godotengine
/
godot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

openssl: Update to pristine 1.0.2o (security update)

This commit is contained in:
Rémi Verschelde 2018-07-27 16:17:15 +02:00
parent d3c4f91c9c
commit 33a9bda1d9
100 changed files with 536 additions and 477 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
COPYRIGHT.txt
View File

@ -305,7 +305,7 @@ License: Zlib
Files: ./thirdparty/openssl/ Files: ./thirdparty/openssl/
Comment: The OpenSSL Project Comment: The OpenSSL Project
Copyright: 1998-2017, The OpenSSL Project. Copyright: 1998-2018, The OpenSSL Project.
License: OpenSSL License: OpenSSL
Files: ./thirdparty/opus/ Files: ./thirdparty/opus/

2
thirdparty/README.md vendored
View File

@ -322,7 +322,7 @@ Files extracted from the upstream source:
## openssl ## openssl
- Upstream: https://www.openssl.org - Upstream: https://www.openssl.org
- Version: 1.0.2n - Version: 1.0.2o
- License: OpenSSL license / BSD-like - License: OpenSSL license / BSD-like
Files extracted from the upstream source: Files extracted from the upstream source:

2
thirdparty/openssl/LICENSE vendored
View File

@ -12,7 +12,7 @@
--------------- ---------------
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2017 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions

2
thirdparty/openssl/crypto/asn1/a_gentm.c vendored
View File

@ -78,7 +78,7 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
ASN1_STRING tmpstr = *(ASN1_STRING *)a; ASN1_STRING tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length; len = tmpstr.length;
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len); ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
tmpstr.data = tmp; tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *)&tmpstr; a = (ASN1_GENERALIZEDTIME *)&tmpstr;

4
thirdparty/openssl/crypto/asn1/a_mbstr.c vendored
View File

@ -149,14 +149,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
if ((minsize > 0) && (nchar < minsize)) { if ((minsize > 0) && (nchar < minsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT); ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); BIO_snprintf(strbuf, sizeof(strbuf), "%ld", minsize);
ERR_add_error_data(2, "minsize=", strbuf); ERR_add_error_data(2, "minsize=", strbuf);
return -1; return -1;
} }
if ((maxsize > 0) && (nchar > maxsize)) { if ((maxsize > 0) && (nchar > maxsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG); ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); BIO_snprintf(strbuf, sizeof(strbuf), "%ld", maxsize);
ERR_add_error_data(2, "maxsize=", strbuf); ERR_add_error_data(2, "maxsize=", strbuf);
return -1; return -1;
} }

4
thirdparty/openssl/crypto/asn1/a_object.c vendored
View File

@ -89,7 +89,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
{ {
int i, first, len = 0, c, use_bn; int i, first, len = 0, c, use_bn;
char ftmp[24], *tmp = ftmp; char ftmp[24], *tmp = ftmp;
int tmpsize = sizeof ftmp; int tmpsize = sizeof(ftmp);
const char *p; const char *p;
unsigned long l; unsigned long l;
BIGNUM *bl = NULL; BIGNUM *bl = NULL;
@ -226,7 +226,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
if ((a == NULL) || (a->data == NULL)) if ((a == NULL) || (a->data == NULL))
return (BIO_write(bp, "NULL", 4)); return (BIO_write(bp, "NULL", 4));
i = i2t_ASN1_OBJECT(buf, sizeof buf, a); i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
if (i > (int)(sizeof(buf) - 1)) { if (i > (int)(sizeof(buf) - 1)) {
p = OPENSSL_malloc(i + 1); p = OPENSSL_malloc(i + 1);
if (!p) if (!p)

8
thirdparty/openssl/crypto/asn1/a_strex.c vendored
View File

@ -130,13 +130,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
if (c > 0xffffffffL) if (c > 0xffffffffL)
return -1; return -1;
if (c > 0xffff) { if (c > 0xffff) {
BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c); BIO_snprintf(tmphex, sizeof(tmphex), "\\W%08lX", c);
if (!io_ch(arg, tmphex, 10)) if (!io_ch(arg, tmphex, 10))
return -1; return -1;
return 10; return 10;
} }
if (c > 0xff) { if (c > 0xff) {
BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c); BIO_snprintf(tmphex, sizeof(tmphex), "\\U%04lX", c);
if (!io_ch(arg, tmphex, 6)) if (!io_ch(arg, tmphex, 6))
return -1; return -1;
return 6; return 6;
@ -236,7 +236,7 @@ static int do_buf(unsigned char *buf, int buflen,
if (type & BUF_TYPE_CONVUTF8) { if (type & BUF_TYPE_CONVUTF8) {
unsigned char utfbuf[6]; unsigned char utfbuf[6];
int utflen; int utflen;
utflen = UTF8_putc(utfbuf, sizeof utfbuf, c); utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
for (i = 0; i < utflen; i++) { for (i = 0; i < utflen; i++) {
/* /*
* We don't need to worry about setting orflags correctly * We don't need to worry about setting orflags correctly
@ -533,7 +533,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
if (fn_opt != XN_FLAG_FN_NONE) { if (fn_opt != XN_FLAG_FN_NONE) {
int objlen, fld_len; int objlen, fld_len;
if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) { if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1); OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1);
fld_len = 0; /* XXX: what should this be? */ fld_len = 0; /* XXX: what should this be? */
objbuf = objtmp; objbuf = objtmp;
} else { } else {

2
thirdparty/openssl/crypto/asn1/a_time.c vendored
View File

@ -86,7 +86,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
tmpstr = *(ASN1_STRING *)a; tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length; len = tmpstr.length;
ebcdic2ascii(tmp, tmpstr.data, ebcdic2ascii(tmp, tmpstr.data,
(len >= sizeof tmp) ? sizeof tmp : len); (len >= sizeof(tmp)) ? sizeof(tmp) : len);
tmpstr.data = tmp; tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *)&tmpstr; a = (ASN1_GENERALIZEDTIME *)&tmpstr;
} }

4
thirdparty/openssl/crypto/asn1/a_utctm.c vendored
View File

@ -76,7 +76,7 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
ASN1_STRING x = *(ASN1_STRING *)a; ASN1_STRING x = *(ASN1_STRING *)a;
len = x.length; len = x.length;
ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len); ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
x.data = tmp; x.data = tmp;
return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL); return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
# endif # endif
@ -317,7 +317,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
struct tm tm; struct tm tm;
int offset; int offset;
memset(&tm, '\0', sizeof tm); memset(&tm, '\0', sizeof(tm));
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') # define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
tm.tm_year = g2(s->data); tm.tm_year = g2(s->data);

3
thirdparty/openssl/crypto/asn1/asn1_err.c vendored
View File

@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */ /* crypto/asn1/asn1_err.c */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -279,6 +279,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"}, {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
{ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"}, {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
{ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"}, {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"}, {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"}, {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},

4
thirdparty/openssl/crypto/asn1/asn1_lib.c vendored
View File

@ -456,8 +456,8 @@ void asn1_add_error(const unsigned char *address, int offset)
{ {
char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1]; char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address); BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address);
BIO_snprintf(buf2, sizeof buf2, "%d", offset); BIO_snprintf(buf2, sizeof(buf2), "%d", offset);
ERR_add_error_data(4, "address=", buf1, " offset=", buf2); ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
} }

8
thirdparty/openssl/crypto/asn1/asn1_par.c vendored
View File

@ -87,13 +87,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
p = str; p = str;
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag); BIO_snprintf(str, sizeof(str), "priv [ %d ] ", tag);
else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
BIO_snprintf(str, sizeof str, "cont [ %d ]", tag); BIO_snprintf(str, sizeof(str), "cont [ %d ]", tag);
else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
BIO_snprintf(str, sizeof str, "appl [ %d ]", tag); BIO_snprintf(str, sizeof(str), "appl [ %d ]", tag);
else if (tag > 30) else if (tag > 30)
BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag); BIO_snprintf(str, sizeof(str), "<ASN1 %d>", tag);
else else
p = ASN1_tag2str(tag); p = ASN1_tag2str(tag);

3
thirdparty/openssl/crypto/asn1/asn_mime.c vendored
View File

@ -4,7 +4,7 @@
* project. * project.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -473,6 +473,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
sk_MIME_HEADER_pop_free(headers, mime_hdr_free); sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE); ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
sk_BIO_pop_free(parts, BIO_vfree);
return NULL; return NULL;
} }

4
thirdparty/openssl/crypto/asn1/t_x509a.c vendored
View File

@ -81,7 +81,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
BIO_puts(out, ", "); BIO_puts(out, ", ");
else else
first = 0; first = 0;
OBJ_obj2txt(oidstr, sizeof oidstr, OBJ_obj2txt(oidstr, sizeof(oidstr),
sk_ASN1_OBJECT_value(aux->trust, i), 0); sk_ASN1_OBJECT_value(aux->trust, i), 0);
BIO_puts(out, oidstr); BIO_puts(out, oidstr);
} }
@ -96,7 +96,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
BIO_puts(out, ", "); BIO_puts(out, ", ");
else else
first = 0; first = 0;
OBJ_obj2txt(oidstr, sizeof oidstr, OBJ_obj2txt(oidstr, sizeof(oidstr),
sk_ASN1_OBJECT_value(aux->reject, i), 0); sk_ASN1_OBJECT_value(aux->reject, i), 0);
BIO_puts(out, oidstr); BIO_puts(out, oidstr);
} }

64
thirdparty/openssl/crypto/asn1/tasn_dec.c vendored
View File

@ -4,7 +4,7 @@
* 2000. * 2000.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -65,6 +65,14 @@
#include <openssl/buffer.h> #include <openssl/buffer.h>
#include <openssl/err.h> #include <openssl/err.h>
/*
* Constructed types with a recursive definition (such as can be found in PKCS7)
* could eventually exceed the stack given malicious input with excessive
* recursion. Therefore we limit the stack depth. This is the maximum number of
* recursive invocations of asn1_item_embed_d2i().
*/
#define ASN1_MAX_CONSTRUCTED_NEST 30
static int asn1_check_eoc(const unsigned char **in, long len); static int asn1_check_eoc(const unsigned char **in, long len);
static int asn1_find_end(const unsigned char **in, long len, char inf); static int asn1_find_end(const unsigned char **in, long len, char inf);
@ -81,11 +89,11 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
static int asn1_template_ex_d2i(ASN1_VALUE **pval, static int asn1_template_ex_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt, const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx); ASN1_TLC *ctx, int depth);
static int asn1_template_noexp_d2i(ASN1_VALUE **val, static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len, const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt, const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx); ASN1_TLC *ctx, int depth);
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
const unsigned char **in, long len, const unsigned char **in, long len,
const ASN1_ITEM *it, const ASN1_ITEM *it,
@ -154,17 +162,16 @@ int ASN1_template_d2i(ASN1_VALUE **pval,
{ {
ASN1_TLC c; ASN1_TLC c;
asn1_tlc_clear_nc(&c); asn1_tlc_clear_nc(&c);
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0);
} }
/* /*
* Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
* tag mismatch return -1 to handle OPTIONAL * tag mismatch return -1 to handle OPTIONAL
*/ */
static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, long len, const ASN1_ITEM *it, int tag, int aclass,
const ASN1_ITEM *it, char opt, ASN1_TLC *ctx, int depth)
int tag, int aclass, char opt, ASN1_TLC *ctx)
{ {
const ASN1_TEMPLATE *tt, *errtt = NULL; const ASN1_TEMPLATE *tt, *errtt = NULL;
const ASN1_COMPAT_FUNCS *cf; const ASN1_COMPAT_FUNCS *cf;
@ -189,6 +196,11 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
else else
asn1_cb = 0; asn1_cb = 0;
if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP);
goto err;
}
switch (it->itype) { switch (it->itype) {
case ASN1_ITYPE_PRIMITIVE: case ASN1_ITYPE_PRIMITIVE:
if (it->templates) { if (it->templates) {
@ -204,7 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
goto err; goto err;
} }
return asn1_template_ex_d2i(pval, in, len, return asn1_template_ex_d2i(pval, in, len,
it->templates, opt, ctx); it->templates, opt, ctx, depth);
} }
return asn1_d2i_ex_primitive(pval, in, len, it, return asn1_d2i_ex_primitive(pval, in, len, it,
tag, aclass, opt, ctx); tag, aclass, opt, ctx);
@ -326,7 +338,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
/* /*
* We mark field as OPTIONAL so its absence can be recognised. * We mark field as OPTIONAL so its absence can be recognised.
*/ */
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx); ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth);
/* If field not present, try the next one */ /* If field not present, try the next one */
if (ret == -1) if (ret == -1)
continue; continue;
@ -444,7 +456,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
* attempt to read in field, allowing each to be OPTIONAL * attempt to read in field, allowing each to be OPTIONAL
*/ */
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx); ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx,
depth);
if (!ret) { if (!ret) {
errtt = seqtt; errtt = seqtt;
goto err; goto err;
@ -514,6 +527,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
return 0; return 0;
} }
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx)
{
return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0);
}
/* /*
* Templates are handled with two separate functions. One handles any * Templates are handled with two separate functions. One handles any
* EXPLICIT tag and the other handles the rest. * EXPLICIT tag and the other handles the rest.
@ -522,7 +542,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
static int asn1_template_ex_d2i(ASN1_VALUE **val, static int asn1_template_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long inlen, const unsigned char **in, long inlen,
const ASN1_TEMPLATE *tt, char opt, const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx) ASN1_TLC *ctx, int depth)
{ {
int flags, aclass; int flags, aclass;
int ret; int ret;
@ -557,7 +577,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
return 0; return 0;
} }
/* We've found the field so it can't be OPTIONAL now */ /* We've found the field so it can't be OPTIONAL now */
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth);
if (!ret) { if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0; return 0;
@ -581,7 +601,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
} }
} }
} else } else
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx); return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth);
*in = p; *in = p;
return 1; return 1;
@ -594,7 +614,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
static int asn1_template_noexp_d2i(ASN1_VALUE **val, static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len, const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt, const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx) ASN1_TLC *ctx, int depth)
{ {
int flags, aclass; int flags, aclass;
int ret; int ret;
@ -665,8 +685,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
break; break;
} }
skfield = NULL; skfield = NULL;
if (!ASN1_item_ex_d2i(&skfield, &p, len, if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item),
ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { -1, 0, 0, ctx, depth)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR); ERR_R_NESTED_ASN1_ERROR);
goto err; goto err;
@ -684,9 +704,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
} }
} else if (flags & ASN1_TFLG_IMPTAG) { } else if (flags & ASN1_TFLG_IMPTAG) {
/* IMPLICIT tagging */ /* IMPLICIT tagging */
ret = ASN1_item_ex_d2i(val, &p, len, ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag,
ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, aclass, opt, ctx, depth);
ctx);
if (!ret) { if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err; goto err;
@ -694,8 +713,9 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
return -1; return -1;
} else { } else {
/* Nothing special */ /* Nothing special */
ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx); -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx,
depth);
if (!ret) { if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err; goto err;

