diff options
783 files changed, 10397 insertions, 7208 deletions
diff --git a/src/lib/libcrypto/Makefile.ssl b/src/lib/libcrypto/Makefile.ssl index db8baf385e..3071e3cb86 100644 --- a/src/lib/libcrypto/Makefile.ssl +++ b/src/lib/libcrypto/Makefile.ssl | |||
| @@ -36,8 +36,8 @@ GENERAL=Makefile README crypto-lib.com install.com | |||
| 36 | 36 | ||
| 37 | LIB= $(TOP)/libcrypto.a | 37 | LIB= $(TOP)/libcrypto.a |
| 38 | SHARED_LIB= libcrypto$(SHLIB_EXT) | 38 | SHARED_LIB= libcrypto$(SHLIB_EXT) |
| 39 | LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c | 39 | LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c |
| 40 | LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o | 40 | LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o |
| 41 | 41 | ||
| 42 | SRC= $(LIBSRC) | 42 | SRC= $(LIBSRC) |
| 43 | 43 | ||
| @@ -136,12 +136,12 @@ lint: | |||
| 136 | 136 | ||
| 137 | depend: | 137 | depend: |
| 138 | if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist | 138 | if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist |
| 139 | $(MAKEDEPEND) $(CFLAG) $(INCLUDE) $(DEPFLAG) $(PROGS) $(LIBSRC) | 139 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 140 | if [ ! -s buildinf.h ]; then rm buildinf.h; fi | 140 | if [ ! -s buildinf.h ]; then rm buildinf.h; fi |
| 141 | @for i in $(SDIRS) ;\ | 141 | @for i in $(SDIRS) ;\ |
| 142 | do \ | 142 | do \ |
| 143 | (cd $$i && echo "making depend in crypto/$$i..." && \ | 143 | (cd $$i && echo "making depend in crypto/$$i..." && \ |
| 144 | $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ); \ | 144 | $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ |
| 145 | done; | 145 | done; |
| 146 | 146 | ||
| 147 | clean: | 147 | clean: |
| @@ -193,6 +193,10 @@ mem.o: ../include/openssl/err.h ../include/openssl/lhash.h | |||
| 193 | mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 193 | mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 194 | mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 194 | mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 195 | mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c | 195 | mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c |
| 196 | mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 197 | mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 198 | mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 199 | mem_clr.o: ../include/openssl/symhacks.h mem_clr.c | ||
| 196 | mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h | 200 | mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h |
| 197 | mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 201 | mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 198 | mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h | 202 | mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h |
diff --git a/src/lib/libcrypto/aes/Makefile.ssl b/src/lib/libcrypto/aes/Makefile.ssl index 9358802a2e..f353aeb697 100644 --- a/src/lib/libcrypto/aes/Makefile.ssl +++ b/src/lib/libcrypto/aes/Makefile.ssl | |||
| @@ -75,7 +75,7 @@ lint: | |||
| 75 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 75 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 76 | 76 | ||
| 77 | depend: | 77 | depend: |
| 78 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 78 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 79 | 79 | ||
| 80 | dclean: | 80 | dclean: |
| 81 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 81 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h index e8da921ec5..8294a41a3a 100644 --- a/src/lib/libcrypto/aes/aes.h +++ b/src/lib/libcrypto/aes/aes.h | |||
| @@ -56,8 +56,9 @@ | |||
| 56 | #error AES is disabled. | 56 | #error AES is disabled. |
| 57 | #endif | 57 | #endif |
| 58 | 58 | ||
| 59 | static const int AES_DECRYPT = 0; | 59 | #define AES_ENCRYPT 1 |
| 60 | static const int AES_ENCRYPT = 1; | 60 | #define AES_DECRYPT 0 |
| 61 | |||
| 61 | /* Because array size can't be a const in C, the following two are macros. | 62 | /* Because array size can't be a const in C, the following two are macros. |
| 62 | Both sizes are in bytes. */ | 63 | Both sizes are in bytes. */ |
| 63 | #define AES_MAXNR 14 | 64 | #define AES_MAXNR 14 |
| @@ -99,7 +100,9 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, | |||
| 99 | unsigned char *ivec, int *num); | 100 | unsigned char *ivec, int *num); |
| 100 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, | 101 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, |
| 101 | const unsigned long length, const AES_KEY *key, | 102 | const unsigned long length, const AES_KEY *key, |
| 102 | unsigned char *counter, unsigned int *num); | 103 | unsigned char counter[AES_BLOCK_SIZE], |
| 104 | unsigned char ecount_buf[AES_BLOCK_SIZE], | ||
| 105 | unsigned int *num); | ||
| 103 | 106 | ||
| 104 | 107 | ||
| 105 | #ifdef __cplusplus | 108 | #ifdef __cplusplus |
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c index 3dfd7aba2a..de438306b1 100644 --- a/src/lib/libcrypto/aes/aes_cbc.c +++ b/src/lib/libcrypto/aes/aes_cbc.c | |||
| @@ -49,7 +49,13 @@ | |||
| 49 | * | 49 | * |
| 50 | */ | 50 | */ |
| 51 | 51 | ||
| 52 | #ifndef AES_DEBUG | ||
| 53 | # ifndef NDEBUG | ||
| 54 | # define NDEBUG | ||
| 55 | # endif | ||
| 56 | #endif | ||
| 52 | #include <assert.h> | 57 | #include <assert.h> |
| 58 | |||
| 53 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 55 | 61 | ||
| @@ -57,33 +63,49 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
| 57 | const unsigned long length, const AES_KEY *key, | 63 | const unsigned long length, const AES_KEY *key, |
| 58 | unsigned char *ivec, const int enc) { | 64 | unsigned char *ivec, const int enc) { |
| 59 | 65 | ||
| 60 | int n; | 66 | unsigned long n; |
| 61 | unsigned long len = length; | 67 | unsigned long len = length; |
| 62 | unsigned char tmp[16]; | 68 | unsigned char tmp[AES_BLOCK_SIZE]; |
| 63 | 69 | ||
| 64 | assert(in && out && key && ivec); | 70 | assert(in && out && key && ivec); |
| 65 | assert(length % AES_BLOCK_SIZE == 0); | ||
| 66 | assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); | 71 | assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); |
| 67 | 72 | ||
| 68 | if (AES_ENCRYPT == enc) | 73 | if (AES_ENCRYPT == enc) { |
| 69 | while (len > 0) { | 74 | while (len >= AES_BLOCK_SIZE) { |
| 70 | for(n=0; n < 16; ++n) | 75 | for(n=0; n < sizeof tmp; ++n) |
| 71 | tmp[n] = in[n] ^ ivec[n]; | 76 | tmp[n] = in[n] ^ ivec[n]; |
| 72 | AES_encrypt(tmp, out, key); | 77 | AES_encrypt(tmp, out, key); |
| 73 | memcpy(ivec, out, 16); | 78 | memcpy(ivec, out, AES_BLOCK_SIZE); |
| 74 | len -= 16; | 79 | len -= AES_BLOCK_SIZE; |
| 75 | in += 16; | 80 | in += AES_BLOCK_SIZE; |
| 76 | out += 16; | 81 | out += AES_BLOCK_SIZE; |
| 77 | } | 82 | } |
| 78 | else | 83 | if (len) { |
| 79 | while (len > 0) { | 84 | for(n=0; n < len; ++n) |
| 80 | memcpy(tmp, in, 16); | 85 | tmp[n] = in[n] ^ ivec[n]; |
| 86 | for(n=len; n < AES_BLOCK_SIZE; ++n) | ||
| 87 | tmp[n] = ivec[n]; | ||
| 88 | AES_encrypt(tmp, tmp, key); | ||
| 89 | memcpy(out, tmp, len); | ||
| 90 | memcpy(ivec, tmp, sizeof tmp); | ||
| 91 | } | ||
| 92 | } else { | ||
| 93 | while (len >= AES_BLOCK_SIZE) { | ||
| 94 | memcpy(tmp, in, sizeof tmp); | ||
| 81 | AES_decrypt(in, out, key); | 95 | AES_decrypt(in, out, key); |
| 82 | for(n=0; n < 16; ++n) | 96 | for(n=0; n < AES_BLOCK_SIZE; ++n) |
| 83 | out[n] ^= ivec[n]; | 97 | out[n] ^= ivec[n]; |
| 84 | memcpy(ivec, tmp, 16); | 98 | memcpy(ivec, tmp, AES_BLOCK_SIZE); |
| 85 | len -= 16; | 99 | len -= AES_BLOCK_SIZE; |
| 86 | in += 16; | 100 | in += AES_BLOCK_SIZE; |
| 87 | out += 16; | 101 | out += AES_BLOCK_SIZE; |
| 88 | } | 102 | } |
| 103 | if (len) { | ||
| 104 | memcpy(tmp, in, sizeof tmp); | ||
| 105 | AES_decrypt(tmp, tmp, key); | ||
| 106 | for(n=0; n < len; ++n) | ||
| 107 | out[n] ^= ivec[n]; | ||
| 108 | memcpy(ivec, tmp, sizeof tmp); | ||
| 109 | } | ||
| 110 | } | ||
| 89 | } | 111 | } |
diff --git a/src/lib/libcrypto/aes/aes_cfb.c b/src/lib/libcrypto/aes/aes_cfb.c index 41c2a5ec3d..9b569dda90 100644 --- a/src/lib/libcrypto/aes/aes_cfb.c +++ b/src/lib/libcrypto/aes/aes_cfb.c | |||
| @@ -105,7 +105,13 @@ | |||
| 105 | * [including the GNU Public Licence.] | 105 | * [including the GNU Public Licence.] |
| 106 | */ | 106 | */ |
| 107 | 107 | ||
| 108 | #ifndef AES_DEBUG | ||
| 109 | # ifndef NDEBUG | ||
| 110 | # define NDEBUG | ||
| 111 | # endif | ||
| 112 | #endif | ||
| 108 | #include <assert.h> | 113 | #include <assert.h> |
| 114 | |||
| 109 | #include <openssl/aes.h> | 115 | #include <openssl/aes.h> |
| 110 | #include "aes_locl.h" | 116 | #include "aes_locl.h" |
| 111 | 117 | ||
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c index 937988dd8c..2f41a825f8 100644 --- a/src/lib/libcrypto/aes/aes_core.c +++ b/src/lib/libcrypto/aes/aes_core.c | |||
| @@ -28,7 +28,13 @@ | |||
| 28 | /* Note: rewritten a little bit to provide error control and an OpenSSL- | 28 | /* Note: rewritten a little bit to provide error control and an OpenSSL- |
| 29 | compatible API */ | 29 | compatible API */ |
| 30 | 30 | ||
| 31 | #ifndef AES_DEBUG | ||
| 32 | # ifndef NDEBUG | ||
| 33 | # define NDEBUG | ||
| 34 | # endif | ||
| 35 | #endif | ||
| 31 | #include <assert.h> | 36 | #include <assert.h> |
| 37 | |||
| 32 | #include <stdlib.h> | 38 | #include <stdlib.h> |
| 33 | #include <openssl/aes.h> | 39 | #include <openssl/aes.h> |
| 34 | #include "aes_locl.h" | 40 | #include "aes_locl.h" |
| @@ -744,7 +750,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 744 | rk[2] = GETU32(userKey + 8); | 750 | rk[2] = GETU32(userKey + 8); |
| 745 | rk[3] = GETU32(userKey + 12); | 751 | rk[3] = GETU32(userKey + 12); |
| 746 | if (bits == 128) { | 752 | if (bits == 128) { |
| 747 | for (;;) { | 753 | while (1) { |
| 748 | temp = rk[3]; | 754 | temp = rk[3]; |
| 749 | rk[4] = rk[0] ^ | 755 | rk[4] = rk[0] ^ |
| 750 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 756 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
| @@ -764,7 +770,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 764 | rk[4] = GETU32(userKey + 16); | 770 | rk[4] = GETU32(userKey + 16); |
| 765 | rk[5] = GETU32(userKey + 20); | 771 | rk[5] = GETU32(userKey + 20); |
| 766 | if (bits == 192) { | 772 | if (bits == 192) { |
| 767 | for (;;) { | 773 | while (1) { |
| 768 | temp = rk[ 5]; | 774 | temp = rk[ 5]; |
| 769 | rk[ 6] = rk[ 0] ^ | 775 | rk[ 6] = rk[ 0] ^ |
| 770 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 776 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
| @@ -786,7 +792,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 786 | rk[6] = GETU32(userKey + 24); | 792 | rk[6] = GETU32(userKey + 24); |
| 787 | rk[7] = GETU32(userKey + 28); | 793 | rk[7] = GETU32(userKey + 28); |
| 788 | if (bits == 256) { | 794 | if (bits == 256) { |
| 789 | for (;;) { | 795 | while (1) { |
| 790 | temp = rk[ 7]; | 796 | temp = rk[ 7]; |
| 791 | rk[ 8] = rk[ 0] ^ | 797 | rk[ 8] = rk[ 0] ^ |
| 792 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 798 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
diff --git a/src/lib/libcrypto/aes/aes_ctr.c b/src/lib/libcrypto/aes/aes_ctr.c index aea3db2092..59088499a0 100644 --- a/src/lib/libcrypto/aes/aes_ctr.c +++ b/src/lib/libcrypto/aes/aes_ctr.c | |||
| @@ -49,7 +49,13 @@ | |||
| 49 | * | 49 | * |
| 50 | */ | 50 | */ |
| 51 | 51 | ||
| 52 | #ifndef AES_DEBUG | ||
| 53 | # ifndef NDEBUG | ||
| 54 | # define NDEBUG | ||
| 55 | # endif | ||
| 56 | #endif | ||
| 52 | #include <assert.h> | 57 | #include <assert.h> |
| 58 | |||
| 53 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 55 | 61 | ||
| @@ -90,26 +96,31 @@ static void AES_ctr128_inc(unsigned char *counter) { | |||
| 90 | 96 | ||
| 91 | /* The input encrypted as though 128bit counter mode is being | 97 | /* The input encrypted as though 128bit counter mode is being |
| 92 | * used. The extra state information to record how much of the | 98 | * used. The extra state information to record how much of the |
| 93 | * 128bit block we have used is contained in *num; | 99 | * 128bit block we have used is contained in *num, and the |
| 100 | * encrypted counter is kept in ecount_buf. Both *num and | ||
| 101 | * ecount_buf must be initialised with zeros before the first | ||
| 102 | * call to AES_ctr128_encrypt(). | ||
| 94 | */ | 103 | */ |
| 95 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, | 104 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, |
| 96 | const unsigned long length, const AES_KEY *key, | 105 | const unsigned long length, const AES_KEY *key, |
| 97 | unsigned char *counter, unsigned int *num) { | 106 | unsigned char counter[AES_BLOCK_SIZE], |
| 107 | unsigned char ecount_buf[AES_BLOCK_SIZE], | ||
| 108 | unsigned int *num) { | ||
| 98 | 109 | ||
| 99 | unsigned int n; | 110 | unsigned int n; |
| 100 | unsigned long l=length; | 111 | unsigned long l=length; |
| 101 | unsigned char tmp[AES_BLOCK_SIZE]; | ||
| 102 | 112 | ||
| 103 | assert(in && out && key && counter && num); | 113 | assert(in && out && key && counter && num); |
| 114 | assert(*num < AES_BLOCK_SIZE); | ||
| 104 | 115 | ||
| 105 | n = *num; | 116 | n = *num; |
| 106 | 117 | ||
| 107 | while (l--) { | 118 | while (l--) { |
| 108 | if (n == 0) { | 119 | if (n == 0) { |
| 109 | AES_encrypt(counter, tmp, key); | 120 | AES_encrypt(counter, ecount_buf, key); |
| 110 | AES_ctr128_inc(counter); | 121 | AES_ctr128_inc(counter); |
| 111 | } | 122 | } |
| 112 | *(out++) = *(in++) ^ tmp[n]; | 123 | *(out++) = *(in++) ^ ecount_buf[n]; |
| 113 | n = (n+1) % AES_BLOCK_SIZE; | 124 | n = (n+1) % AES_BLOCK_SIZE; |
| 114 | } | 125 | } |
| 115 | 126 | ||
diff --git a/src/lib/libcrypto/aes/aes_ecb.c b/src/lib/libcrypto/aes/aes_ecb.c index 1cb2e07d3d..28aa561c2d 100644 --- a/src/lib/libcrypto/aes/aes_ecb.c +++ b/src/lib/libcrypto/aes/aes_ecb.c | |||
| @@ -49,7 +49,13 @@ | |||
| 49 | * | 49 | * |
| 50 | */ | 50 | */ |
| 51 | 51 | ||
| 52 | #ifndef AES_DEBUG | ||
| 53 | # ifndef NDEBUG | ||
| 54 | # define NDEBUG | ||
| 55 | # endif | ||
| 56 | #endif | ||
| 52 | #include <assert.h> | 57 | #include <assert.h> |
| 58 | |||
| 53 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 55 | 61 | ||
diff --git a/src/lib/libcrypto/aes/aes_locl.h b/src/lib/libcrypto/aes/aes_locl.h index 18fc2d0747..f290946058 100644 --- a/src/lib/libcrypto/aes/aes_locl.h +++ b/src/lib/libcrypto/aes/aes_locl.h | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <stdlib.h> | 62 | #include <stdlib.h> |
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | 64 | ||
| 65 | #ifdef _MSC_VER | 65 | #if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE) |
| 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) | 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) |
| 67 | # define GETU32(p) SWAP(*((u32 *)(p))) | 67 | # define GETU32(p) SWAP(*((u32 *)(p))) |
| 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } | 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } |
diff --git a/src/lib/libcrypto/aes/aes_ofb.c b/src/lib/libcrypto/aes/aes_ofb.c index e33bdaea28..f358bb39e2 100644 --- a/src/lib/libcrypto/aes/aes_ofb.c +++ b/src/lib/libcrypto/aes/aes_ofb.c | |||
| @@ -105,7 +105,13 @@ | |||
| 105 | * [including the GNU Public Licence.] | 105 | * [including the GNU Public Licence.] |
| 106 | */ | 106 | */ |
| 107 | 107 | ||
| 108 | #ifndef AES_DEBUG | ||
| 109 | # ifndef NDEBUG | ||
| 110 | # define NDEBUG | ||
| 111 | # endif | ||
| 112 | #endif | ||
| 108 | #include <assert.h> | 113 | #include <assert.h> |
| 114 | |||
| 109 | #include <openssl/aes.h> | 115 | #include <openssl/aes.h> |
| 110 | #include "aes_locl.h" | 116 | #include "aes_locl.h" |
| 111 | 117 | ||
diff --git a/src/lib/libcrypto/asn1/Makefile.ssl b/src/lib/libcrypto/asn1/Makefile.ssl index b5a186c904..cb45194d48 100644 --- a/src/lib/libcrypto/asn1/Makefile.ssl +++ b/src/lib/libcrypto/asn1/Makefile.ssl | |||
| @@ -98,7 +98,7 @@ lint: | |||
| 98 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 98 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 99 | 99 | ||
| 100 | depend: | 100 | depend: |
| 101 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 101 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 102 | 102 | ||
| 103 | dclean: | 103 | dclean: |
| 104 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 104 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -286,13 +286,14 @@ a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | |||
| 286 | a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 286 | a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 287 | a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 287 | a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 288 | a_sign.o: ../cryptlib.h a_sign.c | 288 | a_sign.o: ../cryptlib.h a_sign.c |
| 289 | a_strex.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 289 | a_strex.o: ../../e_os.h ../../include/openssl/aes.h |
| 290 | a_strex.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | 290 | a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 291 | a_strex.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 291 | a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h |
| 292 | a_strex.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h | 292 | a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h |
| 293 | a_strex.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 293 | a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 294 | a_strex.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 294 | a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h |
| 295 | a_strex.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h | 295 | a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 296 | a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 296 | a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | 297 | a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 297 | a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | 298 | a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h |
| 298 | a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | 299 | a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h |
| @@ -305,7 +306,7 @@ a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | |||
| 305 | a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 306 | a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 306 | a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 307 | a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 307 | a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h | 308 | a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h |
| 308 | a_strex.o: ../../include/openssl/x509_vfy.h a_strex.c charmap.h | 309 | a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h |
| 309 | a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h | 310 | a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h |
| 310 | a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 311 | a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 311 | a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 312 | a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c index e0265f69d2..f4ea96cd54 100644 --- a/src/lib/libcrypto/asn1/a_bitstr.c +++ b/src/lib/libcrypto/asn1/a_bitstr.c | |||
| @@ -191,7 +191,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) | |||
| 191 | if (a->data == NULL) | 191 | if (a->data == NULL) |
| 192 | c=(unsigned char *)OPENSSL_malloc(w+1); | 192 | c=(unsigned char *)OPENSSL_malloc(w+1); |
| 193 | else | 193 | else |
| 194 | c=(unsigned char *)OPENSSL_realloc(a->data,w+1); | 194 | c=(unsigned char *)OPENSSL_realloc_clean(a->data, |
| 195 | a->length, | ||
| 196 | w+1); | ||
| 195 | if (c == NULL) return(0); | 197 | if (c == NULL) return(0); |
| 196 | if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); | 198 | if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); |
| 197 | a->data=c; | 199 | a->data=c; |
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c index bb88660f58..afd27b80e1 100644 --- a/src/lib/libcrypto/asn1/a_bytes.c +++ b/src/lib/libcrypto/asn1/a_bytes.c | |||
| @@ -285,7 +285,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) | |||
| 285 | goto err; | 285 | goto err; |
| 286 | } | 286 | } |
| 287 | 287 | ||
| 288 | if (!BUF_MEM_grow(&b,num+os->length)) | 288 | if (!BUF_MEM_grow_clean(&b,num+os->length)) |
| 289 | { | 289 | { |
| 290 | c->error=ERR_R_BUF_LIB; | 290 | c->error=ERR_R_BUF_LIB; |
| 291 | goto err; | 291 | goto err; |
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c index a80fbe9ff7..b67b75e7c2 100644 --- a/src/lib/libcrypto/asn1/a_d2i_fp.c +++ b/src/lib/libcrypto/asn1/a_d2i_fp.c | |||
| @@ -149,7 +149,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 149 | ASN1_CTX c; | 149 | ASN1_CTX c; |
| 150 | int want=HEADER_SIZE; | 150 | int want=HEADER_SIZE; |
| 151 | int eos=0; | 151 | int eos=0; |
| 152 | #if defined(__GNUC__) && defined(__ia64) | ||
| 153 | /* pathetic compiler bug in all known versions as of Nov. 2002 */ | ||
| 154 | long off=0; | ||
| 155 | #else | ||
| 152 | int off=0; | 156 | int off=0; |
| 157 | #endif | ||
| 153 | int len=0; | 158 | int len=0; |
| 154 | 159 | ||
| 155 | b=BUF_MEM_new(); | 160 | b=BUF_MEM_new(); |
| @@ -166,7 +171,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 166 | { | 171 | { |
| 167 | want-=(len-off); | 172 | want-=(len-off); |
| 168 | 173 | ||
| 169 | if (!BUF_MEM_grow(b,len+want)) | 174 | if (!BUF_MEM_grow_clean(b,len+want)) |
| 170 | { | 175 | { |
| 171 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 176 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); |
| 172 | goto err; | 177 | goto err; |
| @@ -221,18 +226,23 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 221 | if (want > (len-off)) | 226 | if (want > (len-off)) |
| 222 | { | 227 | { |
| 223 | want-=(len-off); | 228 | want-=(len-off); |
| 224 | if (!BUF_MEM_grow(b,len+want)) | 229 | if (!BUF_MEM_grow_clean(b,len+want)) |
| 225 | { | 230 | { |
| 226 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 231 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); |
| 227 | goto err; | 232 | goto err; |
| 228 | } | 233 | } |
| 229 | i=BIO_read(in,&(b->data[len]),want); | 234 | while (want > 0) |
| 230 | if (i <= 0) | ||
| 231 | { | 235 | { |
| 232 | ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); | 236 | i=BIO_read(in,&(b->data[len]),want); |
| 233 | goto err; | 237 | if (i <= 0) |
| 238 | { | ||
| 239 | ASN1err(ASN1_F_ASN1_D2I_BIO, | ||
| 240 | ASN1_R_NOT_ENOUGH_DATA); | ||
| 241 | goto err; | ||
| 242 | } | ||
| 243 | len+=i; | ||
| 244 | want -= i; | ||
| 234 | } | 245 | } |
| 235 | len+=i; | ||
| 236 | } | 246 | } |
| 237 | off+=(int)c.slen; | 247 | off+=(int)c.slen; |
| 238 | if (eos <= 0) | 248 | if (eos <= 0) |
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c index 71ce7c3896..0a8e6c287c 100644 --- a/src/lib/libcrypto/asn1/a_object.c +++ b/src/lib/libcrypto/asn1/a_object.c | |||
| @@ -183,8 +183,8 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) | |||
| 183 | 183 | ||
| 184 | if ((a == NULL) || (a->data == NULL)) | 184 | if ((a == NULL) || (a->data == NULL)) |
| 185 | return(BIO_write(bp,"NULL",4)); | 185 | return(BIO_write(bp,"NULL",4)); |
| 186 | i=i2t_ASN1_OBJECT(buf,80,a); | 186 | i=i2t_ASN1_OBJECT(buf,sizeof buf,a); |
| 187 | if (i > 80) i=80; | 187 | if (i > sizeof buf) i=sizeof buf; |
| 188 | BIO_write(bp,buf,i); | 188 | BIO_write(bp,buf,i); |
| 189 | return(i); | 189 | return(i); |
| 190 | } | 190 | } |
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c index de53b44144..52ce7e3974 100644 --- a/src/lib/libcrypto/asn1/a_sign.c +++ b/src/lib/libcrypto/asn1/a_sign.c | |||
| @@ -204,9 +204,9 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 204 | err: | 204 | err: |
| 205 | EVP_MD_CTX_cleanup(&ctx); | 205 | EVP_MD_CTX_cleanup(&ctx); |
| 206 | if (buf_in != NULL) | 206 | if (buf_in != NULL) |
| 207 | { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } | 207 | { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } |
| 208 | if (buf_out != NULL) | 208 | if (buf_out != NULL) |
| 209 | { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } | 209 | { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } |
| 210 | return(outl); | 210 | return(outl); |
| 211 | } | 211 | } |
| 212 | 212 | ||
| @@ -287,8 +287,8 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 287 | err: | 287 | err: |
| 288 | EVP_MD_CTX_cleanup(&ctx); | 288 | EVP_MD_CTX_cleanup(&ctx); |
| 289 | if (buf_in != NULL) | 289 | if (buf_in != NULL) |
| 290 | { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } | 290 | { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } |
| 291 | if (buf_out != NULL) | 291 | if (buf_out != NULL) |
| 292 | { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } | 292 | { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } |
| 293 | return(outl); | 293 | return(outl); |
| 294 | } | 294 | } |
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c index 7ddb7662f1..1def6c6549 100644 --- a/src/lib/libcrypto/asn1/a_strex.c +++ b/src/lib/libcrypto/asn1/a_strex.c | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/asn1.h> | 63 | #include <openssl/asn1.h> |
| 64 | 64 | ||
| 65 | #include "charmap.h" | 65 | #include "charmap.h" |
| 66 | #include "cryptlib.h" | ||
| 66 | 67 | ||
| 67 | /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). | 68 | /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). |
| 68 | * Enhanced string and name printing routines handling | 69 | * Enhanced string and name printing routines handling |
| @@ -114,14 +115,17 @@ typedef int char_io(void *arg, const void *buf, int len); | |||
| 114 | static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg) | 115 | static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg) |
| 115 | { | 116 | { |
| 116 | unsigned char chflgs, chtmp; | 117 | unsigned char chflgs, chtmp; |
| 117 | char tmphex[11]; | 118 | char tmphex[HEX_SIZE(long)+3]; |
| 119 | |||
| 120 | if(c > 0xffffffffL) | ||
| 121 | return -1; | ||
| 118 | if(c > 0xffff) { | 122 | if(c > 0xffff) { |
| 119 | BIO_snprintf(tmphex, 11, "\\W%08lX", c); | 123 | BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c); |
| 120 | if(!io_ch(arg, tmphex, 10)) return -1; | 124 | if(!io_ch(arg, tmphex, 10)) return -1; |
| 121 | return 10; | 125 | return 10; |
| 122 | } | 126 | } |
| 123 | if(c > 0xff) { | 127 | if(c > 0xff) { |
| 124 | BIO_snprintf(tmphex, 11, "\\U%04lX", c); | 128 | BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c); |
| 125 | if(!io_ch(arg, tmphex, 6)) return -1; | 129 | if(!io_ch(arg, tmphex, 6)) return -1; |
| 126 | return 6; | 130 | return 6; |
| 127 | } | 131 | } |
| @@ -195,7 +199,7 @@ static int do_buf(unsigned char *buf, int buflen, | |||
| 195 | if(type & BUF_TYPE_CONVUTF8) { | 199 | if(type & BUF_TYPE_CONVUTF8) { |
| 196 | unsigned char utfbuf[6]; | 200 | unsigned char utfbuf[6]; |
| 197 | int utflen; | 201 | int utflen; |
| 198 | utflen = UTF8_putc(utfbuf, 6, c); | 202 | utflen = UTF8_putc(utfbuf, sizeof utfbuf, c); |
| 199 | for(i = 0; i < utflen; i++) { | 203 | for(i = 0; i < utflen; i++) { |
| 200 | /* We don't need to worry about setting orflags correctly | 204 | /* We don't need to worry about setting orflags correctly |
| 201 | * because if utflen==1 its value will be correct anyway | 205 | * because if utflen==1 its value will be correct anyway |
| @@ -461,7 +465,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, | |||
| 461 | if(fn_opt != XN_FLAG_FN_NONE) { | 465 | if(fn_opt != XN_FLAG_FN_NONE) { |
| 462 | int objlen, fld_len; | 466 | int objlen, fld_len; |
| 463 | if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { | 467 | if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { |
| 464 | OBJ_obj2txt(objtmp, 80, fn, 1); | 468 | OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1); |
| 465 | fld_len = 0; /* XXX: what should this be? */ | 469 | fld_len = 0; /* XXX: what should this be? */ |
| 466 | objbuf = objtmp; | 470 | objbuf = objtmp; |
| 467 | } else { | 471 | } else { |
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c index 04789d1c63..aa49e9d7d0 100644 --- a/src/lib/libcrypto/asn1/a_strnid.c +++ b/src/lib/libcrypto/asn1/a_strnid.c | |||
| @@ -173,6 +173,7 @@ static ASN1_STRING_TABLE tbl_standard[] = { | |||
| 173 | {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, | 173 | {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, |
| 174 | {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, | 174 | {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, |
| 175 | {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, | 175 | {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, |
| 176 | {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK}, | ||
| 176 | {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} | 177 | {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} |
| 177 | }; | 178 | }; |
| 178 | 179 | ||
| @@ -249,4 +250,38 @@ static void st_free(ASN1_STRING_TABLE *tbl) | |||
| 249 | if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); | 250 | if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); |
| 250 | } | 251 | } |
| 251 | 252 | ||
| 253 | |||
| 252 | IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) | 254 | IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) |
| 255 | |||
| 256 | #ifdef STRING_TABLE_TEST | ||
| 257 | |||
| 258 | main() | ||
| 259 | { | ||
| 260 | ASN1_STRING_TABLE *tmp; | ||
| 261 | int i, last_nid = -1; | ||
| 262 | |||
| 263 | for (tmp = tbl_standard, i = 0; | ||
| 264 | i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) | ||
| 265 | { | ||
| 266 | if (tmp->nid < last_nid) | ||
| 267 | { | ||
| 268 | last_nid = 0; | ||
| 269 | break; | ||
| 270 | } | ||
| 271 | last_nid = tmp->nid; | ||
| 272 | } | ||
| 273 | |||
| 274 | if (last_nid != 0) | ||
| 275 | { | ||
| 276 | printf("Table order OK\n"); | ||
| 277 | exit(0); | ||
| 278 | } | ||
| 279 | |||
| 280 | for (tmp = tbl_standard, i = 0; | ||
| 281 | i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) | ||
| 282 | printf("Index %d, NID %d, Name=%s\n", i, tmp->nid, | ||
| 283 | OBJ_nid2ln(tmp->nid)); | ||
| 284 | |||
| 285 | } | ||
| 286 | |||
| 287 | #endif | ||
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c index 8216783aa8..b8c031fc8f 100644 --- a/src/lib/libcrypto/asn1/a_time.c +++ b/src/lib/libcrypto/asn1/a_time.c | |||
| @@ -105,7 +105,10 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) | |||
| 105 | 105 | ||
| 106 | ts=OPENSSL_gmtime(&t,&data); | 106 | ts=OPENSSL_gmtime(&t,&data); |
| 107 | if (ts == NULL) | 107 | if (ts == NULL) |
| 108 | { | ||
| 109 | ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME); | ||
| 108 | return NULL; | 110 | return NULL; |
| 111 | } | ||
| 109 | if((ts->tm_year >= 50) && (ts->tm_year < 150)) | 112 | if((ts->tm_year >= 50) && (ts->tm_year < 150)) |
| 110 | return ASN1_UTCTIME_set(s, t); | 113 | return ASN1_UTCTIME_set(s, t); |
| 111 | return ASN1_GENERALIZEDTIME_set(s,t); | 114 | return ASN1_GENERALIZEDTIME_set(s,t); |
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c index 96e111cf23..fe3fcd40b0 100644 --- a/src/lib/libcrypto/asn1/a_type.c +++ b/src/lib/libcrypto/asn1/a_type.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | 62 | ||
| 63 | int ASN1_TYPE_get(ASN1_TYPE *a) | 63 | int ASN1_TYPE_get(ASN1_TYPE *a) |
| 64 | { | 64 | { |
| 65 | if (a->value.ptr != NULL) | 65 | if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) |
| 66 | return(a->type); | 66 | return(a->type); |
| 67 | else | 67 | else |
| 68 | return(0); | 68 | return(0); |
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c index bf41de5146..da2a0a6d69 100644 --- a/src/lib/libcrypto/asn1/a_verify.c +++ b/src/lib/libcrypto/asn1/a_verify.c | |||
| @@ -103,7 +103,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, | |||
| 103 | EVP_VerifyInit_ex(&ctx,type, NULL); | 103 | EVP_VerifyInit_ex(&ctx,type, NULL); |
| 104 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); | 104 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); |
| 105 | 105 | ||
| 106 | memset(buf_in,0,(unsigned int)inl); | 106 | OPENSSL_cleanse(buf_in,(unsigned int)inl); |
| 107 | OPENSSL_free(buf_in); | 107 | OPENSSL_free(buf_in); |
| 108 | 108 | ||
| 109 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, | 109 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, |
| @@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat | |||
| 153 | EVP_VerifyInit_ex(&ctx,type, NULL); | 153 | EVP_VerifyInit_ex(&ctx,type, NULL); |
| 154 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); | 154 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); |
| 155 | 155 | ||
| 156 | memset(buf_in,0,(unsigned int)inl); | 156 | OPENSSL_cleanse(buf_in,(unsigned int)inl); |
| 157 | OPENSSL_free(buf_in); | 157 | OPENSSL_free(buf_in); |
| 158 | 158 | ||
| 159 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, | 159 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, |
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h index dbb30f4f22..3414509f1b 100644 --- a/src/lib/libcrypto/asn1/asn1.h +++ b/src/lib/libcrypto/asn1/asn1.h | |||
| @@ -70,7 +70,6 @@ | |||
| 70 | 70 | ||
| 71 | #include <openssl/symhacks.h> | 71 | #include <openssl/symhacks.h> |
| 72 | 72 | ||
| 73 | #include <openssl/e_os2.h> | ||
| 74 | #include <openssl/ossl_typ.h> | 73 | #include <openssl/ossl_typ.h> |
| 75 | 74 | ||
| 76 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO | 75 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO |
| @@ -133,7 +132,7 @@ extern "C" { | |||
| 133 | #define B_ASN1_NUMERICSTRING 0x0001 | 132 | #define B_ASN1_NUMERICSTRING 0x0001 |
| 134 | #define B_ASN1_PRINTABLESTRING 0x0002 | 133 | #define B_ASN1_PRINTABLESTRING 0x0002 |
| 135 | #define B_ASN1_T61STRING 0x0004 | 134 | #define B_ASN1_T61STRING 0x0004 |
| 136 | #define B_ASN1_TELETEXSTRING 0x0008 | 135 | #define B_ASN1_TELETEXSTRING 0x0004 |
| 137 | #define B_ASN1_VIDEOTEXSTRING 0x0008 | 136 | #define B_ASN1_VIDEOTEXSTRING 0x0008 |
| 138 | #define B_ASN1_IA5STRING 0x0010 | 137 | #define B_ASN1_IA5STRING 0x0010 |
| 139 | #define B_ASN1_GRAPHICSTRING 0x0020 | 138 | #define B_ASN1_GRAPHICSTRING 0x0020 |
| @@ -981,6 +980,7 @@ void ERR_load_ASN1_strings(void); | |||
| 981 | #define ASN1_F_ASN1_TEMPLATE_D2I 131 | 980 | #define ASN1_F_ASN1_TEMPLATE_D2I 131 |
| 982 | #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 | 981 | #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 |
| 983 | #define ASN1_F_ASN1_TEMPLATE_NEW 133 | 982 | #define ASN1_F_ASN1_TEMPLATE_NEW 133 |
| 983 | #define ASN1_F_ASN1_TIME_SET 175 | ||
| 984 | #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 | 984 | #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 |
| 985 | #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 | 985 | #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 |
| 986 | #define ASN1_F_ASN1_UNPACK_STRING 136 | 986 | #define ASN1_F_ASN1_UNPACK_STRING 136 |
| @@ -1038,6 +1038,7 @@ void ERR_load_ASN1_strings(void); | |||
| 1038 | #define ASN1_R_DECODE_ERROR 110 | 1038 | #define ASN1_R_DECODE_ERROR 110 |
| 1039 | #define ASN1_R_DECODING_ERROR 111 | 1039 | #define ASN1_R_DECODING_ERROR 111 |
| 1040 | #define ASN1_R_ENCODE_ERROR 112 | 1040 | #define ASN1_R_ENCODE_ERROR 112 |
| 1041 | #define ASN1_R_ERROR_GETTING_TIME 173 | ||
| 1041 | #define ASN1_R_ERROR_LOADING_SECTION 172 | 1042 | #define ASN1_R_ERROR_LOADING_SECTION 172 |
| 1042 | #define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 | 1043 | #define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 |
| 1043 | #define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 | 1044 | #define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 |
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c index c4c3d2a91d..094ec06fda 100644 --- a/src/lib/libcrypto/asn1/asn1_err.c +++ b/src/lib/libcrypto/asn1/asn1_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/asn1/asn1_err.c */ | 1 | /* crypto/asn1/asn1_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -100,6 +100,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= | |||
| 100 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, | 100 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, |
| 101 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"}, | 101 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"}, |
| 102 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"}, | 102 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"}, |
| 103 | {ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0), "ASN1_TIME_set"}, | ||
| 103 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, | 104 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, |
| 104 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, | 105 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, |
| 105 | {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, | 106 | {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, |
| @@ -160,6 +161,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= | |||
| 160 | {ASN1_R_DECODE_ERROR ,"decode error"}, | 161 | {ASN1_R_DECODE_ERROR ,"decode error"}, |
| 161 | {ASN1_R_DECODING_ERROR ,"decoding error"}, | 162 | {ASN1_R_DECODING_ERROR ,"decoding error"}, |
| 162 | {ASN1_R_ENCODE_ERROR ,"encode error"}, | 163 | {ASN1_R_ENCODE_ERROR ,"encode error"}, |
| 164 | {ASN1_R_ERROR_GETTING_TIME ,"error getting time"}, | ||
| 163 | {ASN1_R_ERROR_LOADING_SECTION ,"error loading section"}, | 165 | {ASN1_R_ERROR_LOADING_SECTION ,"error loading section"}, |
| 164 | {ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, | 166 | {ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, |
| 165 | {ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, | 167 | {ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, |
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c index 4223c9ae45..1799657141 100644 --- a/src/lib/libcrypto/asn1/asn1_par.c +++ b/src/lib/libcrypto/asn1/asn1_par.c | |||
| @@ -79,12 +79,7 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, | |||
| 79 | else | 79 | else |
| 80 | p="prim: "; | 80 | p="prim: "; |
| 81 | if (BIO_write(bp,p,6) < 6) goto err; | 81 | if (BIO_write(bp,p,6) < 6) goto err; |
| 82 | if (indent) | 82 | BIO_indent(bp,indent,128); |
| 83 | { | ||
| 84 | if (indent > 128) indent=128; | ||
| 85 | memset(str,' ',indent); | ||
| 86 | if (BIO_write(bp,str,indent) < indent) goto err; | ||
| 87 | } | ||
| 88 | 83 | ||
| 89 | p=str; | 84 | p=str; |
| 90 | if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) | 85 | if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) |
diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c index 48cc3bfb90..9494e597ab 100644 --- a/src/lib/libcrypto/asn1/f_int.c +++ b/src/lib/libcrypto/asn1/f_int.c | |||
| @@ -169,8 +169,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) | |||
| 169 | sp=(unsigned char *)OPENSSL_malloc( | 169 | sp=(unsigned char *)OPENSSL_malloc( |
| 170 | (unsigned int)num+i*2); | 170 | (unsigned int)num+i*2); |
| 171 | else | 171 | else |
| 172 | sp=(unsigned char *)OPENSSL_realloc(s, | 172 | sp=OPENSSL_realloc_clean(s,slen,num+i*2); |
| 173 | (unsigned int)num+i*2); | ||
| 174 | if (sp == NULL) | 173 | if (sp == NULL) |
| 175 | { | 174 | { |
| 176 | ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); | 175 | ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); |
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c index 9146ee02c9..766b51c538 100644 --- a/src/lib/libcrypto/asn1/n_pkey.c +++ b/src/lib/libcrypto/asn1/n_pkey.c | |||
| @@ -187,7 +187,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 187 | i2d_NETSCAPE_PKEY(pkey,&zz); | 187 | i2d_NETSCAPE_PKEY(pkey,&zz); |
| 188 | 188 | ||
| 189 | /* Wipe the private key encoding */ | 189 | /* Wipe the private key encoding */ |
| 190 | memset(pkey->private_key->data, 0, rsalen); | 190 | OPENSSL_cleanse(pkey->private_key->data, rsalen); |
| 191 | 191 | ||
| 192 | if (cb == NULL) | 192 | if (cb == NULL) |
| 193 | cb=EVP_read_pw_string; | 193 | cb=EVP_read_pw_string; |
| @@ -206,7 +206,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 206 | } | 206 | } |
| 207 | 207 | ||
| 208 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); | 208 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); |
| 209 | memset(buf,0,256); | 209 | OPENSSL_cleanse(buf,256); |
| 210 | 210 | ||
| 211 | /* Encrypt private key in place */ | 211 | /* Encrypt private key in place */ |
| 212 | zz = enckey->enckey->digest->data; | 212 | zz = enckey->enckey->digest->data; |
| @@ -294,7 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, | |||
| 294 | } | 294 | } |
| 295 | 295 | ||
| 296 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); | 296 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); |
| 297 | memset(buf,0,256); | 297 | OPENSSL_cleanse(buf,256); |
| 298 | 298 | ||
| 299 | EVP_CIPHER_CTX_init(&ctx); | 299 | EVP_CIPHER_CTX_init(&ctx); |
| 300 | EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL); | 300 | EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL); |
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c index b634d5bc85..24b409132f 100644 --- a/src/lib/libcrypto/asn1/p8_pkey.c +++ b/src/lib/libcrypto/asn1/p8_pkey.c | |||
| @@ -68,8 +68,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 68 | if(operation == ASN1_OP_FREE_PRE) { | 68 | if(operation == ASN1_OP_FREE_PRE) { |
| 69 | PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; | 69 | PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; |
| 70 | if (key->pkey->value.octet_string) | 70 | if (key->pkey->value.octet_string) |
| 71 | memset(key->pkey->value.octet_string->data, | 71 | OPENSSL_cleanse(key->pkey->value.octet_string->data, |
| 72 | 0, key->pkey->value.octet_string->length); | 72 | key->pkey->value.octet_string->length); |
| 73 | } | 73 | } |
| 74 | return 1; | 74 | return 1; |
| 75 | } | 75 | } |
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c index 60db305756..757c148df8 100644 --- a/src/lib/libcrypto/asn1/t_crl.c +++ b/src/lib/libcrypto/asn1/t_crl.c | |||
| @@ -84,11 +84,11 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) | |||
| 84 | 84 | ||
| 85 | int X509_CRL_print(BIO *out, X509_CRL *x) | 85 | int X509_CRL_print(BIO *out, X509_CRL *x) |
| 86 | { | 86 | { |
| 87 | char buf[256]; | ||
| 88 | STACK_OF(X509_REVOKED) *rev; | 87 | STACK_OF(X509_REVOKED) *rev; |
| 89 | X509_REVOKED *r; | 88 | X509_REVOKED *r; |
| 90 | long l; | 89 | long l; |
| 91 | int i, n; | 90 | int i, n; |
| 91 | char *p; | ||
| 92 | 92 | ||
| 93 | BIO_printf(out, "Certificate Revocation List (CRL):\n"); | 93 | BIO_printf(out, "Certificate Revocation List (CRL):\n"); |
| 94 | l = X509_CRL_get_version(x); | 94 | l = X509_CRL_get_version(x); |
| @@ -96,8 +96,9 @@ int X509_CRL_print(BIO *out, X509_CRL *x) | |||
| 96 | i = OBJ_obj2nid(x->sig_alg->algorithm); | 96 | i = OBJ_obj2nid(x->sig_alg->algorithm); |
| 97 | BIO_printf(out, "%8sSignature Algorithm: %s\n", "", | 97 | BIO_printf(out, "%8sSignature Algorithm: %s\n", "", |
| 98 | (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); | 98 | (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); |
| 99 | X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256); | 99 | p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0); |
| 100 | BIO_printf(out,"%8sIssuer: %s\n","",buf); | 100 | BIO_printf(out,"%8sIssuer: %s\n","",p); |
| 101 | OPENSSL_free(p); | ||
| 101 | BIO_printf(out,"%8sLast Update: ",""); | 102 | BIO_printf(out,"%8sLast Update: ",""); |
| 102 | ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); | 103 | ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); |
| 103 | BIO_printf(out,"\n%8sNext Update: ",""); | 104 | BIO_printf(out,"\n%8sNext Update: ",""); |
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c index b3f8364012..e1c5e5ae13 100644 --- a/src/lib/libcrypto/asn1/t_pkey.c +++ b/src/lib/libcrypto/asn1/t_pkey.c | |||
| @@ -130,14 +130,10 @@ int RSA_print(BIO *bp, const RSA *x, int off) | |||
| 130 | goto err; | 130 | goto err; |
| 131 | } | 131 | } |
| 132 | 132 | ||
| 133 | if (off) | ||
| 134 | { | ||
| 135 | if (off > 128) off=128; | ||
| 136 | memset(str,' ',off); | ||
| 137 | } | ||
| 138 | if (x->d != NULL) | 133 | if (x->d != NULL) |
| 139 | { | 134 | { |
| 140 | if (off && (BIO_write(bp,str,off) <= 0)) goto err; | 135 | if(!BIO_indent(bp,off,128)) |
| 136 | goto err; | ||
| 141 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) | 137 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) |
| 142 | <= 0) goto err; | 138 | <= 0) goto err; |
| 143 | } | 139 | } |
| @@ -183,7 +179,6 @@ int DSA_print_fp(FILE *fp, const DSA *x, int off) | |||
| 183 | 179 | ||
| 184 | int DSA_print(BIO *bp, const DSA *x, int off) | 180 | int DSA_print(BIO *bp, const DSA *x, int off) |
| 185 | { | 181 | { |
| 186 | char str[128]; | ||
| 187 | unsigned char *m=NULL; | 182 | unsigned char *m=NULL; |
| 188 | int ret=0; | 183 | int ret=0; |
| 189 | size_t buf_len=0,i; | 184 | size_t buf_len=0,i; |
| @@ -210,14 +205,10 @@ int DSA_print(BIO *bp, const DSA *x, int off) | |||
| 210 | goto err; | 205 | goto err; |
| 211 | } | 206 | } |
| 212 | 207 | ||
| 213 | if (off) | ||
| 214 | { | ||
| 215 | if (off > 128) off=128; | ||
| 216 | memset(str,' ',off); | ||
| 217 | } | ||
| 218 | if (x->priv_key != NULL) | 208 | if (x->priv_key != NULL) |
| 219 | { | 209 | { |
| 220 | if (off && (BIO_write(bp,str,off) <= 0)) goto err; | 210 | if(!BIO_indent(bp,off,128)) |
| 211 | goto err; | ||
| 221 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) | 212 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) |
| 222 | <= 0) goto err; | 213 | <= 0) goto err; |
| 223 | } | 214 | } |
| @@ -240,17 +231,12 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, | |||
| 240 | int off) | 231 | int off) |
| 241 | { | 232 | { |
| 242 | int n,i; | 233 | int n,i; |
| 243 | char str[128]; | ||
| 244 | const char *neg; | 234 | const char *neg; |
| 245 | 235 | ||
| 246 | if (num == NULL) return(1); | 236 | if (num == NULL) return(1); |
| 247 | neg=(num->neg)?"-":""; | 237 | neg=(num->neg)?"-":""; |
| 248 | if (off) | 238 | if(!BIO_indent(bp,off,128)) |
| 249 | { | 239 | return 0; |
| 250 | if (off > 128) off=128; | ||
| 251 | memset(str,' ',off); | ||
| 252 | if (BIO_write(bp,str,off) <= 0) return(0); | ||
| 253 | } | ||
| 254 | 240 | ||
| 255 | if (BN_num_bytes(num) <= BN_BYTES) | 241 | if (BN_num_bytes(num) <= BN_BYTES) |
| 256 | { | 242 | { |
| @@ -274,9 +260,9 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, | |||
| 274 | { | 260 | { |
| 275 | if ((i%15) == 0) | 261 | if ((i%15) == 0) |
| 276 | { | 262 | { |
| 277 | str[0]='\n'; | 263 | if(BIO_puts(bp,"\n") <= 0 |
| 278 | memset(&(str[1]),' ',off+4); | 264 | || !BIO_indent(bp,off+4,128)) |
| 279 | if (BIO_write(bp,str,off+1+4) <= 0) return(0); | 265 | return 0; |
| 280 | } | 266 | } |
| 281 | if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":") | 267 | if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":") |
| 282 | <= 0) return(0); | 268 | <= 0) return(0); |
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c index eca97e00cb..740cee80c0 100644 --- a/src/lib/libcrypto/asn1/t_req.c +++ b/src/lib/libcrypto/asn1/t_req.c | |||
| @@ -91,7 +91,6 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 91 | EVP_PKEY *pkey; | 91 | EVP_PKEY *pkey; |
| 92 | STACK_OF(X509_ATTRIBUTE) *sk; | 92 | STACK_OF(X509_ATTRIBUTE) *sk; |
| 93 | STACK_OF(X509_EXTENSION) *exts; | 93 | STACK_OF(X509_EXTENSION) *exts; |
| 94 | char str[128]; | ||
| 95 | char mlch = ' '; | 94 | char mlch = ' '; |
| 96 | int nmindent = 0; | 95 | int nmindent = 0; |
| 97 | 96 | ||
| @@ -116,9 +115,9 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 116 | l=0; | 115 | l=0; |
| 117 | for (i=0; i<ri->version->length; i++) | 116 | for (i=0; i<ri->version->length; i++) |
| 118 | { l<<=8; l+=ri->version->data[i]; } | 117 | { l<<=8; l+=ri->version->data[i]; } |
| 119 | snprintf(str,sizeof str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg, | 118 | if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg, |
| 120 | l,neg,l); | 119 | l) <= 0) |
| 121 | if (BIO_puts(bp,str) <= 0) goto err; | 120 | goto err; |
| 122 | } | 121 | } |
| 123 | if(!(cflag & X509_FLAG_NO_SUBJECT)) | 122 | if(!(cflag & X509_FLAG_NO_SUBJECT)) |
| 124 | { | 123 | { |
| @@ -169,14 +168,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 169 | if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) | 168 | if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) |
| 170 | { | 169 | { |
| 171 | /* may not be */ | 170 | /* may not be */ |
| 172 | snprintf(str,sizeof str,"%8sAttributes:\n",""); | 171 | if(BIO_printf(bp,"%8sAttributes:\n","") <= 0) |
| 173 | if (BIO_puts(bp,str) <= 0) goto err; | 172 | goto err; |
| 174 | 173 | ||
| 175 | sk=x->req_info->attributes; | 174 | sk=x->req_info->attributes; |
| 176 | if (sk_X509_ATTRIBUTE_num(sk) == 0) | 175 | if (sk_X509_ATTRIBUTE_num(sk) == 0) |
| 177 | { | 176 | { |
| 178 | snprintf(str,sizeof str,"%12sa0:00\n",""); | 177 | if(BIO_printf(bp,"%12sa0:00\n","") <= 0) |
| 179 | if (BIO_puts(bp,str) <= 0) goto err; | 178 | goto err; |
| 180 | } | 179 | } |
| 181 | else | 180 | else |
| 182 | { | 181 | { |
| @@ -191,8 +190,8 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 191 | a=sk_X509_ATTRIBUTE_value(sk,i); | 190 | a=sk_X509_ATTRIBUTE_value(sk,i); |
| 192 | if(X509_REQ_extension_nid(OBJ_obj2nid(a->object))) | 191 | if(X509_REQ_extension_nid(OBJ_obj2nid(a->object))) |
| 193 | continue; | 192 | continue; |
| 194 | snprintf(str,sizeof str,"%12s",""); | 193 | if(BIO_printf(bp,"%12s","") <= 0) |
| 195 | if (BIO_puts(bp,str) <= 0) goto err; | 194 | goto err; |
| 196 | if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) | 195 | if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) |
| 197 | { | 196 | { |
| 198 | if (a->single) | 197 | if (a->single) |
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index 5de4833ed0..d1034c47f8 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c | |||
| @@ -433,15 +433,17 @@ err: | |||
| 433 | 433 | ||
| 434 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) | 434 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) |
| 435 | { | 435 | { |
| 436 | char *s,*c; | 436 | char *s,*c,*b; |
| 437 | int ret=0,l,ll,i,first=1; | 437 | int ret=0,l,ll,i,first=1; |
| 438 | char buf[256]; | ||
| 439 | 438 | ||
| 440 | ll=80-2-obase; | 439 | ll=80-2-obase; |
| 441 | 440 | ||
| 442 | s=X509_NAME_oneline(name,buf,256); | 441 | b=s=X509_NAME_oneline(name,NULL,0); |
| 443 | if (!*s) | 442 | if (!*s) |
| 443 | { | ||
| 444 | OPENSSL_free(b); | ||
| 444 | return 1; | 445 | return 1; |
| 446 | } | ||
| 445 | s++; /* skip the first slash */ | 447 | s++; /* skip the first slash */ |
| 446 | 448 | ||
| 447 | l=ll; | 449 | l=ll; |
| @@ -497,6 +499,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) | |||
| 497 | err: | 499 | err: |
| 498 | X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); | 500 | X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); |
| 499 | } | 501 | } |
| 502 | OPENSSL_free(b); | ||
| 500 | return(ret); | 503 | return(ret); |
| 501 | } | 504 | } |
| 502 | 505 | ||
diff --git a/src/lib/libcrypto/asn1/t_x509a.c b/src/lib/libcrypto/asn1/t_x509a.c index 7d4a6e6084..ffbbfb51f4 100644 --- a/src/lib/libcrypto/asn1/t_x509a.c +++ b/src/lib/libcrypto/asn1/t_x509a.c | |||
| @@ -77,7 +77,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) | |||
| 77 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { | 77 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { |
| 78 | if(!first) BIO_puts(out, ", "); | 78 | if(!first) BIO_puts(out, ", "); |
| 79 | else first = 0; | 79 | else first = 0; |
| 80 | OBJ_obj2txt(oidstr, 80, | 80 | OBJ_obj2txt(oidstr, sizeof oidstr, |
| 81 | sk_ASN1_OBJECT_value(aux->trust, i), 0); | 81 | sk_ASN1_OBJECT_value(aux->trust, i), 0); |
| 82 | BIO_puts(out, oidstr); | 82 | BIO_puts(out, oidstr); |
| 83 | } | 83 | } |
| @@ -90,7 +90,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) | |||
| 90 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { | 90 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { |
| 91 | if(!first) BIO_puts(out, ", "); | 91 | if(!first) BIO_puts(out, ", "); |
| 92 | else first = 0; | 92 | else first = 0; |
| 93 | OBJ_obj2txt(oidstr, 80, | 93 | OBJ_obj2txt(oidstr, sizeof oidstr, |
| 94 | sk_ASN1_OBJECT_value(aux->reject, i), 0); | 94 | sk_ASN1_OBJECT_value(aux->reject, i), 0); |
| 95 | BIO_puts(out, oidstr); | 95 | BIO_puts(out, oidstr); |
| 96 | } | 96 | } |
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c index f87c08793a..76fc023230 100644 --- a/src/lib/libcrypto/asn1/tasn_dec.c +++ b/src/lib/libcrypto/asn1/tasn_dec.c | |||
| @@ -664,7 +664,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl | |||
| 664 | if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; | 664 | if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; |
| 665 | len = buf.length; | 665 | len = buf.length; |
| 666 | /* Append a final null to string */ | 666 | /* Append a final null to string */ |
| 667 | if(!BUF_MEM_grow(&buf, len + 1)) { | 667 | if(!BUF_MEM_grow_clean(&buf, len + 1)) { |
| 668 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); | 668 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); |
| 669 | return 0; | 669 | return 0; |
| 670 | } | 670 | } |
| @@ -857,7 +857,7 @@ static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) | |||
| 857 | int len; | 857 | int len; |
| 858 | if(buf) { | 858 | if(buf) { |
| 859 | len = buf->length; | 859 | len = buf->length; |
| 860 | if(!BUF_MEM_grow(buf, len + plen)) { | 860 | if(!BUF_MEM_grow_clean(buf, len + plen)) { |
| 861 | ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); | 861 | ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); |
| 862 | return 0; | 862 | return 0; |
| 863 | } | 863 | } |
diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c index c7610776f2..2dd844159e 100644 --- a/src/lib/libcrypto/asn1/tasn_fre.c +++ b/src/lib/libcrypto/asn1/tasn_fre.c | |||
| @@ -206,7 +206,10 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 206 | break; | 206 | break; |
| 207 | 207 | ||
| 208 | case V_ASN1_BOOLEAN: | 208 | case V_ASN1_BOOLEAN: |
| 209 | *(ASN1_BOOLEAN *)pval = it->size; | 209 | if (it) |
| 210 | *(ASN1_BOOLEAN *)pval = it->size; | ||
| 211 | else | ||
| 212 | *(ASN1_BOOLEAN *)pval = -1; | ||
| 210 | return; | 213 | return; |
| 211 | 214 | ||
| 212 | case V_ASN1_NULL: | 215 | case V_ASN1_NULL: |
diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c index e33861f864..a0e3db574f 100644 --- a/src/lib/libcrypto/asn1/tasn_new.c +++ b/src/lib/libcrypto/asn1/tasn_new.c | |||
| @@ -305,7 +305,10 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 305 | return 1; | 305 | return 1; |
| 306 | 306 | ||
| 307 | case V_ASN1_BOOLEAN: | 307 | case V_ASN1_BOOLEAN: |
| 308 | *(ASN1_BOOLEAN *)pval = it->size; | 308 | if (it) |
| 309 | *(ASN1_BOOLEAN *)pval = it->size; | ||
| 310 | else | ||
| 311 | *(ASN1_BOOLEAN *)pval = -1; | ||
| 309 | return 1; | 312 | return 1; |
| 310 | 313 | ||
| 311 | case V_ASN1_NULL: | 314 | case V_ASN1_NULL: |
diff --git a/src/lib/libcrypto/asn1/tasn_prn.c b/src/lib/libcrypto/asn1/tasn_prn.c index fab67ae5ac..719639b511 100644 --- a/src/lib/libcrypto/asn1/tasn_prn.c +++ b/src/lib/libcrypto/asn1/tasn_prn.c | |||
| @@ -186,7 +186,7 @@ if(*bool == -1) printf("BOOL MISSING\n"); | |||
| 186 | char objbuf[80], *ln; | 186 | char objbuf[80], *ln; |
| 187 | ln = OBJ_nid2ln(OBJ_obj2nid(fld)); | 187 | ln = OBJ_nid2ln(OBJ_obj2nid(fld)); |
| 188 | if(!ln) ln = ""; | 188 | if(!ln) ln = ""; |
| 189 | OBJ_obj2txt(objbuf, 80, fld, 1); | 189 | OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1); |
| 190 | BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf); | 190 | BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf); |
| 191 | } else { | 191 | } else { |
| 192 | BIO_printf(out, "%*s%s:", indent, "", name); | 192 | BIO_printf(out, "%*s%s:", indent, "", name); |
diff --git a/src/lib/libcrypto/bf/Makefile.ssl b/src/lib/libcrypto/bf/Makefile.ssl index 079f7e860c..7dfdf9d871 100644 --- a/src/lib/libcrypto/bf/Makefile.ssl +++ b/src/lib/libcrypto/bf/Makefile.ssl | |||
| @@ -49,14 +49,8 @@ lib: $(LIBOBJ) | |||
| 49 | @touch lib | 49 | @touch lib |
| 50 | 50 | ||
| 51 | # elf | 51 | # elf |
| 52 | asm/bx86-elf.o: asm/bx86unix.cpp | 52 | asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 53 | $(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o | 53 | (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s) |
| 54 | |||
| 55 | # solaris | ||
| 56 | asm/bx86-sol.o: asm/bx86unix.cpp | ||
| 57 | $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s | ||
| 58 | as -o asm/bx86-sol.o asm/bx86-sol.s | ||
| 59 | rm -f asm/bx86-sol.s | ||
| 60 | 54 | ||
| 61 | # a.out | 55 | # a.out |
| 62 | asm/bx86-out.o: asm/bx86unix.cpp | 56 | asm/bx86-out.o: asm/bx86unix.cpp |
| @@ -96,14 +90,14 @@ lint: | |||
| 96 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 90 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 97 | 91 | ||
| 98 | depend: | 92 | depend: |
| 99 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 93 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 100 | 94 | ||
| 101 | dclean: | 95 | dclean: |
| 102 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 96 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 103 | mv -f Makefile.new $(MAKEFILE) | 97 | mv -f Makefile.new $(MAKEFILE) |
| 104 | 98 | ||
| 105 | clean: | 99 | clean: |
| 106 | rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 100 | rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 107 | 101 | ||
| 108 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 102 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 109 | 103 | ||
diff --git a/src/lib/libcrypto/bf/bftest.c b/src/lib/libcrypto/bf/bftest.c index 09895f2542..24d526b14b 100644 --- a/src/lib/libcrypto/bf/bftest.c +++ b/src/lib/libcrypto/bf/bftest.c | |||
| @@ -63,6 +63,8 @@ | |||
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | #include <stdlib.h> | 64 | #include <stdlib.h> |
| 65 | 65 | ||
| 66 | #include "../e_os.h" | ||
| 67 | |||
| 66 | #ifdef OPENSSL_NO_BF | 68 | #ifdef OPENSSL_NO_BF |
| 67 | int main(int argc, char *argv[]) | 69 | int main(int argc, char *argv[]) |
| 68 | { | 70 | { |
| @@ -275,7 +277,7 @@ int main(int argc, char *argv[]) | |||
| 275 | else | 277 | else |
| 276 | ret=test(); | 278 | ret=test(); |
| 277 | 279 | ||
| 278 | exit(ret); | 280 | EXIT(ret); |
| 279 | return(0); | 281 | return(0); |
| 280 | } | 282 | } |
| 281 | 283 | ||
| @@ -454,9 +456,9 @@ static int test(void) | |||
| 454 | len=strlen(cbc_data)+1; | 456 | len=strlen(cbc_data)+1; |
| 455 | 457 | ||
| 456 | BF_set_key(&key,16,cbc_key); | 458 | BF_set_key(&key,16,cbc_key); |
| 457 | memset(cbc_in,0,40); | 459 | memset(cbc_in,0,sizeof cbc_in); |
| 458 | memset(cbc_out,0,40); | 460 | memset(cbc_out,0,sizeof cbc_out); |
| 459 | memcpy(iv,cbc_iv,8); | 461 | memcpy(iv,cbc_iv,sizeof iv); |
| 460 | BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len, | 462 | BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len, |
| 461 | &key,iv,BF_ENCRYPT); | 463 | &key,iv,BF_ENCRYPT); |
| 462 | if (memcmp(cbc_out,cbc_ok,32) != 0) | 464 | if (memcmp(cbc_out,cbc_ok,32) != 0) |
diff --git a/src/lib/libcrypto/bio/Makefile.ssl b/src/lib/libcrypto/bio/Makefile.ssl index dfcee03448..d0b9e297b0 100644 --- a/src/lib/libcrypto/bio/Makefile.ssl +++ b/src/lib/libcrypto/bio/Makefile.ssl | |||
| @@ -78,7 +78,7 @@ lint: | |||
| 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 79 | 79 | ||
| 80 | depend: | 80 | depend: |
| 81 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 81 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 82 | 82 | ||
| 83 | dclean: | 83 | dclean: |
| 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c index 80c9cb69db..a9e552f245 100644 --- a/src/lib/libcrypto/bio/b_print.c +++ b/src/lib/libcrypto/bio/b_print.c | |||
| @@ -378,7 +378,7 @@ _dopr( | |||
| 378 | case 'p': | 378 | case 'p': |
| 379 | value = (long)va_arg(args, void *); | 379 | value = (long)va_arg(args, void *); |
| 380 | fmtint(sbuffer, buffer, &currlen, maxlen, | 380 | fmtint(sbuffer, buffer, &currlen, maxlen, |
| 381 | value, 16, min, max, flags); | 381 | value, 16, min, max, flags|DP_F_NUM); |
| 382 | break; | 382 | break; |
| 383 | case 'n': /* XXX */ | 383 | case 'n': /* XXX */ |
| 384 | if (cflags == DP_C_SHORT) { | 384 | if (cflags == DP_C_SHORT) { |
| @@ -482,8 +482,9 @@ fmtint( | |||
| 482 | int flags) | 482 | int flags) |
| 483 | { | 483 | { |
| 484 | int signvalue = 0; | 484 | int signvalue = 0; |
| 485 | char *prefix = ""; | ||
| 485 | unsigned LLONG uvalue; | 486 | unsigned LLONG uvalue; |
| 486 | char convert[20]; | 487 | char convert[DECIMAL_SIZE(value)+3]; |
| 487 | int place = 0; | 488 | int place = 0; |
| 488 | int spadlen = 0; | 489 | int spadlen = 0; |
| 489 | int zpadlen = 0; | 490 | int zpadlen = 0; |
| @@ -501,6 +502,10 @@ fmtint( | |||
| 501 | else if (flags & DP_F_SPACE) | 502 | else if (flags & DP_F_SPACE) |
| 502 | signvalue = ' '; | 503 | signvalue = ' '; |
| 503 | } | 504 | } |
| 505 | if (flags & DP_F_NUM) { | ||
| 506 | if (base == 8) prefix = "0"; | ||
| 507 | if (base == 16) prefix = "0x"; | ||
| 508 | } | ||
| 504 | if (flags & DP_F_UP) | 509 | if (flags & DP_F_UP) |
| 505 | caps = 1; | 510 | caps = 1; |
| 506 | do { | 511 | do { |
| @@ -508,13 +513,13 @@ fmtint( | |||
| 508 | (caps ? "0123456789ABCDEF" : "0123456789abcdef") | 513 | (caps ? "0123456789ABCDEF" : "0123456789abcdef") |
| 509 | [uvalue % (unsigned) base]; | 514 | [uvalue % (unsigned) base]; |
| 510 | uvalue = (uvalue / (unsigned) base); | 515 | uvalue = (uvalue / (unsigned) base); |
| 511 | } while (uvalue && (place < 20)); | 516 | } while (uvalue && (place < sizeof convert)); |
| 512 | if (place == 20) | 517 | if (place == sizeof convert) |
| 513 | place--; | 518 | place--; |
| 514 | convert[place] = 0; | 519 | convert[place] = 0; |
| 515 | 520 | ||
| 516 | zpadlen = max - place; | 521 | zpadlen = max - place; |
| 517 | spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0); | 522 | spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix); |
| 518 | if (zpadlen < 0) | 523 | if (zpadlen < 0) |
| 519 | zpadlen = 0; | 524 | zpadlen = 0; |
| 520 | if (spadlen < 0) | 525 | if (spadlen < 0) |
| @@ -536,6 +541,12 @@ fmtint( | |||
| 536 | if (signvalue) | 541 | if (signvalue) |
| 537 | doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); | 542 | doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); |
| 538 | 543 | ||
| 544 | /* prefix */ | ||
| 545 | while (*prefix) { | ||
| 546 | doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix); | ||
| 547 | prefix++; | ||
| 548 | } | ||
| 549 | |||
| 539 | /* zeros */ | 550 | /* zeros */ |
| 540 | if (zpadlen > 0) { | 551 | if (zpadlen > 0) { |
| 541 | while (zpadlen > 0) { | 552 | while (zpadlen > 0) { |
| @@ -641,8 +652,8 @@ fmtfp( | |||
| 641 | (caps ? "0123456789ABCDEF" | 652 | (caps ? "0123456789ABCDEF" |
| 642 | : "0123456789abcdef")[intpart % 10]; | 653 | : "0123456789abcdef")[intpart % 10]; |
| 643 | intpart = (intpart / 10); | 654 | intpart = (intpart / 10); |
| 644 | } while (intpart && (iplace < 20)); | 655 | } while (intpart && (iplace < sizeof iplace)); |
| 645 | if (iplace == 20) | 656 | if (iplace == sizeof iplace) |
| 646 | iplace--; | 657 | iplace--; |
| 647 | iconvert[iplace] = 0; | 658 | iconvert[iplace] = 0; |
| 648 | 659 | ||
| @@ -653,7 +664,7 @@ fmtfp( | |||
| 653 | : "0123456789abcdef")[fracpart % 10]; | 664 | : "0123456789abcdef")[fracpart % 10]; |
| 654 | fracpart = (fracpart / 10); | 665 | fracpart = (fracpart / 10); |
| 655 | } while (fplace < max); | 666 | } while (fplace < max); |
| 656 | if (fplace == 20) | 667 | if (fplace == sizeof fplace) |
| 657 | fplace--; | 668 | fplace--; |
| 658 | fconvert[fplace] = 0; | 669 | fconvert[fplace] = 0; |
| 659 | 670 | ||
| @@ -692,7 +703,7 @@ fmtfp( | |||
| 692 | * Decimal point. This should probably use locale to find the correct | 703 | * Decimal point. This should probably use locale to find the correct |
| 693 | * char to print out. | 704 | * char to print out. |
| 694 | */ | 705 | */ |
| 695 | if (max > 0) { | 706 | if (max > 0 || (flags & DP_F_NUM)) { |
| 696 | doapr_outch(sbuffer, buffer, currlen, maxlen, '.'); | 707 | doapr_outch(sbuffer, buffer, currlen, maxlen, '.'); |
| 697 | 708 | ||
| 698 | while (fplace > 0) | 709 | while (fplace > 0) |
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c index 7632c2d85e..5282f8a8f7 100644 --- a/src/lib/libcrypto/bio/b_sock.c +++ b/src/lib/libcrypto/bio/b_sock.c | |||
| @@ -83,6 +83,7 @@ | |||
| 83 | static int wsa_init_done=0; | 83 | static int wsa_init_done=0; |
| 84 | #endif | 84 | #endif |
| 85 | 85 | ||
| 86 | #if 0 | ||
| 86 | static unsigned long BIO_ghbn_hits=0L; | 87 | static unsigned long BIO_ghbn_hits=0L; |
| 87 | static unsigned long BIO_ghbn_miss=0L; | 88 | static unsigned long BIO_ghbn_miss=0L; |
| 88 | 89 | ||
| @@ -93,6 +94,7 @@ static struct ghbn_cache_st | |||
| 93 | struct hostent *ent; | 94 | struct hostent *ent; |
| 94 | unsigned long order; | 95 | unsigned long order; |
| 95 | } ghbn_cache[GHBN_NUM]; | 96 | } ghbn_cache[GHBN_NUM]; |
| 97 | #endif | ||
| 96 | 98 | ||
| 97 | static int get_ip(const char *str,unsigned char *ip); | 99 | static int get_ip(const char *str,unsigned char *ip); |
| 98 | #if 0 | 100 | #if 0 |
| @@ -230,6 +232,7 @@ int BIO_sock_error(int sock) | |||
| 230 | return(j); | 232 | return(j); |
| 231 | } | 233 | } |
| 232 | 234 | ||
| 235 | #if 0 | ||
| 233 | long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) | 236 | long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) |
| 234 | { | 237 | { |
| 235 | int i; | 238 | int i; |
| @@ -267,6 +270,7 @@ long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) | |||
| 267 | } | 270 | } |
| 268 | return(1); | 271 | return(1); |
| 269 | } | 272 | } |
| 273 | #endif | ||
| 270 | 274 | ||
| 271 | #if 0 | 275 | #if 0 |
| 272 | static struct hostent *ghbn_dup(struct hostent *a) | 276 | static struct hostent *ghbn_dup(struct hostent *a) |
| @@ -463,6 +467,12 @@ int BIO_sock_init(void) | |||
| 463 | } | 467 | } |
| 464 | } | 468 | } |
| 465 | #endif /* OPENSSL_SYS_WINDOWS */ | 469 | #endif /* OPENSSL_SYS_WINDOWS */ |
| 470 | #ifdef WATT32 | ||
| 471 | extern int _watt_do_exit; | ||
| 472 | _watt_do_exit = 0; /* don't make sock_init() call exit() */ | ||
| 473 | if (sock_init()) | ||
| 474 | return (-1); | ||
| 475 | #endif | ||
| 466 | return(1); | 476 | return(1); |
| 467 | } | 477 | } |
| 468 | 478 | ||
| @@ -472,7 +482,9 @@ void BIO_sock_cleanup(void) | |||
| 472 | if (wsa_init_done) | 482 | if (wsa_init_done) |
| 473 | { | 483 | { |
| 474 | wsa_init_done=0; | 484 | wsa_init_done=0; |
| 485 | #ifndef OPENSSL_SYS_WINCE | ||
| 475 | WSACancelBlockingCall(); | 486 | WSACancelBlockingCall(); |
| 487 | #endif | ||
| 476 | WSACleanup(); | 488 | WSACleanup(); |
| 477 | } | 489 | } |
| 478 | #endif | 490 | #endif |
| @@ -480,7 +492,7 @@ void BIO_sock_cleanup(void) | |||
| 480 | 492 | ||
| 481 | #if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000 | 493 | #if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000 |
| 482 | 494 | ||
| 483 | int BIO_socket_ioctl(int fd, long type, unsigned long *arg) | 495 | int BIO_socket_ioctl(int fd, long type, void *arg) |
| 484 | { | 496 | { |
| 485 | int i; | 497 | int i; |
| 486 | 498 | ||
| @@ -730,7 +742,7 @@ int BIO_set_tcp_ndelay(int s, int on) | |||
| 730 | int BIO_socket_nbio(int s, int mode) | 742 | int BIO_socket_nbio(int s, int mode) |
| 731 | { | 743 | { |
| 732 | int ret= -1; | 744 | int ret= -1; |
| 733 | unsigned long l; | 745 | int l; |
| 734 | 746 | ||
| 735 | l=mode; | 747 | l=mode; |
| 736 | #ifdef FIONBIO | 748 | #ifdef FIONBIO |
diff --git a/src/lib/libcrypto/bio/bf_buff.c b/src/lib/libcrypto/bio/bf_buff.c index 6ccda06596..1cecd70579 100644 --- a/src/lib/libcrypto/bio/bf_buff.c +++ b/src/lib/libcrypto/bio/bf_buff.c | |||
| @@ -482,7 +482,7 @@ static int buffer_gets(BIO *b, char *buf, int size) | |||
| 482 | size-=i; | 482 | size-=i; |
| 483 | ctx->ibuf_len-=i; | 483 | ctx->ibuf_len-=i; |
| 484 | ctx->ibuf_off+=i; | 484 | ctx->ibuf_off+=i; |
| 485 | if ((flag) || (i == size)) | 485 | if (flag || size == 0) |
| 486 | { | 486 | { |
| 487 | *buf='\0'; | 487 | *buf='\0'; |
| 488 | return(num); | 488 | return(num); |
diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h index c5caf253c9..fbbc16d00c 100644 --- a/src/lib/libcrypto/bio/bio.h +++ b/src/lib/libcrypto/bio/bio.h | |||
| @@ -244,7 +244,7 @@ typedef struct bio_method_st | |||
| 244 | long (_far *ctrl)(); | 244 | long (_far *ctrl)(); |
| 245 | int (_far *create)(); | 245 | int (_far *create)(); |
| 246 | int (_far *destroy)(); | 246 | int (_far *destroy)(); |
| 247 | long (_fat *callback_ctrl)(); | 247 | long (_far *callback_ctrl)(); |
| 248 | } BIO_METHOD; | 248 | } BIO_METHOD; |
| 249 | #endif | 249 | #endif |
| 250 | 250 | ||
| @@ -522,6 +522,7 @@ int BIO_read(BIO *b, void *data, int len); | |||
| 522 | int BIO_gets(BIO *bp,char *buf, int size); | 522 | int BIO_gets(BIO *bp,char *buf, int size); |
| 523 | int BIO_write(BIO *b, const void *data, int len); | 523 | int BIO_write(BIO *b, const void *data, int len); |
| 524 | int BIO_puts(BIO *bp,const char *buf); | 524 | int BIO_puts(BIO *bp,const char *buf); |
| 525 | int BIO_indent(BIO *b,int indent,int max); | ||
| 525 | long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); | 526 | long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); |
| 526 | long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)); | 527 | long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)); |
| 527 | char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg); | 528 | char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg); |
| @@ -584,7 +585,7 @@ struct hostent *BIO_gethostbyname(const char *name); | |||
| 584 | * and an appropriate error code is set). | 585 | * and an appropriate error code is set). |
| 585 | */ | 586 | */ |
| 586 | int BIO_sock_error(int sock); | 587 | int BIO_sock_error(int sock); |
| 587 | int BIO_socket_ioctl(int fd, long type, unsigned long *arg); | 588 | int BIO_socket_ioctl(int fd, long type, void *arg); |
| 588 | int BIO_socket_nbio(int fd,int mode); | 589 | int BIO_socket_nbio(int fd,int mode); |
| 589 | int BIO_get_port(const char *str, unsigned short *port_ptr); | 590 | int BIO_get_port(const char *str, unsigned short *port_ptr); |
| 590 | int BIO_get_host_ip(const char *str, unsigned char *ip); | 591 | int BIO_get_host_ip(const char *str, unsigned char *ip); |
| @@ -608,7 +609,7 @@ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, | |||
| 608 | 609 | ||
| 609 | void BIO_copy_next_retry(BIO *b); | 610 | void BIO_copy_next_retry(BIO *b); |
| 610 | 611 | ||
| 611 | long BIO_ghbn_ctrl(int cmd,int iarg,char *parg); | 612 | /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ |
| 612 | 613 | ||
| 613 | int BIO_printf(BIO *bio, const char *format, ...); | 614 | int BIO_printf(BIO *bio, const char *format, ...); |
| 614 | int BIO_vprintf(BIO *bio, const char *format, va_list args); | 615 | int BIO_vprintf(BIO *bio, const char *format, va_list args); |
diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c index 50df2238fa..692c8fb5c6 100644 --- a/src/lib/libcrypto/bio/bio_lib.c +++ b/src/lib/libcrypto/bio/bio_lib.c | |||
| @@ -272,6 +272,18 @@ int BIO_gets(BIO *b, char *in, int inl) | |||
| 272 | return(i); | 272 | return(i); |
| 273 | } | 273 | } |
| 274 | 274 | ||
| 275 | int BIO_indent(BIO *b,int indent,int max) | ||
| 276 | { | ||
| 277 | if(indent < 0) | ||
| 278 | indent=0; | ||
| 279 | if(indent > max) | ||
| 280 | indent=max; | ||
| 281 | while(indent--) | ||
| 282 | if(BIO_puts(b," ") != 1) | ||
| 283 | return 0; | ||
| 284 | return 1; | ||
| 285 | } | ||
| 286 | |||
| 275 | long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg) | 287 | long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg) |
| 276 | { | 288 | { |
| 277 | int i; | 289 | int i; |
| @@ -383,6 +395,8 @@ BIO *BIO_pop(BIO *b) | |||
| 383 | if (b == NULL) return(NULL); | 395 | if (b == NULL) return(NULL); |
| 384 | ret=b->next_bio; | 396 | ret=b->next_bio; |
| 385 | 397 | ||
| 398 | BIO_ctrl(b,BIO_CTRL_POP,0,NULL); | ||
| 399 | |||
| 386 | if (b->prev_bio != NULL) | 400 | if (b->prev_bio != NULL) |
| 387 | b->prev_bio->next_bio=b->next_bio; | 401 | b->prev_bio->next_bio=b->next_bio; |
| 388 | if (b->next_bio != NULL) | 402 | if (b->next_bio != NULL) |
| @@ -390,7 +404,6 @@ BIO *BIO_pop(BIO *b) | |||
| 390 | 404 | ||
| 391 | b->next_bio=NULL; | 405 | b->next_bio=NULL; |
| 392 | b->prev_bio=NULL; | 406 | b->prev_bio=NULL; |
| 393 | BIO_ctrl(b,BIO_CTRL_POP,0,NULL); | ||
| 394 | return(ret); | 407 | return(ret); |
| 395 | } | 408 | } |
| 396 | 409 | ||
diff --git a/src/lib/libcrypto/bio/bss_bio.c b/src/lib/libcrypto/bio/bss_bio.c index 1c485a4479..aa58dab046 100644 --- a/src/lib/libcrypto/bio/bss_bio.c +++ b/src/lib/libcrypto/bio/bss_bio.c | |||
| @@ -28,13 +28,12 @@ | |||
| 28 | 28 | ||
| 29 | #include <openssl/bio.h> | 29 | #include <openssl/bio.h> |
| 30 | #include <openssl/err.h> | 30 | #include <openssl/err.h> |
| 31 | #include <openssl/err.h> | ||
| 32 | #include <openssl/crypto.h> | 31 | #include <openssl/crypto.h> |
| 33 | 32 | ||
| 34 | #include "e_os.h" | 33 | #include "e_os.h" |
| 35 | 34 | ||
| 36 | /* VxWorks defines SSIZE_MAX with an empty value causing compile errors */ | 35 | /* VxWorks defines SSIZE_MAX with an empty value causing compile errors */ |
| 37 | #if defined(OPENSSL_SYS_VSWORKS) | 36 | #if defined(OPENSSL_SYS_VXWORKS) |
| 38 | # undef SSIZE_MAX | 37 | # undef SSIZE_MAX |
| 39 | #endif | 38 | #endif |
| 40 | #ifndef SSIZE_MAX | 39 | #ifndef SSIZE_MAX |
diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c index 81f27dba4c..8c694140ed 100644 --- a/src/lib/libcrypto/bio/bss_conn.c +++ b/src/lib/libcrypto/bio/bss_conn.c | |||
| @@ -519,7 +519,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 519 | else if (num == 2) | 519 | else if (num == 2) |
| 520 | { | 520 | { |
| 521 | char buf[16]; | 521 | char buf[16]; |
| 522 | char *p = ptr; | 522 | unsigned char *p = ptr; |
| 523 | 523 | ||
| 524 | snprintf(buf,sizeof buf,"%d.%d.%d.%d", | 524 | snprintf(buf,sizeof buf,"%d.%d.%d.%d", |
| 525 | p[0],p[1],p[2],p[3]); | 525 | p[0],p[1],p[2],p[3]); |
| @@ -530,7 +530,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 530 | } | 530 | } |
| 531 | else if (num == 3) | 531 | else if (num == 3) |
| 532 | { | 532 | { |
| 533 | char buf[16]; | 533 | char buf[DECIMAL_SIZE(int)+1]; |
| 534 | 534 | ||
| 535 | snprintf(buf,sizeof buf,"%d",*(int *)ptr); | 535 | snprintf(buf,sizeof buf,"%d",*(int *)ptr); |
| 536 | if (data->param_port != NULL) | 536 | if (data->param_port != NULL) |
diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c index 18e7bb86e6..e4e9df144c 100644 --- a/src/lib/libcrypto/bio/bss_file.c +++ b/src/lib/libcrypto/bio/bss_file.c | |||
| @@ -247,7 +247,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 247 | ret=0; | 247 | ret=0; |
| 248 | break; | 248 | break; |
| 249 | } | 249 | } |
| 250 | #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) | 250 | #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) |
| 251 | if (!(num & BIO_FP_TEXT)) | 251 | if (!(num & BIO_FP_TEXT)) |
| 252 | strcat(p,"b"); | 252 | strcat(p,"b"); |
| 253 | else | 253 | else |
diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c index a39d95297c..1eb678cac0 100644 --- a/src/lib/libcrypto/bio/bss_log.c +++ b/src/lib/libcrypto/bio/bss_log.c | |||
| @@ -68,7 +68,8 @@ | |||
| 68 | 68 | ||
| 69 | #include "cryptlib.h" | 69 | #include "cryptlib.h" |
| 70 | 70 | ||
| 71 | #if defined(OPENSSL_SYS_WIN32) | 71 | #if defined(OPENSSL_SYS_WINCE) |
| 72 | #elif defined(OPENSSL_SYS_WIN32) | ||
| 72 | # include <process.h> | 73 | # include <process.h> |
| 73 | #elif defined(OPENSSL_SYS_VMS) | 74 | #elif defined(OPENSSL_SYS_VMS) |
| 74 | # include <opcdef.h> | 75 | # include <opcdef.h> |
| @@ -77,7 +78,7 @@ | |||
| 77 | # include <starlet.h> | 78 | # include <starlet.h> |
| 78 | #elif defined(__ultrix) | 79 | #elif defined(__ultrix) |
| 79 | # include <sys/syslog.h> | 80 | # include <sys/syslog.h> |
| 80 | #elif !defined(MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) /* Unix */ | 81 | #elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) |
| 81 | # include <syslog.h> | 82 | # include <syslog.h> |
| 82 | #endif | 83 | #endif |
| 83 | 84 | ||
| @@ -274,7 +275,7 @@ static void xsyslog(BIO *bp, int priority, const char *string) | |||
| 274 | LPCSTR lpszStrings[2]; | 275 | LPCSTR lpszStrings[2]; |
| 275 | WORD evtype= EVENTLOG_ERROR_TYPE; | 276 | WORD evtype= EVENTLOG_ERROR_TYPE; |
| 276 | int pid = _getpid(); | 277 | int pid = _getpid(); |
| 277 | char pidbuf[20]; | 278 | char pidbuf[DECIMAL_SIZE(pid)+4]; |
| 278 | 279 | ||
| 279 | switch (priority) | 280 | switch (priority) |
| 280 | { | 281 | { |
| @@ -373,11 +374,15 @@ static void xcloselog(BIO* bp) | |||
| 373 | { | 374 | { |
| 374 | } | 375 | } |
| 375 | 376 | ||
| 376 | #else /* Unix */ | 377 | #else /* Unix/Watt32 */ |
| 377 | 378 | ||
| 378 | static void xopenlog(BIO* bp, char* name, int level) | 379 | static void xopenlog(BIO* bp, char* name, int level) |
| 379 | { | 380 | { |
| 381 | #ifdef WATT32 /* djgpp/DOS */ | ||
| 382 | openlog(name, LOG_PID|LOG_CONS|LOG_NDELAY, level); | ||
| 383 | #else | ||
| 380 | openlog(name, LOG_PID|LOG_CONS, level); | 384 | openlog(name, LOG_PID|LOG_CONS, level); |
| 385 | #endif | ||
| 381 | } | 386 | } |
| 382 | 387 | ||
| 383 | static void xsyslog(BIO *bp, int priority, const char *string) | 388 | static void xsyslog(BIO *bp, int priority, const char *string) |
diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c index 28ff7582bf..a4edb711ae 100644 --- a/src/lib/libcrypto/bio/bss_mem.c +++ b/src/lib/libcrypto/bio/bss_mem.c | |||
| @@ -190,7 +190,7 @@ static int mem_write(BIO *b, const char *in, int inl) | |||
| 190 | 190 | ||
| 191 | BIO_clear_retry_flags(b); | 191 | BIO_clear_retry_flags(b); |
| 192 | blen=bm->length; | 192 | blen=bm->length; |
| 193 | if (BUF_MEM_grow(bm,blen+inl) != (blen+inl)) | 193 | if (BUF_MEM_grow_clean(bm,blen+inl) != (blen+inl)) |
| 194 | goto end; | 194 | goto end; |
| 195 | memcpy(&(bm->data[blen]),in,inl); | 195 | memcpy(&(bm->data[blen]),in,inl); |
| 196 | ret=inl; | 196 | ret=inl; |
| @@ -284,7 +284,11 @@ static int mem_gets(BIO *bp, char *buf, int size) | |||
| 284 | 284 | ||
| 285 | BIO_clear_retry_flags(bp); | 285 | BIO_clear_retry_flags(bp); |
| 286 | j=bm->length; | 286 | j=bm->length; |
| 287 | if (j <= 0) return(0); | 287 | if (j <= 0) |
| 288 | { | ||
| 289 | *buf='\0'; | ||
| 290 | return 0; | ||
| 291 | } | ||
| 288 | p=bm->data; | 292 | p=bm->data; |
| 289 | for (i=0; i<j; i++) | 293 | for (i=0; i<j; i++) |
| 290 | { | 294 | { |
diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c index fdabd16d7e..2c1c405ec7 100644 --- a/src/lib/libcrypto/bio/bss_sock.c +++ b/src/lib/libcrypto/bio/bss_sock.c | |||
| @@ -64,6 +64,12 @@ | |||
| 64 | #include "cryptlib.h" | 64 | #include "cryptlib.h" |
| 65 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 66 | 66 | ||
| 67 | #ifdef WATT32 | ||
| 68 | #define sock_write SockWrite /* Watt-32 uses same names */ | ||
| 69 | #define sock_read SockRead | ||
| 70 | #define sock_puts SockPuts | ||
| 71 | #endif | ||
| 72 | |||
| 67 | static int sock_write(BIO *h, const char *buf, int num); | 73 | static int sock_write(BIO *h, const char *buf, int num); |
| 68 | static int sock_read(BIO *h, char *buf, int size); | 74 | static int sock_read(BIO *h, char *buf, int size); |
| 69 | static int sock_puts(BIO *h, const char *str); | 75 | static int sock_puts(BIO *h, const char *str); |
diff --git a/src/lib/libcrypto/bn/Makefile.ssl b/src/lib/libcrypto/bn/Makefile.ssl index 6a479726c4..fa17d3c7d8 100644 --- a/src/lib/libcrypto/bn/Makefile.ssl +++ b/src/lib/libcrypto/bn/Makefile.ssl | |||
| @@ -23,14 +23,6 @@ BN_ASM= bn_asm.o | |||
| 23 | 23 | ||
| 24 | CFLAGS= $(INCLUDES) $(CFLAG) | 24 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 25 | 25 | ||
| 26 | # We let the C compiler driver to take care of .s files. This is done in | ||
| 27 | # order to be excused from maintaining a separate set of architecture | ||
| 28 | # dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC | ||
| 29 | # gcc, then the driver will automatically translate it to -xarch=v8plus | ||
| 30 | # and pass it down to assembler. | ||
| 31 | AS=$(CC) -c | ||
| 32 | ASFLAGS=$(CFLAGS) | ||
| 33 | |||
| 34 | GENERAL=Makefile | 26 | GENERAL=Makefile |
| 35 | TEST=bntest.c exptest.c | 27 | TEST=bntest.c exptest.c |
| 36 | APPS= | 28 | APPS= |
| @@ -73,22 +65,11 @@ lib: $(LIBOBJ) | |||
| 73 | @touch lib | 65 | @touch lib |
| 74 | 66 | ||
| 75 | # elf | 67 | # elf |
| 76 | asm/bn86-elf.o: asm/bn86unix.cpp | 68 | asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl |
| 77 | $(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o | 69 | (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s) |
| 78 | |||
| 79 | asm/co86-elf.o: asm/co86unix.cpp | ||
| 80 | $(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o | ||
| 81 | 70 | ||
| 82 | # solaris | 71 | asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl |
| 83 | asm/bn86-sol.o: asm/bn86unix.cpp | 72 | (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s) |
| 84 | $(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s | ||
| 85 | as -o asm/bn86-sol.o asm/bn86-sol.s | ||
| 86 | rm -f asm/bn86-sol.s | ||
| 87 | |||
| 88 | asm/co86-sol.o: asm/co86unix.cpp | ||
| 89 | $(CC) -E -DSOL asm/co86unix.cpp | sed 's/^#.*//' > asm/co86-sol.s | ||
| 90 | as -o asm/co86-sol.o asm/co86-sol.s | ||
| 91 | rm -f asm/co86-sol.s | ||
| 92 | 73 | ||
| 93 | # a.out | 74 | # a.out |
| 94 | asm/bn86-out.o: asm/bn86unix.cpp | 75 | asm/bn86-out.o: asm/bn86unix.cpp |
| @@ -136,6 +117,8 @@ asm/ia64-cpp.o: asm/ia64.S | |||
| 136 | $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ | 117 | $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ |
| 137 | rm -f /tmp/ia64.$$$$.s | 118 | rm -f /tmp/ia64.$$$$.s |
| 138 | 119 | ||
| 120 | asm/x86_64-gcc.o: asm/x86_64-gcc.c | ||
| 121 | |||
| 139 | files: | 122 | files: |
| 140 | $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO | 123 | $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO |
| 141 | 124 | ||
| @@ -169,14 +152,14 @@ lint: | |||
| 169 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 152 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 170 | 153 | ||
| 171 | depend: | 154 | depend: |
| 172 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 155 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 173 | 156 | ||
| 174 | dclean: | 157 | dclean: |
| 175 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 158 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 176 | mv -f Makefile.new $(MAKEFILE) | 159 | mv -f Makefile.new $(MAKEFILE) |
| 177 | 160 | ||
| 178 | clean: | 161 | clean: |
| 179 | rm -f asm/co86unix.cpp asm/bn86unix.cpp *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s | 162 | rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s |
| 180 | 163 | ||
| 181 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 164 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 182 | 165 | ||
diff --git a/src/lib/libcrypto/bn/asm/ia64.S b/src/lib/libcrypto/bn/asm/ia64.S index ae56066310..7dfda85566 100644 --- a/src/lib/libcrypto/bn/asm/ia64.S +++ b/src/lib/libcrypto/bn/asm/ia64.S | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | .explicit | 1 | .explicit |
| 2 | .text | 2 | .text |
| 3 | .ident "ia64.S, Version 1.1" | 3 | .ident "ia64.S, Version 2.0" |
| 4 | .ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>" | 4 | .ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>" |
| 5 | 5 | ||
| 6 | // | 6 | // |
| @@ -13,6 +13,35 @@ | |||
| 13 | // disclaimed. | 13 | // disclaimed. |
| 14 | // ==================================================================== | 14 | // ==================================================================== |
| 15 | // | 15 | // |
| 16 | // Version 2.x is Itanium2 re-tune. Few words about how Itanum2 is | ||
| 17 | // different from Itanium to this module viewpoint. Most notably, is it | ||
| 18 | // "wider" than Itanium? Can you experience loop scalability as | ||
| 19 | // discussed in commentary sections? Not really:-( Itanium2 has 6 | ||
| 20 | // integer ALU ports, i.e. it's 2 ports wider, but it's not enough to | ||
| 21 | // spin twice as fast, as I need 8 IALU ports. Amount of floating point | ||
| 22 | // ports is the same, i.e. 2, while I need 4. In other words, to this | ||
| 23 | // module Itanium2 remains effectively as "wide" as Itanium. Yet it's | ||
| 24 | // essentially different in respect to this module, and a re-tune was | ||
| 25 | // required. Well, because some intruction latencies has changed. Most | ||
| 26 | // noticeably those intensively used: | ||
| 27 | // | ||
| 28 | // Itanium Itanium2 | ||
| 29 | // ldf8 9 6 L2 hit | ||
| 30 | // ld8 2 1 L1 hit | ||
| 31 | // getf 2 5 | ||
| 32 | // xma[->getf] 7[+1] 4[+0] | ||
| 33 | // add[->st8] 1[+1] 1[+0] | ||
| 34 | // | ||
| 35 | // What does it mean? You might ratiocinate that the original code | ||
| 36 | // should run just faster... Because sum of latencies is smaller... | ||
| 37 | // Wrong! Note that getf latency increased. This means that if a loop is | ||
| 38 | // scheduled for lower latency (and they are), then it will suffer from | ||
| 39 | // stall condition and the code will therefore turn anti-scalable, e.g. | ||
| 40 | // original bn_mul_words spun at 5*n or 2.5 times slower than expected | ||
| 41 | // on Itanium2! What to do? Reschedule loops for Itanium2? But then | ||
| 42 | // Itanium would exhibit anti-scalability. So I've chosen to reschedule | ||
| 43 | // for worst latency for every instruction aiming for best *all-round* | ||
| 44 | // performance. | ||
| 16 | 45 | ||
| 17 | // Q. How much faster does it get? | 46 | // Q. How much faster does it get? |
| 18 | // A. Here is the output from 'openssl speed rsa dsa' for vanilla | 47 | // A. Here is the output from 'openssl speed rsa dsa' for vanilla |
| @@ -149,12 +178,27 @@ bn_add_words: | |||
| 149 | brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 | 178 | brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 |
| 150 | } | 179 | } |
| 151 | .body | 180 | .body |
| 152 | { .mib; mov r14=r32 // rp | 181 | { .mib; |
| 182 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 183 | addp4 r14=0,r32 // rp | ||
| 184 | #else | ||
| 185 | mov r14=r32 // rp | ||
| 186 | #endif | ||
| 153 | mov r9=pr };; | 187 | mov r9=pr };; |
| 154 | { .mii; mov r15=r33 // ap | 188 | { .mii; |
| 189 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 190 | addp4 r15=0,r33 // ap | ||
| 191 | #else | ||
| 192 | mov r15=r33 // ap | ||
| 193 | #endif | ||
| 155 | mov ar.lc=r10 | 194 | mov ar.lc=r10 |
| 156 | mov ar.ec=6 } | 195 | mov ar.ec=6 } |
| 157 | { .mib; mov r16=r34 // bp | 196 | { .mib; |
| 197 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 198 | addp4 r16=0,r34 // bp | ||
| 199 | #else | ||
| 200 | mov r16=r34 // bp | ||
| 201 | #endif | ||
| 158 | mov pr.rot=1<<16 };; | 202 | mov pr.rot=1<<16 };; |
| 159 | 203 | ||
| 160 | .L_bn_add_words_ctop: | 204 | .L_bn_add_words_ctop: |
| @@ -174,7 +218,7 @@ bn_add_words: | |||
| 174 | 218 | ||
| 175 | { .mii; | 219 | { .mii; |
| 176 | (p59) add r8=1,r8 // return value | 220 | (p59) add r8=1,r8 // return value |
| 177 | mov pr=r9,-1 | 221 | mov pr=r9,0x1ffff |
| 178 | mov ar.lc=r3 } | 222 | mov ar.lc=r3 } |
| 179 | { .mbb; nop.b 0x0 | 223 | { .mbb; nop.b 0x0 |
| 180 | br.ret.sptk.many b0 };; | 224 | br.ret.sptk.many b0 };; |
| @@ -202,12 +246,27 @@ bn_sub_words: | |||
| 202 | brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 | 246 | brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 |
| 203 | } | 247 | } |
| 204 | .body | 248 | .body |
| 205 | { .mib; mov r14=r32 // rp | 249 | { .mib; |
| 250 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 251 | addp4 r14=0,r32 // rp | ||
| 252 | #else | ||
| 253 | mov r14=r32 // rp | ||
| 254 | #endif | ||
| 206 | mov r9=pr };; | 255 | mov r9=pr };; |
| 207 | { .mii; mov r15=r33 // ap | 256 | { .mii; |
| 257 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 258 | addp4 r15=0,r33 // ap | ||
| 259 | #else | ||
| 260 | mov r15=r33 // ap | ||
| 261 | #endif | ||
| 208 | mov ar.lc=r10 | 262 | mov ar.lc=r10 |
| 209 | mov ar.ec=6 } | 263 | mov ar.ec=6 } |
| 210 | { .mib; mov r16=r34 // bp | 264 | { .mib; |
| 265 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 266 | addp4 r16=0,r34 // bp | ||
| 267 | #else | ||
| 268 | mov r16=r34 // bp | ||
| 269 | #endif | ||
| 211 | mov pr.rot=1<<16 };; | 270 | mov pr.rot=1<<16 };; |
| 212 | 271 | ||
| 213 | .L_bn_sub_words_ctop: | 272 | .L_bn_sub_words_ctop: |
| @@ -227,7 +286,7 @@ bn_sub_words: | |||
| 227 | 286 | ||
| 228 | { .mii; | 287 | { .mii; |
| 229 | (p59) add r8=1,r8 // return value | 288 | (p59) add r8=1,r8 // return value |
| 230 | mov pr=r9,-1 | 289 | mov pr=r9,0x1ffff |
| 231 | mov ar.lc=r3 } | 290 | mov ar.lc=r3 } |
| 232 | { .mbb; nop.b 0x0 | 291 | { .mbb; nop.b 0x0 |
| 233 | br.ret.sptk.many b0 };; | 292 | br.ret.sptk.many b0 };; |
| @@ -253,7 +312,7 @@ bn_mul_words: | |||
| 253 | #ifdef XMA_TEMPTATION | 312 | #ifdef XMA_TEMPTATION |
| 254 | { .mfi; alloc r2=ar.pfs,4,0,0,0 };; | 313 | { .mfi; alloc r2=ar.pfs,4,0,0,0 };; |
| 255 | #else | 314 | #else |
| 256 | { .mfi; alloc r2=ar.pfs,4,4,0,8 };; | 315 | { .mfi; alloc r2=ar.pfs,4,12,0,16 };; |
| 257 | #endif | 316 | #endif |
| 258 | { .mib; mov r8=r0 // return value | 317 | { .mib; mov r8=r0 // return value |
| 259 | cmp4.le p6,p0=r34,r0 | 318 | cmp4.le p6,p0=r34,r0 |
| @@ -266,24 +325,30 @@ bn_mul_words: | |||
| 266 | 325 | ||
| 267 | .body | 326 | .body |
| 268 | { .mib; setf.sig f8=r35 // w | 327 | { .mib; setf.sig f8=r35 // w |
| 269 | mov pr.rot=0x400001<<16 | 328 | mov pr.rot=0x800001<<16 |
| 270 | // ------^----- serves as (p48) at first (p26) | 329 | // ------^----- serves as (p50) at first (p27) |
| 271 | brp.loop.imp .L_bn_mul_words_ctop,.L_bn_mul_words_cend-16 | 330 | brp.loop.imp .L_bn_mul_words_ctop,.L_bn_mul_words_cend-16 |
| 272 | } | 331 | } |
| 273 | 332 | ||
| 274 | #ifndef XMA_TEMPTATION | 333 | #ifndef XMA_TEMPTATION |
| 275 | 334 | ||
| 276 | { .mii; mov r14=r32 // rp | 335 | { .mii; |
| 277 | mov r15=r33 // ap | 336 | #if defined(_HPUX_SOURCE) && defined(_ILP32) |
| 337 | addp4 r14=0,r32 // rp | ||
| 338 | addp4 r15=0,r33 // ap | ||
| 339 | #else | ||
| 340 | mov r14=r32 // rp | ||
| 341 | mov r15=r33 // ap | ||
| 342 | #endif | ||
| 278 | mov ar.lc=r10 } | 343 | mov ar.lc=r10 } |
| 279 | { .mii; mov r39=0 // serves as r33 at first (p26) | 344 | { .mii; mov r40=0 // serves as r35 at first (p27) |
| 280 | mov ar.ec=12 };; | 345 | mov ar.ec=13 };; |
| 281 | 346 | ||
| 282 | // This loop spins in 2*(n+11) ticks. It's scheduled for data in L2 | 347 | // This loop spins in 2*(n+12) ticks. It's scheduled for data in Itanium |
| 283 | // cache (i.e. 9 ticks away) as floating point load/store instructions | 348 | // L2 cache (i.e. 9 ticks away) as floating point load/store instructions |
| 284 | // bypass L1 cache and L2 latency is actually best-case scenario for | 349 | // bypass L1 cache and L2 latency is actually best-case scenario for |
| 285 | // ldf8. The loop is not scalable and shall run in 2*(n+11) even on | 350 | // ldf8. The loop is not scalable and shall run in 2*(n+12) even on |
| 286 | // "wider" IA-64 implementations. It's a trade-off here. n+22 loop | 351 | // "wider" IA-64 implementations. It's a trade-off here. n+24 loop |
| 287 | // would give us ~5% in *overall* performance improvement on "wider" | 352 | // would give us ~5% in *overall* performance improvement on "wider" |
| 288 | // IA-64, but would hurt Itanium for about same because of longer | 353 | // IA-64, but would hurt Itanium for about same because of longer |
| 289 | // epilogue. As it's a matter of few percents in either case I've | 354 | // epilogue. As it's a matter of few percents in either case I've |
| @@ -291,25 +356,25 @@ bn_mul_words: | |||
| 291 | // this very instruction sequence in bn_mul_add_words loop which in | 356 | // this very instruction sequence in bn_mul_add_words loop which in |
| 292 | // turn is scalable). | 357 | // turn is scalable). |
| 293 | .L_bn_mul_words_ctop: | 358 | .L_bn_mul_words_ctop: |
| 294 | { .mfi; (p25) getf.sig r36=f49 // low | 359 | { .mfi; (p25) getf.sig r36=f52 // low |
| 295 | (p21) xmpy.lu f45=f37,f8 | 360 | (p21) xmpy.lu f48=f37,f8 |
| 296 | (p27) cmp.ltu p52,p48=r39,r38 } | 361 | (p28) cmp.ltu p54,p50=r41,r39 } |
| 297 | { .mfi; (p16) ldf8 f32=[r15],8 | 362 | { .mfi; (p16) ldf8 f32=[r15],8 |
| 298 | (p21) xmpy.hu f38=f37,f8 | 363 | (p21) xmpy.hu f40=f37,f8 |
| 299 | (p0) nop.i 0x0 };; | 364 | (p0) nop.i 0x0 };; |
| 300 | { .mii; (p26) getf.sig r32=f43 // high | 365 | { .mii; (p25) getf.sig r32=f44 // high |
| 301 | .pred.rel "mutex",p48,p52 | 366 | .pred.rel "mutex",p50,p54 |
| 302 | (p48) add r38=r37,r33 // (p26) | 367 | (p50) add r40=r38,r35 // (p27) |
| 303 | (p52) add r38=r37,r33,1 } // (p26) | 368 | (p54) add r40=r38,r35,1 } // (p27) |
| 304 | { .mfb; (p27) st8 [r14]=r39,8 | 369 | { .mfb; (p28) st8 [r14]=r41,8 |
| 305 | (p0) nop.f 0x0 | 370 | (p0) nop.f 0x0 |
| 306 | br.ctop.sptk .L_bn_mul_words_ctop };; | 371 | br.ctop.sptk .L_bn_mul_words_ctop };; |
| 307 | .L_bn_mul_words_cend: | 372 | .L_bn_mul_words_cend: |
| 308 | 373 | ||
| 309 | { .mii; nop.m 0x0 | 374 | { .mii; nop.m 0x0 |
| 310 | .pred.rel "mutex",p49,p53 | 375 | .pred.rel "mutex",p51,p55 |
| 311 | (p49) add r8=r34,r0 | 376 | (p51) add r8=r36,r0 |
| 312 | (p53) add r8=r34,r0,1 } | 377 | (p55) add r8=r36,r0,1 } |
| 313 | { .mfb; nop.m 0x0 | 378 | { .mfb; nop.m 0x0 |
| 314 | nop.f 0x0 | 379 | nop.f 0x0 |
| 315 | nop.b 0x0 } | 380 | nop.b 0x0 } |
| @@ -344,7 +409,7 @@ bn_mul_words: | |||
| 344 | #endif // XMA_TEMPTATION | 409 | #endif // XMA_TEMPTATION |
| 345 | 410 | ||
| 346 | { .mii; nop.m 0x0 | 411 | { .mii; nop.m 0x0 |
| 347 | mov pr=r9,-1 | 412 | mov pr=r9,0x1ffff |
| 348 | mov ar.lc=r3 } | 413 | mov ar.lc=r3 } |
| 349 | { .mfb; rum 1<<5 // clear um.mfh | 414 | { .mfb; rum 1<<5 // clear um.mfh |
| 350 | nop.f 0x0 | 415 | nop.f 0x0 |
| @@ -376,59 +441,69 @@ bn_mul_add_words: | |||
| 376 | 441 | ||
| 377 | .body | 442 | .body |
| 378 | { .mib; setf.sig f8=r35 // w | 443 | { .mib; setf.sig f8=r35 // w |
| 379 | mov pr.rot=0x400001<<16 | 444 | mov pr.rot=0x800001<<16 |
| 380 | // ------^----- serves as (p48) at first (p26) | 445 | // ------^----- serves as (p50) at first (p27) |
| 381 | brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 | 446 | brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 |
| 382 | } | 447 | } |
| 383 | { .mii; mov r14=r32 // rp | 448 | { .mii; |
| 384 | mov r15=r33 // ap | 449 | #if defined(_HPUX_SOURCE) && defined(_ILP32) |
| 450 | addp4 r14=0,r32 // rp | ||
| 451 | addp4 r15=0,r33 // ap | ||
| 452 | #else | ||
| 453 | mov r14=r32 // rp | ||
| 454 | mov r15=r33 // ap | ||
| 455 | #endif | ||
| 385 | mov ar.lc=r10 } | 456 | mov ar.lc=r10 } |
| 386 | { .mii; mov r39=0 // serves as r33 at first (p26) | 457 | { .mii; mov r40=0 // serves as r35 at first (p27) |
| 387 | mov r18=r32 // rp copy | 458 | #if defined(_HPUX_SOURCE) && defined(_ILP32) |
| 388 | mov ar.ec=14 };; | 459 | addp4 r18=0,r32 // rp copy |
| 460 | #else | ||
| 461 | mov r18=r32 // rp copy | ||
| 462 | #endif | ||
| 463 | mov ar.ec=15 };; | ||
| 389 | 464 | ||
| 390 | // This loop spins in 3*(n+13) ticks on Itanium and should spin in | 465 | // This loop spins in 3*(n+14) ticks on Itanium and should spin in |
| 391 | // 2*(n+13) on "wider" IA-64 implementations (to be verified with new | 466 | // 2*(n+14) on "wider" IA-64 implementations (to be verified with new |
| 392 | // µ-architecture manuals as they become available). As usual it's | 467 | // µ-architecture manuals as they become available). As usual it's |
| 393 | // possible to compress the epilogue, down to 10 in this case, at the | 468 | // possible to compress the epilogue, down to 10 in this case, at the |
| 394 | // cost of scalability. Compressed (and therefore non-scalable) loop | 469 | // cost of scalability. Compressed (and therefore non-scalable) loop |
| 395 | // running at 3*(n+10) would buy you ~10% on Itanium but take ~35% | 470 | // running at 3*(n+11) would buy you ~10% on Itanium but take ~35% |
| 396 | // from "wider" IA-64 so let it be scalable! Special attention was | 471 | // from "wider" IA-64 so let it be scalable! Special attention was |
| 397 | // paid for having the loop body split at 64-byte boundary. ld8 is | 472 | // paid for having the loop body split at 64-byte boundary. ld8 is |
| 398 | // scheduled for L1 cache as the data is more than likely there. | 473 | // scheduled for L1 cache as the data is more than likely there. |
| 399 | // Indeed, bn_mul_words has put it there a moment ago:-) | 474 | // Indeed, bn_mul_words has put it there a moment ago:-) |
| 400 | .L_bn_mul_add_words_ctop: | 475 | .L_bn_mul_add_words_ctop: |
| 401 | { .mfi; (p25) getf.sig r36=f49 // low | 476 | { .mfi; (p25) getf.sig r36=f52 // low |
| 402 | (p21) xmpy.lu f45=f37,f8 | 477 | (p21) xmpy.lu f48=f37,f8 |
| 403 | (p27) cmp.ltu p52,p48=r39,r38 } | 478 | (p28) cmp.ltu p54,p50=r41,r39 } |
| 404 | { .mfi; (p16) ldf8 f32=[r15],8 | 479 | { .mfi; (p16) ldf8 f32=[r15],8 |
| 405 | (p21) xmpy.hu f38=f37,f8 | 480 | (p21) xmpy.hu f40=f37,f8 |
| 406 | (p27) add r43=r43,r39 };; | 481 | (p28) add r45=r45,r41 };; |
| 407 | { .mii; (p26) getf.sig r32=f43 // high | 482 | { .mii; (p25) getf.sig r32=f44 // high |
| 408 | .pred.rel "mutex",p48,p52 | 483 | .pred.rel "mutex",p50,p54 |
| 409 | (p48) add r38=r37,r33 // (p26) | 484 | (p50) add r40=r38,r35 // (p27) |
| 410 | (p52) add r38=r37,r33,1 } // (p26) | 485 | (p54) add r40=r38,r35,1 } // (p27) |
| 411 | { .mfb; (p27) cmp.ltu.unc p56,p0=r43,r39 | 486 | { .mfb; (p28) cmp.ltu.unc p60,p0=r45,r41 |
| 412 | (p0) nop.f 0x0 | 487 | (p0) nop.f 0x0 |
| 413 | (p0) nop.b 0x0 } | 488 | (p0) nop.b 0x0 } |
| 414 | { .mii; (p26) ld8 r42=[r18],8 | 489 | { .mii; (p27) ld8 r44=[r18],8 |
| 415 | (p58) cmp.eq.or p57,p0=-1,r44 | 490 | (p62) cmp.eq.or p61,p0=-1,r46 |
| 416 | (p58) add r44=1,r44 } | 491 | (p62) add r46=1,r46 } |
| 417 | { .mfb; (p29) st8 [r14]=r45,8 | 492 | { .mfb; (p30) st8 [r14]=r47,8 |
| 418 | (p0) nop.f 0x0 | 493 | (p0) nop.f 0x0 |
| 419 | br.ctop.sptk .L_bn_mul_add_words_ctop};; | 494 | br.ctop.sptk .L_bn_mul_add_words_ctop};; |
| 420 | .L_bn_mul_add_words_cend: | 495 | .L_bn_mul_add_words_cend: |
| 421 | 496 | ||
| 422 | { .mii; nop.m 0x0 | 497 | { .mii; nop.m 0x0 |
| 423 | .pred.rel "mutex",p51,p55 | 498 | .pred.rel "mutex",p53,p57 |
| 424 | (p51) add r8=r36,r0 | 499 | (p53) add r8=r38,r0 |
| 425 | (p55) add r8=r36,r0,1 } | 500 | (p57) add r8=r38,r0,1 } |
| 426 | { .mfb; nop.m 0x0 | 501 | { .mfb; nop.m 0x0 |
| 427 | nop.f 0x0 | 502 | nop.f 0x0 |
| 428 | nop.b 0x0 };; | 503 | nop.b 0x0 };; |
| 429 | { .mii; | 504 | { .mii; |
| 430 | (p59) add r8=1,r8 | 505 | (p63) add r8=1,r8 |
| 431 | mov pr=r9,-1 | 506 | mov pr=r9,0x1ffff |
| 432 | mov ar.lc=r3 } | 507 | mov ar.lc=r3 } |
| 433 | { .mfb; rum 1<<5 // clear um.mfh | 508 | { .mfb; rum 1<<5 // clear um.mfh |
| 434 | nop.f 0x0 | 509 | nop.f 0x0 |
| @@ -461,6 +536,10 @@ bn_sqr_words: | |||
| 461 | mov r9=pr };; | 536 | mov r9=pr };; |
| 462 | 537 | ||
| 463 | .body | 538 | .body |
| 539 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 540 | { .mii; addp4 r32=0,r32 | ||
| 541 | addp4 r33=0,r33 };; | ||
| 542 | #endif | ||
| 464 | { .mib; | 543 | { .mib; |
| 465 | mov pr.rot=1<<16 | 544 | mov pr.rot=1<<16 |
| 466 | brp.loop.imp .L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16 | 545 | brp.loop.imp .L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16 |
| @@ -492,7 +571,7 @@ bn_sqr_words: | |||
| 492 | .L_bn_sqr_words_cend: | 571 | .L_bn_sqr_words_cend: |
| 493 | 572 | ||
| 494 | { .mii; nop.m 0x0 | 573 | { .mii; nop.m 0x0 |
| 495 | mov pr=r9,-1 | 574 | mov pr=r9,0x1ffff |
| 496 | mov ar.lc=r3 } | 575 | mov ar.lc=r3 } |
| 497 | { .mfb; rum 1<<5 // clear um.mfh | 576 | { .mfb; rum 1<<5 // clear um.mfh |
| 498 | nop.f 0x0 | 577 | nop.f 0x0 |
| @@ -526,7 +605,14 @@ bn_sqr_comba8: | |||
| 526 | .prologue | 605 | .prologue |
| 527 | .fframe 0 | 606 | .fframe 0 |
| 528 | .save ar.pfs,r2 | 607 | .save ar.pfs,r2 |
| 608 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 529 | { .mii; alloc r2=ar.pfs,2,1,0,0 | 609 | { .mii; alloc r2=ar.pfs,2,1,0,0 |
| 610 | addp4 r33=0,r33 | ||
| 611 | addp4 r32=0,r32 };; | ||
| 612 | { .mii; | ||
| 613 | #else | ||
| 614 | { .mii; alloc r2=ar.pfs,2,1,0,0 | ||
| 615 | #endif | ||
| 530 | mov r34=r33 | 616 | mov r34=r33 |
| 531 | add r14=8,r33 };; | 617 | add r14=8,r33 };; |
| 532 | .body | 618 | .body |
| @@ -587,7 +673,14 @@ bn_mul_comba8: | |||
| 587 | .prologue | 673 | .prologue |
| 588 | .fframe 0 | 674 | .fframe 0 |
| 589 | .save ar.pfs,r2 | 675 | .save ar.pfs,r2 |
| 676 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 590 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 677 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| 678 | addp4 r33=0,r33 | ||
| 679 | addp4 r34=0,r34 };; | ||
| 680 | { .mii; addp4 r32=0,r32 | ||
| 681 | #else | ||
| 682 | { .mii; alloc r2=ar.pfs,3,0,0,0 | ||
| 683 | #endif | ||
| 591 | add r14=8,r33 | 684 | add r14=8,r33 |
| 592 | add r17=8,r34 } | 685 | add r17=8,r34 } |
| 593 | .body | 686 | .body |
| @@ -1138,7 +1231,14 @@ bn_sqr_comba4: | |||
| 1138 | .prologue | 1231 | .prologue |
| 1139 | .fframe 0 | 1232 | .fframe 0 |
| 1140 | .save ar.pfs,r2 | 1233 | .save ar.pfs,r2 |
| 1234 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 1235 | { .mii; alloc r2=ar.pfs,2,1,0,0 | ||
| 1236 | addp4 r32=0,r32 | ||
| 1237 | addp4 r33=0,r33 };; | ||
| 1238 | { .mii; | ||
| 1239 | #else | ||
| 1141 | { .mii; alloc r2=ar.pfs,2,1,0,0 | 1240 | { .mii; alloc r2=ar.pfs,2,1,0,0 |
| 1241 | #endif | ||
| 1142 | mov r34=r33 | 1242 | mov r34=r33 |
| 1143 | add r14=8,r33 };; | 1243 | add r14=8,r33 };; |
| 1144 | .body | 1244 | .body |
| @@ -1164,7 +1264,14 @@ bn_mul_comba4: | |||
| 1164 | .prologue | 1264 | .prologue |
| 1165 | .fframe 0 | 1265 | .fframe 0 |
| 1166 | .save ar.pfs,r2 | 1266 | .save ar.pfs,r2 |
| 1267 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 1268 | { .mii; alloc r2=ar.pfs,3,0,0,0 | ||
| 1269 | addp4 r33=0,r33 | ||
| 1270 | addp4 r34=0,r34 };; | ||
| 1271 | { .mii; addp4 r32=0,r32 | ||
| 1272 | #else | ||
| 1167 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 1273 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| 1274 | #endif | ||
| 1168 | add r14=8,r33 | 1275 | add r14=8,r33 |
| 1169 | add r17=8,r34 } | 1276 | add r17=8,r34 } |
| 1170 | .body | 1277 | .body |
| @@ -1464,7 +1571,7 @@ bn_div_words: | |||
| 1464 | or r8=r8,r33 | 1571 | or r8=r8,r33 |
| 1465 | mov ar.pfs=r2 };; | 1572 | mov ar.pfs=r2 };; |
| 1466 | { .mii; shr.u r9=H,I // remainder if anybody wants it | 1573 | { .mii; shr.u r9=H,I // remainder if anybody wants it |
| 1467 | mov pr=r10,-1 } | 1574 | mov pr=r10,0x1ffff } |
| 1468 | { .mfb; br.ret.sptk.many b0 };; | 1575 | { .mfb; br.ret.sptk.many b0 };; |
| 1469 | 1576 | ||
| 1470 | // Unsigned 64 by 32 (well, by 64 for the moment) bit integer division | 1577 | // Unsigned 64 by 32 (well, by 64 for the moment) bit integer division |
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2.s b/src/lib/libcrypto/bn/asm/pa-risc2.s index af9730d062..f3b16290eb 100644 --- a/src/lib/libcrypto/bn/asm/pa-risc2.s +++ b/src/lib/libcrypto/bn/asm/pa-risc2.s | |||
| @@ -747,8 +747,8 @@ bn_div_words | |||
| 747 | .PROC | 747 | .PROC |
| 748 | .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN | 748 | .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN |
| 749 | .IMPORT BN_num_bits_word,CODE | 749 | .IMPORT BN_num_bits_word,CODE |
| 750 | .IMPORT __iob,DATA | 750 | ;--- not PIC .IMPORT __iob,DATA |
| 751 | .IMPORT fprintf,CODE | 751 | ;--- not PIC .IMPORT fprintf,CODE |
| 752 | .IMPORT abort,CODE | 752 | .IMPORT abort,CODE |
| 753 | .IMPORT $$div2U,MILLICODE | 753 | .IMPORT $$div2U,MILLICODE |
| 754 | .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE | 754 | .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE |
| @@ -844,12 +844,12 @@ $0006001A | |||
| 844 | MOVIB,TR 2,%r8,$0006001C ;offset 0xa18 | 844 | MOVIB,TR 2,%r8,$0006001C ;offset 0xa18 |
| 845 | EXTRD,U %r3,63,32,%r7 ;offset 0xa1c | 845 | EXTRD,U %r3,63,32,%r7 ;offset 0xa1c |
| 846 | $D2 | 846 | $D2 |
| 847 | ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20 | 847 | ;--- not PIC ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20 |
| 848 | LDIL LR'C$7,%r21 ;offset 0xa24 | 848 | ;--- not PIC LDIL LR'C$7,%r21 ;offset 0xa24 |
| 849 | LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28 | 849 | ;--- not PIC LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28 |
| 850 | .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28; | 850 | ;--- not PIC .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28; |
| 851 | B,L fprintf,%r2 ;offset 0xa2c | 851 | ;--- not PIC B,L fprintf,%r2 ;offset 0xa2c |
| 852 | LDO RR'C$7(%r21),%r25 ;offset 0xa30 | 852 | ;--- not PIC LDO RR'C$7(%r21),%r25 ;offset 0xa30 |
| 853 | .CALL ; | 853 | .CALL ; |
| 854 | B,L abort,%r2 ;offset 0xa34 | 854 | B,L abort,%r2 ;offset 0xa34 |
| 855 | NOP ;offset 0xa38 | 855 | NOP ;offset 0xa38 |
| @@ -1605,14 +1605,14 @@ bn_mul_comba4 | |||
| 1605 | .PROCEND | 1605 | .PROCEND |
| 1606 | 1606 | ||
| 1607 | 1607 | ||
| 1608 | .SPACE $TEXT$ | 1608 | ;--- not PIC .SPACE $TEXT$ |
| 1609 | .SUBSPA $CODE$ | 1609 | ;--- not PIC .SUBSPA $CODE$ |
| 1610 | .SPACE $PRIVATE$,SORT=16 | 1610 | ;--- not PIC .SPACE $PRIVATE$,SORT=16 |
| 1611 | .IMPORT $global$,DATA | 1611 | ;--- not PIC .IMPORT $global$,DATA |
| 1612 | .SPACE $TEXT$ | 1612 | ;--- not PIC .SPACE $TEXT$ |
| 1613 | .SUBSPA $CODE$ | 1613 | ;--- not PIC .SUBSPA $CODE$ |
| 1614 | .SUBSPA $LIT$,ACCESS=0x2c | 1614 | ;--- not PIC .SUBSPA $LIT$,ACCESS=0x2c |
| 1615 | C$7 | 1615 | ;--- not PIC C$7 |
| 1616 | .ALIGN 8 | 1616 | ;--- not PIC .ALIGN 8 |
| 1617 | .STRINGZ "Division would overflow (%d)\n" | 1617 | ;--- not PIC .STRINGZ "Division would overflow (%d)\n" |
| 1618 | .END | 1618 | .END |
diff --git a/src/lib/libcrypto/bn/asm/vms.mar b/src/lib/libcrypto/bn/asm/vms.mar index 465f2774b6..aefab15cdb 100644 --- a/src/lib/libcrypto/bn/asm/vms.mar +++ b/src/lib/libcrypto/bn/asm/vms.mar | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .title vax_bn_mul_add_word unsigned multiply & add, 32*32+32+32=>64 | 1 | .title vax_bn_mul_add_words unsigned multiply & add, 32*32+32+32=>64 |
| 2 | ; | 2 | ; |
| 3 | ; w.j.m. 15-jan-1999 | 3 | ; w.j.m. 15-jan-1999 |
| 4 | ; | 4 | ; |
| @@ -59,7 +59,7 @@ w=16 ;(AP) w by value (input) | |||
| 59 | movl r6,r0 ; return c | 59 | movl r6,r0 ; return c |
| 60 | ret | 60 | ret |
| 61 | 61 | ||
| 62 | .title vax_bn_mul_word unsigned multiply & add, 32*32+32=>64 | 62 | .title vax_bn_mul_words unsigned multiply & add, 32*32+32=>64 |
| 63 | ; | 63 | ; |
| 64 | ; w.j.m. 15-jan-1999 | 64 | ; w.j.m. 15-jan-1999 |
| 65 | ; | 65 | ; |
| @@ -172,147 +172,175 @@ n=12 ;(AP) n by value (input) | |||
| 172 | ; } | 172 | ; } |
| 173 | ; | 173 | ; |
| 174 | ; Using EDIV would be very easy, if it didn't do signed calculations. | 174 | ; Using EDIV would be very easy, if it didn't do signed calculations. |
| 175 | ; Therefore, som extra things have to happen around it. The way to | 175 | ; Any time any of the input numbers are signed, there are problems, |
| 176 | ; handle that is to shift all operands right one step (basically dividing | 176 | ; usually with integer overflow, at which point it returns useless |
| 177 | ; them by 2) and handle the different cases depending on what the lowest | 177 | ; data (the quotient gets the value of l, and the remainder becomes 0). |
| 178 | ; bit of each operand was. | ||
| 179 | ; | 178 | ; |
| 180 | ; To start with, let's define the following: | 179 | ; If it was just for the dividend, it would be very easy, just divide |
| 180 | ; it by 2 (unsigned), do the division, multiply the resulting quotient | ||
| 181 | ; and remainder by 2, add the bit that was dropped when dividing by 2 | ||
| 182 | ; to the remainder, and do some adjustment so the remainder doesn't | ||
| 183 | ; end up larger than the divisor. For some cases when the divisor is | ||
| 184 | ; negative (from EDIV's point of view, i.e. when the highest bit is set), | ||
| 185 | ; dividing the dividend by 2 isn't enough, and since some operations | ||
| 186 | ; might generate integer overflows even when the dividend is divided by | ||
| 187 | ; 4 (when the high part of the shifted down dividend ends up being exactly | ||
| 188 | ; half of the divisor, the result is the quotient 0x80000000, which is | ||
| 189 | ; negative...) it needs to be divided by 8. Furthermore, the divisor needs | ||
| 190 | ; to be divided by 2 (unsigned) as well, to avoid more problems with the sign. | ||
| 191 | ; In this case, a little extra fiddling with the remainder is required. | ||
| 181 | ; | 192 | ; |
| 182 | ; a' = l & 1 | 193 | ; So, the simplest way to handle this is always to divide the dividend |
| 183 | ; a2 = <h,l> >> 1 # UNSIGNED shift! | 194 | ; by 8, and to divide the divisor by 2 if it's highest bit is set. |
| 184 | ; b' = d & 1 | 195 | ; After EDIV has been used, the quotient gets multiplied by 8 if the |
| 185 | ; b2 = d >> 1 # UNSIGNED shift! | 196 | ; original divisor was positive, otherwise 4. The remainder, oddly |
| 197 | ; enough, is *always* multiplied by 8. | ||
| 198 | ; NOTE: in the case mentioned above, where the high part of the shifted | ||
| 199 | ; down dividend ends up being exactly half the shifted down divisor, we | ||
| 200 | ; end up with a 33 bit quotient. That's no problem however, it usually | ||
| 201 | ; means we have ended up with a too large remainder as well, and the | ||
| 202 | ; problem is fixed by the last part of the algorithm (next paragraph). | ||
| 186 | ; | 203 | ; |
| 187 | ; Now, use EDIV to calculate a quotient and a remainder: | 204 | ; The routine ends with comparing the resulting remainder with the |
| 205 | ; original divisor and if the remainder is larger, subtract the | ||
| 206 | ; original divisor from it, and increase the quotient by 1. This is | ||
| 207 | ; done until the remainder is smaller than the divisor. | ||
| 188 | ; | 208 | ; |
| 189 | ; q'' = a2/b2 | 209 | ; The complete algorithm looks like this: |
| 190 | ; r'' = a2 - q''*b2 | ||
| 191 | ; | 210 | ; |
| 192 | ; If b' is 0, the quotient is already correct, we just need to adjust the | 211 | ; d' = d |
| 193 | ; remainder: | 212 | ; l' = l & 7 |
| 213 | ; [h,l] = [h,l] >> 3 | ||
| 214 | ; [q,r] = floor([h,l] / d) # This is the EDIV operation | ||
| 215 | ; if (q < 0) q = -q # I doubt this is necessary any more | ||
| 194 | ; | 216 | ; |
| 195 | ; if (b' == 0) | 217 | ; r' = r >> 29 |
| 196 | ; { | 218 | ; if (d' >= 0) |
| 197 | ; r = 2*r'' + a' | 219 | ; q' = q >> 29 |
| 198 | ; q = q'' | 220 | ; q = q << 3 |
| 199 | ; } | 221 | ; else |
| 200 | ; | 222 | ; q' = q >> 30 |
| 201 | ; If b' is 1, we need to do other adjustements. The first thought is the | 223 | ; q = q << 2 |
| 202 | ; following (note that r' will not always have the right value, but an | 224 | ; r = (r << 3) + l' |
| 203 | ; adjustement follows further down): | ||
| 204 | ; | ||
| 205 | ; if (b' == 1) | ||
| 206 | ; { | ||
| 207 | ; q' = q'' | ||
| 208 | ; r' = a - q'*b | ||
| 209 | ; | ||
| 210 | ; However, one can note the folowing relationship: | ||
| 211 | ; | ||
| 212 | ; r'' = a2 - q''*b2 | ||
| 213 | ; => 2*r'' = 2*a2 - 2*q''*b2 | ||
| 214 | ; = { a = 2*a2 + a', b = 2*b2 + b' = 2*b2 + 1, | ||
| 215 | ; q' = q'' } | ||
| 216 | ; = a - a' - q'*(b - 1) | ||
| 217 | ; = a - q'*b - a' + q' | ||
| 218 | ; = r' - a' + q' | ||
| 219 | ; => r' = 2*r'' - q' + a' | ||
| 220 | ; | 225 | ; |
| 221 | ; This enables us to use r'' instead of discarding and calculating another | 226 | ; if (d' < 0) |
| 222 | ; modulo: | ||
| 223 | ; | ||
| 224 | ; if (b' == 1) | ||
| 225 | ; { | 227 | ; { |
| 226 | ; q' = q'' | 228 | ; [r',r] = [r',r] - q |
| 227 | ; r' = (r'' << 1) - q' + a' | 229 | ; while ([r',r] < 0) |
| 228 | ; | ||
| 229 | ; Now, all we have to do is adjust r', because it might be < 0: | ||
| 230 | ; | ||
| 231 | ; while (r' < 0) | ||
| 232 | ; { | 230 | ; { |
| 233 | ; r' = r' + b | 231 | ; [r',r] = [r',r] + d |
| 234 | ; q' = q' - 1 | 232 | ; [q',q] = [q',q] - 1 |
| 235 | ; } | 233 | ; } |
| 236 | ; } | 234 | ; } |
| 237 | ; | 235 | ; |
| 238 | ; return q' | 236 | ; while ([r',r] >= d') |
| 237 | ; { | ||
| 238 | ; [r',r] = [r',r] - d' | ||
| 239 | ; [q',q] = [q',q] + 1 | ||
| 240 | ; } | ||
| 241 | ; | ||
| 242 | ; return q | ||
| 239 | 243 | ||
| 240 | h=4 ;(AP) h by value (input) | 244 | h=4 ;(AP) h by value (input) |
| 241 | l=8 ;(AP) l by value (input) | 245 | l=8 ;(AP) l by value (input) |
| 242 | d=12 ;(AP) d by value (input) | 246 | d=12 ;(AP) d by value (input) |
| 243 | 247 | ||
| 244 | ;aprim=r5 | 248 | ;r2 = l, q |
| 245 | ;a2=r6 | 249 | ;r3 = h, r |
| 246 | ;a20=r6 | 250 | ;r4 = d |
| 247 | ;a21=r7 | 251 | ;r5 = l' |
| 248 | ;bprim=r8 | 252 | ;r6 = r' |
| 249 | ;b2=r9 | 253 | ;r7 = d' |
| 250 | ;qprim=r10 ; initially used as q'' | 254 | ;r8 = q' |
| 251 | ;rprim=r11 ; initially used as r'' | ||
| 252 | |||
| 253 | 255 | ||
| 254 | .psect code,nowrt | 256 | .psect code,nowrt |
| 255 | 257 | ||
| 256 | .entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11> | 258 | .entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8> |
| 257 | movl l(ap),r2 | 259 | movl l(ap),r2 |
| 258 | movl h(ap),r3 | 260 | movl h(ap),r3 |
| 259 | movl d(ap),r4 | 261 | movl d(ap),r4 |
| 260 | 262 | ||
| 261 | movl #0,r5 | 263 | bicl3 #^XFFFFFFF8,r2,r5 ; l' = l & 7 |
| 262 | movl #0,r8 | 264 | bicl3 #^X00000007,r2,r2 |
| 263 | movl #0,r0 | ||
| 264 | ; movl #0,r1 | ||
| 265 | 265 | ||
| 266 | rotl #-1,r2,r6 ; a20 = l >> 1 (almost) | 266 | bicl3 #^XFFFFFFF8,r3,r6 |
| 267 | rotl #-1,r3,r7 ; a21 = h >> 1 (almost) | 267 | bicl3 #^X00000007,r3,r3 |
| 268 | rotl #-1,r4,r9 ; b2 = d >> 1 (almost) | 268 | |
| 269 | addl r6,r2 | ||
| 269 | 270 | ||
| 270 | tstl r6 | 271 | rotl #-3,r2,r2 ; l = l >> 3 |
| 271 | bgeq 1$ | 272 | rotl #-3,r3,r3 ; h = h >> 3 |
| 272 | xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 0 | 273 | |
| 273 | incl r5 ; a' = 1 | 274 | movl r4,r7 ; d' = d |
| 274 | 1$: | 275 | |
| 275 | tstl r7 | 276 | movl #0,r6 ; r' = 0 |
| 276 | bgeq 2$ | 277 | movl #0,r8 ; q' = 0 |
| 277 | xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 1, | 278 | |
| 278 | ; since that's what was lowest in a21 | 279 | tstl r4 |
| 279 | xorl2 #^X80000000,r7 ; fixup a21 so highest bit is 1 | ||
| 280 | 2$: | ||
| 281 | tstl r9 | ||
| 282 | beql 666$ ; Uh-oh, the divisor is 0... | 280 | beql 666$ ; Uh-oh, the divisor is 0... |
| 283 | bgtr 3$ | 281 | bgtr 1$ |
| 284 | xorl2 #^X80000000,r9 ; fixup b2 so highest bit is 0 | 282 | rotl #-1,r4,r4 ; If d is negative, shift it right. |
| 285 | incl r8 ; b' = 1 | 283 | bicl2 #^X80000000,r4 ; Since d is then a large number, the |
| 286 | 3$: | 284 | ; lowest bit is insignificant |
| 287 | tstl r9 | 285 | ; (contradict that, and I'll fix the problem!) |
| 288 | bneq 4$ ; if b2 is 0, we know that b' is 1 | 286 | 1$: |
| 289 | tstl r3 | 287 | ediv r4,r2,r2,r3 ; Do the actual division |
| 290 | bneq 666$ ; if higher half isn't 0, we overflow | 288 | |
| 291 | movl r2,r10 ; otherwise, we have our result | 289 | tstl r2 |
| 292 | brb 42$ ; This is a success, really. | 290 | bgeq 3$ |
| 293 | 4$: | 291 | mnegl r2,r2 ; if q < 0, negate it |
| 294 | ediv r9,r6,r10,r11 | 292 | 3$: |
| 295 | 293 | tstl r7 | |
| 296 | tstl r8 | 294 | blss 4$ |
| 297 | bneq 5$ ; If b' != 0, go to the other part | 295 | rotl #3,r2,r2 ; q = q << 3 |
| 298 | ; addl3 r11,r11,r1 | 296 | bicl3 #^XFFFFFFF8,r2,r8 ; q' gets the high bits from q |
| 299 | ; addl2 r5,r1 | 297 | bicl3 #^X00000007,r2,r2 |
| 300 | brb 42$ | 298 | bsb 41$ |
| 301 | 5$: | 299 | 4$: ; else |
| 302 | ashl #1,r11,r11 | 300 | rotl #2,r2,r2 ; q = q << 2 |
| 303 | subl2 r10,r11 | 301 | bicl3 #^XFFFFFFFC,r2,r8 ; q' gets the high bits from q |
| 304 | addl2 r5,r11 | 302 | bicl3 #^X00000003,r2,r2 |
| 305 | bgeq 7$ | 303 | 41$: |
| 306 | 6$: | 304 | rotl #3,r3,r3 ; r = r << 3 |
| 307 | decl r10 | 305 | bicl3 #^XFFFFFFF8,r3,r6 ; r' gets the high bits from r |
| 308 | addl2 r4,r11 | 306 | bicl3 #^X00000007,r3,r3 |
| 309 | blss 6$ | 307 | addl r5,r3 ; r = r + l' |
| 310 | 7$: | 308 | |
| 311 | ; movl r11,r1 | 309 | tstl r7 |
| 310 | bgeq 5$ | ||
| 311 | bitl #1,r7 | ||
| 312 | beql 5$ ; if d' < 0 && d' & 1 | ||
| 313 | subl r2,r3 ; [r',r] = [r',r] - [q',q] | ||
| 314 | sbwc r8,r6 | ||
| 315 | 45$: | ||
| 316 | bgeq 5$ ; while r < 0 | ||
| 317 | decl r2 ; [q',q] = [q',q] - 1 | ||
| 318 | sbwc #0,r8 | ||
| 319 | addl r7,r3 ; [r',r] = [r',r] + d' | ||
| 320 | adwc #0,r6 | ||
| 321 | brb 45$ | ||
| 322 | |||
