summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarkus <>2002-09-05 22:45:21 +0000
committermarkus <>2002-09-05 22:45:21 +0000
commit2a6851ef8adb0e84ff2515493d3704a13c6256b0 (patch)
tree9df5b497548eaf51e9f234d27aaf988cd14882c2
parent5514995a9d5ed91db089875adb509c7781357c0e (diff)
downloadopenbsd-2a6851ef8adb0e84ff2515493d3704a13c6256b0.tar.gz
openbsd-2a6851ef8adb0e84ff2515493d3704a13c6256b0.tar.bz2
openbsd-2a6851ef8adb0e84ff2515493d3704a13c6256b0.zip
import openssl-0.9.7-beta3
Diffstat
-rw-r--r--src/lib/libcrypto/asn1/a_utctm.c3
-rw-r--r--src/lib/libcrypto/bn/bntest.c2
-rw-r--r--src/lib/libcrypto/des/des_old.h4
-rw-r--r--src/lib/libcrypto/des/read_pwd.c2
-rw-r--r--src/lib/libcrypto/ebcdic.c4
-rw-r--r--src/lib/libcrypto/ec/ectest.c6
-rw-r--r--src/lib/libcrypto/engine/hw_4758_cca.c29
-rw-r--r--src/lib/libcrypto/engine/hw_aep.c28
-rw-r--r--src/lib/libcrypto/engine/hw_atalla.c27
-rw-r--r--src/lib/libcrypto/engine/hw_cswift.c43
-rw-r--r--src/lib/libcrypto/engine/hw_ncipher.c33
-rw-r--r--src/lib/libcrypto/engine/hw_nuron.c27
-rw-r--r--src/lib/libcrypto/engine/hw_ubsec.c26
-rw-r--r--src/lib/libcrypto/evp/evp_test.c4
-rw-r--r--src/lib/libcrypto/objects/obj_dat.h797
-rw-r--r--src/lib/libcrypto/objects/obj_mac.h551
-rw-r--r--src/lib/libcrypto/perlasm/x86nasm.pl2
-rw-r--r--src/lib/libcrypto/pkcs7/verify.c5
-rw-r--r--src/lib/libcrypto/rand/rand_egd.c2
-rw-r--r--src/lib/libcrypto/rand/rand_unix.c2
-rw-r--r--src/lib/libcrypto/symhacks.h2
-rw-r--r--src/lib/libcrypto/util/dirname.pl18
-rw-r--r--src/lib/libcrypto/util/domd4
-rw-r--r--src/lib/libcrypto/util/libeay.num30
-rw-r--r--src/lib/libcrypto/util/mk1mf.pl2
-rw-r--r--src/lib/libcrypto/util/mkdef.pl50
-rw-r--r--src/lib/libcrypto/util/mklink.pl15
-rw-r--r--src/lib/libcrypto/util/pl/BC-32.pl42
-rw-r--r--src/lib/libcrypto/util/pl/OS2-EMX.pl79
-rw-r--r--src/lib/libcrypto/util/pl/VC-32.pl36
-rw-r--r--src/lib/libcrypto/util/pod2mantest7
-rw-r--r--src/lib/libcrypto/util/point.sh6
-rw-r--r--src/lib/libssl/src/CHANGES133
-rw-r--r--src/lib/libssl/src/Configure70
-rw-r--r--src/lib/libssl/src/FAQ79
-rw-r--r--src/lib/libssl/src/INSTALL16
-rw-r--r--src/lib/libssl/src/INSTALL.DJGPP32
-rw-r--r--src/lib/libssl/src/INSTALL.OS29
-rw-r--r--src/lib/libssl/src/INSTALL.W3236
-rw-r--r--src/lib/libssl/src/Makefile.org40
-rw-r--r--src/lib/libssl/src/NEWS15
-rw-r--r--src/lib/libssl/src/PROBLEMS88
-rw-r--r--src/lib/libssl/src/README19
-rw-r--r--src/lib/libssl/src/README.ENGINE8
-rw-r--r--src/lib/libssl/src/apps/CA.pl2
-rw-r--r--src/lib/libssl/src/apps/apps.c21
-rw-r--r--src/lib/libssl/src/apps/apps.h8
-rw-r--r--src/lib/libssl/src/apps/ca.c10
-rw-r--r--src/lib/libssl/src/apps/dgst.c56
-rw-r--r--src/lib/libssl/src/apps/enc.c2
-rw-r--r--src/lib/libssl/src/apps/nseq.c2
-rw-r--r--src/lib/libssl/src/apps/ocsp.c20
-rw-r--r--src/lib/libssl/src/apps/openssl.c2
-rw-r--r--src/lib/libssl/src/apps/pkcs7.c2
-rw-r--r--src/lib/libssl/src/apps/s_client.c10
-rw-r--r--src/lib/libssl/src/apps/s_server.c10
-rw-r--r--src/lib/libssl/src/apps/s_time.c6
-rw-r--r--src/lib/libssl/src/apps/x509.c2
-rw-r--r--src/lib/libssl/src/config31
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_locl.h3
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_strex.c11
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_utctm.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1.h1
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_lib.c11
-rw-r--r--src/lib/libssl/src/crypto/asn1/n_pkey.c4
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_pkey.c88
-rw-r--r--src/lib/libssl/src/crypto/bio/b_sock.c4
-rw-r--r--src/lib/libssl/src/crypto/bio/bio.h3
-rw-r--r--src/lib/libssl/src/crypto/bio/bio_err.c1
-rw-r--r--src/lib/libssl/src/crypto/bio/bss_file.c6
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_lib.c6
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_mul.c2
-rw-r--r--src/lib/libssl/src/crypto/bn/bntest.c2
-rw-r--r--src/lib/libssl/src/crypto/conf/conf.h8
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_def.c3
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_lib.c5
-rw-r--r--src/lib/libssl/src/crypto/conf/conf_mod.c2
-rw-r--r--src/lib/libssl/src/crypto/cryptlib.c8
-rw-r--r--src/lib/libssl/src/crypto/cryptlib.h8
-rw-r--r--src/lib/libssl/src/crypto/des/des_old.h4
-rw-r--r--src/lib/libssl/src/crypto/des/read_pwd.c2
-rw-r--r--src/lib/libssl/src/crypto/ebcdic.c4
-rw-r--r--src/lib/libssl/src/crypto/ec/ectest.c6
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_cnf.c2
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_dyn.c24
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_fat.c2
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_4758_cca.c29
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_aep.c28
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_atalla.c27
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_cswift.c43
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_ncipher.c33
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_nuron.c27
-rw-r--r--src/lib/libssl/src/crypto/engine/hw_ubsec.c26
-rw-r--r--src/lib/libssl/src/crypto/err/err.c1
-rw-r--r--src/lib/libssl/src/crypto/err/err.h1
-rw-r--r--src/lib/libssl/src/crypto/evp/c_all.c2
-rw-r--r--src/lib/libssl/src/crypto/evp/evp.h56
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_pbe.c2
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_test.c4
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt.c2
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt2.c2
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_dat.c2
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_dat.h797
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_mac.h551
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_mac.num138
-rw-r--r--src/lib/libssl/src/crypto/objects/objects.txt148
-rw-r--r--src/lib/libssl/src/crypto/opensslv.h4
-rw-r--r--src/lib/libssl/src/crypto/pem/pem2.h2
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_pkey.c1
-rw-r--r--src/lib/libssl/src/crypto/perlasm/x86asm.pl6
-rw-r--r--src/lib/libssl/src/crypto/perlasm/x86nasm.pl2
-rw-r--r--src/lib/libssl/src/crypto/pkcs12/pkcs12.h4
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/verify.c5
-rw-r--r--src/lib/libssl/src/crypto/rand/rand.h5
-rw-r--r--src/lib/libssl/src/crypto/rand/rand_egd.c2
-rw-r--r--src/lib/libssl/src/crypto/rand/rand_unix.c2
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa.h3
-rw-r--r--src/lib/libssl/src/crypto/symhacks.h2
-rw-r--r--src/lib/libssl/src/crypto/ui/ui_openssl.c2
-rw-r--r--src/lib/libssl/src/crypto/ui/ui_util.c7
-rw-r--r--src/lib/libssl/src/crypto/x509v3/ext_dat.h4
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_info.c1
-rw-r--r--src/lib/libssl/src/doc/apps/ciphers.pod24
-rw-r--r--src/lib/libssl/src/doc/apps/crl2pkcs7.pod5
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_rand.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/BN_zero.pod3
-rw-r--r--src/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod11
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod5
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_SignInit.pod4
-rw-r--r--src/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/RSA_check_key.pod32
-rw-r--r--src/lib/libssl/src/doc/crypto/err.pod2
-rw-r--r--src/lib/libssl/src/doc/crypto/hmac.pod3
-rw-r--r--src/lib/libssl/src/doc/crypto/lhash.pod5
-rw-r--r--src/lib/libssl/src/doc/crypto/rsa.pod2
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.pod4
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod2
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod2
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.pod50
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod19
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_accept.pod1
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_connect.pod1
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod75
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_get_error.pod2
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_set_connect_state.pod1
-rw-r--r--src/lib/libssl/src/doc/ssl/SSL_write.pod3
-rw-r--r--src/lib/libssl/src/doc/ssl/ssl.pod1
-rw-r--r--src/lib/libssl/src/e_os.h12
-rw-r--r--src/lib/libssl/src/e_os2.h21
-rw-r--r--src/lib/libssl/src/install.com2
-rw-r--r--src/lib/libssl/src/ms/do_masm.bat20
-rw-r--r--src/lib/libssl/src/ms/do_nasm.bat21
-rw-r--r--src/lib/libssl/src/os2/OS2-EMX.cmd5
-rw-r--r--src/lib/libssl/src/ssl/s23_clnt.c2
-rw-r--r--src/lib/libssl/src/ssl/s23_pkt.c2
-rw-r--r--src/lib/libssl/src/ssl/s23_srvr.c2
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c8
-rw-r--r--src/lib/libssl/src/ssl/s2_lib.c10
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c14
-rw-r--r--src/lib/libssl/src/ssl/s3_both.c2
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c15
-rw-r--r--src/lib/libssl/src/ssl/s3_enc.c23
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c8
-rw-r--r--src/lib/libssl/src/ssl/s3_pkt.c2
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c20
-rw-r--r--src/lib/libssl/src/ssl/ssl-lib.com2
-rw-r--r--src/lib/libssl/src/ssl/ssl.h46
-rw-r--r--src/lib/libssl/src/ssl/ssl_asn1.c4
-rw-r--r--src/lib/libssl/src/ssl/ssl_ciph.c15
-rw-r--r--src/lib/libssl/src/ssl/ssl_err.c4
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c4
-rw-r--r--src/lib/libssl/src/ssl/ssl_locl.h15
-rw-r--r--src/lib/libssl/src/ssl/ssl_rsa.c2
-rw-r--r--src/lib/libssl/src/ssl/ssl_sess.c2
-rw-r--r--src/lib/libssl/src/ssl/t1_clnt.c2
-rw-r--r--src/lib/libssl/src/ssl/t1_enc.c27
-rw-r--r--src/lib/libssl/src/ssl/t1_srvr.c2
-rw-r--r--src/lib/libssl/src/ssl/tls1.h31
-rw-r--r--src/lib/libssl/src/test/dummytest.c47
-rw-r--r--src/lib/libssl/src/test/maketests.com30
-rw-r--r--src/lib/libssl/src/test/tcrl6
-rw-r--r--src/lib/libssl/src/test/testca6
-rw-r--r--src/lib/libssl/src/test/testgen6
-rw-r--r--src/lib/libssl/src/test/tpkcs76
-rw-r--r--src/lib/libssl/src/test/tpkcs7d6
-rw-r--r--src/lib/libssl/src/test/treq6
-rw-r--r--src/lib/libssl/src/test/trsa6
-rw-r--r--src/lib/libssl/src/test/tsid6
-rw-r--r--src/lib/libssl/src/test/tx5096
-rw-r--r--src/lib/libssl/src/tools/c_rehash6
-rw-r--r--src/lib/libssl/src/tools/c_rehash.in4
-rw-r--r--src/lib/libssl/src/util/dirname.pl18
-rw-r--r--src/lib/libssl/src/util/domd4
-rw-r--r--src/lib/libssl/src/util/libeay.num30
-rw-r--r--src/lib/libssl/src/util/mk1mf.pl2
-rw-r--r--src/lib/libssl/src/util/mkdef.pl50
-rw-r--r--src/lib/libssl/src/util/mklink.pl15
-rw-r--r--src/lib/libssl/src/util/pl/BC-32.pl42
-rw-r--r--src/lib/libssl/src/util/pl/OS2-EMX.pl79
-rw-r--r--src/lib/libssl/src/util/pl/VC-32.pl36
-rw-r--r--src/lib/libssl/src/util/pod2mantest7
-rw-r--r--src/lib/libssl/src/util/point.sh6
-rw-r--r--src/lib/libssl/test/dummytest.c47
-rw-r--r--src/lib/libssl/test/maketests.com30
205 files changed, 5180 insertions, 746 deletions
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
index ed2d827db2..dbb4a42c9d 100644
--- a/src/lib/libcrypto/asn1/a_utctm.c
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -222,6 +222,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
222int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) 222int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
223 { 223 {
224 struct tm *tm; 224 struct tm *tm;
225 struct tm data;
225 int offset; 226 int offset;
226 int year; 227 int year;
227 228
@@ -238,7 +239,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
238 239
239 t -= offset*60; /* FIXME: may overflow in extreme cases */ 240 t -= offset*60; /* FIXME: may overflow in extreme cases */
240 241
241 { struct tm data; tm = OPENSSL_gmtime(&t, &data); } 242 tm = OPENSSL_gmtime(&t, &data);
242 243
243#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 244#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
244 year = g2(s->data); 245 year = g2(s->data);
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
index 443cf420e5..8158a67374 100644
--- a/src/lib/libcrypto/bn/bntest.c
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -925,7 +925,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
925 /* r := a^t mod b */ 925 /* r := a^t mod b */
926 b->neg=0; 926 b->neg=0;
927 927
928 if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; /* XXX should be BN_mod_exp_recp, but ..._recp triggers a bug that must be fixed */ 928 if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err;
929 b->neg=1; 929 b->neg=1;
930 930
931 if (BN_is_word(r, 1)) 931 if (BN_is_word(r, 1))
diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h
index 3778f93c15..51b987422a 100644
--- a/src/lib/libcrypto/des/des_old.h
+++ b/src/lib/libcrypto/des/des_old.h
@@ -173,7 +173,7 @@ typedef struct _ossl_old_des_ks_struct
173 DES_fcrypt((b),(s),(r)) 173 DES_fcrypt((b),(s),(r))
174#define des_crypt(b,s)\ 174#define des_crypt(b,s)\
175 DES_crypt((b),(s)) 175 DES_crypt((b),(s))
176#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) 176#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
177#define crypt(b,s)\ 177#define crypt(b,s)\
178 DES_crypt((b),(s)) 178 DES_crypt((b),(s))
179#endif 179#endif
@@ -366,7 +366,7 @@ int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule
366 _ossl_old_des_cblock *iv); 366 _ossl_old_des_cblock *iv);
367char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret); 367char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
368char *_ossl_old_des_crypt(const char *buf,const char *salt); 368char *_ossl_old_des_crypt(const char *buf,const char *salt);
369#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) 369#if !defined(PERL5) && !defined(NeXT)
370char *_ossl_old_crypt(const char *buf,const char *salt); 370char *_ossl_old_crypt(const char *buf,const char *salt);
371#endif 371#endif
372void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out, 372void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
diff --git a/src/lib/libcrypto/des/read_pwd.c b/src/lib/libcrypto/des/read_pwd.c
index 00000190f8..9061935f21 100644
--- a/src/lib/libcrypto/des/read_pwd.c
+++ b/src/lib/libcrypto/des/read_pwd.c
@@ -246,7 +246,7 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt,
246 long status; 246 long status;
247 unsigned short channel = 0; 247 unsigned short channel = 0;
248#else 248#else
249#ifndef OPENSSL_SYS_MSDOS 249#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
250 TTY_STRUCT tty_orig,tty_new; 250 TTY_STRUCT tty_orig,tty_new;
251#endif 251#endif
252#endif 252#endif
diff --git a/src/lib/libcrypto/ebcdic.c b/src/lib/libcrypto/ebcdic.c
index bc968ea807..d1bece87f7 100644
--- a/src/lib/libcrypto/ebcdic.c
+++ b/src/lib/libcrypto/ebcdic.c
@@ -211,8 +211,8 @@ ascii2ebcdic(void *dest, const void *srce, size_t count)
211} 211}
212 212
213#else /*CHARSET_EBCDIC*/ 213#else /*CHARSET_EBCDIC*/
214#include <openssl/opensslconf.h> 214#include <openssl/e_os2.h>
215#if defined(PEDANTIC) || defined(__DECC) 215#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
216static void *dummy=&dummy; 216static void *dummy=&dummy;
217#endif 217#endif
218#endif 218#endif
diff --git a/src/lib/libcrypto/ec/ectest.c b/src/lib/libcrypto/ec/ectest.c
index 243cd83fb5..eab46cc080 100644
--- a/src/lib/libcrypto/ec/ectest.c
+++ b/src/lib/libcrypto/ec/ectest.c
@@ -75,8 +75,8 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
75 exit(1); \ 75 exit(1); \
76} while (0) 76} while (0)
77 77
78 78#if 0
79void timings(EC_GROUP *group, int multi, BN_CTX *ctx) 79static void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
80 { 80 {
81 clock_t clck; 81 clock_t clck;
82 int i, j; 82 int i, j;
@@ -138,7 +138,7 @@ void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
138 BN_free(s); 138 BN_free(s);
139 BN_free(s0); 139 BN_free(s0);
140 } 140 }
141 141#endif
142 142
143int main(int argc, char *argv[]) 143int main(int argc, char *argv[])
144 { 144 {
diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c
index 77d3d2ffdf..1053c52082 100644
--- a/src/lib/libcrypto/engine/hw_4758_cca.c
+++ b/src/lib/libcrypto/engine/hw_4758_cca.c
@@ -124,8 +124,24 @@ static F_RANDOMNUMBERGENERATE randomNumberGenerate;
124 124
125/* static variables */ 125/* static variables */
126/*------------------*/ 126/*------------------*/
127static const char def_CCA4758_LIB_NAME[] = CCA_LIB_NAME; 127static const char *CCA4758_LIB_NAME = NULL;
128static const char *CCA4758_LIB_NAME = def_CCA4758_LIB_NAME; 128static const char *get_CCA4758_LIB_NAME(void)
129 {
130 if(CCA4758_LIB_NAME)
131 return CCA4758_LIB_NAME;
132 return CCA_LIB_NAME;
133 }
134static void free_CCA4758_LIB_NAME(void)
135 {
136 if(CCA4758_LIB_NAME)
137 OPENSSL_free((void*)CCA4758_LIB_NAME);
138 CCA4758_LIB_NAME = NULL;
139 }
140static long set_CCA4758_LIB_NAME(const char *name)
141 {
142 free_CCA4758_LIB_NAME();
143 return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
144 }
129#ifndef OPENSSL_NO_RSA 145#ifndef OPENSSL_NO_RSA
130static const char* n_keyRecordRead = CSNDKRR; 146static const char* n_keyRecordRead = CSNDKRR;
131static const char* n_digitalSignatureGenerate = CSNDDSG; 147static const char* n_digitalSignatureGenerate = CSNDDSG;
@@ -232,6 +248,7 @@ void ENGINE_load_4758cca(void)
232static int ibm_4758_cca_destroy(ENGINE *e) 248static int ibm_4758_cca_destroy(ENGINE *e)
233 { 249 {
234 ERR_unload_CCA4758_strings(); 250 ERR_unload_CCA4758_strings();
251 free_CCA4758_LIB_NAME();
235 return 1; 252 return 1;
236 } 253 }
237 254
@@ -243,7 +260,7 @@ static int ibm_4758_cca_init(ENGINE *e)
243 goto err; 260 goto err;
244 } 261 }
245 262
246 dso = DSO_load(NULL, CCA4758_LIB_NAME , NULL, 0); 263 dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
247 if(!dso) 264 if(!dso)
248 { 265 {
249 CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); 266 CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
@@ -299,7 +316,8 @@ err:
299 316
300static int ibm_4758_cca_finish(ENGINE *e) 317static int ibm_4758_cca_finish(ENGINE *e)
301 { 318 {
302 if(dso) 319 free_CCA4758_LIB_NAME();
320 if(!dso)
303 { 321 {
304 CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, 322 CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
305 CCA4758_R_NOT_LOADED); 323 CCA4758_R_NOT_LOADED);
@@ -340,8 +358,7 @@ static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
340 CCA4758_R_ALREADY_LOADED); 358 CCA4758_R_ALREADY_LOADED);
341 return 0; 359 return 0;
342 } 360 }
343 CCA4758_LIB_NAME = (const char *)p; 361 return set_CCA4758_LIB_NAME((const char *)p);
344 return 1;
345 default: 362 default:
346 break; 363 break;
347 } 364 }
diff --git a/src/lib/libcrypto/engine/hw_aep.c b/src/lib/libcrypto/engine/hw_aep.c
index cf4507cff1..8b8380a582 100644
--- a/src/lib/libcrypto/engine/hw_aep.c
+++ b/src/lib/libcrypto/engine/hw_aep.c
@@ -60,7 +60,7 @@
60#include <string.h> 60#include <string.h>
61 61
62#include <openssl/e_os2.h> 62#include <openssl/e_os2.h>
63#ifndef OPENSSL_SYS_MSDOS 63#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
64#include <sys/types.h> 64#include <sys/types.h>
65#include <unistd.h> 65#include <unistd.h>
66#else 66#else
@@ -71,6 +71,7 @@ typedef int pid_t;
71#include <openssl/crypto.h> 71#include <openssl/crypto.h>
72#include <openssl/dso.h> 72#include <openssl/dso.h>
73#include <openssl/engine.h> 73#include <openssl/engine.h>
74#include <openssl/buffer.h>
74 75
75#ifndef OPENSSL_NO_HW 76#ifndef OPENSSL_NO_HW
76#ifndef OPENSSL_NO_HW_AEP 77#ifndef OPENSSL_NO_HW_AEP
@@ -363,7 +364,24 @@ static DSO *aep_dso = NULL;
363/* These are the static string constants for the DSO file name and the function 364/* These are the static string constants for the DSO file name and the function
364 * symbol names to bind to. 365 * symbol names to bind to.
365*/ 366*/
366static const char *AEP_LIBNAME = "aep"; 367static const char *AEP_LIBNAME = NULL;
368static const char *get_AEP_LIBNAME(void)
369 {
370 if(AEP_LIBNAME)
371 return AEP_LIBNAME;
372 return "aep";
373 }
374static void free_AEP_LIBNAME(void)
375 {
376 if(AEP_LIBNAME)
377 OPENSSL_free((void*)AEP_LIBNAME);
378 AEP_LIBNAME = NULL;
379 }
380static long set_AEP_LIBNAME(const char *name)
381 {
382 free_AEP_LIBNAME();
383 return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
384 }
367 385
368static const char *AEP_F1 = "AEP_ModExp"; 386static const char *AEP_F1 = "AEP_ModExp";
369static const char *AEP_F2 = "AEP_ModExpCrt"; 387static const char *AEP_F2 = "AEP_ModExpCrt";
@@ -412,7 +430,7 @@ static int aep_init(ENGINE *e)
412 } 430 }
413 /* Attempt to load libaep.so. */ 431 /* Attempt to load libaep.so. */
414 432
415 aep_dso = DSO_load(NULL, AEP_LIBNAME, NULL, 0); 433 aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
416 434
417 if(aep_dso == NULL) 435 if(aep_dso == NULL)
418 { 436 {
@@ -474,6 +492,7 @@ static int aep_init(ENGINE *e)
474/* Destructor (complements the "ENGINE_aep()" constructor) */ 492/* Destructor (complements the "ENGINE_aep()" constructor) */
475static int aep_destroy(ENGINE *e) 493static int aep_destroy(ENGINE *e)
476 { 494 {
495 free_AEP_LIBNAME();
477 ERR_unload_AEPHK_strings(); 496 ERR_unload_AEPHK_strings();
478 return 1; 497 return 1;
479 } 498 }
@@ -549,8 +568,7 @@ static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
549 AEPHK_R_ALREADY_LOADED); 568 AEPHK_R_ALREADY_LOADED);
550 return 0; 569 return 0;
551 } 570 }
552 AEP_LIBNAME = (const char *)p; 571 return set_AEP_LIBNAME((const char*)p);
553 return 1;
554 default: 572 default:
555 break; 573 break;
556 } 574 }
diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c
index 696cfcf156..6151c46902 100644
--- a/src/lib/libcrypto/engine/hw_atalla.c
+++ b/src/lib/libcrypto/engine/hw_atalla.c
@@ -286,8 +286,24 @@ static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL
286 * atasi.dll on win32). For the purposes of testing, I have created a symbollic 286 * atasi.dll on win32). For the purposes of testing, I have created a symbollic
287 * link called "libatasi.so" so that we can use native name-translation - a 287 * link called "libatasi.so" so that we can use native name-translation - a
288 * better solution will be needed. */ 288 * better solution will be needed. */
289static const char def_ATALLA_LIBNAME[] = "atasi"; 289static const char *ATALLA_LIBNAME = NULL;
290static const char *ATALLA_LIBNAME = def_ATALLA_LIBNAME; 290static const char *get_ATALLA_LIBNAME(void)
291 {
292 if(ATALLA_LIBNAME)
293 return ATALLA_LIBNAME;
294 return "atasi";
295 }
296static void free_ATALLA_LIBNAME(void)
297 {
298 if(ATALLA_LIBNAME)
299 OPENSSL_free((void*)ATALLA_LIBNAME);
300 ATALLA_LIBNAME = NULL;
301 }
302static long set_ATALLA_LIBNAME(const char *name)
303 {
304 free_ATALLA_LIBNAME();
305 return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
306 }
291static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; 307static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
292static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; 308static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
293static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; 309static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
@@ -295,6 +311,7 @@ static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
295/* Destructor (complements the "ENGINE_atalla()" constructor) */ 311/* Destructor (complements the "ENGINE_atalla()" constructor) */
296static int atalla_destroy(ENGINE *e) 312static int atalla_destroy(ENGINE *e)
297 { 313 {
314 free_ATALLA_LIBNAME();
298 /* Unload the atalla error strings so any error state including our 315 /* Unload the atalla error strings so any error state including our
299 * functs or reasons won't lead to a segfault (they simply get displayed 316 * functs or reasons won't lead to a segfault (they simply get displayed
300 * without corresponding string data because none will be found). */ 317 * without corresponding string data because none will be found). */
@@ -324,7 +341,7 @@ static int atalla_init(ENGINE *e)
324 * drivers really use - for now a symbollic link needs to be 341 * drivers really use - for now a symbollic link needs to be
325 * created on the host system from libatasi.so to atasi.so on 342 * created on the host system from libatasi.so to atasi.so on
326 * unix variants. */ 343 * unix variants. */
327 atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, 0); 344 atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
328 if(atalla_dso == NULL) 345 if(atalla_dso == NULL)
329 { 346 {
330 ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); 347 ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
@@ -364,6 +381,7 @@ err:
364 381
365static int atalla_finish(ENGINE *e) 382static int atalla_finish(ENGINE *e)
366 { 383 {
384 free_ATALLA_LIBNAME();
367 if(atalla_dso == NULL) 385 if(atalla_dso == NULL)
368 { 386 {
369 ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED); 387 ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
@@ -397,8 +415,7 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
397 ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED); 415 ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
398 return 0; 416 return 0;
399 } 417 }
400 ATALLA_LIBNAME = (const char *)p; 418 return set_ATALLA_LIBNAME((const char *)p);
401 return 1;
402 default: 419 default:
403 break; 420 break;
404 } 421 }
diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c
index d8b380550f..f5c897bdbb 100644
--- a/src/lib/libcrypto/engine/hw_cswift.c
+++ b/src/lib/libcrypto/engine/hw_cswift.c
@@ -280,8 +280,24 @@ t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
280t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL; 280t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
281 281
282/* Used in the DSO operations. */ 282/* Used in the DSO operations. */
283static const char def_CSWIFT_LIBNAME[] = "swift"; 283static const char *CSWIFT_LIBNAME = NULL;
284static const char *CSWIFT_LIBNAME = def_CSWIFT_LIBNAME; 284static const char *get_CSWIFT_LIBNAME(void)
285 {
286 if(CSWIFT_LIBNAME)
287 return CSWIFT_LIBNAME;
288 return "swift";
289 }
290static void free_CSWIFT_LIBNAME(void)
291 {
292 if(CSWIFT_LIBNAME)
293 OPENSSL_free((void*)CSWIFT_LIBNAME);
294 CSWIFT_LIBNAME = NULL;
295 }
296static long set_CSWIFT_LIBNAME(const char *name)
297 {
298 free_CSWIFT_LIBNAME();
299 return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
300 }
285static const char *CSWIFT_F1 = "swAcquireAccContext"; 301static const char *CSWIFT_F1 = "swAcquireAccContext";
286static const char *CSWIFT_F2 = "swAttachKeyParam"; 302static const char *CSWIFT_F2 = "swAttachKeyParam";
287static const char *CSWIFT_F3 = "swSimpleRequest"; 303static const char *CSWIFT_F3 = "swSimpleRequest";
@@ -313,6 +329,7 @@ static void release_context(SW_CONTEXT_HANDLE hac)
313/* Destructor (complements the "ENGINE_cswift()" constructor) */ 329/* Destructor (complements the "ENGINE_cswift()" constructor) */
314static int cswift_destroy(ENGINE *e) 330static int cswift_destroy(ENGINE *e)
315 { 331 {
332 free_CSWIFT_LIBNAME();
316 ERR_unload_CSWIFT_strings(); 333 ERR_unload_CSWIFT_strings();
317 return 1; 334 return 1;
318 } 335 }
@@ -332,7 +349,7 @@ static int cswift_init(ENGINE *e)
332 goto err; 349 goto err;
333 } 350 }
334 /* Attempt to load libswift.so/swift.dll/whatever. */ 351 /* Attempt to load libswift.so/swift.dll/whatever. */
335 cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0); 352 cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
336 if(cswift_dso == NULL) 353 if(cswift_dso == NULL)
337 { 354 {
338 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED); 355 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
@@ -377,6 +394,7 @@ err:
377 394
378static int cswift_finish(ENGINE *e) 395static int cswift_finish(ENGINE *e)
379 { 396 {
397 free_CSWIFT_LIBNAME();
380 if(cswift_dso == NULL) 398 if(cswift_dso == NULL)
381 { 399 {
382 CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED); 400 CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
@@ -411,8 +429,7 @@ static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
411 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED); 429 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
412 return 0; 430 return 0;
413 } 431 }
414 CSWIFT_LIBNAME = (const char *)p; 432 return set_CSWIFT_LIBNAME((const char *)p);
415 return 1;
416 default: 433 default:
417 break; 434 break;
418 } 435 }
@@ -484,7 +501,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
484 goto err; 501 goto err;
485 default: 502 default:
486 { 503 {
487 char tmpbuf[20]; 504 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
488 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); 505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
489 sprintf(tmpbuf, "%ld", sw_status); 506 sprintf(tmpbuf, "%ld", sw_status);
490 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -501,7 +518,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
501 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, 518 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
502 &res, 1)) != SW_OK) 519 &res, 1)) != SW_OK)
503 { 520 {
504 char tmpbuf[20]; 521 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); 522 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
506 sprintf(tmpbuf, "%ld", sw_status); 523 sprintf(tmpbuf, "%ld", sw_status);
507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 524 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -591,7 +608,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
591 goto err; 608 goto err;
592 default: 609 default:
593 { 610 {
594 char tmpbuf[20]; 611 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
595 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); 612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
596 sprintf(tmpbuf, "%ld", sw_status); 613 sprintf(tmpbuf, "%ld", sw_status);
597 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -608,7 +625,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
608 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, 625 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
609 &res, 1)) != SW_OK) 626 &res, 1)) != SW_OK)
610 { 627 {
611 char tmpbuf[20]; 628 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); 629 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
613 sprintf(tmpbuf, "%ld", sw_status); 630 sprintf(tmpbuf, "%ld", sw_status);
614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 631 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -723,7 +740,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
723 goto err; 740 goto err;
724 default: 741 default:
725 { 742 {
726 char tmpbuf[20]; 743 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
727 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); 744 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
728 sprintf(tmpbuf, "%ld", sw_status); 745 sprintf(tmpbuf, "%ld", sw_status);
729 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 746 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -741,7 +758,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
741 &res, 1); 758 &res, 1);
742 if(sw_status != SW_OK) 759 if(sw_status != SW_OK)
743 { 760 {
744 char tmpbuf[20]; 761 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
745 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); 762 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
746 sprintf(tmpbuf, "%ld", sw_status); 763 sprintf(tmpbuf, "%ld", sw_status);
747 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 764 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -835,7 +852,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
835 goto err; 852 goto err;
836 default: 853 default:
837 { 854 {
838 char tmpbuf[20]; 855 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
839 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); 856 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
840 sprintf(tmpbuf, "%ld", sw_status); 857 sprintf(tmpbuf, "%ld", sw_status);
841 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 858 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -857,7 +874,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
857 &res, 1); 874 &res, 1);
858 if(sw_status != SW_OK) 875 if(sw_status != SW_OK)
859 { 876 {
860 char tmpbuf[20]; 877 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
861 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); 878 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
862 sprintf(tmpbuf, "%ld", sw_status); 879 sprintf(tmpbuf, "%ld", sw_status);
863 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 880 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c
index 4762a54e3d..a43d4360f2 100644
--- a/src/lib/libcrypto/engine/hw_ncipher.c
+++ b/src/lib/libcrypto/engine/hw_ncipher.c
@@ -59,9 +59,9 @@
59 59
60#include <stdio.h> 60#include <stdio.h>
61#include <string.h> 61#include <string.h>
62#include "cryptlib.h"
62#include <openssl/crypto.h> 63#include <openssl/crypto.h>
63#include <openssl/pem.h> 64#include <openssl/pem.h>
64#include "cryptlib.h"
65#include <openssl/dso.h> 65#include <openssl/dso.h>
66#include <openssl/engine.h> 66#include <openssl/engine.h>
67#include <openssl/ui.h> 67#include <openssl/ui.h>
@@ -109,11 +109,13 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa);
109static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 109static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
110 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 110 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
111 111
112#ifndef OPENSSL_NO_DH
112/* DH stuff */ 113/* DH stuff */
113/* This function is alised to mod_exp (with the DH and mont dropped). */ 114/* This function is alised to mod_exp (with the DH and mont dropped). */
114static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, 115static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
115 const BIGNUM *a, const BIGNUM *p, 116 const BIGNUM *a, const BIGNUM *p,
116 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 117 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
118#endif
117 119
118/* RAND stuff */ 120/* RAND stuff */
119static int hwcrhk_rand_bytes(unsigned char *buf, int num); 121static int hwcrhk_rand_bytes(unsigned char *buf, int num);
@@ -422,8 +424,24 @@ static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
422static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; 424static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
423 425
424/* Used in the DSO operations. */ 426/* Used in the DSO operations. */
425static const char def_HWCRHK_LIBNAME[] = "nfhwcrhk"; 427static const char *HWCRHK_LIBNAME = NULL;
426static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME; 428static void free_HWCRHK_LIBNAME(void)
429 {
430 if(HWCRHK_LIBNAME)
431 OPENSSL_free((void*)HWCRHK_LIBNAME);
432 HWCRHK_LIBNAME = NULL;
433 }
434static const char *get_HWCRHK_LIBNAME(void)
435 {
436 if(HWCRHK_LIBNAME)
437 return HWCRHK_LIBNAME;
438 return "nfhwcrhk";
439 }
440static long set_HWCRHK_LIBNAME(const char *name)
441 {
442 free_HWCRHK_LIBNAME();
443 return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
444 }
427static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; 445static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
428static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; 446static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
429static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; 447static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
@@ -469,6 +487,7 @@ static void release_context(HWCryptoHook_ContextHandle hac)
469/* Destructor (complements the "ENGINE_ncipher()" constructor) */ 487/* Destructor (complements the "ENGINE_ncipher()" constructor) */
470static int hwcrhk_destroy(ENGINE *e) 488static int hwcrhk_destroy(ENGINE *e)
471 { 489 {
490 free_HWCRHK_LIBNAME();
472 ERR_unload_HWCRHK_strings(); 491 ERR_unload_HWCRHK_strings();
473 return 1; 492 return 1;
474 } 493 }
@@ -494,7 +513,7 @@ static int hwcrhk_init(ENGINE *e)
494 goto err; 513 goto err;
495 } 514 }
496 /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ 515 /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
497 hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0); 516 hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
498 if(hwcrhk_dso == NULL) 517 if(hwcrhk_dso == NULL)
499 { 518 {
500 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); 519 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
@@ -586,6 +605,7 @@ err:
586static int hwcrhk_finish(ENGINE *e) 605static int hwcrhk_finish(ENGINE *e)
587 { 606 {
588 int to_return = 1; 607 int to_return = 1;
608 free_HWCRHK_LIBNAME();
589 if(hwcrhk_dso == NULL) 609 if(hwcrhk_dso == NULL)
590 { 610 {
591 HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED); 611 HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
@@ -634,8 +654,7 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
634 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER); 654 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
635 return 0; 655 return 0;
636 } 656 }
637 HWCRHK_LIBNAME = (const char *)p; 657 return set_HWCRHK_LIBNAME((const char *)p);
638 return 1;
639 case ENGINE_CTRL_SET_LOGSTREAM: 658 case ENGINE_CTRL_SET_LOGSTREAM:
640 { 659 {
641 BIO *bio = (BIO *)p; 660 BIO *bio = (BIO *)p;
@@ -1040,6 +1059,7 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
1040 return hwcrhk_mod_exp(r, a, p, m, ctx); 1059 return hwcrhk_mod_exp(r, a, p, m, ctx);
1041 } 1060 }
1042 1061
1062#ifndef OPENSSL_NO_DH
1043/* This function is aliased to mod_exp (with the dh and mont dropped). */ 1063/* This function is aliased to mod_exp (with the dh and mont dropped). */
1044static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, 1064static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
1045 const BIGNUM *a, const BIGNUM *p, 1065 const BIGNUM *a, const BIGNUM *p,
@@ -1047,6 +1067,7 @@ static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
1047 { 1067 {
1048 return hwcrhk_mod_exp(r, a, p, m, ctx); 1068 return hwcrhk_mod_exp(r, a, p, m, ctx);
1049 } 1069 }
1070#endif
1050 1071
1051/* Random bytes are good */ 1072/* Random bytes are good */
1052static int hwcrhk_rand_bytes(unsigned char *buf, int num) 1073static int hwcrhk_rand_bytes(unsigned char *buf, int num)
diff --git a/src/lib/libcrypto/engine/hw_nuron.c b/src/lib/libcrypto/engine/hw_nuron.c
index 2672012154..130b6d8b40 100644
--- a/src/lib/libcrypto/engine/hw_nuron.c
+++ b/src/lib/libcrypto/engine/hw_nuron.c
@@ -69,8 +69,24 @@
69#define NURON_LIB_NAME "nuron engine" 69#define NURON_LIB_NAME "nuron engine"
70#include "hw_nuron_err.c" 70#include "hw_nuron_err.c"
71 71
72static const char def_NURON_LIBNAME[] = "nuronssl"; 72static const char *NURON_LIBNAME = NULL;
73static const char *NURON_LIBNAME = def_NURON_LIBNAME; 73static const char *get_NURON_LIBNAME(void)
74 {
75 if(NURON_LIBNAME)
76 return NURON_LIBNAME;
77 return "nuronssl";
78 }
79static void free_NURON_LIBNAME(void)
80 {
81 if(NURON_LIBNAME)
82 OPENSSL_free((void*)NURON_LIBNAME);
83 NURON_LIBNAME = NULL;
84 }
85static long set_NURON_LIBNAME(const char *name)
86 {
87 free_NURON_LIBNAME();
88 return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
89 }
74static const char *NURON_F1 = "nuron_mod_exp"; 90static const char *NURON_F1 = "nuron_mod_exp";
75 91
76/* The definitions for control commands specific to this engine */ 92/* The definitions for control commands specific to this engine */
@@ -90,6 +106,7 @@ static DSO *pvDSOHandle = NULL;
90 106
91static int nuron_destroy(ENGINE *e) 107static int nuron_destroy(ENGINE *e)
92 { 108 {
109 free_NURON_LIBNAME();
93 ERR_unload_NURON_strings(); 110 ERR_unload_NURON_strings();
94 return 1; 111 return 1;
95 } 112 }
@@ -102,7 +119,7 @@ static int nuron_init(ENGINE *e)
102 return 0; 119 return 0;
103 } 120 }
104 121
105 pvDSOHandle = DSO_load(NULL, NURON_LIBNAME, NULL, 122 pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
106 DSO_FLAG_NAME_TRANSLATION_EXT_ONLY); 123 DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
107 if(!pvDSOHandle) 124 if(!pvDSOHandle)
108 { 125 {
@@ -122,6 +139,7 @@ static int nuron_init(ENGINE *e)
122 139
123static int nuron_finish(ENGINE *e) 140static int nuron_finish(ENGINE *e)
124 { 141 {
142 free_NURON_LIBNAME();
125 if(pvDSOHandle == NULL) 143 if(pvDSOHandle == NULL)
126 { 144 {
127 NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED); 145 NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
@@ -153,8 +171,7 @@ static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
153 NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED); 171 NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
154 return 0; 172 return 0;
155 } 173 }
156 NURON_LIBNAME = (const char *)p; 174 return set_NURON_LIBNAME((const char *)p);
157 return 1;
158 default: 175 default:
159 break; 176 break;
160 } 177 }
diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c
index 743c06043c..63397f868c 100644
--- a/src/lib/libcrypto/engine/hw_ubsec.c
+++ b/src/lib/libcrypto/engine/hw_ubsec.c
@@ -304,7 +304,24 @@ static int max_key_len = 1024; /* ??? */
304 * symbol names to bind to. 304 * symbol names to bind to.
305 */ 305 */
306 306
307static const char *UBSEC_LIBNAME = "ubsec"; 307static const char *UBSEC_LIBNAME = NULL;
308static const char *get_UBSEC_LIBNAME(void)
309 {
310 if(UBSEC_LIBNAME)
311 return UBSEC_LIBNAME;
312 return "ubsec";
313 }
314static void free_UBSEC_LIBNAME(void)
315 {
316 if(UBSEC_LIBNAME)
317 OPENSSL_free((void*)UBSEC_LIBNAME);
318 UBSEC_LIBNAME = NULL;
319 }
320static long set_UBSEC_LIBNAME(const char *name)
321 {
322 free_UBSEC_LIBNAME();
323 return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
324 }
308static const char *UBSEC_F1 = "ubsec_bytes_to_bits"; 325static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
309static const char *UBSEC_F2 = "ubsec_bits_to_bytes"; 326static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
310static const char *UBSEC_F3 = "ubsec_open"; 327static const char *UBSEC_F3 = "ubsec_open";
@@ -328,6 +345,7 @@ static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
328/* Destructor (complements the "ENGINE_ubsec()" constructor) */ 345/* Destructor (complements the "ENGINE_ubsec()" constructor) */
329static int ubsec_destroy(ENGINE *e) 346static int ubsec_destroy(ENGINE *e)
330 { 347 {
348 free_UBSEC_LIBNAME();
331 ERR_unload_UBSEC_strings(); 349 ERR_unload_UBSEC_strings();
332 return 1; 350 return 1;
333 } 351 }
@@ -364,7 +382,7 @@ static int ubsec_init(ENGINE *e)
364 /* 382 /*
365 * Attempt to load libubsec.so/ubsec.dll/whatever. 383 * Attempt to load libubsec.so/ubsec.dll/whatever.
366 */ 384 */
367 ubsec_dso = DSO_load(NULL, UBSEC_LIBNAME, NULL, 0); 385 ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
368 if(ubsec_dso == NULL) 386 if(ubsec_dso == NULL)
369 { 387 {
370 UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE); 388 UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
@@ -459,6 +477,7 @@ err:
459 477
460static int ubsec_finish(ENGINE *e) 478static int ubsec_finish(ENGINE *e)
461 { 479 {
480 free_UBSEC_LIBNAME();
462 if(ubsec_dso == NULL) 481 if(ubsec_dso == NULL)
463 { 482 {
464 UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED); 483 UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
@@ -508,8 +527,7 @@ static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
508 UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED); 527 UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
509 return 0; 528 return 0;
510 } 529 }
511 UBSEC_LIBNAME = (const char *)p; 530 return set_UBSEC_LIBNAME((const char *)p);
512 return 1;
513 default: 531 default:
514 break; 532 break;
515 } 533 }
diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c
index 1bfffb34cf..90294ef686 100644
--- a/src/lib/libcrypto/evp/evp_test.c
+++ b/src/lib/libcrypto/evp/evp_test.c
@@ -118,7 +118,7 @@ static char *sstrsep(char **string, const char *delim)
118 } 118 }
119 119
120static unsigned char *ustrsep(char **p,const char *sep) 120static unsigned char *ustrsep(char **p,const char *sep)
121 { return (unsigned char *)sstrsep((char **)p,sep); } 121 { return (unsigned char *)sstrsep(p,sep); }
122 122
123static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, 123static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
124 const unsigned char *iv,int in, 124 const unsigned char *iv,int in,
@@ -358,7 +358,7 @@ int main(int argc,char **argv)
358 p[-1] = '\0'; 358 p[-1] = '\0';
359 encdec = -1; 359 encdec = -1;
360 } else { 360 } else {
361 encdec = atoi(strsep(&p,"\n")); 361 encdec = atoi(sstrsep(&p,"\n"));
362 } 362 }
363 363
364 364
diff --git a/src/lib/libcrypto/objects/obj_dat.h b/src/lib/libcrypto/objects/obj_dat.h
index 39cfcda783..30812c8aa6 100644
--- a/src/lib/libcrypto/objects/obj_dat.h
+++ b/src/lib/libcrypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
62 * [including the GNU Public Licence.] 62 * [including the GNU Public Licence.]
63 */ 63 */
64 64
65#define NUM_NID 510 65#define NUM_NID 645
66#define NUM_SN 507 66#define NUM_SN 641
67#define NUM_LN 507 67#define NUM_LN 641
68#define NUM_OBJ 481 68#define NUM_OBJ 615
69 69
70static unsigned char lvalues[3881]={ 70static unsigned char lvalues[4435]={
710x00, /* [ 0] OBJ_undef */ 710x00, /* [ 0] OBJ_undef */
720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -549,6 +549,140 @@ static unsigned char lvalues[3881]={
5490x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */ 5490x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */
5500x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */ 5500x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */
5510x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */ 5510x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */
5520x55,0x04,0x41, /* [3880] OBJ_pseudonym */
5530x67,0x2A, /* [3883] OBJ_id_set */
5540x67,0x2A,0x00, /* [3885] OBJ_set_ctype */
5550x67,0x2A,0x01, /* [3888] OBJ_set_msgExt */
5560x67,0x2A,0x03, /* [3891] OBJ_set_attr */
5570x67,0x2A,0x05, /* [3894] OBJ_set_policy */
5580x67,0x2A,0x07, /* [3897] OBJ_set_certExt */
5590x67,0x2A,0x08, /* [3900] OBJ_set_brand */
5600x67,0x2A,0x00,0x00, /* [3903] OBJ_setct_PANData */
5610x67,0x2A,0x00,0x01, /* [3907] OBJ_setct_PANToken */
5620x67,0x2A,0x00,0x02, /* [3911] OBJ_setct_PANOnly */
5630x67,0x2A,0x00,0x03, /* [3915] OBJ_setct_OIData */
5640x67,0x2A,0x00,0x04, /* [3919] OBJ_setct_PI */
5650x67,0x2A,0x00,0x05, /* [3923] OBJ_setct_PIData */
5660x67,0x2A,0x00,0x06, /* [3927] OBJ_setct_PIDataUnsigned */
5670x67,0x2A,0x00,0x07, /* [3931] OBJ_setct_HODInput */
5680x67,0x2A,0x00,0x08, /* [3935] OBJ_setct_AuthResBaggage */
5690x67,0x2A,0x00,0x09, /* [3939] OBJ_setct_AuthRevReqBaggage */
5700x67,0x2A,0x00,0x0A, /* [3943] OBJ_setct_AuthRevResBaggage */
5710x67,0x2A,0x00,0x0B, /* [3947] OBJ_setct_CapTokenSeq */
5720x67,0x2A,0x00,0x0C, /* [3951] OBJ_setct_PInitResData */
5730x67,0x2A,0x00,0x0D, /* [3955] OBJ_setct_PI_TBS */
5740x67,0x2A,0x00,0x0E, /* [3959] OBJ_setct_PResData */
5750x67,0x2A,0x00,0x10, /* [3963] OBJ_setct_AuthReqTBS */
5760x67,0x2A,0x00,0x11, /* [3967] OBJ_setct_AuthResTBS */
5770x67,0x2A,0x00,0x12, /* [3971] OBJ_setct_AuthResTBSX */
5780x67,0x2A,0x00,0x13, /* [3975] OBJ_setct_AuthTokenTBS */
5790x67,0x2A,0x00,0x14, /* [3979] OBJ_setct_CapTokenData */
5800x67,0x2A,0x00,0x15, /* [3983] OBJ_setct_CapTokenTBS */
5810x67,0x2A,0x00,0x16, /* [3987] OBJ_setct_AcqCardCodeMsg */
5820x67,0x2A,0x00,0x17, /* [3991] OBJ_setct_AuthRevReqTBS */
5830x67,0x2A,0x00,0x18, /* [3995] OBJ_setct_AuthRevResData */
5840x67,0x2A,0x00,0x19, /* [3999] OBJ_setct_AuthRevResTBS */
5850x67,0x2A,0x00,0x1A, /* [4003] OBJ_setct_CapReqTBS */
5860x67,0x2A,0x00,0x1B, /* [4007] OBJ_setct_CapReqTBSX */
5870x67,0x2A,0x00,0x1C, /* [4011] OBJ_setct_CapResData */
5880x67,0x2A,0x00,0x1D, /* [4015] OBJ_setct_CapRevReqTBS */
5890x67,0x2A,0x00,0x1E, /* [4019] OBJ_setct_CapRevReqTBSX */
5900x67,0x2A,0x00,0x1F, /* [4023] OBJ_setct_CapRevResData */
5910x67,0x2A,0x00,0x20, /* [4027] OBJ_setct_CredReqTBS */
5920x67,0x2A,0x00,0x21, /* [4031] OBJ_setct_CredReqTBSX */
5930x67,0x2A,0x00,0x22, /* [4035] OBJ_setct_CredResData */
5940x67,0x2A,0x00,0x23, /* [4039] OBJ_setct_CredRevReqTBS */
5950x67,0x2A,0x00,0x24, /* [4043] OBJ_setct_CredRevReqTBSX */
5960x67,0x2A,0x00,0x25, /* [4047] OBJ_setct_CredRevResData */
5970x67,0x2A,0x00,0x26, /* [4051] OBJ_setct_PCertReqData */
5980x67,0x2A,0x00,0x27, /* [4055] OBJ_setct_PCertResTBS */
5990x67,0x2A,0x00,0x28, /* [4059] OBJ_setct_BatchAdminReqData */
6000x67,0x2A,0x00,0x29, /* [4063] OBJ_setct_BatchAdminResData */
6010x67,0x2A,0x00,0x2A, /* [4067] OBJ_setct_CardCInitResTBS */
6020x67,0x2A,0x00,0x2B, /* [4071] OBJ_setct_MeAqCInitResTBS */
6030x67,0x2A,0x00,0x2C, /* [4075] OBJ_setct_RegFormResTBS */
6040x67,0x2A,0x00,0x2D, /* [4079] OBJ_setct_CertReqData */
6050x67,0x2A,0x00,0x2E, /* [4083] OBJ_setct_CertReqTBS */
6060x67,0x2A,0x00,0x2F, /* [4087] OBJ_setct_CertResData */
6070x67,0x2A,0x00,0x30, /* [4091] OBJ_setct_CertInqReqTBS */
6080x67,0x2A,0x00,0x31, /* [4095] OBJ_setct_ErrorTBS */
6090x67,0x2A,0x00,0x32, /* [4099] OBJ_setct_PIDualSignedTBE */
6100x67,0x2A,0x00,0x33, /* [4103] OBJ_setct_PIUnsignedTBE */
6110x67,0x2A,0x00,0x34, /* [4107] OBJ_setct_AuthReqTBE */
6120x67,0x2A,0x00,0x35, /* [4111] OBJ_setct_AuthResTBE */
6130x67,0x2A,0x00,0x36, /* [4115] OBJ_setct_AuthResTBEX */
6140x67,0x2A,0x00,0x37, /* [4119] OBJ_setct_AuthTokenTBE */
6150x67,0x2A,0x00,0x38, /* [4123] OBJ_setct_CapTokenTBE */
6160x67,0x2A,0x00,0x39, /* [4127] OBJ_setct_CapTokenTBEX */
6170x67,0x2A,0x00,0x3A, /* [4131] OBJ_setct_AcqCardCodeMsgTBE */
6180x67,0x2A,0x00,0x3B, /* [4135] OBJ_setct_AuthRevReqTBE */
6190x67,0x2A,0x00,0x3C, /* [4139] OBJ_setct_AuthRevResTBE */
6200x67,0x2A,0x00,0x3D, /* [4143] OBJ_setct_AuthRevResTBEB */
6210x67,0x2A,0x00,0x3E, /* [4147] OBJ_setct_CapReqTBE */
6220x67,0x2A,0x00,0x3F, /* [4151] OBJ_setct_CapReqTBEX */
6230x67,0x2A,0x00,0x40, /* [4155] OBJ_setct_CapResTBE */
6240x67,0x2A,0x00,0x41, /* [4159] OBJ_setct_CapRevReqTBE */
6250x67,0x2A,0x00,0x42, /* [4163] OBJ_setct_CapRevReqTBEX */
6260x67,0x2A,0x00,0x43, /* [4167] OBJ_setct_CapRevResTBE */
6270x67,0x2A,0x00,0x44, /* [4171] OBJ_setct_CredReqTBE */
6280x67,0x2A,0x00,0x45, /* [4175] OBJ_setct_CredReqTBEX */
6290x67,0x2A,0x00,0x46, /* [4179] OBJ_setct_CredResTBE */
6300x67,0x2A,0x00,0x47, /* [4183] OBJ_setct_CredRevReqTBE */
6310x67,0x2A,0x00,0x48, /* [4187] OBJ_setct_CredRevReqTBEX */
6320x67,0x2A,0x00,0x49, /* [4191] OBJ_setct_CredRevResTBE */
6330x67,0x2A,0x00,0x4A, /* [4195] OBJ_setct_BatchAdminReqTBE */
6340x67,0x2A,0x00,0x4B, /* [4199] OBJ_setct_BatchAdminResTBE */
6350x67,0x2A,0x00,0x4C, /* [4203] OBJ_setct_RegFormReqTBE */
6360x67,0x2A,0x00,0x4D, /* [4207] OBJ_setct_CertReqTBE */
6370x67,0x2A,0x00,0x4E, /* [4211] OBJ_setct_CertReqTBEX */
6380x67,0x2A,0x00,0x4F, /* [4215] OBJ_setct_CertResTBE */
6390x67,0x2A,0x00,0x50, /* [4219] OBJ_setct_CRLNotificationTBS */
6400x67,0x2A,0x00,0x51, /* [4223] OBJ_setct_CRLNotificationResTBS */
6410x67,0x2A,0x00,0x52, /* [4227] OBJ_setct_BCIDistributionTBS */
6420x67,0x2A,0x01,0x01, /* [4231] OBJ_setext_genCrypt */
6430x67,0x2A,0x01,0x03, /* [4235] OBJ_setext_miAuth */
6440x67,0x2A,0x01,0x04, /* [4239] OBJ_setext_pinSecure */
6450x67,0x2A,0x01,0x05, /* [4243] OBJ_setext_pinAny */
6460x67,0x2A,0x01,0x07, /* [4247] OBJ_setext_track2 */
6470x67,0x2A,0x01,0x08, /* [4251] OBJ_setext_cv */
6480x67,0x2A,0x05,0x00, /* [4255] OBJ_set_policy_root */
6490x67,0x2A,0x07,0x00, /* [4259] OBJ_setCext_hashedRoot */
6500x67,0x2A,0x07,0x01, /* [4263] OBJ_setCext_certType */
6510x67,0x2A,0x07,0x02, /* [4267] OBJ_setCext_merchData */
6520x67,0x2A,0x07,0x03, /* [4271] OBJ_setCext_cCertRequired */
6530x67,0x2A,0x07,0x04, /* [4275] OBJ_setCext_tunneling */
6540x67,0x2A,0x07,0x05, /* [4279] OBJ_setCext_setExt */
6550x67,0x2A,0x07,0x06, /* [4283] OBJ_setCext_setQualf */
6560x67,0x2A,0x07,0x07, /* [4287] OBJ_setCext_PGWYcapabilities */
6570x67,0x2A,0x07,0x08, /* [4291] OBJ_setCext_TokenIdentifier */
6580x67,0x2A,0x07,0x09, /* [4295] OBJ_setCext_Track2Data */
6590x67,0x2A,0x07,0x0A, /* [4299] OBJ_setCext_TokenType */
6600x67,0x2A,0x07,0x0B, /* [4303] OBJ_setCext_IssuerCapabilities */
6610x67,0x2A,0x03,0x00, /* [4307] OBJ_setAttr_Cert */
6620x67,0x2A,0x03,0x01, /* [4311] OBJ_setAttr_PGWYcap */
6630x67,0x2A,0x03,0x02, /* [4315] OBJ_setAttr_TokenType */
6640x67,0x2A,0x03,0x03, /* [4319] OBJ_setAttr_IssCap */
6650x67,0x2A,0x03,0x00,0x00, /* [4323] OBJ_set_rootKeyThumb */
6660x67,0x2A,0x03,0x00,0x01, /* [4328] OBJ_set_addPolicy */
6670x67,0x2A,0x03,0x02,0x01, /* [4333] OBJ_setAttr_Token_EMV */
6680x67,0x2A,0x03,0x02,0x02, /* [4338] OBJ_setAttr_Token_B0Prime */
6690x67,0x2A,0x03,0x03,0x03, /* [4343] OBJ_setAttr_IssCap_CVM */
6700x67,0x2A,0x03,0x03,0x04, /* [4348] OBJ_setAttr_IssCap_T2 */
6710x67,0x2A,0x03,0x03,0x05, /* [4353] OBJ_setAttr_IssCap_Sig */
6720x67,0x2A,0x03,0x03,0x03,0x01, /* [4358] OBJ_setAttr_GenCryptgrm */
6730x67,0x2A,0x03,0x03,0x04,0x01, /* [4364] OBJ_setAttr_T2Enc */
6740x67,0x2A,0x03,0x03,0x04,0x02, /* [4370] OBJ_setAttr_T2cleartxt */
6750x67,0x2A,0x03,0x03,0x05,0x01, /* [4376] OBJ_setAttr_TokICCsig */
6760x67,0x2A,0x03,0x03,0x05,0x02, /* [4382] OBJ_setAttr_SecDevSig */
6770x67,0x2A,0x08,0x01, /* [4388] OBJ_set_brand_IATA_ATA */
6780x67,0x2A,0x08,0x1E, /* [4392] OBJ_set_brand_Diners */
6790x67,0x2A,0x08,0x22, /* [4396] OBJ_set_brand_AmericanExpress */
6800x67,0x2A,0x08,0x23, /* [4400] OBJ_set_brand_JCB */
6810x67,0x2A,0x08,0x04, /* [4404] OBJ_set_brand_Visa */
6820x67,0x2A,0x08,0x05, /* [4408] OBJ_set_brand_MasterCard */
6830x67,0x2A,0x08,0xAE,0x7B, /* [4412] OBJ_set_brand_Novus */
6840x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4417] OBJ_des_cdmf */
6850x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */
552}; 686};
553 687
554static ASN1_OBJECT nid_objs[NUM_NID]={ 688static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1334,6 +1468,257 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
1334 NID_id_hex_multipart_message,7,&(lvalues[3870]),0}, 1468 NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
1335{"generationQualifier","generationQualifier",NID_generationQualifier, 1469{"generationQualifier","generationQualifier",NID_generationQualifier,
1336 3,&(lvalues[3877]),0}, 1470 3,&(lvalues[3877]),0},
1471{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0},
1472{NULL,NULL,NID_undef,0,NULL},
1473{"id-set","Secure Electronic Transactions",NID_id_set,2,
1474 &(lvalues[3883]),0},
1475{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0},
1476{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0},
1477{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0},
1478{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0},
1479{"set-certExt","certificate extensions",NID_set_certExt,3,
1480 &(lvalues[3897]),0},
1481{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0},
1482{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0},
1483{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
1484 &(lvalues[3907]),0},
1485{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0},
1486{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0},
1487{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0},
1488{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0},
1489{"setct-PIDataUnsigned","setct-PIDataUnsigned",
1490 NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0},
1491{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
1492 &(lvalues[3931]),0},
1493{"setct-AuthResBaggage","setct-AuthResBaggage",
1494 NID_setct_AuthResBaggage,4,&(lvalues[3935]),0},
1495{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
1496 NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0},
1497{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
1498 NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0},
1499{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
1500 &(lvalues[3947]),0},
1501{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
1502 &(lvalues[3951]),0},
1503{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0},
1504{"setct-PResData","setct-PResData",NID_setct_PResData,4,
1505 &(lvalues[3959]),0},
1506{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
1507 &(lvalues[3963]),0},
1508{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
1509 &(lvalues[3967]),0},
1510{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
1511 &(lvalues[3971]),0},
1512{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
1513 &(lvalues[3975]),0},
1514{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
1515 &(lvalues[3979]),0},
1516{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
1517 &(lvalues[3983]),0},
1518{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
1519 NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0},
1520{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
1521 4,&(lvalues[3991]),0},
1522{"setct-AuthRevResData","setct-AuthRevResData",
1523 NID_setct_AuthRevResData,4,&(lvalues[3995]),0},
1524{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
1525 4,&(lvalues[3999]),0},
1526{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
1527 &(lvalues[4003]),0},
1528{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
1529 &(lvalues[4007]),0},
1530{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
1531 &(lvalues[4011]),0},
1532{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
1533 &(lvalues[4015]),0},
1534{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
1535 4,&(lvalues[4019]),0},
1536{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
1537 4,&(lvalues[4023]),0},
1538{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
1539 &(lvalues[4027]),0},
1540{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
1541 &(lvalues[4031]),0},
1542{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
1543 &(lvalues[4035]),0},
1544{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
1545 4,&(lvalues[4039]),0},
1546{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
1547 NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0},
1548{"setct-CredRevResData","setct-CredRevResData",
1549 NID_setct_CredRevResData,4,&(lvalues[4047]),0},
1550{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
1551 &(lvalues[4051]),0},
1552{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
1553 &(lvalues[4055]),0},
1554{"setct-BatchAdminReqData","setct-BatchAdminReqData",
1555 NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0},
1556{"setct-BatchAdminResData","setct-BatchAdminResData",
1557 NID_setct_BatchAdminResData,4,&(lvalues[4063]),0},
1558{"setct-CardCInitResTBS","setct-CardCInitResTBS",
1559 NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0},
1560{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
1561 NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0},
1562{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
1563 4,&(lvalues[4075]),0},
1564{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
1565 &(lvalues[4079]),0},
1566{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
1567 &(lvalues[4083]),0},
1568{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
1569 &(lvalues[4087]),0},
1570{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
1571 4,&(lvalues[4091]),0},
1572{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
1573 &(lvalues[4095]),0},
1574{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
1575 NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0},
1576{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
1577 4,&(lvalues[4103]),0},
1578{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
1579 &(lvalues[4107]),0},
1580{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
1581 &(lvalues[4111]),0},
1582{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
1583 &(lvalues[4115]),0},
1584{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
1585 &(lvalues[4119]),0},
1586{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
1587 &(lvalues[4123]),0},
1588{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
1589 &(lvalues[4127]),0},
1590{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
1591 NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0},
1592{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
1593 4,&(lvalues[4135]),0},
1594{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
1595 4,&(lvalues[4139]),0},
1596{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
1597 NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0},
1598{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
1599 &(lvalues[4147]),0},
1600{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
1601 &(lvalues[4151]),0},
1602{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
1603 &(lvalues[4155]),0},
1604{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
1605 &(lvalues[4159]),0},
1606{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
1607 4,&(lvalues[4163]),0},
1608{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
1609 &(lvalues[4167]),0},
1610{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
1611 &(lvalues[4171]),0},
1612{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
1613 &(lvalues[4175]),0},
1614{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
1615 &(lvalues[4179]),0},
1616{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
1617 4,&(lvalues[4183]),0},
1618{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
1619 NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0},
1620{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
1621 4,&(lvalues[4191]),0},
1622{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
1623 NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0},
1624{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
1625 NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0},
1626{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
1627 4,&(lvalues[4203]),0},
1628{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
1629 &(lvalues[4207]),0},
1630{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
1631 &(lvalues[4211]),0},
1632{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
1633 &(lvalues[4215]),0},
1634{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
1635 NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0},
1636{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
1637 NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0},
1638{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
1639 NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0},
1640{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
1641 &(lvalues[4231]),0},
1642{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
1643 &(lvalues[4235]),0},
1644{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
1645 &(lvalues[4239]),0},
1646{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0},
1647{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0},
1648{"setext-cv","additional verification",NID_setext_cv,4,
1649 &(lvalues[4251]),0},
1650{"set-policy-root","set-policy-root",NID_set_policy_root,4,
1651 &(lvalues[4255]),0},
1652{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
1653 &(lvalues[4259]),0},
1654{"setCext-certType","setCext-certType",NID_setCext_certType,4,
1655 &(lvalues[4263]),0},
1656{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
1657 &(lvalues[4267]),0},
1658{"setCext-cCertRequired","setCext-cCertRequired",
1659 NID_setCext_cCertRequired,4,&(lvalues[4271]),0},
1660{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
1661 &(lvalues[4275]),0},
1662{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
1663 &(lvalues[4279]),0},
1664{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
1665 &(lvalues[4283]),0},
1666{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
1667 NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0},
1668{"setCext-TokenIdentifier","setCext-TokenIdentifier",
1669 NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0},
1670{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
1671 &(lvalues[4295]),0},
1672{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
1673 &(lvalues[4299]),0},
1674{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
1675 NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0},
1676{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0},
1677{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
1678 4,&(lvalues[4311]),0},
1679{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
1680 &(lvalues[4315]),0},
1681{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
1682 &(lvalues[4319]),0},
1683{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
1684 &(lvalues[4323]),0},
1685{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0},
1686{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
1687 &(lvalues[4333]),0},
1688{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
1689 NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0},
1690{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
1691 &(lvalues[4343]),0},
1692{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
1693 &(lvalues[4348]),0},
1694{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
1695 &(lvalues[4353]),0},
1696{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
1697 6,&(lvalues[4358]),0},
1698{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
1699 &(lvalues[4364]),0},
1700{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
1701 &(lvalues[4370]),0},
1702{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
1703 &(lvalues[4376]),0},
1704{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
1705 6,&(lvalues[4382]),0},
1706{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
1707 &(lvalues[4388]),0},
1708{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
1709 &(lvalues[4392]),0},
1710{"set-brand-AmericanExpress","set-brand-AmericanExpress",
1711 NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0},
1712{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0},
1713{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
1714 &(lvalues[4404]),0},
1715{"set-brand-MasterCard","set-brand-MasterCard",
1716 NID_set_brand_MasterCard,4,&(lvalues[4408]),0},
1717{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
1718 &(lvalues[4412]),0},
1719{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0},
1720{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
1721 NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0},
1337}; 1722};
1338 1723
1339static ASN1_OBJECT *sn_objs[NUM_SN]={ 1724static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1366,6 +1751,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1366&(nid_objs[367]),/* "CrlID" */ 1751&(nid_objs[367]),/* "CrlID" */
1367&(nid_objs[391]),/* "DC" */ 1752&(nid_objs[391]),/* "DC" */
1368&(nid_objs[31]),/* "DES-CBC" */ 1753&(nid_objs[31]),/* "DES-CBC" */
1754&(nid_objs[643]),/* "DES-CDMF" */
1369&(nid_objs[30]),/* "DES-CFB" */ 1755&(nid_objs[30]),/* "DES-CFB" */
1370&(nid_objs[29]),/* "DES-ECB" */ 1756&(nid_objs[29]),/* "DES-ECB" */
1371&(nid_objs[32]),/* "DES-EDE" */ 1757&(nid_objs[32]),/* "DES-EDE" */
@@ -1642,6 +2028,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1642&(nid_objs[314]),/* "id-regInfo" */ 2028&(nid_objs[314]),/* "id-regInfo" */
1643&(nid_objs[322]),/* "id-regInfo-certReq" */ 2029&(nid_objs[322]),/* "id-regInfo-certReq" */
1644&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */ 2030&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
2031&(nid_objs[512]),/* "id-set" */
1645&(nid_objs[191]),/* "id-smime-aa" */ 2032&(nid_objs[191]),/* "id-smime-aa" */
1646&(nid_objs[215]),/* "id-smime-aa-contentHint" */ 2033&(nid_objs[215]),/* "id-smime-aa-contentHint" */
1647&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */ 2034&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
@@ -1798,6 +2185,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1798&(nid_objs[415]),/* "prime256v1" */ 2185&(nid_objs[415]),/* "prime256v1" */
1799&(nid_objs[385]),/* "private" */ 2186&(nid_objs[385]),/* "private" */
1800&(nid_objs[84]),/* "privateKeyUsagePeriod" */ 2187&(nid_objs[84]),/* "privateKeyUsagePeriod" */
2188&(nid_objs[510]),/* "pseudonym" */
1801&(nid_objs[435]),/* "pss" */ 2189&(nid_objs[435]),/* "pss" */
1802&(nid_objs[286]),/* "qcStatements" */ 2190&(nid_objs[286]),/* "qcStatements" */
1803&(nid_objs[457]),/* "qualityLabelledData" */ 2191&(nid_objs[457]),/* "qualityLabelledData" */
@@ -1806,6 +2194,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1806&(nid_objs[448]),/* "room" */ 2194&(nid_objs[448]),/* "room" */
1807&(nid_objs[463]),/* "roomNumber" */ 2195&(nid_objs[463]),/* "roomNumber" */
1808&(nid_objs[ 6]),/* "rsaEncryption" */ 2196&(nid_objs[ 6]),/* "rsaEncryption" */
2197&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
