From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.100; helo=mga07.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id E415A2035A7C8 for ; Thu, 16 Nov 2017 19:52:57 -0800 (PST) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 16 Nov 2017 19:57:07 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.44,406,1505804400"; d="scan'208";a="8635830" Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.190]) by orsmga002.jf.intel.com with ESMTP; 16 Nov 2017 19:57:06 -0800 From: Jiaxin Wu To: edk2-devel@lists.01.org Cc: Ye Ting , Long Qin , Fu Siyuan , Wu Jiaxin Date: Fri, 17 Nov 2017 11:57:05 +0800 Message-Id: <1510891025-13168-1-git-send-email-jiaxin.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.1 Subject: [Patch] CryptoPkg/TlsLib: Change the return type of TlsInitialize(). X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Nov 2017 03:52:58 -0000 Currently, in TlsInitialize(), neither the return status of OPENSSL_init_ssl(0, or 1) nor the return code of RandomSeed (TRUE or FALSE) is not checked. Also VOID is used as the return type of TlsInitialize(), which can't be used to capture the returned value for the error handling. >>From Long Qin (CryptoPkg owner): The early version of OPENSSL_init_ssl() use the "VOID" as the return value, which was updated to "int" later because the function changes can fail. So, this patch is to change the return type of TlsInitialize() to follow up the OPENSSL_init_ssl() update. Cc: Ye Ting Cc: Long Qin Cc: Fu Siyuan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- CryptoPkg/Include/Library/TlsLib.h | 7 +++++-- CryptoPkg/Library/TlsLib/TlsInit.c | 20 ++++++++++++++------ 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/CryptoPkg/Include/Library/TlsLib.h b/CryptoPkg/Include/Library/TlsLib.h index fa6cb99..b69d513 100644 --- a/CryptoPkg/Include/Library/TlsLib.h +++ b/CryptoPkg/Include/Library/TlsLib.h @@ -1,9 +1,9 @@ /** @file Defines TLS Library APIs. -Copyright (c) 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -20,12 +20,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. This function registers ciphers and digests used directly and indirectly by SSL/TLS, and initializes the readable error messages. This function must be called before any other action takes places. + @retval TRUE The OpenSSL library has been initialized. + @retval FALSE Failed to initialize the OpenSSL library. + **/ -VOID +BOOLEAN EFIAPI TlsInitialize ( VOID ); diff --git a/CryptoPkg/Library/TlsLib/TlsInit.c b/CryptoPkg/Library/TlsLib/TlsInit.c index e524647..a530ff7 100644 --- a/CryptoPkg/Library/TlsLib/TlsInit.c +++ b/CryptoPkg/Library/TlsLib/TlsInit.c @@ -20,30 +20,38 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. This function registers ciphers and digests used directly and indirectly by SSL/TLS, and initializes the readable error messages. This function must be called before any other action takes places. + @retval TRUE The OpenSSL library has been initialized. + @retval FALSE Failed to initialize the OpenSSL library. + **/ -VOID +BOOLEAN EFIAPI TlsInitialize ( VOID ) { + INTN Ret; + // // Performs initialization of crypto and ssl library, and loads required // algorithms. // - OPENSSL_init_ssl ( - OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, - NULL - ); + Ret = OPENSSL_init_ssl ( + OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, + NULL + ); + if (Ret != 1) { + return FALSE; + } // // Initialize the pseudorandom number generator. // - RandomSeed (NULL, 0); + return RandomSeed (NULL, 0); } /** Free an allocated SSL_CTX object. -- 1.9.5.msysgit.1