Bug #46952 for Business-PayPal-EWP: Patch to solve segfaults

Hi Issac, here is a patch that would move most of the code of EWP.pm into EWP.xs thus removing the dependency on Net::SSLeay and so far I haven't experienced any segfaults under mod_perl. Tell me what you think. Obviously the documentation needs to be adjusted and Net::SSLeay needs to be removed from Makefile.PL. Thomas

diff -Nurp Business-PayPal-EWP-1.00/EWP.xs Business-PayPal-EWP-1.01/EWP.xs --- Business-PayPal-EWP-1.00/EWP.xs 2004-12-07 15:42:37.000000000 +0000 +++ Business-PayPal-EWP-1.01/EWP.xs 2009-06-15 12:29:21.000000000 +0100 @@ -21,15 +21,15 @@ char* sign_and_encrypt(const char *data, RSA *rsa, X509 *x509, X509 *PPx509, bool verbose) { - char *ret; - EVP_PKEY *pkey; - PKCS7 *p7; - BIO *memBio; - BIO *p7bio; - BIO *bio; - PKCS7_SIGNER_INFO* si; - int len; - char *str; + char *ret = NULL; + EVP_PKEY *pkey = NULL; + PKCS7 *p7 = NULL; + BIO *memBio = NULL; + BIO *p7bio = NULL; + BIO *bio = NULL; + PKCS7_SIGNER_INFO* si = NULL; + int len = 0; + char *str = NULL; pkey = EVP_PKEY_new(); @@ -115,6 +115,7 @@ char* sign_and_encrypt(const char *data, } BIO_flush(bio); + len = BIO_get_mem_data(bio, &str); Newz(1,ret,sizeof(char)*(len+1),char); memcpy(ret, str, len); @@ -135,34 +136,84 @@ end: return ret; } -MODULE = Business::PayPal::EWP PACKAGE = Business::PayPal::EWP -PROTOTYPES: DISABLE -void -OpenSSL_add_all_algorithms() -void -BIO_free_all(bio) - BIO* bio - -X509* -PEM_read_bio_X509(bp,x,cb,u) - BIO* bp - void* x - char* cb - void* u - -RSA* -PEM_read_bio_RSAPrivateKey(bp,x,cb,u) - BIO* bp - void* x - char* cb - void* u +char* SignAndEncryptCImpl(char* sCmdTxt, char* keyPath, char* certPath, char* payPalCertPath, bool verbose) +{ + BIO *bio; + X509 *x509 = NULL; + X509 *PPx509 = NULL; + RSA *rsa = NULL; + char *enc = NULL; + + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + + // Load the PayPal Cert File + if ((bio = BIO_new_file(payPalCertPath, "rt")) == NULL) { + printf("Fatal Error: Failed to open %s\n", payPalCertPath); + goto end; + } + if ((PPx509 = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) { + printf("Fatal Error: Failed to read Paypal certificate from %s\n", payPalCertPath); + goto end; + } + BIO_free(bio); + + // Load the User Cert File + if ((bio = BIO_new_file(certPath, "rt")) == NULL) { + printf("Fatal Error: Failed to open %s\n", certPath); + goto end; + } + if ((x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) { + printf("Fatal Error: Failed to read certificate from %s\n", certPath); + goto end; + } + BIO_free(bio); + + // Load the User Key File + if ((bio = BIO_new_file(keyPath, "rt")) == NULL) + { + printf("Fatal Error: Failed to open %s\n", keyPath); + goto end; + } + if ((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)) == NULL) + { + printf("Fatal Error: Unable to read RSA key %s\n", keyPath); + goto end; + } + BIO_free(bio); + bio = NULL; + + // Process payload into blob. + enc = sign_and_encrypt(sCmdTxt, rsa, x509, PPx509, verbose); + +end: + if (bio) { + BIO_free_all(bio); + } + if (x509) { + X509_free(x509); + } + if (PPx509) { + X509_free(PPx509); + } + if (rsa) { + RSA_free(rsa); + } + return enc; +} + + + +MODULE = Business::PayPal::EWP PACKAGE = Business::PayPal::EWP +PROTOTYPES: DISABLE char * -sign_and_encrypt(data,rsa,x509,PPx509,verbose) - const char* data - RSA* rsa - X509* x509 - X509* PPx509 - bool verbose +SignAndEncryptCImpl(sCmdTxt,certPath,keyPath,payPalCertPath,verbose) + char* sCmdTxt + char* certPath + char* keyPath + char* payPalCertPath + bool verbose + diff -Nurp Business-PayPal-EWP-1.00/lib/Business/PayPal/EWP.pm Business-PayPal-EWP-1.01/lib/Business/PayPal/EWP.pm --- Business-PayPal-EWP-1.00/lib/Business/PayPal/EWP.pm 2007-09-05 15:06:20.000000000 +0100 +++ Business-PayPal-EWP-1.01/lib/Business/PayPal/EWP.pm 2009-06-15 13:57:17.000000000 +0100 @@ -3,12 +3,11 @@ package Business::PayPal::EWP; use 5.006001; use strict; use warnings; -use Net::SSLeay; require Exporter; our %EXPORT_TAGS = ( 'all' => [ qw(SignAndEncrypt) ] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); -our $VERSION='1.00'; +our $VERSION='1.01'; our @ISA = qw(Exporter); require XSLoader; @@ -19,70 +18,13 @@ sub SignAndEncrypt { my $key=shift; my $cert=shift; my $ppcert=shift; - my $retval=1; - my ($bio,$RSA,$ppX509,$X509)=(undef,undef,undef,undef); - Net::SSLeay::ERR_load_crypto_strings(); - Business::PayPal::EWP::OpenSSL_add_all_algorithms(); - # Load PayPal cert - $bio=Net::SSLeay::BIO_new_file($ppcert,"rt"); - unless ($bio) { - warn "Error loading file: ".$ppcert; - $retval=0; - goto END; - } - $ppX509=Business::PayPal::EWP::PEM_read_bio_X509($bio,0,0,0); - unless ($ppX509) { - warn "Error reading PayPal certificate from $ppcert"; - $retval=0; - goto END; - } - Net::SSLeay::BIO_free($bio); - # Load our public key - $bio=Net::SSLeay::BIO_new_file($cert,"rt"); - unless ($bio) { - warn "Error loading file: ".$cert; - $retval=0; - goto END; - } - $X509=Business::PayPal::EWP::PEM_read_bio_X509($bio,0,0,0); - unless ($X509) { - warn "Error reading certificate from $cert"; - $retval=0; - goto END; - } - Net::SSLeay::BIO_free($bio); - # Load our private key - $bio=Net::SSLeay::BIO_new_file($key,"rt"); - unless ($bio) { - warn "Error loading file: ".$key; - $retval=0; - goto END; - } - $RSA=Business::PayPal::EWP::PEM_read_bio_RSAPrivateKey($bio,0,0,0); - unless ($RSA) { - warn "Error reading RSA key from $key"; - $retval=0; - goto END; - } - Net::SSLeay::BIO_free($bio); + # Reformat $formdata=~s/,/\n/g; + # Encrypt and sign - $retval=Business::PayPal::EWP::sign_and_encrypt($formdata,$RSA,$X509,$ppX509,0); + my $retval = Business::PayPal::EWP::SignAndEncryptCImpl($formdata,$key,$cert,$ppcert,0); -END: - if ($bio) { - Business::PayPal::EWP::BIO_free_all($bio); - } - if ($ppX509) { - Net::SSLeay::X509_free($ppX509); - } - if ($X509) { - Net::SSLeay::X509_free($X509); - } - if ($RSA) { - Net::SSLeay::RSA_free($RSA); - } return $retval; }