rpms / openssl098e

Clone
Source Code
GIT

Blame SOURCES/openssl-fips-0.9.8e-chil-fixes.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta
  1.   5820f55c83d296decb4f8def2db1aa47ac8b3e88
  2.   SOURCES
  3.   openssl-fips-0.9.8e-chil-fixes.patch
Blob History Raw
5820f5 
diff -up openssl-fips-0.9.8e/engines/e_chil.c.chil openssl-fips-0.9.8e/engines/e_chil.c
5820f5 
--- openssl-fips-0.9.8e/engines/e_chil.c.chil	2005-07-16 13:13:08.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/engines/e_chil.c	2011-04-04 16:35:45.000000000 +0200
5820f5 
@@ -116,6 +116,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r,
5820f5 
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
5820f5 
 static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
5820f5 
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
5820f5 
+static int hwcrhk_rsa_finish(RSA *rsa);
5820f5 
 #endif
5820f5
5820f5 
 #ifndef OPENSSL_NO_DH
5820f5 
@@ -135,10 +136,6 @@ static EVP_PKEY *hwcrhk_load_privkey(ENG
5820f5 
 	UI_METHOD *ui_method, void *callback_data);
5820f5 
 static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
5820f5 
 	UI_METHOD *ui_method, void *callback_data);
5820f5 
-#ifndef OPENSSL_NO_RSA
5820f5 
-static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
5820f5 
-	int ind,long argl, void *argp);
5820f5 
-#endif
5820f5
5820f5 
 /* Interaction stuff */
5820f5 
 static int hwcrhk_insert_card(const char *prompt_info,
5820f5 
@@ -193,7 +190,7 @@ static RSA_METHOD hwcrhk_rsa =
5820f5 
 	hwcrhk_rsa_mod_exp,
5820f5 
 	hwcrhk_mod_exp_mont,
5820f5 
 	NULL,
5820f5 
-	NULL,
5820f5 
+	hwcrhk_rsa_finish,
5820f5 
 	0,
5820f5 
 	NULL,
5820f5 
 	NULL,
5820f5 
@@ -589,12 +586,6 @@ static int hwcrhk_init(ENGINE *e)
5820f5 
 			hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
5820f5 
 			hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
5820f5 
 			}
5820f5 
-		else if (CRYPTO_get_locking_callback() != NULL)
5820f5 
-			{
5820f5 
-			HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_LOCKING_MISSING);
5820f5 
-			ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()");
5820f5 
-			goto err;
5820f5 
-			}
5820f5 
 		}
5820f5
5820f5 
 	/* Try and get a context - if not, we may have a DSO but no
5820f5 
@@ -609,7 +600,7 @@ static int hwcrhk_init(ENGINE *e)
5820f5 
 	if (hndidx_rsa == -1)
5820f5 
 		hndidx_rsa = RSA_get_ex_new_index(0,
5820f5 
 			"nFast HWCryptoHook RSA key handle",
5820f5 
-			NULL, NULL, hwcrhk_ex_free);
5820f5 
+			NULL, NULL, NULL);
5820f5 
 #endif
5820f5 
 	return 1;
5820f5 
 err:
5820f5 
@@ -853,8 +844,6 @@ static EVP_PKEY *hwcrhk_load_privkey(ENG
5820f5
5820f5 
 	return res;
5820f5 
  err:
5820f5 
-	if (res)
5820f5 
-		EVP_PKEY_free(res);
5820f5 
 #ifndef OPENSSL_NO_RSA
5820f5 
 	if (rtmp)
5820f5 
 		RSA_free(rtmp);
5820f5 
@@ -1087,6 +1076,21 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r
5820f5 
 	{
5820f5 
 	return hwcrhk_mod_exp(r, a, p, m, ctx);
5820f5 
 	}
5820f5 
+
5820f5 
+static int hwcrhk_rsa_finish(RSA *rsa)
5820f5 
+	{
5820f5 
+	HWCryptoHook_RSAKeyHandle *hptr;
5820f5 
+
5820f5 
+	hptr = RSA_get_ex_data(rsa, hndidx_rsa);
5820f5 
+	if (hptr)
5820f5 
+                {
5820f5 
+                p_hwcrhk_RSAUnloadKey(*hptr, NULL);
5820f5 
+                OPENSSL_free(hptr);
5820f5 
+		RSA_set_ex_data(rsa, hndidx_rsa, NULL);
5820f5 
+                }
5820f5 
+	return 1;
5820f5 
+	}
5820f5 
+
5820f5 
 #endif
5820f5
5820f5 
 #ifndef OPENSSL_NO_DH
5820f5 
@@ -1145,34 +1149,6 @@ static int hwcrhk_rand_status(void)
5820f5 
 	return 1;
5820f5 
 	}
5820f5
5820f5 
-/* This cleans up an RSA KM key, called when ex_data is freed */
5820f5 
-#ifndef OPENSSL_NO_RSA
5820f5 
-static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
5820f5 
-	int ind,long argl, void *argp)
5820f5 
-{
5820f5 
-	char tempbuf[1024];
5820f5 
-	HWCryptoHook_ErrMsgBuf rmsg;
5820f5 
-#ifndef OPENSSL_NO_RSA
5820f5 
-	HWCryptoHook_RSAKeyHandle *hptr;
5820f5 
-#endif
5820f5 
-#if !defined(OPENSSL_NO_RSA)
5820f5 
-	int ret;
5820f5 
-#endif
5820f5 
-
5820f5 
-	rmsg.buf = tempbuf;
5820f5 
-	rmsg.size = sizeof(tempbuf);
5820f5 
-
5820f5 
-#ifndef OPENSSL_NO_RSA
5820f5 
-	hptr = (HWCryptoHook_RSAKeyHandle *) item;
5820f5 
-	if(hptr)
5820f5 
-                {
5820f5 
-                ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
5820f5 
-                OPENSSL_free(hptr);
5820f5 
-                }
5820f5 
-#endif
5820f5 
-}
5820f5 
-#endif
5820f5 
-
5820f5 
 /* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
5820f5 
  * these just wrap the POSIX functions and add some logging.
5820f5 
  */
5820f5 
@@ -1210,6 +1186,11 @@ static int hwcrhk_get_pass(const char *p
5820f5 
 	pem_password_cb *callback = NULL;
5820f5 
 	void *callback_data = NULL;
5820f5 
         UI_METHOD *ui_method = NULL;
5820f5 
+	/* Despite what the documentation says prompt_info can be
5820f5 
+	 * an empty string.
5820f5 
+	 */
5820f5 
+	if (prompt_info && !*prompt_info)
5820f5 
+		prompt_info = NULL;
5820f5
5820f5 
         if (cactx)
5820f5 
                 {
5820f5 
@@ -1311,10 +1292,14 @@ static int hwcrhk_insert_card(const char
5820f5 
 		{
5820f5 
 		char answer;
5820f5 
 		char buf[BUFSIZ];
5820f5 
-
5820f5 
-		if (wrong_info)
5820f5 
+		/* Despite what the documentation says wrong_info can be
5820f5 
+	 	 * an empty string.
5820f5 
+		 */
5820f5 
+		if (wrong_info && *wrong_info)
5820f5 
 			BIO_snprintf(buf, sizeof(buf)-1,
5820f5 
 				"Current card: \"%s\"\n", wrong_info);
5820f5 
+		else
5820f5 
+			buf[0] = 0;
5820f5 
 		ok = UI_dup_info_string(ui, buf);
5820f5 
 		if (ok >= 0 && prompt_info)
5820f5 
 			{

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation