Changes between 1.0.1m and 1.0.1n [11 Jun 2015]

*) Malformed ECParameters causes infinite loop

     When processing an ECParameters structure OpenSSL enters an infinite loop
     if the curve specified is over a specially malformed binary polynomial
     field.

     This can be used to perform denial of service against any
     system which processes public keys, certificate requests or
     certificates.  This includes TLS clients and TLS servers with
     client authentication enabled.

     This issue was reported to OpenSSL by Joseph Barr-Pixton.
     (CVE-2015-1788)
     [Andy Polyakov]

  *) Exploitable out-of-bounds read in X509_cmp_time

     X509_cmp_time does not properly check the length of the ASN1_TIME
     string and can read a few bytes out of bounds. In addition,
     X509_cmp_time accepts an arbitrary number of fractional seconds in the
     time string.

     An attacker can use this to craft malformed certificates and CRLs of
     various sizes and potentially cause a segmentation fault, resulting in
     a DoS on applications that verify certificates or CRLs. TLS clients
     that verify CRLs are affected. TLS clients and servers with client
     authentication enabled may be affected if they use custom verification
     callbacks.

     This issue was reported to OpenSSL by Robert Swiecki (Google), and
     independently by Hanno Böck.
     (CVE-2015-1789)
     [Emilia Käsper]

  *) PKCS7 crash with missing EnvelopedContent

     The PKCS#7 parsing code does not handle missing inner EncryptedContent
     correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
     with missing content and trigger a NULL pointer dereference on parsing.

     Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
     structures from untrusted sources are affected. OpenSSL clients and
     servers are not affected.

     This issue was reported to OpenSSL by Michal Zalewski (Google).
     (CVE-2015-1790)
     [Emilia Käsper]

  *) CMS verify infinite loop with unknown hash function

     When verifying a signedData message the CMS code can enter an infinite loop
     if presented with an unknown hash function OID. This can be used to perform
     denial of service against any system which verifies signedData messages using
     the CMS code.
     This issue was reported to OpenSSL by Johannes Bauer.
     (CVE-2015-1792)
     [Stephen Henson]

  *) Race condition handling NewSessionTicket

     If a NewSessionTicket is received by a multi-threaded client when attempting to
     reuse a previous ticket then a race condition can occur potentially leading to
     a double free of the ticket data.
     (CVE-2015-1791)
     [Matt Caswell]

  *) Reject DH handshakes with parameters shorter than 768 bits.
     [Kurt Roeckx and Emilia Kasper]
This commit is contained in:
christos 2015-06-12 16:34:57 +00:00
parent 49e70f47cc
commit 9cae6e10c2
152 changed files with 1064 additions and 309 deletions

View File

@ -184,7 +184,7 @@ WTARFILE= $(NAME)-win.tar
EXHEADER= e_os2.h EXHEADER= e_os2.h
HEADER= e_os.h HEADER= e_os.h
all: Makefile build_all openssl.pc libssl.pc libcrypto.pc all: Makefile build_all
# as we stick to -e, CLEARENV ensures that local variables in lower # as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn # Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@ -270,7 +270,10 @@ reflect:
sub_all: build_all sub_all: build_all
build_all: build_libs build_apps build_tests build_tools build_all: build_libs build_apps build_tests build_tools
build_libs: build_crypto build_ssl build_engines build_libs: build_libcrypto build_libssl openssl.pc
build_libcrypto: build_crypto build_engines libcrypto.pc
build_libssl: build_ssl libssl.pc
build_crypto: build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD) @dir=crypto; target=all; $(BUILD_ONE_CMD)
@ -459,6 +462,9 @@ tests: rehash
report: report:
@$(PERL) util/selftest.pl @$(PERL) util/selftest.pl
update: errors stacks util/libeay.num util/ssleay.num TABLE
@set -e; target=update; $(RECURSIVE_BUILD_CMD)
depend: depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD) @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
@ -483,26 +489,10 @@ util/libeay.num::
util/ssleay.num:: util/ssleay.num::
$(PERL) util/mkdef.pl ssl update $(PERL) util/mkdef.pl ssl update
crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
apps/openssl-vms.cnf: apps/openssl.cnf
$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
TABLE: Configure TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \ (echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE $(PERL) Configure TABLE) > TABLE
update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
# Build distribution tar-file. As the list of files returned by "find" is # Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar # pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file # would occur. Therefore the list of files is temporarily stored into a file

View File

@ -94,6 +94,9 @@ req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
sreq.o: req.c sreq.o: req.c
$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
openssl-vms.cnf: openssl.cnf
$(PERL) $(TOP)/VMS/VMSify-conf.pl < openssl.cnf > openssl-vms.cnf
files: files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@ -127,12 +130,12 @@ links:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
depend: update: openssl-vms.cnf local_depend
@if [ -z "$(THIS)" ]; then \
$(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \ depend: local_depend
else \ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \ local_depend:
fi @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
dclean: dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@ -144,10 +147,10 @@ clean:
rm -f req rm -f req
$(DLIBSSL): $(DLIBSSL):
(cd ..; $(MAKE) DIRS=ssl all) (cd ..; $(MAKE) build_libssl)
$(DLIBCRYPTO): $(DLIBCRYPTO):
(cd ..; $(MAKE) DIRS=crypto all) (cd ..; $(MAKE) build_libcrypto)
$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
$(RM) $(EXE) $(RM) $(EXE)

View File

@ -2238,6 +2238,8 @@ int args_verify(char ***pargs, int *pargc,
flags |= X509_V_FLAG_NOTIFY_POLICY; flags |= X509_V_FLAG_NOTIFY_POLICY;
else if (!strcmp(arg, "-check_ss_sig")) else if (!strcmp(arg, "-check_ss_sig"))
flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
else if (!strcmp(arg, "-no_alt_chains"))
flags |= X509_V_FLAG_NO_ALT_CHAINS;
else else
return 0; return 0;