2
thirdparty/openssl/crypto/asn1/tasn_prn.c vendored
View File

@ -463,7 +463,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
ln = OBJ_nid2ln(OBJ_obj2nid(oid)); ln = OBJ_nid2ln(OBJ_obj2nid(oid));
if (!ln) if (!ln)
ln = ""; ln = "";
OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1); OBJ_obj2txt(objbuf, sizeof(objbuf), oid, 1);
if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0) if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
return 0; return 0;
return 1; return 1;

41
thirdparty/openssl/crypto/bio/b_dump.c vendored
View File

@ -64,7 +64,6 @@
#include "cryptlib.h" #include "cryptlib.h"
#include "bio_lcl.h" #include "bio_lcl.h"
#define TRUNCATE
#define DUMP_WIDTH 16 #define DUMP_WIDTH 16
#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4)) #define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
@ -79,17 +78,10 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
{ {
int ret = 0; int ret = 0;
char buf[288 + 1], tmp[20], str[128 + 1]; char buf[288 + 1], tmp[20], str[128 + 1];
int i, j, rows, trc; int i, j, rows;
unsigned char ch; unsigned char ch;
int dump_width; int dump_width;
trc = 0;
#ifdef TRUNCATE
for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
trc++;
#endif
if (indent < 0) if (indent < 0)
indent = 0; indent = 0;
if (indent) { if (indent) {
@ -104,50 +96,43 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
if ((rows * dump_width) < len) if ((rows * dump_width) < len)
rows++; rows++;
for (i = 0; i < rows; i++) { for (i = 0; i < rows; i++) {
BUF_strlcpy(buf, str, sizeof buf); BUF_strlcpy(buf, str, sizeof(buf));
BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width); BIO_snprintf(tmp, sizeof(tmp), "%04x - ", i * dump_width);
BUF_strlcat(buf, tmp, sizeof buf); BUF_strlcat(buf, tmp, sizeof(buf));
for (j = 0; j < dump_width; j++) { for (j = 0; j < dump_width; j++) {
if (((i * dump_width) + j) >= len) { if (((i * dump_width) + j) >= len) {
BUF_strlcat(buf, " ", sizeof buf); BUF_strlcat(buf, " ", sizeof(buf));
} else { } else {
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff; ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch, BIO_snprintf(tmp, sizeof(tmp), "%02x%c", ch,
j == 7 ? '-' : ' '); j == 7 ? '-' : ' ');
BUF_strlcat(buf, tmp, sizeof buf); BUF_strlcat(buf, tmp, sizeof(buf));
} }
} }
BUF_strlcat(buf, " ", sizeof buf); BUF_strlcat(buf, " ", sizeof(buf));
for (j = 0; j < dump_width; j++) { for (j = 0; j < dump_width; j++) {
if (((i * dump_width) + j) >= len) if (((i * dump_width) + j) >= len)
break; break;
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff; ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
#ifndef CHARSET_EBCDIC #ifndef CHARSET_EBCDIC
BIO_snprintf(tmp, sizeof tmp, "%c", BIO_snprintf(tmp, sizeof(tmp), "%c",
((ch >= ' ') && (ch <= '~')) ? ch : '.'); ((ch >= ' ') && (ch <= '~')) ? ch : '.');
#else #else
BIO_snprintf(tmp, sizeof tmp, "%c", BIO_snprintf(tmp, sizeof(tmp), "%c",
((ch >= os_toascii[' ']) && (ch <= os_toascii['~'])) ((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
? os_toebcdic[ch] ? os_toebcdic[ch]
: '.'); : '.');
#endif #endif
BUF_strlcat(buf, tmp, sizeof buf); BUF_strlcat(buf, tmp, sizeof(buf));
} }
BUF_strlcat(buf, "\n", sizeof buf); BUF_strlcat(buf, "\n", sizeof(buf));
/* /*
* if this is the last call then update the ddt_dump thing so that we * if this is the last call then update the ddt_dump thing so that we
* will move the selection point in the debug window * will move the selection point in the debug window
*/ */
ret += cb((void *)buf, strlen(buf), u); ret += cb((void *)buf, strlen(buf), u);
} }
#ifdef TRUNCATE return ret;
if (trc > 0) {
BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
len + trc);
ret += cb((void *)buf, strlen(buf), u);
}
#endif
return (ret);
} }
#ifndef OPENSSL_NO_FP_API #ifndef OPENSSL_NO_FP_API

4
thirdparty/openssl/crypto/bio/b_print.c vendored
View File

@ -663,7 +663,7 @@ fmtfp(char **sbuffer,
iconvert[iplace++] = "0123456789"[intpart % 10]; iconvert[iplace++] = "0123456789"[intpart % 10];
intpart = (intpart / 10); intpart = (intpart / 10);
} while (intpart && (iplace < (int)sizeof(iconvert))); } while (intpart && (iplace < (int)sizeof(iconvert)));
if (iplace == sizeof iconvert) if (iplace == sizeof(iconvert))
iplace--; iplace--;
iconvert[iplace] = 0; iconvert[iplace] = 0;
@ -672,7 +672,7 @@ fmtfp(char **sbuffer,
fconvert[fplace++] = "0123456789"[fracpart % 10]; fconvert[fplace++] = "0123456789"[fracpart % 10];
fracpart = (fracpart / 10); fracpart = (fracpart / 10);
} while (fplace < max); } while (fplace < max);
if (fplace == sizeof fconvert) if (fplace == sizeof(fconvert))
fplace--; fplace--;
fconvert[fplace] = 0; fconvert[fplace] = 0;

2
thirdparty/openssl/crypto/bio/bio_cb.c vendored
View File

@ -76,7 +76,7 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
if (BIO_CB_RETURN & cmd) if (BIO_CB_RETURN & cmd)
r = ret; r = ret;
len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio); len = BIO_snprintf(buf,sizeof(buf),"BIO[%p]: ",(void *)bio);
/* Ignore errors and continue printing the other information. */ /* Ignore errors and continue printing the other information. */
if (len < 0) if (len < 0)

2
thirdparty/openssl/crypto/bio/bss_bio.c vendored
View File

@ -144,7 +144,7 @@ static int bio_new(BIO *bio)
{ {
struct bio_bio_st *b; struct bio_bio_st *b;
b = OPENSSL_malloc(sizeof *b); b = OPENSSL_malloc(sizeof(*b));
if (b == NULL) if (b == NULL)
return 0; return 0;

4
thirdparty/openssl/crypto/bio/bss_conn.c vendored
View File

@ -481,7 +481,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
char buf[16]; char buf[16];
unsigned char *p = ptr; unsigned char *p = ptr;
BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d", BIO_snprintf(buf, sizeof(buf), "%d.%d.%d.%d",
p[0], p[1], p[2], p[3]); p[0], p[1], p[2], p[3]);
if (data->param_hostname != NULL) if (data->param_hostname != NULL)
OPENSSL_free(data->param_hostname); OPENSSL_free(data->param_hostname);
@ -490,7 +490,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
} else if (num == 3) { } else if (num == 3) {
char buf[DECIMAL_SIZE(int) + 1]; char buf[DECIMAL_SIZE(int) + 1];
BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr); BIO_snprintf(buf, sizeof(buf), "%d", *(int *)ptr);
if (data->param_port != NULL) if (data->param_port != NULL)
OPENSSL_free(data->param_port); OPENSSL_free(data->param_port);
data->param_port = BUF_strdup(buf); data->param_port = BUF_strdup(buf);

10
thirdparty/openssl/crypto/bio/bss_file.c vendored
View File

@ -375,15 +375,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
b->shutdown = (int)num & BIO_CLOSE; b->shutdown = (int)num & BIO_CLOSE;
if (num & BIO_FP_APPEND) { if (num & BIO_FP_APPEND) {
if (num & BIO_FP_READ) if (num & BIO_FP_READ)
BUF_strlcpy(p, "a+", sizeof p); BUF_strlcpy(p, "a+", sizeof(p));
else else
BUF_strlcpy(p, "a", sizeof p); BUF_strlcpy(p, "a", sizeof(p));
} else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE)) } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
BUF_strlcpy(p, "r+", sizeof p); BUF_strlcpy(p, "r+", sizeof(p));
else if (num & BIO_FP_WRITE) else if (num & BIO_FP_WRITE)
BUF_strlcpy(p, "w", sizeof p); BUF_strlcpy(p, "w", sizeof(p));
else if (num & BIO_FP_READ) else if (num & BIO_FP_READ)
BUF_strlcpy(p, "r", sizeof p); BUF_strlcpy(p, "r", sizeof(p));
else { else {
BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE); BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
ret = 0; ret = 0;

8
thirdparty/openssl/crypto/bn/bn_exp.c vendored
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -727,7 +727,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top; top = m->top;
bits = BN_num_bits(p); /*
* Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
* whether the top bits are zero.
*/
bits = p->top * BN_BITS2;
if (bits == 0) { if (bits == 0) {
/* x**0 mod 1 is still zero. */ /* x**0 mod 1 is still zero. */
if (BN_is_one(m)) { if (BN_is_one(m)) {

108
thirdparty/openssl/crypto/bn/bn_lib.c vendored
View File

@ -144,74 +144,47 @@ const BIGNUM *BN_value_one(void)
int BN_num_bits_word(BN_ULONG l) int BN_num_bits_word(BN_ULONG l)
{ {
static const unsigned char bits[256] = { BN_ULONG x, mask;
0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4, int bits = (l != 0);
5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
};
#if defined(SIXTY_FOUR_BIT_LONG) #if BN_BITS2 > 32
if (l & 0xffffffff00000000L) { x = l >> 32;
if (l & 0xffff000000000000L) { mask = (0 - x) & BN_MASK2;
if (l & 0xff00000000000000L) { mask = (0 - (mask >> (BN_BITS2 - 1)));
return (bits[(int)(l >> 56)] + 56); bits += 32 & mask;
} else l ^= (x ^ l) & mask;
return (bits[(int)(l >> 48)] + 48);
} else {
if (l & 0x0000ff0000000000L) {
return (bits[(int)(l >> 40)] + 40);
} else
return (bits[(int)(l >> 32)] + 32);
}
} else
#else
# ifdef SIXTY_FOUR_BIT
if (l & 0xffffffff00000000LL) {
if (l & 0xffff000000000000LL) {
if (l & 0xff00000000000000LL) {
return (bits[(int)(l >> 56)] + 56);
} else
return (bits[(int)(l >> 48)] + 48);
} else {
if (l & 0x0000ff0000000000LL) {
return (bits[(int)(l >> 40)] + 40);
} else
return (bits[(int)(l >> 32)] + 32);
}
} else
# endif
#endif #endif
{
#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) x = l >> 16;
if (l & 0xffff0000L) { mask = (0 - x) & BN_MASK2;
if (l & 0xff000000L) mask = (0 - (mask >> (BN_BITS2 - 1)));
return (bits[(int)(l >> 24L)] + 24); bits += 16 & mask;
else l ^= (x ^ l) & mask;
return (bits[(int)(l >> 16L)] + 16);
} else x = l >> 8;
#endif mask = (0 - x) & BN_MASK2;
{ mask = (0 - (mask >> (BN_BITS2 - 1)));
#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) bits += 8 & mask;
if (l & 0xff00L) l ^= (x ^ l) & mask;
return (bits[(int)(l >> 8)] + 8);
else x = l >> 4;
#endif mask = (0 - x) & BN_MASK2;
return (bits[(int)(l)]); mask = (0 - (mask >> (BN_BITS2 - 1)));
} bits += 4 & mask;
} l ^= (x ^ l) & mask;
x = l >> 2;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 2 & mask;
l ^= (x ^ l) & mask;
x = l >> 1;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 1 & mask;
return bits;
} }
int BN_num_bits(const BIGNUM *a) int BN_num_bits(const BIGNUM *a)
@ -524,9 +497,6 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
memcpy(a->d, b->d, sizeof(b->d[0]) * b->top); memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
#endif #endif
if (BN_get_flags(b, BN_FLG_CONSTTIME) != 0)
BN_set_flags(a, BN_FLG_CONSTTIME);
a->top = b->top; a->top = b->top;
a->neg = b->neg; a->neg = b->neg;
bn_check_top(a); bn_check_top(a);

79
thirdparty/openssl/crypto/bn/bn_mont.c vendored
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -207,26 +207,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
r->top = max; r->top = max;
n0 = mont->n0[0]; n0 = mont->n0[0];
# ifdef BN_COUNT /*
fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl); * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
# endif * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
* includes |carry| which is stored separately.
*/
for (carry = 0, i = 0; i < nl; i++, rp++) { for (carry = 0, i = 0; i < nl; i++, rp++) {
# ifdef __TANDEM
{
long long t1;
long long t2;
long long t3;
t1 = rp[0] * (n0 & 0177777);
t2 = 037777600000l;
t2 = n0 & t2;
t3 = rp[0] & 0177777;
t2 = (t3 * t2) & BN_MASK2;
t1 = t1 + t2;
v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
}
# else
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2); v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
# endif
v = (v + carry + rp[nl]) & BN_MASK2; v = (v + carry + rp[nl]) & BN_MASK2;
carry |= (v != rp[nl]); carry |= (v != rp[nl]);
carry &= (v <= rp[nl]); carry &= (v <= rp[nl]);
@ -239,46 +226,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
ret->neg = r->neg; ret->neg = r->neg;
rp = ret->d; rp = ret->d;
/*
* Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
* includes |carry| which is stored separately.
*/
ap = &(r->d[nl]); ap = &(r->d[nl]);
# define BRANCH_FREE 1 /*
# if BRANCH_FREE * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
{ * cannot be -1. That would imply the subtraction did not fit in |nl| words,
BN_ULONG *nrp; * and we know at most one subtraction is needed.
size_t m; */
v = bn_sub_words(rp, ap, np, nl) - carry;
v = bn_sub_words(rp, ap, np, nl) - carry; v = 0 - v;
/* for (i = 0; i < nl; i++) {
* if subtraction result is real, then trick unconditional memcpy rp[i] = (v & ap[i]) | (~v & rp[i]);
* below to perform in-place "refresh" instead of actual copy. ap[i] = 0;
*/
m = (0 - (size_t)v);
nrp =
(BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
for (i = 0, nl -= 4; i < nl; i += 4) {
BN_ULONG t1, t2, t3, t4;
t1 = nrp[i + 0];
t2 = nrp[i + 1];
t3 = nrp[i + 2];
ap[i + 0] = 0;
t4 = nrp[i + 3];
ap[i + 1] = 0;
rp[i + 0] = t1;
ap[i + 2] = 0;
rp[i + 1] = t2;
ap[i + 3] = 0;
rp[i + 2] = t3;
rp[i + 3] = t4;
}
for (nl += 4; i < nl; i++)
rp[i] = nrp[i], ap[i] = 0;
} }
# else
if (bn_sub_words(rp, ap, np, nl) - carry)
memcpy(rp, ap, nl * sizeof(BN_ULONG));
# endif
bn_correct_top(r); bn_correct_top(r);
bn_correct_top(ret); bn_correct_top(ret);
bn_check_top(ret); bn_check_top(ret);
@ -382,6 +347,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
R = &(mont->RR); /* grab RR as a temp */ R = &(mont->RR); /* grab RR as a temp */
if (!BN_copy(&(mont->N), mod)) if (!BN_copy(&(mont->N), mod))
goto err; /* Set N */ goto err; /* Set N */
if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
mont->N.neg = 0; mont->N.neg = 0;
#ifdef MONT_WORD #ifdef MONT_WORD