1809&(nid_objs[377]),/* "rsaSignature" */ 2198&(nid_objs[377]),/* "rsaSignature" */
1810&(nid_objs[ 1]),/* "rsadsi" */ 2199&(nid_objs[ 1]),/* "rsadsi" */
1811&(nid_objs[482]),/* "sOARecord" */ 2200&(nid_objs[482]),/* "sOARecord" */
@@ -1821,6 +2210,136 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1821&(nid_objs[105]),/* "serialNumber" */ 2210&(nid_objs[105]),/* "serialNumber" */
1822&(nid_objs[129]),/* "serverAuth" */ 2211&(nid_objs[129]),/* "serverAuth" */
1823&(nid_objs[371]),/* "serviceLocator" */ 2212&(nid_objs[371]),/* "serviceLocator" */
2213&(nid_objs[625]),/* "set-addPolicy" */
2214&(nid_objs[515]),/* "set-attr" */
2215&(nid_objs[518]),/* "set-brand" */
2216&(nid_objs[638]),/* "set-brand-AmericanExpress" */
2217&(nid_objs[637]),/* "set-brand-Diners" */
2218&(nid_objs[636]),/* "set-brand-IATA-ATA" */
2219&(nid_objs[639]),/* "set-brand-JCB" */
2220&(nid_objs[641]),/* "set-brand-MasterCard" */
2221&(nid_objs[642]),/* "set-brand-Novus" */
2222&(nid_objs[640]),/* "set-brand-Visa" */
2223&(nid_objs[517]),/* "set-certExt" */
2224&(nid_objs[513]),/* "set-ctype" */
2225&(nid_objs[514]),/* "set-msgExt" */
2226&(nid_objs[516]),/* "set-policy" */
2227&(nid_objs[607]),/* "set-policy-root" */
2228&(nid_objs[624]),/* "set-rootKeyThumb" */
2229&(nid_objs[620]),/* "setAttr-Cert" */
2230&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
2231&(nid_objs[623]),/* "setAttr-IssCap" */
2232&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
2233&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
2234&(nid_objs[629]),/* "setAttr-IssCap-T2" */
2235&(nid_objs[621]),/* "setAttr-PGWYcap" */
2236&(nid_objs[635]),/* "setAttr-SecDevSig" */
2237&(nid_objs[632]),/* "setAttr-T2Enc" */
2238&(nid_objs[633]),/* "setAttr-T2cleartxt" */
2239&(nid_objs[634]),/* "setAttr-TokICCsig" */
2240&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
2241&(nid_objs[626]),/* "setAttr-Token-EMV" */
2242&(nid_objs[622]),/* "setAttr-TokenType" */
2243&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
2244&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
2245&(nid_objs[616]),/* "setCext-TokenIdentifier" */
2246&(nid_objs[618]),/* "setCext-TokenType" */
2247&(nid_objs[617]),/* "setCext-Track2Data" */
2248&(nid_objs[611]),/* "setCext-cCertRequired" */
2249&(nid_objs[609]),/* "setCext-certType" */
2250&(nid_objs[608]),/* "setCext-hashedRoot" */
2251&(nid_objs[610]),/* "setCext-merchData" */
2252&(nid_objs[613]),/* "setCext-setExt" */
2253&(nid_objs[614]),/* "setCext-setQualf" */
2254&(nid_objs[612]),/* "setCext-tunneling" */
2255&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
2256&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
2257&(nid_objs[570]),/* "setct-AuthReqTBE" */
2258&(nid_objs[534]),/* "setct-AuthReqTBS" */
2259&(nid_objs[527]),/* "setct-AuthResBaggage" */
2260&(nid_objs[571]),/* "setct-AuthResTBE" */
2261&(nid_objs[572]),/* "setct-AuthResTBEX" */
2262&(nid_objs[535]),/* "setct-AuthResTBS" */
2263&(nid_objs[536]),/* "setct-AuthResTBSX" */
2264&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
2265&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
2266&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
2267&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
2268&(nid_objs[542]),/* "setct-AuthRevResData" */
2269&(nid_objs[578]),/* "setct-AuthRevResTBE" */
2270&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
2271&(nid_objs[543]),/* "setct-AuthRevResTBS" */
2272&(nid_objs[573]),/* "setct-AuthTokenTBE" */
2273&(nid_objs[537]),/* "setct-AuthTokenTBS" */
2274&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
2275&(nid_objs[558]),/* "setct-BatchAdminReqData" */
2276&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
2277&(nid_objs[559]),/* "setct-BatchAdminResData" */
2278&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
2279&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
2280&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
2281&(nid_objs[580]),/* "setct-CapReqTBE" */
2282&(nid_objs[581]),/* "setct-CapReqTBEX" */
2283&(nid_objs[544]),/* "setct-CapReqTBS" */
2284&(nid_objs[545]),/* "setct-CapReqTBSX" */
2285&(nid_objs[546]),/* "setct-CapResData" */
2286&(nid_objs[582]),/* "setct-CapResTBE" */
2287&(nid_objs[583]),/* "setct-CapRevReqTBE" */
2288&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
2289&(nid_objs[547]),/* "setct-CapRevReqTBS" */
2290&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
2291&(nid_objs[549]),/* "setct-CapRevResData" */
2292&(nid_objs[585]),/* "setct-CapRevResTBE" */
2293&(nid_objs[538]),/* "setct-CapTokenData" */
2294&(nid_objs[530]),/* "setct-CapTokenSeq" */
2295&(nid_objs[574]),/* "setct-CapTokenTBE" */
2296&(nid_objs[575]),/* "setct-CapTokenTBEX" */
2297&(nid_objs[539]),/* "setct-CapTokenTBS" */
2298&(nid_objs[560]),/* "setct-CardCInitResTBS" */
2299&(nid_objs[566]),/* "setct-CertInqReqTBS" */
2300&(nid_objs[563]),/* "setct-CertReqData" */
2301&(nid_objs[595]),/* "setct-CertReqTBE" */
2302&(nid_objs[596]),/* "setct-CertReqTBEX" */
2303&(nid_objs[564]),/* "setct-CertReqTBS" */
2304&(nid_objs[565]),/* "setct-CertResData" */
2305&(nid_objs[597]),/* "setct-CertResTBE" */
2306&(nid_objs[586]),/* "setct-CredReqTBE" */
2307&(nid_objs[587]),/* "setct-CredReqTBEX" */
2308&(nid_objs[550]),/* "setct-CredReqTBS" */
2309&(nid_objs[551]),/* "setct-CredReqTBSX" */
2310&(nid_objs[552]),/* "setct-CredResData" */
2311&(nid_objs[588]),/* "setct-CredResTBE" */
2312&(nid_objs[589]),/* "setct-CredRevReqTBE" */
2313&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
2314&(nid_objs[553]),/* "setct-CredRevReqTBS" */
2315&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
2316&(nid_objs[555]),/* "setct-CredRevResData" */
2317&(nid_objs[591]),/* "setct-CredRevResTBE" */
2318&(nid_objs[567]),/* "setct-ErrorTBS" */
2319&(nid_objs[526]),/* "setct-HODInput" */
2320&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
2321&(nid_objs[522]),/* "setct-OIData" */
2322&(nid_objs[519]),/* "setct-PANData" */
2323&(nid_objs[521]),/* "setct-PANOnly" */
2324&(nid_objs[520]),/* "setct-PANToken" */
2325&(nid_objs[556]),/* "setct-PCertReqData" */
2326&(nid_objs[557]),/* "setct-PCertResTBS" */
2327&(nid_objs[523]),/* "setct-PI" */
2328&(nid_objs[532]),/* "setct-PI-TBS" */
2329&(nid_objs[524]),/* "setct-PIData" */
2330&(nid_objs[525]),/* "setct-PIDataUnsigned" */
2331&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
2332&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
2333&(nid_objs[531]),/* "setct-PInitResData" */
2334&(nid_objs[533]),/* "setct-PResData" */
2335&(nid_objs[594]),/* "setct-RegFormReqTBE" */
2336&(nid_objs[562]),/* "setct-RegFormResTBS" */
2337&(nid_objs[606]),/* "setext-cv" */
2338&(nid_objs[601]),/* "setext-genCrypt" */
2339&(nid_objs[602]),/* "setext-miAuth" */
2340&(nid_objs[604]),/* "setext-pinAny" */
2341&(nid_objs[603]),/* "setext-pinSecure" */
2342&(nid_objs[605]),/* "setext-track2" */
1824&(nid_objs[52]),/* "signingTime" */ 2343&(nid_objs[52]),/* "signingTime" */
1825&(nid_objs[454]),/* "simpleSecurityObject" */ 2344&(nid_objs[454]),/* "simpleSecurityObject" */
1826&(nid_objs[496]),/* "singleLevelQuality" */ 2345&(nid_objs[496]),/* "singleLevelQuality" */
@@ -1866,6 +2385,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1866&(nid_objs[430]),/* "Hold Instruction Code" */ 2385&(nid_objs[430]),/* "Hold Instruction Code" */
1867&(nid_objs[431]),/* "Hold Instruction None" */ 2386&(nid_objs[431]),/* "Hold Instruction None" */
1868&(nid_objs[433]),/* "Hold Instruction Reject" */ 2387&(nid_objs[433]),/* "Hold Instruction Reject" */
2388&(nid_objs[634]),/* "ICC or token signature" */
1869&(nid_objs[294]),/* "IPSec End System" */ 2389&(nid_objs[294]),/* "IPSec End System" */
1870&(nid_objs[295]),/* "IPSec Tunnel" */ 2390&(nid_objs[295]),/* "IPSec Tunnel" */
1871&(nid_objs[296]),/* "IPSec User" */ 2391&(nid_objs[296]),/* "IPSec User" */
@@ -1914,6 +2434,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1914&(nid_objs[188]),/* "S/MIME" */ 2434&(nid_objs[188]),/* "S/MIME" */
1915&(nid_objs[167]),/* "S/MIME Capabilities" */ 2435&(nid_objs[167]),/* "S/MIME Capabilities" */
1916&(nid_objs[387]),/* "SNMPv2" */ 2436&(nid_objs[387]),/* "SNMPv2" */
2437&(nid_objs[512]),/* "Secure Electronic Transactions" */
1917&(nid_objs[386]),/* "Security" */ 2438&(nid_objs[386]),/* "Security" */
1918&(nid_objs[394]),/* "Selected Attribute Types" */ 2439&(nid_objs[394]),/* "Selected Attribute Types" */
1919&(nid_objs[143]),/* "Strong Extranet ID" */ 2440&(nid_objs[143]),/* "Strong Extranet ID" */
@@ -1948,6 +2469,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1948&(nid_objs[288]),/* "ac-targeting" */ 2469&(nid_objs[288]),/* "ac-targeting" */
1949&(nid_objs[446]),/* "account" */ 2470&(nid_objs[446]),/* "account" */
1950&(nid_objs[364]),/* "ad dvcs" */ 2471&(nid_objs[364]),/* "ad dvcs" */
2472&(nid_objs[606]),/* "additional verification" */
1951&(nid_objs[419]),/* "aes-128-cbc" */ 2473&(nid_objs[419]),/* "aes-128-cbc" */
1952&(nid_objs[421]),/* "aes-128-cfb" */ 2474&(nid_objs[421]),/* "aes-128-cfb" */
1953&(nid_objs[418]),/* "aes-128-ecb" */ 2475&(nid_objs[418]),/* "aes-128-ecb" */
@@ -1977,10 +2499,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1977&(nid_objs[111]),/* "cast5-ofb" */ 2499&(nid_objs[111]),/* "cast5-ofb" */
1978&(nid_objs[404]),/* "ccitt" */ 2500&(nid_objs[404]),/* "ccitt" */
1979&(nid_objs[152]),/* "certBag" */ 2501&(nid_objs[152]),/* "certBag" */
2502&(nid_objs[517]),/* "certificate extensions" */
1980&(nid_objs[54]),/* "challengePassword" */ 2503&(nid_objs[54]),/* "challengePassword" */
1981&(nid_objs[407]),/* "characteristic-two-field" */ 2504&(nid_objs[407]),/* "characteristic-two-field" */
1982&(nid_objs[395]),/* "clearance" */ 2505&(nid_objs[395]),/* "clearance" */
2506&(nid_objs[633]),/* "cleartext track 2" */
1983&(nid_objs[13]),/* "commonName" */ 2507&(nid_objs[13]),/* "commonName" */
2508&(nid_objs[513]),/* "content types" */
1984&(nid_objs[50]),/* "contentType" */ 2509&(nid_objs[50]),/* "contentType" */
1985&(nid_objs[53]),/* "countersignature" */ 2510&(nid_objs[53]),/* "countersignature" */
1986&(nid_objs[14]),/* "countryName" */ 2511&(nid_objs[14]),/* "countryName" */
@@ -1991,6 +2516,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1991&(nid_objs[434]),/* "data" */ 2516&(nid_objs[434]),/* "data" */
1992&(nid_objs[390]),/* "dcObject" */ 2517&(nid_objs[390]),/* "dcObject" */
1993&(nid_objs[31]),/* "des-cbc" */ 2518&(nid_objs[31]),/* "des-cbc" */
2519&(nid_objs[643]),/* "des-cdmf" */
1994&(nid_objs[30]),/* "des-cfb" */ 2520&(nid_objs[30]),/* "des-cfb" */
1995&(nid_objs[29]),/* "des-ecb" */ 2521&(nid_objs[29]),/* "des-ecb" */
1996&(nid_objs[32]),/* "des-ede" */ 2522&(nid_objs[32]),/* "des-ede" */
@@ -2027,12 +2553,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2027&(nid_objs[297]),/* "dvcs" */ 2553&(nid_objs[297]),/* "dvcs" */
2028&(nid_objs[416]),/* "ecdsa-with-SHA1" */ 2554&(nid_objs[416]),/* "ecdsa-with-SHA1" */
2029&(nid_objs[48]),/* "emailAddress" */ 2555&(nid_objs[48]),/* "emailAddress" */
2556&(nid_objs[632]),/* "encrypted track 2" */
2030&(nid_objs[56]),/* "extendedCertificateAttributes" */ 2557&(nid_objs[56]),/* "extendedCertificateAttributes" */
2031&(nid_objs[462]),/* "favouriteDrink" */ 2558&(nid_objs[462]),/* "favouriteDrink" */
2032&(nid_objs[453]),/* "friendlyCountry" */ 2559&(nid_objs[453]),/* "friendlyCountry" */
2033&(nid_objs[490]),/* "friendlyCountryName" */ 2560&(nid_objs[490]),/* "friendlyCountryName" */
2034&(nid_objs[156]),/* "friendlyName" */ 2561&(nid_objs[156]),/* "friendlyName" */
2562&(nid_objs[631]),/* "generate cryptogram" */
2035&(nid_objs[509]),/* "generationQualifier" */ 2563&(nid_objs[509]),/* "generationQualifier" */
2564&(nid_objs[601]),/* "generic cryptogram" */
2036&(nid_objs[99]),/* "givenName" */ 2565&(nid_objs[99]),/* "givenName" */
2037&(nid_objs[163]),/* "hmacWithSHA1" */ 2566&(nid_objs[163]),/* "hmacWithSHA1" */
2038&(nid_objs[486]),/* "homePostalAddress" */ 2567&(nid_objs[486]),/* "homePostalAddress" */
@@ -2214,6 +2743,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2214&(nid_objs[461]),/* "info" */ 2743&(nid_objs[461]),/* "info" */
2215&(nid_objs[101]),/* "initials" */ 2744&(nid_objs[101]),/* "initials" */
2216&(nid_objs[181]),/* "iso" */ 2745&(nid_objs[181]),/* "iso" */
2746&(nid_objs[623]),/* "issuer capabilities" */
2217&(nid_objs[492]),/* "janetMailbox" */ 2747&(nid_objs[492]),/* "janetMailbox" */
2218&(nid_objs[393]),/* "joint-iso-ccitt" */ 2748&(nid_objs[393]),/* "joint-iso-ccitt" */
2219&(nid_objs[150]),/* "keyBag" */ 2749&(nid_objs[150]),/* "keyBag" */
@@ -2234,6 +2764,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2234&(nid_objs[ 8]),/* "md5WithRSAEncryption" */ 2764&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
2235&(nid_objs[95]),/* "mdc2" */ 2765&(nid_objs[95]),/* "mdc2" */
2236&(nid_objs[96]),/* "mdc2WithRSA" */ 2766&(nid_objs[96]),/* "mdc2WithRSA" */
2767&(nid_objs[602]),/* "merchant initiated auth" */
2768&(nid_objs[514]),/* "message extensions" */
2237&(nid_objs[51]),/* "messageDigest" */ 2769&(nid_objs[51]),/* "messageDigest" */
2238&(nid_objs[506]),/* "mime-mhs-bodies" */ 2770&(nid_objs[506]),/* "mime-mhs-bodies" */
2239&(nid_objs[505]),/* "mime-mhs-headings" */ 2771&(nid_objs[505]),/* "mime-mhs-headings" */
@@ -2247,6 +2779,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2247&(nid_objs[475]),/* "otherMailbox" */ 2779&(nid_objs[475]),/* "otherMailbox" */
2248&(nid_objs[489]),/* "pagerTelephoneNumber" */ 2780&(nid_objs[489]),/* "pagerTelephoneNumber" */
2249&(nid_objs[374]),/* "path" */ 2781&(nid_objs[374]),/* "path" */
2782&(nid_objs[621]),/* "payment gateway capabilities" */
2250&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */ 2783&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
2251&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */ 2784&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
2252&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */ 2785&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
@@ -2293,6 +2826,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2293&(nid_objs[413]),/* "prime239v2" */ 2826&(nid_objs[413]),/* "prime239v2" */
2294&(nid_objs[414]),/* "prime239v3" */ 2827&(nid_objs[414]),/* "prime239v3" */
2295&(nid_objs[415]),/* "prime256v1" */ 2828&(nid_objs[415]),/* "prime256v1" */
2829&(nid_objs[510]),/* "pseudonym" */
2296&(nid_objs[435]),/* "pss" */ 2830&(nid_objs[435]),/* "pss" */
2297&(nid_objs[286]),/* "qcStatements" */ 2831&(nid_objs[286]),/* "qcStatements" */
2298&(nid_objs[457]),/* "qualityLabelledData" */ 2832&(nid_objs[457]),/* "qualityLabelledData" */
@@ -2317,6 +2851,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2317&(nid_objs[463]),/* "roomNumber" */ 2851&(nid_objs[463]),/* "roomNumber" */
2318&(nid_objs[19]),/* "rsa" */ 2852&(nid_objs[19]),/* "rsa" */
2319&(nid_objs[ 6]),/* "rsaEncryption" */ 2853&(nid_objs[ 6]),/* "rsaEncryption" */
2854&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
2320&(nid_objs[377]),/* "rsaSignature" */ 2855&(nid_objs[377]),/* "rsaSignature" */
2321&(nid_objs[124]),/* "run length compression" */ 2856&(nid_objs[124]),/* "run length compression" */
2322&(nid_objs[482]),/* "sOARecord" */ 2857&(nid_objs[482]),/* "sOARecord" */
@@ -2327,7 +2862,125 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2327&(nid_objs[159]),/* "sdsiCertificate" */ 2862&(nid_objs[159]),/* "sdsiCertificate" */
2328&(nid_objs[154]),/* "secretBag" */ 2863&(nid_objs[154]),/* "secretBag" */
2329&(nid_objs[474]),/* "secretary" */ 2864&(nid_objs[474]),/* "secretary" */
2865&(nid_objs[635]),/* "secure device signature" */
2330&(nid_objs[105]),/* "serialNumber" */ 2866&(nid_objs[105]),/* "serialNumber" */
2867&(nid_objs[625]),/* "set-addPolicy" */
2868&(nid_objs[515]),/* "set-attr" */
2869&(nid_objs[518]),/* "set-brand" */
2870&(nid_objs[638]),/* "set-brand-AmericanExpress" */
2871&(nid_objs[637]),/* "set-brand-Diners" */
2872&(nid_objs[636]),/* "set-brand-IATA-ATA" */
2873&(nid_objs[639]),/* "set-brand-JCB" */
2874&(nid_objs[641]),/* "set-brand-MasterCard" */
2875&(nid_objs[642]),/* "set-brand-Novus" */
2876&(nid_objs[640]),/* "set-brand-Visa" */
2877&(nid_objs[516]),/* "set-policy" */
2878&(nid_objs[607]),/* "set-policy-root" */
2879&(nid_objs[624]),/* "set-rootKeyThumb" */
2880&(nid_objs[620]),/* "setAttr-Cert" */
2881&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
2882&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
2883&(nid_objs[629]),/* "setAttr-IssCap-T2" */
2884&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
2885&(nid_objs[626]),/* "setAttr-Token-EMV" */
2886&(nid_objs[622]),/* "setAttr-TokenType" */
2887&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
2888&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
2889&(nid_objs[616]),/* "setCext-TokenIdentifier" */
2890&(nid_objs[618]),/* "setCext-TokenType" */
2891&(nid_objs[617]),/* "setCext-Track2Data" */
2892&(nid_objs[611]),/* "setCext-cCertRequired" */
2893&(nid_objs[609]),/* "setCext-certType" */
2894&(nid_objs[608]),/* "setCext-hashedRoot" */
2895&(nid_objs[610]),/* "setCext-merchData" */
2896&(nid_objs[613]),/* "setCext-setExt" */
2897&(nid_objs[614]),/* "setCext-setQualf" */
2898&(nid_objs[612]),/* "setCext-tunneling" */
2899&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
2900&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
2901&(nid_objs[570]),/* "setct-AuthReqTBE" */
2902&(nid_objs[534]),/* "setct-AuthReqTBS" */
2903&(nid_objs[527]),/* "setct-AuthResBaggage" */
2904&(nid_objs[571]),/* "setct-AuthResTBE" */
2905&(nid_objs[572]),/* "setct-AuthResTBEX" */
2906&(nid_objs[535]),/* "setct-AuthResTBS" */
2907&(nid_objs[536]),/* "setct-AuthResTBSX" */
2908&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
2909&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
2910&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
2911&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
2912&(nid_objs[542]),/* "setct-AuthRevResData" */
2913&(nid_objs[578]),/* "setct-AuthRevResTBE" */
2914&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
2915&(nid_objs[543]),/* "setct-AuthRevResTBS" */
2916&(nid_objs[573]),/* "setct-AuthTokenTBE" */
2917&(nid_objs[537]),/* "setct-AuthTokenTBS" */
2918&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
2919&(nid_objs[558]),/* "setct-BatchAdminReqData" */
2920&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
2921&(nid_objs[559]),/* "setct-BatchAdminResData" */
2922&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
2923&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
2924&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
2925&(nid_objs[580]),/* "setct-CapReqTBE" */
2926&(nid_objs[581]),/* "setct-CapReqTBEX" */
2927&(nid_objs[544]),/* "setct-CapReqTBS" */
2928&(nid_objs[545]),/* "setct-CapReqTBSX" */
2929&(nid_objs[546]),/* "setct-CapResData" */
2930&(nid_objs[582]),/* "setct-CapResTBE" */
2931&(nid_objs[583]),/* "setct-CapRevReqTBE" */
2932&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
2933&(nid_objs[547]),/* "setct-CapRevReqTBS" */
2934&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
2935&(nid_objs[549]),/* "setct-CapRevResData" */
2936&(nid_objs[585]),/* "setct-CapRevResTBE" */
2937&(nid_objs[538]),/* "setct-CapTokenData" */
2938&(nid_objs[530]),/* "setct-CapTokenSeq" */
2939&(nid_objs[574]),/* "setct-CapTokenTBE" */
2940&(nid_objs[575]),/* "setct-CapTokenTBEX" */
2941&(nid_objs[539]),/* "setct-CapTokenTBS" */
2942&(nid_objs[560]),/* "setct-CardCInitResTBS" */
2943&(nid_objs[566]),/* "setct-CertInqReqTBS" */
2944&(nid_objs[563]),/* "setct-CertReqData" */
2945&(nid_objs[595]),/* "setct-CertReqTBE" */
2946&(nid_objs[596]),/* "setct-CertReqTBEX" */
2947&(nid_objs[564]),/* "setct-CertReqTBS" */
2948&(nid_objs[565]),/* "setct-CertResData" */
2949&(nid_objs[597]),/* "setct-CertResTBE" */
2950&(nid_objs[586]),/* "setct-CredReqTBE" */
2951&(nid_objs[587]),/* "setct-CredReqTBEX" */
2952&(nid_objs[550]),/* "setct-CredReqTBS" */
2953&(nid_objs[551]),/* "setct-CredReqTBSX" */
2954&(nid_objs[552]),/* "setct-CredResData" */
2955&(nid_objs[588]),/* "setct-CredResTBE" */
2956&(nid_objs[589]),/* "setct-CredRevReqTBE" */
2957&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
2958&(nid_objs[553]),/* "setct-CredRevReqTBS" */
2959&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
2960&(nid_objs[555]),/* "setct-CredRevResData" */
2961&(nid_objs[591]),/* "setct-CredRevResTBE" */
2962&(nid_objs[567]),/* "setct-ErrorTBS" */
2963&(nid_objs[526]),/* "setct-HODInput" */
2964&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
2965&(nid_objs[522]),/* "setct-OIData" */
2966&(nid_objs[519]),/* "setct-PANData" */
2967&(nid_objs[521]),/* "setct-PANOnly" */
2968&(nid_objs[520]),/* "setct-PANToken" */
2969&(nid_objs[556]),/* "setct-PCertReqData" */
2970&(nid_objs[557]),/* "setct-PCertResTBS" */
2971&(nid_objs[523]),/* "setct-PI" */
2972&(nid_objs[532]),/* "setct-PI-TBS" */
2973&(nid_objs[524]),/* "setct-PIData" */
2974&(nid_objs[525]),/* "setct-PIDataUnsigned" */
2975&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
2976&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
2977&(nid_objs[531]),/* "setct-PInitResData" */
2978&(nid_objs[533]),/* "setct-PResData" */
2979&(nid_objs[594]),/* "setct-RegFormReqTBE" */
2980&(nid_objs[562]),/* "setct-RegFormResTBS" */
2981&(nid_objs[604]),/* "setext-pinAny" */
2982&(nid_objs[603]),/* "setext-pinSecure" */
2983&(nid_objs[605]),/* "setext-track2" */
2331&(nid_objs[41]),/* "sha" */ 2984&(nid_objs[41]),/* "sha" */
2332&(nid_objs[64]),/* "sha1" */ 2985&(nid_objs[64]),/* "sha1" */
2333&(nid_objs[115]),/* "sha1WithRSA" */ 2986&(nid_objs[115]),/* "sha1WithRSA" */
@@ -2369,6 +3022,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2369&(nid_objs[12]),/* OBJ_X509 2 5 4 */ 3022&(nid_objs[12]),/* OBJ_X509 2 5 4 */
2370&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */ 3023&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */
2371&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */ 3024&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */
3025&(nid_objs[512]),/* OBJ_id_set 2 23 42 */
2372&(nid_objs[435]),/* OBJ_pss 0 9 2342 */ 3026&(nid_objs[435]),/* OBJ_pss 0 9 2342 */
2373&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */ 3027&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */
2374&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */ 3028&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */
@@ -2389,6 +3043,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2389&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */ 3043&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */
2390&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */ 3044&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
2391&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */ 3045&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
3046&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
2392&(nid_objs[400]),/* OBJ_role 2 5 4 72 */ 3047&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
2393&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */ 3048&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
2394&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */ 3049&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
@@ -2408,6 +3063,12 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2408&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ 3063&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
2409&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ 3064&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */
2410&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ 3065&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */
3066&(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */
3067&(nid_objs[514]),/* OBJ_set_msgExt 2 23 42 1 */
3068&(nid_objs[515]),/* OBJ_set_attr 2 23 42 3 */
3069&(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */
3070&(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */
3071&(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */
2411&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */ 3072&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */
2412&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */ 3073&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */
2413&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */ 3074&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */
@@ -2420,6 +3081,117 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2420&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ 3081&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
2421&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ 3082&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
2422&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ 3083&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
3084&(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */
3085&(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */
3086&(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */
3087&(nid_objs[522]),/* OBJ_setct_OIData 2 23 42 0 3 */
3088&(nid_objs[523]),/* OBJ_setct_PI 2 23 42 0 4 */
3089&(nid_objs[524]),/* OBJ_setct_PIData 2 23 42 0 5 */
3090&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
3091&(nid_objs[526]),/* OBJ_setct_HODInput 2 23 42 0 7 */
3092&(nid_objs[527]),/* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
3093&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
3094&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
3095&(nid_objs[530]),/* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
3096&(nid_objs[531]),/* OBJ_setct_PInitResData 2 23 42 0 12 */
3097&(nid_objs[532]),/* OBJ_setct_PI_TBS 2 23 42 0 13 */
3098&(nid_objs[533]),/* OBJ_setct_PResData 2 23 42 0 14 */
3099&(nid_objs[534]),/* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
3100&(nid_objs[535]),/* OBJ_setct_AuthResTBS 2 23 42 0 17 */
3101&(nid_objs[536]),/* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
3102&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
3103&(nid_objs[538]),/* OBJ_setct_CapTokenData 2 23 42 0 20 */
3104&(nid_objs[539]),/* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
3105&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
3106&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
3107&(nid_objs[542]),/* OBJ_setct_AuthRevResData 2 23 42 0 24 */
3108&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
3109&(nid_objs[544]),/* OBJ_setct_CapReqTBS 2 23 42 0 26 */
3110&(nid_objs[545]),/* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
3111&(nid_objs[546]),/* OBJ_setct_CapResData 2 23 42 0 28 */
3112&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
3113&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
3114&(nid_objs[549]),/* OBJ_setct_CapRevResData 2 23 42 0 31 */
3115&(nid_objs[550]),/* OBJ_setct_CredReqTBS 2 23 42 0 32 */
3116&(nid_objs[551]),/* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
3117&(nid_objs[552]),/* OBJ_setct_CredResData 2 23 42 0 34 */
3118&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
3119&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
3120&(nid_objs[555]),/* OBJ_setct_CredRevResData 2 23 42 0 37 */
3121&(nid_objs[556]),/* OBJ_setct_PCertReqData 2 23 42 0 38 */
3122&(nid_objs[557]),/* OBJ_setct_PCertResTBS 2 23 42 0 39 */
3123&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
3124&(nid_objs[559]),/* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
3125&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
3126&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
3127&(nid_objs[562]),/* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
3128&(nid_objs[563]),/* OBJ_setct_CertReqData 2 23 42 0 45 */
3129&(nid_objs[564]),/* OBJ_setct_CertReqTBS 2 23 42 0 46 */
3130&(nid_objs[565]),/* OBJ_setct_CertResData 2 23 42 0 47 */
3131&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
3132&(nid_objs[567]),/* OBJ_setct_ErrorTBS 2 23 42 0 49 */
3133&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
3134&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
3135&(nid_objs[570]),/* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
3136&(nid_objs[571]),/* OBJ_setct_AuthResTBE 2 23 42 0 53 */
3137&(nid_objs[572]),/* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
3138&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
3139&(nid_objs[574]),/* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
3140&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
3141&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
3142&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
3143&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
3144&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
3145&(nid_objs[580]),/* OBJ_setct_CapReqTBE 2 23 42 0 62 */
3146&(nid_objs[581]),/* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
3147&(nid_objs[582]),/* OBJ_setct_CapResTBE 2 23 42 0 64 */
3148&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
3149&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
3150&(nid_objs[585]),/* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
3151&(nid_objs[586]),/* OBJ_setct_CredReqTBE 2 23 42 0 68 */
3152&(nid_objs[587]),/* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
3153&(nid_objs[588]),/* OBJ_setct_CredResTBE 2 23 42 0 70 */
3154&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
3155&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
3156&(nid_objs[591]),/* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
3157&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
3158&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
3159&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
3160&(nid_objs[595]),/* OBJ_setct_CertReqTBE 2 23 42 0 77 */
3161&(nid_objs[596]),/* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
3162&(nid_objs[597]),/* OBJ_setct_CertResTBE 2 23 42 0 79 */
3163&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
3164&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
3165&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
3166&(nid_objs[601]),/* OBJ_setext_genCrypt 2 23 42 1 1 */
3167&(nid_objs[602]),/* OBJ_setext_miAuth 2 23 42 1 3 */
3168&(nid_objs[603]),/* OBJ_setext_pinSecure 2 23 42 1 4 */
3169&(nid_objs[604]),/* OBJ_setext_pinAny 2 23 42 1 5 */
3170&(nid_objs[605]),/* OBJ_setext_track2 2 23 42 1 7 */
3171&(nid_objs[606]),/* OBJ_setext_cv 2 23 42 1 8 */
3172&(nid_objs[620]),/* OBJ_setAttr_Cert 2 23 42 3 0 */
3173&(nid_objs[621]),/* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
3174&(nid_objs[622]),/* OBJ_setAttr_TokenType 2 23 42 3 2 */
3175&(nid_objs[623]),/* OBJ_setAttr_IssCap 2 23 42 3 3 */
3176&(nid_objs[607]),/* OBJ_set_policy_root 2 23 42 5 0 */
3177&(nid_objs[608]),/* OBJ_setCext_hashedRoot 2 23 42 7 0 */
3178&(nid_objs[609]),/* OBJ_setCext_certType 2 23 42 7 1 */
3179&(nid_objs[610]),/* OBJ_setCext_merchData 2 23 42 7 2 */
3180&(nid_objs[611]),/* OBJ_setCext_cCertRequired 2 23 42 7 3 */
3181&(nid_objs[612]),/* OBJ_setCext_tunneling 2 23 42 7 4 */
3182&(nid_objs[613]),/* OBJ_setCext_setExt 2 23 42 7 5 */
3183&(nid_objs[614]),/* OBJ_setCext_setQualf 2 23 42 7 6 */
3184&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
3185&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
3186&(nid_objs[617]),/* OBJ_setCext_Track2Data 2 23 42 7 9 */
3187&(nid_objs[618]),/* OBJ_setCext_TokenType 2 23 42 7 10 */
3188&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
3189&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
3190&(nid_objs[640]),/* OBJ_set_brand_Visa 2 23 42 8 4 */
3191&(nid_objs[641]),/* OBJ_set_brand_MasterCard 2 23 42 8 5 */
3192&(nid_objs[637]),/* OBJ_set_brand_Diners 2 23 42 8 30 */
3193&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
3194&(nid_objs[639]),/* OBJ_set_brand_JCB 2 23 42 8 35 */
2423&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */ 3195&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */
2424&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */ 3196&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */
2425&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */ 3197&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */
@@ -2440,6 +3212,14 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2440&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */ 3212&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
2441&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */ 3213&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
2442&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */ 3214&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
3215&(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
3216&(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */
3217&(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
3218&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
3219&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
3220&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
3221&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
3222&(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */
2443&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ 3223&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
2444&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ 3224&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */
2445&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ 3225&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
@@ -2448,6 +3228,11 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2448&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */ 3228&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
2449&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */ 3229&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
2450&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */ 3230&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
3231&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
3232&(nid_objs[632]),/* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
3233&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
3234&(nid_objs[634]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
3235&(nid_objs[635]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
2451&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */ 3236&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */
2452&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */ 3237&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
2453&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ 3238&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
@@ -2490,6 +3275,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2490&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */ 3275&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
2491&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ 3276&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
2492&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ 3277&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
3278&(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */
2493&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */ 3279&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
2494&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */ 3280&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
2495&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */ 3281&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
@@ -2611,6 +3397,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2611&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */ 3397&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
2612&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ 3398&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
2613&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ 3399&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
3400&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
2614&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ 3401&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
2615&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ 3402&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
2616&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ 3403&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
diff --git a/src/lib/libcrypto/objects/obj_mac.h b/src/lib/libcrypto/objects/obj_mac.h
index 6d77fcba3f..899db8325c 100644
--- a/src/lib/libcrypto/objects/obj_mac.h
+++ b/src/lib/libcrypto/objects/obj_mac.h
@@ -1654,6 +1654,10 @@
1654#define NID_dnQualifier 174 1654#define NID_dnQualifier 174
1655#define OBJ_dnQualifier OBJ_X509,46L 1655#define OBJ_dnQualifier OBJ_X509,46L
1656 1656
1657#define LN_pseudonym "pseudonym"
1658#define NID_pseudonym 510
1659#define OBJ_pseudonym OBJ_X509,65L
1660
1657#define SN_role "role" 1661#define SN_role "role"
1658#define LN_role "role" 1662#define LN_role "role"
1659#define NID_role 400 1663#define NID_role 400
@@ -2305,3 +2309,550 @@
2305#define NID_documentPublisher 502 2309#define NID_documentPublisher 502
2306#define OBJ_documentPublisher OBJ_pilotAttributeType,56L 2310#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
2307 2311
2312#define SN_id_set "id-set"
2313#define LN_id_set "Secure Electronic Transactions"
2314#define NID_id_set 512
2315#define OBJ_id_set 2L,23L,42L
2316
2317#define SN_set_ctype "set-ctype"
2318#define LN_set_ctype "content types"
2319#define NID_set_ctype 513
2320#define OBJ_set_ctype OBJ_id_set,0L
2321
2322#define SN_set_msgExt "set-msgExt"
2323#define LN_set_msgExt "message extensions"
2324#define NID_set_msgExt 514
2325#define OBJ_set_msgExt OBJ_id_set,1L
2326
2327#define SN_set_attr "set-attr"
2328#define NID_set_attr 515
2329#define OBJ_set_attr OBJ_id_set,3L
2330
2331#define SN_set_policy "set-policy"
2332#define NID_set_policy 516
2333#define OBJ_set_policy OBJ_id_set,5L
2334
2335#define SN_set_certExt "set-certExt"
2336#define LN_set_certExt "certificate extensions"
2337#define NID_set_certExt 517
2338#define OBJ_set_certExt OBJ_id_set,7L
2339
2340#define SN_set_brand "set-brand"
2341#define NID_set_brand 518
2342#define OBJ_set_brand OBJ_id_set,8L
2343
2344#define SN_setct_PANData "setct-PANData"
2345#define NID_setct_PANData 519
2346#define OBJ_setct_PANData OBJ_set_ctype,0L
2347
2348#define SN_setct_PANToken "setct-PANToken"
2349#define NID_setct_PANToken 520
2350#define OBJ_setct_PANToken OBJ_set_ctype,1L
2351
2352#define SN_setct_PANOnly "setct-PANOnly"
2353#define NID_setct_PANOnly 521
2354#define OBJ_setct_PANOnly OBJ_set_ctype,2L
2355
2356#define SN_setct_OIData "setct-OIData"
2357#define NID_setct_OIData 522
2358#define OBJ_setct_OIData OBJ_set_ctype,3L
2359
2360#define SN_setct_PI "setct-PI"
2361#define NID_setct_PI 523
2362#define OBJ_setct_PI OBJ_set_ctype,4L
2363
2364#define SN_setct_PIData "setct-PIData"
2365#define NID_setct_PIData 524
2366#define OBJ_setct_PIData OBJ_set_ctype,5L
2367
2368#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
2369#define NID_setct_PIDataUnsigned 525
2370#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
2371
2372#define SN_setct_HODInput "setct-HODInput"
2373#define NID_setct_HODInput 526
2374#define OBJ_setct_HODInput OBJ_set_ctype,7L
2375
2376#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
2377#define NID_setct_AuthResBaggage 527
2378#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
2379
2380#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
2381#define NID_setct_AuthRevReqBaggage 528
2382#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
2383
2384#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
2385#define NID_setct_AuthRevResBaggage 529
2386#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
2387
2388#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
2389#define NID_setct_CapTokenSeq 530
2390#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
2391
2392#define SN_setct_PInitResData "setct-PInitResData"
2393#define NID_setct_PInitResData 531
2394#define OBJ_setct_PInitResData OBJ_set_ctype,12L
2395
2396#define SN_setct_PI_TBS "setct-PI-TBS"
2397#define NID_setct_PI_TBS 532
2398#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
2399
2400#define SN_setct_PResData "setct-PResData"
2401#define NID_setct_PResData 533
2402#define OBJ_setct_PResData OBJ_set_ctype,14L
2403
2404#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
2405#define NID_setct_AuthReqTBS 534
2406#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
2407
2408#define SN_setct_AuthResTBS "setct-AuthResTBS"
2409#define NID_setct_AuthResTBS 535
2410#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
2411
2412#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
2413#define NID_setct_AuthResTBSX 536
2414#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
2415
2416#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
2417#define NID_setct_AuthTokenTBS 537
2418#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
2419
2420#define SN_setct_CapTokenData "setct-CapTokenData"
2421#define NID_setct_CapTokenData 538
2422#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
2423
2424#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
2425#define NID_setct_CapTokenTBS 539
2426#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
2427
2428#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
2429#define NID_setct_AcqCardCodeMsg 540
2430#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
2431
2432#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
2433#define NID_setct_AuthRevReqTBS 541
2434#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
2435
2436#define SN_setct_AuthRevResData "setct-AuthRevResData"
2437#define NID_setct_AuthRevResData 542
2438#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
2439
2440#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
2441#define NID_setct_AuthRevResTBS 543
2442#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
2443
2444#define SN_setct_CapReqTBS "setct-CapReqTBS"
2445#define NID_setct_CapReqTBS 544
2446#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
2447
2448#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
2449#define NID_setct_CapReqTBSX 545
2450#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
2451
2452#define SN_setct_CapResData "setct-CapResData"
2453#define NID_setct_CapResData 546
2454#define OBJ_setct_CapResData OBJ_set_ctype,28L
2455
2456#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
2457#define NID_setct_CapRevReqTBS 547
2458#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
2459
2460#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
2461#define NID_setct_CapRevReqTBSX 548
2462#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
2463
2464#define SN_setct_CapRevResData "setct-CapRevResData"
2465#define NID_setct_CapRevResData 549
2466#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
2467
2468#define SN_setct_CredReqTBS "setct-CredReqTBS"
2469#define NID_setct_CredReqTBS 550
2470#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
2471
2472#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
2473#define NID_setct_CredReqTBSX 551
2474#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
2475
2476#define SN_setct_CredResData "setct-CredResData"
2477#define NID_setct_CredResData 552
2478#define OBJ_setct_CredResData OBJ_set_ctype,34L
2479
2480#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
2481#define NID_setct_CredRevReqTBS 553
2482#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
2483
2484#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
2485#define NID_setct_CredRevReqTBSX 554
2486#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
2487
2488#define SN_setct_CredRevResData "setct-CredRevResData"
2489#define NID_setct_CredRevResData 555
2490#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
2491
2492#define SN_setct_PCertReqData "setct-PCertReqData"
2493#define NID_setct_PCertReqData 556
2494#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
2495
2496#define SN_setct_PCertResTBS "setct-PCertResTBS"
2497#define NID_setct_PCertResTBS 557
2498#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
2499
2500#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
2501#define NID_setct_BatchAdminReqData 558
2502#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
2503
2504#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
2505#define NID_setct_BatchAdminResData 559
2506#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
2507
2508#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
2509#define NID_setct_CardCInitResTBS 560
2510#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
2511
2512#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
2513#define NID_setct_MeAqCInitResTBS 561
2514#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
2515
2516#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
2517#define NID_setct_RegFormResTBS 562
2518#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
2519
2520#define SN_setct_CertReqData "setct-CertReqData"
2521#define NID_setct_CertReqData 563
2522#define OBJ_setct_CertReqData OBJ_set_ctype,45L
2523
2524#define SN_setct_CertReqTBS "setct-CertReqTBS"
2525#define NID_setct_CertReqTBS 564
2526#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
2527
2528#define SN_setct_CertResData "setct-CertResData"
2529#define NID_setct_CertResData 565
2530#define OBJ_setct_CertResData OBJ_set_ctype,47L
2531
2532#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
2533#define NID_setct_CertInqReqTBS 566
2534#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
2535
2536#define SN_setct_ErrorTBS "setct-ErrorTBS"
2537#define NID_setct_ErrorTBS 567
2538#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
2539
2540#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
2541#define NID_setct_PIDualSignedTBE 568
2542#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
2543
2544#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
2545#define NID_setct_PIUnsignedTBE 569
2546#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
2547
2548#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
2549#define NID_setct_AuthReqTBE 570
2550#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
2551
2552#define SN_setct_AuthResTBE "setct-AuthResTBE"
2553#define NID_setct_AuthResTBE 571
2554#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
2555
2556#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
2557#define NID_setct_AuthResTBEX 572
2558#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
2559
2560#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
2561#define NID_setct_AuthTokenTBE 573
2562#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
2563
2564#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
2565#define NID_setct_CapTokenTBE 574
2566#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
2567
2568#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
2569#define NID_setct_CapTokenTBEX 575
2570#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
2571
2572#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
2573#define NID_setct_AcqCardCodeMsgTBE 576
2574#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
2575
2576#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
2577#define NID_setct_AuthRevReqTBE 577
2578#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
2579
2580#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
2581#define NID_setct_AuthRevResTBE 578
2582#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
2583
2584#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
2585#define NID_setct_AuthRevResTBEB 579
2586#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
2587
2588#define SN_setct_CapReqTBE "setct-CapReqTBE"
2589#define NID_setct_CapReqTBE 580
2590#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
2591
2592#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
2593#define NID_setct_CapReqTBEX 581
2594#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
2595
2596#define SN_setct_CapResTBE "setct-CapResTBE"
2597#define NID_setct_CapResTBE 582
2598#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
2599
2600#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
2601#define NID_setct_CapRevReqTBE 583
2602#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
2603
2604#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
2605#define NID_setct_CapRevReqTBEX 584
2606#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
2607
2608#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
2609#define NID_setct_CapRevResTBE 585
2610#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
2611
2612#define SN_setct_CredReqTBE "setct-CredReqTBE"
2613#define NID_setct_CredReqTBE 586
2614#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
2615
2616#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
2617#define NID_setct_CredReqTBEX 587
2618#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
2619
2620#define SN_setct_CredResTBE "setct-CredResTBE"
2621#define NID_setct_CredResTBE 588
2622#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
2623
2624#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
2625#define NID_setct_CredRevReqTBE 589
2626#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
2627
2628#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
2629#define NID_setct_CredRevReqTBEX 590
2630#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
2631
2632#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
2633#define NID_setct_CredRevResTBE 591
2634#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
2635
2636#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
2637#define NID_setct_BatchAdminReqTBE 592
2638#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
2639
2640#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
2641#define NID_setct_BatchAdminResTBE 593
2642#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
2643
2644#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
2645#define NID_setct_RegFormReqTBE 594
2646#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
2647
2648#define SN_setct_CertReqTBE "setct-CertReqTBE"
2649#define NID_setct_CertReqTBE 595
2650#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
2651
2652#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
2653#define NID_setct_CertReqTBEX 596
2654#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
2655
2656#define SN_setct_CertResTBE "setct-CertResTBE"
2657#define NID_setct_CertResTBE 597
2658#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
2659
2660#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
2661#define NID_setct_CRLNotificationTBS 598
2662#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
2663
2664#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
2665#define NID_setct_CRLNotificationResTBS 599
2666#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
2667
2668#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
2669#define NID_setct_BCIDistributionTBS 600
2670#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
2671
2672#define SN_setext_genCrypt "setext-genCrypt"
2673#define LN_setext_genCrypt "generic cryptogram"
2674#define NID_setext_genCrypt 601
2675#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
2676
2677#define SN_setext_miAuth "setext-miAuth"
2678#define LN_setext_miAuth "merchant initiated auth"
2679#define NID_setext_miAuth 602
2680#define OBJ_setext_miAuth OBJ_set_msgExt,3L
2681
2682#define SN_setext_pinSecure "setext-pinSecure"
2683#define NID_setext_pinSecure 603
2684#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
2685
2686#define SN_setext_pinAny "setext-pinAny"
2687#define NID_setext_pinAny 604
2688#define OBJ_setext_pinAny OBJ_set_msgExt,5L
2689
2690#define SN_setext_track2 "setext-track2"
2691#define NID_setext_track2 605
2692#define OBJ_setext_track2 OBJ_set_msgExt,7L
2693
2694#define SN_setext_cv "setext-cv"
2695#define LN_setext_cv "additional verification"
2696#define NID_setext_cv 606
2697#define OBJ_setext_cv OBJ_set_msgExt,8L
2698
2699#define SN_set_policy_root "set-policy-root"
2700#define NID_set_policy_root 607
2701#define OBJ_set_policy_root OBJ_set_policy,0L
2702
2703#define SN_setCext_hashedRoot "setCext-hashedRoot"
2704#define NID_setCext_hashedRoot 608
2705#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
2706
2707#define SN_setCext_certType "setCext-certType"
2708#define NID_setCext_certType 609
2709#define OBJ_setCext_certType OBJ_set_certExt,1L
2710
2711#define SN_setCext_merchData "setCext-merchData"
2712#define NID_setCext_merchData 610
2713#define OBJ_setCext_merchData OBJ_set_certExt,2L
2714
2715#define SN_setCext_cCertRequired "setCext-cCertRequired"
2716#define NID_setCext_cCertRequired 611
2717#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
2718
2719#define SN_setCext_tunneling "setCext-tunneling"
2720#define NID_setCext_tunneling 612
2721#define OBJ_setCext_tunneling OBJ_set_certExt,4L
2722
2723#define SN_setCext_setExt "setCext-setExt"
2724#define NID_setCext_setExt 613
2725#define OBJ_setCext_setExt OBJ_set_certExt,5L
2726
2727#define SN_setCext_setQualf "setCext-setQualf"
2728#define NID_setCext_setQualf 614
2729#define OBJ_setCext_setQualf OBJ_set_certExt,6L
2730
2731#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
2732#define NID_setCext_PGWYcapabilities 615
2733#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
2734
2735#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
2736#define NID_setCext_TokenIdentifier 616
2737#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
2738
2739#define SN_setCext_Track2Data "setCext-Track2Data"
2740#define NID_setCext_Track2Data 617
2741#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
2742
2743#define SN_setCext_TokenType "setCext-TokenType"
2744#define NID_setCext_TokenType 618
2745#define OBJ_setCext_TokenType OBJ_set_certExt,10L
2746
2747#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
2748#define NID_setCext_IssuerCapabilities 619
2749#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
2750
2751#define SN_setAttr_Cert "setAttr-Cert"
2752#define NID_setAttr_Cert 620
2753#define OBJ_setAttr_Cert OBJ_set_attr,0L
2754
2755#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
2756#define LN_setAttr_PGWYcap "payment gateway capabilities"
2757#define NID_setAttr_PGWYcap 621
2758#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
2759
2760#define SN_setAttr_TokenType "setAttr-TokenType"
2761#define NID_setAttr_TokenType 622
2762#define OBJ_setAttr_TokenType OBJ_set_attr,2L
2763
2764#define SN_setAttr_IssCap "setAttr-IssCap"
2765#define LN_setAttr_IssCap "issuer capabilities"
2766#define NID_setAttr_IssCap 623
2767#define OBJ_setAttr_IssCap OBJ_set_attr,3L
2768
2769#define SN_set_rootKeyThumb "set-rootKeyThumb"
2770#define NID_set_rootKeyThumb 624
2771#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
2772
2773#define SN_set_addPolicy "set-addPolicy"
2774#define NID_set_addPolicy 625
2775#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
2776
2777#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
2778#define NID_setAttr_Token_EMV 626
2779#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
2780
2781#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
2782#define NID_setAttr_Token_B0Prime 627
2783#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
2784
2785#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
2786#define NID_setAttr_IssCap_CVM 628
2787#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
2788
2789#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
2790#define NID_setAttr_IssCap_T2 629
2791#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
2792
2793#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
2794#define NID_setAttr_IssCap_Sig 630
2795#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
2796
2797#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
2798#define LN_setAttr_GenCryptgrm "generate cryptogram"
2799#define NID_setAttr_GenCryptgrm 631
2800#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
2801
2802#define SN_setAttr_T2Enc "setAttr-T2Enc"
2803#define LN_setAttr_T2Enc "encrypted track 2"
2804#define NID_setAttr_T2Enc 632
2805#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
2806
2807#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
2808#define LN_setAttr_T2cleartxt "cleartext track 2"
2809#define NID_setAttr_T2cleartxt 633
2810#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
2811
2812#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
2813#define LN_setAttr_TokICCsig "ICC or token signature"
2814#define NID_setAttr_TokICCsig 634
2815#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
2816
2817#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
2818#define LN_setAttr_SecDevSig "secure device signature"
2819#define NID_setAttr_SecDevSig 635
2820#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
2821
2822#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
2823#define NID_set_brand_IATA_ATA 636
2824#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
2825
2826#define SN_set_brand_Diners "set-brand-Diners"
2827#define NID_set_brand_Diners 637
2828#define OBJ_set_brand_Diners OBJ_set_brand,30L
2829
2830#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
2831#define NID_set_brand_AmericanExpress 638
2832#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
2833
2834#define SN_set_brand_JCB "set-brand-JCB"
2835#define NID_set_brand_JCB 639
2836#define OBJ_set_brand_JCB OBJ_set_brand,35L
2837
2838#define SN_set_brand_Visa "set-brand-Visa"
2839#define NID_set_brand_Visa 640
2840#define OBJ_set_brand_Visa OBJ_set_brand,4L
2841
2842#define SN_set_brand_MasterCard "set-brand-MasterCard"
2843#define NID_set_brand_MasterCard 641
2844#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
2845
2846#define SN_set_brand_Novus "set-brand-Novus"
2847#define NID_set_brand_Novus 642
2848#define OBJ_set_brand_Novus OBJ_set_brand,6011L
2849
2850#define SN_des_cdmf "DES-CDMF"
2851#define LN_des_cdmf "des-cdmf"
2852#define NID_des_cdmf 643
2853#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
2854
2855#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
2856#define NID_rsaOAEPEncryptionSET 644
2857#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
2858
diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl
index b4da364bbf..519d8a5867 100644
--- a/src/lib/libcrypto/perlasm/x86nasm.pl
+++ b/src/lib/libcrypto/perlasm/x86nasm.pl
@@ -209,7 +209,7 @@ sub using486
209 209
210sub main'file 210sub main'file
211 { 211 {
212 push(@out, "segment .text\n"); 212 push(@out, "segment .text use32\n");
213 } 213 }
214 214
215sub main'function_begin 215sub main'function_begin
diff --git a/src/lib/libcrypto/pkcs7/verify.c b/src/lib/libcrypto/pkcs7/verify.c
index 5f7afe8933..b40f26032e 100644
--- a/src/lib/libcrypto/pkcs7/verify.c
+++ b/src/lib/libcrypto/pkcs7/verify.c
@@ -179,10 +179,11 @@ char *argv[];
179 { 179 {
180 ASN1_UTCTIME *tm; 180 ASN1_UTCTIME *tm;
181 char *str1,*str2; 181 char *str1,*str2;
182 int rc;
182 183
183 si=sk_PKCS7_SIGNER_INFO_value(sk,i); 184 si=sk_PKCS7_SIGNER_INFO_value(sk,i);
184 i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si); 185 rc=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
185 if (i <= 0) 186 if (rc <= 0)
186 goto err; 187 goto err;
187 printf("signer info\n"); 188 printf("signer info\n");
188 if ((tm=get_signed_time(si)) != NULL) 189 if ((tm=get_signed_time(si)) != NULL)
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
index 97ed12cf67..abc3ac27d5 100644
--- a/src/lib/libcrypto/rand/rand_egd.c
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -94,7 +94,7 @@
94 * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. 94 * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
95 */ 95 */
96 96
97#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) 97#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(__DJGPP__)
98int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) 98int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
99 { 99 {
100 return(-1); 100 return(-1);
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
index 5a78009e9a..ec09d74603 100644
--- a/src/lib/libcrypto/rand/rand_unix.c
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -109,6 +109,8 @@
109 * 109 *
110 */ 110 */
111 111
112#define USE_SOCKETS
113#include "e_os.h"
112#include "cryptlib.h" 114#include "cryptlib.h"
113#include <openssl/rand.h> 115#include <openssl/rand.h>
114#include "rand_lcl.h" 116#include "rand_lcl.h"
diff --git a/src/lib/libcrypto/symhacks.h b/src/lib/libcrypto/symhacks.h
index de0f452b47..774162fec9 100644
--- a/src/lib/libcrypto/symhacks.h
+++ b/src/lib/libcrypto/symhacks.h
@@ -247,7 +247,7 @@
247 247
248 248
249/* Case insensiteve linking causes problems.... */ 249/* Case insensiteve linking causes problems.... */
250#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) 250#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
251#undef ERR_load_CRYPTO_strings 251#undef ERR_load_CRYPTO_strings
252#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings 252#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
253#undef OCSP_crlID_new 253#undef OCSP_crlID_new
diff --git a/src/lib/libcrypto/util/dirname.pl b/src/lib/libcrypto/util/dirname.pl
new file mode 100644
index 0000000000..d7a66d96ac
--- /dev/null
+++ b/src/lib/libcrypto/util/dirname.pl
@@ -0,0 +1,18 @@
1#!/usr/local/bin/perl
2
3if ($#ARGV < 0) {
4 die "dirname.pl: too few arguments\n";
5} elsif ($#ARGV > 0) {
6 die "dirname.pl: too many arguments\n";
7}
8
9my $d = $ARGV[0];
10
11if ($d =~ m|.*/.*|) {
12 $d =~ s|/[^/]*$||;
13} else {
14 $d = ".";
15}
16
17print $d,"\n";
18exit(0);
diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd
index aa99cb0523..8cbe383c16 100644
--- a/src/lib/libcrypto/util/domd
+++ b/src/lib/libcrypto/util/domd
@@ -18,11 +18,11 @@ if [ "$MAKEDEPEND" = "gcc" ]; then
18 sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp 18 sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp
19 echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp 19 echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
20 gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp 20 gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp
21 perl $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new 21 ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
22 rm -f Makefile.tmp 22 rm -f Makefile.tmp
23else 23else
24 ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@ 24 ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@
25 perl $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new 25 ${PERL} $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new
26fi 26fi
27mv Makefile.new Makefile.ssl 27mv Makefile.new Makefile.ssl
28# unfake the presence of Kerberos 28# unfake the presence of Kerberos
diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num
index b74749e5de..512185e257 100644
--- a/src/lib/libcrypto/util/libeay.num
+++ b/src/lib/libcrypto/util/libeay.num
@@ -701,7 +701,7 @@ bn_mul_words 707 EXIST::FUNCTION:
701BN_uadd 708 EXIST::FUNCTION: 701BN_uadd 708 EXIST::FUNCTION:
702BN_usub 709 EXIST::FUNCTION: 702BN_usub 709 EXIST::FUNCTION:
703bn_sqr_words 710 EXIST::FUNCTION: 703bn_sqr_words 710 EXIST::FUNCTION:
704_ossl_old_crypt 711 EXIST:!NeXT,!PERL5,!__FreeBSD__:FUNCTION:DES 704_ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES
705d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION: 705d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION:
706d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION: 706d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION:
707d2i_ASN1_HEADER 714 EXIST::FUNCTION: 707d2i_ASN1_HEADER 714 EXIST::FUNCTION:
@@ -984,8 +984,8 @@ BIO_ghbn_ctrl 1003 EXIST::FUNCTION:
984CRYPTO_free_ex_data 1004 EXIST::FUNCTION: 984CRYPTO_free_ex_data 1004 EXIST::FUNCTION:
985CRYPTO_get_ex_data 1005 EXIST::FUNCTION: 985CRYPTO_get_ex_data 1005 EXIST::FUNCTION:
986CRYPTO_set_ex_data 1007 EXIST::FUNCTION: 986CRYPTO_set_ex_data 1007 EXIST::FUNCTION:
987ERR_load_CRYPTO_strings 1009 EXIST:!VMS,!WIN16:FUNCTION: 987ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS,!WIN16:FUNCTION:
988ERR_load_CRYPTOlib_strings 1009 EXIST:VMS,WIN16:FUNCTION: 988ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS,WIN16:FUNCTION:
989EVP_PKEY_bits 1010 EXIST::FUNCTION: 989EVP_PKEY_bits 1010 EXIST::FUNCTION:
990MD5_Transform 1011 EXIST::FUNCTION:MD5 990MD5_Transform 1011 EXIST::FUNCTION:MD5
991SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1 991SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1
@@ -1216,7 +1216,7 @@ name_cmp 1239 EXIST::FUNCTION:
1216str_dup 1240 NOEXIST::FUNCTION: 1216str_dup 1240 NOEXIST::FUNCTION:
1217i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION: 1217i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION:
1218i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION: 1218i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION:
1219BIO_s_log 1243 EXIST:!WIN16,!WIN32,!macintosh:FUNCTION: 1219BIO_s_log 1243 EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION:
1220BIO_f_reliable 1244 EXIST::FUNCTION:BIO 1220BIO_f_reliable 1244 EXIST::FUNCTION:BIO
1221PKCS7_dataFinal 1245 EXIST::FUNCTION: 1221PKCS7_dataFinal 1245 EXIST::FUNCTION:
1222PKCS7_dataDecode 1246 EXIST::FUNCTION: 1222PKCS7_dataDecode 1246 EXIST::FUNCTION:
@@ -2732,8 +2732,8 @@ EC_POINT_point2oct 3178 EXIST::FUNCTION:EC
2732KRB5_APREQ_free 3179 EXIST::FUNCTION: 2732KRB5_APREQ_free 3179 EXIST::FUNCTION:
2733ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: 2733ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
2734ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: 2734ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
2735OCSP_crlID_new 3181 EXIST:!VMS,!WIN16:FUNCTION: 2735OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION:
2736OCSP_crlID2_new 3181 EXIST:VMS,WIN16:FUNCTION: 2736OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION:
2737CONF_modules_load_file 3182 EXIST::FUNCTION: 2737CONF_modules_load_file 3182 EXIST::FUNCTION:
2738CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: 2738CONF_imodule_set_usr_data 3183 EXIST::FUNCTION:
2739ENGINE_set_default_string 3184 EXIST::FUNCTION: 2739ENGINE_set_default_string 3184 EXIST::FUNCTION:
@@ -2774,3 +2774,21 @@ AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES
2774AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES 2774AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES
2775ENGINE_load_4758cca 3218 EXIST::FUNCTION: 2775ENGINE_load_4758cca 3218 EXIST::FUNCTION:
2776_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES 2776_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES
2777EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES
2778EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES
2779EVP_aes_128_cfb 3222 EXIST::FUNCTION:AES
2780EVP_aes_256_cfb 3223 EXIST::FUNCTION:AES
2781EVP_aes_128_ofb 3224 EXIST::FUNCTION:AES
2782EVP_aes_192_cfb 3225 EXIST::FUNCTION:AES
2783CONF_modules_free 3226 EXIST::FUNCTION:
2784NCONF_default 3227 EXIST::FUNCTION:
2785OPENSSL_no_config 3228 EXIST::FUNCTION:
2786NCONF_WIN32 3229 EXIST::FUNCTION:
2787ASN1_UNIVERSALSTRING_new 3230 EXIST::FUNCTION:
2788EVP_des_ede_ecb 3231 EXIST::FUNCTION:DES
2789i2d_ASN1_UNIVERSALSTRING 3232 EXIST::FUNCTION:
2790ASN1_UNIVERSALSTRING_free 3233 EXIST::FUNCTION:
2791ASN1_UNIVERSALSTRING_it 3234 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
2792ASN1_UNIVERSALSTRING_it 3234 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
2793d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION:
2794EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl
index 8b6b2e668a..c9271bbffe 100644
--- a/src/lib/libcrypto/util/mk1mf.pl
+++ b/src/lib/libcrypto/util/mk1mf.pl
@@ -100,7 +100,7 @@ $out_def="out";
100$inc_def="outinc"; 100$inc_def="outinc";
101$tmp_def="tmp"; 101$tmp_def="tmp";
102 102
103$mkdir="mkdir"; 103$mkdir="-mkdir";
104 104
105($ssl,$crypto)=("ssl","crypto"); 105($ssl,$crypto)=("ssl","crypto");
106$ranlib="echo ranlib"; 106$ranlib="echo ranlib";
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl
index 071036a6d2..adfd447dd3 100644
--- a/src/lib/libcrypto/util/mkdef.pl
+++ b/src/lib/libcrypto/util/mkdef.pl
@@ -43,8 +43,8 @@
43# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found 43# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found
44# in the file crypto/symhacks.h. 44# in the file crypto/symhacks.h.
