From 332936dffb7c8574be7340271f9cfb196f25a016 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 21:59:15 -0700 Subject: deopaque a couple of things --- src/_cffi_src/openssl/engine.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'src/_cffi_src/openssl') diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py index 3ebfa6c1..bc5c1906 100644 --- a/src/_cffi_src/openssl/engine.py +++ b/src/_cffi_src/openssl/engine.py @@ -11,15 +11,24 @@ INCLUDES = """ TYPES = """ static const long Cryptography_HAS_ENGINE_CRYPTODEV; +struct rand_meth_st { + void (*seed)(const void *buf, int num); + int (*bytes)(unsigned char *buf, int num); + void (*cleanup)(void); + void (*add)(const void *buf, int num, double entropy); + int (*pseudorand)(unsigned char *buf, int num); + int (*status)(void); +}; + typedef ... ENGINE; typedef ... RSA_METHOD; typedef ... DSA_METHOD; typedef ... ECDH_METHOD; typedef ... ECDSA_METHOD; typedef ... DH_METHOD; -typedef ... RAND_METHOD; +typedef struct rand_meth_st RAND_METHOD; typedef ... STORE_METHOD; -typedef ... *ENGINE_GEN_INT_FUNC_PTR; +typedef int(*ENGINE_GEN_INT_FUNC_PTR)(ENGINE*); typedef ... *ENGINE_CTRL_FUNC_PTR; typedef ... *ENGINE_LOAD_KEY_PTR; typedef ... *ENGINE_CIPHERS_PTR; -- cgit v1.2.3 From b51d246eb6ccaed7920ba6dd6a816f74d1158c16 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:08:44 -0700 Subject: remove remaining vestiges, make adding twice work --- src/_cffi_src/openssl/osrandom_engine.py | 31 ------ src/_cffi_src/openssl/src/osrandom_engine.c | 167 ---------------------------- src/_cffi_src/openssl/src/osrandom_engine.h | 6 - 3 files changed, 204 deletions(-) delete mode 100644 src/_cffi_src/openssl/osrandom_engine.py delete mode 100644 src/_cffi_src/openssl/src/osrandom_engine.c delete mode 100644 src/_cffi_src/openssl/src/osrandom_engine.h (limited to 'src/_cffi_src/openssl') diff --git a/src/_cffi_src/openssl/osrandom_engine.py b/src/_cffi_src/openssl/osrandom_engine.py deleted file mode 100644 index a8479b07..00000000 --- a/src/_cffi_src/openssl/osrandom_engine.py +++ /dev/null @@ -1,31 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -import os - -with open(os.path.join( - os.path.dirname(__file__), "src/osrandom_engine.h" -)) as f: - INCLUDES = f.read() - -TYPES = """ -static const char *const Cryptography_osrandom_engine_name; -static const char *const Cryptography_osrandom_engine_id; -""" - -FUNCTIONS = """ -int Cryptography_add_osrandom_engine(void); -""" - -MACROS = """ -""" - -with open(os.path.join( - os.path.dirname(__file__), "src/osrandom_engine.c" -)) as f: - CUSTOMIZATIONS = f.read() - -CONDITIONAL_NAMES = {} diff --git a/src/_cffi_src/openssl/src/osrandom_engine.c b/src/_cffi_src/openssl/src/osrandom_engine.c deleted file mode 100644 index 27894712..00000000 --- a/src/_cffi_src/openssl/src/osrandom_engine.c +++ /dev/null @@ -1,167 +0,0 @@ -static const char *Cryptography_osrandom_engine_id = "osrandom"; -static const char *Cryptography_osrandom_engine_name = "osrandom_engine"; - -#if defined(_WIN32) -static HCRYPTPROV hCryptProv = 0; - -static int osrandom_init(ENGINE *e) { - if (hCryptProv > 0) { - return 1; - } - if (CryptAcquireContext(&hCryptProv, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - return 1; - } else { - return 0; - } -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - if (hCryptProv == 