4
thirdparty/openssl/crypto/bn/bn_print.c vendored
View File

@ -391,10 +391,10 @@ char *BN_options(void)
if (!init) { if (!init) {
init++; init++;
#ifdef BN_LLONG #ifdef BN_LLONG
BIO_snprintf(data, sizeof data, "bn(%d,%d)", BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
(int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8); (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
#else #else
BIO_snprintf(data, sizeof data, "bn(%d,%d)", BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
(int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8); (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
#endif #endif
} }

2
thirdparty/openssl/crypto/bn/expspeed.c vendored
View File

@ -198,7 +198,7 @@ static int mul_c[NUM_SIZES] =
* static int sizes[NUM_SIZES]={59,179,299,419,539}; * static int sizes[NUM_SIZES]={59,179,299,419,539};
*/ */
#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); } #define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); }
void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx); void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);

2
thirdparty/openssl/crypto/conf/conf_def.c vendored
View File

@ -423,7 +423,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
OPENSSL_free(section); OPENSSL_free(section);
if (line != NULL) if (line != NULL)
*line = eline; *line = eline;
BIO_snprintf(btmp, sizeof btmp, "%ld", eline); BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
ERR_add_error_data(2, "line ", btmp); ERR_add_error_data(2, "line ", btmp);
if ((h != conf->data) && (conf->data != NULL)) { if ((h != conf->data) && (conf->data != NULL)) {
CONF_free(conf->data); CONF_free(conf->data);

2
thirdparty/openssl/crypto/conf/conf_mod.c vendored
View File

@ -221,7 +221,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
if (!(flags & CONF_MFLAGS_SILENT)) { if (!(flags & CONF_MFLAGS_SILENT)) {
char rcode[DECIMAL_SIZE(ret) + 1]; char rcode[DECIMAL_SIZE(ret) + 1];
CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR); CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
BIO_snprintf(rcode, sizeof rcode, "%-8d", ret); BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value, ERR_add_error_data(6, "module=", name, ", value=", value,
", retcode=", rcode); ", retcode=", rcode);
} }

2
thirdparty/openssl/crypto/des/ecb_enc.c vendored
View File

@ -96,7 +96,7 @@ const char *DES_options(void)
size = "int"; size = "int";
else else
size = "long"; size = "long";
BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll, BIO_snprintf(buf, sizeof(buf), "des(%s,%s,%s,%s)", ptr, risc, unroll,
size); size);
init = 0; init = 0;
} }

4
thirdparty/openssl/crypto/des/fcrypt.c vendored
View File

@ -80,10 +80,10 @@ char *DES_crypt(const char *buf, const char *salt)
e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0'; e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
/* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */ /* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
ebcdic2ascii(e_salt, e_salt, sizeof e_salt); ebcdic2ascii(e_salt, e_salt, sizeof(e_salt));
/* Convert the cleartext password to ASCII */ /* Convert the cleartext password to ASCII */
ebcdic2ascii(e_buf, e_buf, sizeof e_buf); ebcdic2ascii(e_buf, e_buf, sizeof(e_buf));
/* Encrypt it (from/to ASCII) */ /* Encrypt it (from/to ASCII) */
ret = DES_fcrypt(e_buf, e_salt, buff); ret = DES_fcrypt(e_buf, e_salt, buff);

2
thirdparty/openssl/crypto/des/read_pwd.c vendored
View File

@ -434,7 +434,7 @@ static void pushsig(void)
# ifdef SIGACTION # ifdef SIGACTION
struct sigaction sa; struct sigaction sa;
memset(&sa, 0, sizeof sa); memset(&sa, 0, sizeof(sa));
sa.sa_handler = recsig; sa.sa_handler = recsig;
# endif # endif

2
thirdparty/openssl/crypto/des/set_key.c vendored
View File

@ -377,7 +377,7 @@ void private_DES_set_key_unchecked(const_DES_cblock *key,
register int i; register int i;
#ifdef OPENBSD_DEV_CRYPTO #ifdef OPENBSD_DEV_CRYPTO
memcpy(schedule->key, key, sizeof schedule->key); memcpy(schedule->key, key, sizeof(schedule->key));
schedule->session = NULL; schedule->session = NULL;
#endif #endif
k = &schedule->ks->deslong[0]; k = &schedule->ks->deslong[0];

10
thirdparty/openssl/crypto/ec/ec_lib.c vendored
View File

@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
return NULL; return NULL;
} }
ret = OPENSSL_malloc(sizeof *ret); ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) { if (ret == NULL) {
ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE); ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
return NULL; return NULL;
@ -164,7 +164,7 @@ void EC_GROUP_clear_free(EC_GROUP *group)
OPENSSL_free(group->seed); OPENSSL_free(group->seed);
} }
OPENSSL_cleanse(group, sizeof *group); OPENSSL_cleanse(group, sizeof(*group));
OPENSSL_free(group); OPENSSL_free(group);
} }
@ -575,7 +575,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
/* no explicit entry needed */ /* no explicit entry needed */
return 1; return 1;
d = OPENSSL_malloc(sizeof *d); d = OPENSSL_malloc(sizeof(*d));
if (d == NULL) if (d == NULL)
return 0; return 0;
@ -712,7 +712,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
return NULL; return NULL;
} }
ret = OPENSSL_malloc(sizeof *ret); ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) { if (ret == NULL) {
ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE); ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
return NULL; return NULL;
@ -747,7 +747,7 @@ void EC_POINT_clear_free(EC_POINT *point)
point->meth->point_clear_finish(point); point->meth->point_clear_finish(point);
else if (point->meth->point_finish != 0) else if (point->meth->point_finish != 0)
point->meth->point_finish(point); point->meth->point_finish(point);
OPENSSL_cleanse(point, sizeof *point); OPENSSL_cleanse(point, sizeof(*point));
OPENSSL_free(point); OPENSSL_free(point);
} }

16
thirdparty/openssl/crypto/ec/ec_mult.c vendored
View File

@ -169,11 +169,11 @@ static void ec_pre_comp_clear_free(void *pre_)
for (p = pre->points; *p != NULL; p++) { for (p = pre->points; *p != NULL; p++) {
EC_POINT_clear_free(*p); EC_POINT_clear_free(*p);
OPENSSL_cleanse(p, sizeof *p); OPENSSL_cleanse(p, sizeof(*p));
} }
OPENSSL_free(pre->points); OPENSSL_free(pre->points);
} }
OPENSSL_cleanse(pre, sizeof *pre); OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre); OPENSSL_free(pre);
} }
@ -430,11 +430,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
totalnum = num + numblocks; totalnum = num + numblocks;
wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); wsize = OPENSSL_malloc(totalnum * sizeof(wsize[0]));
wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]); wNAF_len = OPENSSL_malloc(totalnum * sizeof(wNAF_len[0]));
wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space /* include space for pivot */
* for pivot */ wNAF = OPENSSL_malloc((totalnum + 1) * sizeof(wNAF[0]));
val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); val_sub = OPENSSL_malloc(totalnum * sizeof(val_sub[0]));
/* Ensure wNAF is initialised in case we end up going to err */ /* Ensure wNAF is initialised in case we end up going to err */
if (wNAF) if (wNAF)
@ -580,7 +580,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
* 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a * 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
* subarray of 'pre_comp->points' if we already have precomputation. * subarray of 'pre_comp->points' if we already have precomputation.
*/ */
val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); val = OPENSSL_malloc((num_val + 1) * sizeof(val[0]));
if (val == NULL) { if (val == NULL) {
ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
goto err; goto err;

15
thirdparty/openssl/crypto/ec/ecp_nistp224.c vendored
View File

@ -48,7 +48,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
typedef uint8_t u8; typedef uint8_t u8;
typedef uint64_t u64; typedef uint64_t u64;
typedef int64_t s64;
/******************************************************************************/ /******************************************************************************/
/*- /*-
@ -351,9 +350,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes; unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */ /* BN_bn2bin eats leading zeroes */
memset(b_out, 0, sizeof b_out); memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn); num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof b_out) { if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0; return 0;
} }
@ -372,8 +371,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
{ {
felem_bytearray b_in, b_out; felem_bytearray b_in, b_out;
felem_to_bin28(b_in, in); felem_to_bin28(b_in, in);
flip_endian(b_out, b_in, sizeof b_out); flip_endian(b_out, b_in, sizeof(b_out));
return BN_bin2bn(b_out, sizeof b_out, out); return BN_bin2bn(b_out, sizeof(b_out), out);
} }
/******************************************************************************/ /******************************************************************************/
@ -1234,7 +1233,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out,
static NISTP224_PRE_COMP *nistp224_pre_comp_new() static NISTP224_PRE_COMP *nistp224_pre_comp_new()
{ {
NISTP224_PRE_COMP *ret = NULL; NISTP224_PRE_COMP *ret = NULL;
ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret); ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
if (!ret) { if (!ret) {
ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
return ret; return ret;
@ -1281,7 +1280,7 @@ static void nistp224_pre_comp_clear_free(void *pre_)
if (i > 0) if (i > 0)
return; return;
OPENSSL_cleanse(pre, sizeof *pre); OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre); OPENSSL_free(pre);
} }
@ -1568,7 +1567,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
/* the scalar for the generator */ /* the scalar for the generator */
if ((scalar != NULL) && (have_pre_comp)) { if ((scalar != NULL) && (have_pre_comp)) {
memset(g_secret, 0, sizeof g_secret); memset(g_secret, 0, sizeof(g_secret));
/* reduce scalar to 0 <= scalar < 2^224 */ /* reduce scalar to 0 <= scalar < 2^224 */
if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) { if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
/* /*

41
thirdparty/openssl/crypto/ec/ecp_nistp256.c vendored
View File

@ -51,7 +51,6 @@ typedef __int128_t int128_t;
typedef uint8_t u8; typedef uint8_t u8;
typedef uint32_t u32; typedef uint32_t u32;
typedef uint64_t u64; typedef uint64_t u64;
typedef int64_t s64;
/* /*
* The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We * The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
@ -161,9 +160,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes; unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */ /* BN_bn2bin eats leading zeroes */
memset(b_out, 0, sizeof b_out); memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn); num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof b_out) { if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0; return 0;
} }
@ -182,8 +181,8 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
{ {
felem_bytearray b_in, b_out; felem_bytearray b_in, b_out;
smallfelem_to_bin32(b_in, in); smallfelem_to_bin32(b_in, in);
flip_endian(b_out, b_in, sizeof b_out); flip_endian(b_out, b_in, sizeof(b_out));
return BN_bin2bn(b_out, sizeof b_out, out); return BN_bin2bn(b_out, sizeof(b_out), out);
} }
/*- /*-
@ -392,7 +391,7 @@ static void felem_shrink(smallfelem out, const felem in)
{ {
felem tmp; felem tmp;
u64 a, b, mask; u64 a, b, mask;
s64 high, low; u64 high, low;
static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */ static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
/* Carry 2->3 */ /* Carry 2->3 */
@ -433,29 +432,31 @@ static void felem_shrink(smallfelem out, const felem in)
* In order to make space in tmp[3] for the carry from 2 -> 3, we * In order to make space in tmp[3] for the carry from 2 -> 3, we
* conditionally subtract kPrime if tmp[3] is large enough. * conditionally subtract kPrime if tmp[3] is large enough.
*/ */
high = tmp[3] >> 64; high = (u64)(tmp[3] >> 64);
/* As tmp[3] < 2^65, high is either 1 or 0 */ /* As tmp[3] < 2^65, high is either 1 or 0 */
high <<= 63; high = 0 - high;
high >>= 63;
/*- /*-
* high is: * high is:
* all ones if the high word of tmp[3] is 1 * all ones if the high word of tmp[3] is 1
* all zeros if the high word of tmp[3] if 0 */ * all zeros if the high word of tmp[3] if 0
low = tmp[3]; */
mask = low >> 63; low = (u64)tmp[3];
mask = 0 - (low >> 63);
/*- /*-
* mask is: * mask is:
* all ones if the MSB of low is 1 * all ones if the MSB of low is 1
* all zeros if the MSB of low if 0 */ * all zeros if the MSB of low if 0
*/
low &= bottom63bits; low &= bottom63bits;
low -= kPrime3Test; low -= kPrime3Test;
/* if low was greater than kPrime3Test then the MSB is zero */ /* if low was greater than kPrime3Test then the MSB is zero */
low = ~low; low = ~low;
low >>= 63; low = 0 - (low >> 63);
/*- /*-
* low is: * low is:
* all ones if low was > kPrime3Test * all ones if low was > kPrime3Test
* all zeros if low was <= kPrime3Test */ * all zeros if low was <= kPrime3Test
*/
mask = (mask & low) | high; mask = (mask & low) | high;
tmp[0] -= mask & kPrime[0]; tmp[0] -= mask & kPrime[0];
tmp[1] -= mask & kPrime[1]; tmp[1] -= mask & kPrime[1];
@ -889,7 +890,7 @@ static void felem_contract(smallfelem out, const felem in)
equal &= equal << 4; equal &= equal << 4;
equal &= equal << 2; equal &= equal << 2;
equal &= equal << 1; equal &= equal << 1;
equal = ((s64) equal) >> 63; equal = 0 - (equal >> 63);
all_equal_so_far &= equal; all_equal_so_far &= equal;
} }
@ -956,7 +957,7 @@ static limb smallfelem_is_zero(const smallfelem small)
is_zero &= is_zero << 4; is_zero &= is_zero << 4;
is_zero &= is_zero << 2; is_zero &= is_zero << 2;
is_zero &= is_zero << 1; is_zero &= is_zero << 1;
is_zero = ((s64) is_zero) >> 63; is_zero = 0 - (is_zero >> 63);
is_p = (small[0] ^ kPrime[0]) | is_p = (small[0] ^ kPrime[0]) |
(small[1] ^ kPrime[1]) | (small[1] ^ kPrime[1]) |
@ -968,7 +969,7 @@ static limb smallfelem_is_zero(const smallfelem small)
is_p &= is_p << 4; is_p &= is_p << 4;
is_p &= is_p << 2; is_p &= is_p << 2;
is_p &= is_p << 1; is_p &= is_p << 1;
is_p = ((s64) is_p) >> 63; is_p = 0 - (is_p >> 63);
is_zero |= is_p; is_zero |= is_p;
@ -1820,7 +1821,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void)
static NISTP256_PRE_COMP *nistp256_pre_comp_new() static NISTP256_PRE_COMP *nistp256_pre_comp_new()
{ {
NISTP256_PRE_COMP *ret = NULL; NISTP256_PRE_COMP *ret = NULL;
ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret); ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
if (!ret) { if (!ret) {
ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
return ret; return ret;
@ -1867,7 +1868,7 @@ static void nistp256_pre_comp_clear_free(void *pre_)
if (i > 0) if (i > 0)
return; return;
OPENSSL_cleanse(pre, sizeof *pre); OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre); OPENSSL_free(pre);
} }

