diff options
author | Ben Noordhuis <info@bnoordhuis.nl> | 2013-04-29 14:15:07 +0200 |
---|---|---|
committer | Ben Noordhuis <info@bnoordhuis.nl> | 2013-04-29 14:17:50 +0200 |
commit | 179784e31e72fcdd0a2b1a596f7aebb43dc87913 (patch) | |
tree | 2351f6f6bcd90b40d39e9630662a380e74a2c515 /deps/openssl/openssl/crypto/evp/digest.c | |
parent | d3ddee61c2f83e2a3b7ebabfbefee060801d27f5 (diff) | |
download | android-node-v8-179784e31e72fcdd0a2b1a596f7aebb43dc87913.tar.gz android-node-v8-179784e31e72fcdd0a2b1a596f7aebb43dc87913.tar.bz2 android-node-v8-179784e31e72fcdd0a2b1a596f7aebb43dc87913.zip |
Revert "deps: downgrade openssl to v1.0.0f"
This commit undoes the downgrade from OpenSSL v1.0.1e to v1.0.0f,
effectively upgrading OpenSSL to v1.0.1e again. The reason for the
downgrade was to work around compatibility issues with certain TLS
servers in the stable branch. See the commit log of 4fdb8ac and the
linked issue for details. We're going to revisit that in the master
branch.
This reverts commit 4fdb8acdaef4c3cb1d855e992ada0e63fee520a6.
Diffstat (limited to 'deps/openssl/openssl/crypto/evp/digest.c')
-rw-r--r-- | deps/openssl/openssl/crypto/evp/digest.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/deps/openssl/openssl/crypto/evp/digest.c b/deps/openssl/openssl/crypto/evp/digest.c index 982ba2b136..6fc469f9c4 100644 --- a/deps/openssl/openssl/crypto/evp/digest.c +++ b/deps/openssl/openssl/crypto/evp/digest.c @@ -117,6 +117,10 @@ #include <openssl/engine.h> #endif +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif + void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { memset(ctx,'\0',sizeof *ctx); @@ -225,12 +229,26 @@ skip_to_init: } if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) return 1; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + { + if (FIPS_digestinit(ctx, type)) + return 1; + OPENSSL_free(ctx->md_data); + ctx->md_data = NULL; + return 0; + } +#endif return ctx->digest->init(ctx); } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { +#ifdef OPENSSL_FIPS + return FIPS_digestupdate(ctx, data, count); +#else return ctx->update(ctx,data,count); +#endif } /* The caller can assume that this removes any secret data from the context */ @@ -245,6 +263,9 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) /* The caller can assume that this removes any secret data from the context */ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { +#ifdef OPENSSL_FIPS + return FIPS_digestfinal(ctx, md, size); +#else int ret; OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); @@ -258,6 +279,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) } memset(ctx->md_data,0,ctx->digest->ctx_size); return ret; +#endif } int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) @@ -351,6 +373,7 @@ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) /* This call frees resources associated with the context */ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) { +#ifndef OPENSSL_FIPS /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, * because sometimes only copies of the context are ever finalised. */ @@ -363,6 +386,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); OPENSSL_free(ctx->md_data); } +#endif if (ctx->pctx) EVP_PKEY_CTX_free(ctx->pctx); #ifndef OPENSSL_NO_ENGINE @@ -371,6 +395,9 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) * functional reference we held for this reason. */ ENGINE_finish(ctx->engine); #endif +#ifdef OPENSSL_FIPS + FIPS_md_ctx_cleanup(ctx); +#endif memset(ctx,'\0',sizeof *ctx); return 1; |