Commit Graph

49 Commits

Author SHA1 Message Date
Adam Langley
0da323a8b8 Convert reference counts in crypto/
This change converts the reference counts in crypto/ to use
|CRYPTO_refcount_t|. The reference counts in |X509_PKEY| and |X509_INFO|
were never actually used and so were dropped.

Change-Id: I75d572cdac1f8c1083c482e29c9519282d7fd16c
Reviewed-on: https://boringssl-review.googlesource.com/4772
Reviewed-by: Adam Langley <agl@google.com>
2015-05-20 19:15:26 +00:00
Adam Langley
517da2f1ef Add |BIO_up_ref| and |EVP_PKEY_up_ref|.
This avoids callers having to worry about |CRYPTO_add| and what the
correct lock to use it with is. (Esp since we'll probably change the way
that reference counts work in the future.)

Change-Id: I972bf0cc3be6099e0255e64a0fd50249062d1eb4
Reviewed-on: https://boringssl-review.googlesource.com/4623
Reviewed-by: Adam Langley <agl@google.com>
2015-05-05 18:30:03 +00:00
Adam Langley
ab9017b0ff Revert "bio: remove reference count."
Android uses BIO reference counting.

This reverts commit 9bde6aeb76.

Change-Id: Ibf4a7f42477549d10829a424ea3b52f09098666c
Reviewed-on: https://boringssl-review.googlesource.com/4472
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-05-05 00:28:22 +00:00
David Benjamin
22ccc2d8f1 Remove unnecessary NULL checks, part 1.
First batch of the alphabet.

Change-Id: If4e60f4fbb69e04eb4b70aa1b2240e329251bfa5
Reviewed-on: https://boringssl-review.googlesource.com/4514
Reviewed-by: Adam Langley <agl@google.com>
2015-05-04 23:05:17 +00:00
David Benjamin
de95d262ab Add missing BUF_strdup failure checks.
Change-Id: I997e8806b0bccb58fe7b8bbea4e98c68d0925361
Reviewed-on: https://boringssl-review.googlesource.com/4513
Reviewed-by: Adam Langley <agl@google.com>
2015-05-04 22:58:38 +00:00
Adam Langley
d5eb7f4268 bio: remove BIO_CTRL_PUSH/_POP.
We don't support the SSL BIO so this is a no-op change.

Change-Id: Iba9522b837ebb0eb6adc80d5df6dcac99abf2552
Reviewed-on: https://boringssl-review.googlesource.com/4360
Reviewed-by: Adam Langley <agl@google.com>
2015-04-16 00:16:20 +00:00
David Benjamin
1004b9564a Remove BIO's ex_data.
No wrappers were ever added and codesearch confirms no one ever added to it
manually. Probably anyone doing complex things with BIOs just made a custom
BIO_METHOD. We can put it back with proper functions if the need ever arises.

Change-Id: Icb5da7ceeb8f1da6d08f4a8854d53dfa75827d9c
Reviewed-on: https://boringssl-review.googlesource.com/4373
Reviewed-by: Adam Langley <agl@google.com>
2015-04-15 23:35:51 +00:00
David Benjamin
546f1a59ef Unexpose the generic ex_data functions.
Callers are required to use the wrappers now. They still need OPENSSL_EXPORT
since crypto and ssl get built separately in the standalone shared library
build.

Change-Id: I61186964e6099b9b589c4cd45b8314dcb2210c89
Reviewed-on: https://boringssl-review.googlesource.com/4372
Reviewed-by: Adam Langley <agl@google.com>
2015-04-15 23:27:22 +00:00
Adam Langley
9bde6aeb76 bio: remove reference count.
It appears that this reference “count” is set to one at creation and
never touched after that.