17
thirdparty/openssl/crypto/ec/ecp_nistp521.c vendored
View File

@ -49,7 +49,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
typedef uint8_t u8; typedef uint8_t u8;
typedef uint64_t u64; typedef uint64_t u64;
typedef int64_t s64;
/* /*
* The underlying field. P521 operates over GF(2^521-1). We can serialise an * The underlying field. P521 operates over GF(2^521-1). We can serialise an
@ -185,9 +184,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes; unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */ /* BN_bn2bin eats leading zeroes */
memset(b_out, 0, sizeof b_out); memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn); num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof b_out) { if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0; return 0;
} }
@ -206,8 +205,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
{ {
felem_bytearray b_in, b_out; felem_bytearray b_in, b_out;
felem_to_bin66(b_in, in); felem_to_bin66(b_in, in);
flip_endian(b_out, b_in, sizeof b_out); flip_endian(b_out, b_in, sizeof(b_out));
return BN_bin2bn(b_out, sizeof b_out, out); return BN_bin2bn(b_out, sizeof(b_out), out);
} }
/*- /*-
@ -852,7 +851,7 @@ static limb felem_is_zero(const felem in)
* We know that ftmp[i] < 2^63, therefore the only way that the top bit * We know that ftmp[i] < 2^63, therefore the only way that the top bit
* can be set is if is_zero was 0 before the decrement. * can be set is if is_zero was 0 before the decrement.
*/ */
is_zero = ((s64) is_zero) >> 63; is_zero = 0 - (is_zero >> 63);
is_p = ftmp[0] ^ kPrime[0]; is_p = ftmp[0] ^ kPrime[0];
is_p |= ftmp[1] ^ kPrime[1]; is_p |= ftmp[1] ^ kPrime[1];
@ -865,7 +864,7 @@ static limb felem_is_zero(const felem in)
is_p |= ftmp[8] ^ kPrime[8]; is_p |= ftmp[8] ^ kPrime[8];
is_p--; is_p--;
is_p = ((s64) is_p) >> 63; is_p = 0 - (is_p >> 63);
is_zero |= is_p; is_zero |= is_p;
return is_zero; return is_zero;
@ -936,7 +935,7 @@ static void felem_contract(felem out, const felem in)
is_p &= is_p << 4; is_p &= is_p << 4;
is_p &= is_p << 2; is_p &= is_p << 2;
is_p &= is_p << 1; is_p &= is_p << 1;
is_p = ((s64) is_p) >> 63; is_p = 0 - (is_p >> 63);
is_p = ~is_p; is_p = ~is_p;
/* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */ /* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
@ -962,7 +961,7 @@ static void felem_contract(felem out, const felem in)
is_greater |= is_greater << 4; is_greater |= is_greater << 4;
is_greater |= is_greater << 2; is_greater |= is_greater << 2;
is_greater |= is_greater << 1; is_greater |= is_greater << 1;
is_greater = ((s64) is_greater) >> 63; is_greater = 0 - (is_greater >> 63);
out[0] -= kPrime[0] & is_greater; out[0] -= kPrime[0] & is_greater;
out[1] -= kPrime[1] & is_greater; out[1] -= kPrime[1] & is_greater;

2
thirdparty/openssl/crypto/ec/ecp_nistz256.c vendored
View File

@ -1504,7 +1504,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37); 32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
OPENSSL_free(pre->precomp_storage); OPENSSL_free(pre->precomp_storage);
} }
OPENSSL_cleanse(pre, sizeof *pre); OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre); OPENSSL_free(pre);
} }

2
thirdparty/openssl/crypto/ec/ecp_smpl.c vendored
View File

@ -1270,7 +1270,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
if (tmp == NULL || tmp_Z == NULL) if (tmp == NULL || tmp_Z == NULL)
goto err; goto err;
prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]); prod_Z = OPENSSL_malloc(num * sizeof(prod_Z[0]));
if (prod_Z == NULL) if (prod_Z == NULL)
goto err; goto err;
for (i = 0; i < num; i++) { for (i = 0; i < num; i++) {

12
thirdparty/openssl/crypto/engine/eng_cryptodev.c vendored
View File

@ -1057,7 +1057,7 @@ static int crparam2bn(struct crparam *crp, BIGNUM *a)
return (-1); return (-1);
for (i = 0; i < bytes; i++) for (i = 0; i < bytes; i++)
pd[i] = crp->crp_p[bytes - i - 1]; pd[i] = ((char *)crp->crp_p)[bytes - i - 1];
BN_bin2bn(pd, bytes, a); BN_bin2bn(pd, bytes, a);
free(pd); free(pd);
@ -1133,7 +1133,7 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return (ret); return (ret);
} }
memset(&kop, 0, sizeof kop); memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP; kop.crk_op = CRK_MOD_EXP;
/* inputs: a^p % m */ /* inputs: a^p % m */
@ -1184,7 +1184,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
return (0); return (0);
} }
memset(&kop, 0, sizeof kop); memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP_CRT; kop.crk_op = CRK_MOD_EXP_CRT;
/* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
if (bn2crparam(rsa->p, &kop.crk_param[0])) if (bn2crparam(rsa->p, &kop.crk_param[0]))
@ -1287,7 +1287,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
goto err; goto err;
} }
memset(&kop, 0, sizeof kop); memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DSA_SIGN; kop.crk_op = CRK_DSA_SIGN;
/* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
@ -1330,7 +1330,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
struct crypt_kop kop; struct crypt_kop kop;
int dsaret = 1; int dsaret = 1;
memset(&kop, 0, sizeof kop); memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DSA_VERIFY; kop.crk_op = CRK_DSA_VERIFY;
/* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
@ -1403,7 +1403,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
keylen = BN_num_bits(dh->p); keylen = BN_num_bits(dh->p);
memset(&kop, 0, sizeof kop); memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DH_COMPUTE_KEY; kop.crk_op = CRK_DH_COMPUTE_KEY;
/* inputs: dh->priv_key pub_key dh->p key */ /* inputs: dh->priv_key pub_key dh->p key */

7
thirdparty/openssl/crypto/engine/eng_table.c vendored
View File

@ -1,5 +1,5 @@
/* ==================================================================== /* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved. * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -159,6 +159,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
} }
fnd->funct = NULL; fnd->funct = NULL;
(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) {
sk_ENGINE_free(fnd->sk);
OPENSSL_free(fnd);
goto end;
}
} }
/* A registration shouldn't add duplciate entries */ /* A registration shouldn't add duplciate entries */
(void)sk_ENGINE_delete_ptr(fnd->sk, e); (void)sk_ENGINE_delete_ptr(fnd->sk, e);

4
thirdparty/openssl/crypto/err/err.c vendored
View File

@ -602,8 +602,8 @@ static void build_SYS_str_reasons(void)
char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
char *src = strerror(i); char *src = strerror(i);
if (src != NULL) { if (src != NULL) {
strncpy(*dest, src, sizeof *dest); strncpy(*dest, src, sizeof(*dest));
(*dest)[sizeof *dest - 1] = '\0'; (*dest)[sizeof(*dest) - 1] = '\0';
str->string = *dest; str->string = *dest;
} }
} }

2
thirdparty/openssl/crypto/err/err_prn.c vendored
View File

@ -77,7 +77,7 @@ void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
CRYPTO_THREADID_current(&cur); CRYPTO_THREADID_current(&cur);
es = CRYPTO_THREADID_hash(&cur); es = CRYPTO_THREADID_hash(&cur);
while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) { while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
ERR_error_string_n(l, buf, sizeof buf); ERR_error_string_n(l, buf, sizeof(buf));
BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf, BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
file, line, (flags & ERR_TXT_STRING) ? data : ""); file, line, (flags & ERR_TXT_STRING) ? data : "");
if (cb(buf2, strlen(buf2), u) <= 0) if (cb(buf2, strlen(buf2), u) <= 0)

8
thirdparty/openssl/crypto/evp/bio_b64.c vendored
View File

@ -330,6 +330,14 @@ static int b64_read(BIO *b, char *out, int outl)
(unsigned char *)ctx->tmp, i); (unsigned char *)ctx->tmp, i);
ctx->tmp_len = 0; ctx->tmp_len = 0;
} }
/*
* If eof or an error was signalled, then the condition
* 'ctx->cont <= 0' will prevent b64_read() from reading
* more data on subsequent calls. This assignment was
* deleted accidentally in commit 5562cfaca4f3.
*/
ctx->cont = i;
ctx->buf_off = 0; ctx->buf_off = 0;
if (i < 0) { if (i < 0) {
ret_code = 0; ret_code = 0;

8
thirdparty/openssl/crypto/evp/digest.c vendored
View File

@ -124,12 +124,12 @@
void EVP_MD_CTX_init(EVP_MD_CTX *ctx) void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{ {
memset(ctx, '\0', sizeof *ctx); memset(ctx, '\0', sizeof(*ctx));
} }
EVP_MD_CTX *EVP_MD_CTX_create(void) EVP_MD_CTX *EVP_MD_CTX_create(void)
{ {
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx); EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx) if (ctx)
EVP_MD_CTX_init(ctx); EVP_MD_CTX_init(ctx);
@ -316,7 +316,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
} else } else
tmp_buf = NULL; tmp_buf = NULL;
EVP_MD_CTX_cleanup(out); EVP_MD_CTX_cleanup(out);
memcpy(out, in, sizeof *out); memcpy(out, in, sizeof(*out));
if (in->md_data && out->digest->ctx_size) { if (in->md_data && out->digest->ctx_size) {
if (tmp_buf) if (tmp_buf)
@ -402,7 +402,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
FIPS_md_ctx_cleanup(ctx); FIPS_md_ctx_cleanup(ctx);
#endif #endif
memset(ctx, '\0', sizeof *ctx); memset(ctx, '\0', sizeof(*ctx));
return 1; return 1;
} }

4
thirdparty/openssl/crypto/evp/e_aes.c vendored
View File

@ -1,5 +1,5 @@
/* ==================================================================== /* ====================================================================
* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -1089,6 +1089,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
ctx->iv, &ctx->num, ctx->encrypt, dat->block); ctx->iv, &ctx->num, ctx->encrypt, dat->block);
len -= MAXBITCHUNK; len -= MAXBITCHUNK;
out += MAXBITCHUNK;
in += MAXBITCHUNK;
} }
if (len) if (len)
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,

4
thirdparty/openssl/crypto/evp/e_camellia.c vendored
View File

@ -1,6 +1,6 @@
/* crypto/evp/e_camellia.c */ /* crypto/evp/e_camellia.c */
/* ==================================================================== /* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved. * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -356,6 +356,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks, CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
ctx->iv, &ctx->num, ctx->encrypt, dat->block); ctx->iv, &ctx->num, ctx->encrypt, dat->block);
len -= MAXBITCHUNK; len -= MAXBITCHUNK;
out += MAXBITCHUNK;
in += MAXBITCHUNK;
} }
if (len) if (len)
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks, CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,

10
thirdparty/openssl/crypto/evp/evp_enc.c vendored
View File

@ -85,7 +85,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
{ {
EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx); EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx) if (ctx)
EVP_CIPHER_CTX_init(ctx); EVP_CIPHER_CTX_init(ctx);
return ctx; return ctx;
@ -402,7 +402,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
} }
b = ctx->cipher->block_size; b = ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->buf); OPENSSL_assert(b <= sizeof(ctx->buf));
if (b == 1) { if (b == 1) {
*outl = 0; *outl = 0;
return 1; return 1;
@ -454,7 +454,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return EVP_EncryptUpdate(ctx, out, outl, in, inl); return EVP_EncryptUpdate(ctx, out, outl, in, inl);
b = ctx->cipher->block_size; b = ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->final); OPENSSL_assert(b <= sizeof(ctx->final));
if (ctx->final_used) { if (ctx->final_used) {
memcpy(out, ctx->final, b); memcpy(out, ctx->final, b);
@ -520,7 +520,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH); EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
return (0); return (0);
} }
OPENSSL_assert(b <= sizeof ctx->final); OPENSSL_assert(b <= sizeof(ctx->final));
/* /*
* The following assumes that the ciphertext has been authenticated. * The following assumes that the ciphertext has been authenticated.
@ -651,7 +651,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
#endif #endif
EVP_CIPHER_CTX_cleanup(out); EVP_CIPHER_CTX_cleanup(out);
memcpy(out, in, sizeof *out); memcpy(out, in, sizeof(*out));
if (in->cipher_data && in->cipher->ctx_size) { if (in->cipher_data && in->cipher->ctx_size) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);

4
thirdparty/openssl/crypto/evp/evp_locl.h vendored
View File

@ -4,7 +4,7 @@
* 2000. * 2000.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -116,7 +116,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (inl<chunk) chunk=inl;\ if (inl<chunk) chunk=inl;\
while(inl && inl>=chunk)\ while(inl && inl>=chunk)\
{\ {\
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
inl-=chunk;\ inl-=chunk;\
in +=chunk;\ in +=chunk;\
out+=chunk;\ out+=chunk;\

4
thirdparty/openssl/crypto/evp/evp_pbe.c vendored
View File

@ -161,9 +161,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
char obj_tmp[80]; char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM); EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj) if (!pbe_obj)
BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp); BUF_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
else else
i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
ERR_add_error_data(2, "TYPE=", obj_tmp); ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0; return 0;
} }

6
thirdparty/openssl/crypto/evp/openbsd_hw.c vendored
View File

@ -111,7 +111,7 @@ static int dev_crypto_init(session_op *ses)
close(cryptodev_fd); close(cryptodev_fd);
} }
assert(ses); assert(ses);
memset(ses, '\0', sizeof *ses); memset(ses, '\0', sizeof(*ses));
return 1; return 1;
} }
@ -164,7 +164,7 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
assert(CDATA(ctx)); assert(CDATA(ctx));
assert(!dev_failed); assert(!dev_failed);
memset(&cryp, '\0', sizeof cryp); memset(&cryp, '\0', sizeof(cryp));
cryp.ses = CDATA(ctx)->ses; cryp.ses = CDATA(ctx)->ses;
cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
cryp.flags = 0; cryp.flags = 0;
@ -329,7 +329,7 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
return 1; return 1;
} }
memset(&cryp, '\0', sizeof cryp); memset(&cryp, '\0', sizeof(cryp));
cryp.ses = ses; cryp.ses = ses;
cryp.op = COP_ENCRYPT; /* required to do the MAC rather than check cryp.op = COP_ENCRYPT; /* required to do the MAC rather than check
* it */ * it */