| 323 | ; The return points are placed in the middle to keep a short distance from | ||
| 324 | ; all the branch points | ||
| 312 | 42$: | 325 | 42$: |
| 313 | movl r10,r0 | 326 | ; movl r3,r1 |
| 327 | movl r2,r0 | ||
| 328 | ret | ||
| 314 | 666$: | 329 | 666$: |
| 330 | movl #^XFFFFFFFF,r0 | ||
| 315 | ret | 331 | ret |
| 332 | |||
| 333 | 5$: | ||
| 334 | tstl r6 | ||
| 335 | bneq 6$ | ||
| 336 | cmpl r3,r7 | ||
| 337 | blssu 42$ ; while [r',r] >= d' | ||
| 338 | 6$: | ||
| 339 | subl r7,r3 ; [r',r] = [r',r] - d' | ||
| 340 | sbwc #0,r6 | ||
| 341 | incl r2 ; [q',q] = [q',q] + 1 | ||
| 342 | adwc #0,r8 | ||
| 343 | brb 5$ | ||
| 316 | 344 | ||
| 317 | .title vax_bn_add_words unsigned add of two arrays | 345 | .title vax_bn_add_words unsigned add of two arrays |
| 318 | ; | 346 | ; |
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index b40682f831..3da6d8ced9 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h | |||
| @@ -248,6 +248,8 @@ typedef struct bn_blinding_st | |||
| 248 | BIGNUM *A; | 248 | BIGNUM *A; |
| 249 | BIGNUM *Ai; | 249 | BIGNUM *Ai; |
| 250 | BIGNUM *mod; /* just a reference */ | 250 | BIGNUM *mod; /* just a reference */ |
| 251 | unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; | ||
| 252 | * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ | ||
| 251 | } BN_BLINDING; | 253 | } BN_BLINDING; |
| 252 | 254 | ||
| 253 | /* Used for montgomery multiplication */ | 255 | /* Used for montgomery multiplication */ |
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c index f9a095e3b3..580d1201bc 100644 --- a/src/lib/libcrypto/bn/bn_div.c +++ b/src/lib/libcrypto/bn/bn_div.c | |||
| @@ -150,6 +150,20 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, | |||
| 150 | q; \ | 150 | q; \ |
| 151 | }) | 151 | }) |
| 152 | # define REMAINDER_IS_ALREADY_CALCULATED | 152 | # define REMAINDER_IS_ALREADY_CALCULATED |
| 153 | # elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG) | ||
| 154 | /* | ||
| 155 | * Same story here, but it's 128-bit by 64-bit division. Wow! | ||
| 156 | * <appro@fy.chalmers.se> | ||
| 157 | */ | ||
| 158 | # define bn_div_words(n0,n1,d0) \ | ||
| 159 | ({ asm volatile ( \ | ||
| 160 | "divq %4" \ | ||
| 161 | : "=a"(q), "=d"(rem) \ | ||
| 162 | : "a"(n1), "d"(n0), "g"(d0) \ | ||
| 163 | : "cc"); \ | ||
| 164 | q; \ | ||
| 165 | }) | ||
| 166 | # define REMAINDER_IS_ALREADY_CALCULATED | ||
| 153 | # endif /* __<cpu> */ | 167 | # endif /* __<cpu> */ |
| 154 | # endif /* __GNUC__ */ | 168 | # endif /* __GNUC__ */ |
| 155 | #endif /* OPENSSL_NO_ASM */ | 169 | #endif /* OPENSSL_NO_ASM */ |
| @@ -268,6 +282,11 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 268 | q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0); | 282 | q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0); |
| 269 | #else | 283 | #else |
| 270 | q=bn_div_words(n0,n1,d0); | 284 | q=bn_div_words(n0,n1,d0); |
| 285 | #ifdef BN_DEBUG_LEVITTE | ||
| 286 | fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\ | ||
| 287 | X) -> 0x%08X\n", | ||
| 288 | n0, n1, d0, q); | ||
| 289 | #endif | ||
| 271 | #endif | 290 | #endif |
| 272 | 291 | ||
| 273 | #ifndef REMAINDER_IS_ALREADY_CALCULATED | 292 | #ifndef REMAINDER_IS_ALREADY_CALCULATED |
| @@ -292,11 +311,18 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 292 | BN_ULONG t2l,t2h,ql,qh; | 311 | BN_ULONG t2l,t2h,ql,qh; |
| 293 | 312 | ||
| 294 | q=bn_div_words(n0,n1,d0); | 313 | q=bn_div_words(n0,n1,d0); |
| 314 | #ifdef BN_DEBUG_LEVITTE | ||
| 315 | fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\ | ||
| 316 | X) -> 0x%08X\n", | ||
| 317 | n0, n1, d0, q); | ||
| 318 | #endif | ||
| 295 | #ifndef REMAINDER_IS_ALREADY_CALCULATED | 319 | #ifndef REMAINDER_IS_ALREADY_CALCULATED |
| 296 | rem=(n1-q*d0)&BN_MASK2; | 320 | rem=(n1-q*d0)&BN_MASK2; |
| 297 | #endif | 321 | #endif |
| 298 | 322 | ||
| 299 | #ifdef BN_UMULT_HIGH | 323 | #if defined(BN_UMULT_LOHI) |
| 324 | BN_UMULT_LOHI(t2l,t2h,d1,q); | ||
| 325 | #elif defined(BN_UMULT_HIGH) | ||
| 300 | t2l = d1 * q; | 326 | t2l = d1 * q; |
| 301 | t2h = BN_UMULT_HIGH(d1,q); | 327 | t2h = BN_UMULT_HIGH(d1,q); |
| 302 | #else | 328 | #else |
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h index 8a4dba375a..5614bc6164 100644 --- a/src/lib/libcrypto/bn/bn_lcl.h +++ b/src/lib/libcrypto/bn/bn_lcl.h | |||
| @@ -230,6 +230,21 @@ struct bignum_ctx | |||
| 230 | : "r"(a), "r"(b)); \ | 230 | : "r"(a), "r"(b)); \ |
| 231 | ret; }) | 231 | ret; }) |
| 232 | # endif /* compiler */ | 232 | # endif /* compiler */ |
| 233 | # elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG) | ||
| 234 | # if defined(__GNUC__) | ||
| 235 | # define BN_UMULT_HIGH(a,b) ({ \ | ||
| 236 | register BN_ULONG ret,discard; \ | ||
| 237 | asm ("mulq %3" \ | ||
| 238 | : "=a"(discard),"=d"(ret) \ | ||
| 239 | : "a"(a), "g"(b) \ | ||
| 240 | : "cc"); \ | ||
| 241 | ret; }) | ||
| 242 | # define BN_UMULT_LOHI(low,high,a,b) \ | ||
| 243 | asm ("mulq %3" \ | ||
| 244 | : "=a"(low),"=d"(high) \ | ||
| 245 | : "a"(a),"g"(b) \ | ||
| 246 | : "cc"); | ||
| 247 | # endif | ||
| 233 | # endif /* cpu */ | 248 | # endif /* cpu */ |
| 234 | #endif /* OPENSSL_NO_ASM */ | 249 | #endif /* OPENSSL_NO_ASM */ |
| 235 | 250 | ||
| @@ -337,7 +352,7 @@ struct bignum_ctx | |||
| 337 | 352 | ||
| 338 | #define LBITS(a) ((a)&BN_MASK2l) | 353 | #define LBITS(a) ((a)&BN_MASK2l) |
| 339 | #define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l) | 354 | #define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l) |
| 340 | #define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4) | 355 | #define L2HBITS(a) (((a)<<BN_BITS4)&BN_MASK2) |
| 341 | 356 | ||
| 342 | #define LLBITS(a) ((a)&BN_MASKl) | 357 | #define LLBITS(a) ((a)&BN_MASKl) |
| 343 | #define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl) | 358 | #define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl) |
| @@ -353,7 +368,7 @@ struct bignum_ctx | |||
| 353 | lt=(bl)*(lt); \ | 368 | lt=(bl)*(lt); \ |
| 354 | m1=(bl)*(ht); \ | 369 | m1=(bl)*(ht); \ |
| 355 | ht =(bh)*(ht); \ | 370 | ht =(bh)*(ht); \ |
| 356 | m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \ | 371 | m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \ |
| 357 | ht+=HBITS(m); \ | 372 | ht+=HBITS(m); \ |
| 358 | m1=L2HBITS(m); \ | 373 | m1=L2HBITS(m); \ |
| 359 | lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \ | 374 | lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \ |
| @@ -418,20 +433,19 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a); | |||
| 418 | int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); | 433 | int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); |
| 419 | int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, | 434 | int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, |
| 420 | int cl, int dl); | 435 | int cl, int dl); |
| 436 | #if 0 | ||
| 437 | /* bn_mul.c rollback <appro> */ | ||
| 421 | void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, | 438 | void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, |
| 422 | int dna,int dnb,BN_ULONG *t); | 439 | int dna,int dnb,BN_ULONG *t); |
| 423 | void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, | 440 | void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, |
| 424 | int n,int tna,int tnb,BN_ULONG *t); | 441 | int n,int tna,int tnb,BN_ULONG *t); |
| 442 | #endif | ||
| 425 | void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); | 443 | void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); |
| 426 | void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); | 444 | void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); |
| 427 | void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, | 445 | void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, |
| 428 | BN_ULONG *t); | 446 | BN_ULONG *t); |
| 429 | void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, | 447 | void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, |
| 430 | BN_ULONG *t); | 448 | BN_ULONG *t); |
| 431 | BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, | ||
| 432 | int cl, int dl); | ||
| 433 | BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, | ||
| 434 | int cl, int dl); | ||
| 435 | 449 | ||
| 436 | #ifdef __cplusplus | 450 | #ifdef __cplusplus |
| 437 | } | 451 | } |
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c index ce2ae78419..463463cfcb 100644 --- a/src/lib/libcrypto/bn/bn_lib.c +++ b/src/lib/libcrypto/bn/bn_lib.c | |||
| @@ -263,12 +263,12 @@ void BN_clear_free(BIGNUM *a) | |||
| 263 | if (a == NULL) return; | 263 | if (a == NULL) return; |
| 264 | if (a->d != NULL) | 264 | if (a->d != NULL) |
| 265 | { | 265 | { |
| 266 | memset(a->d,0,a->dmax*sizeof(a->d[0])); | 266 | OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); |
| 267 | if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) | 267 | if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) |
| 268 | OPENSSL_free(a->d); | 268 | OPENSSL_free(a->d); |
| 269 | } | 269 | } |
| 270 | i=BN_get_flags(a,BN_FLG_MALLOCED); | 270 | i=BN_get_flags(a,BN_FLG_MALLOCED); |
| 271 | memset(a,0,sizeof(BIGNUM)); | 271 | OPENSSL_cleanse(a,sizeof(BIGNUM)); |
| 272 | if (i) | 272 | if (i) |
| 273 | OPENSSL_free(a); | 273 | OPENSSL_free(a); |
| 274 | } | 274 | } |
diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c index b03458d002..cb93ac3356 100644 --- a/src/lib/libcrypto/bn/bn_mul.c +++ b/src/lib/libcrypto/bn/bn_mul.c | |||
| @@ -56,325 +56,10 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef BN_DEBUG | ||
| 60 | # undef NDEBUG /* avoid conflicting definitions */ | ||
| 61 | # define NDEBUG | ||
| 62 | #endif | ||
| 63 | |||
| 64 | #include <stdio.h> | 59 | #include <stdio.h> |
| 65 | #include <assert.h> | ||
| 66 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 67 | #include "bn_lcl.h" | 61 | #include "bn_lcl.h" |
| 68 | 62 | ||
| 69 | #if defined(OPENSSL_NO_ASM) || !(defined(__i386) || defined(__i386__)) || defined(__DJGPP__) /* Assembler implementation exists only for x86 */ | ||
| 70 | /* Here follows specialised variants of bn_add_words() and | ||
| 71 | bn_sub_words(). They have the property performing operations on | ||
| 72 | arrays of different sizes. The sizes of those arrays is expressed through | ||
| 73 | cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl, | ||
| 74 | which is the delta between the two lengths, calculated as len(a)-len(b). | ||
| 75 | All lengths are the number of BN_ULONGs... For the operations that require | ||
| 76 | a result array as parameter, it must have the length cl+abs(dl). | ||
| 77 | These functions should probably end up in bn_asm.c as soon as there are | ||
| 78 | assembler counterparts for the systems that use assembler files. */ | ||
| 79 | |||
| 80 | BN_ULONG bn_sub_part_words(BN_ULONG *r, | ||
| 81 | const BN_ULONG *a, const BN_ULONG *b, | ||
| 82 | int cl, int dl) | ||
| 83 | { | ||
| 84 | BN_ULONG c, t; | ||
| 85 | |||
| 86 | assert(cl >= 0); | ||
| 87 | c = bn_sub_words(r, a, b, cl); | ||
| 88 | |||
| 89 | if (dl == 0) | ||
| 90 | return c; | ||
| 91 | |||
| 92 | r += cl; | ||
| 93 | a += cl; | ||
| 94 | b += cl; | ||
| 95 | |||
| 96 | if (dl < 0) | ||
| 97 | { | ||
| 98 | #ifdef BN_COUNT | ||
| 99 | fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); | ||
| 100 | #endif | ||
| 101 | for (;;) | ||
| 102 | { | ||
| 103 | t = b[0]; | ||
| 104 | r[0] = (0-t-c)&BN_MASK2; | ||
| 105 | if (t != 0) c=1; | ||
| 106 | if (++dl >= 0) break; | ||
| 107 | |||
| 108 | t = b[1]; | ||
| 109 | r[1] = (0-t-c)&BN_MASK2; | ||
| 110 | if (t != 0) c=1; | ||
| 111 | if (++dl >= 0) break; | ||
| 112 | |||
| 113 | t = b[2]; | ||
| 114 | r[2] = (0-t-c)&BN_MASK2; | ||
| 115 | if (t != 0) c=1; | ||
| 116 | if (++dl >= 0) break; | ||
| 117 | |||
| 118 | t = b[3]; | ||
| 119 | r[3] = (0-t-c)&BN_MASK2; | ||
| 120 | if (t != 0) c=1; | ||
| 121 | if (++dl >= 0) break; | ||
| 122 | |||
| 123 | b += 4; | ||
| 124 | r += 4; | ||
| 125 | } | ||
| 126 | } | ||
| 127 | else | ||
| 128 | { | ||
| 129 | int save_dl = dl; | ||
| 130 | #ifdef BN_COUNT | ||
| 131 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c); | ||
| 132 | #endif | ||
| 133 | while(c) | ||
| 134 | { | ||
| 135 | t = a[0]; | ||
| 136 | r[0] = (t-c)&BN_MASK2; | ||
| 137 | if (t != 0) c=0; | ||
| 138 | if (--dl <= 0) break; | ||
| 139 | |||
| 140 | t = a[1]; | ||
| 141 | r[1] = (t-c)&BN_MASK2; | ||
| 142 | if (t != 0) c=0; | ||
| 143 | if (--dl <= 0) break; | ||
| 144 | |||
| 145 | t = a[2]; | ||
| 146 | r[2] = (t-c)&BN_MASK2; | ||
| 147 | if (t != 0) c=0; | ||
| 148 | if (--dl <= 0) break; | ||
| 149 | |||
| 150 | t = a[3]; | ||
| 151 | r[3] = (t-c)&BN_MASK2; | ||
| 152 | if (t != 0) c=0; | ||
| 153 | if (--dl <= 0) break; | ||
| 154 | |||
| 155 | save_dl = dl; | ||
| 156 | a += 4; | ||
| 157 | r += 4; | ||
| 158 | } | ||
| 159 | if (dl > 0) | ||
| 160 | { | ||
| 161 | #ifdef BN_COUNT | ||
| 162 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); | ||
| 163 | #endif | ||
| 164 | if (save_dl > dl) | ||
| 165 | { | ||
| 166 | switch (save_dl - dl) | ||
| 167 | { | ||
| 168 | case 1: | ||
| 169 | r[1] = a[1]; | ||
| 170 | if (--dl <= 0) break; | ||
| 171 | case 2: | ||
| 172 | r[2] = a[2]; | ||
| 173 | if (--dl <= 0) break; | ||
| 174 | case 3: | ||
| 175 | r[3] = a[3]; | ||
| 176 | if (--dl <= 0) break; | ||
| 177 | } | ||
| 178 | a += 4; | ||
| 179 | r += 4; | ||
| 180 | } | ||
| 181 | } | ||
| 182 | if (dl > 0) | ||
| 183 | { | ||
| 184 | #ifdef BN_COUNT | ||
| 185 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl); | ||
| 186 | #endif | ||
| 187 | for(;;) | ||
| 188 | { | ||
| 189 | r[0] = a[0]; | ||
| 190 | if (--dl <= 0) break; | ||
| 191 | r[1] = a[1]; | ||
| 192 | if (--dl <= 0) break; | ||
| 193 | r[2] = a[2]; | ||
| 194 | if (--dl <= 0) break; | ||
| 195 | r[3] = a[3]; | ||
| 196 | if (--dl <= 0) break; | ||
| 197 | |||
| 198 | a += 4; | ||
| 199 | r += 4; | ||
| 200 | } | ||
| 201 | } | ||
| 202 | } | ||
| 203 | return c; | ||
| 204 | } | ||
| 205 | #endif | ||
| 206 | |||
| 207 | BN_ULONG bn_add_part_words(BN_ULONG *r, | ||
| 208 | const BN_ULONG *a, const BN_ULONG *b, | ||
| 209 | int cl, int dl) | ||
| 210 | { | ||
| 211 | BN_ULONG c, l, t; | ||
| 212 | |||
| 213 | assert(cl >= 0); | ||
| 214 | c = bn_add_words(r, a, b, cl); | ||
| 215 | |||
| 216 | if (dl == 0) | ||
| 217 | return c; | ||
| 218 | |||
| 219 | r += cl; | ||
| 220 | a += cl; | ||
| 221 | b += cl; | ||
| 222 | |||
| 223 | if (dl < 0) | ||
| 224 | { | ||
| 225 | int save_dl = dl; | ||
| 226 | #ifdef BN_COUNT | ||
| 227 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); | ||
| 228 | #endif | ||
| 229 | while (c) | ||
| 230 | { | ||
| 231 | l=(c+b[0])&BN_MASK2; | ||
| 232 | c=(l < c); | ||
| 233 | r[0]=l; | ||
| 234 | if (++dl >= 0) break; | ||
| 235 | |||
| 236 | l=(c+b[1])&BN_MASK2; | ||
| 237 | c=(l < c); | ||
| 238 | r[1]=l; | ||
| 239 | if (++dl >= 0) break; | ||
| 240 | |||
| 241 | l=(c+b[2])&BN_MASK2; | ||
| 242 | c=(l < c); | ||
| 243 | r[2]=l; | ||
| 244 | if (++dl >= 0) break; | ||
| 245 | |||
| 246 | l=(c+b[3])&BN_MASK2; | ||
| 247 | c=(l < c); | ||
| 248 | r[3]=l; | ||
| 249 | if (++dl >= 0) break; | ||
| 250 | |||
| 251 | save_dl = dl; | ||
| 252 | b+=4; | ||
| 253 | r+=4; | ||
| 254 | } | ||
| 255 | if (dl < 0) | ||
| 256 | { | ||
| 257 | #ifdef BN_COUNT | ||
| 258 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl); | ||
| 259 | #endif | ||
| 260 | if (save_dl < dl) | ||
| 261 | { | ||
| 262 | switch (dl - save_dl) | ||
| 263 | { | ||
| 264 | case 1: | ||
| 265 | r[1] = b[1]; | ||
| 266 | if (++dl >= 0) break; | ||
| 267 | case 2: | ||
| 268 | r[2] = b[2]; | ||
| 269 | if (++dl >= 0) break; | ||
| 270 | case 3: | ||
| 271 | r[3] = b[3]; | ||
| 272 | if (++dl >= 0) break; | ||
| 273 | } | ||
| 274 | b += 4; | ||
| 275 | r += 4; | ||
| 276 | } | ||
| 277 | } | ||
| 278 | if (dl < 0) | ||
| 279 | { | ||
| 280 | #ifdef BN_COUNT | ||
| 281 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl); | ||
| 282 | #endif | ||
| 283 | for(;;) | ||
| 284 | { | ||
| 285 | r[0] = b[0]; | ||
| 286 | if (++dl >= 0) break; | ||
| 287 | r[1] = b[1]; | ||
| 288 | if (++dl >= 0) break; | ||
| 289 | r[2] = b[2]; | ||
| 290 | if (++dl >= 0) break; | ||
| 291 | r[3] = b[3]; | ||
| 292 | if (++dl >= 0) break; | ||
| 293 | |||
| 294 | b += 4; | ||
| 295 | r += 4; | ||
| 296 | } | ||
| 297 | } | ||
| 298 | } | ||
| 299 | else | ||
| 300 | { | ||
| 301 | int save_dl = dl; | ||
| 302 | #ifdef BN_COUNT | ||
| 303 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl); | ||
| 304 | #endif | ||
| 305 | while (c) | ||
| 306 | { | ||
| 307 | t=(a[0]+c)&BN_MASK2; | ||
| 308 | c=(t < c); | ||
| 309 | r[0]=t; | ||
| 310 | if (--dl <= 0) break; | ||
| 311 | |||
| 312 | t=(a[1]+c)&BN_MASK2; | ||
| 313 | c=(t < c); | ||
| 314 | r[1]=t; | ||
| 315 | if (--dl <= 0) break; | ||
| 316 | |||
| 317 | t=(a[2]+c)&BN_MASK2; | ||
| 318 | c=(t < c); | ||
| 319 | r[2]=t; | ||
| 320 | if (--dl <= 0) break; | ||
| 321 | |||
| 322 | t=(a[3]+c)&BN_MASK2; | ||
| 323 | c=(t < c); | ||
| 324 | r[3]=t; | ||
| 325 | if (--dl <= 0) break; | ||
| 326 | |||
| 327 | save_dl = dl; | ||
| 328 | a+=4; | ||
| 329 | r+=4; | ||
| 330 | } | ||
| 331 | #ifdef BN_COUNT | ||
| 332 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); | ||
| 333 | #endif | ||
| 334 | if (dl > 0) | ||
| 335 | { | ||
| 336 | if (save_dl > dl) | ||
| 337 | { | ||
| 338 | switch (save_dl - dl) | ||
| 339 | { | ||
| 340 | case 1: | ||
| 341 | r[1] = a[1]; | ||
| 342 | if (--dl <= 0) break; | ||
| 343 | case 2: | ||
| 344 | r[2] = a[2]; | ||
| 345 | if (--dl <= 0) break; | ||
| 346 | case 3: | ||
| 347 | r[3] = a[3]; | ||
| 348 | if (--dl <= 0) break; | ||
| 349 | } | ||
| 350 | a += 4; | ||
| 351 | r += 4; | ||
| 352 | } | ||
| 353 | } | ||
| 354 | if (dl > 0) | ||
| 355 | { | ||
| 356 | #ifdef BN_COUNT | ||
| 357 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl); | ||
| 358 | #endif | ||
| 359 | for(;;) | ||
| 360 | { | ||
| 361 | r[0] = a[0]; | ||
| 362 | if (--dl <= 0) break; | ||
| 363 | r[1] = a[1]; | ||
| 364 | if (--dl <= 0) break; | ||
| 365 | r[2] = a[2]; | ||
| 366 | if (--dl <= 0) break; | ||
| 367 | r[3] = a[3]; | ||
| 368 | if (--dl <= 0) break; | ||
| 369 | |||
| 370 | a += 4; | ||
| 371 | r += 4; | ||
| 372 | } | ||
| 373 | } | ||
| 374 | } | ||
| 375 | return c; | ||
| 376 | } | ||
| 377 | |||
| 378 | #ifdef BN_RECURSION | 63 | #ifdef BN_RECURSION |
| 379 | /* Karatsuba recursive multiplication algorithm | 64 | /* Karatsuba recursive multiplication algorithm |
| 380 | * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ | 65 | * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ |
| @@ -390,15 +75,14 @@ BN_ULONG bn_add_part_words(BN_ULONG *r, | |||
| 390 | * a[1]*b[1] | 75 | * a[1]*b[1] |
| 391 | */ | 76 | */ |
| 392 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | 77 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, |
| 393 | int dna, int dnb, BN_ULONG *t) | 78 | BN_ULONG *t) |
| 394 | { | 79 | { |
| 395 | int n=n2/2,c1,c2; | 80 | int n=n2/2,c1,c2; |
| 396 | int tna=n+dna, tnb=n+dnb; | ||
| 397 | unsigned int neg,zero; | 81 | unsigned int neg,zero; |
| 398 | BN_ULONG ln,lo,*p; | 82 | BN_ULONG ln,lo,*p; |
| 399 | 83 | ||
| 400 | # ifdef BN_COUNT | 84 | # ifdef BN_COUNT |
| 401 | fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2); | 85 | printf(" bn_mul_recursive %d * %d\n",n2,n2); |
| 402 | # endif | 86 | # endif |
| 403 | # ifdef BN_MUL_COMBA | 87 | # ifdef BN_MUL_COMBA |
| 404 | # if 0 | 88 | # if 0 |
| @@ -408,40 +92,34 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 408 | return; | 92 | return; |
| 409 | } | 93 | } |
| 410 | # endif | 94 | # endif |
| 411 | /* Only call bn_mul_comba 8 if n2 == 8 and the | 95 | if (n2 == 8) |
| 412 | * two arrays are complete [steve] | ||
| 413 | */ | ||
| 414 | if (n2 == 8 && dna == 0 && dnb == 0) | ||
| 415 | { | 96 | { |
| 416 | bn_mul_comba8(r,a,b); | 97 | bn_mul_comba8(r,a,b); |
| 417 | return; | 98 | return; |
| 418 | } | 99 | } |
| 419 | # endif /* BN_MUL_COMBA */ | 100 | # endif /* BN_MUL_COMBA */ |
| 420 | /* Else do normal multiply */ | ||
| 421 | if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) | 101 | if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) |
| 422 | { | 102 | { |
| 423 | bn_mul_normal(r,a,n2+dna,b,n2+dnb); | 103 | /* This should not happen */ |
| 424 | if ((dna + dnb) < 0) | 104 | bn_mul_normal(r,a,n2,b,n2); |
| 425 | memset(&r[2*n2 + dna + dnb], 0, | ||
| 426 | sizeof(BN_ULONG) * -(dna + dnb)); | ||
| 427 | return; | 105 | return; |
| 428 | } | 106 | } |
| 429 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ | 107 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ |
| 430 | c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); | 108 | c1=bn_cmp_words(a,&(a[n]),n); |
| 431 | c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); | 109 | c2=bn_cmp_words(&(b[n]),b,n); |
| 432 | zero=neg=0; | 110 | zero=neg=0; |
| 433 | switch (c1*3+c2) | 111 | switch (c1*3+c2) |
| 434 | { | 112 | { |
| 435 | case -4: | 113 | case -4: |
| 436 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 114 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 437 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 115 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 438 | break; | 116 | break; |
| 439 | case -3: | 117 | case -3: |
| 440 | zero=1; | 118 | zero=1; |
| 441 | break; | 119 | break; |
| 442 | case -2: | 120 | case -2: |
| 443 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 121 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 444 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ | 122 | bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ |
| 445 | neg=1; | 123 | neg=1; |
| 446 | break; | 124 | break; |
| 447 | case -1: | 125 | case -1: |
| @@ -450,22 +128,21 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 450 | zero=1; | 128 | zero=1; |
| 451 | break; | 129 | break; |
| 452 | case 2: | 130 | case 2: |
| 453 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ | 131 | bn_sub_words(t, a, &(a[n]),n); /* + */ |
| 454 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 132 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 455 | neg=1; | 133 | neg=1; |
| 456 | break; | 134 | break; |
| 457 | case 3: | 135 | case 3: |
| 458 | zero=1; | 136 | zero=1; |
| 459 | break; | 137 | break; |
| 460 | case 4: | 138 | case 4: |
| 461 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); | 139 | bn_sub_words(t, a, &(a[n]),n); |
| 462 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); | 140 | bn_sub_words(&(t[n]),&(b[n]),b, n); |
| 463 | break; | 141 | break; |
| 464 | } | 142 | } |
| 465 | 143 | ||
| 466 | # ifdef BN_MUL_COMBA | 144 | # ifdef BN_MUL_COMBA |
| 467 | if (n == 4 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba4 could take | 145 | if (n == 4) |
| 468 | extra args to do this well */ | ||
| 469 | { | 146 | { |
| 470 | if (!zero) | 147 | if (!zero) |
| 471 | bn_mul_comba4(&(t[n2]),t,&(t[n])); | 148 | bn_mul_comba4(&(t[n2]),t,&(t[n])); |
| @@ -475,9 +152,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 475 | bn_mul_comba4(r,a,b); | 152 | bn_mul_comba4(r,a,b); |
| 476 | bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); | 153 | bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); |
| 477 | } | 154 | } |
| 478 | else if (n == 8 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba8 could | 155 | else if (n == 8) |
| 479 | take extra args to do this | ||
| 480 | well */ | ||
| 481 | { | 156 | { |
| 482 | if (!zero) | 157 | if (!zero) |
| 483 | bn_mul_comba8(&(t[n2]),t,&(t[n])); | 158 | bn_mul_comba8(&(t[n2]),t,&(t[n])); |
| @@ -492,11 +167,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 492 | { | 167 | { |
| 493 | p= &(t[n2*2]); | 168 | p= &(t[n2*2]); |
| 494 | if (!zero) | 169 | if (!zero) |
| 495 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); | 170 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); |
| 496 | else | 171 | else |
| 497 | memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); | 172 | memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); |
| 498 | bn_mul_recursive(r,a,b,n,0,0,p); | 173 | bn_mul_recursive(r,a,b,n,p); |
| 499 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p); | 174 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); |
| 500 | } | 175 | } |
| 501 | 176 | ||
| 502 | /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign | 177 | /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign |
| @@ -545,39 +220,39 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 545 | 220 | ||
| 546 | /* n+tn is the word length | 221 | /* n+tn is the word length |
| 547 | * t needs to be n*4 is size, as does r */ | 222 | * t needs to be n*4 is size, as does r */ |
| 548 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, | 223 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, |
| 549 | int tna, int tnb, BN_ULONG *t) | 224 | int n, BN_ULONG *t) |
| 550 | { | 225 | { |
| 551 | int i,j,n2=n*2; | 226 | int i,j,n2=n*2; |
| 552 | unsigned int c1,c2,neg,zero; | 227 | unsigned int c1,c2,neg,zero; |
| 553 | BN_ULONG ln,lo,*p; | 228 | BN_ULONG ln,lo,*p; |
| 554 | 229 | ||
| 555 | # ifdef BN_COUNT | 230 | # ifdef BN_COUNT |
| 556 | fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n", | 231 | printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); |
| 557 | tna, n, tnb, n); | ||
| 558 | # endif | 232 | # endif |
| 559 | if (n < 8) | 233 | if (n < 8) |
| 560 | { | 234 | { |
| 561 | bn_mul_normal(r,a,n+tna,b,n+tnb); | 235 | i=tn+n; |
| 236 | bn_mul_normal(r,a,i,b,i); | ||
| 562 | return; | 237 | return; |
| 563 | } | 238 | } |
| 564 | 239 | ||
| 565 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ | 240 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ |
| 566 | c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); | 241 | c1=bn_cmp_words(a,&(a[n]),n); |
| 567 | c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); | 242 | c2=bn_cmp_words(&(b[n]),b,n); |
| 568 | zero=neg=0; | 243 | zero=neg=0; |
| 569 | switch (c1*3+c2) | 244 | switch (c1*3+c2) |
| 570 | { | 245 | { |
| 571 | case -4: | 246 | case -4: |
| 572 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 247 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 573 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 248 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 574 | break; | 249 | break; |
| 575 | case -3: | 250 | case -3: |
| 576 | zero=1; | 251 | zero=1; |
| 577 | /* break; */ | 252 | /* break; */ |
| 578 | case -2: | 253 | case -2: |
| 579 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 254 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 580 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ | 255 | bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ |
| 581 | neg=1; | 256 | neg=1; |
| 582 | break; | 257 | break; |
| 583 | case -1: | 258 | case -1: |
| @@ -586,16 +261,16 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, | |||
| 586 | zero=1; | 261 | zero=1; |
| 587 | /* break; */ | 262 | /* break; */ |
| 588 | case 2: | 263 | case 2: |
| 589 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ | 264 | bn_sub_words(t, a, &(a[n]),n); /* + */ |
| 590 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 265 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 591 | neg=1; | 266 | neg=1; |
| 592 | break; | 267 | break; |
| 593 | case 3: | 268 | case 3: |
| 594 | zero=1; | 269 | zero=1; |
| 595 | /* break; */ | 270 | /* break; */ |
| 596 | case 4: | 271 | case 4: |
| 597 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); | 272 | bn_sub_words(t, a, &(a[n]),n); |
| 598 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); | 273 | bn_sub_words(&(t[n]),&(b[n]),b, n); |
| 599 | break; | 274 | break; |
| 600 | } | 275 | } |
| 601 | /* The zero case isn't yet implemented here. The speedup | 276 | /* The zero case isn't yet implemented here. The speedup |
| @@ -614,59 +289,54 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, | |||
| 614 | { | 289 | { |
| 615 | bn_mul_comba8(&(t[n2]),t,&(t[n])); | 290 | bn_mul_comba8(&(t[n2]),t,&(t[n])); |
| 616 | bn_mul_comba8(r,a,b); | 291 | bn_mul_comba8(r,a,b); |
| 617 | bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); | 292 | bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); |
| 618 | memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb)); | 293 | memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); |
| 619 | } | 294 | } |
| 620 | else | 295 | else |
| 621 | { | 296 | { |
| 622 | p= &(t[n2*2]); | 297 | p= &(t[n2*2]); |
| 623 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); | 298 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); |
| 624 | bn_mul_recursive(r,a,b,n,0,0,p); | 299 | bn_mul_recursive(r,a,b,n,p); |
| 625 | i=n/2; | 300 | i=n/2; |
| 626 | /* If there is only a bottom half to the number, | 301 | /* If there is only a bottom half to the number, |
| 627 | * just do it */ | 302 | * just do it */ |
| 628 | if (tna > tnb) | 303 | j=tn-i; |
| 629 | j = tna - i; | ||
| 630 | else | ||
| 631 | j = tnb - i; | ||
| 632 | if (j == 0) | 304 | if (j == 0) |
| 633 | { | 305 | { |
| 634 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]), | 306 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); |
| 635 | i,tna-i,tnb-i,p); | ||
| 636 | memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); | 307 | memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); |
| 637 | } | 308 | } |
| 638 | else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ | 309 | else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ |
| 639 | { | 310 | { |
| 640 | bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), | 311 | bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), |
| 641 | i,tna-i,tnb-i,p); | 312 | j,i,p); |
| 642 | memset(&(r[n2+tna+tnb]),0, | 313 | memset(&(r[n2+tn*2]),0, |
| 643 | sizeof(BN_ULONG)*(n2-tna-tnb)); | 314 | sizeof(BN_ULONG)*(n2-tn*2)); |
| 644 | } | 315 | } |
| 645 | else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ | 316 | else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ |
| 646 | { | 317 | { |
| 647 | memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); | 318 | memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); |
| 648 | if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL | 319 | if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) |
| 649 | && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) | ||
| 650 | { | 320 | { |
| 651 | bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); | 321 | bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); |
| 652 | } | 322 | } |
| 653 | else | 323 | else |
| 654 | { | 324 | { |
| 655 | for (;;) | 325 | for (;;) |
| 656 | { | 326 | { |
| 657 | i/=2; | 327 | i/=2; |
| 658 | if (i < tna && i < tnb) | 328 | if (i < tn) |
| 659 | { | 329 | { |
| 660 | bn_mul_part_recursive(&(r[n2]), | 330 | bn_mul_part_recursive(&(r[n2]), |
| 661 | &(a[n]),&(b[n]), | 331 | &(a[n]),&(b[n]), |
| 662 | i,tna-i,tnb-i,p); | 332 | tn-i,i,p); |
| 663 | break; | 333 | break; |
| 664 | } | 334 | } |
| 665 | else if (i <= tna && i <= tnb) | 335 | else if (i == tn) |
| 666 | { | 336 | { |
| 667 | bn_mul_recursive(&(r[n2]), | 337 | bn_mul_recursive(&(r[n2]), |
| 668 | &(a[n]),&(b[n]), | 338 | &(a[n]),&(b[n]), |
| 669 | i,tna-i,tnb-i,p); | 339 | i,p); |
| 670 | break; | 340 | break; |
| 671 | } | 341 | } |
| 672 | } | 342 | } |
| @@ -727,10 +397,10 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 727 | int n=n2/2; | 397 | int n=n2/2; |
| 728 | 398 | ||
| 729 | # ifdef BN_COUNT | 399 | # ifdef BN_COUNT |
| 730 | fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2); | 400 | printf(" bn_mul_low_recursive %d * %d\n",n2,n2); |
| 731 | # endif | 401 | # endif |
| 732 | 402 | ||
| 733 | bn_mul_recursive(r,a,b,n,0,0,&(t[0])); | 403 | bn_mul_recursive(r,a,b,n,&(t[0])); |
| 734 | if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) | 404 | if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) |
| 735 | { | 405 | { |
| 736 | bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); | 406 | bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); |
| @@ -761,7 +431,7 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 761 | BN_ULONG ll,lc,*lp,*mp; | 431 | BN_ULONG ll,lc,*lp,*mp; |
| 762 | 432 | ||
| 763 | # ifdef BN_COUNT | 433 | # ifdef BN_COUNT |
| 764 | fprintf(stderr," bn_mul_high %d * %d\n",n2,n2); | 434 | printf(" bn_mul_high %d * %d\n",n2,n2); |
| 765 | # endif | 435 | # endif |
| 766 | n=n2/2; | 436 | n=n2/2; |
| 767 | 437 | ||
| @@ -814,8 +484,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 814 | else | 484 | else |
| 815 | # endif | 485 | # endif |
| 816 | { | 486 | { |
| 817 | bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2])); | 487 | bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); |
| 818 | bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2])); | 488 | bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); |
| 819 | } | 489 | } |
| 820 | 490 | ||
| 821 | /* s0 == low(al*bl) | 491 | /* s0 == low(al*bl) |
| @@ -940,19 +610,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 940 | 610 | ||
| 941 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | 611 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 942 | { | 612 | { |
| 943 | int ret=0; | ||
| 944 | int top,al,bl; | 613 | int top,al,bl; |
| 945 | BIGNUM *rr; | 614 | BIGNUM *rr; |
| 615 | int ret = 0; | ||
| 946 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) | 616 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) |
| 947 | int i; | 617 | int i; |
| 948 | #endif | 618 | #endif |
| 949 | #ifdef BN_RECURSION | 619 | #ifdef BN_RECURSION |
| 950 | BIGNUM *t=NULL; | 620 | BIGNUM *t; |
| 951 | int j=0,k; | 621 | int j,k; |
| 952 | #endif | 622 | #endif |
| 953 | 623 | ||
| 954 | #ifdef BN_COUNT | 624 | #ifdef BN_COUNT |
| 955 | fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top); | 625 | printf("BN_mul %d * %d\n",a->top,b->top); |
| 956 | #endif | 626 | #endif |
| 957 | 627 | ||
| 958 | bn_check_top(a); | 628 | bn_check_top(a); |
| @@ -1005,55 +675,21 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 1005 | #ifdef BN_RECURSION | 675 | #ifdef BN_RECURSION |
| 1006 | if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) | 676 | if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) |
| 1007 | { | 677 | { |
| 1008 | if (i >= -1 && i <= 1) | 678 | if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA) && bl<b->dmax) |
| 1009 | { | 679 | { |
| 1010 | int sav_j =0; | 680 | #if 0 /* tribute to const-ification, bl<b->dmax above covers for this */ |
| 1011 | /* Find out the power of two lower or equal | 681 | if (bn_wexpand(b,al) == NULL) goto err; |
| 1012 | to the longest of the two numbers */ | 682 | #endif |
| 1013 | if (i >= 0) | 683 | b->d[bl]=0; |
| 1014 | { | ||
| 1015 | j = BN_num_bits_word((BN_ULONG)al); | ||
| 1016 | } | ||
| 1017 | if (i == -1) | ||
| 1018 | { | ||
| 1019 | j = BN_num_bits_word((BN_ULONG)bl); | ||
| 1020 | } | ||
| 1021 | sav_j = j; | ||
| 1022 | j = 1<<(j-1); | ||
| 1023 | assert(j <= al || j <= bl); | ||
| 1024 | k = j+j; | ||
| 1025 | t = BN_CTX_get(ctx); | ||
| 1026 | if (al > j || bl > j) | ||
| 1027 | { | ||
| 1028 | bn_wexpand(t,k*4); | ||
| 1029 | bn_wexpand(rr,k*4); | ||
| 1030 | bn_mul_part_recursive(rr->d,a->d,b->d, | ||
| 1031 | j,al-j,bl-j,t->d); | ||
| 1032 | } | ||
| 1033 | else /* al <= j || bl <= j */ | ||
| 1034 | { | ||
| 1035 | bn_wexpand(t,k*2); | ||
| 1036 | bn_wexpand(rr,k*2); | ||
| 1037 | bn_mul_recursive(rr->d,a->d,b->d, | ||
| 1038 | j,al-j,bl-j,t->d); | ||
| 1039 | } | ||
| 1040 | rr->top=top; | ||
| 1041 | goto end; | ||
| 1042 | } | ||
| 1043 | #if 0 | ||
| 1044 | if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) | ||
| 1045 | { | ||
| 1046 | BIGNUM *tmp_bn = (BIGNUM *)b; | ||
| 1047 | if (bn_wexpand(tmp_bn,al) == NULL) goto err; | ||
| 1048 | tmp_bn->d[bl]=0; | ||
| 1049 | bl++; | 684 | bl++; |
| 1050 | i--; | 685 | i--; |
| 1051 | } | 686 | } |
| 1052 | else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) | 687 | else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA) && al<a->dmax) |
| 1053 | { | 688 | { |
| 1054 | BIGNUM *tmp_bn = (BIGNUM *)a; | 689 | #if 0 /* tribute to const-ification, al<a->dmax above covers for this */ |
| 1055 | if (bn_wexpand(tmp_bn,bl) == NULL) goto err; | 690 | if (bn_wexpand(a,bl) == NULL) goto err; |
| 1056 | tmp_bn->d[al]=0; | 691 | #endif |
| 692 | a->d[al]=0; | ||
| 1057 | al++; | 693 | al++; |
| 1058 | i++; | 694 | i++; |
| 1059 | } | 695 | } |
| @@ -1070,17 +706,26 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 1070 | if (bn_wexpand(t,k*2) == NULL) goto err; | 706 | if (bn_wexpand(t,k*2) == NULL) goto err; |
| 1071 | if (bn_wexpand(rr,k*2) == NULL) goto err; | 707 | if (bn_wexpand(rr,k*2) == NULL) goto err; |
| 1072 | bn_mul_recursive(rr->d,a->d,b->d,al,t->d); | 708 | bn_mul_recursive(rr->d,a->d,b->d,al,t->d); |
| 709 | rr->top=top; | ||
| 710 | goto end; | ||
| 1073 | } | 711 | } |
| 712 | #if 0 /* tribute to const-ification, rsa/dsa performance is not affected */ | ||
| 1074 | else | 713 | else |
| 1075 | { | 714 | { |
| 1076 | if (bn_wexpand(t,k*4) == NULL) goto err; | 715 | if (bn_wexpand(a,k) == NULL ) goto err; |
| 1077 | if (bn_wexpand(rr,k*4) == NULL) goto err; | 716 | if (bn_wexpand(b,k) == NULL ) goto err; |
| 717 | if (bn_wexpand(t,k*4) == NULL ) goto err; | ||
| 718 | if (bn_wexpand(rr,k*4) == NULL ) goto err; | ||
| 719 | for (i=a->top; i<k; i++) | ||
| 720 | a->d[i]=0; | ||
| 721 | for (i=b->top; i<k; i++) | ||
| 722 | b->d[i]=0; | ||
| 1078 | bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); | 723 | bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); |
| 1079 | } | 724 | } |
| 1080 | rr->top=top; | 725 | rr->top=top; |
| 1081 | goto end; | 726 | goto end; |
| 1082 | } | ||
| 1083 | #endif | 727 | #endif |
| 728 | } | ||
| 1084 | } | 729 | } |
| 1085 | #endif /* BN_RECURSION */ | 730 | #endif /* BN_RECURSION */ |
| 1086 | if (bn_wexpand(rr,top) == NULL) goto err; | 731 | if (bn_wexpand(rr,top) == NULL) goto err; |
| @@ -1103,7 +748,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 1103 | BN_ULONG *rr; | 748 | BN_ULONG *rr; |
| 1104 | 749 | ||
| 1105 | #ifdef BN_COUNT | 750 | #ifdef BN_COUNT |
| 1106 | fprintf(stderr," bn_mul_normal %d * %d\n",na,nb); | 751 | printf(" bn_mul_normal %d * %d\n",na,nb); |
| 1107 | #endif | 752 | #endif |
| 1108 | 753 | ||
| 1109 | if (na < nb) | 754 | if (na < nb) |
| @@ -1116,13 +761,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 1116 | 761 | ||
| 1117 | } | 762 | } |
| 1118 | rr= &(r[na]); | 763 | rr= &(r[na]); |
| 1119 | if (nb <= 0) | 764 | rr[0]=bn_mul_words(r,a,na,b[0]); |
| 1120 | { | ||
| 1121 | (void)bn_mul_words(r,a,na,0); | ||
| 1122 | return; | ||
| 1123 | } | ||
| 1124 | else | ||
| 1125 | rr[0]=bn_mul_words(r,a,na,b[0]); | ||
| 1126 | 765 | ||
| 1127 | for (;;) | 766 | for (;;) |
| 1128 | { | 767 | { |
| @@ -1143,7 +782,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 1143 | void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) | 782 | void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) |
| 1144 | { | 783 | { |
| 1145 | #ifdef BN_COUNT | 784 | #ifdef BN_COUNT |
| 1146 | fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n); | 785 | printf(" bn_mul_low_normal %d * %d\n",n,n); |
| 1147 | #endif | 786 | #endif |
| 1148 | bn_mul_words(r,a,n,b[0]); | 787 | bn_mul_words(r,a,n,b[0]); |
| 1149 | 788 | ||
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index 918b9237c6..e072d9255c 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c | |||
| @@ -140,6 +140,7 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, | |||
| 140 | BN_CTX *ctx; | 140 | BN_CTX *ctx; |
| 141 | int checks = BN_prime_checks_for_size(bits); | 141 | int checks = BN_prime_checks_for_size(bits); |
| 142 | 142 | ||
| 143 | BN_init(&t); | ||
| 143 | ctx=BN_CTX_new(); | 144 | ctx=BN_CTX_new(); |
| 144 | if (ctx == NULL) goto err; | 145 | if (ctx == NULL) goto err; |
| 145 | if (ret == NULL) | 146 | if (ret == NULL) |
| @@ -148,7 +149,6 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, | |||
| 148 | } | 149 | } |
| 149 | else | 150 | else |
| 150 | rnd=ret; | 151 | rnd=ret; |
| 151 | BN_init(&t); | ||
| 152 | loop: | 152 | loop: |
| 153 | /* make a random number and set the top and bottom bits */ | 153 | /* make a random number and set the top and bottom bits */ |
| 154 | if (add == NULL) | 154 | if (add == NULL) |
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c index 9e08ccd22e..893c9d2af9 100644 --- a/src/lib/libcrypto/bn/bn_rand.c +++ b/src/lib/libcrypto/bn/bn_rand.c | |||
| @@ -201,7 +201,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) | |||
| 201 | err: | 201 | err: |
| 202 | if (buf != NULL) | 202 | if (buf != NULL) |
| 203 | { | 203 | { |
| 204 | memset(buf,0,bytes); | 204 | OPENSSL_cleanse(buf,bytes); |
| 205 | OPENSSL_free(buf); | 205 | OPENSSL_free(buf); |
| 206 | } | 206 | } |
| 207 | return(ret); | 207 | return(ret); |
diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c index cd59baa2c4..988e0ca7b3 100644 --- a/src/lib/libcrypto/bn/bn_word.c +++ b/src/lib/libcrypto/bn/bn_word.c | |||
| @@ -123,7 +123,10 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) | |||
| 123 | i=0; | 123 | i=0; |
| 124 | for (;;) | 124 | for (;;) |
| 125 | { | 125 | { |
| 126 | l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; | 126 | if (i >= a->top) |
| 127 | l=w; | ||
| 128 | else | ||
| 129 | l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; | ||
| 127 | a->d[i]=l; | 130 | a->d[i]=l; |
| 128 | if (w > l) | 131 | if (w > l) |
| 129 | w=1; | 132 | w=1; |
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c index 8158a67374..3c8c540387 100644 --- a/src/lib/libcrypto/bn/bntest.c +++ b/src/lib/libcrypto/bn/bntest.c | |||
| @@ -68,10 +68,6 @@ | |||
| 68 | #include <openssl/x509.h> | 68 | #include <openssl/x509.h> |
| 69 | #include <openssl/err.h> | 69 | #include <openssl/err.h> |
| 70 | 70 | ||
| 71 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 72 | #include "../bio/bss_file.c" | ||
| 73 | #endif | ||
| 74 | |||
| 75 | const int num0 = 100; /* number of tests */ | 71 | const int num0 = 100; /* number of tests */ |
| 76 | const int num1 = 50; /* additional tests for some functions */ | 72 | const int num1 = 50; /* additional tests for some functions */ |
| 77 | const int num2 = 5; /* number of tests for slow functions */ | 73 | const int num2 = 5; /* number of tests for slow functions */ |
| @@ -96,11 +92,6 @@ int test_sqrt(BIO *bp,BN_CTX *ctx); | |||
| 96 | int rand_neg(void); | 92 | int rand_neg(void); |
| 97 | static int results=0; | 93 | static int results=0; |
| 98 | 94 | ||
| 99 | #ifdef OPENSSL_NO_STDIO | ||
| 100 | #define APPS_WIN16 | ||
| 101 | #include "bss_file.c" | ||
| 102 | #endif | ||
| 103 | |||
| 104 | static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" | 95 | static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" |
| 105 | "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; | 96 | "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; |
| 106 | 97 | ||
| @@ -141,10 +132,10 @@ int main(int argc, char *argv[]) | |||
| 141 | 132 | ||
| 142 | 133 | ||
| 143 | ctx=BN_CTX_new(); | 134 | ctx=BN_CTX_new(); |
| 144 | if (ctx == NULL) exit(1); | 135 | if (ctx == NULL) EXIT(1); |
| 145 | 136 | ||
| 146 | out=BIO_new(BIO_s_file()); | 137 | out=BIO_new(BIO_s_file()); |
| 147 | if (out == NULL) exit(1); | 138 | if (out == NULL) EXIT(1); |
| 148 | if (outfile == NULL) | 139 | if (outfile == NULL) |
| 149 | { | 140 | { |
| 150 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 141 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| @@ -154,7 +145,7 @@ int main(int argc, char *argv[]) | |||
| 154 | if (!BIO_write_filename(out,outfile)) | 145 | if (!BIO_write_filename(out,outfile)) |
| 155 | { | 146 | { |
| 156 | perror(outfile); | 147 | perror(outfile); |
| 157 | exit(1); | 148 | EXIT(1); |
| 158 | } | 149 | } |
| 159 | } | 150 | } |
| 160 | 151 | ||
| @@ -238,14 +229,14 @@ int main(int argc, char *argv[]) | |||
| 238 | BIO_free(out); | 229 | BIO_free(out); |
| 239 | 230 | ||
| 240 | /**/ | 231 | /**/ |
| 241 | exit(0); | 232 | EXIT(0); |
| 242 | err: | 233 | err: |
| 243 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices | 234 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices |
| 244 | * the failure, see test_bn in test/Makefile.ssl*/ | 235 | * the failure, see test_bn in test/Makefile.ssl*/ |
| 245 | BIO_flush(out); | 236 | BIO_flush(out); |
| 246 | ERR_load_crypto_strings(); | 237 | ERR_load_crypto_strings(); |
| 247 | ERR_print_errors_fp(stderr); | 238 | ERR_print_errors_fp(stderr); |
| 248 | exit(1); | 239 | EXIT(1); |
| 249 | return(1); | 240 | return(1); |
| 250 | } | 241 | } |
| 251 | 242 | ||
| @@ -488,7 +479,7 @@ int test_mul(BIO *bp) | |||
| 488 | BN_CTX *ctx; | 479 | BN_CTX *ctx; |
| 489 | 480 | ||
| 490 | ctx = BN_CTX_new(); | 481 | ctx = BN_CTX_new(); |
| 491 | if (ctx == NULL) exit(1); | 482 | if (ctx == NULL) EXIT(1); |
| 492 | 483 | ||
| 493 | BN_init(&a); | 484 | BN_init(&a); |
| 494 | BN_init(&b); | 485 | BN_init(&b); |
| @@ -726,7 +717,7 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) | |||
| 726 | while ((l=ERR_get_error())) | 717 | while ((l=ERR_get_error())) |
| 727 | fprintf(stderr,"ERROR:%s\n", | 718 | fprintf(stderr,"ERROR:%s\n", |
| 728 | ERR_error_string(l,NULL)); | 719 | ERR_error_string(l,NULL)); |
| 729 | exit(1); | 720 | EXIT(1); |
| 730 | } | 721 | } |
| 731 | if (bp != NULL) | 722 | if (bp != NULL) |
| 732 | { | 723 | { |
diff --git a/src/lib/libcrypto/bn/divtest.c b/src/lib/libcrypto/bn/divtest.c index 13ba86e3c4..d3fc688f33 100644 --- a/src/lib/libcrypto/bn/divtest.c +++ b/src/lib/libcrypto/bn/divtest.c | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | #include <openssl/bn.h> | 1 | #include <openssl/bn.h> |
| 2 | #include <openssl/rand.h> | 2 | #include <openssl/rand.h> |
| 3 | 3 | ||
| 4 | static int rand(n) | 4 | static int Rand(n) |
| 5 | { | 5 | { |
| 6 | unsigned char x[2]; | 6 | unsigned char x[2]; |
| 7 | RAND_pseudo_bytes(x,2); | 7 | RAND_pseudo_bytes(x,2); |
| @@ -26,8 +26,8 @@ main() | |||
| 26 | BN_CTX *ctx=BN_CTX_new(); | 26 | BN_CTX *ctx=BN_CTX_new(); |
| 27 | 27 | ||
| 28 | for(;;) { | 28 | for(;;) { |
| 29 | BN_pseudo_rand(a,rand(),0,0); | 29 | BN_pseudo_rand(a,Rand(),0,0); |
| 30 | BN_pseudo_rand(b,rand(),0,0); | 30 | BN_pseudo_rand(b,Rand(),0,0); |
| 31 | if (BN_is_zero(b)) continue; | 31 | if (BN_is_zero(b)) continue; |
| 32 | 32 | ||
| 33 | BN_RECP_CTX_set(recp,b,ctx); | 33 | BN_RECP_CTX_set(recp,b,ctx); |
diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c index 5ca570d1a8..b09cf88705 100644 --- a/src/lib/libcrypto/bn/exptest.c +++ b/src/lib/libcrypto/bn/exptest.c | |||
| @@ -59,13 +59,13 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | |||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 62 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 63 | #include <openssl/bn.h> | 66 | #include <openssl/bn.h> |
| 64 | #include <openssl/rand.h> | 67 | #include <openssl/rand.h> |
| 65 | #include <openssl/err.h> | 68 | #include <openssl/err.h> |
| 66 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 67 | #include "../bio/bss_file.c" | ||
| 68 | #endif | ||
| 69 | 69 | ||
| 70 | #define NUM_BITS (BN_BITS*2) | 70 | #define NUM_BITS (BN_BITS*2) |
| 71 | 71 | ||
| @@ -86,7 +86,7 @@ int main(int argc, char *argv[]) | |||
| 86 | ERR_load_BN_strings(); | 86 | ERR_load_BN_strings(); |
| 87 | 87 | ||
| 88 | ctx=BN_CTX_new(); | 88 | ctx=BN_CTX_new(); |
| 89 | if (ctx == NULL) exit(1); | 89 | if (ctx == NULL) EXIT(1); |
| 90 | r_mont=BN_new(); | 90 | r_mont=BN_new(); |
| 91 | r_recp=BN_new(); | 91 | r_recp=BN_new(); |
| 92 | r_simple=BN_new(); | 92 | r_simple=BN_new(); |
| @@ -99,7 +99,7 @@ int main(int argc, char *argv[]) | |||
| 99 | 99 | ||
| 100 | out=BIO_new(BIO_s_file()); | 100 | out=BIO_new(BIO_s_file()); |
| 101 | 101 | ||
| 102 | if (out == NULL) exit(1); | 102 | if (out == NULL) EXIT(1); |
| 103 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 103 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| 104 | 104 | ||
| 105 | for (i=0; i<200; i++) | 105 | for (i=0; i<200; i++) |
| @@ -124,7 +124,7 @@ int main(int argc, char *argv[]) | |||
| 124 | { | 124 | { |
| 125 | printf("BN_mod_exp_mont() problems\n"); | 125 | printf("BN_mod_exp_mont() problems\n"); |
| 126 | ERR_print_errors(out); | 126 | ERR_print_errors(out); |
| 127 | exit(1); | 127 | EXIT(1); |
| 128 | } | 128 | } |
| 129 | 129 | ||
| 130 | ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); | 130 | ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); |
| @@ -132,7 +132,7 @@ int main(int argc, char *argv[]) | |||
| 132 | { | 132 | { |
| 133 | printf("BN_mod_exp_recp() problems\n"); | 133 | printf("BN_mod_exp_recp() problems\n"); |
| 134 | ERR_print_errors(out); | 134 | ERR_print_errors(out); |
| 135 | exit(1); | 135 | EXIT(1); |
| 136 | } | 136 | } |
| 137 | 137 | ||
| 138 | ret=BN_mod_exp_simple(r_simple,a,b,m,ctx); | 138 | ret=BN_mod_exp_simple(r_simple,a,b,m,ctx); |
| @@ -140,7 +140,7 @@ int main(int argc, char *argv[]) | |||
| 140 | { | 140 | { |
| 141 | printf("BN_mod_exp_simple() problems\n"); | 141 | printf("BN_mod_exp_simple() problems\n"); |
| 142 | ERR_print_errors(out); | 142 | ERR_print_errors(out); |
| 143 | exit(1); | 143 | EXIT(1); |
| 144 | } | 144 | } |
| 145 | 145 | ||
| 146 | if (BN_cmp(r_simple, r_mont) == 0 | 146 | if (BN_cmp(r_simple, r_mont) == 0 |
| @@ -163,7 +163,7 @@ int main(int argc, char *argv[]) | |||
| 163 | printf("\nrecp ="); BN_print(out,r_recp); | 163 | printf("\nrecp ="); BN_print(out,r_recp); |
| 164 | printf("\nmont ="); BN_print(out,r_mont); | 164 | printf("\nmont ="); BN_print(out,r_mont); |
| 165 | printf("\n"); | 165 | printf("\n"); |
| 166 | exit(1); | 166 | EXIT(1); |
| 167 | } | 167 | } |
| 168 | } | 168 | } |
| 169 | BN_free(r_mont); | 169 | BN_free(r_mont); |
| @@ -177,11 +177,11 @@ int main(int argc, char *argv[]) | |||
| 177 | CRYPTO_mem_leaks(out); | 177 | CRYPTO_mem_leaks(out); |
| 178 | BIO_free(out); | 178 | BIO_free(out); |
| 179 | printf(" done\n"); | 179 | printf(" done\n"); |
| 180 | exit(0); | 180 | EXIT(0); |
| 181 | err: | 181 | err: |
| 182 | ERR_load_crypto_strings(); | 182 | ERR_load_crypto_strings(); |
| 183 | ERR_print_errors(out); | 183 | ERR_print_errors(out); |
| 184 | exit(1); | 184 | EXIT(1); |
| 185 | return(1); | 185 | return(1); |
| 186 | } | 186 | } |
| 187 | 187 | ||
diff --git a/src/lib/libcrypto/buffer/Makefile.ssl b/src/lib/libcrypto/buffer/Makefile.ssl index 240a6b9a89..b131ca3078 100644 --- a/src/lib/libcrypto/buffer/Makefile.ssl +++ b/src/lib/libcrypto/buffer/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c index 9299baba9e..d96487e7db 100644 --- a/src/lib/libcrypto/buffer/buffer.c +++ b/src/lib/libcrypto/buffer/buffer.c | |||
| @@ -125,6 +125,43 @@ int BUF_MEM_grow(BUF_MEM *str, int len) | |||
| 125 | return(len); | 125 | return(len); |
| 126 | } | 126 | } |
| 127 | 127 | ||
| 128 | int BUF_MEM_grow_clean(BUF_MEM *str, int len) | ||
| 129 | { | ||
| 130 | char *ret; | ||
| 131 | unsigned int n; | ||
| 132 | |||
| 133 | if (str->length >= len) | ||
| 134 | { | ||
| 135 | memset(&str->data[len],0,str->length-len); | ||
| 136 | str->length=len; | ||
| 137 | return(len); | ||
| 138 | } | ||
| 139 | if (str->max >= len) | ||
| 140 | { | ||
| 141 | memset(&str->data[str->length],0,len-str->length); | ||
| 142 | str->length=len; | ||
| 143 | return(len); | ||
| 144 | } | ||
| 145 | n=(len+3)/3*4; | ||
| 146 | if (str->data == NULL) | ||
| 147 | ret=OPENSSL_malloc(n); | ||
| 148 | else | ||
| 149 | ret=OPENSSL_realloc_clean(str->data,str->max,n); | ||
| 150 | if (ret == NULL) | ||
| 151 | { | ||
| 152 | BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); | ||
| 153 | len=0; | ||
| 154 | } | ||
| 155 | else | ||
| 156 | { | ||
| 157 | str->data=ret; | ||
| 158 | str->max=n; | ||
| 159 | memset(&str->data[str->length],0,len-str->length); | ||
| 160 | str->length=len; | ||
| 161 | } | ||
| 162 | return(len); | ||
| 163 | } | ||
| 164 | |||
| 128 | char *BUF_strdup(const char *str) | 165 | char *BUF_strdup(const char *str) |
| 129 | { | 166 | { |
| 130 | char *ret; | 167 | char *ret; |
| @@ -143,3 +180,23 @@ char *BUF_strdup(const char *str) | |||
| 143 | return(ret); | 180 | return(ret); |
| 144 | } | 181 | } |
| 145 | 182 | ||
| 183 | size_t BUF_strlcpy(char *dst, const char *src, size_t size) | ||
| 184 | { | ||
| 185 | size_t l = 0; | ||
| 186 | for(; size > 1 && *src; size--) | ||
| 187 | { | ||
| 188 | *dst++ = *src++; | ||
| 189 | l++; | ||
| 190 | } | ||
| 191 | if (size) | ||
| 192 | *dst = '\0'; | ||
| 193 | return l + strlen(src); | ||
| 194 | } | ||
| 195 | |||
| 196 | size_t BUF_strlcat(char *dst, const char *src, size_t size) | ||
| 197 | { | ||
| 198 | size_t l = 0; | ||
| 199 | for(; size > 0 && *dst; size--, dst++) | ||
| 200 | l++; | ||
| 201 | return l + BUF_strlcpy(dst, src, size); | ||
| 202 | } | ||
diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h index 11e2d0359a..465dc34f3f 100644 --- a/src/lib/libcrypto/buffer/buffer.h +++ b/src/lib/libcrypto/buffer/buffer.h | |||
| @@ -63,6 +63,9 @@ | |||
| 63 | extern "C" { | 63 | extern "C" { |
| 64 | #endif | 64 | #endif |
| 65 | 65 | ||
| 66 | #include <stddef.h> | ||
| 67 | #include <sys/types.h> | ||
| 68 | |||
| 66 | typedef struct buf_mem_st | 69 | typedef struct buf_mem_st |
| 67 | { | 70 | { |
| 68 | int length; /* current number of bytes */ | 71 | int length; /* current number of bytes */ |
| @@ -73,8 +76,14 @@ typedef struct buf_mem_st | |||
| 73 | BUF_MEM *BUF_MEM_new(void); | 76 | BUF_MEM *BUF_MEM_new(void); |
| 74 | void BUF_MEM_free(BUF_MEM *a); | 77 | void BUF_MEM_free(BUF_MEM *a); |
| 75 | int BUF_MEM_grow(BUF_MEM *str, int len); | 78 | int BUF_MEM_grow(BUF_MEM *str, int len); |
| 79 | int BUF_MEM_grow_clean(BUF_MEM *str, int len); | ||
| 76 | char * BUF_strdup(const char *str); | 80 | char * BUF_strdup(const char *str); |
| 77 | 81 | ||
| 82 | /* safe string functions */ | ||
| 83 | size_t BUF_strlcpy(char *dst,const char *src,size_t siz); | ||
| 84 | size_t BUF_strlcat(char *dst,const char *src,size_t siz); | ||
| 85 | |||
| 86 | |||
| 78 | /* BEGIN ERROR CODES */ | 87 | /* BEGIN ERROR CODES */ |
| 79 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 88 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| 80 | * made after this point may be overwritten when the script is next run. | 89 | * made after this point may be overwritten when the script is next run. |
diff --git a/src/lib/libcrypto/cast/Makefile.ssl b/src/lib/libcrypto/cast/Makefile.ssl index 2defbdd68a..2dc1c855ad 100644 --- a/src/lib/libcrypto/cast/Makefile.ssl +++ b/src/lib/libcrypto/cast/Makefile.ssl | |||
| @@ -52,14 +52,8 @@ lib: $(LIBOBJ) | |||
| 52 | @touch lib | 52 | @touch lib |
| 53 | 53 | ||
| 54 | # elf | 54 | # elf |
| 55 | asm/cx86-elf.o: asm/cx86unix.cpp | 55 | asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 56 | $(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o | 56 | (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s) |
| 57 | |||
| 58 | # solaris | ||
| 59 | asm/cx86-sol.o: asm/cx86unix.cpp | ||
| 60 | $(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s | ||
| 61 | as -o asm/cx86-sol.o asm/cx86-sol.s | ||
| 62 | rm -f asm/cx86-sol.s | ||
| 63 | 57 | ||
| 64 | # a.out | 58 | # a.out |
| 65 | asm/cx86-out.o: asm/cx86unix.cpp | 59 | asm/cx86-out.o: asm/cx86unix.cpp |
| @@ -97,14 +91,14 @@ lint: | |||
| 97 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 91 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 98 | 92 | ||
| 99 | depend: | 93 | depend: |
| 100 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 94 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 101 | 95 | ||
| 102 | dclean: | 96 | dclean: |
| 103 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 97 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 104 | mv -f Makefile.new $(MAKEFILE) | 98 | mv -f Makefile.new $(MAKEFILE) |
| 105 | 99 | ||
| 106 | clean: | 100 | clean: |
| 107 | rm -f asm/cx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 101 | rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 108 | 102 | ||
| 109 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 103 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 110 | 104 | ||
diff --git a/src/lib/libcrypto/cast/casttest.c b/src/lib/libcrypto/cast/casttest.c index 099e790886..83e5a16c73 100644 --- a/src/lib/libcrypto/cast/casttest.c +++ b/src/lib/libcrypto/cast/casttest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_CAST | 65 | #ifdef OPENSSL_NO_CAST |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -224,7 +226,7 @@ int main(int argc, char *argv[]) | |||
| 224 | } | 226 | } |
| 225 | #endif | 227 | #endif |
| 226 | 228 | ||
| 227 | exit(err); | 229 | EXIT(err); |
| 228 | return(err); | 230 | return(err); |
| 229 | } | 231 | } |
| 230 | #endif | 232 | #endif |
diff --git a/src/lib/libcrypto/comp/Makefile.ssl b/src/lib/libcrypto/comp/Makefile.ssl index 7c1ec81229..f70ba1b285 100644 --- a/src/lib/libcrypto/comp/Makefile.ssl +++ b/src/lib/libcrypto/comp/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c index cd2f8a491b..8c0876151a 100644 --- a/src/lib/libcrypto/comp/c_zlib.c +++ b/src/lib/libcrypto/comp/c_zlib.c | |||
| @@ -208,11 +208,11 @@ COMP_METHOD *COMP_zlib(void) | |||
| 208 | = (inflateInit__ft) DSO_bind_func(zlib_dso, | 208 | = (inflateInit__ft) DSO_bind_func(zlib_dso, |
| 209 | "inflateInit_"); | 209 | "inflateInit_"); |
| 210 | zlib_loaded++; | 210 | zlib_loaded++; |
| 211 | meth = &zlib_method; | ||
| 212 | } | 211 | } |
| 213 | } | 212 | } |
| 214 | 213 | ||
| 215 | #elif defined(ZLIB) | 214 | #endif |
| 215 | #if defined(ZLIB) || defined(ZLIB_SHARED) | ||
| 216 | meth = &zlib_method; | 216 | meth = &zlib_method; |
| 217 | #endif | 217 | #endif |
| 218 | 218 | ||
diff --git a/src/lib/libcrypto/conf/Makefile.ssl b/src/lib/libcrypto/conf/Makefile.ssl index 133c2329e6..c5873bc6e7 100644 --- a/src/lib/libcrypto/conf/Makefile.ssl +++ b/src/lib/libcrypto/conf/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c index 48ff6f1120..b52ee01a3c 100644 --- a/src/lib/libcrypto/conf/conf_def.c +++ b/src/lib/libcrypto/conf/conf_def.c | |||
| @@ -208,7 +208,8 @@ static int def_load(CONF *conf, const char *name, long *line) | |||
| 208 | 208 | ||
| 209 | static int def_load_bio(CONF *conf, BIO *in, long *line) | 209 | static int def_load_bio(CONF *conf, BIO *in, long *line) |
| 210 | { | 210 | { |
