Subject: [PATCH] Replacing OpenSSL FILE* functions

[PATCH] Replacing OpenSSL FILE* functions

From: Alexander Lamaison <swish_at_lammy.co.uk>
Date: Tue, 14 Jul 2009 14:24:15 +0100

As reported here,
https://sourceforge.net/tracker/?func=detail&atid=703942&aid=2731272&group_id=125852,
calling functions from a DLL that take a FILE* can cause problems on
Windows. The OpenSSL API also includes alternative functions that
take a BIO* instead. I've attached two patches that replace these in
openssl.c.

The first patch reads the key from the file into a string on the
libssh2 side and the passes this string to OpenSSL wrapped in a BIO*.
One issue that isn't taken care of yet is guarding for maximum file
size so if a large file is mistakenly given, it will allocate this
amount of memory naively. Does anyone know the maximum key file size?

The second patch (to be applied on top of the first) refactors the,
largely identical, key reading functions into a single function that
takes the OpenSSL function to use as a function-pointer argument. I
include this as a separate patch as I'm not sure which form is
preferred.

I have only tested this with Visual Studio 2005 on Windows. Could
someone try this on other platforms please?

Comments very welcome.

Alex Lamaison

--
http://swish.sourceforge.net



_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Received on 2009-07-14