Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Openssl uefi #2961

Closed
wants to merge 5 commits into from
Closed

Openssl uefi #2961

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d83af6e
Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags
Mar 15, 2017
8f7f43c
Fix the build warning under OPENSSL_NO_GOST
Mar 15, 2017
98091f3
Update statem_lib.c
Mar 15, 2017
73d2240
Update statem_lib.c
Mar 17, 2017
19dc66b
Update statem_lib.c
Mar 18, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion crypto/uid.c
View file
Open in desktop
Expand Up @@ -19,7 +19,7 @@ int OPENSSL_issetugid(void)
return issetugid();
}

#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS)
#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)

int OPENSSL_issetugid(void)
{
Expand Down
2 changes: 1 addition & 1 deletion e_os.h
View file
Open in desktop
Expand Up @@ -61,7 +61,7 @@ extern "C" {
# define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
# endif

# if defined(OPENSSL_SYS_VXWORKS)
# if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
# define NO_SYS_PARAM_H
# define NO_CHMOD
# define NO_SYSLOG
Expand Down
5 changes: 3 additions & 2 deletions ssl/statem/statem_lib.c
View file
Open in desktop
Expand Up @@ -279,9 +279,10 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
const unsigned char *data;
#ifndef OPENSSL_NO_GOST
unsigned char *gost_data = NULL;
int pktype;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove this line.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm sorry, I misled you regarding this one. There's now an OPENSSL_free further down that's missing its variable...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Exactly. I also didn't notice this issue. So moving the gost_data declaration to the original position.

#endif
int al = SSL_AD_INTERNAL_ERROR, ret = MSG_PROCESS_ERROR;
int type = 0, j, pktype;
int type = 0, j;
unsigned int len;
X509 *peer;
const EVP_MD *md = NULL;
Expand All @@ -303,7 +304,6 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
goto f_err;
}

pktype = EVP_PKEY_id(pkey);
type = X509_certificate_type(peer, pkey);

if (!(type & EVP_PKT_SIGN)) {
Expand Down Expand Up @@ -384,6 +384,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
}
#ifndef OPENSSL_NO_GOST
{
pktype = EVP_PKEY_id(pkey);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change this line to int pktype = EVP_PKEY_id(pkey);

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's possible that gost_data can be moved here in a similar manner

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's OK for me to move them to the position of first usage.
Do we have any rule against the variable declaration: declare all variables in one location or declare them when we first use them?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we don't have any strong rules. we try to move things to an inner block if possible, but we don't create blocks just to limit variable scope.

if (pktype == NID_id_GostR3410_2001
|| pktype == NID_id_GostR3410_2012_256
|| pktype == NID_id_GostR3410_2012_512) {
Expand Down