Re: [openssl-dev] [openssl.org #4094] Nonsensical pointer comparison in PACKET_buf_init

2015-10-22 Thread stefan.n...@t-online.de via RT 
Hi,

Wouldn't
  if ( UINTPTR_MAX - (uintptr_t) buffer < len)
be closer to the intention of the original check?
Or is this undefined behaviour as well and I
stupidly missed that fact?

Regards,
 Stefan


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4067] Bug - Header files in include folder differ for different extractiing methods

2015-10-02 Thread stefan.n...@t-online.de via RT 
   Hi,

> I downloaded OpenSSL 1.0.0s.tar.gz and extracted files using following three 
> ways.
> The header files in "openssl 1.0.0s\include\openssl" folder are different.
> (snipp)
> Is this a bug in packaging? What is the expected results on Windows?

At first glance, one could say, it's a bug in _un_packaging. Windows doesn't
offer "real" symbolic links, so the programs extracting the them from the
package convert them to something which they believe to be reasonable.
Different programs just happen to do different things here.
 
Thinking more about it, one could ask if it really is a good idea to put
symbolic links into a cross-platform package when said package is
targetting also platforms not having symbolic links, thus causing
unneccessary headaches if you happen to use a "wrong" software
to extract the package. 

Regards,
  Stefan


___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl.org #3598] Windows Phone OpenSSL.

2014-11-11 Thread stefan.n...@t-online.de via RT 
 Hi,

While everyone is talking about removing old platforms and cleaning code,
I'm going to suggest adding yet another (sub-)platform and adding (a bit)
to all those #ifdef's (talk about bad timing...).

I have a complete patch which at least gets everything to compile, but for
the moment, I'm going to leave out all the places where conditions are
added to existing #ifdef's and try to start discussion on the three files
with the most interesting changes:

* In e_os2.h, define a symbol (OPENSSL_SYS_WINPHONE) that can be
   used everywhere else (in the OpenSSL sources) to recognize the platform.
   Also add a dummy inline implementation of getenv returning an empty
   string, as there is no environment in Windows Phone. This works nicely
   for compiling openssl but tends to cause problems when included in other
   projects which try to handle the missing getenv themselves. Unfortunately,
   I didn't find a central place that's included in all OpenSSL sources, but not
   included when just using OpenSSL headers to compile something else.

* In LPdir_win.c add a workaround for missing FindFirstFile.
   Also, fix an apparent typo for the old WinCE port (?).

* In rand_win.c, add code to get hopefully reasonable random numbers
   from the system, as the existing code essentially relies on methods
   not available on Windows Phone. Unfortunately, this requires C++ code,
   but together with the added extern C {...} everything links fine in the
   end, even if this single file is compiled by the C++ compiler.

   Best regards,
 Stefan
diff -ru openssl-SNAP-2014/e_os2.h openssl-SNAP-2014-mod/e_os2.h
--- openssl-SNAP-2014/e_os2.h	2014-09-25 01:00:06.0 +0200
+++ openssl-SNAP-2014-mod/e_os2.h	2014-11-11 11:55:11.0 +0100
@@ -98,6 +98,17 @@
 #  if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
 #   undef OPENSSL_SYS_UNIX
 #   define OPENSSL_SYS_WIN32
+	/* Note: a subcase of this is that we are compiling for Windows Phone;
+		   we add a global define for this case which is _additionally_
+	 set to simplify conditions later on ... */
+#   if defined(WINAPI_FAMILY)  WINAPI_FAMILY == WINAPI_FAMILY_PHONE_APP
+# define OPENSSL_SYS_WINPHONE
+	static const char * getenv(const char*name)
+	{
+		static const char * empty =  ;
+		return empty;
+	}
+#   endif
 #  endif
 #  if defined(OPENSSL_SYSNAME_WINNT)
 #   undef OPENSSL_SYS_UNIX
diff -ru openssl-SNAP-2014/crypto/LPdir_win.c openssl-SNAP-2014-mod/crypto/LPdir_win.c
--- openssl-SNAP-2014/crypto/LPdir_win.c	2014-09-03 23:00:25.0 +0200
+++ openssl-SNAP-2014-mod/crypto/LPdir_win.c	2014-11-11 11:55:11.0 +0100
@@ -35,8 +35,10 @@
 [as well as -D_UNICODE]. */
 #if defined(LP_SYS_WINCE)  !defined(FindFirstFile)
 # define FindFirstFile FindFirstFileW
+#elif defined(OPENSSL_SYS_WINPHONE)
+# define FindFirstFile(A,B) FindFirstFileExW(A, FindExInfoStandard, B, FindExSearchNameMatch, NULL, 0)
 #endif
-#if defined(LP_SYS_WINCE)  !defined(FindFirstFile)
+#if defined(LP_SYS_WINCE)  !defined(FindNextFile)
 # define FindNextFile FindNextFileW
 #endif
 
