summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
authormarkus <>2004-04-08 08:03:15 +0000
committermarkus <>2004-04-08 08:03:15 +0000
commit40d673554117d24c9f46be721235d3e302c06e04 (patch)
tree341e7f38b840f3e503afb6e471123c0f2ba082c3 /src/lib/libc
parentcbf88de39286be06cd20e0c65b6cb7633dce25a5 (diff)
downloadopenbsd-40d673554117d24c9f46be721235d3e302c06e04.tar.gz
openbsd-40d673554117d24c9f46be721235d3e302c06e04.tar.bz2
openbsd-40d673554117d24c9f46be721235d3e302c06e04.zip
merge 0.9.7d
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/Makefile.ssl4
-rw-r--r--src/lib/libcrypto/aes/aes_cbc.c2
-rw-r--r--src/lib/libcrypto/asn1/a_gentm.c6
-rw-r--r--src/lib/libcrypto/asn1/a_mbstr.c4
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c2
-rw-r--r--src/lib/libcrypto/asn1/a_time.c6
-rw-r--r--src/lib/libcrypto/asn1/a_utctm.c6
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c4
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c6
-rw-r--r--src/lib/libcrypto/asn1/asn_moid.c9
-rw-r--r--src/lib/libcrypto/asn1/t_pkey.c4
-rw-r--r--src/lib/libcrypto/bf/Makefile.ssl1
-rw-r--r--src/lib/libcrypto/bio/b_dump.c24
-rw-r--r--src/lib/libcrypto/bio/b_print.c12
-rw-r--r--src/lib/libcrypto/bio/b_sock.c12
-rw-r--r--src/lib/libcrypto/bio/bio_cb.c30
-rw-r--r--src/lib/libcrypto/bio/bss_conn.c6
-rw-r--r--src/lib/libcrypto/bio/bss_file.c10
-rw-r--r--src/lib/libcrypto/bn/Makefile.ssl3
-rw-r--r--src/lib/libcrypto/bn/asm/bn-586.pl2
-rw-r--r--src/lib/libcrypto/bn/bn_lcl.h17
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c8
-rw-r--r--src/lib/libcrypto/bn/bn_print.c4
-rw-r--r--src/lib/libcrypto/cast/Makefile.ssl1
-rw-r--r--src/lib/libcrypto/conf/conf_def.c6
-rw-r--r--src/lib/libcrypto/conf/conf_mod.c12
-rw-r--r--src/lib/libcrypto/cversion.c6
-rw-r--r--src/lib/libcrypto/des/Makefile.ssl28
-rw-r--r--src/lib/libcrypto/des/cfb_enc.c21
-rw-r--r--src/lib/libcrypto/des/ecb_enc.c5
-rw-r--r--src/lib/libcrypto/doc/EVP_BytesToKey.pod2
-rw-r--r--src/lib/libcrypto/doc/EVP_DigestInit.pod2
-rw-r--r--src/lib/libcrypto/doc/d2i_RSAPublicKey.pod5
-rw-r--r--src/lib/libcrypto/dso/dso_lib.c4
-rw-r--r--src/lib/libcrypto/ec/ecp_smpl.c2
-rw-r--r--src/lib/libcrypto/engine/eng_ctrl.c14
-rw-r--r--src/lib/libcrypto/engine/eng_fat.c6
-rw-r--r--src/lib/libcrypto/engine/engine.h27
-rw-r--r--src/lib/libcrypto/engine/hw_cryptodev.c5
-rw-r--r--src/lib/libcrypto/err/err.c2
-rw-r--r--src/lib/libcrypto/evp/digest.c15
-rw-r--r--src/lib/libcrypto/evp/evp.h2
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c14
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c2
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c2
-rw-r--r--src/lib/libcrypto/mem.c8
-rw-r--r--src/lib/libcrypto/mem_dbg.c16
-rw-r--r--src/lib/libcrypto/objects/obj_dat.c4
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_ext.c24
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_lib.c1
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_vfy.c6
-rw-r--r--src/lib/libcrypto/opensslv.h4
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c19
-rw-r--r--src/lib/libcrypto/pem/pem_pkey.c4
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c58
-rw-r--r--src/lib/libcrypto/rand/Makefile.ssl8
-rw-r--r--src/lib/libcrypto/rand/rand_egd.c3
-rw-r--r--src/lib/libcrypto/rand/rand_win.c2
-rw-r--r--src/lib/libcrypto/rand/randfile.c22
-rw-r--r--src/lib/libcrypto/rc4/Makefile.ssl1
-rw-r--r--src/lib/libcrypto/rc5/Makefile.ssl1
-rw-r--r--src/lib/libcrypto/ripemd/Makefile.ssl1
-rw-r--r--src/lib/libcrypto/sha/Makefile.ssl1
-rw-r--r--src/lib/libcrypto/sha/asm/sha1-586.pl291
-rw-r--r--src/lib/libcrypto/threads/mttest.c2
-rw-r--r--src/lib/libcrypto/ui/ui_lib.c14
-rw-r--r--src/lib/libcrypto/util/mk1mf.pl2
-rw-r--r--src/lib/libcrypto/util/mkdef.pl38
-rw-r--r--src/lib/libcrypto/util/pl/OS2-EMX.pl42
-rw-r--r--src/lib/libcrypto/x509/by_dir.c34
-rw-r--r--src/lib/libcrypto/x509/x509.h4
-rw-r--r--src/lib/libcrypto/x509/x509_txt.c8
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c55
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.h19
-rw-r--r--src/lib/libcrypto/x509/x509type.c2
-rw-r--r--src/lib/libcrypto/x509v3/v3_alt.c4
-rw-r--r--src/lib/libcrypto/x509v3/v3_crld.c2
-rw-r--r--src/lib/libcrypto/x509v3/v3_info.c6
-rw-r--r--src/lib/libcrypto/x509v3/v3_purp.c5
79 files changed, 573 insertions, 503 deletions
diff --git a/src/lib/libcrypto/Makefile.ssl b/src/lib/libcrypto/Makefile.ssl
index 3071e3cb86..b9951a4600 100644
--- a/src/lib/libcrypto/Makefile.ssl
+++ b/src/lib/libcrypto/Makefile.ssl
@@ -50,7 +50,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER)
50top: 50top:
51 @(cd ..; $(MAKE) DIRS=$(DIR) all) 51 @(cd ..; $(MAKE) DIRS=$(DIR) all)
52 52
53all: buildinf.h lib subdirs shared 53all: shared
54 54
55buildinf.h: ../Makefile.ssl 55buildinf.h: ../Makefile.ssl
56 ( echo "#ifndef MK1MF_BUILD"; \ 56 ( echo "#ifndef MK1MF_BUILD"; \
@@ -96,7 +96,7 @@ lib: $(LIBOBJ)
96 $(RANLIB) $(LIB) || echo Never mind. 96 $(RANLIB) $(LIB) || echo Never mind.
97 @touch lib 97 @touch lib
98 98
99shared: 99shared: buildinf.h lib subdirs
100 if [ -n "$(SHARED_LIBS)" ]; then \ 100 if [ -n "$(SHARED_LIBS)" ]; then \
101 (cd ..; $(MAKE) $(SHARED_LIB)); \ 101 (cd ..; $(MAKE) $(SHARED_LIB)); \
102 fi 102 fi
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c
index 86b27b10d6..1222a21002 100644
--- a/src/lib/libcrypto/aes/aes_cbc.c
+++ b/src/lib/libcrypto/aes/aes_cbc.c
@@ -104,7 +104,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
104 memcpy(tmp, in, AES_BLOCK_SIZE); 104 memcpy(tmp, in, AES_BLOCK_SIZE);
105 AES_decrypt(tmp, tmp, key); 105 AES_decrypt(tmp, tmp, key);
106 for(n=0; n < len; ++n) 106 for(n=0; n < len; ++n)
107 out[n] ^= ivec[n]; 107 out[n] = tmp[n] ^ ivec[n];
108 memcpy(ivec, tmp, AES_BLOCK_SIZE); 108 memcpy(ivec, tmp, AES_BLOCK_SIZE);
109 } 109 }
110 } 110 }
diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c
index 48b923de1f..8581007868 100644
--- a/src/lib/libcrypto/asn1/a_gentm.c
+++ b/src/lib/libcrypto/asn1/a_gentm.c
@@ -220,7 +220,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
220 return(NULL); 220 return(NULL);
221 221
222 p=(char *)s->data; 222 p=(char *)s->data;
223 if ((p == NULL) || (s->length < len)) 223 if ((p == NULL) || ((size_t)s->length < len))
224 { 224 {
225 p=OPENSSL_malloc(len); 225 p=OPENSSL_malloc(len);
226 if (p == NULL) return(NULL); 226 if (p == NULL) return(NULL);
@@ -229,8 +229,8 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
229 s->data=(unsigned char *)p; 229 s->data=(unsigned char *)p;
230 } 230 }
231 231
232 snprintf(p,len,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900, 232 BIO_snprintf(p,len,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
233 ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); 233 ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
234 s->length=strlen(p); 234 s->length=strlen(p);
235 s->type=V_ASN1_GENERALIZEDTIME; 235 s->type=V_ASN1_GENERALIZEDTIME;
236#ifdef CHARSET_EBCDIC_not 236#ifdef CHARSET_EBCDIC_not
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
index c811b11776..208b3ec395 100644
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ b/src/lib/libcrypto/asn1/a_mbstr.c
@@ -145,14 +145,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
145 145
146 if((minsize > 0) && (nchar < minsize)) { 146 if((minsize > 0) && (nchar < minsize)) {
147 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT); 147 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
148 snprintf(strbuf, sizeof strbuf, "%ld", minsize); 148 BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
149 ERR_add_error_data(2, "minsize=", strbuf); 149 ERR_add_error_data(2, "minsize=", strbuf);
150 return -1; 150 return -1;
151 } 151 }
152 152
153 if((maxsize > 0) && (nchar > maxsize)) { 153 if((maxsize > 0) && (nchar > maxsize)) {
154 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG); 154 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
155 snprintf(strbuf, sizeof strbuf, "%ld", maxsize); 155 BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
156 ERR_add_error_data(2, "maxsize=", strbuf); 156 ERR_add_error_data(2, "maxsize=", strbuf);
157 return -1; 157 return -1;
158 } 158 }
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index 8abfdfe598..bde666a6ff 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -285,7 +285,7 @@ const static signed char tag2nbyte[] = {
285 -1, -1, 0, -1, /* 10-13 */ 285 -1, -1, 0, -1, /* 10-13 */
286 -1, -1, -1, -1, /* 15-17 */ 286 -1, -1, -1, -1, /* 15-17 */
287 -1, 1, 1, /* 18-20 */ 287 -1, 1, 1, /* 18-20 */
288 -1, 1, -1,-1, /* 21-24 */ 288 -1, 1, 1, 1, /* 21-24 */
289 -1, 1, -1, /* 25-27 */ 289 -1, 1, -1, /* 25-27 */
290 4, -1, 2 /* 28-30 */ 290 4, -1, 2 /* 28-30 */
291}; 291};
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
index b8c031fc8f..159681fbcb 100644
--- a/src/lib/libcrypto/asn1/a_time.c
+++ b/src/lib/libcrypto/asn1/a_time.c
@@ -155,10 +155,10 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
155 newlen = t->length + 2 + 1; 155 newlen = t->length + 2 + 1;
156 str = (char *)ret->data; 156 str = (char *)ret->data;
157 /* Work out the century and prepend */ 157 /* Work out the century and prepend */
158 if (t->data[0] >= '5') strlcpy(str, "19", newlen); 158 if (t->data[0] >= '5') BUF_strlcpy(str, "19", newlen);
159 else strlcpy(str, "20", newlen); 159 else BUF_strlcpy(str, "20", newlen);
160 160
161 strlcat(str, (char *)t->data, newlen); 161 BUF_strlcat(str, (char *)t->data, newlen);
162 162
163 return ret; 163 return ret;
164 } 164 }
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
index 41f6d421bb..999852dae5 100644
--- a/src/lib/libcrypto/asn1/a_utctm.c
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -200,7 +200,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
200 return(NULL); 200 return(NULL);
201 201
202 p=(char *)s->data; 202 p=(char *)s->data;
203 if ((p == NULL) || (s->length < len)) 203 if ((p == NULL) || ((size_t)s->length < len))
204 { 204 {
205 p=OPENSSL_malloc(len); 205 p=OPENSSL_malloc(len);
206 if (p == NULL) return(NULL); 206 if (p == NULL) return(NULL);
@@ -209,8 +209,8 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
209 s->data=(unsigned char *)p; 209 s->data=(unsigned char *)p;
210 } 210 }
211 211
212 snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100, 212 BIO_snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
213 ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); 213 ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
214 s->length=strlen(p); 214 s->length=strlen(p);
215 s->type=V_ASN1_UTCTIME; 215 s->type=V_ASN1_UTCTIME;
216#ifdef CHARSET_EBCDIC_not 216#ifdef CHARSET_EBCDIC_not
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index aed2895400..a74f1368d3 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -414,8 +414,8 @@ void asn1_add_error(unsigned char *address, int offset)
414 { 414 {
415 char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; 415 char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
416 416
417 snprintf(buf1,sizeof buf1,"%lu",(unsigned long)address); 417 BIO_snprintf(buf1,sizeof buf1,"%lu",(unsigned long)address);
418 snprintf(buf2,sizeof buf2,"%d",offset); 418 BIO_snprintf(buf2,sizeof buf2,"%d",offset);
419 ERR_add_error_data(4,"address=",buf1," offset=",buf2); 419 ERR_add_error_data(4,"address=",buf1," offset=",buf2);
420 } 420 }
421 421
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index 1799657141..676d434f03 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -83,11 +83,11 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
83 83
84 p=str; 84 p=str;
85 if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) 85 if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
86 snprintf(str,sizeof str,"priv [ %d ] ",tag); 86 BIO_snprintf(str,sizeof str,"priv [ %d ] ",tag);
87 else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) 87 else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
88 snprintf(str,sizeof str,"cont [ %d ]",tag); 88 BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
89 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 89 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
90 snprintf(str,sizeof str,"appl [ %d ]",tag); 90 BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
91 else p = ASN1_tag2str(tag); 91 else p = ASN1_tag2str(tag);
92 92
93 if (p2 != NULL) 93 if (p2 != NULL)
diff --git a/src/lib/libcrypto/asn1/asn_moid.c b/src/lib/libcrypto/asn1/asn_moid.c
index be20db4bad..edb44c988f 100644
--- a/src/lib/libcrypto/asn1/asn_moid.c
+++ b/src/lib/libcrypto/asn1/asn_moid.c
@@ -87,9 +87,14 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
87 } 87 }
88 } 88 }
89 return 1; 89 return 1;
90} 90 }
91
92static void oid_module_finish(CONF_IMODULE *md)
93 {
94 OBJ_cleanup();
95 }
91 96
92void ASN1_add_oid_module(void) 97void ASN1_add_oid_module(void)
93 { 98 {
94 CONF_module_add("oid_section", oid_module_init, 0); 99 CONF_module_add("oid_section", oid_module_init, oid_module_finish);
95 } 100 }
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
index e1c5e5ae13..d15006e654 100644
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ b/src/lib/libcrypto/asn1/t_pkey.c
@@ -139,9 +139,9 @@ int RSA_print(BIO *bp, const RSA *x, int off)
139 } 139 }
140 140
141 if (x->d == NULL) 141 if (x->d == NULL)
142 snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n)); 142 BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n));
143 else 143 else
144 strlcpy(str,"modulus:",sizeof str); 144 BUF_strlcpy(str,"modulus:",sizeof str);
145 if (!print(bp,str,x->n,m,off)) goto err; 145 if (!print(bp,str,x->n,m,off)) goto err;
146 s=(x->d == NULL)?"Exponent:":"publicExponent:"; 146 s=(x->d == NULL)?"Exponent:":"publicExponent:";
147 if (!print(bp,s,x->e,m,off)) goto err; 147 if (!print(bp,s,x->e,m,off)) goto err;
diff --git a/src/lib/libcrypto/bf/Makefile.ssl b/src/lib/libcrypto/bf/Makefile.ssl
index 7dfdf9d871..be3ad77a05 100644
--- a/src/lib/libcrypto/bf/Makefile.ssl
+++ b/src/lib/libcrypto/bf/Makefile.ssl
@@ -22,6 +22,7 @@ BF_ENC= bf_enc.o
22#DES_ENC= bx86-elf.o 22#DES_ENC= bx86-elf.o
23 23
24CFLAGS= $(INCLUDES) $(CFLAG) 24CFLAGS= $(INCLUDES) $(CFLAG)
25ASFLAGS= $(INCLUDES) $(ASFLAG)
25 26
26GENERAL=Makefile 27GENERAL=Makefile
27TEST=bftest.c 28TEST=bftest.c
diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c
index 983604fb49..f671e722fa 100644
--- a/src/lib/libcrypto/bio/b_dump.c
+++ b/src/lib/libcrypto/bio/b_dump.c
@@ -104,41 +104,41 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
104 for(i=0;i<rows;i++) 104 for(i=0;i<rows;i++)
105 { 105 {
106 buf[0]='\0'; /* start with empty string */ 106 buf[0]='\0'; /* start with empty string */
107 strlcpy(buf,str,sizeof buf); 107 BUF_strlcpy(buf,str,sizeof buf);
