* origin/topic/johanna/md5-fips:
A few more updates to the digest functions.
Tell OpenSSL that MD5 is not used for security in order to allow bro to work properly on a FIPS system
I changed a couple places that looked like memory management pitfalls:
moved some cleanup code into the dtors of HashVal derived classes
(seemed like it got stuck in ctors by accident) and also added a
cautionary cleanup in the MIME code.
Plus minor formatting changes.
This builds upon the previous commit to make Zeek compile on FIPS
systems.
This patch makes the changes a bit more aggressive. Instead of having a
number of different hash functions with different return values, we now
standardize on EVP_MD_CTX and just have one set of functions, to which
the hash algorithm that is desired is passed.
On the positive side, this enables us to support a wider range of hash
algorithm (and to easily add to them in the future).
I reimplemented the internal_md5 function - we don't support ebdic
systems in any case.
The md5/sha1 serialization functions are now also tested (I don't think
they were before).
With clang on FreeBSD 11.0-p1, some md5 functions tend to return the
wrong result. This is, e.g., visible when running the bifs/md5 testcase.
In this test, the checks using md5_hash_finish will return an empty
string.
The apparent cause is some confusion in clang when using a static char
inside a static inline function that is refered to several compilation
units.
Exact version of clang showing this issue is:
FreeBSD clang version 3.8.0 (tags/RELEASE_380/final 262564) (based on LLVM 3.8.0)
Target: x86_64-unknown-freebsd11.0
Thread model: posix
InstalledDir: /usr/bin
Issue occurs with -O2.
The first person to either find an existing clang bugreport for this, or
to create an minimal testcase and files one will get a drink from me :)
