0) && e->init) /* This is the first functional reference and the engine * requires initialisation so we do it now. */ to_return = e->init(e); - if(to_return) - { + if (to_return) { /* OK, we return a functional reference which is also a * structural reference. */ e->struct_ref++; e->funct_ref++; engine_ref_debug(e, 0, 1) engine_ref_debug(e, 1, 1) - } - return to_return; } + return to_return; +} /* Free a functional reference to a engine type. This version is only used * internally. */ -int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) - { +int +engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) +{ int to_return = 1; /* Reduce the functional reference count here so if it's the terminating @@ -91,58 +92,57 @@ int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) * 2 to 0 without either calling finish(). */ e->funct_ref--; engine_ref_debug(e, 1, -1); - if((e->funct_ref == 0) && e->finish) - { - if(unlock_for_handlers) + if ((e->funct_ref == 0) && e->finish) { + if (unlock_for_handlers) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); to_return = e->finish(e); - if(unlock_for_handlers) + if (unlock_for_handlers) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if(!to_return) + if (!to_return) return 0; - } + } /* Release the structural reference too */ - if(!engine_free_util(e, 0)) - { - ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH,ENGINE_R_FINISH_FAILED); + if (!engine_free_util(e, 0)) { + ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH, + ENGINE_R_FINISH_FAILED); return 0; - } - return to_return; } + return to_return; +} /* The API (locked) version of "init" */ -int ENGINE_init(ENGINE *e) - { +int +ENGINE_init(ENGINE *e) +{ int ret; - if(e == NULL) - { - ENGINEerr(ENGINE_F_ENGINE_INIT,ERR_R_PASSED_NULL_PARAMETER); + + if (e == NULL) { + ENGINEerr(ENGINE_F_ENGINE_INIT, ERR_R_PASSED_NULL_PARAMETER); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); ret = engine_unlocked_init(e); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); return ret; - } +} /* The API (locked) version of "finish" */ -int ENGINE_finish(ENGINE *e) - { +int +ENGINE_finish(ENGINE *e) +{ int to_return = 1; - if(e == NULL) - { - ENGINEerr(ENGINE_F_ENGINE_FINISH,ERR_R_PASSED_NULL_PARAMETER); + if (e == NULL) { + ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER); return 0; - } + } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); to_return = engine_unlocked_finish(e, 1); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - if(!to_return) - { - ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED); + if (!to_return) { + ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED); return 0; - } - return to_return; } + return to_return; +} -- cgit v1.2.3-55-g6feb