openssl 0.9.4

author: beck <> 1999-09-29 05:55:59 +0000
committer: beck <> 1999-09-29 05:55:59 +0000
commit: 88aa5279df03ba6125ac91826df265799773f092 (patch)
tree: f7fc2496cdc69f28b4d7fd1016916208dd88870a /src/lib
parent: 648e4f0876a3773381cbfff3192dd84dd1c8c925 (diff)
download: openbsd-88aa5279df03ba6125ac91826df265799773f092.tar.gz
openbsd-88aa5279df03ba6125ac91826df265799773f092.tar.bz2
openbsd-88aa5279df03ba6125ac91826df265799773f092.zip
3 files changed, 92 insertions, 43 deletions
diff --git a/src/lib/libssl/Makefile.bsd-wrapper b/src/lib/libssl/Makefile.bsd-wrapper
index 282912514d..2759c96946 100644
--- a/src/lib/libssl/Makefile.bsd-wrapper
+++ b/src/lib/libssl/Makefile.bsd-wrapper
@@ -1,34 +1,33 @@
-# Build wrapper for SSLeay.
+# Build wrapper for OpenSSL
-# $OpenBSD: Makefile.bsd-wrapper,v 1.9 1999/03/17 18:25:56 deraadt Exp $
+# $OpenBSD: Makefile.bsd-wrapper,v 1.10 1999/09/29 05:55:59 beck Exp $
 # Our lndir is hacked; specify a full path to avoid potential conflicts
 # with the one installed with X11.
 LNDIR=          /usr/bin/lndir
+# Figure out what flag we use to OpenSSL's configure. This
-# Figure out what flag we use to SSLeay's configure. This
 # needs to be tested on all architectures.
 .if ${MACHINE_ARCH} == "i386"
-SSLCONF=        OpenBSD-x86
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-x86
 .else
-.if ${MACHINE_ARCH} == "pmax"
+.if ${MACHINE} == "pmax"
-SSLCONF=        OpenBSD-pmax
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-pmax
 .else
-.if ${MACHINE_ARCH} == "arc"
+.if ${MACHINE} == "arc"
-SSLCONF=        OpenBSD-arc
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-arc
 .else
 .if ${MACHINE_ARCH} == "alpha"
-SSLCONF=        OpenBSD-alpha
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-alpha
 .else
 .if ${MACHINE_ARCH} == "sparc"
-SSLCONF=        OpenBSD-bigendian
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-bigendian
 .else
 .if ${MACHINE_ARCH} == "m88k"
-SSLCONF=        OpenBSD-bigendian
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-bigendian
 .else
 ##UNTESTED!     
-SSLCONF=        OpenBSD-bigendian
+SSLCONF=        --openssldir=/etc/ssl OpenBSD-bigendian
 .endif
 .endif
 .endif
@@ -36,15 +35,7 @@ SSLCONF=	OpenBSD-bigendian
 .endif
 .endif
-MUNGEDFILES =   ${.OBJDIR}/${SSL_SRC}/crypto/bf/bf_locl.h \
+MUNGEDFILES =   ${.OBJDIR}/${SSL_SRC}/crypto/opensslconf.h ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h ${.OBJDIR}/${SSL_SRC}/Makefile.ssl ${.OBJDIR}/${SSL_SRC}/Makefile ${.OBJDIR}/${SSL_SRC}/apps/der_chop ${.OBJDIR}/${SSL_SRC}/tools/c_rehash
-                ${.OBJDIR}/${SSL_SRC}/crypto/bn/bn.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/des/des.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/des/des_locl.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/idea/idea.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/md2/md2.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/rc2/rc2.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/rc4/rc4.h \