| 211 | #define BUFSIZE 512 | 211 | /* The macro BUFSIZE conflicts with a system macro in VxWorks */ |
| 212 | #define CONFBUFSIZE 512 | ||
| 212 | int bufnum=0,i,ii; | 213 | int bufnum=0,i,ii; |
| 213 | BUF_MEM *buff=NULL; | 214 | BUF_MEM *buff=NULL; |
| 214 | char *s,*p,*end; | 215 | char *s,*p,*end; |
| @@ -252,20 +253,21 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) | |||
| 252 | section_sk=(STACK_OF(CONF_VALUE) *)sv->value; | 253 | section_sk=(STACK_OF(CONF_VALUE) *)sv->value; |
| 253 | 254 | ||
| 254 | bufnum=0; | 255 | bufnum=0; |
| 256 | again=0; | ||
| 255 | for (;;) | 257 | for (;;) |
| 256 | { | 258 | { |
| 257 | again=0; | 259 | if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE)) |
| 258 | if (!BUF_MEM_grow(buff,bufnum+BUFSIZE)) | ||
| 259 | { | 260 | { |
| 260 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); | 261 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); |
| 261 | goto err; | 262 | goto err; |
| 262 | } | 263 | } |
| 263 | p= &(buff->data[bufnum]); | 264 | p= &(buff->data[bufnum]); |
| 264 | *p='\0'; | 265 | *p='\0'; |
| 265 | BIO_gets(in, p, BUFSIZE-1); | 266 | BIO_gets(in, p, CONFBUFSIZE-1); |
| 266 | p[BUFSIZE-1]='\0'; | 267 | p[CONFBUFSIZE-1]='\0'; |
| 267 | ii=i=strlen(p); | 268 | ii=i=strlen(p); |
| 268 | if (i == 0) break; | 269 | if (i == 0 && !again) break; |
| 270 | again=0; | ||
| 269 | while (i > 0) | 271 | while (i > 0) |
| 270 | { | 272 | { |
| 271 | if ((p[i-1] != '\r') && (p[i-1] != '\n')) | 273 | if ((p[i-1] != '\r') && (p[i-1] != '\n')) |
| @@ -275,7 +277,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) | |||
| 275 | } | 277 | } |
| 276 | /* we removed some trailing stuff so there is a new | 278 | /* we removed some trailing stuff so there is a new |
| 277 | * line on the end. */ | 279 | * line on the end. */ |
| 278 | if (i == ii) | 280 | if (ii && i == ii) |
| 279 | again=1; /* long line */ | 281 | again=1; /* long line */ |
| 280 | else | 282 | else |
| 281 | { | 283 | { |
| @@ -627,7 +629,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) | |||
| 627 | CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); | 629 | CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); |
| 628 | goto err; | 630 | goto err; |
| 629 | } | 631 | } |
| 630 | BUF_MEM_grow(buf,(strlen(p)+len-(e-from))); | 632 | BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from))); |
| 631 | while (*p) | 633 | while (*p) |
| 632 | buf->data[to++]= *(p++); | 634 | buf->data[to++]= *(p++); |
| 633 | from=e; | 635 | from=e; |
diff --git a/src/lib/libcrypto/conf/conf_mall.c b/src/lib/libcrypto/conf/conf_mall.c index d702af689b..4ba40cf44c 100644 --- a/src/lib/libcrypto/conf/conf_mall.c +++ b/src/lib/libcrypto/conf/conf_mall.c | |||
| @@ -63,7 +63,9 @@ | |||
| 63 | #include <openssl/dso.h> | 63 | #include <openssl/dso.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 66 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 67 | 69 | ||
| 68 | /* Load all OpenSSL builtin modules */ | 70 | /* Load all OpenSSL builtin modules */ |
| 69 | 71 | ||
| @@ -71,6 +73,8 @@ void OPENSSL_load_builtin_modules(void) | |||
| 71 | { | 73 | { |
| 72 | /* Add builtin modules here */ | 74 | /* Add builtin modules here */ |
| 73 | ASN1_add_oid_module(); | 75 | ASN1_add_oid_module(); |
| 76 | #ifndef OPENSSL_NO_ENGINE | ||
| 74 | ENGINE_add_conf_module(); | 77 | ENGINE_add_conf_module(); |
| 78 | #endif | ||
| 75 | } | 79 | } |
| 76 | 80 | ||
diff --git a/src/lib/libcrypto/conf/conf_sap.c b/src/lib/libcrypto/conf/conf_sap.c index 97fb174303..e15c2e5546 100644 --- a/src/lib/libcrypto/conf/conf_sap.c +++ b/src/lib/libcrypto/conf/conf_sap.c | |||
| @@ -63,7 +63,9 @@ | |||
| 63 | #include <openssl/dso.h> | 63 | #include <openssl/dso.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 66 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 67 | 69 | ||
| 68 | /* This is the automatic configuration loader: it is called automatically by | 70 | /* This is the automatic configuration loader: it is called automatically by |
| 69 | * OpenSSL when any of a number of standard initialisation functions are called, | 71 | * OpenSSL when any of a number of standard initialisation functions are called, |
| @@ -78,8 +80,10 @@ void OPENSSL_config(const char *config_name) | |||
| 78 | return; | 80 | return; |
| 79 | 81 | ||
| 80 | OPENSSL_load_builtin_modules(); | 82 | OPENSSL_load_builtin_modules(); |
| 83 | #ifndef OPENSSL_NO_ENGINE | ||
| 81 | /* Need to load ENGINEs */ | 84 | /* Need to load ENGINEs */ |
| 82 | ENGINE_load_builtin_engines(); | 85 | ENGINE_load_builtin_engines(); |
| 86 | #endif | ||
| 83 | /* Add others here? */ | 87 | /* Add others here? */ |
| 84 | 88 | ||
| 85 | 89 | ||
diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c index 612b3b93b4..2924def2bb 100644 --- a/src/lib/libcrypto/cryptlib.c +++ b/src/lib/libcrypto/cryptlib.c | |||
| @@ -89,6 +89,7 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = | |||
| 89 | "ssl_session", | 89 | "ssl_session", |
| 90 | "ssl_sess_cert", | 90 | "ssl_sess_cert", |
| 91 | "ssl", | 91 | "ssl", |
| 92 | "ssl_method", | ||
| 92 | "rand", | 93 | "rand", |
| 93 | "rand2", | 94 | "rand2", |
| 94 | "debug_malloc", | 95 | "debug_malloc", |
| @@ -103,7 +104,8 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = | |||
| 103 | "dynlock", | 104 | "dynlock", |
| 104 | "engine", | 105 | "engine", |
| 105 | "ui", | 106 | "ui", |
| 106 | #if CRYPTO_NUM_LOCKS != 31 | 107 | "hwcrhk", /* This is a HACK which will disappear in 0.9.8 */ |
| 108 | #if CRYPTO_NUM_LOCKS != 33 | ||
| 107 | # error "Inconsistency between crypto.h and cryptlib.c" | 109 | # error "Inconsistency between crypto.h and cryptlib.c" |
| 108 | #endif | 110 | #endif |
| 109 | }; | 111 | }; |
| @@ -206,10 +208,18 @@ int CRYPTO_get_new_dynlockid(void) | |||
| 206 | i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); | 208 | i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); |
| 207 | /* If there was none, push, thereby creating a new one */ | 209 | /* If there was none, push, thereby creating a new one */ |
| 208 | if (i == -1) | 210 | if (i == -1) |
| 209 | i=sk_CRYPTO_dynlock_push(dyn_locks,pointer); | 211 | /* Since sk_push() returns the number of items on the |
| 212 | stack, not the location of the pushed item, we need | ||
| 213 | to transform the returned number into a position, | ||
| 214 | by decreasing it. */ | ||
| 215 | i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; | ||
| 216 | else | ||
| 217 | /* If we found a place with a NULL pointer, put our pointer | ||
| 218 | in it. */ | ||
| 219 | sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); | ||
| 210 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | 220 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); |
| 211 | 221 | ||
| 212 | if (!i) | 222 | if (i == -1) |
| 213 | { | 223 | { |
| 214 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); | 224 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); |
| 215 | OPENSSL_free(pointer); | 225 | OPENSSL_free(pointer); |
| @@ -401,15 +411,17 @@ void CRYPTO_lock(int mode, int type, const char *file, int line) | |||
| 401 | #endif | 411 | #endif |
| 402 | if (type < 0) | 412 | if (type < 0) |
| 403 | { | 413 | { |
| 404 | struct CRYPTO_dynlock_value *pointer | 414 | if (dynlock_lock_callback != NULL) |
| 405 | = CRYPTO_get_dynlock_value(type); | ||
| 406 | |||
| 407 | if (pointer && dynlock_lock_callback) | ||
| 408 | { | 415 | { |
| 416 | struct CRYPTO_dynlock_value *pointer | ||
| 417 | = CRYPTO_get_dynlock_value(type); | ||
| 418 | |||
| 419 | OPENSSL_assert(pointer != NULL); | ||
| 420 | |||
| 409 | dynlock_lock_callback(mode, pointer, file, line); | 421 | dynlock_lock_callback(mode, pointer, file, line); |
| 410 | } | ||
| 411 | 422 | ||
| 412 | CRYPTO_destroy_dynlockid(type); | 423 | CRYPTO_destroy_dynlockid(type); |
| 424 | } | ||
| 413 | } | 425 | } |
| 414 | else | 426 | else |
| 415 | if (locking_callback != NULL) | 427 | if (locking_callback != NULL) |
| @@ -460,7 +472,7 @@ const char *CRYPTO_get_lock_name(int type) | |||
| 460 | return("dynamic"); | 472 | return("dynamic"); |
| 461 | else if (type < CRYPTO_NUM_LOCKS) | 473 | else if (type < CRYPTO_NUM_LOCKS) |
| 462 | return(lock_names[type]); | 474 | return(lock_names[type]); |
| 463 | else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks)) | 475 | else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks)) |
| 464 | return("ERROR"); | 476 | return("ERROR"); |
| 465 | else | 477 | else |
| 466 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); | 478 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); |
| @@ -492,3 +504,11 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason, | |||
| 492 | #endif | 504 | #endif |
| 493 | 505 | ||
| 494 | #endif | 506 | #endif |
| 507 | |||
| 508 | void OpenSSLDie(const char *file,int line,const char *assertion) | ||
| 509 | { | ||
| 510 | fprintf(stderr, | ||
| 511 | "%s(%d): OpenSSL internal error, assertion failed: %s\n", | ||
| 512 | file,line,assertion); | ||
| 513 | abort(); | ||
| 514 | } | ||
diff --git a/src/lib/libcrypto/cryptlib.h b/src/lib/libcrypto/cryptlib.h index 88e4ae509f..0d6b9d59f0 100644 --- a/src/lib/libcrypto/cryptlib.h +++ b/src/lib/libcrypto/cryptlib.h | |||
| @@ -89,9 +89,9 @@ extern "C" { | |||
| 89 | #define X509_CERT_DIR_EVP "SSL_CERT_DIR" | 89 | #define X509_CERT_DIR_EVP "SSL_CERT_DIR" |
| 90 | #define X509_CERT_FILE_EVP "SSL_CERT_FILE" | 90 | #define X509_CERT_FILE_EVP "SSL_CERT_FILE" |
| 91 | 91 | ||
| 92 | /* size of string represenations */ | 92 | /* size of string representations */ |
| 93 | #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) | 93 | #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) |
| 94 | #define HEX_SIZE(type) ((sizeof(type)*2) | 94 | #define HEX_SIZE(type) (sizeof(type)*2) |
| 95 | 95 | ||
| 96 | #ifdef __cplusplus | 96 | #ifdef __cplusplus |
| 97 | } | 97 | } |
diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com index dfcff11860..39e78c69e5 100644 --- a/src/lib/libcrypto/crypto-lib.com +++ b/src/lib/libcrypto/crypto-lib.com | |||
| @@ -21,22 +21,10 @@ $! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. | |||
| 21 | $! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE | 21 | $! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE |
| 22 | $! ALL To do both LIBRARY and APPS | 22 | $! ALL To do both LIBRARY and APPS |
| 23 | $! | 23 | $! |
| 24 | $! Specify RSAREF as P2 to compile with the RSAREF library instead of | 24 | $! Specify DEBUG or NODEBUG as P2 to compile with or without debugger |
| 25 | $! the regular one. If you specify NORSAREF it will compile with the | ||
| 26 | $! regular RSAREF routines. (Note: If you are in the United States | ||
| 27 | $! you MUST compile with RSAREF unless you have a license from RSA). | ||
| 28 | $! | ||
| 29 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 30 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 31 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 32 | $! directory structure stored. You have to extract the file | ||
| 33 | $! into the [.RSAREF] directory under the root directory as that | ||
| 34 | $! is where the scripts will look for the files. | ||
| 35 | $! | ||
| 36 | $! Specify DEBUG or NODEBUG as P3 to compile with or without debugger | ||
| 37 | $! information. | 25 | $! information. |
| 38 | $! | 26 | $! |
| 39 | $! Specify which compiler at P4 to try to compile under. | 27 | $! Specify which compiler at P3 to try to compile under. |
| 40 | $! | 28 | $! |
| 41 | $! VAXC For VAX C. | 29 | $! VAXC For VAX C. |
| 42 | $! DECC For DEC C. | 30 | $! DECC For DEC C. |
| @@ -45,16 +33,16 @@ $! | |||
| 45 | $! If you don't speficy a compiler, it will try to determine which | 33 | $! If you don't speficy a compiler, it will try to determine which |
| 46 | $! "C" compiler to use. | 34 | $! "C" compiler to use. |
| 47 | $! | 35 | $! |
| 48 | $! P5, if defined, sets a TCP/IP library to use, through one of the following | 36 | $! P4, if defined, sets a TCP/IP library to use, through one of the following |
| 49 | $! keywords: | 37 | $! keywords: |
| 50 | $! | 38 | $! |
| 51 | $! UCX for UCX | 39 | $! UCX for UCX |
| 52 | $! TCPIP for TCPIP (post UCX) | 40 | $! TCPIP for TCPIP (post UCX) |
| 53 | $! SOCKETSHR for SOCKETSHR+NETLIB | 41 | $! SOCKETSHR for SOCKETSHR+NETLIB |
| 54 | $! | 42 | $! |
| 55 | $! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | 43 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) |
| 56 | $! | 44 | $! |
| 57 | $! P7, if defined, sets a choice of crypto methods to compile. | 45 | $! P6, if defined, sets a choice of crypto methods to compile. |
| 58 | $! WARNING: this should only be done to recompile some part of an already | 46 | $! WARNING: this should only be done to recompile some part of an already |
| 59 | $! fully compiled library. | 47 | $! fully compiled library. |
| 60 | $! | 48 | $! |
| @@ -93,7 +81,6 @@ $ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - | |||
| 93 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - | 81 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - |
| 94 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - | 82 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - |
| 95 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" | 83 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" |
| 96 | $ ENCRYPT_PROGRAMS = "DES,PKCS7" | ||
| 97 | $! | 84 | $! |
| 98 | $! Check To Make Sure We Have Valid Command Line Parameters. | 85 | $! Check To Make Sure We Have Valid Command Line Parameters. |
| 99 | $! | 86 | $! |
| @@ -149,10 +136,6 @@ $! Define The CRYPTO-LIB We Are To Use. | |||
| 149 | $! | 136 | $! |
| 150 | $ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB | 137 | $ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB |
| 151 | $! | 138 | $! |
| 152 | $! Define The RSAREF-LIB We Are To Use. | ||
| 153 | $! | ||
| 154 | $ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB | ||
| 155 | $! | ||
| 156 | $! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... | 139 | $! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... |
| 157 | $! | 140 | $! |
| 158 | $ IF (F$SEARCH(LIB_NAME).EQS."") | 141 | $ IF (F$SEARCH(LIB_NAME).EQS."") |
| @@ -175,7 +158,7 @@ $! | |||
| 175 | $ APPS_DES = "DES/DES,CBC3_ENC" | 158 | $ APPS_DES = "DES/DES,CBC3_ENC" |
| 176 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" | 159 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" |
| 177 | $ | 160 | $ |
| 178 | $ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" | 161 | $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" |
| 179 | $ LIB_MD2 = "md2_dgst,md2_one" | 162 | $ LIB_MD2 = "md2_dgst,md2_one" |
| 180 | $ LIB_MD4 = "md4_dgst,md4_one" | 163 | $ LIB_MD4 = "md4_dgst,md4_one" |
| 181 | $ LIB_MD5 = "md5_dgst,md5_one" | 164 | $ LIB_MD5 = "md5_dgst,md5_one" |
| @@ -216,7 +199,7 @@ $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - | |||
| 216 | "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - | 199 | "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - |
| 217 | "eng_openssl,eng_dyn,eng_cnf,"+ - | 200 | "eng_openssl,eng_dyn,eng_cnf,"+ - |
| 218 | "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - | 201 | "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - |
| 219 | "hw_openbsd_dev_crypto,hw_aep,hw_sureware,hw_4758_cca" | 202 | "hw_cryptodev,hw_aep,hw_sureware,hw_4758_cca" |
| 220 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" | 203 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" |
| 221 | $ LIB_BUFFER = "buffer,buf_err" | 204 | $ LIB_BUFFER = "buffer,buf_err" |
| 222 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - | 205 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - |
| @@ -287,86 +270,6 @@ $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," | |||
| 287 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - | 270 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - |
| 288 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," | 271 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," |
| 289 | $! | 272 | $! |
| 290 | $! Check To See If We Are Going To Use RSAREF. | ||
| 291 | $! | ||
| 292 | $ IF (RSAREF.EQS."TRUE" .AND. ENCRYPT_TYPES - "RSA".NES.ENCRYPT_TYPES - | ||
| 293 | .AND. (BUILDALL .EQS. "TRUE" .OR. BUILDALL .EQS. "LIBRARY")) | ||
| 294 | $ THEN | ||
| 295 | $! | ||
| 296 | $! Check To See If The File [-.RSAREF]RSAREF.C Is Actually There. | ||
| 297 | $! | ||
| 298 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAREF.C").EQS."") | ||
| 299 | $ THEN | ||
| 300 | $! | ||
| 301 | $! Tell The User That The File Doesn't Exist. | ||
| 302 | $! | ||
| 303 | $ WRITE SYS$OUTPUT "" | ||
| 304 | $ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAREF.C Doesn't Exist." | ||
| 305 | $ WRITE SYS$OUTPUT "" | ||
| 306 | $! | ||
| 307 | $! Exit The Build. | ||
| 308 | $! | ||
| 309 | $ GOTO EXIT | ||
| 310 | $! | ||
| 311 | $! End The [-.RSAREF]RSAREF.C Check. | ||
| 312 | $! | ||
| 313 | $ ENDIF | ||
| 314 | $! | ||
| 315 | $! Tell The User We Are Compiling The [-.RSAREF]RSAREF File. | ||
| 316 | $! | ||
| 317 | $ WRITE SYS$OUTPUT "Compiling The [-.RSAREF]RSAREF File." | ||
| 318 | $! | ||
| 319 | $! Compile [-.RSAREF]RSAREF.C | ||
| 320 | $! | ||
| 321 | $ CC/OBJECT='OBJ_DIR'RSAREF.OBJ SYS$DISK:[-.RSAREF]RSAREF.C | ||
| 322 | $! | ||
| 323 | $! Add It To The Library. | ||
| 324 | $! | ||
| 325 | $ LIBRARY/REPLACE 'LIB_NAME' 'OBJ_DIR'RSAREF.OBJ | ||
| 326 | $! | ||
| 327 | $! Delete The Object File. | ||
| 328 | $! | ||
| 329 | $ DELETE 'OBJ_DIR'RSAREF.OBJ;* | ||
| 330 | $! | ||
| 331 | $! Check To See If The File [-.RSAREF]RSAR_ERR.C Is Actually There. | ||
| 332 | $! | ||
| 333 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAR_ERR.C").EQS."") | ||
| 334 | $ THEN | ||
| 335 | $! | ||
| 336 | $! Tell The User That The File Doesn't Exist. | ||
| 337 | $! | ||
| 338 | $ WRITE SYS$OUTPUT "" | ||
| 339 | $ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAR_ERR.C Doesn't Exist." | ||
| 340 | $ WRITE SYS$OUTPUT "" | ||
| 341 | $! | ||
| 342 | $! Exit The Build. | ||
| 343 | $! | ||
| 344 | $ GOTO EXIT | ||
| 345 | $! | ||
| 346 | $! End The [-.RSAREF]RSAR_ERR.C File Check. | ||
| 347 | $! | ||
| 348 | $ ENDIF | ||
| 349 | $! | ||
| 350 | $! Tell The User We Are Compiling The [-.RSAREF]RSAR_ERR File. | ||
| 351 | $! | ||
| 352 | $ WRITE SYS$OUTPUT "Compiling The [-.RSAREF]RSAR_ERR File." | ||
| 353 | $! | ||
| 354 | $! Compile [-.RSAREF]RSAR_ERR.C | ||
| 355 | $! | ||
| 356 | $ CC/OBJECT='OBJ_DIR'RSAR_ERR.OBJ SYS$DISK:[-.RSAREF]RSAR_ERR.C | ||
| 357 | $! | ||
| 358 | $! Add It To The Library. | ||
| 359 | $! | ||
| 360 | $ LIBRARY/REPLACE 'LIB_NAME' 'OBJ_DIR'RSAR_ERR.OBJ | ||
| 361 | $! | ||
| 362 | $! Delete The Object File. | ||
| 363 | $! | ||
| 364 | $ DELETE 'OBJ_DIR'RSAR_ERR.OBJ;* | ||
| 365 | $! | ||
| 366 | $! End The RSAREF Check. | ||
| 367 | $! | ||
| 368 | $ ENDIF | ||
| 369 | $! | ||
| 370 | $! Figure Out What Other Modules We Are To Build. | 273 | $! Figure Out What Other Modules We Are To Build. |
| 371 | $! | 274 | $! |
| 372 | $ BUILD_SET: | 275 | $ BUILD_SET: |
| @@ -639,74 +542,34 @@ $! Tell the user what happens | |||
| 639 | $! | 542 | $! |
| 640 | $ WRITE SYS$OUTPUT " ",APPLICATION,".exe" | 543 | $ WRITE SYS$OUTPUT " ",APPLICATION,".exe" |
| 641 | $! | 544 | $! |
| 642 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. | 545 | $! Link The Program. |
| 643 | $! | 546 | $! |
| 644 | $ ON ERROR THEN GOTO NEXT_APPLICATION | 547 | $ ON ERROR THEN GOTO NEXT_APPLICATION |
| 645 | $ IF (RSAREF.EQS."TRUE") | ||
| 646 | $ THEN | ||
| 647 | $! | 548 | $! |
| 648 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 549 | $! Check To See If We Are To Link With A Specific TCP/IP Library. |
| 649 | $! | 550 | $! |
| 650 | $ IF (TCPIP_LIB.NES."") | 551 | $ IF (TCPIP_LIB.NES."") |
| 651 | $ THEN | 552 | $ THEN |
| 652 | $! | ||
| 653 | $! Link With The RSAREF Library And A Specific TCP/IP Library. | ||
| 654 | $! | ||
| 655 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
| 656 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 657 | 'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 658 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 659 | $! | ||
| 660 | $! Else... | ||
| 661 | $! | ||
| 662 | $ ELSE | ||
| 663 | $! | ||
| 664 | $! Link With The RSAREF Library And NO TCP/IP Library. | ||
| 665 | $! | 553 | $! |
| 666 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | 554 | $! Link With A TCP/IP Library. |
| 667 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 668 | 'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 669 | 'OPT_FILE'/OPTION | ||
| 670 | $! | 555 | $! |
| 671 | $! End The TCP/IP Library Check. | 556 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - |
| 557 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 558 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 559 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 672 | $! | 560 | $! |
| 673 | $ ENDIF | 561 | $! Else... |
| 674 | $! | ||
| 675 | $! Else... | ||
| 676 | $! | 562 | $! |
| 677 | $ ELSE | 563 | $ ELSE |
| 678 | $! | 564 | $! |
| 679 | $! Don't Link With The RSAREF Routines. | 565 | $! Don't Link With A TCP/IP Library. |
| 680 | $! | ||
| 681 | $! | ||
| 682 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 683 | $! | ||
| 684 | $ IF (TCPIP_LIB.NES."") | ||
| 685 | $ THEN | ||
| 686 | $! | ||
| 687 | $! Don't Link With The RSAREF Routines And TCP/IP Library. | ||
| 688 | $! | ||
| 689 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
| 690 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 691 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 692 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 693 | $! | ||
| 694 | $! Else... | ||
| 695 | $! | ||
| 696 | $ ELSE | ||
| 697 | $! | ||
| 698 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. | ||
| 699 | $! | ||
| 700 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
| 701 | 'OBJ_DIR''APPLICATION_OBJECTS',- | ||
| 702 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 703 | 'OPT_FILE'/OPTION | ||
| 704 | $! | 566 | $! |
| 705 | $! End The TCP/IP Library Check. | 567 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - |
| 568 | 'OBJ_DIR''APPLICATION_OBJECTS',- | ||
| 569 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 570 | 'OPT_FILE'/OPTION | ||
| 706 | $! | 571 | $! |
| 707 | $ ENDIF | 572 | $! End The TCP/IP Library Check. |
| 708 | $! | ||
| 709 | $! End The RSAREF Link Check. | ||
| 710 | $! | 573 | $! |
| 711 | $ ENDIF | 574 | $ ENDIF |
| 712 | $ GOTO NEXT_APPLICATION | 575 | $ GOTO NEXT_APPLICATION |
| @@ -912,75 +775,10 @@ $ ENDIF | |||
| 912 | $! | 775 | $! |
| 913 | $! Check To See If P2 Is Blank. | 776 | $! Check To See If P2 Is Blank. |
| 914 | $! | 777 | $! |
| 915 | $ P2 = "NORSAREF" | 778 | $ IF (P2.EQS."NODEBUG") |
| 916 | $ IF (P2.EQS."NORSAREF") | ||
| 917 | $ THEN | 779 | $ THEN |
| 918 | $! | 780 | $! |
| 919 | $! P2 Is NORSAREF, So Compile With The Regular RSA Libraries. | 781 | $! P2 Is NODEBUG, So Compile Without The Debugger Information. |
| 920 | $! | ||
| 921 | $ RSAREF = "FALSE" | ||
| 922 | $ ELSE | ||
| 923 | $! | ||
| 924 | $! Check To See If We Are To Use The RSAREF Library. | ||
| 925 | $! | ||
| 926 | $ IF (P2.EQS."RSAREF") | ||
| 927 | $ THEN | ||
| 928 | $! | ||
| 929 | $! Check To Make Sure We Have The RSAREF Source Code Directory. | ||
| 930 | $! | ||
| 931 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."") | ||
| 932 | $ THEN | ||
| 933 | $! | ||
| 934 | $! We Don't Have The RSAREF Souce Code Directory, So Tell The | ||
| 935 | $! User This. | ||
| 936 | $! | ||
| 937 | $ WRITE SYS$OUTPUT "" | ||
| 938 | $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." | ||
| 939 | $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" | ||
| 940 | $ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file doesn't have the" | ||
| 941 | $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" | ||
| 942 | $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" | ||
| 943 | $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." | ||
| 944 | $ WRITE SYS$OUTPUT "" | ||
| 945 | $! | ||
| 946 | $! Time To Exit. | ||
| 947 | $! | ||
| 948 | $ EXIT | ||
| 949 | $! | ||
| 950 | $! Else, Compile Using The RSAREF Library. | ||
| 951 | $! | ||
| 952 | $ ELSE | ||
| 953 | $ RSAREF = "TRUE" | ||
| 954 | $ ENDIF | ||
| 955 | $ ELSE | ||
| 956 | $! | ||
| 957 | $! They Entered An Invalid Option.. | ||
| 958 | $! | ||
| 959 | $ WRITE SYS$OUTPUT "" | ||
| 960 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | ||
| 961 | $ WRITE SYS$OUTPUT "" | ||
| 962 | $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." | ||
| 963 | $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." | ||
| 964 | $ WRITE SYS$OUTPUT "" | ||
| 965 | $! | ||
| 966 | $! Time To EXIT. | ||
| 967 | $! | ||
| 968 | $ EXIT | ||
| 969 | $! | ||
| 970 | $! End The Valid Arguement Check. | ||
| 971 | $! | ||
| 972 | $ ENDIF | ||
| 973 | $! | ||
| 974 | $! End The P2 Check. | ||
| 975 | $! | ||
| 976 | $ ENDIF | ||
| 977 | $! | ||
| 978 | $! Check To See If P3 Is Blank. | ||
| 979 | $! | ||
| 980 | $ IF (P3.EQS."NODEBUG") | ||
| 981 | $ THEN | ||
| 982 | $! | ||
| 983 | $! P3 Is NODEBUG, So Compile Without The Debugger Information. | ||
| 984 | $! | 782 | $! |
| 985 | $ DEBUGGER = "NODEBUG" | 783 | $ DEBUGGER = "NODEBUG" |
| 986 | $ TRACEBACK = "NOTRACEBACK" | 784 | $ TRACEBACK = "NOTRACEBACK" |
| @@ -993,7 +791,7 @@ $ ELSE | |||
| 993 | $! | 791 | $! |
| 994 | $! Check To See If We Are To Compile With Debugger Information. | 792 | $! Check To See If We Are To Compile With Debugger Information. |
| 995 | $! | 793 | $! |
| 996 | $ IF (P3.EQS."DEBUG") | 794 | $ IF (P2.EQS."DEBUG") |
| 997 | $ THEN | 795 | $ THEN |
| 998 | $! | 796 | $! |
| 999 | $! Compile With Debugger Information. | 797 | $! Compile With Debugger Information. |
| @@ -1010,7 +808,7 @@ $! | |||
| 1010 | $! They Entered An Invalid Option.. | 808 | $! They Entered An Invalid Option.. |
| 1011 | $! | 809 | $! |
| 1012 | $ WRITE SYS$OUTPUT "" | 810 | $ WRITE SYS$OUTPUT "" |
| 1013 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | 811 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" |
| 1014 | $ WRITE SYS$OUTPUT "" | 812 | $ WRITE SYS$OUTPUT "" |
| 1015 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | 813 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." |
| 1016 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | 814 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." |
| @@ -1024,7 +822,7 @@ $! End The Valid Arguement Check. | |||
| 1024 | $! | 822 | $! |
| 1025 | $ ENDIF | 823 | $ ENDIF |
| 1026 | $! | 824 | $! |
| 1027 | $! End The P3 Check. | 825 | $! End The P2 Check. |
| 1028 | $! | 826 | $! |
| 1029 | $ ENDIF | 827 | $ ENDIF |
| 1030 | $! | 828 | $! |
| @@ -1034,9 +832,9 @@ $! Written By: Richard Levitte | |||
| 1034 | $! richard@levitte.org | 832 | $! richard@levitte.org |
| 1035 | $! | 833 | $! |
| 1036 | $! | 834 | $! |
| 1037 | $! Check To See If We Have A Option For P6. | 835 | $! Check To See If We Have A Option For P5. |
| 1038 | $! | 836 | $! |
| 1039 | $ IF (P6.EQS."") | 837 | $ IF (P5.EQS."") |
| 1040 | $ THEN | 838 | $ THEN |
| 1041 | $! | 839 | $! |
| 1042 | $! Get The Version Of VMS We Are Using. | 840 | $! Get The Version Of VMS We Are Using. |
| @@ -1058,13 +856,13 @@ $! End The VMS Version Check. | |||
| 1058 | $! | 856 | $! |
| 1059 | $ ENDIF | 857 | $ ENDIF |
| 1060 | $! | 858 | $! |
| 1061 | $! End The P6 Check. | 859 | $! End The P5 Check. |
| 1062 | $! | 860 | $! |
| 1063 | $ ENDIF | 861 | $ ENDIF |
| 1064 | $! | 862 | $! |
| 1065 | $! Check To See If P4 Is Blank. | 863 | $! Check To See If P3 Is Blank. |
| 1066 | $! | 864 | $! |
| 1067 | $ IF (P4.EQS."") | 865 | $ IF (P3.EQS."") |
| 1068 | $ THEN | 866 | $ THEN |
| 1069 | $! | 867 | $! |
| 1070 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | 868 | $! O.K., The User Didn't Specify A Compiler, Let's Try To |
| @@ -1077,7 +875,7 @@ $ THEN | |||
| 1077 | $! | 875 | $! |
| 1078 | $! Looks Like GNUC, Set To Use GNUC. | 876 | $! Looks Like GNUC, Set To Use GNUC. |
| 1079 | $! | 877 | $! |
| 1080 | $ P4 = "GNUC" | 878 | $ P3 = "GNUC" |
| 1081 | $! | 879 | $! |
| 1082 | $! Else... | 880 | $! Else... |
| 1083 | $! | 881 | $! |
| @@ -1090,7 +888,7 @@ $ THEN | |||
| 1090 | $! | 888 | $! |
| 1091 | $! Looks Like DECC, Set To Use DECC. | 889 | $! Looks Like DECC, Set To Use DECC. |
| 1092 | $! | 890 | $! |
| 1093 | $ P4 = "DECC" | 891 | $ P3 = "DECC" |
| 1094 | $! | 892 | $! |
| 1095 | $! Else... | 893 | $! Else... |
| 1096 | $! | 894 | $! |
| @@ -1098,7 +896,7 @@ $ ELSE | |||
| 1098 | $! | 896 | $! |
| 1099 | $! Looks Like VAXC, Set To Use VAXC. | 897 | $! Looks Like VAXC, Set To Use VAXC. |
| 1100 | $! | 898 | $! |
| 1101 | $ P4 = "VAXC" | 899 | $ P3 = "VAXC" |
| 1102 | $! | 900 | $! |
| 1103 | $! End The VAXC Compiler Check. | 901 | $! End The VAXC Compiler Check. |
| 1104 | $! | 902 | $! |
| @@ -1112,9 +910,9 @@ $! End The Compiler Check. | |||
| 1112 | $! | 910 | $! |
| 1113 | $ ENDIF | 911 | $ ENDIF |
| 1114 | $! | 912 | $! |
| 1115 | $! Check To See If We Have A Option For P5. | 913 | $! Check To See If We Have A Option For P4. |
| 1116 | $! | 914 | $! |
| 1117 | $ IF (P5.EQS."") | 915 | $ IF (P4.EQS."") |
| 1118 | $ THEN | 916 | $ THEN |
| 1119 | $! | 917 | $! |
| 1120 | $! Find out what socket library we have available | 918 | $! Find out what socket library we have available |
| @@ -1124,7 +922,7 @@ $ THEN | |||
| 1124 | $! | 922 | $! |
| 1125 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | 923 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. |
| 1126 | $! | 924 | $! |
| 1127 | $ P5 = "SOCKETSHR" | 925 | $ P4 = "SOCKETSHR" |
| 1128 | $! | 926 | $! |
| 1129 | $! Tell the user | 927 | $! Tell the user |
| 1130 | $! | 928 | $! |
| @@ -1144,7 +942,7 @@ $ THEN | |||
| 1144 | $! | 942 | $! |
| 1145 | $! Last resort: a UCX or UCX-compatible library | 943 | $! Last resort: a UCX or UCX-compatible library |
| 1146 | $! | 944 | $! |
| 1147 | $ P5 = "UCX" | 945 | $ P4 = "UCX" |
| 1148 | $! | 946 | $! |
| 1149 | $! Tell the user | 947 | $! Tell the user |
| 1150 | $! | 948 | $! |
| @@ -1158,7 +956,7 @@ $ ENDIF | |||
| 1158 | $! | 956 | $! |
| 1159 | $! Set Up Initial CC Definitions, Possibly With User Ones | 957 | $! Set Up Initial CC Definitions, Possibly With User Ones |
| 1160 | $! | 958 | $! |
| 1161 | $ CCDEFS = "TCPIP_TYPE_''P5',DSO_VMS" | 959 | $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" |
| 1162 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | 960 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS |
| 1163 | $ CCEXTRAFLAGS = "" | 961 | $ CCEXTRAFLAGS = "" |
| 1164 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | 962 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS |
| @@ -1168,12 +966,12 @@ $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | |||
| 1168 | $! | 966 | $! |
| 1169 | $! Check To See If The User Entered A Valid Paramter. | 967 | $! Check To See If The User Entered A Valid Paramter. |
| 1170 | $! | 968 | $! |
| 1171 | $ IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC") | 969 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") |
| 1172 | $ THEN | 970 | $ THEN |
| 1173 | $! | 971 | $! |
| 1174 | $! Check To See If The User Wanted DECC. | 972 | $! Check To See If The User Wanted DECC. |
| 1175 | $! | 973 | $! |
| 1176 | $ IF (P4.EQS."DECC") | 974 | $ IF (P3.EQS."DECC") |
| 1177 | $ THEN | 975 | $ THEN |
| 1178 | $! | 976 | $! |
| 1179 | $! Looks Like DECC, Set To Use DECC. | 977 | $! Looks Like DECC, Set To Use DECC. |
| @@ -1204,7 +1002,7 @@ $ ENDIF | |||
| 1204 | $! | 1002 | $! |
| 1205 | $! Check To See If We Are To Use VAXC. | 1003 | $! Check To See If We Are To Use VAXC. |
| 1206 | $! | 1004 | $! |
| 1207 | $ IF (P4.EQS."VAXC") | 1005 | $ IF (P3.EQS."VAXC") |
| 1208 | $ THEN | 1006 | $ THEN |
| 1209 | $! | 1007 | $! |
| 1210 | $! Looks Like VAXC, Set To Use VAXC. | 1008 | $! Looks Like VAXC, Set To Use VAXC. |
| @@ -1243,7 +1041,7 @@ $ ENDIF | |||
| 1243 | $! | 1041 | $! |
| 1244 | $! Check To See If We Are To Use GNU C. | 1042 | $! Check To See If We Are To Use GNU C. |
| 1245 | $! | 1043 | $! |
| 1246 | $ IF (P4.EQS."GNUC") | 1044 | $ IF (P3.EQS."GNUC") |
| 1247 | $ THEN | 1045 | $ THEN |
| 1248 | $! | 1046 | $! |
| 1249 | $! Looks Like GNUC, Set To Use GNUC. | 1047 | $! Looks Like GNUC, Set To Use GNUC. |
| @@ -1272,31 +1070,6 @@ $! Set up default defines | |||
| 1272 | $! | 1070 | $! |
| 1273 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | 1071 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS |
| 1274 | $! | 1072 | $! |
| 1275 | $! Check To See If We Are To Compile With RSAREF Routines. | ||
| 1276 | $! | ||
| 1277 | $ IF (RSAREF.EQS."TRUE") | ||
| 1278 | $ THEN | ||
| 1279 | $! | ||
| 1280 | $! Compile With RSAREF. | ||
| 1281 | $! | ||
| 1282 | $ CCDEFS = CCDEFS + ",""RSAref=1""" | ||
| 1283 | $! | ||
| 1284 | $! Tell The User This. | ||
| 1285 | $! | ||
| 1286 | $ WRITE SYS$OUTPUT "Compiling With RSAREF Routines." | ||
| 1287 | $! | ||
| 1288 | $! Else, We Don't Care. Compile Without The RSAREF Library. | ||
| 1289 | $! | ||
| 1290 | $ ELSE | ||
| 1291 | $! | ||
| 1292 | $! Tell The User We Are Compile Without The RSAREF Routines. | ||
| 1293 | $! | ||
| 1294 | $ WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines. | ||
| 1295 | $! | ||
| 1296 | $! End The RSAREF Check. | ||
| 1297 | $! | ||
| 1298 | $ ENDIF | ||
| 1299 | $! | ||
| 1300 | $! Finish up the definition of CC. | 1073 | $! Finish up the definition of CC. |
| 1301 | $! | 1074 | $! |
| 1302 | $ IF COMPILER .EQS. "DECC" | 1075 | $ IF COMPILER .EQS. "DECC" |
| @@ -1315,7 +1088,7 @@ $ CC4DISABLEWARNINGS = "" | |||
| 1315 | $ ENDIF | 1088 | $ ENDIF |
| 1316 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS | 1089 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS |
| 1317 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS | 1090 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS |
| 1318 | $ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P3 .NES. "DEBUG" | 1091 | $ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG" |
| 1319 | $ THEN | 1092 | $ THEN |
| 1320 | $ CC5 = CC + "/OPTIMIZE=NODISJOINT" | 1093 | $ CC5 = CC + "/OPTIMIZE=NODISJOINT" |
| 1321 | $ ELSE | 1094 | $ ELSE |
| @@ -1334,7 +1107,7 @@ $! | |||
| 1334 | $! Tell The User We Don't Know What They Want. | 1107 | $! Tell The User We Don't Know What They Want. |
| 1335 | $! | 1108 | $! |
| 1336 | $ WRITE SYS$OUTPUT "" | 1109 | $ WRITE SYS$OUTPUT "" |
| 1337 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | 1110 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" |
| 1338 | $ WRITE SYS$OUTPUT "" | 1111 | $ WRITE SYS$OUTPUT "" |
| 1339 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | 1112 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." |
| 1340 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | 1113 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." |
| @@ -1360,13 +1133,13 @@ $ WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO | |||
| 1360 | $! | 1133 | $! |
| 1361 | $! Time to check the contents, and to make sure we get the correct library. | 1134 | $! Time to check the contents, and to make sure we get the correct library. |
| 1362 | $! | 1135 | $! |
| 1363 | $ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" - | 1136 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - |
| 1364 | .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE" | 1137 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" |
| 1365 | $ THEN | 1138 | $ THEN |
| 1366 | $! | 1139 | $! |
| 1367 | $! Check to see if SOCKETSHR was chosen | 1140 | $! Check to see if SOCKETSHR was chosen |
| 1368 | $! | 1141 | $! |
| 1369 | $ IF P5.EQS."SOCKETSHR" | 1142 | $ IF P4.EQS."SOCKETSHR" |
| 1370 | $ THEN | 1143 | $ THEN |
| 1371 | $! | 1144 | $! |
| 1372 | $! Set the library to use SOCKETSHR | 1145 | $! Set the library to use SOCKETSHR |
| @@ -1379,12 +1152,12 @@ $ ENDIF | |||
| 1379 | $! | 1152 | $! |
| 1380 | $! Check to see if MULTINET was chosen | 1153 | $! Check to see if MULTINET was chosen |
| 1381 | $! | 1154 | $! |
| 1382 | $ IF P5.EQS."MULTINET" | 1155 | $ IF P4.EQS."MULTINET" |
| 1383 | $ THEN | 1156 | $ THEN |
| 1384 | $! | 1157 | $! |
| 1385 | $! Set the library to use UCX emulation. | 1158 | $! Set the library to use UCX emulation. |
| 1386 | $! | 1159 | $! |
| 1387 | $ P5 = "UCX" | 1160 | $ P4 = "UCX" |
| 1388 | $! | 1161 | $! |
| 1389 | $! Done with MULTINET | 1162 | $! Done with MULTINET |
| 1390 | $! | 1163 | $! |
| @@ -1392,7 +1165,7 @@ $ ENDIF | |||
| 1392 | $! | 1165 | $! |
| 1393 | $! Check to see if UCX was chosen | 1166 | $! Check to see if UCX was chosen |
| 1394 | $! | 1167 | $! |
| 1395 | $ IF P5.EQS."UCX" | 1168 | $ IF P4.EQS."UCX" |
| 1396 | $ THEN | 1169 | $ THEN |
| 1397 | $! | 1170 | $! |
| 1398 | $! Set the library to use UCX. | 1171 | $! Set the library to use UCX. |
| @@ -1412,7 +1185,7 @@ $ ENDIF | |||
| 1412 | $! | 1185 | $! |
| 1413 | $! Check to see if TCPIP was chosen | 1186 | $! Check to see if TCPIP was chosen |
| 1414 | $! | 1187 | $! |
| 1415 | $ IF P5.EQS."TCPIP" | 1188 | $ IF P4.EQS."TCPIP" |
| 1416 | $ THEN | 1189 | $ THEN |
| 1417 | $! | 1190 | $! |
| 1418 | $! Set the library to use TCPIP (post UCX). | 1191 | $! Set the library to use TCPIP (post UCX). |
| @@ -1425,7 +1198,7 @@ $ ENDIF | |||
| 1425 | $! | 1198 | $! |
| 1426 | $! Check to see if NONE was chosen | 1199 | $! Check to see if NONE was chosen |
| 1427 | $! | 1200 | $! |
| 1428 | $ IF P5.EQS."NONE" | 1201 | $ IF P4.EQS."NONE" |
| 1429 | $ THEN | 1202 | $ THEN |
| 1430 | $! | 1203 | $! |
| 1431 | $! Do not use a TCPIP library. | 1204 | $! Do not use a TCPIP library. |
| @@ -1447,7 +1220,7 @@ $! | |||
| 1447 | $! Tell The User We Don't Know What They Want. | 1220 | $! Tell The User We Don't Know What They Want. |
| 1448 | $! | 1221 | $! |
| 1449 | $ WRITE SYS$OUTPUT "" | 1222 | $ WRITE SYS$OUTPUT "" |
| 1450 | $ WRITE SYS$OUTPUT "The Option ",P5," Is Invalid. The Valid Options Are:" | 1223 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" |
| 1451 | $ WRITE SYS$OUTPUT "" | 1224 | $ WRITE SYS$OUTPUT "" |
| 1452 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | 1225 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." |
| 1453 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | 1226 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." |
| @@ -1465,10 +1238,9 @@ $! | |||
| 1465 | $! Check if the user wanted to compile just a subset of all the encryption | 1238 | $! Check if the user wanted to compile just a subset of all the encryption |
| 1466 | $! methods. | 1239 | $! methods. |
| 1467 | $! | 1240 | $! |
| 1468 | $ IF P7 .NES. "" | 1241 | $ IF P6 .NES. "" |
| 1469 | $ THEN | 1242 | $ THEN |
| 1470 | $ ENCRYPT_TYPES = P7 | 1243 | $ ENCRYPT_TYPES = P6 |
| 1471 | $! NYI: ENCRYPT_PROGRAMS = P7 | ||
| 1472 | $ ENDIF | 1244 | $ ENDIF |
| 1473 | $! | 1245 | $! |
| 1474 | $! Time To RETURN... | 1246 | $! Time To RETURN... |
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h index fc6ff860af..273bc5e3f8 100644 --- a/src/lib/libcrypto/crypto.h +++ b/src/lib/libcrypto/crypto.h | |||
| @@ -96,37 +96,39 @@ extern "C" { | |||
| 96 | * names in cryptlib.c | 96 | * names in cryptlib.c |
| 97 | */ | 97 | */ |
| 98 | 98 | ||
| 99 | #define CRYPTO_LOCK_ERR 1 | 99 | #define CRYPTO_LOCK_ERR 1 |
| 100 | #define CRYPTO_LOCK_EX_DATA 2 | 100 | #define CRYPTO_LOCK_EX_DATA 2 |
| 101 | #define CRYPTO_LOCK_X509 3 | 101 | #define CRYPTO_LOCK_X509 3 |
| 102 | #define CRYPTO_LOCK_X509_INFO 4 | 102 | #define CRYPTO_LOCK_X509_INFO 4 |
| 103 | #define CRYPTO_LOCK_X509_PKEY 5 | 103 | #define CRYPTO_LOCK_X509_PKEY 5 |
| 104 | #define CRYPTO_LOCK_X509_CRL 6 | 104 | #define CRYPTO_LOCK_X509_CRL 6 |
| 105 | #define CRYPTO_LOCK_X509_REQ 7 | 105 | #define CRYPTO_LOCK_X509_REQ 7 |
| 106 | #define CRYPTO_LOCK_DSA 8 | 106 | #define CRYPTO_LOCK_DSA 8 |
| 107 | #define CRYPTO_LOCK_RSA 9 | 107 | #define CRYPTO_LOCK_RSA 9 |
| 108 | #define CRYPTO_LOCK_EVP_PKEY 10 | 108 | #define CRYPTO_LOCK_EVP_PKEY 10 |
| 109 | #define CRYPTO_LOCK_X509_STORE 11 | 109 | #define CRYPTO_LOCK_X509_STORE 11 |
| 110 | #define CRYPTO_LOCK_SSL_CTX 12 | 110 | #define CRYPTO_LOCK_SSL_CTX 12 |
| 111 | #define CRYPTO_LOCK_SSL_CERT 13 | 111 | #define CRYPTO_LOCK_SSL_CERT 13 |
| 112 | #define CRYPTO_LOCK_SSL_SESSION 14 | 112 | #define CRYPTO_LOCK_SSL_SESSION 14 |
| 113 | #define CRYPTO_LOCK_SSL_SESS_CERT 15 | 113 | #define CRYPTO_LOCK_SSL_SESS_CERT 15 |
| 114 | #define CRYPTO_LOCK_SSL 16 | 114 | #define CRYPTO_LOCK_SSL 16 |
| 115 | #define CRYPTO_LOCK_RAND 17 | 115 | #define CRYPTO_LOCK_SSL_METHOD 17 |
| 116 | #define CRYPTO_LOCK_RAND2 18 | 116 | #define CRYPTO_LOCK_RAND 18 |
| 117 | #define CRYPTO_LOCK_MALLOC 19 | 117 | #define CRYPTO_LOCK_RAND2 19 |
| 118 | #define CRYPTO_LOCK_BIO 20 | 118 | #define CRYPTO_LOCK_MALLOC 20 |
| 119 | #define CRYPTO_LOCK_GETHOSTBYNAME 21 | 119 | #define CRYPTO_LOCK_BIO 21 |
| 120 | #define CRYPTO_LOCK_GETSERVBYNAME 22 | 120 | #define CRYPTO_LOCK_GETHOSTBYNAME 22 |
| 121 | #define CRYPTO_LOCK_READDIR 23 | 121 | #define CRYPTO_LOCK_GETSERVBYNAME 23 |
| 122 | #define CRYPTO_LOCK_RSA_BLINDING 24 | 122 | #define CRYPTO_LOCK_READDIR 24 |
| 123 | #define CRYPTO_LOCK_DH 25 | 123 | #define CRYPTO_LOCK_RSA_BLINDING 25 |
| 124 | #define CRYPTO_LOCK_MALLOC2 26 | 124 | #define CRYPTO_LOCK_DH 26 |
| 125 | #define CRYPTO_LOCK_DSO 27 | 125 | #define CRYPTO_LOCK_MALLOC2 27 |
| 126 | #define CRYPTO_LOCK_DYNLOCK 28 | 126 | #define CRYPTO_LOCK_DSO 28 |
| 127 | #define CRYPTO_LOCK_ENGINE 29 | 127 | #define CRYPTO_LOCK_DYNLOCK 29 |
| 128 | #define CRYPTO_LOCK_UI 30 | 128 | #define CRYPTO_LOCK_ENGINE 30 |
| 129 | #define CRYPTO_NUM_LOCKS 31 | 129 | #define CRYPTO_LOCK_UI 31 |
| 130 | #define CRYPTO_LOCK_HWCRHK 32 /* This is a HACK which will disappear in 0.9.8 */ | ||
| 131 | #define CRYPTO_NUM_LOCKS 33 | ||
| 130 | 132 | ||
| 131 | #define CRYPTO_LOCK 1 | 133 | #define CRYPTO_LOCK 1 |
| 132 | #define CRYPTO_UNLOCK 2 | 134 | #define CRYPTO_UNLOCK 2 |
| @@ -148,7 +150,7 @@ extern "C" { | |||
| 148 | #endif | 150 | #endif |
| 149 | #else | 151 | #else |
| 150 | #define CRYPTO_w_lock(a) | 152 | #define CRYPTO_w_lock(a) |
| 151 | #define CRYPTO_w_unlock(a) | 153 | #define CRYPTO_w_unlock(a) |
| 152 | #define CRYPTO_r_lock(a) | 154 | #define CRYPTO_r_lock(a) |
| 153 | #define CRYPTO_r_unlock(a) | 155 | #define CRYPTO_r_unlock(a) |
| 154 | #define CRYPTO_add(a,b,c) ((*(a))+=(b)) | 156 | #define CRYPTO_add(a,b,c) ((*(a))+=(b)) |
| @@ -278,6 +280,8 @@ int CRYPTO_is_mem_check_on(void); | |||
| 278 | #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) | 280 | #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) |
| 279 | #define OPENSSL_realloc(addr,num) \ | 281 | #define OPENSSL_realloc(addr,num) \ |
| 280 | CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) | 282 | CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) |
| 283 | #define OPENSSL_realloc_clean(addr,old_num,num) \ | ||
| 284 | CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) | ||
| 281 | #define OPENSSL_remalloc(addr,num) \ | 285 | #define OPENSSL_remalloc(addr,num) \ |
| 282 | CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) | 286 | CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) |
| 283 | #define OPENSSL_freeFunc CRYPTO_free | 287 | #define OPENSSL_freeFunc CRYPTO_free |
| @@ -380,8 +384,12 @@ void CRYPTO_free_locked(void *); | |||
| 380 | void *CRYPTO_malloc(int num, const char *file, int line); | 384 | void *CRYPTO_malloc(int num, const char *file, int line); |
| 381 | void CRYPTO_free(void *); | 385 | void CRYPTO_free(void *); |
| 382 | void *CRYPTO_realloc(void *addr,int num, const char *file, int line); | 386 | void *CRYPTO_realloc(void *addr,int num, const char *file, int line); |
| 387 | void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, | ||
| 388 | int line); | ||
| 383 | void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); | 389 | void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); |
| 384 | 390 | ||
| 391 | void OPENSSL_cleanse(void *ptr, size_t len); | ||
| 392 | |||
| 385 | void CRYPTO_set_mem_debug_options(long bits); | 393 | void CRYPTO_set_mem_debug_options(long bits); |
| 386 | long CRYPTO_get_mem_debug_options(void); | 394 | long CRYPTO_get_mem_debug_options(void); |
| 387 | 395 | ||
| @@ -422,6 +430,9 @@ void CRYPTO_mem_leaks(struct bio_st *bio); | |||
| 422 | typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *); | 430 | typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *); |
| 423 | void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); | 431 | void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); |
| 424 | 432 | ||
| 433 | /* die if we have to */ | ||
| 434 | void OpenSSLDie(const char *file,int line,const char *assertion); | ||
| 435 | #define OPENSSL_assert(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) | ||
| 425 | 436 | ||
| 426 | /* BEGIN ERROR CODES */ | 437 | /* BEGIN ERROR CODES */ |
| 427 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 438 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
diff --git a/src/lib/libcrypto/des/Makefile.ssl b/src/lib/libcrypto/des/Makefile.ssl index 826ffcc58c..45eba0b3c9 100644 --- a/src/lib/libcrypto/des/Makefile.ssl +++ b/src/lib/libcrypto/des/Makefile.ssl | |||
| @@ -66,22 +66,11 @@ des: des.o cbc3_enc.o lib | |||
| 66 | $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) | 66 | $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) |
| 67 | 67 | ||
| 68 | # elf | 68 | # elf |
| 69 | asm/dx86-elf.o: asm/dx86unix.cpp | 69 | asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 70 | $(CPP) -DELF -x c asm/dx86unix.cpp | as -o asm/dx86-elf.o | 70 | (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s) |
| 71 | 71 | ||
| 72 | asm/yx86-elf.o: asm/yx86unix.cpp | 72 | asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 73 | $(CPP) -DELF -x c asm/yx86unix.cpp | as -o asm/yx86-elf.o | 73 | (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s) |
| 74 | |||
| 75 | # solaris | ||
| 76 | asm/dx86-sol.o: asm/dx86unix.cpp | ||
| 77 | $(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s | ||
| 78 | as -o asm/dx86-sol.o asm/dx86-sol.s | ||
| 79 | rm -f asm/dx86-sol.s | ||
| 80 | |||
| 81 | asm/yx86-sol.o: asm/yx86unix.cpp | ||
| 82 | $(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s | ||
| 83 | as -o asm/yx86-sol.o asm/yx86-sol.s | ||
| 84 | rm -f asm/yx86-sol.s | ||
| 85 | 74 | ||
| 86 | # a.out | 75 | # a.out |
| 87 | asm/dx86-out.o: asm/dx86unix.cpp | 76 | asm/dx86-out.o: asm/dx86unix.cpp |
| @@ -130,14 +119,14 @@ lint: | |||
| 130 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 119 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 131 | 120 | ||
| 132 | depend: | 121 | depend: |
| 133 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 122 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 134 | 123 | ||
| 135 | dclean: | 124 | dclean: |
| 136 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 125 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 137 | mv -f Makefile.new $(MAKEFILE) | 126 | mv -f Makefile.new $(MAKEFILE) |
| 138 | 127 | ||
| 139 | clean: | 128 | clean: |
| 140 | rm -f asm/dx86unix.cpp asm/yx86unix.cpp *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff | 129 | rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff |
| 141 | 130 | ||
| 142 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 131 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 143 | 132 | ||
diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl index 3d41d82f69..1d04ed6def 100644 --- a/src/lib/libcrypto/des/asm/crypt586.pl +++ b/src/lib/libcrypto/des/asm/crypt586.pl | |||
| @@ -26,11 +26,18 @@ sub fcrypt_body | |||
| 26 | 26 | ||
| 27 | &comment(""); | 27 | &comment(""); |
| 28 | &comment("Load the 2 words"); | 28 | &comment("Load the 2 words"); |
| 29 | $ks="ebp"; | 29 | $trans="ebp"; |
| 30 | 30 | ||
| 31 | &xor( $L, $L); | 31 | &xor( $L, $L); |
| 32 | &xor( $R, $R); | 32 | &xor( $R, $R); |
| 33 | &mov($ks,&wparam(1)); | 33 | |
| 34 | # PIC-ification:-) | ||
| 35 | &picmeup("edx","DES_SPtrans"); | ||
| 36 | #if ($cpp) { &picmeup("edx","DES_SPtrans"); } | ||
| 37 | #else { &lea("edx",&DWP("DES_SPtrans")); } | ||
| 38 | &push("edx"); # becomes &swtmp(1) | ||
| 39 | # | ||
| 40 | &mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT | ||
| 34 | 41 | ||
| 35 | &push(&DWC(25)); # add a variable | 42 | &push(&DWC(25)); # add a variable |
| 36 | 43 | ||
| @@ -39,11 +46,11 @@ sub fcrypt_body | |||
| 39 | { | 46 | { |
| 40 | &comment(""); | 47 | &comment(""); |
| 41 | &comment("Round $i"); | 48 | &comment("Round $i"); |
| 42 | &D_ENCRYPT($i,$L,$R,$i*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 49 | &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); |
| 43 | 50 | ||
| 44 | &comment(""); | 51 | &comment(""); |
| 45 | &comment("Round ".sprintf("%d",$i+1)); | 52 | &comment("Round ".sprintf("%d",$i+1)); |
| 46 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 53 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); |
| 47 | } | 54 | } |
| 48 | &mov("ebx", &swtmp(0)); | 55 | &mov("ebx", &swtmp(0)); |
| 49 | &mov("eax", $L); | 56 | &mov("eax", $L); |
| @@ -61,14 +68,14 @@ sub fcrypt_body | |||
| 61 | &mov(&DWP(0,"edx","",0),"eax"); | 68 | &mov(&DWP(0,"edx","",0),"eax"); |
| 62 | &mov(&DWP(4,"edx","",0),$L); | 69 | &mov(&DWP(4,"edx","",0),$L); |
| 63 | 70 | ||
| 64 | &pop("ecx"); # remove variable | 71 | &add("esp",8); # remove variables |
| 65 | 72 | ||
| 66 | &function_end($name); | 73 | &function_end($name); |
| 67 | } | 74 | } |
| 68 | 75 | ||
| 69 | sub D_ENCRYPT | 76 | sub D_ENCRYPT |
| 70 | { | 77 | { |
| 71 | local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; | 78 | local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; |
| 72 | 79 | ||
| 73 | &mov( $u, &wparam(2)); # 2 | 80 | &mov( $u, &wparam(2)); # 2 |
| 74 | &mov( $t, $R); | 81 | &mov( $t, $R); |
| @@ -85,9 +92,9 @@ sub D_ENCRYPT | |||
| 85 | &shl( $tmp2, 16); # 1 | 92 | &shl( $tmp2, 16); # 1 |
| 86 | &xor( $u, $tmp1); # 2 | 93 | &xor( $u, $tmp1); # 2 |
| 87 | &xor( $t, $tmp2); # 2 | 94 | &xor( $t, $tmp2); # 2 |
| 88 | &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2 | 95 | &mov( $tmp1, &DWP(&n2a($S*4),$trans,"",0)); # 2 |
| 89 | &xor( $u, $tmp1); | 96 | &xor( $u, $tmp1); |
| 90 | &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2 | 97 | &mov( $tmp2, &DWP(&n2a(($S+1)*4),$trans,"",0)); # 2 |
| 91 | &xor( $u, $R); | 98 | &xor( $u, $R); |
| 92 | &xor( $t, $R); | 99 | &xor( $t, $R); |
| 93 | &xor( $t, $tmp2); | 100 | &xor( $t, $tmp2); |
| @@ -99,31 +106,28 @@ sub D_ENCRYPT | |||
| 99 | &movb( &LB($tmp1), &LB($u) ); | 106 | &movb( &LB($tmp1), &LB($u) ); |
| 100 | &movb( &LB($tmp2), &HB($u) ); | 107 | &movb( &LB($tmp2), &HB($u) ); |
| 101 | &rotr( $t, 4 ); | 108 | &rotr( $t, 4 ); |
| 102 | &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); | 109 | &mov( $trans, &swtmp(1)); |
| 110 | &xor( $L, &DWP(" ",$trans,$tmp1,0)); | ||
| 103 | &movb( &LB($tmp1), &LB($t) ); | 111 | &movb( &LB($tmp1), &LB($t) ); |
| 104 | &xor( $L, $ks); | 112 | &xor( $L, &DWP("0x200",$trans,$tmp2,0)); |
| 105 | &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); | ||
| 106 | &xor( $L, $ks); | ||
| 107 | &movb( &LB($tmp2), &HB($t) ); | 113 | &movb( &LB($tmp2), &HB($t) ); |
| 108 | &shr( $u, 16); | 114 | &shr( $u, 16); |
| 109 | &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); | 115 | &xor( $L, &DWP("0x100",$trans,$tmp1,0)); |
| 110 | &xor( $L, $ks); | ||
| 111 | &movb( &LB($tmp1), &HB($u) ); | 116 | &movb( &LB($tmp1), &HB($u) ); |
| 112 | &shr( $t, 16); | 117 | &shr( $t, 16); |
| 113 | &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); | 118 | &xor( $L, &DWP("0x300",$trans,$tmp2,0)); |
| 114 | &xor( $L, $ks); | ||
| 115 | &mov( $ks, &wparam(1)); | ||
| 116 | &movb( &LB($tmp2), &HB($t) ); | 119 | &movb( &LB($tmp2), &HB($t) ); |
| 117 | &and( $u, "0xff" ); | 120 | &and( $u, "0xff" ); |
| 118 | &and( $t, "0xff" ); | 121 | &and( $t, "0xff" ); |
| 119 | &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); | 122 | &mov( $tmp1, &DWP("0x600",$trans,$tmp1,0)); |
| 120 | &xor( $L, $tmp1); | 123 | &xor( $L, $tmp1); |
| 121 | &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); | 124 | &mov( $tmp1, &DWP("0x700",$trans,$tmp2,0)); |
| 122 | &xor( $L, $tmp1); | 125 | &xor( $L, $tmp1); |
| 123 | &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); | 126 | &mov( $tmp1, &DWP("0x400",$trans,$u,0)); |
| 124 | &xor( $L, $tmp1); | 127 | &xor( $L, $tmp1); |
| 125 | &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); | 128 | &mov( $tmp1, &DWP("0x500",$trans,$t,0)); |
| 126 | &xor( $L, $tmp1); | 129 | &xor( $L, $tmp1); |
| 130 | &mov( $trans, &wparam(1)); | ||
| 127 | } | 131 | } |
| 128 | 132 | ||
| 129 | sub n2a | 133 | sub n2a |
diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl index 0d08e8a3a9..b75d3c6b3a 100644 --- a/src/lib/libcrypto/des/asm/des-586.pl +++ b/src/lib/libcrypto/des/asm/des-586.pl | |||
| @@ -40,7 +40,7 @@ sub DES_encrypt | |||
| 40 | 40 | ||
| 41 | &comment(""); | 41 | &comment(""); |
| 42 | &comment("Load the 2 words"); | 42 | &comment("Load the 2 words"); |
| 43 | $ks="ebp"; | 43 | $trans="ebp"; |
| 44 | 44 | ||
| 45 | if ($do_ip) | 45 | if ($do_ip) |
| 46 | { | 46 | { |
| @@ -72,7 +72,12 @@ sub DES_encrypt | |||
| 72 | &rotl($L,3); | 72 | &rotl($L,3); |
| 73 | } | 73 | } |
| 74 | 74 | ||
| 75 | &mov( $ks, &wparam(1) ); | 75 | # PIC-ification:-) |
| 76 | &picmeup($trans,"DES_SPtrans"); | ||
| 77 | #if ($cpp) { &picmeup($trans,"DES_SPtrans"); } | ||
| 78 | #else { &lea($trans,&DWP("DES_SPtrans")); } | ||
| 79 | |||
| 80 | &mov( "ecx", &wparam(1) ); | ||
| 76 | &cmp("ebx","0"); | 81 | &cmp("ebx","0"); |
| 77 | &je(&label("start_decrypt")); | 82 | &je(&label("start_decrypt")); |
| 78 | 83 | ||
| @@ -80,11 +85,11 @@ sub DES_encrypt | |||
| 80 | { | 85 | { |
| 81 | &comment(""); | 86 | &comment(""); |
| 82 | &comment("Round $i"); | 87 | &comment("Round $i"); |
| 83 | &D_ENCRYPT($i,$L,$R,$i*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 88 | &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); |
| 84 | 89 | ||
| 85 | &comment(""); | 90 | &comment(""); |
| 86 | &comment("Round ".sprintf("%d",$i+1)); | 91 | &comment("Round ".sprintf("%d",$i+1)); |
| 87 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 92 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); |
| 88 | } | 93 | } |
| 89 | &jmp(&label("end")); | 94 | &jmp(&label("end")); |
| 90 | 95 | ||
| @@ -94,10 +99,10 @@ sub DES_encrypt | |||
| 94 | { | 99 | { |
| 95 | &comment(""); | 100 | &comment(""); |
| 96 | &comment("Round $i"); | 101 | &comment("Round $i"); |
| 97 | &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 102 | &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); |
| 98 | &comment(""); | 103 | &comment(""); |
| 99 | &comment("Round ".sprintf("%d",$i-1)); | 104 | &comment("Round ".sprintf("%d",$i-1)); |
| 100 | &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 105 | &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx"); |
| 101 | } | 106 | } |
| 102 | 107 | ||
| 103 | &set_label("end"); | 108 | &set_label("end"); |
| @@ -134,43 +139,36 @@ sub DES_encrypt | |||
| 134 | 139 | ||
| 135 | sub D_ENCRYPT | 140 | sub D_ENCRYPT |
| 136 | { | 141 | { |
| 137 | local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; | 142 | local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; |
| 138 | 143 | ||
| 139 | &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); | 144 | &mov( $u, &DWP(&n2a($S*4),$tmp2,"",0)); |
| 140 | &xor( $tmp1, $tmp1); | 145 | &xor( $tmp1, $tmp1); |
| 141 | &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); | 146 | &mov( $t, &DWP(&n2a(($S+1)*4),$tmp2,"",0)); |
| 142 | &xor( $u, $R); | 147 | &xor( $u, $R); |
| 148 | &xor( $tmp2, $tmp2); | ||
| 143 | &xor( $t, $R); | 149 | &xor( $t, $R); |
| 144 | &and( $u, "0xfcfcfcfc" ); | 150 | &and( $u, "0xfcfcfcfc" ); |
| 145 | &and( $t, "0xcfcfcfcf" ); | 151 | &and( $t, "0xcfcfcfcf" ); |
| 146 | &movb( &LB($tmp1), &LB($u) ); | 152 | &movb( &LB($tmp1), &LB($u) ); |
| 147 | &movb( &LB($tmp2), &HB($u) ); | 153 | &movb( &LB($tmp2), &HB($u) ); |
| 148 | &rotr( $t, 4 ); | 154 | &rotr( $t, 4 ); |
| 149 | &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); | 155 | &xor( $L, &DWP(" ",$trans,$tmp1,0)); |
| 150 | &movb( &LB($tmp1), &LB($t) ); | 156 | &movb( &LB($tmp1), &LB($t) ); |
| 151 | &xor( $L, $ks); | 157 | &xor( $L, &DWP("0x200",$trans,$tmp2,0)); |
| 152 | &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); | ||
| 153 | &xor( $L, $ks); ###### | ||
| 154 | &movb( &LB($tmp2), &HB($t) ); | 158 | &movb( &LB($tmp2), &HB($t) ); |
| 155 | &shr( $u, 16); | 159 | &shr( $u, 16); |
| 156 | &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); | 160 | &xor( $L, &DWP("0x100",$trans,$tmp1,0)); |
| 157 | &xor( $L, $ks); ###### | ||
| 158 | &movb( &LB($tmp1), &HB($u) ); | 161 | &movb( &LB($tmp1), &HB($u) ); |
| 159 | &shr( $t, 16); | 162 | &shr( $t, 16); |
| 160 | &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); | 163 | &xor( $L, &DWP("0x300",$trans,$tmp2,0)); |
| 161 | &xor( $L, $ks); | ||
| 162 | &mov( $ks, &wparam(1) ); | ||
| 163 | &movb( &LB($tmp2), &HB($t) ); | 164 | &movb( &LB($tmp2), &HB($t) ); |
| 164 | &and( $u, "0xff" ); | 165 | &and( $u, "0xff" ); |
| 165 | &and( $t, "0xff" ); | 166 | &and( $t, "0xff" ); |
| 166 | &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); | 167 | &xor( $L, &DWP("0x600",$trans,$tmp1,0)); |
| 167 | &xor( $L, $tmp1); | 168 | &xor( $L, &DWP("0x700",$trans,$tmp2,0)); |
| 168 | &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); | 169 | &mov( $tmp2, &wparam(1) ); |
| 169 | &xor( $L, $tmp1); | 170 | &xor( $L, &DWP("0x400",$trans,$u,0)); |
| 170 | &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); | 171 | &xor( $L, &DWP("0x500",$trans,$t,0)); |
| 171 | &xor( $L, $tmp1); | ||
| 172 | &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); | ||
| 173 | &xor( $L, $tmp1); | ||
| 174 | } | 172 | } |
| 175 | 173 | ||
| 176 | sub n2a | 174 | sub n2a |
diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c index 6c5305b99d..09a7ba56aa 100644 --- a/src/lib/libcrypto/des/cbc_cksm.c +++ b/src/lib/libcrypto/des/cbc_cksm.c | |||
| @@ -93,5 +93,14 @@ DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output, | |||
| 93 | l2c(tout1,out); | 93 | l2c(tout1,out); |
| 94 | } | 94 | } |
