The two "functions" that isc/safe.h declared before were actually simple
defines to matching OpenSSL functions. The downside of the approach was
enforcing all users of the libisc library to explicitly list the include
path to OpenSSL and link with -lcrypto. By hiding the specific
implementation into the private namespace changing the defines into
simple functions, we no longer enforce this. In the long run, this
might also allow us to switch cryptographic library implementation
without affecting the downstream users.
(cherry picked from commit
ab827ab5bf7bdd65f0c672c43c3fdbe16a5e7d70)
parseint.@O@ portset.@O@ queue.@O@ quota.@O@ \
radix.@O@ random.@O@ ratelimiter.@O@ \
region.@O@ regex.@O@ result.@O@ rwlock.@O@ \
- serial.@O@ siphash.@O@ sockaddr.@O@ stats.@O@ \
+ safe.@O@ serial.@O@ siphash.@O@ sockaddr.@O@ stats.@O@ \
string.@O@ symtab.@O@ task.@O@ taskpool.@O@ \
tm.@O@ timer.@O@ version.@O@ \
${UNIXOBJS} ${THREADOBJS}
netaddr.c netscope.c nonce.c openssl_shim.c pool.c \
parseint.c portset.c queue.c quota.c radix.c random.c \
ratelimiter.c region.c regex.c result.c rwlock.c \
- serial.c siphash.c sockaddr.c stats.c string.c \
+ safe.c serial.c siphash.c sockaddr.c stats.c string.c \
symtab.c task.c taskpool.c timer.c \
tm.c version.c
#include <isc/lang.h>
-#include <openssl/crypto.h>
-
ISC_LANG_BEGINDECLS
-#define isc_safe_memequal(s1, s2, n) !CRYPTO_memcmp(s1, s2, n)
+int
+isc_safe_memequal(const void *, const void *, size_t);
/*%<
* Returns true iff. two blocks of memory are equal, otherwise
*
*/
-#define isc_safe_memwipe(ptr, len) OPENSSL_cleanse(ptr, len)
+void
+isc_safe_memwipe(void *, size_t);
+
/*%<
* Clear the memory of length `len` pointed to by `ptr`.
*
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#include <openssl/crypto.h>
+
+#include <isc/safe.h>
+
+int
+isc_safe_memequal(const void *s1, const void *s2, size_t len) {
+ return (!CRYPTO_memcmp(s1, s2, len));
+}
+
+void
+isc_safe_memwipe(void *ptr, size_t len) {
+ OPENSSL_cleanse(ptr, len);
+}
isc_rwlock_trylock
isc_rwlock_tryupgrade
isc_rwlock_unlock
+isc_safe_memequal
+isc_safe_memwipe
isc_serial_eq
isc_serial_ge
isc_serial_gt
<ClCompile Include="..\rwlock.c">
<Filter>Library Source Files</Filter>
</ClCompile>
+ <ClCompile Include="..\safe.c">
+ <Filter>Library Source Files</Filter>
+ </ClCompile>
<ClCompile Include="..\serial.c">
<Filter>Library Source Files</Filter>
</ClCompile>
<ClCompile Include="..\region.c" />
<ClCompile Include="..\result.c" />
<ClCompile Include="..\rwlock.c" />
+ <ClCompile Include="..\safe.c" />
<ClCompile Include="..\serial.c" />
<ClCompile Include="..\siphash.c" />
<ClCompile Include="..\sockaddr.c" />
./lib/isc/region.c C 2002,2004,2005,2007,2016,2018,2019,2020
./lib/isc/result.c C 1998,1999,2000,2001,2003,2004,2005,2007,2008,2012,2014,2015,2016,2017,2018,2019,2020
./lib/isc/rwlock.c C 1998,1999,2000,2001,2003,2004,2005,2007,2009,2011,2012,2015,2016,2017,2018,2019,2020
+./lib/isc/safe.c C 2020
./lib/isc/serial.c C 1999,2000,2001,2004,2005,2007,2016,2018,2019,2020
./lib/isc/siphash.c C 2019,2020
./lib/isc/sockaddr.c C 1999,2000,2001,2002,2003,2004,2005,2006,2007,2010,2011,2012,2014,2015,2016,2017,2018,2019,2020
projects / thirdparty / bind9.git / commitdiff