2
thirdparty/openssl/crypto/evp/p5_crpt2.c vendored
View File

@ -262,7 +262,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
goto err; goto err;
} }
keylen = EVP_CIPHER_CTX_key_length(ctx); keylen = EVP_CIPHER_CTX_key_length(ctx);
OPENSSL_assert(keylen <= sizeof key); OPENSSL_assert(keylen <= sizeof(key));
/* Decode parameter */ /* Decode parameter */

2
thirdparty/openssl/crypto/hmac/hmac.c vendored
View File

@ -234,7 +234,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
EVP_MD_CTX_cleanup(&ctx->i_ctx); EVP_MD_CTX_cleanup(&ctx->i_ctx);
EVP_MD_CTX_cleanup(&ctx->o_ctx); EVP_MD_CTX_cleanup(&ctx->o_ctx);
EVP_MD_CTX_cleanup(&ctx->md_ctx); EVP_MD_CTX_cleanup(&ctx->md_ctx);
OPENSSL_cleanse(ctx, sizeof *ctx); OPENSSL_cleanse(ctx, sizeof(*ctx));
} }
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,

12
thirdparty/openssl/crypto/jpake/jpake.c vendored
View File

@ -108,14 +108,14 @@ static void JPAKE_CTX_release(JPAKE_CTX *ctx)
OPENSSL_free(ctx->p.peer_name); OPENSSL_free(ctx->p.peer_name);
OPENSSL_free(ctx->p.name); OPENSSL_free(ctx->p.name);
memset(ctx, '\0', sizeof *ctx); memset(ctx, '\0', sizeof(*ctx));
} }
JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name, JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
const BIGNUM *p, const BIGNUM *g, const BIGNUM *q, const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
const BIGNUM *secret) const BIGNUM *secret)
{ {
JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx); JPAKE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx == NULL) if (ctx == NULL)
return NULL; return NULL;
@ -460,7 +460,7 @@ void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx) int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
{ {
quickhashbn(send->hhk, ctx->key); quickhashbn(send->hhk, ctx->key);
SHA1(send->hhk, sizeof send->hhk, send->hhk); SHA1(send->hhk, sizeof(send->hhk), send->hhk);
return 1; return 1;
} }
@ -470,8 +470,8 @@ int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
unsigned char hhk[SHA_DIGEST_LENGTH]; unsigned char hhk[SHA_DIGEST_LENGTH];
quickhashbn(hhk, ctx->key); quickhashbn(hhk, ctx->key);
SHA1(hhk, sizeof hhk, hhk); SHA1(hhk, sizeof(hhk), hhk);
if (memcmp(hhk, received->hhk, sizeof hhk)) { if (memcmp(hhk, received->hhk, sizeof(hhk))) {
JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS, JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH); JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
return 0; return 0;
@ -499,7 +499,7 @@ int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
unsigned char hk[SHA_DIGEST_LENGTH]; unsigned char hk[SHA_DIGEST_LENGTH];
quickhashbn(hk, ctx->key); quickhashbn(hk, ctx->key);
if (memcmp(hk, received->hk, sizeof hk)) { if (memcmp(hk, received->hk, sizeof(hk))) {
JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH); JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
return 0; return 0;
} }

6
thirdparty/openssl/crypto/md2/md2_dgst.c vendored
View File

@ -122,9 +122,9 @@ const char *MD2_options(void)
fips_md_init(MD2) fips_md_init(MD2)
{ {
c->num = 0; c->num = 0;
memset(c->state, 0, sizeof c->state); memset(c->state, 0, sizeof(c->state));
memset(c->cksm, 0, sizeof c->cksm); memset(c->cksm, 0, sizeof(c->cksm));
memset(c->data, 0, sizeof c->data); memset(c->data, 0, sizeof(c->data));
return 1; return 1;
} }

2
thirdparty/openssl/crypto/md4/md4.c vendored
View File

@ -102,7 +102,7 @@ void do_fp(FILE *f)
fd = fileno(f); fd = fileno(f);
MD4_Init(&c); MD4_Init(&c);
for (;;) { for (;;) {
i = read(fd, buf, sizeof buf); i = read(fd, buf, sizeof(buf));
if (i <= 0) if (i <= 0)
break; break;
MD4_Update(&c, buf, (unsigned long)i); MD4_Update(&c, buf, (unsigned long)i);

18
thirdparty/openssl/crypto/mem_dbg.c vendored
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -633,16 +633,22 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
APP_INFO *amip; APP_INFO *amip;
int ami_cnt; int ami_cnt;
struct tm *lcl = NULL; struct tm *lcl = NULL;
struct tm result = {0};
CRYPTO_THREADID ti; CRYPTO_THREADID ti;
#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf)) #define BUF_REMAIN (sizeof(buf) - (size_t)(bufp - buf))
if (m->addr == (char *)l->bio) if (m->addr == (char *)l->bio)
return; return;
if (options & V_CRYPTO_MDEBUG_TIME) { if (options & V_CRYPTO_MDEBUG_TIME) {
# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
!defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
(!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
lcl = localtime_r(&m->time, &result);
# else
lcl = localtime(&m->time); lcl = localtime(&m->time);
# endif
BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ", BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
lcl->tm_hour, lcl->tm_min, lcl->tm_sec); lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
bufp += strlen(bufp); bufp += strlen(bufp);
@ -679,7 +685,7 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
ami_cnt++; ami_cnt++;
memset(buf, '>', ami_cnt); memset(buf, '>', ami_cnt);
BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt, BIO_snprintf(buf + ami_cnt, sizeof(buf) - ami_cnt,
" thread=%lu, file=%s, line=%d, info=\"", " thread=%lu, file=%s, line=%d, info=\"",
CRYPTO_THREADID_hash(&amip->threadid), amip->file, CRYPTO_THREADID_hash(&amip->threadid), amip->file,
amip->line); amip->line);
@ -689,10 +695,10 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
memcpy(buf + buf_len, amip->info, 128 - buf_len - 3); memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
buf_len = 128 - 3; buf_len = 128 - 3;
} else { } else {
BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len); BUF_strlcpy(buf + buf_len, amip->info, sizeof(buf) - buf_len);
buf_len = strlen(buf); buf_len = strlen(buf);
} }
BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n"); BIO_snprintf(buf + buf_len, sizeof(buf) - buf_len, "\"\n");
BIO_puts(l->bio, buf); BIO_puts(l->bio, buf);

5
thirdparty/openssl/crypto/o_init.c vendored
View File

@ -58,6 +58,11 @@
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
# include <openssl/fips.h> # include <openssl/fips.h>
# include <openssl/rand.h> # include <openssl/rand.h>
# ifndef OPENSSL_NO_DEPRECATED
/* the prototype is missing in <openssl/fips.h> */
void FIPS_crypto_set_id_callback(unsigned long (*func)(void));
# endif
#endif #endif
/* /*

8
thirdparty/openssl/crypto/o_time.c vendored
View File

@ -8,7 +8,7 @@
* 2008. * 2008.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved. * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -105,7 +105,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
{ {
struct tm *ts = NULL; struct tm *ts = NULL;
#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS) #if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_SUNOS)
if (gmtime_r(timer, result) == NULL) if (gmtime_r(timer, result) == NULL)
return NULL; return NULL;
ts = result; ts = result;
@ -141,14 +141,14 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
pitem->ileb_64$w_mbo = 1; pitem->ileb_64$w_mbo = 1;
pitem->ileb_64$w_code = LNM$_STRING; pitem->ileb_64$w_code = LNM$_STRING;
pitem->ileb_64$l_mbmo = -1; pitem->ileb_64$l_mbmo = -1;
pitem->ileb_64$q_length = sizeof (logvalue); pitem->ileb_64$q_length = sizeof(logvalue);
pitem->ileb_64$pq_bufaddr = logvalue; pitem->ileb_64$pq_bufaddr = logvalue;
pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen; pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen;
pitem++; pitem++;
/* Last item of the item list is null terminated */ /* Last item of the item list is null terminated */
pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0; pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
# else # else
pitem->ile3$w_length = sizeof (logvalue); pitem->ile3$w_length = sizeof(logvalue);
pitem->ile3$w_code = LNM$_STRING; pitem->ile3$w_code = LNM$_STRING;
pitem->ile3$ps_bufaddr = logvalue; pitem->ile3$ps_bufaddr = logvalue;
pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen; pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen;

4
thirdparty/openssl/crypto/objects/o_names.c vendored
View File

@ -312,13 +312,13 @@ void OBJ_NAME_do_all_sorted(int type,
d.type = type; d.type = type;
d.names = d.names =
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names); OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof(*d.names));
/* Really should return an error if !d.names...but its a void function! */ /* Really should return an error if !d.names...but its a void function! */
if (d.names) { if (d.names) {
d.n = 0; d.n = 0;
OBJ_NAME_do_all(type, do_all_sorted_fn, &d); OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp); qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp);
for (n = 0; n < d.n; ++n) for (n = 0; n < d.n; ++n)
fn(d.names[n], arg); fn(d.names[n], arg);

28
thirdparty/openssl/crypto/objects/obj_dat.c vendored
View File

@ -305,9 +305,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
for (i = ADDED_DATA; i <= ADDED_NID; i++) for (i = ADDED_DATA; i <= ADDED_NID; i++)
if (ao[i] != NULL) if (ao[i] != NULL)
OPENSSL_free(ao[i]); OPENSSL_free(ao[i]);
if (o != NULL) ASN1_OBJECT_free(o);
OPENSSL_free(o); return NID_undef;
return (NID_undef);
} }
ASN1_OBJECT *OBJ_nid2obj(int n) ASN1_OBJECT *OBJ_nid2obj(int n)
@ -591,7 +590,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
n += i; n += i;
OPENSSL_free(bndec); OPENSSL_free(bndec);
} else { } else {
BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l); BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
i = strlen(tbuf); i = strlen(tbuf);
if (buf && (buf_len > 0)) { if (buf && (buf_len > 0)) {
BUF_strlcpy(buf, tbuf, buf_len); BUF_strlcpy(buf, tbuf, buf_len);
@ -725,6 +724,10 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
return (p); return (p);
} }
/*
* Parse a BIO sink to create some extra oid's objects.
* Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN>
*/
int OBJ_create_objects(BIO *in) int OBJ_create_objects(BIO *in)
{ {
MS_STATIC char buf[512]; MS_STATIC char buf[512];
@ -746,9 +749,9 @@ int OBJ_create_objects(BIO *in)
*(s++) = '\0'; *(s++) = '\0';
while (isspace((unsigned char)*s)) while (isspace((unsigned char)*s))
s++; s++;
if (*s == '\0') if (*s == '\0') {
s = NULL; s = NULL;
else { } else {
l = s; l = s;
while ((*l != '\0') && !isspace((unsigned char)*l)) while ((*l != '\0') && !isspace((unsigned char)*l))
l++; l++;
@ -756,15 +759,18 @@ int OBJ_create_objects(BIO *in)
*(l++) = '\0'; *(l++) = '\0';
while (isspace((unsigned char)*l)) while (isspace((unsigned char)*l))
l++; l++;
if (*l == '\0') if (*l == '\0') {
l = NULL; l = NULL;
} else }
} else {
l = NULL; l = NULL;
}
} }
} else } else {
s = NULL; s = NULL;
if ((o == NULL) || (*o == '\0')) }
return (num); if (*o == '\0')
return num;
if (!OBJ_create(o, s, l)) if (!OBJ_create(o, s, l))
return (num); return (num);
num++; num++;

2
thirdparty/openssl/crypto/pem/pem_info.c vendored
View File

@ -354,7 +354,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
/* create the right magic header stuff */ /* create the right magic header stuff */
OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <= OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
sizeof buf); sizeof(buf));
buf[0] = '\0'; buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);

2
thirdparty/openssl/crypto/pem/pem_lib.c vendored
View File

@ -406,7 +406,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
OPENSSL_cleanse(buf, PEM_BUFSIZE); OPENSSL_cleanse(buf, PEM_BUFSIZE);
OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <= OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
sizeof buf); sizeof(buf));
buf[0] = '\0'; buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);

8
thirdparty/openssl/crypto/pkcs7/pk7_doit.c vendored
View File

@ -375,16 +375,18 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
} }
if (bio == NULL) { if (bio == NULL) {
if (PKCS7_is_detached(p7)) if (PKCS7_is_detached(p7)) {
bio = BIO_new(BIO_s_null()); bio = BIO_new(BIO_s_null());
else if (os && os->length > 0) } else if (os && os->length > 0) {
bio = BIO_new_mem_buf(os->data, os->length); bio = BIO_new_mem_buf(os->data, os->length);
if (bio == NULL) { } else {
bio = BIO_new(BIO_s_mem()); bio = BIO_new(BIO_s_mem());
if (bio == NULL) if (bio == NULL)
goto err; goto err;
BIO_set_mem_eof_return(bio, 0); BIO_set_mem_eof_return(bio, 0);
} }
if (bio == NULL)
goto err;
} }
if (out) if (out)
BIO_push(out, bio); BIO_push(out, bio);

6
thirdparty/openssl/crypto/rand/md_rand.c vendored
View File

@ -238,7 +238,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
md_c[0] = md_count[0]; md_c[0] = md_count[0];
md_c[1] = md_count[1]; md_c[1] = md_count[1];
memcpy(local_md, md, sizeof md); memcpy(local_md, md, sizeof(md));
/* state_index <= state_num <= STATE_SIZE */ /* state_index <= state_num <= STATE_SIZE */
state_index += num; state_index += num;
@ -454,7 +454,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
st_num = state_num; st_num = state_num;
md_c[0] = md_count[0]; md_c[0] = md_count[0];
md_c[1] = md_count[1]; md_c[1] = md_count[1];
memcpy(local_md, md, sizeof md); memcpy(local_md, md, sizeof(md));
state_index += num_ceil; state_index += num_ceil;
if (state_index > state_num) if (state_index > state_num)
@ -480,7 +480,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
goto err; goto err;
#ifndef GETPID_IS_MEANINGLESS #ifndef GETPID_IS_MEANINGLESS
if (curr_pid) { /* just in the first iteration to save time */ if (curr_pid) { /* just in the first iteration to save time */
if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid)) if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof(curr_pid)))
goto err; goto err;
curr_pid = 0; curr_pid = 0;
} }