View File

@ -375,7 +375,7 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
{ {
CONF *cnf = NULL; CONF *cnf = NULL;
int len; int len;
long errline; long errline = 0;
unsigned char *p; unsigned char *p;
ASN1_TYPE *atyp = NULL; ASN1_TYPE *atyp = NULL;

View File

@ -580,6 +580,8 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, BIO_printf(bio_err,
"-CApath dir trusted certificates directory\n"); "-CApath dir trusted certificates directory\n");
BIO_printf(bio_err, "-CAfile file trusted certificates file\n"); BIO_printf(bio_err, "-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
"-no_alt_chains only ever use the first certificate chain found\n");
BIO_printf(bio_err, BIO_printf(bio_err,
"-crl_check check revocation status of signer's certificate using CRLs\n"); "-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf(bio_err, BIO_printf(bio_err,

View File

@ -130,7 +130,7 @@
# undef PROG # undef PROG
# define PROG dhparam_main # define PROG dhparam_main
# define DEFBITS 512 # define DEFBITS 2048
/*- /*-
* -inform arg - input format - default PEM (DER or PEM) * -inform arg - input format - default PEM (DER or PEM)
@ -254,7 +254,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, BIO_printf(bio_err,
" -5 generate parameters using 5 as the generator value\n"); " -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err, BIO_printf(bio_err,
" numbits number of bits in to generate (default 512)\n"); " numbits number of bits in to generate (default 2048)\n");
# ifndef OPENSSL_NO_ENGINE # ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n"); " -engine e use engine e, possibly a hardware device.\n");

View File

@ -548,10 +548,15 @@ int MAIN(int argc, char **argv)
else else
OPENSSL_cleanse(str, strlen(str)); OPENSSL_cleanse(str, strlen(str));
} }
if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) { if (hiv != NULL) {
int siz = EVP_CIPHER_iv_length(cipher);
if (siz == 0) {
BIO_printf(bio_err, "warning: iv not use by this cipher\n");
} else if (!set_hex(hiv, iv, sizeof iv)) {
BIO_printf(bio_err, "invalid hex iv value\n"); BIO_printf(bio_err, "invalid hex iv value\n");
goto end; goto end;
} }
}
if ((hiv == NULL) && (str == NULL) if ((hiv == NULL) && (str == NULL)
&& EVP_CIPHER_iv_length(cipher) != 0) { && EVP_CIPHER_iv_length(cipher) != 0) {
/* /*
@ -562,7 +567,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "iv undefined\n"); BIO_printf(bio_err, "iv undefined\n");
goto end; goto end;
} }
if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) { if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
BIO_printf(bio_err, "invalid hex key value\n"); BIO_printf(bio_err, "invalid hex key value\n");
goto end; goto end;
} }

View File

@ -80,7 +80,7 @@
# include <openssl/x509.h> # include <openssl/x509.h>
# include <openssl/pem.h> # include <openssl/pem.h>
# define DEFBITS 512 # define DEFBITS 2048
# undef PROG # undef PROG
# define PROG gendh_main # define PROG gendh_main

View File

@ -111,6 +111,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> /* for memcpy() */
#define USE_SOCKETS #define USE_SOCKETS
#define NON_MAIN #define NON_MAIN
#include "apps.h" #include "apps.h"
@ -747,7 +748,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie,
/* Initialize a random secret */ /* Initialize a random secret */
if (!cookie_initialized) { if (!cookie_initialized) {
if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) { if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
BIO_printf(bio_err, "error setting random cookie secret\n"); BIO_printf(bio_err, "error setting random cookie secret\n");
return 0; return 0;
} }

View File

@ -441,6 +441,8 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, BIO_printf(bio_err,
"-CApath dir trusted certificates directory\n"); "-CApath dir trusted certificates directory\n");
BIO_printf(bio_err, "-CAfile file trusted certificates file\n"); BIO_printf(bio_err, "-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
"-no_alt_chains only ever use the first certificate chain found\n");
BIO_printf(bio_err, BIO_printf(bio_err,
"-crl_check check revocation status of signer's certificate using CRLs\n"); "-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf(bio_err, BIO_printf(bio_err,

View File

@ -227,7 +227,7 @@ int MAIN(int argc, char **argv)
if (ret == 1) { if (ret == 1) {
BIO_printf(bio_err, BIO_printf(bio_err,
"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]"); "usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
BIO_printf(bio_err, " [-attime timestamp]"); BIO_printf(bio_err, " [-no_alt_chains] [-attime timestamp]");
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " [-engine e]"); BIO_printf(bio_err, " [-engine e]");
#endif #endif

View File

@ -93,6 +93,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -124,6 +124,8 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
else { else {
ret = a->length; ret = a->length;
i = a->data[0]; i = a->data[0];
if (ret == 1 && i == 0)
neg = 0;
if (!neg && (i > 127)) { if (!neg && (i > 127)) {
pad = 1; pad = 1;
pb = 0; pb = 0;
@ -162,7 +164,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
p += a->length - 1; p += a->length - 1;
i = a->length; i = a->length;
/* Copy zeros to destination as long as source is zero */ /* Copy zeros to destination as long as source is zero */
while (!*n) { while (!*n && i > 1) {
*(p--) = 0; *(p--) = 0;
n--; n--;
i--; i--;
@ -419,7 +421,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR); ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
goto err; goto err;
} }
if (BN_is_negative(bn)) if (BN_is_negative(bn) && !BN_is_zero(bn))
ret->type = V_ASN1_NEG_INTEGER; ret->type = V_ASN1_NEG_INTEGER;
else else
ret->type = V_ASN1_INTEGER; ret->type = V_ASN1_INTEGER;

