diff --git a/CHANGES b/CHANGES index c206df30ff18362c86d9e3867d6713395991def0..d157408763324970b7cddc23f2c7a7d8129be8bc 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,12 @@ Changes between 0.9.7c and 0.9.8 [xx XXX xxxx] + *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure + that can only be obtained through BN_CTX_new() (which implicitly + initialises it). The presence of this function only made it possible + to overwrite an existing structure (and cause memory leaks). + [Geoff Thorpe] + *) Because of the callback-based approach for implementing LHASH as a template type, lh_insert() adds opaque objects to hash-tables and lh_doall() or lh_doall_arg() are typically used with a destructor callback diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index d7a5fce6ea426c2dc22e866982da7e8e9824b512..686b3b3079fcb5231397d096bebf5f2ad24cc1ff 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -363,7 +363,9 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b); const BIGNUM *BN_value_one(void); char * BN_options(void); BN_CTX *BN_CTX_new(void); +#ifndef OPENSSL_NO_DEPRECATED void BN_CTX_init(BN_CTX *c); +#endif void BN_CTX_free(BN_CTX *c); void BN_CTX_start(BN_CTX *ctx); BIGNUM *BN_CTX_get(BN_CTX *ctx); diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 7daf19eb8436cf42bfec2aaba2a1866353b642b0..34cc75cfa93524500a5145676b2c5c344d9216fa 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -54,9 +54,10 @@ * */ -#ifndef BN_CTX_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG +#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG) +#ifndef NDEBUG +#define NDEBUG +#endif #endif #include @@ -65,6 +66,37 @@ #include "cryptlib.h" #include "bn_lcl.h" +/* BN_CTX structure details */ +#define BN_CTX_NUM 32 +#define BN_CTX_NUM_POS 12 +struct bignum_ctx + { + int tos; + BIGNUM bn[BN_CTX_NUM]; + int flags; + int depth; + int pos[BN_CTX_NUM_POS]; + int too_many; + }; + +#ifndef OPENSSL_NO_DEPRECATED +void BN_CTX_init(BN_CTX *ctx) +#else +static void BN_CTX_init(BN_CTX *ctx) +#endif + { +#if 0 /* explicit version */ + int i; + ctx->tos = 0; + ctx->flags = 0; + ctx->depth = 0; + ctx->too_many = 0; + for (i = 0; i < BN_CTX_NUM; i++) + BN_init(&(ctx->bn[i])); +#else + memset(ctx, 0, sizeof *ctx); +#endif + } BN_CTX *BN_CTX_new(void) { @@ -82,21 +114,6 @@ BN_CTX *BN_CTX_new(void) return(ret); } -void BN_CTX_init(BN_CTX *ctx) - { -#if 0 /* explicit version */ - int i; - ctx->tos = 0; - ctx->flags = 0; - ctx->depth = 0; - ctx->too_many = 0; - for (i = 0; i < BN_CTX_NUM; i++) - BN_init(&(ctx->bn[i])); -#else - memset(ctx, 0, sizeof *ctx); -#endif - } - void BN_CTX_free(BN_CTX *ctx) { int i; diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index 01cb6e92803b20ec38ea9bf9ecc62d23aa263673..0c448724d54c81e2f475f8c333987b7a7227afc1 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -119,20 +119,6 @@ extern "C" { #endif -/* Used for temp variables */ -#define BN_CTX_NUM 32 -#define BN_CTX_NUM_POS 12 -struct bignum_ctx - { - int tos; - BIGNUM bn[BN_CTX_NUM]; - int flags; - int depth; - int pos[BN_CTX_NUM_POS]; - int too_many; - } /* BN_CTX */; - - /* * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions *