-
-
Notifications
You must be signed in to change notification settings - Fork 9.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BN_pseudo_rand is really BN_rand #3743
Conversation
Added a commit which deprecates them. |
include/openssl/bn.h
Outdated
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range); | ||
DEPRECATEDIN_1_1_0(int BN_pseudo_rand(BIGNUM *rnd, | ||
int bits, int top, int bottom)) | ||
DEPRECATEDIN_1_1_0(int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not ok, this is a change of an existing API. You may, however, use DEPRECATEDIN_1_2_0
, it just needs to be defined in include/openssl/opensslconf.h.in
(I'm surprised, I thought that was already added... by @mattcaswell if I remember correctly)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(I'm surprised, I thought that was already added... by @mattcaswell if I remember correctly)
It was in #3544 which never got merged.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
crypto/bn/bn_rand.c
Outdated
int BN_rand_range(BIGNUM *r, const BIGNUM *range) | ||
{ | ||
return bn_rand_range(0, r, range); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Errr, so where is it implemented? It's still declared in bn.h
!
crypto/bn/bn_rand.c
Outdated
{ | ||
return bn_rand_range(0, r, range); | ||
} | ||
|
||
int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function needs to be guarded with:
#if (OPENSSL_API_COMPAT < 0x10200000L)
crypto/bn/bn_rand.c
Outdated
@@ -100,19 +100,17 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) | |||
|
|||
int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function needs to be guarded with:
#if (OPENSSL_API_COMPAT < 0x10200000L)
updated the second commit to do the deprecation right for 1.2.0 |
# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) | ||
#else | ||
# define DEPRECATEDIN_1_2_0(f) | ||
#endif |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I seem to be missing something. We already have variables marked as deprecated in 1.2.0, but I can't find how.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using OPENSSL_API_COMPAT, e.g.
# if OPENSSL_API_COMPAT < 0x10200000L
/*
* LONG and ZLONG are strongly discouraged for use as stored data, as the
* underlying C type (long) differs in size depending on the architecture.
* They are designed with 32-bit longs in mind.
*/
DECLARE_ASN1_ITEM(LONG)
DECLARE_ASN1_ITEM(ZLONG)
# endif
never mind prev comment |
ping. we shouldn't be calling deprecated functions inside the library :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, seems my approval was premature. Travis failure is relevant.
I changed the documentation to say “may be deprecated” and remove the “1.2.0 deprecation” stuff. I think the builds will pass now, let’s see.
|
Build failures are unrelated. I will to nudge them again. |
A rebase on a fresher master might help |
Rebased and pushed.
|
builds clean, ping @mattcaswell |
And BN_pseudo_rand_range is really BN_rand_range. Document that we might deprecate those functions.
And BN_pseudo_rand_range is really BN_rand_range. Document that we might deprecate those functions. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #3743)
thanks. |
And BN_pseudo_rand_range is really BN_rand_range
I am starting to look at updating the RAND family for this release, and I started looking at bn_rand. It turns out that the "psuedo" BN rand functions don't do anything different. So I renamed a parameter to be more clear, and replaced BN_pseudo_rand{_range} with BN_rand{_range}