2
thirdparty/openssl/crypto/rand/rand_egd.c vendored
View File

@ -148,7 +148,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
addr.sun_family = AF_UNIX; addr.sun_family = AF_UNIX;
if (strlen(path) >= sizeof(addr.sun_path)) if (strlen(path) >= sizeof(addr.sun_path))
return (-1); return (-1);
BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path); BUF_strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
len = offsetof(struct sockaddr_un, sun_path) + strlen(path); len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
fd = socket(AF_UNIX, SOCK_STREAM, 0); fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1) if (fd == -1)

10
thirdparty/openssl/crypto/rand/rand_unix.c vendored
View File

@ -181,15 +181,15 @@ int RAND_poll(void)
*/ */
curr_gid = getgid(); curr_gid = getgid();
RAND_add(&curr_gid, sizeof curr_gid, 1); RAND_add(&curr_gid, sizeof(curr_gid), 1);
curr_gid = 0; curr_gid = 0;
curr_pid = getpid(); curr_pid = getpid();
RAND_add(&curr_pid, sizeof curr_pid, 1); RAND_add(&curr_pid, sizeof(curr_pid), 1);
curr_pid = 0; curr_pid = 0;
curr_uid = getuid(); curr_uid = getuid();
RAND_add(&curr_uid, sizeof curr_uid, 1); RAND_add(&curr_uid, sizeof(curr_uid), 1);
curr_uid = 0; curr_uid = 0;
for (i = 0; i < (ENTROPY_NEEDED * 4); i++) { for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
@ -217,7 +217,7 @@ int RAND_poll(void)
/* take 8 bits */ /* take 8 bits */
v = (unsigned char)(ts.tv_nsec % 256); v = (unsigned char)(ts.tv_nsec % 256);
RAND_add(&v, sizeof v, 1); RAND_add(&v, sizeof(v), 1);
v = 0; v = 0;
} }
return 1; return 1;
@ -402,7 +402,7 @@ int RAND_poll(void)
# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) # if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
if (n > 0) { if (n > 0) {
RAND_add(tmpbuf, sizeof tmpbuf, (double)n); RAND_add(tmpbuf, sizeof(tmpbuf), (double)n);
OPENSSL_cleanse(tmpbuf, n); OPENSSL_cleanse(tmpbuf, n);
} }
# endif # endif

2
thirdparty/openssl/crypto/rsa/rsa_crpt.c vendored
View File

@ -219,7 +219,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
* if PRNG is not properly seeded, resort to secret exponent as * if PRNG is not properly seeded, resort to secret exponent as
* unpredictable seed * unpredictable seed
*/ */
RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); RAND_add(rsa->d->d, rsa->d->dmax * sizeof(rsa->d->d[0]), 0.0);
} }
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {

32
thirdparty/openssl/crypto/rsa/rsa_gen.c vendored
View File

@ -109,6 +109,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
BIGNUM *pr0, *d, *p; BIGNUM *pr0, *d, *p;
int bitsp, bitsq, ok = -1, n = 0; int bitsp, bitsq, ok = -1, n = 0;
BN_CTX *ctx = NULL; BN_CTX *ctx = NULL;
unsigned long error = 0;
/* /*
* When generating ridiculously small keys, we can get stuck * When generating ridiculously small keys, we can get stuck
@ -155,16 +156,26 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
if (BN_copy(rsa->e, e_value) == NULL) if (BN_copy(rsa->e, e_value) == NULL)
goto err; goto err;
BN_set_flags(r2, BN_FLG_CONSTTIME);
/* generate p and q */ /* generate p and q */
for (;;) { for (;;) {
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
goto err; goto err;
if (!BN_sub(r2, rsa->p, BN_value_one())) if (!BN_sub(r2, rsa->p, BN_value_one()))
goto err; goto err;
if (!BN_gcd(r1, r2, rsa->e, ctx)) ERR_set_mark();
goto err; if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
if (BN_is_one(r1)) /* GCD == 1 since inverse exists */
break; break;
}
error = ERR_peek_last_error();
if (ERR_GET_LIB(error) == ERR_LIB_BN
&& ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
/* GCD != 1 */
ERR_pop_to_mark();
} else {
goto err;
}
if (!BN_GENCB_call(cb, 2, n++)) if (!BN_GENCB_call(cb, 2, n++))
goto err; goto err;
} }
@ -177,10 +188,19 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
} while (BN_cmp(rsa->p, rsa->q) == 0); } while (BN_cmp(rsa->p, rsa->q) == 0);
if (!BN_sub(r2, rsa->q, BN_value_one())) if (!BN_sub(r2, rsa->q, BN_value_one()))
goto err; goto err;
if (!BN_gcd(r1, r2, rsa->e, ctx)) ERR_set_mark();
goto err; if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
if (BN_is_one(r1)) /* GCD == 1 since inverse exists */
break; break;
}
error = ERR_peek_last_error();
if (ERR_GET_LIB(error) == ERR_LIB_BN
&& ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
/* GCD != 1 */
ERR_pop_to_mark();
} else {
goto err;
}
if (!BN_GENCB_call(cb, 2, n++)) if (!BN_GENCB_call(cb, 2, n++))
goto err; goto err;
} }

4
thirdparty/openssl/crypto/rsa/rsa_pss.c vendored
View File

@ -157,7 +157,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
goto err; goto err;
} }
if (!EVP_DigestInit_ex(&ctx, Hash, NULL) if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes))
|| !EVP_DigestUpdate(&ctx, mHash, hLen)) || !EVP_DigestUpdate(&ctx, mHash, hLen))
goto err; goto err;
if (maskedDBLen - i) { if (maskedDBLen - i) {
@ -252,7 +252,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
H = EM + maskedDBLen; H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx); EVP_MD_CTX_init(&ctx);
if (!EVP_DigestInit_ex(&ctx, Hash, NULL) if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes))
|| !EVP_DigestUpdate(&ctx, mHash, hLen)) || !EVP_DigestUpdate(&ctx, mHash, hLen))
goto err; goto err;
if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen)) if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))

28
thirdparty/openssl/crypto/srp/srp_grps.h vendored
View File

@ -21,8 +21,8 @@ static BN_ULONG bn_group_1024_value[] = {
static BIGNUM bn_group_1024 = { static BIGNUM bn_group_1024 = {
bn_group_1024_value, bn_group_1024_value,
(sizeof bn_group_1024_value) / sizeof(BN_ULONG), (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG),
(sizeof bn_group_1024_value) / sizeof(BN_ULONG), (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };
@ -56,8 +56,8 @@ static BN_ULONG bn_group_1536_value[] = {
static BIGNUM bn_group_1536 = { static BIGNUM bn_group_1536 = {
bn_group_1536_value, bn_group_1536_value,
(sizeof bn_group_1536_value) / sizeof(BN_ULONG), (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG),
(sizeof bn_group_1536_value) / sizeof(BN_ULONG), (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };
@ -99,8 +99,8 @@ static BN_ULONG bn_group_2048_value[] = {
static BIGNUM bn_group_2048 = { static BIGNUM bn_group_2048 = {
bn_group_2048_value, bn_group_2048_value,
(sizeof bn_group_2048_value) / sizeof(BN_ULONG), (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG),
(sizeof bn_group_2048_value) / sizeof(BN_ULONG), (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };
@ -158,8 +158,8 @@ static BN_ULONG bn_group_3072_value[] = {
static BIGNUM bn_group_3072 = { static BIGNUM bn_group_3072 = {
bn_group_3072_value, bn_group_3072_value,
(sizeof bn_group_3072_value) / sizeof(BN_ULONG), (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG),
(sizeof bn_group_3072_value) / sizeof(BN_ULONG), (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };
@ -233,8 +233,8 @@ static BN_ULONG bn_group_4096_value[] = {
static BIGNUM bn_group_4096 = { static BIGNUM bn_group_4096 = {
bn_group_4096_value, bn_group_4096_value,
(sizeof bn_group_4096_value) / sizeof(BN_ULONG), (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG),
(sizeof bn_group_4096_value) / sizeof(BN_ULONG), (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };
@ -340,8 +340,8 @@ static BN_ULONG bn_group_6144_value[] = {
static BIGNUM bn_group_6144 = { static BIGNUM bn_group_6144 = {
bn_group_6144_value, bn_group_6144_value,
(sizeof bn_group_6144_value) / sizeof(BN_ULONG), (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG),
(sizeof bn_group_6144_value) / sizeof(BN_ULONG), (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };
@ -479,8 +479,8 @@ static BN_ULONG bn_group_8192_value[] = {
static BIGNUM bn_group_8192 = { static BIGNUM bn_group_8192 = {
bn_group_8192_value, bn_group_8192_value,
(sizeof bn_group_8192_value) / sizeof(BN_ULONG), (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG),
(sizeof bn_group_8192_value) / sizeof(BN_ULONG), (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG),
0, 0,
BN_FLG_STATIC_DATA BN_FLG_STATIC_DATA
}; };

6
thirdparty/openssl/crypto/ts/ts_rsp_sign.c vendored
View File

@ -4,7 +4,7 @@
* 2002. * 2002.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved. * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -58,6 +58,7 @@
*/ */
#include "cryptlib.h" #include "cryptlib.h"
#include "o_time.h"
#if defined(OPENSSL_SYS_UNIX) #if defined(OPENSSL_SYS_UNIX)
# include <sys/time.h> # include <sys/time.h>
@ -948,6 +949,7 @@ static ASN1_GENERALIZEDTIME
{ {
time_t time_sec = (time_t)sec; time_t time_sec = (time_t)sec;
struct tm *tm = NULL; struct tm *tm = NULL;
struct tm result = {0};
char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS]; char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
char *p = genTime_str; char *p = genTime_str;
char *p_end = genTime_str + sizeof(genTime_str); char *p_end = genTime_str + sizeof(genTime_str);
@ -955,7 +957,7 @@ static ASN1_GENERALIZEDTIME
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS) if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
goto err; goto err;
if (!(tm = gmtime(&time_sec))) if (!(tm = OPENSSL_gmtime(&time_sec, &result)))
goto err; goto err;
/* /*

2
thirdparty/openssl/crypto/ui/ui_openssl.c vendored
View File

@ -614,7 +614,7 @@ static void pushsig(void)
# ifdef SIGACTION # ifdef SIGACTION
struct sigaction sa; struct sigaction sa;
memset(&sa, 0, sizeof sa); memset(&sa, 0, sizeof(sa));
sa.sa_handler = recsig; sa.sa_handler = recsig;
# endif # endif

2
thirdparty/openssl/crypto/x509/x509_txt.c vendored
View File

@ -212,7 +212,7 @@ const char *X509_verify_cert_error_string(long n)
return ("proxy subject name violation"); return ("proxy subject name violation");
default: default:
BIO_snprintf(buf, sizeof buf, "error number %ld", n); BIO_snprintf(buf, sizeof(buf), "error number %ld", n);
return (buf); return (buf);
} }
} }

2
thirdparty/openssl/crypto/x509/x509_v3.c vendored
View File

@ -177,7 +177,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
err2: err2:
if (new_ex != NULL) if (new_ex != NULL)
X509_EXTENSION_free(new_ex); X509_EXTENSION_free(new_ex);
if (sk != NULL) if (x != NULL && *x == NULL && sk != NULL)
sk_X509_EXTENSION_free(sk); sk_X509_EXTENSION_free(sk);
return (NULL); return (NULL);
} }

2
thirdparty/openssl/crypto/x509/x509_vpm.c vendored
View File

@ -173,7 +173,7 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
X509_VERIFY_PARAM *param; X509_VERIFY_PARAM *param;
X509_VERIFY_PARAM_ID *paramid; X509_VERIFY_PARAM_ID *paramid;
param = OPENSSL_malloc(sizeof *param); param = OPENSSL_malloc(sizeof(*param));
if (!param) if (!param)
return NULL; return NULL;
memset(param, 0, sizeof(*param)); memset(param, 0, sizeof(*param));

4
thirdparty/openssl/crypto/x509v3/v3_alt.c vendored
View File

@ -157,12 +157,12 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
case GEN_IPADD: case GEN_IPADD:
p = gen->d.ip->data; p = gen->d.ip->data;
if (gen->d.ip->length == 4) if (gen->d.ip->length == 4)
BIO_snprintf(oline, sizeof oline, BIO_snprintf(oline, sizeof(oline),
"%d.%d.%d.%d", p[0], p[1], p[2], p[3]); "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
else if (gen->d.ip->length == 16) { else if (gen->d.ip->length == 16) {
oline[0] = 0; oline[0] = 0;
for (i = 0; i < 8; i++) { for (i = 0; i < 8; i++) {
BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]); BIO_snprintf(htmp, sizeof(htmp), "%X", p[0] << 8 | p[1]);
p += 2; p += 2;
strcat(oline, htmp); strcat(oline, htmp);
if (i != 7) if (i != 7)

10
thirdparty/openssl/crypto/x509v3/v3_conf.c vendored
View File

@ -4,7 +4,7 @@
* 1999. * 1999.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -340,8 +340,12 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
val = sk_CONF_VALUE_value(nval, i); val = sk_CONF_VALUE_value(nval, i);
if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value))) if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
return 0; return 0;
if (sk) if (sk != NULL) {
X509v3_add_ext(sk, ext, -1); if (X509v3_add_ext(sk, ext, -1) == NULL) {
X509_EXTENSION_free(ext);
return 0;
}
}
X509_EXTENSION_free(ext); X509_EXTENSION_free(ext);
} }
return 1; return 1;

2
thirdparty/openssl/crypto/x509v3/v3_info.c vendored
View File

@ -126,7 +126,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
goto err; goto err;
tret = tmp; tret = tmp;
vtmp = sk_CONF_VALUE_value(tret, i); vtmp = sk_CONF_VALUE_value(tret, i);
i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); i2t_ASN1_OBJECT(objtmp, sizeof(objtmp), desc->method);
nlen = strlen(objtmp) + strlen(vtmp->name) + 5; nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
ntmp = OPENSSL_malloc(nlen); ntmp = OPENSSL_malloc(nlen);
if (ntmp == NULL) if (ntmp == NULL)

1
thirdparty/openssl/openssl/asn1.h vendored
View File

@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_R_MSTRING_NOT_UNIVERSAL 139 # define ASN1_R_MSTRING_NOT_UNIVERSAL 139
# define ASN1_R_MSTRING_WRONG_TAG 140 # define ASN1_R_MSTRING_WRONG_TAG 140
# define ASN1_R_NESTED_ASN1_STRING 197 # define ASN1_R_NESTED_ASN1_STRING 197
# define ASN1_R_NESTED_TOO_DEEP 219
# define ASN1_R_NON_HEX_CHARACTERS 141 # define ASN1_R_NON_HEX_CHARACTERS 141
# define ASN1_R_NOT_ASCII_FORMAT 190 # define ASN1_R_NOT_ASCII_FORMAT 190
# define ASN1_R_NOT_ENOUGH_DATA 142 # define ASN1_R_NOT_ENOUGH_DATA 142