View File

@ -74,6 +74,8 @@
#define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val} #define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val}
#define ASN1_FLAG_EXP_MAX 20 #define ASN1_FLAG_EXP_MAX 20
/* Maximum number of nested sequences */
#define ASN1_GEN_SEQ_MAX_DEPTH 50
/* Input formats */ /* Input formats */
@ -110,13 +112,16 @@ typedef struct {
int exp_count; int exp_count;
} tag_exp_arg; } tag_exp_arg;
static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
int *perr);
static int bitstr_cb(const char *elem, int len, void *bitstr); static int bitstr_cb(const char *elem, int len, void *bitstr);
static int asn1_cb(const char *elem, int len, void *bitstr); static int asn1_cb(const char *elem, int len, void *bitstr);
static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
int exp_constructed, int exp_pad, int imp_ok); int exp_constructed, int exp_pad, int imp_ok);
static int parse_tagging(const char *vstart, int vlen, int *ptag, static int parse_tagging(const char *vstart, int vlen, int *ptag,
int *pclass); int *pclass);
static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf); static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
int depth, int *perr);
static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype); static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
static int asn1_str2tag(const char *tagstr, int len); static int asn1_str2tag(const char *tagstr, int len);
@ -132,6 +137,16 @@ ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf)
} }
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
{
int err = 0;
ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err);
if (err)
ASN1err(ASN1_F_ASN1_GENERATE_V3, err);
return ret;
}
static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
int *perr)
{ {
ASN1_TYPE *ret; ASN1_TYPE *ret;
tag_exp_arg asn1_tags; tag_exp_arg asn1_tags;
@ -152,17 +167,22 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
asn1_tags.imp_class = -1; asn1_tags.imp_class = -1;
asn1_tags.format = ASN1_GEN_FORMAT_ASCII; asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
asn1_tags.exp_count = 0; asn1_tags.exp_count = 0;
if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) {
*perr = ASN1_R_UNKNOWN_TAG;
return NULL; return NULL;
}
if ((asn1_tags.utype == V_ASN1_SEQUENCE) if ((asn1_tags.utype == V_ASN1_SEQUENCE)
|| (asn1_tags.utype == V_ASN1_SET)) { || (asn1_tags.utype == V_ASN1_SET)) {
if (!cnf) { if (!cnf) {
ASN1err(ASN1_F_ASN1_GENERATE_V3, *perr = ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG;
ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
return NULL; return NULL;
} }
ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf); if (depth >= ASN1_GEN_SEQ_MAX_DEPTH) {
*perr = ASN1_R_ILLEGAL_NESTED_TAGGING;
return NULL;
}
ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf, depth, perr);
} else } else
ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype); ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);
@ -280,7 +300,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
int tmp_tag, tmp_class; int tmp_tag, tmp_class;
if (elem == NULL) if (elem == NULL)
return 0; return -1;
for (i = 0, p = elem; i < len; p++, i++) { for (i = 0, p = elem; i < len; p++, i++) {
/* Look for the ':' in name value pairs */ /* Look for the ':' in name value pairs */
@ -435,7 +455,8 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
/* Handle multiple types: SET and SEQUENCE */ /* Handle multiple types: SET and SEQUENCE */
static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf) static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
int depth, int *perr)
{ {
ASN1_TYPE *ret = NULL; ASN1_TYPE *ret = NULL;
STACK_OF(ASN1_TYPE) *sk = NULL; STACK_OF(ASN1_TYPE) *sk = NULL;
@ -454,7 +475,8 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
goto bad; goto bad;
for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
ASN1_TYPE *typ = ASN1_TYPE *typ =
ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf); generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf,
depth + 1, perr);
if (!typ) if (!typ)
goto bad; goto bad;
if (!sk_ASN1_TYPE_push(sk, typ)) if (!sk_ASN1_TYPE_push(sk, typ))

View File

@ -100,9 +100,6 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
else else
asn1_cb = 0; asn1_cb = 0;
if (!combine)
*pval = NULL;
#ifdef CRYPTO_MDEBUG #ifdef CRYPTO_MDEBUG
if (it->sname) if (it->sname)
CRYPTO_push_info(it->sname); CRYPTO_push_info(it->sname);

View File

@ -72,6 +72,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -73,6 +73,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -704,11 +704,12 @@ doapr_outch(char **sbuffer,
/* If we haven't at least one buffer, someone has doe a big booboo */ /* If we haven't at least one buffer, someone has doe a big booboo */
assert(*sbuffer != NULL || buffer != NULL); assert(*sbuffer != NULL || buffer != NULL);
if (buffer) { /* |currlen| must always be <= |*maxlen| */
while (*currlen >= *maxlen) { assert(*currlen <= *maxlen);
if (buffer && *currlen == *maxlen) {
*maxlen += 1024;
if (*buffer == NULL) { if (*buffer == NULL) {
if (*maxlen == 0)
*maxlen = 1024;
*buffer = OPENSSL_malloc(*maxlen); *buffer = OPENSSL_malloc(*maxlen);
if (!*buffer) { if (!*buffer) {
/* Panic! Can't really do anything sensible. Just return */ /* Panic! Can't really do anything sensible. Just return */
@ -720,7 +721,6 @@ doapr_outch(char **sbuffer,
} }
*sbuffer = NULL; *sbuffer = NULL;
} else { } else {
*maxlen += 1024;
*buffer = OPENSSL_realloc(*buffer, *maxlen); *buffer = OPENSSL_realloc(*buffer, *maxlen);
if (!*buffer) { if (!*buffer) {
/* Panic! Can't really do anything sensible. Just return */ /* Panic! Can't really do anything sensible. Just return */
@ -728,9 +728,6 @@ doapr_outch(char **sbuffer,
} }
} }
} }
/* What to do if *buffer is NULL? */
assert(*sbuffer != NULL || *buffer != NULL);
}
if (*currlen < *maxlen) { if (*currlen < *maxlen) {
if (*sbuffer) if (*sbuffer)

View File

@ -139,7 +139,8 @@ static int nbiof_read(BIO *b, char *out, int outl)
BIO_clear_retry_flags(b); BIO_clear_retry_flags(b);
#if 1 #if 1
RAND_pseudo_bytes(&n, 1); if (RAND_pseudo_bytes(&n, 1) < 0)
return -1;
num = (n & 0x07); num = (n & 0x07);
if (outl > num) if (outl > num)
@ -178,7 +179,8 @@ static int nbiof_write(BIO *b, const char *in, int inl)
num = nt->lwn; num = nt->lwn;
nt->lwn = 0; nt->lwn = 0;
} else { } else {
RAND_pseudo_bytes(&n, 1); if (RAND_pseudo_bytes(&n, 1) < 0)
return -1;
num = (n & 7); num = (n & 7);
} }

View File

@ -536,8 +536,10 @@ BIO *BIO_dup_chain(BIO *in)
/* copy app data */ /* copy app data */
if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new_bio->ex_data, if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new_bio->ex_data,
&bio->ex_data)) &bio->ex_data)) {
BIO_free(new_bio);
goto err; goto err;
}
if (ret == NULL) { if (ret == NULL) {
eoc = new_bio; eoc = new_bio;
@ -549,8 +551,8 @@ BIO *BIO_dup_chain(BIO *in)
} }
return (ret); return (ret);
err: err:
if (ret != NULL) BIO_free_all(ret);
BIO_free(ret);
return (NULL); return (NULL);
} }

View File

@ -299,16 +299,17 @@ static void dgram_adjust_rcv_timeout(BIO *b)
/* Calculate time left until timer expires */ /* Calculate time left until timer expires */
memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval)); memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
timeleft.tv_sec -= timenow.tv_sec; if (timeleft.tv_usec < timenow.tv_usec) {
timeleft.tv_usec -= timenow.tv_usec; timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
if (timeleft.tv_usec < 0) {
timeleft.tv_sec--; timeleft.tv_sec--;
timeleft.tv_usec += 1000000; } else {
timeleft.tv_usec -= timenow.tv_usec;
} }
if (timeleft.tv_sec < timenow.tv_sec) {
if (timeleft.tv_sec < 0) {
timeleft.tv_sec = 0; timeleft.tv_sec = 0;
timeleft.tv_usec = 1; timeleft.tv_usec = 1;
} else {
timeleft.tv_sec -= timenow.tv_sec;
} }
/* /*
@ -1293,7 +1294,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
(socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
authchunks = OPENSSL_malloc(optlen); authchunks = OPENSSL_malloc(optlen);
if (!authchunks) { if (!authchunks) {
BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_ERROR); BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE);
return -1; return -1;
} }
memset(authchunks, 0, sizeof(optlen)); memset(authchunks, 0, sizeof(optlen));
@ -1365,7 +1366,7 @@ static int dgram_sctp_write(BIO *b, const char *in, int inl)
char *tmp; char *tmp;
data->saved_message.bio = b; data->saved_message.bio = b;
if (!(tmp = OPENSSL_malloc(inl))) { if (!(tmp = OPENSSL_malloc(inl))) {
BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_ERROR); BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
return -1; return -1;
} }
if (data->saved_message.data) if (data->saved_message.data)

View File

@ -167,6 +167,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: bn_prime.h depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -1,6 +1,6 @@
/* crypto/bn/bn_err.c */ /* crypto/bn/bn_err.c */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -94,6 +94,7 @@ static ERR_STRING_DATA BN_str_functs[] = {
{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"}, {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"},
{ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"}, {ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"},
{ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"}, {ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"},
{ERR_FUNC(BN_F_BN_LSHIFT), "BN_lshift"},
{ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"}, {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"},
{ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"}, {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"},
{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"}, {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"},
@ -109,6 +110,7 @@ static ERR_STRING_DATA BN_str_functs[] = {
{ERR_FUNC(BN_F_BN_NEW), "BN_new"}, {ERR_FUNC(BN_F_BN_NEW), "BN_new"},
{ERR_FUNC(BN_F_BN_RAND), "BN_rand"}, {ERR_FUNC(BN_F_BN_RAND), "BN_rand"},
{ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"}, {ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"},
{ERR_FUNC(BN_F_BN_RSHIFT), "BN_rshift"},
{ERR_FUNC(BN_F_BN_USUB), "BN_usub"}, {ERR_FUNC(BN_F_BN_USUB), "BN_usub"},
{0, NULL} {0, NULL}
}; };
@ -117,6 +119,7 @@ static ERR_STRING_DATA BN_str_reasons[] = {
{ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"}, {ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"},
{ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"}, {ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"},
{ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"}, {ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"},
{ERR_REASON(BN_R_BITS_TOO_SMALL), "bits too small"},
{ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"}, {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
{ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"}, {ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"},
{ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"}, {ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"},
@ -125,6 +128,7 @@ static ERR_STRING_DATA BN_str_reasons[] = {
{ERR_REASON(BN_R_INPUT_NOT_REDUCED), "input not reduced"}, {ERR_REASON(BN_R_INPUT_NOT_REDUCED), "input not reduced"},
{ERR_REASON(BN_R_INVALID_LENGTH), "invalid length"}, {ERR_REASON(BN_R_INVALID_LENGTH), "invalid length"},
{ERR_REASON(BN_R_INVALID_RANGE), "invalid range"}, {ERR_REASON(BN_R_INVALID_RANGE), "invalid range"},
{ERR_REASON(BN_R_INVALID_SHIFT), "invalid shift"},
{ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"}, {ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"},
{ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"}, {ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"},
{ERR_REASON(BN_R_NO_INVERSE), "no inverse"}, {ERR_REASON(BN_R_NO_INVERSE), "no inverse"},

View File

@ -694,9 +694,10 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
} }
# else # else
{ {
int i, ubits = BN_num_bits(u), vbits = BN_num_bits(v), /* v is copy int i;
* of p */ int ubits = BN_num_bits(u);
top = p->top; int vbits = BN_num_bits(v); /* v is copy of p */
int top = p->top;
BN_ULONG *udp, *bdp, *vdp, *cdp; BN_ULONG *udp, *bdp, *vdp, *cdp;
bn_wexpand(u, top); bn_wexpand(u, top);
@ -740,8 +741,12 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
ubits--; ubits--;
} }
if (ubits <= BN_BITS2 && udp[0] == 1) if (ubits <= BN_BITS2) {
if (udp[0] == 0) /* poly was reducible */
goto err;
if (udp[0] == 1)
break; break;
}
if (ubits < vbits) { if (ubits < vbits) {
i = ubits; i = ubits;