45# The semantics for the platforms is that every item is checked against the 45# The semantics for the platforms is that every item is checked against the
46# enviroment. For the negative items ("!FOO"), if any of them is false 46# environment. For the negative items ("!FOO"), if any of them is false
47# (i.e. "FOO" is true) in the enviroment, the corresponding symbol can't be 47# (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
48# used. For the positive itms, if all of them are false in the environment, 48# used. For the positive itms, if all of them are false in the environment,
49# the corresponding symbol can't be used. Any combination of positive and 49# the corresponding symbol can't be used. Any combination of positive and
50# negative items are possible, and of course leave room for some redundancy. 50# negative items are possible, and of course leave room for some redundancy.
@@ -58,6 +58,7 @@ my $debug=0;
58 58
59my $crypto_num= "util/libeay.num"; 59my $crypto_num= "util/libeay.num";
60my $ssl_num= "util/ssleay.num"; 60my $ssl_num= "util/ssleay.num";
61my $libname;
61 62
62my $do_update = 0; 63my $do_update = 0;
63my $do_rewrite = 1; 64my $do_rewrite = 1;
@@ -73,12 +74,13 @@ my $VMS=0;
73my $W32=0; 74my $W32=0;
74my $W16=0; 75my $W16=0;
75my $NT=0; 76my $NT=0;
77my $OS2=0;
76# Set this to make typesafe STACK definitions appear in DEF 78# Set this to make typesafe STACK definitions appear in DEF
77my $safe_stack_def = 0; 79my $safe_stack_def = 0;
78 80
79my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", 81my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
80 "EXPORT_VAR_AS_FUNCTION" ); 82 "EXPORT_VAR_AS_FUNCTION" );
81my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT" ); 83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
82my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", 84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
83 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", 85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
84 "RIPEMD", 86 "RIPEMD",
@@ -126,11 +128,18 @@ foreach (@ARGV, split(/ /, $options))
126 $VMSAlpha=1; 128 $VMSAlpha=1;
127 } 129 }
128 $VMS=1 if $_ eq "VMS"; 130 $VMS=1 if $_ eq "VMS";
131 $OS2=1 if $_ eq "OS2";
129 132
130 $do_ssl=1 if $_ eq "ssleay"; 133 $do_ssl=1 if $_ eq "ssleay";
131 $do_ssl=1 if $_ eq "ssl"; 134 if ($_ eq "ssl") {
135 $do_ssl=1;
136 $libname=$_
137 }
132 $do_crypto=1 if $_ eq "libeay"; 138 $do_crypto=1 if $_ eq "libeay";
133 $do_crypto=1 if $_ eq "crypto"; 139 if ($_ eq "crypto") {
140 $do_crypto=1;
141 $libname=$_;
142 }
134 $do_update=1 if $_ eq "update"; 143 $do_update=1 if $_ eq "update";
135 $do_rewrite=1 if $_ eq "rewrite"; 144 $do_rewrite=1 if $_ eq "rewrite";
136 $do_ctest=1 if $_ eq "ctest"; 145 $do_ctest=1 if $_ eq "ctest";
@@ -170,8 +179,17 @@ foreach (@ARGV, split(/ /, $options))
170 } 179 }
171 180
172 181
182if (!$libname) {
183 if ($do_ssl) {
184 $libname="SSLEAY";
185 }
186 if ($do_crypto) {
187 $libname="LIBEAY";
188 }
189}
190
173# If no platform is given, assume WIN32 191# If no platform is given, assume WIN32
174if ($W32 + $W16 + $VMS == 0) { 192if ($W32 + $W16 + $VMS + $OS2 == 0) {
175 $W32 = 1; 193 $W32 = 1;
176} 194}
177 195
@@ -182,7 +200,7 @@ if ($W16) {
182 200
183if (!$do_ssl && !$do_crypto) 201if (!$do_ssl && !$do_crypto)
184 { 202 {
185 print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ]\n"; 203 print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n";
186 exit(1); 204 exit(1);
187 } 205 }
188 206
@@ -305,10 +323,10 @@ EOF
305 323
306} else { 324} else {
307 325
308 &print_def_file(*STDOUT,"SSLEAY",*ssl_list,@ssl_symbols) 326 &print_def_file(*STDOUT,$libname,*ssl_list,@ssl_symbols)
309 if $do_ssl == 1; 327 if $do_ssl == 1;
310 328
311 &print_def_file(*STDOUT,"LIBEAY",*crypto_list,@crypto_symbols) 329 &print_def_file(*STDOUT,$libname,*crypto_list,@crypto_symbols)
312 if $do_crypto == 1; 330 if $do_crypto == 1;
313 331
314} 332}
@@ -995,6 +1013,7 @@ sub is_valid
995 if ($keyword eq "WIN32" && $W32) { return 1; } 1013 if ($keyword eq "WIN32" && $W32) { return 1; }
996 if ($keyword eq "WIN16" && $W16) { return 1; } 1014 if ($keyword eq "WIN16" && $W16) { return 1; }
997 if ($keyword eq "WINNT" && $NT) { return 1; } 1015 if ($keyword eq "WINNT" && $NT) { return 1; }
1016 if ($keyword eq "OS2" && $OS2) { return 1; }
998 # Special platforms: 1017 # Special platforms:
999 # EXPORT_VAR_AS_FUNCTION means that global variables 1018 # EXPORT_VAR_AS_FUNCTION means that global variables
1000 # will be represented as functions. This currently 1019 # will be represented as functions. This currently
@@ -1092,24 +1111,27 @@ sub print_def_file
1092{ 1111{
1093 (*OUT,my $name,*nums,my @symbols)=@_; 1112 (*OUT,my $name,*nums,my @symbols)=@_;
1094 my $n = 1; my @e; my @r; my @v; my $prev=""; 1113 my $n = 1; my @e; my @r; my @v; my $prev="";
1114 my $liboptions="";
1095 1115
1096 if ($W32) 1116 if ($W32)
1097 { $name.="32"; } 1117 { $name.="32"; }
1098 else 1118 elsif ($W16)
1099 { $name.="16"; } 1119 { $name.="16"; }
1120 elsif ($OS2)
1121 { $liboptions = "INITINSTANCE\nDATA NONSHARED"; }
1100 1122
1101 print OUT <<"EOF"; 1123 print OUT <<"EOF";
1102; 1124;
1103; Definition file for the DLL version of the $name library from OpenSSL 1125; Definition file for the DLL version of the $name library from OpenSSL
1104; 1126;
1105 1127
1106LIBRARY $name 1128LIBRARY $name $liboptions
1107 1129
1108DESCRIPTION 'OpenSSL $name - http://www.openssl.org/' 1130DESCRIPTION 'OpenSSL $name - http://www.openssl.org/'
1109 1131
1110EOF 1132EOF
1111 1133
1112 if (!$W32) { 1134 if ($W16) {
1113 print <<"EOF"; 1135 print <<"EOF";
1114CODE PRELOAD MOVEABLE 1136CODE PRELOAD MOVEABLE
1115DATA PRELOAD MOVEABLE SINGLE 1137DATA PRELOAD MOVEABLE SINGLE
@@ -1148,10 +1170,10 @@ EOF
1148 print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n"; 1170 print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
1149 } 1171 }
1150 $prev = $s2; # To warn about duplicates... 1172 $prev = $s2; # To warn about duplicates...
1151 if($v) { 1173 if($v && !$OS2) {
1152 printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n; 1174 printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n;
1153 } else { 1175 } else {
1154 printf OUT " %s%-39s @%d\n",($W32)?"":"_",$s2,$n; 1176 printf OUT " %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n;
1155 } 1177 }
1156 } 1178 }
1157 } 1179 }
diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl
index 9e9c9a5146..9386da7aa4 100644
--- a/src/lib/libcrypto/util/mklink.pl
+++ b/src/lib/libcrypto/util/mklink.pl
@@ -18,10 +18,10 @@
18my $from = shift; 18my $from = shift;
19my @files = @ARGV; 19my @files = @ARGV;
20 20
21my @from_path = split(/\//, $from); 21my @from_path = split(/[\\\/]/, $from);
22my $pwd = `pwd`; 22my $pwd = `pwd`;
23chop($pwd); 23chop($pwd);
24my @pwd_path = split(/\//, $pwd); 24my @pwd_path = split(/[\\\/]/, $pwd);
25 25
26my @to_path = (); 26my @to_path = ();
27 27
@@ -54,7 +54,16 @@ foreach $file (@files) {
54 if ($symlink_exists) { 54 if ($symlink_exists) {
55 symlink("$to/$file", "$from/$file") or $err = " [$!]"; 55 symlink("$to/$file", "$from/$file") or $err = " [$!]";
56 } else { 56 } else {
57 system ("cp", "$file", "$from/$file") and $err = " [$!]"; 57 unlink "$from/$file";
58 open (OLD, "<$file") or die "Can't open $file: $!";
59 open (NEW, ">$from/$file") or die "Can't open $from/$file: $!";
60 binmode(OLD);
61 binmode(NEW);
62 while (<OLD>) {
63 print NEW $_;
64 }
65 close (OLD) or die "Can't close $file: $!";
66 close (NEW) or die "Can't close $from/$file: $!";
58 } 67 }
59 print $file . " => $from/$file$err\n"; 68 print $file . " => $from/$file$err\n";
60} 69}
diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl
index 78d60616a6..bd7a9d9301 100644
--- a/src/lib/libcrypto/util/pl/BC-32.pl
+++ b/src/lib/libcrypto/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $out_def="out32";
18$tmp_def="tmp32"; 18$tmp_def="tmp32";
19$inc_def="inc32"; 19$inc_def="inc32";
20#enable max error messages, disable most common warnings 20#enable max error messages, disable most common warnings
21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 "; 21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp ";
22if ($debug) 22if ($debug)
23{ 23{
24 $cflags.="-Od -y -v -vi- -D_DEBUG"; 24 $cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -51,9 +51,9 @@ $lfile='';
51$shlib_ex_obj=""; 51$shlib_ex_obj="";
52$app_ex_obj="c0x32.obj"; 52$app_ex_obj="c0x32.obj";
53 53
54$asm='n_o_T_a_s_m'; 54$asm='nasmw';
55$asm.=" /Zi" if $debug; 55$asm.=" /Zi" if $debug;
56$afile='/Fo'; 56$afile='-f obj -o';
57 57
58$bn_mulw_obj=''; 58$bn_mulw_obj='';
59$bn_mulw_src=''; 59$bn_mulw_src='';
@@ -64,24 +64,24 @@ $bf_enc_src='';
64 64
65if (!$no_asm) 65if (!$no_asm)
66 { 66 {
67 $bn_mulw_obj='crypto\bn\asm\bn-win32.obj'; 67 $bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
68 $bn_mulw_src='crypto\bn\asm\bn-win32.asm'; 68 $bn_mulw_src='crypto\bn\asm\bn_win32.asm';
69 $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; 69 $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
70 $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; 70 $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
71 $bf_enc_obj='crypto\bf\asm\b-win32.obj'; 71 $bf_enc_obj='crypto\bf\asm\b_win32.obj';
72 $bf_enc_src='crypto\bf\asm\b-win32.asm'; 72 $bf_enc_src='crypto\bf\asm\b_win32.asm';
73 $cast_enc_obj='crypto\cast\asm\c-win32.obj'; 73 $cast_enc_obj='crypto\cast\asm\c_win32.obj';
74 $cast_enc_src='crypto\cast\asm\c-win32.asm'; 74 $cast_enc_src='crypto\cast\asm\c_win32.asm';
75 $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj'; 75 $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
76 $rc4_enc_src='crypto\rc4\asm\r4-win32.asm'; 76 $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
77 $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj'; 77 $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
78 $rc5_enc_src='crypto\rc5\asm\r5-win32.asm'; 78 $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
79 $md5_asm_obj='crypto\md5\asm\m5-win32.obj'; 79 $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
80 $md5_asm_src='crypto\md5\asm\m5-win32.asm'; 80 $md5_asm_src='crypto\md5\asm\m5_win32.asm';
81 $sha1_asm_obj='crypto\sha\asm\s1-win32.obj'; 81 $sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
82 $sha1_asm_src='crypto\sha\asm\s1-win32.asm'; 82 $sha1_asm_src='crypto\sha\asm\s1_win32.asm';
83 $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj'; 83 $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
84 $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm'; 84 $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
85 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; 85 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
86 } 86 }
87 87
diff --git a/src/lib/libcrypto/util/pl/OS2-EMX.pl b/src/lib/libcrypto/util/pl/OS2-EMX.pl
index 57180556ca..d695dda623 100644
--- a/src/lib/libcrypto/util/pl/OS2-EMX.pl
+++ b/src/lib/libcrypto/util/pl/OS2-EMX.pl
@@ -10,18 +10,20 @@ $rm='rm -f';
10# C compiler stuff 10# C compiler stuff
11 11
12$cc='gcc'; 12$cc='gcc';
13$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmt -Wall "; 13$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall ";
14$cflags.="-Zomf " if $shlib;
15$shl_cflag="-Zdll";
14 16
15if ($debug) { 17if ($debug) {
16 $cflags.="-g "; 18 $cflags.="-g ";
17} 19}
18 20
19$obj='.o'; 21$obj=$shlib ? '.obj' : '.o';
20$ofile='-o '; 22$ofile='-o ';
21 23
22# EXE linking stuff 24# EXE linking stuff
23$link='${CC}'; 25$link='${CC}';
24$lflags='${CFLAGS} -Zbsd-signals'; 26$lflags='${CFLAGS} -Zbsd-signals -s';
25$efile='-o '; 27$efile='-o ';
26$exep='.exe'; 28$exep='.exe';
27$ex_libs="-lsocket"; 29$ex_libs="-lsocket";
@@ -30,12 +32,12 @@ $ex_libs="-lsocket";
30$mklib='ar r'; 32$mklib='ar r';
31$mlflags=''; 33$mlflags='';
32$ranlib="ar s"; 34$ranlib="ar s";
33$plib='lib'; 35$plib='';
34$libp=".a"; 36$libp=$shlib ? ".lib" : ".a";
35$shlibp=".a"; 37$shlibp=$shlib ? ".dll" : ".a";
36$lfile=''; 38$lfile='';
37 39
38$asm='as'; 40$asm=$shlib ? 'as -Zomf' : 'as';
39$afile='-o '; 41$afile='-o ';
40$bn_asm_obj=""; 42$bn_asm_obj="";
41$bn_asm_src=""; 43$bn_asm_src="";
@@ -46,24 +48,32 @@ $bf_enc_src="";
46 48
47if (!$no_asm) 49if (!$no_asm)
48 { 50 {
49 $bn_asm_obj='crypto\bn\asm\bn-os2.o crypto\bn\asm\co-os2.o'; 51 $bn_asm_obj="crypto\\bn\\asm\\bn-os2$obj crypto\\bn\\asm\\co-os2$obj";
50 $bn_asm_src='crypto\bn\asm\bn-os2.asm crypto\bn\asm\co-os2.asm'; 52 $bn_asm_src="crypto\\bn\\asm\\bn-os2.asm crypto\\bn\\asm\\co-os2.asm";
51 $des_enc_obj='crypto\des\asm\d-os2.o crypto\des\asm\y-os2.o'; 53 $des_enc_obj="crypto\\des\\asm\\d-os2$obj crypto\\des\\asm\\y-os2$obj";
52 $des_enc_src='crypto\des\asm\d-os2.asm crypto\des\asm\y-os2.asm'; 54 $des_enc_src="crypto\\des\\asm\\d-os2.asm crypto\\des\\asm\\y-os2.asm";
53 $bf_enc_obj='crypto\bf\asm\b-os2.o'; 55 $bf_enc_obj="crypto\\bf\\asm\\b-os2$obj";
54 $bf_enc_src='crypto\bf\asm\b-os2.asm'; 56 $bf_enc_src="crypto\\bf\\asm\\b-os2.asm";
55 $cast_enc_obj='crypto\cast\asm\c-os2.o'; 57 $cast_enc_obj="crypto\\cast\\asm\\c-os2$obj";
56 $cast_enc_src='crypto\cast\asm\c-os2.asm'; 58 $cast_enc_src="crypto\\cast\\asm\\c-os2.asm";
57 $rc4_enc_obj='crypto\rc4\asm\r4-os2.o'; 59 $rc4_enc_obj="crypto\\rc4\\asm\\r4-os2$obj";
58 $rc4_enc_src='crypto\rc4\asm\r4-os2.asm'; 60 $rc4_enc_src="crypto\\rc4\\asm\\r4-os2.asm";
59 $rc5_enc_obj='crypto\rc5\asm\r5-os2.o'; 61 $rc5_enc_obj="crypto\\rc5\\asm\\r5-os2$obj";
60 $rc5_enc_src='crypto\rc5\asm\r5-os2.asm'; 62 $rc5_enc_src="crypto\\rc5\\asm\\r5-os2.asm";
61 $md5_asm_obj='crypto\md5\asm\m5-os2.o'; 63 $md5_asm_obj="crypto\\md5\\asm\\m5-os2$obj";
62 $md5_asm_src='crypto\md5\asm\m5-os2.asm'; 64 $md5_asm_src="crypto\\md5\\asm\\m5-os2.asm";
63 $sha1_asm_obj='crypto\sha\asm\s1-os2.o'; 65 $sha1_asm_obj="crypto\\sha\\asm\\s1-os2$obj";
64 $sha1_asm_src='crypto\sha\asm\s1-os2.asm'; 66 $sha1_asm_src="crypto\\sha\\asm\\s1-os2.asm";
65 $rmd160_asm_obj='crypto\ripemd\asm\rm-os2.o'; 67 $rmd160_asm_obj="crypto\\ripemd\\asm\\rm-os2$obj";
66 $rmd160_asm_src='crypto\ripemd\asm\rm-os2.asm'; 68 $rmd160_asm_src="crypto\\ripemd\\asm\\rm-os2.asm";
69 }
70
71if ($shlib)
72 {
73 $mlflags.=" $lflags -Zdll";
74 $lib_cflag=" -D_DLL";
75 $out_def="out_dll";
76 $tmp_def="tmp_dll";
67 } 77 }
68 78
69sub do_lib_rule 79sub do_lib_rule
@@ -76,9 +86,20 @@ sub do_lib_rule
76 ($Name=$name) =~ tr/a-z/A-Z/; 86 ($Name=$name) =~ tr/a-z/A-Z/;
77 87
78 $ret.="$target: \$(${Name}OBJ)\n"; 88 $ret.="$target: \$(${Name}OBJ)\n";
79 $ret.="\t\$(RM) $target\n"; 89 if (!$shlib)
80 $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n"; 90 {
81 $ret.="\t\$(RANLIB) $target\n\n"; 91 $ret.="\t\$(RM) $target\n";
92 $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
93 $ret.="\t\$(RANLIB) $target\n\n";
94 }
95 else
96 {
97 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
98 $ex.=' -lsocket';
99 $ret.="\t\$(LINK) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n";
100 $ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n";
101 $ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n";
102 }
82 } 103 }
83 104
84sub do_link_rule 105sub do_link_rule
@@ -89,7 +110,7 @@ sub do_link_rule
89 $file =~ s/\//$o/g if $o ne '/'; 110 $file =~ s/\//$o/g if $o ne '/';
90 $n=&bname($target); 111 $n=&bname($target);
91 $ret.="$target: $files $dep_libs\n"; 112 $ret.="$target: $files $dep_libs\n";
92 $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; 113 $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n";
93 return($ret); 114 return($ret);
94 } 115 }
95 116
diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl
index 50bfb34385..d6e3a11530 100644
--- a/src/lib/libcrypto/util/pl/VC-32.pl
+++ b/src/lib/libcrypto/util/pl/VC-32.pl
@@ -66,24 +66,24 @@ $bf_enc_src='';
66 66
67if (!$no_asm) 67if (!$no_asm)
68 { 68 {
69 $bn_asm_obj='crypto\bn\asm\bn-win32.obj'; 69 $bn_asm_obj='crypto\bn\asm\bn_win32.obj';
70 $bn_asm_src='crypto\bn\asm\bn-win32.asm'; 70 $bn_asm_src='crypto\bn\asm\bn_win32.asm';
71 $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; 71 $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
72 $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; 72 $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
73 $bf_enc_obj='crypto\bf\asm\b-win32.obj'; 73 $bf_enc_obj='crypto\bf\asm\b_win32.obj';
74 $bf_enc_src='crypto\bf\asm\b-win32.asm'; 74 $bf_enc_src='crypto\bf\asm\b_win32.asm';
75 $cast_enc_obj='crypto\cast\asm\c-win32.obj'; 75 $cast_enc_obj='crypto\cast\asm\c_win32.obj';
76 $cast_enc_src='crypto\cast\asm\c-win32.asm'; 76 $cast_enc_src='crypto\cast\asm\c_win32.asm';
77 $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj'; 77 $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
78 $rc4_enc_src='crypto\rc4\asm\r4-win32.asm'; 78 $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
79 $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj'; 79 $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
80 $rc5_enc_src='crypto\rc5\asm\r5-win32.asm'; 80 $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
81 $md5_asm_obj='crypto\md5\asm\m5-win32.obj'; 81 $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
82 $md5_asm_src='crypto\md5\asm\m5-win32.asm'; 82 $md5_asm_src='crypto\md5\asm\m5_win32.asm';
83 $sha1_asm_obj='crypto\sha\asm\s1-win32.obj'; 83 $sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
84 $sha1_asm_src='crypto\sha\asm\s1-win32.asm'; 84 $sha1_asm_src='crypto\sha\asm\s1_win32.asm';
85 $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj'; 85 $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
86 $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm'; 86 $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
87 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; 87 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
88 } 88 }
89 89
diff --git a/src/lib/libcrypto/util/pod2mantest b/src/lib/libcrypto/util/pod2mantest
index 79aefafac0..e01c6192a7 100644
--- a/src/lib/libcrypto/util/pod2mantest
+++ b/src/lib/libcrypto/util/pod2mantest
@@ -11,9 +11,10 @@
11 11
12 12
13IFS=: 13IFS=:
14try_without_dir=true 14if test "$OSTYPE" = "msdosdjgpp"; then IFS=";"; fi
15try_without_dir=false
15# First we try "pod2man", then "$dir/pod2man" for each item in $PATH. 16# First we try "pod2man", then "$dir/pod2man" for each item in $PATH.
16for dir in dummy:$PATH; do 17for dir in dummy${IFS}$PATH; do
17 if [ "$try_without_dir" = true ]; then 18 if [ "$try_without_dir" = true ]; then
18 # first iteration 19 # first iteration
19 pod2man=pod2man 20 pod2man=pod2man
@@ -47,7 +48,7 @@ done
47echo "No working pod2man found. Consider installing a new version." >&2 48echo "No working pod2man found. Consider installing a new version." >&2
48if [ "$1" = ignore ]; then 49if [ "$1" = ignore ]; then
49 echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2 50 echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2
50 echo "util/pod2man.pl" 51 echo "../../util/pod2man.pl"
51 exit 0 52 exit 0
52fi 53fi
53exit 1 54exit 1
diff --git a/src/lib/libcrypto/util/point.sh b/src/lib/libcrypto/util/point.sh
index 47543c88e2..ce7dcc56df 100644
--- a/src/lib/libcrypto/util/point.sh
+++ b/src/lib/libcrypto/util/point.sh
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3rm -f $2 3rm -f $2
4ln -s $1 $2 4if test "$OSTYPE" = msdosdjgpp; then
5 cp $1 $2
6else
7 ln -s $1 $2
8fi
5echo "$2 => $1" 9echo "$2 => $1"
6 10
diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES
index d63996c70d..5c80970b52 100644
--- a/src/lib/libssl/src/CHANGES
+++ b/src/lib/libssl/src/CHANGES
@@ -2,7 +2,50 @@
2 OpenSSL CHANGES 2 OpenSSL CHANGES
3 _______________ 3 _______________
4 4
5 Changes between 0.9.6d and 0.9.7 [XX xxx 2002] 5 Changes between 0.9.6e and 0.9.7 [XX xxx 2002]
6
7 *) Make sure tests can be performed even if the corresponding algorithms
8 have been removed entirely. This was also the last step to make
9 OpenSSL compilable with DJGPP under all reasonable conditions.
10 [Richard Levitte, Doug Kaufman <dkaufman@rahul.net>]
11
12 *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
13 to allow version independent disabling of normally unselected ciphers,
14 which may be activated as a side-effect of selecting a single cipher.
15
16 (E.g., cipher list string "RSA" enables ciphersuites that are left
17 out of "ALL" because they do not provide symmetric encryption.
18 "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
19 [Lutz Jaenicke, Bodo Moeller]
20
21 *) Add appropriate support for separate platform-dependent build
22 directories. The recommended way to make a platform-dependent
23 build directory is the following (tested on Linux), maybe with
24 some local tweaks:
25
26 # Place yourself outside of the OpenSSL source tree. In
27 # this example, the environment variable OPENSSL_SOURCE
28 # is assumed to contain the absolute OpenSSL source directory.
29 mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
30 cd objtree/"`uname -s`-`uname -r`-`uname -m`"
31 (cd $OPENSSL_SOURCE; find . -type f -o -type l) | while read F; do
32 mkdir -p `dirname $F`
33 ln -s $OPENSSL_SOURCE/$F $F
34 done
35
36 To be absolutely sure not to disturb the source tree, a "make clean"
37 is a good thing. If it isn't successfull, don't worry about it,
38 it probably means the source directory is very clean.
39 [Richard Levitte]
40
41 *) Make sure any ENGINE control commands make local copies of string
42 pointers passed to them whenever necessary. Otherwise it is possible
43 the caller may have overwritten (or deallocated) the original string
44 data when a later ENGINE operation tries to use the stored values.
45 [Götz Babin-Ebell <babinebell@trustcenter.de>]
46
47 *) Improve diagnostics in file reading and command-line digests.
48 [Ben Laurie aided and abetted by Solar Designer <solar@openwall.com>]
6 49
7 *) Add AES modes CFB and OFB to the object database. Correct an 50 *) Add AES modes CFB and OFB to the object database. Correct an
8 error in AES-CFB decryption. 51 error in AES-CFB decryption.
@@ -29,6 +72,8 @@
29 form for "surname", serialNumber has no short form. 72 form for "surname", serialNumber has no short form.
30 Use "mail" as the short name for "rfc822Mailbox" according to RFC2798; 73 Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
31 therefore remove "mail" short name for "internet 7". 74 therefore remove "mail" short name for "internet 7".
75 The OID for unique identifiers in X509 certificates is
76 x500UniqueIdentifier, not uniqueIdentifier.
32 Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>) 77 Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>)
33 [Lutz Jaenicke] 78 [Lutz Jaenicke]
34 79
@@ -335,6 +380,10 @@
335 By default, clients may request session resumption even during 380 By default, clients may request session resumption even during
336 renegotiation (if session ID contexts permit); with this option, 381 renegotiation (if session ID contexts permit); with this option,
337 session resumption is possible only in the first handshake. 382 session resumption is possible only in the first handshake.
383
384 SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL. This makes
385 more bits available for options that should not be part of
386 SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
338 [Bodo Moeller] 387 [Bodo Moeller]
339 388
340 *) Add some demos for certificate and certificate request creation. 389 *) Add some demos for certificate and certificate request creation.
@@ -455,8 +504,8 @@
455 [Bodo Moeller, Lutz Jaenicke] 504 [Bodo Moeller, Lutz Jaenicke]
456 505
457 *) Rationalise EVP so it can be extended: don't include a union of 506 *) Rationalise EVP so it can be extended: don't include a union of
458 cipher/digest structures, add init/cleanup functions. This also reduces 507 cipher/digest structures, add init/cleanup functions for EVP_MD_CTX
459 the number of header dependencies. 508 (similar to those existing for EVP_CIPHER_CTX).
460 Usage example: 509 Usage example:
461 510
462 EVP_MD_CTX md; 511 EVP_MD_CTX md;
@@ -1040,14 +1089,15 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
1040 handle the new API. Currently only ECB, CBC modes supported. Add new 1089 handle the new API. Currently only ECB, CBC modes supported. Add new
1041 AES OIDs. 1090 AES OIDs.
1042 1091
1043 Add TLS AES ciphersuites as described in the "AES Ciphersuites 1092 Add TLS AES ciphersuites as described in RFC3268, "Advanced
1044 for TLS" draft-ietf-tls-ciphersuite-06.txt. As these are not yet 1093 Encryption Standard (AES) Ciphersuites for Transport Layer
1045 official, they are not enabled by default and are not even part 1094 Security (TLS)". (In beta versions of OpenSSL 0.9.7, these were
1046 of the "ALL" ciphersuite alias; for now, they must be explicitly 1095 not enabled by default and were not part of the "ALL" ciphersuite
1047 requested by specifying the new "AESdraft" ciphersuite alias. If 1096 alias because they were not yet official; they could be
1048 you want the default ciphersuite list plus the new ciphersuites, 1097 explicitly requested by specifying the "AESdraft" ciphersuite
1049 use "DEFAULT:AESdraft:@STRENGTH". 1098 group alias. In the final release of OpenSSL 0.9.7, the group
1050 [Ben Laurie, Steve Henson, Bodo Moeller] 1099 alias is called "AES" and is part of "ALL".)
1100 [Ben Laurie, Steve Henson, Bodo Moeller]
1051 1101
1052 *) New function OCSP_copy_nonce() to copy nonce value (if present) from 1102 *) New function OCSP_copy_nonce() to copy nonce value (if present) from
1053 request to response. 1103 request to response.
@@ -1617,11 +1667,70 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
1617 *) Clean old EAY MD5 hack from e_os.h. 1667 *) Clean old EAY MD5 hack from e_os.h.
1618 [Richard Levitte] 1668 [Richard Levitte]
1619 1669
1620 Changes between 0.9.6d and 0.9.6e [XX xxx XXXX] 1670 Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
1671
1672 *) Add various sanity checks to asn1_get_length() to reject
1673 the ASN1 length bytes if they exceed sizeof(long), will appear
1674 negative or the content length exceeds the length of the
1675 supplied buffer.
1676 [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
1677
1678 *) Fix cipher selection routines: ciphers without encryption had no flags
1679 for the cipher strength set and where therefore not handled correctly
1680 by the selection routines (PR #130).
1681 [Lutz Jaenicke]
1621 1682
1622 *) Fix EVP_dsa_sha macro. 1683 *) Fix EVP_dsa_sha macro.
1623 [Nils Larsch] 1684 [Nils Larsch]
1624 1685
1686 *) New option
1687 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
1688 for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
1689 that was added in OpenSSL 0.9.6d.
1690
1691 As the countermeasure turned out to be incompatible with some
1692 broken SSL implementations, the new option is part of SSL_OP_ALL.
1693 SSL_OP_ALL is usually employed when compatibility with weird SSL
1694 implementations is desired (e.g. '-bugs' option to 's_client' and
1695 's_server'), so the new option is automatically set in many
1696 applications.
1697 [Bodo Moeller]
1698
1699 *) Changes in security patch:
1700
1701 Changes marked "(CHATS)" were sponsored by the Defense Advanced
1702 Research Projects Agency (DARPA) and Air Force Research Laboratory,
1703 Air Force Materiel Command, USAF, under agreement number
1704 F30602-01-2-0537.
1705
1706 *) Add various sanity checks to asn1_get_length() to reject
1707 the ASN1 length bytes if they exceed sizeof(long), will appear
1708 negative or the content length exceeds the length of the
1709 supplied buffer. (CAN-2002-0659)
1710 [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
1711
1712 *) Assertions for various potential buffer overflows, not known to
1713 happen in practice.
1714 [Ben Laurie (CHATS)]
1715
1716 *) Various temporary buffers to hold ASCII versions of integers were
1717 too small for 64 bit platforms. (CAN-2002-0655)
1718 [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
1719
1720 *) Remote buffer overflow in SSL3 protocol - an attacker could
1721 supply an oversized master key in Kerberos-enabled versions.
1722 (CAN-2002-0657)
1723 [Ben Laurie (CHATS)]
1724
1725 *) Remote buffer overflow in SSL3 protocol - an attacker could
1726 supply an oversized session ID to a client. (CAN-2002-0656)
1727 [Ben Laurie (CHATS)]
1728
1729 *) Remote buffer overflow in SSL2 protocol - an attacker could
1730 supply an oversized client master key. (CAN-2002-0656)
1731 [Ben Laurie (CHATS)]
1732
1733
1625 Changes between 0.9.6c and 0.9.6d [9 May 2002] 1734 Changes between 0.9.6c and 0.9.6d [9 May 2002]
1626 1735
1627 *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not 1736 *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure
index 986db2f614..74bd8877e5 100644
--- a/src/lib/libssl/src/Configure
+++ b/src/lib/libssl/src/Configure
@@ -134,7 +134,7 @@ my %table=(
134 134
135# Our development configs 135# Our development configs
136"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::", 136"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
137"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::", 137"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
138"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o", 138"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o",
139"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", 139"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
140"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", 140"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
@@ -145,8 +145,8 @@ my %table=(
145"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", 145"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
146"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", 146"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
147"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn", 147"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn",
148"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 148"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
149"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 149"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
150"dist", "cc:-O::(unknown)::::::", 150"dist", "cc:-O::(unknown)::::::",
151 151
152# Basic configs that should work on any (32 and less bit) box 152# Basic configs that should work on any (32 and less bit) box
@@ -169,11 +169,11 @@ my %table=(
169"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 169"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
170# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc 170# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
171"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 171"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
172"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 172"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
173# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 173# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
174# but keep the assembler modules. 174# but keep the assembler modules.
175"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 175"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
176"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 176"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
177 177
178#### 178####
179"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 179"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -256,6 +256,9 @@ my %table=(
256"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 256"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
257"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 257"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
258"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 258"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
259# 64bit PARISC for GCC without optimization, which seems to make problems.
260# Submitted by <ross.alexander@uk.neceur.com>
261"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
259 262
260# IA-64 targets 263# IA-64 targets
261# I have no idea if this one actually works, feedback needed. <appro> 264# I have no idea if this one actually works, feedback needed. <appro>
@@ -410,13 +413,13 @@ my %table=(
410"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 413"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
411 414
412# UnixWare 2.0x fails destest with -O 415# UnixWare 2.0x fails destest with -O
413"unixware-2.0","cc:-DFILIO_H::-Kthread::-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::", 416"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
414"unixware-2.0-pentium","cc:-DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", 417"unixware-2.0-pentium","cc:-DFILIO_H -DNO_STRINGS_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
415 418
416# UnixWare 2.1 419# UnixWare 2.1
417"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::", 420"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
418"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", 421"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
419"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", 422"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
420 423
421# UnixWare 7 424# UnixWare 7
422"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 425"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -509,10 +512,16 @@ my %table=(
509# and its library files in util/pl/*) 512# and its library files in util/pl/*)
510"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", 513"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
511 514
515# UWIN
516"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
517
512# Cygwin 518# Cygwin
513"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", 519"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
514"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll", 520"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll",
515 521
522# DJGPP
523"DJGPP", "gcc:-I/dev/env/DJDIR/watt32/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/DJDIR/watt32/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
524
516# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at> 525# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
517"ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown):::::::", 526"ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown):::::::",
518"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::", 527"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::",
@@ -534,8 +543,8 @@ my %table=(
534 543
535##### MacOS X (a.k.a. Rhapsody or Darwin) setup 544##### MacOS X (a.k.a. Rhapsody or Darwin) setup
536"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", 545"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
537"darwin-ppc-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", 546"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
538"darwin-i386-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", 547"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
539 548
540##### Sony NEWS-OS 4.x 549##### Sony NEWS-OS 4.x
541"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", 550"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
@@ -637,6 +646,7 @@ my $libs;
637my $target; 646my $target;
638my $options; 647my $options;
639my $symlink; 648my $symlink;
649my $make_depend=0;
640my %withargs=(); 650my %withargs=();
641 651
642my @argvcopy=@ARGV; 652my @argvcopy=@ARGV;
@@ -894,6 +904,7 @@ print "Configuring for $target\n";
894my $IsWindows=scalar grep /^$target$/,@WinTargets; 904my $IsWindows=scalar grep /^$target$/,@WinTargets;
895 905
896$exe_ext=".exe" if ($target eq "Cygwin"); 906$exe_ext=".exe" if ($target eq "Cygwin");
907$exe_ext=".exe" if ($target eq "DJGPP");
897$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq ""); 908$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
898$prefix=$openssldir if $prefix eq ""; 909$prefix=$openssldir if $prefix eq "";
899 910
@@ -901,7 +912,7 @@ chop $openssldir if $openssldir =~ /\/$/;
901chop $prefix if $prefix =~ /\/$/; 912chop $prefix if $prefix =~ /\/$/;
902 913
903$openssldir=$prefix . "/ssl" if $openssldir eq ""; 914$openssldir=$prefix . "/ssl" if $openssldir eq "";
904$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//; 915$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
905 916
906 917
907print "IsWindows=$IsWindows\n"; 918print "IsWindows=$IsWindows\n";
@@ -1151,7 +1162,8 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
1151 } 1162 }
1152 1163
1153open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; 1164open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
1154open(OUT,">$Makefile") || die "unable to create $Makefile:$!\n"; 1165unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
1166open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
1155print OUT "### Generated automatically from Makefile.org by Configure.\n\n"; 1167print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
1156my $sdirs=0; 1168my $sdirs=0;
1157while (<IN>) 1169while (<IN>)
@@ -1225,6 +1237,8 @@ while (<IN>)
1225 } 1237 }
1226close(IN); 1238close(IN);
1227close(OUT); 1239close(OUT);
1240rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
1241rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
1228 1242
1229print "CC =$cc\n"; 1243print "CC =$cc\n";
1230print "CFLAG =$cflags\n"; 1244print "CFLAG =$cflags\n";
@@ -1295,7 +1309,8 @@ foreach (sort split(/\s+/,$bn_ops))
1295 } 1309 }
1296 1310
1297open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n"; 1311open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
1298open(OUT,'>crypto/opensslconf.h') || die "unable to create crypto/opensslconf.h:$!\n"; 1312unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
1313open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
1299print OUT "/* opensslconf.h */\n"; 1314print OUT "/* opensslconf.h */\n";
1300print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n"; 1315print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
1301 1316
@@ -1389,6 +1404,8 @@ while (<IN>)
1389 } 1404 }
1390close(IN); 1405close(IN);
1391close(OUT); 1406close(OUT);
1407rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
1408rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
1392 1409
1393 1410
1394# Fix the date 1411# Fix the date
@@ -1428,11 +1445,13 @@ if($IsWindows) {
1428EOF 1445EOF
1429 close(OUT); 1446 close(OUT);
1430} else { 1447} else {
1431 (system "make -f Makefile.ssl PERL=\'$perl\' links") == 0 or exit $? 1448 my $make_command = "make -f Makefile.ssl PERL=\'$perl\'";
1432 if $symlink; 1449 my $make_targets = "";
1433 ### (system 'make depend') == 0 or exit $? if $depflags ne ""; 1450 $make_targets .= " links" if $symlink;
1434 # Run "make depend" manually if you want to be able to delete 1451 $make_targets .= " depend" if $depflags ne "" && $make_depend;
1435 # the source code files of ciphers you left out. 1452 $make_targets .= " gentests" if $symlink;
1453 (system $make_command.$make_targets) == 0 or exit $?
1454 if $make_targets ne "";
1436 if ( $perl =~ m@^/@) { 1455 if ( $perl =~ m@^/@) {
1437 &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";'); 1456 &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
1438 &dofile("apps/der_chop",$perl,'^#!/', '#!%s'); 1457 &dofile("apps/der_chop",$perl,'^#!/', '#!%s');
@@ -1442,7 +1461,16 @@ EOF
1442 &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";'); 1461 &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
1443 &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s'); 1462 &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
1444 &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s'); 1463 &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
1445 } 1464 }
1465 if ($depflags ne "" && !$make_depend) {
1466 print <<EOF;
1467
1468Since you've disabled at least one algorithm, you need to do the following
1469before building:
1470
1471 make depend
1472EOF
1473 }
1446} 1474}
1447 1475
1448print <<EOF; 1476print <<EOF;
diff --git a/src/lib/libssl/src/FAQ b/src/lib/libssl/src/FAQ
index bea8fcfde0..ee03d97676 100644
--- a/src/lib/libssl/src/FAQ
+++ b/src/lib/libssl/src/FAQ
@@ -39,6 +39,9 @@ OpenSSL - Frequently Asked Questions
39* Why does the OpenSSL compilation fail on Alpha Tru64 Unix? 39* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
40* Why does the OpenSSL compilation fail with "ar: command not found"? 40* Why does the OpenSSL compilation fail with "ar: command not found"?
41* Why does the OpenSSL compilation fail on Win32 with VC++? 41* Why does the OpenSSL compilation fail on Win32 with VC++?
42* What is special about OpenSSL on Redhat?
43* Why does the OpenSSL compilation fail on MacOS X?
44* Why does the OpenSSL test suite fail on MacOS X?
42 45
43[PROG] Questions about programming with OpenSSL 46[PROG] Questions about programming with OpenSSL
44 47
@@ -52,6 +55,7 @@ OpenSSL - Frequently Asked Questions
52* Why can't the OpenSSH configure script detect OpenSSL? 55* Why can't the OpenSSH configure script detect OpenSSL?
53* Can I use OpenSSL's SSL library with non-blocking I/O? 56* Can I use OpenSSL's SSL library with non-blocking I/O?
54* Why doesn't my server application receive a client certificate? 57* Why doesn't my server application receive a client certificate?
58* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
55 59
56=============================================================================== 60===============================================================================
57 61
@@ -60,7 +64,7 @@ OpenSSL - Frequently Asked Questions
60* Which is the current version of OpenSSL? 64* Which is the current version of OpenSSL?
61 65
62The current version is available from <URL: http://www.openssl.org>. 66The current version is available from <URL: http://www.openssl.org>.
63OpenSSL 0.9.6d was released on May 9, 2002. 67OpenSSL 0.9.6e was released on July 30, 2002.
64 68
65In addition to the current stable release, you can also access daily 69In addition to the current stable release, you can also access daily
66snapshots of the OpenSSL development version at <URL: 70snapshots of the OpenSSL development version at <URL:
@@ -216,8 +220,11 @@ For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested
216installing the SUNski package from Sun patch 105710-01 (Sparc) which 220installing the SUNski package from Sun patch 105710-01 (Sparc) which
217adds a /dev/random device and make sure it gets used, usually through 221adds a /dev/random device and make sure it gets used, usually through
218$RANDFILE. There are probably similar patches for the other Solaris 222$RANDFILE. There are probably similar patches for the other Solaris
219versions. However, be warned that /dev/random is usually a blocking 223versions. An official statement from Sun with respect to /dev/random
220device, which may have some effects on OpenSSL. 224support can be found at
225 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
226However, be warned that /dev/random is usually a blocking device, which
227may have some effects on OpenSSL.
221 228
222 229
223* Why do I get an "unable to write 'random state'" error message? 230* Why do I get an "unable to write 'random state'" error message?
@@ -459,6 +466,64 @@ under 'Program Files'). This needs to be done prior to running NMAKE,
459and the changes are only valid for the current DOS session. 466and the changes are only valid for the current DOS session.
460 467
461 468
469* What is special about OpenSSL on Redhat?
470
471Red Hat Linux (release 7.0 and later) include a preinstalled limited
472version of OpenSSL. For patent reasons, support for IDEA, RC5 and MDC2
473is disabled in this version. The same may apply to other Linux distributions.
474Users may therefore wish to install more or all of the features left out.
475
476To do this you MUST ensure that you do not overwrite the openssl that is in
477/usr/bin on your Red Hat machine. Several packages depend on this file,
478including sendmail and ssh. /usr/local/bin is a good alternative choice. The
479libraries that come with Red Hat 7.0 onwards have different names and so are
480not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
481/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
482/lib/libcrypto.so.2 respectively).
483
484Please note that we have been advised by Red Hat attempting to recompile the
485openssl rpm with all the cryptography enabled will not work. All other
486packages depend on the original Red Hat supplied openssl package. It is also
487worth noting that due to the way Red Hat supplies its packages, updates to
488openssl on each distribution never change the package version, only the
489build number. For example, on Red Hat 7.1, the latest openssl package has
490version number 0.9.6 and build number 9 even though it contains all the
491relevant updates in packages up to and including 0.9.6b.
492
493A possible way around this is to persuade Red Hat to produce a non-US
494version of Red Hat Linux.
495
496FYI: Patent numbers and expiry dates of US patents:
497MDC-2: 4,908,861 13/03/2007
498IDEA: 5,214,703 25/05/2010
499RC5: 5,724,428 03/03/2015
500
501
502* Why does the OpenSSL compilation fail on MacOS X?
503
504If the failure happens when trying to build the "openssl" binary, with
505a large number of undefined symbols, it's very probable that you have
506OpenSSL 0.9.6b delivered with the operating system (you can find out by
507running '/usr/bin/openssl version') and that you were trying to build
508OpenSSL 0.9.7 or newer. The problem is that the loader ('ld') in
509MacOS X has a misfeature that's quite difficult to go around.
510Look in the file PROBLEMS for a more detailed explanation and for possible
511solutions.
512
513
514* Why does the OpenSSL test suite fail on MacOS X?
515
516If the failure happens when running 'make test' and the RC4 test fails,
517it's very probable that you have OpenSSL 0.9.6b delivered with the
518operating system (you can find out by running '/usr/bin/openssl version')
519and that you were trying to build OpenSSL 0.9.6d. The problem is that
520the loader ('ld') in MacOS X has a misfeature that's quite difficult to
521go around and has linked the programs "openssl" and the test programs
522with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the
523libraries you just built.
524Look in the file PROBLEMS for a more detailed explanation and for possible
525solutions.
526
462[PROG] ======================================================================== 527[PROG] ========================================================================
463 528
464* Is OpenSSL thread-safe? 529* Is OpenSSL thread-safe?
@@ -624,5 +689,13 @@ if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the
624SSL_CTX_set_verify() function to enable the use of client certificates. 689SSL_CTX_set_verify() function to enable the use of client certificates.
625 690
626 691
692* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
693
694For OpenSSL 0.9.7 the OID table was extended and corrected. In earlier
695versions, uniqueIdentifier was incorrectly used for X.509 certificates.
696The correct name according to RFC2256 (LDAP) is x500UniqueIdentifier.
697Change your code to use the new name when compiling against OpenSSL 0.9.7.
698
699
627=============================================================================== 700===============================================================================
628 701
diff --git a/src/lib/libssl/src/INSTALL b/src/lib/libssl/src/INSTALL
index 7eaa8147c3..af86485e00 100644
--- a/src/lib/libssl/src/INSTALL
+++ b/src/lib/libssl/src/INSTALL
@@ -2,8 +2,10 @@
2 INSTALLATION ON THE UNIX PLATFORM 2 INSTALLATION ON THE UNIX PLATFORM
3 --------------------------------- 3 ---------------------------------
4 4
5 [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described 5 [Installation on DOS (with djgpp), Windows, OpenVMS and MacOS (before MacOS X)
6 in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.] 6 is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.
7 This document describes installation on operating systems in the Unix
8 family.]
7 9
8 To install OpenSSL, you will need: 10 To install OpenSSL, you will need:
9 11
@@ -137,8 +139,11 @@
137 the failure that aren't problems in OpenSSL itself (like missing 139 the failure that aren't problems in OpenSSL itself (like missing
138 standard headers). If it is a problem with OpenSSL itself, please 140 standard headers). If it is a problem with OpenSSL itself, please
139 report the problem to <openssl-bugs@openssl.org> (note that your 141 report the problem to <openssl-bugs@openssl.org> (note that your
140 message will be forwarded to a public mailing list). Include the 142 message will be recorded in the request tracker publicly readable
141 output of "make report" in your message. 143 via http://www.openssl.org/rt2.html and will be forwarded to a public
144 mailing list). Include the output of "make report" in your message.
145 Please check out the request tracker. Maybe the bug was already
146 reported or has already been fixed.
142 147
143 [If you encounter assembler error messages, try the "no-asm" 148 [If you encounter assembler error messages, try the "no-asm"
144 configuration option as an immediate fix.] 149 configuration option as an immediate fix.]
@@ -156,7 +161,8 @@
156 try removing any compiler optimization flags from the CFLAGS line 161 try removing any compiler optimization flags from the CFLAGS line
157 in Makefile.ssl and run "make clean; make". Please send a bug 162 in Makefile.ssl and run "make clean; make". Please send a bug
158 report to <openssl-bugs@openssl.org>, including the output of 163 report to <openssl-bugs@openssl.org>, including the output of
159 "make report". 164 "make report" in order to be added to the request tracker at
165 http://www.openssl.org/rt2.html.
160 166
161 4. If everything tests ok, install OpenSSL with 167 4. If everything tests ok, install OpenSSL with
162 168
diff --git a/src/lib/libssl/src/INSTALL.DJGPP b/src/lib/libssl/src/INSTALL.DJGPP
new file mode 100644
index 0000000000..0120b946b5
--- /dev/null
+++ b/src/lib/libssl/src/INSTALL.DJGPP
@@ -0,0 +1,32 @@
1
2
3 INSTALLATION ON THE DOS PLATFORM WITH DJGPP
4 -------------------------------------------
5
6 Openssl has been ported to DOS, but only with long filename support. If
7 you wish to compile on native DOS with 8+3 filenames, you will have to
8 tweak the installation yourself, including renaming files with illegal
9 or duplicate names.
10
11 You should have a full DJGPP environment installed, including the
12 latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
13 requires that PERL and BC also be installed.
14
15 All of these can be obtained from the usual DJGPP mirror sites, such as
16 "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp". You also need to have
17 the WATT-32 networking package installed before you try to compile
18 openssl. This can be obtained from "http://www.bgnett.no/~giva/". The
19 Makefile assumes that the WATT-32 code is in directory "watt32" under
20 /dev/env/DJDIR.
21
22 To compile openssl, start your BASH shell. Then configure for DOS by
23 running "./Configure" with appropriate arguments. The basic syntax for
24 DOS is:
25 ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
26
27 You may run out of DPMI selectors when running in a DOS box under
28 Windows. If so, just close the BASH shell, go back to Windows, and
29 restart BASH. Then run "make" again.
30
31 Building openssl under DJGPP has been tested with DJGPP 2.03,
32 GCC 2.952, GCC 2.953, perl 5.005_02 and perl 5.006_01.
diff --git a/src/lib/libssl/src/INSTALL.OS2 b/src/lib/libssl/src/INSTALL.OS2
index d4cc0e319b..530316db18 100644
--- a/src/lib/libssl/src/INSTALL.OS2
+++ b/src/lib/libssl/src/INSTALL.OS2
@@ -20,3 +20,12 @@
20 20
21 If that finishes successfully you will find the libraries and programs in the 21 If that finishes successfully you will find the libraries and programs in the
22 "out" directory. 22 "out" directory.
23
24 Alternatively, you can make a dynamic build that puts the library code into
25 crypto.dll and ssl.dll by running
26
27 > make -f os2-emx-dll.mak
28
29 This will build the above mentioned dlls and a matching pair of import
30 libraries in the "out_dll" directory along with the set of test programs
31 and the openssl application.
diff --git a/src/lib/libssl/src/INSTALL.W32 b/src/lib/libssl/src/INSTALL.W32
index d85d81b0fd..3de6544fc5 100644
--- a/src/lib/libssl/src/INSTALL.W32
+++ b/src/lib/libssl/src/INSTALL.W32
@@ -94,6 +94,18 @@
94 You can also build a static version of the library using the Makefile 94 You can also build a static version of the library using the Makefile
95 ms\nt.mak 95 ms\nt.mak
96 96
97 Borland C++ builder 5
98 ---------------------
99
100 * Configure for building with Borland Builder:
101 > perl Configure BC-32
102
103 * Create the appropriate makefile
104 > ms\do_nasm
105
106 * Build
107 > make -f ms\bcb.mak
108
97 Borland C++ builder 3 and 4 109 Borland C++ builder 3 and 4
98 --------------------------- 110 ---------------------------
99 111
@@ -140,17 +152,17 @@
140 GNU C (Cygwin) 152 GNU C (Cygwin)
141 -------------- 153 --------------
142 154
143 Cygwin provides a bash shell and GNU tools environment running on 155 Cygwin provides a bash shell and GNU tools environment running
144 NT 4.0, Windows 9x and Windows 2000. Consequently, a make of OpenSSL 156 on NT 4.0, Windows 9x, Windows ME, Windows 2000, and Windows XP.
145 with Cygwin is closer to a GNU bash environment such as Linux rather 157 Consequently, a make of OpenSSL with Cygwin is closer to a GNU
146 than other W32 makes that are based on a single makefile approach. 158 bash environment such as Linux than to other W32 makes which are
147 Cygwin implements Posix/Unix calls through cygwin1.dll, and is 159 based on a single makefile approach. Cygwin implements Posix/Unix
148 contrasted to Mingw32 which links dynamically to msvcrt.dll or 160 calls through cygwin1.dll, and is contrasted to Mingw32 which links
149 crtdll.dll. 161 dynamically to msvcrt.dll or crtdll.dll.
150 162
151 To build OpenSSL using Cygwin: 163 To build OpenSSL using Cygwin:
152 164
153 * Install Cygwin (see http://sourceware.cygnus.com/cygwin) 165 * Install Cygwin (see http://cygwin.com/)
154 166
155 * Install Perl and ensure it is in the path (recent Cygwin perl 167 * Install Perl and ensure it is in the path (recent Cygwin perl
156 (version 5.6.1-2 of the latter has been reported to work) or 168 (version 5.6.1-2 of the latter has been reported to work) or
@@ -176,13 +188,9 @@
176 stripping of carriage returns. To avoid this ensure that a binary 188 stripping of carriage returns. To avoid this ensure that a binary
177 mount is used, e.g. mount -b c:\somewhere /home. 189 mount is used, e.g. mount -b c:\somewhere /home.
178 190
179 As of version 1.1.1 Cygwin is relatively unstable in its handling 191 "bc" is not provided in older Cygwin distribution. This causes a
180 of cr/lf issues. These make procedures succeeded with versions 1.1 and
181 the snapshot 20000524 (Slow!).
182
183 "bc" is not provided in the Cygwin distribution. This causes a
184 non-fatal error in "make test" but is otherwise harmless. If 192 non-fatal error in "make test" but is otherwise harmless. If
185 desired, GNU bc can be built with Cygwin without change. 193 desired and needed, GNU bc can be built with Cygwin without change.
186 194
187 195
188 Installation 196 Installation
diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org
index 3ed232fcf9..8808dd7922 100644
--- a/src/lib/libssl/src/Makefile.org
+++ b/src/lib/libssl/src/Makefile.org
@@ -435,6 +435,7 @@ do_hpux-shared:
435 -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 435 -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
436 +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 436 +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
437 -Fl lib$$i.a -ldld -lc ) || exit 1; \ 437 -Fl lib$$i.a -ldld -lc ) || exit 1; \
438 chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
438 done 439 done
439 440
440# This assumes that GNU utilities are *not* used 441# This assumes that GNU utilities are *not* used
@@ -453,6 +454,7 @@ do_hpux64-shared:
453 -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 454 -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
454 +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ 455 +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
455 +forceload lib$$i.a -ldl -lc ) || exit 1; \ 456 +forceload lib$$i.a -ldl -lc ) || exit 1; \
457 chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
456 done 458 done
457 459
458# The following method is said to work on all platforms. Tests will 460# The following method is said to work on all platforms. Tests will
@@ -562,6 +564,10 @@ links:
562 fi; \ 564 fi; \
563 done; 565 done;
564 566
567gentests:
568 @(cd test && echo "generating dummy tests (if needed)..." && \
569 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
570
565dclean: 571dclean:
566 rm -f *.bak 572 rm -f *.bak
567 @for i in $(DIRS) ;\ 573 @for i in $(DIRS) ;\
@@ -576,8 +582,8 @@ rehash: rehash.time
576rehash.time: certs 582rehash.time: certs
577 @(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \ 583 @(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \
578 export OPENSSL OPENSSL_DEBUG_MEMORY; \ 584 export OPENSSL OPENSSL_DEBUG_MEMORY; \
579 LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ 585 LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
580 export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ 586 export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
581 $(PERL) tools/c_rehash certs) 587 $(PERL) tools/c_rehash certs)
582 touch rehash.time 588 touch rehash.time
583 589
@@ -585,9 +591,9 @@ test: tests
585 591
586tests: rehash 592tests: rehash
587 @(cd test && echo "testing..." && \ 593 @(cd test && echo "testing..." && \
588 $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' OPENSSL_DEBUG_MEMORY=on tests ); 594 $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
589 @LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ 595 @LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
590 export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ 596 export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
591 apps/openssl version -a 597 apps/openssl version -a
592 598
593report: 599report:
@@ -598,7 +604,7 @@ depend:
598 do \ 604 do \
599 if [ -d "$$i" ]; then \ 605 if [ -d "$$i" ]; then \
600 (cd $$i && echo "making dependencies $$i..." && \ 606 (cd $$i && echo "making dependencies $$i..." && \
601 $(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' depend ) || exit 1; \ 607 $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \
602 fi; \ 608 fi; \
603 done; 609 done;
604 610
@@ -644,13 +650,19 @@ TABLE: Configure
644 650
645update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE 651update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
646 652
653# Build distribution tar-file. As the list of files returned by "find" is
654# pretty long, on several platforms a "too many arguments" error or similar
655# would occur. Therefore the list of files is temporarily stored into a file
656# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
657# tar does not support the --files-from option.
647tar: 658tar:
648 @$(TAR) $(TARFLAGS) -cvf - \ 659 find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
649 `find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort` |\ 660 $(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
650 tardy --user_number=0 --user_name=openssl \ 661 tardy --user_number=0 --user_name=openssl \
651 --group_number=0 --group_name=openssl \ 662 --group_number=0 --group_name=openssl \
652 --prefix=openssl-$(VERSION) - |\ 663 --prefix=openssl-$(VERSION) - |\
653 gzip --best >../$(TARFILE).gz; \ 664 gzip --best >../$(TARFILE).gz; \
665 rm -f ../$(TARFILE).list; \
654 ls -l ../$(TARFILE).gz 666 ls -l ../$(TARFILE).gz
655 667
656tar-snap: 668tar-snap:
@@ -665,7 +677,7 @@ dist:
665 $(PERL) Configure dist 677 $(PERL) Configure dist
666 @$(MAKE) dist_pem_h 678 @$(MAKE) dist_pem_h
667 @$(MAKE) SDIRS='${SDIRS}' clean 679 @$(MAKE) SDIRS='${SDIRS}' clean
668 @$(MAKE) tar 680 @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
669 681
670dist_pem_h: 682dist_pem_h:
671 (cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean) 683 (cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
@@ -707,7 +719,7 @@ install: all install_docs
707 ( echo installing $$i; \ 719 ( echo installing $$i; \
708 if [ "$(PLATFORM)" != "Cygwin" ]; then \ 720 if [ "$(PLATFORM)" != "Cygwin" ]; then \
709 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ 721 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
710 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ 722 chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
711 else \ 723 else \
712 c=`echo $$i | sed 's/^lib/cyg/'`; \ 724 c=`echo $$i | sed 's/^lib/cyg/'`; \
713 cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ 725 cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
@@ -732,8 +744,8 @@ install_docs:
732 fn=`basename $$i .pod`; \ 744 fn=`basename $$i .pod`; \
733 if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \ 745 if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
734 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ 746 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
735 (cd `dirname $$i`; \ 747 (cd `$(PERL) util/dirname.pl $$i`; \
736 sh -c "`cd ../../util; ./pod2mantest ignore` \ 748 sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
737 --section=$$sec --center=OpenSSL \ 749 --section=$$sec --center=OpenSSL \
738 --release=$(VERSION) `basename $$i`") \ 750 --release=$(VERSION) `basename $$i`") \
739 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ 751 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
@@ -742,8 +754,8 @@ install_docs:
742 fn=`basename $$i .pod`; \ 754 fn=`basename $$i .pod`; \
743 if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \ 755 if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
744 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ 756 echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
745 (cd `dirname $$i`; \ 757 (cd `$(PERL) util/dirname.pl $$i`; \
746 sh -c "`cd ../../util; ./pod2mantest ignore` \ 758 sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
747 --section=$$sec --center=OpenSSL \ 759 --section=$$sec --center=OpenSSL \
748 --release=$(VERSION) `basename $$i`") \ 760 --release=$(VERSION) `basename $$i`") \
749 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ 761 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS
index bf8f031a29..9531ba9c6e 100644
--- a/src/lib/libssl/src/NEWS
+++ b/src/lib/libssl/src/NEWS
@@ -21,9 +21,8 @@
21 against libdes providing similar functions having the same name). 21 against libdes providing similar functions having the same name).
22 Provide macros for backward compatibility (will be removed in the 22 Provide macros for backward compatibility (will be removed in the
23 future). 23 future).
24 o Unifiy handling of cryptographic algorithms (software and 24 o Unify handling of cryptographic algorithms (software and engine)
25 engine) to be available via EVP routines for asymmetric and 25 to be available via EVP routines for asymmetric and symmetric ciphers.
26 symmetric ciphers.
27 o NCONF: new configuration handling routines. 26 o NCONF: new configuration handling routines.
28 o Change API to use more 'const' modifiers to improve error checking 27 o Change API to use more 'const' modifiers to improve error checking
29 and help optimizers. 28 and help optimizers.
@@ -31,6 +30,7 @@
31 o Reworked parts of the BIGNUM code. 30 o Reworked parts of the BIGNUM code.
32 o Support for new engines: Broadcom ubsec, Accelerated Encryption 31 o Support for new engines: Broadcom ubsec, Accelerated Encryption
33 Processing, IBM 4758. 32 Processing, IBM 4758.
33 o Extended and corrected OID (object identifier) table.
34 o PRNG: query at more locations for a random device, automatic query for 34 o PRNG: query at more locations for a random device, automatic query for
35 EGD style random sources at several locations. 35 EGD style random sources at several locations.
36 o SSL/TLS: allow optional cipher choice according to server's preference. 36 o SSL/TLS: allow optional cipher choice according to server's preference.
@@ -38,7 +38,12 @@
38 o SSL/TLS: support Kerberos cipher suites (RFC2712). 38 o SSL/TLS: support Kerberos cipher suites (RFC2712).
39 o SSL/TLS: allow more precise control of renegotiations and sessions. 39 o SSL/TLS: allow more precise control of renegotiations and sessions.
40 o SSL/TLS: add callback to retrieve SSL/TLS messages. 40 o SSL/TLS: add callback to retrieve SSL/TLS messages.
41 o SSL/TLS: add draft AES ciphersuites (disabled unless explicitly requested). 41 o SSL/TLS: support AES cipher suites (RFC3268).
42
43 Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
44
45 o Important security related bugfixes.
46 o Various SSL/TLS library bugfixes.
42 47
43 Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d: 48 Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
44 49
@@ -91,7 +96,7 @@
91 o Bug fixes for Win32, HP/UX and Irix. 96 o Bug fixes for Win32, HP/UX and Irix.
92 o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and 97 o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
93 memory checking routines. 98 memory checking routines.
94 o Bug fixes for RSA operations in threaded enviroments. 99 o Bug fixes for RSA operations in threaded environments.
95 o Bug fixes in misc. openssl applications. 100 o Bug fixes in misc. openssl applications.
96 o Remove a few potential memory leaks. 101 o Remove a few potential memory leaks.
97 o Add tighter checks of BIGNUM routines. 102 o Add tighter checks of BIGNUM routines.
diff --git a/src/lib/libssl/src/PROBLEMS b/src/lib/libssl/src/PROBLEMS
index d78e2d9a23..70e591a1d1 100644
--- a/src/lib/libssl/src/PROBLEMS
+++ b/src/lib/libssl/src/PROBLEMS
@@ -1,50 +1,40 @@
1If you have any problems with SSLeay then please take the following 1* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X.
2steps: 2
3 3
4 Remove the ASM version of the BN routines (edit Configure) 4 NOTE: The problem described here only applies when OpenSSL isn't built
5 Remove the compiler optimisation flags 5 with shared library support (i.e. without the "shared" configuration
6 Add in the compiler debug flags (-g) 6 option). If you build with shared library support, you will have no
7 7 problems as long as you set up DYLD_LIBRARY_PATH properly at all times.
8Note: if using gcc then remove -fomit-frame-pointer before you try 8
9 to debug things. 9
10 10This is really a misfeature in ld, which seems to look for .dylib libraries
11If you wish to report a bug then please include the following information 11along the whole library path before it bothers looking for .a libraries. This
12in any bug report: 12means that -L switches won't matter unless OpenSSL is built with shared
13 13library support.
14 SSLeay Details 14
15 - Version, most of these details can be got from the 15The workaround may be to change the following lines in apps/Makefile.ssl and
16 'ssleay version -a' command. 16test/Makefile.ssl:
17 Operating System Details 17
18 - OS Name 18 LIBCRYPTO=-L.. -lcrypto
19 - OS Version 19 LIBSSL=-L.. -lssl
20 - Hardware platform 20
21 Compiler Details 21to:
22 - Name 22
23 - Version 23 LIBCRYPTO=../libcrypto.a
24 Application Details 24 LIBSSL=../libssl.a
25 - Name 25
26 - Version 26It's possible that something similar is needed for shared library support
27 Problem Description 27as well. That hasn't been well tested yet.
28 - include steps that will reproduce the problem (if known) 28
29 Stack Traceback (if the application dumps core) 29
30 30Another solution that many seem to recommend is to move the libraries
31For example: 31/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different
32 32directory, build and install OpenSSL and anything that depends on your
33 SSLeay-0.5.1a 33build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their
34 SunOS 5.3, SPARC, SunC 3.0 34original places. Note that the version numbers on those two libraries
35 SSLtelnet-0.7 35may differ on your machine.
36 36
37 Core dumps when using telnet with SSL support in bn_mul() with 37
38 the following stack trackback 38As long as Apple doesn't fix the problem with ld, this problem building
39 ... 39OpenSSL will remain as is.
40
41
42Report the bug to either
43 ssleay@mincom.oz.au (Eric and Tim)
44or
45 ssl-bugs@mincom.oz.au (mailing list of active developers)
46
47
48Tim Hudson
49tjh@mincom.oz.au
50 40
diff --git a/src/lib/libssl/src/README b/src/lib/libssl/src/README
index 8933063c1d..5394a17e3e 100644
--- a/src/lib/libssl/src/README
+++ b/src/lib/libssl/src/README
@@ -1,5 +1,5 @@
1 1
2 OpenSSL 0.9.7-beta1 01 Jun 2002 2 OpenSSL 0.9.7-beta3 30 Jul 2002
3 3
4 Copyright (c) 1998-2002 The OpenSSL Project 4 Copyright (c) 1998-2002 The OpenSSL Project
5 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson 5 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -122,6 +122,13 @@
122 lists the functions; you will probably have to look at the code to work out 122 lists the functions; you will probably have to look at the code to work out
123 how to use them. Look at the example programs. 123 how to use them. Look at the example programs.
124 124
125 PROBLEMS
126 --------
127
128 For some platforms, there are some known problems that may affect the user
129 or application author. We try to collect those in doc/PROBLEMS, with current
130 thoughts on how they should be solved in a future of OpenSSL.
131
125 SUPPORT 132 SUPPORT
126 ------- 133 -------
127 134
@@ -146,11 +153,13 @@
146 - Problem Description (steps that will reproduce the problem, if known) 153 - Problem Description (steps that will reproduce the problem, if known)
147 - Stack Traceback (if the application dumps core) 154 - Stack Traceback (if the application dumps core)
148 155
149 Report the bug to the OpenSSL project at: 156 Report the bug to the OpenSSL project via the Request Tracker
157 (http://www.openssl.org/rt2.html) by mail to:
150 158
151 openssl-bugs@openssl.org 159 openssl-bugs@openssl.org
152 160
153 Note that mail to openssl-bugs@openssl.org is forwarded to a public 161 Note that mail to openssl-bugs@openssl.org is recorded in the publicly
162 readable request tracker database and is forwarded to a public
154 mailing list. Confidential mail may be sent to openssl-security@openssl.org 163 mailing list. Confidential mail may be sent to openssl-security@openssl.org
155 (PGP key available from the key servers). 164 (PGP key available from the key servers).
156 165
@@ -164,7 +173,9 @@
164 textual explanation of what your patch does. 173 textual explanation of what your patch does.
165 174
166 Note: For legal reasons, contributions from the US can be accepted only 175 Note: For legal reasons, contributions from the US can be accepted only
167 if a copy of the patch is sent to crypt@bxa.doc.gov 176 if a TSA notification and a copy of the patch is sent to crypt@bis.doc.gov;
177 see http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic]
178 and http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e)).
168 179
169 The preferred format for changes is "diff -u" output. You might 180 The preferred format for changes is "diff -u" output. You might
170 generate it like this: 181 generate it like this:
diff --git a/src/lib/libssl/src/README.ENGINE b/src/lib/libssl/src/README.ENGINE
index 643d0cb51f..0ff8333709 100644
--- a/src/lib/libssl/src/README.ENGINE
+++ b/src/lib/libssl/src/README.ENGINE
@@ -154,7 +154,7 @@
154 shared-library that contains the ENGINE implementation, and "NO_VCHECK" 154 shared-library that contains the ENGINE implementation, and "NO_VCHECK"
155 might possibly be useful if there is a minor version conflict and you 155 might possibly be useful if there is a minor version conflict and you
156 (or a vendor helpdesk) is convinced you can safely ignore it. 156 (or a vendor helpdesk) is convinced you can safely ignore it.
157 "ENGINE_ID" is probably only needed if a shared-library implements 157 "ID" is probably only needed if a shared-library implements
158 multiple ENGINEs, but if you know the engine id you expect to be using, 158 multiple ENGINEs, but if you know the engine id you expect to be using,
159 it doesn't hurt to specify it (and this provides a sanity check if 159 it doesn't hurt to specify it (and this provides a sanity check if
160 nothing else). "LIST_ADD" is only required if you actually wish the 160 nothing else). "LIST_ADD" is only required if you actually wish the
@@ -174,7 +174,7 @@
174 174
175 ENGINE *e = ENGINE_by_id("dynamic"); 175 ENGINE *e = ENGINE_by_id("dynamic");
176 ENGINE_ctrl_cmd_string(e, "SO_PATH", "/lib/libfoo.so", 0); 176 ENGINE_ctrl_cmd_string(e, "SO_PATH", "/lib/libfoo.so", 0);
177 ENGINE_ctrl_cmd_string(e, "ENGINE_ID", "foo", 0); 177 ENGINE_ctrl_cmd_string(e, "ID", "foo", 0);
178 ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0); 178 ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0);
179 ENGINE_ctrl_cmd_string(e, "CMD_FOO", "some input data", 0); 179 ENGINE_ctrl_cmd_string(e, "CMD_FOO", "some input data", 0);
180 180
@@ -184,7 +184,7 @@
184 184
185 openssl engine dynamic \ 185 openssl engine dynamic \
186 -pre SO_PATH:/lib/libfoo.so \ 186 -pre SO_PATH:/lib/libfoo.so \
187 -pre ENGINE_ID:foo \ 187 -pre ID:foo \
188 -pre LOAD \ 188 -pre LOAD \
189 -pre "CMD_FOO:some input data" 189 -pre "CMD_FOO:some input data"
190 190
@@ -192,7 +192,7 @@
192 192
193 openssl engine -vvvv dynamic \ 193 openssl engine -vvvv dynamic \
194 -pre SO_PATH:/lib/libfoo.so \ 194 -pre SO_PATH:/lib/libfoo.so \
195 -pre ENGINE_ID:foo \ 195 -pre ID:foo \
196 -pre LOAD 196 -pre LOAD
197 197
198 Applications that support the ENGINE API and more specifically, the 198 Applications that support the ENGINE API and more specifically, the
diff --git a/src/lib/libssl/src/apps/CA.pl b/src/lib/libssl/src/apps/CA.pl
index 669a016b84..915fa5beca 100644
--- a/src/lib/libssl/src/apps/CA.pl
+++ b/src/lib/libssl/src/apps/CA.pl
@@ -1,4 +1,4 @@
1#!/usr/bin/perl 1#!/usr/local/bin/perl5
2# 2#
3# CA - wrapper around ca to make it easier to use ... basically ca requires 3# CA - wrapper around ca to make it easier to use ... basically ca requires
4# some setup stuff to be done before you can use it and this makes 4# some setup stuff to be done before you can use it and this makes
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index aca750b1f0..a302119d7f 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -129,7 +129,11 @@
129#ifdef OPENSSL_SYS_WINDOWS 129#ifdef OPENSSL_SYS_WINDOWS
130#define strcasecmp _stricmp 130#define strcasecmp _stricmp
131#else 131#else
132#include <strings.h> 132# ifdef NO_STRINGS_H
133 int strcasecmp();
134# else
135# include <strings.h>
136# endif /* NO_STRINGS_H */
133#endif 137#endif
134 138
135#ifdef OPENSSL_SYS_WINDOWS 139#ifdef OPENSSL_SYS_WINDOWS
@@ -490,7 +494,7 @@ static int ui_close(UI *ui)
490 { 494 {
491 return UI_method_get_closer(UI_OpenSSL())(ui); 495 return UI_method_get_closer(UI_OpenSSL())(ui);
492 } 496 }
493int setup_ui_method() 497int setup_ui_method(void)
494 { 498 {
495 ui_method = UI_create_method("OpenSSL application user interface"); 499 ui_method = UI_create_method("OpenSSL application user interface");
496 UI_method_set_opener(ui_method, ui_open); 500 UI_method_set_opener(ui_method, ui_open);
@@ -499,7 +503,7 @@ int setup_ui_method()
499 UI_method_set_closer(ui_method, ui_close); 503 UI_method_set_closer(ui_method, ui_close);
500 return 0; 504 return 0;
501 } 505 }
502void destroy_ui_method() 506void destroy_ui_method(void)
503 { 507 {
504 if(ui_method) 508 if(ui_method)
505 { 509 {
@@ -925,7 +929,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format,
925 } 929 }
926 930
927#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) 931#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
928EVP_PKEY * 932static EVP_PKEY *
929load_netscape_key(BIO *err, BIO *key, const char *file, 933load_netscape_key(BIO *err, BIO *key, const char *file,
930 const char *key_descrip, int format) 934 const char *key_descrip, int format)
931 { 935 {
@@ -1213,7 +1217,7 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
1213 1217
1214void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) 1218void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
1215{ 1219{
1216 char buf[256]; 1220 char *buf;
1217 char mline = 0; 1221 char mline = 0;
1218 int indent = 0; 1222 int indent = 0;
1219 if(title) BIO_puts(out, title); 1223 if(title) BIO_puts(out, title);
@@ -1222,9 +1226,10 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
1222 indent = 4; 1226 indent = 4;
1223 } 1227 }
1224 if(lflags == XN_FLAG_COMPAT) { 1228 if(lflags == XN_FLAG_COMPAT) {
1225 X509_NAME_oneline(nm,buf,256); 1229 buf = X509_NAME_oneline(nm, 0, 0);
1226 BIO_puts(out,buf); 1230 BIO_puts(out, buf);
1227 BIO_puts(out, "\n"); 1231 BIO_puts(out, "\n");
1232 OPENSSL_free(buf);
1228 } else { 1233 } else {
1229 if(mline) BIO_puts(out, "\n"); 1234 if(mline) BIO_puts(out, "\n");
1230 X509_NAME_print_ex(out, nm, indent, lflags); 1235 X509_NAME_print_ex(out, nm, indent, lflags);
@@ -1263,7 +1268,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
1263} 1268}
1264 1269
1265/* Try to load an engine in a shareable library */ 1270/* Try to load an engine in a shareable library */
1266ENGINE *try_load_engine(BIO *err, const char *engine, int debug) 1271static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
1267 { 1272 {
1268 ENGINE *e = ENGINE_by_id("dynamic"); 1273 ENGINE *e = ENGINE_by_id("dynamic");
1269 if (e) 1274 if (e)
diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h
index 5b3836ab22..a88902ac13 100644
--- a/src/lib/libssl/src/apps/apps.h
+++ b/src/lib/libssl/src/apps/apps.h
@@ -134,10 +134,6 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read,
134 * (see e_os.h). The string is 134 * (see e_os.h). The string is
135 * destroyed! */ 135 * destroyed! */
136 136
137#ifdef OPENSSL_NO_STDIO
138BIO_METHOD *BIO_s_file();
139#endif
140
141#ifdef OPENSSL_SYS_WIN32 137#ifdef OPENSSL_SYS_WIN32
142#define rename(from,to) WIN32_rename((from),(to)) 138#define rename(from,to) WIN32_rename((from),(to))
143int WIN32_rename(char *oldname,char *newname); 139int WIN32_rename(char *oldname,char *newname);
@@ -217,8 +213,8 @@ typedef struct pw_cb_data
217int password_callback(char *buf, int bufsiz, int verify, 213int password_callback(char *buf, int bufsiz, int verify,
218 PW_CB_DATA *cb_data); 214 PW_CB_DATA *cb_data);
219 215
220int setup_ui_method(); 216int setup_ui_method(void);
221void destroy_ui_method(); 217void destroy_ui_method(void);
222 218
223int should_retry(int i); 219int should_retry(int i);
224int args_from_file(char *file, int *argc, char **argv[]); 220int args_from_file(char *file, int *argc, char **argv[]);
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index 51d9470aa1..322956de57 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -80,7 +80,11 @@
80#ifdef OPENSSL_SYS_WINDOWS 80#ifdef OPENSSL_SYS_WINDOWS
81#define strcasecmp _stricmp 81#define strcasecmp _stricmp
82#else 82#else
83#include <strings.h> 83# ifdef NO_STRINGS_H
84 int strcasecmp();
85# else
86# include <strings.h>
87# endif /* NO_STRINGS_H */
84#endif 88#endif
85 89
86#ifndef W_OK 90#ifndef W_OK
@@ -1450,13 +1454,13 @@ bad:
1450 } 1454 }
1451 if ((crldays == 0) && (crlhours == 0)) 1455 if ((crldays == 0) && (crlhours == 0))
1452 { 1456 {
1453 BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n"); 1457 BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
1454 goto err; 1458 goto err;
1455 } 1459 }
1456 1460
1457 if (verbose) BIO_printf(bio_err,"making CRL\n"); 1461 if (verbose) BIO_printf(bio_err,"making CRL\n");
1458 if ((crl=X509_CRL_new()) == NULL) goto err; 1462 if ((crl=X509_CRL_new()) == NULL) goto err;
1459 if (!X509_CRL_set_issuer_name(crl, X509_get_issuer_name(x509))) goto err; 1463 if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err;
1460 1464
1461 tmptm = ASN1_TIME_new(); 1465 tmptm = ASN1_TIME_new();
1462 if (!tmptm) goto err; 1466 if (!tmptm) goto err;
diff --git a/src/lib/libssl/src/apps/dgst.c b/src/lib/libssl/src/apps/dgst.c
index 0620b32bb4..e21c3d83ac 100644
--- a/src/lib/libssl/src/apps/dgst.c
+++ b/src/lib/libssl/src/apps/dgst.c
@@ -73,8 +73,9 @@
73#undef PROG 73#undef PROG
74#define PROG dgst_main 74#define PROG dgst_main
75 75
76void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, 76int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
77 EVP_PKEY *key, unsigned char *sigin, int siglen); 77 EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
78 const char *file);
78 79
79int MAIN(int, char **); 80int MAIN(int, char **);
80 81
@@ -319,22 +320,36 @@ int MAIN(int argc, char **argv)
319 if (argc == 0) 320 if (argc == 0)
320 { 321 {
321 BIO_set_fp(in,stdin,BIO_NOCLOSE); 322 BIO_set_fp(in,stdin,BIO_NOCLOSE);
322 do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, siglen); 323 err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
324 siglen,"","(stdin)");
323 } 325 }
324 else 326 else
325 { 327 {
326 name=OBJ_nid2sn(md->type); 328 name=OBJ_nid2sn(md->type);
327 for (i=0; i<argc; i++) 329 for (i=0; i<argc; i++)
328 { 330 {
331 char *tmp,*tofree=NULL;
332 int r;
333
329 if (BIO_read_filename(in,argv[i]) <= 0) 334 if (BIO_read_filename(in,argv[i]) <= 0)
330 { 335 {
331 perror(argv[i]); 336 perror(argv[i]);
332 err++; 337 err++;
333 continue; 338 continue;
334 } 339 }
335 if(!out_bin) BIO_printf(out, "%s(%s)= ",name,argv[i]); 340 if(!out_bin)
336 do_fp(out, buf,inp,separator, out_bin, sigkey, 341 {
337 sigbuf, siglen); 342 tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
343 sprintf(tmp,"%s(%s)= ",name,argv[i]);
344 }
345 else
346 tmp="";
347 r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
348 siglen,tmp,argv[i]);
349 if(r)
350 err=r;
351 if(tofree)
352 OPENSSL_free(tofree);
338 (void)BIO_reset(bmd); 353 (void)BIO_reset(bmd);
339 } 354 }
340 } 355 }
@@ -353,8 +368,9 @@ end:
353 EXIT(err); 368 EXIT(err);
354 } 369 }
355 370
356void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, 371int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
357 EVP_PKEY *key, unsigned char *sigin, int siglen) 372 EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
373 const char *file)
358 { 374 {
359 int len; 375 int len;
360 int i; 376 int i;
@@ -362,21 +378,33 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
362 for (;;) 378 for (;;)
363 { 379 {
364 i=BIO_read(bp,(char *)buf,BUFSIZE); 380 i=BIO_read(bp,(char *)buf,BUFSIZE);
365 if (i <= 0) break; 381 if(i < 0)
382 {
383 BIO_printf(bio_err, "Read Error in %s\n",file);
384 ERR_print_errors(bio_err);
385 return 1;
386 }
387 if (i == 0) break;
366 } 388 }
367 if(sigin) 389 if(sigin)
368 { 390 {
369 EVP_MD_CTX *ctx; 391 EVP_MD_CTX *ctx;
370 BIO_get_md_ctx(bp, &ctx); 392 BIO_get_md_ctx(bp, &ctx);
371 i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); 393 i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key);
372 if(i > 0) BIO_printf(out, "Verified OK\n"); 394 if(i > 0)
373 else if(i == 0) BIO_printf(out, "Verification Failure\n"); 395 BIO_printf(out, "Verified OK\n");
396 else if(i == 0)
397 {
398 BIO_printf(out, "Verification Failure\n");
399 return 1;
400 }
374 else 401 else
375 { 402 {
376 BIO_printf(bio_err, "Error Verifying Data\n"); 403 BIO_printf(bio_err, "Error Verifying Data\n");
377 ERR_print_errors(bio_err); 404 ERR_print_errors(bio_err);
405 return 1;
378 } 406 }
379 return; 407 return 0;
380 } 408 }
381 if(key) 409 if(key)
382 { 410 {
@@ -386,7 +414,7 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
386 { 414 {
387 BIO_printf(bio_err, "Error Signing Data\n"); 415 BIO_printf(bio_err, "Error Signing Data\n");
388 ERR_print_errors(bio_err); 416 ERR_print_errors(bio_err);
389 return; 417 return 1;
390 } 418 }
391 } 419 }
392 else 420 else
@@ -395,6 +423,7 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
395 if(binout) BIO_write(out, buf, len); 423 if(binout) BIO_write(out, buf, len);
396 else 424 else
397 { 425 {
426 BIO_write(out,title,strlen(title));
398 for (i=0; i<len; i++) 427 for (i=0; i<len; i++)
399 { 428 {
400 if (sep && (i != 0)) 429 if (sep && (i != 0))
@@ -403,5 +432,6 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
403 } 432 }
404 BIO_printf(out, "\n"); 433 BIO_printf(out, "\n");
405 } 434 }
435 return 0;
406 } 436 }
407 437
diff --git a/src/lib/libssl/src/apps/enc.c b/src/lib/libssl/src/apps/enc.c
index 2c3af75170..1ba2ea2f68 100644
--- a/src/lib/libssl/src/apps/enc.c
+++ b/src/lib/libssl/src/apps/enc.c
@@ -78,7 +78,7 @@ int set_hex(char *in,unsigned char *out,int size);
78#define BSIZE (8*1024) 78#define BSIZE (8*1024)
79#define PROG enc_main 79#define PROG enc_main
80 80
81void show_ciphers(const OBJ_NAME *name,void *bio_) 81static void show_ciphers(const OBJ_NAME *name,void *bio_)
82 { 82 {
83 BIO *bio=bio_; 83 BIO *bio=bio_;
84 static int n; 84 static int n;
diff --git a/src/lib/libssl/src/apps/nseq.c b/src/lib/libssl/src/apps/nseq.c
index 93adcdfef8..c26f62cb61 100644
--- a/src/lib/libssl/src/apps/nseq.c
+++ b/src/lib/libssl/src/apps/nseq.c
@@ -58,9 +58,9 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <string.h> 60#include <string.h>
61#include "apps.h"
61#include <openssl/pem.h> 62#include <openssl/pem.h>
62#include <openssl/err.h> 63#include <openssl/err.h>
63#include "apps.h"
64 64
65#undef PROG 65#undef PROG
66#define PROG nseq_main 66#define PROG nseq_main
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c
index c87edbc44b..49a156a1cf 100644
--- a/src/lib/libssl/src/apps/ocsp.c
+++ b/src/lib/libssl/src/apps/ocsp.c
@@ -58,11 +58,11 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <string.h> 60#include <string.h>
61#include "apps.h"
61#include <openssl/pem.h> 62#include <openssl/pem.h>
62#include <openssl/ocsp.h> 63#include <openssl/ocsp.h>
63#include <openssl/err.h> 64#include <openssl/err.h>
64#include <openssl/ssl.h> 65#include <openssl/ssl.h>
65#include "apps.h"
66 66
67/* Maximum leeway in validity period: default 5 minutes */ 67/* Maximum leeway in validity period: default 5 minutes */
68#define MAX_VALIDITY_PERIOD (5 * 60) 68#define MAX_VALIDITY_PERIOD (5 * 60)
@@ -553,8 +553,8 @@ int MAIN(int argc, char **argv)
553 BIO_printf (bio_err, "-port num port to run responder on\n"); 553 BIO_printf (bio_err, "-port num port to run responder on\n");
554 BIO_printf (bio_err, "-index file certificate status index file\n"); 554 BIO_printf (bio_err, "-index file certificate status index file\n");
555 BIO_printf (bio_err, "-CA file CA certificate\n"); 555 BIO_printf (bio_err, "-CA file CA certificate\n");
556 BIO_printf (bio_err, "-rsigner file responder certificate to sign requests with\n"); 556 BIO_printf (bio_err, "-rsigner file responder certificate to sign responses with\n");
557 BIO_printf (bio_err, "-rkey file responder key to sign requests with\n"); 557 BIO_printf (bio_err, "-rkey file responder key to sign responses with\n");
558 BIO_printf (bio_err, "-rother file other certificates to include in response\n"); 558 BIO_printf (bio_err, "-rother file other certificates to include in response\n");
559 BIO_printf (bio_err, "-resp_no_certs don't include any certificates in response\n"); 559 BIO_printf (bio_err, "-resp_no_certs don't include any certificates in response\n");
560 BIO_printf (bio_err, "-nmin n number of minutes before next update\n"); 560 BIO_printf (bio_err, "-nmin n number of minutes before next update\n");
@@ -676,6 +676,18 @@ int MAIN(int argc, char **argv)
676 676
677 if (req_text && req) OCSP_REQUEST_print(out, req, 0); 677 if (req_text && req) OCSP_REQUEST_print(out, req, 0);
678 678
679 if (reqout)
680 {
681 derbio = BIO_new_file(reqout, "wb");
682 if(!derbio)
683 {
684 BIO_printf(bio_err, "Error opening file %s\n", reqout);
685 goto end;
686 }
687 i2d_OCSP_REQUEST_bio(derbio, req);
688 BIO_free(derbio);
689 }
690
679 if (ridx_filename && (!rkey || !rsigner || !rca_cert)) 691 if (ridx_filename && (!rkey || !rsigner || !rca_cert))
680 { 692 {
681 BIO_printf(bio_err, "Need a responder certificate, key and CA for this operation!\n"); 693 BIO_printf(bio_err, "Need a responder certificate, key and CA for this operation!\n");
@@ -809,6 +821,8 @@ int MAIN(int argc, char **argv)
809 821
810 if (!store) 822 if (!store)
811 store = setup_verify(bio_err, CAfile, CApath); 823 store = setup_verify(bio_err, CAfile, CApath);
824 if (!store)
825 goto end;
812 if (verify_certfile) 826 if (verify_certfile)
813 { 827 {
814 verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM, 828 verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,
diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c
index c17458ef7c..1c4a4291aa 100644
--- a/src/lib/libssl/src/apps/openssl.c
+++ b/src/lib/libssl/src/apps/openssl.c
@@ -114,6 +114,7 @@
114#include <string.h> 114#include <string.h>
115#include <stdlib.h> 115#include <stdlib.h>
116#define OPENSSL_C /* tells apps.h to use complete apps_startup() */ 116#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
117#include "apps.h"
117#include <openssl/bio.h> 118#include <openssl/bio.h>
118#include <openssl/crypto.h> 119#include <openssl/crypto.h>
119#include <openssl/lhash.h> 120#include <openssl/lhash.h>
@@ -123,7 +124,6 @@
123#include <openssl/ssl.h> 124#include <openssl/ssl.h>
124#include <openssl/engine.h> 125#include <openssl/engine.h>
125#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ 126#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
126#include "apps.h"
127#include "progs.h" 127#include "progs.h"
128#include "s_apps.h" 128#include "s_apps.h"
129#include <openssl/err.h> 129#include <openssl/err.h>
diff --git a/src/lib/libssl/src/apps/pkcs7.c b/src/lib/libssl/src/apps/pkcs7.c
index 1cc91509a2..0cced40f0f 100644
--- a/src/lib/libssl/src/apps/pkcs7.c
+++ b/src/lib/libssl/src/apps/pkcs7.c
@@ -89,7 +89,7 @@ int MAIN(int argc, char **argv)
89 int informat,outformat; 89 int informat,outformat;
90 char *infile,*outfile,*prog; 90 char *infile,*outfile,*prog;
91 int print_certs=0,text=0,noout=0; 91 int print_certs=0,text=0,noout=0;
92 int ret=0; 92 int ret=1;
93 char *engine=NULL; 93 char *engine=NULL;
94 94
95 apps_startup(); 95 apps_startup();
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index 9c0dbc2bf6..658a79d390 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -433,6 +433,11 @@ bad:
433 goto end; 433 goto end;
434 } 434 }
435 435
436 OpenSSL_add_ssl_algorithms();
437 SSL_load_error_strings();
438
439 e = setup_engine(bio_err, engine_id, 1);
440
436 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 441 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
437 && !RAND_status()) 442 && !RAND_status())
438 { 443 {
@@ -455,11 +460,6 @@ bad:
455 } 460 }
456 } 461 }
457 462
458 OpenSSL_add_ssl_algorithms();
459 SSL_load_error_strings();
460
461 e = setup_engine(bio_err, engine_id, 1);
462
463 ctx=SSL_CTX_new(meth); 463 ctx=SSL_CTX_new(meth);
464 if (ctx == NULL) 464 if (ctx == NULL)
465 { 465 {
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index 78d90fad55..497abf44ef 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -683,6 +683,11 @@ bad:
683 goto end; 683 goto end;
684 } 684 }
685 685
686 SSL_load_error_strings();
687 OpenSSL_add_ssl_algorithms();
688
689 e = setup_engine(bio_err, engine_id, 1);
690
686 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 691 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
687 && !RAND_status()) 692 && !RAND_status())
688 { 693 {
@@ -715,11 +720,6 @@ bad:
715 s_dkey_file=NULL; 720 s_dkey_file=NULL;
716 } 721 }
717 722
718 SSL_load_error_strings();
719 OpenSSL_add_ssl_algorithms();
720
721 e = setup_engine(bio_err, engine_id, 1);
722
723 ctx=SSL_CTX_new(meth); 723 ctx=SSL_CTX_new(meth);
724 if (ctx == NULL) 724 if (ctx == NULL)
725 { 725 {
diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c
index 2fb853d071..752158460a 100644
--- a/src/lib/libssl/src/apps/s_time.c
+++ b/src/lib/libssl/src/apps/s_time.c
@@ -85,7 +85,7 @@
85#include OPENSSL_UNISTD 85#include OPENSSL_UNISTD
86#endif 86#endif
87 87
88#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX) 88#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
89#define TIMES 89#define TIMES
90#endif 90#endif
91 91
@@ -109,10 +109,6 @@
109#include <sys/timeb.h> 109#include <sys/timeb.h>
110#endif 110#endif
111 111
112#ifdef _AIX
113#include <sys/select.h>
114#endif
115
116#if defined(sun) || defined(__ultrix) 112#if defined(sun) || defined(__ultrix)
117#define _POSIX_SOURCE 113#define _POSIX_SOURCE
118#include <limits.h> 114#include <limits.h>
diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c
index dce5f32630..a797da0ffa 100644
--- a/src/lib/libssl/src/apps/x509.c
+++ b/src/lib/libssl/src/apps/x509.c
@@ -915,8 +915,10 @@ bad:
915 915
916 BIO_printf(bio_err,"Generating certificate request\n"); 916 BIO_printf(bio_err,"Generating certificate request\n");
917 917
918#ifndef OPENSSL_NO_DSA
918 if (pk->type == EVP_PKEY_DSA) 919 if (pk->type == EVP_PKEY_DSA)
919 digest=EVP_dss1(); 920 digest=EVP_dss1();
921#endif
920 922
921 rq=X509_to_X509_REQ(x,pk,digest); 923 rq=X509_to_X509_REQ(x,pk,digest);
922 EVP_PKEY_free(pk); 924 EVP_PKEY_free(pk);
diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config
index 3d443da6fb..972cdb70a3 100644
--- a/src/lib/libssl/src/config
+++ b/src/lib/libssl/src/config
@@ -390,18 +390,30 @@ exit 0
390 390
391# figure out if gcc is available and if so we use it otherwise 391# figure out if gcc is available and if so we use it otherwise
392# we fallback to whatever cc does on the system 392# we fallback to whatever cc does on the system
393GCCVER=`(gcc --version) 2>/dev/null` 393GCCVER=`(gcc -dumpversion) 2>/dev/null`
394if [ "$GCCVER" != "" ]; then 394if [ "$GCCVER" != "" ]; then
395 CC=gcc 395 CC=gcc
396 # then strip off whatever prefix Cygnus prepends the number with... 396 # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
397 GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'` 397 # does give us what we want though, so we use that. We just just the
398 # major and minor version numbers.
398 # peak single digit before and after first dot, e.g. 2.95.1 gives 29 399 # peak single digit before and after first dot, e.g. 2.95.1 gives 29
399 GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'` 400 GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
400else 401else
401 CC=cc 402 CC=cc
402fi 403fi
403GCCVER=${GCCVER:-0} 404GCCVER=${GCCVER:-0}
404 405if [ "$SYSTEM" = "HP-UX" ];then
406 # By default gcc is a ILP32 compiler (with long long == 64).
407 GCC_BITS="32"
408 if [ $GCCVER -ge 30 ]; then
409 # PA64 support only came in with gcc 3.0.x.
410 # We look for the preprocessor symbol __LP64__ indicating
411 # 64bit bit long and pointer. sizeof(int) == 32 on HPUX64.
412 if gcc -v -E -x c /dev/null 2>&1 | grep __LP64__ > /dev/null; then
413 GCC_BITS="64"
414 fi
415 fi
416fi
405if [ "$SYSTEM" = "SunOS" ]; then 417if [ "$SYSTEM" = "SunOS" ]; then
406 if [ $GCCVER -ge 30 ]; then 418 if [ $GCCVER -ge 30 ]; then
407 # 64-bit ABI isn't officially supported in gcc 3.0, but it appears 419 # 64-bit ABI isn't officially supported in gcc 3.0, but it appears
@@ -659,7 +671,16 @@ EOF
659 RM*-siemens-sysv4) OUT="ReliantUNIX" ;; 671 RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
660 *-siemens-sysv4) OUT="SINIX" ;; 672 *-siemens-sysv4) OUT="SINIX" ;;
661 *-hpux1*) 673 *-hpux1*)
662 OUT="hpux-parisc-$CC" 674 if [ $CC = "gcc" ];
675 then
676 if [ $GCC_BITS = "64" ]; then
677 OUT="hpux64-parisc-gcc"
678 else
679 OUT="hpux-parisc-gcc"
680 fi
681 else
682 OUT="hpux-parisc-$CC"
683 fi
663 KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null` 684 KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
664 KERNEL_BITS=${KERNEL_BITS:-32} 685 KERNEL_BITS=${KERNEL_BITS:-32}
665 CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null` 686 CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null`
diff --git a/src/lib/libssl/src/crypto/aes/aes_locl.h b/src/lib/libssl/src/crypto/aes/aes_locl.h
index 541d1d6e84..18fc2d0747 100644
--- a/src/lib/libssl/src/crypto/aes/aes_locl.h
+++ b/src/lib/libssl/src/crypto/aes/aes_locl.h
@@ -60,10 +60,7 @@
60 60
61#include <stdio.h> 61#include <stdio.h>
62#include <stdlib.h> 62#include <stdlib.h>
63
64#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
65#include <string.h> 63#include <string.h>
66#endif
67 64
68#ifdef _MSC_VER 65#ifdef _MSC_VER
69# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) 66# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
diff --git a/src/lib/libssl/src/crypto/asn1/a_strex.c b/src/lib/libssl/src/crypto/asn1/a_strex.c
index 128aa7e772..8dab29dca1 100644
--- a/src/lib/libssl/src/crypto/asn1/a_strex.c
+++ b/src/lib/libssl/src/crypto/asn1/a_strex.c
@@ -77,8 +77,8 @@
77/* Three IO functions for sending data to memory, a BIO and 77/* Three IO functions for sending data to memory, a BIO and
78 * and a FILE pointer. 78 * and a FILE pointer.
79 */ 79 */
80 80#if 0 /* never used */
81int send_mem_chars(void *arg, const void *buf, int len) 81static int send_mem_chars(void *arg, const void *buf, int len)
82{ 82{
83 unsigned char **out = arg; 83 unsigned char **out = arg;
84 if(!out) return 1; 84 if(!out) return 1;
@@ -86,15 +86,16 @@ int send_mem_chars(void *arg, const void *buf, int len)
86 *out += len; 86 *out += len;
87 return 1; 87 return 1;
88} 88}
89#endif
89 90
90int send_bio_chars(void *arg, const void *buf, int len) 91static int send_bio_chars(void *arg, const void *buf, int len)
91{ 92{
92 if(!arg) return 1; 93 if(!arg) return 1;
93 if(BIO_write(arg, buf, len) != len) return 0; 94 if(BIO_write(arg, buf, len) != len) return 0;
94 return 1; 95 return 1;
95} 96}
96 97
97int send_fp_chars(void *arg, const void *buf, int len) 98static int send_fp_chars(void *arg, const void *buf, int len)
98{ 99{
99 if(!arg) return 1; 100 if(!arg) return 1;
100 if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0; 101 if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0;
@@ -240,7 +241,7 @@ static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen
240 * #01234 format. 241 * #01234 format.
241 */ 242 */
242 243
243int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str) 244static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
244{ 245{
245 /* Placing the ASN1_STRING in a temp ASN1_TYPE allows 246 /* Placing the ASN1_STRING in a temp ASN1_TYPE allows
246 * the DER encoding to readily obtained 247 * the DER encoding to readily obtained
diff --git a/src/lib/libssl/src/crypto/asn1/a_utctm.c b/src/lib/libssl/src/crypto/asn1/a_utctm.c
index ed2d827db2..dbb4a42c9d 100644
--- a/src/lib/libssl/src/crypto/asn1/a_utctm.c
+++ b/src/lib/libssl/src/crypto/asn1/a_utctm.c
@@ -222,6 +222,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
222int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) 222int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
223 { 223 {
224 struct tm *tm; 224 struct tm *tm;
225 struct tm data;
225 int offset; 226 int offset;
226 int year; 227 int year;
227 228
@@ -238,7 +239,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
238 239
239 t -= offset*60; /* FIXME: may overflow in extreme cases */ 240 t -= offset*60; /* FIXME: may overflow in extreme cases */
240 241
241 { struct tm data; tm = OPENSSL_gmtime(&t, &data); } 242 tm = OPENSSL_gmtime(&t, &data);
242 243
243#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 244#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
244 year = g2(s->data); 245 year = g2(s->data);
diff --git a/src/lib/libssl/src/crypto/asn1/asn1.h b/src/lib/libssl/src/crypto/asn1/asn1.h
index 0d1713f8dd..dbb30f4f22 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1.h
+++ b/src/lib/libssl/src/crypto/asn1/asn1.h
@@ -773,6 +773,7 @@ int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
773int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); 773int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
774 774
775DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) 775DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
776DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
776DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING) 777DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
777DECLARE_ASN1_FUNCTIONS(ASN1_NULL) 778DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
778DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING) 779DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
index 830ff2af3c..422685a3b4 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62#include <openssl/asn1_mac.h>
62 63
63static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); 64static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
64static void asn1_put_length(unsigned char **pp, int length); 65static void asn1_put_length(unsigned char **pp, int length);
@@ -123,15 +124,13 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
123 (int)(omax+ *pp)); 124 (int)(omax+ *pp));
124 125
125#endif 126#endif
126#if 0 127 if (*plength > (omax - (*pp - p)))
127 if ((p+ *plength) > (omax+ *pp))
128 { 128 {
129 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); 129 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
130 /* Set this so that even if things are not long enough 130 /* Set this so that even if things are not long enough
131 * the values are set correctly */ 131 * the values are set correctly */
132 ret|=0x80; 132 ret|=0x80;
133 } 133 }
134#endif
135 *pp=p; 134 *pp=p;
136 return(ret|inf); 135 return(ret|inf);
137err: 136err:
@@ -158,6 +157,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
158 i= *p&0x7f; 157 i= *p&0x7f;
159 if (*(p++) & 0x80) 158 if (*(p++) & 0x80)
160 { 159 {
160 if (i > sizeof(long))
161 return 0;
161 if (max-- == 0) return(0); 162 if (max-- == 0) return(0);
162 while (i-- > 0) 163 while (i-- > 0)
163 { 164 {
@@ -169,6 +170,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
169 else 170 else
170 ret=i; 171 ret=i;
171 } 172 }
173 if (ret < 0)
174 return 0;
172 *pp=p; 175 *pp=p;
173 *rl=ret; 176 *rl=ret;
174 return(1); 177 return(1);
@@ -406,7 +409,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
406 409
407void asn1_add_error(unsigned char *address, int offset) 410void asn1_add_error(unsigned char *address, int offset)
408 { 411 {
409 char buf1[16],buf2[16]; 412 char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
410 413
411 sprintf(buf1,"%lu",(unsigned long)address); 414 sprintf(buf1,"%lu",(unsigned long)address);
412 sprintf(buf2,"%d",offset); 415 sprintf(buf2,"%d",offset);
diff --git a/src/lib/libssl/src/crypto/asn1/n_pkey.c b/src/lib/libssl/src/crypto/asn1/n_pkey.c
index 49f80fffd2..9146ee02c9 100644
--- a/src/lib/libssl/src/crypto/asn1/n_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/n_pkey.c
@@ -92,6 +92,8 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
92 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG) 92 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
93} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY) 93} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
94 94
95DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
96DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY)
95IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) 97IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
96 98
97ASN1_SEQUENCE(NETSCAPE_PKEY) = { 99ASN1_SEQUENCE(NETSCAPE_PKEY) = {
@@ -100,6 +102,8 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = {
100 ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) 102 ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
101} ASN1_SEQUENCE_END(NETSCAPE_PKEY) 103} ASN1_SEQUENCE_END(NETSCAPE_PKEY)
102 104
105DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
106DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
103IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) 107IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
104 108
105static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, 109static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
diff --git a/src/lib/libssl/src/crypto/asn1/t_pkey.c b/src/lib/libssl/src/crypto/asn1/t_pkey.c
index 8060115202..2d46914cb1 100644
--- a/src/lib/libssl/src/crypto/asn1/t_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/t_pkey.c
@@ -96,10 +96,34 @@ int RSA_print(BIO *bp, const RSA *x, int off)
96 char str[128]; 96 char str[128];
97 const char *s; 97 const char *s;
98 unsigned char *m=NULL; 98 unsigned char *m=NULL;
99 int i,ret=0; 99 int ret=0;
100 size_t buf_len=0, i;
100 101
101 i=RSA_size(x); 102 if (x->n)
102 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); 103 buf_len = (size_t)BN_num_bytes(x->n);
104 if (x->e)
105 if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
106 buf_len = i;
107 if (x->d)
108 if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
109 buf_len = i;
110 if (x->p)
111 if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
112 buf_len = i;
113 if (x->q)
114 if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
115 buf_len = i;
116 if (x->dmp1)
117 if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
118 buf_len = i;
119 if (x->dmq1)
120 if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
121 buf_len = i;
122 if (x->iqmp)
123 if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
124 buf_len = i;
125
126 m=(unsigned char *)OPENSSL_malloc(buf_len+10);
103 if (m == NULL) 127 if (m == NULL)
104 { 128 {
105 RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); 129 RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -161,22 +185,25 @@ int DSA_print(BIO *bp, const DSA *x, int off)
161 { 185 {
162 char str[128]; 186 char str[128];
163 unsigned char *m=NULL; 187 unsigned char *m=NULL;
164 int i,ret=0; 188 int ret=0;
165 BIGNUM *bn=NULL; 189 size_t buf_len=0,i;
166 190
167 if (x->p != NULL) 191 if (x->p)
168 bn=x->p; 192 buf_len = (size_t)BN_num_bytes(x->p);
169 else if (x->priv_key != NULL) 193 if (x->q)
170 bn=x->priv_key; 194 if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
171 else if (x->pub_key != NULL) 195 buf_len = i;
172 bn=x->pub_key; 196 if (x->g)
173 197 if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
174 /* larger than needed but what the hell :-) */ 198 buf_len = i;
175 if (bn != NULL) 199 if (x->priv_key)
176 i=BN_num_bytes(bn)*2; 200 if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
177 else 201 buf_len = i;
178 i=256; 202 if (x->pub_key)
179 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); 203 if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
204 buf_len = i;
205
206 m=(unsigned char *)OPENSSL_malloc(buf_len+10);
180 if (m == NULL) 207 if (m == NULL)
181 { 208 {
182 DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); 209 DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -281,10 +308,15 @@ int DHparams_print_fp(FILE *fp, const DH *x)
281int DHparams_print(BIO *bp, const DH *x) 308int DHparams_print(BIO *bp, const DH *x)
282 { 309 {
283 unsigned char *m=NULL; 310 unsigned char *m=NULL;
284 int reason=ERR_R_BUF_LIB,i,ret=0; 311 int reason=ERR_R_BUF_LIB,ret=0;
312 size_t buf_len=0, i;
285 313
286 i=BN_num_bytes(x->p); 314 if (x->p)
287 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); 315 buf_len = (size_t)BN_num_bytes(x->p);
316 if (x->g)
317 if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
318 buf_len = i;
319 m=(unsigned char *)OPENSSL_malloc(buf_len+10);
288 if (m == NULL) 320 if (m == NULL)
289 { 321 {
290 reason=ERR_R_MALLOC_FAILURE; 322 reason=ERR_R_MALLOC_FAILURE;
@@ -334,10 +366,18 @@ int DSAparams_print_fp(FILE *fp, const DSA *x)
334int DSAparams_print(BIO *bp, const DSA *x) 366int DSAparams_print(BIO *bp, const DSA *x)
335 { 367 {
336 unsigned char *m=NULL; 368 unsigned char *m=NULL;
337 int reason=ERR_R_BUF_LIB,i,ret=0; 369 int reason=ERR_R_BUF_LIB,ret=0;
370 size_t buf_len=0,i;
338 371
339 i=BN_num_bytes(x->p); 372 if (x->p)
340 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); 373 buf_len = (size_t)BN_num_bytes(x->p);
374 if (x->q)
375 if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
376 buf_len = i;
377 if (x->g)
378 if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
379 buf_len = i;
380 m=(unsigned char *)OPENSSL_malloc(buf_len+10);
341 if (m == NULL) 381 if (m == NULL)
342 { 382 {
343 reason=ERR_R_MALLOC_FAILURE; 383 reason=ERR_R_MALLOC_FAILURE;
diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c
index dcaef68ea7..45bd7c47e8 100644
--- a/src/lib/libssl/src/crypto/bio/b_sock.c
+++ b/src/lib/libssl/src/crypto/bio/b_sock.c
@@ -484,7 +484,11 @@ int BIO_socket_ioctl(int fd, long type, unsigned long *arg)
484 { 484 {
485 int i; 485 int i;
486 486
487#ifdef __DJGPP__
488 i=ioctlsocket(fd,type,(char *)arg);
489#else
487 i=ioctlsocket(fd,type,arg); 490 i=ioctlsocket(fd,type,arg);
491#endif /* __DJGPP__ */
488 if (i < 0) 492 if (i < 0)
489 SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error()); 493 SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
490 return(i); 494 return(i);
diff --git a/src/lib/libssl/src/crypto/bio/bio.h b/src/lib/libssl/src/crypto/bio/bio.h
index b122c7069d..c5caf253c9 100644
--- a/src/lib/libssl/src/crypto/bio/bio.h
+++ b/src/lib/libssl/src/crypto/bio/bio.h
@@ -554,7 +554,9 @@ BIO_METHOD *BIO_s_socket(void);
554BIO_METHOD *BIO_s_connect(void); 554BIO_METHOD *BIO_s_connect(void);
555BIO_METHOD *BIO_s_accept(void); 555BIO_METHOD *BIO_s_accept(void);
556BIO_METHOD *BIO_s_fd(void); 556BIO_METHOD *BIO_s_fd(void);
557#ifndef OPENSSL_SYS_OS2
557BIO_METHOD *BIO_s_log(void); 558BIO_METHOD *BIO_s_log(void);
559#endif
558BIO_METHOD *BIO_s_bio(void); 560BIO_METHOD *BIO_s_bio(void);
559BIO_METHOD *BIO_s_null(void); 561BIO_METHOD *BIO_s_null(void);
560BIO_METHOD *BIO_f_null(void); 562BIO_METHOD *BIO_f_null(void);
@@ -647,6 +649,7 @@ void ERR_load_BIO_strings(void);
647#define BIO_F_CONN_CTRL 127 649#define BIO_F_CONN_CTRL 127
648#define BIO_F_CONN_STATE 115 650#define BIO_F_CONN_STATE 115
649#define BIO_F_FILE_CTRL 116 651#define BIO_F_FILE_CTRL 116
652#define BIO_F_FILE_READ 130
650#define BIO_F_LINEBUFFER_CTRL 129 653#define BIO_F_LINEBUFFER_CTRL 129
651#define BIO_F_MEM_READ 128 654#define BIO_F_MEM_READ 128
652#define BIO_F_MEM_WRITE 117 655#define BIO_F_MEM_WRITE 117
diff --git a/src/lib/libssl/src/crypto/bio/bio_err.c b/src/lib/libssl/src/crypto/bio/bio_err.c
index 99ca3cd0da..68a119d895 100644
--- a/src/lib/libssl/src/crypto/bio/bio_err.c
+++ b/src/lib/libssl/src/crypto/bio/bio_err.c
@@ -91,6 +91,7 @@ static ERR_STRING_DATA BIO_str_functs[]=
91{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"}, 91{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"},
92{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"}, 92{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
93{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"}, 93{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
94{ERR_PACK(0,BIO_F_FILE_READ,0), "FILE_READ"},
94{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"}, 95{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"},
95{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"}, 96{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"},
96{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"}, 97{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
diff --git a/src/lib/libssl/src/crypto/bio/bss_file.c b/src/lib/libssl/src/crypto/bio/bss_file.c
index 8b3ff278d9..826b361fa2 100644
--- a/src/lib/libssl/src/crypto/bio/bss_file.c
+++ b/src/lib/libssl/src/crypto/bio/bss_file.c
@@ -162,6 +162,12 @@ static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
162 if (b->init && (out != NULL)) 162 if (b->init && (out != NULL))
163 { 163 {
164 ret=fread(out,1,(int)outl,(FILE *)b->ptr); 164 ret=fread(out,1,(int)outl,(FILE *)b->ptr);
165 if(ret == 0 && ferror((FILE *)b->ptr))
166 {
167 SYSerr(SYS_F_FREAD,get_last_sys_error());
168 BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB);
169 ret=-1;
170 }
165 } 171 }
166 return(ret); 172 return(ret);
167 } 173 }
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c
index a016cb7f53..8abe095af2 100644
--- a/src/lib/libssl/src/crypto/bn/bn_lib.c
+++ b/src/lib/libssl/src/crypto/bn/bn_lib.c
@@ -397,6 +397,12 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
397 { 397 {
398 BIGNUM *r = NULL; 398 BIGNUM *r = NULL;
399 399
400 /* This function does not work if
401 * words <= b->dmax && top < words
402 * because BN_dup() does not preserve 'dmax'!
403 * (But bn_dup_expand() is not used anywhere yet.)
404 */
405
400 if (words > b->dmax) 406 if (words > b->dmax)
401 { 407 {
402 BN_ULONG *a = bn_expand_internal(b, words); 408 BN_ULONG *a = bn_expand_internal(b, words);
diff --git a/src/lib/libssl/src/crypto/bn/bn_mul.c b/src/lib/libssl/src/crypto/bn/bn_mul.c
index fd598b8b3d..b03458d002 100644
--- a/src/lib/libssl/src/crypto/bn/bn_mul.c
+++ b/src/lib/libssl/src/crypto/bn/bn_mul.c
@@ -66,7 +66,7 @@
66#include "cryptlib.h" 66#include "cryptlib.h"
67#include "bn_lcl.h" 67#include "bn_lcl.h"
68 68
69#if defined(OPENSSL_NO_ASM) || !(defined(__i386) || defined(__i386__))/* Assembler implementation exists only for x86 */ 69#if defined(OPENSSL_NO_ASM) || !(defined(__i386) || defined(__i386__)) || defined(__DJGPP__) /* Assembler implementation exists only for x86 */
70/* Here follows specialised variants of bn_add_words() and 70/* Here follows specialised variants of bn_add_words() and
71 bn_sub_words(). They have the property performing operations on 71 bn_sub_words(). They have the property performing operations on
72 arrays of different sizes. The sizes of those arrays is expressed through 72 arrays of different sizes. The sizes of those arrays is expressed through
diff --git a/src/lib/libssl/src/crypto/bn/bntest.c b/src/lib/libssl/src/crypto/bn/bntest.c
index 443cf420e5..8158a67374 100644
--- a/src/lib/libssl/src/crypto/bn/bntest.c
+++ b/src/lib/libssl/src/crypto/bn/bntest.c
@@ -925,7 +925,7 @@ int test_kron(BIO *bp, BN_CTX *ctx)
925 /* r := a^t mod b */ 925 /* r := a^t mod b */
926 b->neg=0; 926 b->neg=0;
927 927
928 if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err; /* XXX should be BN_mod_exp_recp, but ..._recp triggers a bug that must be fixed */ 928 if (!BN_mod_exp_recp(r, a, t, b, ctx)) goto err;
929 b->neg=1; 929 b->neg=1;
930 930
931 if (BN_is_word(r, 1)) 931 if (BN_is_word(r, 1))
diff --git a/src/lib/libssl/src/crypto/conf/conf.h b/src/lib/libssl/src/crypto/conf/conf.h
index 3c03fb19c0..f4671442ab 100644
--- a/src/lib/libssl/src/crypto/conf/conf.h
+++ b/src/lib/libssl/src/crypto/conf/conf.h
@@ -129,6 +129,7 @@ int CONF_dump_fp(LHASH *conf, FILE *out);
129int CONF_dump_bio(LHASH *conf, BIO *out); 129int CONF_dump_bio(LHASH *conf, BIO *out);
130 130
131void OPENSSL_config(const char *config_name); 131void OPENSSL_config(const char *config_name);
132void OPENSSL_no_config(void);
132 133
133/* New conf code. The semantics are different from the functions above. 134/* New conf code. The semantics are different from the functions above.
134 If that wasn't the case, the above functions would have been replaced */ 135 If that wasn't the case, the above functions would have been replaced */
@@ -141,10 +142,10 @@ struct conf_st
141 }; 142 };
142 143
143CONF *NCONF_new(CONF_METHOD *meth); 144CONF *NCONF_new(CONF_METHOD *meth);
144CONF_METHOD *NCONF_default(); 145CONF_METHOD *NCONF_default(void);
145CONF_METHOD *NCONF_WIN32(); 146CONF_METHOD *NCONF_WIN32(void);
146#if 0 /* Just to give you an idea of what I have in mind */ 147#if 0 /* Just to give you an idea of what I have in mind */
147CONF_METHOD *NCONF_XML(); 148CONF_METHOD *NCONF_XML(void);
148#endif 149#endif
149void NCONF_free(CONF *conf); 150void NCONF_free(CONF *conf);
150void NCONF_free_data(CONF *conf); 151void NCONF_free_data(CONF *conf);
@@ -176,6 +177,7 @@ int CONF_modules_load_file(const char *filename, const char *appname,
176 unsigned long flags); 177 unsigned long flags);
177void CONF_modules_unload(int all); 178void CONF_modules_unload(int all);
178void CONF_modules_finish(void); 179void CONF_modules_finish(void);
180void CONF_modules_free(void);
179int CONF_module_add(const char *name, conf_init_func *ifunc, 181int CONF_module_add(const char *name, conf_init_func *ifunc,
180 conf_finish_func *ffunc); 182 conf_finish_func *ffunc);
181 183
diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c
index 31f2766246..5e194de60e 100644
--- a/src/lib/libssl/src/crypto/conf/conf_def.c
+++ b/src/lib/libssl/src/crypto/conf/conf_def.c
@@ -67,6 +67,7 @@
67#include "conf_def.h" 67#include "conf_def.h"
68#include <openssl/buffer.h> 68#include <openssl/buffer.h>
69#include <openssl/err.h> 69#include <openssl/err.h>
70#include "cryptlib.h"
70 71
71static char *eat_ws(CONF *conf, char *p); 72static char *eat_ws(CONF *conf, char *p);
72static char *eat_alpha_numeric(CONF *conf, char *p); 73static char *eat_alpha_numeric(CONF *conf, char *p);
@@ -208,12 +209,12 @@ static int def_load(CONF *conf, const char *name, long *line)
208static int def_load_bio(CONF *conf, BIO *in, long *line) 209static int def_load_bio(CONF *conf, BIO *in, long *line)
209 { 210 {
210#define BUFSIZE 512 211#define BUFSIZE 512
211 char btmp[16];
212 int bufnum=0,i,ii; 212 int bufnum=0,i,ii;
213 BUF_MEM *buff=NULL; 213 BUF_MEM *buff=NULL;
214 char *s,*p,*end; 214 char *s,*p,*end;
215 int again,n; 215 int again,n;
216 long eline=0; 216 long eline=0;
217 char btmp[DECIMAL_SIZE(eline)+1];
217 CONF_VALUE *v=NULL,*tv; 218 CONF_VALUE *v=NULL,*tv;
218 CONF_VALUE *sv=NULL; 219 CONF_VALUE *sv=NULL;
219 char *section=NULL,*buf; 220 char *section=NULL,*buf;
diff --git a/src/lib/libssl/src/crypto/conf/conf_lib.c b/src/lib/libssl/src/crypto/conf/conf_lib.c
index 7998f34c7b..6a3cf109dd 100644
--- a/src/lib/libssl/src/crypto/conf/conf_lib.c
+++ b/src/lib/libssl/src/crypto/conf/conf_lib.c
@@ -382,8 +382,9 @@ int NCONF_dump_bio(const CONF *conf, BIO *out)
382 return conf->meth->dump(conf, out); 382 return conf->meth->dump(conf, out);
383 } 383 }
384 384
385
385/* This function should be avoided */ 386/* This function should be avoided */
386#undef NCONF_get_number 387#if 0
387long NCONF_get_number(CONF *conf,char *group,char *name) 388long NCONF_get_number(CONF *conf,char *group,char *name)
388 { 389 {
389 int status; 390 int status;
@@ -397,4 +398,4 @@ long NCONF_get_number(CONF *conf,char *group,char *name)
397 } 398 }
398 return ret; 399 return ret;
399 } 400 }
400 401#endif
diff --git a/src/lib/libssl/src/crypto/conf/conf_mod.c b/src/lib/libssl/src/crypto/conf/conf_mod.c
index f92babc2e2..edcc08921c 100644
--- a/src/lib/libssl/src/crypto/conf/conf_mod.c
+++ b/src/lib/libssl/src/crypto/conf/conf_mod.c
@@ -230,7 +230,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
230 { 230 {
231 if (!(flags & CONF_MFLAGS_SILENT)) 231 if (!(flags & CONF_MFLAGS_SILENT))
232 { 232 {
233 char rcode[10]; 233 char rcode[DECIMAL_SIZE(ret)+1];
234 CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); 234 CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
235 sprintf(rcode, "%-8d", ret); 235 sprintf(rcode, "%-8d", ret);
236 ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); 236 ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c
index 612b3b93b4..d301b376f7 100644
--- a/src/lib/libssl/src/crypto/cryptlib.c
+++ b/src/lib/libssl/src/crypto/cryptlib.c
@@ -492,3 +492,11 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
492#endif 492#endif
493 493
494#endif 494#endif
495
496void OpenSSLDie(const char *file,int line,const char *assertion)
497 {
498 fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",
499 file,line,assertion);
500 abort();
501 }
502
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h
index a0489e57fc..985a6d377c 100644
--- a/src/lib/libssl/src/crypto/cryptlib.h
+++ b/src/lib/libssl/src/crypto/cryptlib.h
@@ -89,6 +89,14 @@ extern "C" {
89#define X509_CERT_DIR_EVP "SSL_CERT_DIR" 89#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
90#define X509_CERT_FILE_EVP "SSL_CERT_FILE" 90#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
91 91
92/* size of string represenations */
93#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
94#define HEX_SIZE(type) ((sizeof(type)*2)
95
96/* die if we have to */
97void OpenSSLDie(const char *file,int line,const char *assertion);
98#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
99
92#ifdef __cplusplus 100#ifdef __cplusplus
93} 101}
94#endif 102#endif
diff --git a/src/lib/libssl/src/crypto/des/des_old.h b/src/lib/libssl/src/crypto/des/des_old.h
index 3778f93c15..51b987422a 100644
--- a/src/lib/libssl/src/crypto/des/des_old.h
+++ b/src/lib/libssl/src/crypto/des/des_old.h
@@ -173,7 +173,7 @@ typedef struct _ossl_old_des_ks_struct
173 DES_fcrypt((b),(s),(r)) 173 DES_fcrypt((b),(s),(r))
174#define des_crypt(b,s)\ 174#define des_crypt(b,s)\
175 DES_crypt((b),(s)) 175 DES_crypt((b),(s))
176#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) 176#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
177#define crypt(b,s)\ 177#define crypt(b,s)\
178 DES_crypt((b),(s)) 178 DES_crypt((b),(s))
179#endif 179#endif
@@ -366,7 +366,7 @@ int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule
366 _ossl_old_des_cblock *iv); 366 _ossl_old_des_cblock *iv);
367char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret); 367char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
368char *_ossl_old_des_crypt(const char *buf,const char *salt); 368char *_ossl_old_des_crypt(const char *buf,const char *salt);
369#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) 369#if !defined(PERL5) && !defined(NeXT)
370char *_ossl_old_crypt(const char *buf,const char *salt); 370char *_ossl_old_crypt(const char *buf,const char *salt);
371#endif 371#endif
372void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out, 372void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
diff --git a/src/lib/libssl/src/crypto/des/read_pwd.c b/src/lib/libssl/src/crypto/des/read_pwd.c
index 00000190f8..9061935f21 100644
--- a/src/lib/libssl/src/crypto/des/read_pwd.c
+++ b/src/lib/libssl/src/crypto/des/read_pwd.c
@@ -246,7 +246,7 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt,
246 long status; 246 long status;
247 unsigned short channel = 0; 247 unsigned short channel = 0;
248#else 248#else
249#ifndef OPENSSL_SYS_MSDOS 249#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
250 TTY_STRUCT tty_orig,tty_new; 250 TTY_STRUCT tty_orig,tty_new;
251#endif 251#endif
252#endif 252#endif
diff --git a/src/lib/libssl/src/crypto/ebcdic.c b/src/lib/libssl/src/crypto/ebcdic.c
index bc968ea807..d1bece87f7 100644
--- a/src/lib/libssl/src/crypto/ebcdic.c
+++ b/src/lib/libssl/src/crypto/ebcdic.c
@@ -211,8 +211,8 @@ ascii2ebcdic(void *dest, const void *srce, size_t count)
211} 211}
212 212
213#else /*CHARSET_EBCDIC*/ 213#else /*CHARSET_EBCDIC*/
214#include <openssl/opensslconf.h> 214#include <openssl/e_os2.h>
215#if defined(PEDANTIC) || defined(__DECC) 215#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
216static void *dummy=&dummy; 216static void *dummy=&dummy;
217#endif 217#endif
218#endif 218#endif
diff --git a/src/lib/libssl/src/crypto/ec/ectest.c b/src/lib/libssl/src/crypto/ec/ectest.c
index 243cd83fb5..eab46cc080 100644
--- a/src/lib/libssl/src/crypto/ec/ectest.c
+++ b/src/lib/libssl/src/crypto/ec/ectest.c
@@ -75,8 +75,8 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
75 exit(1); \ 75 exit(1); \
76} while (0) 76} while (0)
77 77
78 78#if 0
79void timings(EC_GROUP *group, int multi, BN_CTX *ctx) 79static void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
80 { 80 {
81 clock_t clck; 81 clock_t clck;
82 int i, j; 82 int i, j;
@@ -138,7 +138,7 @@ void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
138 BN_free(s); 138 BN_free(s);
139 BN_free(s0); 139 BN_free(s0);
140 } 140 }
141 141#endif
142 142
143int main(int argc, char *argv[]) 143int main(int argc, char *argv[])
144 { 144 {
diff --git a/src/lib/libssl/src/crypto/engine/eng_cnf.c b/src/lib/libssl/src/crypto/engine/eng_cnf.c
index 8c0ae8a1ad..cdf670901a 100644
--- a/src/lib/libssl/src/crypto/engine/eng_cnf.c
+++ b/src/lib/libssl/src/crypto/engine/eng_cnf.c
@@ -92,7 +92,7 @@ static int int_engine_init(ENGINE *e)
92 } 92 }
93 93
94 94
95int int_engine_configure(char *name, char *value, const CONF *cnf) 95static int int_engine_configure(char *name, char *value, const CONF *cnf)
96 { 96 {
97 int i; 97 int i;
98 int ret = 0; 98 int ret = 0;
diff --git a/src/lib/libssl/src/crypto/engine/eng_dyn.c b/src/lib/libssl/src/crypto/engine/eng_dyn.c
index 4fefcc0cae..4139a16e76 100644
--- a/src/lib/libssl/src/crypto/engine/eng_dyn.c
+++ b/src/lib/libssl/src/crypto/engine/eng_dyn.c
@@ -157,6 +157,10 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr,
157 dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr; 157 dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
158 if(ctx->dynamic_dso) 158 if(ctx->dynamic_dso)
159 DSO_free(ctx->dynamic_dso); 159 DSO_free(ctx->dynamic_dso);
160 if(ctx->DYNAMIC_LIBNAME)
161 OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
162 if(ctx->engine_id)
163 OPENSSL_free((void*)ctx->engine_id);
160 OPENSSL_free(ctx); 164 OPENSSL_free(ctx);
161 } 165 }
162 } 166 }
@@ -169,7 +173,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
169 { 173 {
170 dynamic_data_ctx *c; 174 dynamic_data_ctx *c;
171 c = OPENSSL_malloc(sizeof(dynamic_data_ctx)); 175 c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
172 if(!ctx) 176 if(!c)
173 { 177 {
174 ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); 178 ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
175 return 0; 179 return 0;
@@ -310,8 +314,13 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
310 /* a NULL 'p' or a string of zero-length is the same thing */ 314 /* a NULL 'p' or a string of zero-length is the same thing */
311 if(p && (strlen((const char *)p) < 1)) 315 if(p && (strlen((const char *)p) < 1))
312 p = NULL; 316 p = NULL;
313 ctx->DYNAMIC_LIBNAME = (const char *)p; 317 if(ctx->DYNAMIC_LIBNAME)
314 return 1; 318 OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
319 if(p)
320 ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
321 else
322 ctx->DYNAMIC_LIBNAME = NULL;
323 return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
315 case DYNAMIC_CMD_NO_VCHECK: 324 case DYNAMIC_CMD_NO_VCHECK:
316 ctx->no_vcheck = ((i == 0) ? 0 : 1); 325 ctx->no_vcheck = ((i == 0) ? 0 : 1);
317 return 1; 326 return 1;
@@ -319,8 +328,13 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
319 /* a NULL 'p' or a string of zero-length is the same thing */ 328 /* a NULL 'p' or a string of zero-length is the same thing */
320 if(p && (strlen((const char *)p) < 1)) 329 if(p && (strlen((const char *)p) < 1))
321 p = NULL; 330 p = NULL;
322 ctx->engine_id = (const char *)p; 331 if(ctx->engine_id)
323 return 1; 332 OPENSSL_free((void*)ctx->engine_id);
333 if(p)
334 ctx->engine_id = BUF_strdup(p);
335 else
336 ctx->engine_id = NULL;
337 return (ctx->engine_id ? 1 : 0);
324 case DYNAMIC_CMD_LIST_ADD: 338 case DYNAMIC_CMD_LIST_ADD:
325 if((i < 0) || (i > 2)) 339 if((i < 0) || (i > 2))
326 { 340 {
diff --git a/src/lib/libssl/src/crypto/engine/eng_fat.c b/src/lib/libssl/src/crypto/engine/eng_fat.c
index d49aa7ed40..f7edb5ad32 100644
--- a/src/lib/libssl/src/crypto/engine/eng_fat.c
+++ b/src/lib/libssl/src/crypto/engine/eng_fat.c
@@ -84,7 +84,7 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
84 84
85/* Set default algorithms using a string */ 85/* Set default algorithms using a string */
86 86
87int int_def_cb(const char *alg, int len, void *arg) 87static int int_def_cb(const char *alg, int len, void *arg)
88 { 88 {
89 unsigned int *pflags = arg; 89 unsigned int *pflags = arg;
90 if (!strncmp(alg, "ALL", len)) 90 if (!strncmp(alg, "ALL", len))
diff --git a/src/lib/libssl/src/crypto/engine/hw_4758_cca.c b/src/lib/libssl/src/crypto/engine/hw_4758_cca.c
index 77d3d2ffdf..1053c52082 100644
--- a/src/lib/libssl/src/crypto/engine/hw_4758_cca.c
+++ b/src/lib/libssl/src/crypto/engine/hw_4758_cca.c
@@ -124,8 +124,24 @@ static F_RANDOMNUMBERGENERATE randomNumberGenerate;
124 124
125/* static variables */ 125/* static variables */
126/*------------------*/ 126/*------------------*/
127static const char def_CCA4758_LIB_NAME[] = CCA_LIB_NAME; 127static const char *CCA4758_LIB_NAME = NULL;
128static const char *CCA4758_LIB_NAME = def_CCA4758_LIB_NAME; 128static const char *get_CCA4758_LIB_NAME(void)
129 {
130 if(CCA4758_LIB_NAME)
131 return CCA4758_LIB_NAME;
132 return CCA_LIB_NAME;
133 }
134static void free_CCA4758_LIB_NAME(void)
135 {
136 if(CCA4758_LIB_NAME)
137 OPENSSL_free((void*)CCA4758_LIB_NAME);
138 CCA4758_LIB_NAME = NULL;
139 }
140static long set_CCA4758_LIB_NAME(const char *name)
141 {
142 free_CCA4758_LIB_NAME();
143 return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
144 }
129#ifndef OPENSSL_NO_RSA 145#ifndef OPENSSL_NO_RSA
130static const char* n_keyRecordRead = CSNDKRR; 146static const char* n_keyRecordRead = CSNDKRR;
131static const char* n_digitalSignatureGenerate = CSNDDSG; 147static const char* n_digitalSignatureGenerate = CSNDDSG;
@@ -232,6 +248,7 @@ void ENGINE_load_4758cca(void)
232static int ibm_4758_cca_destroy(ENGINE *e) 248static int ibm_4758_cca_destroy(ENGINE *e)
233 { 249 {
234 ERR_unload_CCA4758_strings(); 250 ERR_unload_CCA4758_strings();
251 free_CCA4758_LIB_NAME();
235 return 1; 252 return 1;
236 } 253 }
237 254
@@ -243,7 +260,7 @@ static int ibm_4758_cca_init(ENGINE *e)
243 goto err; 260 goto err;
244 } 261 }
245 262
246 dso = DSO_load(NULL, CCA4758_LIB_NAME , NULL, 0); 263 dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
247 if(!dso) 264 if(!dso)
248 { 265 {
249 CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE); 266 CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
@@ -299,7 +316,8 @@ err:
299 316
300static int ibm_4758_cca_finish(ENGINE *e) 317static int ibm_4758_cca_finish(ENGINE *e)
301 { 318 {
302 if(dso) 319 free_CCA4758_LIB_NAME();
320 if(!dso)
303 { 321 {
304 CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, 322 CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
305 CCA4758_R_NOT_LOADED); 323 CCA4758_R_NOT_LOADED);
@@ -340,8 +358,7 @@ static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
340 CCA4758_R_ALREADY_LOADED); 358 CCA4758_R_ALREADY_LOADED);
341 return 0; 359 return 0;
342 } 360 }
343 CCA4758_LIB_NAME = (const char *)p; 361 return set_CCA4758_LIB_NAME((const char *)p);
344 return 1;
345 default: 362 default:
346 break; 363 break;
347 } 364 }
diff --git a/src/lib/libssl/src/crypto/engine/hw_aep.c b/src/lib/libssl/src/crypto/engine/hw_aep.c
index cf4507cff1..8b8380a582 100644
--- a/src/lib/libssl/src/crypto/engine/hw_aep.c
+++ b/src/lib/libssl/src/crypto/engine/hw_aep.c
@@ -60,7 +60,7 @@
60#include <string.h> 60#include <string.h>
61 61
62#include <openssl/e_os2.h> 62#include <openssl/e_os2.h>
63#ifndef OPENSSL_SYS_MSDOS 63#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
64#include <sys/types.h> 64#include <sys/types.h>
65#include <unistd.h> 65#include <unistd.h>
66#else 66#else
@@ -71,6 +71,7 @@ typedef int pid_t;
71#include <openssl/crypto.h> 71#include <openssl/crypto.h>
72#include <openssl/dso.h> 72#include <openssl/dso.h>
73#include <openssl/engine.h> 73#include <openssl/engine.h>
74#include <openssl/buffer.h>
74 75
75#ifndef OPENSSL_NO_HW 76#ifndef OPENSSL_NO_HW
76#ifndef OPENSSL_NO_HW_AEP 77#ifndef OPENSSL_NO_HW_AEP
@@ -363,7 +364,24 @@ static DSO *aep_dso = NULL;
363/* These are the static string constants for the DSO file name and the function 364/* These are the static string constants for the DSO file name and the function
364 * symbol names to bind to. 365 * symbol names to bind to.
365*/ 366*/
366static const char *AEP_LIBNAME = "aep"; 367static const char *AEP_LIBNAME = NULL;
368static const char *get_AEP_LIBNAME(void)
369 {
370 if(AEP_LIBNAME)
371 return AEP_LIBNAME;
372 return "aep";
373 }
374static void free_AEP_LIBNAME(void)
375 {
376 if(AEP_LIBNAME)
377 OPENSSL_free((void*)AEP_LIBNAME);
378 AEP_LIBNAME = NULL;
379 }
380static long set_AEP_LIBNAME(const char *name)
381 {
382 free_AEP_LIBNAME();
383 return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
384 }
367 385
368static const char *AEP_F1 = "AEP_ModExp"; 386static const char *AEP_F1 = "AEP_ModExp";
369static const char *AEP_F2 = "AEP_ModExpCrt"; 387static const char *AEP_F2 = "AEP_ModExpCrt";
@@ -412,7 +430,7 @@ static int aep_init(ENGINE *e)
412 } 430 }
413 /* Attempt to load libaep.so. */ 431 /* Attempt to load libaep.so. */
414 432
415 aep_dso = DSO_load(NULL, AEP_LIBNAME, NULL, 0); 433 aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
416 434
417 if(aep_dso == NULL) 435 if(aep_dso == NULL)
418 { 436 {
@@ -474,6 +492,7 @@ static int aep_init(ENGINE *e)
474/* Destructor (complements the "ENGINE_aep()" constructor) */ 492/* Destructor (complements the "ENGINE_aep()" constructor) */
475static int aep_destroy(ENGINE *e) 493static int aep_destroy(ENGINE *e)
476 { 494 {
495 free_AEP_LIBNAME();
477 ERR_unload_AEPHK_strings(); 496 ERR_unload_AEPHK_strings();
478 return 1; 497 return 1;
479 } 498 }
@@ -549,8 +568,7 @@ static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
549 AEPHK_R_ALREADY_LOADED); 568 AEPHK_R_ALREADY_LOADED);
550 return 0; 569 return 0;
551 } 570 }
552 AEP_LIBNAME = (const char *)p; 571 return set_AEP_LIBNAME((const char*)p);
553 return 1;
554 default: 572 default:
555 break; 573 break;
556 } 574 }
diff --git a/src/lib/libssl/src/crypto/engine/hw_atalla.c b/src/lib/libssl/src/crypto/engine/hw_atalla.c
index 696cfcf156..6151c46902 100644
--- a/src/lib/libssl/src/crypto/engine/hw_atalla.c
+++ b/src/lib/libssl/src/crypto/engine/hw_atalla.c
@@ -286,8 +286,24 @@ static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL
286 * atasi.dll on win32). For the purposes of testing, I have created a symbollic 286 * atasi.dll on win32). For the purposes of testing, I have created a symbollic
287 * link called "libatasi.so" so that we can use native name-translation - a 287 * link called "libatasi.so" so that we can use native name-translation - a
288 * better solution will be needed. */ 288 * better solution will be needed. */
289static const char def_ATALLA_LIBNAME[] = "atasi"; 289static const char *ATALLA_LIBNAME = NULL;
290static const char *ATALLA_LIBNAME = def_ATALLA_LIBNAME; 290static const char *get_ATALLA_LIBNAME(void)
291 {
292 if(ATALLA_LIBNAME)
293 return ATALLA_LIBNAME;
294 return "atasi";
295 }
296static void free_ATALLA_LIBNAME(void)
297 {
298 if(ATALLA_LIBNAME)
299 OPENSSL_free((void*)ATALLA_LIBNAME);
300 ATALLA_LIBNAME = NULL;
301 }
302static long set_ATALLA_LIBNAME(const char *name)
303 {
304 free_ATALLA_LIBNAME();
305 return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
306 }
291static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; 307static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
292static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; 308static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
293static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; 309static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
@@ -295,6 +311,7 @@ static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
295/* Destructor (complements the "ENGINE_atalla()" constructor) */ 311/* Destructor (complements the "ENGINE_atalla()" constructor) */
296static int atalla_destroy(ENGINE *e) 312static int atalla_destroy(ENGINE *e)
297 { 313 {
314 free_ATALLA_LIBNAME();
298 /* Unload the atalla error strings so any error state including our 315 /* Unload the atalla error strings so any error state including our
299 * functs or reasons won't lead to a segfault (they simply get displayed 316 * functs or reasons won't lead to a segfault (they simply get displayed
300 * without corresponding string data because none will be found). */ 317 * without corresponding string data because none will be found). */
@@ -324,7 +341,7 @@ static int atalla_init(ENGINE *e)
324 * drivers really use - for now a symbollic link needs to be 341 * drivers really use - for now a symbollic link needs to be
325 * created on the host system from libatasi.so to atasi.so on 342 * created on the host system from libatasi.so to atasi.so on
326 * unix variants. */ 343 * unix variants. */
327 atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, 0); 344 atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
328 if(atalla_dso == NULL) 345 if(atalla_dso == NULL)
329 { 346 {
330 ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); 347 ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
@@ -364,6 +381,7 @@ err:
364 381
365static int atalla_finish(ENGINE *e) 382static int atalla_finish(ENGINE *e)
366 { 383 {
384 free_ATALLA_LIBNAME();
367 if(atalla_dso == NULL) 385 if(atalla_dso == NULL)
368 { 386 {
369 ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED); 387 ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
@@ -397,8 +415,7 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
397 ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED); 415 ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
398 return 0; 416 return 0;
399 } 417 }
400 ATALLA_LIBNAME = (const char *)p; 418 return set_ATALLA_LIBNAME((const char *)p);
401 return 1;
402 default: 419 default:
403 break; 420 break;
404 } 421 }
diff --git a/src/lib/libssl/src/crypto/engine/hw_cswift.c b/src/lib/libssl/src/crypto/engine/hw_cswift.c
index d8b380550f..f5c897bdbb 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cswift.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cswift.c
@@ -280,8 +280,24 @@ t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
280t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL; 280t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
281 281
282/* Used in the DSO operations. */ 282/* Used in the DSO operations. */
283static const char def_CSWIFT_LIBNAME[] = "swift"; 283static const char *CSWIFT_LIBNAME = NULL;
284static const char *CSWIFT_LIBNAME = def_CSWIFT_LIBNAME; 284static const char *get_CSWIFT_LIBNAME(void)
285 {
286 if(CSWIFT_LIBNAME)
287 return CSWIFT_LIBNAME;
288 return "swift";
289 }
290static void free_CSWIFT_LIBNAME(void)
291 {
292 if(CSWIFT_LIBNAME)
293 OPENSSL_free((void*)CSWIFT_LIBNAME);
294 CSWIFT_LIBNAME = NULL;
295 }
296static long set_CSWIFT_LIBNAME(const char *name)
297 {
298 free_CSWIFT_LIBNAME();
299 return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
300 }
285static const char *CSWIFT_F1 = "swAcquireAccContext"; 301static const char *CSWIFT_F1 = "swAcquireAccContext";
286static const char *CSWIFT_F2 = "swAttachKeyParam"; 302static const char *CSWIFT_F2 = "swAttachKeyParam";
287static const char *CSWIFT_F3 = "swSimpleRequest"; 303static const char *CSWIFT_F3 = "swSimpleRequest";
@@ -313,6 +329,7 @@ static void release_context(SW_CONTEXT_HANDLE hac)
313/* Destructor (complements the "ENGINE_cswift()" constructor) */ 329/* Destructor (complements the "ENGINE_cswift()" constructor) */
314static int cswift_destroy(ENGINE *e) 330static int cswift_destroy(ENGINE *e)
315 { 331 {
332 free_CSWIFT_LIBNAME();
316 ERR_unload_CSWIFT_strings(); 333 ERR_unload_CSWIFT_strings();
317 return 1; 334 return 1;
318 } 335 }
@@ -332,7 +349,7 @@ static int cswift_init(ENGINE *e)
332 goto err; 349 goto err;
333 } 350 }
334 /* Attempt to load libswift.so/swift.dll/whatever. */ 351 /* Attempt to load libswift.so/swift.dll/whatever. */
335 cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0); 352 cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
336 if(cswift_dso == NULL) 353 if(cswift_dso == NULL)
337 { 354 {
338 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED); 355 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
@@ -377,6 +394,7 @@ err:
377 394
378static int cswift_finish(ENGINE *e) 395static int cswift_finish(ENGINE *e)
379 { 396 {
397 free_CSWIFT_LIBNAME();
380 if(cswift_dso == NULL) 398 if(cswift_dso == NULL)
381 { 399 {
382 CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED); 400 CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
@@ -411,8 +429,7 @@ static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
411 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED); 429 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
412 return 0; 430 return 0;
413 } 431 }
414 CSWIFT_LIBNAME = (const char *)p; 432 return set_CSWIFT_LIBNAME((const char *)p);
415 return 1;
416 default: 433 default:
417 break; 434 break;
418 } 435 }
@@ -484,7 +501,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
484 goto err; 501 goto err;
485 default: 502 default:
486 { 503 {
487 char tmpbuf[20]; 504 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
488 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); 505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
489 sprintf(tmpbuf, "%ld", sw_status); 506 sprintf(tmpbuf, "%ld", sw_status);
490 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -501,7 +518,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
501 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, 518 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
502 &res, 1)) != SW_OK) 519 &res, 1)) != SW_OK)
503 { 520 {
504 char tmpbuf[20]; 521 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); 522 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
506 sprintf(tmpbuf, "%ld", sw_status); 523 sprintf(tmpbuf, "%ld", sw_status);
507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 524 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -591,7 +608,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
591 goto err; 608 goto err;
592 default: 609 default:
593 { 610 {
594 char tmpbuf[20]; 611 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
595 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); 612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
596 sprintf(tmpbuf, "%ld", sw_status); 613 sprintf(tmpbuf, "%ld", sw_status);
597 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -608,7 +625,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
608 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, 625 if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
609 &res, 1)) != SW_OK) 626 &res, 1)) != SW_OK)
610 { 627 {
611 char tmpbuf[20]; 628 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); 629 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
613 sprintf(tmpbuf, "%ld", sw_status); 630 sprintf(tmpbuf, "%ld", sw_status);
614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 631 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -723,7 +740,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
723 goto err; 740 goto err;
724 default: 741 default:
725 { 742 {
726 char tmpbuf[20]; 743 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
727 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); 744 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
728 sprintf(tmpbuf, "%ld", sw_status); 745 sprintf(tmpbuf, "%ld", sw_status);
729 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 746 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -741,7 +758,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
741 &res, 1); 758 &res, 1);
742 if(sw_status != SW_OK) 759 if(sw_status != SW_OK)
743 { 760 {
744 char tmpbuf[20]; 761 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
745 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); 762 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
746 sprintf(tmpbuf, "%ld", sw_status); 763 sprintf(tmpbuf, "%ld", sw_status);
747 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 764 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -835,7 +852,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
835 goto err; 852 goto err;
836 default: 853 default:
837 { 854 {
838 char tmpbuf[20]; 855 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
839 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); 856 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
840 sprintf(tmpbuf, "%ld", sw_status); 857 sprintf(tmpbuf, "%ld", sw_status);
841 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 858 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
@@ -857,7 +874,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
857 &res, 1); 874 &res, 1);
858 if(sw_status != SW_OK) 875 if(sw_status != SW_OK)
859 { 876 {
860 char tmpbuf[20]; 877 char tmpbuf[DECIMAL_SIZE(sw_status)+1];
861 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); 878 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
862 sprintf(tmpbuf, "%ld", sw_status); 879 sprintf(tmpbuf, "%ld", sw_status);
863 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 880 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
diff --git a/src/lib/libssl/src/crypto/engine/hw_ncipher.c b/src/lib/libssl/src/crypto/engine/hw_ncipher.c
index 4762a54e3d..a43d4360f2 100644
--- a/src/lib/libssl/src/crypto/engine/hw_ncipher.c
+++ b/src/lib/libssl/src/crypto/engine/hw_ncipher.c
@@ -59,9 +59,9 @@
59 59
60#include <stdio.h> 60#include <stdio.h>
61#include <string.h> 61#include <string.h>
62#include "cryptlib.h"
62#include <openssl/crypto.h> 63#include <openssl/crypto.h>
63#include <openssl/pem.h> 64#include <openssl/pem.h>
64#include "cryptlib.h"
65#include <openssl/dso.h> 65#include <openssl/dso.h>
66#include <openssl/engine.h> 66#include <openssl/engine.h>
67#include <openssl/ui.h> 67#include <openssl/ui.h>
@@ -109,11 +109,13 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa);
109static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 109static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
110 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 110 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
111 111
112#ifndef OPENSSL_NO_DH
112/* DH stuff */ 113/* DH stuff */
113/* This function is alised to mod_exp (with the DH and mont dropped). */ 114/* This function is alised to mod_exp (with the DH and mont dropped). */
114static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, 115static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
115 const BIGNUM *a, const BIGNUM *p, 116 const BIGNUM *a, const BIGNUM *p,
116 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 117 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
118#endif
117 119
118/* RAND stuff */ 120/* RAND stuff */
119static int hwcrhk_rand_bytes(unsigned char *buf, int num); 121static int hwcrhk_rand_bytes(unsigned char *buf, int num);
@@ -422,8 +424,24 @@ static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
422static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; 424static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
423 425
424/* Used in the DSO operations. */ 426/* Used in the DSO operations. */
425static const char def_HWCRHK_LIBNAME[] = "nfhwcrhk"; 427static const char *HWCRHK_LIBNAME = NULL;
426static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME; 428static void free_HWCRHK_LIBNAME(void)
429 {
430 if(HWCRHK_LIBNAME)
431 OPENSSL_free((void*)HWCRHK_LIBNAME);
432 HWCRHK_LIBNAME = NULL;
433 }
434static const char *get_HWCRHK_LIBNAME(void)
435 {
436 if(HWCRHK_LIBNAME)
437 return HWCRHK_LIBNAME;
438 return "nfhwcrhk";
439 }
440static long set_HWCRHK_LIBNAME(const char *name)
441 {
442 free_HWCRHK_LIBNAME();
443 return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
444 }
427static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; 445static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
428static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; 446static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
429static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; 447static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
@@ -469,6 +487,7 @@ static void release_context(HWCryptoHook_ContextHandle hac)
469/* Destructor (complements the "ENGINE_ncipher()" constructor) */ 487/* Destructor (complements the "ENGINE_ncipher()" constructor) */
470static int hwcrhk_destroy(ENGINE *e) 488static int hwcrhk_destroy(ENGINE *e)
471 { 489 {
490 free_HWCRHK_LIBNAME();
472 ERR_unload_HWCRHK_strings(); 491 ERR_unload_HWCRHK_strings();
473 return 1; 492 return 1;
474 } 493 }
@@ -494,7 +513,7 @@ static int hwcrhk_init(ENGINE *e)
494 goto err; 513 goto err;
495 } 514 }
496 /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ 515 /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
497 hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0); 516 hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
498 if(hwcrhk_dso == NULL) 517 if(hwcrhk_dso == NULL)
499 { 518 {
500 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); 519 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
@@ -586,6 +605,7 @@ err:
586static int hwcrhk_finish(ENGINE *e) 605static int hwcrhk_finish(ENGINE *e)
587 { 606 {
588 int to_return = 1; 607 int to_return = 1;
608 free_HWCRHK_LIBNAME();
589 if(hwcrhk_dso == NULL) 609 if(hwcrhk_dso == NULL)
590 { 610 {
591 HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED); 611 HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
@@ -634,8 +654,7 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
634 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER); 654 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
635 return 0; 655 return 0;
636 } 656 }
637 HWCRHK_LIBNAME = (const char *)p; 657 return set_HWCRHK_LIBNAME((const char *)p);
638 return 1;
639 case ENGINE_CTRL_SET_LOGSTREAM: 658 case ENGINE_CTRL_SET_LOGSTREAM:
640 { 659 {
641 BIO *bio = (BIO *)p; 660 BIO *bio = (BIO *)p;
@@ -1040,6 +1059,7 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
1040 return hwcrhk_mod_exp(r, a, p, m, ctx); 1059 return hwcrhk_mod_exp(r, a, p, m, ctx);
1041 } 1060 }
1042 1061
1062#ifndef OPENSSL_NO_DH
1043/* This function is aliased to mod_exp (with the dh and mont dropped). */ 1063/* This function is aliased to mod_exp (with the dh and mont dropped). */
1044static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, 1064static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
1045 const BIGNUM *a, const BIGNUM *p, 1065 const BIGNUM *a, const BIGNUM *p,
@@ -1047,6 +1067,7 @@ static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
1047 { 1067 {
1048 return hwcrhk_mod_exp(r, a, p, m, ctx); 1068 return hwcrhk_mod_exp(r, a, p, m, ctx);
1049 } 1069 }
1070#endif
1050 1071
1051/* Random bytes are good */ 1072/* Random bytes are good */
1052static int hwcrhk_rand_bytes(unsigned char *buf, int num) 1073static int hwcrhk_rand_bytes(unsigned char *buf, int num)
diff --git a/src/lib/libssl/src/crypto/engine/hw_nuron.c b/src/lib/libssl/src/crypto/engine/hw_nuron.c
index 2672012154..130b6d8b40 100644
--- a/src/lib/libssl/src/crypto/engine/hw_nuron.c
+++ b/src/lib/libssl/src/crypto/engine/hw_nuron.c
@@ -69,8 +69,24 @@
69#define NURON_LIB_NAME "nuron engine" 69#define NURON_LIB_NAME "nuron engine"
70#include "hw_nuron_err.c" 70#include "hw_nuron_err.c"
71 71
72static const char def_NURON_LIBNAME[] = "nuronssl"; 72static const char *NURON_LIBNAME = NULL;
73static const char *NURON_LIBNAME = def_NURON_LIBNAME; 73static const char *get_NURON_LIBNAME(void)
74 {
75 if(NURON_LIBNAME)
76 return NURON_LIBNAME;
77 return "nuronssl";
78 }
79static void free_NURON_LIBNAME(void)
80 {
81 if(NURON_LIBNAME)
82 OPENSSL_free((void*)NURON_LIBNAME);
83 NURON_LIBNAME = NULL;
84 }
85static long set_NURON_LIBNAME(const char *name)
86 {
87 free_NURON_LIBNAME();
88 return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
89 }
74static const char *NURON_F1 = "nuron_mod_exp"; 90static const char *NURON_F1 = "nuron_mod_exp";
75 91
76/* The definitions for control commands specific to this engine */ 92/* The definitions for control commands specific to this engine */
@@ -90,6 +106,7 @@ static DSO *pvDSOHandle = NULL;
90 106
91static int nuron_destroy(ENGINE *e) 107static int nuron_destroy(ENGINE *e)
92 { 108 {
109 free_NURON_LIBNAME();
93 ERR_unload_NURON_strings(); 110 ERR_unload_NURON_strings();
94 return 1; 111 return 1;
95 } 112 }
@@ -102,7 +119,7 @@ static int nuron_init(ENGINE *e)
102 return 0; 119 return 0;
103 } 120 }
104 121
105 pvDSOHandle = DSO_load(NULL, NURON_LIBNAME, NULL, 122 pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
106 DSO_FLAG_NAME_TRANSLATION_EXT_ONLY); 123 DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
107 if(!pvDSOHandle) 124 if(!pvDSOHandle)
108 { 125 {
@@ -122,6 +139,7 @@ static int nuron_init(ENGINE *e)
122 139
123static int nuron_finish(ENGINE *e) 140static int nuron_finish(ENGINE *e)
124 { 141 {
142 free_NURON_LIBNAME();
125 if(pvDSOHandle == NULL) 143 if(pvDSOHandle == NULL)
126 { 144 {
127 NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED); 145 NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
@@ -153,8 +171,7 @@ static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
153 NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED); 171 NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
154 return 0; 172 return 0;
155 } 173 }
156 NURON_LIBNAME = (const char *)p; 174 return set_NURON_LIBNAME((const char *)p);
157 return 1;
158 default: 175 default:
159 break; 176 break;
160 } 177 }
diff --git a/src/lib/libssl/src/crypto/engine/hw_ubsec.c b/src/lib/libssl/src/crypto/engine/hw_ubsec.c
index 743c06043c..63397f868c 100644
--- a/src/lib/libssl/src/crypto/engine/hw_ubsec.c
+++ b/src/lib/libssl/src/crypto/engine/hw_ubsec.c
@@ -304,7 +304,24 @@ static int max_key_len = 1024; /* ??? */
304 * symbol names to bind to. 304 * symbol names to bind to.
305 */ 305 */
306 306
307static const char *UBSEC_LIBNAME = "ubsec"; 307static const char *UBSEC_LIBNAME = NULL;
308static const char *get_UBSEC_LIBNAME(void)
309 {
310 if(UBSEC_LIBNAME)
311 return UBSEC_LIBNAME;
312 return "ubsec";
313 }
314static void free_UBSEC_LIBNAME(void)
315 {
316 if(UBSEC_LIBNAME)
317 OPENSSL_free((void*)UBSEC_LIBNAME);
318 UBSEC_LIBNAME = NULL;
319 }
320static long set_UBSEC_LIBNAME(const char *name)
321 {
322 free_UBSEC_LIBNAME();
323 return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
324 }
308static const char *UBSEC_F1 = "ubsec_bytes_to_bits"; 325static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
309static const char *UBSEC_F2 = "ubsec_bits_to_bytes"; 326static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
310static const char *UBSEC_F3 = "ubsec_open"; 327static const char *UBSEC_F3 = "ubsec_open";
@@ -328,6 +345,7 @@ static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
328/* Destructor (complements the "ENGINE_ubsec()" constructor) */ 345/* Destructor (complements the "ENGINE_ubsec()" constructor) */
329static int ubsec_destroy(ENGINE *e) 346static int ubsec_destroy(ENGINE *e)
330 { 347 {
348 free_UBSEC_LIBNAME();
331 ERR_unload_UBSEC_strings(); 349 ERR_unload_UBSEC_strings();
332 return 1; 350 return 1;
333 } 351 }
@@ -364,7 +382,7 @@ static int ubsec_init(ENGINE *e)
364 /* 382 /*
365 * Attempt to load libubsec.so/ubsec.dll/whatever. 383 * Attempt to load libubsec.so/ubsec.dll/whatever.
366 */ 384 */
367 ubsec_dso = DSO_load(NULL, UBSEC_LIBNAME, NULL, 0); 385 ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
368 if(ubsec_dso == NULL) 386 if(ubsec_dso == NULL)
369 { 387 {
370 UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE); 388 UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
@@ -459,6 +477,7 @@ err:
459 477
460static int ubsec_finish(ENGINE *e) 478static int ubsec_finish(ENGINE *e)
461 { 479 {
480 free_UBSEC_LIBNAME();
462 if(ubsec_dso == NULL) 481 if(ubsec_dso == NULL)
463 { 482 {
464 UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED); 483 UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
@@ -508,8 +527,7 @@ static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
508 UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED); 527 UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
509 return 0; 528 return 0;
510 } 529 }
511 UBSEC_LIBNAME = (const char *)p; 530 return set_UBSEC_LIBNAME((const char *)p);
512 return 1;
513 default: 531 default:
514 break; 532 break;
515 } 533 }
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c
index 04773d65a6..5abe44e6d5 100644
--- a/src/lib/libssl/src/crypto/err/err.c
+++ b/src/lib/libssl/src/crypto/err/err.c
@@ -166,6 +166,7 @@ static ERR_STRING_DATA ERR_str_functs[]=
166 {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, 166 {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"},
167#endif 167#endif
168 {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, 168 {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"},
169 {ERR_PACK(0,SYS_F_FREAD,0), "fread"},
169 {0,NULL}, 170 {0,NULL},
170 }; 171 };
171 172
diff --git a/src/lib/libssl/src/crypto/err/err.h b/src/lib/libssl/src/crypto/err/err.h
index cc9bb649ea..988ef81aa0 100644
--- a/src/lib/libssl/src/crypto/err/err.h
+++ b/src/lib/libssl/src/crypto/err/err.h
@@ -182,6 +182,7 @@ typedef struct err_state_st
182#define SYS_F_ACCEPT 8 182#define SYS_F_ACCEPT 8
183#define SYS_F_WSASTARTUP 9 /* Winsock stuff */ 183#define SYS_F_WSASTARTUP 9 /* Winsock stuff */
184#define SYS_F_OPENDIR 10 184#define SYS_F_OPENDIR 10
185#define SYS_F_FREAD 11
185 186
186 187
187/* reasons */ 188/* reasons */
diff --git a/src/lib/libssl/src/crypto/evp/c_all.c b/src/lib/libssl/src/crypto/evp/c_all.c
index 5ffd352ea0..2d3e57c4fa 100644
--- a/src/lib/libssl/src/crypto/evp/c_all.c
+++ b/src/lib/libssl/src/crypto/evp/c_all.c
@@ -60,12 +60,14 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62 62
63#if 0
63#undef OpenSSL_add_all_algorithms 64#undef OpenSSL_add_all_algorithms
64 65
65void OpenSSL_add_all_algorithms(void) 66void OpenSSL_add_all_algorithms(void)
66 { 67 {
67 OPENSSL_add_all_algorithms_noconf(); 68 OPENSSL_add_all_algorithms_noconf();
68 } 69 }
70#endif
69 71
70void OPENSSL_add_all_algorithms_noconf(void) 72void OPENSSL_add_all_algorithms_noconf(void)
71 { 73 {
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index fb16de6852..45a25f968d 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -74,6 +74,48 @@
74#ifndef OPENSSL_NO_BIO 74#ifndef OPENSSL_NO_BIO
75#include <openssl/bio.h> 75#include <openssl/bio.h>
76#endif 76#endif
77#ifndef OPENSSL_NO_MD2
78#include <openssl/md2.h>
79#endif
80#ifndef OPENSSL_NO_MD4
81#include <openssl/md4.h>
82#endif
83#ifndef OPENSSL_NO_MD5
84#include <openssl/md5.h>
85#endif
86#ifndef OPENSSL_NO_SHA
87#include <openssl/sha.h>
88#endif
89#ifndef OPENSSL_NO_RIPEMD
90#include <openssl/ripemd.h>
91#endif
92#ifndef OPENSSL_NO_DES
93#include <openssl/des.h>
94#endif
95#ifndef OPENSSL_NO_RC4
96#include <openssl/rc4.h>
97#endif
98#ifndef OPENSSL_NO_RC2
99#include <openssl/rc2.h>
100#endif
101#ifndef OPENSSL_NO_RC5
102#include <openssl/rc5.h>
103#endif
104#ifndef OPENSSL_NO_BF
105#include <openssl/blowfish.h>
106#endif
107#ifndef OPENSSL_NO_CAST
108#include <openssl/cast.h>
109#endif
110#ifndef OPENSSL_NO_IDEA
111#include <openssl/idea.h>
112#endif
113#ifndef OPENSSL_NO_MDC2
114#include <openssl/mdc2.h>
115#endif
116#ifndef OPENSSL_NO_AES
117#include <openssl/aes.h>
118#endif
77 119
78/* 120/*
79#define EVP_RC2_KEY_SIZE 16 121#define EVP_RC2_KEY_SIZE 16
@@ -91,6 +133,18 @@
91/* Default PKCS#5 iteration count */ 133/* Default PKCS#5 iteration count */
92#define PKCS5_DEFAULT_ITER 2048 134#define PKCS5_DEFAULT_ITER 2048
93 135
136#ifndef OPENSSL_NO_RSA
137#include <openssl/rsa.h>
138#endif
139
140#ifndef OPENSSL_NO_DSA
141#include <openssl/dsa.h>
142#endif
143
144#ifndef OPENSSL_NO_DH
145#include <openssl/dh.h>
146#endif
147
94#include <openssl/objects.h> 148#include <openssl/objects.h>
95 149
96#define EVP_PK_RSA 0x0001 150#define EVP_PK_RSA 0x0001
@@ -582,6 +636,8 @@ const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
582const EVP_CIPHER *EVP_des_ecb(void); 636const EVP_CIPHER *EVP_des_ecb(void);
583const EVP_CIPHER *EVP_des_ede(void); 637const EVP_CIPHER *EVP_des_ede(void);
584const EVP_CIPHER *EVP_des_ede3(void); 638const EVP_CIPHER *EVP_des_ede3(void);
639const EVP_CIPHER *EVP_des_ede_ecb(void);
640const EVP_CIPHER *EVP_des_ede3_ecb(void);
585const EVP_CIPHER *EVP_des_cfb(void); 641const EVP_CIPHER *EVP_des_cfb(void);
586const EVP_CIPHER *EVP_des_ede_cfb(void); 642const EVP_CIPHER *EVP_des_ede_cfb(void);
587const EVP_CIPHER *EVP_des_ede3_cfb(void); 643const EVP_CIPHER *EVP_des_ede3_cfb(void);
diff --git a/src/lib/libssl/src/crypto/evp/evp_pbe.c b/src/lib/libssl/src/crypto/evp/evp_pbe.c
index 06afb9d152..bcd4d29f85 100644
--- a/src/lib/libssl/src/crypto/evp/evp_pbe.c
+++ b/src/lib/libssl/src/crypto/evp/evp_pbe.c
@@ -57,9 +57,9 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h"
60#include <openssl/evp.h> 61#include <openssl/evp.h>
61#include <openssl/x509.h> 62#include <openssl/x509.h>
62#include "cryptlib.h"
63 63
64/* Password based encryption (PBE) functions */ 64/* Password based encryption (PBE) functions */
65 65
diff --git a/src/lib/libssl/src/crypto/evp/evp_test.c b/src/lib/libssl/src/crypto/evp/evp_test.c
index 1bfffb34cf..90294ef686 100644
--- a/src/lib/libssl/src/crypto/evp/evp_test.c
+++ b/src/lib/libssl/src/crypto/evp/evp_test.c
@@ -118,7 +118,7 @@ static char *sstrsep(char **string, const char *delim)
118 } 118 }
119 119
120static unsigned char *ustrsep(char **p,const char *sep) 120static unsigned char *ustrsep(char **p,const char *sep)
121 { return (unsigned char *)sstrsep((char **)p,sep); } 121 { return (unsigned char *)sstrsep(p,sep); }
122 122
123static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, 123static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
124 const unsigned char *iv,int in, 124 const unsigned char *iv,int in,
@@ -358,7 +358,7 @@ int main(int argc,char **argv)
358 p[-1] = '\0'; 358 p[-1] = '\0';
359 encdec = -1; 359 encdec = -1;
360 } else { 360 } else {
361 encdec = atoi(strsep(&p,"\n")); 361 encdec = atoi(sstrsep(&p,"\n"));
362 } 362 }
363 363
364 364
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt.c b/src/lib/libssl/src/crypto/evp/p5_crpt.c
index 113c60fedb..27a8286489 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt.c
@@ -58,9 +58,9 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <stdlib.h> 60#include <stdlib.h>
61#include "cryptlib.h"
61#include <openssl/x509.h> 62#include <openssl/x509.h>
62#include <openssl/evp.h> 63#include <openssl/evp.h>
63#include "cryptlib.h"
64 64
65/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info. 65/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
66 */ 66 */
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
index 7881860b53..7485d6a278 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
@@ -58,10 +58,10 @@
58#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) 58#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
59#include <stdio.h> 59#include <stdio.h>
60#include <stdlib.h> 60#include <stdlib.h>
61#include "cryptlib.h"
61#include <openssl/x509.h> 62#include <openssl/x509.h>
62#include <openssl/evp.h> 63#include <openssl/evp.h>
63#include <openssl/hmac.h> 64#include <openssl/hmac.h>
64#include "cryptlib.h"
65 65
66/* set this to print out info about the keygen algorithm */ 66/* set this to print out info about the keygen algorithm */
67/* #define DEBUG_PKCS5V2 */ 67/* #define DEBUG_PKCS5V2 */
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c
index 3ff64bb8d1..02c3719f04 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.c
@@ -436,7 +436,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
436 unsigned long l; 436 unsigned long l;
437 unsigned char *p; 437 unsigned char *p;
438 const char *s; 438 const char *s;
439 char tbuf[32]; 439 char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];
440 440
441 if (buf_len <= 0) return(0); 441 if (buf_len <= 0) return(0);
442 442
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h
index 39cfcda783..30812c8aa6 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.h
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
62 * [including the GNU Public Licence.] 62 * [including the GNU Public Licence.]
63 */ 63 */
64 64
65#define NUM_NID 510 65#define NUM_NID 645
66#define NUM_SN 507 66#define NUM_SN 641
67#define NUM_LN 507 67#define NUM_LN 641
68#define NUM_OBJ 481 68#define NUM_OBJ 615
69 69
70static unsigned char lvalues[3881]={ 70static unsigned char lvalues[4435]={
710x00, /* [ 0] OBJ_undef */ 710x00, /* [ 0] OBJ_undef */
720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 720x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 730x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -549,6 +549,140 @@ static unsigned char lvalues[3881]={
5490x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */ 5490x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3863] OBJ_id_hex_partial_message */
5500x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */ 5500x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3870] OBJ_id_hex_multipart_message */
5510x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */ 5510x55,0x04,0x2C, /* [3877] OBJ_generationQualifier */
5520x55,0x04,0x41, /* [3880] OBJ_pseudonym */
5530x67,0x2A, /* [3883] OBJ_id_set */
5540x67,0x2A,0x00, /* [3885] OBJ_set_ctype */
5550x67,0x2A,0x01, /* [3888] OBJ_set_msgExt */
5560x67,0x2A,0x03, /* [3891] OBJ_set_attr */
5570x67,0x2A,0x05, /* [3894] OBJ_set_policy */
5580x67,0x2A,0x07, /* [3897] OBJ_set_certExt */
5590x67,0x2A,0x08, /* [3900] OBJ_set_brand */
5600x67,0x2A,0x00,0x00, /* [3903] OBJ_setct_PANData */
5610x67,0x2A,0x00,0x01, /* [3907] OBJ_setct_PANToken */
5620x67,0x2A,0x00,0x02, /* [3911] OBJ_setct_PANOnly */
5630x67,0x2A,0x00,0x03, /* [3915] OBJ_setct_OIData */
5640x67,0x2A,0x00,0x04, /* [3919] OBJ_setct_PI */
5650x67,0x2A,0x00,0x05, /* [3923] OBJ_setct_PIData */
5660x67,0x2A,0x00,0x06, /* [3927] OBJ_setct_PIDataUnsigned */
5670x67,0x2A,0x00,0x07, /* [3931] OBJ_setct_HODInput */
5680x67,0x2A,0x00,0x08, /* [3935] OBJ_setct_AuthResBaggage */
5690x67,0x2A,0x00,0x09, /* [3939] OBJ_setct_AuthRevReqBaggage */
5700x67,0x2A,0x00,0x0A, /* [3943] OBJ_setct_AuthRevResBaggage */
5710x67,0x2A,0x00,0x0B, /* [3947] OBJ_setct_CapTokenSeq */
5720x67,0x2A,0x00,0x0C, /* [3951] OBJ_setct_PInitResData */
5730x67,0x2A,0x00,0x0D, /* [3955] OBJ_setct_PI_TBS */
5740x67,0x2A,0x00,0x0E, /* [3959] OBJ_setct_PResData */
5750x67,0x2A,0x00,0x10, /* [3963] OBJ_setct_AuthReqTBS */
5760x67,0x2A,0x00,0x11, /* [3967] OBJ_setct_AuthResTBS */
5770x67,0x2A,0x00,0x12, /* [3971] OBJ_setct_AuthResTBSX */
5780x67,0x2A,0x00,0x13, /* [3975] OBJ_setct_AuthTokenTBS */
5790x67,0x2A,0x00,0x14, /* [3979] OBJ_setct_CapTokenData */
5800x67,0x2A,0x00,0x15, /* [3983] OBJ_setct_CapTokenTBS */
5810x67,0x2A,0x00,0x16, /* [3987] OBJ_setct_AcqCardCodeMsg */
5820x67,0x2A,0x00,0x17, /* [3991] OBJ_setct_AuthRevReqTBS */
5830x67,0x2A,0x00,0x18, /* [3995] OBJ_setct_AuthRevResData */
5840x67,0x2A,0x00,0x19, /* [3999] OBJ_setct_AuthRevResTBS */
5850x67,0x2A,0x00,0x1A, /* [4003] OBJ_setct_CapReqTBS */
5860x67,0x2A,0x00,0x1B, /* [4007] OBJ_setct_CapReqTBSX */
5870x67,0x2A,0x00,0x1C, /* [4011] OBJ_setct_CapResData */
5880x67,0x2A,0x00,0x1D, /* [4015] OBJ_setct_CapRevReqTBS */
5890x67,0x2A,0x00,0x1E, /* [4019] OBJ_setct_CapRevReqTBSX */
5900x67,0x2A,0x00,0x1F, /* [4023] OBJ_setct_CapRevResData */
5910x67,0x2A,0x00,0x20, /* [4027] OBJ_setct_CredReqTBS */
5920x67,0x2A,0x00,0x21, /* [4031] OBJ_setct_CredReqTBSX */
5930x67,0x2A,0x00,0x22, /* [4035] OBJ_setct_CredResData */
5940x67,0x2A,0x00,0x23, /* [4039] OBJ_setct_CredRevReqTBS */
5950x67,0x2A,0x00,0x24, /* [4043] OBJ_setct_CredRevReqTBSX */
5960x67,0x2A,0x00,0x25, /* [4047] OBJ_setct_CredRevResData */
5970x67,0x2A,0x00,0x26, /* [4051] OBJ_setct_PCertReqData */
5980x67,0x2A,0x00,0x27, /* [4055] OBJ_setct_PCertResTBS */
5990x67,0x2A,0x00,0x28, /* [4059] OBJ_setct_BatchAdminReqData */
6000x67,0x2A,0x00,0x29, /* [4063] OBJ_setct_BatchAdminResData */
6010x67,0x2A,0x00,0x2A, /* [4067] OBJ_setct_CardCInitResTBS */
6020x67,0x2A,0x00,0x2B, /* [4071] OBJ_setct_MeAqCInitResTBS */
6030x67,0x2A,0x00,0x2C, /* [4075] OBJ_setct_RegFormResTBS */
6040x67,0x2A,0x00,0x2D, /* [4079] OBJ_setct_CertReqData */
6050x67,0x2A,0x00,0x2E, /* [4083] OBJ_setct_CertReqTBS */
6060x67,0x2A,0x00,0x2F, /* [4087] OBJ_setct_CertResData */
6070x67,0x2A,0x00,0x30, /* [4091] OBJ_setct_CertInqReqTBS */
6080x67,0x2A,0x00,0x31, /* [4095] OBJ_setct_ErrorTBS */
6090x67,0x2A,0x00,0x32, /* [4099] OBJ_setct_PIDualSignedTBE */
6100x67,0x2A,0x00,0x33, /* [4103] OBJ_setct_PIUnsignedTBE */
6110x67,0x2A,0x00,0x34, /* [4107] OBJ_setct_AuthReqTBE */
6120x67,0x2A,0x00,0x35, /* [4111] OBJ_setct_AuthResTBE */
6130x67,0x2A,0x00,0x36, /* [4115] OBJ_setct_AuthResTBEX */
6140x67,0x2A,0x00,0x37, /* [4119] OBJ_setct_AuthTokenTBE */
6150x67,0x2A,0x00,0x38, /* [4123] OBJ_setct_CapTokenTBE */
6160x67,0x2A,0x00,0x39, /* [4127] OBJ_setct_CapTokenTBEX */
6170x67,0x2A,0x00,0x3A, /* [4131] OBJ_setct_AcqCardCodeMsgTBE */
6180x67,0x2A,0x00,0x3B, /* [4135] OBJ_setct_AuthRevReqTBE */
6190x67,0x2A,0x00,0x3C, /* [4139] OBJ_setct_AuthRevResTBE */
6200x67,0x2A,0x00,0x3D, /* [4143] OBJ_setct_AuthRevResTBEB */
6210x67,0x2A,0x00,0x3E, /* [4147] OBJ_setct_CapReqTBE */
6220x67,0x2A,0x00,0x3F, /* [4151] OBJ_setct_CapReqTBEX */
6230x67,0x2A,0x00,0x40, /* [4155] OBJ_setct_CapResTBE */
6240x67,0x2A,0x00,0x41, /* [4159] OBJ_setct_CapRevReqTBE */
6250x67,0x2A,0x00,0x42, /* [4163] OBJ_setct_CapRevReqTBEX */
6260x67,0x2A,0x00,0x43, /* [4167] OBJ_setct_CapRevResTBE */
6270x67,0x2A,0x00,0x44, /* [4171] OBJ_setct_CredReqTBE */
6280x67,0x2A,0x00,0x45, /* [4175] OBJ_setct_CredReqTBEX */
6290x67,0x2A,0x00,0x46, /* [4179] OBJ_setct_CredResTBE */
6300x67,0x2A,0x00,0x47, /* [4183] OBJ_setct_CredRevReqTBE */
6310x67,0x2A,0x00,0x48, /* [4187] OBJ_setct_CredRevReqTBEX */
6320x67,0x2A,0x00,0x49, /* [4191] OBJ_setct_CredRevResTBE */
6330x67,0x2A,0x00,0x4A, /* [4195] OBJ_setct_BatchAdminReqTBE */
6340x67,0x2A,0x00,0x4B, /* [4199] OBJ_setct_BatchAdminResTBE */
6350x67,0x2A,0x00,0x4C, /* [4203] OBJ_setct_RegFormReqTBE */
6360x67,0x2A,0x00,0x4D, /* [4207] OBJ_setct_CertReqTBE */
6370x67,0x2A,0x00,0x4E, /* [4211] OBJ_setct_CertReqTBEX */
6380x67,0x2A,0x00,0x4F, /* [4215] OBJ_setct_CertResTBE */
6390x67,0x2A,0x00,0x50, /* [4219] OBJ_setct_CRLNotificationTBS */
6400x67,0x2A,0x00,0x51, /* [4223] OBJ_setct_CRLNotificationResTBS */
6410x67,0x2A,0x00,0x52, /* [4227] OBJ_setct_BCIDistributionTBS */
6420x67,0x2A,0x01,0x01, /* [4231] OBJ_setext_genCrypt */
6430x67,0x2A,0x01,0x03, /* [4235] OBJ_setext_miAuth */
6440x67,0x2A,0x01,0x04, /* [4239] OBJ_setext_pinSecure */
6450x67,0x2A,0x01,0x05, /* [4243] OBJ_setext_pinAny */
6460x67,0x2A,0x01,0x07, /* [4247] OBJ_setext_track2 */
6470x67,0x2A,0x01,0x08, /* [4251] OBJ_setext_cv */
6480x67,0x2A,0x05,0x00, /* [4255] OBJ_set_policy_root */
6490x67,0x2A,0x07,0x00, /* [4259] OBJ_setCext_hashedRoot */
6500x67,0x2A,0x07,0x01, /* [4263] OBJ_setCext_certType */
6510x67,0x2A,0x07,0x02, /* [4267] OBJ_setCext_merchData */
6520x67,0x2A,0x07,0x03, /* [4271] OBJ_setCext_cCertRequired */
6530x67,0x2A,0x07,0x04, /* [4275] OBJ_setCext_tunneling */
6540x67,0x2A,0x07,0x05, /* [4279] OBJ_setCext_setExt */
6550x67,0x2A,0x07,0x06, /* [4283] OBJ_setCext_setQualf */
6560x67,0x2A,0x07,0x07, /* [4287] OBJ_setCext_PGWYcapabilities */
6570x67,0x2A,0x07,0x08, /* [4291] OBJ_setCext_TokenIdentifier */
6580x67,0x2A,0x07,0x09, /* [4295] OBJ_setCext_Track2Data */
6590x67,0x2A,0x07,0x0A, /* [4299] OBJ_setCext_TokenType */
6600x67,0x2A,0x07,0x0B, /* [4303] OBJ_setCext_IssuerCapabilities */
6610x67,0x2A,0x03,0x00, /* [4307] OBJ_setAttr_Cert */
6620x67,0x2A,0x03,0x01, /* [4311] OBJ_setAttr_PGWYcap */
6630x67,0x2A,0x03,0x02, /* [4315] OBJ_setAttr_TokenType */
6640x67,0x2A,0x03,0x03, /* [4319] OBJ_setAttr_IssCap */
6650x67,0x2A,0x03,0x00,0x00, /* [4323] OBJ_set_rootKeyThumb */
6660x67,0x2A,0x03,0x00,0x01, /* [4328] OBJ_set_addPolicy */
6670x67,0x2A,0x03,0x02,0x01, /* [4333] OBJ_setAttr_Token_EMV */
6680x67,0x2A,0x03,0x02,0x02, /* [4338] OBJ_setAttr_Token_B0Prime */
6690x67,0x2A,0x03,0x03,0x03, /* [4343] OBJ_setAttr_IssCap_CVM */
6700x67,0x2A,0x03,0x03,0x04, /* [4348] OBJ_setAttr_IssCap_T2 */
6710x67,0x2A,0x03,0x03,0x05, /* [4353] OBJ_setAttr_IssCap_Sig */
6720x67,0x2A,0x03,0x03,0x03,0x01, /* [4358] OBJ_setAttr_GenCryptgrm */
6730x67,0x2A,0x03,0x03,0x04,0x01, /* [4364] OBJ_setAttr_T2Enc */
6740x67,0x2A,0x03,0x03,0x04,0x02, /* [4370] OBJ_setAttr_T2cleartxt */
6750x67,0x2A,0x03,0x03,0x05,0x01, /* [4376] OBJ_setAttr_TokICCsig */
6760x67,0x2A,0x03,0x03,0x05,0x02, /* [4382] OBJ_setAttr_SecDevSig */
6770x67,0x2A,0x08,0x01, /* [4388] OBJ_set_brand_IATA_ATA */
6780x67,0x2A,0x08,0x1E, /* [4392] OBJ_set_brand_Diners */
6790x67,0x2A,0x08,0x22, /* [4396] OBJ_set_brand_AmericanExpress */
6800x67,0x2A,0x08,0x23, /* [4400] OBJ_set_brand_JCB */
6810x67,0x2A,0x08,0x04, /* [4404] OBJ_set_brand_Visa */
6820x67,0x2A,0x08,0x05, /* [4408] OBJ_set_brand_MasterCard */
6830x67,0x2A,0x08,0xAE,0x7B, /* [4412] OBJ_set_brand_Novus */
6840x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4417] OBJ_des_cdmf */
6850x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */
552}; 686};
553 687
554static ASN1_OBJECT nid_objs[NUM_NID]={ 688static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1334,6 +1468,257 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
1334 NID_id_hex_multipart_message,7,&(lvalues[3870]),0}, 1468 NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
1335{"generationQualifier","generationQualifier",NID_generationQualifier, 1469{"generationQualifier","generationQualifier",NID_generationQualifier,
1336 3,&(lvalues[3877]),0}, 1470 3,&(lvalues[3877]),0},
1471{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0},
1472{NULL,NULL,NID_undef,0,NULL},
1473{"id-set","Secure Electronic Transactions",NID_id_set,2,
1474 &(lvalues[3883]),0},
1475{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0},
1476{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0},
1477{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0},
1478{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0},
1479{"set-certExt","certificate extensions",NID_set_certExt,3,
1480 &(lvalues[3897]),0},
1481{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0},
1482{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0},
1483{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
1484 &(lvalues[3907]),0},
1485{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0},
1486{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0},
1487{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0},
1488{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0},
1489{"setct-PIDataUnsigned","setct-PIDataUnsigned",
1490 NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0},
1491{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
1492 &(lvalues[3931]),0},
1493{"setct-AuthResBaggage","setct-AuthResBaggage",
1494 NID_setct_AuthResBaggage,4,&(lvalues[3935]),0},
1495{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
1496 NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0},
1497{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
1498 NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0},
1499{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
1500 &(lvalues[3947]),0},
1501{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
1502 &(lvalues[3951]),0},
1503{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0},
1504{"setct-PResData","setct-PResData",NID_setct_PResData,4,
1505 &(lvalues[3959]),0},
1506{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
1507 &(lvalues[3963]),0},
1508{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
1509 &(lvalues[3967]),0},
1510{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
1511 &(lvalues[3971]),0},
1512{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
1513 &(lvalues[3975]),0},
1514{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
1515 &(lvalues[3979]),0},
1516{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
1517 &(lvalues[3983]),0},
1518{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
1519 NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0},
1520{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
1521 4,&(lvalues[3991]),0},
1522{"setct-AuthRevResData","setct-AuthRevResData",
1523 NID_setct_AuthRevResData,4,&(lvalues[3995]),0},
1524{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
1525 4,&(lvalues[3999]),0},
1526{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
1527 &(lvalues[4003]),0},
1528{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
1529 &(lvalues[4007]),0},
1530{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
1531 &(lvalues[4011]),0},
1532{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
1533 &(lvalues[4015]),0},
1534{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
1535 4,&(lvalues[4019]),0},
1536{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
1537 4,&(lvalues[4023]),0},
1538{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
1539 &(lvalues[4027]),0},
1540{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
1541 &(lvalues[4031]),0},
1542{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
1543 &(lvalues[4035]),0},
1544{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
1545 4,&(lvalues[4039]),0},
1546{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
1547 NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0},
1548{"setct-CredRevResData","setct-CredRevResData",
1549 NID_setct_CredRevResData,4,&(lvalues[4047]),0},
1550{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
1551 &(lvalues[4051]),0},
1552{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
1553 &(lvalues[4055]),0},
1554{"setct-BatchAdminReqData","setct-BatchAdminReqData",
1555 NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0},
1556{"setct-BatchAdminResData","setct-BatchAdminResData",
1557 NID_setct_BatchAdminResData,4,&(lvalues[4063]),0},
1558{"setct-CardCInitResTBS","setct-CardCInitResTBS",
1559 NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0},
1560{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
1561 NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0},
1562{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
1563 4,&(lvalues[4075]),0},
1564{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
1565 &(lvalues[4079]),0},
1566{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
1567 &(lvalues[4083]),0},
1568{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
1569 &(lvalues[4087]),0},
1570{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
1571 4,&(lvalues[4091]),0},
1572{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
1573 &(lvalues[4095]),0},
1574{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
1575 NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0},
1576{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
1577 4,&(lvalues[4103]),0},
1578{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
1579 &(lvalues[4107]),0},
1580{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
1581 &(lvalues[4111]),0},
1582{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
1583 &(lvalues[4115]),0},
1584{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
1585 &(lvalues[4119]),0},
1586{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
1587 &(lvalues[4123]),0},
1588{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
1589 &(lvalues[4127]),0},
1590{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
1591 NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0},
1592{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
1593 4,&(lvalues[4135]),0},
1594{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
1595 4,&(lvalues[4139]),0},
1596{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
1597 NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0},
1598{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
1599 &(lvalues[4147]),0},
1600{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
1601 &(lvalues[4151]),0},
1602{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
1603 &(lvalues[4155]),0},
1604{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
1605 &(lvalues[4159]),0},
1606{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
1607 4,&(lvalues[4163]),0},
1608{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
1609 &(lvalues[4167]),0},
1610{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
1611 &(lvalues[4171]),0},
1612{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
1613 &(lvalues[4175]),0},
1614{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
1615 &(lvalues[4179]),0},
1616{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
1617 4,&(lvalues[4183]),0},
1618{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
1619 NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0},
1620{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
1621 4,&(lvalues[4191]),0},
1622{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
1623 NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0},
1624{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
1625 NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0},
1626{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
1627 4,&(lvalues[4203]),0},
1628{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
1629 &(lvalues[4207]),0},
1630{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
1631 &(lvalues[4211]),0},
1632{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
1633 &(lvalues[4215]),0},
1634{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
1635 NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0},
1636{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
1637 NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0},
1638{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
1639 NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0},
1640{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
1641 &(lvalues[4231]),0},
1642{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
1643 &(lvalues[4235]),0},
1644{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
1645 &(lvalues[4239]),0},
1646{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0},
1647{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0},
1648{"setext-cv","additional verification",NID_setext_cv,4,
1649 &(lvalues[4251]),0},
1650{"set-policy-root","set-policy-root",NID_set_policy_root,4,
1651 &(lvalues[4255]),0},
1652{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
1653 &(lvalues[4259]),0},
1654{"setCext-certType","setCext-certType",NID_setCext_certType,4,
1655 &(lvalues[4263]),0},
1656{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
1657 &(lvalues[4267]),0},
1658{"setCext-cCertRequired","setCext-cCertRequired",
1659 NID_setCext_cCertRequired,4,&(lvalues[4271]),0},
1660{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
1661 &(lvalues[4275]),0},
1662{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
1663 &(lvalues[4279]),0},
1664{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
1665 &(lvalues[4283]),0},
1666{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
1667 NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0},
1668{"setCext-TokenIdentifier","setCext-TokenIdentifier",
1669 NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0},
1670{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
1671 &(lvalues[4295]),0},
1672{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
1673 &(lvalues[4299]),0},
1674{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
1675 NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0},
1676{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0},
1677{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
1678 4,&(lvalues[4311]),0},
1679{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
1680 &(lvalues[4315]),0},
1681{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
1682 &(lvalues[4319]),0},
1683{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
1684 &(lvalues[4323]),0},
1685{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0},
1686{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
1687 &(lvalues[4333]),0},
1688{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
1689 NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0},
1690{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
1691 &(lvalues[4343]),0},
1692{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
1693 &(lvalues[4348]),0},
1694{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
1695 &(lvalues[4353]),0},
1696{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
1697 6,&(lvalues[4358]),0},
1698{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
1699 &(lvalues[4364]),0},
1700{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
1701 &(lvalues[4370]),0},
1702{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
1703 &(lvalues[4376]),0},
1704{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
1705 6,&(lvalues[4382]),0},
1706{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
1707 &(lvalues[4388]),0},
1708{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
1709 &(lvalues[4392]),0},
1710{"set-brand-AmericanExpress","set-brand-AmericanExpress",
1711 NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0},
1712{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0},
1713{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
1714 &(lvalues[4404]),0},
1715{"set-brand-MasterCard","set-brand-MasterCard",
1716 NID_set_brand_MasterCard,4,&(lvalues[4408]),0},
1717{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
1718 &(lvalues[4412]),0},
1719{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0},
1720{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
1721 NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0},
1337}; 1722};
1338 1723
1339static ASN1_OBJECT *sn_objs[NUM_SN]={ 1724static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1366,6 +1751,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1366&(nid_objs[367]),/* "CrlID" */ 1751&(nid_objs[367]),/* "CrlID" */
1367&(nid_objs[391]),/* "DC" */ 1752&(nid_objs[391]),/* "DC" */
1368&(nid_objs[31]),/* "DES-CBC" */ 1753&(nid_objs[31]),/* "DES-CBC" */
1754&(nid_objs[643]),/* "DES-CDMF" */
1369&(nid_objs[30]),/* "DES-CFB" */ 1755&(nid_objs[30]),/* "DES-CFB" */
1370&(nid_objs[29]),/* "DES-ECB" */ 1756&(nid_objs[29]),/* "DES-ECB" */
1371&(nid_objs[32]),/* "DES-EDE" */ 1757&(nid_objs[32]),/* "DES-EDE" */
@@ -1642,6 +2028,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1642&(nid_objs[314]),/* "id-regInfo" */ 2028&(nid_objs[314]),/* "id-regInfo" */
1643&(nid_objs[322]),/* "id-regInfo-certReq" */ 2029&(nid_objs[322]),/* "id-regInfo-certReq" */
1644&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */ 2030&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
2031&(nid_objs[512]),/* "id-set" */
1645&(nid_objs[191]),/* "id-smime-aa" */ 2032&(nid_objs[191]),/* "id-smime-aa" */
1646&(nid_objs[215]),/* "id-smime-aa-contentHint" */ 2033&(nid_objs[215]),/* "id-smime-aa-contentHint" */
1647&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */ 2034&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
@@ -1798,6 +2185,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1798&(nid_objs[415]),/* "prime256v1" */ 2185&(nid_objs[415]),/* "prime256v1" */
1799&(nid_objs[385]),/* "private" */ 2186&(nid_objs[385]),/* "private" */
1800&(nid_objs[84]),/* "privateKeyUsagePeriod" */ 2187&(nid_objs[84]),/* "privateKeyUsagePeriod" */
2188&(nid_objs[510]),/* "pseudonym" */
1801&(nid_objs[435]),/* "pss" */ 2189&(nid_objs[435]),/* "pss" */
1802&(nid_objs[286]),/* "qcStatements" */ 2190&(nid_objs[286]),/* "qcStatements" */
1803&(nid_objs[457]),/* "qualityLabelledData" */ 2191&(nid_objs[457]),/* "qualityLabelledData" */
@@ -1806,6 +2194,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1806&(nid_objs[448]),/* "room" */ 2194&(nid_objs[448]),/* "room" */
1807&(nid_objs[463]),/* "roomNumber" */ 2195&(nid_objs[463]),/* "roomNumber" */
1808&(nid_objs[ 6]),/* "rsaEncryption" */ 2196&(nid_objs[ 6]),/* "rsaEncryption" */
2197&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
1809&(nid_objs[377]),/* "rsaSignature" */ 2198&(nid_objs[377]),/* "rsaSignature" */
1810&(nid_objs[ 1]),/* "rsadsi" */ 2199&(nid_objs[ 1]),/* "rsadsi" */
1811&(nid_objs[482]),/* "sOARecord" */ 2200&(nid_objs[482]),/* "sOARecord" */
@@ -1821,6 +2210,136 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
1821&(nid_objs[105]),/* "serialNumber" */ 2210&(nid_objs[105]),/* "serialNumber" */
1822&(nid_objs[129]),/* "serverAuth" */ 2211&(nid_objs[129]),/* "serverAuth" */
1823&(nid_objs[371]),/* "serviceLocator" */ 2212&(nid_objs[371]),/* "serviceLocator" */
2213&(nid_objs[625]),/* "set-addPolicy" */
2214&(nid_objs[515]),/* "set-attr" */
2215&(nid_objs[518]),/* "set-brand" */
2216&(nid_objs[638]),/* "set-brand-AmericanExpress" */
2217&(nid_objs[637]),/* "set-brand-Diners" */
2218&(nid_objs[636]),/* "set-brand-IATA-ATA" */
2219&(nid_objs[639]),/* "set-brand-JCB" */
2220&(nid_objs[641]),/* "set-brand-MasterCard" */
2221&(nid_objs[642]),/* "set-brand-Novus" */
2222&(nid_objs[640]),/* "set-brand-Visa" */
2223&(nid_objs[517]),/* "set-certExt" */
2224&(nid_objs[513]),/* "set-ctype" */
2225&(nid_objs[514]),/* "set-msgExt" */
2226&(nid_objs[516]),/* "set-policy" */
2227&(nid_objs[607]),/* "set-policy-root" */
2228&(nid_objs[624]),/* "set-rootKeyThumb" */
2229&(nid_objs[620]),/* "setAttr-Cert" */
2230&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
2231&(nid_objs[623]),/* "setAttr-IssCap" */
2232&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
2233&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
2234&(nid_objs[629]),/* "setAttr-IssCap-T2" */
2235&(nid_objs[621]),/* "setAttr-PGWYcap" */
2236&(nid_objs[635]),/* "setAttr-SecDevSig" */
2237&(nid_objs[632]),/* "setAttr-T2Enc" */
2238&(nid_objs[633]),/* "setAttr-T2cleartxt" */
2239&(nid_objs[634]),/* "setAttr-TokICCsig" */
2240&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
2241&(nid_objs[626]),/* "setAttr-Token-EMV" */
2242&(nid_objs[622]),/* "setAttr-TokenType" */
2243&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
2244&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
2245&(nid_objs[616]),/* "setCext-TokenIdentifier" */
2246&(nid_objs[618]),/* "setCext-TokenType" */
2247&(nid_objs[617]),/* "setCext-Track2Data" */
2248&(nid_objs[611]),/* "setCext-cCertRequired" */
2249&(nid_objs[609]),/* "setCext-certType" */
2250&(nid_objs[608]),/* "setCext-hashedRoot" */
2251&(nid_objs[610]),/* "setCext-merchData" */
2252&(nid_objs[613]),/* "setCext-setExt" */
2253&(nid_objs[614]),/* "setCext-setQualf" */
2254&(nid_objs[612]),/* "setCext-tunneling" */
2255&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
2256&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
2257&(nid_objs[570]),/* "setct-AuthReqTBE" */
2258&(nid_objs[534]),/* "setct-AuthReqTBS" */
2259&(nid_objs[527]),/* "setct-AuthResBaggage" */
2260&(nid_objs[571]),/* "setct-AuthResTBE" */
2261&(nid_objs[572]),/* "setct-AuthResTBEX" */
2262&(nid_objs[535]),/* "setct-AuthResTBS" */
2263&(nid_objs[536]),/* "setct-AuthResTBSX" */
2264&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
2265&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
2266&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
2267&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
2268&(nid_objs[542]),/* "setct-AuthRevResData" */
2269&(nid_objs[578]),/* "setct-AuthRevResTBE" */
2270&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
2271&(nid_objs[543]),/* "setct-AuthRevResTBS" */
2272&(nid_objs[573]),/* "setct-AuthTokenTBE" */
2273&(nid_objs[537]),/* "setct-AuthTokenTBS" */
2274&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
2275&(nid_objs[558]),/* "setct-BatchAdminReqData" */
2276&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
2277&(nid_objs[559]),/* "setct-BatchAdminResData" */
2278&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
2279&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
2280&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
2281&(nid_objs[580]),/* "setct-CapReqTBE" */
2282&(nid_objs[581]),/* "setct-CapReqTBEX" */
2283&(nid_objs[544]),/* "setct-CapReqTBS" */
2284&(nid_objs[545]),/* "setct-CapReqTBSX" */
2285&(nid_objs[546]),/* "setct-CapResData" */
2286&(nid_objs[582]),/* "setct-CapResTBE" */
2287&(nid_objs[583]),/* "setct-CapRevReqTBE" */
2288&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
2289&(nid_objs[547]),/* "setct-CapRevReqTBS" */
2290&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
2291&(nid_objs[549]),/* "setct-CapRevResData" */
2292&(nid_objs[585]),/* "setct-CapRevResTBE" */
2293&(nid_objs[538]),/* "setct-CapTokenData" */
2294&(nid_objs[530]),/* "setct-CapTokenSeq" */
2295&(nid_objs[574]),/* "setct-CapTokenTBE" */
2296&(nid_objs[575]),/* "setct-CapTokenTBEX" */
2297&(nid_objs[539]),/* "setct-CapTokenTBS" */
2298&(nid_objs[560]),/* "setct-CardCInitResTBS" */
2299&(nid_objs[566]),/* "setct-CertInqReqTBS" */
2300&(nid_objs[563]),/* "setct-CertReqData" */
2301&(nid_objs[595]),/* "setct-CertReqTBE" */
2302&(nid_objs[596]),/* "setct-CertReqTBEX" */
2303&(nid_objs[564]),/* "setct-CertReqTBS" */
2304&(nid_objs[565]),/* "setct-CertResData" */
2305&(nid_objs[597]),/* "setct-CertResTBE" */
2306&(nid_objs[586]),/* "setct-CredReqTBE" */
2307&(nid_objs[587]),/* "setct-CredReqTBEX" */
2308&(nid_objs[550]),/* "setct-CredReqTBS" */
2309&(nid_objs[551]),/* "setct-CredReqTBSX" */
2310&(nid_objs[552]),/* "setct-CredResData" */
2311&(nid_objs[588]),/* "setct-CredResTBE" */
2312&(nid_objs[589]),/* "setct-CredRevReqTBE" */
2313&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
2314&(nid_objs[553]),/* "setct-CredRevReqTBS" */
2315&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
2316&(nid_objs[555]),/* "setct-CredRevResData" */
2317&(nid_objs[591]),/* "setct-CredRevResTBE" */
2318&(nid_objs[567]),/* "setct-ErrorTBS" */
2319&(nid_objs[526]),/* "setct-HODInput" */
2320&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
2321&(nid_objs[522]),/* "setct-OIData" */
2322&(nid_objs[519]),/* "setct-PANData" */
2323&(nid_objs[521]),/* "setct-PANOnly" */
2324&(nid_objs[520]),/* "setct-PANToken" */
2325&(nid_objs[556]),/* "setct-PCertReqData" */
2326&(nid_objs[557]),/* "setct-PCertResTBS" */
2327&(nid_objs[523]),/* "setct-PI" */
2328&(nid_objs[532]),/* "setct-PI-TBS" */
2329&(nid_objs[524]),/* "setct-PIData" */
2330&(nid_objs[525]),/* "setct-PIDataUnsigned" */
2331&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
2332&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
2333&(nid_objs[531]),/* "setct-PInitResData" */
2334&(nid_objs[533]),/* "setct-PResData" */
2335&(nid_objs[594]),/* "setct-RegFormReqTBE" */
2336&(nid_objs[562]),/* "setct-RegFormResTBS" */
2337&(nid_objs[606]),/* "setext-cv" */
2338&(nid_objs[601]),/* "setext-genCrypt" */
2339&(nid_objs[602]),/* "setext-miAuth" */
2340&(nid_objs[604]),/* "setext-pinAny" */
2341&(nid_objs[603]),/* "setext-pinSecure" */
2342&(nid_objs[605]),/* "setext-track2" */
1824&(nid_objs[52]),/* "signingTime" */ 2343&(nid_objs[52]),/* "signingTime" */
1825&(nid_objs[454]),/* "simpleSecurityObject" */ 2344&(nid_objs[454]),/* "simpleSecurityObject" */
1826&(nid_objs[496]),/* "singleLevelQuality" */ 2345&(nid_objs[496]),/* "singleLevelQuality" */
@@ -1866,6 +2385,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1866&(nid_objs[430]),/* "Hold Instruction Code" */ 2385&(nid_objs[430]),/* "Hold Instruction Code" */
1867&(nid_objs[431]),/* "Hold Instruction None" */ 2386&(nid_objs[431]),/* "Hold Instruction None" */
1868&(nid_objs[433]),/* "Hold Instruction Reject" */ 2387&(nid_objs[433]),/* "Hold Instruction Reject" */
2388&(nid_objs[634]),/* "ICC or token signature" */
1869&(nid_objs[294]),/* "IPSec End System" */ 2389&(nid_objs[294]),/* "IPSec End System" */
1870&(nid_objs[295]),/* "IPSec Tunnel" */ 2390&(nid_objs[295]),/* "IPSec Tunnel" */
1871&(nid_objs[296]),/* "IPSec User" */ 2391&(nid_objs[296]),/* "IPSec User" */
@@ -1914,6 +2434,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1914&(nid_objs[188]),/* "S/MIME" */ 2434&(nid_objs[188]),/* "S/MIME" */
1915&(nid_objs[167]),/* "S/MIME Capabilities" */ 2435&(nid_objs[167]),/* "S/MIME Capabilities" */
1916&(nid_objs[387]),/* "SNMPv2" */ 2436&(nid_objs[387]),/* "SNMPv2" */
2437&(nid_objs[512]),/* "Secure Electronic Transactions" */
1917&(nid_objs[386]),/* "Security" */ 2438&(nid_objs[386]),/* "Security" */
1918&(nid_objs[394]),/* "Selected Attribute Types" */ 2439&(nid_objs[394]),/* "Selected Attribute Types" */
1919&(nid_objs[143]),/* "Strong Extranet ID" */ 2440&(nid_objs[143]),/* "Strong Extranet ID" */
@@ -1948,6 +2469,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1948&(nid_objs[288]),/* "ac-targeting" */ 2469&(nid_objs[288]),/* "ac-targeting" */
1949&(nid_objs[446]),/* "account" */ 2470&(nid_objs[446]),/* "account" */
1950&(nid_objs[364]),/* "ad dvcs" */ 2471&(nid_objs[364]),/* "ad dvcs" */
2472&(nid_objs[606]),/* "additional verification" */
1951&(nid_objs[419]),/* "aes-128-cbc" */ 2473&(nid_objs[419]),/* "aes-128-cbc" */
1952&(nid_objs[421]),/* "aes-128-cfb" */ 2474&(nid_objs[421]),/* "aes-128-cfb" */
1953&(nid_objs[418]),/* "aes-128-ecb" */ 2475&(nid_objs[418]),/* "aes-128-ecb" */
@@ -1977,10 +2499,13 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1977&(nid_objs[111]),/* "cast5-ofb" */ 2499&(nid_objs[111]),/* "cast5-ofb" */
1978&(nid_objs[404]),/* "ccitt" */ 2500&(nid_objs[404]),/* "ccitt" */
1979&(nid_objs[152]),/* "certBag" */ 2501&(nid_objs[152]),/* "certBag" */
2502&(nid_objs[517]),/* "certificate extensions" */
1980&(nid_objs[54]),/* "challengePassword" */ 2503&(nid_objs[54]),/* "challengePassword" */
1981&(nid_objs[407]),/* "characteristic-two-field" */ 2504&(nid_objs[407]),/* "characteristic-two-field" */
1982&(nid_objs[395]),/* "clearance" */ 2505&(nid_objs[395]),/* "clearance" */
2506&(nid_objs[633]),/* "cleartext track 2" */
1983&(nid_objs[13]),/* "commonName" */ 2507&(nid_objs[13]),/* "commonName" */
2508&(nid_objs[513]),/* "content types" */
1984&(nid_objs[50]),/* "contentType" */ 2509&(nid_objs[50]),/* "contentType" */
1985&(nid_objs[53]),/* "countersignature" */ 2510&(nid_objs[53]),/* "countersignature" */
1986&(nid_objs[14]),/* "countryName" */ 2511&(nid_objs[14]),/* "countryName" */
@@ -1991,6 +2516,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
1991&(nid_objs[434]),/* "data" */ 2516&(nid_objs[434]),/* "data" */
1992&(nid_objs[390]),/* "dcObject" */ 2517&(nid_objs[390]),/* "dcObject" */
1993&(nid_objs[31]),/* "des-cbc" */ 2518&(nid_objs[31]),/* "des-cbc" */
2519&(nid_objs[643]),/* "des-cdmf" */
1994&(nid_objs[30]),/* "des-cfb" */ 2520&(nid_objs[30]),/* "des-cfb" */
1995&(nid_objs[29]),/* "des-ecb" */ 2521&(nid_objs[29]),/* "des-ecb" */
1996&(nid_objs[32]),/* "des-ede" */ 2522&(nid_objs[32]),/* "des-ede" */
@@ -2027,12 +2553,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2027&(nid_objs[297]),/* "dvcs" */ 2553&(nid_objs[297]),/* "dvcs" */
2028&(nid_objs[416]),/* "ecdsa-with-SHA1" */ 2554&(nid_objs[416]),/* "ecdsa-with-SHA1" */
2029&(nid_objs[48]),/* "emailAddress" */ 2555&(nid_objs[48]),/* "emailAddress" */
2556&(nid_objs[632]),/* "encrypted track 2" */
2030&(nid_objs[56]),/* "extendedCertificateAttributes" */ 2557&(nid_objs[56]),/* "extendedCertificateAttributes" */
2031&(nid_objs[462]),/* "favouriteDrink" */ 2558&(nid_objs[462]),/* "favouriteDrink" */
2032&(nid_objs[453]),/* "friendlyCountry" */ 2559&(nid_objs[453]),/* "friendlyCountry" */
2033&(nid_objs[490]),/* "friendlyCountryName" */ 2560&(nid_objs[490]),/* "friendlyCountryName" */
2034&(nid_objs[156]),/* "friendlyName" */ 2561&(nid_objs[156]),/* "friendlyName" */
2562&(nid_objs[631]),/* "generate cryptogram" */
2035&(nid_objs[509]),/* "generationQualifier" */ 2563&(nid_objs[509]),/* "generationQualifier" */
2564&(nid_objs[601]),/* "generic cryptogram" */
2036&(nid_objs[99]),/* "givenName" */ 2565&(nid_objs[99]),/* "givenName" */
