Andy,
I am reading carefully the e_capi.c code...
The piece of code Line 1119 is not clear :
len is a size in byte giving the size of the LP-T-STR name,
So, whatever is the sizeof(TCHAR), one is allowed to do : name = (TCHAR
*) malloc(len).
So it is not clear why one should use alloca when TCHAR is char, and
OPENSSL_malloc when TCHAR is wchar_t.
I suggest : no more if (sizeof(TCHAR) == sieof(char),
and then just : name = (TCHAR *) OPENSSL_malloc(len);
Another question is : why using alloca for ANSI and OPENSSL_malloc when
both are taking size in bytes...
Note : len is ALWAYS a size in byte, not in "characters".
===
More generally I do NOT recommend using "sizeof(TCHAR)!=sizeof(char))"
where it is in fact expected to get a compilation directive such as
#ifdef UNICODE
It is not only confusing from an operational point of view, as if both
branches of the code could be used in the same run time session,
but also time consuming at run time...
And it is also causing bad problems at COMPILE time when the "not used
branch" is using some code with strange casts...even if that branch will
never execute.
see example further about capi_get_key.
It is not related to WCE/W32 as W32 can be compiled either ansi or
unicode...
==
Why not create a "asc_to_wide" routine in e_capi.c, as wide_to_asc
exists, instead of heavily using MultiByteToWideChar conversion routine ?
I suggest also that wide_to_asc in fact have two implementations
depending on #ifdef UNICODE, we could rename it "tchar_to_asc", to
convert either char to char (doing memcpy, or a ptr copy) conversion,
or really wide to asc...
We use something like that in stunnel code...
===
Line 1185: well.., in UNICODE there is an allocation for cspname as
TCHAR*...but there is NO free(cspname) of anykind later !
And as the code is quite "complicated",even with goto !, then maybe
another goto is necessary to free cspname IN ANY case of routine exit...
===
line 1512...hmmm....capi_get_key require TCHAR....
BUT pinfo->pwszContainerName,
and pinfo->pwszProvName
are ALWAYS WCHAR,dixit msdoc ..
So line 1512, if openssl is compiles as ANSI we get, we force WCHAR ptr
to be casted to char*.
This is just wrong and cause "bad code" to be compiled even if not used.
Here again the TRICK "if sizeof(TCHAR) != sizeof(char)) is a BAD IDEA to
replace at RUNTIME something that should be decided at COMPILE time with
UNICODE flag.
And by using UNICODE flag we will save some elseif...
Well..just to say that LINE 1512 is NOT AT ALL generic vs ANSI/UNICODE.
Same applies for line 1568 : although not executed in ANSI mode, this
line is just WRONG from a compilation point of view:
because here we cast to char*, real WCHAR* ...contname and provname.
I really think using #ifdef UNICODE would be more clear with a kind of
tchar2char routine and char2tchar or something like that..or asc_to_wide...
==
Same story on line 1655: name = (TCHAR *)pname;
Although NOT executed when UNICODE, this line is just WRONG at compile
time by casting roughly a char* (because pname is ALWAYS char*, ie LPSTR),
to a WCHAR *
line 1650 : name is allocated....but NEVER freed ! bad thing.
===
So Andy, let me know how we can proceed : do you agree for some changes
to e_capi.c like I suggest above, and if so, do you want to do it
yourself or do you want me to propose something ?
Just let me know,
Pierre
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