| 95 | tout0=tin0=tin1=tin[0]=tin[1]=0; | 95 | tout0=tin0=tin1=tin[0]=tin[1]=0; |
| 96 | /* | ||
| 97 | Transform the data in tout1 so that it will | ||
| 98 | match the return value that the MIT Kerberos | ||
| 99 | mit_des_cbc_cksum API returns. | ||
| 100 | */ | ||
| 101 | tout1 = ((tout1 >> 24L) & 0x000000FF) | ||
| 102 | | ((tout1 >> 8L) & 0x0000FF00) | ||
| 103 | | ((tout1 << 8L) & 0x00FF0000) | ||
| 104 | | ((tout1 << 24L) & 0xFF000000); | ||
| 96 | return(tout1); | 105 | return(tout1); |
| 97 | } | 106 | } |
diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c index d8c846b23d..343135ff9e 100644 --- a/src/lib/libcrypto/des/des.c +++ b/src/lib/libcrypto/des/des.c | |||
| @@ -427,7 +427,7 @@ void doencryption(void) | |||
| 427 | k2[i-8]=k; | 427 | k2[i-8]=k; |
| 428 | } | 428 | } |
| 429 | DES_set_key_unchecked(&k2,&ks2); | 429 | DES_set_key_unchecked(&k2,&ks2); |
| 430 | memset(k2,0,sizeof(k2)); | 430 | OPENSSL_cleanse(k2,sizeof(k2)); |
| 431 | } | 431 | } |
| 432 | else if (longk || flag3) | 432 | else if (longk || flag3) |
| 433 | { | 433 | { |
| @@ -435,7 +435,7 @@ void doencryption(void) | |||
| 435 | { | 435 | { |
| 436 | DES_string_to_2keys(key,&kk,&k2); | 436 | DES_string_to_2keys(key,&kk,&k2); |
| 437 | DES_set_key_unchecked(&k2,&ks2); | 437 | DES_set_key_unchecked(&k2,&ks2); |
| 438 | memset(k2,0,sizeof(k2)); | 438 | OPENSSL_cleanse(k2,sizeof(k2)); |
| 439 | } | 439 | } |
| 440 | else | 440 | else |
| 441 | DES_string_to_key(key,&kk); | 441 | DES_string_to_key(key,&kk); |
| @@ -457,8 +457,8 @@ void doencryption(void) | |||
| 457 | } | 457 | } |
| 458 | 458 | ||
| 459 | DES_set_key_unchecked(&kk,&ks); | 459 | DES_set_key_unchecked(&kk,&ks); |
| 460 | memset(key,0,sizeof(key)); | 460 | OPENSSL_cleanse(key,sizeof(key)); |
| 461 | memset(kk,0,sizeof(kk)); | 461 | OPENSSL_cleanse(kk,sizeof(kk)); |
| 462 | /* woops - A bug that does not showup under unix :-( */ | 462 | /* woops - A bug that does not showup under unix :-( */ |
| 463 | memset(iv,0,sizeof(iv)); | 463 | memset(iv,0,sizeof(iv)); |
| 464 | memset(iv2,0,sizeof(iv2)); | 464 | memset(iv2,0,sizeof(iv2)); |
| @@ -666,18 +666,18 @@ void doencryption(void) | |||
| 666 | if (l) fclose(CKSUM_OUT); | 666 | if (l) fclose(CKSUM_OUT); |
| 667 | } | 667 | } |
| 668 | problems: | 668 | problems: |
| 669 | memset(buf,0,sizeof(buf)); | 669 | OPENSSL_cleanse(buf,sizeof(buf)); |
| 670 | memset(obuf,0,sizeof(obuf)); | 670 | OPENSSL_cleanse(obuf,sizeof(obuf)); |
| 671 | memset(&ks,0,sizeof(ks)); | 671 | OPENSSL_cleanse(&ks,sizeof(ks)); |
| 672 | memset(&ks2,0,sizeof(ks2)); | 672 | OPENSSL_cleanse(&ks2,sizeof(ks2)); |
| 673 | memset(iv,0,sizeof(iv)); | 673 | OPENSSL_cleanse(iv,sizeof(iv)); |
| 674 | memset(iv2,0,sizeof(iv2)); | 674 | OPENSSL_cleanse(iv2,sizeof(iv2)); |
| 675 | memset(kk,0,sizeof(kk)); | 675 | OPENSSL_cleanse(kk,sizeof(kk)); |
| 676 | memset(k2,0,sizeof(k2)); | 676 | OPENSSL_cleanse(k2,sizeof(k2)); |
| 677 | memset(uubuf,0,sizeof(uubuf)); | 677 | OPENSSL_cleanse(uubuf,sizeof(uubuf)); |
| 678 | memset(b,0,sizeof(b)); | 678 | OPENSSL_cleanse(b,sizeof(b)); |
| 679 | memset(bb,0,sizeof(bb)); | 679 | OPENSSL_cleanse(bb,sizeof(bb)); |
| 680 | memset(cksum,0,sizeof(cksum)); | 680 | OPENSSL_cleanse(cksum,sizeof(cksum)); |
| 681 | if (Exit) EXIT(Exit); | 681 | if (Exit) EXIT(Exit); |
| 682 | } | 682 | } |
| 683 | 683 | ||
diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h index 70e833be3f..e44e8e98b2 100644 --- a/src/lib/libcrypto/des/des_locl.h +++ b/src/lib/libcrypto/des/des_locl.h | |||
| @@ -162,7 +162,18 @@ | |||
| 162 | 162 | ||
| 163 | #if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) | 163 | #if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) |
| 164 | #define ROTATE(a,n) (_lrotr(a,n)) | 164 | #define ROTATE(a,n) (_lrotr(a,n)) |
| 165 | #else | 165 | #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) |
| 166 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) | ||
| 167 | # define ROTATE(a,n) ({ register unsigned int ret; \ | ||
| 168 | asm ("rorl %1,%0" \ | ||
| 169 | : "=r"(ret) \ | ||
| 170 | : "I"(n),"0"(a) \ | ||
| 171 | : "cc"); \ | ||
| 172 | ret; \ | ||
| 173 | }) | ||
| 174 | # endif | ||
| 175 | #endif | ||
| 176 | #ifndef ROTATE | ||
| 166 | #define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n)))) | 177 | #define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n)))) |
| 167 | #endif | 178 | #endif |
| 168 | 179 | ||
diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h index fe32f21f61..1d8bf65101 100644 --- a/src/lib/libcrypto/des/des_old.h +++ b/src/lib/libcrypto/des/des_old.h | |||
| @@ -173,10 +173,12 @@ typedef struct _ossl_old_des_ks_struct | |||
| 173 | DES_fcrypt((b),(s),(r)) | 173 | DES_fcrypt((b),(s),(r)) |
| 174 | #define des_crypt(b,s)\ | 174 | #define des_crypt(b,s)\ |
| 175 | DES_crypt((b),(s)) | 175 | DES_crypt((b),(s)) |
| 176 | #if 0 | ||
| 176 | #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) | 177 | #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) |
| 177 | #define crypt(b,s)\ | 178 | #define crypt(b,s)\ |
| 178 | DES_crypt((b),(s)) | 179 | DES_crypt((b),(s)) |
| 179 | #endif | 180 | #endif |
| 181 | #endif | ||
| 180 | #define des_ofb_encrypt(i,o,n,l,k,iv)\ | 182 | #define des_ofb_encrypt(i,o,n,l,k,iv)\ |
| 181 | DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv)) | 183 | DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv)) |
| 182 | #define des_pcbc_encrypt(i,o,l,k,iv,e)\ | 184 | #define des_pcbc_encrypt(i,o,l,k,iv,e)\ |
diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h index ec9cc736e3..379bbadda2 100644 --- a/src/lib/libcrypto/des/des_ver.h +++ b/src/lib/libcrypto/des/des_ver.h | |||
| @@ -63,5 +63,9 @@ | |||
| 63 | # define OPENSSL_EXTERN OPENSSL_EXPORT | 63 | # define OPENSSL_EXTERN OPENSSL_EXPORT |
| 64 | #endif | 64 | #endif |
| 65 | 65 | ||
| 66 | OPENSSL_EXTERN const char *DES_version; /* SSLeay version string */ | 66 | /* The following macros make sure the names are different from libdes names */ |
| 67 | OPENSSL_EXTERN const char *libdes_version; /* old libdes version string */ | 67 | #define DES_version OSSL_DES_version |
| 68 | #define libdes_version OSSL_libdes_version | ||
| 69 | |||
| 70 | OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */ | ||
| 71 | OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */ | ||
diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c index 58e8c35dcb..687c00c792 100644 --- a/src/lib/libcrypto/des/destest.c +++ b/src/lib/libcrypto/des/destest.c | |||
| @@ -84,9 +84,7 @@ int main(int argc, char *argv[]) | |||
| 84 | #else | 84 | #else |
| 85 | #include <openssl/des.h> | 85 | #include <openssl/des.h> |
| 86 | 86 | ||
| 87 | #if defined(PERL5) || defined(__FreeBSD__) || defined(NeXT) | ||
| 88 | #define crypt(c,s) (des_crypt((c),(s))) | 87 | #define crypt(c,s) (des_crypt((c),(s))) |
| 89 | #endif | ||
| 90 | 88 | ||
| 91 | /* tisk tisk - the test keys don't all have odd parity :-( */ | 89 | /* tisk tisk - the test keys don't all have odd parity :-( */ |
| 92 | /* test data */ | 90 | /* test data */ |
| @@ -322,7 +320,11 @@ static unsigned char ofb_cipher[24]= | |||
| 322 | 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 | 320 | 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 |
| 323 | }; | 321 | }; |
| 324 | 322 | ||
| 323 | #if 0 | ||
| 325 | static DES_LONG cbc_cksum_ret=0xB462FEF7L; | 324 | static DES_LONG cbc_cksum_ret=0xB462FEF7L; |
| 325 | #else | ||
| 326 | static DES_LONG cbc_cksum_ret=0xF7FE62B4L; | ||
| 327 | #endif | ||
| 326 | static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; | 328 | static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; |
| 327 | 329 | ||
| 328 | static char *pt(unsigned char *p); | 330 | static char *pt(unsigned char *p); |
diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c index b4720c3a98..3a63c4016c 100644 --- a/src/lib/libcrypto/des/read2pwd.c +++ b/src/lib/libcrypto/des/read2pwd.c | |||
| @@ -120,8 +120,8 @@ int DES_read_password(DES_cblock *key, const char *prompt, int verify) | |||
| 120 | 120 | ||
| 121 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) | 121 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) |
| 122 | DES_string_to_key(buf,key); | 122 | DES_string_to_key(buf,key); |
| 123 | memset(buf,0,BUFSIZ); | 123 | OPENSSL_cleanse(buf,BUFSIZ); |
| 124 | memset(buff,0,BUFSIZ); | 124 | OPENSSL_cleanse(buff,BUFSIZ); |
| 125 | return(ok); | 125 | return(ok); |
| 126 | } | 126 | } |
| 127 | 127 | ||
| @@ -133,7 +133,7 @@ int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt, | |||
| 133 | 133 | ||
| 134 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) | 134 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) |
| 135 | DES_string_to_2keys(buf,key1,key2); | 135 | DES_string_to_2keys(buf,key1,key2); |
| 136 | memset(buf,0,BUFSIZ); | 136 | OPENSSL_cleanse(buf,BUFSIZ); |
| 137 | memset(buff,0,BUFSIZ); | 137 | OPENSSL_cleanse(buff,BUFSIZ); |
| 138 | return(ok); | 138 | return(ok); |
| 139 | } | 139 | } |
diff --git a/src/lib/libcrypto/des/read_pwd.c b/src/lib/libcrypto/des/read_pwd.c index 9061935f21..ce5fa00a37 100644 --- a/src/lib/libcrypto/des/read_pwd.c +++ b/src/lib/libcrypto/des/read_pwd.c | |||
| @@ -101,8 +101,10 @@ | |||
| 101 | 101 | ||
| 102 | #ifdef WIN_CONSOLE_BUG | 102 | #ifdef WIN_CONSOLE_BUG |
| 103 | #include <windows.h> | 103 | #include <windows.h> |
| 104 | #ifndef OPENSSL_SYS_WINCE | ||
| 104 | #include <wincon.h> | 105 | #include <wincon.h> |
| 105 | #endif | 106 | #endif |
| 107 | #endif | ||
| 106 | 108 | ||
| 107 | 109 | ||
| 108 | /* There are 5 types of terminal interface supported, | 110 | /* There are 5 types of terminal interface supported, |
| @@ -133,7 +135,7 @@ | |||
| 133 | #define SGTTY | 135 | #define SGTTY |
| 134 | #endif | 136 | #endif |
| 135 | 137 | ||
| 136 | #if defined(OPENSSL_SYS_VSWORKS) | 138 | #if defined(OPENSSL_SYS_VXWORKS) |
| 137 | #undef TERMIOS | 139 | #undef TERMIOS |
| 138 | #undef TERMIO | 140 | #undef TERMIO |
| 139 | #undef SGTTY | 141 | #undef SGTTY |
| @@ -167,7 +169,7 @@ | |||
| 167 | #include <sys/ioctl.h> | 169 | #include <sys/ioctl.h> |
| 168 | #endif | 170 | #endif |
| 169 | 171 | ||
| 170 | #if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) | 172 | #if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) && !defined(OPENSSL_SYS_WINCE) |
| 171 | #include <conio.h> | 173 | #include <conio.h> |
| 172 | #define fgets(a,b,c) noecho_fgets(a,b,c) | 174 | #define fgets(a,b,c) noecho_fgets(a,b,c) |
| 173 | #endif | 175 | #endif |
| @@ -218,11 +220,29 @@ int des_read_pw_string(char *buf, int length, const char *prompt, | |||
| 218 | int ret; | 220 | int ret; |
| 219 | 221 | ||
| 220 | ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); | 222 | ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); |
| 221 | memset(buff,0,BUFSIZ); | 223 | OPENSSL_cleanse(buff,BUFSIZ); |
| 222 | return(ret); | 224 | return(ret); |
| 223 | } | 225 | } |
| 224 | 226 | ||
| 225 | #ifndef OPENSSL_SYS_WIN16 | 227 | #ifdef OPENSSL_SYS_WINCE |
| 228 | |||
| 229 | int des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify) | ||
| 230 | { | ||
| 231 | memset(buf,0,size); | ||
| 232 | memset(buff,0,size); | ||
| 233 | return(0); | ||
| 234 | } | ||
| 235 | |||
| 236 | #elif defined(OPENSSL_SYS_WIN16) | ||
| 237 | |||
| 238 | int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify) | ||
| 239 | { | ||
| 240 | memset(buf,0,size); | ||
| 241 | memset(buff,0,size); | ||
| 242 | return(0); | ||
| 243 | } | ||
| 244 | |||
| 245 | #else /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */ | ||
| 226 | 246 | ||
| 227 | static void read_till_nl(FILE *in) | 247 | static void read_till_nl(FILE *in) |
| 228 | { | 248 | { |
| @@ -274,7 +294,7 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt, | |||
| 274 | #ifdef OPENSSL_SYS_MSDOS | 294 | #ifdef OPENSSL_SYS_MSDOS |
| 275 | if ((tty=fopen("con","r")) == NULL) | 295 | if ((tty=fopen("con","r")) == NULL) |
| 276 | tty=stdin; | 296 | tty=stdin; |
| 277 | #elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VSWORKS) | 297 | #elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS) |
| 278 | tty=stdin; | 298 | tty=stdin; |
| 279 | #else | 299 | #else |
| 280 | #ifndef OPENSSL_SYS_MPE | 300 | #ifndef OPENSSL_SYS_MPE |
| @@ -393,17 +413,6 @@ error: | |||
| 393 | return(!ok); | 413 | return(!ok); |
| 394 | } | 414 | } |
| 395 | 415 | ||
| 396 | #else /* OPENSSL_SYS_WIN16 */ | ||
| 397 | |||
| 398 | int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify) | ||
| 399 | { | ||
| 400 | memset(buf,0,size); | ||
| 401 | memset(buff,0,size); | ||
| 402 | return(0); | ||
| 403 | } | ||
| 404 | |||
| 405 | #endif | ||
| 406 | |||
| 407 | static void pushsig(void) | 416 | static void pushsig(void) |
| 408 | { | 417 | { |
| 409 | int i; | 418 | int i; |
| @@ -466,7 +475,7 @@ static void recsig(int i) | |||
| 466 | #endif | 475 | #endif |
| 467 | } | 476 | } |
| 468 | 477 | ||
| 469 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) | 478 | #ifdef OPENSSL_SYS_MSDOS |
| 470 | static int noecho_fgets(char *buf, int size, FILE *tty) | 479 | static int noecho_fgets(char *buf, int size, FILE *tty) |
| 471 | { | 480 | { |
| 472 | int i; | 481 | int i; |
| @@ -509,3 +518,4 @@ static int noecho_fgets(char *buf, int size, FILE *tty) | |||
| 509 | return(strlen(buf)); | 518 | return(strlen(buf)); |
| 510 | } | 519 | } |
| 511 | #endif | 520 | #endif |
| 521 | #endif /* !OPENSSL_SYS_WINCE && !WIN16 */ | ||
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c index 36c3f81d99..0373db469c 100644 --- a/src/lib/libcrypto/des/str2key.c +++ b/src/lib/libcrypto/des/str2key.c | |||
| @@ -94,7 +94,7 @@ void DES_string_to_key(const char *str, DES_cblock *key) | |||
| 94 | DES_set_key_unchecked(key,&ks); | 94 | DES_set_key_unchecked(key,&ks); |
| 95 | #endif | 95 | #endif |
| 96 | DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); | 96 | DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); |
| 97 | memset(&ks,0,sizeof(ks)); | 97 | OPENSSL_cleanse(&ks,sizeof(ks)); |
| 98 | DES_set_odd_parity(key); | 98 | DES_set_odd_parity(key); |
| 99 | } | 99 | } |
| 100 | 100 | ||
| @@ -167,7 +167,7 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2) | |||
| 167 | DES_set_key_unchecked(key2,&ks); | 167 | DES_set_key_unchecked(key2,&ks); |
| 168 | #endif | 168 | #endif |
| 169 | DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); | 169 | DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); |
| 170 | memset(&ks,0,sizeof(ks)); | 170 | OPENSSL_cleanse(&ks,sizeof(ks)); |
| 171 | DES_set_odd_parity(key1); | 171 | DES_set_odd_parity(key1); |
| 172 | DES_set_odd_parity(key2); | 172 | DES_set_odd_parity(key2); |
| 173 | } | 173 | } |
diff --git a/src/lib/libcrypto/dh/Makefile.ssl b/src/lib/libcrypto/dh/Makefile.ssl index 5e1aaae160..e05fc01a12 100644 --- a/src/lib/libcrypto/dh/Makefile.ssl +++ b/src/lib/libcrypto/dh/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -112,17 +112,14 @@ dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | |||
| 112 | dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 112 | dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 113 | dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 113 | dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 114 | dh_gen.o: ../cryptlib.h dh_gen.c | 114 | dh_gen.o: ../cryptlib.h dh_gen.c |
| 115 | dh_key.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 115 | dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 116 | dh_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 116 | dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 117 | dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 117 | dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h |
| 118 | dh_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 118 | dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h |
| 119 | dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 119 | dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 120 | dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 120 | dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 121 | dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 122 | dh_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | ||
| 123 | dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 121 | dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 124 | dh_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 122 | dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c |
| 125 | dh_key.o: ../cryptlib.h dh_key.c | ||
| 126 | dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 123 | dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 127 | dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 124 | dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 128 | dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 125 | dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index 1a0efca2c4..77f2f50b51 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c | |||
| @@ -61,7 +61,6 @@ | |||
| 61 | #include <openssl/bn.h> | 61 | #include <openssl/bn.h> |
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #include <openssl/dh.h> | 63 | #include <openssl/dh.h> |
| 64 | #include <openssl/engine.h> | ||
| 65 | 64 | ||
| 66 | static int generate_key(DH *dh); | 65 | static int generate_key(DH *dh); |
| 67 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); | 66 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); |
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c index ba5fd41057..09965ee2ea 100644 --- a/src/lib/libcrypto/dh/dh_lib.c +++ b/src/lib/libcrypto/dh/dh_lib.c | |||
| @@ -60,7 +60,9 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/bn.h> | 61 | #include <openssl/bn.h> |
| 62 | #include <openssl/dh.h> | 62 | #include <openssl/dh.h> |
| 63 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | ||
| 64 | 66 | ||
| 65 | const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; | 67 | const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; |
| 66 | 68 | ||
| @@ -85,11 +87,13 @@ int DH_set_method(DH *dh, const DH_METHOD *meth) | |||
| 85 | const DH_METHOD *mtmp; | 87 | const DH_METHOD *mtmp; |
| 86 | mtmp = dh->meth; | 88 | mtmp = dh->meth; |
| 87 | if (mtmp->finish) mtmp->finish(dh); | 89 | if (mtmp->finish) mtmp->finish(dh); |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 88 | if (dh->engine) | 91 | if (dh->engine) |
| 89 | { | 92 | { |
| 90 | ENGINE_finish(dh->engine); | 93 | ENGINE_finish(dh->engine); |
| 91 | dh->engine = NULL; | 94 | dh->engine = NULL; |
| 92 | } | 95 | } |
| 96 | #endif | ||
| 93 | dh->meth = meth; | 97 | dh->meth = meth; |
| 94 | if (meth->init) meth->init(dh); | 98 | if (meth->init) meth->init(dh); |
| 95 | return 1; | 99 | return 1; |
| @@ -112,6 +116,7 @@ DH *DH_new_method(ENGINE *engine) | |||
| 112 | } | 116 | } |
| 113 | 117 | ||
| 114 | ret->meth = DH_get_default_method(); | 118 | ret->meth = DH_get_default_method(); |
| 119 | #ifndef OPENSSL_NO_ENGINE | ||
| 115 | if (engine) | 120 | if (engine) |
| 116 | { | 121 | { |
| 117 | if (!ENGINE_init(engine)) | 122 | if (!ENGINE_init(engine)) |
| @@ -135,6 +140,7 @@ DH *DH_new_method(ENGINE *engine) | |||
| 135 | return NULL; | 140 | return NULL; |
| 136 | } | 141 | } |
| 137 | } | 142 | } |
| 143 | #endif | ||
| 138 | 144 | ||
| 139 | ret->pad=0; | 145 | ret->pad=0; |
| 140 | ret->version=0; | 146 | ret->version=0; |
| @@ -154,8 +160,10 @@ DH *DH_new_method(ENGINE *engine) | |||
| 154 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | 160 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
| 155 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 161 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 156 | { | 162 | { |
| 163 | #ifndef OPENSSL_NO_ENGINE | ||
| 157 | if (ret->engine) | 164 | if (ret->engine) |
| 158 | ENGINE_finish(ret->engine); | 165 | ENGINE_finish(ret->engine); |
| 166 | #endif | ||
| 159 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | 167 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
| 160 | OPENSSL_free(ret); | 168 | OPENSSL_free(ret); |
| 161 | ret=NULL; | 169 | ret=NULL; |
| @@ -182,8 +190,10 @@ void DH_free(DH *r) | |||
| 182 | 190 | ||
| 183 | if (r->meth->finish) | 191 | if (r->meth->finish) |
| 184 | r->meth->finish(r); | 192 | r->meth->finish(r); |
| 193 | #ifndef OPENSSL_NO_ENGINE | ||
| 185 | if (r->engine) | 194 | if (r->engine) |
| 186 | ENGINE_finish(r->engine); | 195 | ENGINE_finish(r->engine); |
| 196 | #endif | ||
| 187 | 197 | ||
| 188 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); | 198 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); |
| 189 | 199 | ||
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c index 34894ced73..d75077f9fa 100644 --- a/src/lib/libcrypto/dh/dhtest.c +++ b/src/lib/libcrypto/dh/dhtest.c | |||
| @@ -59,9 +59,9 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #ifdef OPENSSL_SYS_WINDOWS | 62 | |
| 63 | #include "../bio/bss_file.c" | 63 | #include "../e_os.h" |
| 64 | #endif | 64 | |
| 65 | #include <openssl/crypto.h> | 65 | #include <openssl/crypto.h> |
| 66 | #include <openssl/bio.h> | 66 | #include <openssl/bio.h> |
| 67 | #include <openssl/bn.h> | 67 | #include <openssl/bn.h> |
| @@ -84,10 +84,6 @@ int main(int argc, char *argv[]) | |||
| 84 | #endif | 84 | #endif |
| 85 | 85 | ||
| 86 | static void MS_CALLBACK cb(int p, int n, void *arg); | 86 | static void MS_CALLBACK cb(int p, int n, void *arg); |
| 87 | #ifdef OPENSSL_NO_STDIO | ||
| 88 | #define APPS_WIN16 | ||
| 89 | #include "bss_file.c" | ||
| 90 | #endif | ||
| 91 | 87 | ||
| 92 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | 88 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; |
| 93 | 89 | ||
| @@ -111,7 +107,7 @@ int main(int argc, char *argv[]) | |||
| 111 | RAND_seed(rnd_seed, sizeof rnd_seed); | 107 | RAND_seed(rnd_seed, sizeof rnd_seed); |
| 112 | 108 | ||
| 113 | out=BIO_new(BIO_s_file()); | 109 | out=BIO_new(BIO_s_file()); |
| 114 | if (out == NULL) exit(1); | 110 | if (out == NULL) EXIT(1); |
| 115 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 111 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| 116 | 112 | ||
| 117 | a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); | 113 | a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); |
| @@ -195,7 +191,7 @@ err: | |||
| 195 | CRYPTO_cleanup_all_ex_data(); | 191 | CRYPTO_cleanup_all_ex_data(); |
| 196 | ERR_remove_state(0); | 192 | ERR_remove_state(0); |
| 197 | CRYPTO_mem_leaks_fp(stderr); | 193 | CRYPTO_mem_leaks_fp(stderr); |
| 198 | exit(ret); | 194 | EXIT(ret); |
| 199 | return(ret); | 195 | return(ret); |
| 200 | } | 196 | } |
| 201 | 197 | ||
diff --git a/src/lib/libcrypto/doc/DH_generate_parameters.pod b/src/lib/libcrypto/doc/DH_generate_parameters.pod index 4a2d653758..9081e9ea7c 100644 --- a/src/lib/libcrypto/doc/DH_generate_parameters.pod +++ b/src/lib/libcrypto/doc/DH_generate_parameters.pod | |||
| @@ -59,7 +59,8 @@ a usable generator. | |||
| 59 | 59 | ||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_free(3)|DH_free(3)> | 62 | L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, |
| 63 | L<DH_free(3)|DH_free(3)> | ||
| 63 | 64 | ||
| 64 | =head1 HISTORY | 65 | =head1 HISTORY |
| 65 | 66 | ||
diff --git a/src/lib/libcrypto/doc/DSA_SIG_new.pod b/src/lib/libcrypto/doc/DSA_SIG_new.pod index 45df4c0661..3ac6140038 100644 --- a/src/lib/libcrypto/doc/DSA_SIG_new.pod +++ b/src/lib/libcrypto/doc/DSA_SIG_new.pod | |||
| @@ -30,7 +30,8 @@ DSA_SIG_free() returns no value. | |||
| 30 | 30 | ||
| 31 | =head1 SEE ALSO | 31 | =head1 SEE ALSO |
| 32 | 32 | ||
| 33 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)> | 33 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, |
| 34 | L<DSA_do_sign(3)|DSA_do_sign(3)> | ||
| 34 | 35 | ||
| 35 | =head1 HISTORY | 36 | =head1 HISTORY |
| 36 | 37 | ||
diff --git a/src/lib/libcrypto/doc/DSA_generate_key.pod b/src/lib/libcrypto/doc/DSA_generate_key.pod index 9906a2d7e0..af83ccfaa1 100644 --- a/src/lib/libcrypto/doc/DSA_generate_key.pod +++ b/src/lib/libcrypto/doc/DSA_generate_key.pod | |||
| @@ -24,7 +24,8 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. | |||
| 24 | 24 | ||
| 25 | =head1 SEE ALSO | 25 | =head1 SEE ALSO |
| 26 | 26 | ||
| 27 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DSA_generate_parameters(3)|DSA_generate_parameters(3)> | 27 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, |
| 28 | L<DSA_generate_parameters(3)|DSA_generate_parameters(3)> | ||
| 28 | 29 | ||
| 29 | =head1 HISTORY | 30 | =head1 HISTORY |
| 30 | 31 | ||
diff --git a/src/lib/libcrypto/doc/ERR_get_error.pod b/src/lib/libcrypto/doc/ERR_get_error.pod index 9fdedbcb91..34443045fc 100644 --- a/src/lib/libcrypto/doc/ERR_get_error.pod +++ b/src/lib/libcrypto/doc/ERR_get_error.pod | |||
| @@ -5,7 +5,7 @@ | |||
| 5 | ERR_get_error, ERR_peek_error, ERR_peek_last_error, | 5 | ERR_get_error, ERR_peek_error, ERR_peek_last_error, |
| 6 | ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, | 6 | ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, |
| 7 | ERR_get_error_line_data, ERR_peek_error_line_data, | 7 | ERR_get_error_line_data, ERR_peek_error_line_data, |
| 8 | ERR_peek_error_line_data - obtain error code and data | 8 | ERR_peek_last_error_line_data - obtain error code and data |
| 9 | 9 | ||
| 10 | =head1 SYNOPSIS | 10 | =head1 SYNOPSIS |
| 11 | 11 | ||
diff --git a/src/lib/libcrypto/doc/EVP_EncryptInit.pod b/src/lib/libcrypto/doc/EVP_EncryptInit.pod index 75cceb1ca2..daf57e5895 100644 --- a/src/lib/libcrypto/doc/EVP_EncryptInit.pod +++ b/src/lib/libcrypto/doc/EVP_EncryptInit.pod | |||
| @@ -419,7 +419,7 @@ Encrypt a string using blowfish: | |||
| 419 | EVP_CIPHER_CTX ctx; | 419 | EVP_CIPHER_CTX ctx; |
| 420 | FILE *out; | 420 | FILE *out; |
| 421 | EVP_CIPHER_CTX_init(&ctx); | 421 | EVP_CIPHER_CTX_init(&ctx); |
| 422 | EVP_EncryptInit_ex(&ctx, NULL, EVP_bf_cbc(), key, iv); | 422 | EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv); |
| 423 | 423 | ||
| 424 | if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) | 424 | if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) |
| 425 | { | 425 | { |
diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod index 25ef07f7c7..b5e477e294 100644 --- a/src/lib/libcrypto/doc/EVP_SealInit.pod +++ b/src/lib/libcrypto/doc/EVP_SealInit.pod | |||
| @@ -18,22 +18,28 @@ EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption | |||
| 18 | =head1 DESCRIPTION | 18 | =head1 DESCRIPTION |
| 19 | 19 | ||
| 20 | The EVP envelope routines are a high level interface to envelope | 20 | The EVP envelope routines are a high level interface to envelope |
| 21 | encryption. They generate a random key and then "envelope" it by | 21 | encryption. They generate a random key and IV (if required) then |
| 22 | using public key encryption. Data can then be encrypted using this | 22 | "envelope" it by using public key encryption. Data can then be |
| 23 | key. | 23 | encrypted using this key. |
| 24 | 24 | ||
| 25 | EVP_SealInit() initializes a cipher context B<ctx> for encryption | 25 | EVP_SealInit() initializes a cipher context B<ctx> for encryption |
| 26 | with cipher B<type> using a random secret key and IV supplied in | 26 | with cipher B<type> using a random secret key and IV. B<type> is normally |
| 27 | the B<iv> parameter. B<type> is normally supplied by a function such | 27 | supplied by a function such as EVP_des_cbc(). The secret key is encrypted |
| 28 | as EVP_des_cbc(). The secret key is encrypted using one or more public | 28 | using one or more public keys, this allows the same encrypted data to be |
| 29 | keys, this allows the same encrypted data to be decrypted using any | 29 | decrypted using any of the corresponding private keys. B<ek> is an array of |
| 30 | of the corresponding private keys. B<ek> is an array of buffers where | 30 | buffers where the public key encrypted secret key will be written, each buffer |
| 31 | the public key encrypted secret key will be written, each buffer must | 31 | must contain enough room for the corresponding encrypted key: that is |
| 32 | contain enough room for the corresponding encrypted key: that is | ||
| 33 | B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual | 32 | B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual |
| 34 | size of each encrypted secret key is written to the array B<ekl>. B<pubk> is | 33 | size of each encrypted secret key is written to the array B<ekl>. B<pubk> is |
| 35 | an array of B<npubk> public keys. | 34 | an array of B<npubk> public keys. |
| 36 | 35 | ||
| 36 | The B<iv> parameter is a buffer where the generated IV is written to. It must | ||
| 37 | contain enough room for the corresponding cipher's IV, as determined by (for | ||
| 38 | example) EVP_CIPHER_iv_length(type). | ||
| 39 | |||
| 40 | If the cipher does not require an IV then the B<iv> parameter is ignored | ||
| 41 | and can be B<NULL>. | ||
| 42 | |||
| 37 | EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties | 43 | EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties |
| 38 | as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as | 44 | as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as |
| 39 | documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual | 45 | documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual |
diff --git a/src/lib/libcrypto/doc/RAND_bytes.pod b/src/lib/libcrypto/doc/RAND_bytes.pod index b03748b918..ce6329ce54 100644 --- a/src/lib/libcrypto/doc/RAND_bytes.pod +++ b/src/lib/libcrypto/doc/RAND_bytes.pod | |||
| @@ -35,7 +35,8 @@ method. | |||
| 35 | 35 | ||
| 36 | =head1 SEE ALSO | 36 | =head1 SEE ALSO |
| 37 | 37 | ||
| 38 | L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<RAND_add(3)|RAND_add(3)> | 38 | L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, |
| 39 | L<RAND_add(3)|RAND_add(3)> | ||
| 39 | 40 | ||
| 40 | =head1 HISTORY | 41 | =head1 HISTORY |
| 41 | 42 | ||
diff --git a/src/lib/libcrypto/doc/RSA_generate_key.pod b/src/lib/libcrypto/doc/RSA_generate_key.pod index 11bc0b3459..52dbb14a53 100644 --- a/src/lib/libcrypto/doc/RSA_generate_key.pod +++ b/src/lib/libcrypto/doc/RSA_generate_key.pod | |||
| @@ -59,7 +59,8 @@ RSA_generate_key() goes into an infinite loop for illegal input values. | |||
| 59 | 59 | ||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_free(3)|RSA_free(3)> | 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, |
| 63 | L<RSA_free(3)|RSA_free(3)> | ||
| 63 | 64 | ||
| 64 | =head1 HISTORY | 65 | =head1 HISTORY |
| 65 | 66 | ||
diff --git a/src/lib/libcrypto/doc/RSA_print.pod b/src/lib/libcrypto/doc/RSA_print.pod index ff2d353d1a..c971e91f4d 100644 --- a/src/lib/libcrypto/doc/RSA_print.pod +++ b/src/lib/libcrypto/doc/RSA_print.pod | |||
| @@ -2,9 +2,9 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | RSA_print, RSA_print_fp, DHparams_print, DHparams_print_fp, DSA_print, | 5 | RSA_print, RSA_print_fp, |
| 6 | DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic | 6 | DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, |
| 7 | parameters | 7 | DHparams_print, DHparams_print_fp - print cryptographic parameters |
| 8 | 8 | ||
| 9 | =head1 SYNOPSIS | 9 | =head1 SYNOPSIS |
| 10 | 10 | ||
diff --git a/src/lib/libcrypto/doc/RSA_private_encrypt.pod b/src/lib/libcrypto/doc/RSA_private_encrypt.pod index 0d1b2bd541..746a80c79e 100644 --- a/src/lib/libcrypto/doc/RSA_private_encrypt.pod +++ b/src/lib/libcrypto/doc/RSA_private_encrypt.pod | |||
| @@ -59,8 +59,8 @@ obtained by L<ERR_get_error(3)|ERR_get_error(3)>. | |||
| 59 | 59 | ||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, | 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, |
| 63 | L<RSA_verify(3)|RSA_verify(3)> | 63 | L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)> |
| 64 | 64 | ||
| 65 | =head1 HISTORY | 65 | =head1 HISTORY |
| 66 | 66 | ||
diff --git a/src/lib/libcrypto/doc/RSA_public_encrypt.pod b/src/lib/libcrypto/doc/RSA_public_encrypt.pod index 8022a23f99..d53e19d2b7 100644 --- a/src/lib/libcrypto/doc/RSA_public_encrypt.pod +++ b/src/lib/libcrypto/doc/RSA_public_encrypt.pod | |||
| @@ -72,7 +72,8 @@ SSL, PKCS #1 v2.0 | |||
| 72 | 72 | ||
| 73 | =head1 SEE ALSO | 73 | =head1 SEE ALSO |
| 74 | 74 | ||
| 75 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)> | 75 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, |
| 76 | L<RSA_size(3)|RSA_size(3)> | ||
| 76 | 77 | ||
| 77 | =head1 HISTORY | 78 | =head1 HISTORY |
| 78 | 79 | ||
diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod index 0687c2242a..0a305f6b14 100644 --- a/src/lib/libcrypto/doc/RSA_set_method.pod +++ b/src/lib/libcrypto/doc/RSA_set_method.pod | |||
| @@ -3,13 +3,12 @@ | |||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | RSA_set_default_method, RSA_get_default_method, RSA_set_method, | 5 | RSA_set_default_method, RSA_get_default_method, RSA_set_method, |
| 6 | RSA_get_method, RSA_PKCS1_SSLeay, | 6 | RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags, |
| 7 | RSA_null_method, RSA_flags, RSA_new_method - select RSA method | 7 | RSA_new_method - select RSA method |
| 8 | 8 | ||
| 9 | =head1 SYNOPSIS | 9 | =head1 SYNOPSIS |
| 10 | 10 | ||
| 11 | #include <openssl/rsa.h> | 11 | #include <openssl/rsa.h> |
| 12 | #include <openssl/engine.h> | ||
| 13 | 12 | ||
| 14 | void RSA_set_default_method(const RSA_METHOD *meth); | 13 | void RSA_set_default_method(const RSA_METHOD *meth); |
| 15 | 14 | ||
| @@ -25,7 +24,7 @@ RSA_null_method, RSA_flags, RSA_new_method - select RSA method | |||
| 25 | 24 | ||
| 26 | int RSA_flags(const RSA *rsa); | 25 | int RSA_flags(const RSA *rsa); |
| 27 | 26 | ||
| 28 | RSA *RSA_new_method(ENGINE *engine); | 27 | RSA *RSA_new_method(RSA_METHOD *method); |
| 29 | 28 | ||
| 30 | =head1 DESCRIPTION | 29 | =head1 DESCRIPTION |
| 31 | 30 | ||
| @@ -70,6 +69,12 @@ B<engine> will be used for the RSA operations. If B<engine> is NULL, the | |||
| 70 | default ENGINE for RSA operations is used, and if no default ENGINE is set, | 69 | default ENGINE for RSA operations is used, and if no default ENGINE is set, |
| 71 | the RSA_METHOD controlled by RSA_set_default_method() is used. | 70 | the RSA_METHOD controlled by RSA_set_default_method() is used. |
| 72 | 71 | ||
| 72 | RSA_flags() returns the B<flags> that are set for B<rsa>'s current method. | ||
| 73 | |||
| 74 | RSA_new_method() allocates and initializes an B<RSA> structure so that | ||
| 75 | B<method> will be used for the RSA operations. If B<method> is B<NULL>, | ||
| 76 | the default method is used. | ||
| 77 | |||
| 73 | =head1 THE RSA_METHOD STRUCTURE | 78 | =head1 THE RSA_METHOD STRUCTURE |
| 74 | 79 | ||
| 75 | typedef struct rsa_meth_st | 80 | typedef struct rsa_meth_st |
diff --git a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod index b8c7bbb7e3..e70380bbfc 100644 --- a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod +++ b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod | |||
| @@ -47,8 +47,8 @@ These functions serve no recognizable purpose. | |||
| 47 | 47 | ||
| 48 | =head1 SEE ALSO | 48 | =head1 SEE ALSO |
| 49 | 49 | ||
| 50 | L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, L<rand(3)|rand(3)>, | 50 | L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, |
| 51 | L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, | 51 | L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, |
| 52 | L<RSA_verify(3)|RSA_verify(3)> | 52 | L<RSA_verify(3)|RSA_verify(3)> |
| 53 | 53 | ||
| 54 | =head1 HISTORY | 54 | =head1 HISTORY |
diff --git a/src/lib/libcrypto/doc/d2i_DHparams.pod b/src/lib/libcrypto/doc/d2i_DHparams.pod index a6d1743d39..1e98aebeca 100644 --- a/src/lib/libcrypto/doc/d2i_DHparams.pod +++ b/src/lib/libcrypto/doc/d2i_DHparams.pod | |||
| @@ -2,7 +2,7 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | d2i_DHparams, i2d_DHparams - ... | 5 | d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions. |
| 6 | 6 | ||
| 7 | =head1 SYNOPSIS | 7 | =head1 SYNOPSIS |
| 8 | 8 | ||
| @@ -13,18 +13,18 @@ d2i_DHparams, i2d_DHparams - ... | |||
| 13 | 13 | ||
| 14 | =head1 DESCRIPTION | 14 | =head1 DESCRIPTION |
| 15 | 15 | ||
| 16 | ... | 16 | These functions decode and encode PKCS#3 DH parameters using the |
| 17 | DHparameter structure described in PKCS#3. | ||
| 17 | 18 | ||
| 18 | =head1 RETURN VALUES | 19 | Othewise these behave in a similar way to d2i_X509() and i2d_X509() |
| 19 | 20 | described in the L<d2i_X509(3)|d2i_X509(3)> manual page. | |
| 20 | ... | ||
| 21 | 21 | ||
| 22 | =head1 SEE ALSO | 22 | =head1 SEE ALSO |
| 23 | 23 | ||
| 24 | ... | 24 | L<d2i_X509(3)|d2i_X509(3)> |
| 25 | 25 | ||
| 26 | =head1 HISTORY | 26 | =head1 HISTORY |
| 27 | 27 | ||
| 28 | ... | 28 | TBA |
| 29 | 29 | ||
| 30 | =cut | 30 | =cut |
diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod index ff4d0d57db..7c71bcbf3d 100644 --- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod +++ b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod | |||
| @@ -2,7 +2,9 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ... | 5 | d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, |
| 6 | d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA, | ||
| 7 | d2i_Netscape_RSA - RSA public and private key encoding functions. | ||
| 6 | 8 | ||
| 7 | =head1 SYNOPSIS | 9 | =head1 SYNOPSIS |
| 8 | 10 | ||
| @@ -12,6 +14,10 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne | |||
| 12 | 14 | ||
| 13 | int i2d_RSAPublicKey(RSA *a, unsigned char **pp); | 15 | int i2d_RSAPublicKey(RSA *a, unsigned char **pp); |
| 14 | 16 | ||
| 17 | RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length); | ||
| 18 | |||
| 19 | int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); | ||
| 20 | |||
| 15 | RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); | 21 | RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); |
| 16 | 22 | ||
| 17 | int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); | 23 | int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); |
| @@ -22,18 +28,39 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne | |||
| 22 | 28 | ||
| 23 | =head1 DESCRIPTION | 29 | =head1 DESCRIPTION |
| 24 | 30 | ||
| 25 | ... | 31 | d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey |
| 32 | structure. | ||
| 33 | |||
| 34 | d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a | ||
| 35 | SubjectPublicKeyInfo (certificate public key) structure. | ||
| 36 | |||
| 37 | d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey | ||
| 38 | structure. | ||
| 39 | |||
| 40 | d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in | ||
| 41 | NET format. | ||
| 42 | |||
| 43 | The usage of all of these functions is similar to the d2i_X509() and | ||
| 44 | i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page. | ||
| 45 | |||
| 46 | =head1 NOTES | ||
| 47 | |||
| 48 | The B<RSA> structure passed to the private key encoding functions should have | ||
| 49 | all the PKCS#1 private key components present. | ||
| 26 | 50 | ||
| 27 | =head1 RETURN VALUES | 51 | The data encoded by the private key functions is unencrypted and therefore |
| 52 | offers no private key security. | ||
| 28 | 53 | ||
| 29 | ... | 54 | The NET format functions are present to provide compatibility with certain very |
| 55 | old software. This format has some severe security weaknesses and should be | ||
| 56 | avoided if possible. | ||
| 30 | 57 | ||
| 31 | =head1 SEE ALSO | 58 | =head1 SEE ALSO |
| 32 | 59 | ||
| 33 | ... | 60 | L<d2i_X509(3)|d2i_X509(3)> |
| 34 | 61 | ||
| 35 | =head1 HISTORY | 62 | =head1 HISTORY |
| 36 | 63 | ||
| 37 | ... | 64 | TBA |
| 38 | 65 | ||
| 39 | =cut | 66 | =cut |
diff --git a/src/lib/libcrypto/dsa/Makefile.ssl b/src/lib/libcrypto/dsa/Makefile.ssl index d308caafca..e5f8a8cf51 100644 --- a/src/lib/libcrypto/dsa/Makefile.ssl +++ b/src/lib/libcrypto/dsa/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ lint: | |||
| 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 71 | 71 | ||
| 72 | depend: | 72 | depend: |
| 73 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 74 | 74 | ||
| 75 | dclean: | 75 | dclean: |
| 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -143,35 +143,29 @@ dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 143 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 143 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 144 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 144 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 145 | dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 145 | dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 146 | dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 146 | dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 147 | dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 147 | dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 148 | dsa_ossl.o: ../../include/openssl/opensslconf.h | ||
| 149 | dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 148 | dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 150 | dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 149 | dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 151 | dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 150 | dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 152 | dsa_ossl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 153 | dsa_ossl.o: ../cryptlib.h dsa_ossl.c | 151 | dsa_ossl.o: ../cryptlib.h dsa_ossl.c |
| 154 | dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h | 152 | dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h |
| 155 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 153 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 156 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 154 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 157 | dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 155 | dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 158 | dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 156 | dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 159 | dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 157 | dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 160 | dsa_sign.o: ../../include/openssl/opensslconf.h | ||
| 161 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 158 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 162 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 159 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 163 | dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 160 | dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 164 | dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 165 | dsa_sign.o: ../cryptlib.h dsa_sign.c | 161 | dsa_sign.o: ../cryptlib.h dsa_sign.c |
| 166 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h | 162 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h |
| 167 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | 163 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h |
| 168 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 164 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 169 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 165 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| 170 | dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 166 | dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 171 | dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 167 | dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h |
| 172 | dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 168 | dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 173 | dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 169 | dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 174 | dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | ||
| 175 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 170 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 176 | dsa_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 171 | dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c |
| 177 | dsa_vrf.o: ../cryptlib.h dsa_vrf.c | ||
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c index da2cdfa3d6..4171af24c6 100644 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ b/src/lib/libcrypto/dsa/dsa_lib.c | |||
| @@ -63,7 +63,9 @@ | |||
| 63 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 66 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 67 | 69 | ||
| 68 | const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; | 70 | const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; |
| 69 | 71 | ||
| @@ -93,11 +95,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) | |||
| 93 | const DSA_METHOD *mtmp; | 95 | const DSA_METHOD *mtmp; |
| 94 | mtmp = dsa->meth; | 96 | mtmp = dsa->meth; |
| 95 | if (mtmp->finish) mtmp->finish(dsa); | 97 | if (mtmp->finish) mtmp->finish(dsa); |
| 98 | #ifndef OPENSSL_NO_ENGINE | ||
| 96 | if (dsa->engine) | 99 | if (dsa->engine) |
| 97 | { | 100 | { |
| 98 | ENGINE_finish(dsa->engine); | 101 | ENGINE_finish(dsa->engine); |
| 99 | dsa->engine = NULL; | 102 | dsa->engine = NULL; |
| 100 | } | 103 | } |
| 104 | #endif | ||
| 101 | dsa->meth = meth; | 105 | dsa->meth = meth; |
| 102 | if (meth->init) meth->init(dsa); | 106 | if (meth->init) meth->init(dsa); |
| 103 | return 1; | 107 | return 1; |
| @@ -114,6 +118,7 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 114 | return(NULL); | 118 | return(NULL); |
| 115 | } | 119 | } |
| 116 | ret->meth = DSA_get_default_method(); | 120 | ret->meth = DSA_get_default_method(); |
| 121 | #ifndef OPENSSL_NO_ENGINE | ||
| 117 | if (engine) | 122 | if (engine) |
| 118 | { | 123 | { |
| 119 | if (!ENGINE_init(engine)) | 124 | if (!ENGINE_init(engine)) |
| @@ -138,6 +143,7 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 138 | return NULL; | 143 | return NULL; |
| 139 | } | 144 | } |
| 140 | } | 145 | } |
| 146 | #endif | ||
| 141 | 147 | ||
| 142 | ret->pad=0; | 148 | ret->pad=0; |
| 143 | ret->version=0; | 149 | ret->version=0; |
| @@ -158,8 +164,10 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 158 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); | 164 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
| 159 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 165 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 160 | { | 166 | { |
| 167 | #ifndef OPENSSL_NO_ENGINE | ||
| 161 | if (ret->engine) | 168 | if (ret->engine) |
| 162 | ENGINE_finish(ret->engine); | 169 | ENGINE_finish(ret->engine); |
| 170 | #endif | ||
| 163 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); | 171 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
| 164 | OPENSSL_free(ret); | 172 | OPENSSL_free(ret); |
| 165 | ret=NULL; | 173 | ret=NULL; |
| @@ -189,8 +197,10 @@ void DSA_free(DSA *r) | |||
| 189 | 197 | ||
| 190 | if(r->meth->finish) | 198 | if(r->meth->finish) |
| 191 | r->meth->finish(r); | 199 | r->meth->finish(r); |
| 200 | #ifndef OPENSSL_NO_ENGINE | ||
| 192 | if(r->engine) | 201 | if(r->engine) |
| 193 | ENGINE_finish(r->engine); | 202 | ENGINE_finish(r->engine); |
| 203 | #endif | ||
| 194 | 204 | ||
| 195 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); | 205 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
| 196 | 206 | ||
| @@ -224,7 +234,10 @@ int DSA_size(const DSA *r) | |||
| 224 | { | 234 | { |
| 225 | int ret,i; | 235 | int ret,i; |
| 226 | ASN1_INTEGER bs; | 236 | ASN1_INTEGER bs; |
| 227 | unsigned char buf[4]; | 237 | unsigned char buf[4]; /* 4 bytes looks really small. |
| 238 | However, i2d_ASN1_INTEGER() will not look | ||
| 239 | beyond the first byte, as long as the second | ||
| 240 | parameter is NULL. */ | ||
| 228 | 241 | ||
| 229 | i=BN_num_bits(r->q); | 242 | i=BN_num_bits(r->q); |
| 230 | bs.length=(i+7)/8; | 243 | bs.length=(i+7)/8; |
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 37dd5fc994..b9e7f3ea5c 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c | |||
| @@ -64,7 +64,6 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/engine.h> | ||
| 68 | 67 | ||
| 69 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | 68 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); |
| 70 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); | 69 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); |
| @@ -106,13 +105,15 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
| 106 | int i,reason=ERR_R_BN_LIB; | 105 | int i,reason=ERR_R_BN_LIB; |
| 107 | DSA_SIG *ret=NULL; | 106 | DSA_SIG *ret=NULL; |
| 108 | 107 | ||
| 108 | BN_init(&m); | ||
| 109 | BN_init(&xr); | ||
| 110 | |||
| 109 | if (!dsa->p || !dsa->q || !dsa->g) | 111 | if (!dsa->p || !dsa->q || !dsa->g) |
| 110 | { | 112 | { |
| 111 | reason=DSA_R_MISSING_PARAMETERS; | 113 | reason=DSA_R_MISSING_PARAMETERS; |
| 112 | goto err; | 114 | goto err; |
| 113 | } | 115 | } |
| 114 | BN_init(&m); | 116 | |
| 115 | BN_init(&xr); | ||
| 116 | s=BN_new(); | 117 | s=BN_new(); |
| 117 | if (s == NULL) goto err; | 118 | if (s == NULL) goto err; |
| 118 | 119 | ||
| @@ -178,6 +179,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 178 | DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); | 179 | DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); |
| 179 | return 0; | 180 | return 0; |
| 180 | } | 181 | } |
| 182 | |||
| 183 | BN_init(&k); | ||
| 184 | |||
| 181 | if (ctx_in == NULL) | 185 | if (ctx_in == NULL) |
| 182 | { | 186 | { |
| 183 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 187 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| @@ -185,7 +189,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 185 | else | 189 | else |
| 186 | ctx=ctx_in; | 190 | ctx=ctx_in; |
| 187 | 191 | ||
| 188 | BN_init(&k); | ||
| 189 | if ((r=BN_new()) == NULL) goto err; | 192 | if ((r=BN_new()) == NULL) goto err; |
| 190 | kinv=NULL; | 193 | kinv=NULL; |
| 191 | 194 | ||
| @@ -241,11 +244,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | |||
| 241 | return -1; | 244 | return -1; |
| 242 | } | 245 | } |
| 243 | 246 | ||
| 244 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
| 245 | BN_init(&u1); | 247 | BN_init(&u1); |
| 246 | BN_init(&u2); | 248 | BN_init(&u2); |
| 247 | BN_init(&t1); | 249 | BN_init(&t1); |
| 248 | 250 | ||
| 251 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
| 252 | |||
| 249 | if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) | 253 | if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) |
| 250 | { | 254 | { |
| 251 | ret = 0; | 255 | ret = 0; |
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index e9469ca62f..89205026f0 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c | |||
| @@ -64,7 +64,6 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/engine.h> | ||
| 68 | 67 | ||
| 69 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | 68 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
| 70 | { | 69 | { |
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c index 066c6b5b28..c4aeddd056 100644 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ b/src/lib/libcrypto/dsa/dsa_vrf.c | |||
| @@ -65,7 +65,6 @@ | |||
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/asn1_mac.h> | 67 | #include <openssl/asn1_mac.h> |
| 68 | #include <openssl/engine.h> | ||
| 69 | 68 | ||
| 70 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 69 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
| 71 | DSA *dsa) | 70 | DSA *dsa) |
diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c index a0b0976640..1b6a1cca0f 100644 --- a/src/lib/libcrypto/dsa/dsagen.c +++ b/src/lib/libcrypto/dsa/dsagen.c | |||
| @@ -103,7 +103,7 @@ main() | |||
| 103 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | 103 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); |
| 104 | 104 | ||
| 105 | memcpy(seed_buf,seed,20); | 105 | memcpy(seed_buf,seed,20); |
| 106 | dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb); | 106 | dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err); |
| 107 | 107 | ||
| 108 | if (dsa == NULL) | 108 | if (dsa == NULL) |
| 109 | DSA_print(bio_err,dsa,0); | 109 | DSA_print(bio_err,dsa,0); |
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c index 12da64f9f4..4734ce4af8 100644 --- a/src/lib/libcrypto/dsa/dsatest.c +++ b/src/lib/libcrypto/dsa/dsatest.c | |||
| @@ -61,14 +61,13 @@ | |||
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <sys/types.h> | 62 | #include <sys/types.h> |
| 63 | #include <sys/stat.h> | 63 | #include <sys/stat.h> |
| 64 | |||
| 65 | #include "../e_os.h" | ||
| 66 | |||
| 64 | #include <openssl/crypto.h> | 67 | #include <openssl/crypto.h> |
| 65 | #include <openssl/rand.h> | 68 | #include <openssl/rand.h> |
| 66 | #include <openssl/bio.h> | 69 | #include <openssl/bio.h> |
| 67 | #include <openssl/err.h> | 70 | #include <openssl/err.h> |
| 68 | #include <openssl/engine.h> | ||
| 69 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 70 | #include "../bio/bss_file.c" | ||
| 71 | #endif | ||
| 72 | 71 | ||
| 73 | #ifdef OPENSSL_NO_DSA | 72 | #ifdef OPENSSL_NO_DSA |
| 74 | int main(int argc, char *argv[]) | 73 | int main(int argc, char *argv[]) |
| @@ -212,10 +211,16 @@ end: | |||
| 212 | BIO_free(bio_err); | 211 | BIO_free(bio_err); |
| 213 | bio_err = NULL; | 212 | bio_err = NULL; |
| 214 | } | 213 | } |
| 215 | exit(!ret); | 214 | EXIT(!ret); |
| 216 | return(0); | 215 | return(0); |
| 217 | } | 216 | } |
| 218 | 217 | ||
| 218 | static int cb_exit(int ec) | ||
| 219 | { | ||
| 220 | EXIT(ec); | ||
| 221 | return(0); /* To keep some compilers quiet */ | ||
| 222 | } | ||
| 223 | |||
| 219 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | 224 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) |
| 220 | { | 225 | { |
| 221 | char c='*'; | 226 | char c='*'; |
| @@ -231,7 +236,7 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | |||
| 231 | if (!ok && (p == 0) && (num > 1)) | 236 | if (!ok && (p == 0) && (num > 1)) |
| 232 | { | 237 | { |
| 233 | BIO_printf((BIO *)arg,"error in dsatest\n"); | 238 | BIO_printf((BIO *)arg,"error in dsatest\n"); |
| 234 | exit(1); | 239 | cb_exit(1); |
| 235 | } | 240 | } |
| 236 | } | 241 | } |
| 237 | #endif | 242 | #endif |
diff --git a/src/lib/libcrypto/dso/Makefile.ssl b/src/lib/libcrypto/dso/Makefile.ssl index 5a55125824..c0449d184e 100644 --- a/src/lib/libcrypto/dso/Makefile.ssl +++ b/src/lib/libcrypto/dso/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ lint: | |||
| 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 71 | 71 | ||
| 72 | depend: | 72 | depend: |
| 73 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 74 | 74 | ||
| 75 | dclean: | 75 | dclean: |
| 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c index 195717e993..79d2cb4d8c 100644 --- a/src/lib/libcrypto/dso/dso_dl.c +++ b/src/lib/libcrypto/dso/dso_dl.c | |||
| @@ -126,7 +126,7 @@ static int dl_load(DSO *dso) | |||
| 126 | DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); | 126 | DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); |
| 127 | goto err; | 127 | goto err; |
| 128 | } | 128 | } |
| 129 | ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, NULL); | 129 | ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L); |
| 130 | if(ptr == NULL) | 130 | if(ptr == NULL) |
| 131 | { | 131 | { |
| 132 | DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); | 132 | DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); |
diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c index af8586d754..6c30deb250 100644 --- a/src/lib/libcrypto/dso/dso_win32.c +++ b/src/lib/libcrypto/dso/dso_win32.c | |||
| @@ -61,7 +61,7 @@ | |||
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/dso.h> | 62 | #include <openssl/dso.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_SYS_WIN32 | 64 | #if !defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE) |
| 65 | DSO_METHOD *DSO_METHOD_win32(void) | 65 | DSO_METHOD *DSO_METHOD_win32(void) |
| 66 | { | 66 | { |
| 67 | return NULL; | 67 | return NULL; |
diff --git a/src/lib/libcrypto/ec/Makefile.ssl b/src/lib/libcrypto/ec/Makefile.ssl index ed602b4a7f..a2805c47a2 100644 --- a/src/lib/libcrypto/ec/Makefile.ssl +++ b/src/lib/libcrypto/ec/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/ec/ec.h b/src/lib/libcrypto/ec/ec.h index a52d4edf14..6d6a9b7127 100644 --- a/src/lib/libcrypto/ec/ec.h +++ b/src/lib/libcrypto/ec/ec.h | |||
| @@ -195,7 +195,6 @@ void ERR_load_EC_strings(void); | |||
| 195 | #define EC_F_EC_GROUP_GET0_GENERATOR 139 | 195 | #define EC_F_EC_GROUP_GET0_GENERATOR 139 |
| 196 | #define EC_F_EC_GROUP_GET_COFACTOR 140 | 196 | #define EC_F_EC_GROUP_GET_COFACTOR 140 |
| 197 | #define EC_F_EC_GROUP_GET_CURVE_GFP 130 | 197 | #define EC_F_EC_GROUP_GET_CURVE_GFP 130 |
| 198 | #define EC_F_EC_GROUP_GET_EXTRA_DATA 107 | ||
| 199 | #define EC_F_EC_GROUP_GET_ORDER 141 | 198 | #define EC_F_EC_GROUP_GET_ORDER 141 |
| 200 | #define EC_F_EC_GROUP_NEW 108 | 199 | #define EC_F_EC_GROUP_NEW 108 |
| 201 | #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 | 200 | #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 |
| @@ -232,7 +231,6 @@ void ERR_load_EC_strings(void); | |||
| 232 | #define EC_R_INVALID_FIELD 103 | 231 | #define EC_R_INVALID_FIELD 103 |
| 233 | #define EC_R_INVALID_FORM 104 | 232 | #define EC_R_INVALID_FORM 104 |
| 234 | #define EC_R_NOT_INITIALIZED 111 | 233 | #define EC_R_NOT_INITIALIZED 111 |
| 235 | #define EC_R_NO_SUCH_EXTRA_DATA 105 | ||
| 236 | #define EC_R_POINT_AT_INFINITY 106 | 234 | #define EC_R_POINT_AT_INFINITY 106 |
| 237 | #define EC_R_POINT_IS_NOT_ON_CURVE 107 | 235 | #define EC_R_POINT_IS_NOT_ON_CURVE 107 |
| 238 | #define EC_R_SLOT_FULL 108 | 236 | #define EC_R_SLOT_FULL 108 |
diff --git a/src/lib/libcrypto/ec/ec_err.c b/src/lib/libcrypto/ec/ec_err.c index 394cdc021f..d37b6aba87 100644 --- a/src/lib/libcrypto/ec/ec_err.c +++ b/src/lib/libcrypto/ec/ec_err.c | |||
| @@ -84,7 +84,6 @@ static ERR_STRING_DATA EC_str_functs[]= | |||
| 84 | {ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0), "EC_GROUP_get0_generator"}, | 84 | {ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0), "EC_GROUP_get0_generator"}, |
| 85 | {ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0), "EC_GROUP_get_cofactor"}, | 85 | {ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0), "EC_GROUP_get_cofactor"}, |
| 86 | {ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0), "EC_GROUP_get_curve_GFp"}, | 86 | {ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0), "EC_GROUP_get_curve_GFp"}, |
| 87 | {ERR_PACK(0,EC_F_EC_GROUP_GET_EXTRA_DATA,0), "EC_GROUP_get_extra_data"}, | ||
| 88 | {ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"}, | 87 | {ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"}, |