Change-Id: I3238a6d3dd702953771b8ec725c1c5712c648fba
Reviewed-on: https://boringssl-review.googlesource.com/4320
Reviewed-by: Adam Langley <agl@google.com>
2015-04-14 20:04:52 +00:00
Brian Smith
054e682675 Eliminate unnecessary includes from low-level crypto modules.
Beyond generally eliminating unnecessary includes, eliminate as many
includes of headers that declare/define particularly error-prone
functionality like strlen, malloc, and free. crypto/err/internal.h was
added to remove the dependency on openssl/thread.h from the public
openssl/err.h header. The include of <stdlib.h> in openssl/mem.h was
retained since it defines OPENSSL_malloc and friends as macros around
the stdlib.h functions. The public x509.h, x509v3.h, and ssl.h headers
were not changed in order to minimize breakage of source compatibility
with external code.

Change-Id: I0d264b73ad0a720587774430b2ab8f8275960329
Reviewed-on: https://boringssl-review.googlesource.com/4220
Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 20:49:18 +00:00
Brian Smith
83a82981dc Rename BIO_print_errors_fp back to ERR_print_errors_fp & refactor it.
A previous change in BoringSSL renamed ERR_print_errors_fp to
BIO_print_errors_fp as part of refactoring the code to improve the
layering of modules within BoringSSL. Rename it back for better
compatibility with code that was using the function under the original
name. Move its definition back to crypto/err using an implementation
that avoids depending on crypto/bio.

Change-Id: Iee7703bb1eb4a3d640aff6485712bea71d7c1052
Reviewed-on: https://boringssl-review.googlesource.com/4310
Reviewed-by: Adam Langley <agl@google.com>
2015-04-13 20:23:29 +00:00
David Benjamin
3db1ded2e7 Convert bio_test to C++.
Change-Id: I6416eb6b2474e4fbb974a7da8a9bc6d2b4c44adb
Reviewed-on: https://boringssl-review.googlesource.com/4128
Reviewed-by: Adam Langley <agl@google.com>
2015-04-01 19:59:03 +00:00
Adam Langley
3e719319be Lowercase some Windows headers.
MinGW on Linux needs lowercase include files. On Windows this doesn't
matter since the filesystems are case-insensitive, but building
BoringSSL on Linux with MinGW has case-sensitive filesystems.

Change-Id: Id9c120d819071b041341fbb978352812d6d073bc
Reviewed-on: https://boringssl-review.googlesource.com/4090
Reviewed-by: Adam Langley <agl@google.com>
2015-03-31 22:21:42 +00:00
David Benjamin
87c8a643e1 Use TCP sockets rather than socketpairs in the SSL tests.
This involves more synchronization with child exits as the kernel no longer
closes the pre-created pipes for free, but it works on Windows. As long as
TCP_NODELAY is set, the performance seems comparable. Though it does involve
dealing with graceful socket shutdown. I couldn't get that to work on Windows
without draining the socket; not even SO_LINGER worked. Current (untested)
theory is that Windows refuses to gracefully shutdown a socket if the peer
sends data after we've stopped reading.

cmd.ExtraFiles doesn't work on Windows; it doesn't use fds natively, so you
can't pass fds 4 and 5. (stdin/stdout/stderr are special slots in
CreateProcess.) We can instead use the syscall module directly and mark handles
as inheritable (and then pass the numerical values out-of-band), but that
requires synchronizing all of our shim.Start() calls and assuming no other
thread is spawning a process.

PROC_THREAD_ATTRIBUTE_HANDLE_LIST fixes threading problems, but requires
wrapping more syscalls.  exec.Cmd also doesn't let us launch the process
ourselves. Plus it still requires every handle in the list be marked
inheritable, so it doesn't help if some other thread is launching a process
with bInheritHandles TRUE but NOT using PROC_THREAD_ATTRIBUTE_HANDLE_LIST.
(Like Go, though we can take syscall.ForkLock there.)

http://blogs.msdn.com/b/oldnewthing/archive/2011/12/16/10248328.aspx

The more natively Windows option seems to be named pipes, but that too requires
wrapping more system calls. (To be fair, that isn't too painful.) They also
involve a listening server, so we'd still have to synchronize with shim.Wait()
a la net.TCPListener.