View File

@ -71,7 +71,12 @@ char *BN_bn2hex(const BIGNUM *a)
char *buf; char *buf;
char *p; char *p;
buf = (char *)OPENSSL_malloc(a->top * BN_BYTES * 2 + 2); if (a->neg && BN_is_zero(a)) {
/* "-0" == 3 bytes including NULL terminator */
buf = OPENSSL_malloc(3);
} else {
buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
}
if (buf == NULL) { if (buf == NULL) {
BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE); BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
goto err; goto err;

View File

@ -121,6 +121,11 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
int ret = 0, bit, bytes, mask; int ret = 0, bit, bytes, mask;
time_t tim; time_t tim;
if (bits < 0 || (bits == 1 && top > 0)) {
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
return 0;
}
if (bits == 0) { if (bits == 0) {
BN_zero(rnd); BN_zero(rnd);
return 1; return 1;
@ -157,7 +162,8 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
unsigned char c; unsigned char c;
for (i = 0; i < bytes; i++) { for (i = 0; i < bytes; i++) {
RAND_pseudo_bytes(&c, 1); if (RAND_pseudo_bytes(&c, 1) < 0)
goto err;
if (c >= 128 && i > 0) if (c >= 128 && i > 0)
buf[i] = buf[i - 1]; buf[i] = buf[i - 1];
else if (c < 42) else if (c < 42)
@ -168,7 +174,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
} }
#endif #endif
if (top != -1) { if (top >= 0) {
if (top) { if (top) {
if (bit == 0) { if (bit == 0) {
buf[0] = 1; buf[0] = 1;

View File

@ -137,6 +137,11 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
bn_check_top(r); bn_check_top(r);
bn_check_top(a); bn_check_top(a);
if (n < 0) {
BNerr(BN_F_BN_LSHIFT, BN_R_INVALID_SHIFT);
return 0;
}
r->neg = a->neg; r->neg = a->neg;
nw = n / BN_BITS2; nw = n / BN_BITS2;
if (bn_wexpand(r, a->top + nw + 1) == NULL) if (bn_wexpand(r, a->top + nw + 1) == NULL)
@ -174,6 +179,11 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
bn_check_top(r); bn_check_top(r);
bn_check_top(a); bn_check_top(a);
if (n < 0) {
BNerr(BN_F_BN_RSHIFT, BN_R_INVALID_SHIFT);
return 0;
}
nw = n / BN_BITS2; nw = n / BN_BITS2;
rb = n % BN_BITS2; rb = n % BN_BITS2;
lb = BN_BITS2 - rb; lb = BN_BITS2 - rb;

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -73,6 +73,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -69,6 +69,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -126,6 +126,8 @@ EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx)
void CMAC_CTX_free(CMAC_CTX *ctx) void CMAC_CTX_free(CMAC_CTX *ctx)
{ {
if (!ctx)
return;
CMAC_CTX_cleanup(ctx); CMAC_CTX_cleanup(ctx);
OPENSSL_free(ctx); OPENSSL_free(ctx);
} }

View File

@ -67,6 +67,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -131,7 +131,7 @@ static void do_free_upto(BIO *f, BIO *upto)
BIO_free(f); BIO_free(f);
f = tbio; f = tbio;
} }
while (f != upto); while (f && f != upto);
} else } else
BIO_free_all(f); BIO_free_all(f);
} }

View File

@ -64,6 +64,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

View File

@ -64,6 +64,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

View File

@ -94,6 +94,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -96,6 +96,9 @@ int DES_enc_write(int fd, const void *_buf, int len,
const unsigned char *cp; const unsigned char *cp;
static int start = 1; static int start = 1;
if (len < 0)
return -1;
if (outbuf == NULL) { if (outbuf == NULL) {
outbuf = OPENSSL_malloc(BSIZE + HDRSIZE); outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
if (outbuf == NULL) if (outbuf == NULL)
@ -132,7 +135,9 @@ int DES_enc_write(int fd, const void *_buf, int len,
if (len < 8) { if (len < 8) {
cp = shortbuf; cp = shortbuf;
memcpy(shortbuf, buf, len); memcpy(shortbuf, buf, len);
RAND_pseudo_bytes(shortbuf + len, 8 - len); if (RAND_pseudo_bytes(shortbuf + len, 8 - len) < 0) {
return -1;
}
rnum = 8; rnum = 8;
} else { } else {
cp = buf; cp = buf;

View File

@ -63,6 +63,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -63,6 +63,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -202,7 +202,8 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
goto err; goto err;
if (!seed_len) { if (!seed_len) {
RAND_pseudo_bytes(seed, qsize); if (RAND_pseudo_bytes(seed, qsize) < 0)
goto err;
seed_is_random = 1; seed_is_random = 1;
} else { } else {
seed_is_random = 0; seed_is_random = 0;

View File

@ -63,6 +63,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -70,6 +70,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -387,7 +387,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
} }
/* test required by X9.62 */ /* test required by X9.62 */
if (!EC_POINT_is_on_curve(group, point, ctx)) { if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
goto err; goto err;
} }

View File

@ -85,7 +85,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR); ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
goto err; goto err;
} }
if (!EC_POINT_is_on_curve(group, group->generator, ctx)) { if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) {
ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE); ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
goto err; goto err;
} }

View File

@ -314,7 +314,7 @@ int EC_KEY_check_key(const EC_KEY *eckey)
goto err; goto err;
/* testing whether the pub_key is on the elliptic curve */ /* testing whether the pub_key is on the elliptic curve */
if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { if (EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx) <= 0) {
ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE); ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
goto err; goto err;
} }

