Changes between 0.9.6d and 0.9.7 [XX xxx 2002]
+ *) Make sure any ENGINE control commands make local copies of string
+ pointers passed to them whenever necessary. Otherwise it is possible
+ the caller may have overwritten (or deallocated) the original string
+ data when a later ENGINE operation tries to use the stored values.
+ [Götz Babin-Ebell <babinebell@trustcenter.de>]
+
*) Improve diagnostics in file reading and command-line digests.
[Ben Laurie aided and abetted by Solar Designer <solar@openwall.com>]
dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
if(ctx->dynamic_dso)
DSO_free(ctx->dynamic_dso);
+ if(ctx->DYNAMIC_LIBNAME)
+ OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
+ if(ctx->engine_id)
+ OPENSSL_free((void*)ctx->engine_id);
OPENSSL_free(ctx);
}
}
{
dynamic_data_ctx *c;
c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
- if(!ctx)
+ if(!c)
{
ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
return 0;
/* a NULL 'p' or a string of zero-length is the same thing */
if(p && (strlen((const char *)p) < 1))
p = NULL;
- ctx->DYNAMIC_LIBNAME = (const char *)p;
- return 1;
+ if(ctx->DYNAMIC_LIBNAME)
+ OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
+ if(p)
+ ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
+ else
+ ctx->DYNAMIC_LIBNAME = NULL;
+ return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
case DYNAMIC_CMD_NO_VCHECK:
ctx->no_vcheck = ((i == 0) ? 0 : 1);
return 1;
/* a NULL 'p' or a string of zero-length is the same thing */
if(p && (strlen((const char *)p) < 1))
p = NULL;
- ctx->engine_id = (const char *)p;
- return 1;
+ if(ctx->engine_id)
+ OPENSSL_free((void*)ctx->engine_id);
+ if(p)
+ ctx->engine_id = BUF_strdup(p);
+ else
+ ctx->engine_id = NULL;
+ return (ctx->engine_id ? 1 : 0);
case DYNAMIC_CMD_LIST_ADD:
if((i < 0) || (i > 2))
{
/* static variables */
/*------------------*/
-static const char def_CCA4758_LIB_NAME[] = CCA_LIB_NAME;
-static const char *CCA4758_LIB_NAME = def_CCA4758_LIB_NAME;
+static const char *CCA4758_LIB_NAME = NULL;
+static const char *get_CCA4758_LIB_NAME(void)
+ {
+ if(CCA4758_LIB_NAME)
+ return CCA4758_LIB_NAME;
+ return CCA_LIB_NAME;
+ }
+static void free_CCA4758_LIB_NAME(void)
+ {
+ if(CCA4758_LIB_NAME)
+ OPENSSL_free((void*)CCA4758_LIB_NAME);
+ CCA4758_LIB_NAME = NULL;
+ }
+static long set_CCA4758_LIB_NAME(const char *name)
+ {
+ free_CCA4758_LIB_NAME();
+ return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
#ifndef OPENSSL_NO_RSA
static const char* n_keyRecordRead = CSNDKRR;
static const char* n_digitalSignatureGenerate = CSNDDSG;
static int ibm_4758_cca_destroy(ENGINE *e)
{
ERR_unload_CCA4758_strings();
+ free_CCA4758_LIB_NAME();
return 1;
}
goto err;
}
- dso = DSO_load(NULL, CCA4758_LIB_NAME , NULL, 0);
+ dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
if(!dso)
{
CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
static int ibm_4758_cca_finish(ENGINE *e)
{
- if(dso)
+ free_CCA4758_LIB_NAME();
+ if(!dso)
{
CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
CCA4758_R_NOT_LOADED);
CCA4758_R_ALREADY_LOADED);
return 0;
}
- CCA4758_LIB_NAME = (const char *)p;
- return 1;
+ return set_CCA4758_LIB_NAME((const char *)p);
default:
break;
}
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include <openssl/engine.h>
+#include <openssl/buffer.h>
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_AEP
/* These are the static string constants for the DSO file name and the function
* symbol names to bind to.