0) { - return 0; - } - - if (!CryptGenRandom(hCryptProv, (DWORD)size, buffer)) { - ERR_put_error( - ERR_LIB_RAND, 0, ERR_R_RAND_LIB, "osrandom_engine.py", 0 - ); - return 0; - } - return 1; -} - -static int osrandom_finish(ENGINE *e) { - if (CryptReleaseContext(hCryptProv, 0)) { - hCryptProv = 0; - return 1; - } else { - return 0; - } -} - -static int osrandom_rand_status(void) { - if (hCryptProv == 0) { - return 0; - } else { - return 1; - } -} -#else -static int urandom_fd = -1; - -static int osrandom_finish(ENGINE *e); - -static int osrandom_init(ENGINE *e) { - if (urandom_fd > -1) { - return 1; - } - urandom_fd = open("/dev/urandom", O_RDONLY); - if (urandom_fd > -1) { - int flags = fcntl(urandom_fd, F_GETFD); - if (flags == -1) { - osrandom_finish(e); - return 0; - } else if (fcntl(urandom_fd, F_SETFD, flags | FD_CLOEXEC) == -1) { - osrandom_finish(e); - return 0; - } - return 1; - } else { - return 0; - } -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - ssize_t n; - while (size > 0) { - do { - n = read(urandom_fd, buffer, (size_t)size); - } while (n < 0 && errno == EINTR); - if (n <= 0) { - ERR_put_error( - ERR_LIB_RAND, 0, ERR_R_RAND_LIB, "osrandom_engine.py", 0 - ); - return 0; - } - buffer += n; - size -= n; - } - return 1; -} - -static int osrandom_finish(ENGINE *e) { - int n; - do { - n = close(urandom_fd); - } while (n < 0 && errno == EINTR); - urandom_fd = -1; - if (n < 0) { - return 0; - } else { - return 1; - } -} - -static int osrandom_rand_status(void) { - if (urandom_fd == -1) { - return 0; - } else { - return 1; - } -} -#endif - -/* This replicates the behavior of the OpenSSL FIPS RNG, which returns a - -1 in the event that there is an error when calling RAND_pseudo_bytes. */ -static int osrandom_pseudo_rand_bytes(unsigned char *buffer, int size) { - int res = osrandom_rand_bytes(buffer, size); - if (res == 0) { - return -1; - } else { - return res; - } -} - -static RAND_METHOD osrandom_rand = { - NULL, - osrandom_rand_bytes, - NULL, - NULL, - osrandom_pseudo_rand_bytes, - osrandom_rand_status, -}; - -/* Returns 1 if successfully added, 2 if engine has previously been added, - and 0 for error. */ -int Cryptography_add_osrandom_engine(void) { - ENGINE *e; - e = ENGINE_by_id(Cryptography_osrandom_engine_id); - if (e != NULL) { - ENGINE_free(e); - return 2; - } else { - ERR_clear_error(); - } - - e = ENGINE_new(); - if (e == NULL) { - return 0; - } - if(!ENGINE_set_id(e, Cryptography_osrandom_engine_id) || - !ENGINE_set_name(e, Cryptography_osrandom_engine_name) || - !ENGINE_set_RAND(e, &osrandom_rand) || - !ENGINE_set_init_function(e, osrandom_init) || - !ENGINE_set_finish_function(e, osrandom_finish)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_add(e)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_free(e)) { - return 0; - } - - return 1; -} diff --git a/src/_cffi_src/openssl/src/osrandom_engine.h b/src/_cffi_src/openssl/src/osrandom_engine.h deleted file mode 100644 index 11a3159e..00000000 --- a/src/_cffi_src/openssl/src/osrandom_engine.h +++ /dev/null @@ -1,6 +0,0 @@ -#ifdef _WIN32 -#include -#else -#include -#include -#endif -- cgit v1.2.3 From add79c02c102f2874974bdec727c9733a48685cc Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 23:17:06 -0700 Subject: comply with C coding standard, for which there is no linter --- src/_cffi_src/openssl/engine.