2037&(nid_objs[163]),/* "hmacWithSHA1" */ 2566&(nid_objs[163]),/* "hmacWithSHA1" */
2038&(nid_objs[486]),/* "homePostalAddress" */ 2567&(nid_objs[486]),/* "homePostalAddress" */
@@ -2214,6 +2743,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2214&(nid_objs[461]),/* "info" */ 2743&(nid_objs[461]),/* "info" */
2215&(nid_objs[101]),/* "initials" */ 2744&(nid_objs[101]),/* "initials" */
2216&(nid_objs[181]),/* "iso" */ 2745&(nid_objs[181]),/* "iso" */
2746&(nid_objs[623]),/* "issuer capabilities" */
2217&(nid_objs[492]),/* "janetMailbox" */ 2747&(nid_objs[492]),/* "janetMailbox" */
2218&(nid_objs[393]),/* "joint-iso-ccitt" */ 2748&(nid_objs[393]),/* "joint-iso-ccitt" */
2219&(nid_objs[150]),/* "keyBag" */ 2749&(nid_objs[150]),/* "keyBag" */
@@ -2234,6 +2764,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2234&(nid_objs[ 8]),/* "md5WithRSAEncryption" */ 2764&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
2235&(nid_objs[95]),/* "mdc2" */ 2765&(nid_objs[95]),/* "mdc2" */
2236&(nid_objs[96]),/* "mdc2WithRSA" */ 2766&(nid_objs[96]),/* "mdc2WithRSA" */
2767&(nid_objs[602]),/* "merchant initiated auth" */
2768&(nid_objs[514]),/* "message extensions" */
2237&(nid_objs[51]),/* "messageDigest" */ 2769&(nid_objs[51]),/* "messageDigest" */
2238&(nid_objs[506]),/* "mime-mhs-bodies" */ 2770&(nid_objs[506]),/* "mime-mhs-bodies" */
2239&(nid_objs[505]),/* "mime-mhs-headings" */ 2771&(nid_objs[505]),/* "mime-mhs-headings" */
@@ -2247,6 +2779,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2247&(nid_objs[475]),/* "otherMailbox" */ 2779&(nid_objs[475]),/* "otherMailbox" */
2248&(nid_objs[489]),/* "pagerTelephoneNumber" */ 2780&(nid_objs[489]),/* "pagerTelephoneNumber" */
2249&(nid_objs[374]),/* "path" */ 2781&(nid_objs[374]),/* "path" */
2782&(nid_objs[621]),/* "payment gateway capabilities" */
2250&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */ 2783&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
2251&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */ 2784&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
2252&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */ 2785&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
@@ -2293,6 +2826,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2293&(nid_objs[413]),/* "prime239v2" */ 2826&(nid_objs[413]),/* "prime239v2" */
2294&(nid_objs[414]),/* "prime239v3" */ 2827&(nid_objs[414]),/* "prime239v3" */
2295&(nid_objs[415]),/* "prime256v1" */ 2828&(nid_objs[415]),/* "prime256v1" */
2829&(nid_objs[510]),/* "pseudonym" */
2296&(nid_objs[435]),/* "pss" */ 2830&(nid_objs[435]),/* "pss" */
2297&(nid_objs[286]),/* "qcStatements" */ 2831&(nid_objs[286]),/* "qcStatements" */
2298&(nid_objs[457]),/* "qualityLabelledData" */ 2832&(nid_objs[457]),/* "qualityLabelledData" */
@@ -2317,6 +2851,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2317&(nid_objs[463]),/* "roomNumber" */ 2851&(nid_objs[463]),/* "roomNumber" */
2318&(nid_objs[19]),/* "rsa" */ 2852&(nid_objs[19]),/* "rsa" */
2319&(nid_objs[ 6]),/* "rsaEncryption" */ 2853&(nid_objs[ 6]),/* "rsaEncryption" */
2854&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
2320&(nid_objs[377]),/* "rsaSignature" */ 2855&(nid_objs[377]),/* "rsaSignature" */
2321&(nid_objs[124]),/* "run length compression" */ 2856&(nid_objs[124]),/* "run length compression" */
2322&(nid_objs[482]),/* "sOARecord" */ 2857&(nid_objs[482]),/* "sOARecord" */
@@ -2327,7 +2862,125 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
2327&(nid_objs[159]),/* "sdsiCertificate" */ 2862&(nid_objs[159]),/* "sdsiCertificate" */
2328&(nid_objs[154]),/* "secretBag" */ 2863&(nid_objs[154]),/* "secretBag" */
2329&(nid_objs[474]),/* "secretary" */ 2864&(nid_objs[474]),/* "secretary" */
2865&(nid_objs[635]),/* "secure device signature" */
2330&(nid_objs[105]),/* "serialNumber" */ 2866&(nid_objs[105]),/* "serialNumber" */
2867&(nid_objs[625]),/* "set-addPolicy" */
2868&(nid_objs[515]),/* "set-attr" */
2869&(nid_objs[518]),/* "set-brand" */
2870&(nid_objs[638]),/* "set-brand-AmericanExpress" */
2871&(nid_objs[637]),/* "set-brand-Diners" */
2872&(nid_objs[636]),/* "set-brand-IATA-ATA" */
2873&(nid_objs[639]),/* "set-brand-JCB" */
2874&(nid_objs[641]),/* "set-brand-MasterCard" */
2875&(nid_objs[642]),/* "set-brand-Novus" */
2876&(nid_objs[640]),/* "set-brand-Visa" */
2877&(nid_objs[516]),/* "set-policy" */
2878&(nid_objs[607]),/* "set-policy-root" */
2879&(nid_objs[624]),/* "set-rootKeyThumb" */
2880&(nid_objs[620]),/* "setAttr-Cert" */
2881&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
2882&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
2883&(nid_objs[629]),/* "setAttr-IssCap-T2" */
2884&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
2885&(nid_objs[626]),/* "setAttr-Token-EMV" */
2886&(nid_objs[622]),/* "setAttr-TokenType" */
2887&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
2888&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
2889&(nid_objs[616]),/* "setCext-TokenIdentifier" */
2890&(nid_objs[618]),/* "setCext-TokenType" */
2891&(nid_objs[617]),/* "setCext-Track2Data" */
2892&(nid_objs[611]),/* "setCext-cCertRequired" */
2893&(nid_objs[609]),/* "setCext-certType" */
2894&(nid_objs[608]),/* "setCext-hashedRoot" */
2895&(nid_objs[610]),/* "setCext-merchData" */
2896&(nid_objs[613]),/* "setCext-setExt" */
2897&(nid_objs[614]),/* "setCext-setQualf" */
2898&(nid_objs[612]),/* "setCext-tunneling" */
2899&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
2900&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
2901&(nid_objs[570]),/* "setct-AuthReqTBE" */
2902&(nid_objs[534]),/* "setct-AuthReqTBS" */
2903&(nid_objs[527]),/* "setct-AuthResBaggage" */
2904&(nid_objs[571]),/* "setct-AuthResTBE" */
2905&(nid_objs[572]),/* "setct-AuthResTBEX" */
2906&(nid_objs[535]),/* "setct-AuthResTBS" */
2907&(nid_objs[536]),/* "setct-AuthResTBSX" */
2908&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
2909&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
2910&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
2911&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
2912&(nid_objs[542]),/* "setct-AuthRevResData" */
2913&(nid_objs[578]),/* "setct-AuthRevResTBE" */
2914&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
2915&(nid_objs[543]),/* "setct-AuthRevResTBS" */
2916&(nid_objs[573]),/* "setct-AuthTokenTBE" */
2917&(nid_objs[537]),/* "setct-AuthTokenTBS" */
2918&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
2919&(nid_objs[558]),/* "setct-BatchAdminReqData" */
2920&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
2921&(nid_objs[559]),/* "setct-BatchAdminResData" */
2922&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
2923&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
2924&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
2925&(nid_objs[580]),/* "setct-CapReqTBE" */
2926&(nid_objs[581]),/* "setct-CapReqTBEX" */
2927&(nid_objs[544]),/* "setct-CapReqTBS" */
2928&(nid_objs[545]),/* "setct-CapReqTBSX" */
2929&(nid_objs[546]),/* "setct-CapResData" */
2930&(nid_objs[582]),/* "setct-CapResTBE" */
2931&(nid_objs[583]),/* "setct-CapRevReqTBE" */
2932&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
2933&(nid_objs[547]),/* "setct-CapRevReqTBS" */
2934&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
2935&(nid_objs[549]),/* "setct-CapRevResData" */
2936&(nid_objs[585]),/* "setct-CapRevResTBE" */
2937&(nid_objs[538]),/* "setct-CapTokenData" */
2938&(nid_objs[530]),/* "setct-CapTokenSeq" */
2939&(nid_objs[574]),/* "setct-CapTokenTBE" */
2940&(nid_objs[575]),/* "setct-CapTokenTBEX" */
2941&(nid_objs[539]),/* "setct-CapTokenTBS" */
2942&(nid_objs[560]),/* "setct-CardCInitResTBS" */
2943&(nid_objs[566]),/* "setct-CertInqReqTBS" */
2944&(nid_objs[563]),/* "setct-CertReqData" */
2945&(nid_objs[595]),/* "setct-CertReqTBE" */
2946&(nid_objs[596]),/* "setct-CertReqTBEX" */
2947&(nid_objs[564]),/* "setct-CertReqTBS" */
2948&(nid_objs[565]),/* "setct-CertResData" */
2949&(nid_objs[597]),/* "setct-CertResTBE" */
2950&(nid_objs[586]),/* "setct-CredReqTBE" */
2951&(nid_objs[587]),/* "setct-CredReqTBEX" */
2952&(nid_objs[550]),/* "setct-CredReqTBS" */
2953&(nid_objs[551]),/* "setct-CredReqTBSX" */
2954&(nid_objs[552]),/* "setct-CredResData" */
2955&(nid_objs[588]),/* "setct-CredResTBE" */
2956&(nid_objs[589]),/* "setct-CredRevReqTBE" */
2957&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
2958&(nid_objs[553]),/* "setct-CredRevReqTBS" */
2959&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
2960&(nid_objs[555]),/* "setct-CredRevResData" */
2961&(nid_objs[591]),/* "setct-CredRevResTBE" */
2962&(nid_objs[567]),/* "setct-ErrorTBS" */
2963&(nid_objs[526]),/* "setct-HODInput" */
2964&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
2965&(nid_objs[522]),/* "setct-OIData" */
2966&(nid_objs[519]),/* "setct-PANData" */
2967&(nid_objs[521]),/* "setct-PANOnly" */
2968&(nid_objs[520]),/* "setct-PANToken" */
2969&(nid_objs[556]),/* "setct-PCertReqData" */
2970&(nid_objs[557]),/* "setct-PCertResTBS" */
2971&(nid_objs[523]),/* "setct-PI" */
2972&(nid_objs[532]),/* "setct-PI-TBS" */
2973&(nid_objs[524]),/* "setct-PIData" */
2974&(nid_objs[525]),/* "setct-PIDataUnsigned" */
2975&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
2976&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
2977&(nid_objs[531]),/* "setct-PInitResData" */
2978&(nid_objs[533]),/* "setct-PResData" */
2979&(nid_objs[594]),/* "setct-RegFormReqTBE" */
2980&(nid_objs[562]),/* "setct-RegFormResTBS" */
2981&(nid_objs[604]),/* "setext-pinAny" */
2982&(nid_objs[603]),/* "setext-pinSecure" */
2983&(nid_objs[605]),/* "setext-track2" */
2331&(nid_objs[41]),/* "sha" */ 2984&(nid_objs[41]),/* "sha" */
2332&(nid_objs[64]),/* "sha1" */ 2985&(nid_objs[64]),/* "sha1" */
2333&(nid_objs[115]),/* "sha1WithRSA" */ 2986&(nid_objs[115]),/* "sha1WithRSA" */
@@ -2369,6 +3022,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2369&(nid_objs[12]),/* OBJ_X509 2 5 4 */ 3022&(nid_objs[12]),/* OBJ_X509 2 5 4 */
2370&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */ 3023&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */
2371&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */ 3024&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */
3025&(nid_objs[512]),/* OBJ_id_set 2 23 42 */
2372&(nid_objs[435]),/* OBJ_pss 0 9 2342 */ 3026&(nid_objs[435]),/* OBJ_pss 0 9 2342 */
2373&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */ 3027&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */
2374&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */ 3028&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */
@@ -2389,6 +3043,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2389&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */ 3043&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */
2390&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */ 3044&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
2391&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */ 3045&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
3046&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
2392&(nid_objs[400]),/* OBJ_role 2 5 4 72 */ 3047&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
2393&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */ 3048&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
2394&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */ 3049&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
@@ -2408,6 +3063,12 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2408&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ 3063&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
2409&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ 3064&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */
2410&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ 3065&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */
3066&(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */
3067&(nid_objs[514]),/* OBJ_set_msgExt 2 23 42 1 */
3068&(nid_objs[515]),/* OBJ_set_attr 2 23 42 3 */
3069&(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */
3070&(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */
3071&(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */
2411&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */ 3072&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */
2412&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */ 3073&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */
2413&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */ 3074&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */
@@ -2420,6 +3081,117 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2420&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ 3081&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
2421&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ 3082&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
2422&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ 3083&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
3084&(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */
3085&(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */
3086&(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */
3087&(nid_objs[522]),/* OBJ_setct_OIData 2 23 42 0 3 */
3088&(nid_objs[523]),/* OBJ_setct_PI 2 23 42 0 4 */
3089&(nid_objs[524]),/* OBJ_setct_PIData 2 23 42 0 5 */
3090&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
3091&(nid_objs[526]),/* OBJ_setct_HODInput 2 23 42 0 7 */
3092&(nid_objs[527]),/* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
3093&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
3094&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
3095&(nid_objs[530]),/* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
3096&(nid_objs[531]),/* OBJ_setct_PInitResData 2 23 42 0 12 */
3097&(nid_objs[532]),/* OBJ_setct_PI_TBS 2 23 42 0 13 */
3098&(nid_objs[533]),/* OBJ_setct_PResData 2 23 42 0 14 */
3099&(nid_objs[534]),/* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
3100&(nid_objs[535]),/* OBJ_setct_AuthResTBS 2 23 42 0 17 */
3101&(nid_objs[536]),/* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
3102&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
3103&(nid_objs[538]),/* OBJ_setct_CapTokenData 2 23 42 0 20 */
3104&(nid_objs[539]),/* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
3105&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
3106&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
3107&(nid_objs[542]),/* OBJ_setct_AuthRevResData 2 23 42 0 24 */
3108&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
3109&(nid_objs[544]),/* OBJ_setct_CapReqTBS 2 23 42 0 26 */
3110&(nid_objs[545]),/* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
3111&(nid_objs[546]),/* OBJ_setct_CapResData 2 23 42 0 28 */
3112&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
3113&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
3114&(nid_objs[549]),/* OBJ_setct_CapRevResData 2 23 42 0 31 */
3115&(nid_objs[550]),/* OBJ_setct_CredReqTBS 2 23 42 0 32 */
3116&(nid_objs[551]),/* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
3117&(nid_objs[552]),/* OBJ_setct_CredResData 2 23 42 0 34 */
3118&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
3119&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
3120&(nid_objs[555]),/* OBJ_setct_CredRevResData 2 23 42 0 37 */
3121&(nid_objs[556]),/* OBJ_setct_PCertReqData 2 23 42 0 38 */
3122&(nid_objs[557]),/* OBJ_setct_PCertResTBS 2 23 42 0 39 */
3123&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
3124&(nid_objs[559]),/* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
3125&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
3126&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
3127&(nid_objs[562]),/* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
3128&(nid_objs[563]),/* OBJ_setct_CertReqData 2 23 42 0 45 */
3129&(nid_objs[564]),/* OBJ_setct_CertReqTBS 2 23 42 0 46 */
3130&(nid_objs[565]),/* OBJ_setct_CertResData 2 23 42 0 47 */
3131&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
3132&(nid_objs[567]),/* OBJ_setct_ErrorTBS 2 23 42 0 49 */
3133&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
3134&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
3135&(nid_objs[570]),/* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
3136&(nid_objs[571]),/* OBJ_setct_AuthResTBE 2 23 42 0 53 */
3137&(nid_objs[572]),/* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
3138&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
3139&(nid_objs[574]),/* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
3140&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
3141&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
3142&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
3143&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
3144&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
3145&(nid_objs[580]),/* OBJ_setct_CapReqTBE 2 23 42 0 62 */
3146&(nid_objs[581]),/* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
3147&(nid_objs[582]),/* OBJ_setct_CapResTBE 2 23 42 0 64 */
3148&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
3149&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
3150&(nid_objs[585]),/* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
3151&(nid_objs[586]),/* OBJ_setct_CredReqTBE 2 23 42 0 68 */
3152&(nid_objs[587]),/* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
3153&(nid_objs[588]),/* OBJ_setct_CredResTBE 2 23 42 0 70 */
3154&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
3155&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
3156&(nid_objs[591]),/* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
3157&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
3158&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
3159&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
3160&(nid_objs[595]),/* OBJ_setct_CertReqTBE 2 23 42 0 77 */
3161&(nid_objs[596]),/* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
3162&(nid_objs[597]),/* OBJ_setct_CertResTBE 2 23 42 0 79 */
3163&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
3164&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
3165&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
3166&(nid_objs[601]),/* OBJ_setext_genCrypt 2 23 42 1 1 */
3167&(nid_objs[602]),/* OBJ_setext_miAuth 2 23 42 1 3 */
3168&(nid_objs[603]),/* OBJ_setext_pinSecure 2 23 42 1 4 */
3169&(nid_objs[604]),/* OBJ_setext_pinAny 2 23 42 1 5 */
3170&(nid_objs[605]),/* OBJ_setext_track2 2 23 42 1 7 */
3171&(nid_objs[606]),/* OBJ_setext_cv 2 23 42 1 8 */
3172&(nid_objs[620]),/* OBJ_setAttr_Cert 2 23 42 3 0 */
3173&(nid_objs[621]),/* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
3174&(nid_objs[622]),/* OBJ_setAttr_TokenType 2 23 42 3 2 */
3175&(nid_objs[623]),/* OBJ_setAttr_IssCap 2 23 42 3 3 */
3176&(nid_objs[607]),/* OBJ_set_policy_root 2 23 42 5 0 */
3177&(nid_objs[608]),/* OBJ_setCext_hashedRoot 2 23 42 7 0 */
3178&(nid_objs[609]),/* OBJ_setCext_certType 2 23 42 7 1 */
3179&(nid_objs[610]),/* OBJ_setCext_merchData 2 23 42 7 2 */
3180&(nid_objs[611]),/* OBJ_setCext_cCertRequired 2 23 42 7 3 */
3181&(nid_objs[612]),/* OBJ_setCext_tunneling 2 23 42 7 4 */
3182&(nid_objs[613]),/* OBJ_setCext_setExt 2 23 42 7 5 */
3183&(nid_objs[614]),/* OBJ_setCext_setQualf 2 23 42 7 6 */
3184&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
3185&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
3186&(nid_objs[617]),/* OBJ_setCext_Track2Data 2 23 42 7 9 */
3187&(nid_objs[618]),/* OBJ_setCext_TokenType 2 23 42 7 10 */
3188&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
3189&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
3190&(nid_objs[640]),/* OBJ_set_brand_Visa 2 23 42 8 4 */
3191&(nid_objs[641]),/* OBJ_set_brand_MasterCard 2 23 42 8 5 */
3192&(nid_objs[637]),/* OBJ_set_brand_Diners 2 23 42 8 30 */
3193&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
3194&(nid_objs[639]),/* OBJ_set_brand_JCB 2 23 42 8 35 */
2423&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */ 3195&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */
2424&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */ 3196&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */
2425&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */ 3197&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */
@@ -2440,6 +3212,14 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2440&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */ 3212&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
2441&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */ 3213&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
2442&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */ 3214&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
3215&(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
3216&(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */
3217&(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
3218&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
3219&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
3220&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
3221&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
3222&(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */
2443&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ 3223&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
2444&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */ 3224&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */
2445&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ 3225&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
@@ -2448,6 +3228,11 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2448&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */ 3228&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
2449&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */ 3229&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
2450&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */ 3230&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
3231&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
3232&(nid_objs[632]),/* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
3233&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
3234&(nid_objs[634]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
3235&(nid_objs[635]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
2451&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */ 3236&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */
2452&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */ 3237&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
2453&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ 3238&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
@@ -2490,6 +3275,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2490&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */ 3275&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
2491&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ 3276&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
2492&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ 3277&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
3278&(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */
2493&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */ 3279&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
2494&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */ 3280&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
2495&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */ 3281&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
@@ -2611,6 +3397,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
2611&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */ 3397&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
2612&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ 3398&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
2613&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ 3399&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
3400&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
2614&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ 3401&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
2615&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ 3402&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
2616&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ 3403&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.h b/src/lib/libssl/src/crypto/objects/obj_mac.h
index 6d77fcba3f..899db8325c 100644
--- a/src/lib/libssl/src/crypto/objects/obj_mac.h
+++ b/src/lib/libssl/src/crypto/objects/obj_mac.h
@@ -1654,6 +1654,10 @@
1654#define NID_dnQualifier 174 1654#define NID_dnQualifier 174
1655#define OBJ_dnQualifier OBJ_X509,46L 1655#define OBJ_dnQualifier OBJ_X509,46L
1656 1656
1657#define LN_pseudonym "pseudonym"
1658#define NID_pseudonym 510
1659#define OBJ_pseudonym OBJ_X509,65L
1660
1657#define SN_role "role" 1661#define SN_role "role"
1658#define LN_role "role" 1662#define LN_role "role"
1659#define NID_role 400 1663#define NID_role 400
@@ -2305,3 +2309,550 @@
2305#define NID_documentPublisher 502 2309#define NID_documentPublisher 502
2306#define OBJ_documentPublisher OBJ_pilotAttributeType,56L 2310#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
2307 2311
2312#define SN_id_set "id-set"
2313#define LN_id_set "Secure Electronic Transactions"
2314#define NID_id_set 512
2315#define OBJ_id_set 2L,23L,42L
2316
2317#define SN_set_ctype "set-ctype"
2318#define LN_set_ctype "content types"
2319#define NID_set_ctype 513
2320#define OBJ_set_ctype OBJ_id_set,0L
2321
2322#define SN_set_msgExt "set-msgExt"
2323#define LN_set_msgExt "message extensions"
2324#define NID_set_msgExt 514
2325#define OBJ_set_msgExt OBJ_id_set,1L
2326
2327#define SN_set_attr "set-attr"
2328#define NID_set_attr 515
2329#define OBJ_set_attr OBJ_id_set,3L
2330
2331#define SN_set_policy "set-policy"
2332#define NID_set_policy 516
2333#define OBJ_set_policy OBJ_id_set,5L
2334
2335#define SN_set_certExt "set-certExt"
2336#define LN_set_certExt "certificate extensions"
2337#define NID_set_certExt 517
2338#define OBJ_set_certExt OBJ_id_set,7L
2339
2340#define SN_set_brand "set-brand"
2341#define NID_set_brand 518
2342#define OBJ_set_brand OBJ_id_set,8L
2343
2344#define SN_setct_PANData "setct-PANData"
2345#define NID_setct_PANData 519
2346#define OBJ_setct_PANData OBJ_set_ctype,0L
2347
2348#define SN_setct_PANToken "setct-PANToken"
2349#define NID_setct_PANToken 520
2350#define OBJ_setct_PANToken OBJ_set_ctype,1L
2351
2352#define SN_setct_PANOnly "setct-PANOnly"
2353#define NID_setct_PANOnly 521
2354#define OBJ_setct_PANOnly OBJ_set_ctype,2L
2355
2356#define SN_setct_OIData "setct-OIData"
2357#define NID_setct_OIData 522
2358#define OBJ_setct_OIData OBJ_set_ctype,3L
2359
2360#define SN_setct_PI "setct-PI"
2361#define NID_setct_PI 523
2362#define OBJ_setct_PI OBJ_set_ctype,4L
2363
2364#define SN_setct_PIData "setct-PIData"
2365#define NID_setct_PIData 524
2366#define OBJ_setct_PIData OBJ_set_ctype,5L
2367
2368#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
2369#define NID_setct_PIDataUnsigned 525
2370#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
2371
2372#define SN_setct_HODInput "setct-HODInput"
2373#define NID_setct_HODInput 526
2374#define OBJ_setct_HODInput OBJ_set_ctype,7L
2375
2376#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
2377#define NID_setct_AuthResBaggage 527
2378#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
2379
2380#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
2381#define NID_setct_AuthRevReqBaggage 528
2382#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
2383
2384#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
2385#define NID_setct_AuthRevResBaggage 529
2386#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
2387
2388#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
2389#define NID_setct_CapTokenSeq 530
2390#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
2391
2392#define SN_setct_PInitResData "setct-PInitResData"
2393#define NID_setct_PInitResData 531
2394#define OBJ_setct_PInitResData OBJ_set_ctype,12L
2395
2396#define SN_setct_PI_TBS "setct-PI-TBS"
2397#define NID_setct_PI_TBS 532
2398#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
2399
2400#define SN_setct_PResData "setct-PResData"
2401#define NID_setct_PResData 533
2402#define OBJ_setct_PResData OBJ_set_ctype,14L
2403
2404#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
2405#define NID_setct_AuthReqTBS 534
2406#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
2407
2408#define SN_setct_AuthResTBS "setct-AuthResTBS"
2409#define NID_setct_AuthResTBS 535
2410#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
2411
2412#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
2413#define NID_setct_AuthResTBSX 536
2414#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
2415
2416#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
2417#define NID_setct_AuthTokenTBS 537
2418#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
2419
2420#define SN_setct_CapTokenData "setct-CapTokenData"
2421#define NID_setct_CapTokenData 538
2422#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
2423
2424#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
2425#define NID_setct_CapTokenTBS 539
2426#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
2427
2428#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
2429#define NID_setct_AcqCardCodeMsg 540
2430#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
2431
2432#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
2433#define NID_setct_AuthRevReqTBS 541
2434#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
2435
2436#define SN_setct_AuthRevResData "setct-AuthRevResData"
2437#define NID_setct_AuthRevResData 542
2438#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
2439
2440#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
2441#define NID_setct_AuthRevResTBS 543
2442#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
2443
2444#define SN_setct_CapReqTBS "setct-CapReqTBS"
2445#define NID_setct_CapReqTBS 544
2446#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
2447
2448#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
2449#define NID_setct_CapReqTBSX 545
2450#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
2451
2452#define SN_setct_CapResData "setct-CapResData"
2453#define NID_setct_CapResData 546
2454#define OBJ_setct_CapResData OBJ_set_ctype,28L
2455
2456#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
2457#define NID_setct_CapRevReqTBS 547
2458#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
2459
2460#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
2461#define NID_setct_CapRevReqTBSX 548
2462#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
2463
2464#define SN_setct_CapRevResData "setct-CapRevResData"
2465#define NID_setct_CapRevResData 549
2466#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
2467
2468#define SN_setct_CredReqTBS "setct-CredReqTBS"
2469#define NID_setct_CredReqTBS 550
2470#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
2471
2472#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
2473#define NID_setct_CredReqTBSX 551
2474#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
2475
2476#define SN_setct_CredResData "setct-CredResData"
2477#define NID_setct_CredResData 552
2478#define OBJ_setct_CredResData OBJ_set_ctype,34L
2479
2480#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
2481#define NID_setct_CredRevReqTBS 553
2482#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
2483
2484#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
2485#define NID_setct_CredRevReqTBSX 554
2486#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
2487
2488#define SN_setct_CredRevResData "setct-CredRevResData"
2489#define NID_setct_CredRevResData 555
2490#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
2491
2492#define SN_setct_PCertReqData "setct-PCertReqData"
2493#define NID_setct_PCertReqData 556
2494#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
2495
2496#define SN_setct_PCertResTBS "setct-PCertResTBS"
2497#define NID_setct_PCertResTBS 557
2498#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
2499
2500#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
2501#define NID_setct_BatchAdminReqData 558
2502#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
2503
2504#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
2505#define NID_setct_BatchAdminResData 559
2506#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
2507
2508#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
2509#define NID_setct_CardCInitResTBS 560
2510#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
2511
2512#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
2513#define NID_setct_MeAqCInitResTBS 561
2514#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
2515
2516#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
2517#define NID_setct_RegFormResTBS 562
2518#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
2519
2520#define SN_setct_CertReqData "setct-CertReqData"
2521#define NID_setct_CertReqData 563
2522#define OBJ_setct_CertReqData OBJ_set_ctype,45L
2523
2524#define SN_setct_CertReqTBS "setct-CertReqTBS"
2525#define NID_setct_CertReqTBS 564
2526#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
2527
2528#define SN_setct_CertResData "setct-CertResData"
2529#define NID_setct_CertResData 565
2530#define OBJ_setct_CertResData OBJ_set_ctype,47L
2531
2532#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
2533#define NID_setct_CertInqReqTBS 566
2534#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
2535
2536#define SN_setct_ErrorTBS "setct-ErrorTBS"
2537#define NID_setct_ErrorTBS 567
2538#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
2539
2540#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
2541#define NID_setct_PIDualSignedTBE 568
2542#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
2543
2544#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
2545#define NID_setct_PIUnsignedTBE 569
2546#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
2547
2548#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
2549#define NID_setct_AuthReqTBE 570
2550#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
2551
2552#define SN_setct_AuthResTBE "setct-AuthResTBE"
2553#define NID_setct_AuthResTBE 571
2554#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
2555
2556#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
2557#define NID_setct_AuthResTBEX 572
2558#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
2559
2560#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
2561#define NID_setct_AuthTokenTBE 573
2562#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
2563
2564#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
2565#define NID_setct_CapTokenTBE 574
2566#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
2567
2568#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
2569#define NID_setct_CapTokenTBEX 575
2570#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
2571
2572#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
2573#define NID_setct_AcqCardCodeMsgTBE 576
2574#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
2575
2576#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
2577#define NID_setct_AuthRevReqTBE 577
2578#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
2579
2580#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
2581#define NID_setct_AuthRevResTBE 578
2582#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
2583
2584#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
2585#define NID_setct_AuthRevResTBEB 579
2586#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
2587
2588#define SN_setct_CapReqTBE "setct-CapReqTBE"
2589#define NID_setct_CapReqTBE 580
2590#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
2591
2592#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
2593#define NID_setct_CapReqTBEX 581
2594#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
2595
2596#define SN_setct_CapResTBE "setct-CapResTBE"
2597#define NID_setct_CapResTBE 582
2598#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
2599
2600#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
2601#define NID_setct_CapRevReqTBE 583
2602#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
2603
2604#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
2605#define NID_setct_CapRevReqTBEX 584
2606#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
2607
2608#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
2609#define NID_setct_CapRevResTBE 585
2610#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
2611
2612#define SN_setct_CredReqTBE "setct-CredReqTBE"
2613#define NID_setct_CredReqTBE 586
2614#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
2615
2616#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
2617#define NID_setct_CredReqTBEX 587
2618#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
2619
2620#define SN_setct_CredResTBE "setct-CredResTBE"
2621#define NID_setct_CredResTBE 588
2622#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
2623
2624#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
2625#define NID_setct_CredRevReqTBE 589
2626#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
2627
2628#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
2629#define NID_setct_CredRevReqTBEX 590
2630#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
2631
2632#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
2633#define NID_setct_CredRevResTBE 591
2634#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
2635
2636#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
2637#define NID_setct_BatchAdminReqTBE 592
2638#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
2639
2640#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
2641#define NID_setct_BatchAdminResTBE 593
2642#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
2643
2644#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
2645#define NID_setct_RegFormReqTBE 594
2646#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
2647
2648#define SN_setct_CertReqTBE "setct-CertReqTBE"
2649#define NID_setct_CertReqTBE 595
2650#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
2651
2652#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
2653#define NID_setct_CertReqTBEX 596
2654#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
2655
2656#define SN_setct_CertResTBE "setct-CertResTBE"
2657#define NID_setct_CertResTBE 597
2658#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
2659
2660#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
2661#define NID_setct_CRLNotificationTBS 598
2662#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
2663
2664#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
2665#define NID_setct_CRLNotificationResTBS 599
2666#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
2667
2668#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
2669#define NID_setct_BCIDistributionTBS 600
2670#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
2671
2672#define SN_setext_genCrypt "setext-genCrypt"
2673#define LN_setext_genCrypt "generic cryptogram"
2674#define NID_setext_genCrypt 601
2675#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
2676
2677#define SN_setext_miAuth "setext-miAuth"
2678#define LN_setext_miAuth "merchant initiated auth"
2679#define NID_setext_miAuth 602
2680#define OBJ_setext_miAuth OBJ_set_msgExt,3L
2681
2682#define SN_setext_pinSecure "setext-pinSecure"
2683#define NID_setext_pinSecure 603
2684#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
2685
2686#define SN_setext_pinAny "setext-pinAny"
2687#define NID_setext_pinAny 604
2688#define OBJ_setext_pinAny OBJ_set_msgExt,5L
2689
2690#define SN_setext_track2 "setext-track2"
2691#define NID_setext_track2 605
2692#define OBJ_setext_track2 OBJ_set_msgExt,7L
2693
2694#define SN_setext_cv "setext-cv"
2695#define LN_setext_cv "additional verification"
2696#define NID_setext_cv 606
2697#define OBJ_setext_cv OBJ_set_msgExt,8L
2698
2699#define SN_set_policy_root "set-policy-root"
2700#define NID_set_policy_root 607
2701#define OBJ_set_policy_root OBJ_set_policy,0L
2702
2703#define SN_setCext_hashedRoot "setCext-hashedRoot"
2704#define NID_setCext_hashedRoot 608
2705#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
2706
2707#define SN_setCext_certType "setCext-certType"
2708#define NID_setCext_certType 609
2709#define OBJ_setCext_certType OBJ_set_certExt,1L
2710
2711#define SN_setCext_merchData "setCext-merchData"
2712#define NID_setCext_merchData 610
2713#define OBJ_setCext_merchData OBJ_set_certExt,2L
2714
2715#define SN_setCext_cCertRequired "setCext-cCertRequired"
2716#define NID_setCext_cCertRequired 611
2717#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
2718
2719#define SN_setCext_tunneling "setCext-tunneling"
2720#define NID_setCext_tunneling 612
2721#define OBJ_setCext_tunneling OBJ_set_certExt,4L
2722
2723#define SN_setCext_setExt "setCext-setExt"
2724#define NID_setCext_setExt 613
2725#define OBJ_setCext_setExt OBJ_set_certExt,5L
2726
2727#define SN_setCext_setQualf "setCext-setQualf"
2728#define NID_setCext_setQualf 614
2729#define OBJ_setCext_setQualf OBJ_set_certExt,6L
2730
2731#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
2732#define NID_setCext_PGWYcapabilities 615
2733#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
2734
2735#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
2736#define NID_setCext_TokenIdentifier 616
2737#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
2738
2739#define SN_setCext_Track2Data "setCext-Track2Data"
2740#define NID_setCext_Track2Data 617
2741#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
2742
2743#define SN_setCext_TokenType "setCext-TokenType"
2744#define NID_setCext_TokenType 618
2745#define OBJ_setCext_TokenType OBJ_set_certExt,10L
2746
2747#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
2748#define NID_setCext_IssuerCapabilities 619
2749#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
2750
2751#define SN_setAttr_Cert "setAttr-Cert"
2752#define NID_setAttr_Cert 620
2753#define OBJ_setAttr_Cert OBJ_set_attr,0L
2754
2755#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
2756#define LN_setAttr_PGWYcap "payment gateway capabilities"
2757#define NID_setAttr_PGWYcap 621
2758#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
2759
2760#define SN_setAttr_TokenType "setAttr-TokenType"
2761#define NID_setAttr_TokenType 622
2762#define OBJ_setAttr_TokenType OBJ_set_attr,2L
2763
2764#define SN_setAttr_IssCap "setAttr-IssCap"
2765#define LN_setAttr_IssCap "issuer capabilities"
2766#define NID_setAttr_IssCap 623
2767#define OBJ_setAttr_IssCap OBJ_set_attr,3L
2768
2769#define SN_set_rootKeyThumb "set-rootKeyThumb"
2770#define NID_set_rootKeyThumb 624
2771#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
2772
2773#define SN_set_addPolicy "set-addPolicy"
2774#define NID_set_addPolicy 625
2775#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
2776
2777#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
2778#define NID_setAttr_Token_EMV 626
2779#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
2780
2781#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
2782#define NID_setAttr_Token_B0Prime 627
2783#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
2784
2785#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
2786#define NID_setAttr_IssCap_CVM 628
2787#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
2788
2789#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
2790#define NID_setAttr_IssCap_T2 629
2791#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
2792
2793#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
2794#define NID_setAttr_IssCap_Sig 630
2795#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
2796
2797#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
2798#define LN_setAttr_GenCryptgrm "generate cryptogram"
2799#define NID_setAttr_GenCryptgrm 631
2800#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
2801
2802#define SN_setAttr_T2Enc "setAttr-T2Enc"
2803#define LN_setAttr_T2Enc "encrypted track 2"
2804#define NID_setAttr_T2Enc 632
2805#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
2806
2807#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
2808#define LN_setAttr_T2cleartxt "cleartext track 2"
2809#define NID_setAttr_T2cleartxt 633
2810#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
2811
2812#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
2813#define LN_setAttr_TokICCsig "ICC or token signature"
2814#define NID_setAttr_TokICCsig 634
2815#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
2816
2817#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
2818#define LN_setAttr_SecDevSig "secure device signature"
2819#define NID_setAttr_SecDevSig 635
2820#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
2821
2822#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
2823#define NID_set_brand_IATA_ATA 636
2824#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
2825
2826#define SN_set_brand_Diners "set-brand-Diners"
2827#define NID_set_brand_Diners 637
2828#define OBJ_set_brand_Diners OBJ_set_brand,30L
2829
2830#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
2831#define NID_set_brand_AmericanExpress 638
2832#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
2833
2834#define SN_set_brand_JCB "set-brand-JCB"
2835#define NID_set_brand_JCB 639
2836#define OBJ_set_brand_JCB OBJ_set_brand,35L
2837
2838#define SN_set_brand_Visa "set-brand-Visa"
2839#define NID_set_brand_Visa 640
2840#define OBJ_set_brand_Visa OBJ_set_brand,4L
2841
2842#define SN_set_brand_MasterCard "set-brand-MasterCard"
2843#define NID_set_brand_MasterCard 641
2844#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
2845
2846#define SN_set_brand_Novus "set-brand-Novus"
2847#define NID_set_brand_Novus 642
2848#define OBJ_set_brand_Novus OBJ_set_brand,6011L
2849
2850#define SN_des_cdmf "DES-CDMF"
2851#define LN_des_cdmf "des-cdmf"
2852#define NID_des_cdmf 643
2853#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
2854
2855#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
2856#define NID_rsaOAEPEncryptionSET 644
2857#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
2858
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.num b/src/lib/libssl/src/crypto/objects/obj_mac.num
index 02b39062fe..1486199661 100644
--- a/src/lib/libssl/src/crypto/objects/obj_mac.num
+++ b/src/lib/libssl/src/crypto/objects/obj_mac.num
@@ -507,3 +507,141 @@ mime_mhs_bodies 506
507id_hex_partial_message 507 507id_hex_partial_message 507
508id_hex_multipart_message 508 508id_hex_multipart_message 508
509generationQualifier 509 509generationQualifier 509
510pseudonym 510
511InternationalRA 511
512id_set 512
513set_ctype 513
514set_msgExt 514
515set_attr 515
516set_policy 516
517set_certExt 517
518set_brand 518
519setct_PANData 519
520setct_PANToken 520
521setct_PANOnly 521
522setct_OIData 522
523setct_PI 523
524setct_PIData 524
525setct_PIDataUnsigned 525
526setct_HODInput 526
527setct_AuthResBaggage 527
528setct_AuthRevReqBaggage 528
529setct_AuthRevResBaggage 529
530setct_CapTokenSeq 530
531setct_PInitResData 531
532setct_PI_TBS 532
533setct_PResData 533
534setct_AuthReqTBS 534
535setct_AuthResTBS 535
536setct_AuthResTBSX 536
537setct_AuthTokenTBS 537
538setct_CapTokenData 538
539setct_CapTokenTBS 539
540setct_AcqCardCodeMsg 540
541setct_AuthRevReqTBS 541
542setct_AuthRevResData 542
543setct_AuthRevResTBS 543
544setct_CapReqTBS 544
545setct_CapReqTBSX 545
546setct_CapResData 546
547setct_CapRevReqTBS 547
548setct_CapRevReqTBSX 548
549setct_CapRevResData 549
550setct_CredReqTBS 550
551setct_CredReqTBSX 551
552setct_CredResData 552
553setct_CredRevReqTBS 553
554setct_CredRevReqTBSX 554
555setct_CredRevResData 555
556setct_PCertReqData 556
557setct_PCertResTBS 557
558setct_BatchAdminReqData 558
559setct_BatchAdminResData 559
560setct_CardCInitResTBS 560
561setct_MeAqCInitResTBS 561
562setct_RegFormResTBS 562
563setct_CertReqData 563
564setct_CertReqTBS 564
565setct_CertResData 565
566setct_CertInqReqTBS 566
567setct_ErrorTBS 567
568setct_PIDualSignedTBE 568
569setct_PIUnsignedTBE 569
570setct_AuthReqTBE 570
571setct_AuthResTBE 571
572setct_AuthResTBEX 572
573setct_AuthTokenTBE 573
574setct_CapTokenTBE 574
575setct_CapTokenTBEX 575
576setct_AcqCardCodeMsgTBE 576
577setct_AuthRevReqTBE 577
578setct_AuthRevResTBE 578
579setct_AuthRevResTBEB 579
580setct_CapReqTBE 580
581setct_CapReqTBEX 581
582setct_CapResTBE 582
583setct_CapRevReqTBE 583
584setct_CapRevReqTBEX 584
585setct_CapRevResTBE 585
586setct_CredReqTBE 586
587setct_CredReqTBEX 587
588setct_CredResTBE 588
589setct_CredRevReqTBE 589
590setct_CredRevReqTBEX 590
591setct_CredRevResTBE 591
592setct_BatchAdminReqTBE 592
593setct_BatchAdminResTBE 593
594setct_RegFormReqTBE 594
595setct_CertReqTBE 595
596setct_CertReqTBEX 596
597setct_CertResTBE 597
598setct_CRLNotificationTBS 598
599setct_CRLNotificationResTBS 599
600setct_BCIDistributionTBS 600
601setext_genCrypt 601
602setext_miAuth 602
603setext_pinSecure 603
604setext_pinAny 604
605setext_track2 605
606setext_cv 606
607set_policy_root 607
608setCext_hashedRoot 608
609setCext_certType 609
610setCext_merchData 610
611setCext_cCertRequired 611
612setCext_tunneling 612
613setCext_setExt 613
614setCext_setQualf 614
615setCext_PGWYcapabilities 615
616setCext_TokenIdentifier 616
617setCext_Track2Data 617
618setCext_TokenType 618
619setCext_IssuerCapabilities 619
620setAttr_Cert 620
621setAttr_PGWYcap 621
622setAttr_TokenType 622
623setAttr_IssCap 623
624set_rootKeyThumb 624
625set_addPolicy 625
626setAttr_Token_EMV 626
627setAttr_Token_B0Prime 627
628setAttr_IssCap_CVM 628
629setAttr_IssCap_T2 629
630setAttr_IssCap_Sig 630
631setAttr_GenCryptgrm 631
632setAttr_T2Enc 632
633setAttr_T2cleartxt 633
634setAttr_TokICCsig 634
635setAttr_SecDevSig 635
636set_brand_IATA_ATA 636
637set_brand_Diners 637
638set_brand_AmericanExpress 638
639set_brand_JCB 639
640set_brand_Visa 640
641set_brand_MasterCard 641
642set_brand_Novus 642
643des_cdmf 643
644rsaOAEPEncryptionSET 644
645itu_t 645
646joint_iso_itu_t 646
647international_organizations 647
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt
index 65d0b15629..71a4908485 100644
--- a/src/lib/libssl/src/crypto/objects/objects.txt
+++ b/src/lib/libssl/src/crypto/objects/objects.txt
@@ -542,6 +542,7 @@ X509 43 : : initials
542X509 44 : : generationQualifier 542X509 44 : : generationQualifier
543X509 45 : : x500UniqueIdentifier 543X509 45 : : x500UniqueIdentifier
544X509 46 : dnQualifier : dnQualifier 544X509 46 : dnQualifier : dnQualifier
545X509 65 : : pseudonym
545X509 72 : role : role 546X509 72 : role : role
546 547
547X500 8 : X500algorithms : directory services - algorithms 548X500 8 : X500algorithms : directory services - algorithms
@@ -762,3 +763,150 @@ pilotAttributeType 53 : : personalSignature
762pilotAttributeType 54 : : dITRedirect 763pilotAttributeType 54 : : dITRedirect
763pilotAttributeType 55 : audio 764pilotAttributeType 55 : audio
764pilotAttributeType 56 : : documentPublisher 765pilotAttributeType 56 : : documentPublisher
766
7672 23 42 : id-set : Secure Electronic Transactions
768
769id-set 0 : set-ctype : content types
770id-set 1 : set-msgExt : message extensions
771id-set 3 : set-attr
772id-set 5 : set-policy
773id-set 7 : set-certExt : certificate extensions
774id-set 8 : set-brand
775
776set-ctype 0 : setct-PANData
777set-ctype 1 : setct-PANToken
778set-ctype 2 : setct-PANOnly
779set-ctype 3 : setct-OIData
780set-ctype 4 : setct-PI
781set-ctype 5 : setct-PIData
782set-ctype 6 : setct-PIDataUnsigned
783set-ctype 7 : setct-HODInput
784set-ctype 8 : setct-AuthResBaggage
785set-ctype 9 : setct-AuthRevReqBaggage
786set-ctype 10 : setct-AuthRevResBaggage
787set-ctype 11 : setct-CapTokenSeq
788set-ctype 12 : setct-PInitResData
789set-ctype 13 : setct-PI-TBS
790set-ctype 14 : setct-PResData
791set-ctype 16 : setct-AuthReqTBS
792set-ctype 17 : setct-AuthResTBS
793set-ctype 18 : setct-AuthResTBSX
794set-ctype 19 : setct-AuthTokenTBS
795set-ctype 20 : setct-CapTokenData
796set-ctype 21 : setct-CapTokenTBS
797set-ctype 22 : setct-AcqCardCodeMsg
798set-ctype 23 : setct-AuthRevReqTBS
799set-ctype 24 : setct-AuthRevResData
800set-ctype 25 : setct-AuthRevResTBS
801set-ctype 26 : setct-CapReqTBS
802set-ctype 27 : setct-CapReqTBSX
803set-ctype 28 : setct-CapResData
804set-ctype 29 : setct-CapRevReqTBS
805set-ctype 30 : setct-CapRevReqTBSX
806set-ctype 31 : setct-CapRevResData
807set-ctype 32 : setct-CredReqTBS
808set-ctype 33 : setct-CredReqTBSX
809set-ctype 34 : setct-CredResData
810set-ctype 35 : setct-CredRevReqTBS
811set-ctype 36 : setct-CredRevReqTBSX
812set-ctype 37 : setct-CredRevResData
813set-ctype 38 : setct-PCertReqData
814set-ctype 39 : setct-PCertResTBS
815set-ctype 40 : setct-BatchAdminReqData
816set-ctype 41 : setct-BatchAdminResData
817set-ctype 42 : setct-CardCInitResTBS
818set-ctype 43 : setct-MeAqCInitResTBS
819set-ctype 44 : setct-RegFormResTBS
820set-ctype 45 : setct-CertReqData
821set-ctype 46 : setct-CertReqTBS
822set-ctype 47 : setct-CertResData
823set-ctype 48 : setct-CertInqReqTBS
824set-ctype 49 : setct-ErrorTBS
825set-ctype 50 : setct-PIDualSignedTBE
826set-ctype 51 : setct-PIUnsignedTBE
827set-ctype 52 : setct-AuthReqTBE
828set-ctype 53 : setct-AuthResTBE
829set-ctype 54 : setct-AuthResTBEX
830set-ctype 55 : setct-AuthTokenTBE
831set-ctype 56 : setct-CapTokenTBE
832set-ctype 57 : setct-CapTokenTBEX
833set-ctype 58 : setct-AcqCardCodeMsgTBE
834set-ctype 59 : setct-AuthRevReqTBE
835set-ctype 60 : setct-AuthRevResTBE
836set-ctype 61 : setct-AuthRevResTBEB
837set-ctype 62 : setct-CapReqTBE
838set-ctype 63 : setct-CapReqTBEX
839set-ctype 64 : setct-CapResTBE
840set-ctype 65 : setct-CapRevReqTBE
841set-ctype 66 : setct-CapRevReqTBEX
842set-ctype 67 : setct-CapRevResTBE
843set-ctype 68 : setct-CredReqTBE
844set-ctype 69 : setct-CredReqTBEX
845set-ctype 70 : setct-CredResTBE
846set-ctype 71 : setct-CredRevReqTBE
847set-ctype 72 : setct-CredRevReqTBEX
848set-ctype 73 : setct-CredRevResTBE
849set-ctype 74 : setct-BatchAdminReqTBE
850set-ctype 75 : setct-BatchAdminResTBE
851set-ctype 76 : setct-RegFormReqTBE
852set-ctype 77 : setct-CertReqTBE
853set-ctype 78 : setct-CertReqTBEX
854set-ctype 79 : setct-CertResTBE
855set-ctype 80 : setct-CRLNotificationTBS
856set-ctype 81 : setct-CRLNotificationResTBS
857set-ctype 82 : setct-BCIDistributionTBS
858
859set-msgExt 1 : setext-genCrypt : generic cryptogram
860set-msgExt 3 : setext-miAuth : merchant initiated auth
861set-msgExt 4 : setext-pinSecure
862set-msgExt 5 : setext-pinAny
863set-msgExt 7 : setext-track2
864set-msgExt 8 : setext-cv : additional verification
865
866set-policy 0 : set-policy-root
867
868set-certExt 0 : setCext-hashedRoot
869set-certExt 1 : setCext-certType
870set-certExt 2 : setCext-merchData
871set-certExt 3 : setCext-cCertRequired
872set-certExt 4 : setCext-tunneling
873set-certExt 5 : setCext-setExt
874set-certExt 6 : setCext-setQualf
875set-certExt 7 : setCext-PGWYcapabilities
876set-certExt 8 : setCext-TokenIdentifier
877set-certExt 9 : setCext-Track2Data
878set-certExt 10 : setCext-TokenType
879set-certExt 11 : setCext-IssuerCapabilities
880
881set-attr 0 : setAttr-Cert
882set-attr 1 : setAttr-PGWYcap : payment gateway capabilities
883set-attr 2 : setAttr-TokenType
884set-attr 3 : setAttr-IssCap : issuer capabilities
885
886setAttr-Cert 0 : set-rootKeyThumb
887setAttr-Cert 1 : set-addPolicy
888
889setAttr-TokenType 1 : setAttr-Token-EMV
890setAttr-TokenType 2 : setAttr-Token-B0Prime
891
892setAttr-IssCap 3 : setAttr-IssCap-CVM
893setAttr-IssCap 4 : setAttr-IssCap-T2
894setAttr-IssCap 5 : setAttr-IssCap-Sig
895
896setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram
897setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2
898setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2
899
900setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature
901setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature
902
903set-brand 1 : set-brand-IATA-ATA
904set-brand 30 : set-brand-Diners
905set-brand 34 : set-brand-AmericanExpress
906set-brand 35 : set-brand-JCB
907set-brand 4 : set-brand-Visa
908set-brand 5 : set-brand-MasterCard
909set-brand 6011 : set-brand-Novus
910
911rsadsi 3 10 : DES-CDMF : des-cdmf
912rsadsi 1 1 6 : rsaOAEPEncryptionSET
diff --git a/src/lib/libssl/src/crypto/opensslv.h b/src/lib/libssl/src/crypto/opensslv.h
index 0d23a02fb2..9689b49c5b 100644
--- a/src/lib/libssl/src/crypto/opensslv.h
+++ b/src/lib/libssl/src/crypto/opensslv.h
@@ -25,8 +25,8 @@
25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for 25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
26 * major minor fix final patch/beta) 26 * major minor fix final patch/beta)
27 */ 27 */
28#define OPENSSL_VERSION_NUMBER 0x00907001L 28#define OPENSSL_VERSION_NUMBER 0x00907003L
29#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7-beta1 01 Jun 2002" 29#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7-beta3 30 Jul 2002"
30#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT 30#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
31 31
32 32
diff --git a/src/lib/libssl/src/crypto/pem/pem2.h b/src/lib/libssl/src/crypto/pem/pem2.h
index 4e484bcd82..f31790d69c 100644
--- a/src/lib/libssl/src/crypto/pem/pem2.h
+++ b/src/lib/libssl/src/crypto/pem/pem2.h
@@ -61,7 +61,9 @@
61extern "C" { 61extern "C" {
62#endif 62#endif
63 63
64#ifndef HEADER_PEM_H
64void ERR_load_PEM_strings(void); 65void ERR_load_PEM_strings(void);
66#endif
65 67
66#ifdef __cplusplus 68#ifdef __cplusplus
67} 69}
diff --git a/src/lib/libssl/src/crypto/pem/pem_pkey.c b/src/lib/libssl/src/crypto/pem/pem_pkey.c
index 270892d72b..d96ecf6940 100644
--- a/src/lib/libssl/src/crypto/pem/pem_pkey.c
+++ b/src/lib/libssl/src/crypto/pem/pem_pkey.c
@@ -85,6 +85,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
85 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { 85 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
86 PKCS8_PRIV_KEY_INFO *p8inf; 86 PKCS8_PRIV_KEY_INFO *p8inf;
87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); 87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
88 if(!p8inf) goto p8err;
88 ret = EVP_PKCS82PKEY(p8inf); 89 ret = EVP_PKCS82PKEY(p8inf);
89 PKCS8_PRIV_KEY_INFO_free(p8inf); 90 PKCS8_PRIV_KEY_INFO_free(p8inf);
90 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { 91 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
diff --git a/src/lib/libssl/src/crypto/perlasm/x86asm.pl b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
index 81c6e64e87..9a3d85b098 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86asm.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
@@ -87,6 +87,12 @@ $tmp
87#ifdef OUT 87#ifdef OUT
88#define OK 1 88#define OK 1
89#define ALIGN 4 89#define ALIGN 4
90#if defined(__CYGWIN__) || defined(__DJGPP__)
91#undef SIZE
92#undef TYPE
93#define SIZE(a,b)
94#define TYPE(a,b)
95#endif /* __CYGWIN || __DJGPP */
90#endif 96#endif
91 97
92#if defined(BSDI) && !defined(ELF) 98#if defined(BSDI) && !defined(ELF)
diff --git a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
index b4da364bbf..519d8a5867 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
@@ -209,7 +209,7 @@ sub using486
209 209
210sub main'file 210sub main'file
211 { 211 {
212 push(@out, "segment .text\n"); 212 push(@out, "segment .text use32\n");
213 } 213 }
214 214
215sub main'function_begin 215sub main'function_begin
diff --git a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
index 1786b6d4f3..dd338f266c 100644
--- a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
+++ b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
@@ -156,8 +156,8 @@ union {
156#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey 156#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
157#define M_PKCS8_decrypt PKCS8_decrypt 157#define M_PKCS8_decrypt PKCS8_decrypt
158 158
159#define M_PKCS12_bag_type(bag) OBJ_obj2nid(bag->type) 159#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
160#define M_PKCS12_cert_bag_type(bag) OBJ_obj2nid(bag->value.bag->type) 160#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
161#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type 161#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
162 162
163#define PKCS12_get_attr(bag, attr_nid) \ 163#define PKCS12_get_attr(bag, attr_nid) \
diff --git a/src/lib/libssl/src/crypto/pkcs7/verify.c b/src/lib/libssl/src/crypto/pkcs7/verify.c
index 5f7afe8933..b40f26032e 100644
--- a/src/lib/libssl/src/crypto/pkcs7/verify.c
+++ b/src/lib/libssl/src/crypto/pkcs7/verify.c
@@ -179,10 +179,11 @@ char *argv[];
179 { 179 {
180 ASN1_UTCTIME *tm; 180 ASN1_UTCTIME *tm;
181 char *str1,*str2; 181 char *str1,*str2;
182 int rc;
182 183
183 si=sk_PKCS7_SIGNER_INFO_value(sk,i); 184 si=sk_PKCS7_SIGNER_INFO_value(sk,i);
184 i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si); 185 rc=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
185 if (i <= 0) 186 if (rc <= 0)
186 goto err; 187 goto err;
187 printf("signer info\n"); 188 printf("signer info\n");
188 if ((tm=get_signed_time(si)) != NULL) 189 if ((tm=get_signed_time(si)) != NULL)
diff --git a/src/lib/libssl/src/crypto/rand/rand.h b/src/lib/libssl/src/crypto/rand/rand.h
index e17aa7a9f7..66e39991ec 100644
--- a/src/lib/libssl/src/crypto/rand/rand.h
+++ b/src/lib/libssl/src/crypto/rand/rand.h
@@ -61,6 +61,11 @@
61 61
62#include <stdlib.h> 62#include <stdlib.h>
63#include <openssl/ossl_typ.h> 63#include <openssl/ossl_typ.h>
64#include <openssl/e_os2.h>
65
66#if defined(OPENSSL_SYS_WINDOWS)
67#include <windows.h>
68#endif
64 69
65#ifdef __cplusplus 70#ifdef __cplusplus
66extern "C" { 71extern "C" {
diff --git a/src/lib/libssl/src/crypto/rand/rand_egd.c b/src/lib/libssl/src/crypto/rand/rand_egd.c
index 97ed12cf67..abc3ac27d5 100644
--- a/src/lib/libssl/src/crypto/rand/rand_egd.c
+++ b/src/lib/libssl/src/crypto/rand/rand_egd.c
@@ -94,7 +94,7 @@
94 * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. 94 * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
95 */ 95 */
96 96
97#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) 97#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(__DJGPP__)
98int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) 98int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
99 { 99 {
100 return(-1); 100 return(-1);
diff --git a/src/lib/libssl/src/crypto/rand/rand_unix.c b/src/lib/libssl/src/crypto/rand/rand_unix.c
index 5a78009e9a..ec09d74603 100644
--- a/src/lib/libssl/src/crypto/rand/rand_unix.c
+++ b/src/lib/libssl/src/crypto/rand/rand_unix.c
@@ -109,6 +109,8 @@
109 * 109 *
110 */ 110 */
111 111
112#define USE_SOCKETS
113#include "e_os.h"
112#include "cryptlib.h" 114#include "cryptlib.h"
113#include <openssl/rand.h> 115#include <openssl/rand.h>
114#include "rand_lcl.h" 116#include "rand_lcl.h"
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h
index 030a6c88e5..98b3bd7cc5 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa.h
+++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -276,6 +276,9 @@ int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
276int RSA_set_ex_data(RSA *r,int idx,void *arg); 276int RSA_set_ex_data(RSA *r,int idx,void *arg);
277void *RSA_get_ex_data(const RSA *r, int idx); 277void *RSA_get_ex_data(const RSA *r, int idx);
278 278
279RSA *RSAPublicKey_dup(RSA *rsa);
280RSA *RSAPrivateKey_dup(RSA *rsa);
281
279/* BEGIN ERROR CODES */ 282/* BEGIN ERROR CODES */
280/* The following lines are auto generated by the script mkerr.pl. Any changes 283/* The following lines are auto generated by the script mkerr.pl. Any changes
281 * made after this point may be overwritten when the script is next run. 284 * made after this point may be overwritten when the script is next run.
diff --git a/src/lib/libssl/src/crypto/symhacks.h b/src/lib/libssl/src/crypto/symhacks.h
index de0f452b47..774162fec9 100644
--- a/src/lib/libssl/src/crypto/symhacks.h
+++ b/src/lib/libssl/src/crypto/symhacks.h
@@ -247,7 +247,7 @@
247 247
248 248
249/* Case insensiteve linking causes problems.... */ 249/* Case insensiteve linking causes problems.... */
250#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) 250#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
251#undef ERR_load_CRYPTO_strings 251#undef ERR_load_CRYPTO_strings
252#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings 252#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
253#undef OCSP_crlID_new 253#undef OCSP_crlID_new
diff --git a/src/lib/libssl/src/crypto/ui/ui_openssl.c b/src/lib/libssl/src/crypto/ui/ui_openssl.c
index 4e12165410..2c2fbc0443 100644
--- a/src/lib/libssl/src/crypto/ui/ui_openssl.c
+++ b/src/lib/libssl/src/crypto/ui/ui_openssl.c
@@ -269,7 +269,7 @@ static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this w
269static long status; 269static long status;
270static unsigned short channel = 0; 270static unsigned short channel = 0;
271#else 271#else
272#ifndef OPENSSL_SYS_MSDOS 272#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
273static TTY_STRUCT tty_orig,tty_new; 273static TTY_STRUCT tty_orig,tty_new;
274#endif 274#endif
275#endif 275#endif
diff --git a/src/lib/libssl/src/crypto/ui/ui_util.c b/src/lib/libssl/src/crypto/ui/ui_util.c
index 7c6f7d3a73..f05573df33 100644
--- a/src/lib/libssl/src/crypto/ui/ui_util.c
+++ b/src/lib/libssl/src/crypto/ui/ui_util.c
@@ -71,12 +71,15 @@ int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
71 int ok = 0; 71 int ok = 0;
72 UI *ui; 72 UI *ui;
73 73
74 if (size < 1)
75 return -1;
76
74 ui = UI_new(); 77 ui = UI_new();
75 if (ui) 78 if (ui)
76 { 79 {
77 ok = UI_add_input_string(ui,prompt,0,buf,0,BUFSIZ-1); 80 ok = UI_add_input_string(ui,prompt,0,buf,0,size-1);
78 if (ok == 0 && verify) 81 if (ok == 0 && verify)
79 ok = UI_add_verify_string(ui,prompt,0,buff,0,BUFSIZ-1, 82 ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1,
80 buf); 83 buf);
81 if (ok == 0) 84 if (ok == 0)
82 ok=UI_process(ui); 85 ok=UI_process(ui);
diff --git a/src/lib/libssl/src/crypto/x509v3/ext_dat.h b/src/lib/libssl/src/crypto/x509v3/ext_dat.h
index 586f116db5..2fb97d8925 100644
--- a/src/lib/libssl/src/crypto/x509v3/ext_dat.h
+++ b/src/lib/libssl/src/crypto/x509v3/ext_dat.h
@@ -99,8 +99,8 @@ static X509V3_EXT_METHOD *standard_exts[] = {
99&v3_ocsp_nocheck, 99&v3_ocsp_nocheck,
100&v3_ocsp_acutoff, 100&v3_ocsp_acutoff,
101&v3_ocsp_serviceloc, 101&v3_ocsp_serviceloc,
102&v3_crl_hold, 102&v3_sinfo,
103&v3_sinfo 103&v3_crl_hold
104}; 104};
105 105
106/* Number of standard extensions */ 106/* Number of standard extensions */
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c
index 7f17f3231d..e1cf01a9b4 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_info.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c
@@ -158,6 +158,7 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
158 objlen = ptmp - cnf->name; 158 objlen = ptmp - cnf->name;
159 ctmp.name = ptmp + 1; 159 ctmp.name = ptmp + 1;
160 ctmp.value = cnf->value; 160 ctmp.value = cnf->value;
161 GENERAL_NAME_free(acc->location);
161 if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp))) 162 if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp)))
162 goto err; 163 goto err;
163 if(!(objtmp = OPENSSL_malloc(objlen + 1))) { 164 if(!(objtmp = OPENSSL_malloc(objlen + 1))) {
diff --git a/src/lib/libssl/src/doc/apps/ciphers.pod b/src/lib/libssl/src/doc/apps/ciphers.pod
index 21077614a7..b7e577b24f 100644
--- a/src/lib/libssl/src/doc/apps/ciphers.pod
+++ b/src/lib/libssl/src/doc/apps/ciphers.pod
@@ -108,10 +108,20 @@ the default cipher list. This is determined at compile time and is normally
108B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string 108B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string
109specified. 109specified.