*/
-static const char *AEP_LIBNAME = "aep";
+static const char *AEP_LIBNAME = NULL;
+static const char *get_AEP_LIBNAME(void)
+ {
+ if(AEP_LIBNAME)
+ return AEP_LIBNAME;
+ return "aep";
+ }
+static void free_AEP_LIBNAME(void)
+ {
+ if(AEP_LIBNAME)
+ OPENSSL_free((void*)AEP_LIBNAME);
+ AEP_LIBNAME = NULL;
+ }
+static long set_AEP_LIBNAME(const char *name)
+ {
+ free_AEP_LIBNAME();
+ return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
+ }
static const char *AEP_F1 = "AEP_ModExp";
static const char *AEP_F2 = "AEP_ModExpCrt";
}
/* Attempt to load libaep.so. */
- aep_dso = DSO_load(NULL, AEP_LIBNAME, NULL, 0);
+ aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
if(aep_dso == NULL)
{
/* Destructor (complements the "ENGINE_aep()" constructor) */
static int aep_destroy(ENGINE *e)
{
+ free_AEP_LIBNAME();
ERR_unload_AEPHK_strings();
return 1;
}
AEPHK_R_ALREADY_LOADED);
return 0;
}
- AEP_LIBNAME = (const char *)p;
- return 1;
+ return set_AEP_LIBNAME((const char*)p);
default:
break;
}
* atasi.dll on win32). For the purposes of testing, I have created a symbollic
* link called "libatasi.so" so that we can use native name-translation - a
* better solution will be needed. */
-static const char def_ATALLA_LIBNAME[] = "atasi";
-static const char *ATALLA_LIBNAME = def_ATALLA_LIBNAME;
+static const char *ATALLA_LIBNAME = NULL;
+static const char *get_ATALLA_LIBNAME(void)
+ {
+ if(ATALLA_LIBNAME)
+ return ATALLA_LIBNAME;
+ return "atasi";
+ }
+static void free_ATALLA_LIBNAME(void)
+ {
+ if(ATALLA_LIBNAME)
+ OPENSSL_free((void*)ATALLA_LIBNAME);
+ ATALLA_LIBNAME = NULL;
+ }
+static long set_ATALLA_LIBNAME(const char *name)
+ {
+ free_ATALLA_LIBNAME();
+ return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
/* Destructor (complements the "ENGINE_atalla()" constructor) */
static int atalla_destroy(ENGINE *e)
{
+ free_ATALLA_LIBNAME();
/* Unload the atalla error strings so any error state including our
* functs or reasons won't lead to a segfault (they simply get displayed
* without corresponding string data because none will be found). */
* drivers really use - for now a symbollic link needs to be
* created on the host system from libatasi.so to atasi.so on
* unix variants. */
- atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, 0);
+ atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
if(atalla_dso == NULL)
{
ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
static int atalla_finish(ENGINE *e)
{
+ free_ATALLA_LIBNAME();
if(atalla_dso == NULL)
{
ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
return 0;
}
- ATALLA_LIBNAME = (const char *)p;
- return 1;
+ return set_ATALLA_LIBNAME((const char *)p);
default:
break;
}
t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
/* Used in the DSO operations. */
-static const char def_CSWIFT_LIBNAME[] = "swift";
-static const char *CSWIFT_LIBNAME = def_CSWIFT_LIBNAME;
+static const char *CSWIFT_LIBNAME = NULL;
+static const char *get_CSWIFT_LIBNAME(void)
+ {
+ if(CSWIFT_LIBNAME)
+ return CSWIFT_LIBNAME;
+ return "swift";
+ }
+static void free_CSWIFT_LIBNAME(void)
+ {
+ if(CSWIFT_LIBNAME)
+ OPENSSL_free((void*)CSWIFT_LIBNAME);
+ CSWIFT_LIBNAME = NULL;
+ }
+static long set_CSWIFT_LIBNAME(const char *name)
+ {
+ free_CSWIFT_LIBNAME();
+ return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *CSWIFT_F1 = "swAcquireAccContext";
static const char *CSWIFT_F2 = "swAttachKeyParam";
static const char *CSWIFT_F3 = "swSimpleRequest";
/* Destructor (complements the "ENGINE_cswift()" constructor) */
static int cswift_destroy(ENGINE *e)
{
+ free_CSWIFT_LIBNAME();
ERR_unload_CSWIFT_strings();
return 1;
}
goto err;
}
/* Attempt to load libswift.so/swift.dll/whatever. */
- cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0);
+ cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
if(cswift_dso == NULL)
{
CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
static int cswift_finish(ENGINE *e)
{
+ free_CSWIFT_LIBNAME();
if(cswift_dso == NULL)
{
CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