| 89 | {ERR_PACK(0,EC_F_EC_GROUP_NEW,0), "EC_GROUP_new"}, | 88 | {ERR_PACK(0,EC_F_EC_GROUP_NEW,0), "EC_GROUP_new"}, |
| 90 | {ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0), "EC_GROUP_precompute_mult"}, | 89 | {ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0), "EC_GROUP_precompute_mult"}, |
| @@ -124,7 +123,6 @@ static ERR_STRING_DATA EC_str_reasons[]= | |||
| 124 | {EC_R_INVALID_FIELD ,"invalid field"}, | 123 | {EC_R_INVALID_FIELD ,"invalid field"}, |
| 125 | {EC_R_INVALID_FORM ,"invalid form"}, | 124 | {EC_R_INVALID_FORM ,"invalid form"}, |
| 126 | {EC_R_NOT_INITIALIZED ,"not initialized"}, | 125 | {EC_R_NOT_INITIALIZED ,"not initialized"}, |
| 127 | {EC_R_NO_SUCH_EXTRA_DATA ,"no such extra data"}, | ||
| 128 | {EC_R_POINT_AT_INFINITY ,"point at infinity"}, | 126 | {EC_R_POINT_AT_INFINITY ,"point at infinity"}, |
| 129 | {EC_R_POINT_IS_NOT_ON_CURVE ,"point is not on curve"}, | 127 | {EC_R_POINT_IS_NOT_ON_CURVE ,"point is not on curve"}, |
| 130 | {EC_R_SLOT_FULL ,"slot full"}, | 128 | {EC_R_SLOT_FULL ,"slot full"}, |
diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c index 0cf485de60..deb522060f 100644 --- a/src/lib/libcrypto/ec/ec_lib.c +++ b/src/lib/libcrypto/ec/ec_lib.c | |||
| @@ -128,7 +128,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) | |||
| 128 | 128 | ||
| 129 | EC_GROUP_clear_free_extra_data(group); | 129 | EC_GROUP_clear_free_extra_data(group); |
| 130 | 130 | ||
| 131 | memset(group, 0, sizeof *group); | 131 | OPENSSL_cleanse(group, sizeof *group); |
| 132 | OPENSSL_free(group); | 132 | OPENSSL_free(group); |
| 133 | } | 133 | } |
| 134 | 134 | ||
| @@ -268,7 +268,9 @@ void *EC_GROUP_get_extra_data(const EC_GROUP *group, void *(*extra_data_dup_func | |||
| 268 | || (group->extra_data_free_func != extra_data_free_func) | 268 | || (group->extra_data_free_func != extra_data_free_func) |
| 269 | || (group->extra_data_clear_free_func != extra_data_clear_free_func)) | 269 | || (group->extra_data_clear_free_func != extra_data_clear_free_func)) |
| 270 | { | 270 | { |
| 271 | ECerr(EC_F_EC_GROUP_GET_EXTRA_DATA, EC_R_NO_SUCH_EXTRA_DATA); | 271 | #if 0 /* this was an error in 0.9.7, but that does not make a lot of sense */ |
| 272 | ECerr(..._F_EC_GROUP_GET_EXTRA_DATA, ..._R_NO_SUCH_EXTRA_DATA); | ||
| 273 | #endif | ||
| 272 | return NULL; | 274 | return NULL; |
| 273 | } | 275 | } |
| 274 | 276 | ||
| @@ -357,7 +359,7 @@ void EC_POINT_clear_free(EC_POINT *point) | |||
| 357 | point->meth->point_clear_finish(point); | 359 | point->meth->point_clear_finish(point); |
| 358 | else if (point->meth != NULL && point->meth->point_finish != 0) | 360 | else if (point->meth != NULL && point->meth->point_finish != 0) |
| 359 | point->meth->point_finish(point); | 361 | point->meth->point_finish(point); |
| 360 | memset(point, 0, sizeof *point); | 362 | OPENSSL_cleanse(point, sizeof *point); |
| 361 | OPENSSL_free(point); | 363 | OPENSSL_free(point); |
| 362 | } | 364 | } |
| 363 | 365 | ||
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c index 603ba31b81..4dbc931120 100644 --- a/src/lib/libcrypto/ec/ec_mult.c +++ b/src/lib/libcrypto/ec/ec_mult.c | |||
| @@ -209,6 +209,17 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 209 | EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */ | 209 | EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */ |
| 210 | int ret = 0; | 210 | int ret = 0; |
| 211 | 211 | ||
| 212 | if (group->meth != r->meth) | ||
| 213 | { | ||
| 214 | ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS); | ||
| 215 | return 0; | ||
| 216 | } | ||
| 217 | |||
| 218 | if ((scalar == NULL) && (num == 0)) | ||
| 219 | { | ||
| 220 | return EC_POINT_set_to_infinity(group, r); | ||
| 221 | } | ||
| 222 | |||
| 212 | if (scalar != NULL) | 223 | if (scalar != NULL) |
| 213 | { | 224 | { |
| 214 | generator = EC_GROUP_get0_generator(group); | 225 | generator = EC_GROUP_get0_generator(group); |
diff --git a/src/lib/libcrypto/ec/ectest.c b/src/lib/libcrypto/ec/ectest.c index eab46cc080..345d3e4289 100644 --- a/src/lib/libcrypto/ec/ectest.c +++ b/src/lib/libcrypto/ec/ectest.c | |||
| @@ -55,6 +55,11 @@ | |||
| 55 | 55 | ||
| 56 | #include <stdio.h> | 56 | #include <stdio.h> |
| 57 | #include <stdlib.h> | 57 | #include <stdlib.h> |
| 58 | #ifdef FLAT_INC | ||
| 59 | #include "e_os.h" | ||
| 60 | #else | ||
| 61 | #include "../e_os.h" | ||
| 62 | #endif | ||
| 58 | #include <string.h> | 63 | #include <string.h> |
| 59 | #include <time.h> | 64 | #include <time.h> |
| 60 | 65 | ||
| @@ -65,14 +70,16 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur | |||
| 65 | 70 | ||
| 66 | 71 | ||
| 67 | #include <openssl/ec.h> | 72 | #include <openssl/ec.h> |
| 73 | #ifndef OPENSSL_NO_ENGINE | ||
| 68 | #include <openssl/engine.h> | 74 | #include <openssl/engine.h> |
| 75 | #endif | ||
| 69 | #include <openssl/err.h> | 76 | #include <openssl/err.h> |
| 70 | 77 | ||
| 71 | #define ABORT do { \ | 78 | #define ABORT do { \ |
| 72 | fflush(stdout); \ | 79 | fflush(stdout); \ |
| 73 | fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ | 80 | fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ |
| 74 | ERR_print_errors_fp(stderr); \ | 81 | ERR_print_errors_fp(stderr); \ |
| 75 | exit(1); \ | 82 | EXIT(1); \ |
| 76 | } while (0) | 83 | } while (0) |
| 77 | 84 | ||
| 78 | #if 0 | 85 | #if 0 |
| @@ -623,7 +630,9 @@ int main(int argc, char *argv[]) | |||
| 623 | if (P_384) EC_GROUP_free(P_384); | 630 | if (P_384) EC_GROUP_free(P_384); |
| 624 | if (P_521) EC_GROUP_free(P_521); | 631 | if (P_521) EC_GROUP_free(P_521); |
| 625 | 632 | ||
| 633 | #ifndef OPENSSL_NO_ENGINE | ||
| 626 | ENGINE_cleanup(); | 634 | ENGINE_cleanup(); |
| 635 | #endif | ||
| 627 | CRYPTO_cleanup_all_ex_data(); | 636 | CRYPTO_cleanup_all_ex_data(); |
| 628 | ERR_free_strings(); | 637 | ERR_free_strings(); |
| 629 | ERR_remove_state(0); | 638 | ERR_remove_state(0); |
diff --git a/src/lib/libcrypto/engine/Makefile.ssl b/src/lib/libcrypto/engine/Makefile.ssl index 8bc8985e02..30a4446ff9 100644 --- a/src/lib/libcrypto/engine/Makefile.ssl +++ b/src/lib/libcrypto/engine/Makefile.ssl | |||
| @@ -50,7 +50,7 @@ all: lib | |||
| 50 | 50 | ||
| 51 | lib: $(LIBOBJ) | 51 | lib: $(LIBOBJ) |
| 52 | $(AR) $(LIB) $(LIBOBJ) | 52 | $(AR) $(LIB) $(LIBOBJ) |
| 53 | $(RANLIB) $(LIB) | 53 | $(RANLIB) $(LIB) || echo Never mind. |
| 54 | @touch lib | 54 | @touch lib |
| 55 | 55 | ||
| 56 | files: | 56 | files: |
| @@ -82,7 +82,7 @@ lint: | |||
| 82 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 82 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 83 | 83 | ||
| 84 | depend: | 84 | depend: |
| 85 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 85 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 86 | 86 | ||
| 87 | dclean: | 87 | dclean: |
| 88 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 88 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -304,6 +304,27 @@ hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | |||
| 304 | hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 304 | hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 305 | hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h | 305 | hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h |
| 306 | hw_atalla.o: vendor_defns/atalla.h | 306 | hw_atalla.o: vendor_defns/atalla.h |
| 307 | hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | ||
| 308 | hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | ||
| 309 | hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h | ||
| 310 | hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
| 311 | hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | ||
| 312 | hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
| 313 | hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 314 | hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h | ||
| 315 | hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | ||
| 316 | hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | ||
| 317 | hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | ||
| 318 | hw_cryptodev.o: ../../include/openssl/objects.h | ||
| 319 | hw_cryptodev.o: ../../include/openssl/opensslconf.h | ||
| 320 | hw_cryptodev.o: ../../include/openssl/opensslv.h | ||
| 321 | hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
| 322 | hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | ||
| 323 | hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | ||
| 324 | hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 325 | hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 326 | hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 327 | hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c | ||
| 307 | hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h | 328 | hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h |
| 308 | hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 329 | hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 309 | hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 330 | hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| @@ -354,45 +375,6 @@ hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | |||
| 354 | hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 375 | hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 355 | hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 376 | hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 356 | hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h | 377 | hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h |
| 357 | hw_cryptodev.o: ../../include/openssl/aes.h | ||
| 358 | hw_cryptodev.o: ../../include/openssl/asn1.h | ||
| 359 | hw_cryptodev.o: ../../include/openssl/bio.h | ||
| 360 | hw_cryptodev.o: ../../include/openssl/blowfish.h | ||
| 361 | hw_cryptodev.o: ../../include/openssl/bn.h | ||
| 362 | hw_cryptodev.o: ../../include/openssl/cast.h | ||
| 363 | hw_cryptodev.o: ../../include/openssl/conf.h | ||
| 364 | hw_cryptodev.o: ../../include/openssl/crypto.h | ||
| 365 | hw_cryptodev.o: ../../include/openssl/des.h | ||
| 366 | hw_cryptodev.o: ../../include/openssl/des_old.h | ||
| 367 | hw_cryptodev.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
| 368 | hw_cryptodev.o: ../../include/openssl/e_os2.h | ||
| 369 | hw_cryptodev.o: ../../include/openssl/engine.h | ||
| 370 | hw_cryptodev.o: ../../include/openssl/err.h | ||
| 371 | hw_cryptodev.o: ../../include/openssl/evp.h | ||
| 372 | hw_cryptodev.o: ../../include/openssl/idea.h | ||
| 373 | hw_cryptodev.o: ../../include/openssl/lhash.h | ||
| 374 | hw_cryptodev.o: ../../include/openssl/md2.h | ||
| 375 | hw_cryptodev.o: ../../include/openssl/md4.h | ||
| 376 | hw_cryptodev.o: ../../include/openssl/md5.h | ||
| 377 | hw_cryptodev.o: ../../include/openssl/mdc2.h | ||
| 378 | hw_cryptodev.o: ../../include/openssl/obj_mac.h | ||
| 379 | hw_cryptodev.o: ../../include/openssl/objects.h | ||
| 380 | hw_cryptodev.o: ../../include/openssl/opensslconf.h | ||
| 381 | hw_cryptodev.o: ../../include/openssl/opensslv.h | ||
| 382 | hw_cryptodev.o: ../../include/openssl/ossl_typ.h | ||
| 383 | hw_cryptodev.o: ../../include/openssl/rand.h | ||
| 384 | hw_cryptodev.o: ../../include/openssl/rc2.h | ||
| 385 | hw_cryptodev.o: ../../include/openssl/rc4.h | ||
| 386 | hw_cryptodev.o: ../../include/openssl/rc5.h | ||
| 387 | hw_cryptodev.o: ../../include/openssl/ripemd.h | ||
| 388 | hw_cryptodev.o: ../../include/openssl/rsa.h | ||
| 389 | hw_cryptodev.o: ../../include/openssl/safestack.h | ||
| 390 | hw_cryptodev.o: ../../include/openssl/sha.h | ||
| 391 | hw_cryptodev.o: ../../include/openssl/stack.h | ||
| 392 | hw_cryptodev.o: ../../include/openssl/symhacks.h | ||
| 393 | hw_cryptodev.o: ../../include/openssl/ui.h | ||
| 394 | hw_cryptodev.o: ../../include/openssl/ui_compat.h ../evp/evp_locl.h | ||
| 395 | hw_cryptodev.o: eng_int.h hw_cryptodev.c | ||
| 396 | hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h | 378 | hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h |
| 397 | hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 379 | hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 398 | hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | 380 | hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h |
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c index bc50465422..0f6992a40d 100644 --- a/src/lib/libcrypto/engine/eng_all.c +++ b/src/lib/libcrypto/engine/eng_all.c | |||
| @@ -60,10 +60,6 @@ | |||
| 60 | #include <openssl/engine.h> | 60 | #include <openssl/engine.h> |
| 61 | #include "eng_int.h" | 61 | #include "eng_int.h" |
| 62 | 62 | ||
| 63 | #ifdef __OpenBSD__ | ||
| 64 | static int openbsd_default_loaded = 0; | ||
| 65 | #endif | ||
| 66 | |||
| 67 | void ENGINE_load_builtin_engines(void) | 63 | void ENGINE_load_builtin_engines(void) |
| 68 | { | 64 | { |
| 69 | /* There's no longer any need for an "openssl" ENGINE unless, one day, | 65 | /* There's no longer any need for an "openssl" ENGINE unless, one day, |
| @@ -99,21 +95,19 @@ void ENGINE_load_builtin_engines(void) | |||
| 99 | #ifndef OPENSSL_NO_HW_4758_CCA | 95 | #ifndef OPENSSL_NO_HW_4758_CCA |
| 100 | ENGINE_load_4758cca(); | 96 | ENGINE_load_4758cca(); |
| 101 | #endif | 97 | #endif |
| 102 | #ifdef OPENSSL_OPENBSD_DEV_CRYPTO | 98 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 103 | ENGINE_load_openbsd_dev_crypto(); | ||
| 104 | #endif | ||
| 105 | #ifdef __OpenBSD__ | ||
| 106 | ENGINE_load_cryptodev(); | 99 | ENGINE_load_cryptodev(); |
| 107 | #endif | 100 | #endif |
| 108 | #endif | 101 | #endif |
| 109 | } | 102 | } |
| 110 | 103 | ||
| 111 | #ifdef __OpenBSD__ | 104 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 112 | void ENGINE_setup_openbsd(void) { | 105 | void ENGINE_setup_bsd_cryptodev(void) { |
| 113 | if (!openbsd_default_loaded) { | 106 | static int bsd_cryptodev_default_loaded = 0; |
| 107 | if (!bsd_cryptodev_default_loaded) { | ||
| 114 | ENGINE_load_cryptodev(); | 108 | ENGINE_load_cryptodev(); |
| 115 | ENGINE_register_all_complete(); | 109 | ENGINE_register_all_complete(); |
| 116 | } | 110 | } |
| 117 | openbsd_default_loaded=1; | 111 | bsd_cryptodev_default_loaded=1; |
| 118 | } | 112 | } |
| 119 | #endif | 113 | #endif |
diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c index f6c5630395..814d95ee32 100644 --- a/src/lib/libcrypto/engine/eng_err.c +++ b/src/lib/libcrypto/engine/eng_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/engine/eng_err.c */ | 1 | /* crypto/engine/eng_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -96,6 +96,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 96 | {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"}, | 96 | {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"}, |
| 97 | {ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"}, | 97 | {ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"}, |
| 98 | {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"}, | 98 | {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"}, |
| 99 | {ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0), "ENGINE_up_ref"}, | ||
| 99 | {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"}, | 100 | {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"}, |
| 100 | {ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0), "INT_ENGINE_CONFIGURE"}, | 101 | {ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0), "INT_ENGINE_CONFIGURE"}, |
| 101 | {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"}, | 102 | {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"}, |
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c index f7edb5ad32..0d7dae00b2 100644 --- a/src/lib/libcrypto/engine/eng_fat.c +++ b/src/lib/libcrypto/engine/eng_fat.c | |||
| @@ -66,18 +66,18 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) | |||
| 66 | if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) | 66 | if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) |
| 67 | return 0; | 67 | return 0; |
| 68 | #ifndef OPENSSL_NO_RSA | 68 | #ifndef OPENSSL_NO_RSA |
| 69 | if((flags & ENGINE_METHOD_RSA) & !ENGINE_set_default_RSA(e)) | 69 | if((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) |
| 70 | return 0; | 70 | return 0; |
| 71 | #endif | 71 | #endif |
| 72 | #ifndef OPENSSL_NO_DSA | 72 | #ifndef OPENSSL_NO_DSA |
| 73 | if((flags & ENGINE_METHOD_DSA) & !ENGINE_set_default_DSA(e)) | 73 | if((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) |
| 74 | return 0; | 74 | return 0; |
| 75 | #endif | 75 | #endif |
| 76 | #ifndef OPENSSL_NO_DH | 76 | #ifndef OPENSSL_NO_DH |
| 77 | if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e)) | 77 | if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) |
| 78 | return 0; | 78 | return 0; |
| 79 | #endif | 79 | #endif |
| 80 | if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e)) | 80 | if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) |
| 81 | return 0; | 81 | return 0; |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c index 0c220558e7..1cc3217f4c 100644 --- a/src/lib/libcrypto/engine/eng_list.c +++ b/src/lib/libcrypto/engine/eng_list.c | |||
| @@ -191,14 +191,14 @@ ENGINE *ENGINE_get_first(void) | |||
| 191 | { | 191 | { |
| 192 | ENGINE *ret; | 192 | ENGINE *ret; |
| 193 | 193 | ||
| 194 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 194 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 195 | ret = engine_list_head; | 195 | ret = engine_list_head; |
| 196 | if(ret) | 196 | if(ret) |
| 197 | { | 197 | { |
| 198 | ret->struct_ref++; | 198 | ret->struct_ref++; |
| 199 | engine_ref_debug(ret, 0, 1) | 199 | engine_ref_debug(ret, 0, 1) |
| 200 | } | 200 | } |
| 201 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 201 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 202 | return ret; | 202 | return ret; |
| 203 | } | 203 | } |
| 204 | 204 | ||
| @@ -206,14 +206,14 @@ ENGINE *ENGINE_get_last(void) | |||
| 206 | { | 206 | { |
| 207 | ENGINE *ret; | 207 | ENGINE *ret; |
| 208 | 208 | ||
| 209 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 209 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 210 | ret = engine_list_tail; | 210 | ret = engine_list_tail; |
| 211 | if(ret) | 211 | if(ret) |
| 212 | { | 212 | { |
| 213 | ret->struct_ref++; | 213 | ret->struct_ref++; |
| 214 | engine_ref_debug(ret, 0, 1) | 214 | engine_ref_debug(ret, 0, 1) |
| 215 | } | 215 | } |
| 216 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 216 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 217 | return ret; | 217 | return ret; |
| 218 | } | 218 | } |
| 219 | 219 | ||
| @@ -227,7 +227,7 @@ ENGINE *ENGINE_get_next(ENGINE *e) | |||
| 227 | ERR_R_PASSED_NULL_PARAMETER); | 227 | ERR_R_PASSED_NULL_PARAMETER); |
| 228 | return 0; | 228 | return 0; |
| 229 | } | 229 | } |
| 230 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 230 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 231 | ret = e->next; | 231 | ret = e->next; |
| 232 | if(ret) | 232 | if(ret) |
| 233 | { | 233 | { |
| @@ -235,7 +235,7 @@ ENGINE *ENGINE_get_next(ENGINE *e) | |||
| 235 | ret->struct_ref++; | 235 | ret->struct_ref++; |
| 236 | engine_ref_debug(ret, 0, 1) | 236 | engine_ref_debug(ret, 0, 1) |
| 237 | } | 237 | } |
| 238 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 238 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 239 | /* Release the structural reference to the previous ENGINE */ | 239 | /* Release the structural reference to the previous ENGINE */ |
| 240 | ENGINE_free(e); | 240 | ENGINE_free(e); |
| 241 | return ret; | 241 | return ret; |
| @@ -250,7 +250,7 @@ ENGINE *ENGINE_get_prev(ENGINE *e) | |||
| 250 | ERR_R_PASSED_NULL_PARAMETER); | 250 | ERR_R_PASSED_NULL_PARAMETER); |
| 251 | return 0; | 251 | return 0; |
| 252 | } | 252 | } |
| 253 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 253 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 254 | ret = e->prev; | 254 | ret = e->prev; |
| 255 | if(ret) | 255 | if(ret) |
| 256 | { | 256 | { |
| @@ -258,7 +258,7 @@ ENGINE *ENGINE_get_prev(ENGINE *e) | |||
| 258 | ret->struct_ref++; | 258 | ret->struct_ref++; |
| 259 | engine_ref_debug(ret, 0, 1) | 259 | engine_ref_debug(ret, 0, 1) |
| 260 | } | 260 | } |
| 261 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 261 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 262 | /* Release the structural reference to the previous ENGINE */ | 262 | /* Release the structural reference to the previous ENGINE */ |
| 263 | ENGINE_free(e); | 263 | ENGINE_free(e); |
| 264 | return ret; | 264 | return ret; |
| @@ -346,7 +346,7 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 346 | ERR_R_PASSED_NULL_PARAMETER); | 346 | ERR_R_PASSED_NULL_PARAMETER); |
| 347 | return NULL; | 347 | return NULL; |
| 348 | } | 348 | } |
| 349 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 349 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 350 | iterator = engine_list_head; | 350 | iterator = engine_list_head; |
| 351 | while(iterator && (strcmp(id, iterator->id) != 0)) | 351 | while(iterator && (strcmp(id, iterator->id) != 0)) |
| 352 | iterator = iterator->next; | 352 | iterator = iterator->next; |
| @@ -372,7 +372,7 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 372 | engine_ref_debug(iterator, 0, 1) | 372 | engine_ref_debug(iterator, 0, 1) |
| 373 | } | 373 | } |
| 374 | } | 374 | } |
| 375 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 375 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 376 | if(iterator == NULL) | 376 | if(iterator == NULL) |
| 377 | { | 377 | { |
| 378 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, | 378 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, |
| @@ -381,3 +381,14 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 381 | } | 381 | } |
| 382 | return iterator; | 382 | return iterator; |
| 383 | } | 383 | } |
| 384 | |||
| 385 | int ENGINE_up_ref(ENGINE *e) | ||
| 386 | { | ||
| 387 | if (e == NULL) | ||
| 388 | { | ||
| 389 | ENGINEerr(ENGINE_F_ENGINE_UP_REF,ERR_R_PASSED_NULL_PARAMETER); | ||
| 390 | return 0; | ||
| 391 | } | ||
| 392 | CRYPTO_add(&e->struct_ref,1,CRYPTO_LOCK_ENGINE); | ||
| 393 | return 1; | ||
| 394 | } | ||
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c index e9d976f46b..54579eea2e 100644 --- a/src/lib/libcrypto/engine/eng_openssl.c +++ b/src/lib/libcrypto/engine/eng_openssl.c | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/engine.h> | 63 | #include <openssl/engine.h> |
| 64 | #include <openssl/dso.h> | 64 | #include <openssl/dso.h> |
| 65 | #include <openssl/pem.h> | 65 | #include <openssl/pem.h> |
| 66 | #include <openssl/evp.h> | ||
| 66 | 67 | ||
| 67 | /* This testing gunk is implemented (and explained) lower down. It also assumes | 68 | /* This testing gunk is implemented (and explained) lower down. It also assumes |
| 68 | * the application explicitly calls "ENGINE_load_openssl()" because this is no | 69 | * the application explicitly calls "ENGINE_load_openssl()" because this is no |
| @@ -78,6 +79,21 @@ | |||
| 78 | /* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */ | 79 | /* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */ |
| 79 | /* #define TEST_ENG_OPENSSL_SHA_P_FINAL */ | 80 | /* #define TEST_ENG_OPENSSL_SHA_P_FINAL */ |
| 80 | 81 | ||
| 82 | /* Now check what of those algorithms are actually enabled */ | ||
| 83 | #ifdef OPENSSL_NO_RC4 | ||
| 84 | #undef TEST_ENG_OPENSSL_RC4 | ||
| 85 | #undef TEST_ENG_OPENSSL_RC4_OTHERS | ||
| 86 | #undef TEST_ENG_OPENSSL_RC4_P_INIT | ||
| 87 | #undef TEST_ENG_OPENSSL_RC4_P_CIPHER | ||
| 88 | #endif | ||
| 89 | #if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1) | ||
| 90 | #undef TEST_ENG_OPENSSL_SHA | ||
| 91 | #undef TEST_ENG_OPENSSL_SHA_OTHERS | ||
| 92 | #undef TEST_ENG_OPENSSL_SHA_P_INIT | ||
| 93 | #undef TEST_ENG_OPENSSL_SHA_P_UPDATE | ||
| 94 | #undef TEST_ENG_OPENSSL_SHA_P_FINAL | ||
| 95 | #endif | ||
| 96 | |||
| 81 | #ifdef TEST_ENG_OPENSSL_RC4 | 97 | #ifdef TEST_ENG_OPENSSL_RC4 |
| 82 | static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | 98 | static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
| 83 | const int **nids, int nid); | 99 | const int **nids, int nid); |
| @@ -180,7 +196,6 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) | |||
| 180 | * the "init_key" handler is called. | 196 | * the "init_key" handler is called. |
| 181 | * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler. | 197 | * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler. |
| 182 | */ | 198 | */ |
| 183 | #include <openssl/evp.h> | ||
| 184 | #include <openssl/rc4.h> | 199 | #include <openssl/rc4.h> |
| 185 | #define TEST_RC4_KEY_SIZE 16 | 200 | #define TEST_RC4_KEY_SIZE 16 |
| 186 | static int test_cipher_nids[] = {NID_rc4,NID_rc4_40}; | 201 | static int test_cipher_nids[] = {NID_rc4,NID_rc4_40}; |
| @@ -265,7 +280,6 @@ static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |||
| 265 | 280 | ||
| 266 | #ifdef TEST_ENG_OPENSSL_SHA | 281 | #ifdef TEST_ENG_OPENSSL_SHA |
| 267 | /* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */ | 282 | /* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */ |
| 268 | #include <openssl/evp.h> | ||
| 269 | #include <openssl/sha.h> | 283 | #include <openssl/sha.h> |
| 270 | static int test_digest_nids[] = {NID_sha1}; | 284 | static int test_digest_nids[] = {NID_sha1}; |
| 271 | static int test_digest_nids_number = 1; | 285 | static int test_digest_nids_number = 1; |
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h index fd17ff616d..8686879e1a 100644 --- a/src/lib/libcrypto/engine/engine.h +++ b/src/lib/libcrypto/engine/engine.h | |||
| @@ -59,6 +59,12 @@ | |||
| 59 | #ifndef HEADER_ENGINE_H | 59 | #ifndef HEADER_ENGINE_H |
| 60 | #define HEADER_ENGINE_H | 60 | #define HEADER_ENGINE_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> | ||
| 63 | |||
| 64 | #ifdef OPENSSL_NO_ENGINE | ||
| 65 | #error ENGINE is disabled. | ||
| 66 | #endif | ||
| 67 | |||
| 62 | #include <openssl/ossl_typ.h> | 68 | #include <openssl/ossl_typ.h> |
| 63 | #include <openssl/bn.h> | 69 | #include <openssl/bn.h> |
| 64 | #ifndef OPENSSL_NO_RSA | 70 | #ifndef OPENSSL_NO_RSA |
| @@ -307,11 +313,8 @@ void ENGINE_load_ubsec(void); | |||
| 307 | void ENGINE_load_aep(void); | 313 | void ENGINE_load_aep(void); |
| 308 | void ENGINE_load_sureware(void); | 314 | void ENGINE_load_sureware(void); |
| 309 | void ENGINE_load_4758cca(void); | 315 | void ENGINE_load_4758cca(void); |
| 310 | void ENGINE_load_openbsd_dev_crypto(void); | ||
| 311 | void ENGINE_load_builtin_engines(void); | ||
| 312 | #ifdef __OpenBSD__ | ||
| 313 | void ENGINE_load_cryptodev(void); | 316 | void ENGINE_load_cryptodev(void); |
| 314 | #endif | 317 | void ENGINE_load_builtin_engines(void); |
| 315 | 318 | ||
| 316 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation | 319 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation |
| 317 | * "registry" handling. */ | 320 | * "registry" handling. */ |
| @@ -409,6 +412,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, | |||
| 409 | * compatibility! */ | 412 | * compatibility! */ |
| 410 | ENGINE *ENGINE_new(void); | 413 | ENGINE *ENGINE_new(void); |
| 411 | int ENGINE_free(ENGINE *e); | 414 | int ENGINE_free(ENGINE *e); |
| 415 | int ENGINE_up_ref(ENGINE *e); | ||
| 412 | int ENGINE_set_id(ENGINE *e, const char *id); | 416 | int ENGINE_set_id(ENGINE *e, const char *id); |
| 413 | int ENGINE_set_name(ENGINE *e, const char *name); | 417 | int ENGINE_set_name(ENGINE *e, const char *name); |
| 414 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); | 418 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); |
| @@ -665,6 +669,7 @@ void ERR_load_ENGINE_strings(void); | |||
| 665 | #define ENGINE_F_ENGINE_SET_NAME 130 | 669 | #define ENGINE_F_ENGINE_SET_NAME 130 |
| 666 | #define ENGINE_F_ENGINE_TABLE_REGISTER 184 | 670 | #define ENGINE_F_ENGINE_TABLE_REGISTER 184 |
| 667 | #define ENGINE_F_ENGINE_UNLOAD_KEY 152 | 671 | #define ENGINE_F_ENGINE_UNLOAD_KEY 152 |
| 672 | #define ENGINE_F_ENGINE_UP_REF 190 | ||
| 668 | #define ENGINE_F_INT_CTRL_HELPER 172 | 673 | #define ENGINE_F_INT_CTRL_HELPER 172 |
| 669 | #define ENGINE_F_INT_ENGINE_CONFIGURE 188 | 674 | #define ENGINE_F_INT_ENGINE_CONFIGURE 188 |
| 670 | #define ENGINE_F_LOG_MESSAGE 141 | 675 | #define ENGINE_F_LOG_MESSAGE 141 |
diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c index 87fa8c57b7..c2d0297392 100644 --- a/src/lib/libcrypto/engine/enginetest.c +++ b/src/lib/libcrypto/engine/enginetest.c | |||
| @@ -56,9 +56,17 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/e_os2.h> | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include <string.h> | 60 | #include <string.h> |
| 61 | |||
| 62 | #ifdef OPENSSL_NO_ENGINE | ||
| 63 | int main(int argc, char *argv[]) | ||
| 64 | { | ||
| 65 | printf("No ENGINE support\n"); | ||
| 66 | return(0); | ||
| 67 | } | ||
| 68 | #else | ||
| 69 | #include <openssl/e_os2.h> | ||
| 62 | #include <openssl/buffer.h> | 70 | #include <openssl/buffer.h> |
| 63 | #include <openssl/crypto.h> | 71 | #include <openssl/crypto.h> |
| 64 | #include <openssl/engine.h> | 72 | #include <openssl/engine.h> |
| @@ -272,3 +280,4 @@ end: | |||
| 272 | CRYPTO_mem_leaks_fp(stderr); | 280 | CRYPTO_mem_leaks_fp(stderr); |
| 273 | return to_return; | 281 | return to_return; |
| 274 | } | 282 | } |
| 283 | #endif | ||
diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c index 6d41b9ed2a..4f5ae8a46d 100644 --- a/src/lib/libcrypto/engine/hw_4758_cca.c +++ b/src/lib/libcrypto/engine/hw_4758_cca.c | |||
| @@ -223,6 +223,7 @@ static int bind_helper(ENGINE *e) | |||
| 223 | return 1; | 223 | return 1; |
| 224 | } | 224 | } |
| 225 | 225 | ||
| 226 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 226 | static ENGINE *engine_4758_cca(void) | 227 | static ENGINE *engine_4758_cca(void) |
| 227 | { | 228 | { |
| 228 | ENGINE *ret = ENGINE_new(); | 229 | ENGINE *ret = ENGINE_new(); |
| @@ -244,6 +245,7 @@ void ENGINE_load_4758cca(void) | |||
| 244 | ENGINE_free(e_4758); | 245 | ENGINE_free(e_4758); |
| 245 | ERR_clear_error(); | 246 | ERR_clear_error(); |
| 246 | } | 247 | } |
| 248 | #endif | ||
| 247 | 249 | ||
| 248 | static int ibm_4758_cca_destroy(ENGINE *e) | 250 | static int ibm_4758_cca_destroy(ENGINE *e) |
| 249 | { | 251 | { |
| @@ -715,7 +717,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, | |||
| 715 | 717 | ||
| 716 | if (type == NID_sha1 || type == NID_md5) | 718 | if (type == NID_sha1 || type == NID_md5) |
| 717 | { | 719 | { |
| 718 | memset(hashBuffer, 0, keyLength+1); | 720 | OPENSSL_cleanse(hashBuffer, keyLength+1); |
| 719 | OPENSSL_free(hashBuffer); | 721 | OPENSSL_free(hashBuffer); |
| 720 | } | 722 | } |
| 721 | 723 | ||
| @@ -838,7 +840,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 838 | 840 | ||
| 839 | if (type == NID_sha1 || type == NID_md5) | 841 | if (type == NID_sha1 || type == NID_md5) |
| 840 | { | 842 | { |
| 841 | memset(hashBuffer, 0, keyLength+1); | 843 | OPENSSL_cleanse(hashBuffer, keyLength+1); |
| 842 | OPENSSL_free(hashBuffer); | 844 | OPENSSL_free(hashBuffer); |
| 843 | } | 845 | } |
| 844 | 846 | ||
diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c index 6151c46902..e9eff9fad1 100644 --- a/src/lib/libcrypto/engine/hw_atalla.c +++ b/src/lib/libcrypto/engine/hw_atalla.c | |||
| @@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e) | |||
| 242 | return 1; | 242 | return 1; |
| 243 | } | 243 | } |
| 244 | 244 | ||
| 245 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 245 | static ENGINE *engine_atalla(void) | 246 | static ENGINE *engine_atalla(void) |
| 246 | { | 247 | { |
| 247 | ENGINE *ret = ENGINE_new(); | 248 | ENGINE *ret = ENGINE_new(); |
| @@ -264,6 +265,7 @@ void ENGINE_load_atalla(void) | |||
| 264 | ENGINE_free(toadd); | 265 | ENGINE_free(toadd); |
| 265 | ERR_clear_error(); | 266 | ERR_clear_error(); |
| 266 | } | 267 | } |
| 268 | #endif | ||
| 267 | 269 | ||
| 268 | /* This is a process-global DSO handle used for loading and unloading | 270 | /* This is a process-global DSO handle used for loading and unloading |
| 269 | * the Atalla library. NB: This is only set (or unset) during an | 271 | * the Atalla library. NB: This is only set (or unset) during an |
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c index 034c7ca213..139119b80c 100644 --- a/src/lib/libcrypto/engine/hw_cryptodev.c +++ b/src/lib/libcrypto/engine/hw_cryptodev.c | |||
| @@ -29,8 +29,32 @@ | |||
| 29 | * | 29 | * |
| 30 | */ | 30 | */ |
| 31 | 31 | ||
| 32 | #include <sys/types.h> | 32 | #include <openssl/objects.h> |
| 33 | #include <openssl/engine.h> | ||
| 34 | #include <openssl/evp.h> | ||
| 35 | |||
| 36 | #if (defined(__unix__) || defined(unix)) && !defined(USG) | ||
| 33 | #include <sys/param.h> | 37 | #include <sys/param.h> |
| 38 | # if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) | ||
| 39 | # define HAVE_CRYPTODEV | ||
| 40 | # endif | ||
| 41 | # if (OpenBSD >= 200110) | ||
| 42 | # define HAVE_SYSLOG_R | ||
| 43 | # endif | ||
| 44 | #endif | ||
| 45 | |||
| 46 | #ifndef HAVE_CRYPTODEV | ||
| 47 | |||
| 48 | void | ||
| 49 | ENGINE_load_cryptodev(void) | ||
| 50 | { | ||
| 51 | /* This is a NOP on platforms without /dev/crypto */ | ||
| 52 | return; | ||
| 53 | } | ||
| 54 | |||
| 55 | #else | ||
| 56 | |||
| 57 | #include <sys/types.h> | ||
| 34 | #include <crypto/cryptodev.h> | 58 | #include <crypto/cryptodev.h> |
| 35 | #include <sys/ioctl.h> | 59 | #include <sys/ioctl.h> |
| 36 | #include <errno.h> | 60 | #include <errno.h> |
| @@ -39,9 +63,6 @@ | |||
| 39 | #include <fcntl.h> | 63 | #include <fcntl.h> |
| 40 | #include <stdarg.h> | 64 | #include <stdarg.h> |
| 41 | #include <syslog.h> | 65 | #include <syslog.h> |
| 42 | #include <ssl/objects.h> | ||
| 43 | #include <ssl/engine.h> | ||
| 44 | #include <ssl/evp.h> | ||
| 45 | #include <errno.h> | 66 | #include <errno.h> |
| 46 | #include <string.h> | 67 | #include <string.h> |
| 47 | 68 | ||
| @@ -101,10 +122,6 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | |||
| 101 | void ENGINE_load_cryptodev(void); | 122 | void ENGINE_load_cryptodev(void); |
| 102 | 123 | ||
| 103 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | 124 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { |
| 104 | {ENGINE_CMD_BASE, | ||
| 105 | "SO_PATH", | ||
| 106 | "Specifies the path to the some stupid shared library", | ||
| 107 | ENGINE_CMD_FLAG_STRING}, | ||
| 108 | { 0, NULL, NULL, 0 } | 125 | { 0, NULL, NULL, 0 } |
| 109 | }; | 126 | }; |
| 110 | 127 | ||
| @@ -1011,12 +1028,18 @@ static DH_METHOD cryptodev_dh = { | |||
| 1011 | static int | 1028 | static int |
| 1012 | cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | 1029 | cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) |
| 1013 | { | 1030 | { |
| 1031 | #ifdef HAVE_SYSLOG_R | ||
| 1014 | struct syslog_data sd = SYSLOG_DATA_INIT; | 1032 | struct syslog_data sd = SYSLOG_DATA_INIT; |
| 1033 | #endif | ||
| 1015 | 1034 | ||
| 1016 | switch (cmd) { | 1035 | switch (cmd) { |
| 1017 | default: | 1036 | default: |
| 1037 | #ifdef HAVE_SYSLOG_R | ||
| 1018 | syslog_r(LOG_ERR, &sd, | 1038 | syslog_r(LOG_ERR, &sd, |
| 1019 | "cryptodev_ctrl: unknown command %d", cmd); | 1039 | "cryptodev_ctrl: unknown command %d", cmd); |
| 1040 | #else | ||
| 1041 | syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd); | ||
| 1042 | #endif | ||
| 1020 | break; | 1043 | break; |
| 1021 | } | 1044 | } |
| 1022 | return (1); | 1045 | return (1); |
| @@ -1043,7 +1066,7 @@ ENGINE_load_cryptodev(void) | |||
| 1043 | close(fd); | 1066 | close(fd); |
| 1044 | 1067 | ||
| 1045 | if (!ENGINE_set_id(engine, "cryptodev") || | 1068 | if (!ENGINE_set_id(engine, "cryptodev") || |
| 1046 | !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || | 1069 | !ENGINE_set_name(engine, "BSD cryptodev engine") || |
| 1047 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | 1070 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || |
| 1048 | !ENGINE_set_digests(engine, cryptodev_engine_digests) || | 1071 | !ENGINE_set_digests(engine, cryptodev_engine_digests) || |
| 1049 | !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || | 1072 | !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || |
| @@ -1104,3 +1127,5 @@ ENGINE_load_cryptodev(void) | |||
| 1104 | ENGINE_free(engine); | 1127 | ENGINE_free(engine); |
| 1105 | ERR_clear_error(); | 1128 | ERR_clear_error(); |
| 1106 | } | 1129 | } |
| 1130 | |||
| 1131 | #endif /* HAVE_CRYPTODEV */ | ||
diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c index f5c897bdbb..f128ee5a68 100644 --- a/src/lib/libcrypto/engine/hw_cswift.c +++ b/src/lib/libcrypto/engine/hw_cswift.c | |||
| @@ -121,6 +121,10 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | |||
| 121 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 121 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); |
| 122 | #endif | 122 | #endif |
| 123 | 123 | ||
| 124 | /* RAND stuff */ | ||
| 125 | static int cswift_rand_bytes(unsigned char *buf, int num); | ||
| 126 | static int cswift_rand_status(void); | ||
| 127 | |||
| 124 | /* The definitions for control commands specific to this engine */ | 128 | /* The definitions for control commands specific to this engine */ |
| 125 | #define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE | 129 | #define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE |
| 126 | static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { | 130 | static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { |
| @@ -183,6 +187,18 @@ static DH_METHOD cswift_dh = | |||
| 183 | }; | 187 | }; |
| 184 | #endif | 188 | #endif |
| 185 | 189 | ||
| 190 | static RAND_METHOD cswift_random = | ||
| 191 | { | ||
| 192 | /* "CryptoSwift RAND method", */ | ||
| 193 | NULL, | ||
| 194 | cswift_rand_bytes, | ||
| 195 | NULL, | ||
| 196 | NULL, | ||
| 197 | cswift_rand_bytes, | ||
| 198 | cswift_rand_status, | ||
| 199 | }; | ||
| 200 | |||
| 201 | |||
| 186 | /* Constants used when creating the ENGINE */ | 202 | /* Constants used when creating the ENGINE */ |
| 187 | static const char *engine_cswift_id = "cswift"; | 203 | static const char *engine_cswift_id = "cswift"; |
| 188 | static const char *engine_cswift_name = "CryptoSwift hardware engine support"; | 204 | static const char *engine_cswift_name = "CryptoSwift hardware engine support"; |
| @@ -208,6 +224,7 @@ static int bind_helper(ENGINE *e) | |||
| 208 | #ifndef OPENSSL_NO_DH | 224 | #ifndef OPENSSL_NO_DH |
| 209 | !ENGINE_set_DH(e, &cswift_dh) || | 225 | !ENGINE_set_DH(e, &cswift_dh) || |
| 210 | #endif | 226 | #endif |
| 227 | !ENGINE_set_RAND(e, &cswift_random) || | ||
| 211 | !ENGINE_set_destroy_function(e, cswift_destroy) || | 228 | !ENGINE_set_destroy_function(e, cswift_destroy) || |
| 212 | !ENGINE_set_init_function(e, cswift_init) || | 229 | !ENGINE_set_init_function(e, cswift_init) || |
| 213 | !ENGINE_set_finish_function(e, cswift_finish) || | 230 | !ENGINE_set_finish_function(e, cswift_finish) || |
| @@ -242,6 +259,7 @@ static int bind_helper(ENGINE *e) | |||
| 242 | return 1; | 259 | return 1; |
| 243 | } | 260 | } |
| 244 | 261 | ||
| 262 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 245 | static ENGINE *engine_cswift(void) | 263 | static ENGINE *engine_cswift(void) |
| 246 | { | 264 | { |
| 247 | ENGINE *ret = ENGINE_new(); | 265 | ENGINE *ret = ENGINE_new(); |
| @@ -264,6 +282,7 @@ void ENGINE_load_cswift(void) | |||
| 264 | ENGINE_free(toadd); | 282 | ENGINE_free(toadd); |
| 265 | ERR_clear_error(); | 283 | ERR_clear_error(); |
| 266 | } | 284 | } |
| 285 | #endif | ||
| 267 | 286 | ||
| 268 | /* This is a process-global DSO handle used for loading and unloading | 287 | /* This is a process-global DSO handle used for loading and unloading |
| 269 | * the CryptoSwift library. NB: This is only set (or unset) during an | 288 | * the CryptoSwift library. NB: This is only set (or unset) during an |
| @@ -905,6 +924,60 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | |||
| 905 | } | 924 | } |
| 906 | #endif | 925 | #endif |
| 907 | 926 | ||
| 927 | /* Random bytes are good */ | ||
| 928 | static int cswift_rand_bytes(unsigned char *buf, int num) | ||
| 929 | { | ||
| 930 | SW_CONTEXT_HANDLE hac; | ||
| 931 | SW_STATUS swrc; | ||
| 932 | SW_LARGENUMBER largenum; | ||
| 933 | size_t nbytes = 0; | ||
| 934 | int acquired = 0; | ||
| 935 | int to_return = 0; /* assume failure */ | ||
| 936 | |||
| 937 | if (!get_context(&hac)) | ||
| 938 | { | ||
| 939 | CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE); | ||
| 940 | goto err; | ||
| 941 | } | ||
| 942 | acquired = 1; | ||
| 943 | |||
| 944 | while (nbytes < (size_t)num) | ||
| 945 | { | ||
| 946 | /* tell CryptoSwift how many bytes we want and where we want it. | ||
| 947 | * Note: - CryptoSwift cannot do more than 4096 bytes at a time. | ||
| 948 | * - CryptoSwift can only do multiple of 32-bits. */ | ||
| 949 | largenum.value = (SW_BYTE *) buf + nbytes; | ||
| 950 | if (4096 > num - nbytes) | ||
| 951 | largenum.nbytes = num - nbytes; | ||
| 952 | else | ||
| 953 | largenum.nbytes = 4096; | ||
| 954 | |||
| 955 | swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); | ||
| 956 | if (swrc != SW_OK) | ||
| 957 | { | ||
| 958 | char tmpbuf[20]; | ||
| 959 | CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); | ||
| 960 | sprintf(tmpbuf, "%ld", swrc); | ||
| 961 | ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); | ||
| 962 | goto err; | ||
| 963 | } | ||
| 964 | |||
| 965 | nbytes += largenum.nbytes; | ||
| 966 | } | ||
| 967 | to_return = 1; /* success */ | ||
| 968 | |||
| 969 | err: | ||
| 970 | if (acquired) | ||
| 971 | release_context(hac); | ||
| 972 | return to_return; | ||
| 973 | } | ||
| 974 | |||
| 975 | static int cswift_rand_status(void) | ||
| 976 | { | ||
| 977 | return 1; | ||
| 978 | } | ||
| 979 | |||
| 980 | |||
| 908 | /* This stuff is needed if this ENGINE is being compiled into a self-contained | 981 | /* This stuff is needed if this ENGINE is being compiled into a self-contained |
| 909 | * shared-library. */ | 982 | * shared-library. */ |
| 910 | #ifdef ENGINE_DYNAMIC_SUPPORT | 983 | #ifdef ENGINE_DYNAMIC_SUPPORT |
diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c index a43d4360f2..0d1c6b8df0 100644 --- a/src/lib/libcrypto/engine/hw_ncipher.c +++ b/src/lib/libcrypto/engine/hw_ncipher.c | |||
| @@ -91,11 +91,19 @@ static int hwcrhk_init(ENGINE *e); | |||
| 91 | static int hwcrhk_finish(ENGINE *e); | 91 | static int hwcrhk_finish(ENGINE *e); |
| 92 | static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); | 92 | static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); |
| 93 | 93 | ||
| 94 | /* Functions to handle mutexes */ | 94 | /* Functions to handle mutexes if have dynamic locks */ |
| 95 | static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); | 95 | static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); |
| 96 | static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); | 96 | static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); |
| 97 | static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); | 97 | static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); |
| 98 | static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); | 98 | static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); |
| 99 | #if 1 /* This is a HACK which will disappear in 0.9.8 */ | ||
| 100 | /* Functions to handle mutexes if only have static locks */ | ||
| 101 | static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, | ||
| 102 | HWCryptoHook_CallerContext *c); | ||
| 103 | static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m); | ||
| 104 | static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m); | ||
| 105 | static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m); | ||
| 106 | #endif | ||
| 99 | 107 | ||
| 100 | /* BIGNUM stuff */ | 108 | /* BIGNUM stuff */ |
| 101 | static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 109 | static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
| @@ -373,6 +381,7 @@ static int bind_helper(ENGINE *e) | |||
| 373 | return 1; | 381 | return 1; |
| 374 | } | 382 | } |
| 375 | 383 | ||
| 384 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 376 | static ENGINE *engine_ncipher(void) | 385 | static ENGINE *engine_ncipher(void) |
| 377 | { | 386 | { |
| 378 | ENGINE *ret = ENGINE_new(); | 387 | ENGINE *ret = ENGINE_new(); |
| @@ -395,6 +404,7 @@ void ENGINE_load_chil(void) | |||
| 395 | ENGINE_free(toadd); | 404 | ENGINE_free(toadd); |
| 396 | ERR_clear_error(); | 405 | ERR_clear_error(); |
| 397 | } | 406 | } |
| 407 | #endif | ||
| 398 | 408 | ||
| 399 | /* This is a process-global DSO handle used for loading and unloading | 409 | /* This is a process-global DSO handle used for loading and unloading |
| 400 | * the HWCryptoHook library. NB: This is only set (or unset) during an | 410 | * the HWCryptoHook library. NB: This is only set (or unset) during an |
| @@ -558,15 +568,31 @@ static int hwcrhk_init(ENGINE *e) | |||
| 558 | 568 | ||
| 559 | /* Check if the application decided to support dynamic locks, | 569 | /* Check if the application decided to support dynamic locks, |
| 560 | and if it does, use them. */ | 570 | and if it does, use them. */ |
| 561 | if (disable_mutex_callbacks == 0 && | 571 | if (disable_mutex_callbacks == 0) |
| 562 | CRYPTO_get_dynlock_create_callback() != NULL && | ||
| 563 | CRYPTO_get_dynlock_lock_callback() != NULL && | ||
| 564 | CRYPTO_get_dynlock_destroy_callback() != NULL) | ||
| 565 | { | 572 | { |
| 566 | hwcrhk_globals.mutex_init = hwcrhk_mutex_init; | 573 | if (CRYPTO_get_dynlock_create_callback() != NULL && |
| 567 | hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; | 574 | CRYPTO_get_dynlock_lock_callback() != NULL && |
| 568 | hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; | 575 | CRYPTO_get_dynlock_destroy_callback() != NULL) |
| 569 | hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; | 576 | { |
| 577 | hwcrhk_globals.mutex_init = hwcrhk_mutex_init; | ||
| 578 | hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; | ||
| 579 | hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; | ||
| 580 | hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; | ||
| 581 | } | ||
| 582 | else if (CRYPTO_get_locking_callback() != NULL) | ||
| 583 | { | ||
| 584 | HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING); | ||
| 585 | ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()"); | ||
| 586 | #if 1 /* This is a HACK which will disappear in 0.9.8 */ | ||
| 587 | hwcrhk_globals.maxmutexes = 1; /* Only have one lock */ | ||
| 588 | hwcrhk_globals.mutex_init = hwcrhk_static_mutex_init; | ||
| 589 | hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock; | ||
| 590 | hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock; | ||
| 591 | hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy; | ||
| 592 | #else | ||
| 593 | goto err; | ||
| 594 | #endif | ||
| 595 | } | ||
| 570 | } | 596 | } |
| 571 | 597 | ||
| 572 | /* Try and get a context - if not, we may have a DSO but no | 598 | /* Try and get a context - if not, we may have a DSO but no |
| @@ -1020,7 +1046,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) | |||
| 1020 | 1046 | ||
| 1021 | /* Perform the operation */ | 1047 | /* Perform the operation */ |
| 1022 | ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, | 1048 | ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, |
| 1023 | m_dmp1, m_dmq1, m_iqmp, &m_r, NULL); | 1049 | m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg); |
| 1024 | 1050 | ||
| 1025 | /* Convert the response */ | 1051 | /* Convert the response */ |
| 1026 | r->top = m_r.size / sizeof(BN_ULONG); | 1052 | r->top = m_r.size / sizeof(BN_ULONG); |
| @@ -1171,6 +1197,26 @@ static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt) | |||
| 1171 | CRYPTO_destroy_dynlockid(mt->lockid); | 1197 | CRYPTO_destroy_dynlockid(mt->lockid); |
| 1172 | } | 1198 | } |
| 1173 | 1199 | ||
| 1200 | /* Mutex upcalls to use if the application does not support dynamic locks */ | ||
| 1201 | |||
| 1202 | static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, | ||
| 1203 | HWCryptoHook_CallerContext *c) | ||
| 1204 | { | ||
| 1205 | return 0; | ||
| 1206 | } | ||
| 1207 | static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m) | ||
| 1208 | { | ||
| 1209 | CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK); | ||
| 1210 | return 0; | ||
| 1211 | } | ||
| 1212 | static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m) | ||
| 1213 | { | ||
| 1214 | CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK); | ||
| 1215 | } | ||
| 1216 | static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m) | ||
| 1217 | { | ||
| 1218 | } | ||
| 1219 | |||
| 1174 | static int hwcrhk_get_pass(const char *prompt_info, | 1220 | static int hwcrhk_get_pass(const char *prompt_info, |
| 1175 | int *len_io, char *buf, | 1221 | int *len_io, char *buf, |
| 1176 | HWCryptoHook_PassphraseContext *ppctx, | 1222 | HWCryptoHook_PassphraseContext *ppctx, |
| @@ -1318,7 +1364,7 @@ static void hwcrhk_log_message(void *logstr, const char *message) | |||
| 1318 | lstream=*(BIO **)logstr; | 1364 | lstream=*(BIO **)logstr; |
| 1319 | if (lstream) | 1365 | if (lstream) |
| 1320 | { | 1366 | { |
| 1321 | BIO_write(lstream, message, strlen(message)); | 1367 | BIO_printf(lstream, "%s\n", message); |
| 1322 | } | 1368 | } |
| 1323 | CRYPTO_w_unlock(CRYPTO_LOCK_BIO); | 1369 | CRYPTO_w_unlock(CRYPTO_LOCK_BIO); |
| 1324 | } | 1370 | } |
diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.c b/src/lib/libcrypto/engine/hw_ncipher_err.c index 24024cfc6f..5bc94581b7 100644 --- a/src/lib/libcrypto/engine/hw_ncipher_err.c +++ b/src/lib/libcrypto/engine/hw_ncipher_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* hw_ncipher_err.c */ | 1 | /* hw_ncipher_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -86,6 +86,7 @@ static ERR_STRING_DATA HWCRHK_str_reasons[]= | |||
| 86 | {HWCRHK_R_CHIL_ERROR ,"chil error"}, | 86 | {HWCRHK_R_CHIL_ERROR ,"chil error"}, |
| 87 | {HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, | 87 | {HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, |
| 88 | {HWCRHK_R_DSO_FAILURE ,"dso failure"}, | 88 | {HWCRHK_R_DSO_FAILURE ,"dso failure"}, |
| 89 | {HWCRHK_R_DYNAMIC_LOCKING_MISSING ,"dynamic locking missing"}, | ||
| 89 | {HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, | 90 | {HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, |
| 90 | {HWCRHK_R_NOT_INITIALISED ,"not initialised"}, | 91 | {HWCRHK_R_NOT_INITIALISED ,"not initialised"}, |
| 91 | {HWCRHK_R_NOT_LOADED ,"not loaded"}, | 92 | {HWCRHK_R_NOT_LOADED ,"not loaded"}, |
diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.h b/src/lib/libcrypto/engine/hw_ncipher_err.h index 4d65b1d470..d232d02319 100644 --- a/src/lib/libcrypto/engine/hw_ncipher_err.h +++ b/src/lib/libcrypto/engine/hw_ncipher_err.h | |||
| @@ -84,6 +84,7 @@ static void ERR_HWCRHK_error(int function, int reason, char *file, int line); | |||
| 84 | #define HWCRHK_R_CHIL_ERROR 102 | 84 | #define HWCRHK_R_CHIL_ERROR 102 |
| 85 | #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 | 85 | #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 |
| 86 | #define HWCRHK_R_DSO_FAILURE 104 | 86 | #define HWCRHK_R_DSO_FAILURE 104 |
| 87 | #define HWCRHK_R_DYNAMIC_LOCKING_MISSING 114 | ||
| 87 | #define HWCRHK_R_MISSING_KEY_COMPONENTS 105 | 88 | #define HWCRHK_R_MISSING_KEY_COMPONENTS 105 |
| 88 | #define HWCRHK_R_NOT_INITIALISED 106 | 89 | #define HWCRHK_R_NOT_INITIALISED 106 |
| 89 | #define HWCRHK_R_NOT_LOADED 107 | 90 | #define HWCRHK_R_NOT_LOADED 107 |
diff --git a/src/lib/libcrypto/engine/hw_nuron.c b/src/lib/libcrypto/engine/hw_nuron.c index 130b6d8b40..fb9188bfe5 100644 --- a/src/lib/libcrypto/engine/hw_nuron.c +++ b/src/lib/libcrypto/engine/hw_nuron.c | |||
| @@ -374,6 +374,7 @@ static int bind_helper(ENGINE *e) | |||
| 374 | return 1; | 374 | return 1; |
| 375 | } | 375 | } |
| 376 | 376 | ||
| 377 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 377 | static ENGINE *engine_nuron(void) | 378 | static ENGINE *engine_nuron(void) |
| 378 | { | 379 | { |
| 379 | ENGINE *ret = ENGINE_new(); | 380 | ENGINE *ret = ENGINE_new(); |
| @@ -396,6 +397,7 @@ void ENGINE_load_nuron(void) | |||
| 396 | ENGINE_free(toadd); | 397 | ENGINE_free(toadd); |
| 397 | ERR_clear_error(); | 398 | ERR_clear_error(); |
| 398 | } | 399 | } |
| 400 | #endif | ||
| 399 | 401 | ||
| 400 | /* This stuff is needed if this ENGINE is being compiled into a self-contained | 402 | /* This stuff is needed if this ENGINE is being compiled into a self-contained |
| 401 | * shared-library. */ | 403 | * shared-library. */ |
diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c index ed8401ec16..6286dd851c 100644 --- a/src/lib/libcrypto/engine/hw_ubsec.c +++ b/src/lib/libcrypto/engine/hw_ubsec.c | |||
| @@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e) | |||
| 242 | return 1; | 242 | return 1; |
| 243 | } | 243 | } |
| 244 | 244 | ||
| 245 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 245 | static ENGINE *engine_ubsec(void) | 246 | static ENGINE *engine_ubsec(void) |
| 246 | { | 247 | { |
| 247 | ENGINE *ret = ENGINE_new(); | 248 | ENGINE *ret = ENGINE_new(); |
| @@ -264,6 +265,7 @@ void ENGINE_load_ubsec(void) | |||
| 264 | ENGINE_free(toadd); | 265 | ENGINE_free(toadd); |
| 265 | ERR_clear_error(); | 266 | ERR_clear_error(); |
| 266 | } | 267 | } |
| 268 | #endif | ||
| 267 | 269 | ||
| 268 | /* This is a process-global DSO handle used for loading and unloading | 270 | /* This is a process-global DSO handle used for loading and unloading |
| 269 | * the UBSEC library. NB: This is only set (or unset) during an | 271 | * the UBSEC library. NB: This is only set (or unset) during an |
diff --git a/src/lib/libcrypto/engine/tb_cipher.c b/src/lib/libcrypto/engine/tb_cipher.c index c5a50fc910..50b3cec1fa 100644 --- a/src/lib/libcrypto/engine/tb_cipher.c +++ b/src/lib/libcrypto/engine/tb_cipher.c | |||
| @@ -81,7 +81,7 @@ int ENGINE_register_ciphers(ENGINE *e) | |||
| 81 | int num_nids = e->ciphers(e, NULL, &nids, 0); | 81 | int num_nids = e->ciphers(e, NULL, &nids, 0); |
| 82 | if(num_nids > 0) | 82 | if(num_nids > 0) |
| 83 | return engine_table_register(&cipher_table, | 83 | return engine_table_register(&cipher_table, |
| 84 | &engine_unregister_all_ciphers, e, nids, | 84 | engine_unregister_all_ciphers, e, nids, |
| 85 | num_nids, 0); | 85 | num_nids, 0); |
| 86 | } | 86 | } |
| 87 | return 1; | 87 | return 1; |
| @@ -103,7 +103,7 @@ int ENGINE_set_default_ciphers(ENGINE *e) | |||
| 103 | int num_nids = e->ciphers(e, NULL, &nids, 0); | 103 | int num_nids = e->ciphers(e, NULL, &nids, 0); |
| 104 | if(num_nids > 0) | 104 | if(num_nids > 0) |
| 105 | return engine_table_register(&cipher_table, | 105 | return engine_table_register(&cipher_table, |
| 106 | &engine_unregister_all_ciphers, e, nids, | 106 | engine_unregister_all_ciphers, e, nids, |
| 107 | num_nids, 1); | 107 | num_nids, 1); |
| 108 | } | 108 | } |
| 109 | return 1; | 109 | return 1; |
diff --git a/src/lib/libcrypto/engine/tb_dh.c b/src/lib/libcrypto/engine/tb_dh.c index c9347235ea..e290e1702b 100644 --- a/src/lib/libcrypto/engine/tb_dh.c +++ b/src/lib/libcrypto/engine/tb_dh.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_DH(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->dh_meth) | 79 | if(e->dh_meth) |
| 80 | return engine_table_register(&dh_table, | 80 | return engine_table_register(&dh_table, |
| 81 | &engine_unregister_all_DH, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_DH, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_DH(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->dh_meth) | 95 | if(e->dh_meth) |
| 96 | return engine_table_register(&dh_table, | 96 | return engine_table_register(&dh_table, |
| 97 | &engine_unregister_all_DH, e, &dummy_nid, 1, 1); | 97 | engine_unregister_all_DH, e, &dummy_nid, 1, 1); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libcrypto/engine/tb_digest.c b/src/lib/libcrypto/engine/tb_digest.c index 2c4dd6f796..e82d2a17c9 100644 --- a/src/lib/libcrypto/engine/tb_digest.c +++ b/src/lib/libcrypto/engine/tb_digest.c | |||
| @@ -81,7 +81,7 @@ int ENGINE_register_digests(ENGINE *e) | |||
| 81 | int num_nids = e->digests(e, NULL, &nids, 0); | 81 | int num_nids = e->digests(e, NULL, &nids, 0); |
| 82 | if(num_nids > 0) | 82 | if(num_nids > 0) |
| 83 | return engine_table_register(&digest_table, | 83 | return engine_table_register(&digest_table, |
| 84 | &engine_unregister_all_digests, e, nids, | 84 | engine_unregister_all_digests, e, nids, |
| 85 | num_nids, 0); | 85 | num_nids, 0); |
| 86 | } | 86 | } |
| 87 | return 1; | 87 | return 1; |
| @@ -103,7 +103,7 @@ int ENGINE_set_default_digests(ENGINE *e) | |||
| 103 | int num_nids = e->digests(e, NULL, &nids, 0); | 103 | int num_nids = e->digests(e, NULL, &nids, 0); |
| 104 | if(num_nids > 0) | 104 | if(num_nids > 0) |
| 105 | return engine_table_register(&digest_table, | 105 | return engine_table_register(&digest_table, |
| 106 | &engine_unregister_all_digests, e, nids, | 106 | engine_unregister_all_digests, e, nids, |
| 107 | num_nids, 1); | 107 | num_nids, 1); |
| 108 | } | 108 | } |
| 109 | return 1; | 109 | return 1; |
diff --git a/src/lib/libcrypto/engine/tb_dsa.c b/src/lib/libcrypto/engine/tb_dsa.c index e9209476b8..80170591f2 100644 --- a/src/lib/libcrypto/engine/tb_dsa.c +++ b/src/lib/libcrypto/engine/tb_dsa.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_DSA(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->dsa_meth) | 79 | if(e->dsa_meth) |
| 80 | return engine_table_register(&dsa_table, | 80 | return engine_table_register(&dsa_table, |
| 81 | &engine_unregister_all_DSA, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_DSA, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_DSA(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->dsa_meth) | 95 | if(e->dsa_meth) |
| 96 | return engine_table_register(&dsa_table, | 96 | return engine_table_register(&dsa_table, |
| 97 | &engine_unregister_all_DSA, e, &dummy_nid, 1, 0); | 97 | engine_unregister_all_DSA, e, &dummy_nid, 1, 0); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libcrypto/engine/tb_rand.c b/src/lib/libcrypto/engine/tb_rand.c index 0b1d031f1e..69b67111bc 100644 --- a/src/lib/libcrypto/engine/tb_rand.c +++ b/src/lib/libcrypto/engine/tb_rand.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_RAND(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->rand_meth) | 79 | if(e->rand_meth) |