Then there's DuplicateHandle, but then we need an out-of-band signal.

All in all, one cross-platform implementation with a TCP sockets seems
simplest.

Change-Id: I38233e309a0fa6814baf61e806732138902347c0
Reviewed-on: https://boringssl-review.googlesource.com/3563
Reviewed-by: Adam Langley <agl@google.com>
2015-02-23 19:59:06 +00:00
David Benjamin
c9a202fee3 Add in missing curly braces part 1.
Everything before crypto/ec.

Change-Id: Icbfab8e4ffe5cc56bf465eb57d3fdad3959a085c
Reviewed-on: https://boringssl-review.googlesource.com/3401
Reviewed-by: Adam Langley <agl@google.com>
2015-02-11 19:31:01 +00:00
Adam Langley
29b186736c Precompute sorted array for error strings.
Previously, error strings were kept in arrays for each subdirectory and
err.c would iterate over them all and insert them at init time to a hash
table.

This means that, even if you have a shared library and lots of processes
using that, each process has ~30KB of private memory from building that
hash table.

This this change, all the error strings are built into a sorted list and
are thus static data. This means that processes can share the error
information and it actually saves binary space because of all the
pointer overhead in the old scheme. Also it saves the time taken
building the hash table at startup.

This removes support for externally-supplied error string data.

Change-Id: Ifca04f335c673a048e1a3e76ff2b69c7264635be
2015-02-09 17:35:31 -08:00
Adam Langley
2b2d66d409 Remove string.h from base.h.
Including string.h in base.h causes any file that includes a BoringSSL
header to include string.h. Generally this wouldn't be a problem,
although string.h might slow down the compile if it wasn't otherwise
needed. However, it also causes problems for ipsec-tools in Android
because OpenSSL didn't have this behaviour.

This change removes string.h from base.h and, instead, adds it to each
.c file that requires it.

Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37
Reviewed-on: https://boringssl-review.googlesource.com/3200
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:14:15 +00:00
Brian Smith
efed2210e8 Enable more warnings & treat warnings as errors on Windows.
Change-Id: I2bf0144aaa8b670ff00b8e8dfe36bd4d237b9a8a
Reviewed-on: https://boringssl-review.googlesource.com/3140
Reviewed-by: Adam Langley <agl@google.com>
2015-01-31 00:18:55 +00:00
Brian Smith
a87de9b39b Define WIN32_LEAN_AND_MEAN in the build system, not in the code.
This avoids a conflict with the Chromium build system, which
defines WIN32_LEAN_AND_MEAN with a different value.

BUG=crbug.com/453196

Change-Id: Ia15ec7c20325c1961af4f32e5208266e5f846f35
Reviewed-on: https://boringssl-review.googlesource.com/3150
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-29 18:48:57 +00:00
Adam Langley
4a0f0c4910 Change CMakeLists.txt to two-space indent.
find -name CMakeLists.txt -type f | xargs sed -e 's/\t/  /g' -i

Change-Id: I01636b1849c00ba918f48828252492d99b0403ac
2015-01-28 16:37:10 -08:00
Brian Smith
dc94b54708 Clean up use of Windows Platform SDK headers.
Define WIN32_LEAN_AND_MEAN before including Windows Platform SDK
headers to preempt naming conflicts and to make the build faster. Avoid
including those headers in BoringSSL headers. Document that Platform
SDK 8.1 or later is required on Windows.

Change-Id: I907ada21dc722527ea37e839c71c5157455a7003
Reviewed-on: https://boringssl-review.googlesource.com/3100
Reviewed-by: Adam Langley <agl@google.com>
2015-01-28 20:36:49 +00:00
David Benjamin
aa3f6daa86 Tag a number of globals as const.
Change-Id: I6f334911f153395a2e5e26adfd08912a1d8c558b
Reviewed-on: https://boringssl-review.googlesource.com/2847
Reviewed-by: Adam Langley <agl@google.com>
2015-01-14 21:53:00 +00:00
Adam Langley
93efb7228b Rename hexdump to hexdump_write.
It's a static function anyway so it doesn't affect anything and it's
colliding with a debugging function on one platform.