108 snprintf(tmp,sizeof tmp,"%04x - ",i*dump_width); 108 BIO_snprintf(tmp,sizeof tmp,"%04x - ",i*dump_width);
109 strlcat(buf,tmp,sizeof buf); 109 BUF_strlcat(buf,tmp,sizeof buf);
110 for(j=0;j<dump_width;j++) 110 for(j=0;j<dump_width;j++)
111 { 111 {
112 if (((i*dump_width)+j)>=len) 112 if (((i*dump_width)+j)>=len)
113 { 113 {
114 strlcat(buf," ",sizeof buf); 114 BUF_strlcat(buf," ",sizeof buf);
115 } 115 }
116 else 116 else
117 { 117 {
118 ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; 118 ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
119 snprintf(tmp,sizeof tmp,"%02x%c",ch, 119 BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch,
120 j==7?'-':' '); 120 j==7?'-':' ');
121 strlcat(buf,tmp,sizeof buf); 121 BUF_strlcat(buf,tmp,sizeof buf);
122 } 122 }
123 } 123 }
124 strlcat(buf," ",sizeof buf); 124 BUF_strlcat(buf," ",sizeof buf);
125 for(j=0;j<dump_width;j++) 125 for(j=0;j<dump_width;j++)
126 { 126 {
127 if (((i*dump_width)+j)>=len) 127 if (((i*dump_width)+j)>=len)
128 break; 128 break;
129 ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; 129 ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
130#ifndef CHARSET_EBCDIC 130#ifndef CHARSET_EBCDIC
131 snprintf(tmp,sizeof tmp,"%c", 131 BIO_snprintf(tmp,sizeof tmp,"%c",
132 ((ch>=' ')&&(ch<='~'))?ch:'.'); 132 ((ch>=' ')&&(ch<='~'))?ch:'.');
133#else 133#else
134 snprintf(tmp,sizeof tmp,"%c", 134 BIO_snprintf(tmp,sizeof tmp,"%c",
135 ((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) 135 ((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
136 ? os_toebcdic[ch] 136 ? os_toebcdic[ch]
137 : '.'); 137 : '.');
138#endif 138#endif
139 strlcat(buf,tmp,sizeof buf); 139 BUF_strlcat(buf,tmp,sizeof buf);
140 } 140 }
141 strlcat(buf,"\n",sizeof buf); 141 BUF_strlcat(buf,"\n",sizeof buf);
142 /* if this is the last call then update the ddt_dump thing so that 142 /* if this is the last call then update the ddt_dump thing so that
143 * we will move the selection point in the debug window 143 * we will move the selection point in the debug window
144 */ 144 */
@@ -147,7 +147,7 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
147#ifdef TRUNCATE 147#ifdef TRUNCATE
148 if (trunc > 0) 148 if (trunc > 0)
149 { 149 {
150 snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str, 150 BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str,
151 len+trunc); 151 len+trunc);
152 ret+=BIO_write(bio,(char *)buf,strlen(buf)); 152 ret+=BIO_write(bio,(char *)buf,strlen(buf));
153 } 153 }
diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c
index 2cfc689dd6..fbff331796 100644
--- a/src/lib/libcrypto/bio/b_print.c
+++ b/src/lib/libcrypto/bio/b_print.c
@@ -576,12 +576,12 @@ abs_val(LDOUBLE value)
576} 576}
577 577
578static LDOUBLE 578static LDOUBLE
579pow10(int exp) 579pow10(int in_exp)
580{ 580{
581 LDOUBLE result = 1; 581 LDOUBLE result = 1;
582 while (exp) { 582 while (in_exp) {
583 result *= 10; 583 result *= 10;
584 exp--; 584 in_exp--;
585 } 585 }
586 return result; 586 return result;
587} 587}
@@ -652,8 +652,8 @@ fmtfp(
652 (caps ? "0123456789ABCDEF" 652 (caps ? "0123456789ABCDEF"
653 : "0123456789abcdef")[intpart % 10]; 653 : "0123456789abcdef")[intpart % 10];
654 intpart = (intpart / 10); 654 intpart = (intpart / 10);
655 } while (intpart && (iplace < sizeof iplace)); 655 } while (intpart && (iplace < sizeof iconvert));
656 if (iplace == sizeof iplace) 656 if (iplace == sizeof iconvert)
657 iplace--; 657 iplace--;
658 iconvert[iplace] = 0; 658 iconvert[iplace] = 0;
659 659
@@ -664,7 +664,7 @@ fmtfp(
664 : "0123456789abcdef")[fracpart % 10]; 664 : "0123456789abcdef")[fracpart % 10];
665 fracpart = (fracpart / 10); 665 fracpart = (fracpart / 10);
666 } while (fplace < max); 666 } while (fplace < max);
667 if (fplace == sizeof fplace) 667 if (fplace == sizeof fconvert)
668 fplace--; 668 fplace--;
669 fconvert[fplace] = 0; 669 fconvert[fplace] = 0;
670 670
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c
index 5282f8a8f7..c851298d1e 100644
--- a/src/lib/libcrypto/bio/b_sock.c
+++ b/src/lib/libcrypto/bio/b_sock.c
@@ -709,12 +709,12 @@ int BIO_accept(int sock, char **addr)
709 } 709 }
710 *addr=p; 710 *addr=p;
711 } 711 }
712 snprintf(*addr,24,"%d.%d.%d.%d:%d", 712 BIO_snprintf(*addr,24,"%d.%d.%d.%d:%d",
713 (unsigned char)(l>>24L)&0xff, 713 (unsigned char)(l>>24L)&0xff,
714 (unsigned char)(l>>16L)&0xff, 714 (unsigned char)(l>>16L)&0xff,
715 (unsigned char)(l>> 8L)&0xff, 715 (unsigned char)(l>> 8L)&0xff,
716 (unsigned char)(l )&0xff, 716 (unsigned char)(l )&0xff,
717 port); 717 port);
718end: 718end:
719 return(ret); 719 return(ret);
720 } 720 }
diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c
index ee9159ebd8..6f4254a114 100644
--- a/src/lib/libcrypto/bio/bio_cb.c
+++ b/src/lib/libcrypto/bio/bio_cb.c
@@ -75,56 +75,56 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
75 if (BIO_CB_RETURN & cmd) 75 if (BIO_CB_RETURN & cmd)
76 r=ret; 76 r=ret;
77 77
78 snprintf(buf,sizeof buf,"BIO[%08lX]:",(unsigned long)bio); 78 BIO_snprintf(buf,sizeof buf,"BIO[%08lX]:",(unsigned long)bio);
79 p= &(buf[14]); 79 p= &(buf[14]);
80 p_maxlen = sizeof buf - 14; 80 p_maxlen = sizeof buf - 14;
81 switch (cmd) 81 switch (cmd)
82 { 82 {
83 case BIO_CB_FREE: 83 case BIO_CB_FREE:
84 snprintf(p,p_maxlen,"Free - %s\n",bio->method->name); 84 BIO_snprintf(p,p_maxlen,"Free - %s\n",bio->method->name);
85 break; 85 break;
86 case BIO_CB_READ: 86 case BIO_CB_READ:
87 if (bio->method->type & BIO_TYPE_DESCRIPTOR) 87 if (bio->method->type & BIO_TYPE_DESCRIPTOR)
88 snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n", 88 BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n",
89 bio->num,argi,bio->method->name,bio->num); 89 bio->num,argi,bio->method->name,bio->num);
90 else 90 else
91 snprintf(p,p_maxlen,"read(%d,%d) - %s\n", 91 BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s\n",
92 bio->num,argi,bio->method->name); 92 bio->num,argi,bio->method->name);
93 break; 93 break;
94 case BIO_CB_WRITE: 94 case BIO_CB_WRITE:
95 if (bio->method->type & BIO_TYPE_DESCRIPTOR) 95 if (bio->method->type & BIO_TYPE_DESCRIPTOR)
96 snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n", 96 BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n",
97 bio->num,argi,bio->method->name,bio->num); 97 bio->num,argi,bio->method->name,bio->num);
98 else 98 else
99 snprintf(p,p_maxlen,"write(%d,%d) - %s\n", 99 BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s\n",
100 bio->num,argi,bio->method->name); 100 bio->num,argi,bio->method->name);
101 break; 101 break;
102 case BIO_CB_PUTS: 102 case BIO_CB_PUTS:
103 snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name); 103 BIO_snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name);
104 break; 104 break;
105 case BIO_CB_GETS: 105 case BIO_CB_GETS:
106 snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name); 106 BIO_snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name);
107 break; 107 break;
108 case BIO_CB_CTRL: 108 case BIO_CB_CTRL:
109 snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name); 109 BIO_snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name);
110 break; 110 break;
111 case BIO_CB_RETURN|BIO_CB_READ: 111 case BIO_CB_RETURN|BIO_CB_READ:
112 snprintf(p,p_maxlen,"read return %ld\n",ret); 112 BIO_snprintf(p,p_maxlen,"read return %ld\n",ret);
113 break; 113 break;
114 case BIO_CB_RETURN|BIO_CB_WRITE: 114 case BIO_CB_RETURN|BIO_CB_WRITE:
115 snprintf(p,p_maxlen,"write return %ld\n",ret); 115 BIO_snprintf(p,p_maxlen,"write return %ld\n",ret);
116 break; 116 break;
117 case BIO_CB_RETURN|BIO_CB_GETS: 117 case BIO_CB_RETURN|BIO_CB_GETS:
118 snprintf(p,p_maxlen,"gets return %ld\n",ret); 118 BIO_snprintf(p,p_maxlen,"gets return %ld\n",ret);
119 break; 119 break;
120 case BIO_CB_RETURN|BIO_CB_PUTS: 120 case BIO_CB_RETURN|BIO_CB_PUTS:
121 snprintf(p,p_maxlen,"puts return %ld\n",ret); 121 BIO_snprintf(p,p_maxlen,"puts return %ld\n",ret);
122 break; 122 break;
123 case BIO_CB_RETURN|BIO_CB_CTRL: 123 case BIO_CB_RETURN|BIO_CB_CTRL:
124 snprintf(p,p_maxlen,"ctrl return %ld\n",ret); 124 BIO_snprintf(p,p_maxlen,"ctrl return %ld\n",ret);
125 break; 125 break;
126 default: 126 default:
127 snprintf(p,p_maxlen,"bio callback - unknown type (%d)\n",cmd); 127 BIO_snprintf(p,p_maxlen,"bio callback - unknown type (%d)\n",cmd);
128 break; 128 break;
129 } 129 }
130 130
diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c
index 8c694140ed..f5d0e759e2 100644
--- a/src/lib/libcrypto/bio/bss_conn.c
+++ b/src/lib/libcrypto/bio/bss_conn.c
@@ -521,8 +521,8 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
521 char buf[16]; 521 char buf[16];
522 unsigned char *p = ptr; 522 unsigned char *p = ptr;
523 523
524 snprintf(buf,sizeof buf,"%d.%d.%d.%d", 524 BIO_snprintf(buf,sizeof buf,"%d.%d.%d.%d",
525 p[0],p[1],p[2],p[3]); 525 p[0],p[1],p[2],p[3]);
526 if (data->param_hostname != NULL) 526 if (data->param_hostname != NULL)
527 OPENSSL_free(data->param_hostname); 527 OPENSSL_free(data->param_hostname);
528 data->param_hostname=BUF_strdup(buf); 528 data->param_hostname=BUF_strdup(buf);
@@ -532,7 +532,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
532 { 532 {
533 char buf[DECIMAL_SIZE(int)+1]; 533 char buf[DECIMAL_SIZE(int)+1];
534 534
535 snprintf(buf,sizeof buf,"%d",*(int *)ptr); 535 BIO_snprintf(buf,sizeof buf,"%d",*(int *)ptr);
536 if (data->param_port != NULL) 536 if (data->param_port != NULL)
537 OPENSSL_free(data->param_port); 537 OPENSSL_free(data->param_port);
538 data->param_port=BUF_strdup(buf); 538 data->param_port=BUF_strdup(buf);
diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c
index 0ca603ee0a..9cdf159f82 100644
--- a/src/lib/libcrypto/bio/bss_file.c
+++ b/src/lib/libcrypto/bio/bss_file.c
@@ -249,15 +249,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
249 if (num & BIO_FP_APPEND) 249 if (num & BIO_FP_APPEND)
250 { 250 {
251 if (num & BIO_FP_READ) 251 if (num & BIO_FP_READ)
252 strlcpy(p,"a+",sizeof p); 252 BUF_strlcpy(p,"a+",sizeof p);
253 else strlcpy(p,"a",sizeof p); 253 else BUF_strlcpy(p,"a",sizeof p);
254 } 254 }
255 else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE)) 255 else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
256 strlcpy(p,"r+",sizeof p); 256 BUF_strlcpy(p,"r+",sizeof p);
257 else if (num & BIO_FP_WRITE) 257 else if (num & BIO_FP_WRITE)
258 strlcpy(p,"w",sizeof p); 258 BUF_strlcpy(p,"w",sizeof p);
259 else if (num & BIO_FP_READ) 259 else if (num & BIO_FP_READ)
260 strlcpy(p,"r",sizeof p); 260 BUF_strlcpy(p,"r",sizeof p);
261 else 261 else
262 { 262 {
263 BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE); 263 BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
diff --git a/src/lib/libcrypto/bn/Makefile.ssl b/src/lib/libcrypto/bn/Makefile.ssl
index 0c6e796d17..50892ef44c 100644
--- a/src/lib/libcrypto/bn/Makefile.ssl
+++ b/src/lib/libcrypto/bn/Makefile.ssl
@@ -120,6 +120,9 @@ asm/ia64-cpp.o: asm/ia64.S
120 120
121asm/x86_64-gcc.o: asm/x86_64-gcc.c 121asm/x86_64-gcc.o: asm/x86_64-gcc.c
122 122
123asm/pa-risc2W.o: asm/pa-risc2W.s
124 /usr/ccs/bin/as -o asm/pa-rics2W.o asm/pa-risc2W.s
125
123files: 126files:
124 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO 127 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
125 128
diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl
index 9a78f63be1..c4de4a2bee 100644
--- a/src/lib/libcrypto/bn/asm/bn-586.pl
+++ b/src/lib/libcrypto/bn/asm/bn-586.pl
@@ -11,7 +11,7 @@ require "x86asm.pl";
11&bn_div_words("bn_div_words"); 11&bn_div_words("bn_div_words");
12&bn_add_words("bn_add_words"); 12&bn_add_words("bn_add_words");
13&bn_sub_words("bn_sub_words"); 13&bn_sub_words("bn_sub_words");
14&bn_sub_part_words("bn_sub_part_words") unless $main'openbsd; 14#&bn_sub_part_words("bn_sub_part_words");
15 15
16&asm_finish(); 16&asm_finish();
17 17
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h
index 5614bc6164..253e195e23 100644
--- a/src/lib/libcrypto/bn/bn_lcl.h
+++ b/src/lib/libcrypto/bn/bn_lcl.h
@@ -433,19 +433,18 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a);
433int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); 433int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n);
434int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, 434int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
435 int cl, int dl); 435 int cl, int dl);
436#if 0 436#ifdef BN_RECURSION
437/* bn_mul.c rollback <appro> */ 437void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
438void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, 438 BN_ULONG *t);
439 int dna,int dnb,BN_ULONG *t); 439void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
440void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, 440 int n, BN_ULONG *t);
441 int n,int tna,int tnb,BN_ULONG *t);
442#endif
443void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
444void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
445void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, 441void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
446 BN_ULONG *t); 442 BN_ULONG *t);
447void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, 443void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
448 BN_ULONG *t); 444 BN_ULONG *t);
445void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
446#endif
447void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
449 448
450#ifdef __cplusplus 449#ifdef __cplusplus
451} 450}
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 463463cfcb..e1660450bc 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -145,11 +145,11 @@ char *BN_options(void)
145 { 145 {
146 init++; 146 init++;
147#ifdef BN_LLONG 147#ifdef BN_LLONG
148 snprintf(data,sizeof data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8, 148 BIO_snprintf(data,sizeof data,"bn(%d,%d)",
149 (int)sizeof(BN_ULONG)*8); 149 (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
150#else 150#else
151 snprintf(data,sizeof data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8, 151 BIO_snprintf(data,sizeof data,"bn(%d,%d)",
152 (int)sizeof(BN_ULONG)*8); 152 (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
153#endif 153#endif
154 } 154 }
155 return(data); 155 return(data);
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c
index ad80dab325..acba7ed7ee 100644
--- a/src/lib/libcrypto/bn/bn_print.c
+++ b/src/lib/libcrypto/bn/bn_print.c
@@ -140,12 +140,12 @@ char *BN_bn2dec(const BIGNUM *a)
140 /* We now have a series of blocks, BN_DEC_NUM chars 140 /* We now have a series of blocks, BN_DEC_NUM chars
141 * in length, where the last one needs truncation. 141 * in length, where the last one needs truncation.