110 110
111=item B<COMPLEMENTOFDEFAULT>
112
113the ciphers included in B<ALL>, but not enabled by default. Currently
114this is B<ADH>. Note that this rule does not cover B<eNULL>, which is
115not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
116
111=item B<ALL> 117=item B<ALL>
112 118
113all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled. 119all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled.
114 120
121=item B<COMPLEMENTOFALL>
122
123the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
124
115=item B<HIGH> 125=item B<HIGH>
116 126
117"high" encryption cipher suites. This currently means those with key lengths larger 127"high" encryption cipher suites. This currently means those with key lengths larger
@@ -339,8 +349,22 @@ Include only 3DES ciphers and then place RSA ciphers last:
339 349
340 openssl ciphers -v '3DES:+RSA' 350 openssl ciphers -v '3DES:+RSA'
341 351
352Include all RC4 ciphers but leave out those without authentication:
353
354 openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
355
356Include all chiphers with RSA authentication but leave out ciphers without
357encryption.
358
359 openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
360
342=head1 SEE ALSO 361=head1 SEE ALSO
343 362
344L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)> 363L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
345 364
365=head1 HISTORY
366
367The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options were
368added in version 0.9.7.
369
346=cut 370=cut
diff --git a/src/lib/libssl/src/doc/apps/crl2pkcs7.pod b/src/lib/libssl/src/doc/apps/crl2pkcs7.pod
index da199b044a..3797bc0df4 100644
--- a/src/lib/libssl/src/doc/apps/crl2pkcs7.pod
+++ b/src/lib/libssl/src/doc/apps/crl2pkcs7.pod
@@ -6,12 +6,13 @@ crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates.
6 6
7=head1 SYNOPSIS 7=head1 SYNOPSIS
8 8
9B<openssl> B<pkcs7> 9B<openssl> B<crl2pkcs7>
10[B<-inform PEM|DER>] 10[B<-inform PEM|DER>]
11[B<-outform PEM|DER>] 11[B<-outform PEM|DER>]
12[B<-in filename>] 12[B<-in filename>]
13[B<-out filename>] 13[B<-out filename>]
14[B<-print_certs>] 14[B<-certfile filename>]
15[B<-nocrl>]
15 16
16=head1 DESCRIPTION 17=head1 DESCRIPTION
17 18
diff --git a/src/lib/libssl/src/doc/crypto/BN_rand.pod b/src/lib/libssl/src/doc/crypto/BN_rand.pod
index ecd410f7f2..9cec238f9e 100644
--- a/src/lib/libssl/src/doc/crypto/BN_rand.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_rand.pod
@@ -14,7 +14,7 @@ BN_rand, BN_pseudo_rand - generate pseudo-random number
14 14
15 int BN_rand_range(BIGNUM *rnd, BIGNUM *range); 15 int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
16 16
17 int BN_pseudo_rand_range(BIGNUM *rnd, int bits, int top, int bottom); 17 int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
18 18
19=head1 DESCRIPTION 19=head1 DESCRIPTION
20 20
diff --git a/src/lib/libssl/src/doc/crypto/BN_zero.pod b/src/lib/libssl/src/doc/crypto/BN_zero.pod
index 3c64a65697..b555ec3988 100644
--- a/src/lib/libssl/src/doc/crypto/BN_zero.pod
+++ b/src/lib/libssl/src/doc/crypto/BN_zero.pod
@@ -53,4 +53,7 @@ BN_zero(), BN_one() and BN_set_word() are available in all versions of
53SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in 53SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in
54SSLeay 0.8. 54SSLeay 0.8.
55 55
56BN_value_one() was changed to return a true const BIGNUM * in OpenSSL
570.9.7.
58
56=cut 59=cut
diff --git a/src/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod b/src/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod
index 82e2548bcd..fa5eab2650 100644
--- a/src/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod
+++ b/src/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod
@@ -26,7 +26,7 @@ as described in L<RSA_get_ex_new_index(3)>.
26 26
27=head1 SEE ALSO 27=head1 SEE ALSO
28 28
29L<RSA_get_ex_new_index()|RSA_get_ex_new_index()>, L<dh(3)|dh(3)> 29L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dh(3)|dh(3)>
30 30
31=head1 HISTORY 31=head1 HISTORY
32 32
diff --git a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
index b3a61f1c5d..5901c39526 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
@@ -238,14 +238,19 @@ even though they are identical digests.
238 238
239L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, 239L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
240L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, 240L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
241L<sha(3)|sha(3)>, L<digest(1)|digest(1)> 241L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
242 242
243=head1 HISTORY 243=head1 HISTORY
244 244
245EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are 245EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
246available in all versions of SSLeay and OpenSSL. 246available in all versions of SSLeay and OpenSSL.
247 247
248EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() 248EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(),
249were added in OpenSSL 0.9.7. 249EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
250and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
251
252EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
253EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
254changed to return truely const EVP_MD * in OpenSSL 0.9.7.
250 255
251=cut 256=cut
diff --git a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
index 371b6a2287..75cceb1ca2 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
@@ -501,4 +501,9 @@ L<evp(3)|evp(3)>
501 501
502=head1 HISTORY 502=head1 HISTORY
503 503
504EVP_CIPHER_CTX_init(), EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(),
505EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex(),
506EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in
507OpenSSL 0.9.7.
508
504=cut 509=cut
diff --git a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
index 32e9d54809..b203c3a1c5 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
@@ -84,13 +84,13 @@ L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
84L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, 84L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
85L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, 85L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
86L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, 86L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
87L<sha(3)|sha(3)>, L<digest(1)|digest(1)> 87L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
88 88
89=head1 HISTORY 89=head1 HISTORY
90 90
91EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are 91EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
92available in all versions of SSLeay and OpenSSL. 92available in all versions of SSLeay and OpenSSL.
93 93
94EVP_SignInit_ex() was added in OpenSSL 0.9.7 94EVP_SignInit_ex() was added in OpenSSL 0.9.7.
95 95
96=cut 96=cut
diff --git a/src/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod b/src/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
index 80c656fde8..b6afaedee5 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
@@ -74,7 +74,7 @@ L<EVP_SignInit(3)|EVP_SignInit(3)>,
74L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, 74L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
75L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, 75L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
76L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, 76L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
77L<sha(3)|sha(3)>, L<digest(1)|digest(1)> 77L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
78 78
79=head1 HISTORY 79=head1 HISTORY
80 80
diff --git a/src/lib/libssl/src/doc/crypto/RSA_check_key.pod b/src/lib/libssl/src/doc/crypto/RSA_check_key.pod
index 79fed753ad..3d824a07f5 100644
--- a/src/lib/libssl/src/doc/crypto/RSA_check_key.pod
+++ b/src/lib/libssl/src/doc/crypto/RSA_check_key.pod
@@ -18,7 +18,9 @@ in fact prime, and that B<n = p*q>.
18It also checks that B<d*e = 1 mod (p-1*q-1)>, 18It also checks that B<d*e = 1 mod (p-1*q-1)>,
19and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>. 19and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
20 20
21The key's public components may not be B<NULL>. 21As such, this function can not be used with any arbitrary RSA key object,
22even if it is otherwise fit for regular RSA operation. See B<NOTES> for more
23information.
22 24
23=head1 RETURN VALUE 25=head1 RETURN VALUE
24 26
@@ -28,12 +30,38 @@ RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
28If the key is invalid or an error occurred, the reason code can be 30If the key is invalid or an error occurred, the reason code can be
29obtained using L<ERR_get_error(3)|ERR_get_error(3)>. 31obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
30 32
33=head1 NOTES
34
35This function does not work on RSA public keys that have only the modulus
36and public exponent elements populated. It performs integrity checks on all
37the RSA key material, so the RSA key structure must contain all the private
38key data too.
39
40Unlike most other RSA functions, this function does B<not> work
41transparently with any underlying ENGINE implementation because it uses the
42key data in the RSA structure directly. An ENGINE implementation can
43override the way key data is stored and handled, and can even provide
44support for HSM keys - in which case the RSA structure may contain B<no>
45key data at all! If the ENGINE in question is only being used for
46acceleration or analysis purposes, then in all likelihood the RSA key data
47is complete and untouched, but this can't be assumed in the general case.
48
49=head1 BUGS
50
51A method of verifying the RSA key using opaque RSA API functions might need
52to be considered. Right now RSA_check_key() simply uses the RSA structure
53elements directly, bypassing the RSA_METHOD table altogether (and
54completely violating encapsulation and object-orientation in the process).
55The best fix will probably be to introduce a "check_key()" handler to the
56RSA_METHOD function table so that alternative implementations can also
57provide their own verifiers.
58
31=head1 SEE ALSO 59=head1 SEE ALSO
32 60
33L<rsa(3)|rsa(3)>, L<err(3)|err(3)> 61L<rsa(3)|rsa(3)>, L<err(3)|err(3)>
34 62
35=head1 HISTORY 63=head1 HISTORY
36 64
37RSA_check() appeared in OpenSSL 0.9.4. 65RSA_check_key() appeared in OpenSSL 0.9.4.
38 66
39=cut 67=cut
diff --git a/src/lib/libssl/src/doc/crypto/err.pod b/src/lib/libssl/src/doc/crypto/err.pod
index 264e30103d..6f729554d2 100644
--- a/src/lib/libssl/src/doc/crypto/err.pod
+++ b/src/lib/libssl/src/doc/crypto/err.pod
@@ -172,7 +172,7 @@ ERR_get_string_table(void) respectively.
172=head1 SEE ALSO 172=head1 SEE ALSO
173 173
174L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>, 174L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
175L<CRYPTO_set_locking_callback(3)|<CRYPTO_set_locking_callback(3)>, 175L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
176L<ERR_get_error(3)|ERR_get_error(3)>, 176L<ERR_get_error(3)|ERR_get_error(3)>,
177L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>, 177L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
178L<ERR_clear_error(3)|ERR_clear_error(3)>, 178L<ERR_clear_error(3)|ERR_clear_error(3)>,
diff --git a/src/lib/libssl/src/doc/crypto/hmac.pod b/src/lib/libssl/src/doc/crypto/hmac.pod
index 579bf9e8a0..3976baf226 100644
--- a/src/lib/libssl/src/doc/crypto/hmac.pod
+++ b/src/lib/libssl/src/doc/crypto/hmac.pod
@@ -96,4 +96,7 @@ L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
96HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup() 96HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
97are available since SSLeay 0.9.0. 97are available since SSLeay 0.9.0.
98 98
99HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
100since OpenSSL 0.9.7.
101
99=cut 102=cut
diff --git a/src/lib/libssl/src/doc/crypto/lhash.pod b/src/lib/libssl/src/doc/crypto/lhash.pod
index 0bac11421e..dcdbb43a8e 100644
--- a/src/lib/libssl/src/doc/crypto/lhash.pod
+++ b/src/lib/libssl/src/doc/crypto/lhash.pod
@@ -286,4 +286,9 @@ lh_error() was added in SSLeay 0.9.1b.
286 286
287This manpage is derived from the SSLeay documentation. 287This manpage is derived from the SSLeay documentation.
288 288
289In OpenSSL 0.9.7, all lhash functions that were passed function pointers
290were changed for better type safety, and the function types LHASH_COMP_FN_TYPE,
291LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE
292became available.
293
289=cut 294=cut
diff --git a/src/lib/libssl/src/doc/crypto/rsa.pod b/src/lib/libssl/src/doc/crypto/rsa.pod
index 09ad30cab1..2b93a12b65 100644
--- a/src/lib/libssl/src/doc/crypto/rsa.pod
+++ b/src/lib/libssl/src/doc/crypto/rsa.pod
@@ -110,7 +110,7 @@ L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
110L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>, 110L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
111L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, 111L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
112L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>, 112L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
113L<RSA_sign_ASN_OCTET_STRING(3)|RSA_sign_ASN_OCTET_STRING(3)>, 113L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
114L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)> 114L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
115 115
116=cut 116=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.pod
index d59a7db636..c8b99f4eef 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.pod
@@ -27,7 +27,7 @@ case is the size 0, which is used for unlimited size.
27 27
28When the maximum number of sessions is reached, no more new sessions are 28When the maximum number of sessions is reached, no more new sessions are
29added to the cache. New space may be added by calling 29added to the cache. New space may be added by calling
30L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)> to remove 30L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> to remove
31expired sessions. 31expired sessions.
32 32
33If the size of the session cache is reduced and more sessions are already 33If the size of the session cache is reduced and more sessions are already
@@ -46,6 +46,6 @@ SSL_CTX_sess_get_cache_size() returns the currently valid size.
46L<ssl(3)|ssl(3)>, 46L<ssl(3)|ssl(3)>,
47L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, 47L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
48L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, 48L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
49L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)> 49L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
50 50
51=cut 51=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod
index 6e0ef00632..7c0b2baf6c 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod
@@ -79,7 +79,7 @@ L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
79 79
80L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>, 80L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
81L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, 81L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
82L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)>, 82L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
83L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> 83L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
84 84
85=cut 85=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod
index 81286ee650..3a240c4d37 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.pod
@@ -14,7 +14,7 @@ SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate ver
14=head1 DESCRIPTION 14=head1 DESCRIPTION
15 15
16SSL_CTX_set_cert_store() sets/replaces the certificate verification storage 16SSL_CTX_set_cert_store() sets/replaces the certificate verification storage
17of B<ctx> to/with B<store>. If another X505_STORE object is currently 17of B<ctx> to/with B<store>. If another X509_STORE object is currently
18set in B<ctx>, it will be X509_STORE_free()ed. 18set in B<ctx>, it will be X509_STORE_free()ed.
19 19
20SSL_CTX_get_cert_store() returns a pointer to the current certificate 20SSL_CTX_get_cert_store() returns a pointer to the current certificate
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.pod
index 53e1827713..3465b5c7bb 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.pod
@@ -15,8 +15,10 @@ SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - handle client certifica
15=head1 DESCRIPTION 15=head1 DESCRIPTION
16 16
17SSL_CTX_set_client_cert_cb() sets the B<client_cert_cb()> callback, that is 17SSL_CTX_set_client_cert_cb() sets the B<client_cert_cb()> callback, that is
18called when a client certificate is requested by a server. 18called when a client certificate is requested by a server and no certificate
19When B<client_cert_cb()> is NULL, not callback function is used. 19was yet set for the SSL object.
20
21When B<client_cert_cb()> is NULL, no callback function is used.
20 22
21SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback 23SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback
22function. 24function.
@@ -25,9 +27,13 @@ client_cert_cb() is the application defined callback. If it wants to
25set a certificate, a certificate/private key combination must be set 27set a certificate, a certificate/private key combination must be set
26using the B<x509> and B<pkey> arguments and "1" must be returned. The 28using the B<x509> and B<pkey> arguments and "1" must be returned. The
27certificate will be installed into B<ssl>, see the NOTES and BUGS sections. 29certificate will be installed into B<ssl>, see the NOTES and BUGS sections.
28If no certificate should be set, "0" has to be returned and the default 30If no certificate should be set, "0" has to be returned and no certificate
29certificate will be sent. A fatal error can be indicated by returning 31will be sent. A negative return value will suspend the handshake and the
30a negative value, in which case the handshake will be canceled. 32handshake function will return immediatly. L<SSL_get_error(3)|SSL_get_error(3)>
33will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was
34suspended. The next call to the handshake function will again lead to the call
35of client_cert_cb(). It is the job of the client_cert_cb() to store information
36about the state of the last call, if required to continue.
31 37
32=head1 NOTES 38=head1 NOTES
33 39
@@ -35,26 +41,24 @@ During a handshake (or renegotiation) a server may request a certificate
35from the client. A client certificate must only be sent, when the server 41from the client. A client certificate must only be sent, when the server
36did send the request. 42did send the request.
37 43
38When no callback function is set, an OpenSSL client will send the certificate 44When a certificate was set using the
39that was set using the 45L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)> family of functions,
40L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)> family of functions. 46it will be sent to the server. The TLS standard requires that only a
41The TLS standard requires that only a certificate is sent, if it matches 47certificate is sent, if it matches the list of acceptable CAs sent by the
42the list of acceptable CAs sent by the server. This constraint is 48server. This constraint is violated by the default behavior of the OpenSSL
43violated by the default behavior of the OpenSSL library. Using the 49library. Using the callback function it is possible to implement a proper
44callback function it is possible to implement a proper selection routine 50selection routine or to allow a user interaction to choose the certificate to
45or to allow a user interaction to choose the certificate to be sent. 51be sent.
46The callback function can obtain the list of acceptable CAs using the 52
47L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)> function. 53If a callback function is defined and no certificate was yet defined for the
48 54SSL object, the callback function will be called.
49If a callback function is defined, the callback function will be called.
50If the callback function returns a certificate, the OpenSSL library 55If the callback function returns a certificate, the OpenSSL library
51will try to load the private key and certificate data into the SSL 56will try to load the private key and certificate data into the SSL
52object using SSL_use_certificate() and SSL_use_private_key() functions. 57object using the SSL_use_certificate() and SSL_use_private_key() functions.
53Thus it will permanently override the certificate and key previously 58Thus it will permanently install the certificate and key for this SSL
54installed and will not be reset by calling L<SSL_clear(3)|SSL_clear(3)>. 59object. It will not be reset by calling L<SSL_clear(3)|SSL_clear(3)>.
55If the callback returns no certificate, the OpenSSL library will send 60If the callback returns no certificate, the OpenSSL library will not send
56the certificate previously installed for the SSL_CTX object or the specific 61a certificate.
57certificate of the SSL object, if available.
58 62
59=head1 BUGS 63=head1 BUGS
60 64
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
index c10055c6e7..f5e2ec3555 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
@@ -35,7 +35,7 @@ operation (|). Options can only be added but can never be reset.
35SSL_CTX_set_options() and SSL_set_options() affect the (external) 35SSL_CTX_set_options() and SSL_set_options() affect the (external)
36protocol behaviour of the SSL library. The (internal) behaviour of 36protocol behaviour of the SSL library. The (internal) behaviour of
37the API can be changed by using the similar 37the API can be changed by using the similar
38L<SSL_CTX_set_modes(3)|SSL_CTX_set_modes(3)> and SSL_set_modes() functions. 38L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
39 39
40During a handshake, the option settings of the SSL object are used. When 40During a handshake, the option settings of the SSL object are used. When
41a new SSL object is created from a context using SSL_new(), the current 41a new SSL object is created from a context using SSL_new(), the current
@@ -100,14 +100,22 @@ doing a re-connect, always takes the first cipher in the cipher list.
100 100
101... 101...
102 102
103=item SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
104
105Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol
106vulnerability affecting CBC ciphers, which cannot be handled by some
107broken SSL implementations. This option has no effect for connections
108using other ciphers.
109
103=item SSL_OP_ALL 110=item SSL_OP_ALL
104 111
105All of the above bug workarounds. 112All of the above bug workarounds.
106 113
107=back 114=back
108 115
109It is safe and recommended to use B<SSL_OP_ALL> to enable the bug workaround 116It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround
110options. 117options if compatibility with somewhat broken implementations is
118desired.
111 119
112The following B<modifying> options are available: 120The following B<modifying> options are available:
113 121
@@ -219,4 +227,9 @@ B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically
219enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL> 227enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL>
220and must be explicitly set. 228and must be explicitly set.
221 229
230B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.
231Versions up to OpenSSL 0.9.6c do not include the countermeasure that
232can be disabled with this option (in OpenSSL 0.9.6d, it was always
233enabled).
234
222=cut 235=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_accept.pod b/src/lib/libssl/src/doc/ssl/SSL_accept.pod
index ac6caf9baa..a673edba85 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_accept.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_accept.pod
@@ -69,6 +69,7 @@ to find out the reason.
69L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>, 69L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
70L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>, 70L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
71L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, 71L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
72L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
72L<SSL_CTX_new(3)|SSL_CTX_new(3)> 73L<SSL_CTX_new(3)|SSL_CTX_new(3)>
73 74
74=cut 75=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_connect.pod b/src/lib/libssl/src/doc/ssl/SSL_connect.pod
index 766f1876aa..8426310c0d 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_connect.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_connect.pod
@@ -66,6 +66,7 @@ to find out the reason.
66L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_accept(3)|SSL_accept(3)>, 66L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_accept(3)|SSL_accept(3)>,
67L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>, 67L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
68L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, 68L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
69L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
69L<SSL_CTX_new(3)|SSL_CTX_new(3)> 70L<SSL_CTX_new(3)|SSL_CTX_new(3)>
70 71
71=cut 72=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod b/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod
new file mode 100644
index 0000000000..243576451b
--- /dev/null
+++ b/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod
@@ -0,0 +1,75 @@
1=pod
2
3=head1 NAME
4
5SSL_do_handshake - perform a TLS/SSL handshake
6
7=head1 SYNOPSIS
8
9 #include <openssl/ssl.h>
10
11 int SSL_do_handshake(SSL *ssl);
12
13=head1 DESCRIPTION
14
15SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the
16connection is in client mode, the handshake will be started. The handshake
17routines may have to be explicitly set in advance using either
18L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or
19L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
20
21=head1 NOTES
22
23The behaviour of SSL_do_handshake() depends on the underlying BIO.
24
25If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
26once the handshake has been finished or an error occurred, except for SGC
27(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1,
28but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and
29SSL_do_handshake() should be called again.
30
31If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
32when the underlying BIO could not satisfy the needs of SSL_do_handshake()
33to continue the handshake. In this case a call to SSL_get_error() with the
34return value of SSL_do_handshake() will yield B<SSL_ERROR_WANT_READ> or
35B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
36taking appropriate action to satisfy the needs of SSL_do_handshake().
37The action depends on the underlying BIO. When using a non-blocking socket,
38nothing is to be done, but select() can be used to check for the required
39condition. When using a buffering BIO, like a BIO pair, data must be written
40into or retrieved out of the BIO before being able to continue.
41
42=head1 RETURN VALUES
43
44The following return values can occur:
45
46=over 4
47
48=item 1
49
50The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
51established.
52
53=item 0
54
55The TLS/SSL handshake was not successful but was shut down controlled and
56by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
57return value B<ret> to find out the reason.
58
59=item E<lt>0
60
61The TLS/SSL handshake was not successful because a fatal error occurred either
62at the protocol level or a connection failure occurred. The shutdown was
63not clean. It can also occur of action is need to continue the operation
64for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
65to find out the reason.
66
67=back
68
69=head1 SEE ALSO
70
71L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
72L<SSL_accept(3)|SSL_accept(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
73L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
74
75=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_get_error.pod b/src/lib/libssl/src/doc/ssl/SSL_get_error.pod
index f700bf0ace..fe28dd942a 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_get_error.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_get_error.pod
@@ -13,7 +13,7 @@ SSL_get_error - obtain result code for TLS/SSL I/O operation
13=head1 DESCRIPTION 13=head1 DESCRIPTION
14 14
15SSL_get_error() returns a result code (suitable for the C "switch" 15SSL_get_error() returns a result code (suitable for the C "switch"
16statement) for a preceding call to SSL_connect(), SSL_accept(), 16statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(),
17SSL_read(), SSL_peek(), or SSL_write() on B<ssl>. The value returned by 17SSL_read(), SSL_peek(), or SSL_write() on B<ssl>. The value returned by
18that TLS/SSL I/O function must be passed to SSL_get_error() in parameter 18that TLS/SSL I/O function must be passed to SSL_get_error() in parameter
19B<ret>. 19B<ret>.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_set_connect_state.pod b/src/lib/libssl/src/doc/ssl/SSL_set_connect_state.pod
index 7adf8adfed..d88a057def 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_set_connect_state.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_set_connect_state.pod
@@ -49,6 +49,7 @@ information.
49L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>, 49L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
50L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>, 50L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
51L<SSL_write(3)|SSL_write(3)>, L<SSL_read(3)|SSL_read(3)>, 51L<SSL_write(3)|SSL_write(3)>, L<SSL_read(3)|SSL_read(3)>,
52L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
52L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)> 53L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>
53 54
54=cut 55=cut
diff --git a/src/lib/libssl/src/doc/ssl/SSL_write.pod b/src/lib/libssl/src/doc/ssl/SSL_write.pod
index dfa42e9aee..e013c12d52 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_write.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_write.pod
@@ -65,6 +65,9 @@ When an SSL_write() operation has to be repeated because of
65B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated 65B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
66with the same arguments. 66with the same arguments.
67 67
68When calling SSL_write() with num=0 bytes to be sent the behaviour is
69undefined.
70
68=head1 RETURN VALUES 71=head1 RETURN VALUES
69 72
70The following return values can occur: 73The following return values can occur:
diff --git a/src/lib/libssl/src/doc/ssl/ssl.pod b/src/lib/libssl/src/doc/ssl/ssl.pod
index d0525582b0..1471e0312e 100644
--- a/src/lib/libssl/src/doc/ssl/ssl.pod
+++ b/src/lib/libssl/src/doc/ssl/ssl.pod
@@ -693,6 +693,7 @@ L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
693L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, 693L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
694L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, 694L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
695L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>, 695L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
696L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
696L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>, 697L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
697L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, 698L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
698L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, 699L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h
index f216936e18..00edebe6d4 100644
--- a/src/lib/libssl/src/e_os.h
+++ b/src/lib/libssl/src/e_os.h
@@ -191,6 +191,14 @@ extern "C" {
191 191
192#if (defined(WINDOWS) || defined(MSDOS)) 192#if (defined(WINDOWS) || defined(MSDOS))
193 193
194# ifdef __DJGPP__
195# include <unistd.h>
196# include <sys/stat.h>
197# define _setmode setmode
198# define _O_TEXT O_TEXT
199# define _O_BINARY O_BINARY
200# endif /* __DJGPP__ */
201
194# ifndef S_IFDIR 202# ifndef S_IFDIR
195# define S_IFDIR _S_IFDIR 203# define S_IFDIR _S_IFDIR
196# endif 204# endif
@@ -336,7 +344,7 @@ extern "C" {
336/*************/ 344/*************/
337 345
338#ifdef USE_SOCKETS 346#ifdef USE_SOCKETS
339# if defined(WINDOWS) || defined(MSDOS) 347# if (defined(WINDOWS) || defined(MSDOS)) && !defined(__DJGPP__)
340 /* windows world */ 348 /* windows world */
341 349
342# ifdef OPENSSL_NO_SOCK 350# ifdef OPENSSL_NO_SOCK
@@ -423,7 +431,9 @@ extern HINSTANCE _hInstance;
423# define SSLeay_Write(a,b,c) write((a),(b),(c)) 431# define SSLeay_Write(a,b,c) write((a),(b),(c))
424# define SHUTDOWN(fd) { shutdown((fd),0); closesocket((fd)); } 432# define SHUTDOWN(fd) { shutdown((fd),0); closesocket((fd)); }
425# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket((fd)); } 433# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket((fd)); }
434# ifndef INVALID_SOCKET
426# define INVALID_SOCKET (-1) 435# define INVALID_SOCKET (-1)
436# endif /* INVALID_SOCKET */
427# endif 437# endif
428#endif 438#endif
429 439
diff --git a/src/lib/libssl/src/e_os2.h b/src/lib/libssl/src/e_os2.h
index 9c4a541728..ff68d5b94a 100644
--- a/src/lib/libssl/src/e_os2.h
+++ b/src/lib/libssl/src/e_os2.h
@@ -90,17 +90,22 @@ extern "C" {
90 90
91/* For 32 bit environment, there seems to be the CygWin environment and then 91/* For 32 bit environment, there seems to be the CygWin environment and then
92 all the others that try to do the same thing Microsoft does... */ 92 all the others that try to do the same thing Microsoft does... */
93#if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32) 93#if defined(OPENSSL_SYSNAME_UWIN)
94# undef OPENSSL_SYS_UNIX 94# undef OPENSSL_SYS_UNIX
95# define OPENSSL_SYS_WIN32_CYGWIN 95# define OPENSSL_SYS_WIN32_UWIN
96#else 96#else
97# if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32) 97# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
98# undef OPENSSL_SYS_UNIX 98# undef OPENSSL_SYS_UNIX
99# define OPENSSL_SYS_WIN32 99# define OPENSSL_SYS_WIN32_CYGWIN
100# endif 100# else
101# if defined(OPENSSL_SYSNAME_WINNT) 101# if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
102# undef OPENSSL_SYS_UNIX 102# undef OPENSSL_SYS_UNIX
103# define OPENSSL_SYS_WINNT 103# define OPENSSL_SYS_WIN32
104# endif
105# if defined(OPENSSL_SYSNAME_WINNT)
106# undef OPENSSL_SYS_UNIX
107# define OPENSSL_SYS_WINNT
108# endif
104# endif 109# endif
105#endif 110#endif
106 111
diff --git a/src/lib/libssl/src/install.com b/src/lib/libssl/src/install.com
index 86fae7e872..4e4fe80dfe 100644
--- a/src/lib/libssl/src/install.com
+++ b/src/lib/libssl/src/install.com
@@ -52,7 +52,7 @@ $ IF F$PARSE("WRK_SSLPRIVATE:") .EQS. "" THEN -
52$ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN - 52$ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
53 CREATE/DIR/LOG WRK_SSLROOT:[VMS] 53 CREATE/DIR/LOG WRK_SSLROOT:[VMS]
54$ 54$
55$ SDIRS := CRYPTO,SSL,RSAREF,APPS,VMS!,TEST,TOOLS 55$ SDIRS := CRYPTO,SSL,APPS,VMS!,RSAREF,TEST,TOOLS
56$ EXHEADER := e_os2.h 56$ EXHEADER := e_os2.h
57$ 57$
58$ COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG 58$ COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG
diff --git a/src/lib/libssl/src/ms/do_masm.bat b/src/lib/libssl/src/ms/do_masm.bat
index 5b64fecdb0..f4c958c561 100644
--- a/src/lib/libssl/src/ms/do_masm.bat
+++ b/src/lib/libssl/src/ms/do_masm.bat
@@ -3,54 +3,54 @@ echo Generating x86 for MASM assember
3 3
4echo Bignum 4echo Bignum
5cd crypto\bn\asm 5cd crypto\bn\asm
6perl x86.pl win32 > bn-win32.asm 6perl x86.pl win32 > bn_win32.asm
7cd ..\..\.. 7cd ..\..\..
8 8
9echo DES 9echo DES
10cd crypto\des\asm 10cd crypto\des\asm
11perl des-586.pl win32 > d-win32.asm 11perl des-586.pl win32 > d_win32.asm
12cd ..\..\.. 12cd ..\..\..
13 13
14echo "crypt(3)" 14echo "crypt(3)"
15 15
16cd crypto\des\asm 16cd crypto\des\asm
17perl crypt586.pl win32 > y-win32.asm 17perl crypt586.pl win32 > y_win32.asm
18cd ..\..\.. 18cd ..\..\..
19 19
20echo Blowfish 20echo Blowfish
21 21
22cd crypto\bf\asm 22cd crypto\bf\asm
23perl bf-586.pl win32 > b-win32.asm 23perl bf-586.pl win32 > b_win32.asm
24cd ..\..\.. 24cd ..\..\..
25 25
26echo CAST5 26echo CAST5
27cd crypto\cast\asm 27cd crypto\cast\asm
28perl cast-586.pl win32 > c-win32.asm 28perl cast-586.pl win32 > c_win32.asm
29cd ..\..\.. 29cd ..\..\..
30 30
31echo RC4 31echo RC4
32cd crypto\rc4\asm 32cd crypto\rc4\asm
33perl rc4-586.pl win32 > r4-win32.asm 33perl rc4-586.pl win32 > r4_win32.asm
34cd ..\..\.. 34cd ..\..\..
35 35
36echo MD5 36echo MD5
37cd crypto\md5\asm 37cd crypto\md5\asm
38perl md5-586.pl win32 > m5-win32.asm 38perl md5-586.pl win32 > m5_win32.asm
39cd ..\..\.. 39cd ..\..\..
40 40
41echo SHA1 41echo SHA1
42cd crypto\sha\asm 42cd crypto\sha\asm
43perl sha1-586.pl win32 > s1-win32.asm 43perl sha1-586.pl win32 > s1_win32.asm
44cd ..\..\.. 44cd ..\..\..
45 45
46echo RIPEMD160 46echo RIPEMD160
47cd crypto\ripemd\asm 47cd crypto\ripemd\asm
48perl rmd-586.pl win32 > rm-win32.asm 48perl rmd-586.pl win32 > rm_win32.asm
49cd ..\..\.. 49cd ..\..\..
50 50
51echo RC5\32 51echo RC5\32
52cd crypto\rc5\asm 52cd crypto\rc5\asm
53perl rc5-586.pl win32 > r5-win32.asm 53perl rc5-586.pl win32 > r5_win32.asm
54cd ..\..\.. 54cd ..\..\..
55 55
56echo on 56echo on
diff --git a/src/lib/libssl/src/ms/do_nasm.bat b/src/lib/libssl/src/ms/do_nasm.bat
index 8859c15457..557f8a66d7 100644
--- a/src/lib/libssl/src/ms/do_nasm.bat
+++ b/src/lib/libssl/src/ms/do_nasm.bat
@@ -4,54 +4,54 @@ echo Generating x86 for NASM assember
4 4
5echo Bignum 5echo Bignum
6cd crypto\bn\asm 6cd crypto\bn\asm
7perl x86.pl win32n > bn-win32.asm 7perl x86.pl win32n > bn_win32.asm
8cd ..\..\.. 8cd ..\..\..
9 9
10echo DES 10echo DES
11cd crypto\des\asm 11cd crypto\des\asm
12perl des-586.pl win32n > d-win32.asm 12perl des-586.pl win32n > d_win32.asm
13cd ..\..\.. 13cd ..\..\..
14 14
15echo "crypt(3)" 15echo "crypt(3)"
16 16
17cd crypto\des\asm 17cd crypto\des\asm
18perl crypt586.pl win32n > y-win32.asm 18perl crypt586.pl win32n > y_win32.asm
19cd ..\..\.. 19cd ..\..\..
20 20
21echo Blowfish 21echo Blowfish
22 22
23cd crypto\bf\asm 23cd crypto\bf\asm
24perl bf-586.pl win32n > b-win32.asm 24perl bf-586.pl win32n > b_win32.asm
25cd ..\..\.. 25cd ..\..\..
26 26
27echo CAST5 27echo CAST5
28cd crypto\cast\asm 28cd crypto\cast\asm
29perl cast-586.pl win32n > c-win32.asm 29perl cast-586.pl win32n > c_win32.asm
30cd ..\..\.. 30cd ..\..\..
31 31
32echo RC4 32echo RC4
33cd crypto\rc4\asm 33cd crypto\rc4\asm
34perl rc4-586.pl win32n > r4-win32.asm 34perl rc4-586.pl win32n > r4_win32.asm
35cd ..\..\.. 35cd ..\..\..
36 36
37echo MD5 37echo MD5
38cd crypto\md5\asm 38cd crypto\md5\asm
39perl md5-586.pl win32n > m5-win32.asm 39perl md5-586.pl win32n > m5_win32.asm
40cd ..\..\.. 40cd ..\..\..
41 41
42echo SHA1 42echo SHA1
43cd crypto\sha\asm 43cd crypto\sha\asm
44perl sha1-586.pl win32n > s1-win32.asm 44perl sha1-586.pl win32n > s1_win32.asm
45cd ..\..\.. 45cd ..\..\..
46 46
47echo RIPEMD160 47echo RIPEMD160
48cd crypto\ripemd\asm 48cd crypto\ripemd\asm
49perl rmd-586.pl win32n > rm-win32.asm 49perl rmd-586.pl win32n > rm_win32.asm
50cd ..\..\.. 50cd ..\..\..
51 51
52echo RC5\32 52echo RC5\32
53cd crypto\rc5\asm 53cd crypto\rc5\asm
54perl rc5-586.pl win32n > r5-win32.asm 54perl rc5-586.pl win32n > r5_win32.asm
55cd ..\..\.. 55cd ..\..\..
56 56
57echo on 57echo on
@@ -62,6 +62,7 @@ rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak
62perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak 62perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak
63perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak 63perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak
64perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak 64perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak
65perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak
65 66
66perl util\mkdef.pl 16 libeay > ms\libeay16.def 67perl util\mkdef.pl 16 libeay > ms\libeay16.def
67perl util\mkdef.pl 32 libeay > ms\libeay32.def 68perl util\mkdef.pl 32 libeay > ms\libeay32.def
diff --git a/src/lib/libssl/src/os2/OS2-EMX.cmd b/src/lib/libssl/src/os2/OS2-EMX.cmd
index 8b2a092c68..acab99ac39 100644
--- a/src/lib/libssl/src/os2/OS2-EMX.cmd
+++ b/src/lib/libssl/src/os2/OS2-EMX.cmd
@@ -5,6 +5,11 @@ perl util\mkfiles.pl > MINFO
5 5
6@rem create make file 6@rem create make file
7perl util\mk1mf.pl OS2-EMX > OS2-EMX.mak 7perl util\mk1mf.pl OS2-EMX > OS2-EMX.mak
8perl util\mk1mf.pl dll OS2-EMX > OS2-EMX-DLL.mak
9
10echo Generating export definition files
11perl util\mkdef.pl crypto OS2 > os2\crypto.def
12perl util\mkdef.pl ssl OS2 > os2\ssl.def
8 13
9echo Generating x86 for GNU assember 14echo Generating x86 for GNU assember
10 15
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index b2be8340fb..019e9aecee 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -57,11 +57,11 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "ssl_locl.h"
60#include <openssl/buffer.h> 61#include <openssl/buffer.h>
61#include <openssl/rand.h> 62#include <openssl/rand.h>
62#include <openssl/objects.h> 63#include <openssl/objects.h>
63#include <openssl/evp.h> 64#include <openssl/evp.h>
64#include "ssl_locl.h"
65 65
66static SSL_METHOD *ssl23_get_client_method(int ver); 66static SSL_METHOD *ssl23_get_client_method(int ver);
67static int ssl23_client_hello(SSL *s); 67static int ssl23_client_hello(SSL *s);
diff --git a/src/lib/libssl/src/ssl/s23_pkt.c b/src/lib/libssl/src/ssl/s23_pkt.c
index f45e1ce3d8..4ca6a1b258 100644
--- a/src/lib/libssl/src/ssl/s23_pkt.c
+++ b/src/lib/libssl/src/ssl/s23_pkt.c
@@ -59,9 +59,9 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <errno.h> 60#include <errno.h>
61#define USE_SOCKETS 61#define USE_SOCKETS
62#include "ssl_locl.h"
62#include <openssl/evp.h> 63#include <openssl/evp.h>
63#include <openssl/buffer.h> 64#include <openssl/buffer.h>
64#include "ssl_locl.h"
65 65
66int ssl23_write_bytes(SSL *s) 66int ssl23_write_bytes(SSL *s)
67 { 67 {
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 9e89cc7f9a..8743b61cbb 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -110,11 +110,11 @@
110 */ 110 */
111 111
112#include <stdio.h> 112#include <stdio.h>
113#include "ssl_locl.h"
113#include <openssl/buffer.h> 114#include <openssl/buffer.h>
114#include <openssl/rand.h> 115#include <openssl/rand.h>
115#include <openssl/objects.h> 116#include <openssl/objects.h>
116#include <openssl/evp.h> 117#include <openssl/evp.h>
117#include "ssl_locl.h"
118 118
119static SSL_METHOD *ssl23_get_server_method(int ver); 119static SSL_METHOD *ssl23_get_server_method(int ver);
120int ssl23_get_client_hello(SSL *s); 120int ssl23_get_client_hello(SSL *s);
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
index 4cb1184161..26efe53856 100644
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -116,6 +116,7 @@
116#include <openssl/buffer.h> 116#include <openssl/buffer.h>
117#include <openssl/objects.h> 117#include <openssl/objects.h>
118#include <openssl/evp.h> 118#include <openssl/evp.h>
119#include "cryptlib.h"
119 120
120static SSL_METHOD *ssl2_get_client_method(int ver); 121static SSL_METHOD *ssl2_get_client_method(int ver);
121static int get_server_finished(SSL *s); 122static int get_server_finished(SSL *s);
@@ -535,6 +536,7 @@ static int get_server_hello(SSL *s)
535 } 536 }
536 537
537 s->s2->conn_id_length=s->s2->tmp.conn_id_length; 538 s->s2->conn_id_length=s->s2->tmp.conn_id_length;
539 die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
538 memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); 540 memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
539 return(1); 541 return(1);
540 } 542 }
@@ -636,6 +638,7 @@ static int client_master_key(SSL *s)
636 /* make key_arg data */ 638 /* make key_arg data */
637 i=EVP_CIPHER_iv_length(c); 639 i=EVP_CIPHER_iv_length(c);
638 sess->key_arg_length=i; 640 sess->key_arg_length=i;
641 die(i <= SSL_MAX_KEY_ARG_LENGTH);
639 if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); 642 if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
640 643
641 /* make a master key */ 644 /* make a master key */
@@ -643,6 +646,7 @@ static int client_master_key(SSL *s)
643 sess->master_key_length=i; 646 sess->master_key_length=i;
644 if (i > 0) 647 if (i > 0)
645 { 648 {
649 die(i <= sizeof sess->master_key);
646 if (RAND_bytes(sess->master_key,i) <= 0) 650 if (RAND_bytes(sess->master_key,i) <= 0)
647 { 651 {
648 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 652 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
@@ -686,6 +690,7 @@ static int client_master_key(SSL *s)
686 d+=enc; 690 d+=enc;
687 karg=sess->key_arg_length; 691 karg=sess->key_arg_length;
688 s2n(karg,p); /* key arg size */ 692 s2n(karg,p); /* key arg size */
693 die(karg <= sizeof sess->key_arg);
689 memcpy(d,sess->key_arg,(unsigned int)karg); 694 memcpy(d,sess->key_arg,(unsigned int)karg);
690 d+=karg; 695 d+=karg;
691 696
@@ -706,6 +711,7 @@ static int client_finished(SSL *s)
706 { 711 {
707 p=(unsigned char *)s->init_buf->data; 712 p=(unsigned char *)s->init_buf->data;
708 *(p++)=SSL2_MT_CLIENT_FINISHED; 713 *(p++)=SSL2_MT_CLIENT_FINISHED;
714 die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
709 memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); 715 memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
710 716
711 s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; 717 s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
@@ -978,6 +984,8 @@ static int get_server_finished(SSL *s)
978 { 984 {
979 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) 985 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
980 { 986 {
987 die(s->session->session_id_length
988 <= sizeof s->session->session_id);
981 if (memcmp(buf,s->session->session_id, 989 if (memcmp(buf,s->session->session_id,
982 (unsigned int)s->session->session_id_length) != 0) 990 (unsigned int)s->session->session_id_length) != 0)
983 { 991 {
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
index bce2b4e83f..9bf55268df 100644
--- a/src/lib/libssl/src/ssl/s2_lib.c
+++ b/src/lib/libssl/src/ssl/s2_lib.c
@@ -63,6 +63,7 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/evp.h> 64#include <openssl/evp.h>
65#include <openssl/md5.h> 65#include <openssl/md5.h>
66#include "cryptlib.h"
66 67
67static long ssl2_default_timeout(void ); 68static long ssl2_default_timeout(void );
68const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; 69const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
@@ -77,7 +78,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
77 SSL2_TXT_NULL_WITH_MD5, 78 SSL2_TXT_NULL_WITH_MD5,
78 SSL2_CK_NULL_WITH_MD5, 79 SSL2_CK_NULL_WITH_MD5,
79 SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2, 80 SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
80 SSL_EXPORT|SSL_EXP40, 81 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
82 0,
81 0, 83 0,
82 0, 84 0,
83 SSL_ALL_CIPHERS, 85 SSL_ALL_CIPHERS,
@@ -197,6 +199,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
197 SSL2_TXT_NULL, 199 SSL2_TXT_NULL,
198 SSL2_CK_NULL, 200 SSL2_CK_NULL,
199 0, 201 0,
202 SSL_STRONG_NONE,
200 0, 203 0,
201 0, 204 0,
202 0, 205 0,
@@ -426,10 +429,14 @@ void ssl2_generate_key_material(SSL *s)
426#endif 429#endif
427 EVP_MD_CTX_init(&ctx); 430 EVP_MD_CTX_init(&ctx);
428 km=s->s2->key_material; 431 km=s->s2->key_material;
432 die(s->s2->key_material_length <= sizeof s->s2->key_material);
429 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) 433 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
430 { 434 {
431 EVP_DigestInit_ex(&ctx,EVP_md5(), NULL); 435 EVP_DigestInit_ex(&ctx,EVP_md5(), NULL);
432 436
437 die(s->session->master_key_length >= 0
438 && s->session->master_key_length
439 < sizeof s->session->master_key);
433 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); 440 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
434 EVP_DigestUpdate(&ctx,&c,1); 441 EVP_DigestUpdate(&ctx,&c,1);
435 c++; 442 c++;
@@ -465,6 +472,7 @@ void ssl2_write_error(SSL *s)
465/* state=s->rwstate;*/ 472/* state=s->rwstate;*/
466 error=s->error; 473 error=s->error;
467 s->error=0; 474 s->error=0;
475 die(error >= 0 && error <= 3);
468 i=ssl2_write(s,&(buf[3-error]),error); 476 i=ssl2_write(s,&(buf[3-error]),error);
469/* if (i == error) s->rwstate=state; */ 477/* if (i == error) s->rwstate=state; */
470 478
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
index 56da65195e..391287bfcd 100644
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -116,6 +116,7 @@
116#include <openssl/rand.h> 116#include <openssl/rand.h>
117#include <openssl/objects.h> 117#include <openssl/objects.h>
118#include <openssl/evp.h> 118#include <openssl/evp.h>
119#include "cryptlib.h"
119 120
120static SSL_METHOD *ssl2_get_server_method(int ver); 121static SSL_METHOD *ssl2_get_server_method(int ver);
121static int get_client_master_key(SSL *s); 122static int get_client_master_key(SSL *s);
@@ -417,11 +418,18 @@ static int get_client_master_key(SSL *s)
417 n2s(p,i); s->s2->tmp.clear=i; 418 n2s(p,i); s->s2->tmp.clear=i;
418 n2s(p,i); s->s2->tmp.enc=i; 419 n2s(p,i); s->s2->tmp.enc=i;
419 n2s(p,i); s->session->key_arg_length=i; 420 n2s(p,i); s->session->key_arg_length=i;
421 if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)
422 {
423 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
424 SSL_R_KEY_ARG_TOO_LONG);
425 return -1;
426 }
420 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; 427 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
421 } 428 }
422 429
423 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ 430 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
424 p=(unsigned char *)s->init_buf->data; 431 p=(unsigned char *)s->init_buf->data;
432 die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER);
425 keya=s->session->key_arg_length; 433 keya=s->session->key_arg_length;
426 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; 434 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
427 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 435 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
@@ -504,6 +512,7 @@ static int get_client_master_key(SSL *s)
504#endif 512#endif
505 513
506 if (is_export) i+=s->s2->tmp.clear; 514 if (is_export) i+=s->s2->tmp.clear;
515 die(i <= SSL_MAX_MASTER_KEY_LENGTH);
507 s->session->master_key_length=i; 516 s->session->master_key_length=i;
508 memcpy(s->session->master_key,p,(unsigned int)i); 517 memcpy(s->session->master_key,p,(unsigned int)i);
509 return(1); 518 return(1);
@@ -670,6 +679,7 @@ static int get_client_hello(SSL *s)
670 p+=s->s2->tmp.session_id_length; 679 p+=s->s2->tmp.session_id_length;
671 680
672 /* challenge */ 681 /* challenge */
682 die(s->s2->challenge_length <= sizeof s->s2->challenge);
673 memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); 683 memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
674 return(1); 684 return(1);
675mem_err: 685mem_err:
@@ -826,6 +836,7 @@ static int get_client_finished(SSL *s)
826 } 836 }
827 837
828 /* SSL2_ST_GET_CLIENT_FINISHED_B */ 838 /* SSL2_ST_GET_CLIENT_FINISHED_B */
839 die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
829 len = 1 + (unsigned long)s->s2->conn_id_length; 840 len = 1 + (unsigned long)s->s2->conn_id_length;
830 n = (int)len - s->init_num; 841 n = (int)len - s->init_num;
831 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 842 i = ssl2_read(s,(char *)&(p[s->init_num]),n);
@@ -853,6 +864,7 @@ static int server_verify(SSL *s)
853 { 864 {
854 p=(unsigned char *)s->init_buf->data; 865 p=(unsigned char *)s->init_buf->data;
855 *(p++)=SSL2_MT_SERVER_VERIFY; 866 *(p++)=SSL2_MT_SERVER_VERIFY;
867 die(s->s2->challenge_length <= sizeof s->s2->challenge);
856 memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); 868 memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
857 /* p+=s->s2->challenge_length; */ 869 /* p+=s->s2->challenge_length; */
858 870
@@ -872,6 +884,8 @@ static int server_finish(SSL *s)
872 p=(unsigned char *)s->init_buf->data; 884 p=(unsigned char *)s->init_buf->data;
873 *(p++)=SSL2_MT_SERVER_FINISHED; 885 *(p++)=SSL2_MT_SERVER_FINISHED;
874 886
887 die(s->session->session_id_length
888 <= sizeof s->session->session_id);
875 memcpy(p,s->session->session_id, 889 memcpy(p,s->session->session_id,
876 (unsigned int)s->session->session_id_length); 890 (unsigned int)s->session->session_id_length);
877 /* p+=s->session->session_id_length; */ 891 /* p+=s->session->session_id_length; */
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c
index 58a24cd883..8864366f59 100644
--- a/src/lib/libssl/src/ssl/s3_both.c
+++ b/src/lib/libssl/src/ssl/s3_both.c
@@ -112,12 +112,12 @@
112#include <limits.h> 112#include <limits.h>
113#include <string.h> 113#include <string.h>
114#include <stdio.h> 114#include <stdio.h>
115#include "ssl_locl.h"
115#include <openssl/buffer.h> 116#include <openssl/buffer.h>
116#include <openssl/rand.h> 117#include <openssl/rand.h>
117#include <openssl/objects.h> 118#include <openssl/objects.h>
118#include <openssl/evp.h> 119#include <openssl/evp.h>
119#include <openssl/x509.h> 120#include <openssl/x509.h>
120#include "ssl_locl.h"
121 121
122/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ 122/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
123int ssl3_do_write(SSL *s, int type) 123int ssl3_do_write(SSL *s, int type)
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index e5853ede95..2699b5863b 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -110,13 +110,14 @@
110 */ 110 */
111 111
112#include <stdio.h> 112#include <stdio.h>
113#include "ssl_locl.h"
114#include "kssl_lcl.h"
113#include <openssl/buffer.h> 115#include <openssl/buffer.h>
114#include <openssl/rand.h> 116#include <openssl/rand.h>
115#include <openssl/objects.h> 117#include <openssl/objects.h>
116#include <openssl/evp.h> 118#include <openssl/evp.h>
117#include "ssl_locl.h"
118#include "kssl_lcl.h"
119#include <openssl/md5.h> 119#include <openssl/md5.h>
120#include "cryptlib.h"
120 121
121static SSL_METHOD *ssl3_get_client_method(int ver); 122static SSL_METHOD *ssl3_get_client_method(int ver);
122static int ssl3_client_hello(SSL *s); 123static int ssl3_client_hello(SSL *s);
@@ -545,6 +546,7 @@ static int ssl3_client_hello(SSL *s)
545 *(p++)=i; 546 *(p++)=i;
546 if (i != 0) 547 if (i != 0)
547 { 548 {
549 die(i <= sizeof s->session->session_id);
548 memcpy(p,s->session->session_id,i); 550 memcpy(p,s->session->session_id,i);
549 p+=i; 551 p+=i;
550 } 552 }
@@ -626,6 +628,14 @@ static int ssl3_get_server_hello(SSL *s)
626 /* get the session-id */ 628 /* get the session-id */
627 j= *(p++); 629 j= *(p++);
628 630
631 if(j > sizeof s->session->session_id)
632 {
633 al=SSL_AD_ILLEGAL_PARAMETER;
634 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
635 SSL_R_SSL3_SESSION_ID_TOO_LONG);
636 goto f_err;
637 }
638
629 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) 639 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
630 { 640 {
631 /* SSLref returns 16 :-( */ 641 /* SSLref returns 16 :-( */
@@ -1588,6 +1598,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
1588 SSL_MAX_MASTER_KEY_LENGTH); 1598 SSL_MAX_MASTER_KEY_LENGTH);
1589 EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); 1599 EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
1590 outl += padl; 1600 outl += padl;
1601 die(outl <= sizeof epms);
1591 EVP_CIPHER_CTX_cleanup(&ciph_ctx); 1602 EVP_CIPHER_CTX_cleanup(&ciph_ctx);
1592 1603
1593 /* KerberosWrapper.EncryptedPreMasterSecret */ 1604 /* KerberosWrapper.EncryptedPreMasterSecret */
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
index 6dfef5caaf..888a9a2868 100644
--- a/src/lib/libssl/src/ssl/s3_enc.c
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -110,8 +110,8 @@
110 */ 110 */
111 111
112#include <stdio.h> 112#include <stdio.h>
113#include <openssl/evp.h>
114#include "ssl_locl.h" 113#include "ssl_locl.h"
114#include <openssl/evp.h>
115#include <openssl/md5.h> 115#include <openssl/md5.h>
116 116
117static unsigned char ssl3_pad_1[48]={ 117static unsigned char ssl3_pad_1[48]={
@@ -378,13 +378,24 @@ int ssl3_setup_key_block(SSL *s)
378 378
379 ret = ssl3_generate_key_block(s,p,num); 379 ret = ssl3_generate_key_block(s,p,num);
380 380
381 /* enable vulnerability countermeasure for CBC ciphers with 381 if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
382 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) */ 382 {
383 s->s3->need_empty_fragments = 1; 383 /* enable vulnerability countermeasure for CBC ciphers with
384 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
385 */
386 s->s3->need_empty_fragments = 1;
387
388 if (s->session->cipher != NULL)
389 {
390 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
391 s->s3->need_empty_fragments = 0;
392
384#ifndef OPENSSL_NO_RC4 393#ifndef OPENSSL_NO_RC4
385 if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)) 394 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
386 s->s3->need_empty_fragments = 0; 395 s->s3->need_empty_fragments = 0;
387#endif 396#endif
397 }
398 }
388 399
389 return ret; 400 return ret;
390 401
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 686992406c..14b2f13ae2 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -129,7 +129,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
129 SSL3_TXT_RSA_NULL_MD5, 129 SSL3_TXT_RSA_NULL_MD5,
130 SSL3_CK_RSA_NULL_MD5, 130 SSL3_CK_RSA_NULL_MD5,
131 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3, 131 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
132 SSL_NOT_EXP, 132 SSL_NOT_EXP|SSL_STRONG_NONE,
133 0, 133 0,
134 0, 134 0,
135 0, 135 0,
@@ -142,7 +142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
142 SSL3_TXT_RSA_NULL_SHA, 142 SSL3_TXT_RSA_NULL_SHA,
143 SSL3_CK_RSA_NULL_SHA, 143 SSL3_CK_RSA_NULL_SHA,
144 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3, 144 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
145 SSL_NOT_EXP, 145 SSL_NOT_EXP|SSL_STRONG_NONE,
146 0, 146 0,
147 0, 147 0,
148 0, 148 0,
@@ -490,7 +490,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
490 SSL3_TXT_FZA_DMS_NULL_SHA, 490 SSL3_TXT_FZA_DMS_NULL_SHA,
491 SSL3_CK_FZA_DMS_NULL_SHA, 491 SSL3_CK_FZA_DMS_NULL_SHA,
492 SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3, 492 SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
493 SSL_NOT_EXP, 493 SSL_NOT_EXP|SSL_STRONG_NONE,
494 0, 494 0,
495 0, 495 0,
496 0, 496 0,
@@ -504,7 +504,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
504 SSL3_TXT_FZA_DMS_FZA_SHA, 504 SSL3_TXT_FZA_DMS_FZA_SHA,
505 SSL3_CK_FZA_DMS_FZA_SHA, 505 SSL3_CK_FZA_DMS_FZA_SHA,
506 SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3, 506 SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
507 SSL_NOT_EXP, 507 SSL_NOT_EXP|SSL_STRONG_NONE,
508 0, 508 0,
509 0, 509 0,
510 0, 510 0,
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
index 43e8502b66..6ccea9aee5 100644
--- a/src/lib/libssl/src/ssl/s3_pkt.c
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -112,9 +112,9 @@
112#include <stdio.h> 112#include <stdio.h>
113#include <errno.h> 113#include <errno.h>
114#define USE_SOCKETS 114#define USE_SOCKETS
115#include "ssl_locl.h"
115#include <openssl/evp.h> 116#include <openssl/evp.h>
116#include <openssl/buffer.h> 117#include <openssl/buffer.h>
117#include "ssl_locl.h"
118 118
119static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, 119static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
120 unsigned int len, int create_empty_fragment); 120 unsigned int len, int create_empty_fragment);
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 99b6a86983..782b57f57a 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -114,15 +114,16 @@
114 114
115 115
116#include <stdio.h> 116#include <stdio.h>
117#include "ssl_locl.h"
118#include "kssl_lcl.h"
117#include <openssl/buffer.h> 119#include <openssl/buffer.h>
118#include <openssl/rand.h> 120#include <openssl/rand.h>
119#include <openssl/objects.h> 121#include <openssl/objects.h>
120#include <openssl/evp.h> 122#include <openssl/evp.h>
121#include <openssl/x509.h> 123#include <openssl/x509.h>
122#include <openssl/krb5_asn.h> 124#include <openssl/krb5_asn.h>
123#include "ssl_locl.h"
124#include "kssl_lcl.h"
125#include <openssl/md5.h> 125#include <openssl/md5.h>
126#include "cryptlib.h"
126 127
127static SSL_METHOD *ssl3_get_server_method(int ver); 128static SSL_METHOD *ssl3_get_server_method(int ver);
128static int ssl3_get_client_hello(SSL *s); 129static int ssl3_get_client_hello(SSL *s);
@@ -964,6 +965,7 @@ static int ssl3_send_server_hello(SSL *s)
964 s->session->session_id_length=0; 965 s->session->session_id_length=0;
965 966
966 sl=s->session->session_id_length; 967 sl=s->session->session_id_length;
968 die(sl <= sizeof s->session->session_id);
967 *(p++)=sl; 969 *(p++)=sl;
968 memcpy(p,s->session->session_id,sl); 970 memcpy(p,s->session->session_id,sl);
969 p+=sl; 971 p+=sl;
@@ -1559,8 +1561,8 @@ static int ssl3_get_client_key_exchange(SSL *s)
1559 EVP_CIPHER *enc = NULL; 1561 EVP_CIPHER *enc = NULL;
1560 unsigned char iv[EVP_MAX_IV_LENGTH]; 1562 unsigned char iv[EVP_MAX_IV_LENGTH];
1561 unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH 1563 unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH
1562 + EVP_MAX_IV_LENGTH + 1]; 1564 + EVP_MAX_BLOCK_LENGTH];
1563 int padl, outl = sizeof(pms); 1565 int padl, outl;
1564 krb5_timestamp authtime = 0; 1566 krb5_timestamp authtime = 0;
1565 krb5_ticket_times ttimes; 1567 krb5_ticket_times ttimes;
1566 1568
@@ -1583,6 +1585,16 @@ static int ssl3_get_client_key_exchange(SSL *s)
1583 enc_pms.data = (char *)p; 1585 enc_pms.data = (char *)p;
1584 p+=enc_pms.length; 1586 p+=enc_pms.length;
1585 1587
1588 /* Note that the length is checked again below,
1589 ** after decryption
1590 */
1591 if(enc.pms_length > sizeof pms)
1592 {
1593 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1594 SSL_R_DATA_LENGTH_TOO_LONG);
1595 goto err;
1596 }
1597
1586 if (n != enc_ticket.length + authenticator.length + 1598 if (n != enc_ticket.length + authenticator.length +
1587 enc_pms.length + 6) 1599 enc_pms.length + 6)
1588 { 1600 {
diff --git a/src/lib/libssl/src/ssl/ssl-lib.com b/src/lib/libssl/src/ssl/ssl-lib.com
index e706ab8e99..1f1921e162 100644
--- a/src/lib/libssl/src/ssl/ssl-lib.com
+++ b/src/lib/libssl/src/ssl/ssl-lib.com
@@ -314,7 +314,7 @@ $ WRITE SYS$OUTPUT "Creating SSL_TASK OSU HTTP SSL Engine."
