[openssl-dev] sizeof (HMAC_CTX) changes with update, breaks binary compatibility

Matt Caswell matt at openssl.org
Fri Jun 12 09:00:41 UTC 2015



On 12/06/15 09:52, Tomas Mraz wrote:
> On Pá, 2015-06-12 at 11:49 +0300, Timo Teras wrote:
>> On Fri, 12 Jun 2015 11:27:42 +0300
>> Timo Teras <timo.teras at iki.fi> wrote:
>>
>>> On Thu, 11 Jun 2015 21:09:59 -0400
>>> Dan McDonald <danmcd at omniti.com> wrote:
>>>
>>>>
>>>>> On Jun 11, 2015, at 9:07 PM, Dan McDonald <danmcd at omniti.com>
>>>>> wrote:
>>>>>
>>>>> typedef struct hmac_ctx_st {
>>>>>   const EVP_MD *md;
>>>>>   EVP_MD_CTX md_ctx;
>>>>>   EVP_MD_CTX i_ctx;
>>>>>   EVP_MD_CTX o_ctx;
>>>>>   unsigned int key_length;
>>>>>   unsigned char key[HMAC_MAX_MD_CBLOCK];
>>>>> + int key_init;
>>>>> } HMAC_CTX;
>>>>
>>>> A cheesy, but binary compatible, fix might be:
>>>>
>>>> typedef struct hmac_ctx_st {
>>>>   const EVP_MD *md;
>>>>   EVP_MD_CTX md_ctx;
>>>>   EVP_MD_CTX i_ctx;
>>>>   EVP_MD_CTX o_ctx;
>>>>   unsigned int key_init:1;   /* Ewww, cheesy use of bitfields... */
>>>>   unsigned int key_length:31;  /* but the sizeof (HMAC_CTX) doesn't
>>>> change! */ unsigned char key[HMAC_MAX_MD_CBLOCK];
>>>> } HMAC_CTX;
>>>
>>> Why is separate key_init needid? Could we not use md!=NULL or
>>> key_length!=0 checks to see if the context is initialized?
>>
>> Seems it'd be along with the line to just use key_length instead.
> 
> Yes, this needs to be reverted and key_length or some other workaround
> used instead. I had a hope that breaking ABI compatibility on 1.0.x
> branches is no-go.
> 

Breaking ABI compatibility on 1.0.x is (supposed to be) a no-go. We're
just debating what the appropriate response is to this issue.

Matt


More information about the openssl-dev mailing list