142 * The blocks need to be reversed in order. */ 142 * The blocks need to be reversed in order. */
143 snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp); 143 BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp);
144 while (*p) p++; 144 while (*p) p++;
145 while (lp != bn_data) 145 while (lp != bn_data)
146 { 146 {
147 lp--; 147 lp--;
148 snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp); 148 BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp);
149 while (*p) p++; 149 while (*p) p++;
150 } 150 }
151 } 151 }
diff --git a/src/lib/libcrypto/cast/Makefile.ssl b/src/lib/libcrypto/cast/Makefile.ssl
index 2dc1c855ad..98393a37ba 100644
--- a/src/lib/libcrypto/cast/Makefile.ssl
+++ b/src/lib/libcrypto/cast/Makefile.ssl
@@ -25,6 +25,7 @@ CAST_ENC=c_enc.o
25#CAST_ENC=asm/cx86bdsi.o 25#CAST_ENC=asm/cx86bdsi.o
26 26
27CFLAGS= $(INCLUDES) $(CFLAG) 27CFLAGS= $(INCLUDES) $(CFLAG)
28ASFLAGS= $(INCLUDES) $(ASFLAG)
28 29
29GENERAL=Makefile 30GENERAL=Makefile
30TEST=casttest.c 31TEST=casttest.c
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c
index b52ee01a3c..2e9f52f1fd 100644
--- a/src/lib/libcrypto/conf/conf_def.c
+++ b/src/lib/libcrypto/conf/conf_def.c
@@ -235,7 +235,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
235 CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); 235 CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
236 goto err; 236 goto err;
237 } 237 }
238 strlcpy(section,"default",10); 238 BUF_strlcpy(section,"default",10);
239 239
240 if (_CONF_new_data(conf) == 0) 240 if (_CONF_new_data(conf) == 0)
241 { 241 {
@@ -392,7 +392,7 @@ again:
392 ERR_R_MALLOC_FAILURE); 392 ERR_R_MALLOC_FAILURE);
393 goto err; 393 goto err;
394 } 394 }
395 strlcpy(v->name,pname,strlen(pname)+1); 395 BUF_strlcpy(v->name,pname,strlen(pname)+1);
396 if (!str_copy(conf,psection,&(v->value),start)) goto err; 396 if (!str_copy(conf,psection,&(v->value),start)) goto err;
397 397
398 if (strcmp(psection,section) != 0) 398 if (strcmp(psection,section) != 0)
@@ -447,7 +447,7 @@ err:
447 if (buff != NULL) BUF_MEM_free(buff); 447 if (buff != NULL) BUF_MEM_free(buff);
448 if (section != NULL) OPENSSL_free(section); 448 if (section != NULL) OPENSSL_free(section);
449 if (line != NULL) *line=eline; 449 if (line != NULL) *line=eline;
450 snprintf(btmp,sizeof btmp,"%ld",eline); 450 BIO_snprintf(btmp,sizeof btmp,"%ld",eline);
451 ERR_add_error_data(2,"line ",btmp); 451 ERR_add_error_data(2,"line ",btmp);
452 if ((h != conf->data) && (conf->data != NULL)) 452 if ((h != conf->data) && (conf->data != NULL))
453 { 453 {
diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c
index 5a747e8c84..d45adea851 100644
--- a/src/lib/libcrypto/conf/conf_mod.c
+++ b/src/lib/libcrypto/conf/conf_mod.c
@@ -232,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
232 { 232 {
233 char rcode[DECIMAL_SIZE(ret)+1]; 233 char rcode[DECIMAL_SIZE(ret)+1];
234 CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); 234 CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
235 snprintf(rcode, sizeof rcode, "%-8d", ret); 235 BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
236 ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); 236 ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
237 } 237 }
238 } 238 }
@@ -561,11 +561,11 @@ char *CONF_get1_default_config_file(void)
561 561
562 if (!file) 562 if (!file)
563 return NULL; 563 return NULL;
564 strlcpy(file,X509_get_default_cert_area(),len + 1); 564 BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
565#ifndef OPENSSL_SYS_VMS 565#ifndef OPENSSL_SYS_VMS
566 strlcat(file,"/",len + 1); 566 BUF_strlcat(file,"/",len + 1);
567#endif 567#endif
568 strlcat(file,OPENSSL_CONF,len + 1); 568 BUF_strlcat(file,OPENSSL_CONF,len + 1);
569 569
570 return file; 570 return file;
571 } 571 }
@@ -576,12 +576,12 @@ char *CONF_get1_default_config_file(void)
576 * be used to parse comma separated lists for example. 576 * be used to parse comma separated lists for example.
577 */ 577 */
578 578
579int CONF_parse_list(const char *list, int sep, int nospc, 579int CONF_parse_list(const char *list_, int sep, int nospc,
580 int (*list_cb)(const char *elem, int len, void *usr), void *arg) 580 int (*list_cb)(const char *elem, int len, void *usr), void *arg)
581 { 581 {
582 int ret; 582 int ret;
583 const char *lstart, *tmpend, *p; 583 const char *lstart, *tmpend, *p;
584 lstart = list; 584 lstart = list_;
585 585
586 for(;;) 586 for(;;)
587 { 587 {
diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c
index 56471fa74c..beeeb14013 100644
--- a/src/lib/libcrypto/cversion.c
+++ b/src/lib/libcrypto/cversion.c
@@ -74,7 +74,7 @@ const char *SSLeay_version(int t)
74#ifdef DATE 74#ifdef DATE
75 static char buf[sizeof(DATE)+11]; 75 static char buf[sizeof(DATE)+11];
76 76
77 snprintf(buf,sizeof buf,"built on: %s",DATE); 77 BIO_snprintf(buf,sizeof buf,"built on: %s",DATE);
78 return(buf); 78 return(buf);
79#else 79#else
80 return("built on: date not available"); 80 return("built on: date not available");
@@ -85,7 +85,7 @@ const char *SSLeay_version(int t)
85#ifdef CFLAGS 85#ifdef CFLAGS
86 static char buf[sizeof(CFLAGS)+11]; 86 static char buf[sizeof(CFLAGS)+11];
87 87
88 snprintf(buf,sizeof buf,"compiler: %s",CFLAGS); 88 BIO_snprintf(buf,sizeof buf,"compiler: %s",CFLAGS);
89 return(buf); 89 return(buf);
90#else 90#else
91 return("compiler: information not available"); 91 return("compiler: information not available");
@@ -96,7 +96,7 @@ const char *SSLeay_version(int t)
96#ifdef PLATFORM 96#ifdef PLATFORM
97 static char buf[sizeof(PLATFORM)+11]; 97 static char buf[sizeof(PLATFORM)+11];
98 98
99 snprintf(buf,sizeof buf,"platform: %s", PLATFORM); 99 BIO_snprintf(buf,sizeof buf,"platform: %s", PLATFORM);
100 return(buf); 100 return(buf);
101#else 101#else
102 return("platform: information not available"); 102 return("platform: information not available");
diff --git a/src/lib/libcrypto/des/Makefile.ssl b/src/lib/libcrypto/des/Makefile.ssl
index 45eba0b3c9..0d9ba2b42f 100644
--- a/src/lib/libcrypto/des/Makefile.ssl
+++ b/src/lib/libcrypto/des/Makefile.ssl
@@ -22,6 +22,7 @@ DES_ENC= des_enc.o fcrypt_b.o
22#DES_ENC= dx86-elf.o yx86-elf.o 22#DES_ENC= dx86-elf.o yx86-elf.o
23 23
24CFLAGS= $(INCLUDES) $(CFLAG) 24CFLAGS= $(INCLUDES) $(CFLAG)
25ASFLAGS= $(INCLUDES) $(ASFLAG)
25 26
26GENERAL=Makefile 27GENERAL=Makefile
27TEST=destest.c 28TEST=destest.c
@@ -157,12 +158,13 @@ cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
157cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 158cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
158cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h 159cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
159cfb64enc.o: cfb64enc.c des_locl.h 160cfb64enc.o: cfb64enc.c des_locl.h
160cfb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h 161cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
161cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h 162cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
162cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 163cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
163cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 164cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
164cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h 165cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
165cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h 166cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
167cfb_enc.o: cfb_enc.c des_locl.h
166des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h 168des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
167des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h 169des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
168des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 170des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -191,13 +193,13 @@ ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
191ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 193ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
192ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h 194ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
193ecb3_enc.o: des_locl.h ecb3_enc.c 195ecb3_enc.o: des_locl.h ecb3_enc.c
194ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h 196ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
195ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h 197ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
196ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 198ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
197ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 199ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
198ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h 200ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
199ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c 201ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
200ecb_enc.o: spr.h 202ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
201ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h 203ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
202ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h 204ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
203ede_cbcm_enc.o: ../../include/openssl/opensslconf.h 205ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
index 2600bdfc93..03cabb223c 100644
--- a/src/lib/libcrypto/des/cfb_enc.c
+++ b/src/lib/libcrypto/des/cfb_enc.c
@@ -56,6 +56,7 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#include "e_os.h"
59#include "des_locl.h" 60#include "des_locl.h"
60 61
61/* The input and output are loaded in multiples of 8 bits. 62/* The input and output are loaded in multiples of 8 bits.
@@ -64,17 +65,15 @@
64 * the second. The second 12 bits will come from the 3rd and half the 4th 65 * the second. The second 12 bits will come from the 3rd and half the 4th
65 * byte. 66 * byte.
66 */ 67 */
67/* WARNING WARNING: this uses in and out in 8-byte chunks regardless of
68 * length */
69/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it 68/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
70 * will not be compatible with any encryption prior to that date. Ben. */ 69 * will not be compatible with any encryption prior to that date. Ben. */
71void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, 70void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
72 long length, DES_key_schedule *schedule, DES_cblock *ivec, 71 long length, DES_key_schedule *schedule, DES_cblock *ivec,
73 int enc) 72 int enc)
74 { 73 {
75 register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8; 74 register DES_LONG d0,d1,v0,v1;
76 register unsigned long l=length; 75 register unsigned long l=length,n=(numbits+7)/8;
77 register int num=numbits; 76 register int num=numbits,i;
78 DES_LONG ti[2]; 77 DES_LONG ti[2];
79 unsigned char *iv; 78 unsigned char *iv;
80 unsigned char ovec[16]; 79 unsigned char ovec[16];
@@ -114,10 +113,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
114 memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0)); 113 memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
115 /* now the remaining bits */ 114 /* now the remaining bits */
116 if(num%8 != 0) 115 if(num%8 != 0)
117 for(n=0 ; n < 8 ; ++n) 116 for(i=0 ; i < 8 ; ++i)
118 { 117 {
119 ovec[n]<<=num%8; 118 ovec[i]<<=num%8;
120 ovec[n]|=ovec[n+1]>>(8-num%8); 119 ovec[i]|=ovec[i+1]>>(8-num%8);
121 } 120 }
122 iv=&ovec[0]; 121 iv=&ovec[0];
123 c2l(iv,v0); 122 c2l(iv,v0);
@@ -152,10 +151,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
152 memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0)); 151 memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
153 /* now the remaining bits */ 152 /* now the remaining bits */
154 if(num%8 != 0) 153 if(num%8 != 0)
155 for(n=0 ; n < 8 ; ++n) 154 for(i=0 ; i < 8 ; ++i)
156 { 155 {
157 ovec[n]<<=num%8; 156 ovec[i]<<=num%8;
158 ovec[n]|=ovec[n+1]>>(8-num%8); 157 ovec[i]|=ovec[i+1]>>(8-num%8);
159 } 158 }
160 iv=&ovec[0]; 159 iv=&ovec[0];
161 c2l(iv,v0); 160 c2l(iv,v0);
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c
index c828bdd45d..784aa5ba23 100644
--- a/src/lib/libcrypto/des/ecb_enc.c
+++ b/src/lib/libcrypto/des/ecb_enc.c
@@ -60,6 +60,7 @@
60#include "des_ver.h" 60#include "des_ver.h"
61#include "spr.h" 61#include "spr.h"
62#include <openssl/opensslv.h> 62#include <openssl/opensslv.h>
63#include <openssl/bio.h>
63 64
64OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT; 65OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
65OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT; 66OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
@@ -97,8 +98,8 @@ const char *DES_options(void)
97 size="int"; 98 size="int";
98 else 99 else
99 size="long"; 100 size="long";
100 snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll, 101 BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
101 size); 102 size);
102 init=0; 103 init=0;
103 } 104 }
104 return(buf); 105 return(buf);
diff --git a/src/lib/libcrypto/doc/EVP_BytesToKey.pod b/src/lib/libcrypto/doc/EVP_BytesToKey.pod
index 5ce4add082..016381f3e9 100644
--- a/src/lib/libcrypto/doc/EVP_BytesToKey.pod
+++ b/src/lib/libcrypto/doc/EVP_BytesToKey.pod
@@ -2,7 +2,7 @@
2 2
3=head1 NAME 3=head1 NAME
4 4
5 EVP_BytesToKey - password based encryption routine 5EVP_BytesToKey - password based encryption routine
6 6
7=head1 SYNOPSIS 7=head1 SYNOPSIS
8 8
diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod
index 58afd8f0b8..faa992286b 100644
--- a/src/lib/libcrypto/doc/EVP_DigestInit.pod
+++ b/src/lib/libcrypto/doc/EVP_DigestInit.pod
@@ -4,7 +4,7 @@
4 4
5EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate, 5EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
6EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE, 6EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
7EVP_MD_CTX_copy_ex EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, 7EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
8EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, 8EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
9EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2, 9EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
10EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - 10EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
index 7c71bcbf3d..279b29c873 100644
--- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
+++ b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod
@@ -9,6 +9,7 @@ d2i_Netscape_RSA - RSA public and private key encoding functions.
