2 files changed, 39 insertions, 6 deletions

diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 948093d69c..e7215eeb64 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -462,9 +462,11 @@ static void hmac_context_dtor(ErlNifEnv* env, struct hmac_context*);
 /*
 #define PRINTF_ERR0(FMT) enif_fprintf(stderr, FMT "\n")
 #define PRINTF_ERR1(FMT, A1) enif_fprintf(stderr, FMT "\n", A1)
+#define PRINTF_ERR2(FMT, A1, A2) enif_fprintf(stderr, FMT "\n", A1, A2)
 */
 #define PRINTF_ERR0(FMT)
 #define PRINTF_ERR1(FMT,A1)
+#define PRINTF_ERR2(FMT,A1,A2)
 
 #ifdef __OSE__
 
@@ -506,7 +508,33 @@ static int init_ose_crypto() {
 #define CHECK_OSE_CRYPTO()
 #endif
 
+
+static int verify_lib_version(void)
+{
+    const unsigned long libv = SSLeay();
+    const unsigned long hdrv = OPENSSL_VERSION_NUMBER;
+
+#   define MAJOR_VER(V) ((unsigned long)(V) >> (7*4))
+
+    if (MAJOR_VER(libv) != MAJOR_VER(hdrv)) {
+	PRINTF_ERR2("CRYPTO: INCOMPATIBLE SSL VERSION"
+		    " lib=%lx header=%lx\n", libv, hdrv);
+	return 0;
+    }
+    return 1;
+}
+
+
 #ifdef HAVE_DYNAMIC_CRYPTO_LIB
+
+# if defined(DEBUG)
+static char crypto_callback_name[] = "crypto_callback.debug";
+# elif defined(VALGRIND)
+static char crypto_callback_name[] = "crypto_callback.valgrind";
+# else
+static char crypto_callback_name[] = "crypto_callback";
+# endif
+
 static int change_basename(ErlNifBinary* bin, char* buf, int bufsz, const char* newfile)
 {
     int i;
@@ -545,6 +573,9 @@ static int init(ErlNifEnv* env, ERL_NIF_TERM load_info)
     if (!INIT_OSE_CRYPTO())
       return 0;
 
+    if (!verify_lib_version())
+	return 0;
+
     /* load_info: {301, <<"/full/path/of/this/library">>} */
     if (!enif_get_tuple(env, load_info, &tpl_arity, &tpl_array)
 	|| tpl_arity != 2
@@ -613,7 +644,7 @@ static int init(ErlNifEnv* env, ERL_NIF_TERM load_info)
 #ifdef HAVE_DYNAMIC_CRYPTO_LIB
     {
 	void* handle;
-	if (!change_basename(&lib_bin, lib_buf, sizeof(lib_buf), "crypto_callback")) {
+	if (!change_basename(&lib_bin, lib_buf, sizeof(lib_buf), crypto_callback_name)) {
 	    return 0;
 	}
 	if (!(handle = enif_dlopen(lib_buf, &error_handler, NULL))) {
@@ -2897,8 +2928,8 @@ static ERL_NIF_TERM srp_user_secret_nif(ErlNifEnv* env, int argc, const ERL_NIF_
 
     /* a + (u * x) */
     bn_exp2 = BN_new();
-    BN_mod_mul(bn_result, bn_u, bn_exponent, bn_prime, bn_ctx);
-    BN_mod_add(bn_exp2, bn_a, bn_result, bn_prime, bn_ctx);
+    BN_mul(bn_result, bn_u, bn_exponent, bn_ctx);
+    BN_add(bn_exp2, bn_a, bn_result);
 
     /* (B - (k * g^x)) ^ (a + (u * x)) % N */
     BN_mod_exp(bn_result, bn_base, bn_exp2, bn_prime, bn_ctx);
@@ -3244,6 +3275,7 @@ out:
     if (bn_order) BN_free(bn_order);
     if (cofactor) BN_free(cofactor);
     if (group) EC_GROUP_free(group);
+    if (point) EC_POINT_free(point);
 
     return key;
 }
@@ -3406,8 +3438,11 @@ static ERL_NIF_TERM ec_key_generate(ErlNifEnv* env, int argc, const ERL_NIF_TERM
 	EC_KEY_free(key);
 	return enif_make_tuple2(env, pub_key, priv_key);
     }
-    else
+    else {
+	if (key)
+	    EC_KEY_free(key);
 	return enif_make_badarg(env);
+    }
 #else
     return atom_notsup;
 #endif
diff --git a/lib/crypto/c_src/crypto_callback.c b/lib/crypto/c_src/crypto_callback.c
index a08dcec463..b4c175ae43 100644
--- a/lib/crypto/c_src/crypto_callback.c
+++ b/lib/crypto/c_src/crypto_callback.c
@@ -107,8 +107,6 @@ static INLINE void locking(int mode, ErlNifRWLock* lock)
 
 static void locking_function(int mode, int n, const char *file, int line)
 {
-    ASSERT(n>=0 && n<CRYPTO_num_locks());
-
     locking(mode, lock_vec[n]);
 }