314$! 314$!
315$! Compile The File. 315$! Compile The File.
316$! 316$!
317$ ON ERROR GOTO SSL_TASK_END 317$ ON ERROR THEN GOTO SSL_TASK_END
318$ CC5/OBJECT='OBJ_DIR'SSL_TASK.OBJ SYS$DISK:[]SSL_TASK.C 318$ CC5/OBJECT='OBJ_DIR'SSL_TASK.OBJ SYS$DISK:[]SSL_TASK.C
319$! 319$!
320$! Link The Program, Check To See If We Need To Link With RSAREF Or Not. 320$! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 833f761690..d9949e8eb2 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -253,7 +253,7 @@ extern "C" {
253#define SSL_TXT_RC4 "RC4" 253#define SSL_TXT_RC4 "RC4"
254#define SSL_TXT_RC2 "RC2" 254#define SSL_TXT_RC2 "RC2"
255#define SSL_TXT_IDEA "IDEA" 255#define SSL_TXT_IDEA "IDEA"
256#define SSL_TXT_AES "AESdraft" /* AES ciphersuites are not yet official (thus excluded from 'ALL') */ 256#define SSL_TXT_AES "AES"
257#define SSL_TXT_MD5 "MD5" 257#define SSL_TXT_MD5 "MD5"
258#define SSL_TXT_SHA1 "SHA1" 258#define SSL_TXT_SHA1 "SHA1"
259#define SSL_TXT_SHA "SHA" 259#define SSL_TXT_SHA "SHA"
@@ -266,6 +266,23 @@ extern "C" {
266#define SSL_TXT_TLSV1 "TLSv1" 266#define SSL_TXT_TLSV1 "TLSv1"
267#define SSL_TXT_ALL "ALL" 267#define SSL_TXT_ALL "ALL"
268 268
269/*
270 * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
271 * ciphers normally not being used.
272 * Example: "RC4" will activate all ciphers using RC4 including ciphers
273 * without authentication, which would normally disabled by DEFAULT (due
274 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
275 * will make sure that it is also disabled in the specific selection.
276 * COMPLEMENTOF* identifiers are portable between version, as adjustments
277 * to the default cipher setup will also be included here.
278 *
279 * COMPLEMENTOFDEFAULT does not experience the same special treatment that
280 * DEFAULT gets, as only selection is being done and no sorting as needed
281 * for DEFAULT.
282 */
283#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
284#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
285
269/* The following cipher list is used by default. 286/* The following cipher list is used by default.
270 * It also is substituted when an application-defined cipher list string 287 * It also is substituted when an application-defined cipher list string
271 * starts with 'DEFAULT'. */ 288 * starts with 'DEFAULT'. */
@@ -429,6 +446,7 @@ typedef struct ssl_session_st
429 struct ssl_session_st *prev,*next; 446 struct ssl_session_st *prev,*next;
430 } SSL_SESSION; 447 } SSL_SESSION;
431 448
449
432#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L 450#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
433#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L 451#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
434#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L 452#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
@@ -439,6 +457,19 @@ typedef struct ssl_session_st
439#define SSL_OP_TLS_D5_BUG 0x00000100L 457#define SSL_OP_TLS_D5_BUG 0x00000100L
440#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L 458#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
441 459
460/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
461 * in OpenSSL 0.9.6d. Usually (depending on the application protocol)
462 * the workaround is not needed. Unfortunately some broken SSL/TLS
463 * implementations cannot handle it at all, which is why we include
464 * it in SSL_OP_ALL. */
465#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in 0.9.6e */
466
467/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
468 * This used to be 0x000FFFFFL before 0.9.7. */
469#define SSL_OP_ALL 0x00000FFFL
470
471/* As server, disallow session resumption on renegotiation */
472#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
442/* If set, always create a new key when using tmp_dh parameters */ 473/* If set, always create a new key when using tmp_dh parameters */
443#define SSL_OP_SINGLE_DH_USE 0x00100000L 474#define SSL_OP_SINGLE_DH_USE 0x00100000L
444/* Set to always use the tmp_rsa key when doing RSA operations, 475/* Set to always use the tmp_rsa key when doing RSA operations,
@@ -452,8 +483,10 @@ typedef struct ssl_session_st
452 * (version 3.1) was announced in the client hello. Normally this is 483 * (version 3.1) was announced in the client hello. Normally this is
453 * forbidden to prevent version rollback attacks. */ 484 * forbidden to prevent version rollback attacks. */
454#define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L 485#define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
455/* As server, disallow session resumption on renegotiation */ 486
456#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x01000000L 487#define SSL_OP_NO_SSLv2 0x01000000L
488#define SSL_OP_NO_SSLv3 0x02000000L
489#define SSL_OP_NO_TLSv1 0x04000000L
457 490
458/* The next flag deliberately changes the ciphertest, this is a check 491/* The next flag deliberately changes the ciphertest, this is a check
459 * for the PKCS#1 attack */ 492 * for the PKCS#1 attack */
@@ -461,11 +494,7 @@ typedef struct ssl_session_st
461#define SSL_OP_PKCS1_CHECK_2 0x10000000L 494#define SSL_OP_PKCS1_CHECK_2 0x10000000L
462#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L 495#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
463#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L 496#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
464#define SSL_OP_ALL 0x000FFFFFL
465 497
466#define SSL_OP_NO_SSLv2 0x01000000L
467#define SSL_OP_NO_SSLv3 0x02000000L
468#define SSL_OP_NO_TLSv1 0x04000000L
469 498
470/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success 499/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
471 * when just a single record has been written): */ 500 * when just a single record has been written): */
@@ -479,6 +508,7 @@ typedef struct ssl_session_st
479 * is blocking: */ 508 * is blocking: */
480#define SSL_MODE_AUTO_RETRY 0x00000004L 509#define SSL_MODE_AUTO_RETRY 0x00000004L
481 510
511
482/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, 512/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
483 * they cannot be used to clear bits. */ 513 * they cannot be used to clear bits. */
484 514
@@ -1637,6 +1667,7 @@ void ERR_load_SSL_strings(void);
1637#define SSL_R_INVALID_COMMAND 280 1667#define SSL_R_INVALID_COMMAND 280
1638#define SSL_R_INVALID_PURPOSE 278 1668#define SSL_R_INVALID_PURPOSE 278
1639#define SSL_R_INVALID_TRUST 279 1669#define SSL_R_INVALID_TRUST 279
1670#define SSL_R_KEY_ARG_TOO_LONG 1112
1640#define SSL_R_KRB5 1104 1671#define SSL_R_KRB5 1104
1641#define SSL_R_KRB5_C_CC_PRINC 1094 1672#define SSL_R_KRB5_C_CC_PRINC 1094
1642#define SSL_R_KRB5_C_GET_CRED 1095 1673#define SSL_R_KRB5_C_GET_CRED 1095
@@ -1716,6 +1747,7 @@ void ERR_load_SSL_strings(void);
1716#define SSL_R_SHORT_READ 219 1747#define SSL_R_SHORT_READ 219
1717#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 1748#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
1718#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 1749#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
1750#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113
1719#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 1751#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
1720#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 1752#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
1721#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 1753#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c
index c5eeeb6bc5..1638c6b525 100644
--- a/src/lib/libssl/src/ssl/ssl_asn1.c
+++ b/src/lib/libssl/src/ssl/ssl_asn1.c
@@ -58,10 +58,11 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <stdlib.h> 60#include <stdlib.h>
61#include "ssl_locl.h"
61#include <openssl/asn1_mac.h> 62#include <openssl/asn1_mac.h>
62#include <openssl/objects.h> 63#include <openssl/objects.h>
63#include <openssl/x509.h> 64#include <openssl/x509.h>
64#include "ssl_locl.h" 65#include "cryptlib.h"
65 66
66typedef struct ssl_session_asn1_st 67typedef struct ssl_session_asn1_st
67 { 68 {
@@ -296,6 +297,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
296 os.length=i; 297 os.length=i;
297 298
298 ret->session_id_length=os.length; 299 ret->session_id_length=os.length;
300 die(os.length <= sizeof ret->session_id);
299 memcpy(ret->session_id,os.data,os.length); 301 memcpy(ret->session_id,os.data,os.length);
300 302
301 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); 303 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c
index cdd8dde128..37f58886a6 100644
--- a/src/lib/libssl/src/ssl/ssl_ciph.c
+++ b/src/lib/libssl/src/ssl/ssl_ciph.c
@@ -100,9 +100,10 @@ typedef struct cipher_order_st
100 } CIPHER_ORDER; 100 } CIPHER_ORDER;
101 101
102static const SSL_CIPHER cipher_aliases[]={ 102static const SSL_CIPHER cipher_aliases[]={
103 /* Don't include eNULL unless specifically enabled. 103 /* Don't include eNULL unless specifically enabled. */
104 * Similarly, don't include AES in ALL because these ciphers are not yet official. */ 104 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
105 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_AES, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ 105 {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */
106 {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
106 {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ 107 {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */
107 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, 108 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
108 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, 109 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
@@ -999,10 +1000,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
999 case SSL_AES: 1000 case SSL_AES:
1000 switch(cipher->strength_bits) 1001 switch(cipher->strength_bits)
1001 { 1002 {
1002 case 128: enc="AESdraft(128)"; break; 1003 case 128: enc="AES(128)"; break;
1003 case 192: enc="AESdraft(192)"; break; 1004 case 192: enc="AES(192)"; break;
1004 case 256: enc="AESdraft(256)"; break; 1005 case 256: enc="AES(256)"; break;
1005 default: enc="AESdraft(?""?""?)"; break; 1006 default: enc="AES(?""?""?)"; break;
1006 } 1007 }
1007 break; 1008 break;
1008 default: 1009 default:
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c
index c32c4ef6e9..0cad32c855 100644
--- a/src/lib/libssl/src/ssl/ssl_err.c
+++ b/src/lib/libssl/src/ssl/ssl_err.c
@@ -1,6 +1,6 @@
1/* ssl/ssl_err.c */ 1/* ssl/ssl_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -275,6 +275,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
275{SSL_R_INVALID_COMMAND ,"invalid command"}, 275{SSL_R_INVALID_COMMAND ,"invalid command"},
276{SSL_R_INVALID_PURPOSE ,"invalid purpose"}, 276{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
277{SSL_R_INVALID_TRUST ,"invalid trust"}, 277{SSL_R_INVALID_TRUST ,"invalid trust"},
278{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"},
278{SSL_R_KRB5 ,"krb5"}, 279{SSL_R_KRB5 ,"krb5"},
279{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"}, 280{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"},
280{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"}, 281{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"},
@@ -354,6 +355,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
354{SSL_R_SHORT_READ ,"short read"}, 355{SSL_R_SHORT_READ ,"short read"},
355{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, 356{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
356{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, 357{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
358{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"},
357{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, 359{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
358{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, 360{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
359{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, 361{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index df307a80c5..ab172aeaec 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -116,11 +116,11 @@
116# include <assert.h> 116# include <assert.h>
117#endif 117#endif
118#include <stdio.h> 118#include <stdio.h>
119#include "ssl_locl.h"
120#include "kssl_lcl.h"
119#include <openssl/objects.h> 121#include <openssl/objects.h>
120#include <openssl/lhash.h> 122#include <openssl/lhash.h>
121#include <openssl/x509v3.h> 123#include <openssl/x509v3.h>
122#include "ssl_locl.h"
123#include "kssl_lcl.h"
124 124
125const char *SSL_version_str=OPENSSL_VERSION_TEXT; 125const char *SSL_version_str=OPENSSL_VERSION_TEXT;
126 126
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 17e9bef832..fe4ac839cf 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -293,16 +293,17 @@
293#define SSL_NOT_EXP 0x00000001L 293#define SSL_NOT_EXP 0x00000001L
294#define SSL_EXPORT 0x00000002L 294#define SSL_EXPORT 0x00000002L
295 295
296#define SSL_STRONG_MASK 0x0000007cL 296#define SSL_STRONG_MASK 0x000000fcL
297#define SSL_EXP40 0x00000004L 297#define SSL_STRONG_NONE 0x00000004L
298#define SSL_EXP40 0x00000008L
298#define SSL_MICRO (SSL_EXP40) 299#define SSL_MICRO (SSL_EXP40)
299#define SSL_EXP56 0x00000008L 300#define SSL_EXP56 0x00000010L
300#define SSL_MINI (SSL_EXP56) 301#define SSL_MINI (SSL_EXP56)
301#define SSL_LOW 0x00000010L 302#define SSL_LOW 0x00000020L
302#define SSL_MEDIUM 0x00000020L 303#define SSL_MEDIUM 0x00000040L
303#define SSL_HIGH 0x00000040L 304#define SSL_HIGH 0x00000080L
304 305
305/* we have used 0000007f - 25 bits left to go */ 306/* we have used 000000ff - 24 bits left to go */
306 307
307/* 308/*
308 * Macros to check the export status and cipher strength for export ciphers. 309 * Macros to check the export status and cipher strength for export ciphers.
diff --git a/src/lib/libssl/src/ssl/ssl_rsa.c b/src/lib/libssl/src/ssl/ssl_rsa.c
index 1cf8e20934..03828b6632 100644
--- a/src/lib/libssl/src/ssl/ssl_rsa.c
+++ b/src/lib/libssl/src/ssl/ssl_rsa.c
@@ -57,12 +57,12 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "ssl_locl.h"
60#include <openssl/bio.h> 61#include <openssl/bio.h>
61#include <openssl/objects.h> 62#include <openssl/objects.h>
62#include <openssl/evp.h> 63#include <openssl/evp.h>
63#include <openssl/x509.h> 64#include <openssl/x509.h>
64#include <openssl/pem.h> 65#include <openssl/pem.h>
65#include "ssl_locl.h"
66 66
67static int ssl_set_cert(CERT *c, X509 *x509); 67static int ssl_set_cert(CERT *c, X509 *x509);
68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); 68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c
index 6424f775e2..8bfc382bb6 100644
--- a/src/lib/libssl/src/ssl/ssl_sess.c
+++ b/src/lib/libssl/src/ssl/ssl_sess.c
@@ -60,6 +60,7 @@
60#include <openssl/lhash.h> 60#include <openssl/lhash.h>
61#include <openssl/rand.h> 61#include <openssl/rand.h>
62#include "ssl_locl.h" 62#include "ssl_locl.h"
63#include "cryptlib.h"
63 64
64static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); 65static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
65static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); 66static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
@@ -250,6 +251,7 @@ int ssl_get_new_session(SSL *s, int session)
250 ss->session_id_length=0; 251 ss->session_id_length=0;
251 } 252 }
252 253
254 die(s->sid_ctx_length <= sizeof ss->sid_ctx);
253 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); 255 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
254 ss->sid_ctx_length=s->sid_ctx_length; 256 ss->sid_ctx_length=s->sid_ctx_length;
255 s->session=ss; 257 s->session=ss;
diff --git a/src/lib/libssl/src/ssl/t1_clnt.c b/src/lib/libssl/src/ssl/t1_clnt.c
index 9745630a00..9ad518f9f4 100644
--- a/src/lib/libssl/src/ssl/t1_clnt.c
+++ b/src/lib/libssl/src/ssl/t1_clnt.c
@@ -57,11 +57,11 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "ssl_locl.h"
60#include <openssl/buffer.h> 61#include <openssl/buffer.h>
61#include <openssl/rand.h> 62#include <openssl/rand.h>
62#include <openssl/objects.h> 63#include <openssl/objects.h>
63#include <openssl/evp.h> 64#include <openssl/evp.h>
64#include "ssl_locl.h"
65 65
66static SSL_METHOD *tls1_get_client_method(int ver); 66static SSL_METHOD *tls1_get_client_method(int ver);
67static SSL_METHOD *tls1_get_client_method(int ver) 67static SSL_METHOD *tls1_get_client_method(int ver)
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
index b80525f3ba..5290bf6665 100644
--- a/src/lib/libssl/src/ssl/t1_enc.c
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -110,10 +110,10 @@
110 */ 110 */
111 111
112#include <stdio.h> 112#include <stdio.h>
113#include "ssl_locl.h"
113#include <openssl/comp.h> 114#include <openssl/comp.h>
114#include <openssl/evp.h> 115#include <openssl/evp.h>
115#include <openssl/hmac.h> 116#include <openssl/hmac.h>
116#include "ssl_locl.h"
117#include <openssl/md5.h> 117#include <openssl/md5.h>
118 118
119static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, 119static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
@@ -483,14 +483,25 @@ printf("\nkey block\n");
483{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); } 483{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
484#endif 484#endif
485 485
486 /* enable vulnerability countermeasure for CBC ciphers with 486 if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
487 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) */ 487 {
488 s->s3->need_empty_fragments = 1; 488 /* enable vulnerability countermeasure for CBC ciphers with
489#ifndef NO_RC4 489 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
490 if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)) 490 */
491 s->s3->need_empty_fragments = 0; 491 s->s3->need_empty_fragments = 1;
492
493 if (s->session->cipher != NULL)
494 {
495 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
496 s->s3->need_empty_fragments = 0;
497
498#ifndef OPENSSL_NO_RC4
499 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
500 s->s3->need_empty_fragments = 0;
492#endif 501#endif
493 502 }
503 }
504
494 return(1); 505 return(1);
495err: 506err:
496 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE); 507 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libssl/src/ssl/t1_srvr.c b/src/lib/libssl/src/ssl/t1_srvr.c
index 996b7ca8e2..6e765e587f 100644
--- a/src/lib/libssl/src/ssl/t1_srvr.c
+++ b/src/lib/libssl/src/ssl/t1_srvr.c
@@ -57,12 +57,12 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "ssl_locl.h"
60#include <openssl/buffer.h> 61#include <openssl/buffer.h>
61#include <openssl/rand.h> 62#include <openssl/rand.h>
62#include <openssl/objects.h> 63#include <openssl/objects.h>
63#include <openssl/evp.h> 64#include <openssl/evp.h>
64#include <openssl/x509.h> 65#include <openssl/x509.h>
65#include "ssl_locl.h"
66 66
67static SSL_METHOD *tls1_get_server_method(int ver); 67static SSL_METHOD *tls1_get_server_method(int ver);
68static SSL_METHOD *tls1_get_server_method(int ver) 68static SSL_METHOD *tls1_get_server_method(int ver)
diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h
index 88ec5fb527..38838ea9a5 100644
--- a/src/lib/libssl/src/ssl/tls1.h
+++ b/src/lib/libssl/src/ssl/tls1.h
@@ -96,7 +96,7 @@ extern "C" {
96#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065 96#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
97#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 97#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
98 98
99 /* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */ 99/* AES ciphersuites from RFC3268 */
100 100
101#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F 101#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
102#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 102#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
@@ -126,20 +126,21 @@ extern "C" {
126#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA" 126#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
127#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA" 127#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
128#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA" 128#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
129 /* AES ciphersuites from draft-ietf-tls-ciphersuite-06.txt */ 129
130#define TLS1_TXT_RSA_WITH_AES_128_SHA "AESdraft128-SHA" 130/* AES ciphersuites from RFC3268 */
131#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AESdraft128-SHA" 131#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
132#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AESdraft128-SHA" 132#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
133#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AESdraft128-SHA" 133#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
134#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AESdraft128-SHA" 134#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
135#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AESdraft128-SHA" 135#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
136 136#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
137#define TLS1_TXT_RSA_WITH_AES_256_SHA "AESdraft256-SHA" 137
138#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AESdraft256-SHA" 138#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
139#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AESdraft256-SHA" 139#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
140#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AESdraft256-SHA" 140#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
141#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AESdraft256-SHA" 141#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
142#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AESdraft256-SHA" 142#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
143#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
143 144
144 145
145#define TLS_CT_RSA_SIGN 1 146#define TLS_CT_RSA_SIGN 1
diff --git a/src/lib/libssl/src/test/dummytest.c b/src/lib/libssl/src/test/dummytest.c
new file mode 100644
index 0000000000..f98f003ef9
--- /dev/null
+++ b/src/lib/libssl/src/test/dummytest.c
@@ -0,0 +1,47 @@
1#include <stdio.h>
2#include <stdlib.h>
3#include <string.h>
4#include <ctype.h>
5#include <openssl/e_os2.h>
6#include <openssl/buffer.h>
7#include <openssl/crypto.h>
8
9int main(int argc, char *argv[])
10 {
11 char *p, *q, *program;
12
13 p = strrchr(argv[0], '/');
14 if (!p) p = strrchr(argv[0], '\\');
15#ifdef OPENSSL_SYS_VMS
16 if (!p) p = strrchr(argv[0], ']');
17 if (p) q = strrchr(p, '>');
18 if (q) p = q;
19 if (!p) p = strrchr(argv[0], ':');
20 q = 0;
21#endif
22 if (p) p++;
23 if (!p) p = argv[0];
24 if (p) q = strchr(p, '.');
25 if (p && !q) q = p + strlen(p);
26
27 if (!p)
28 program = BUF_strdup("(unknown)");
29 else
30 {
31 program = OPENSSL_malloc((q - p) + 1);
32 strncpy(program, p, q - p);
33 program[q - p] = '\0';
34 }
35
36 for(p = program; *p; p++)
37 if (islower(*p)) *p = toupper(*p);
38
39 q = strstr(program, "TEST");
40 if (q > p && q[-1] == '_') q--;
41 *q = '\0';
42
43 printf("No %s support\n", program);
44
45 OPENSSL_free(program);
46 return(0);
47 }
diff --git a/src/lib/libssl/src/test/maketests.com b/src/lib/libssl/src/test/maketests.com
index f7ff8fe407..b3bf8bb837 100644
--- a/src/lib/libssl/src/test/maketests.com
+++ b/src/lib/libssl/src/test/maketests.com
@@ -910,7 +910,8 @@ $ ENDIF
910$! 910$!
911$! Time to check the contents, and to make sure we get the correct library. 911$! Time to check the contents, and to make sure we get the correct library.
912$! 912$!
913$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" 913$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
914 .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
914$ THEN 915$ THEN
915$! 916$!
916$! Check to see if SOCKETSHR was chosen 917$! Check to see if SOCKETSHR was chosen
@@ -959,6 +960,32 @@ $! Done with UCX
959$! 960$!
960$ ENDIF 961$ ENDIF
961$! 962$!
963$! Check to see if TCPIP was chosen
964$!
965$ IF P4.EQS."TCPIP"
966$ THEN
967$!
968$! Set the library to use TCPIP (post UCX).
969$!
970$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
971$!
972$! Done with TCPIP
973$!
974$ ENDIF
975$!
976$! Check to see if NONE was chosen
977$!
978$ IF P4.EQS."NONE"
979$ THEN
980$!
981$! Do not use a TCPIP library.
982$!
983$ TCPIP_LIB = ""
984$!
985$! Done with NONE
986$!
987$ ENDIF
988$!
962$! Print info 989$! Print info
963$! 990$!
964$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB 991$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
@@ -974,6 +1001,7 @@ $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:"
974$ WRITE SYS$OUTPUT "" 1001$ WRITE SYS$OUTPUT ""
975$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." 1002$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library."
976$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." 1003$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library."
1004$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library."
977$ WRITE SYS$OUTPUT "" 1005$ WRITE SYS$OUTPUT ""
978$! 1006$!
979$! Time To EXIT. 1007$! Time To EXIT.
diff --git a/src/lib/libssl/src/test/tcrl b/src/lib/libssl/src/test/tcrl
index acaf8f3c47..f71ef7a863 100644
--- a/src/lib/libssl/src/test/tcrl
+++ b/src/lib/libssl/src/test/tcrl
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6cmd='../apps/openssl crl' 10cmd='../apps/openssl crl'
diff --git a/src/lib/libssl/src/test/testca b/src/lib/libssl/src/test/testca
index 88c186b6ab..8215ebb5d1 100644
--- a/src/lib/libssl/src/test/testca
+++ b/src/lib/libssl/src/test/testca
@@ -1,7 +1,11 @@
1#!/bin/sh 1#!/bin/sh
2 2
3SH="/bin/sh" 3SH="/bin/sh"
4PATH=../apps:$PATH 4if test "$OSTYPE" = msdosdjgpp; then
5 PATH=./apps\;../apps\;$PATH
6else
7 PATH=../apps:$PATH
8fi
5export SH PATH 9export SH PATH
6 10
7SSLEAY_CONFIG="-config CAss.cnf" 11SSLEAY_CONFIG="-config CAss.cnf"
diff --git a/src/lib/libssl/src/test/testgen b/src/lib/libssl/src/test/testgen
index 6a4b6b9221..55c496f4bc 100644
--- a/src/lib/libssl/src/test/testgen
+++ b/src/lib/libssl/src/test/testgen
@@ -6,7 +6,11 @@ CA=../certs/testca.pem
6 6
7/bin/rm -f $T.1 $T.2 $T.key 7/bin/rm -f $T.1 $T.2 $T.key
8 8
9PATH=../apps:$PATH; 9if test "$OSTYPE" = msdosdjgpp; then
10 PATH=../apps\;$PATH;
11else
12 PATH=../apps:$PATH;
13fi
10export PATH 14export PATH
11 15
12echo "generating certificate request" 16echo "generating certificate request"
diff --git a/src/lib/libssl/src/test/tpkcs7 b/src/lib/libssl/src/test/tpkcs7
index 15bbba42c0..cf3bd9fadb 100644
--- a/src/lib/libssl/src/test/tpkcs7
+++ b/src/lib/libssl/src/test/tpkcs7
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6cmd='../apps/openssl pkcs7' 10cmd='../apps/openssl pkcs7'
diff --git a/src/lib/libssl/src/test/tpkcs7d b/src/lib/libssl/src/test/tpkcs7d
index 46e5aa2bd6..18f9311b06 100644
--- a/src/lib/libssl/src/test/tpkcs7d
+++ b/src/lib/libssl/src/test/tpkcs7d
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6cmd='../apps/openssl pkcs7' 10cmd='../apps/openssl pkcs7'
diff --git a/src/lib/libssl/src/test/treq b/src/lib/libssl/src/test/treq
index 9f5eb7eea5..47a8273cde 100644
--- a/src/lib/libssl/src/test/treq
+++ b/src/lib/libssl/src/test/treq
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6cmd='../apps/openssl req -config ../apps/openssl.cnf' 10cmd='../apps/openssl req -config ../apps/openssl.cnf'
diff --git a/src/lib/libssl/src/test/trsa b/src/lib/libssl/src/test/trsa
index bd6c07650a..413e2ec0a0 100644
--- a/src/lib/libssl/src/test/trsa
+++ b/src/lib/libssl/src/test/trsa
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6if ../apps/openssl no-rsa; then 10if ../apps/openssl no-rsa; then
diff --git a/src/lib/libssl/src/test/tsid b/src/lib/libssl/src/test/tsid
index 9e0854516c..40a1dfa97c 100644
--- a/src/lib/libssl/src/test/tsid
+++ b/src/lib/libssl/src/test/tsid
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6cmd='../apps/openssl sess_id' 10cmd='../apps/openssl sess_id'
diff --git a/src/lib/libssl/src/test/tx509 b/src/lib/libssl/src/test/tx509
index 35169f3a43..d380963abc 100644
--- a/src/lib/libssl/src/test/tx509
+++ b/src/lib/libssl/src/test/tx509
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=../apps:$PATH 3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
4export PATH 8export PATH
5 9
6cmd='../apps/openssl x509' 10cmd='../apps/openssl x509'
diff --git a/src/lib/libssl/src/tools/c_rehash b/src/lib/libssl/src/tools/c_rehash
index 9fb18674ac..e07dd3fca9 100644
--- a/src/lib/libssl/src/tools/c_rehash
+++ b/src/lib/libssl/src/tools/c_rehash
@@ -1,4 +1,4 @@
1#!/usr/bin/perl 1#!/usr/local/bin/perl5
2 2
3 3
4# Perl c_rehash script, scan all files in a directory 4# Perl c_rehash script, scan all files in a directory
@@ -17,10 +17,10 @@ if(defined $ENV{OPENSSL}) {
17 17
18$ENV{PATH} .= ":$dir/bin"; 18$ENV{PATH} .= ":$dir/bin";
19 19
20if(! -f $openssl) { 20if(! -x $openssl) {
21 my $found = 0; 21 my $found = 0;
22 foreach (split /:/, $ENV{PATH}) { 22 foreach (split /:/, $ENV{PATH}) {
23 if(-f "$_/$openssl") { 23 if(-x "$_/$openssl") {
24 $found = 1; 24 $found = 1;
25 last; 25 last;
26 } 26 }
diff --git a/src/lib/libssl/src/tools/c_rehash.in b/src/lib/libssl/src/tools/c_rehash.in
index 69da98ff2c..5b053406c2 100644
--- a/src/lib/libssl/src/tools/c_rehash.in
+++ b/src/lib/libssl/src/tools/c_rehash.in
@@ -17,10 +17,10 @@ if(defined $ENV{OPENSSL}) {
17 17
18$ENV{PATH} .= ":$dir/bin"; 18$ENV{PATH} .= ":$dir/bin";
19 19
20if(! -f $openssl) { 20if(! -x $openssl) {
21 my $found = 0; 21 my $found = 0;
22 foreach (split /:/, $ENV{PATH}) { 22 foreach (split /:/, $ENV{PATH}) {
23 if(-f "$_/$openssl") { 23 if(-x "$_/$openssl") {
24 $found = 1; 24 $found = 1;
25 last; 25 last;
26 } 26 }
diff --git a/src/lib/libssl/src/util/dirname.pl b/src/lib/libssl/src/util/dirname.pl
new file mode 100644
index 0000000000..d7a66d96ac
--- /dev/null
+++ b/src/lib/libssl/src/util/dirname.pl
@@ -0,0 +1,18 @@
1#!/usr/local/bin/perl
2
3if ($#ARGV < 0) {
4 die "dirname.pl: too few arguments\n";
5} elsif ($#ARGV > 0) {
6 die "dirname.pl: too many arguments\n";
7}
8
9my $d = $ARGV[0];
10
11if ($d =~ m|.*/.*|) {
12 $d =~ s|/[^/]*$||;
13} else {
14 $d = ".";
15}
16
17print $d,"\n";
18exit(0);
diff --git a/src/lib/libssl/src/util/domd b/src/lib/libssl/src/util/domd
index aa99cb0523..8cbe383c16 100644
--- a/src/lib/libssl/src/util/domd
+++ b/src/lib/libssl/src/util/domd
@@ -18,11 +18,11 @@ if [ "$MAKEDEPEND" = "gcc" ]; then
18 sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp 18 sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp
19 echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp 19 echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
20 gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp 20 gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp
21 perl $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new 21 ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
22 rm -f Makefile.tmp 22 rm -f Makefile.tmp
23else 23else
24 ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@ 24 ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@
25 perl $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new 25 ${PERL} $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new
26fi 26fi
27mv Makefile.new Makefile.ssl 27mv Makefile.new Makefile.ssl
28# unfake the presence of Kerberos 28# unfake the presence of Kerberos
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num
index b74749e5de..512185e257 100644
--- a/src/lib/libssl/src/util/libeay.num
+++ b/src/lib/libssl/src/util/libeay.num
@@ -701,7 +701,7 @@ bn_mul_words 707 EXIST::FUNCTION:
701BN_uadd 708 EXIST::FUNCTION: 701BN_uadd 708 EXIST::FUNCTION:
702BN_usub 709 EXIST::FUNCTION: 702BN_usub 709 EXIST::FUNCTION:
703bn_sqr_words 710 EXIST::FUNCTION: 703bn_sqr_words 710 EXIST::FUNCTION:
704_ossl_old_crypt 711 EXIST:!NeXT,!PERL5,!__FreeBSD__:FUNCTION:DES 704_ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES
705d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION: 705d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION:
706d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION: 706d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION:
707d2i_ASN1_HEADER 714 EXIST::FUNCTION: 707d2i_ASN1_HEADER 714 EXIST::FUNCTION:
@@ -984,8 +984,8 @@ BIO_ghbn_ctrl 1003 EXIST::FUNCTION:
984CRYPTO_free_ex_data 1004 EXIST::FUNCTION: 984CRYPTO_free_ex_data 1004 EXIST::FUNCTION:
985CRYPTO_get_ex_data 1005 EXIST::FUNCTION: 985CRYPTO_get_ex_data 1005 EXIST::FUNCTION:
986CRYPTO_set_ex_data 1007 EXIST::FUNCTION: 986CRYPTO_set_ex_data 1007 EXIST::FUNCTION:
987ERR_load_CRYPTO_strings 1009 EXIST:!VMS,!WIN16:FUNCTION: 987ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS,!WIN16:FUNCTION:
988ERR_load_CRYPTOlib_strings 1009 EXIST:VMS,WIN16:FUNCTION: 988ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS,WIN16:FUNCTION:
989EVP_PKEY_bits 1010 EXIST::FUNCTION: 989EVP_PKEY_bits 1010 EXIST::FUNCTION:
990MD5_Transform 1011 EXIST::FUNCTION:MD5 990MD5_Transform 1011 EXIST::FUNCTION:MD5
991SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1 991SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1
@@ -1216,7 +1216,7 @@ name_cmp 1239 EXIST::FUNCTION:
1216str_dup 1240 NOEXIST::FUNCTION: 1216str_dup 1240 NOEXIST::FUNCTION:
1217i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION: 1217i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION:
1218i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION: 1218i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION:
1219BIO_s_log 1243 EXIST:!WIN16,!WIN32,!macintosh:FUNCTION: 1219BIO_s_log 1243 EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION:
1220BIO_f_reliable 1244 EXIST::FUNCTION:BIO 1220BIO_f_reliable 1244 EXIST::FUNCTION:BIO
1221PKCS7_dataFinal 1245 EXIST::FUNCTION: 1221PKCS7_dataFinal 1245 EXIST::FUNCTION:
1222PKCS7_dataDecode 1246 EXIST::FUNCTION: 1222PKCS7_dataDecode 1246 EXIST::FUNCTION:
@@ -2732,8 +2732,8 @@ EC_POINT_point2oct 3178 EXIST::FUNCTION:EC
2732KRB5_APREQ_free 3179 EXIST::FUNCTION: 2732KRB5_APREQ_free 3179 EXIST::FUNCTION:
2733ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: 2733ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
2734ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: 2734ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
2735OCSP_crlID_new 3181 EXIST:!VMS,!WIN16:FUNCTION: 2735OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION:
2736OCSP_crlID2_new 3181 EXIST:VMS,WIN16:FUNCTION: 2736OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION:
2737CONF_modules_load_file 3182 EXIST::FUNCTION: 2737CONF_modules_load_file 3182 EXIST::FUNCTION:
2738CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: 2738CONF_imodule_set_usr_data 3183 EXIST::FUNCTION:
2739ENGINE_set_default_string 3184 EXIST::FUNCTION: 2739ENGINE_set_default_string 3184 EXIST::FUNCTION:
@@ -2774,3 +2774,21 @@ AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES
2774AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES 2774AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES
2775ENGINE_load_4758cca 3218 EXIST::FUNCTION: 2775ENGINE_load_4758cca 3218 EXIST::FUNCTION:
2776_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES 2776_ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES
2777EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES
2778EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES
2779EVP_aes_128_cfb 3222 EXIST::FUNCTION:AES
2780EVP_aes_256_cfb 3223 EXIST::FUNCTION:AES
2781EVP_aes_128_ofb 3224 EXIST::FUNCTION:AES
2782EVP_aes_192_cfb 3225 EXIST::FUNCTION:AES
2783CONF_modules_free 3226 EXIST::FUNCTION:
2784NCONF_default 3227 EXIST::FUNCTION:
2785OPENSSL_no_config 3228 EXIST::FUNCTION:
2786NCONF_WIN32 3229 EXIST::FUNCTION:
2787ASN1_UNIVERSALSTRING_new 3230 EXIST::FUNCTION:
2788EVP_des_ede_ecb 3231 EXIST::FUNCTION:DES
2789i2d_ASN1_UNIVERSALSTRING 3232 EXIST::FUNCTION:
2790ASN1_UNIVERSALSTRING_free 3233 EXIST::FUNCTION:
2791ASN1_UNIVERSALSTRING_it 3234 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
2792ASN1_UNIVERSALSTRING_it 3234 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
2793d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION:
2794EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES
diff --git a/src/lib/libssl/src/util/mk1mf.pl b/src/lib/libssl/src/util/mk1mf.pl
index 8b6b2e668a..c9271bbffe 100644
--- a/src/lib/libssl/src/util/mk1mf.pl
+++ b/src/lib/libssl/src/util/mk1mf.pl
@@ -100,7 +100,7 @@ $out_def="out";
100$inc_def="outinc"; 100$inc_def="outinc";
101$tmp_def="tmp"; 101$tmp_def="tmp";
102 102
103$mkdir="mkdir"; 103$mkdir="-mkdir";
104 104
105($ssl,$crypto)=("ssl","crypto"); 105($ssl,$crypto)=("ssl","crypto");
106$ranlib="echo ranlib"; 106$ranlib="echo ranlib";
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl
index 071036a6d2..adfd447dd3 100644
--- a/src/lib/libssl/src/util/mkdef.pl
+++ b/src/lib/libssl/src/util/mkdef.pl
@@ -43,8 +43,8 @@
43# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found 43# EXPORT_VAR_AS_FUNCTION). This script assumes renaming of symbols is found
44# in the file crypto/symhacks.h. 44# in the file crypto/symhacks.h.
45# The semantics for the platforms is that every item is checked against the 45# The semantics for the platforms is that every item is checked against the
46# enviroment. For the negative items ("!FOO"), if any of them is false 46# environment. For the negative items ("!FOO"), if any of them is false
47# (i.e. "FOO" is true) in the enviroment, the corresponding symbol can't be 47# (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
48# used. For the positive itms, if all of them are false in the environment, 48# used. For the positive itms, if all of them are false in the environment,
49# the corresponding symbol can't be used. Any combination of positive and 49# the corresponding symbol can't be used. Any combination of positive and
50# negative items are possible, and of course leave room for some redundancy. 50# negative items are possible, and of course leave room for some redundancy.
@@ -58,6 +58,7 @@ my $debug=0;
58 58
59my $crypto_num= "util/libeay.num"; 59my $crypto_num= "util/libeay.num";
60my $ssl_num= "util/ssleay.num"; 60my $ssl_num= "util/ssleay.num";
61my $libname;
61 62
62my $do_update = 0; 63my $do_update = 0;
63my $do_rewrite = 1; 64my $do_rewrite = 1;
@@ -73,12 +74,13 @@ my $VMS=0;
73my $W32=0; 74my $W32=0;
74my $W16=0; 75my $W16=0;
75my $NT=0; 76my $NT=0;
77my $OS2=0;
76# Set this to make typesafe STACK definitions appear in DEF 78# Set this to make typesafe STACK definitions appear in DEF
77my $safe_stack_def = 0; 79my $safe_stack_def = 0;
78 80
79my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", 81my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
80 "EXPORT_VAR_AS_FUNCTION" ); 82 "EXPORT_VAR_AS_FUNCTION" );
81my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT" ); 83my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
82my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", 84my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
83 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", 85 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
84 "RIPEMD", 86 "RIPEMD",
@@ -126,11 +128,18 @@ foreach (@ARGV, split(/ /, $options))
126 $VMSAlpha=1; 128 $VMSAlpha=1;
127 } 129 }
128 $VMS=1 if $_ eq "VMS"; 130 $VMS=1 if $_ eq "VMS";
131 $OS2=1 if $_ eq "OS2";
129 132
130 $do_ssl=1 if $_ eq "ssleay"; 133 $do_ssl=1 if $_ eq "ssleay";
131 $do_ssl=1 if $_ eq "ssl"; 134 if ($_ eq "ssl") {
135 $do_ssl=1;
136 $libname=$_
137 }
132 $do_crypto=1 if $_ eq "libeay"; 138 $do_crypto=1 if $_ eq "libeay";
133 $do_crypto=1 if $_ eq "crypto"; 139 if ($_ eq "crypto") {
140 $do_crypto=1;
141 $libname=$_;
142 }
134 $do_update=1 if $_ eq "update"; 143 $do_update=1 if $_ eq "update";
135 $do_rewrite=1 if $_ eq "rewrite"; 144 $do_rewrite=1 if $_ eq "rewrite";
136 $do_ctest=1 if $_ eq "ctest"; 145 $do_ctest=1 if $_ eq "ctest";
@@ -170,8 +179,17 @@ foreach (@ARGV, split(/ /, $options))
170 } 179 }
171 180
172 181
182if (!$libname) {
183 if ($do_ssl) {
184 $libname="SSLEAY";
185 }
186 if ($do_crypto) {
187 $libname="LIBEAY";
188 }
189}
190
173# If no platform is given, assume WIN32 191# If no platform is given, assume WIN32
174if ($W32 + $W16 + $VMS == 0) { 192if ($W32 + $W16 + $VMS + $OS2 == 0) {
175 $W32 = 1; 193 $W32 = 1;
176} 194}
177 195
@@ -182,7 +200,7 @@ if ($W16) {
182 200
183if (!$do_ssl && !$do_crypto) 201if (!$do_ssl && !$do_crypto)
184 { 202 {
185 print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ]\n"; 203 print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n";
186 exit(1); 204 exit(1);
187 } 205 }
188 206
@@ -305,10 +323,10 @@ EOF
305 323
306} else { 324} else {
307 325
308 &print_def_file(*STDOUT,"SSLEAY",*ssl_list,@ssl_symbols) 326 &print_def_file(*STDOUT,$libname,*ssl_list,@ssl_symbols)
309 if $do_ssl == 1; 327 if $do_ssl == 1;
310 328
311 &print_def_file(*STDOUT,"LIBEAY",*crypto_list,@crypto_symbols) 329 &print_def_file(*STDOUT,$libname,*crypto_list,@crypto_symbols)
312 if $do_crypto == 1; 330 if $do_crypto == 1;
313 331
314} 332}
@@ -995,6 +1013,7 @@ sub is_valid
995 if ($keyword eq "WIN32" && $W32) { return 1; } 1013 if ($keyword eq "WIN32" && $W32) { return 1; }
996 if ($keyword eq "WIN16" && $W16) { return 1; } 1014 if ($keyword eq "WIN16" && $W16) { return 1; }
997 if ($keyword eq "WINNT" && $NT) { return 1; } 1015 if ($keyword eq "WINNT" && $NT) { return 1; }
1016 if ($keyword eq "OS2" && $OS2) { return 1; }
998 # Special platforms: 1017 # Special platforms:
999 # EXPORT_VAR_AS_FUNCTION means that global variables 1018 # EXPORT_VAR_AS_FUNCTION means that global variables
1000 # will be represented as functions. This currently 1019 # will be represented as functions. This currently
@@ -1092,24 +1111,27 @@ sub print_def_file
1092{ 1111{
1093 (*OUT,my $name,*nums,my @symbols)=@_; 1112 (*OUT,my $name,*nums,my @symbols)=@_;
1094 my $n = 1; my @e; my @r; my @v; my $prev=""; 1113 my $n = 1; my @e; my @r; my @v; my $prev="";
1114 my $liboptions="";
1095 1115
1096 if ($W32) 1116 if ($W32)
1097 { $name.="32"; } 1117 { $name.="32"; }
1098 else 1118 elsif ($W16)
1099 { $name.="16"; } 1119 { $name.="16"; }
1120 elsif ($OS2)
1121 { $liboptions = "INITINSTANCE\nDATA NONSHARED"; }
1100 1122
1101 print OUT <<"EOF"; 1123 print OUT <<"EOF";
1102; 1124;
1103; Definition file for the DLL version of the $name library from OpenSSL 1125; Definition file for the DLL version of the $name library from OpenSSL
1104; 1126;
1105 1127
1106LIBRARY $name 1128LIBRARY $name $liboptions
1107 1129
1108DESCRIPTION 'OpenSSL $name - http://www.openssl.org/' 1130DESCRIPTION 'OpenSSL $name - http://www.openssl.org/'
1109 1131
1110EOF 1132EOF
1111 1133
1112 if (!$W32) { 1134 if ($W16) {
1113 print <<"EOF"; 1135 print <<"EOF";
1114CODE PRELOAD MOVEABLE 1136CODE PRELOAD MOVEABLE
1115DATA PRELOAD MOVEABLE SINGLE 1137DATA PRELOAD MOVEABLE SINGLE
@@ -1148,10 +1170,10 @@ EOF
1148 print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n"; 1170 print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
1149 } 1171 }
1150 $prev = $s2; # To warn about duplicates... 1172 $prev = $s2; # To warn about duplicates...
1151 if($v) { 1173 if($v && !$OS2) {
1152 printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n; 1174 printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n;
1153 } else { 1175 } else {
1154 printf OUT " %s%-39s @%d\n",($W32)?"":"_",$s2,$n; 1176 printf OUT " %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n;
1155 } 1177 }
1156 } 1178 }
1157 } 1179 }
diff --git a/src/lib/libssl/src/util/mklink.pl b/src/lib/libssl/src/util/mklink.pl
index 9e9c9a5146..9386da7aa4 100644
--- a/src/lib/libssl/src/util/mklink.pl
+++ b/src/lib/libssl/src/util/mklink.pl
@@ -18,10 +18,10 @@
18my $from = shift; 18my $from = shift;
19my @files = @ARGV; 19my @files = @ARGV;
20 20
21my @from_path = split(/\//, $from); 21my @from_path = split(/[\\\/]/, $from);
22my $pwd = `pwd`; 22my $pwd = `pwd`;
23chop($pwd); 23chop($pwd);
24my @pwd_path = split(/\//, $pwd); 24my @pwd_path = split(/[\\\/]/, $pwd);
25 25
26my @to_path = (); 26my @to_path = ();
27 27
@@ -54,7 +54,16 @@ foreach $file (@files) {
54 if ($symlink_exists) { 54 if ($symlink_exists) {
55 symlink("$to/$file", "$from/$file") or $err = " [$!]"; 55 symlink("$to/$file", "$from/$file") or $err = " [$!]";
56 } else { 56 } else {
57 system ("cp", "$file", "$from/$file") and $err = " [$!]"; 57 unlink "$from/$file";
58 open (OLD, "<$file") or die "Can't open $file: $!";
59 open (NEW, ">$from/$file") or die "Can't open $from/$file: $!";
60 binmode(OLD);
61 binmode(NEW);
62 while (<OLD>) {
63 print NEW $_;
64 }
65 close (OLD) or die "Can't close $file: $!";
66 close (NEW) or die "Can't close $from/$file: $!";
58 } 67 }
59 print $file . " => $from/$file$err\n"; 68 print $file . " => $from/$file$err\n";
60} 69}
diff --git a/src/lib/libssl/src/util/pl/BC-32.pl b/src/lib/libssl/src/util/pl/BC-32.pl
index 78d60616a6..bd7a9d9301 100644
--- a/src/lib/libssl/src/util/pl/BC-32.pl
+++ b/src/lib/libssl/src/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $out_def="out32";
18$tmp_def="tmp32"; 18$tmp_def="tmp32";
19$inc_def="inc32"; 19$inc_def="inc32";
20#enable max error messages, disable most common warnings 20#enable max error messages, disable most common warnings
21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 "; 21$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp ";
22if ($debug) 22if ($debug)
23{ 23{
24 $cflags.="-Od -y -v -vi- -D_DEBUG"; 24 $cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -51,9 +51,9 @@ $lfile='';
51$shlib_ex_obj=""; 51$shlib_ex_obj="";
52$app_ex_obj="c0x32.obj"; 52$app_ex_obj="c0x32.obj";
53 53
54$asm='n_o_T_a_s_m'; 54$asm='nasmw';
55$asm.=" /Zi" if $debug; 55$asm.=" /Zi" if $debug;
56$afile='/Fo'; 56$afile='-f obj -o';
57 57
58$bn_mulw_obj=''; 58$bn_mulw_obj='';
59$bn_mulw_src=''; 59$bn_mulw_src='';
@@ -64,24 +64,24 @@ $bf_enc_src='';
64 64
65if (!$no_asm) 65if (!$no_asm)
66 { 66 {
67 $bn_mulw_obj='crypto\bn\asm\bn-win32.obj'; 67 $bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
68 $bn_mulw_src='crypto\bn\asm\bn-win32.asm'; 68 $bn_mulw_src='crypto\bn\asm\bn_win32.asm';
69 $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; 69 $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
70 $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; 70 $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
71 $bf_enc_obj='crypto\bf\asm\b-win32.obj'; 71 $bf_enc_obj='crypto\bf\asm\b_win32.obj';
72 $bf_enc_src='crypto\bf\asm\b-win32.asm'; 72 $bf_enc_src='crypto\bf\asm\b_win32.asm';
73 $cast_enc_obj='crypto\cast\asm\c-win32.obj'; 73 $cast_enc_obj='crypto\cast\asm\c_win32.obj';
74 $cast_enc_src='crypto\cast\asm\c-win32.asm'; 74 $cast_enc_src='crypto\cast\asm\c_win32.asm';
75 $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj'; 75 $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
76 $rc4_enc_src='crypto\rc4\asm\r4-win32.asm'; 76 $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
77 $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj'; 77 $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
78 $rc5_enc_src='crypto\rc5\asm\r5-win32.asm'; 78 $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
79 $md5_asm_obj='crypto\md5\asm\m5-win32.obj'; 79 $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
80 $md5_asm_src='crypto\md5\asm\m5-win32.asm'; 80 $md5_asm_src='crypto\md5\asm\m5_win32.asm';
81 $sha1_asm_obj='crypto\sha\asm\s1-win32.obj'; 81 $sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
82 $sha1_asm_src='crypto\sha\asm\s1-win32.asm'; 82 $sha1_asm_src='crypto\sha\asm\s1_win32.asm';
83 $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj'; 83 $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
84 $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm'; 84 $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
85 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; 85 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
86 } 86 }
87 87
diff --git a/src/lib/libssl/src/util/pl/OS2-EMX.pl b/src/lib/libssl/src/util/pl/OS2-EMX.pl
index 57180556ca..d695dda623 100644
--- a/src/lib/libssl/src/util/pl/OS2-EMX.pl
+++ b/src/lib/libssl/src/util/pl/OS2-EMX.pl
@@ -10,18 +10,20 @@ $rm='rm -f';
10# C compiler stuff 10# C compiler stuff
11 11
12$cc='gcc'; 12$cc='gcc';
13$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmt -Wall "; 13$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall ";
14$cflags.="-Zomf " if $shlib;
15$shl_cflag="-Zdll";
14 16
15if ($debug) { 17if ($debug) {
16 $cflags.="-g "; 18 $cflags.="-g ";
17} 19}
18 20
19$obj='.o'; 21$obj=$shlib ? '.obj' : '.o';
20$ofile='-o '; 22$ofile='-o ';
21 23
22# EXE linking stuff 24# EXE linking stuff
23$link='${CC}'; 25$link='${CC}';
24$lflags='${CFLAGS} -Zbsd-signals'; 26$lflags='${CFLAGS} -Zbsd-signals -s';
25$efile='-o '; 27$efile='-o ';
26$exep='.exe'; 28$exep='.exe';
27$ex_libs="-lsocket"; 29$ex_libs="-lsocket";
@@ -30,12 +32,12 @@ $ex_libs="-lsocket";
30$mklib='ar r'; 32$mklib='ar r';
31$mlflags=''; 33$mlflags='';
32$ranlib="ar s"; 34$ranlib="ar s";
33$plib='lib'; 35$plib='';
34$libp=".a"; 36$libp=$shlib ? ".lib" : ".a";
35$shlibp=".a"; 37$shlibp=$shlib ? ".dll" : ".a";
36$lfile=''; 38$lfile='';
37 39
38$asm='as'; 40$asm=$shlib ? 'as -Zomf' : 'as';
39$afile='-o '; 41$afile='-o ';
40$bn_asm_obj=""; 42$bn_asm_obj="";
41$bn_asm_src=""; 43$bn_asm_src="";
@@ -46,24 +48,32 @@ $bf_enc_src="";
46 48
47if (!$no_asm) 49if (!$no_asm)
48 { 50 {
49 $bn_asm_obj='crypto\bn\asm\bn-os2.o crypto\bn\asm\co-os2.o'; 51 $bn_asm_obj="crypto\\bn\\asm\\bn-os2$obj crypto\\bn\\asm\\co-os2$obj";
50 $bn_asm_src='crypto\bn\asm\bn-os2.asm crypto\bn\asm\co-os2.asm'; 52 $bn_asm_src="crypto\\bn\\asm\\bn-os2.asm crypto\\bn\\asm\\co-os2.asm";
51 $des_enc_obj='crypto\des\asm\d-os2.o crypto\des\asm\y-os2.o'; 53 $des_enc_obj="crypto\\des\\asm\\d-os2$obj crypto\\des\\asm\\y-os2$obj";
52 $des_enc_src='crypto\des\asm\d-os2.asm crypto\des\asm\y-os2.asm'; 54 $des_enc_src="crypto\\des\\asm\\d-os2.asm crypto\\des\\asm\\y-os2.asm";
53 $bf_enc_obj='crypto\bf\asm\b-os2.o'; 55 $bf_enc_obj="crypto\\bf\\asm\\b-os2$obj";
54 $bf_enc_src='crypto\bf\asm\b-os2.asm'; 56 $bf_enc_src="crypto\\bf\\asm\\b-os2.asm";
55 $cast_enc_obj='crypto\cast\asm\c-os2.o'; 57 $cast_enc_obj="crypto\\cast\\asm\\c-os2$obj";
56 $cast_enc_src='crypto\cast\asm\c-os2.asm'; 58 $cast_enc_src="crypto\\cast\\asm\\c-os2.asm";
57 $rc4_enc_obj='crypto\rc4\asm\r4-os2.o'; 59 $rc4_enc_obj="crypto\\rc4\\asm\\r4-os2$obj";
58 $rc4_enc_src='crypto\rc4\asm\r4-os2.asm'; 60 $rc4_enc_src="crypto\\rc4\\asm\\r4-os2.asm";
59 $rc5_enc_obj='crypto\rc5\asm\r5-os2.o'; 61 $rc5_enc_obj="crypto\\rc5\\asm\\r5-os2$obj";
60 $rc5_enc_src='crypto\rc5\asm\r5-os2.asm'; 62 $rc5_enc_src="crypto\\rc5\\asm\\r5-os2.asm";
61 $md5_asm_obj='crypto\md5\asm\m5-os2.o'; 63 $md5_asm_obj="crypto\\md5\\asm\\m5-os2$obj";
62 $md5_asm_src='crypto\md5\asm\m5-os2.asm'; 64 $md5_asm_src="crypto\\md5\\asm\\m5-os2.asm";
63 $sha1_asm_obj='crypto\sha\asm\s1-os2.o'; 65 $sha1_asm_obj="crypto\\sha\\asm\\s1-os2$obj";
64 $sha1_asm_src='crypto\sha\asm\s1-os2.asm'; 66 $sha1_asm_src="crypto\\sha\\asm\\s1-os2.asm";
65 $rmd160_asm_obj='crypto\ripemd\asm\rm-os2.o'; 67 $rmd160_asm_obj="crypto\\ripemd\\asm\\rm-os2$obj";
66 $rmd160_asm_src='crypto\ripemd\asm\rm-os2.asm'; 68 $rmd160_asm_src="crypto\\ripemd\\asm\\rm-os2.asm";
69 }
70
71if ($shlib)
72 {
73 $mlflags.=" $lflags -Zdll";
74 $lib_cflag=" -D_DLL";
75 $out_def="out_dll";
76 $tmp_def="tmp_dll";
67 } 77 }
68 78
69sub do_lib_rule 79sub do_lib_rule
@@ -76,9 +86,20 @@ sub do_lib_rule
76 ($Name=$name) =~ tr/a-z/A-Z/; 86 ($Name=$name) =~ tr/a-z/A-Z/;
77 87
78 $ret.="$target: \$(${Name}OBJ)\n"; 88 $ret.="$target: \$(${Name}OBJ)\n";
79 $ret.="\t\$(RM) $target\n"; 89 if (!$shlib)
80 $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n"; 90 {
81 $ret.="\t\$(RANLIB) $target\n\n"; 91 $ret.="\t\$(RM) $target\n";
92 $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
93 $ret.="\t\$(RANLIB) $target\n\n";
94 }
95 else
96 {
97 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
98 $ex.=' -lsocket';
99 $ret.="\t\$(LINK) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n";
100 $ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n";
101 $ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n";
102 }
82 } 103 }
83 104
84sub do_link_rule 105sub do_link_rule
@@ -89,7 +110,7 @@ sub do_link_rule
89 $file =~ s/\//$o/g if $o ne '/'; 110 $file =~ s/\//$o/g if $o ne '/';
90 $n=&bname($target); 111 $n=&bname($target);
91 $ret.="$target: $files $dep_libs\n"; 112 $ret.="$target: $files $dep_libs\n";
92 $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; 113 $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n";
93 return($ret); 114 return($ret);
94 } 115 }
95 116
diff --git a/src/lib/libssl/src/util/pl/VC-32.pl b/src/lib/libssl/src/util/pl/VC-32.pl
index 50bfb34385..d6e3a11530 100644
--- a/src/lib/libssl/src/util/pl/VC-32.pl
+++ b/src/lib/libssl/src/util/pl/VC-32.pl
@@ -66,24 +66,24 @@ $bf_enc_src='';
66 66
67if (!$no_asm) 67if (!$no_asm)
68 { 68 {
69 $bn_asm_obj='crypto\bn\asm\bn-win32.obj'; 69 $bn_asm_obj='crypto\bn\asm\bn_win32.obj';
70 $bn_asm_src='crypto\bn\asm\bn-win32.asm'; 70 $bn_asm_src='crypto\bn\asm\bn_win32.asm';
71 $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj'; 71 $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
72 $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm'; 72 $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
73 $bf_enc_obj='crypto\bf\asm\b-win32.obj'; 73 $bf_enc_obj='crypto\bf\asm\b_win32.obj';
74 $bf_enc_src='crypto\bf\asm\b-win32.asm'; 74 $bf_enc_src='crypto\bf\asm\b_win32.asm';
75 $cast_enc_obj='crypto\cast\asm\c-win32.obj'; 75 $cast_enc_obj='crypto\cast\asm\c_win32.obj';
76 $cast_enc_src='crypto\cast\asm\c-win32.asm'; 76 $cast_enc_src='crypto\cast\asm\c_win32.asm';
77 $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj'; 77 $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
78 $rc4_enc_src='crypto\rc4\asm\r4-win32.asm'; 78 $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
79 $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj'; 79 $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
80 $rc5_enc_src='crypto\rc5\asm\r5-win32.asm'; 80 $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
81 $md5_asm_obj='crypto\md5\asm\m5-win32.obj'; 81 $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
82 $md5_asm_src='crypto\md5\asm\m5-win32.asm'; 82 $md5_asm_src='crypto\md5\asm\m5_win32.asm';
83 $sha1_asm_obj='crypto\sha\asm\s1-win32.obj'; 83 $sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
84 $sha1_asm_src='crypto\sha\asm\s1-win32.asm'; 84 $sha1_asm_src='crypto\sha\asm\s1_win32.asm';
85 $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj'; 85 $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
86 $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm'; 86 $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
87 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; 87 $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
88 } 88 }
89 89
diff --git a/src/lib/libssl/src/util/pod2mantest b/src/lib/libssl/src/util/pod2mantest
index 79aefafac0..e01c6192a7 100644
--- a/src/lib/libssl/src/util/pod2mantest
+++ b/src/lib/libssl/src/util/pod2mantest
@@ -11,9 +11,10 @@
11 11
12 12
13IFS=: 13IFS=:
14try_without_dir=true 14if test "$OSTYPE" = "msdosdjgpp"; then IFS=";"; fi
15try_without_dir=false
15# First we try "pod2man", then "$dir/pod2man" for each item in $PATH. 16# First we try "pod2man", then "$dir/pod2man" for each item in $PATH.
16for dir in dummy:$PATH; do 17for dir in dummy${IFS}$PATH; do
17 if [ "$try_without_dir" = true ]; then 18 if [ "$try_without_dir" = true ]; then
18 # first iteration 19 # first iteration
19 pod2man=pod2man 20 pod2man=pod2man
@@ -47,7 +48,7 @@ done
47echo "No working pod2man found. Consider installing a new version." >&2 48echo "No working pod2man found. Consider installing a new version." >&2
48if [ "$1" = ignore ]; then 49if [ "$1" = ignore ]; then
49 echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2 50 echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2
50 echo "util/pod2man.pl" 51 echo "../../util/pod2man.pl"
51 exit 0 52 exit 0
52fi 53fi
53exit 1 54exit 1
diff --git a/src/lib/libssl/src/util/point.sh b/src/lib/libssl/src/util/point.sh
index 47543c88e2..ce7dcc56df 100644
--- a/src/lib/libssl/src/util/point.sh
+++ b/src/lib/libssl/src/util/point.sh
@@ -1,6 +1,10 @@
1#!/bin/sh 1#!/bin/sh
2 2
3rm -f $2 3rm -f $2
4ln -s $1 $2 4if test "$OSTYPE" = msdosdjgpp; then
5 cp $1 $2
6else
7 ln -s $1 $2
8fi
5echo "$2 => $1" 9echo "$2 => $1"
6 10
diff --git a/src/lib/libssl/test/dummytest.c b/src/lib/libssl/test/dummytest.c
new file mode 100644
index 0000000000..f98f003ef9
--- /dev/null
+++ b/src/lib/libssl/test/dummytest.c
@@ -0,0 +1,47 @@
1#include <stdio.h>
2#include <stdlib.h>
3#include <string.h>
4#include <ctype.h>
5#include <openssl/e_os2.h>
6#include <openssl/buffer.h>
7#include <openssl/crypto.h>
8
9int main(int argc, char *argv[])
10 {
11 char *p, *q, *program;
12
13 p = strrchr(argv[0], '/');
14 if (!p) p = strrchr(argv[0], '\\');
15#ifdef OPENSSL_SYS_VMS
16 if (!p) p = strrchr(argv[0], ']');
17 if (p) q = strrchr(p, '>');
18 if (q) p = q;
19 if (!p) p = strrchr(argv[0], ':');
20 q = 0;
21#endif
22 if (p) p++;
23 if (!p) p = argv[0];
24 if (p) q = strchr(p, '.');
25 if (p && !q) q = p + strlen(p);
26
27 if (!p)
28 program = BUF_strdup("(unknown)");
29 else
30 {
31 program = OPENSSL_malloc((q - p) + 1);
32 strncpy(program, p, q - p);
33 program[q - p] = '\0';
34 }
35
36 for(p = program; *p; p++)
37 if (islower(*p)) *p = toupper(*p);
38
39 q = strstr(program, "TEST");
40 if (q > p && q[-1] == '_') q--;
41 *q = '\0';
42
43 printf("No %s support\n", program);
44
45 OPENSSL_free(program);
46 return(0);
47 }
diff --git a/src/lib/libssl/test/maketests.com b/src/lib/libssl/test/maketests.com
index f7ff8fe407..b3bf8bb837 100644
--- a/src/lib/libssl/test/maketests.com
+++ b/src/lib/libssl/test/maketests.com
@@ -910,7 +910,8 @@ $ ENDIF
910$! 910$!
911$! Time to check the contents, and to make sure we get the correct library. 911$! Time to check the contents, and to make sure we get the correct library.
912$! 912$!
913$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" 913$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
914 .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
914$ THEN 915$ THEN
915$! 916$!
916$! Check to see if SOCKETSHR was chosen 917$! Check to see if SOCKETSHR was chosen
@@ -959,6 +960,32 @@ $! Done with UCX
959$! 960$!
960$ ENDIF 961$ ENDIF
961$! 962$!
963$! Check to see if TCPIP was chosen
964$!
965$ IF P4.EQS."TCPIP"
966$ THEN
967$!
968$! Set the library to use TCPIP (post UCX).
969$!
970$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
971$!
972$! Done with TCPIP
973$!
974$ ENDIF
975$!
976$! Check to see if NONE was chosen
977$!
978$ IF P4.EQS."NONE"
979$ THEN
980$!
981$! Do not use a TCPIP library.
982$!
983$ TCPIP_LIB = ""
984$!
985$! Done with NONE
986$!
987$ ENDIF
988$!
962$! Print info 989$! Print info
963$! 990$!
964$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB 991$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
@@ -974,6 +1001,7 @@ $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:"
974$ WRITE SYS$OUTPUT "" 1001$ WRITE SYS$OUTPUT ""
975$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." 1002$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library."
976$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." 1003$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library."
1004$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library."
977$ WRITE SYS$OUTPUT "" 1005$ WRITE SYS$OUTPUT ""
978$! 1006$!
979$! Time To EXIT. 1007$! Time To EXIT.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 22:50:01 +0000