9=head1 SYNOPSIS 9=head1 SYNOPSIS
10 10
11 #include <openssl/rsa.h> 11 #include <openssl/rsa.h>
12 #include <openssl/x509.h>
12 13
13 RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); 14 RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
14 15
@@ -31,8 +32,8 @@ d2i_Netscape_RSA - RSA public and private key encoding functions.
31d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey 32d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey
32structure. 33structure.
33 34
34d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a 35d2i_RSA_PUBKEY() and i2d_RSA_PUBKEY() decode and encode an RSA public key using
35SubjectPublicKeyInfo (certificate public key) structure. 36a SubjectPublicKeyInfo (certificate public key) structure.
36 37
37d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey 38d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey
38structure. 39structure.
diff --git a/src/lib/libcrypto/dso/dso_lib.c b/src/lib/libcrypto/dso/dso_lib.c
index 85ac5103cd..48d9fdb25e 100644
--- a/src/lib/libcrypto/dso/dso_lib.c
+++ b/src/lib/libcrypto/dso/dso_lib.c
@@ -383,7 +383,7 @@ int DSO_set_filename(DSO *dso, const char *filename)
383 DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE); 383 DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
384 return(0); 384 return(0);
385 } 385 }
386 strlcpy(copied, filename, strlen(filename) + 1); 386 BUF_strlcpy(copied, filename, strlen(filename) + 1);
387 if(dso->filename) 387 if(dso->filename)
388 OPENSSL_free(dso->filename); 388 OPENSSL_free(dso->filename);
389 dso->filename = copied; 389 dso->filename = copied;
@@ -422,7 +422,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename)
422 ERR_R_MALLOC_FAILURE); 422 ERR_R_MALLOC_FAILURE);
423 return(NULL); 423 return(NULL);
424 } 424 }
425 strlcpy(result, filename, strlen(filename) + 1); 425 BUF_strlcpy(result, filename, strlen(filename) + 1);
426 } 426 }
427 return(result); 427 return(result);
428 } 428 }
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index 4666a052bf..e9a51fb87a 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -896,7 +896,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
896 } 896 }
897 form = buf[0]; 897 form = buf[0];
898 y_bit = form & 1; 898 y_bit = form & 1;
899 form = form & ~1; 899 form = form & ~1U;
900 if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) 900 if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
901 && (form != POINT_CONVERSION_UNCOMPRESSED) 901 && (form != POINT_CONVERSION_UNCOMPRESSED)
902 && (form != POINT_CONVERSION_HYBRID)) 902 && (form != POINT_CONVERSION_HYBRID))
diff --git a/src/lib/libcrypto/engine/eng_ctrl.c b/src/lib/libcrypto/engine/eng_ctrl.c
index 0d56e69d27..412c73fb0f 100644
--- a/src/lib/libcrypto/engine/eng_ctrl.c
+++ b/src/lib/libcrypto/engine/eng_ctrl.c
@@ -160,19 +160,19 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
160 case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: 160 case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
161 return strlen(e->cmd_defns[idx].cmd_name); 161 return strlen(e->cmd_defns[idx].cmd_name);
162 case ENGINE_CTRL_GET_NAME_FROM_CMD: 162 case ENGINE_CTRL_GET_NAME_FROM_CMD:
163 return snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, 163 return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
164 "%s", e->cmd_defns[idx].cmd_name); 164 "%s", e->cmd_defns[idx].cmd_name);
165 case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: 165 case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
166 if(e->cmd_defns[idx].cmd_desc) 166 if(e->cmd_defns[idx].cmd_desc)
167 return strlen(e->cmd_defns[idx].cmd_desc); 167 return strlen(e->cmd_defns[idx].cmd_desc);
168 return strlen(int_no_description); 168 return strlen(int_no_description);
169 case ENGINE_CTRL_GET_DESC_FROM_CMD: 169 case ENGINE_CTRL_GET_DESC_FROM_CMD:
170 if(e->cmd_defns[idx].cmd_desc) 170 if(e->cmd_defns[idx].cmd_desc)
171 return snprintf(s, 171 return BIO_snprintf(s,
172 strlen(e->cmd_defns[idx].cmd_desc) + 1, 172 strlen(e->cmd_defns[idx].cmd_desc) + 1,
173 "%s", e->cmd_defns[idx].cmd_desc); 173 "%s", e->cmd_defns[idx].cmd_desc);
174 return snprintf(s, strlen(int_no_description) + 1,"%s", 174 return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
175 int_no_description); 175 int_no_description);
176 case ENGINE_CTRL_GET_CMD_FLAGS: 176 case ENGINE_CTRL_GET_CMD_FLAGS:
177 return e->cmd_defns[idx].cmd_flags; 177 return e->cmd_defns[idx].cmd_flags;
178 } 178 }
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c
index 0d7dae00b2..7ccf7022ee 100644
--- a/src/lib/libcrypto/engine/eng_fat.c
+++ b/src/lib/libcrypto/engine/eng_fat.c
@@ -107,14 +107,14 @@ static int int_def_cb(const char *alg, int len, void *arg)
107 } 107 }
108 108
109 109
110int ENGINE_set_default_string(ENGINE *e, const char *list) 110int ENGINE_set_default_string(ENGINE *e, const char *def_list)
111 { 111 {
112 unsigned int flags = 0; 112 unsigned int flags = 0;
113 if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags)) 113 if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags))
114 { 114 {
115 ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING, 115 ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
116 ENGINE_R_INVALID_STRING); 116 ENGINE_R_INVALID_STRING);
117 ERR_add_error_data(2, "str=",list); 117 ERR_add_error_data(2, "str=",def_list);
118 return 0; 118 return 0;
119 } 119 }
120 return ENGINE_set_default(e, flags); 120 return ENGINE_set_default(e, flags);
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
index 9c3ab182d3..900f75ce8d 100644
--- a/src/lib/libcrypto/engine/engine.h
+++ b/src/lib/libcrypto/engine/engine.h
@@ -513,7 +513,7 @@ ENGINE *ENGINE_get_digest_engine(int nid);
513 * structure will have had its reference count up'd so the caller 513 * structure will have had its reference count up'd so the caller
514 * should still free their own reference 'e'. */ 514 * should still free their own reference 'e'. */
515int ENGINE_set_default_RSA(ENGINE *e); 515int ENGINE_set_default_RSA(ENGINE *e);
516int ENGINE_set_default_string(ENGINE *e, const char *list); 516int ENGINE_set_default_string(ENGINE *e, const char *def_list);
517/* Same for the other "methods" */ 517/* Same for the other "methods" */
518int ENGINE_set_default_DSA(ENGINE *e); 518int ENGINE_set_default_DSA(ENGINE *e);
519int ENGINE_set_default_DH(ENGINE *e); 519int ENGINE_set_default_DH(ENGINE *e);
@@ -616,17 +616,20 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
616 const dynamic_fns *fns); 616 const dynamic_fns *fns);
617#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ 617#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
618 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ 618 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
619 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ 619 if (ERR_get_implementation() != fns->err_fns) \
620 fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ 620 { \
621 return 0; \ 621 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
622 CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ 622 fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
623 CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ 623 return 0; \
624 CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ 624 CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
625 CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ 625 CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
626 CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ 626 CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
627 if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ 627 CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
628 return 0; \ 628 CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
629 if(!ERR_set_implementation(fns->err_fns)) return 0; \ 629 if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
630 return 0; \
631 if(!ERR_set_implementation(fns->err_fns)) return 0; \
632 } \
630 if(!fn(e,id)) return 0; \ 633 if(!fn(e,id)) return 0; \
631 return 1; } 634 return 1; }
632 635
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c
index 2fe84a5002..21de0a9fdd 100644
--- a/src/lib/libcrypto/engine/hw_cryptodev.c
+++ b/src/lib/libcrypto/engine/hw_cryptodev.c
@@ -1257,14 +1257,17 @@ ENGINE_load_cryptodev(void)
1257 1257
1258 if (engine == NULL) 1258 if (engine == NULL)
1259 return; 1259 return;
1260 if ((fd = get_dev_crypto()) < 0) 1260 if ((fd = get_dev_crypto()) < 0) {
1261 ENGINE_free(engine);
1261 return; 1262 return;
1263 }
1262 1264
1263 /* 1265 /*
1264 * find out what asymmetric crypto algorithms we support 1266 * find out what asymmetric crypto algorithms we support
1265 */ 1267 */
1266 if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { 1268 if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
1267 close(fd); 1269 close(fd);
1270 ENGINE_free(engine);
1268 return; 1271 return;
1269 } 1272 }
1270 close(fd); 1273 close(fd);
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c
index 6ab119c1ef..792f329600 100644
--- a/src/lib/libcrypto/err/err.c
+++ b/src/lib/libcrypto/err/err.c
@@ -1065,7 +1065,7 @@ void ERR_add_error_data(int num, ...)
1065 else 1065 else
1066 str=p; 1066 str=p;
1067 } 1067 }
1068 strlcat(str,a,s+1); 1068 BUF_strlcat(str,a,s+1);
1069 } 1069 }
1070 } 1070 }
1071 ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); 1071 ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index b22eed4421..0623ddf1f0 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -248,6 +248,7 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
248 248
249int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) 249int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
250 { 250 {
251 unsigned char *tmp_buf;
251 if ((in == NULL) || (in->digest == NULL)) 252 if ((in == NULL) || (in->digest == NULL))
252 { 253 {
253 EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); 254 EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
@@ -262,15 +263,22 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
262 } 263 }
263#endif 264#endif
264 265
266 if (out->digest == in->digest)
267 {
268 tmp_buf = out->md_data;
269 EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE);
270 }
271 else tmp_buf = NULL;
265 EVP_MD_CTX_cleanup(out); 272 EVP_MD_CTX_cleanup(out);
266 memcpy(out,in,sizeof *out); 273 memcpy(out,in,sizeof *out);
267 274
268 if (out->digest->ctx_size) 275 if (out->digest->ctx_size)
269 { 276 {
270 out->md_data=OPENSSL_malloc(out->digest->ctx_size); 277 if (tmp_buf) out->md_data = tmp_buf;
278 else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
271 memcpy(out->md_data,in->md_data,out->digest->ctx_size); 279 memcpy(out->md_data,in->md_data,out->digest->ctx_size);
272 } 280 }
273 281
274 if (out->digest->copy) 282 if (out->digest->copy)
275 return out->digest->copy(out,in); 283 return out->digest->copy(out,in);
276 284
@@ -308,7 +316,8 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
308 if (ctx->digest && ctx->digest->cleanup 316 if (ctx->digest && ctx->digest->cleanup
309 && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) 317 && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
310 ctx->digest->cleanup(ctx); 318 ctx->digest->cleanup(ctx);
311 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) 319 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
320 && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
312 { 321 {
313 OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); 322 OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
314 OPENSSL_free(ctx->md_data); 323 OPENSSL_free(ctx->md_data);
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 5d8a07d33c..f9b48792ce 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -275,6 +275,8 @@ struct env_md_ctx_st
275 * once only */ 275 * once only */
276#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been 276#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been
277 * cleaned */ 277 * cleaned */
278#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
279 * in EVP_MD_CTX_cleanup */
278 280
279struct evp_cipher_st 281struct evp_cipher_st
280 { 282 {
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index be0758a879..8ea5aa935d 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -148,7 +148,19 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
148#endif 148#endif
149 149
150 ctx->cipher=cipher; 150 ctx->cipher=cipher;
151 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); 151 if (ctx->cipher->ctx_size)
152 {
153 ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
154 if (!ctx->cipher_data)
155 {
156 EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
157 return 0;
158 }
159 }
160 else
161 {
162 ctx->cipher_data = NULL;
163 }
152 ctx->key_len = cipher->key_len; 164 ctx->key_len = cipher->key_len;
153 ctx->flags = 0; 165 ctx->flags = 0;
154 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) 166 if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index bc98e63363..91e545a141 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -87,7 +87,7 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
87 if (i == -1) { 87 if (i == -1) {
88 char obj_tmp[80]; 88 char obj_tmp[80];
89 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); 89 EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
90 if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 90 if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
91 else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); 91 else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
92 ERR_add_error_data(2, "TYPE=", obj_tmp); 92 ERR_add_error_data(2, "TYPE=", obj_tmp);
93 return 0; 93 return 0;
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 30b6fbb03d..eb481ec661 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -210,7 +210,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
210#endif 210#endif
211 default: 211 default:
212 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 212 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
213 if (!a->algorithm) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 213 if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
214 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); 214 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
215 ERR_add_error_data(2, "TYPE=", obj_tmp); 215 ERR_add_error_data(2, "TYPE=", obj_tmp);
216 EVP_PKEY_free (pkey); 216 EVP_PKEY_free (pkey);
diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c
index bb862db499..dd86733b77 100644
--- a/src/lib/libcrypto/mem.c
+++ b/src/lib/libcrypto/mem.c
@@ -252,7 +252,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
252 void *ret = NULL; 252 void *ret = NULL;
253 extern unsigned char cleanse_ctr; 253 extern unsigned char cleanse_ctr;
254 254
255 if (num < 0) return NULL; 255 if (num <= 0) return NULL;
256 256
257 allow_customize = 0; 257 allow_customize = 0;
258 if (malloc_debug_func != NULL) 258 if (malloc_debug_func != NULL)
@@ -293,7 +293,7 @@ void *CRYPTO_malloc(int num, const char *file, int line)
293 void *ret = NULL; 293 void *ret = NULL;
294 extern unsigned char cleanse_ctr; 294 extern unsigned char cleanse_ctr;
295 295
296 if (num < 0) return NULL; 296 if (num <= 0) return NULL;
297 297
298 allow_customize = 0; 298 allow_customize = 0;
299 if (malloc_debug_func != NULL) 299 if (malloc_debug_func != NULL)
@@ -324,7 +324,7 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
324 if (str == NULL) 324 if (str == NULL)
325 return CRYPTO_malloc(num, file, line); 325 return CRYPTO_malloc(num, file, line);
326 326
327 if (num < 0) return NULL; 327 if (num <= 0) return NULL;
328 328
329 if (realloc_debug_func != NULL) 329 if (realloc_debug_func != NULL)
330 realloc_debug_func(str, NULL, num, file, line, 0); 330 realloc_debug_func(str, NULL, num, file, line, 0);
@@ -346,7 +346,7 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
346 if (str == NULL) 346 if (str == NULL)
347 return CRYPTO_malloc(num, file, line); 347 return CRYPTO_malloc(num, file, line);
348 348
349 if (num < 0) return NULL; 349 if (num <= 0) return NULL;
350 350
351 if (realloc_debug_func != NULL) 351 if (realloc_debug_func != NULL)
352 realloc_debug_func(str, NULL, num, file, line, 0); 352 realloc_debug_func(str, NULL, num, file, line, 0);
diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c
index 9221df00bd..e212de27e4 100644
--- a/src/lib/libcrypto/mem_dbg.c
+++ b/src/lib/libcrypto/mem_dbg.c
@@ -606,22 +606,22 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
606 { 606 {
607 lcl = localtime(&m->time); 607 lcl = localtime(&m->time);
608 608
609 snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ", 609 BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
610 lcl->tm_hour,lcl->tm_min,lcl->tm_sec); 610 lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
611 bufp += strlen(bufp); 611 bufp += strlen(bufp);
612 } 612 }
613 613
614 snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ", 614 BIO_snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ",
615 m->order,m->file,m->line); 615 m->order,m->file,m->line);
616 bufp += strlen(bufp); 616 bufp += strlen(bufp);
617 617
618 if (options & V_CRYPTO_MDEBUG_THREAD) 618 if (options & V_CRYPTO_MDEBUG_THREAD)
619 { 619 {
620 snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread); 620 BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread);
621 bufp += strlen(bufp); 621 bufp += strlen(bufp);
622 } 622 }
623 623
624 snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n", 624 BIO_snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n",
625 m->num,(unsigned long)m->addr); 625 m->num,(unsigned long)m->addr);
626 bufp += strlen(bufp); 626 bufp += strlen(bufp);
627 627
@@ -643,7 +643,7 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
643 643
644 ami_cnt++; 644 ami_cnt++;
645 memset(buf,'>',ami_cnt); 645 memset(buf,'>',ami_cnt);
646 snprintf(buf + ami_cnt, sizeof buf - ami_cnt, 646 BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
647 " thread=%lu, file=%s, line=%d, info=\"", 647 " thread=%lu, file=%s, line=%d, info=\"",
648 amip->thread, amip->file, amip->line); 648 amip->thread, amip->file, amip->line);
649 buf_len=strlen(buf); 649 buf_len=strlen(buf);
@@ -655,11 +655,11 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
655 } 655 }
656 else 656 else
657 { 657 {
658 strlcpy(buf + buf_len, amip->info, 658 BUF_strlcpy(buf + buf_len, amip->info,
659 sizeof buf - buf_len); 659 sizeof buf - buf_len);
660 buf_len = strlen(buf); 660 buf_len = strlen(buf);
661 } 661 }
662 snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n"); 662 BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
663 663
664 BIO_puts(l->bio,buf); 664 BIO_puts(l->bio,buf);
665 665
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
index ae97108e93..4534dc0985 100644
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ b/src/lib/libcrypto/objects/obj_dat.c
@@ -462,7 +462,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
462 if (i > 2) i=2; 462 if (i > 2) i=2;
463 l-=(long)(i*40); 463 l-=(long)(i*40);
464 464
465 snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); 465 BIO_snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l);
466 i=strlen(tbuf); 466 i=strlen(tbuf);
467 BUF_strlcpy(buf,tbuf,buf_len); 467 BUF_strlcpy(buf,tbuf,buf_len);
468 buf_len-=i; 468 buf_len-=i;
@@ -473,7 +473,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
473 for (; idx<len; idx++) { 473 for (; idx<len; idx++) {
474 l|=p[idx]&0x7f; 474 l|=p[idx]&0x7f;
475 if (!(p[idx] & 0x80)) { 475 if (!(p[idx] & 0x80)) {
476 snprintf(tbuf,sizeof tbuf,".%lu",l); 476 BIO_snprintf(tbuf,sizeof tbuf,".%lu",l);
477 i=strlen(tbuf); 477 i=strlen(tbuf);
478 if (buf_len > 0) 478 if (buf_len > 0)
479 BUF_strlcpy(buf,tbuf,buf_len); 479 BUF_strlcpy(buf,tbuf,buf_len);
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c
index d6c8899f58..57399433fc 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ext.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ext.c
@@ -305,6 +305,8 @@ err:
305 305
306/* Add a nonce to an extension stack. A nonce can be specificed or if NULL 306/* Add a nonce to an extension stack. A nonce can be specificed or if NULL
307 * a random nonce will be generated. 307 * a random nonce will be generated.