Change-Id: Iae0595cce7cb2bdd4c56217f6f1de51ff3134a8b
Reviewed-on: https://boringssl-review.googlesource.com/2630
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-06 00:26:53 +00:00
David Benjamin
192f34b175 Fix bio_test.c build on Windows.
MSVC does not allow pointer arithmetic on void* pointers. Also
fix some style issues around whether * hugs the type or the
variable name.

Change-Id: I40cc1627830b37879fd70e2b688a42df62b6c62a
Reviewed-on: https://boringssl-review.googlesource.com/2452
Reviewed-by: Adam Langley <agl@google.com>
2014-12-01 19:06:59 +00:00
Håvard Molland
4e0a7e5a1d Cleanup of setting external buffer
Don't use |BIO_set_foo_buffer_size| when setting the
sizes of the buffers while making buffer pair. Since it
happens in pair.c we know the BIOs are BIO pairs and using
bio_ctrl here complicates setting external buffers. Also
zero out bio_bio_st during construction.

This fixes a problem that would happen if the default buffer
sizes were not set, since buf_externally_allocated was
not yet initialized.

Remove BIO_C_SET_BUFF_SIZE and BIO_CTRL_RESET which are
not used for bio pairs.

Change-Id: I365091d5f44f6f1c5522c325a771bdf03d8fe950
Reviewed-on: https://boringssl-review.googlesource.com/2370
Reviewed-by: Adam Langley <agl@google.com>
2014-11-24 17:46:00 +00:00
Håvard Molland
ce5be4bd5c Add zero copy read and write api for bio pairs.
Also add functionality for setting external buffers to give the
caller better control of the buffers. This is typical needed if OS
sockets can outlive the bio pair.

Change-Id: I500f0c522011ce76e9a9bce5d7b43c93d9d11457
2014-11-18 14:06:46 -08:00
David Benjamin
2a0f3420f7 Fix standalone bio_test and v3name_test on Win64.
Win32 still has assembly issues and bssl wants to select() on both sockets and
stdin (doesn't work on Windows). But this is a start.

Change-Id: Iafc5215be281aed836c5ac2dc8b379399848a2c2
Reviewed-on: https://boringssl-review.googlesource.com/2090
Reviewed-by: Adam Langley <agl@google.com>
2014-10-29 21:17:27 +00:00
Adam Langley
51fcd87102 Fix NaCl build.
NaCl defines _POSIX_C_SOURCE on the command line for some reason, thus
we have to be defensive about defining it.

Change-Id: Icbc8afcb1ac0e0ca23b788b11ea911c3f55a8b7f
Reviewed-on: https://boringssl-review.googlesource.com/1891
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-10-02 22:45:22 +00:00
Adam Langley
ad912f348b Use _POSIX_C_SOURCE not _BSD_SOURCE.
_BSD_SOURCE has been deprecated (see bug). The manpage for printf
suggests that any _POSIX_C_SOURCE >= 200112L is also sufficient to bring
in the needed declarations and the bug reporter confirms that it's
sufficient for him.

https://code.google.com/p/chromium/issues/detail?id=419859

Change-Id: Ifc053f11c5aa1df35aae8e952d2c73a7f4599ec2
Reviewed-on: https://boringssl-review.googlesource.com/1890
Reviewed-by: Adam Langley <agl@google.com>
2014-10-02 21:35:33 +00:00
David Benjamin
b99106a7a5 Fix bio_test on Windows.
Winsock needs to be initialized. Also, perror doesn't do anything
useful and read/recv aren't interchangeable.

Change-Id: Ic9dfd6907b7b0d396eafe72072a29d027b66bc0c
Reviewed-on: https://boringssl-review.googlesource.com/1871
Reviewed-by: Adam Langley <agl@google.com>
2014-10-01 17:24:22 +00:00
David Benjamin
66a3531237 Fix BIO_printf on Windows.
vsnprintf returns -1 on Windows on truncation, not the needed
size.

Change-Id: I0a9f32504127b2fb740244c3b59132e201d14234
Reviewed-on: https://boringssl-review.googlesource.com/1870
Reviewed-by: Adam Langley <agl@google.com>
2014-10-01 17:22:56 +00:00
David Benjamin
04284b8952 Account for Windows and UNIX socket API differences.
close is closesocket. Also some of the headers are different
and inet_aton should be inet_pton.

Change-Id: I9eee0880d91833bdd3bcf0f2a352923c9fb1a891
Reviewed-on: https://boringssl-review.googlesource.com/1864
Reviewed-by: Adam Langley <agl@google.com>
2014-10-01 02:05:43 +00:00
Adam Langley
bed8ce78f0 Add misc functions for easier porting.
Android requested that the wpa_supplicant go upstream. This change adds
some dummy functions and reinstates DSA_dup_DH in order to make the diff
smaller and easier for upstream.

Change-Id: I77ac271b8652bae5a0bbe16afde51d9096f3dfb5
Reviewed-on: https://boringssl-review.googlesource.com/1740
Reviewed-by: Adam Langley <agl@google.com>
2014-09-18 22:38:11 +00:00
David Benjamin
a70c75cfc0 Add a CRYPTO_library_init and static-initializer-less build option.
Chromium does not like static initializers, and the CPU logic uses one to
initialize CPU bits. However, the crypto library lacks an explicit
initialization function, which could complicate (no compile-time errors)
porting existing code which uses crypto/, but not ssl/.

Add an explicit CRYPTO_library_init function, but make it a no-op by default.
It only does anything (and is required) if building with
BORINGSSL_NO_STATIC_INITIALIZER.

Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39
Reviewed-on: https://boringssl-review.googlesource.com/1770
Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:10:53 +00:00
Adam Langley
b2cb0ece76 Fix minor issues found by Clang's analysis.
Thanks to Denis Denisov for running the analysis.

Change-Id: I80810261e013423e746fd8d8afefb3581cffccc0
Reviewed-on: https://boringssl-review.googlesource.com/1701
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 22:39:41 +00:00
David Benjamin
c44d2f4cb8 Convert all zero-argument functions to '(void)'
Otherwise, in C, it becomes a K&R function declaration which doesn't actually
type-check the number of arguments.

Change-Id: I0731a9fefca46fb1c266bfb1c33d464cf451a22e
Reviewed-on: https://boringssl-review.googlesource.com/1582
Reviewed-by: Adam Langley <agl@google.com>
2014-08-21 01:06:07 +00:00
Yoshisato Yanagisawa
b7725cf3ec Include Windows.h in some source files.
https://code.google.com/p/chromium/issues/detail?id=399172#c3

Change-Id: Ie5447f0d6901d802698eabadf3bd5d42d75f588d
2014-08-18 11:39:09 -07:00
Adam Langley
e2c4d26214 Recover BIO_number_{read|written}.
Android needs it. These functions were removed in the move to BoringSSL.

Change-Id: Ice24a0a1c390930cf07dbd00f72a3e12e6c241f9
Reviewed-on: https://boringssl-review.googlesource.com/1510
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-08-14 16:37:05 +00:00
Adam Langley
ded93581f1 Windows build fixes.
Windows doesn't have ssize_t, sadly. There's SSIZE_T, but defining an
OPENSSL_SSIZE_T seems worse than just using an int.