View File

@ -451,14 +451,6 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx); int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
int ec_GF2m_have_precompute_mult(const EC_GROUP *group); int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
/* method functions in ec2_mult.c */
int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
const BIGNUM *scalar, size_t num,
const EC_POINT *points[], const BIGNUM *scalars[],
BN_CTX *);
int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
/* method functions in ecp_nistp224.c */ /* method functions in ecp_nistp224.c */
int ec_GFp_nistp224_group_init(EC_GROUP *group); int ec_GFp_nistp224_group_init(EC_GROUP *group);

View File

@ -934,6 +934,13 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
return group->meth->is_at_infinity(group, point); return group->meth->is_at_infinity(group, point);
} }
/*
* Check whether an EC_POINT is on the curve or not. Note that the return
* value for this function should NOT be treated as a boolean. Return values:
* 1: The point is on the curve
* 0: The point is not on the curve
* -1: An error occurred
*/
int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
BN_CTX *ctx) BN_CTX *ctx)
{ {

View File

@ -338,12 +338,14 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
if (buf == NULL) if (buf == NULL)
return 1; return 1;
if (off) { if (off > 0) {
if (off > 128) if (off > 128)
off = 128; off = 128;
memset(str, ' ', off); memset(str, ' ', off);
if (BIO_write(fp, str, off) <= 0) if (BIO_write(fp, str, off) <= 0)
return 0; return 0;
} else {
off = 0;
} }
if (BIO_printf(fp, "%s", name) <= 0) if (BIO_printf(fp, "%s", name) <= 0)

View File

@ -413,7 +413,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
} }
/* test required by X9.62 */ /* test required by X9.62 */
if (!EC_POINT_is_on_curve(group, point, ctx)) { if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
goto err; goto err;
} }

View File

@ -62,6 +62,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -62,6 +62,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -296,8 +296,8 @@ int test_builtin(BIO *out)
int nid, ret = 0; int nid, ret = 0;
/* fill digest values with some random data */ /* fill digest values with some random data */
if (!RAND_pseudo_bytes(digest, 20) || if (RAND_pseudo_bytes(digest, 20) <= 0 ||
!RAND_pseudo_bytes(wrong_digest, 20)) { RAND_pseudo_bytes(wrong_digest, 20) <= 0) {
BIO_printf(out, "ERROR: unable to get random data\n"); BIO_printf(out, "ERROR: unable to get random data\n");
goto builtin_err; goto builtin_err;
} }

View File

@ -351,6 +351,8 @@ void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
ENGINE_PILE_DOALL dall; ENGINE_PILE_DOALL dall;
dall.cb = cb; dall.cb = cb;
dall.arg = arg; dall.arg = arg;
lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb), if (table)
lh_ENGINE_PILE_doall_arg(&table->piles,
LHASH_DOALL_ARG_FN(int_cb),
ENGINE_PILE_DOALL, &dall); ENGINE_PILE_DOALL, &dall);
} }

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -491,7 +491,8 @@ static int sig_out(BIO *b)
* FIXME: there's absolutely no guarantee this makes any sense at all, * FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured. * particularly now EVP_MD_CTX has been restructured.
*/ */
RAND_pseudo_bytes(md->md_data, md->digest->md_size); if (RAND_pseudo_bytes(md->md_data, md->digest->md_size) < 0)
goto berr;
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size); memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
ctx->buf_len += md->digest->md_size; ctx->buf_len += md->digest->md_size;

View File

@ -503,7 +503,12 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
case EVP_CTRL_AEAD_TLS1_AAD: case EVP_CTRL_AEAD_TLS1_AAD:
{ {
unsigned char *p = ptr; unsigned char *p = ptr;
unsigned int len = p[arg - 2] << 8 | p[arg - 1]; unsigned int len;
if (arg != EVP_AEAD_TLS1_AAD_LEN)
return -1;
len = p[arg - 2] << 8 | p[arg - 1];
if (ctx->encrypt) { if (ctx->encrypt) {
key->payload_length = len; key->payload_length = len;
@ -520,8 +525,6 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
- len); - len);
} else { } else {
if (arg > 13)
arg = 13;
memcpy(key->aux.tls_aad, ptr, arg); memcpy(key->aux.tls_aad, ptr, arg);
key->payload_length = arg; key->payload_length = arg;

View File

@ -54,6 +54,7 @@
#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5) #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
# include <openssl/crypto.h>
# include <openssl/evp.h> # include <openssl/evp.h>
# include <openssl/objects.h> # include <openssl/objects.h>
# include <openssl/rc4.h> # include <openssl/rc4.h>
@ -210,7 +211,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH); MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
MD5_Final(mac, &key->md); MD5_Final(mac, &key->md);
if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH)) if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
return 0; return 0;
} else { } else {
MD5_Update(&key->md, out + md5_off, len - md5_off); MD5_Update(&key->md, out + md5_off, len - md5_off);
@ -258,7 +259,12 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
case EVP_CTRL_AEAD_TLS1_AAD: case EVP_CTRL_AEAD_TLS1_AAD:
{ {
unsigned char *p = ptr; unsigned char *p = ptr;
unsigned int len = p[arg - 2] << 8 | p[arg - 1]; unsigned int len;
if (arg != EVP_AEAD_TLS1_AAD_LEN)
return -1;
len = p[arg - 2] << 8 | p[arg - 1];
if (!ctx->encrypt) { if (!ctx->encrypt) {
len -= MD5_DIGEST_LENGTH; len -= MD5_DIGEST_LENGTH;

View File

@ -137,7 +137,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
unsigned int total = 0; unsigned int total = 0;
*outl = 0; *outl = 0;
if (inl == 0) if (inl <= 0)
return; return;
OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
if ((ctx->num + inl) < ctx->length) { if ((ctx->num + inl) < ctx->length) {

View File

@ -103,7 +103,6 @@
# define EVP_PKS_RSA 0x0100 # define EVP_PKS_RSA 0x0100
# define EVP_PKS_DSA 0x0200 # define EVP_PKS_DSA 0x0200
# define EVP_PKS_EC 0x0400 # define EVP_PKS_EC 0x0400
# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
# define EVP_PKEY_NONE NID_undef # define EVP_PKEY_NONE NID_undef
# define EVP_PKEY_RSA NID_rsaEncryption # define EVP_PKEY_RSA NID_rsaEncryption
@ -409,6 +408,9 @@ struct evp_cipher_st {
/* Set the GCM invocation field, decrypt only */ /* Set the GCM invocation field, decrypt only */
# define EVP_CTRL_GCM_SET_IV_INV 0x18 # define EVP_CTRL_GCM_SET_IV_INV 0x18
/* RFC 5246 defines additional data to be 13 bytes in length */
# define EVP_AEAD_TLS1_AAD_LEN 13
/* GCM TLS constants */ /* GCM TLS constants */
/* Length of fixed part of IV derived from PRF */ /* Length of fixed part of IV derived from PRF */
# define EVP_GCM_TLS_FIXED_IV_LEN 4 # define EVP_GCM_TLS_FIXED_IV_LEN 4

View File

@ -82,8 +82,9 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
return 1; return 1;
if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
return 0; return 0;
if (EVP_CIPHER_CTX_iv_length(ctx)) if (EVP_CIPHER_CTX_iv_length(ctx)
RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)); && RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
return 0;
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
return 0; return 0;

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -91,8 +91,14 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
if (md != NULL) { if (md != NULL) {
reset = 1; reset = 1;
ctx->md = md; ctx->md = md;
} else } else if (ctx->md) {
md = ctx->md; md = ctx->md;
} else {
return 0;
}
if (!ctx->key_init && key == NULL)
return 0;
if (key != NULL) { if (key != NULL) {
reset = 1; reset = 1;
@ -107,13 +113,15 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
&ctx->key_length)) &ctx->key_length))
goto err; goto err;
} else { } else {
OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key)); if (len < 0 || len > (int)sizeof(ctx->key))
return 0;
memcpy(ctx->key, key, len); memcpy(ctx->key, key, len);
ctx->key_length = len; ctx->key_length = len;
} }
if (ctx->key_length != HMAC_MAX_MD_CBLOCK) if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
memset(&ctx->key[ctx->key_length], 0, memset(&ctx->key[ctx->key_length], 0,
HMAC_MAX_MD_CBLOCK - ctx->key_length); HMAC_MAX_MD_CBLOCK - ctx->key_length);
ctx->key_init = 1;
} }
if (reset) { if (reset) {
@ -151,6 +159,9 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
if (FIPS_mode() && !ctx->i_ctx.engine) if (FIPS_mode() && !ctx->i_ctx.engine)
return FIPS_hmac_update(ctx, data, len); return FIPS_hmac_update(ctx, data, len);
#endif #endif
if (!ctx->key_init)
return 0;
return EVP_DigestUpdate(&ctx->md_ctx, data, len); return EVP_DigestUpdate(&ctx->md_ctx, data, len);
} }
@ -163,6 +174,9 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
return FIPS_hmac_final(ctx, md, len); return FIPS_hmac_final(ctx, md, len);
#endif #endif
if (!ctx->key_init)
goto err;
if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i)) if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
goto err; goto err;
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx)) if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
@ -181,6 +195,8 @@ void HMAC_CTX_init(HMAC_CTX *ctx)
EVP_MD_CTX_init(&ctx->i_ctx); EVP_MD_CTX_init(&ctx->i_ctx);
EVP_MD_CTX_init(&ctx->o_ctx); EVP_MD_CTX_init(&ctx->o_ctx);
EVP_MD_CTX_init(&ctx->md_ctx); EVP_MD_CTX_init(&ctx->md_ctx);
ctx->key_init = 0;
ctx->md = NULL;
} }
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
@ -191,8 +207,11 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
goto err; goto err;
if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx)) if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
goto err; goto err;
dctx->key_init = sctx->key_init;
if (sctx->key_init) {
memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
dctx->key_length = sctx->key_length; dctx->key_length = sctx->key_length;
}
dctx->md = sctx->md; dctx->md = sctx->md;
return 1; return 1;
err: err:
@ -232,6 +251,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
HMAC_CTX_cleanup(&c); HMAC_CTX_cleanup(&c);
return md; return md;
err: err:
HMAC_CTX_cleanup(&c);
return NULL; return NULL;
} }

View File

@ -79,6 +79,7 @@ typedef struct hmac_ctx_st {
EVP_MD_CTX o_ctx; EVP_MD_CTX o_ctx;
unsigned int key_length; unsigned int key_length;
unsigned char key[HMAC_MAX_MD_CBLOCK]; unsigned char key[HMAC_MAX_MD_CBLOCK];
int key_init;
} HMAC_CTX; } HMAC_CTX;
# define HMAC_size(e) (EVP_MD_size((e)->md)) # define HMAC_size(e) (EVP_MD_size((e)->md))

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -32,6 +32,8 @@ install:
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done; done;
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -62,6 +62,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -62,6 +62,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -76,6 +76,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -89,6 +89,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -1622,7 +1622,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
ctx->Xi.u[1] ^= ctx->EK0.u[1]; ctx->Xi.u[1] ^= ctx->EK0.u[1];
if (tag && len <= sizeof(ctx->Xi)) if (tag && len <= sizeof(ctx->Xi))
return memcmp(ctx->Xi.c, tag, len); return CRYPTO_memcmp(ctx->Xi.c, tag, len);
else else
return -1; return -1;
} }

