Memory Leaks

2002-04-29 Thread psatpathy 



Hi,
 I am facing a memory leaks in my program. I am using
BN_new,BN_CTX_new,BN_mod_exp,BN_free and BN_CTX_free  OpenSSL functions in my
program only.  I am using "openssl-0.9.6b" libraries in Solaris 8. I am
attaching my code for your reference. Please let me know how can I come over
from memory leak.


With Regards,
-Pratap

Compilation output :

(cd ..; make -f Makefile.ssl DIRS=test all)
+ rm -f libcrypto.so.0
+ rm -f libcrypto.so
+ rm -f libcrypto.so.0.9.6
+ rm -f libssl.so.0
+ rm -f libssl.so
+ rm -f libssl.so.0.9.6
making all in test...
cc -I../include -KPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W
-DULTRASPARC -DMD5_ASM  -c  bn_mod_exp.c
cc -o bn_mod_exp -I../include -KPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN
-DHAVE_DLFCN_H -xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa
-DB_ENDIAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM bn_mod_exp.o  -L.. -lcrypto
-lsocket -lnsl -ldl



Code :

#include 
#include 

void Mont_exp(unsigned char *x,unsigned char *n,unsigned char * m,int
base,unsigned char *A,int *length);

int main(int argc , char *argv[])
{
unsigned char A[8096];
int base=16,length;
unsigned char *x=(unsigned char
*)"400ABDDDFF62626";
unsigned char *n=(unsigned char
*)"1F8";
unsigned char *m=(unsigned char
*)"3AFF00";

while (1)
{
Mont_exp(x,n,m,base,A,&length);
printf("A is <%s> of length <%d>\n",A,length);
memset(A,(char)0,8096);
}
}

void Mont_exp(unsigned char *x,unsigned char *n,unsigned char * m,int
base,unsigned char *A,int *length)
{
BIGNUM *a,*b,*c,*d;
int i;
BN_CTX *ctx;

a=(BIGNUM * )BN_new();
BN_hex2bn(&a,(const char*)&x[0]);

b=(BIGNUM * )BN_new();
BN_hex2bn(&b,(const char*)&n[0]);

c=(BIGNUM * )BN_new();
BN_hex2bn(&c,(const char*)&m[0]);

d=(BIGNUM * )BN_new();

ctx=(BN_CTX *)BN_CTX_new();
if (ctx == NULL) exit(1);
if (!BN_mod_exp(d,a,b,c,ctx))
{
BN_free(a);
BN_free(b);
BN_free(c);
BN_free(d);
BN_CTX_free(ctx);
return;
}
strcpy((char *)A,(const char *)BN_bn2hex(d));

*length = strlen((const char *)A);

BN_free(a);
BN_free(b);
BN_free(c);
BN_free(d);
BN_CTX_free(ctx);
return;
}





"DISCLAIMER: This message is proprietary to Hughes Software Systems Limited
(HSS) and is intended solely for the use of the individual  to whom it is
addressed. It may contain  privileged or confidential information  and should
not be circulated or used for any purpose other than for what it is intended. If
you have received this message in error, please notify the originator
immediately. If you are not the intended recipient, you are notified that you
are strictly prohibited from using, copying, altering, or disclosing the
contents of this message. HSS accepts no responsibility for loss or damage
arising from the use of the information transmitted by this email including
damage from virus."




__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: 0.9.7 20020427 snapshot errors on Win32

2002-04-29 Thread Jeffrey Altman 

> jaltman> There is still an issue with 
> jaltman> 
> jaltman>   perl Configure VC-WIN32 no-idea --with-krb5-flavor=MIT zlib-dynamic
> jaltman> 
> jaltman> which produces in MINFO
> jaltman> 
> jaltman>  CFLAG=-DOPENSSL_SYSNAME_WIN32 -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS \
> jaltman> -DDSO_WIN32 -DKRB5_MIT -DOPENSSL_NO_IDEA
> jaltman> 
> jaltman> However, the CFLAG values are not imported into ms\nt*.mak when
> jaltman> ms\do_*.bat is executed.  The resulting .mak files need to be edited
> jaltman> by hand to include the flags
> jaltman> 
> jaltman>-DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -DDSO_WIN32 -DKRB5_MIT
> 
> util/mk1mf.pl doesn't look at the CFLAG or CFLAGS variables of MINFO.
> Why is beyond me.  You are currently required to call it (i.e. hack
> ms\do_*.bat) with the same arguments as you used for Configure.
> Unfortunately, Configure and the scripts in util/ aren't entirely in
> sync...
> 
> I don't work on Windows right now, so I could do some changes, but
> they'd be pure guesswork.  I've planned to try to unify the Windows/MSDOS
> scripts with Configure so things work a little more like on Unix, but
> haven't had time yet.
> 
> Yes, this is a mess...

Richard:

I would be happy to work on this with you if you give me some
direction on how you would like it to go.  

It seems to me that there is no reason that Configure could not
actually do the work of the .bat files for the Windows platforms
provided that the appropriate options were added to that Perl script.

- Jeff




 Jeffrey Altman * Sr.Software Designer  Kermit 95 1.1.21  available now!!!
 The Kermit Project @ Columbia University   SSH plus Telnet, FTP and HTTP
 http://www.kermit-project.org/ secured with Kerberos, SRP, and 
 [EMAIL PROTECTED]OpenSSL.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: cvs commit: openssl/ssl s3_pkt.c

2002-04-29 Thread Bodo Moeller 

On Mon, Apr 29, 2002 at 12:28:33PM +0200, [EMAIL PROTECTED] wrote:

>   Log:
>   Synchronise with 0.9.7-stable.
>   
>   Revision  ChangesPath
>   1.49  +2 -2  openssl/ssl/s3_pkt.c
>   
>   Index: s3_pkt.c
>   ===
>   RCS file: /e/openssl/cvs/openssl/ssl/s3_pkt.c,v
>   retrieving revision 1.48
>   retrieving revision 1.49
>   diff -u -r1.48 -r1.49
>   --- s3_pkt.c2002/04/20 10:23:19 1.48
>   +++ s3_pkt.c2002/04/29 10:28:29 1.49
>   @@ -245,7 +245,7 @@
>   extra=SSL3_RT_MAX_EXTRA;
>   else
>   extra=0;
>   -   if ((size_t)extra != (s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE))
>   +   if (extra != (s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE))
>   {
>   /* actually likely an application error: 
>SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
>* set after ssl3_setup_buffers() was done */
>   @@ -605,7 +605,7 @@
>   if (prefix_len <= 0)
>   goto err;
>
>   -   if (s->s3->wbuf.len < (size_t)prefix_len + 
>SSL3_RT_MAX_PACKET_SIZE)
>   +   if (s->s3->wbuf.len < prefix_len + SSL3_RT_MAX_PACKET_SIZE)
>   {

Here you reversing patches that you had committed for 0.9.8-dev but
not for 0.9.7-stable ...


-- 
Bodo Möller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: 0.9.7 20020427 snapshot errors on Win32

2002-04-29 Thread Richard Levitte - VMS Whacker 

In message <[EMAIL PROTECTED]> on Sun, 28 Apr 2002 
15:51:51 EDT, Jeffrey Altman <[EMAIL PROTECTED]> said:

jaltman> cl /Fotmp32dll\s3_pkt.obj  -Iinc32 -Itmp32dll /MD /W3 /WX /G5
jaltman> /Ox /O2 /O
jaltman> b2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN
jaltman> -DL_ENDIAN  -DDSO_WIN32 -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32dll
jaltman> -DOPENSSL_NO_IDEA -DZLIB -DOPENSSL_THREADS -DDSO_WIN32 -DKRB5_MIT -D_WINDLL 
-D_DLL
jaltman>  -DOPENSSL_BUILD_SHLIBSSL -c .\ssl\s3_pkt.c
jaltman> s3_pkt.c
jaltman> .\ssl\s3_pkt.c(248) : error C2220: warning treated as error - no
jaltman> object file generated
jaltman> .\ssl\s3_pkt.c(248) : warning C4018: '!=' : signed/unsigned mismatch
jaltman> .\ssl\s3_pkt.c(608) : warning C4018: '<' : signed/unsigned mismatch
jaltman> 
jaltman> int vs unsigned int
jaltman> 
jaltman> 
jaltman> --
jaltman> 
jaltman> 
jaltman> cl /Fotmp32dll\ssl_cert.obj  -Iinc32 -Itmp32dll /MD /W3 /WX
jaltman> /G5 /Ox /O2
jaltman> /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32
jaltman> -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DBN_ASM -DMD5_ASM -DSHA1_ASM 
-DRMD160_ASM /Fdout32dll
jaltman> -DOPENSSL_NO_IDEA -DZLIB -DOPENSSL_THREADS -DDSO_WIN32 -DKRB5_MIT -D_WINDLL
jaltman> -D_DLL  -DOPENSSL_BUILD_SHLIBSSL -c .\ssl\ssl_cert.c
jaltman> ssl_cert.c
jaltman> .\ssl\ssl_cert.c(828) : error C2065: 'd' : undeclared identifier
jaltman> .\ssl\ssl_cert.c(828) : warning C4013: 'closedir' undefined; assuming
jaltman> extern returning int
jaltman> 
jaltman> 'd' does not exist in the Windows implementation
jaltman> 
jaltman>  
jaltman> --
jaltman> 
jaltman> link /nologo /subsystem:console /machine:I386 /opt:ref
jaltman> /out:out32dll\eng
jaltman> inetest.exe @H:\DOCUME~1\jaltman\LOCALS~1\Temp\nmx03400.
jaltman> cl /Fotmp32dll\ssltest.obj -Iinc32 -Itmp32dll /MD /W3 /WX /G5
jaltman> /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 
-DWIN32_LEAN_AND_MEAN
jaltman> -DL_ENDIAN  -DDSO_WIN32 -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32dll
jaltman> -DOPENSSL_NO_IDEA -DZLIB -DOPENSSL_THREADS -DDSO_WIN32 -DKRB5_MIT  -c
jaltman> .\ssl\ssltest.c
jaltman> ssltest.c
jaltman> .\ssl\ssltest.c(1058) : error C2220: warning treated as error - no
jaltman> object file generated
jaltman> .\ssl\ssltest.c(1058) : warning C4018: '<' : signed/unsigned mismatch
jaltman> 
jaltman>  size_t != int

Hmm, I fixed those, but apparently only in the 0.9.7-stable branch.  I'll
merge those changes into the main branch...

jaltman> 
jaltman> --
jaltman> 
jaltman> There is still an issue with 
jaltman> 
jaltman>   perl Configure VC-WIN32 no-idea --with-krb5-flavor=MIT zlib-dynamic
jaltman> 
jaltman> which produces in MINFO
jaltman> 
jaltman>  CFLAG=-DOPENSSL_SYSNAME_WIN32 -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS \
jaltman> -DDSO_WIN32 -DKRB5_MIT -DOPENSSL_NO_IDEA
jaltman> 
jaltman> However, the CFLAG values are not imported into ms\nt*.mak when
jaltman> ms\do_*.bat is executed.  The resulting .mak files need to be edited
jaltman> by hand to include the flags
jaltman> 
jaltman>-DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -DDSO_WIN32 -DKRB5_MIT

util/mk1mf.pl doesn't look at the CFLAG or CFLAGS variables of MINFO.
Why is beyond me.  You are currently required to call it (i.e. hack
ms\do_*.bat) with the same arguments as you used for Configure.
Unfortunately, Configure and the scripts in util/ aren't entirely in
sync...

I don't work on Windows right now, so I could do some changes, but
they'd be pure guesswork.  I've planned to try to unify the Windows/MSDOS
scripts with Configure so things work a little more like on Unix, but
haven't had time yet.

Yes, this is a mess...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See  for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: strangeness in `x509 -noout -text` output

2002-04-29 Thread Michael Bell 

Lutz Jaenicke schrieb:
> 
> On Sun, Apr 28, 2002 at 08:07:43PM +0100, Dr S N Henson wrote:
> > However a new FAQ entry might be in order or possibly changing the
> > default display options so that the old behaviour is no longer the
> > default and adding a "-nameopt old" option is explicitly needed instead.
> 
> -nameopt compat shall retain compatibility.
> Hmm, make "oneline" the new default? Or rather leave it "as is" and just
> add it to the FAQ. Robert Joop and Michael Bell, active in discussing
> DN issues, are with the OpenCA project. It should be possible for them
> to catch the problem by using an appropriate command line flag when
> calling "openssl x509".

I think the FAQ entry is enough. If you set a new default then you can
surprise many small scripts and their users. The flag -nameopt is a good
solution.

The only problem for the future is the support of this flag in all the
other tools (especially ca and req have problems with their option
-subj).

I found a small problem with -nameopt RFC2253:

The X509v3 Authority Key Identifier doesn't use -nameopt for DirName. Is
this DN stored as a string?

Michael
-- 
---
Michael Bell   Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email:  [EMAIL PROTECTED]
Humboldt-University of Berlin  Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax:  +49 (0)30-2093 2959
10099 Berlin
Germany   http://www.openca.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]