Generate just one error code if iterated SSL_CTX_get() fails.
authorBodo Möller <bodo@openssl.org>
Sat, 5 Feb 2000 19:29:00 +0000 (19:29 +0000)
committerBodo Möller <bodo@openssl.org>
Sat, 5 Feb 2000 19:29:00 +0000 (19:29 +0000)
Avoid enabled 'assert()' in production library.

12 files changed:
Configure
TABLE
crypto/bn/Makefile.ssl
crypto/bn/bn_ctx.c
crypto/bn/bn_err.c
crypto/des/Makefile.ssl
crypto/des/des.h
crypto/des/rand_key.c
crypto/evp/Makefile.ssl
doc/crypto/BN_CTX_new.pod
doc/crypto/BN_CTX_start.pod
util/libeay.num

index f3ef09f..553d90e 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -96,15 +96,15 @@ my %table=(
 
 # Our development configs
 "purify",      "purify gcc:-g -DPURIFY -Wall::(unknown):-lsocket -lnsl::::",
-"debug",       "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown):-lefence::::",
-"debug-ben",   "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
-"debug-ben-debug",     "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
-"debug-ben-strict",    "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
+"debug",       "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown):-lefence::::",
+"debug-ben",   "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
+"debug-ben-debug",     "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
+"debug-ben-strict",    "gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-bodo",  "gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-ulf",   "gcc:-DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
+"debug-bodo",  "gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-ulf",   "gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
 "dist",                "cc:-O::(unknown):::::",
 
 # Basic configs that should work on any box
@@ -122,8 +122,8 @@ my %table=(
 # but keep the assembler modules.
 "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o:",
 ####
-"debug-solaris-sparcv8-gcc","gcc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o::",
-"debug-solaris-sparcv9-gcc","gcc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o::",
+"debug-solaris-sparcv8-gcc","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o::",
+"debug-solaris-sparcv9-gcc","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o::",
 
 #### SPARC Solaris with Sun C setups
 # DO NOT use /xO[34] on sparc with SC3.0.  It is broken, and will not pass the tests
@@ -136,8 +136,8 @@ my %table=(
 "solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:",
 "solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:",
 ####
-"debug-solaris-sparcv8-cc","cc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o::",
-"debug-solaris-sparcv9-cc","cc:-DREF_CHECK -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:",
+"debug-solaris-sparcv8-cc","cc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o::",
+"debug-solaris-sparcv9-cc","cc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:",
 
 #### SPARC Linux setups
 "linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
@@ -217,7 +217,7 @@ my %table=(
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
 "linux-elf",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 "linux-aout",  "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
 "linux-mips",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
 "linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::::",
diff --git a/TABLE b/TABLE
index 1d266a8..15e71fb 100644 (file)
--- a/TABLE
+++ b/TABLE
@@ -36,7 +36,7 @@ $rc5_obj      =
 
 *** BS2000-OSD
 $cc           = c89
-$cflags       = -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC
+$cflags       = -O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = -lsocket -lnsl
@@ -580,7 +580,7 @@ $rc5_obj      =
 
 *** debug
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
+$cflags       = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = -lefence
@@ -597,7 +597,7 @@ $rc5_obj      =
 
 *** debug-ben
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe
+$cflags       = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = 
@@ -614,7 +614,7 @@ $rc5_obj      =
 
 *** debug-ben-debug
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe
+$cflags       = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = 
@@ -631,7 +631,7 @@ $rc5_obj      =
 
 *** debug-ben-strict
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe
+$cflags       = -DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = 
@@ -648,7 +648,7 @@ $rc5_obj      =
 
 *** debug-bodo
 $cc           = gcc
-$cflags       = -DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall
+$cflags       = -DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
@@ -665,7 +665,7 @@ $rc5_obj      = asm/r586-elf.o
 