| 80 | return engine_table_register(&rand_table, | 80 | return engine_table_register(&rand_table, |
| 81 | &engine_unregister_all_RAND, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_RAND, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_RAND(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->rand_meth) | 95 | if(e->rand_meth) |
| 96 | return engine_table_register(&rand_table, | 96 | return engine_table_register(&rand_table, |
| 97 | &engine_unregister_all_RAND, e, &dummy_nid, 1, 1); | 97 | engine_unregister_all_RAND, e, &dummy_nid, 1, 1); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libcrypto/engine/tb_rsa.c b/src/lib/libcrypto/engine/tb_rsa.c index f84fea3968..fee4867f52 100644 --- a/src/lib/libcrypto/engine/tb_rsa.c +++ b/src/lib/libcrypto/engine/tb_rsa.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_RSA(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->rsa_meth) | 79 | if(e->rsa_meth) |
| 80 | return engine_table_register(&rsa_table, | 80 | return engine_table_register(&rsa_table, |
| 81 | &engine_unregister_all_RSA, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_RSA, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_RSA(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->rsa_meth) | 95 | if(e->rsa_meth) |
| 96 | return engine_table_register(&rsa_table, | 96 | return engine_table_register(&rsa_table, |
| 97 | &engine_unregister_all_RSA, e, &dummy_nid, 1, 1); | 97 | engine_unregister_all_RSA, e, &dummy_nid, 1, 1); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libcrypto/err/Makefile.ssl b/src/lib/libcrypto/err/Makefile.ssl index f0c95e2ef2..b253061d07 100644 --- a/src/lib/libcrypto/err/Makefile.ssl +++ b/src/lib/libcrypto/err/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c index 9b532d1f4c..a4f4a260af 100644 --- a/src/lib/libcrypto/err/err.c +++ b/src/lib/libcrypto/err/err.c | |||
| @@ -211,6 +211,7 @@ static ERR_STRING_DATA ERR_str_reasons[]= | |||
| 211 | 211 | ||
| 212 | {0,NULL}, | 212 | {0,NULL}, |
| 213 | }; | 213 | }; |
| 214 | #endif | ||
| 214 | 215 | ||
| 215 | 216 | ||
| 216 | /* Define the predeclared (but externally opaque) "ERR_FNS" type */ | 217 | /* Define the predeclared (but externally opaque) "ERR_FNS" type */ |
| @@ -491,6 +492,7 @@ static int int_err_get_next_lib(void) | |||
| 491 | } | 492 | } |
| 492 | 493 | ||
| 493 | 494 | ||
| 495 | #ifndef OPENSSL_NO_ERR | ||
| 494 | #define NUM_SYS_STR_REASONS 127 | 496 | #define NUM_SYS_STR_REASONS 127 |
| 495 | #define LEN_SYS_STR_REASON 32 | 497 | #define LEN_SYS_STR_REASON 32 |
| 496 | 498 | ||
diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c index 90029fd159..dc505d9d9d 100644 --- a/src/lib/libcrypto/err/err_all.c +++ b/src/lib/libcrypto/err/err_all.c | |||
| @@ -82,7 +82,9 @@ | |||
| 82 | #include <openssl/pkcs12.h> | 82 | #include <openssl/pkcs12.h> |
| 83 | #include <openssl/rand.h> | 83 | #include <openssl/rand.h> |
| 84 | #include <openssl/dso.h> | 84 | #include <openssl/dso.h> |
| 85 | #ifndef OPENSSL_NO_ENGINE | ||
| 85 | #include <openssl/engine.h> | 86 | #include <openssl/engine.h> |
| 87 | #endif | ||
| 86 | #include <openssl/ocsp.h> | 88 | #include <openssl/ocsp.h> |
| 87 | #include <openssl/err.h> | 89 | #include <openssl/err.h> |
| 88 | 90 | ||
| @@ -122,7 +124,9 @@ void ERR_load_crypto_strings(void) | |||
| 122 | ERR_load_PKCS12_strings(); | 124 | ERR_load_PKCS12_strings(); |
| 123 | ERR_load_RAND_strings(); | 125 | ERR_load_RAND_strings(); |
| 124 | ERR_load_DSO_strings(); | 126 | ERR_load_DSO_strings(); |
| 127 | #ifndef OPENSSL_NO_ENGINE | ||
| 125 | ERR_load_ENGINE_strings(); | 128 | ERR_load_ENGINE_strings(); |
| 129 | #endif | ||
| 126 | ERR_load_OCSP_strings(); | 130 | ERR_load_OCSP_strings(); |
| 127 | ERR_load_UI_strings(); | 131 | ERR_load_UI_strings(); |
| 128 | #endif | 132 | #endif |
diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c index c156663f0e..81e34bd6ce 100644 --- a/src/lib/libcrypto/err/err_prn.c +++ b/src/lib/libcrypto/err/err_prn.c | |||
| @@ -62,7 +62,6 @@ | |||
| 62 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 63 | #include <openssl/buffer.h> | 63 | #include <openssl/buffer.h> |
| 64 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 65 | #include <openssl/crypto.h> | ||
| 66 | 65 | ||
| 67 | void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), | 66 | void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), |
| 68 | void *u) | 67 | void *u) |
diff --git a/src/lib/libcrypto/evp/Makefile.ssl b/src/lib/libcrypto/evp/Makefile.ssl index 58843f61a9..b4172406ae 100644 --- a/src/lib/libcrypto/evp/Makefile.ssl +++ b/src/lib/libcrypto/evp/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ links: | |||
| 70 | @sh $(TOP)/util/point.sh Makefile.ssl Makefile | 70 | @sh $(TOP)/util/point.sh Makefile.ssl Makefile |
| 71 | @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) | 71 | @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) |
| 72 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) | 72 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) |
| 73 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TESTDATA) | 73 | cp $(TESTDATA) ../../test |
| 74 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) | 74 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) |
| 75 | 75 | ||
| 76 | install: | 76 | install: |
| @@ -89,7 +89,7 @@ lint: | |||
| 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 90 | 90 | ||
| 91 | depend: | 91 | depend: |
| 92 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 92 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 93 | 93 | ||
| 94 | dclean: | 94 | dclean: |
| 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -496,21 +496,19 @@ evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h | |||
| 496 | evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 496 | evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 497 | evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 497 | evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 498 | evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 498 | evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 499 | evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 499 | evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 500 | evp_acnf.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 500 | evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h |
| 501 | evp_acnf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | 501 | evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h |
| 502 | evp_acnf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | 502 | evp_acnf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h |
| 503 | evp_acnf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | 503 | evp_acnf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h |
| 504 | evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 504 | evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 505 | evp_acnf.o: ../../include/openssl/opensslconf.h | ||
| 506 | evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 505 | evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 507 | evp_acnf.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h | 506 | evp_acnf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h |
| 508 | evp_acnf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h | 507 | evp_acnf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h |
| 509 | evp_acnf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h | 508 | evp_acnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 510 | evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 509 | evp_acnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 511 | evp_acnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 510 | evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 512 | evp_acnf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 511 | evp_acnf.o: ../../include/openssl/ui_compat.h ../cryptlib.h evp_acnf.c |
| 513 | evp_acnf.o: ../cryptlib.h evp_acnf.c | ||
| 514 | evp_enc.o: ../../e_os.h ../../include/openssl/aes.h | 512 | evp_enc.o: ../../e_os.h ../../include/openssl/aes.h |
| 515 | evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 513 | evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 516 | evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | 514 | evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h |
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c index f12eac1b55..6e550f6a43 100644 --- a/src/lib/libcrypto/evp/bio_b64.c +++ b/src/lib/libcrypto/evp/bio_b64.c | |||
| @@ -165,6 +165,7 @@ static int b64_read(BIO *b, char *out, int outl) | |||
| 165 | { | 165 | { |
| 166 | i=ctx->buf_len-ctx->buf_off; | 166 | i=ctx->buf_len-ctx->buf_off; |
| 167 | if (i > outl) i=outl; | 167 | if (i > outl) i=outl; |
| 168 | OPENSSL_assert(ctx->buf_off+i < sizeof ctx->buf); | ||
| 168 | memcpy(out,&(ctx->buf[ctx->buf_off]),i); | 169 | memcpy(out,&(ctx->buf[ctx->buf_off]),i); |
| 169 | ret=i; | 170 | ret=i; |
| 170 | out+=i; | 171 | out+=i; |
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c index 64fb2353af..ab81851503 100644 --- a/src/lib/libcrypto/evp/bio_enc.c +++ b/src/lib/libcrypto/evp/bio_enc.c | |||
| @@ -132,7 +132,7 @@ static int enc_free(BIO *a) | |||
| 132 | if (a == NULL) return(0); | 132 | if (a == NULL) return(0); |
| 133 | b=(BIO_ENC_CTX *)a->ptr; | 133 | b=(BIO_ENC_CTX *)a->ptr; |
| 134 | EVP_CIPHER_CTX_cleanup(&(b->cipher)); | 134 | EVP_CIPHER_CTX_cleanup(&(b->cipher)); |
| 135 | memset(a->ptr,0,sizeof(BIO_ENC_CTX)); | 135 | OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX)); |
| 136 | OPENSSL_free(a->ptr); | 136 | OPENSSL_free(a->ptr); |
| 137 | a->ptr=NULL; | 137 | a->ptr=NULL; |
| 138 | a->init=0; | 138 | a->init=0; |
| @@ -271,7 +271,7 @@ static int enc_write(BIO *b, const char *in, int inl) | |||
| 271 | if (i <= 0) | 271 | if (i <= 0) |
| 272 | { | 272 | { |
| 273 | BIO_copy_next_retry(b); | 273 | BIO_copy_next_retry(b); |
| 274 | return(i); | 274 | return (ret == inl) ? i : ret - inl; |
| 275 | } | 275 | } |
| 276 | n-=i; | 276 | n-=i; |
| 277 | ctx->buf_off+=i; | 277 | ctx->buf_off+=i; |
| @@ -325,10 +325,7 @@ again: | |||
| 325 | { | 325 | { |
| 326 | i=enc_write(b,NULL,0); | 326 | i=enc_write(b,NULL,0); |
| 327 | if (i < 0) | 327 | if (i < 0) |
| 328 | { | 328 | return i; |
| 329 | ret=i; | ||
| 330 | break; | ||
| 331 | } | ||
| 332 | } | 329 | } |
| 333 | 330 | ||
| 334 | if (!ctx->finished) | 331 | if (!ctx->finished) |
diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c index d2be03be82..4e3f10141b 100644 --- a/src/lib/libcrypto/evp/bio_ok.c +++ b/src/lib/libcrypto/evp/bio_ok.c | |||
| @@ -211,7 +211,7 @@ static int ok_free(BIO *a) | |||
| 211 | { | 211 | { |
| 212 | if (a == NULL) return(0); | 212 | if (a == NULL) return(0); |
| 213 | EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); | 213 | EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); |
| 214 | memset(a->ptr,0,sizeof(BIO_OK_CTX)); | 214 | OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX)); |
| 215 | OPENSSL_free(a->ptr); | 215 | OPENSSL_free(a->ptr); |
| 216 | a->ptr=NULL; | 216 | a->ptr=NULL; |
| 217 | a->init=0; | 217 | a->init=0; |
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c index 3d59812e20..1b31a14e37 100644 --- a/src/lib/libcrypto/evp/c_all.c +++ b/src/lib/libcrypto/evp/c_all.c | |||
| @@ -73,5 +73,9 @@ void OPENSSL_add_all_algorithms_noconf(void) | |||
| 73 | { | 73 | { |
| 74 | OpenSSL_add_all_ciphers(); | 74 | OpenSSL_add_all_ciphers(); |
| 75 | OpenSSL_add_all_digests(); | 75 | OpenSSL_add_all_digests(); |
| 76 | ENGINE_setup_openbsd(); | 76 | #ifndef OPENSSL_NO_ENGINE |
| 77 | # if defined(__OpenBSD__) || defined(__FreeBSD__) | ||
| 78 | ENGINE_setup_bsd_cryptodev(); | ||
| 79 | # endif | ||
| 80 | #endif | ||
| 77 | } | 81 | } |
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index a969ac69ed..b22eed4421 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c | |||
| @@ -113,7 +113,9 @@ | |||
| 113 | #include "cryptlib.h" | 113 | #include "cryptlib.h" |
| 114 | #include <openssl/objects.h> | 114 | #include <openssl/objects.h> |
| 115 | #include <openssl/evp.h> | 115 | #include <openssl/evp.h> |
| 116 | #ifndef OPENSSL_NO_ENGINE | ||
| 116 | #include <openssl/engine.h> | 117 | #include <openssl/engine.h> |
| 118 | #endif | ||
| 117 | 119 | ||
| 118 | void EVP_MD_CTX_init(EVP_MD_CTX *ctx) | 120 | void EVP_MD_CTX_init(EVP_MD_CTX *ctx) |
| 119 | { | 121 | { |
| @@ -138,6 +140,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) | |||
| 138 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | 140 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) |
| 139 | { | 141 | { |
| 140 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | 142 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); |
| 143 | #ifndef OPENSSL_NO_ENGINE | ||
| 141 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | 144 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts |
| 142 | * so this context may already have an ENGINE! Try to avoid releasing | 145 | * so this context may already have an ENGINE! Try to avoid releasing |
| 143 | * the previous handle, re-querying for an ENGINE, and having a | 146 | * the previous handle, re-querying for an ENGINE, and having a |
| @@ -183,11 +186,13 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 183 | else | 186 | else |
| 184 | ctx->engine = NULL; | 187 | ctx->engine = NULL; |
| 185 | } | 188 | } |
| 186 | else if(!ctx->digest) | 189 | else |
| 190 | if(!ctx->digest) | ||
| 187 | { | 191 | { |
| 188 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); | 192 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); |
| 189 | return 0; | 193 | return 0; |
| 190 | } | 194 | } |
| 195 | #endif | ||
| 191 | if (ctx->digest != type) | 196 | if (ctx->digest != type) |
| 192 | { | 197 | { |
| 193 | if (ctx->digest && ctx->digest->ctx_size) | 198 | if (ctx->digest && ctx->digest->ctx_size) |
| @@ -196,7 +201,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 196 | if (type->ctx_size) | 201 | if (type->ctx_size) |
| 197 | ctx->md_data=OPENSSL_malloc(type->ctx_size); | 202 | ctx->md_data=OPENSSL_malloc(type->ctx_size); |
| 198 | } | 203 | } |
| 204 | #ifndef OPENSSL_NO_ENGINE | ||
| 199 | skip_to_init: | 205 | skip_to_init: |
| 206 | #endif | ||
| 200 | return ctx->digest->init(ctx); | 207 | return ctx->digest->init(ctx); |
| 201 | } | 208 | } |
| 202 | 209 | ||
| @@ -219,6 +226,8 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | |||
| 219 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | 226 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) |
| 220 | { | 227 | { |
| 221 | int ret; | 228 | int ret; |
| 229 | |||
| 230 | OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); | ||
| 222 | ret=ctx->digest->final(ctx,md); | 231 | ret=ctx->digest->final(ctx,md); |
| 223 | if (size != NULL) | 232 | if (size != NULL) |
| 224 | *size=ctx->digest->md_size; | 233 | *size=ctx->digest->md_size; |
| @@ -244,12 +253,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | |||
| 244 | EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); | 253 | EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); |
| 245 | return 0; | 254 | return 0; |
| 246 | } | 255 | } |
| 256 | #ifndef OPENSSL_NO_ENGINE | ||
| 247 | /* Make sure it's safe to copy a digest context using an ENGINE */ | 257 | /* Make sure it's safe to copy a digest context using an ENGINE */ |
| 248 | if (in->engine && !ENGINE_init(in->engine)) | 258 | if (in->engine && !ENGINE_init(in->engine)) |
| 249 | { | 259 | { |
| 250 | EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); | 260 | EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); |
| 251 | return 0; | 261 | return 0; |
| 252 | } | 262 | } |
| 263 | #endif | ||
| 253 | 264 | ||
| 254 | EVP_MD_CTX_cleanup(out); | 265 | EVP_MD_CTX_cleanup(out); |
| 255 | memcpy(out,in,sizeof *out); | 266 | memcpy(out,in,sizeof *out); |
| @@ -299,13 +310,15 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) | |||
| 299 | ctx->digest->cleanup(ctx); | 310 | ctx->digest->cleanup(ctx); |
| 300 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) | 311 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) |
| 301 | { | 312 | { |
| 302 | memset(ctx->md_data,0,ctx->digest->ctx_size); | 313 | OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); |
| 303 | OPENSSL_free(ctx->md_data); | 314 | OPENSSL_free(ctx->md_data); |
| 304 | } | 315 | } |
| 316 | #ifndef OPENSSL_NO_ENGINE | ||
| 305 | if(ctx->engine) | 317 | if(ctx->engine) |
| 306 | /* The EVP_MD we used belongs to an ENGINE, release the | 318 | /* The EVP_MD we used belongs to an ENGINE, release the |
| 307 | * functional reference we held for this reason. */ | 319 | * functional reference we held for this reason. */ |
| 308 | ENGINE_finish(ctx->engine); | 320 | ENGINE_finish(ctx->engine); |
| 321 | #endif | ||
| 309 | memset(ctx,'\0',sizeof *ctx); | 322 | memset(ctx,'\0',sizeof *ctx); |
| 310 | 323 | ||
| 311 | return 1; | 324 | return 1; |
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index c323fa2892..fe8bcda631 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c | |||
| @@ -52,7 +52,6 @@ | |||
| 52 | #include <openssl/evp.h> | 52 | #include <openssl/evp.h> |
| 53 | #include <openssl/err.h> | 53 | #include <openssl/err.h> |
| 54 | #include <string.h> | 54 | #include <string.h> |
| 55 | #include <assert.h> | ||
| 56 | #include <openssl/aes.h> | 55 | #include <openssl/aes.h> |
| 57 | #include "evp_locl.h" | 56 | #include "evp_locl.h" |
| 58 | 57 | ||
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c index ed838d3e62..b9efa75ae7 100644 --- a/src/lib/libcrypto/evp/e_idea.c +++ b/src/lib/libcrypto/evp/e_idea.c | |||
| @@ -109,7 +109,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 109 | 109 | ||
| 110 | idea_set_encrypt_key(key,&tmp); | 110 | idea_set_encrypt_key(key,&tmp); |
| 111 | idea_set_decrypt_key(&tmp,ctx->cipher_data); | 111 | idea_set_decrypt_key(&tmp,ctx->cipher_data); |
| 112 | memset((unsigned char *)&tmp,0, | 112 | OPENSSL_cleanse((unsigned char *)&tmp, |
| 113 | sizeof(IDEA_KEY_SCHEDULE)); | 113 | sizeof(IDEA_KEY_SCHEDULE)); |
| 114 | } | 114 | } |
| 115 | return 1; | 115 | return 1; |
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c index 4685198e2e..d42cbfd17e 100644 --- a/src/lib/libcrypto/evp/e_rc2.c +++ b/src/lib/libcrypto/evp/e_rc2.c | |||
| @@ -174,6 +174,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 174 | if (type != NULL) | 174 | if (type != NULL) |
| 175 | { | 175 | { |
| 176 | l=EVP_CIPHER_CTX_iv_length(c); | 176 | l=EVP_CIPHER_CTX_iv_length(c); |
| 177 | OPENSSL_assert(l <= sizeof iv); | ||
| 177 | i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); | 178 | i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); |
| 178 | if (i != l) | 179 | if (i != l) |
| 179 | return(-1); | 180 | return(-1); |
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c index 4064cc5fa0..d58f507837 100644 --- a/src/lib/libcrypto/evp/e_rc4.c +++ b/src/lib/libcrypto/evp/e_rc4.c | |||
| @@ -69,8 +69,6 @@ | |||
| 69 | 69 | ||
| 70 | typedef struct | 70 | typedef struct |
| 71 | { | 71 | { |
| 72 | /* FIXME: what is the key for? */ | ||
| 73 | unsigned char key[EVP_RC4_KEY_SIZE]; | ||
| 74 | RC4_KEY ks; /* working key */ | 72 | RC4_KEY ks; /* working key */ |
| 75 | } EVP_RC4_KEY; | 73 | } EVP_RC4_KEY; |
| 76 | 74 | ||
| @@ -121,9 +119,8 @@ const EVP_CIPHER *EVP_rc4_40(void) | |||
| 121 | static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 119 | static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 122 | const unsigned char *iv, int enc) | 120 | const unsigned char *iv, int enc) |
| 123 | { | 121 | { |
| 124 | memcpy(&data(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx)); | ||
| 125 | RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), | 122 | RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), |
| 126 | data(ctx)->key); | 123 | key); |
| 127 | return 1; | 124 | return 1; |
| 128 | } | 125 | } |
| 129 | 126 | ||
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c index 12c6379df1..08209357ce 100644 --- a/src/lib/libcrypto/evp/encode.c +++ b/src/lib/libcrypto/evp/encode.c | |||
| @@ -136,6 +136,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | |||
| 136 | 136 | ||
| 137 | *outl=0; | 137 | *outl=0; |
| 138 | if (inl == 0) return; | 138 | if (inl == 0) return; |
| 139 | OPENSSL_assert(ctx->length <= sizeof ctx->enc_data); | ||
| 139 | if ((ctx->num+inl) < ctx->length) | 140 | if ((ctx->num+inl) < ctx->length) |
| 140 | { | 141 | { |
| 141 | memcpy(&(ctx->enc_data[ctx->num]),in,inl); | 142 | memcpy(&(ctx->enc_data[ctx->num]),in,inl); |
| @@ -258,6 +259,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | |||
| 258 | /* only save the good data :-) */ | 259 | /* only save the good data :-) */ |
| 259 | if (!B64_NOT_BASE64(v)) | 260 | if (!B64_NOT_BASE64(v)) |
| 260 | { | 261 | { |
| 262 | OPENSSL_assert(n < sizeof ctx->enc_data); | ||
| 261 | d[n++]=tmp; | 263 | d[n++]=tmp; |
| 262 | ln++; | 264 | ln++; |
| 263 | } | 265 | } |
diff --git a/src/lib/libcrypto/evp/evp_acnf.c b/src/lib/libcrypto/evp/evp_acnf.c index a68b979bdb..ff3e311cc5 100644 --- a/src/lib/libcrypto/evp/evp_acnf.c +++ b/src/lib/libcrypto/evp/evp_acnf.c | |||
| @@ -59,7 +59,6 @@ | |||
| 59 | #include "cryptlib.h" | 59 | #include "cryptlib.h" |
| 60 | #include <openssl/evp.h> | 60 | #include <openssl/evp.h> |
| 61 | #include <openssl/conf.h> | 61 | #include <openssl/conf.h> |
| 62 | #include <openssl/engine.h> | ||
| 63 | 62 | ||
| 64 | 63 | ||
| 65 | /* Load all algorithms and configure OpenSSL. | 64 | /* Load all algorithms and configure OpenSSL. |
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index 32a1c7a2e9..be0758a879 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c | |||
| @@ -60,11 +60,11 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/evp.h> | 61 | #include <openssl/evp.h> |
| 62 | #include <openssl/err.h> | 62 | #include <openssl/err.h> |
| 63 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | ||
| 64 | #include "evp_locl.h" | 66 | #include "evp_locl.h" |
| 65 | 67 | ||
| 66 | #include <assert.h> | ||
| 67 | |||
| 68 | const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; | 68 | const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; |
| 69 | 69 | ||
| 70 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) | 70 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) |
| @@ -93,6 +93,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 93 | enc = 1; | 93 | enc = 1; |
| 94 | ctx->encrypt = enc; | 94 | ctx->encrypt = enc; |
| 95 | } | 95 | } |
| 96 | #ifndef OPENSSL_NO_ENGINE | ||
| 96 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | 97 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts |
| 97 | * so this context may already have an ENGINE! Try to avoid releasing | 98 | * so this context may already have an ENGINE! Try to avoid releasing |
| 98 | * the previous handle, re-querying for an ENGINE, and having a | 99 | * the previous handle, re-querying for an ENGINE, and having a |
| @@ -100,6 +101,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 100 | if (ctx->engine && ctx->cipher && (!cipher || | 101 | if (ctx->engine && ctx->cipher && (!cipher || |
| 101 | (cipher && (cipher->nid == ctx->cipher->nid)))) | 102 | (cipher && (cipher->nid == ctx->cipher->nid)))) |
| 102 | goto skip_to_init; | 103 | goto skip_to_init; |
| 104 | #endif | ||
| 103 | if (cipher) | 105 | if (cipher) |
| 104 | { | 106 | { |
| 105 | /* Ensure a context left lying around from last time is cleared | 107 | /* Ensure a context left lying around from last time is cleared |
| @@ -109,6 +111,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 109 | 111 | ||
| 110 | /* Restore encrypt field: it is zeroed by cleanup */ | 112 | /* Restore encrypt field: it is zeroed by cleanup */ |
| 111 | ctx->encrypt = enc; | 113 | ctx->encrypt = enc; |
| 114 | #ifndef OPENSSL_NO_ENGINE | ||
| 112 | if(impl) | 115 | if(impl) |
| 113 | { | 116 | { |
| 114 | if (!ENGINE_init(impl)) | 117 | if (!ENGINE_init(impl)) |
| @@ -142,6 +145,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 142 | } | 145 | } |
| 143 | else | 146 | else |
| 144 | ctx->engine = NULL; | 147 | ctx->engine = NULL; |
| 148 | #endif | ||
| 145 | 149 | ||
| 146 | ctx->cipher=cipher; | 150 | ctx->cipher=cipher; |
| 147 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); | 151 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); |
| @@ -161,11 +165,13 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 161 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); | 165 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); |
| 162 | return 0; | 166 | return 0; |
| 163 | } | 167 | } |
| 168 | #ifndef OPENSSL_NO_ENGINE | ||
| 164 | skip_to_init: | 169 | skip_to_init: |
| 170 | #endif | ||
| 165 | /* we assume block size is a power of 2 in *cryptUpdate */ | 171 | /* we assume block size is a power of 2 in *cryptUpdate */ |
| 166 | assert(ctx->cipher->block_size == 1 | 172 | OPENSSL_assert(ctx->cipher->block_size == 1 |
| 167 | || ctx->cipher->block_size == 8 | 173 | || ctx->cipher->block_size == 8 |
| 168 | || ctx->cipher->block_size == 16); | 174 | || ctx->cipher->block_size == 16); |
| 169 | 175 | ||
| 170 | if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { | 176 | if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { |
| 171 | switch(EVP_CIPHER_CTX_mode(ctx)) { | 177 | switch(EVP_CIPHER_CTX_mode(ctx)) { |
| @@ -181,6 +187,7 @@ skip_to_init: | |||
| 181 | 187 | ||
| 182 | case EVP_CIPH_CBC_MODE: | 188 | case EVP_CIPH_CBC_MODE: |
| 183 | 189 | ||
| 190 | OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv); | ||
| 184 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); | 191 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); |
| 185 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); | 192 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); |
| 186 | break; | 193 | break; |
| @@ -237,7 +244,7 @@ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *imp | |||
| 237 | int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, | 244 | int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, |
| 238 | const unsigned char *key, const unsigned char *iv) | 245 | const unsigned char *key, const unsigned char *iv) |
| 239 | { | 246 | { |
| 240 | return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0); | 247 | return EVP_CipherInit(ctx, cipher, key, iv, 0); |
| 241 | } | 248 | } |
| 242 | 249 | ||
| 243 | int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, | 250 | int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, |
| @@ -251,6 +258,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 251 | { | 258 | { |
| 252 | int i,j,bl; | 259 | int i,j,bl; |
| 253 | 260 | ||
| 261 | OPENSSL_assert(inl > 0); | ||
| 254 | if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) | 262 | if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) |
| 255 | { | 263 | { |
| 256 | if(ctx->cipher->do_cipher(ctx,out,in,inl)) | 264 | if(ctx->cipher->do_cipher(ctx,out,in,inl)) |
| @@ -266,6 +274,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 266 | } | 274 | } |
| 267 | i=ctx->buf_len; | 275 | i=ctx->buf_len; |
| 268 | bl=ctx->cipher->block_size; | 276 | bl=ctx->cipher->block_size; |
| 277 | OPENSSL_assert(bl <= sizeof ctx->buf); | ||
| 269 | if (i != 0) | 278 | if (i != 0) |
| 270 | { | 279 | { |
| 271 | if (i+inl < bl) | 280 | if (i+inl < bl) |
| @@ -314,6 +323,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 314 | int i,n,b,bl,ret; | 323 | int i,n,b,bl,ret; |
| 315 | 324 | ||
| 316 | b=ctx->cipher->block_size; | 325 | b=ctx->cipher->block_size; |
| 326 | OPENSSL_assert(b <= sizeof ctx->buf); | ||
| 317 | if (b == 1) | 327 | if (b == 1) |
| 318 | { | 328 | { |
| 319 | *outl=0; | 329 | *outl=0; |
| @@ -358,6 +368,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 358 | return EVP_EncryptUpdate(ctx, out, outl, in, inl); | 368 | return EVP_EncryptUpdate(ctx, out, outl, in, inl); |
| 359 | 369 | ||
| 360 | b=ctx->cipher->block_size; | 370 | b=ctx->cipher->block_size; |
| 371 | OPENSSL_assert(b <= sizeof ctx->final); | ||
| 361 | 372 | ||
| 362 | if(ctx->final_used) | 373 | if(ctx->final_used) |
| 363 | { | 374 | { |
| @@ -420,6 +431,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 420 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); | 431 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); |
| 421 | return(0); | 432 | return(0); |
| 422 | } | 433 | } |
| 434 | OPENSSL_assert(b <= sizeof ctx->final); | ||
| 423 | n=ctx->final[b-1]; | 435 | n=ctx->final[b-1]; |
| 424 | if (n > b) | 436 | if (n > b) |
| 425 | { | 437 | { |
| @@ -450,16 +462,18 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) | |||
| 450 | { | 462 | { |
| 451 | if(c->cipher->cleanup && !c->cipher->cleanup(c)) | 463 | if(c->cipher->cleanup && !c->cipher->cleanup(c)) |
| 452 | return 0; | 464 | return 0; |
| 453 | /* Zero cipher context data */ | 465 | /* Cleanse cipher context data */ |
| 454 | if (c->cipher_data) | 466 | if (c->cipher_data) |
| 455 | memset(c->cipher_data, 0, c->cipher->ctx_size); | 467 | OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); |
| 456 | } | 468 | } |
| 457 | if (c->cipher_data) | 469 | if (c->cipher_data) |
| 458 | OPENSSL_free(c->cipher_data); | 470 | OPENSSL_free(c->cipher_data); |
| 471 | #ifndef OPENSSL_NO_ENGINE | ||
| 459 | if (c->engine) | 472 | if (c->engine) |
| 460 | /* The EVP_CIPHER we used belongs to an ENGINE, release the | 473 | /* The EVP_CIPHER we used belongs to an ENGINE, release the |
| 461 | * functional reference we held for this reason. */ | 474 | * functional reference we held for this reason. */ |
| 462 | ENGINE_finish(c->engine); | 475 | ENGINE_finish(c->engine); |
| 476 | #endif | ||
| 463 | memset(c,0,sizeof(EVP_CIPHER_CTX)); | 477 | memset(c,0,sizeof(EVP_CIPHER_CTX)); |
| 464 | return 1; | 478 | return 1; |
| 465 | } | 479 | } |
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index 4271393069..5f387a94d3 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c | |||
| @@ -103,7 +103,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) | |||
| 103 | buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); | 103 | buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); |
| 104 | ret = UI_process(ui); | 104 | ret = UI_process(ui); |
| 105 | UI_free(ui); | 105 | UI_free(ui); |
| 106 | memset(buff,0,BUFSIZ); | 106 | OPENSSL_cleanse(buff,BUFSIZ); |
| 107 | return ret; | 107 | return ret; |
| 108 | } | 108 | } |
| 109 | 109 | ||
| @@ -118,6 +118,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, | |||
| 118 | 118 | ||
| 119 | nkey=type->key_len; | 119 | nkey=type->key_len; |
| 120 | niv=type->iv_len; | 120 | niv=type->iv_len; |
| 121 | OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); | ||
| 122 | OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); | ||
| 121 | 123 | ||
| 122 | if (data == NULL) return(nkey); | 124 | if (data == NULL) return(nkey); |
| 123 | 125 | ||
| @@ -166,7 +168,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, | |||
| 166 | if ((nkey == 0) && (niv == 0)) break; | 168 | if ((nkey == 0) && (niv == 0)) break; |
| 167 | } | 169 | } |
| 168 | EVP_MD_CTX_cleanup(&c); | 170 | EVP_MD_CTX_cleanup(&c); |
| 169 | memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); | 171 | OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); |
| 170 | return(type->key_len); | 172 | return(type->key_len); |
| 171 | } | 173 | } |
| 172 | 174 | ||
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c index a431945ef5..52a3b287be 100644 --- a/src/lib/libcrypto/evp/evp_lib.c +++ b/src/lib/libcrypto/evp/evp_lib.c | |||
| @@ -90,6 +90,7 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 90 | if (type != NULL) | 90 | if (type != NULL) |
| 91 | { | 91 | { |
| 92 | l=EVP_CIPHER_CTX_iv_length(c); | 92 | l=EVP_CIPHER_CTX_iv_length(c); |
| 93 | OPENSSL_assert(l <= sizeof c->iv); | ||
| 93 | i=ASN1_TYPE_get_octetstring(type,c->oiv,l); | 94 | i=ASN1_TYPE_get_octetstring(type,c->oiv,l); |
| 94 | if (i != l) | 95 | if (i != l) |
| 95 | return(-1); | 96 | return(-1); |
| @@ -106,6 +107,7 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 106 | if (type != NULL) | 107 | if (type != NULL) |
| 107 | { | 108 | { |
| 108 | j=EVP_CIPHER_CTX_iv_length(c); | 109 | j=EVP_CIPHER_CTX_iv_length(c); |
| 110 | OPENSSL_assert(j <= sizeof c->iv); | ||
| 109 | i=ASN1_TYPE_set_octetstring(type,c->oiv,j); | 111 | i=ASN1_TYPE_set_octetstring(type,c->oiv,j); |
| 110 | } | 112 | } |
| 111 | return(i); | 113 | return(i); |
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c index 4234cd7684..bc98e63363 100644 --- a/src/lib/libcrypto/evp/evp_pbe.c +++ b/src/lib/libcrypto/evp/evp_pbe.c | |||
| @@ -88,7 +88,7 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, | |||
| 88 | char obj_tmp[80]; | 88 | char obj_tmp[80]; |
| 89 | EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); | 89 | EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); |
| 90 | if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); | 90 | if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); |
| 91 | else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj); | 91 | else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); |
| 92 | ERR_add_error_data(2, "TYPE=", obj_tmp); | 92 | ERR_add_error_data(2, "TYPE=", obj_tmp); |
| 93 | return 0; | 93 | return 0; |
| 94 | } | 94 | } |
diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c index 90294ef686..28460173f7 100644 --- a/src/lib/libcrypto/evp/evp_test.c +++ b/src/lib/libcrypto/evp/evp_test.c | |||
| @@ -49,8 +49,14 @@ | |||
| 49 | 49 | ||
| 50 | #include <stdio.h> | 50 | #include <stdio.h> |
| 51 | #include <string.h> | 51 | #include <string.h> |
| 52 | |||
| 53 | #include "../e_os.h" | ||
| 54 | |||
| 52 | #include <openssl/evp.h> | 55 | #include <openssl/evp.h> |
| 56 | #ifndef OPENSSL_NO_ENGINE | ||
| 53 | #include <openssl/engine.h> | 57 | #include <openssl/engine.h> |
| 58 | #endif | ||
| 59 | #include <openssl/err.h> | ||
| 54 | #include <openssl/conf.h> | 60 | #include <openssl/conf.h> |
| 55 | 61 | ||
| 56 | static void hexdump(FILE *f,const char *title,const unsigned char *s,int l) | 62 | static void hexdump(FILE *f,const char *title,const unsigned char *s,int l) |
| @@ -78,7 +84,7 @@ static int convert(unsigned char *s) | |||
| 78 | if(!s[1]) | 84 | if(!s[1]) |
| 79 | { | 85 | { |
| 80 | fprintf(stderr,"Odd number of hex digits!"); | 86 | fprintf(stderr,"Odd number of hex digits!"); |
| 81 | exit(4); | 87 | EXIT(4); |
| 82 | } | 88 | } |
| 83 | sscanf((char *)s,"%2x",&n); | 89 | sscanf((char *)s,"%2x",&n); |
| 84 | *d=(unsigned char)n; | 90 | *d=(unsigned char)n; |
| @@ -120,6 +126,12 @@ static char *sstrsep(char **string, const char *delim) | |||
| 120 | static unsigned char *ustrsep(char **p,const char *sep) | 126 | static unsigned char *ustrsep(char **p,const char *sep) |
| 121 | { return (unsigned char *)sstrsep(p,sep); } | 127 | { return (unsigned char *)sstrsep(p,sep); } |
| 122 | 128 | ||
| 129 | static int test1_exit(int ec) | ||
| 130 | { | ||
| 131 | EXIT(ec); | ||
| 132 | return(0); /* To keep some compilers quiet */ | ||
| 133 | } | ||
| 134 | |||
| 123 | static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | 135 | static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, |
| 124 | const unsigned char *iv,int in, | 136 | const unsigned char *iv,int in, |
| 125 | const unsigned char *plaintext,int pn, | 137 | const unsigned char *plaintext,int pn, |
| @@ -142,7 +154,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 142 | { | 154 | { |
| 143 | fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn, | 155 | fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn, |
| 144 | c->key_len); | 156 | c->key_len); |
| 145 | exit(5); | 157 | test1_exit(5); |
| 146 | } | 158 | } |
| 147 | EVP_CIPHER_CTX_init(&ctx); | 159 | EVP_CIPHER_CTX_init(&ctx); |
| 148 | if (encdec != 0) | 160 | if (encdec != 0) |
| @@ -150,26 +162,26 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 150 | if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv)) | 162 | if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv)) |
| 151 | { | 163 | { |
| 152 | fprintf(stderr,"EncryptInit failed\n"); | 164 | fprintf(stderr,"EncryptInit failed\n"); |
| 153 | exit(10); | 165 | test1_exit(10); |
| 154 | } | 166 | } |
| 155 | EVP_CIPHER_CTX_set_padding(&ctx,0); | 167 | EVP_CIPHER_CTX_set_padding(&ctx,0); |
| 156 | 168 | ||
| 157 | if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) | 169 | if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) |
| 158 | { | 170 | { |
| 159 | fprintf(stderr,"Encrypt failed\n"); | 171 | fprintf(stderr,"Encrypt failed\n"); |
| 160 | exit(6); | 172 | test1_exit(6); |
| 161 | } | 173 | } |
| 162 | if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2)) | 174 | if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2)) |
| 163 | { | 175 | { |
| 164 | fprintf(stderr,"EncryptFinal failed\n"); | 176 | fprintf(stderr,"EncryptFinal failed\n"); |
| 165 | exit(7); | 177 | test1_exit(7); |
| 166 | } | 178 | } |
| 167 | 179 | ||
| 168 | if(outl+outl2 != cn) | 180 | if(outl+outl2 != cn) |
| 169 | { | 181 | { |
| 170 | fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", | 182 | fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", |
| 171 | outl+outl2,cn); | 183 | outl+outl2,cn); |
| 172 | exit(8); | 184 | test1_exit(8); |
| 173 | } | 185 | } |
| 174 | 186 | ||
| 175 | if(memcmp(out,ciphertext,cn)) | 187 | if(memcmp(out,ciphertext,cn)) |
| @@ -177,7 +189,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 177 | fprintf(stderr,"Ciphertext mismatch\n"); | 189 | fprintf(stderr,"Ciphertext mismatch\n"); |
| 178 | hexdump(stderr,"Got",out,cn); | 190 | hexdump(stderr,"Got",out,cn); |
| 179 | hexdump(stderr,"Expected",ciphertext,cn); | 191 | hexdump(stderr,"Expected",ciphertext,cn); |
| 180 | exit(9); | 192 | test1_exit(9); |
| 181 | } | 193 | } |
| 182 | } | 194 | } |
| 183 | 195 | ||
| @@ -186,26 +198,26 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 186 | if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv)) | 198 | if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv)) |
| 187 | { | 199 | { |
| 188 | fprintf(stderr,"DecryptInit failed\n"); | 200 | fprintf(stderr,"DecryptInit failed\n"); |
| 189 | exit(11); | 201 | test1_exit(11); |
| 190 | } | 202 | } |
| 191 | EVP_CIPHER_CTX_set_padding(&ctx,0); | 203 | EVP_CIPHER_CTX_set_padding(&ctx,0); |
| 192 | 204 | ||
| 193 | if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) | 205 | if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) |
| 194 | { | 206 | { |
| 195 | fprintf(stderr,"Decrypt failed\n"); | 207 | fprintf(stderr,"Decrypt failed\n"); |
| 196 | exit(6); | 208 | test1_exit(6); |
| 197 | } | 209 | } |
| 198 | if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2)) | 210 | if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2)) |
| 199 | { | 211 | { |
| 200 | fprintf(stderr,"DecryptFinal failed\n"); | 212 | fprintf(stderr,"DecryptFinal failed\n"); |
| 201 | exit(7); | 213 | test1_exit(7); |
| 202 | } | 214 | } |
| 203 | 215 | ||
| 204 | if(outl+outl2 != cn) | 216 | if(outl+outl2 != cn) |
| 205 | { | 217 | { |
| 206 | fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", | 218 | fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", |
| 207 | outl+outl2,cn); | 219 | outl+outl2,cn); |
| 208 | exit(8); | 220 | test1_exit(8); |
| 209 | } | 221 | } |
| 210 | 222 | ||
| 211 | if(memcmp(out,plaintext,cn)) | 223 | if(memcmp(out,plaintext,cn)) |
| @@ -213,7 +225,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 213 | fprintf(stderr,"Plaintext mismatch\n"); | 225 | fprintf(stderr,"Plaintext mismatch\n"); |
| 214 | hexdump(stderr,"Got",out,cn); | 226 | hexdump(stderr,"Got",out,cn); |
| 215 | hexdump(stderr,"Expected",plaintext,cn); | 227 | hexdump(stderr,"Expected",plaintext,cn); |
| 216 | exit(9); | 228 | test1_exit(9); |
| 217 | } | 229 | } |
| 218 | } | 230 | } |
| 219 | 231 | ||
| @@ -260,24 +272,24 @@ static int test_digest(const char *digest, | |||
| 260 | if(!EVP_DigestInit_ex(&ctx,d, NULL)) | 272 | if(!EVP_DigestInit_ex(&ctx,d, NULL)) |
| 261 | { | 273 | { |
| 262 | fprintf(stderr,"DigestInit failed\n"); | 274 | fprintf(stderr,"DigestInit failed\n"); |
| 263 | exit(100); | 275 | EXIT(100); |
| 264 | } | 276 | } |
| 265 | if(!EVP_DigestUpdate(&ctx,plaintext,pn)) | 277 | if(!EVP_DigestUpdate(&ctx,plaintext,pn)) |
| 266 | { | 278 | { |
| 267 | fprintf(stderr,"DigestUpdate failed\n"); | 279 | fprintf(stderr,"DigestUpdate failed\n"); |
| 268 | exit(101); | 280 | EXIT(101); |
| 269 | } | 281 | } |
| 270 | if(!EVP_DigestFinal_ex(&ctx,md,&mdn)) | 282 | if(!EVP_DigestFinal_ex(&ctx,md,&mdn)) |
| 271 | { | 283 | { |
| 272 | fprintf(stderr,"DigestFinal failed\n"); | 284 | fprintf(stderr,"DigestFinal failed\n"); |
| 273 | exit(101); | 285 | EXIT(101); |
| 274 | } | 286 | } |
| 275 | EVP_MD_CTX_cleanup(&ctx); | 287 | EVP_MD_CTX_cleanup(&ctx); |
| 276 | 288 | ||
| 277 | if(mdn != cn) | 289 | if(mdn != cn) |
| 278 | { | 290 | { |
| 279 | fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn); | 291 | fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn); |
| 280 | exit(102); | 292 | EXIT(102); |
| 281 | } | 293 | } |
| 282 | 294 | ||
| 283 | if(memcmp(md,ciphertext,cn)) | 295 | if(memcmp(md,ciphertext,cn)) |
| @@ -285,7 +297,7 @@ static int test_digest(const char *digest, | |||
| 285 | fprintf(stderr,"Digest mismatch\n"); | 297 | fprintf(stderr,"Digest mismatch\n"); |
| 286 | hexdump(stderr,"Got",md,cn); | 298 | hexdump(stderr,"Got",md,cn); |
| 287 | hexdump(stderr,"Expected",ciphertext,cn); | 299 | hexdump(stderr,"Expected",ciphertext,cn); |
| 288 | exit(103); | 300 | EXIT(103); |
| 289 | } | 301 | } |
| 290 | 302 | ||
| 291 | printf("\n"); | 303 | printf("\n"); |
| @@ -303,7 +315,7 @@ int main(int argc,char **argv) | |||
| 303 | if(argc != 2) | 315 | if(argc != 2) |
| 304 | { | 316 | { |
| 305 | fprintf(stderr,"%s <test file>\n",argv[0]); | 317 | fprintf(stderr,"%s <test file>\n",argv[0]); |
| 306 | exit(1); | 318 | EXIT(1); |
| 307 | } | 319 | } |
| 308 | CRYPTO_malloc_debug_init(); | 320 | CRYPTO_malloc_debug_init(); |
| 309 | CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); | 321 | CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); |
| @@ -315,17 +327,20 @@ int main(int argc,char **argv) | |||
| 315 | if(!f) | 327 | if(!f) |
| 316 | { | 328 | { |
| 317 | perror(szTestFile); | 329 | perror(szTestFile); |
| 318 | exit(2); | 330 | EXIT(2); |
| 319 | } | 331 | } |
| 320 | 332 | ||
| 321 | /* Load up the software EVP_CIPHER and EVP_MD definitions */ | 333 | /* Load up the software EVP_CIPHER and EVP_MD definitions */ |
| 322 | OpenSSL_add_all_ciphers(); | 334 | OpenSSL_add_all_ciphers(); |
| 323 | OpenSSL_add_all_digests(); | 335 | OpenSSL_add_all_digests(); |
| 336 | #ifndef OPENSSL_NO_ENGINE | ||
| 324 | /* Load all compiled-in ENGINEs */ | 337 | /* Load all compiled-in ENGINEs */ |
| 325 | ENGINE_load_builtin_engines(); | 338 | ENGINE_load_builtin_engines(); |
| 339 | #endif | ||
| 326 | #if 0 | 340 | #if 0 |
| 327 | OPENSSL_config(); | 341 | OPENSSL_config(); |
| 328 | #endif | 342 | #endif |
| 343 | #ifndef OPENSSL_NO_ENGINE | ||
| 329 | /* Register all available ENGINE implementations of ciphers and digests. | 344 | /* Register all available ENGINE implementations of ciphers and digests. |
| 330 | * This could perhaps be changed to "ENGINE_register_all_complete()"? */ | 345 | * This could perhaps be changed to "ENGINE_register_all_complete()"? */ |
| 331 | ENGINE_register_all_ciphers(); | 346 | ENGINE_register_all_ciphers(); |
| @@ -334,6 +349,7 @@ int main(int argc,char **argv) | |||
| 334 | * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if | 349 | * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if |
| 335 | * they weren't already initialised. */ | 350 | * they weren't already initialised. */ |
| 336 | /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */ | 351 | /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */ |
| 352 | #endif | ||
| 337 | 353 | ||
| 338 | for( ; ; ) | 354 | for( ; ; ) |
| 339 | { | 355 | { |
| @@ -371,11 +387,13 @@ int main(int argc,char **argv) | |||
| 371 | && !test_digest(cipher,plaintext,pn,ciphertext,cn)) | 387 | && !test_digest(cipher,plaintext,pn,ciphertext,cn)) |
| 372 | { | 388 | { |
| 373 | fprintf(stderr,"Can't find %s\n",cipher); | 389 | fprintf(stderr,"Can't find %s\n",cipher); |
| 374 | exit(3); | 390 | EXIT(3); |
| 375 | } | 391 | } |
| 376 | } | 392 | } |
| 377 | 393 | ||
| 394 | #ifndef OPENSSL_NO_ENGINE | ||
| 378 | ENGINE_cleanup(); | 395 | ENGINE_cleanup(); |
| 396 | #endif | ||
| 379 | EVP_cleanup(); | 397 | EVP_cleanup(); |
| 380 | CRYPTO_cleanup_all_ex_data(); | 398 | CRYPTO_cleanup_all_ex_data(); |
| 381 | ERR_remove_state(0); | 399 | ERR_remove_state(0); |
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c index 27a8286489..a1874e83b2 100644 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ b/src/lib/libcrypto/evp/p5_crpt.c | |||
| @@ -140,12 +140,14 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 140 | EVP_DigestFinal_ex (&ctx, md_tmp, NULL); | 140 | EVP_DigestFinal_ex (&ctx, md_tmp, NULL); |
| 141 | } | 141 | } |
| 142 | EVP_MD_CTX_cleanup(&ctx); | 142 | EVP_MD_CTX_cleanup(&ctx); |
| 143 | OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp); | ||
| 143 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); | 144 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); |
| 145 | OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); | ||
| 144 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), | 146 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), |
| 145 | EVP_CIPHER_iv_length(cipher)); | 147 | EVP_CIPHER_iv_length(cipher)); |
| 146 | EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); | 148 | EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); |
| 147 | memset(md_tmp, 0, EVP_MAX_MD_SIZE); | 149 | OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); |
| 148 | memset(key, 0, EVP_MAX_KEY_LENGTH); | 150 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
| 149 | memset(iv, 0, EVP_MAX_IV_LENGTH); | 151 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
| 150 | return 1; | 152 | return 1; |
| 151 | } | 153 | } |
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 7485d6a278..1f94e1ef88 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c | |||
| @@ -190,6 +190,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 190 | goto err; | 190 | goto err; |
| 191 | } | 191 | } |
| 192 | keylen = EVP_CIPHER_CTX_key_length(ctx); | 192 | keylen = EVP_CIPHER_CTX_key_length(ctx); |
| 193 | OPENSSL_assert(keylen <= sizeof key); | ||
| 193 | 194 | ||
| 194 | /* Now decode key derivation function */ | 195 | /* Now decode key derivation function */ |
| 195 | 196 | ||
| @@ -230,7 +231,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 230 | iter = ASN1_INTEGER_get(kdf->iter); | 231 | iter = ASN1_INTEGER_get(kdf->iter); |
| 231 | PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); | 232 | PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); |
| 232 | EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); | 233 | EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); |
| 233 | memset(key, 0, keylen); | 234 | OPENSSL_cleanse(key, keylen); |
| 234 | PBKDF2PARAM_free(kdf); | 235 | PBKDF2PARAM_free(kdf); |
| 235 | return 1; | 236 | return 1; |
| 236 | 237 | ||
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c index 6976f2a867..5a933d1cda 100644 --- a/src/lib/libcrypto/evp/p_open.c +++ b/src/lib/libcrypto/evp/p_open.c | |||
| @@ -101,7 +101,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek, | |||
| 101 | 101 | ||
| 102 | ret=1; | 102 | ret=1; |
| 103 | err: | 103 | err: |
| 104 | if (key != NULL) memset(key,0,size); | 104 | if (key != NULL) OPENSSL_cleanse(key,size); |
| 105 | OPENSSL_free(key); | 105 | OPENSSL_free(key); |
| 106 | return(ret); | 106 | return(ret); |
| 107 | } | 107 | } |
diff --git a/src/lib/libcrypto/hmac/Makefile.ssl b/src/lib/libcrypto/hmac/Makefile.ssl index 2bb3264f0e..f1c07322c4 100644 --- a/src/lib/libcrypto/hmac/Makefile.ssl +++ b/src/lib/libcrypto/hmac/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -79,21 +79,23 @@ clean: | |||
| 79 | 79 | ||
| 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 81 | 81 | ||
| 82 | hmac.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 82 | hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h |
| 83 | hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | 83 | hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h |
| 84 | hmac.o: ../../include/openssl/bn.h ../../include/openssl/cast.h | 84 | hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 85 | hmac.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 85 | hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h |
| 86 | hmac.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | 86 | hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 87 | hmac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 87 | hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 88 | hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 88 | hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h | 89 | hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h |
| 89 | hmac.o: ../../include/openssl/idea.h ../../include/openssl/md2.h | 90 | hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 90 | hmac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | 91 | hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h |
| 91 | hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | 92 | hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h |
| 92 | hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 93 | hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 93 | hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 94 | hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 94 | hmac.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | 95 | hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h |
| 95 | hmac.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | 96 | hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h |
| 96 | hmac.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 97 | hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h |
| 97 | hmac.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 98 | hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 98 | hmac.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 99 | hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 99 | hmac.o: ../../include/openssl/ui_compat.h hmac.c | 100 | hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 101 | hmac.o: ../cryptlib.h hmac.c | ||
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c index da363b7950..4c91f919d5 100644 --- a/src/lib/libcrypto/hmac/hmac.c +++ b/src/lib/libcrypto/hmac/hmac.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/hmac.h> | 61 | #include <openssl/hmac.h> |
| 62 | #include "cryptlib.h" | ||
| 62 | 63 | ||
| 63 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | 64 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, |
| 64 | const EVP_MD *md, ENGINE *impl) | 65 | const EVP_MD *md, ENGINE *impl) |
| @@ -78,6 +79,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | |||
| 78 | { | 79 | { |
| 79 | reset=1; | 80 | reset=1; |
| 80 | j=EVP_MD_block_size(md); | 81 | j=EVP_MD_block_size(md); |
| 82 | OPENSSL_assert(j <= sizeof ctx->key); | ||
| 81 | if (j < len) | 83 | if (j < len) |
| 82 | { | 84 | { |
| 83 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); | 85 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); |
| @@ -87,6 +89,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | |||
| 87 | } | 89 | } |
| 88 | else | 90 | else |
| 89 | { | 91 | { |
| 92 | OPENSSL_assert(len <= sizeof ctx->key); | ||
| 90 | memcpy(ctx->key,key,len); | 93 | memcpy(ctx->key,key,len); |
| 91 | ctx->key_length=len; | 94 | ctx->key_length=len; |
| 92 | } | 95 | } |
diff --git a/src/lib/libcrypto/hmac/hmactest.c b/src/lib/libcrypto/hmac/hmactest.c index 96d3beb8e6..1b906b81af 100644 --- a/src/lib/libcrypto/hmac/hmactest.c +++ b/src/lib/libcrypto/hmac/hmactest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_HMAC | 65 | #ifdef OPENSSL_NO_HMAC |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -68,12 +70,15 @@ int main(int argc, char *argv[]) | |||
| 68 | } | 70 | } |
| 69 | #else | 71 | #else |
| 70 | #include <openssl/hmac.h> | 72 | #include <openssl/hmac.h> |
| 73 | #ifndef OPENSSL_NO_MD5 | ||
| 71 | #include <openssl/md5.h> | 74 | #include <openssl/md5.h> |
| 75 | #endif | ||
| 72 | 76 | ||
| 73 | #ifdef CHARSET_EBCDIC | 77 | #ifdef CHARSET_EBCDIC |
| 74 | #include <openssl/ebcdic.h> | 78 | #include <openssl/ebcdic.h> |
| 75 | #endif | 79 | #endif |
| 76 | 80 | ||
| 81 | #ifndef OPENSSL_NO_MD5 | ||
| 77 | static struct test_st | 82 | static struct test_st |
| 78 | { | 83 | { |
| 79 | unsigned char key[16]; | 84 | unsigned char key[16]; |
| @@ -113,13 +118,20 @@ static struct test_st | |||
| 113 | (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6", | 118 | (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6", |
| 114 | }, | 119 | }, |
| 115 | }; | 120 | }; |
| 116 | 121 | #endif | |
| 117 | 122 | ||
| 118 | static char *pt(unsigned char *md); | 123 | static char *pt(unsigned char *md); |
| 119 | int main(int argc, char *argv[]) | 124 | int main(int argc, char *argv[]) |
| 120 | { | 125 | { |
| 121 | int i,err=0; | 126 | #ifndef OPENSSL_NO_MD5 |
| 127 | int i; | ||
| 122 | char *p; | 128 | char *p; |
| 129 | #endif | ||
| 130 | int err=0; | ||
| 131 | |||
| 132 | #ifdef OPENSSL_NO_MD5 | ||
| 133 | printf("test skipped: MD5 disabled\n"); | ||
| 134 | #else | ||
| 123 | 135 | ||
| 124 | #ifdef CHARSET_EBCDIC | 136 | #ifdef CHARSET_EBCDIC |
| 125 | ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); | 137 | ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); |
| @@ -144,10 +156,12 @@ int main(int argc, char *argv[]) | |||
| 144 | else | 156 | else |
| 145 | printf("test %d ok\n",i); | 157 | printf("test %d ok\n",i); |
| 146 | } | 158 | } |
| 147 | exit(err); | 159 | #endif /* OPENSSL_NO_MD5 */ |
| 160 | EXIT(err); | ||
| 148 | return(0); | 161 | return(0); |
| 149 | } | 162 | } |
| 150 | 163 | ||
| 164 | #ifndef OPENSSL_NO_MD5 | ||
| 151 | static char *pt(unsigned char *md) | 165 | static char *pt(unsigned char *md) |
| 152 | { | 166 | { |
| 153 | int i; | 167 | int i; |
| @@ -158,3 +172,4 @@ static char *pt(unsigned char *md) | |||
| 158 | return(buf); | 172 | return(buf); |
| 159 | } | 173 | } |
| 160 | #endif | 174 | #endif |
| 175 | #endif | ||
diff --git a/src/lib/libcrypto/idea/Makefile.ssl b/src/lib/libcrypto/idea/Makefile.ssl index 87c9aa484b..fa016ea399 100644 --- a/src/lib/libcrypto/idea/Makefile.ssl +++ b/src/lib/libcrypto/idea/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/krb5/Makefile.ssl b/src/lib/libcrypto/krb5/Makefile.ssl index 7ad0cbb0bc..d9224c0f09 100644 --- a/src/lib/libcrypto/krb5/Makefile.ssl +++ b/src/lib/libcrypto/krb5/Makefile.ssl | |||
| @@ -41,7 +41,7 @@ all: lib | |||
| 41 | 41 | ||
| 42 | lib: $(LIBOBJ) | 42 | lib: $(LIBOBJ) |
| 43 | $(AR) $(LIB) $(LIBOBJ) | 43 | $(AR) $(LIB) $(LIBOBJ) |
| 44 | $(RANLIB) $(LIB) | 44 | $(RANLIB) $(LIB) || echo Never mind. |
| 45 | @touch lib | 45 | @touch lib |
| 46 | 46 | ||
| 47 | files: | 47 | files: |
| @@ -69,7 +69,7 @@ lint: | |||
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 70 | ||
| 71 | depend: | 71 | depend: |
| 72 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 73 | 73 | ||
| 74 | dclean: | 74 | dclean: |
| 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/lhash/Makefile.ssl b/src/lib/libcrypto/lhash/Makefile.ssl index b3ad272cf7..60e7ee3393 100644 --- a/src/lib/libcrypto/lhash/Makefile.ssl +++ b/src/lib/libcrypto/lhash/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/lhash/lh_stats.c b/src/lib/libcrypto/lhash/lh_stats.c index 8e6f57c741..5aa7766aa6 100644 --- a/src/lib/libcrypto/lhash/lh_stats.c +++ b/src/lib/libcrypto/lhash/lh_stats.c | |||
| @@ -179,63 +179,29 @@ end:; | |||
| 179 | 179 | ||
| 180 | void lh_stats_bio(const LHASH *lh, BIO *out) | 180 | void lh_stats_bio(const LHASH *lh, BIO *out) |
| 181 | { | 181 | { |
| 182 | char buf[128]; | 182 | BIO_printf(out,"num_items = %lu\n",lh->num_items); |
| 183 | 183 | BIO_printf(out,"num_nodes = %u\n",lh->num_nodes); | |
| 184 | snprintf(buf,sizeof buf,"num_items = %lu\n",lh->num_items); | 184 | BIO_printf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes); |
| 185 | BIO_puts(out,buf); | 185 | BIO_printf(out,"num_expands = %lu\n",lh->num_expands); |
| 186 | snprintf(buf,sizeof buf,"num_nodes = %u\n",lh->num_nodes); | 186 | BIO_printf(out,"num_expand_reallocs = %lu\n", |
| 187 | BIO_puts(out,buf); | 187 | lh->num_expand_reallocs); |
| 188 | snprintf(buf,sizeof buf,"num_alloc_nodes = %u\n", | 188 | BIO_printf(out,"num_contracts = %lu\n",lh->num_contracts); |
| 189 | lh->num_alloc_nodes); | 189 | BIO_printf(out,"num_contract_reallocs = %lu\n", |
| 190 | BIO_puts(out,buf); | 190 | lh->num_contract_reallocs); |
| 191 | snprintf(buf,sizeof buf,"num_expands = %lu\n", | 191 | BIO_printf(out,"num_hash_calls = %lu\n",lh->num_hash_calls); |
| 192 | lh->num_expands); | 192 | BIO_printf(out,"num_comp_calls = %lu\n",lh->num_comp_calls); |
| 193 | BIO_puts(out,buf); | 193 | BIO_printf(out,"num_insert = %lu\n",lh->num_insert); |
| 194 | snprintf(buf,sizeof buf,"num_expand_reallocs = %lu\n", | 194 | BIO_printf(out,"num_replace = %lu\n",lh->num_replace); |
| 195 | lh->num_expand_reallocs); | 195 | BIO_printf(out,"num_delete = %lu\n",lh->num_delete); |
| 196 | BIO_puts(out,buf); | 196 | BIO_printf(out,"num_no_delete = %lu\n",lh->num_no_delete); |
| 197 | snprintf(buf,sizeof buf,"num_contracts = %lu\n", | 197 | BIO_printf(out,"num_retrieve = %lu\n",lh->num_retrieve); |
| 198 | lh->num_contracts); | 198 | BIO_printf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss); |
| 199 | BIO_puts(out,buf); | 199 | BIO_printf(out,"num_hash_comps = %lu\n",lh->num_hash_comps); |
| 200 | snprintf(buf,sizeof buf,"num_contract_reallocs = %lu\n", | ||
| 201 | lh->num_contract_reallocs); | ||
| 202 | BIO_puts(out,buf); | ||
| 203 | snprintf(buf,sizeof buf,"num_hash_calls = %lu\n", | ||
| 204 | lh->num_hash_calls); | ||
| 205 | BIO_puts(out,buf); | ||
| 206 | snprintf(buf,sizeof buf,"num_comp_calls = %lu\n", | ||
| 207 | lh->num_comp_calls); | ||
| 208 | BIO_puts(out,buf); | ||