6
thirdparty/openssl/openssl/opensslv.h vendored
View File

@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta) * major minor fix final patch/beta)
*/ */
# define OPENSSL_VERSION_NUMBER 0x100020efL # define OPENSSL_VERSION_NUMBER 0x100020ffL
# ifdef OPENSSL_FIPS # ifdef OPENSSL_FIPS
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-fips 7 Dec 2017" # define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o-fips 27 Mar 2018"
# else # else
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n 7 Dec 2017" # define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o 27 Mar 2018"
# endif # endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

4
thirdparty/openssl/ssl/d1_lib.c vendored
View File

@ -126,9 +126,9 @@ int dtls1_new(SSL *s)
if (!ssl3_new(s)) if (!ssl3_new(s))
return (0); return (0);
if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL) if ((d1 = OPENSSL_malloc(sizeof(*d1))) == NULL)
return (0); return (0);
memset(d1, 0, sizeof *d1); memset(d1, 0, sizeof(*d1));
/* d1->handshake_epoch=0; */ /* d1->handshake_epoch=0; */

31
thirdparty/openssl/ssl/d1_pkt.c vendored
View File

@ -4,7 +4,7 @@
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005. * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -706,8 +706,11 @@ int dtls1_get_record(SSL *s)
n2s(p, rr->length); n2s(p, rr->length);
/* Lets check version */ /*
if (!s->first_packet) { * Lets check the version. We tolerate alerts that don't have the exact
* version number (e.g. because of protocol version errors)
*/
if (!s->first_packet && rr->type != SSL3_RT_ALERT) {
if (version != s->version) { if (version != s->version) {
/* unexpected version, silently discard */ /* unexpected version, silently discard */
rr->length = 0; rr->length = 0;
@ -1061,7 +1064,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
unsigned int *dest_len = NULL; unsigned int *dest_len = NULL;
if (rr->type == SSL3_RT_HANDSHAKE) { if (rr->type == SSL3_RT_HANDSHAKE) {
dest_maxlen = sizeof s->d1->handshake_fragment; dest_maxlen = sizeof(s->d1->handshake_fragment);
dest = s->d1->handshake_fragment; dest = s->d1->handshake_fragment;
dest_len = &s->d1->handshake_fragment_len; dest_len = &s->d1->handshake_fragment_len;
} else if (rr->type == SSL3_RT_ALERT) { } else if (rr->type == SSL3_RT_ALERT) {
@ -1202,6 +1205,24 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
goto start; goto start;
} }
/*
* If we are a server and get a client hello when renegotiation isn't
* allowed send back a no renegotiation alert and carry on.
*/
if (s->server
&& SSL_is_init_finished(s)
&& !s->s3->send_connection_binding
&& s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH
&& s->d1->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO
&& s->s3->previous_client_finished_len != 0
&& (s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) == 0) {
s->d1->handshake_fragment_len = 0;
rr->length = 0;
ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
goto start;
}
if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) { if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
int alert_level = s->d1->alert_fragment[0]; int alert_level = s->d1->alert_fragment[0];
int alert_descr = s->d1->alert_fragment[1]; int alert_descr = s->d1->alert_fragment[1];
@ -1286,7 +1307,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
s->s3->fatal_alert = alert_descr; s->s3->fatal_alert = alert_descr;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSLerr(SSL_F_DTLS1_READ_BYTES,
SSL_AD_REASON_OFFSET + alert_descr); SSL_AD_REASON_OFFSET + alert_descr);
BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr);
ERR_add_error_data(2, "SSL alert number ", tmp); ERR_add_error_data(2, "SSL alert number ", tmp);
s->shutdown |= SSL_RECEIVED_SHUTDOWN; s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->session_ctx, s->session); SSL_CTX_remove_session(s->session_ctx, s->session);

17
thirdparty/openssl/ssl/kssl.c vendored
View File

@ -4,7 +4,7 @@
* 2000. * 2000.
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved. * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -78,6 +78,7 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/krb5_asn.h> #include <openssl/krb5_asn.h>
#include "o_time.h"
#include "kssl_lcl.h" #include "kssl_lcl.h"
#ifndef OPENSSL_NO_KRB5 #ifndef OPENSSL_NO_KRB5
@ -2026,6 +2027,8 @@ krb5_error_code kssl_check_authent(
int outl, unencbufsize; int outl, unencbufsize;
struct tm tm_time, *tm_l, *tm_g; struct tm tm_time, *tm_l, *tm_g;
time_t now, tl, tg, tr, tz_offset; time_t now, tl, tg, tr, tz_offset;
struct tm gmt_result = {0};
struct tm lt_result = {0};
EVP_CIPHER_CTX_init(&ciph_ctx); EVP_CIPHER_CTX_init(&ciph_ctx);
*atimep = 0; *atimep = 0;
@ -2082,7 +2085,7 @@ krb5_error_code kssl_check_authent(
} }
# endif # endif
enc = kssl_map_enc(enctype); enc = kssl_map_enc(enctype);
memset(iv, 0, sizeof iv); /* per RFC 1510 */ memset(iv, 0, sizeof(iv)); /* per RFC 1510 */
if (enc == NULL) { if (enc == NULL) {
/* /*
@ -2140,9 +2143,17 @@ krb5_error_code kssl_check_authent(
if (k_gmtime(auth->ctime, &tm_time) && if (k_gmtime(auth->ctime, &tm_time) &&
((tr = mktime(&tm_time)) != (time_t)(-1))) { ((tr = mktime(&tm_time)) != (time_t)(-1))) {
now = time(&now); now = time(&now);
tm_g = OPENSSL_gmtime(&now, &gmt_result);
# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
!defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
(!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
tm_l = localtime_r(&now, &lt_result);
# else
tm_l = localtime(&now); tm_l = localtime(&now);
# endif
tl = mktime(tm_l); tl = mktime(tm_l);
tm_g = gmtime(&now);
tg = mktime(tm_g); tg = mktime(tm_g);
tz_offset = tg - tl; tz_offset = tg - tl;

4
thirdparty/openssl/ssl/s23_srvr.c vendored
View File

@ -268,8 +268,8 @@ int ssl23_get_client_hello(SSL *s)
if (!ssl3_setup_buffers(s)) if (!ssl3_setup_buffers(s))
goto err; goto err;
n = ssl23_read_bytes(s, sizeof buf_space); n = ssl23_read_bytes(s, sizeof(buf_space));
if (n != sizeof buf_space) if (n != sizeof(buf_space))
return (n); /* n == -1 || n == 0 */ return (n); /* n == -1 || n == 0 */
p = s->packet; p = s->packet;

6
thirdparty/openssl/ssl/s2_clnt.c vendored
View File

@ -523,7 +523,7 @@ static int get_server_hello(SSL *s)
} }
s->s2->conn_id_length = s->s2->tmp.conn_id_length; s->s2->conn_id_length = s->s2->tmp.conn_id_length;
if (s->s2->conn_id_length > sizeof s->s2->conn_id) { if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG); SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
return -1; return -1;
@ -708,7 +708,7 @@ static int client_finished(SSL *s)
if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) { if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
p = (unsigned char *)s->init_buf->data; p = (unsigned char *)s->init_buf->data;
*(p++) = SSL2_MT_CLIENT_FINISHED; *(p++) = SSL2_MT_CLIENT_FINISHED;
if (s->s2->conn_id_length > sizeof s->s2->conn_id) { if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) {
SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
return -1; return -1;
} }
@ -981,7 +981,7 @@ static int get_server_finished(SSL *s)
} else { } else {
if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
if ((s->session->session_id_length > if ((s->session->session_id_length >
sizeof s->session->session_id) sizeof(s->session->session_id))
|| (0 != || (0 !=
memcmp(buf + 1, s->session->session_id, memcmp(buf + 1, s->session->session_id,
(unsigned int)s->session->session_id_length))) { (unsigned int)s->session->session_id_length))) {

2
thirdparty/openssl/ssl/s2_enc.c vendored
View File

@ -99,7 +99,7 @@ int ssl2_enc_init(SSL *s, int client)
num = c->key_len; num = c->key_len;
s->s2->key_material_length = num * 2; s->s2->key_material_length = num * 2;
OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); OPENSSL_assert(s->s2->key_material_length <= sizeof(s->s2->key_material));
if (ssl2_generate_key_material(s) <= 0) if (ssl2_generate_key_material(s) <= 0)
return 0; return 0;

8
thirdparty/openssl/ssl/s2_lib.c vendored
View File

@ -326,9 +326,9 @@ int ssl2_new(SSL *s)
{ {
SSL2_STATE *s2; SSL2_STATE *s2;
if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL) if ((s2 = OPENSSL_malloc(sizeof(*s2))) == NULL)
goto err; goto err;
memset(s2, 0, sizeof *s2); memset(s2, 0, sizeof(*s2));
# if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 # if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
# error "assertion failed" # error "assertion failed"
@ -371,7 +371,7 @@ void ssl2_free(SSL *s)
OPENSSL_free(s2->rbuf); OPENSSL_free(s2->rbuf);
if (s2->wbuf != NULL) if (s2->wbuf != NULL)
OPENSSL_free(s2->wbuf); OPENSSL_free(s2->wbuf);
OPENSSL_cleanse(s2, sizeof *s2); OPENSSL_cleanse(s2, sizeof(*s2));
OPENSSL_free(s2); OPENSSL_free(s2);
s->s2 = NULL; s->s2 = NULL;
} }
@ -386,7 +386,7 @@ void ssl2_clear(SSL *s)
rbuf = s2->rbuf; rbuf = s2->rbuf;
wbuf = s2->wbuf; wbuf = s2->wbuf;
memset(s2, 0, sizeof *s2); memset(s2, 0, sizeof(*s2));
s2->rbuf = rbuf; s2->rbuf = rbuf;
s2->wbuf = wbuf; s2->wbuf = wbuf;

8
thirdparty/openssl/ssl/s2_srvr.c vendored
View File

@ -724,7 +724,7 @@ static int get_client_hello(SSL *s)
p += s->s2->tmp.session_id_length; p += s->s2->tmp.session_id_length;
/* challenge */ /* challenge */
if (s->s2->challenge_length > sizeof s->s2->challenge) { if (s->s2->challenge_length > sizeof(s->s2->challenge)) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
return -1; return -1;
@ -872,7 +872,7 @@ static int get_client_finished(SSL *s)
} }
/* SSL2_ST_GET_CLIENT_FINISHED_B */ /* SSL2_ST_GET_CLIENT_FINISHED_B */
if (s->s2->conn_id_length > sizeof s->s2->conn_id) { if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
return -1; return -1;
@ -903,7 +903,7 @@ static int server_verify(SSL *s)
if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) { if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
p = (unsigned char *)s->init_buf->data; p = (unsigned char *)s->init_buf->data;
*(p++) = SSL2_MT_SERVER_VERIFY; *(p++) = SSL2_MT_SERVER_VERIFY;
if (s->s2->challenge_length > sizeof s->s2->challenge) { if (s->s2->challenge_length > sizeof(s->s2->challenge)) {
SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
return -1; return -1;
} }
@ -925,7 +925,7 @@ static int server_finish(SSL *s)
p = (unsigned char *)s->init_buf->data; p = (unsigned char *)s->init_buf->data;
*(p++) = SSL2_MT_SERVER_FINISHED; *(p++) = SSL2_MT_SERVER_FINISHED;
if (s->session->session_id_length > sizeof s->session->session_id) { if (s->session->session_id_length > sizeof(s->session->session_id)) {
SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
return -1; return -1;
} }

24
thirdparty/openssl/ssl/s3_clnt.c vendored
View File

@ -984,7 +984,7 @@ int ssl3_get_server_hello(SSL *s)
/* get the session-id */ /* get the session-id */
j = *(p++); j = *(p++);
if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) { if ((j > sizeof(s->session->session_id)) || (j > SSL3_SESSION_ID_SIZE)) {
al = SSL_AD_ILLEGAL_PARAMETER; al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG); SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
goto f_err; goto f_err;
@ -2561,16 +2561,16 @@ int ssl3_send_client_key_exchange(SSL *s)
tmp_buf[0] = s->client_version >> 8; tmp_buf[0] = s->client_version >> 8;
tmp_buf[1] = s->client_version & 0xff; tmp_buf[1] = s->client_version & 0xff;
if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0) if (RAND_bytes(&(tmp_buf[2]), sizeof(tmp_buf) - 2) <= 0)
goto err; goto err;
s->session->master_key_length = sizeof tmp_buf; s->session->master_key_length = sizeof(tmp_buf);
q = p; q = p;
/* Fix buf for TLS and beyond */ /* Fix buf for TLS and beyond */
if (s->version > SSL3_VERSION) if (s->version > SSL3_VERSION)
p += 2; p += 2;
n = RSA_public_encrypt(sizeof tmp_buf, n = RSA_public_encrypt(sizeof(tmp_buf),
tmp_buf, p, rsa, RSA_PKCS1_PADDING); tmp_buf, p, rsa, RSA_PKCS1_PADDING);
# ifdef PKCS1_CHECK # ifdef PKCS1_CHECK
if (s->options & SSL_OP_PKCS1_CHECK_1) if (s->options & SSL_OP_PKCS1_CHECK_1)
@ -2595,8 +2595,8 @@ int ssl3_send_client_key_exchange(SSL *s)
s-> s->
session->master_key, session->master_key,
tmp_buf, tmp_buf,
sizeof tmp_buf); sizeof(tmp_buf));
OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); OPENSSL_cleanse(tmp_buf, sizeof(tmp_buf));
} }
#endif #endif
#ifndef OPENSSL_NO_KRB5 #ifndef OPENSSL_NO_KRB5
@ -2688,7 +2688,7 @@ int ssl3_send_client_key_exchange(SSL *s)
tmp_buf[0] = s->client_version >> 8; tmp_buf[0] = s->client_version >> 8;
tmp_buf[1] = s->client_version & 0xff; tmp_buf[1] = s->client_version & 0xff;
if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0) if (RAND_bytes(&(tmp_buf[2]), sizeof(tmp_buf) - 2) <= 0)
goto err; goto err;
/*- /*-
@ -2699,13 +2699,13 @@ int ssl3_send_client_key_exchange(SSL *s)
* EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
*/ */
memset(iv, 0, sizeof iv); /* per RFC 1510 */ memset(iv, 0, sizeof(iv)); /* per RFC 1510 */
EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv); EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf, EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
sizeof tmp_buf); sizeof(tmp_buf));
EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl); EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
outl += padl; outl += padl;
if (outl > (int)sizeof epms) { if (outl > (int)sizeof(epms)) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR); ERR_R_INTERNAL_ERROR);
goto err; goto err;
@ -2723,9 +2723,9 @@ int ssl3_send_client_key_exchange(SSL *s)
s-> s->
session->master_key, session->master_key,
tmp_buf, tmp_buf,
sizeof tmp_buf); sizeof(tmp_buf));
OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); OPENSSL_cleanse(tmp_buf, sizeof(tmp_buf));
OPENSSL_cleanse(epms, outl); OPENSSL_cleanse(epms, outl);
} }
#endif #endif

