In the process of trying out 1.0.0, I found something that breaks backward compatibility.
In the file crypto/evp/evp.h at line 132, the following lines were added to
struct evp_pkey_st :
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
I'm curious why these new items were added to the middle of the struct
definition, and not the end?
The problem is with binaries that use OpenSSL that are compiled against older
versions, such as 0.9.8n and older (this change was introduced in 1.0.0). At
that place in the struct, they expect a memory pointer from the union, such as
struct rsa_st *rsa, not a pointer to const EVP_PKEY_ASN1_METHOD *ameth. In my
testing, this causes a memory access violation. To work around this, I moved
the two lines above to the end of the struct definition, so it looks like this
instead:
struct evp_pkey_st
{
int type;
int save_type;
int references;
union {
char *ptr;
#ifndef OPENSSL_NO_RSA
struct rsa_st *rsa; /* RSA */
#endif
#ifndef OPENSSL_NO_DSA
struct dsa_st *dsa; /* DSA */
#endif
#ifndef OPENSSL_NO_DH
struct dh_st *dh; /* DH */
#endif
#ifndef OPENSSL_NO_EC
struct ec_key_st *ec; /* ECC */
#endif
} pkey;
int save_parameters;
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
} /* EVP_PKEY */;
This allows for backwards compatibility with 0.9.8n-dependent binaries. Was
there a reason why the ameth and engine pointers were added to the middle of
evp_pket_st instead of the end?
- Matthew
|
In the process of trying out 1.0.0, I found something that
breaks backward compatibility. In the file crypto/evp/evp.h at line 132, the following
lines were added to struct evp_pkey_st :
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine; I’m curious why these new items were added to the
middle of the struct definition, and not the end? The problem is with binaries that use OpenSSL that are
compiled against older versions, such as 0.9.8n and older (this change was
introduced in 1.0.0). At that place in the struct, they expect a memory pointer
from the union, such as struct rsa_st *rsa, not a pointer to const
EVP_PKEY_ASN1_METHOD *ameth. In my testing, this causes a memory access
violation. To work around this, I moved the two lines above to the end of the
struct definition, so it looks like this instead: struct evp_pkey_st
{
int type;
int save_type;
int references;
union {
char *ptr; #ifndef OPENSSL_NO_RSA
struct rsa_st *rsa;
/* RSA */ #endif #ifndef OPENSSL_NO_DSA
struct dsa_st *dsa; /*
DSA */ #endif #ifndef OPENSSL_NO_DH
struct dh_st *dh;
/* DH */ #endif #ifndef OPENSSL_NO_EC
struct ec_key_st *ec; /* ECC */ #endif
} pkey;
int save_parameters;
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
} /* EVP_PKEY */; This allows for backwards compatibility with 0.9.8n-dependent
binaries. Was there a reason why the ameth and engine pointers were added to
the middle of evp_pket_st instead of the end? -
Matthew |