-                ${.OBJDIR}/${SSL_SRC}/crypto/rc4/rc4_locl.h
 .include <bsd.own.mk>
@@ -61,29 +52,32 @@ all: 	prereq
 includes: prereq
        cd ${.OBJDIR} && ${MAKE} includes
-prereq: ${.OBJDIR}/${SSL_SRC}/crypto/md2/md2.h
+prereq: ${.OBJDIR}/${SSL_SRC}/Makefile.ssl ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h
 install:
        cd ${.OBJDIR} && ${MAKE} install
-${.OBJDIR}/${SSL_SRC}/crypto/md2/md2.h : ${.OBJDIR}/${SSL_SRC}/Makefile.ssl
+${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h: ${.OBJDIR}/${SSL_SRC}/crypto/objects/objects.h
+        /usr/bin/perl ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.pl < ${.OBJDIR}/${SSL_SRC}/crypto/objects/objects.h > ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h
+${.OBJDIR}/${SSL_SRC}/Makefile.ssl : ${.OBJDIR}/${SSL_SRC}/Makefile.org
        cd ${.OBJDIR}/${SSL_SRC} && /usr/bin/perl Configure ${SSLCONF}
-.if !exists(${.OBJDIR}/${SSL_SRC}/Makefile.ssl)
+.if !exists(${.OBJDIR}/${SSL_SRC}/Makefile.org)
-${.OBJDIR}/${SSL_SRC}/Makefile.ssl: ${.CURDIR}/${SSL_SRC}/Makefile.ssl
+${.OBJDIR}/${SSL_SRC}/Makefile.org: ${.CURDIR}/${SSL_SRC}/Makefile.org
-        ${LNDIR} -s -e obj -e obj.${MACHINE_ARCH} -e Makefile.bsd-wrapper -e Makefile.ssl ${.CURDIR} && cp ${.CURDIR}/${SSL_SRC}/Makefile.ssl ${.OBJDIR}/${SSL_SRC}
+        ${LNDIR} -s -e obj -e obj.${MACHINE_ARCH} -e Makefile.bsd-wrapper ${.CURDIR}
 .endif
-clean:  ${.OBJDIR}/${SSL_SRC}/Makefile.ssl
+clean:
        cd ${.OBJDIR} && ${MAKE} clean
-cleandir: ${.OBJDIR}/${SSL_SRC}/Makefile.ssl
+cleandir: clean
-        cd ${.OBJDIR} && rm -f ${MUNGEDFILES} && ${MAKE} cleandir
+        cd ${.OBJDIR} && rm -f ${MUNGEDFILES}
 test:
        # Nothing here so far...
-depend:
+depend: prereq
        # Nothing here so far...
 lint:
@@ -94,7 +88,7 @@ tags:
 distribution:
        ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
-           ${.CURDIR}/ssleay.cnf ${DESTDIR}/etc/ssl/lib/ssleay.cnf
+           ${.CURDIR}/openssl.cnf ${DESTDIR}/etc/ssl/openssl.cnf
 .include <bsd.obj.mk>
 .include <bsd.subdir.mk>
diff --git a/src/lib/libssl/README.OPENBSD b/src/lib/libssl/README.OPENBSD
index 7cc3d0d424..063259deb7 100644
--- a/src/lib/libssl/README.OPENBSD
+++ b/src/lib/libssl/README.OPENBSD
@@ -1,18 +1,8 @@
-        This is an SSLeay-0.9.0b (the b means the PKCS#1 bug is fixed) tree.
+        This is based on an OpenSSL-0.9.4
        
        It has the following modifcations made to it.
-        0) util/perlpath.pl has been run to change perlpath to /usr/bin
-           util/ssldir.pl has been run to change the ssl dir to /usr/ssl
-           Null check added to crypto/err/err.c (mailed to Eric Young)
-           to avoid problems in error handling.  Includes install into
-           /usr/include/ssl, certs and configs are expected to be in
-           /etc/ssl.
-        1) Changes for openbsd compilation to have been made to
-           config and Configure (these have been sent to Eric Young)
 NOTES:
        Many tests will fail miserably, since most of them start
diff --git a/src/lib/libssl/openssl.cnf b/src/lib/libssl/openssl.cnf
new file mode 100644
index 0000000000..bb97b155b8
--- /dev/null
+++ b/src/lib/libssl/openssl.cnf
@@ -0,0 +1,65 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+RANDFILE                = /dev/arandom
+####################################################################
+[ req ]
+default_bits            = 1024
+default_keyfile         = privkey.pem
+distinguished_name      = req_distinguished_name
+attributes              = req_attributes
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+#countryName_default            = AU
+countryName_min                 = 2
+countryName_max                 = 2
+stateOrProvinceName             = State or Province Name (full name)
+#stateOrProvinceName_default    = Some-State
+localityName                    = Locality Name (eg, city)
+0.organizationName              = Organization Name (eg, company)
+#0.organizationName_default     = Internet Widgits Pty Ltd
+# we can do this but it is not needed normally :-)
+#1.organizationName             = Second Organization Name (eg, company)
+#1.organizationName_default     = CryptSoft Pty Ltd
+organizationalUnitName          = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+commonName                      = Common Name (eg, fully qualified host name)
+commonName_max                  = 64
+emailAddress                    = Email Address
+emailAddress_max                = 64
+[ req_attributes ]
+challengePassword               = A challenge password
+challengePassword_min           = 4
+challengePassword_max           = 20
+unstructuredName                = An optional company name
+[ x509v3_extensions ]
+nsCaRevocationUrl               = http://www.cryptsoft.com/ca-crl.pem
+nsComment                       = "This is a comment"
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType                      = 0x40
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
author	beck <>	1999-09-29 05:55:59 +0000
committer	beck <>	1999-09-29 05:55:59 +0000
commit	88aa5279df03ba6125ac91826df265799773f092 (patch)
tree	f7fc2496cdc69f28b4d7fd1016916208dd88870a /src/lib
parent	648e4f0876a3773381cbfff3192dd84dd1c8c925 (diff)
download	openbsd-88aa5279df03ba6125ac91826df265799773f092.tar.gz openbsd-88aa5279df03ba6125ac91826df265799773f092.tar.bz2 openbsd-88aa5279df03ba6125ac91826df265799773f092.zip

diff --git a/src/lib/libssl/Makefile.bsd-wrapper b/src/lib/libssl/Makefile.bsd-wrapper index 282912514d..2759c96946 100644 --- a/src/lib/libssl/Makefile.bsd-wrapper +++ b/src/lib/libssl/Makefile.bsd-wrapper
@@ -1,34 +1,33 @@
1	# Build wrapper for SSLeay.	1	# Build wrapper for OpenSSL
2	# $OpenBSD: Makefile.bsd-wrapper,v 1.9 1999/03/17 18:25:56 deraadt Exp $	2	# $OpenBSD: Makefile.bsd-wrapper,v 1.10 1999/09/29 05:55:59 beck Exp $
3		3
4	# Our lndir is hacked; specify a full path to avoid potential conflicts	4	# Our lndir is hacked; specify a full path to avoid potential conflicts
5	# with the one installed with X11.	5	# with the one installed with X11.
6	LNDIR= /usr/bin/lndir	6	LNDIR= /usr/bin/lndir
7		7
8		8	# Figure out what flag we use to OpenSSL's configure. This
9	# Figure out what flag we use to SSLeay's configure. This
10	# needs to be tested on all architectures.	9	# needs to be tested on all architectures.
11		10
12	.if ${MACHINE_ARCH} == "i386"	11	.if ${MACHINE_ARCH} == "i386"
13	SSLCONF= OpenBSD-x86	12	SSLCONF= --openssldir=/etc/ssl OpenBSD-x86
14	.else	13	.else
15	.if ${MACHINE_ARCH} == "pmax"	14	.if ${MACHINE} == "pmax"
16	SSLCONF= OpenBSD-pmax	15	SSLCONF= --openssldir=/etc/ssl OpenBSD-pmax
17	.else	16	.else
18	.if ${MACHINE_ARCH} == "arc"	17	.if ${MACHINE} == "arc"
19	SSLCONF= OpenBSD-arc	18	SSLCONF= --openssldir=/etc/ssl OpenBSD-arc
20	.else	19	.else
21	.if ${MACHINE_ARCH} == "alpha"	20	.if ${MACHINE_ARCH} == "alpha"
22	SSLCONF= OpenBSD-alpha	21	SSLCONF= --openssldir=/etc/ssl OpenBSD-alpha
23	.else	22	.else
24	.if ${MACHINE_ARCH} == "sparc"	23	.if ${MACHINE_ARCH} == "sparc"
25	SSLCONF= OpenBSD-bigendian	24	SSLCONF= --openssldir=/etc/ssl OpenBSD-bigendian
26	.else	25	.else
27	.if ${MACHINE_ARCH} == "m88k"	26	.if ${MACHINE_ARCH} == "m88k"
28	SSLCONF= OpenBSD-bigendian	27	SSLCONF= --openssldir=/etc/ssl OpenBSD-bigendian
29	.else	28	.else
30	##UNTESTED!	29	##UNTESTED!
