[openssl-dev] sizeof (HMAC_CTX) changes with update, breaks binary compatibility
Tomas Mraz
tmraz at redhat.com
Fri Jun 12 08:52:45 UTC 2015
On Pá, 2015-06-12 at 11:49 +0300, Timo Teras wrote:
> On Fri, 12 Jun 2015 11:27:42 +0300
> Timo Teras <timo.teras at iki.fi> wrote:
>
> > On Thu, 11 Jun 2015 21:09:59 -0400
> > Dan McDonald <danmcd at omniti.com> wrote:
> >
> > >
> > > > On Jun 11, 2015, at 9:07 PM, Dan McDonald <danmcd at omniti.com>
> > > > wrote:
> > > >
> > > > typedef struct hmac_ctx_st {
> > > > const EVP_MD *md;
> > > > EVP_MD_CTX md_ctx;
> > > > EVP_MD_CTX i_ctx;
> > > > EVP_MD_CTX o_ctx;
> > > > unsigned int key_length;
> > > > unsigned char key[HMAC_MAX_MD_CBLOCK];
> > > > + int key_init;
> > > > } HMAC_CTX;
> > >
> > > A cheesy, but binary compatible, fix might be:
> > >
> > > typedef struct hmac_ctx_st {
> > > const EVP_MD *md;
> > > EVP_MD_CTX md_ctx;
> > > EVP_MD_CTX i_ctx;
> > > EVP_MD_CTX o_ctx;
> > > unsigned int key_init:1; /* Ewww, cheesy use of bitfields... */
> > > unsigned int key_length:31; /* but the sizeof (HMAC_CTX) doesn't
> > > change! */ unsigned char key[HMAC_MAX_MD_CBLOCK];
> > > } HMAC_CTX;
> >
> > Why is separate key_init needid? Could we not use md!=NULL or
> > key_length!=0 checks to see if the context is initialized?
>
> Seems it'd be along with the line to just use key_length instead.
Yes, this needs to be reverted and key_length or some other workaround
used instead. I had a hope that breaking ABI compatibility on 1.0.x
branches is no-go.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
More information about the openssl-dev
mailing list