308 * Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the
309 * nonce, previous versions used the raw nonce.
308 */ 310 */
309 311
310static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len) 312static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len)
@@ -313,20 +315,28 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val,
313 ASN1_OCTET_STRING os; 315 ASN1_OCTET_STRING os;
314 int ret = 0; 316 int ret = 0;
315 if (len <= 0) len = OCSP_DEFAULT_NONCE_LENGTH; 317 if (len <= 0) len = OCSP_DEFAULT_NONCE_LENGTH;
316 if (val) tmpval = val; 318 /* Create the OCTET STRING manually by writing out the header and
319 * appending the content octets. This avoids an extra memory allocation
320 * operation in some cases. Applications should *NOT* do this because
321 * it relies on library internals.
322 */
323 os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
324 os.data = OPENSSL_malloc(os.length);
325 if (os.data == NULL)
326 goto err;
327 tmpval = os.data;
328 ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
329 if (val)
330 memcpy(tmpval, val, len);
317 else 331 else
318 {
319 if (!(tmpval = OPENSSL_malloc(len))) goto err;
320 RAND_pseudo_bytes(tmpval, len); 332 RAND_pseudo_bytes(tmpval, len);
321 }
322 os.data = tmpval;
323 os.length = len;
324 if(!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce, 333 if(!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
325 &os, 0, X509V3_ADD_REPLACE)) 334 &os, 0, X509V3_ADD_REPLACE))
326 goto err; 335 goto err;
327 ret = 1; 336 ret = 1;
328 err: 337 err:
329 if(!val) OPENSSL_free(tmpval); 338 if (os.data)
339 OPENSSL_free(os.data);
330 return ret; 340 return ret;
331 } 341 }
332 342
diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c
index 3875af165c..9e87fc7895 100644
--- a/src/lib/libcrypto/ocsp/ocsp_lib.c
+++ b/src/lib/libcrypto/ocsp/ocsp_lib.c
@@ -253,6 +253,7 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss
253 253
254 254
255 err: 255 err:
256 if (buf) OPENSSL_free(buf);
256 if (*ppath) OPENSSL_free(*ppath); 257 if (*ppath) OPENSSL_free(*ppath);
257 if (*pport) OPENSSL_free(*pport); 258 if (*pport) OPENSSL_free(*pport);
258 if (*phost) OPENSSL_free(*phost); 259 if (*phost) OPENSSL_free(*phost);
diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c
index 1f5fda7ca3..3d58dfb06c 100644
--- a/src/lib/libcrypto/ocsp/ocsp_vfy.c
+++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -272,7 +272,7 @@ static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
272 272
273 for (i = 1; i < idcount; i++) 273 for (i = 1; i < idcount; i++)
274 { 274 {
275 tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId; 275 tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
276 /* Check to see if IDs match */ 276 /* Check to see if IDs match */
277 if (OCSP_id_issuer_cmp(cid, tmpid)) 277 if (OCSP_id_issuer_cmp(cid, tmpid))
278 { 278 {
@@ -330,7 +330,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
330 OCSP_CERTID *tmpid; 330 OCSP_CERTID *tmpid;
331 for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++) 331 for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++)
332 { 332 {
333 tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId; 333 tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
334 ret = ocsp_match_issuerid(cert, tmpid, NULL); 334 ret = ocsp_match_issuerid(cert, tmpid, NULL);
335 if (ret <= 0) return ret; 335 if (ret <= 0) return ret;
336 } 336 }
diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h
index e226d9de79..02f1710fb3 100644
--- a/src/lib/libcrypto/opensslv.h
+++ b/src/lib/libcrypto/opensslv.h
@@ -25,8 +25,8 @@
25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for 25 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
26 * major minor fix final patch/beta) 26 * major minor fix final patch/beta)
27 */ 27 */
28#define OPENSSL_VERSION_NUMBER 0x0090703fL 28#define OPENSSL_VERSION_NUMBER 0x0090704fL
29#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7c 30 Sep 2003" 29#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7d 17 Mar 2004"
30#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT 30#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
31 31
32 32
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 3bec2d7e9f..7785039b99 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -131,9 +131,9 @@ void PEM_proc_type(char *buf, int type)
131 else 131 else
132 str="BAD-TYPE"; 132 str="BAD-TYPE";
133 133
134 strlcat(buf,"Proc-Type: 4,",PEM_BUFSIZE); 134 BUF_strlcat(buf,"Proc-Type: 4,",PEM_BUFSIZE);
135 strlcat(buf,str,PEM_BUFSIZE); 135 BUF_strlcat(buf,str,PEM_BUFSIZE);
136 strlcat(buf,"\n",PEM_BUFSIZE); 136 BUF_strlcat(buf,"\n",PEM_BUFSIZE);
137 } 137 }
138 138
139void PEM_dek_info(char *buf, const char *type, int len, char *str) 139void PEM_dek_info(char *buf, const char *type, int len, char *str)
@@ -142,9 +142,9 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str)
142 long i; 142 long i;
143 int j; 143 int j;
144 144
145 strlcat(buf,"DEK-Info: ",PEM_BUFSIZE); 145 BUF_strlcat(buf,"DEK-Info: ",PEM_BUFSIZE);
146 strlcat(buf,type,PEM_BUFSIZE); 146 BUF_strlcat(buf,type,PEM_BUFSIZE);
147 strlcat(buf,",",PEM_BUFSIZE); 147 BUF_strlcat(buf,",",PEM_BUFSIZE);
148 j=strlen(buf); 148 j=strlen(buf);
149 if (j + (len * 2) + 1 > PEM_BUFSIZE) 149 if (j + (len * 2) + 1 > PEM_BUFSIZE)
150 return; 150 return;
@@ -535,7 +535,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
535 long len) 535 long len)
536 { 536 {
537 int nlen,n,i,j,outl; 537 int nlen,n,i,j,outl;
538 unsigned char *buf; 538 unsigned char *buf = NULL;
539 EVP_ENCODE_CTX ctx; 539 EVP_ENCODE_CTX ctx;
540 int reason=ERR_R_BUF_LIB; 540 int reason=ERR_R_BUF_LIB;
541 541
@@ -555,7 +555,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
555 goto err; 555 goto err;
556 } 556 }
557 557
558 buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8); 558 buf = OPENSSL_malloc(PEM_BUFSIZE*8);
559 if (buf == NULL) 559 if (buf == NULL)
560 { 560 {
561 reason=ERR_R_MALLOC_FAILURE; 561 reason=ERR_R_MALLOC_FAILURE;
@@ -576,12 +576,15 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
576 EVP_EncodeFinal(&ctx,buf,&outl); 576 EVP_EncodeFinal(&ctx,buf,&outl);
577 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; 577 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
578 OPENSSL_free(buf); 578 OPENSSL_free(buf);
579 buf = NULL;
579 if ( (BIO_write(bp,"-----END ",9) != 9) || 580 if ( (BIO_write(bp,"-----END ",9) != 9) ||
580 (BIO_write(bp,name,nlen) != nlen) || 581 (BIO_write(bp,name,nlen) != nlen) ||
581 (BIO_write(bp,"-----\n",6) != 6)) 582 (BIO_write(bp,"-----\n",6) != 6))
582 goto err; 583 goto err;
583 return(i+outl); 584 return(i+outl);
584err: 585err:
586 if (buf)
587 OPENSSL_free(buf);
585 PEMerr(PEM_F_PEM_WRITE_BIO,reason); 588 PEMerr(PEM_F_PEM_WRITE_BIO,reason);
586 return(0); 589 return(0);
587 } 590 }
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c
index d96ecf6940..f77c949e87 100644
--- a/src/lib/libcrypto/pem/pem_pkey.c
+++ b/src/lib/libcrypto/pem/pem_pkey.c
@@ -87,6 +87,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); 87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
88 if(!p8inf) goto p8err; 88 if(!p8inf) goto p8err;
89 ret = EVP_PKCS82PKEY(p8inf); 89 ret = EVP_PKCS82PKEY(p8inf);
90 if(x) {
91 if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
92 *x = ret;
93 }
90 PKCS8_PRIV_KEY_INFO_free(p8inf); 94 PKCS8_PRIV_KEY_INFO_free(p8inf);
91 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { 95 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
92 PKCS8_PRIV_KEY_INFO *p8inf; 96 PKCS8_PRIV_KEY_INFO *p8inf;
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 190ca0e9bf..35c7dcd0b3 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -91,17 +91,19 @@ static int PKCS7_type_is_other(PKCS7* p7)
91 91
92 } 92 }
93 93
94static int PKCS7_type_is_octet_string(PKCS7* p7) 94static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
95 { 95 {
96 if ( 0==PKCS7_type_is_other(p7) ) 96 if ( PKCS7_type_is_data(p7))
97 return 0; 97 return p7->d.data;
98 98 if ( PKCS7_type_is_other(p7) && p7->d.other
99 return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0; 99 && (p7->d.other->type == V_ASN1_OCTET_STRING))
100 return p7->d.other->value.octet_string;
101 return NULL;
100 } 102 }
101 103
102BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) 104BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
103 { 105 {
104 int i,j; 106 int i;
105 BIO *out=NULL,*btmp=NULL; 107 BIO *out=NULL,*btmp=NULL;
106 X509_ALGOR *xa; 108 X509_ALGOR *xa;
107 const EVP_MD *evp_md; 109 const EVP_MD *evp_md;
@@ -159,8 +161,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
159 goto err; 161 goto err;
160 } 162 }
161 163
162 j=OBJ_obj2nid(xa->algorithm); 164 evp_md=EVP_get_digestbyobj(xa->algorithm);
163 evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
164 if (evp_md == NULL) 165 if (evp_md == NULL)
165 { 166 {
166 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE); 167 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -250,29 +251,22 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
250 btmp=NULL; 251 btmp=NULL;
251 } 252 }
252 253
253 if (bio == NULL) { 254 if (bio == NULL)
255 {
254 if (PKCS7_is_detached(p7)) 256 if (PKCS7_is_detached(p7))
255 bio=BIO_new(BIO_s_null()); 257 bio=BIO_new(BIO_s_null());
256 else { 258 else
257 if (PKCS7_type_is_signed(p7) ) { 259 {
258 if ( PKCS7_type_is_data(p7->d.sign->contents)) { 260 ASN1_OCTET_STRING *os;
259 ASN1_OCTET_STRING *os; 261 os = PKCS7_get_octet_string(p7->d.sign->contents);
260 os=p7->d.sign->contents->d.data; 262 if (os && os->length > 0)
261 if (os->length > 0) 263 bio = BIO_new_mem_buf(os->data, os->length);
262 bio = BIO_new_mem_buf(os->data, os->length); 264 if(bio == NULL)
263 } 265 {
264 else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
265 ASN1_OCTET_STRING *os;
266 os=p7->d.sign->contents->d.other->value.octet_string;
267 if (os->length > 0)
268 bio = BIO_new_mem_buf(os->data, os->length);
269 }
270 }
271 if(bio == NULL) {
272 bio=BIO_new(BIO_s_mem()); 266 bio=BIO_new(BIO_s_mem());
273 BIO_set_mem_eof_return(bio,0); 267 BIO_set_mem_eof_return(bio,0);
268 }
274 } 269 }
275 }
276 } 270 }
277 BIO_push(out,bio); 271 BIO_push(out,bio);
278 bio=NULL; 272 bio=NULL;
@@ -311,7 +305,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
311 switch (i) 305 switch (i)
312 { 306 {
313 case NID_pkcs7_signed: 307 case NID_pkcs7_signed:
314 data_body=p7->d.sign->contents->d.data; 308 data_body=PKCS7_get_octet_string(p7->d.sign->contents);
315 md_sk=p7->d.sign->md_algs; 309 md_sk=p7->d.sign->md_algs;
316 break; 310 break;
317 case NID_pkcs7_signedAndEnveloped: 311 case NID_pkcs7_signedAndEnveloped:
@@ -319,7 +313,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
319 md_sk=p7->d.signed_and_enveloped->md_algs; 313 md_sk=p7->d.signed_and_enveloped->md_algs;
320 data_body=p7->d.signed_and_enveloped->enc_data->enc_data; 314 data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
321 enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm; 315 enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
322 evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm))); 316 evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
323 if (evp_cipher == NULL) 317 if (evp_cipher == NULL)
324 { 318 {
325 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); 319 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -331,7 +325,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
331 rsk=p7->d.enveloped->recipientinfo; 325 rsk=p7->d.enveloped->recipientinfo;
332 enc_alg=p7->d.enveloped->enc_data->algorithm; 326 enc_alg=p7->d.enveloped->enc_data->algorithm;
333 data_body=p7->d.enveloped->enc_data->enc_data; 327 data_body=p7->d.enveloped->enc_data->enc_data;
334 evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm))); 328 evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
335 if (evp_cipher == NULL) 329 if (evp_cipher == NULL)
336 { 330 {
337 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); 331 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@@ -357,7 +351,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
357 } 351 }
358 352
359 j=OBJ_obj2nid(xa->algorithm); 353 j=OBJ_obj2nid(xa->algorithm);
360 evp_md=EVP_get_digestbyname(OBJ_nid2sn(j)); 354 evp_md=EVP_get_digestbynid(j);
361 if (evp_md == NULL) 355 if (evp_md == NULL)
362 { 356 {
363 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE); 357 PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@@ -531,9 +525,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
531 break; 525 break;
532 case NID_pkcs7_signed: 526 case NID_pkcs7_signed:
533 si_sk=p7->d.sign->signer_info; 527 si_sk=p7->d.sign->signer_info;
534 os=p7->d.sign->contents->d.data; 528 os=PKCS7_get_octet_string(p7->d.sign->contents);
535 /* If detached data then the content is excluded */ 529 /* If detached data then the content is excluded */
536 if(p7->detached) { 530 if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
537 M_ASN1_OCTET_STRING_free(os); 531 M_ASN1_OCTET_STRING_free(os);
538 p7->d.sign->contents->d.data = NULL; 532 p7->d.sign->contents->d.data = NULL;
539 } 533 }
diff --git a/src/lib/libcrypto/rand/Makefile.ssl b/src/lib/libcrypto/rand/Makefile.ssl
index df80702373..e5cbe5319c 100644
--- a/src/lib/libcrypto/rand/Makefile.ssl
+++ b/src/lib/libcrypto/rand/Makefile.ssl
@@ -101,7 +101,8 @@ md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
101md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 101md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
102md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h 102md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
103md_rand.o: md_rand.c rand_lcl.h 103md_rand.o: md_rand.c rand_lcl.h
104rand_egd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h 104rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
105rand_egd.o: ../../include/openssl/opensslconf.h
105rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h 106rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
106rand_egd.o: rand_egd.c 107rand_egd.o: rand_egd.c
107rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h 108rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
@@ -186,8 +187,9 @@ rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
186rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 187rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
187rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h 188rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
188rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c 189rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c
189randfile.o: ../../e_os.h ../../include/openssl/crypto.h 190randfile.o: ../../e_os.h ../../include/openssl/buffer.h
190randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h 191randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
192randfile.o: ../../include/openssl/opensslconf.h
191randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h 193randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
192randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h 194randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
193randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 195randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
index 895967476e..6f742900a0 100644
--- a/src/lib/libcrypto/rand/rand_egd.c
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -56,6 +56,7 @@
56 56
57#include <openssl/e_os2.h> 57#include <openssl/e_os2.h>
58#include <openssl/rand.h> 58#include <openssl/rand.h>
59#include <openssl/buffer.h>
59 60
60/* 61/*
61 * Query the EGD <URL: http://www.lothar.com/tech/crypto/>. 62 * Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
@@ -145,7 +146,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
145 addr.sun_family = AF_UNIX; 146 addr.sun_family = AF_UNIX;
146 if (strlen(path) >= sizeof(addr.sun_path)) 147 if (strlen(path) >= sizeof(addr.sun_path))
147 return (-1); 148 return (-1);
148 strlcpy(addr.sun_path,path,sizeof addr.sun_path); 149 BUF_strlcpy(addr.sun_path,path,sizeof addr.sun_path);
149 len = offsetof(struct sockaddr_un, sun_path) + strlen(path); 150 len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
150 fd = socket(AF_UNIX, SOCK_STREAM, 0); 151 fd = socket(AF_UNIX, SOCK_STREAM, 0);
151 if (fd == -1) return (-1); 152 if (fd == -1) return (-1);
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c
index 263068d256..3584842224 100644
--- a/src/lib/libcrypto/rand/rand_win.c
+++ b/src/lib/libcrypto/rand/rand_win.c
@@ -646,7 +646,7 @@ static void readtimer(void)
646 * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V. 646 * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
647 * 647 *
648 * Code adapted from 648 * Code adapted from
649 * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>; 649 * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
650 * the original copyright message is: 650 * the original copyright message is:
651 * 651 *
652 * (C) Copyright Microsoft Corp. 1993. All rights reserved. 652 * (C) Copyright Microsoft Corp. 1993. All rights reserved.
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index cfbec2ac1f..d88ee0d780 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -56,6 +56,9 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59/* We need to define this to get macros like S_IFBLK and S_IFCHR */
60#define _XOPEN_SOURCE 1
61
59#include <errno.h> 62#include <errno.h>
60#include <stdio.h> 63#include <stdio.h>
61#include <stdlib.h> 64#include <stdlib.h>
@@ -64,6 +67,7 @@
64#include "e_os.h" 67#include "e_os.h"
65#include <openssl/crypto.h> 68#include <openssl/crypto.h>
66#include <openssl/rand.h> 69#include <openssl/rand.h>
70#include <openssl/buffer.h>
67 71
68#ifdef OPENSSL_SYS_VMS 72#ifdef OPENSSL_SYS_VMS
69#include <unixio.h> 73#include <unixio.h>
@@ -106,6 +110,7 @@ int RAND_load_file(const char *file, long bytes)
106 110
107 in=fopen(file,"rb"); 111 in=fopen(file,"rb");
108 if (in == NULL) goto err; 112 if (in == NULL) goto err;
113#if defined(S_IFBLK) && defined(S_IFCHR)
109 if (sb.st_mode & (S_IFBLK | S_IFCHR)) { 114 if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
110 /* this file is a device. we don't want read an infinite number 115 /* this file is a device. we don't want read an infinite number
111 * of bytes from a random device, nor do we want to use buffered 116 * of bytes from a random device, nor do we want to use buffered
@@ -114,6 +119,7 @@ int RAND_load_file(const char *file, long bytes)
114 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ 119 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
115 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ 120 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
116 } 121 }
122#endif
117 for (;;) 123 for (;;)
118 { 124 {
119 if (bytes > 0) 125 if (bytes > 0)
@@ -147,6 +153,7 @@ int RAND_write_file(const char *file)
147 153
148 i=stat(file,&sb); 154 i=stat(file,&sb);
149 if (i != -1) { 155 if (i != -1) {
156#if defined(S_IFBLK) && defined(S_IFCHR)
150 if (sb.st_mode & (S_IFBLK | S_IFCHR)) { 157 if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
151 /* this file is a device. we don't write back to it. 158 /* this file is a device. we don't write back to it.
152 * we "succeed" on the assumption this is some sort 159 * we "succeed" on the assumption this is some sort
@@ -155,6 +162,7 @@ int RAND_write_file(const char *file)
155 */ 162 */
156 return(1); 163 return(1);
157 } 164 }
165#endif
158 } 166 }
159 167
160#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) 168#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
@@ -219,13 +227,15 @@ const char *RAND_file_name(char *buf, size_t size)
219 { 227 {
220 char *s=NULL; 228 char *s=NULL;
221 int ok = 0; 229 int ok = 0;
230#ifdef __OpenBSD__
222 struct stat sb; 231 struct stat sb;
232#endif
223 233
224 if (issetugid() == 0) 234 if (issetugid() == 0)
225 s=getenv("RANDFILE"); 235 s=getenv("RANDFILE");
226 if (s != NULL && *s && strlen(s) + 1 < size) 236 if (s != NULL && *s && strlen(s) + 1 < size)
227 { 237 {
228 if (strlcpy(buf,s,size) >= size) 238 if (BUF_strlcpy(buf,s,size) >= size)
229 return NULL; 239 return NULL;
230 } 240 }
231 else 241 else
@@ -240,11 +250,11 @@ const char *RAND_file_name(char *buf, size_t size)
240#endif 250#endif
241 if (s && *s && strlen(s)+strlen(RFILE)+2 < size) 251 if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
242 { 252 {
243 strlcpy(buf,s,size); 253 BUF_strlcpy(buf,s,size);
244#ifndef OPENSSL_SYS_VMS 254#ifndef OPENSSL_SYS_VMS
245 strlcat(buf,"/",size); 255 BUF_strlcat(buf,"/",size);
246#endif 256#endif
247 strlcat(buf,RFILE,size); 257 BUF_strlcat(buf,RFILE,size);
248 ok = 1; 258 ok = 1;
249 } 259 }
250 else 260 else
@@ -260,11 +270,11 @@ const char *RAND_file_name(char *buf, size_t size)
260 */ 270 */
261 271
262 if (!ok) 272 if (!ok)
263 if (strlcpy(buf,"/dev/arandom",size) >= size) { 273 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
264 return(NULL); 274 return(NULL);
265 } 275 }
266 if (stat(buf,&sb) == -1) 276 if (stat(buf,&sb) == -1)
267 if (strlcpy(buf,"/dev/arandom",size) >= size) { 277 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
268 return(NULL); 278 return(NULL);
269 } 279 }
270 280
diff --git a/src/lib/libcrypto/rc4/Makefile.ssl b/src/lib/libcrypto/rc4/Makefile.ssl
index 9f9e16068f..3e602662be 100644
--- a/src/lib/libcrypto/rc4/Makefile.ssl
+++ b/src/lib/libcrypto/rc4/Makefile.ssl
@@ -25,6 +25,7 @@ RC4_ENC=rc4_enc.o
25#RC4_ENC=asm/rx86bdsi.o 25#RC4_ENC=asm/rx86bdsi.o
26 26
27CFLAGS= $(INCLUDES) $(CFLAG) 27CFLAGS= $(INCLUDES) $(CFLAG)
28ASFLAGS= $(INCLUDES) $(ASFLAG)
28 29
29GENERAL=Makefile 30GENERAL=Makefile
30TEST=rc4test.c 31TEST=rc4test.c
diff --git a/src/lib/libcrypto/rc5/Makefile.ssl b/src/lib/libcrypto/rc5/Makefile.ssl
index a86f202f7b..3f9632f8f7 100644
--- a/src/lib/libcrypto/rc5/Makefile.ssl
+++ b/src/lib/libcrypto/rc5/Makefile.ssl
@@ -22,6 +22,7 @@ RC5_ENC= rc5_enc.o
22#DES_ENC= r586-elf.o 22#DES_ENC= r586-elf.o
23 23
24CFLAGS= $(INCLUDES) $(CFLAG) 24CFLAGS= $(INCLUDES) $(CFLAG)
25ASFLAGS= $(INCLUDES) $(ASFLAG)
25 26
26GENERAL=Makefile 27GENERAL=Makefile
27TEST=rc5test.c 28TEST=rc5test.c
diff --git a/src/lib/libcrypto/ripemd/Makefile.ssl b/src/lib/libcrypto/ripemd/Makefile.ssl
index d85515353b..f22ac790ae 100644
--- a/src/lib/libcrypto/ripemd/Makefile.ssl
+++ b/src/lib/libcrypto/ripemd/Makefile.ssl
@@ -20,6 +20,7 @@ AR= ar r
20RIP_ASM_OBJ= 20RIP_ASM_OBJ=
21 21
22CFLAGS= $(INCLUDES) $(CFLAG) 22CFLAGS= $(INCLUDES) $(CFLAG)
23ASFLAGS= $(INCLUDES) $(ASFLAG)
23 24
24GENERAL=Makefile 25GENERAL=Makefile
25TEST=rmdtest.c 26TEST=rmdtest.c
diff --git a/src/lib/libcrypto/sha/Makefile.ssl b/src/lib/libcrypto/sha/Makefile.ssl
index d52fb62b4f..4ba201c787 100644
--- a/src/lib/libcrypto/sha/Makefile.ssl
+++ b/src/lib/libcrypto/sha/Makefile.ssl
@@ -20,6 +20,7 @@ AR= ar r
20SHA1_ASM_OBJ= 20SHA1_ASM_OBJ=
21 21
22CFLAGS= $(INCLUDES) $(CFLAG) 22CFLAGS= $(INCLUDES) $(CFLAG)
23ASFLAGS= $(INCLUDES) $(ASFLAG)
23 24
24GENERAL=Makefile 25GENERAL=Makefile
25TEST=shatest.c sha1test.c 26TEST=shatest.c sha1test.c
diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl
index fe51fd0794..e00f709553 100644
--- a/src/lib/libcrypto/sha/asm/sha1-586.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-586.pl
@@ -1,5 +1,30 @@
1#!/usr/local/bin/perl 1#!/usr/local/bin/perl
2 2
3# It was noted that Intel IA-32 C compiler generates code which
4# performs ~30% *faster* on P4 CPU than original *hand-coded*
5# SHA1 assembler implementation. To address this problem (and
6# prove that humans are still better than machines:-), the
7# original code was overhauled, which resulted in following
8# performance changes:
9#
10# compared with original compared with Intel cc
11# assembler impl. generated code
12# Pentium -25% +37%
13# PIII/AMD +8% +16%
14# P4 +85%(!) +45%
15#
16# As you can see Pentium came out as looser:-( Yet I reckoned that
17# improvement on P4 outweights the loss and incorporate this
18# re-tuned code to 0.9.7 and later.
19# ----------------------------------------------------------------
20# Those who for any particular reason absolutely must score on
21# Pentium can replace this module with one from 0.9.6 distribution.
22# This "offer" shall be revoked the moment programming interface to
23# this module is changed, in which case this paragraph should be
24# removed.
25# ----------------------------------------------------------------
26# <appro@fy.chalmers.se>
27
3$normal=0; 28$normal=0;
4 29
5push(@INC,"perlasm","../../perlasm"); 30push(@INC,"perlasm","../../perlasm");
@@ -77,54 +102,21 @@ sub BODY_00_15
77 { 102 {
78 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; 103 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
79 104
80return if $n & 1;
81 &comment("00_15 $n"); 105 &comment("00_15 $n");
82 106
83 &mov($f,$c);
84
85 &mov($tmp1,$a);
86 &xor($f,$d); # F2
87
88 &rotl($tmp1,5); # A2
89
90 &and($f,$b); # F3
91 &add($tmp1,$e);
92
93 &rotr($b,1); # B1 <- F
94 &mov($e,&swtmp($n)); # G1
95
96 &rotr($b,1); # B1 <- F
97 &xor($f,$d); # F4
98
99 &lea($tmp1,&DWP($K,$tmp1,$e,1));
100
101############################
102# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
103# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
104$n++;
105 local($n0,$n1,$n2,$n3,$np)=&Na($n);
106 ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
107
108 &mov($f,$c);
109
110 &add($a,$tmp1); # MOVED DOWN
111 &xor($f,$d); # F2
112
113 &mov($tmp1,$a); 107 &mov($tmp1,$a);
114 &and($f,$b); # F3 108 &mov($f,$c); # f to hold F_00_19(b,c,d)
115 109 &rotl($tmp1,5); # tmp1=ROTATE(a,5)
116 &rotl($tmp1,5); # A2 110 &xor($f,$d);
117 111 &and($f,$b);
118 &add($tmp1,$e); 112 &rotr($b,2); # b=ROTATE(b,30)
119 &mov($e,&swtmp($n)); # G1 113 &add($tmp1,$e); # tmp1+=e;
120 114 &mov($e,&swtmp($n)); # e becomes volatile and
121 &rotr($b,1); # B1 <- F 115 # is loaded with xi
122 &xor($f,$d); # F4 116 &xor($f,$d); # f holds F_00_19(b,c,d)
123 117 &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi
124 &rotr($b,1); # B1 <- F 118
125 &lea($tmp1,&DWP($K,$tmp1,$e,1)); 119 &add($f,$tmp1); # f+=tmp1
126
127 &add($f,$tmp1);
128 } 120 }
129 121
130sub BODY_16_19 122sub BODY_16_19
@@ -132,66 +124,24 @@ sub BODY_16_19
132 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; 124 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
133 local($n0,$n1,$n2,$n3,$np)=&Na($n); 125 local($n0,$n1,$n2,$n3,$np)=&Na($n);
134 126
135return if $n & 1;
136 &comment("16_19 $n"); 127 &comment("16_19 $n");
137 128
138 &nop() if ($pos < 0); 129 &mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd)
139&mov($tmp1,&swtmp($n0)); # X1 130 &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
140 &mov($f,&swtmp($n1)); # X2 131 &xor($f,&swtmp($n0));
141&xor($f,$tmp1); # X3 132 &xor($tmp1,$d);
142 &mov($tmp1,&swtmp($n2)); # X4 133 &xor($f,&swtmp($n2));
143&xor($f,$tmp1); # X5 134 &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
144 &mov($tmp1,&swtmp($n3)); # X6 135 &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
145&xor($f,$tmp1); # X7 - slot 136 &rotr($b,2); # b=ROTATE(b,30)
146 &mov($tmp1,$c); # F1 137 &xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
147&rotl($f,1); # X8 - slot 138 &rotl($f,1); # f=ROATE(f,1)
148 &xor($tmp1,$d); # F2 139 &mov(&swtmp($n0),$f); # xi=f
149&mov(&swtmp($n0),$f); # X9 - anytime 140 &lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e
150 &and($tmp1,$b); # F3 141 &mov($e,$a); # e becomes volatile
151&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e 142 &add($f,$tmp1); # f+=F_00_19(b,c,d)
152 &xor($tmp1,$d); # F4 143 &rotl($e,5); # e=ROTATE(a,5)
153&mov($e,$a); # A1 144 &add($f,$e); # f+=ROTATE(a,5)
154 &add($f,$tmp1); # tot+=F();
155
156&rotl($e,5); # A2
157
158&rotr($b,1); # B1 <- F
159 &add($f,$e); # tot+=a
160
161############################
162# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
163# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
164$n++;
165 local($n0,$n1,$n2,$n3,$np)=&Na($n);
166 ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
167
168
169&mov($f,&swtmp($n0)); # X1
170 &mov($tmp1,&swtmp($n1)); # X2
171&xor($f,$tmp1); # X3
172 &mov($tmp1,&swtmp($n2)); # X4
173&xor($f,$tmp1); # X5
174 &mov($tmp1,&swtmp($n3)); # X6
175&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN
176 &xor($f,$tmp1); # X7 - slot
177&rotl($f,1); # X8 - slot
178 &mov($tmp1,$c); # F1
179&xor($tmp1,$d); # F2
180 &mov(&swtmp($n0),$f); # X9 - anytime
181&and($tmp1,$b); # F3
182 &lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
183
184&xor($tmp1,$d); # F4
185 &mov($e,$a); # A1
186
187&rotl($e,5); # A2
188
189&rotr($b,1); # B1 <- F
190 &add($f,$e); # tot+=a
191
192&rotr($b,1); # B1 <- F
193 &add($f,$tmp1); # tot+=F();
194
195 } 145 }
196 146
197sub BODY_20_39 147sub BODY_20_39
@@ -201,42 +151,21 @@ sub BODY_20_39
201 &comment("20_39 $n"); 151 &comment("20_39 $n");
202 local($n0,$n1,$n2,$n3,$np)=&Na($n); 152 local($n0,$n1,$n2,$n3,$np)=&Na($n);
203 153
204&mov($f,&swtmp($n0)); # X1 154 &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
205 &mov($tmp1,&swtmp($n1)); # X2 155 &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
206&xor($f,$tmp1); # X3 156 &xor($f,&swtmp($n1));
207 &mov($tmp1,&swtmp($n2)); # X4 157 &rotr($b,2); # b=ROTATE(b,30)
208&xor($f,$tmp1); # X5 158 &xor($f,&swtmp($n2));
209 &mov($tmp1,&swtmp($n3)); # X6 159 &xor($tmp1,$c);
210&xor($f,$tmp1); # X7 - slot 160 &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
211 &mov($tmp1,$b); # F1 161 &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
212&rotl($f,1); # X8 - slot 162 &rotl($f,1); # f=ROTATE(f,1)
213 &xor($tmp1,$c); # F2 163 &mov(&swtmp($n0),$f); # xi=f
214&mov(&swtmp($n0),$f); # X9 - anytime 164 &lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e
215 &xor($tmp1,$d); # F3 165 &mov($e,$a); # e becomes volatile
216 166 &rotl($e,5); # e=ROTATE(a,5)
217&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e 167 &add($f,$tmp1); # f+=F_20_39(b,c,d)
218 &mov($e,$a); # A1 168 &add($f,$e); # f+=ROTATE(a,5)
219
220&rotl($e,5); # A2
221
222if ($n != 79) # last loop
223 {
224 &rotr($b,1); # B1 <- F
225 &add($e,$tmp1); # tmp1=F()+a
226
227 &rotr($b,1); # B2 <- F
228 &add($f,$e); # tot+=tmp1;
229 }
230else
231 {
232 &add($e,$tmp1); # tmp1=F()+a
233 &mov($tmp1,&wparam(0));
234
235 &rotr($b,1); # B1 <- F
236 &add($f,$e); # tot+=tmp1;
237
238 &rotr($b,1); # B2 <- F
239 }
240 } 169 }
241 170
242sub BODY_40_59 171sub BODY_40_59
@@ -244,70 +173,27 @@ sub BODY_40_59
244 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; 173 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
245 174
246 &comment("40_59 $n"); 175 &comment("40_59 $n");
247 return if $n & 1;
248 local($n0,$n1,$n2,$n3,$np)=&Na($n); 176 local($n0,$n1,$n2,$n3,$np)=&Na($n);
249 177
250&mov($f,&swtmp($n0)); # X1 178 &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
251 &mov($tmp1,&swtmp($n1)); # X2 179 &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
252&xor($f,$tmp1); # X3 180 &xor($f,&swtmp($n1));
253 &mov($tmp1,&swtmp($n2)); # X4 181 &or($tmp1,$c);
254&xor($f,$tmp1); # X5 182 &xor($f,&swtmp($n2));
255 &mov($tmp1,&swtmp($n3)); # X6 183 &and($tmp1,$d);
256&xor($f,$tmp1); # X7 - slot 184 &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
257 &mov($tmp1,$b); # F1 185 &rotl($f,1); # f=ROTATE(f,1)
258&rotl($f,1); # X8 - slot 186 &mov(&swtmp($n0),$f); # xi=f
259 &or($tmp1,$c); # F2 187 &lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e
260&mov(&swtmp($n0),$f); # X9 - anytime 188 &mov($e,$b); # e becomes volatile and is used
261 &and($tmp1,$d); # F3 189 # to calculate F_40_59(b,c,d)
262 190 &rotr($b,2); # b=ROTATE(b,30)
263&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e 191 &and($e,$c);
264 &mov($e,$b); # F4 192 &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
265 193 &mov($e,$a);
266&rotr($b,1); # B1 <- F 194 &rotl($e,5); # e=ROTATE(a,5)
267 &and($e,$c); # F5 195 &add($tmp1,$e); # tmp1+=ROTATE(a,5)
268 196 &add($f,$tmp1); # f+=tmp1;
269&or($tmp1,$e); # F6
270 &mov($e,$a); # A1
271
272&rotl($e,5); # A2
273
274&add($tmp1,$e); # tmp1=F()+a
275
276############################
277# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
278# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
279$n++;
280 local($n0,$n1,$n2,$n3,$np)=&Na($n);
281 ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
282
283 &mov($f,&swtmp($n0)); # X1
284&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1
285 &mov($tmp1,&swtmp($n1)); # X2
286&xor($f,$tmp1); # X3
287 &mov($tmp1,&swtmp($n2)); # X4
288&xor($f,$tmp1); # X5
289 &mov($tmp1,&swtmp($n3)); # X6
290&rotr($c,1); # B2 <- F # moved was rotr b,1
291 &xor($f,$tmp1); # X7 - slot
292&rotl($f,1); # X8 - slot
293 &mov($tmp1,$b); # F1
294&mov(&swtmp($n0),$f); # X9 - anytime
295 &or($tmp1,$c); # F2
296&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
297 &mov($e,$b); # F4
298&and($tmp1,$d); # F3
299 &and($e,$c); # F5
300
301&or($tmp1,$e); # F6
302 &mov($e,$a); # A1
303
304&rotl($e,5); # A2
305
306&rotr($b,1); # B1 <- F
307 &add($tmp1,$e); # tmp1=F()+a
308
309&rotr($b,1); # B2 <- F
310 &add($f,$tmp1); # tot+=tmp1;
311 } 197 }
312 198
313sub BODY_60_79 199sub BODY_60_79
@@ -495,8 +381,7 @@ sub sha1_block_data
495 # C -> E 381 # C -> E
496 # D -> T 382 # D -> T
497 383
498 # The last 2 have been moved into the last loop 384 &mov($tmp1,&wparam(0));
499 # &mov($tmp1,&wparam(0));
500 385
501 &mov($D, &DWP(12,$tmp1,"",0)); 386 &mov($D, &DWP(12,$tmp1,"",0));
502 &add($D,$B); 387 &add($D,$B);
diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c
index 8973921778..7588966cb2 100644
--- a/src/lib/libcrypto/threads/mttest.c
+++ b/src/lib/libcrypto/threads/mttest.c
@@ -243,7 +243,7 @@ bad:
243 goto end; 243 goto end;
244 } 244 }
245 245
246 if (cipher == NULL && issetugid() == 0) 246 if (cipher == NULL && OPENSSL_issetugid() == 0)
247 cipher=getenv("SSL_CIPHER"); 247 cipher=getenv("SSL_CIPHER");
248 248
249 SSL_load_error_strings(); 249 SSL_load_error_strings();
diff --git a/src/lib/libcrypto/ui/ui_lib.c b/src/lib/libcrypto/ui/ui_lib.c
index 33c86d76ef..dbc9711a2d 100644
--- a/src/lib/libcrypto/ui/ui_lib.c
+++ b/src/lib/libcrypto/ui/ui_lib.c
@@ -430,14 +430,14 @@ char *UI_construct_prompt(UI *ui, const char *object_desc,
430 len += sizeof(prompt3) - 1; 430 len += sizeof(prompt3) - 1;
431 431
432 prompt = (char *)OPENSSL_malloc(len + 1); 432 prompt = (char *)OPENSSL_malloc(len + 1);
433 strlcpy(prompt, prompt1, len + 1); 433 BUF_strlcpy(prompt, prompt1, len + 1);
434 strlcat(prompt, object_desc, len + 1); 434 BUF_strlcat(prompt, object_desc, len + 1);
435 if (object_name) 435 if (object_name)
436 { 436 {
437 strlcat(prompt, prompt2, len + 1); 437 BUF_strlcat(prompt, prompt2, len + 1);
438 strlcat(prompt, object_name, len + 1); 438 BUF_strlcat(prompt, object_name, len + 1);
439 } 439 }
440 strlcat(prompt, prompt3, len + 1); 440 BUF_strlcat(prompt, prompt3, len + 1);
441 } 441 }
442 return prompt; 442 return prompt;
443 } 443 }
@@ -865,8 +865,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
865 return -1; 865 return -1;
866 } 866 }
867 867
868 strlcpy(uis->result_buf, result, 868 BUF_strlcpy(uis->result_buf, result,
869 uis->_.string_data.result_maxsize + 1); 869 uis->_.string_data.result_maxsize + 1);
870 break; 870 break;
871 case UIT_BOOLEAN: 871 case UIT_BOOLEAN:
872 { 872 {
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl
index c538f9dffb..b4bc0457e5 100644
--- a/src/lib/libcrypto/util/mk1mf.pl
+++ b/src/lib/libcrypto/util/mk1mf.pl
@@ -277,6 +277,8 @@ $defs= <<"EOF";
277 277
278EOF 278EOF
279 279
280$defs .= $preamble if defined $preamble;
281
280if ($platform eq "VC-CE") 282if ($platform eq "VC-CE")
281 { 283 {
282 $defs.= <<"EOF"; 284 $defs.= <<"EOF";
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl
index cdd2164c4e..01a1bfda19 100644
--- a/src/lib/libcrypto/util/mkdef.pl
+++ b/src/lib/libcrypto/util/mkdef.pl
@@ -1116,27 +1116,55 @@ sub print_test_file
1116 } 1116 }
1117} 1117}
1118 1118
1119sub get_version {
1120 local *MF;
1121 my $v = '?';
1122 open MF, 'Makefile.ssl' or return $v;
1123 while (<MF>) {
1124 $v = $1, last if /^VERSION=(.*?)\s*$/;
1125 }
1126 close MF;
1127 return $v;
1128}
1129
1119sub print_def_file 1130sub print_def_file
1120{ 1131{
1121 (*OUT,my $name,*nums,my @symbols)=@_; 1132 (*OUT,my $name,*nums,my @symbols)=@_;
1122 my $n = 1; my @e; my @r; my @v; my $prev=""; 1133 my $n = 1; my @e; my @r; my @v; my $prev="";
1123 my $liboptions=""; 1134 my $liboptions="";
1135 my $libname = $name;
1136 my $http_vendor = 'www.openssl.org/';
1137 my $version = get_version();
1138 my $what = "OpenSSL: implementation of Secure Socket Layer";
1139 my $description = "$what $version, $name - http://$http_vendor";
1124 1140
1125 if ($W32) 1141 if ($W32)
1126 { $name.="32"; } 1142 { $libname.="32"; }
1127 elsif ($W16) 1143 elsif ($W16)
1128 { $name.="16"; } 1144 { $libname.="16"; }
1129 elsif ($OS2) 1145 elsif ($OS2)
1130 { $liboptions = "INITINSTANCE\nDATA NONSHARED"; } 1146 { # DLL names should not clash on the whole system.
1147 # However, they should not have any particular relationship
1148 # to the name of the static library. Chose descriptive names
1149 # (must be at most 8 chars).