return 0;
}
- CSWIFT_LIBNAME = (const char *)p;
- return 1;
+ return set_CSWIFT_LIBNAME((const char *)p);
default:
break;
}
static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
/* Used in the DSO operations. */
-static const char def_HWCRHK_LIBNAME[] = "nfhwcrhk";
-static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME;
+static const char *HWCRHK_LIBNAME = NULL;
+static void free_HWCRHK_LIBNAME(void)
+ {
+ if(HWCRHK_LIBNAME)
+ OPENSSL_free((void*)HWCRHK_LIBNAME);
+ HWCRHK_LIBNAME = NULL;
+ }
+static const char *get_HWCRHK_LIBNAME(void)
+ {
+ if(HWCRHK_LIBNAME)
+ return HWCRHK_LIBNAME;
+ return "nfhwcrhk";
+ }
+static long set_HWCRHK_LIBNAME(const char *name)
+ {
+ free_HWCRHK_LIBNAME();
+ return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
/* Destructor (complements the "ENGINE_ncipher()" constructor) */
static int hwcrhk_destroy(ENGINE *e)
{
+ free_HWCRHK_LIBNAME();
ERR_unload_HWCRHK_strings();
return 1;
}
goto err;
}
/* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
- hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0);
+ hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
if(hwcrhk_dso == NULL)
{
HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
static int hwcrhk_finish(ENGINE *e)
{
int to_return = 1;
+ free_HWCRHK_LIBNAME();
if(hwcrhk_dso == NULL)
{
HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- HWCRHK_LIBNAME = (const char *)p;
- return 1;
+ return set_HWCRHK_LIBNAME((const char *)p);
case ENGINE_CTRL_SET_LOGSTREAM:
{
BIO *bio = (BIO *)p;
#define NURON_LIB_NAME "nuron engine"
#include "hw_nuron_err.c"
-static const char def_NURON_LIBNAME[] = "nuronssl";
-static const char *NURON_LIBNAME = def_NURON_LIBNAME;
+static const char *NURON_LIBNAME = NULL;
+static const char *get_NURON_LIBNAME(void)
+ {
+ if(NURON_LIBNAME)
+ return NURON_LIBNAME;
+ return "nuronssl";
+ }
+static void free_NURON_LIBNAME(void)
+ {
+ if(NURON_LIBNAME)
+ OPENSSL_free((void*)NURON_LIBNAME);
+ NURON_LIBNAME = NULL;
+ }
+static long set_NURON_LIBNAME(const char *name)
+ {
+ free_NURON_LIBNAME();
+ return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *NURON_F1 = "nuron_mod_exp";
/* The definitions for control commands specific to this engine */
static int nuron_destroy(ENGINE *e)
{
+ free_NURON_LIBNAME();
ERR_unload_NURON_strings();
return 1;
}
return 0;
}
- pvDSOHandle = DSO_load(NULL, NURON_LIBNAME, NULL,
+ pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
if(!pvDSOHandle)
{
static int nuron_finish(ENGINE *e)
{
+ free_NURON_LIBNAME();
if(pvDSOHandle == NULL)
{
NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
return 0;
}
- NURON_LIBNAME = (const char *)p;
- return 1;
+ return set_NURON_LIBNAME((const char *)p);
default:
break;
}
* symbol names to bind to.
*/
-static const char *UBSEC_LIBNAME = "ubsec";
+static const char *UBSEC_LIBNAME = NULL;
+static const char *get_UBSEC_LIBNAME(void)
+ {
+ if(UBSEC_LIBNAME)
+ return UBSEC_LIBNAME;
+ return "ubsec";
+ }
+static void free_UBSEC_LIBNAME(void)
+ {
+ if(UBSEC_LIBNAME)
+ OPENSSL_free((void*)UBSEC_LIBNAME);
+ UBSEC_LIBNAME = NULL;
+ }
+static long set_UBSEC_LIBNAME(const char *name)
+ {
+ free_UBSEC_LIBNAME();
+ return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
static const char *UBSEC_F3 = "ubsec_open";
/* Destructor (complements the "ENGINE_ubsec()" constructor) */
static int ubsec_destroy(ENGINE *e)
{
+ free_UBSEC_LIBNAME();
ERR_unload_UBSEC_strings();
return 1;
}
/*
* Attempt to load libubsec.so/ubsec.dll/whatever.
*/
- ubsec_dso = DSO_load(NULL, UBSEC_LIBNAME, NULL, 0);
+ ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
if(ubsec_dso == NULL)
{
UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
static int ubsec_finish(ENGINE *e)
{
+ free_UBSEC_LIBNAME();
if(ubsec_dso == NULL)
{
UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
return 0;
}
- UBSEC_LIBNAME = (const char *)p;
- return 1;
+ return set_UBSEC_LIBNAME((const char *)p);
default:
break;
}
projects / oweals / openssl.git / commitdiff