Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/topic/johanna/md5-fips'

Browse source 
* origin/topic/johanna/md5-fips:
  A few more updates to the digest functions.
  Tell OpenSSL that MD5 is not used for security in order to allow bro to work properly on a FIPS system

I changed a couple places that looked like memory management pitfalls:
moved some cleanup code into the dtors of HashVal derived classes
(seemed like it got stuck in ctors by accident) and also added a
cautionary cleanup in the MIME code.

Plus minor formatting changes.
This commit is contained in:
Jon Siwek 2019-01-24 17:09:05 -06:00
commit 7a3ecd76b4
15 changed files with 228 additions and 145 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/OpaqueVal.h
View file

@ -45,6 +45,7 @@ public:
u_char result[MD5_DIGEST_LENGTH]);
MD5Val();
~MD5Val();
protected:
friend class Val;
@ -56,7 +57,7 @@ protected:
DECLARE_SERIAL(MD5Val);
private:
MD5_CTX ctx;
EVP_MD_CTX* ctx;
};
class SHA1Val : public HashVal {
@ -64,6 +65,7 @@ public:
static void digest(val_list& vlist, u_char result[SHA_DIGEST_LENGTH]);
SHA1Val();
~SHA1Val();
protected:
friend class Val;
@ -75,7 +77,7 @@ protected:
DECLARE_SERIAL(SHA1Val);
private:
SHA_CTX ctx;
EVP_MD_CTX* ctx;
};
class SHA256Val : public HashVal {
@ -83,6 +85,7 @@ public:
static void digest(val_list& vlist, u_char result[SHA256_DIGEST_LENGTH]);
SHA256Val();
~SHA256Val();
protected:
friend class Val;
@ -94,7 +97,7 @@ protected:
DECLARE_SERIAL(SHA256Val);
private:
SHA256_CTX ctx;
EVP_MD_CTX* ctx;
};
class EntropyVal : public OpaqueVal {