Loading CHANGES +8 −0 Original line number Original line Diff line number Diff line Loading @@ -2116,6 +2116,14 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] *) New function OPENSSL_cleanse(), which is used to cleanse a section of memory from it's contents. This is done with a counter that will place alternating values in each byte. This can be used to solve two issues: 1) the removal of calls to memset() by highly optimizing compilers, and 2) cleansing with other values than 0, since those can be read through on certain media, for example a swap space on disk. [Geoff Thorpe] *) Bugfix: client side session caching did not work with external caching, *) Bugfix: client side session caching did not work with external caching, because the session->cipher setting was not restored when reloading because the session->cipher setting was not restored when reloading from the external cache. This problem was masked, when from the external cache. This problem was masked, when Loading crypto/Makefile.ssl +6 −2 Original line number Original line Diff line number Diff line Loading @@ -36,8 +36,8 @@ GENERAL=Makefile README crypto-lib.com install.com LIB= $(TOP)/libcrypto.a LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) SHARED_LIB= libcrypto$(SHLIB_EXT) LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o SRC= $(LIBSRC) SRC= $(LIBSRC) Loading Loading @@ -193,6 +193,10 @@ mem.o: ../include/openssl/err.h ../include/openssl/lhash.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem_clr.o: ../include/openssl/symhacks.h mem_clr.c mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h Loading crypto/crypto-lib.com +1 −1 Original line number Original line Diff line number Diff line Loading @@ -158,7 +158,7 @@ $! $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ $ $ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" $ LIB_MD5 = "md5_dgst,md5_one" Loading crypto/crypto.h +2 −0 Original line number Original line Diff line number Diff line Loading @@ -454,6 +454,8 @@ void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, int line); int line); void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); void OPENSSL_cleanse(void *ptr, size_t len); void CRYPTO_set_mem_debug_options(long bits); void CRYPTO_set_mem_debug_options(long bits); long CRYPTO_get_mem_debug_options(void); long CRYPTO_get_mem_debug_options(void); Loading crypto/mem.c +14 −0 Original line number Original line Diff line number Diff line Loading @@ -250,6 +250,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), void *CRYPTO_malloc_locked(int num, const char *file, int line) void *CRYPTO_malloc_locked(int num, const char *file, int line) { { void *ret = NULL; void *ret = NULL; extern unsigned char cleanse_ctr; allow_customize = 0; allow_customize = 0; if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) Loading @@ -264,6 +265,12 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); malloc_debug_func(ret, num, file, line, 1); /* Create a dependency on the value of 'cleanse_ctr' so our memory * sanitisation function can't be optimised out. NB: We only do * this for >2Kb so the overhead doesn't bother us. */ if(ret && (num > 2048)) ((unsigned char *)ret)[0] = cleanse_ctr; return ret; return ret; } } Loading @@ -282,6 +289,7 @@ void CRYPTO_free_locked(void *str) void *CRYPTO_malloc(int num, const char *file, int line) void *CRYPTO_malloc(int num, const char *file, int line) { { void *ret = NULL; void *ret = NULL; extern unsigned char cleanse_ctr; allow_customize = 0; allow_customize = 0; if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) Loading @@ -296,6 +304,12 @@ void *CRYPTO_malloc(int num, const char *file, int line) if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); malloc_debug_func(ret, num, file, line, 1); /* Create a dependency on the value of 'cleanse_ctr' so our memory * sanitisation function can't be optimised out. NB: We only do * this for >2Kb so the overhead doesn't bother us. */ if(ret && (num > 2048)) ((unsigned char *)ret)[0] = cleanse_ctr; return ret; return ret; } } Loading Loading
CHANGES +8 −0 Original line number Original line Diff line number Diff line Loading @@ -2116,6 +2116,14 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] *) New function OPENSSL_cleanse(), which is used to cleanse a section of memory from it's contents. This is done with a counter that will place alternating values in each byte. This can be used to solve two issues: 1) the removal of calls to memset() by highly optimizing compilers, and 2) cleansing with other values than 0, since those can be read through on certain media, for example a swap space on disk. [Geoff Thorpe] *) Bugfix: client side session caching did not work with external caching, *) Bugfix: client side session caching did not work with external caching, because the session->cipher setting was not restored when reloading because the session->cipher setting was not restored when reloading from the external cache. This problem was masked, when from the external cache. This problem was masked, when Loading
crypto/Makefile.ssl +6 −2 Original line number Original line Diff line number Diff line Loading @@ -36,8 +36,8 @@ GENERAL=Makefile README crypto-lib.com install.com LIB= $(TOP)/libcrypto.a LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) SHARED_LIB= libcrypto$(SHLIB_EXT) LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o SRC= $(LIBSRC) SRC= $(LIBSRC) Loading Loading @@ -193,6 +193,10 @@ mem.o: ../include/openssl/err.h ../include/openssl/lhash.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem_clr.o: ../include/openssl/symhacks.h mem_clr.c mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h Loading
crypto/crypto-lib.com +1 −1 Original line number Original line Diff line number Diff line Loading @@ -158,7 +158,7 @@ $! $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ $ $ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" $ LIB_MD5 = "md5_dgst,md5_one" Loading
crypto/crypto.h +2 −0 Original line number Original line Diff line number Diff line Loading @@ -454,6 +454,8 @@ void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, int line); int line); void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); void OPENSSL_cleanse(void *ptr, size_t len); void CRYPTO_set_mem_debug_options(long bits); void CRYPTO_set_mem_debug_options(long bits); long CRYPTO_get_mem_debug_options(void); long CRYPTO_get_mem_debug_options(void); Loading
crypto/mem.c +14 −0 Original line number Original line Diff line number Diff line Loading @@ -250,6 +250,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), void *CRYPTO_malloc_locked(int num, const char *file, int line) void *CRYPTO_malloc_locked(int num, const char *file, int line) { { void *ret = NULL; void *ret = NULL; extern unsigned char cleanse_ctr; allow_customize = 0; allow_customize = 0; if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) Loading @@ -264,6 +265,12 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); malloc_debug_func(ret, num, file, line, 1); /* Create a dependency on the value of 'cleanse_ctr' so our memory * sanitisation function can't be optimised out. NB: We only do * this for >2Kb so the overhead doesn't bother us. */ if(ret && (num > 2048)) ((unsigned char *)ret)[0] = cleanse_ctr; return ret; return ret; } } Loading @@ -282,6 +289,7 @@ void CRYPTO_free_locked(void *str) void *CRYPTO_malloc(int num, const char *file, int line) void *CRYPTO_malloc(int num, const char *file, int line) { { void *ret = NULL; void *ret = NULL; extern unsigned char cleanse_ctr; allow_customize = 0; allow_customize = 0; if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) Loading @@ -296,6 +304,12 @@ void *CRYPTO_malloc(int num, const char *file, int line) if (malloc_debug_func != NULL) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); malloc_debug_func(ret, num, file, line, 1); /* Create a dependency on the value of 'cleanse_ctr' so our memory * sanitisation function can't be optimised out. NB: We only do * this for >2Kb so the overhead doesn't bother us. */ if(ret && (num > 2048)) ((unsigned char *)ret)[0] = cleanse_ctr; return ret; return ret; } } Loading