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src/_cffi_src/openssl') diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py index bc5c1906..821c9235 100644 --- a/src/_cffi_src/openssl/engine.py +++ b/src/_cffi_src/openssl/engine.py @@ -12,12 +12,12 @@ TYPES = """ static const long Cryptography_HAS_ENGINE_CRYPTODEV; struct rand_meth_st { - void (*seed)(const void *buf, int num); - int (*bytes)(unsigned char *buf, int num); - void (*cleanup)(void); - void (*add)(const void *buf, int num, double entropy); - int (*pseudorand)(unsigned char *buf, int num); - int (*status)(void); + void (*seed)(const void *, int); + int (*bytes)(unsigned char *, int); + void (*cleanup)(); + void (*add)(const void *, int, double); + int (*pseudorand)(unsigned char *, int); + int (*status)(); }; typedef ... ENGINE; @@ -28,7 +28,7 @@ typedef ... ECDSA_METHOD; typedef ... DH_METHOD; typedef struct rand_meth_st RAND_METHOD; typedef ... STORE_METHOD; -typedef int(*ENGINE_GEN_INT_FUNC_PTR)(ENGINE*); +typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); typedef ... *ENGINE_CTRL_FUNC_PTR; typedef ... *ENGINE_LOAD_KEY_PTR; typedef ... *ENGINE_CIPHERS_PTR; -- cgit v1.2.3 From 28e7d80faff025e2fa90ea69813fc73332387c25 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:13:12 -0700 Subject: don't need the intermediary 'struct' declaration. --- src/_cffi_src/openssl/engine.py | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) (limited to 'src/_cffi_src/openssl') diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py index 821c9235..5079fd69 100644 --- a/src/_cffi_src/openssl/engine.py +++ b/src/_cffi_src/openssl/engine.py @@ -11,22 +11,20 @@ INCLUDES = """ TYPES = """ static const long Cryptography_HAS_ENGINE_CRYPTODEV; -struct rand_meth_st { - void (*seed)(const void *, int); - int (*bytes)(unsigned char *, int); - void (*cleanup)(); - void (*add)(const void *, int, double); - int (*pseudorand)(unsigned char *, int); - int (*status)(); -}; - typedef ... ENGINE; typedef ... RSA_METHOD; typedef ... DSA_METHOD; typedef ... ECDH_METHOD; typedef ... ECDSA_METHOD; typedef ... DH_METHOD; -typedef struct rand_meth_st RAND_METHOD; +typedef struct { + void (*seed)(const void *, int); + int (*bytes)(unsigned char *, int); + void (*cleanup)(); + void (*add)(const void *, int, double); + int (*pseudorand)(unsigned char *, int); + int (*status)(); +} RAND_METHOD; typedef ... STORE_METHOD; typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); typedef ... *ENGINE_CTRL_FUNC_PTR; -- cgit v1.2.3 From 885d688aae732042034fed4c7cab5dd6a70c6c26 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:40:52 -0700 Subject: bind ERR_clear_error --- src/_cffi_src/openssl/err.py | 1 + 1 file changed, 1 insertion(+) (limited to 'src/_cffi_src/openssl') diff --git a/src/_cffi_src/openssl/err.py b/src/_cffi_src/openssl/err.py index 0ee19c9e..eebf19ba 100644 --- a/src/_cffi_src/openssl/err.py +++ b/src/_cffi_src/openssl/err.py @@ -251,6 +251,7 @@ unsigned long ERR_peek_error_line(const char **, int *); unsigned long ERR_peek_last_error_line(const char **, int *); unsigned long ERR_get_error_line_data(const char **, int *, const char **, int *); +void ERR_clear_error(void); unsigned long ERR_peek_error_line_data(const char **, int *, const char **, int *); unsigned long ERR_peek_last_error_line_data(const char **, -- cgit v1.2.3