 *** debug-levitte-linux-elf
 $cc           = gcc
-$cflags       = -DRL_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
+$cflags       = -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
@@ -682,7 +682,7 @@ $rc5_obj      =
 
 *** debug-linux-elf
 $cc           = gcc
-$cflags       = -DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
+$cflags       = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = -lefence
@@ -716,7 +716,7 @@ $rc5_obj      = asm/r586-elf.o
 
 *** debug-solaris-sparcv8-cc
 $cc           = cc
-$cflags       = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W
+$cflags       = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = -lsocket -lnsl
@@ -733,7 +733,7 @@ $rc5_obj      =
 
 *** debug-solaris-sparcv8-gcc
 $cc           = gcc
-$cflags       = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN
+$cflags       = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = -lsocket -lnsl
@@ -750,7 +750,7 @@ $rc5_obj      =
 
 *** debug-solaris-sparcv9-cc
 $cc           = cc
-$cflags       = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC
+$cflags       = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = -lsocket -lnsl
@@ -767,7 +767,7 @@ $rc5_obj      =
 
 *** debug-solaris-sparcv9-gcc
 $cc           = gcc
-$cflags       = -DREF_CHECK -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN
+$cflags       = -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = -lsocket -lnsl
@@ -784,7 +784,7 @@ $rc5_obj      =
 
 *** debug-steve
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe
+$cflags       = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
@@ -801,7 +801,7 @@ $rc5_obj      = asm/r586-elf.o
 
 *** debug-ulf
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
+$cflags       = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
index 94da20b..3b7b298 100644 (file)
@@ -185,6 +185,12 @@ bn_blind.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
 bn_blind.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
 bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 bn_blind.o: ../../include/openssl/stack.h ../cryptlib.h bn_lcl.h
+bn_ctx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_ctx.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+bn_ctx.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_ctx.o: ../../include/openssl/stack.h ../cryptlib.h
 bn_div.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_div.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
index 8b079e2..f72b075 100644 (file)
  *
  */
 
+#ifndef BN_CTX_DEBUG
+# undef NDEBUG /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
 #include <stdio.h>
 #include <assert.h>
 #include "cryptlib.h"
@@ -101,14 +106,21 @@ void BN_CTX_free(BN_CTX *ctx)
 
 void BN_CTX_start(BN_CTX *ctx)
        {
-       ctx->pos[ctx->depth++] = ctx->tos;
+       if (ctx->depth < BN_CTX_NUM_POS)
+               ctx->pos[ctx->depth] = ctx->tos;
+       ctx->depth++;
        }
 
 BIGNUM *BN_CTX_get(BN_CTX *ctx)
        {
-       if (ctx->tos >= BN_CTX_NUM)
+       if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
                {
-               BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
+               if (!ctx->too_many)
+                       {
+                       BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
+                       /* disable error code until SSL_CTX_end is called: */
+                       ctx->too_many = 1;
+                       }
                return NULL;
                }
        return (&(ctx->bn[ctx->tos++]));
@@ -118,6 +130,14 @@ void BN_CTX_end(BN_CTX *ctx)
        {
        if (ctx == NULL) return;
        assert(ctx->depth > 0);
+       if (ctx->depth == 0)
+               /* should never happen, but we can tolerate it if not in
+                * debug mode (could be a 'goto err' in the calling function
+                * before BN_CTX_start was reached) */
+               BN_CTX_start(ctx);
+
+       ctx->too_many = 0;
        ctx->depth--;
-       ctx->tos = ctx->pos[ctx->depth];
+       if (ctx->depth < BN_CTX_NUM_POS)
+               ctx->tos = ctx->pos[ctx->depth];
        }
index de3aaeb..f3b9497 100644 (file)
@@ -71,7 +71,7 @@ static ERR_STRING_DATA BN_str_functs[]=
 {ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0),        "BN_BLINDING_update"},
 {ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"},
 {ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"},
-{ERR_PACK(0,BN_F_BN_CTX_GET,0),        "BN_CTX_GET"},
+{ERR_PACK(0,BN_F_BN_CTX_GET,0),        "BN_CTX_get"},
 {ERR_PACK(0,BN_F_BN_CTX_NEW,0),        "BN_CTX_new"},
 {ERR_PACK(0,BN_F_BN_DIV,0),    "BN_div"},
 {ERR_PACK(0,BN_F_BN_EXPAND2,0),        "bn_expand2"},
index 16eeb94..e6a4c7c 100644 (file)
@@ -189,7 +189,7 @@ pcbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h
 qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 qud_cksm.o: ../../include/openssl/opensslconf.h des_locl.h
 rand_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-rand_key.o: ../../include/openssl/opensslconf.h des_locl.h
+rand_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
 read2pwd.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 read2pwd.o: ../../include/openssl/opensslconf.h des_locl.h
 read_pwd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
index b492002..98a9c41 100644 (file)
@@ -186,7 +186,7 @@ void des_pcbc_encrypt(const unsigned char *input,unsigned char *output,
 DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[],
                        long length,int out_count,des_cblock *seed);
 void des_random_seed(des_cblock *key);
-void des_random_key(des_cblock *ret);
+int des_random_key(des_cblock *ret);
 int des_read_password(des_cblock *key,const char *prompt,int verify);
 int des_read_2passwords(des_cblock *key1,des_cblock *key2,
                        const char *prompt,int verify);
index a63e841..7816a8f 100644 (file)
@@ -61,8 +61,9 @@ void des_random_seed(des_cblock *key)
        RAND_seed(key, sizeof(des_cblock));
        }
 
-void des_random_key(des_cblock *ret)
+int des_random_key(des_cblock *ret)
        {
-       RAND_bytes((unsigned char *)ret, sizeof(des_cblock));
+       int r = RAND_bytes((unsigned char *)ret, sizeof(des_cblock));
        des_set_odd_parity(ret);
+       return r;
        }
index e64902c..1150e88 100644 (file)
@@ -178,13 +178,45 @@ c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 c_all.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
 c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-c_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
 c_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
 c_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
 c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-c_all.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
-c_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+c_all.o: ../../include/openssl/stack.h ../cryptlib.h
+c_allc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_allc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+c_allc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+c_allc.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
+c_allc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
+c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+c_allc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+c_allc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_allc.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
+c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+c_alld.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_alld.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+c_alld.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+c_alld.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
+c_alld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
+c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+c_alld.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+c_alld.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_alld.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
+c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
 digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
index 2a02da0..c94d8c6 100644 (file)
@@ -27,6 +27,10 @@ B<BN_CTX>.
 
 BN_CTX_free() frees the components of the B<BN_CTX>, and if it was
 created by BN_CTX_new(), also the structure itself.
+If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>,
+L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX>
+may be freed by BN_CTX_free().
+
 
 =head1 RETURN VALUES
 
index 3e10323..c30552b 100644 (file)
@@ -36,7 +36,9 @@ BN_CTX_start() and BN_CTX_end() return no values.
 BN_CTX_get() returns a pointer to the B<BIGNUM>, or B<NULL> on error.
 Once BN_CTX_get() has failed, the subsequent calls will return B<NULL>
 as well, so it is sufficient to check the return value of the last
-BN_CTX_get() call.
+BN_CTX_get() call. In case of an error, an error code is set, which
+can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
 
 =head1 SEE ALSO
 
index 6e8777d..1d345d3 100755 (executable)
@@ -2213,3 +2213,6 @@ sk_CRYPTO_EX_DATA_FUNCS_insert          2237
 sk_CRYPTO_EX_DATA_FUNCS_zero            2238
 BN_pseudo_rand                          2239
 BN_is_prime_fasttest                    2240
+BN_CTX_end                              2241
+BN_CTX_start                            2242
+BN_CTX_get                              2243