Change-Id: I09bb5aa03f96da78b619e551f92ed52ce24d9f3f
Reviewed-on: https://boringssl-review.googlesource.com/1352
Reviewed-by: Adam Langley <agl@google.com>
2014-08-11 22:10:02 +00:00
David Benjamin
dd1c246f7f Fix C99-ism in bio_test.c.
Change-Id: I7cd91d79f3a014de367976318c860914dd4c2f49
Reviewed-on: https://boringssl-review.googlesource.com/1392
Reviewed-by: Adam Langley <agl@google.com>
2014-08-04 22:34:50 +00:00
David Benjamin
aa4efe7669 Fix BIO_printf crash on Mac.
A single va_list may not be used twice. Nothing calls BIO_vprintf and it just
(v)snprintfs into a buffer anyway, so remove it. If it's actually needed, we
can fiddle with va_copy and the lack of it in C89 later, but anything that
actually cares can just assemble the output externally.

Add a test in bio_test.c.

BUG=399546

Change-Id: Ia40a68b31cb5984d817e9c55351f49d9d6c964c1
Reviewed-on: https://boringssl-review.googlesource.com/1391
Reviewed-by: Adam Langley <agl@google.com>
2014-08-04 21:11:21 +00:00
Adam Langley
37a623cf29 Have BIO_get_mem_data return a size_t and uint8_t*
Change-Id: I883f9c3527b572a2140ae4899cf4409cdc25c6dc
Reviewed-on: https://boringssl-review.googlesource.com/1261
Reviewed-by: Adam Langley <agl@google.com>
2014-07-18 17:22:05 +00:00
David Benjamin
e77dff61bd Preserve the address length in bio/connect.c.
On OS X, the length must be the length of the address and not of
sockaddr_storage.

Change-Id: Id962f2f3268f07327724b9867a83c15ec50cb9fd
Reviewed-on: https://boringssl-review.googlesource.com/1251
Reviewed-by: Adam Langley <agl@google.com>
2014-07-18 00:56:04 +00:00
Adam Langley
0cc81ff04f Add functions for setting a BIO callback and arg.
These were omitted, but are needed by Chromium now.

Change-Id: I17e1672674311c8dc2ede21539c82b8e2e50f376
Reviewed-on: https://boringssl-review.googlesource.com/1201
Reviewed-by: Adam Langley <agl@google.com>
2014-07-15 23:31:50 +00:00
Adam Langley
4c921e1bbc Move public headers to include/openssl/
Previously, public headers lived next to the respective code and there
were symlinks from include/openssl to them.

This doesn't work on Windows.

This change moves the headers to live in include/openssl. In cases where
some symlinks pointed to the same header, I've added a file that just
includes the intended target. These cases are all for backwards-compat.

Change-Id: I6e285b74caf621c644b5168a4877db226b07fd92
Reviewed-on: https://boringssl-review.googlesource.com/1180
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-07-14 22:42:18 +00:00
Adam Langley
0113a4fb60 Support building with PNaCl.
PNaCl needs OPENSSL_NO_ASM to work and a couple of cases were missing
because it hasn't previously been tested.

Additionally, it defined _BSD_SOURCE and others on the command line,
causing duplicate definition errors when defined in source code.

It's missing readdir_r.

It uses newlib, which appears to use u_short in socket.h without ever
defining it.

Change-Id: Ieccfc7365723d0521f6327eebe9f44a2afc57406
Reviewed-on: https://boringssl-review.googlesource.com/1140
Reviewed-by: Adam Langley <agl@google.com>
2014-07-11 19:04:04 +00:00
Adam Langley
659de419c1 Add ISC header to a handful of files.
A handful of new files were missing the ISC license header.

Change-Id: I44507dd1361b0348d8e0e1bf12d38072030af53d
2014-06-26 10:26:42 -07:00
Adam Langley
1258b6a756 ChannelID support.
Implement ChannelID as both a client and server.
2014-06-20 13:17:33 -07:00
Adam Langley
95c29f3cd1 Inital import.
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)
2014-06-20 13:17:32 -07:00