31	SSLCONF= OpenBSD-bigendian	30	SSLCONF= --openssldir=/etc/ssl OpenBSD-bigendian
32	.endif	31	.endif
33	.endif	32	.endif
34	.endif	33	.endif
@@ -36,15 +35,7 @@ SSLCONF= OpenBSD-bigendian
36	.endif	35	.endif
37	.endif	36	.endif
38		37
39	MUNGEDFILES = ${.OBJDIR}/${SSL_SRC}/crypto/bf/bf_locl.h \	38	MUNGEDFILES = ${.OBJDIR}/${SSL_SRC}/crypto/opensslconf.h ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h ${.OBJDIR}/${SSL_SRC}/Makefile.ssl ${.OBJDIR}/${SSL_SRC}/Makefile ${.OBJDIR}/${SSL_SRC}/apps/der_chop ${.OBJDIR}/${SSL_SRC}/tools/c_rehash
40	${.OBJDIR}/${SSL_SRC}/crypto/bn/bn.h \
41	${.OBJDIR}/${SSL_SRC}/crypto/des/des.h \
42	${.OBJDIR}/${SSL_SRC}/crypto/des/des_locl.h \
43	${.OBJDIR}/${SSL_SRC}/crypto/idea/idea.h \
44	${.OBJDIR}/${SSL_SRC}/crypto/md2/md2.h \
45	${.OBJDIR}/${SSL_SRC}/crypto/rc2/rc2.h \
46	${.OBJDIR}/${SSL_SRC}/crypto/rc4/rc4.h \
47	${.OBJDIR}/${SSL_SRC}/crypto/rc4/rc4_locl.h
48		39
49		40
50	.include <bsd.own.mk>	41	.include <bsd.own.mk>
@@ -61,29 +52,32 @@ all: prereq
61	includes: prereq	52	includes: prereq
62	cd ${.OBJDIR} && ${MAKE} includes	53	cd ${.OBJDIR} && ${MAKE} includes
63		54
64	prereq: ${.OBJDIR}/${SSL_SRC}/crypto/md2/md2.h	55	prereq: ${.OBJDIR}/${SSL_SRC}/Makefile.ssl ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h
65		56
66	install:	57	install:
67	cd ${.OBJDIR} && ${MAKE} install	58	cd ${.OBJDIR} && ${MAKE} install
68		59
69	${.OBJDIR}/${SSL_SRC}/crypto/md2/md2.h : ${.OBJDIR}/${SSL_SRC}/Makefile.ssl	60	${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h: ${.OBJDIR}/${SSL_SRC}/crypto/objects/objects.h
		61	/usr/bin/perl ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.pl < ${.OBJDIR}/${SSL_SRC}/crypto/objects/objects.h > ${.OBJDIR}/${SSL_SRC}/crypto/objects/obj_dat.h
		62
		63	${.OBJDIR}/${SSL_SRC}/Makefile.ssl : ${.OBJDIR}/${SSL_SRC}/Makefile.org
70	cd ${.OBJDIR}/${SSL_SRC} && /usr/bin/perl Configure ${SSLCONF}	64	cd ${.OBJDIR}/${SSL_SRC} && /usr/bin/perl Configure ${SSLCONF}
71		65
72	.if !exists(${.OBJDIR}/${SSL_SRC}/Makefile.ssl)	66	.if !exists(${.OBJDIR}/${SSL_SRC}/Makefile.org)
73	${.OBJDIR}/${SSL_SRC}/Makefile.ssl: ${.CURDIR}/${SSL_SRC}/Makefile.ssl	67	${.OBJDIR}/${SSL_SRC}/Makefile.org: ${.CURDIR}/${SSL_SRC}/Makefile.org
74	${LNDIR} -s -e obj -e obj.${MACHINE_ARCH} -e Makefile.bsd-wrapper -e Makefile.ssl ${.CURDIR} && cp ${.CURDIR}/${SSL_SRC}/Makefile.ssl ${.OBJDIR}/${SSL_SRC}	68	${LNDIR} -s -e obj -e obj.${MACHINE_ARCH} -e Makefile.bsd-wrapper ${.CURDIR}
75	.endif	69	.endif
76		70
77	clean: ${.OBJDIR}/${SSL_SRC}/Makefile.ssl	71	clean:
78	cd ${.OBJDIR} && ${MAKE} clean	72	cd ${.OBJDIR} && ${MAKE} clean
79		73
80	cleandir: ${.OBJDIR}/${SSL_SRC}/Makefile.ssl	74	cleandir: clean
81	cd ${.OBJDIR} && rm -f ${MUNGEDFILES} && ${MAKE} cleandir	75	cd ${.OBJDIR} && rm -f ${MUNGEDFILES}
82		76
83	test:	77	test:
84	# Nothing here so far...	78	# Nothing here so far...
85		79
86	depend:	80	depend: prereq
87	# Nothing here so far...	81	# Nothing here so far...
88		82
89	lint:	83	lint:
@@ -94,7 +88,7 @@ tags:
94		88
95	distribution:	89	distribution:
96	${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \	90	${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
97	${.CURDIR}/ssleay.cnf ${DESTDIR}/etc/ssl/lib/ssleay.cnf	91	${.CURDIR}/openssl.cnf ${DESTDIR}/etc/ssl/openssl.cnf
98		92
99	.include <bsd.obj.mk>	93	.include <bsd.obj.mk>
100	.include <bsd.subdir.mk>	94	.include <bsd.subdir.mk>


diff --git a/src/lib/libssl/README.OPENBSD b/src/lib/libssl/README.OPENBSD index 7cc3d0d424..063259deb7 100644 --- a/src/lib/libssl/README.OPENBSD +++ b/src/lib/libssl/README.OPENBSD
@@ -1,18 +1,8 @@
1		1
2	This is an SSLeay-0.9.0b (the b means the PKCS#1 bug is fixed) tree.	2	This is based on an OpenSSL-0.9.4
3		3
4	It has the following modifcations made to it.	4	It has the following modifcations made to it.
5		5
6	0) util/perlpath.pl has been run to change perlpath to /usr/bin
7	util/ssldir.pl has been run to change the ssl dir to /usr/ssl
8	Null check added to crypto/err/err.c (mailed to Eric Young)
9	to avoid problems in error handling. Includes install into
10	/usr/include/ssl, certs and configs are expected to be in
11	/etc/ssl.
12
13	1) Changes for openbsd compilation to have been made to
14	config and Configure (these have been sent to Eric Young)
15
16	NOTES:	6	NOTES:
17		7
18	Many tests will fail miserably, since most of them start	8	Many tests will fail miserably, since most of them start


diff --git a/src/lib/libssl/openssl.cnf b/src/lib/libssl/openssl.cnf new file mode 100644 index 0000000000..bb97b155b8 --- /dev/null +++ b/src/lib/libssl/openssl.cnf
@@ -0,0 +1,65 @@
		1	#
		2	# OpenSSL example configuration file.
		3	# This is mostly being used for generation of certificate requests.
		4	#
		5
		6	RANDFILE = /dev/arandom
		7
		8	####################################################################
		9	[ req ]
		10	default_bits = 1024
		11	default_keyfile = privkey.pem
		12	distinguished_name = req_distinguished_name
		13	attributes = req_attributes
		14
		15	[ req_distinguished_name ]
		16	countryName = Country Name (2 letter code)
		17	#countryName_default = AU
		18	countryName_min = 2
		19	countryName_max = 2
		20
		21	stateOrProvinceName = State or Province Name (full name)
		22	#stateOrProvinceName_default = Some-State
		23
		24	localityName = Locality Name (eg, city)
		25
		26	0.organizationName = Organization Name (eg, company)
		27	#0.organizationName_default = Internet Widgits Pty Ltd
		28
		29	# we can do this but it is not needed normally :-)
		30	#1.organizationName = Second Organization Name (eg, company)
		31	#1.organizationName_default = CryptSoft Pty Ltd
		32
		33	organizationalUnitName = Organizational Unit Name (eg, section)
		34	#organizationalUnitName_default =
		35
		36	commonName = Common Name (eg, fully qualified host name)
		37	commonName_max = 64
		38
		39	emailAddress = Email Address
		40	emailAddress_max = 64
		41
		42	[ req_attributes ]
		43	challengePassword = A challenge password
		44	challengePassword_min = 4
		45	challengePassword_max = 20
		46
		47	unstructuredName = An optional company name
		48
		49	[ x509v3_extensions ]
		50
		51	nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
		52	nsComment = "This is a comment"
		53
		54	# under ASN.1, the 0 bit would be encoded as 80
		55	nsCertType = 0x40
		56
		57	#nsBaseUrl
		58	#nsRevocationUrl
		59	#nsRenewalUrl
		60	#nsCaPolicyUrl
		61	#nsSslServerName
		62	#nsCertSequence
		63	#nsCertExt
		64	#nsDataType
		65