8
thirdparty/openssl/ssl/s3_lib.c vendored
View File

@ -3018,9 +3018,9 @@ int ssl3_new(SSL *s)
{ {
SSL3_STATE *s3; SSL3_STATE *s3;
if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL)
goto err; goto err;
memset(s3, 0, sizeof *s3); memset(s3, 0, sizeof(*s3));
memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
@ -3078,7 +3078,7 @@ void ssl3_free(SSL *s)
#ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_free(s); SSL_SRP_CTX_free(s);
#endif #endif
OPENSSL_cleanse(s->s3, sizeof *s->s3); OPENSSL_cleanse(s->s3, sizeof(*s->s3));
OPENSSL_free(s->s3); OPENSSL_free(s->s3);
s->s3 = NULL; s->s3 = NULL;
} }
@ -3142,7 +3142,7 @@ void ssl3_clear(SSL *s)
s->s3->alpn_selected = NULL; s->s3->alpn_selected = NULL;
} }
#endif #endif
memset(s->s3, 0, sizeof *s->s3); memset(s->s3, 0, sizeof(*s->s3));
s->s3->rbuf.buf = rp; s->s3->rbuf.buf = rp;
s->s3->wbuf.buf = wp; s->s3->wbuf.buf = wp;
s->s3->rbuf.len = rlen; s->s3->rbuf.len = rlen;

38
thirdparty/openssl/ssl/s3_pkt.c vendored
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -1096,10 +1096,9 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
int i; int i;
SSL3_BUFFER *wb = &(s->s3->wbuf); SSL3_BUFFER *wb = &(s->s3->wbuf);
/* XXXX */
if ((s->s3->wpend_tot > (int)len) if ((s->s3->wpend_tot > (int)len)
|| ((s->s3->wpend_buf != buf) && || (!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)
!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) && (s->s3->wpend_buf != buf))
|| (s->s3->wpend_type != type)) { || (s->s3->wpend_type != type)) {
SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY); SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
return (-1); return (-1);
@ -1314,11 +1313,11 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
unsigned int *dest_len = NULL; unsigned int *dest_len = NULL;
if (rr->type == SSL3_RT_HANDSHAKE) { if (rr->type == SSL3_RT_HANDSHAKE) {
dest_maxlen = sizeof s->s3->handshake_fragment; dest_maxlen = sizeof(s->s3->handshake_fragment);
dest = s->s3->handshake_fragment; dest = s->s3->handshake_fragment;
dest_len = &s->s3->handshake_fragment_len; dest_len = &s->s3->handshake_fragment_len;
} else if (rr->type == SSL3_RT_ALERT) { } else if (rr->type == SSL3_RT_ALERT) {
dest_maxlen = sizeof s->s3->alert_fragment; dest_maxlen = sizeof(s->s3->alert_fragment);
dest = s->s3->alert_fragment; dest = s->s3->alert_fragment;
dest_len = &s->s3->alert_fragment_len; dest_len = &s->s3->alert_fragment_len;
} }
@ -1421,26 +1420,25 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
*/ */
goto start; goto start;
} }
/* /*
* If we are a server and get a client hello when renegotiation isn't * If we are a server and get a client hello when renegotiation isn't
* allowed send back a no renegotiation alert and carry on. WARNING: * allowed send back a no renegotiation alert and carry on.
* experimental code, needs reviewing (steve)
*/ */
if (s->server && if (s->server
SSL_is_init_finished(s) && && SSL_is_init_finished(s)
!s->s3->send_connection_binding && && !s->s3->send_connection_binding
(s->version > SSL3_VERSION) && && s->version > SSL3_VERSION
(s->s3->handshake_fragment_len >= 4) && && s->s3->handshake_fragment_len >= SSL3_HM_HEADER_LENGTH
(s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && && s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO
(s->session != NULL) && (s->session->cipher != NULL) && && s->s3->previous_client_finished_len != 0
!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { && (s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) == 0) {
/* s->s3->handshake_fragment_len = 0;
* s->s3->handshake_fragment_len = 0;
*/
rr->length = 0; rr->length = 0;
ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
goto start; goto start;
} }
if (s->s3->alert_fragment_len >= 2) { if (s->s3->alert_fragment_len >= 2) {
int alert_level = s->s3->alert_fragment[0]; int alert_level = s->s3->alert_fragment[0];
int alert_descr = s->s3->alert_fragment[1]; int alert_descr = s->s3->alert_fragment[1];
@ -1498,7 +1496,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
s->rwstate = SSL_NOTHING; s->rwstate = SSL_NOTHING;
s->s3->fatal_alert = alert_descr; s->s3->fatal_alert = alert_descr;
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr); SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr);
ERR_add_error_data(2, "SSL alert number ", tmp); ERR_add_error_data(2, "SSL alert number ", tmp);
s->shutdown |= SSL_RECEIVED_SHUTDOWN; s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->session_ctx, s->session); SSL_CTX_remove_session(s->session_ctx, s->session);

4
thirdparty/openssl/ssl/s3_srvr.c vendored
View File

@ -2510,7 +2510,7 @@ int ssl3_get_client_key_exchange(SSL *s)
/* /*
* Note that the length is checked again below, ** after decryption * Note that the length is checked again below, ** after decryption
*/ */
if (enc_pms.length > sizeof pms) { if (enc_pms.length > sizeof(pms)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG); SSL_R_DATA_LENGTH_TOO_LONG);
goto err; goto err;
@ -2563,7 +2563,7 @@ int ssl3_get_client_key_exchange(SSL *s)
if (enc == NULL) if (enc == NULL)
goto err; goto err;
memset(iv, 0, sizeof iv); /* per RFC 1510 */ memset(iv, 0, sizeof(iv)); /* per RFC 1510 */
if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) { if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,

10
thirdparty/openssl/ssl/ssl_cert.c vendored
View File

@ -636,13 +636,13 @@ SESS_CERT *ssl_sess_cert_new(void)
{ {
SESS_CERT *ret; SESS_CERT *ret;
ret = OPENSSL_malloc(sizeof *ret); ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) { if (ret == NULL) {
SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
return NULL; return NULL;
} }
memset(ret, 0, sizeof *ret); memset(ret, 0, sizeof(*ret));
ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1; ret->references = 1;
@ -1018,15 +1018,15 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
char buf[1024]; char buf[1024];
int r; int r;
if (strlen(dir) + strlen(filename) + 2 > sizeof buf) { if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) {
SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,
SSL_R_PATH_TOO_LONG); SSL_R_PATH_TOO_LONG);
goto err; goto err;
} }
#ifdef OPENSSL_SYS_VMS #ifdef OPENSSL_SYS_VMS
r = BIO_snprintf(buf, sizeof buf, "%s%s", dir, filename); r = BIO_snprintf(buf, sizeof(buf), "%s%s", dir, filename);
#else #else
r = BIO_snprintf(buf, sizeof buf, "%s/%s", dir, filename); r = BIO_snprintf(buf, sizeof(buf), "%s/%s", dir, filename);
#endif #endif
if (r <= 0 || r >= (int)sizeof(buf)) if (r <= 0 || r >= (int)sizeof(buf))
goto err; goto err;

6
thirdparty/openssl/ssl/ssl_lib.c vendored
View File

@ -343,7 +343,7 @@ SSL *SSL_new(SSL_CTX *ctx)
s->verify_depth = ctx->verify_depth; s->verify_depth = ctx->verify_depth;
#endif #endif
s->sid_ctx_length = ctx->sid_ctx_length; s->sid_ctx_length = ctx->sid_ctx_length;
OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx); OPENSSL_assert(s->sid_ctx_length <= sizeof(s->sid_ctx));
memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx)); memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
s->verify_callback = ctx->default_verify_callback; s->verify_callback = ctx->default_verify_callback;
s->generate_session_id = ctx->generate_session_id; s->generate_session_id = ctx->generate_session_id;
@ -437,7 +437,7 @@ SSL *SSL_new(SSL_CTX *ctx)
int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
unsigned int sid_ctx_len) unsigned int sid_ctx_len)
{ {
if (sid_ctx_len > sizeof ctx->sid_ctx) { if (sid_ctx_len > sizeof(ctx->sid_ctx)) {
SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
return 0; return 0;
@ -490,7 +490,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
*/ */
SSL_SESSION r, *p; SSL_SESSION r, *p;
if (id_len > sizeof r.session_id) if (id_len > sizeof(r.session_id))
return 0; return 0;
r.ssl_version = ssl->version; r.ssl_version = ssl->version;

8
thirdparty/openssl/ssl/ssl_sess.c vendored
View File

@ -529,7 +529,7 @@ int ssl_get_new_session(SSL *s, int session)
ss->session_id_length = 0; ss->session_id_length = 0;
} }
if (s->sid_ctx_length > sizeof ss->sid_ctx) { if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
SSL_SESSION_free(ss); SSL_SESSION_free(ss);
return 0; return 0;
@ -870,9 +870,9 @@ void SSL_SESSION_free(SSL_SESSION *ss)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg); OPENSSL_cleanse(ss->key_arg, sizeof(ss->key_arg));
OPENSSL_cleanse(ss->master_key, sizeof ss->master_key); OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
OPENSSL_cleanse(ss->session_id, sizeof ss->session_id); OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
if (ss->sess_cert != NULL) if (ss->sess_cert != NULL)
ssl_sess_cert_free(ss->sess_cert); ssl_sess_cert_free(ss->sess_cert);
if (ss->peer != NULL) if (ss->peer != NULL)

10
thirdparty/openssl/ssl/t1_enc.c vendored
View File

@ -972,7 +972,7 @@ int tls1_final_finish_mac(SSL *s,
int hashsize = EVP_MD_size(md); int hashsize = EVP_MD_size(md);
EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx]; EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
if (!hdgst || hashsize < 0 if (!hdgst || hashsize < 0
|| hashsize > (int)(sizeof buf - (size_t)(q - buf))) { || hashsize > (int)(sizeof(buf) - (size_t)(q - buf))) {
/* /*
* internal error: 'buf' is too small for this cipersuite! * internal error: 'buf' is too small for this cipersuite!
*/ */
@ -990,7 +990,7 @@ int tls1_final_finish_mac(SSL *s,
if (!tls1_PRF(ssl_get_algorithm2(s), if (!tls1_PRF(ssl_get_algorithm2(s),
str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0, str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
s->session->master_key, s->session->master_key_length, s->session->master_key, s->session->master_key_length,
out, buf2, sizeof buf2)) out, buf2, sizeof(buf2)))
err = 1; err = 1;
EVP_MD_CTX_cleanup(&ctx); EVP_MD_CTX_cleanup(&ctx);
@ -999,7 +999,7 @@ int tls1_final_finish_mac(SSL *s,
if (err) if (err)
return 0; return 0;
else else
return sizeof buf2; return sizeof(buf2);
} }
int tls1_mac(SSL *ssl, unsigned char *md, int send) int tls1_mac(SSL *ssl, unsigned char *md, int send)
@ -1165,8 +1165,8 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
s->s3->client_random, SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE,
co, col, co, col,
s->s3->server_random, SSL3_RANDOM_SIZE, s->s3->server_random, SSL3_RANDOM_SIZE,
so, sol, p, len, s->session->master_key, buff, sizeof buff); so, sol, p, len, s->session->master_key, buff, sizeof(buff));
OPENSSL_cleanse(buff, sizeof buff); OPENSSL_cleanse(buff, sizeof(buff));
#ifdef SSL_DEBUG #ifdef SSL_DEBUG
fprintf(stderr, "Premaster Secret:\n"); fprintf(stderr, "Premaster Secret:\n");
BIO_dump_fp(stderr, (char *)p, len); BIO_dump_fp(stderr, (char *)p, len);

27
thirdparty/openssl/ssl/t1_lib.c vendored
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -2284,8 +2284,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
# ifndef OPENSSL_NO_EC # ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats) { else if (type == TLSEXT_TYPE_ec_point_formats) {
unsigned char *sdata = data; unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++); int ecpointformatlist_length;
if (size == 0)
goto err;
ecpointformatlist_length = *(sdata++);
if (ecpointformatlist_length != size - 1 || if (ecpointformatlist_length != size - 1 ||
ecpointformatlist_length < 1) ecpointformatlist_length < 1)
goto err; goto err;
@ -2711,8 +2715,14 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
# ifndef OPENSSL_NO_EC # ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats) { else if (type == TLSEXT_TYPE_ec_point_formats) {
unsigned char *sdata = data; unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++); int ecpointformatlist_length;
if (size == 0) {
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
ecpointformatlist_length = *(sdata++);
if (ecpointformatlist_length != size - 1) { if (ecpointformatlist_length != size - 1) {
*al = TLS1_AD_DECODE_ERROR; *al = TLS1_AD_DECODE_ERROR;
return 0; return 0;
@ -3505,6 +3515,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx;
SSL_CTX *tctx = s->initial_ctx; SSL_CTX *tctx = s->initial_ctx;
/* Need at least keyname + iv */
if (eticklen < 16 + EVP_MAX_IV_LENGTH)
return 2;
/* Initialize session ticket encryption and HMAC contexts */ /* Initialize session ticket encryption and HMAC contexts */
HMAC_CTX_init(&hctx); HMAC_CTX_init(&hctx);
EVP_CIPHER_CTX_init(&ctx); EVP_CIPHER_CTX_init(&ctx);
@ -3513,9 +3527,12 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16, int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
&ctx, &hctx, 0); &ctx, &hctx, 0);
if (rv < 0) if (rv < 0)
return -1; goto err;
if (rv == 0) if (rv == 0) {
HMAC_CTX_cleanup(&hctx);
EVP_CIPHER_CTX_cleanup(&ctx);
return 2; return 2;
}
if (rv == 2) if (rv == 2)
renew_ticket = 1; renew_ticket = 1;
} else { } else {

6
thirdparty/openssl/ssl/t1_trce.c vendored
View File

@ -1247,13 +1247,15 @@ void SSL_trace(int write_p, int version, int content_type,
break; break;
case SSL3_RT_ALERT: case SSL3_RT_ALERT:
if (msglen != 2) if (msglen != 2) {
BIO_puts(bio, " Illegal Alert Length\n"); BIO_puts(bio, " Illegal Alert Length\n");
else { } else {
BIO_printf(bio, " Level=%s(%d), description=%s(%d)\n", BIO_printf(bio, " Level=%s(%d), description=%s(%d)\n",
SSL_alert_type_string_long(msg[0] << 8), SSL_alert_type_string_long(msg[0] << 8),
msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]); msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]);
} }
break;
case TLS1_RT_HEARTBEAT: case TLS1_RT_HEARTBEAT:
ssl_print_heartbeat(bio, 4, msg, msglen); ssl_print_heartbeat(bio, 4, msg, msglen);
break; break;