1150 my %translate = (ssl => 'open_ssl', crypto => 'cryptssl');
1151 $libname = $translate{$name} || $name;
1152 $liboptions = <<EOO;
1153INITINSTANCE
1154DATA MULTIPLE NONSHARED
1155EOO
1156 # Vendor field can't contain colon, drat; so we omit http://
1157 $description = "\@#$http_vendor:$version#\@$what; DLL for library $name. Build for EMX -Zmtd";
1158 }
1131 1159
1132 print OUT <<"EOF"; 1160 print OUT <<"EOF";
1133; 1161;
1134; Definition file for the DLL version of the $name library from OpenSSL 1162; Definition file for the DLL version of the $name library from OpenSSL
1135; 1163;
1136 1164
1137LIBRARY $name $liboptions 1165LIBRARY $libname $liboptions
1138 1166
1139DESCRIPTION 'OpenSSL $name - http://www.openssl.org/' 1167DESCRIPTION '$description'
1140 1168
1141EOF 1169EOF
1142 1170
diff --git a/src/lib/libcrypto/util/pl/OS2-EMX.pl b/src/lib/libcrypto/util/pl/OS2-EMX.pl
index d695dda623..ddb3524210 100644
--- a/src/lib/libcrypto/util/pl/OS2-EMX.pl
+++ b/src/lib/libcrypto/util/pl/OS2-EMX.pl
@@ -3,10 +3,12 @@
3# OS2-EMX.pl - for EMX GCC on OS/2 3# OS2-EMX.pl - for EMX GCC on OS/2
4# 4#
5 5
6$o='\\'; 6$o='/';
7$cp='copy'; 7$cp='cp';
8$rm='rm -f'; 8$rm='rm -f';
9 9
10$preamble = "SHELL=sh\n";
11
10# C compiler stuff 12# C compiler stuff
11 13
12$cc='gcc'; 14$cc='gcc';
@@ -48,24 +50,24 @@ $bf_enc_src="";
48 50
49if (!$no_asm) 51if (!$no_asm)
50 { 52 {
51 $bn_asm_obj="crypto\\bn\\asm\\bn-os2$obj crypto\\bn\\asm\\co-os2$obj"; 53 $bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj";
52 $bn_asm_src="crypto\\bn\\asm\\bn-os2.asm crypto\\bn\\asm\\co-os2.asm"; 54 $bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm";
53 $des_enc_obj="crypto\\des\\asm\\d-os2$obj crypto\\des\\asm\\y-os2$obj"; 55 $des_enc_obj="crypto/des/asm/d-os2$obj crypto/des/asm/y-os2$obj";
54 $des_enc_src="crypto\\des\\asm\\d-os2.asm crypto\\des\\asm\\y-os2.asm"; 56 $des_enc_src="crypto/des/asm/d-os2.asm crypto/des/asm/y-os2.asm";
55 $bf_enc_obj="crypto\\bf\\asm\\b-os2$obj"; 57 $bf_enc_obj="crypto/bf/asm/b-os2$obj";
56 $bf_enc_src="crypto\\bf\\asm\\b-os2.asm"; 58 $bf_enc_src="crypto/bf/asm/b-os2.asm";
57 $cast_enc_obj="crypto\\cast\\asm\\c-os2$obj"; 59 $cast_enc_obj="crypto/cast/asm/c-os2$obj";
58 $cast_enc_src="crypto\\cast\\asm\\c-os2.asm"; 60 $cast_enc_src="crypto/cast/asm/c-os2.asm";
59 $rc4_enc_obj="crypto\\rc4\\asm\\r4-os2$obj"; 61 $rc4_enc_obj="crypto/rc4/asm/r4-os2$obj";
60 $rc4_enc_src="crypto\\rc4\\asm\\r4-os2.asm"; 62 $rc4_enc_src="crypto/rc4/asm/r4-os2.asm";
61 $rc5_enc_obj="crypto\\rc5\\asm\\r5-os2$obj"; 63 $rc5_enc_obj="crypto/rc5/asm/r5-os2$obj";
62 $rc5_enc_src="crypto\\rc5\\asm\\r5-os2.asm"; 64 $rc5_enc_src="crypto/rc5/asm/r5-os2.asm";
63 $md5_asm_obj="crypto\\md5\\asm\\m5-os2$obj"; 65 $md5_asm_obj="crypto/md5/asm/m5-os2$obj";
64 $md5_asm_src="crypto\\md5\\asm\\m5-os2.asm"; 66 $md5_asm_src="crypto/md5/asm/m5-os2.asm";
65 $sha1_asm_obj="crypto\\sha\\asm\\s1-os2$obj"; 67 $sha1_asm_obj="crypto/sha/asm/s1-os2$obj";
66 $sha1_asm_src="crypto\\sha\\asm\\s1-os2.asm"; 68 $sha1_asm_src="crypto/sha/asm/s1-os2.asm";
67 $rmd160_asm_obj="crypto\\ripemd\\asm\\rm-os2$obj"; 69 $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
68 $rmd160_asm_src="crypto\\ripemd\\asm\\rm-os2.asm"; 70 $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
69 } 71 }
70 72
71if ($shlib) 73if ($shlib)
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index a5c306f1fd..6207340472 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -302,8 +302,38 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
302 k=0; 302 k=0;
303 for (;;) 303 for (;;)
304 { 304 {
305 snprintf(b->data,b->max,"%s/%08lx.%s%d",ctx->dirs[i],h, 305 char c = '/';
306 postfix,k); 306#ifdef OPENSSL_SYS_VMS
307 c = ctx->dirs[i][strlen(ctx->dirs[i])-1];
308 if (c != ':' && c != '>' && c != ']')
309 {
310 /* If no separator is present, we assume the
311 directory specifier is a logical name, and
312 add a colon. We really should use better
313 VMS routines for merging things like this,
314 but this will do for now...
315 -- Richard Levitte */
316 c = ':';
317 }
318 else
319 {
320 c = '\0';
321 }
322#endif
323 if (c == '\0')
324 {
325 /* This is special. When c == '\0', no
326 directory separator should be added. */
327 BIO_snprintf(b->data,b->max,
328 "%s%08lx.%s%d",ctx->dirs[i],h,
329 postfix,k);
330 }
331 else
332 {
333 BIO_snprintf(b->data,b->max,
334 "%s%c%08lx.%s%d",ctx->dirs[i],c,h,
335 postfix,k);
336 }
307 k++; 337 k++;
308 if (stat(b->data,&st) < 0) 338 if (stat(b->data,&st) < 0)
309 break; 339 break;
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index eaad5685a8..8d0c7e2e17 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -810,10 +810,6 @@ X509_REQ *X509_REQ_dup(X509_REQ *req);
810X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); 810X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
811X509_NAME *X509_NAME_dup(X509_NAME *xn); 811X509_NAME *X509_NAME_dup(X509_NAME *xn);
812X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 812X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
813#ifndef OPENSSL_NO_RSA
814RSA *RSAPublicKey_dup(RSA *rsa);
815RSA *RSAPrivateKey_dup(RSA *rsa);
816#endif
817 813
818#endif /* !SSLEAY_MACROS */ 814#endif /* !SSLEAY_MACROS */
819 815
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
index 9d09ae17e8..e31ebc6741 100644
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ b/src/lib/libcrypto/x509/x509_txt.c
@@ -147,8 +147,14 @@ const char *X509_verify_cert_error_string(long n)
147 case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: 147 case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
148 return("unhandled critical extension"); 148 return("unhandled critical extension");
149 149
150 case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
151 return("key usage does not include CRL signing");
152
153 case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
154 return("unhandled critical CRL extension");
155
150 default: 156 default:
151 snprintf(buf,sizeof buf,"error number %ld",n); 157 BIO_snprintf(buf,sizeof buf,"error number %ld",n);
152 return(buf); 158 return(buf);
153 } 159 }
154 } 160 }
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 2bb21b443e..2e4d0b823a 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -383,6 +383,7 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
383 /* Check all untrusted certificates */ 383 /* Check all untrusted certificates */
384 for (i = 0; i < ctx->last_untrusted; i++) 384 for (i = 0; i < ctx->last_untrusted; i++)
385 { 385 {
386 int ret;
386 x = sk_X509_value(ctx->chain, i); 387 x = sk_X509_value(ctx->chain, i);
387 if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL) 388 if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
388 && (x->ex_flags & EXFLAG_CRITICAL)) 389 && (x->ex_flags & EXFLAG_CRITICAL))
@@ -393,7 +394,10 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
393 ok=cb(0,ctx); 394 ok=cb(0,ctx);
394 if (!ok) goto end; 395 if (!ok) goto end;
395 } 396 }
396 if (!X509_check_purpose(x, ctx->purpose, i)) 397 ret = X509_check_purpose(x, ctx->purpose, i);
398 if ((ret == 0)
399 || ((ctx->flags & X509_V_FLAG_X509_STRICT)
400 && (ret != 1)))
397 { 401 {
398 if (i) 402 if (i)
399 ctx->error = X509_V_ERR_INVALID_CA; 403 ctx->error = X509_V_ERR_INVALID_CA;
@@ -537,6 +541,14 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
537 541
538 if(issuer) 542 if(issuer)
539 { 543 {
544 /* Check for cRLSign bit if keyUsage present */
545 if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
546 !(issuer->ex_kusage & KU_CRL_SIGN))
547 {
548 ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
549 ok = ctx->verify_cb(0, ctx);
550 if(!ok) goto err;
551 }
540 552
541 /* Attempt to get issuer certificate public key */ 553 /* Attempt to get issuer certificate public key */
542 ikey = X509_get_pubkey(issuer); 554 ikey = X509_get_pubkey(issuer);
@@ -611,17 +623,46 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
611 { 623 {
612 int idx, ok; 624 int idx, ok;
613 X509_REVOKED rtmp; 625 X509_REVOKED rtmp;
626 STACK_OF(X509_EXTENSION) *exts;
627 X509_EXTENSION *ext;
614 /* Look for serial number of certificate in CRL */ 628 /* Look for serial number of certificate in CRL */
615 rtmp.serialNumber = X509_get_serialNumber(x); 629 rtmp.serialNumber = X509_get_serialNumber(x);
616 idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); 630 idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
617 /* Not found: OK */ 631 /* If found assume revoked: want something cleverer than
618 if(idx == -1) return 1;
619 /* Otherwise revoked: want something cleverer than
620 * this to handle entry extensions in V2 CRLs. 632 * this to handle entry extensions in V2 CRLs.
621 */ 633 */
622 ctx->error = X509_V_ERR_CERT_REVOKED; 634 if(idx >= 0)
623 ok = ctx->verify_cb(0, ctx); 635 {
624 return ok; 636 ctx->error = X509_V_ERR_CERT_REVOKED;
637 ok = ctx->verify_cb(0, ctx);
638 if (!ok) return 0;
639 }
640
641 if (ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
642 return 1;
643
644 /* See if we have any critical CRL extensions: since we
645 * currently don't handle any CRL extensions the CRL must be
646 * rejected.
647 * This code accesses the X509_CRL structure directly: applications
648 * shouldn't do this.
649 */
650
651 exts = crl->crl->extensions;
652
653 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++)
654 {
655 ext = sk_X509_EXTENSION_value(exts, idx);
656 if (ext->critical > 0)
657 {
658 ctx->error =
659 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
660 ok = ctx->verify_cb(0, ctx);
661 if(!ok) return 0;
662 break;
663 }
664 }
665 return 1;
625 } 666 }
626 667
627static int internal_verify(X509_STORE_CTX *ctx) 668static int internal_verify(X509_STORE_CTX *ctx)
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index f0be21f452..198495884c 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -304,17 +304,26 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
304 304
305#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 305#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
306#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 306#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
307#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
308#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
307 309
308/* The application is not happy */ 310/* The application is not happy */
309#define X509_V_ERR_APPLICATION_VERIFICATION 50 311#define X509_V_ERR_APPLICATION_VERIFICATION 50
310 312
311/* Certificate verify flags */ 313/* Certificate verify flags */
312 314
313#define X509_V_FLAG_CB_ISSUER_CHECK 0x1 /* Send issuer+subject checks to verify_cb */ 315/* Send issuer+subject checks to verify_cb */
314#define X509_V_FLAG_USE_CHECK_TIME 0x2 /* Use check time instead of current time */ 316#define X509_V_FLAG_CB_ISSUER_CHECK 0x1
315#define X509_V_FLAG_CRL_CHECK 0x4 /* Lookup CRLs */ 317/* Use check time instead of current time */
316#define X509_V_FLAG_CRL_CHECK_ALL 0x8 /* Lookup CRLs for whole chain */ 318#define X509_V_FLAG_USE_CHECK_TIME 0x2
317#define X509_V_FLAG_IGNORE_CRITICAL 0x10 /* Ignore unhandled critical extensions */ 319/* Lookup CRLs */
320#define X509_V_FLAG_CRL_CHECK 0x4
321/* Lookup CRLs for whole chain */
322#define X509_V_FLAG_CRL_CHECK_ALL 0x8
323/* Ignore unhandled critical extensions */
324#define X509_V_FLAG_IGNORE_CRITICAL 0x10
325/* Disable workarounds for broken certificates */
326#define X509_V_FLAG_X509_STRICT 0x20
318 327
319int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, 328int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
320 X509_NAME *name); 329 X509_NAME *name);
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c
index f78c2a6b43..c25959a742 100644
--- a/src/lib/libcrypto/x509/x509type.c
+++ b/src/lib/libcrypto/x509/x509type.c
@@ -106,7 +106,7 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
106 break; 106 break;
107 } 107 }
108 108
109 if (EVP_PKEY_size(pk) <= 512/8) /* /8 because it's 512 bits we look 109 if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
110 for, not bytes */ 110 for, not bytes */
111 ret|=EVP_PKT_EXP; 111 ret|=EVP_PKT_EXP;
112 if(pkey==NULL) EVP_PKEY_free(pk); 112 if(pkey==NULL) EVP_PKEY_free(pk);
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index 0fae31a3a6..58b935a3b6 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -137,8 +137,8 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
137 X509V3_add_value("IP Address","<invalid>", &ret); 137 X509V3_add_value("IP Address","<invalid>", &ret);
138 break; 138 break;
139 } 139 }
140 snprintf(oline, sizeof oline, "%d.%d.%d.%d", p[0], p[1], p[2], 140 BIO_snprintf(oline, sizeof oline,
141 p[3]); 141 "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
142 X509V3_add_value("IP Address",oline, &ret); 142 X509V3_add_value("IP Address",oline, &ret);
143 break; 143 break;
144 144
diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c
index 894a8b94d8..f90829c574 100644
--- a/src/lib/libcrypto/x509v3/v3_crld.c
+++ b/src/lib/libcrypto/x509v3/v3_crld.c
@@ -156,7 +156,7 @@ ASN1_SEQUENCE(DIST_POINT) = {
156IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT) 156IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
157 157
158ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = 158ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
159 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT) 159 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT)
160ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS) 160ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
161 161
162IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS) 162IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index 28cc00686a..53e3f48859 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -121,9 +121,9 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method
121 ERR_R_MALLOC_FAILURE); 121 ERR_R_MALLOC_FAILURE);
122 return NULL; 122 return NULL;
123 } 123 }
124 strlcpy(ntmp, objtmp, nlen); 124 BUF_strlcpy(ntmp, objtmp, nlen);
125 strlcat(ntmp, " - ", nlen); 125 BUF_strlcat(ntmp, " - ", nlen);
126 strlcat(ntmp, vtmp->name, nlen); 126 BUF_strlcat(ntmp, vtmp->name, nlen);
127 OPENSSL_free(vtmp->name); 127 OPENSSL_free(vtmp->name);
128 vtmp->name = ntmp; 128 vtmp->name = ntmp;
129 129
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c
index 4d145f71fd..b3d1ae5d1c 100644
--- a/src/lib/libcrypto/x509v3/v3_purp.c
+++ b/src/lib/libcrypto/x509v3/v3_purp.c
@@ -3,7 +3,7 @@
3 * project 2001. 3 * project 2001.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -415,6 +415,7 @@ static void x509v3_cache_extensions(X509 *x)
415 * 1 is a CA 415 * 1 is a CA
416 * 2 basicConstraints absent so "maybe" a CA 416 * 2 basicConstraints absent so "maybe" a CA
417 * 3 basicConstraints absent but self signed V1. 417 * 3 basicConstraints absent but self signed V1.
418 * 4 basicConstraints absent but keyUsage present and keyCertSign asserted.
418 */ 419 */
419 420
420#define V1_ROOT (EXFLAG_V1|EXFLAG_SS) 421#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
@@ -436,7 +437,7 @@ static int ca_check(const X509 *x)
436 } else { 437 } else {
437 if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3; 438 if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3;
438 /* If key usage present it must have certSign so tolerate it */ 439 /* If key usage present it must have certSign so tolerate it */
439 else if (x->ex_flags & EXFLAG_KUSAGE) return 3; 440 else if (x->ex_flags & EXFLAG_KUSAGE) return 4;
440 else return 2; 441 else return 2;
441 } 442 }
442} 443}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 00:54:00 +0000