*) Add the possibility to add extra information to the memory leak
detecting output, to form tracebacks, showing from where each
- allocation was originated. Also updated sid code to be multi-
- thread-safe.
+ allocation was originated: CRYPTO_push_info("constant string") adds
+ the string plus current file name and line number to a per-thread
+ stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
+ is like calling CYRPTO_pop_info() until the stack is empty.
+ Also updated memory leak detection code to be multi-thread-safe.
[Richard Levitte]
*) Add options -text and -noout to pkcs7 utility and delete the
for all purposes.
[Steve Henson]
- *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The
- problem was that one of the replacement routines had not been working since
- SSLeay releases. For now the offending routine has been replaced with
- non-optimised assembler. Even so, this now gives around 95% performance
- improvement for 1024 bit RSA signs.
+ *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
+ The problem was that one of the replacement routines had not been working
+ since SSLeay releases. For now the offending routine has been replaced
+ with non-optimised assembler. Even so, this now gives around 95%
+ performance improvement for 1024 bit RSA signs.
[Mark Cox]
*) Hack to fix PKCS#7 decryption when used with some unorthodox RC2
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/des.h>
#include <openssl/pem.h>
#include <openssl/err.h>
ERR_load_crypto_strings();
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("read files");
+#endif
+
if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
else in = BIO_new_file(infile, "rb");
if (!in) {
}
}
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+ CRYPTO_push_info("write files");
+#endif
+
if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE);
else out = BIO_new_file(outfile, "wb");
if (!out) {
goto end;
}
if (twopass) {
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("read MAC password");
+#endif
if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert))
{
BIO_printf (bio_err, "Can't read Password\n");
goto end;
}
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+#endif
}
if (export_cert) {
int i;
unsigned char keyid[EVP_MAX_MD_SIZE];
unsigned int keyidlen = 0;
+
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("process -export_cert");
+#endif
key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, NULL);
if (!inkey) (void) BIO_reset(in);
else BIO_free(inkey);
PKCS12_free(p12);
ret = 0;
+
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+#endif
goto end;
}
goto end;
}
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("read import password");
+#endif
if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) {
BIO_printf (bio_err, "Can't read Password\n");
goto end;
}
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+#endif
if (!twopass) strcpy(macpass, pass);
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if(macver) {
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("verify MAC");
+#endif
if (!PKCS12_verify_mac (p12, mpass, -1)) {
BIO_printf (bio_err, "Mac verify errror: invalid password?\n");
ERR_print_errors (bio_err);
goto end;
} else BIO_printf (bio_err, "MAC verified OK\n");
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+#endif
}
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_push_info("output keys and certificates");
+#endif
if (!dump_certs_keys_p12 (out, p12, cpass, -1, options)) {
BIO_printf(bio_err, "Error outputting keys and certificates\n");
ERR_print_errors (bio_err);
goto end;
}
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_pop_info();
+#endif
PKCS12_free(p12);
ret = 0;
end:
+#ifdef CRYPTO_MDEBUG
+ CRYPTO_remove_all_info();
+#endif
+ BIO_free(in);
BIO_free(out);
EXIT(ret);
}
X509_STORE_CTX store_ctx;
STACK_OF(X509) *chn;
int i;
- X509 *x;
+
store = X509_STORE_new ();
X509_STORE_set_default_paths (store);
X509_STORE_CTX_init(&store_ctx, store, cert, NULL);