diff -ru openssl-SNAP-2014/crypto/rand/rand_win.c openssl-SNAP-2014-mod/crypto/rand/rand_win.c
--- openssl-SNAP-2014/crypto/rand/rand_win.c	2014-09-18 23:00:09.0 +0200
+++ openssl-SNAP-2014-mod/crypto/rand/rand_win.c	2014-11-11 11:55:11.0 +0100
@@ -116,6 +116,7 @@
 #include rand_lcl.h
 
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+#ifndef OPENSSL_SYS_WINPHONE
 #include windows.h
 #ifndef _WIN32_WINNT
 # define _WIN32_WINNT 0x0400
@@ -132,10 +133,18 @@
  */
 #define PROV_INTEL_SEC 22
 #define INTEL_DEF_PROV LIntel Hardware Cryptographic Service Provider
+#define GetTickCount64 GetTickCount
+#else
+#define _CRT_RAND_S
+#include stdlib.h
+#include agile.h
+extern C {
+#endif
 
 static void readtimer(void);
 static void readscreen(void);
 
+#ifndef OPENSSL_SYS_WINPHONE
 /* It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
when WINVER is 0x0500 and up, which currently only happens on Win2000.
Unfortunately, those are typedefs, so they're a little bit difficult to
@@ -190,12 +199,14 @@
 typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
 #endif /* 1 */
 #endif /* !OPENSSL_SYS_WINCE */
+#endif
 
 int RAND_poll(void)
 {
+	DWORD w;
+#if !defined(OPENSSL_SYS_WINPHONE)
 	MEMORYSTATUS m;
 	HCRYPTPROV hProvider = 0;
-	DWORD w;
 	int good = 0;
 
 	/* Determine the OS version we are on so we can turn off things 
@@ -204,6 +215,7 @@
 OSVERSIONINFO osverinfo ;
 osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
 GetVersionEx( osverinfo ) ;
+#endif
 
 #if defined(OPENSSL_SYS_WINCE)
 # if defined(_WIN32_WCE)  _WIN32_WCE=300
@@ -222,7 +234,20 @@
 		}
 	}
 # endif
-#else	/* OPENSSL_SYS_WINCE */
+#elif defined(OPENSSL_SYS_WINPHONE)
+	int i;
+	BYTE buf[64];
+
+	for (i = 0; i  sizeof(buf); i++)
+	{
+

AW: [openssl.org #3539] x509 application supports additional fingerprint digests (sha2) not shown in help.

2014-09-24 Thread stefan.n...@t-online.de via RT 
 Hi,

 This is fixed post-1.0.2, where the message says any supported digest
 See https://github.com/akamai/openssl/tree/rsalz-monolith for a preview.

Sorry to say something you apparently don't want to hear (for completely
understandable reasons), but as much as I appreciate getting (quite a lot
of) changes and improvements to documentation and online help 
(according to the messages I've read on openssl-dev in the past months),
I really wonder if postponing (almost?) all of them to post-1.0.2 (i.e.
probably for another year or more) really is appropriate.
Most of them don't correspond to code changes that are in post-1.0.2, but
really are relevant for current versions as well, aren't they? So, IMHO it would
be really helpful to have those updates at least in 1.0.2 or even in the next
release of the 1.0.1 branch.

Anyway, thanks a lot for all your work on this, no matter when the benefits
are going to arrive over here.

Regards,
   Stefan




__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org