View File

@ -74,6 +74,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: obj_dat.h obj_mac.h obj_xref.h depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -142,7 +142,7 @@ static unsigned long added_obj_hash(const ADDED_OBJ *ca)
return 0; return 0;
} }
ret &= 0x3fffffffL; ret &= 0x3fffffffL;
ret |= ca->type << 30L; ret |= ((unsigned long)ca->type) << 30L;
return (ret); return (ret);
} }
@ -400,6 +400,8 @@ static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp)
j = (a->length - b->length); j = (a->length - b->length);
if (j) if (j)
return (j); return (j);
if (a->length == 0)
return 0;
return (memcmp(a->data, b->data, a->length)); return (memcmp(a->data, b->data, a->length));
} }
@ -415,6 +417,9 @@ int OBJ_obj2nid(const ASN1_OBJECT *a)
if (a->nid != 0) if (a->nid != 0)
return (a->nid); return (a->nid);
if (a->length == 0)
return NID_undef;
if (added != NULL) { if (added != NULL) {
ad.type = ADDED_DATA; ad.type = ADDED_DATA;
ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */ ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */

View File

@ -8,9 +8,9 @@ The basic syntax for adding an object is as follows:
1 2 3 4 : shortName : Long Name 1 2 3 4 : shortName : Long Name
If the long name doesn't contain spaces, or no short name If Long Name contains only word characters and hyphen-minus
exists, the long name is used as basis for the base name (0x2D) or full stop (0x2E) then Long Name is used as basis
in C. Otherwise, the short name is used. for the base name in C. Otherwise, the shortName is used.
The base name (let's call it 'base') will then be used to The base name (let's call it 'base') will then be used to
create the C macros SN_base, LN_base, NID_base and OBJ_base. create the C macros SN_base, LN_base, NID_base and OBJ_base.
@ -22,7 +22,7 @@ Then there are some extra commands:
!Alias foo 1 2 3 4 !Alias foo 1 2 3 4
This juts makes a name foo for an OID. The C macro This just makes a name foo for an OID. The C macro
OBJ_foo will be created as a result. OBJ_foo will be created as a result.
!Cname foo !Cname foo

View File

@ -67,7 +67,7 @@ while (<IN>)
$myoid = &process_oid($myoid); $myoid = &process_oid($myoid);
} }
if ($Cname eq "" && !($myln =~ / /)) if ($Cname eq "" && ($myln =~ /^[_A-Za-z][\w.-]*$/ ))
{ {
$Cname = $myln; $Cname = $myln;
$Cname =~ s/\./_/g; $Cname =~ s/\./_/g;

View File

@ -64,6 +64,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

View File

@ -361,8 +361,8 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL); ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
if (val) if (val)
memcpy(tmpval, val, len); memcpy(tmpval, val, len);
else else if (RAND_pseudo_bytes(tmpval, len) < 0)
RAND_pseudo_bytes(tmpval, len); goto err;
if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce, if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
&os, 0, X509V3_ADD_REPLACE)) &os, 0, X509V3_ADD_REPLACE))
goto err; goto err;

View File

@ -64,6 +64,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

View File

@ -435,7 +435,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
pem_password_cb *callback, void *u) pem_password_cb *callback, void *u)
{ {
int i, j, o, klen; int i = 0, j, o, klen;
long len; long len;
EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx;
unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char key[EVP_MAX_KEY_LENGTH];

View File

@ -138,6 +138,8 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid,
if (kstr == buf) if (kstr == buf)
OPENSSL_cleanse(buf, klen); OPENSSL_cleanse(buf, klen);
PKCS8_PRIV_KEY_INFO_free(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf);
if (p8 == NULL)
return 0;
if (isder) if (isder)
ret = i2d_PKCS8_bio(bp, p8); ret = i2d_PKCS8_bio(bp, p8);
else else

View File

@ -67,6 +67,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -60,6 +60,7 @@
#ifndef OPENSSL_NO_HMAC #ifndef OPENSSL_NO_HMAC
# include <stdio.h> # include <stdio.h>
# include "cryptlib.h" # include "cryptlib.h"
# include <openssl/crypto.h>
# include <openssl/hmac.h> # include <openssl/hmac.h>
# include <openssl/rand.h> # include <openssl/rand.h>
# include <openssl/pkcs12.h> # include <openssl/pkcs12.h>
@ -123,7 +124,7 @@ int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
return 0; return 0;
} }
if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
|| memcmp(mac, p12->mac->dinfo->digest->data, maclen)) || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
return 0; return 0;
return 1; return 1;
} }

View File

@ -68,6 +68,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -63,6 +63,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -69,6 +69,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -69,6 +69,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -228,8 +228,14 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
return ret; return ret;
ret = sltmp; ret = sltmp;
} else if (rctx->pad_mode == RSA_X931_PADDING) { } else if (rctx->pad_mode == RSA_X931_PADDING) {
if (!setup_tbuf(rctx, ctx)) if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) {
RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_KEY_SIZE_TOO_SMALL);
return -1; return -1;
}
if (!setup_tbuf(rctx, ctx)) {
RSAerr(RSA_F_PKEY_RSA_SIGN, ERR_R_MALLOC_FAILURE);
return -1;
}
memcpy(rctx->tbuf, tbs, tbslen); memcpy(rctx->tbuf, tbs, tbslen);
rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md)); rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md));
ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf, ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,

View File

@ -62,6 +62,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -117,6 +117,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -61,6 +61,8 @@ srptest: top srptest.c $(LIB)
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -497,7 +497,8 @@ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
if (!SRP_user_pwd_set_ids(user, username, NULL)) if (!SRP_user_pwd_set_ids(user, username, NULL))
goto err; goto err;
RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH); if (RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH) < 0)
goto err;
EVP_MD_CTX_init(&ctxt); EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL); EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key)); EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
@ -549,7 +550,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
} }
if (*salt == NULL) { if (*salt == NULL) {
RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN); if (RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN) < 0)
goto err;
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL); s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
} else { } else {
@ -609,7 +611,8 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
srp_bn_print(g); srp_bn_print(g);
if (*salt == NULL) { if (*salt == NULL) {
RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN); if (RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN) < 0)
goto err;
*salt = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL); *salt = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
} }

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -63,6 +63,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

View File

@ -73,6 +73,8 @@ tags:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

View File

@ -61,6 +61,8 @@ tests:
lint: lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend: depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

Some files were not shown because too many files have changed in this diff Show More