Commit f6e87e8d authored by unknown's avatar unknown
Browse files

Import patch from yaSSL 

 - avoid allocating memory for each call to 'EVP_md5' and 
   'EVP_des_ede3_cbc' which were not released until server was stopped
 - Those functions are used from the SQL function 'des_encrypt' and
   'des_decrypt'.


extra/yassl/include/openssl/ssl.h:
  Import patch yassl.diff
extra/yassl/include/yassl_int.hpp:
  Import patch yassl.diff
extra/yassl/src/ssl.cpp:
  Import patch yassl.diff
extra/yassl/src/template_instnt.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_int.cpp:
  Import patch yassl.diff
parent afd1a8e4

extra/yassl/include/openssl/ssl.h

+2 −4
Original line number Diff line number Diff line
@@ -377,11 +377,9 @@ char* SSL_state_string_long(SSL*); 




/* EVP stuff, des and md5, different file? */

typedef struct Digest Digest;

typedef Digest EVP_MD;

typedef char EVP_MD;



typedef struct BulkCipher BulkCipher;

typedef BulkCipher EVP_CIPHER;

typedef char EVP_CIPHER;



typedef struct EVP_PKEY EVP_PKEY;

extra/yassl/include/yassl_int.hpp

+0 −19
Original line number Diff line number Diff line
@@ -127,25 +127,6 @@ private: 
};





// hold add crypt references provided to callers

class CryptProvider {

    mySTL::list<Digest*>     digestList_;

    mySTL::list<BulkCipher*> cipherList_;

    CryptProvider() {}                         // only GetCryptProvider creates

public:

    ~CryptProvider();



    Digest*     NewMd5();

    BulkCipher* NewDesEde();



    friend CryptProvider& GetCryptProvider();

private:

    CryptProvider(const CryptProvider&);            // hide copy

    CryptProvider& operator=(const CryptProvider&); // and assign

};



CryptProvider& GetCryptProvider();



#undef X509_NAME  // wincrypt.h clash



// openSSL X509 names

extra/yassl/src/ssl.cpp

+21 −12
Original line number Diff line number Diff line
@@ -811,25 +811,34 @@ const char* X509_verify_cert_error_string(long /* error */) 


const EVP_MD* EVP_md5(void)

{

    return GetCryptProvider().NewMd5();

    static const char* type = "MD5";

    return type;

}





const EVP_CIPHER* EVP_des_ede3_cbc(void)

{

    return GetCryptProvider().NewDesEde();

    static const char* type = "DES_EDE3_CBC";

    return type;

}





int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt,

                   const byte* data, int sz, int count, byte* key, byte* iv)

{

    EVP_MD* myMD = const_cast<EVP_MD*>(md);

    uint digestSz = myMD->get_digestSize();

    // only support MD5 for now

    if (strncmp(md, "MD5", 3)) return 0;



    // only support DES_EDE3_CBC for now

    if (strncmp(type, "DES_EDE3_CBC", 12)) return 0; 



    yaSSL::MD5 myMD;

    uint digestSz = myMD.get_digestSize();

    byte digest[SHA_LEN];                   // max size



    int keyLen    = type->get_keySize();

    int ivLen     = type->get_ivSize();

    yaSSL::DES_EDE cipher;

    int keyLen    = cipher.get_keySize();

    int ivLen     = cipher.get_ivSize();

    int keyLeft   = keyLen;

    int ivLeft    = ivLen;

    int keyOutput = 0;
@@ -838,17 +847,17 @@ int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt, 
        int digestLeft = digestSz;

        // D_(i - 1)

        if (keyOutput)                      // first time D_0 is empty

            myMD->update(digest, digestSz);

            myMD.update(digest, digestSz);

        // data

        myMD->update(data, sz);

        myMD.update(data, sz);

        // salt

        if (salt)

            myMD->update(salt, EVP_SALT_SZ);

        myMD->get_digest(digest);

            myMD.update(salt, EVP_SALT_SZ);

        myMD.get_digest(digest);

        // count

        for (int j = 1; j < count; j++) {

            myMD->update(digest, digestSz);

            myMD->get_digest(digest);

            myMD.update(digest, digestSz);

            myMD.get_digest(digest);

        }



        if (keyLeft) {

extra/yassl/src/template_instnt.cpp

+0 −1
Original line number Diff line number Diff line
@@ -86,7 +86,6 @@ template void ysDelete<X509>(X509*); 
template void ysDelete<Message>(Message*);

template void ysDelete<sslFactory>(sslFactory*);

template void ysDelete<Sessions>(Sessions*);

template void ysDelete<CryptProvider>(CryptProvider*);

template void ysArrayDelete<unsigned char>(unsigned char*);

template void ysArrayDelete<char>(char*);

}

extra/yassl/src/yassl_int.cpp

+0 −34
Original line number Diff line number Diff line
@@ -1382,38 +1382,6 @@ sslFactory& GetSSL_Factory() 
}





static CryptProvider* cryptProviderInstance = 0;



CryptProvider& GetCryptProvider()

{

    if (!cryptProviderInstance)

        cryptProviderInstance = NEW_YS CryptProvider;

    return *cryptProviderInstance;

}





CryptProvider::~CryptProvider()

{

    mySTL::for_each(digestList_.begin(), digestList_.end(), del_ptr_zero());

    mySTL::for_each(cipherList_.begin(), cipherList_.end(), del_ptr_zero());

}





Digest* CryptProvider::NewMd5()

{

    Digest* ptr = NEW_YS MD5();

    digestList_.push_back(ptr);

    return ptr;

}





BulkCipher* CryptProvider::NewDesEde()

{

    BulkCipher* ptr = NEW_YS DES_EDE();

    cipherList_.push_back(ptr);

    return ptr;

}





typedef Mutex::Lock Lock;
@@ -2106,12 +2074,10 @@ ASN1_STRING* StringHolder::GetString() 
extern "C" void yaSSL_CleanUp()

{

    TaoCrypt::CleanUp();

    yaSSL::ysDelete(yaSSL::cryptProviderInstance);

    yaSSL::ysDelete(yaSSL::sslFactoryInstance);

    yaSSL::ysDelete(yaSSL::sessionsInstance);



    // In case user calls more than once, prevent seg fault

    yaSSL::cryptProviderInstance = 0;

    yaSSL::sslFactoryInstance = 0;

    yaSSL::sessionsInstance = 0;

}