| 209 | snprintf(buf,sizeof buf,"num_insert = %lu\n", | ||
| 210 | lh->num_insert); | ||
| 211 | BIO_puts(out,buf); | ||
| 212 | snprintf(buf,sizeof buf,"num_replace = %lu\n", | ||
| 213 | lh->num_replace); | ||
| 214 | BIO_puts(out,buf); | ||
| 215 | snprintf(buf,sizeof buf,"num_delete = %lu\n", | ||
| 216 | lh->num_delete); | ||
| 217 | BIO_puts(out,buf); | ||
| 218 | snprintf(buf,sizeof buf,"num_no_delete = %lu\n", | ||
| 219 | lh->num_no_delete); | ||
| 220 | BIO_puts(out,buf); | ||
| 221 | snprintf(buf,sizeof buf,"num_retrieve = %lu\n", | ||
| 222 | lh->num_retrieve); | ||
| 223 | BIO_puts(out,buf); | ||
| 224 | snprintf(buf,sizeof buf,"num_retrieve_miss = %lu\n", | ||
| 225 | lh->num_retrieve_miss); | ||
| 226 | BIO_puts(out,buf); | ||
| 227 | snprintf(buf,sizeof buf,"num_hash_comps = %lu\n", | ||
| 228 | lh->num_hash_comps); | ||
| 229 | BIO_puts(out,buf); | ||
| 230 | #if 0 | 200 | #if 0 |
| 231 | snprintf(buf,sizeof buf,"p = %u\n",lh->p); | 201 | BIO_printf(out,"p = %u\n",lh->p); |
| 232 | BIO_puts(out,buf); | 202 | BIO_printf(out,"pmax = %u\n",lh->pmax); |
| 233 | snprintf(buf,sizeof buf,"pmax = %u\n",lh->pmax); | 203 | BIO_printf(out,"up_load = %lu\n",lh->up_load); |
| 234 | BIO_puts(out,buf); | 204 | BIO_printf(out,"down_load = %lu\n",lh->down_load); |
| 235 | snprintf(buf,sizeof buf,"up_load = %lu\n",lh->up_load); | ||
| 236 | BIO_puts(out,buf); | ||
| 237 | snprintf(buf,sizeof buf,"down_load = %lu\n",lh->down_load); | ||
| 238 | BIO_puts(out,buf); | ||
| 239 | #endif | 205 | #endif |
| 240 | } | 206 | } |
| 241 | 207 | ||
| @@ -243,14 +209,12 @@ void lh_node_stats_bio(const LHASH *lh, BIO *out) | |||
| 243 | { | 209 | { |
| 244 | LHASH_NODE *n; | 210 | LHASH_NODE *n; |
| 245 | unsigned int i,num; | 211 | unsigned int i,num; |
| 246 | char buf[128]; | ||
| 247 | 212 | ||
| 248 | for (i=0; i<lh->num_nodes; i++) | 213 | for (i=0; i<lh->num_nodes; i++) |
| 249 | { | 214 | { |
| 250 | for (n=lh->b[i],num=0; n != NULL; n=n->next) | 215 | for (n=lh->b[i],num=0; n != NULL; n=n->next) |
| 251 | num++; | 216 | num++; |
| 252 | snprintf(buf,sizeof buf,"node %6u -> %3u\n",i,num); | 217 | BIO_printf(out,"node %6u -> %3u\n",i,num); |
| 253 | BIO_puts(out,buf); | ||
| 254 | } | 218 | } |
| 255 | } | 219 | } |
| 256 | 220 | ||
| @@ -260,7 +224,6 @@ void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) | |||
| 260 | unsigned long num; | 224 | unsigned long num; |
| 261 | unsigned int i; | 225 | unsigned int i; |
| 262 | unsigned long total=0,n_used=0; | 226 | unsigned long total=0,n_used=0; |
| 263 | char buf[128]; | ||
| 264 | 227 | ||
| 265 | for (i=0; i<lh->num_nodes; i++) | 228 | for (i=0; i<lh->num_nodes; i++) |
| 266 | { | 229 | { |
| @@ -272,18 +235,14 @@ void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) | |||
| 272 | total+=num; | 235 | total+=num; |
| 273 | } | 236 | } |
| 274 | } | 237 | } |
| 275 | snprintf(buf,sizeof buf,"%lu nodes used out of %u\n",n_used, | 238 | BIO_printf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes); |
| 276 | lh->num_nodes); | 239 | BIO_printf(out,"%lu items\n",total); |
| 277 | BIO_puts(out,buf); | ||
| 278 | snprintf(buf,sizeof buf,"%lu items\n",total); | ||
| 279 | BIO_puts(out,buf); | ||
| 280 | if (n_used == 0) return; | 240 | if (n_used == 0) return; |
| 281 | snprintf(buf,sizeof buf,"load %d.%02d actual load %d.%02d\n", | 241 | BIO_printf(out,"load %d.%02d actual load %d.%02d\n", |
| 282 | (int)(total/lh->num_nodes), | 242 | (int)(total/lh->num_nodes), |
| 283 | (int)((total%lh->num_nodes)*100/lh->num_nodes), | 243 | (int)((total%lh->num_nodes)*100/lh->num_nodes), |
| 284 | (int)(total/n_used), | 244 | (int)(total/n_used), |
| 285 | (int)((total%n_used)*100/n_used)); | 245 | (int)((total%n_used)*100/n_used)); |
| 286 | BIO_puts(out,buf); | ||
| 287 | } | 246 | } |
| 288 | 247 | ||
| 289 | #endif | 248 | #endif |
diff --git a/src/lib/libcrypto/md2/Makefile.ssl b/src/lib/libcrypto/md2/Makefile.ssl index e89a17f3a4..3206924c90 100644 --- a/src/lib/libcrypto/md2/Makefile.ssl +++ b/src/lib/libcrypto/md2/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -79,8 +79,11 @@ clean: | |||
| 79 | 79 | ||
| 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 81 | 81 | ||
| 82 | md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 82 | md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h | 83 | md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h |
| 83 | md2_dgst.o: ../../include/openssl/opensslv.h md2_dgst.c | 84 | md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h |
| 85 | md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 86 | md2_dgst.o: md2_dgst.c | ||
| 84 | md2_one.o: ../../e_os.h ../../include/openssl/bio.h | 87 | md2_one.o: ../../e_os.h ../../include/openssl/bio.h |
| 85 | md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 88 | md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 86 | md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 89 | md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
diff --git a/src/lib/libcrypto/md2/md2_dgst.c b/src/lib/libcrypto/md2/md2_dgst.c index e25dd00e02..ecb64f0ec4 100644 --- a/src/lib/libcrypto/md2/md2_dgst.c +++ b/src/lib/libcrypto/md2/md2_dgst.c | |||
| @@ -61,6 +61,7 @@ | |||
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <openssl/md2.h> | 62 | #include <openssl/md2.h> |
| 63 | #include <openssl/opensslv.h> | 63 | #include <openssl/opensslv.h> |
| 64 | #include <openssl/crypto.h> | ||
| 64 | 65 | ||
| 65 | const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; | 66 | const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; |
| 66 | 67 | ||
| @@ -118,9 +119,9 @@ const char *MD2_options(void) | |||
| 118 | int MD2_Init(MD2_CTX *c) | 119 | int MD2_Init(MD2_CTX *c) |
| 119 | { | 120 | { |
| 120 | c->num=0; | 121 | c->num=0; |
| 121 | memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT)); | 122 | memset(c->state,0,sizeof c->state); |
| 122 | memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT)); | 123 | memset(c->cksm,0,sizeof c->cksm); |
| 123 | memset(c->data,0,MD2_BLOCK); | 124 | memset(c->data,0,sizeof c->data); |
| 124 | return 1; | 125 | return 1; |
| 125 | } | 126 | } |
| 126 | 127 | ||
| @@ -196,7 +197,7 @@ static void md2_block(MD2_CTX *c, const unsigned char *d) | |||
| 196 | t=(t+i)&0xff; | 197 | t=(t+i)&0xff; |
| 197 | } | 198 | } |
| 198 | memcpy(sp1,state,16*sizeof(MD2_INT)); | 199 | memcpy(sp1,state,16*sizeof(MD2_INT)); |
| 199 | memset(state,0,48*sizeof(MD2_INT)); | 200 | OPENSSL_cleanse(state,48*sizeof(MD2_INT)); |
| 200 | } | 201 | } |
| 201 | 202 | ||
| 202 | int MD2_Final(unsigned char *md, MD2_CTX *c) | 203 | int MD2_Final(unsigned char *md, MD2_CTX *c) |
diff --git a/src/lib/libcrypto/md2/md2_one.c b/src/lib/libcrypto/md2/md2_one.c index b12c37ce4d..835160ef56 100644 --- a/src/lib/libcrypto/md2/md2_one.c +++ b/src/lib/libcrypto/md2/md2_one.c | |||
| @@ -88,6 +88,6 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 88 | } | 88 | } |
| 89 | #endif | 89 | #endif |
| 90 | MD2_Final(md,&c); | 90 | MD2_Final(md,&c); |
| 91 | memset(&c,0,sizeof(c)); /* Security consideration */ | 91 | OPENSSL_cleanse(&c,sizeof(c)); /* Security consideration */ |
| 92 | return(md); | 92 | return(md); |
| 93 | } | 93 | } |
diff --git a/src/lib/libcrypto/md2/md2test.c b/src/lib/libcrypto/md2/md2test.c index 7d3664faf5..901d0a7d8e 100644 --- a/src/lib/libcrypto/md2/md2test.c +++ b/src/lib/libcrypto/md2/md2test.c | |||
| @@ -61,6 +61,8 @@ | |||
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <openssl/md2.h> | 62 | #include <openssl/md2.h> |
| 63 | 63 | ||
| 64 | #include "../e_os.h" | ||
| 65 | |||
| 64 | #ifdef OPENSSL_NO_MD2 | 66 | #ifdef OPENSSL_NO_MD2 |
| 65 | int main(int argc, char *argv[]) | 67 | int main(int argc, char *argv[]) |
| 66 | { | 68 | { |
| @@ -122,8 +124,7 @@ int main(int argc, char *argv[]) | |||
| 122 | R++; | 124 | R++; |
| 123 | P++; | 125 | P++; |
| 124 | } | 126 | } |
| 125 | exit(err); | 127 | EXIT(err); |
| 126 | return(0); | ||
| 127 | } | 128 | } |
| 128 | 129 | ||
| 129 | static char *pt(unsigned char *md) | 130 | static char *pt(unsigned char *md) |
diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h index 353d2b96ad..573850b122 100644 --- a/src/lib/libcrypto/md32_common.h +++ b/src/lib/libcrypto/md32_common.h | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/md32_common.h */ | 1 | /* crypto/md32_common.h */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -198,7 +198,7 @@ | |||
| 198 | * | 198 | * |
| 199 | * <appro@fy.chalmers.se> | 199 | * <appro@fy.chalmers.se> |
| 200 | */ | 200 | */ |
| 201 | # if defined(__i386) || defined(__i386__) | 201 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) |
| 202 | # define ROTATE(a,n) ({ register unsigned int ret; \ | 202 | # define ROTATE(a,n) ({ register unsigned int ret; \ |
| 203 | asm ( \ | 203 | asm ( \ |
| 204 | "roll %1,%0" \ | 204 | "roll %1,%0" \ |
| @@ -224,7 +224,7 @@ | |||
| 224 | */ | 224 | */ |
| 225 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) | 225 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) |
| 226 | /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */ | 226 | /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */ |
| 227 | # if (defined(__i386) || defined(__i386__)) && !defined(I386_ONLY) | 227 | # if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY) |
| 228 | # define BE_FETCH32(a) ({ register unsigned int l=(a);\ | 228 | # define BE_FETCH32(a) ({ register unsigned int l=(a);\ |
| 229 | asm ( \ | 229 | asm ( \ |
| 230 | "bswapl %0" \ | 230 | "bswapl %0" \ |
| @@ -456,7 +456,10 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) | |||
| 456 | { | 456 | { |
| 457 | ew=(c->num>>2); | 457 | ew=(c->num>>2); |
| 458 | ec=(c->num&0x03); | 458 | ec=(c->num&0x03); |
| 459 | l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; | 459 | if (sc) |
| 460 | l=p[sw]; | ||
| 461 | HOST_p_c2l(data,l,sc); | ||
| 462 | p[sw++]=l; | ||
| 460 | for (; sw < ew; sw++) | 463 | for (; sw < ew; sw++) |
| 461 | { | 464 | { |
| 462 | HOST_c2l(data,l); p[sw]=l; | 465 | HOST_c2l(data,l); p[sw]=l; |
| @@ -603,7 +606,32 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) | |||
| 603 | c->num=0; | 606 | c->num=0; |
| 604 | /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack | 607 | /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack |
| 605 | * but I'm not worried :-) | 608 | * but I'm not worried :-) |
| 606 | memset((void *)c,0,sizeof(HASH_CTX)); | 609 | OPENSSL_cleanse((void *)c,sizeof(HASH_CTX)); |
| 607 | */ | 610 | */ |
| 608 | return 1; | 611 | return 1; |
| 609 | } | 612 | } |
| 613 | |||
| 614 | #ifndef MD32_REG_T | ||
| 615 | #define MD32_REG_T long | ||
| 616 | /* | ||
| 617 | * This comment was originaly written for MD5, which is why it | ||
| 618 | * discusses A-D. But it basically applies to all 32-bit digests, | ||
| 619 | * which is why it was moved to common header file. | ||
| 620 | * | ||
| 621 | * In case you wonder why A-D are declared as long and not | ||
| 622 | * as MD5_LONG. Doing so results in slight performance | ||
| 623 | * boost on LP64 architectures. The catch is we don't | ||
| 624 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 625 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 626 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 627 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 628 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 629 | * Well, to be honest it should say that this *prevents* | ||
| 630 | * performance degradation. | ||
| 631 | * <appro@fy.chalmers.se> | ||
| 632 | * Apparently there're LP64 compilers that generate better | ||
| 633 | * code if A-D are declared int. Most notably GCC-x86_64 | ||
| 634 | * generates better code. | ||
| 635 | * <appro@fy.chalmers.se> | ||
| 636 | */ | ||
| 637 | #endif | ||
diff --git a/src/lib/libcrypto/md4/Makefile.ssl b/src/lib/libcrypto/md4/Makefile.ssl index 1de72571d8..7d2e8d8d3b 100644 --- a/src/lib/libcrypto/md4/Makefile.ssl +++ b/src/lib/libcrypto/md4/Makefile.ssl | |||
| @@ -69,7 +69,7 @@ lint: | |||
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 70 | ||
| 71 | depend: | 71 | depend: |
| 72 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 73 | 73 | ||
| 74 | dclean: | 74 | dclean: |
| 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -84,5 +84,8 @@ md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h | |||
| 84 | md4_dgst.o: ../../include/openssl/opensslconf.h | 84 | md4_dgst.o: ../../include/openssl/opensslconf.h |
| 85 | md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c | 85 | md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c |
| 86 | md4_dgst.o: md4_locl.h | 86 | md4_dgst.o: md4_locl.h |
| 87 | md4_one.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h | 87 | md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 88 | md4_one.o: ../../include/openssl/opensslconf.h md4_one.c | 88 | md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h |
| 89 | md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 90 | md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 91 | md4_one.o: md4_one.c | ||
diff --git a/src/lib/libcrypto/md4/md4.c b/src/lib/libcrypto/md4/md4.c index e4b0aac011..141415ad4d 100644 --- a/src/lib/libcrypto/md4/md4.c +++ b/src/lib/libcrypto/md4/md4.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | void do_fp(FILE *f); | 65 | void do_fp(FILE *f); |
| 66 | void pt(unsigned char *md); | 66 | void pt(unsigned char *md); |
| 67 | #ifndef _OSD_POSIX | 67 | #if !defined(_OSD_POSIX) && !defined(__DJGPP__) |
| 68 | int read(int, void *, unsigned int); | 68 | int read(int, void *, unsigned int); |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
| @@ -108,7 +108,7 @@ void do_fp(FILE *f) | |||
| 108 | MD4_Init(&c); | 108 | MD4_Init(&c); |
| 109 | for (;;) | 109 | for (;;) |
| 110 | { | 110 | { |
| 111 | i=read(fd,buf,BUFSIZE); | 111 | i=read(fd,buf,sizeof buf); |
| 112 | if (i <= 0) break; | 112 | if (i <= 0) break; |
| 113 | MD4_Update(&c,buf,(unsigned long)i); | 113 | MD4_Update(&c,buf,(unsigned long)i); |
| 114 | } | 114 | } |
diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c index 6446f5f5e7..7afb7185b6 100644 --- a/src/lib/libcrypto/md4/md4_dgst.c +++ b/src/lib/libcrypto/md4/md4_dgst.c | |||
| @@ -86,21 +86,7 @@ int MD4_Init(MD4_CTX *c) | |||
| 86 | void md4_block_host_order (MD4_CTX *c, const void *data, int num) | 86 | void md4_block_host_order (MD4_CTX *c, const void *data, int num) |
| 87 | { | 87 | { |
| 88 | const MD4_LONG *X=data; | 88 | const MD4_LONG *X=data; |
| 89 | register unsigned long A,B,C,D; | 89 | register unsigned MD32_REG_T A,B,C,D; |
| 90 | /* | ||
| 91 | * In case you wonder why A-D are declared as long and not | ||
| 92 | * as MD4_LONG. Doing so results in slight performance | ||
| 93 | * boost on LP64 architectures. The catch is we don't | ||
| 94 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 95 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 96 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 97 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 98 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 99 | * Well, to be honest it should say that this *prevents* | ||
| 100 | * performance degradation. | ||
| 101 | * | ||
| 102 | * <appro@fy.chalmers.se> | ||
| 103 | */ | ||
| 104 | 90 | ||
| 105 | A=c->A; | 91 | A=c->A; |
| 106 | B=c->B; | 92 | B=c->B; |
| @@ -176,25 +162,11 @@ void md4_block_host_order (MD4_CTX *c, const void *data, int num) | |||
| 176 | void md4_block_data_order (MD4_CTX *c, const void *data_, int num) | 162 | void md4_block_data_order (MD4_CTX *c, const void *data_, int num) |
| 177 | { | 163 | { |
| 178 | const unsigned char *data=data_; | 164 | const unsigned char *data=data_; |
| 179 | register unsigned long A,B,C,D,l; | 165 | register unsigned MD32_REG_T A,B,C,D,l; |
| 180 | /* | ||
| 181 | * In case you wonder why A-D are declared as long and not | ||
| 182 | * as MD4_LONG. Doing so results in slight performance | ||
| 183 | * boost on LP64 architectures. The catch is we don't | ||
| 184 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 185 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 186 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 187 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 188 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 189 | * Well, to be honest it should say that this *prevents* | ||
| 190 | * performance degradation. | ||
| 191 | * | ||
| 192 | * <appro@fy.chalmers.se> | ||
| 193 | */ | ||
| 194 | #ifndef MD32_XARRAY | 166 | #ifndef MD32_XARRAY |
| 195 | /* See comment in crypto/sha/sha_locl.h for details. */ | 167 | /* See comment in crypto/sha/sha_locl.h for details. */ |
| 196 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 168 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 197 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 169 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 198 | # define X(i) XX##i | 170 | # define X(i) XX##i |
| 199 | #else | 171 | #else |
| 200 | MD4_LONG XX[MD4_LBLOCK]; | 172 | MD4_LONG XX[MD4_LBLOCK]; |
diff --git a/src/lib/libcrypto/md4/md4_one.c b/src/lib/libcrypto/md4/md4_one.c index 87a995d38d..00565507e4 100644 --- a/src/lib/libcrypto/md4/md4_one.c +++ b/src/lib/libcrypto/md4/md4_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/md4.h> | 61 | #include <openssl/md4.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifdef CHARSET_EBCDIC | 64 | #ifdef CHARSET_EBCDIC |
| 64 | #include <openssl/ebcdic.h> | 65 | #include <openssl/ebcdic.h> |
| @@ -89,7 +90,7 @@ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 89 | } | 90 | } |
| 90 | #endif | 91 | #endif |
| 91 | MD4_Final(md,&c); | 92 | MD4_Final(md,&c); |
| 92 | memset(&c,0,sizeof(c)); /* security consideration */ | 93 | OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ |
| 93 | return(md); | 94 | return(md); |
| 94 | } | 95 | } |
| 95 | 96 | ||
diff --git a/src/lib/libcrypto/md4/md4test.c b/src/lib/libcrypto/md4/md4test.c index e0fdc42282..21a77d96f7 100644 --- a/src/lib/libcrypto/md4/md4test.c +++ b/src/lib/libcrypto/md4/md4test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_MD4 | 65 | #ifdef OPENSSL_NO_MD4 |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -118,7 +120,7 @@ int main(int argc, char *argv[]) | |||
| 118 | R++; | 120 | R++; |
| 119 | P++; | 121 | P++; |
| 120 | } | 122 | } |
| 121 | exit(err); | 123 | EXIT(err); |
| 122 | return(0); | 124 | return(0); |
| 123 | } | 125 | } |
| 124 | 126 | ||
diff --git a/src/lib/libcrypto/md5/Makefile.ssl b/src/lib/libcrypto/md5/Makefile.ssl index 5f1bbfb8ff..b11ab476d6 100644 --- a/src/lib/libcrypto/md5/Makefile.ssl +++ b/src/lib/libcrypto/md5/Makefile.ssl | |||
| @@ -21,14 +21,6 @@ MD5_ASM_OBJ= | |||
| 21 | 21 | ||
| 22 | CFLAGS= $(INCLUDES) $(CFLAG) | 22 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 23 | 23 | ||
| 24 | # We let the C compiler driver to take care of .s files. This is done in | ||
| 25 | # order to be excused from maintaining a separate set of architecture | ||
| 26 | # dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC | ||
| 27 | # gcc, then the driver will automatically translate it to -xarch=v8plus | ||
| 28 | # and pass it down to assembler. | ||
| 29 | AS=$(CC) -c | ||
| 30 | ASFLAGS=$(CFLAGS) | ||
| 31 | |||
| 32 | GENERAL=Makefile | 24 | GENERAL=Makefile |
| 33 | TEST=md5test.c | 25 | TEST=md5test.c |
| 34 | APPS= | 26 | APPS= |
| @@ -55,14 +47,8 @@ lib: $(LIBOBJ) | |||
| 55 | @touch lib | 47 | @touch lib |
| 56 | 48 | ||
| 57 | # elf | 49 | # elf |
| 58 | asm/mx86-elf.o: asm/mx86unix.cpp | 50 | asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl |
| 59 | $(CPP) -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o | 51 | (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s) |
| 60 | |||
| 61 | # solaris | ||
| 62 | asm/mx86-sol.o: asm/mx86unix.cpp | ||
| 63 | $(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s | ||
| 64 | as -o asm/mx86-sol.o asm/mx86-sol.s | ||
| 65 | rm -f asm/mx86-sol.s | ||
| 66 | 52 | ||
| 67 | # a.out | 53 | # a.out |
| 68 | asm/mx86-out.o: asm/mx86unix.cpp | 54 | asm/mx86-out.o: asm/mx86unix.cpp |
| @@ -118,18 +104,23 @@ lint: | |||
| 118 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 104 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 119 | 105 | ||
| 120 | depend: | 106 | depend: |
| 121 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 107 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 122 | 108 | ||
| 123 | dclean: | 109 | dclean: |
| 124 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 110 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 125 | mv -f Makefile.new $(MAKEFILE) | 111 | mv -f Makefile.new $(MAKEFILE) |
| 126 | 112 | ||
| 127 | clean: | 113 | clean: |
| 128 | rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 114 | rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 129 | 115 | ||
| 130 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 116 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 131 | 117 | ||
| 132 | md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h | 118 | md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h |
| 119 | md5_dgst.o: ../../include/openssl/opensslconf.h | ||
| 133 | md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c | 120 | md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c |
| 134 | md5_dgst.o: md5_locl.h | 121 | md5_dgst.o: md5_locl.h |
| 135 | md5_one.o: ../../include/openssl/md5.h md5_one.c | 122 | md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 123 | md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h | ||
| 124 | md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 125 | md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 126 | md5_one.o: md5_one.c | ||
diff --git a/src/lib/libcrypto/md5/md5.c b/src/lib/libcrypto/md5/md5.c index 7ed0024ae1..563733abc5 100644 --- a/src/lib/libcrypto/md5/md5.c +++ b/src/lib/libcrypto/md5/md5.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | void do_fp(FILE *f); | 65 | void do_fp(FILE *f); |
| 66 | void pt(unsigned char *md); | 66 | void pt(unsigned char *md); |
| 67 | #ifndef _OSD_POSIX | 67 | #if !defined(_OSD_POSIX) && !defined(__DJGPP__) |
| 68 | int read(int, void *, unsigned int); | 68 | int read(int, void *, unsigned int); |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h index 52cb753e6a..a252e02115 100644 --- a/src/lib/libcrypto/md5/md5.h +++ b/src/lib/libcrypto/md5/md5.h | |||
| @@ -59,6 +59,8 @@ | |||
| 59 | #ifndef HEADER_MD5_H | 59 | #ifndef HEADER_MD5_H |
| 60 | #define HEADER_MD5_H | 60 | #define HEADER_MD5_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | ||
| 63 | |||
| 62 | #ifdef __cplusplus | 64 | #ifdef __cplusplus |
| 63 | extern "C" { | 65 | extern "C" { |
| 64 | #endif | 66 | #endif |
| @@ -76,7 +78,7 @@ extern "C" { | |||
| 76 | 78 | ||
| 77 | #if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) | 79 | #if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) |
| 78 | #define MD5_LONG unsigned long | 80 | #define MD5_LONG unsigned long |
| 79 | #elif defined(OENSSL_SYS_CRAY) || defined(__ILP64__) | 81 | #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) |
| 80 | #define MD5_LONG unsigned long | 82 | #define MD5_LONG unsigned long |
| 81 | #define MD5_LONG_LOG2 3 | 83 | #define MD5_LONG_LOG2 3 |
| 82 | /* | 84 | /* |
diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c index c38a3f021e..9c7abc3697 100644 --- a/src/lib/libcrypto/md5/md5_dgst.c +++ b/src/lib/libcrypto/md5/md5_dgst.c | |||
| @@ -86,21 +86,7 @@ int MD5_Init(MD5_CTX *c) | |||
| 86 | void md5_block_host_order (MD5_CTX *c, const void *data, int num) | 86 | void md5_block_host_order (MD5_CTX *c, const void *data, int num) |
| 87 | { | 87 | { |
| 88 | const MD5_LONG *X=data; | 88 | const MD5_LONG *X=data; |
| 89 | register unsigned long A,B,C,D; | 89 | register unsigned MD32_REG_T A,B,C,D; |
| 90 | /* | ||
| 91 | * In case you wonder why A-D are declared as long and not | ||
| 92 | * as MD5_LONG. Doing so results in slight performance | ||
| 93 | * boost on LP64 architectures. The catch is we don't | ||
| 94 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 95 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 96 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 97 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 98 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 99 | * Well, to be honest it should say that this *prevents* | ||
| 100 | * performance degradation. | ||
| 101 | * | ||
| 102 | * <appro@fy.chalmers.se> | ||
| 103 | */ | ||
| 104 | 90 | ||
| 105 | A=c->A; | 91 | A=c->A; |
| 106 | B=c->B; | 92 | B=c->B; |
| @@ -193,25 +179,11 @@ void md5_block_host_order (MD5_CTX *c, const void *data, int num) | |||
| 193 | void md5_block_data_order (MD5_CTX *c, const void *data_, int num) | 179 | void md5_block_data_order (MD5_CTX *c, const void *data_, int num) |
| 194 | { | 180 | { |
| 195 | const unsigned char *data=data_; | 181 | const unsigned char *data=data_; |
| 196 | register unsigned long A,B,C,D,l; | 182 | register unsigned MD32_REG_T A,B,C,D,l; |
| 197 | /* | ||
| 198 | * In case you wonder why A-D are declared as long and not | ||
| 199 | * as MD5_LONG. Doing so results in slight performance | ||
| 200 | * boost on LP64 architectures. The catch is we don't | ||
| 201 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 202 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 203 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 204 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 205 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 206 | * Well, to be honest it should say that this *prevents* | ||
| 207 | * performance degradation. | ||
| 208 | * | ||
| 209 | * <appro@fy.chalmers.se> | ||
| 210 | */ | ||
| 211 | #ifndef MD32_XARRAY | 183 | #ifndef MD32_XARRAY |
| 212 | /* See comment in crypto/sha/sha_locl.h for details. */ | 184 | /* See comment in crypto/sha/sha_locl.h for details. */ |
| 213 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 185 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 214 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 186 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 215 | # define X(i) XX##i | 187 | # define X(i) XX##i |
| 216 | #else | 188 | #else |
| 217 | MD5_LONG XX[MD5_LBLOCK]; | 189 | MD5_LONG XX[MD5_LBLOCK]; |
diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h index 34c5257306..9e360da732 100644 --- a/src/lib/libcrypto/md5/md5_locl.h +++ b/src/lib/libcrypto/md5/md5_locl.h | |||
| @@ -58,7 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/opensslconf.h> | 61 | #include <openssl/e_os2.h> |
| 62 | #include <openssl/md5.h> | 62 | #include <openssl/md5.h> |
| 63 | 63 | ||
| 64 | #ifndef MD5_LONG_LOG2 | 64 | #ifndef MD5_LONG_LOG2 |
diff --git a/src/lib/libcrypto/md5/md5_one.c b/src/lib/libcrypto/md5/md5_one.c index b89dec850d..c5dd2d81db 100644 --- a/src/lib/libcrypto/md5/md5_one.c +++ b/src/lib/libcrypto/md5/md5_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/md5.h> | 61 | #include <openssl/md5.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifdef CHARSET_EBCDIC | 64 | #ifdef CHARSET_EBCDIC |
| 64 | #include <openssl/ebcdic.h> | 65 | #include <openssl/ebcdic.h> |
| @@ -89,7 +90,7 @@ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 89 | } | 90 | } |
| 90 | #endif | 91 | #endif |
| 91 | MD5_Final(md,&c); | 92 | MD5_Final(md,&c); |
| 92 | memset(&c,0,sizeof(c)); /* security consideration */ | 93 | OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ |
| 93 | return(md); | 94 | return(md); |
| 94 | } | 95 | } |
| 95 | 96 | ||
diff --git a/src/lib/libcrypto/md5/md5test.c b/src/lib/libcrypto/md5/md5test.c index 862b89658a..bfd62629ed 100644 --- a/src/lib/libcrypto/md5/md5test.c +++ b/src/lib/libcrypto/md5/md5test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_MD5 | 65 | #ifdef OPENSSL_NO_MD5 |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -118,7 +120,7 @@ int main(int argc, char *argv[]) | |||
| 118 | R++; | 120 | R++; |
| 119 | P++; | 121 | P++; |
| 120 | } | 122 | } |
| 121 | exit(err); | 123 | EXIT(err); |
| 122 | return(0); | 124 | return(0); |
| 123 | } | 125 | } |
| 124 | 126 | ||
diff --git a/src/lib/libcrypto/mdc2/Makefile.ssl b/src/lib/libcrypto/mdc2/Makefile.ssl index 087b8eb9ee..33f366fb08 100644 --- a/src/lib/libcrypto/mdc2/Makefile.ssl +++ b/src/lib/libcrypto/mdc2/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c index 87d0ebc714..29df7d35b2 100644 --- a/src/lib/libcrypto/mem.c +++ b/src/lib/libcrypto/mem.c | |||
| @@ -250,6 +250,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), | |||
| 250 | void *CRYPTO_malloc_locked(int num, const char *file, int line) | 250 | void *CRYPTO_malloc_locked(int num, const char *file, int line) |
| 251 | { | 251 | { |
| 252 | void *ret = NULL; | 252 | void *ret = NULL; |
| 253 | extern unsigned char cleanse_ctr; | ||
| 253 | 254 | ||
| 254 | if (num < 0) return NULL; | 255 | if (num < 0) return NULL; |
| 255 | 256 | ||
| @@ -266,6 +267,12 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) | |||
| 266 | if (malloc_debug_func != NULL) | 267 | if (malloc_debug_func != NULL) |
| 267 | malloc_debug_func(ret, num, file, line, 1); | 268 | malloc_debug_func(ret, num, file, line, 1); |
| 268 | 269 | ||
| 270 | /* Create a dependency on the value of 'cleanse_ctr' so our memory | ||
| 271 | * sanitisation function can't be optimised out. NB: We only do | ||
| 272 | * this for >2Kb so the overhead doesn't bother us. */ | ||
| 273 | if(ret && (num > 2048)) | ||
| 274 | ((unsigned char *)ret)[0] = cleanse_ctr; | ||
| 275 | |||
| 269 | return ret; | 276 | return ret; |
| 270 | } | 277 | } |
| 271 | 278 | ||
| @@ -284,6 +291,7 @@ void CRYPTO_free_locked(void *str) | |||
| 284 | void *CRYPTO_malloc(int num, const char *file, int line) | 291 | void *CRYPTO_malloc(int num, const char *file, int line) |
| 285 | { | 292 | { |
| 286 | void *ret = NULL; | 293 | void *ret = NULL; |
| 294 | extern unsigned char cleanse_ctr; | ||
| 287 | 295 | ||
| 288 | if (num < 0) return NULL; | 296 | if (num < 0) return NULL; |
| 289 | 297 | ||
| @@ -300,6 +308,12 @@ void *CRYPTO_malloc(int num, const char *file, int line) | |||
| 300 | if (malloc_debug_func != NULL) | 308 | if (malloc_debug_func != NULL) |
| 301 | malloc_debug_func(ret, num, file, line, 1); | 309 | malloc_debug_func(ret, num, file, line, 1); |
| 302 | 310 | ||
| 311 | /* Create a dependency on the value of 'cleanse_ctr' so our memory | ||
| 312 | * sanitisation function can't be optimised out. NB: We only do | ||
| 313 | * this for >2Kb so the overhead doesn't bother us. */ | ||
| 314 | if(ret && (num > 2048)) | ||
| 315 | ((unsigned char *)ret)[0] = cleanse_ctr; | ||
| 316 | |||
| 303 | return ret; | 317 | return ret; |
| 304 | } | 318 | } |
| 305 | 319 | ||
| @@ -310,8 +324,8 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) | |||
| 310 | if (str == NULL) | 324 | if (str == NULL) |
| 311 | return CRYPTO_malloc(num, file, line); | 325 | return CRYPTO_malloc(num, file, line); |
| 312 | 326 | ||
| 313 | if (num < 0) return NULL; | 327 | if (num < 0) return NULL; |
| 314 | 328 | ||
| 315 | if (realloc_debug_func != NULL) | 329 | if (realloc_debug_func != NULL) |
| 316 | realloc_debug_func(str, NULL, num, file, line, 0); | 330 | realloc_debug_func(str, NULL, num, file, line, 0); |
| 317 | ret = realloc_ex_func(str,num,file,line); | 331 | ret = realloc_ex_func(str,num,file,line); |
| @@ -324,6 +338,32 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) | |||
| 324 | return ret; | 338 | return ret; |
| 325 | } | 339 | } |
| 326 | 340 | ||
| 341 | void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, | ||
| 342 | int line) | ||
| 343 | { | ||
| 344 | void *ret = NULL; | ||
| 345 | |||
| 346 | if (str == NULL) | ||
| 347 | return CRYPTO_malloc(num, file, line); | ||
| 348 | |||
| 349 | if (num < 0) return NULL; | ||
| 350 | |||
| 351 | if (realloc_debug_func != NULL) | ||
| 352 | realloc_debug_func(str, NULL, num, file, line, 0); | ||
| 353 | ret=malloc_ex_func(num,file,line); | ||
| 354 | if(ret) | ||
| 355 | memcpy(ret,str,old_len); | ||
| 356 | OPENSSL_cleanse(str,old_len); | ||
| 357 | free_func(str); | ||
| 358 | #ifdef LEVITTE_DEBUG_MEM | ||
| 359 | fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num); | ||
| 360 | #endif | ||
| 361 | if (realloc_debug_func != NULL) | ||
| 362 | realloc_debug_func(str, ret, num, file, line, 1); | ||
| 363 | |||
| 364 | return ret; | ||
| 365 | } | ||
| 366 | |||
| 327 | void CRYPTO_free(void *str) | 367 | void CRYPTO_free(void *str) |
| 328 | { | 368 | { |
| 329 | if (free_debug_func != NULL) | 369 | if (free_debug_func != NULL) |
| @@ -343,7 +383,6 @@ void *CRYPTO_remalloc(void *a, int num, const char *file, int line) | |||
| 343 | return(a); | 383 | return(a); |
| 344 | } | 384 | } |
| 345 | 385 | ||
| 346 | |||
| 347 | void CRYPTO_set_mem_debug_options(long bits) | 386 | void CRYPTO_set_mem_debug_options(long bits) |
| 348 | { | 387 | { |
| 349 | if (set_debug_options_func != NULL) | 388 | if (set_debug_options_func != NULL) |
diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c index ea94eee6f4..9221df00bd 100644 --- a/src/lib/libcrypto/mem_dbg.c +++ b/src/lib/libcrypto/mem_dbg.c | |||
| @@ -102,6 +102,8 @@ typedef struct app_mem_info_st | |||
| 102 | int references; | 102 | int references; |
| 103 | } APP_INFO; | 103 | } APP_INFO; |
| 104 | 104 | ||
| 105 | static void app_info_free(APP_INFO *); | ||
| 106 | |||
| 105 | static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's | 107 | static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's |
| 106 | * that are at the top of their thread's stack | 108 | * that are at the top of their thread's stack |
| 107 | * (with `thread' as key); | 109 | * (with `thread' as key); |
| @@ -140,6 +142,18 @@ static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0. | |||
| 140 | * thread named in disabling_thread). | 142 | * thread named in disabling_thread). |
| 141 | */ | 143 | */ |
| 142 | 144 | ||
| 145 | static void app_info_free(APP_INFO *inf) | ||
| 146 | { | ||
| 147 | if (--(inf->references) <= 0) | ||
| 148 | { | ||
| 149 | if (inf->next != NULL) | ||
| 150 | { | ||
| 151 | app_info_free(inf->next); | ||
| 152 | } | ||
| 153 | OPENSSL_free(inf); | ||
| 154 | } | ||
| 155 | } | ||
| 156 | |||
| 143 | int CRYPTO_mem_ctrl(int mode) | 157 | int CRYPTO_mem_ctrl(int mode) |
| 144 | { | 158 | { |
| 145 | int ret=mh_mode; | 159 | int ret=mh_mode; |
| @@ -502,9 +516,7 @@ void CRYPTO_dbg_free(void *addr, int before_p) | |||
| 502 | mp->order, mp->addr, mp->num); | 516 | mp->order, mp->addr, mp->num); |
| 503 | #endif | 517 | #endif |
| 504 | if (mp->app_info != NULL) | 518 | if (mp->app_info != NULL) |
| 505 | { | 519 | app_info_free(mp->app_info); |
| 506 | mp->app_info->references--; | ||
| 507 | } | ||
| 508 | OPENSSL_free(mp); | 520 | OPENSSL_free(mp); |
| 509 | } | 521 | } |
| 510 | 522 | ||
| @@ -669,7 +681,6 @@ static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *) | |||
| 669 | void CRYPTO_mem_leaks(BIO *b) | 681 | void CRYPTO_mem_leaks(BIO *b) |
| 670 | { | 682 | { |
| 671 | MEM_LEAK ml; | 683 | MEM_LEAK ml; |
| 672 | char buf[80]; | ||
| 673 | 684 | ||
| 674 | if (mh == NULL && amih == NULL) | 685 | if (mh == NULL && amih == NULL) |
| 675 | return; | 686 | return; |
| @@ -684,9 +695,8 @@ void CRYPTO_mem_leaks(BIO *b) | |||
| 684 | (char *)&ml); | 695 | (char *)&ml); |
| 685 | if (ml.chunks != 0) | 696 | if (ml.chunks != 0) |
| 686 | { | 697 | { |
| 687 | snprintf(buf,sizeof buf,"%ld bytes leaked in %d chunks\n", | 698 | BIO_printf(b,"%ld bytes leaked in %d chunks\n", |
| 688 | ml.bytes,ml.chunks); | 699 | ml.bytes,ml.chunks); |
| 689 | BIO_puts(b,buf); | ||
| 690 | } | 700 | } |
| 691 | else | 701 | else |
| 692 | { | 702 | { |
diff --git a/src/lib/libcrypto/o_time.c b/src/lib/libcrypto/o_time.c index 1bc0297b36..723eb1b5af 100644 --- a/src/lib/libcrypto/o_time.c +++ b/src/lib/libcrypto/o_time.c | |||
| @@ -80,6 +80,9 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) | |||
| 80 | ts = result; | 80 | ts = result; |
| 81 | #elif !defined(OPENSSL_SYS_VMS) | 81 | #elif !defined(OPENSSL_SYS_VMS) |
| 82 | ts = gmtime(timer); | 82 | ts = gmtime(timer); |
| 83 | if (ts == NULL) | ||
| 84 | return NULL; | ||
| 85 | |||
| 83 | memcpy(result, ts, sizeof(struct tm)); | 86 | memcpy(result, ts, sizeof(struct tm)); |
| 84 | ts = result; | 87 | ts = result; |
| 85 | #endif | 88 | #endif |
diff --git a/src/lib/libcrypto/objects/Makefile.ssl b/src/lib/libcrypto/objects/Makefile.ssl index cd5cbc95ce..3e7a194cf9 100644 --- a/src/lib/libcrypto/objects/Makefile.ssl +++ b/src/lib/libcrypto/objects/Makefile.ssl | |||
| @@ -76,7 +76,7 @@ lint: | |||
| 76 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 76 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 77 | 77 | ||
| 78 | depend: | 78 | depend: |
| 79 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 79 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 80 | 80 | ||
| 81 | dclean: | 81 | dclean: |
| 82 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 82 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c index 202bd168ac..ae97108e93 100644 --- a/src/lib/libcrypto/objects/obj_dat.c +++ b/src/lib/libcrypto/objects/obj_dat.c | |||
| @@ -464,7 +464,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | |||
| 464 | 464 | ||
| 465 | snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); | 465 | snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); |
| 466 | i=strlen(tbuf); | 466 | i=strlen(tbuf); |
| 467 | strncpy(buf,tbuf,buf_len); | 467 | BUF_strlcpy(buf,tbuf,buf_len); |
| 468 | buf_len-=i; | 468 | buf_len-=i; |
| 469 | buf+=i; | 469 | buf+=i; |
| 470 | n+=i; | 470 | n+=i; |
| @@ -476,7 +476,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | |||
| 476 | snprintf(tbuf,sizeof tbuf,".%lu",l); | 476 | snprintf(tbuf,sizeof tbuf,".%lu",l); |
| 477 | i=strlen(tbuf); | 477 | i=strlen(tbuf); |
| 478 | if (buf_len > 0) | 478 | if (buf_len > 0) |
| 479 | strncpy(buf,tbuf,buf_len); | 479 | BUF_strlcpy(buf,tbuf,buf_len); |
| 480 | buf_len-=i; | 480 | buf_len-=i; |
| 481 | buf+=i; | 481 | buf+=i; |
| 482 | n+=i; | 482 | n+=i; |
| @@ -488,10 +488,9 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | |||
| 488 | s=OBJ_nid2ln(nid); | 488 | s=OBJ_nid2ln(nid); |
| 489 | if (s == NULL) | 489 | if (s == NULL) |
| 490 | s=OBJ_nid2sn(nid); | 490 | s=OBJ_nid2sn(nid); |
| 491 | strncpy(buf,s,buf_len); | 491 | BUF_strlcpy(buf,s,buf_len); |
| 492 | n=strlen(s); | 492 | n=strlen(s); |
| 493 | } | 493 | } |
| 494 | buf[buf_len-1]='\0'; | ||
| 495 | return(n); | 494 | return(n); |
| 496 | } | 495 | } |
| 497 | 496 | ||
diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num index 1486199661..9838072b65 100644 --- a/src/lib/libcrypto/objects/obj_mac.num +++ b/src/lib/libcrypto/objects/obj_mac.num | |||
| @@ -645,3 +645,5 @@ rsaOAEPEncryptionSET 644 | |||
| 645 | itu_t 645 | 645 | itu_t 645 |
| 646 | joint_iso_itu_t 646 | 646 | joint_iso_itu_t 646 |
| 647 | international_organizations 647 | 647 | international_organizations 647 |
| 648 | ms_smartcard_login 648 | ||
| 649 | ms_upn 649 | ||
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt index 71a4908485..3ba11f65cc 100644 --- a/src/lib/libcrypto/objects/objects.txt +++ b/src/lib/libcrypto/objects/objects.txt | |||
| @@ -276,6 +276,10 @@ rsadsi 3 8 : RC5-CBC : rc5-cbc | |||
| 276 | 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto | 276 | 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto |
| 277 | !Cname ms-efs | 277 | !Cname ms-efs |
| 278 | 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System | 278 | 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System |
| 279 | !Cname ms-smartcard-login | ||
| 280 | 1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin | ||
| 281 | !Cname ms-upn | ||
| 282 | 1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name | ||
| 279 | 283 | ||
| 280 | 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc | 284 | 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc |
| 281 | : IDEA-ECB : idea-ecb | 285 | : IDEA-ECB : idea-ecb |
| @@ -537,7 +541,7 @@ X509 11 : OU : organizationalUnitName | |||
| 537 | X509 12 : : title | 541 | X509 12 : : title |
| 538 | X509 13 : : description | 542 | X509 13 : : description |
| 539 | X509 41 : name : name | 543 | X509 41 : name : name |
| 540 | X509 42 : gn : givenName | 544 | X509 42 : GN : givenName |
| 541 | X509 43 : : initials | 545 | X509 43 : : initials |
| 542 | X509 44 : : generationQualifier | 546 | X509 44 : : generationQualifier |
| 543 | X509 45 : : x500UniqueIdentifier | 547 | X509 45 : : x500UniqueIdentifier |
diff --git a/src/lib/libcrypto/ocsp/Makefile.ssl b/src/lib/libcrypto/ocsp/Makefile.ssl index 2be98179ae..02477be538 100644 --- a/src/lib/libcrypto/ocsp/Makefile.ssl +++ b/src/lib/libcrypto/ocsp/Makefile.ssl | |||
| @@ -43,7 +43,7 @@ all: lib | |||
| 43 | 43 | ||
| 44 | lib: $(LIBOBJ) | 44 | lib: $(LIBOBJ) |
| 45 | $(AR) $(LIB) $(LIBOBJ) | 45 | $(AR) $(LIB) $(LIBOBJ) |
| 46 | $(RANLIB) $(LIB) | 46 | $(RANLIB) $(LIB) || echo Never mind. |
| 47 | @touch lib | 47 | @touch lib |
| 48 | 48 | ||
| 49 | files: | 49 | files: |
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/ocsp/ocsp_asn.c b/src/lib/libcrypto/ocsp/ocsp_asn.c index 8c148cda6a..6a3a360d54 100644 --- a/src/lib/libcrypto/ocsp/ocsp_asn.c +++ b/src/lib/libcrypto/ocsp/ocsp_asn.c | |||
| @@ -117,7 +117,7 @@ IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE) | |||
| 117 | 117 | ||
| 118 | ASN1_CHOICE(OCSP_RESPID) = { | 118 | ASN1_CHOICE(OCSP_RESPID) = { |
| 119 | ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1), | 119 | ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1), |
| 120 | ASN1_IMP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2) | 120 | ASN1_EXP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2) |
| 121 | } ASN1_CHOICE_END(OCSP_RESPID) | 121 | } ASN1_CHOICE_END(OCSP_RESPID) |
| 122 | 122 | ||
| 123 | IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID) | 123 | IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID) |
diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c index b78cd37092..9213e58ae4 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ht.c +++ b/src/lib/libcrypto/ocsp/ocsp_ht.c | |||
| @@ -64,6 +64,9 @@ | |||
| 64 | #include <openssl/ocsp.h> | 64 | #include <openssl/ocsp.h> |
| 65 | #include <openssl/err.h> | 65 | #include <openssl/err.h> |
| 66 | #include <openssl/buffer.h> | 66 | #include <openssl/buffer.h> |
| 67 | #ifdef OPENSSL_SYS_SUNOS | ||
| 68 | #define strtoul (unsigned long)strtol | ||
| 69 | #endif /* OPENSSL_SYS_SUNOS */ | ||
| 67 | 70 | ||
| 68 | /* Quick and dirty HTTP OCSP request handler. | 71 | /* Quick and dirty HTTP OCSP request handler. |
| 69 | * Could make this a bit cleverer by adding | 72 | * Could make this a bit cleverer by adding |
| @@ -94,7 +97,7 @@ Content-Length: %d\r\n\r\n"; | |||
| 94 | } | 97 | } |
| 95 | if(!(mem = BIO_new(BIO_s_mem()))) goto err; | 98 | if(!(mem = BIO_new(BIO_s_mem()))) goto err; |
| 96 | /* Copy response to a memory BIO: socket bios can't do gets! */ | 99 | /* Copy response to a memory BIO: socket bios can't do gets! */ |
| 97 | while ((len = BIO_read(b, tmpbuf, 1024))) { | 100 | while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) { |
| 98 | if(len < 0) { | 101 | if(len < 0) { |
| 99 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); | 102 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); |
| 100 | goto err; | 103 | goto err; |
| @@ -107,7 +110,7 @@ Content-Length: %d\r\n\r\n"; | |||
| 107 | } | 110 | } |
| 108 | /* Parse the HTTP response. This will look like this: | 111 | /* Parse the HTTP response. This will look like this: |
| 109 | * "HTTP/1.0 200 OK". We need to obtain the numeric code and | 112 | * "HTTP/1.0 200 OK". We need to obtain the numeric code and |
| 110 | * informational message. | 113 | * (optional) informational message. |
| 111 | */ | 114 | */ |
| 112 | 115 | ||
| 113 | /* Skip to first white space (passed protocol info) */ | 116 | /* Skip to first white space (passed protocol info) */ |
| @@ -135,13 +138,19 @@ Content-Length: %d\r\n\r\n"; | |||
| 135 | if(*r) goto err; | 138 | if(*r) goto err; |
| 136 | /* Skip over any leading white space in message */ | 139 | /* Skip over any leading white space in message */ |
| 137 | while(*q && isspace((unsigned char)*q)) q++; | 140 | while(*q && isspace((unsigned char)*q)) q++; |
| 138 | if(!*q) goto err; | 141 | if(*q) { |
| 139 | /* Finally zap any trailing white space in message (include CRLF) */ | 142 | /* Finally zap any trailing white space in message (include CRLF) */ |
| 140 | /* We know q has a non white space character so this is OK */ | 143 | /* We know q has a non white space character so this is OK */ |
| 141 | for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; | 144 | for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; |
| 145 | } | ||
| 142 | if(retcode != 200) { | 146 | if(retcode != 200) { |
| 143 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); | 147 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); |
| 144 | ERR_add_error_data(4, "Code=", p, ",Reason=", q); | 148 | if(!*q) { |
| 149 | ERR_add_error_data(2, "Code=", p); | ||
| 150 | } | ||
| 151 | else { | ||
| 152 | ERR_add_error_data(4, "Code=", p, ",Reason=", q); | ||
| 153 | } | ||
| 145 | goto err; | 154 | goto err; |
| 146 | } | 155 | } |
| 147 | /* Find blank line marking beginning of content */ | 156 | /* Find blank line marking beginning of content */ |
diff --git a/src/lib/libcrypto/opensslconf.h.in b/src/lib/libcrypto/opensslconf.h.in index 9082a16c46..685e83b7a3 100644 --- a/src/lib/libcrypto/opensslconf.h.in +++ b/src/lib/libcrypto/opensslconf.h.in | |||
| @@ -47,7 +47,7 @@ | |||
| 47 | #endif | 47 | #endif |
| 48 | #endif | 48 | #endif |
| 49 | 49 | ||
| 50 | #if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG) | 50 | #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) |
| 51 | /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a | 51 | /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a |
| 52 | * %20 speed up (longs are 8 bytes, int's are 4). */ | 52 | * %20 speed up (longs are 8 bytes, int's are 4). */ |
| 53 | #ifndef DES_LONG | 53 | #ifndef DES_LONG |
diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h index 9689b49c5b..08cb1d5018 100644 --- a/src/lib/libcrypto/opensslv.h +++ b/src/lib/libcrypto/opensslv.h | |||
| @@ -25,8 +25,8 @@ | |||
| 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for | 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 26 | * major minor fix final patch/beta) | 26 | * major minor fix final patch/beta) |
| 27 | */ | 27 | */ |
| 28 | #define OPENSSL_VERSION_NUMBER 0x00907003L | 28 | #define OPENSSL_VERSION_NUMBER 0x0090702fL |
| 29 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7-beta3 30 Jul 2002" | 29 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7b 10 Apr 2003" |
| 30 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT | 30 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
| 31 | 31 | ||
| 32 | 32 | ||
diff --git a/src/lib/libcrypto/ossl_typ.h b/src/lib/libcrypto/ossl_typ.h index 6bd42aee4d..285fd0b1d9 100644 --- a/src/lib/libcrypto/ossl_typ.h +++ b/src/lib/libcrypto/ossl_typ.h | |||
| @@ -55,6 +55,8 @@ | |||
| 55 | #ifndef HEADER_OPENSSL_TYPES_H | 55 | #ifndef HEADER_OPENSSL_TYPES_H |
| 56 | #define HEADER_OPENSSL_TYPES_H | 56 | #define HEADER_OPENSSL_TYPES_H |
| 57 | 57 | ||
| 58 | #include <openssl/e_os2.h> | ||
| 59 | |||
| 58 | #ifdef NO_ASN1_TYPEDEFS | 60 | #ifdef NO_ASN1_TYPEDEFS |
| 59 | #define ASN1_INTEGER ASN1_STRING | 61 | #define ASN1_INTEGER ASN1_STRING |
| 60 | #define ASN1_ENUMERATED ASN1_STRING | 62 | #define ASN1_ENUMERATED ASN1_STRING |
diff --git a/src/lib/libcrypto/pem/Makefile.ssl b/src/lib/libcrypto/pem/Makefile.ssl index 5075d9107b..d3043eb401 100644 --- a/src/lib/libcrypto/pem/Makefile.ssl +++ b/src/lib/libcrypto/pem/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h index 3785fca77d..d330cbf9a3 100644 --- a/src/lib/libcrypto/pem/pem.h +++ b/src/lib/libcrypto/pem/pem.h | |||
| @@ -149,7 +149,7 @@ typedef struct pem_recip_st | |||
| 149 | 149 | ||
| 150 | int cipher; | 150 | int cipher; |
| 151 | int key_enc; | 151 | int key_enc; |
| 152 | char iv[8]; | 152 | /* char iv[8]; unused and wrong size */ |
| 153 | } PEM_USER; | 153 | } PEM_USER; |
| 154 | 154 | ||
| 155 | typedef struct pem_ctx_st | 155 | typedef struct pem_ctx_st |
| @@ -165,7 +165,8 @@ typedef struct pem_ctx_st | |||
| 165 | 165 | ||
| 166 | struct { | 166 | struct { |
| 167 | int cipher; | 167 | int cipher; |
| 168 | unsigned char iv[8]; | 168 | /* unused, and wrong size |
| 169 | unsigned char iv[8]; */ | ||
| 169 | } DEK_info; | 170 | } DEK_info; |
| 170 | 171 | ||
| 171 | PEM_USER *originator; | 172 | PEM_USER *originator; |
| @@ -187,7 +188,8 @@ typedef struct pem_ctx_st | |||
| 187 | EVP_CIPHER *dec; /* date encryption cipher */ | 188 | EVP_CIPHER *dec; /* date encryption cipher */ |
| 188 | int key_len; /* key length */ | 189 | int key_len; /* key length */ |
| 189 | unsigned char *key; /* key */ | 190 | unsigned char *key; /* key */ |
| 190 | unsigned char iv[8]; /* the iv */ | 191 | /* unused, and wrong size |
| 192 | unsigned char iv[8]; */ | ||
| 191 | 193 | ||
| 192 | 194 | ||
| 193 | int data_enc; /* is the data encrypted */ | 195 | int data_enc; /* is the data encrypted */ |
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c index 9a6dffb45c..9e4af29c95 100644 --- a/src/lib/libcrypto/pem/pem_info.c +++ b/src/lib/libcrypto/pem/pem_info.c | |||
| @@ -324,6 +324,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, | |||
| 324 | } | 324 | } |
| 325 | 325 | ||
| 326 | /* create the right magic header stuff */ | 326 | /* create the right magic header stuff */ |
| 327 | OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf); | ||
| 327 | buf[0]='\0'; | 328 | buf[0]='\0'; |
| 328 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); | 329 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); |
| 329 | PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv); | 330 | PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv); |
| @@ -358,7 +359,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, | |||
| 358 | ret=1; | 359 | ret=1; |
| 359 | 360 | ||
| 360 | err: | 361 | err: |
| 361 | memset((char *)&ctx,0,sizeof(ctx)); | 362 | OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); |
| 362 | memset(buf,0,PEM_BUFSIZE); | 363 | OPENSSL_cleanse(buf,PEM_BUFSIZE); |
| 363 | return(ret); | 364 | return(ret); |
| 364 | } | 365 | } |
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 50f5733654..3bec2d7e9f 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c | |||
| @@ -138,7 +138,7 @@ void PEM_proc_type(char *buf, int type) | |||
| 138 | 138 | ||
| 139 | void PEM_dek_info(char *buf, const char *type, int len, char *str) | 139 | void PEM_dek_info(char *buf, const char *type, int len, char *str) |
| 140 | { | 140 | { |
| 141 | static unsigned char map[17]="0123456789ABCDEF"; | 141 | static const unsigned char map[17]="0123456789ABCDEF"; |
| 142 | long i; | 142 | long i; |
| 143 | int j; | 143 | int j; |
| 144 | 144 | ||
| @@ -251,7 +251,7 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char | |||
| 251 | ret = 1; | 251 | ret = 1; |
| 252 | 252 | ||
| 253 | err: | 253 | err: |
| 254 | if (!pnm) OPENSSL_free(nm); | 254 | if (!ret || !pnm) OPENSSL_free(nm); |
| 255 | OPENSSL_free(header); | 255 | OPENSSL_free(header); |
| 256 | if (!ret) OPENSSL_free(data); | 256 | if (!ret) OPENSSL_free(data); |
| 257 | return ret; | 257 | return ret; |
| @@ -306,6 +306,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 306 | goto err; | 306 | goto err; |
| 307 | } | 307 | } |
| 308 | /* dzise + 8 bytes are needed */ | 308 | /* dzise + 8 bytes are needed */ |
| 309 | /* actually it needs the cipher block size extra... */ | ||
| 309 | data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); | 310 | data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); |
| 310 | if (data == NULL) | 311 | if (data == NULL) |
| 311 | { | 312 | { |
| @@ -335,13 +336,16 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 335 | kstr=(unsigned char *)buf; | 336 | kstr=(unsigned char *)buf; |
| 336 | } | 337 | } |
| 337 | RAND_add(data,i,0);/* put in the RSA key. */ | 338 | RAND_add(data,i,0);/* put in the RSA key. */ |
| 339 | OPENSSL_assert(enc->iv_len <= sizeof iv); | ||
| 338 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ | 340 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ |
| 339 | goto err; | 341 | goto err; |
| 340 | /* The 'iv' is used as the iv and as a salt. It is | 342 | /* The 'iv' is used as the iv and as a salt. It is |
| 341 | * NOT taken from the BytesToKey function */ | 343 | * NOT taken from the BytesToKey function */ |
| 342 | EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL); | 344 | EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL); |
| 343 | 345 | ||
| 344 | if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE); | 346 | if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE); |
| 347 | |||
| 348 | OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf); | ||
| 345 | 349 | ||
| 346 | buf[0]='\0'; | 350 | buf[0]='\0'; |
| 347 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); | 351 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); |
| @@ -364,13 +368,13 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 364 | i=PEM_write_bio(bp,name,buf,data,i); | 368 | i=PEM_write_bio(bp,name,buf,data,i); |
| 365 | if (i <= 0) ret=0; | 369 | if (i <= 0) ret=0; |
| 366 | err: | 370 | err: |
| 367 | memset(key,0,sizeof(key)); | 371 | OPENSSL_cleanse(key,sizeof(key)); |
| 368 | memset(iv,0,sizeof(iv)); | 372 | OPENSSL_cleanse(iv,sizeof(iv)); |
| 369 | memset((char *)&ctx,0,sizeof(ctx)); | 373 | OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); |
| 370 | memset(buf,0,PEM_BUFSIZE); | 374 | OPENSSL_cleanse(buf,PEM_BUFSIZE); |
| 371 | if (data != NULL) | 375 | if (data != NULL) |
| 372 | { | 376 | { |
| 373 | memset(data,0,(unsigned int)dsize); | 377 | OPENSSL_cleanse(data,(unsigned int)dsize); |
| 374 | OPENSSL_free(data); | 378 | OPENSSL_free(data); |
| 375 | } | 379 | } |
| 376 | return(ret); | 380 | return(ret); |
| @@ -411,8 +415,8 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, | |||
| 411 | EVP_DecryptUpdate(&ctx,data,&i,data,j); | 415 | EVP_DecryptUpdate(&ctx,data,&i,data,j); |
| 412 | o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j); | 416 | o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j); |
| 413 | EVP_CIPHER_CTX_cleanup(&ctx); | 417 | EVP_CIPHER_CTX_cleanup(&ctx); |
| 414 | memset((char *)buf,0,sizeof(buf)); | 418 | OPENSSL_cleanse((char *)buf,sizeof(buf)); |
| 415 | memset((char *)key,0,sizeof(key)); | 419 | OPENSSL_cleanse((char *)key,sizeof(key)); |
| 416 | j+=i; | 420 | j+=i; |
| 417 | if (!o) | 421 | if (!o) |
| 418 | { | 422 | { |
| @@ -693,7 +697,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 693 | if (strncmp(buf,"-----END ",9) == 0) | 697 | if (strncmp(buf,"-----END ",9) == 0) |
| 694 | break; | 698 | break; |
| 695 | if (i > 65) break; | 699 | if (i > 65) break; |
| 696 | if (!BUF_MEM_grow(dataB,i+bl+9)) | 700 | if (!BUF_MEM_grow_clean(dataB,i+bl+9)) |
| 697 | { | 701 | { |
| 698 | PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); | 702 | PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); |
| 699 | goto err; | 703 | goto err; |
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c index f44182ffb5..db38a2a79d 100644 --- a/src/lib/libcrypto/pem/pem_pk8.c +++ b/src/lib/libcrypto/pem/pem_pk8.c | |||
| @@ -136,7 +136,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER | |||
| 136 | kstr = buf; | 136 | kstr = buf; |
| 137 | } | 137 | } |
| 138 | p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); | 138 | p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); |
| 139 | if(kstr == buf) memset(buf, 0, klen); | 139 | if(kstr == buf) OPENSSL_cleanse(buf, klen); |
| 140 | PKCS8_PRIV_KEY_INFO_free(p8inf); | 140 | PKCS8_PRIV_KEY_INFO_free(p8inf); |
| 141 | if(isder) ret = i2d_PKCS8_bio(bp, p8); | 141 | if(isder) ret = i2d_PKCS8_bio(bp, p8); |
| 142 | else ret = PEM_write_bio_PKCS8(bp, p8); | 142 | else ret = PEM_write_bio_PKCS8(bp, p8); |
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c index ae463a301d..56e08abd70 100644 --- a/src/lib/libcrypto/pem/pem_seal.c +++ b/src/lib/libcrypto/pem/pem_seal.c | |||
| @@ -112,7 +112,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, | |||
| 112 | ret=npubk; | 112 | ret=npubk; |
| 113 | err: | 113 | err: |
| 114 | if (s != NULL) OPENSSL_free(s); | 114 | if (s != NULL) OPENSSL_free(s); |
| 115 | memset(key,0,EVP_MAX_KEY_LENGTH); | 115 | OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH); |
| 116 | return(ret); | 116 | return(ret); |
| 117 | } | 117 | } |
| 118 | 118 | ||
diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl index 0145c4f0cc..22149c680e 100644 --- a/src/lib/libcrypto/perlasm/cbc.pl +++ b/src/lib/libcrypto/perlasm/cbc.pl | |||
| @@ -146,9 +146,15 @@ sub cbc | |||
| 146 | &mov($count, &wparam(2)); # length | 146 | &mov($count, &wparam(2)); # length |
| 147 | &and($count, 7); | 147 | &and($count, 7); |
| 148 | &jz(&label("finish")); | 148 | &jz(&label("finish")); |
| 149 | &call(&label("PIC_point")); | ||
| 150 | &set_label("PIC_point"); | ||
| 151 | &blindpop("edx"); | ||
| 152 | &lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx")); | ||
| 153 | &mov($count,&DWP(0,"ecx",$count,4)) | ||
| 154 | &add($count,"edx"); | ||
| 149 | &xor("ecx","ecx"); | 155 | &xor("ecx","ecx"); |
| 150 | &xor("edx","edx"); | 156 | &xor("edx","edx"); |
| 151 | &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); | 157 | #&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); |
| 152 | &jmp_ptr($count); | 158 | &jmp_ptr($count); |
| 153 | 159 | ||
| 154 | &set_label("ej7"); | 160 | &set_label("ej7"); |
| @@ -318,22 +324,23 @@ sub cbc | |||
| 318 | 324 | ||
| 319 | &set_label("cbc_enc_jmp_table",1); | 325 | &set_label("cbc_enc_jmp_table",1); |
| 320 | &data_word("0"); | 326 | &data_word("0"); |
| 321 | &data_word(&label("ej1")); | 327 | &data_word(&label("ej1")."-".&label("PIC_point")); |
| 322 | &data_word(&label("ej2")); | 328 | &data_word(&label("ej2")."-".&label("PIC_point")); |
| 323 | &data_word(&label("ej3")); | 329 | &data_word(&label("ej3")."-".&label("PIC_point")); |
| 324 | &data_word(&label("ej4")); | 330 | &data_word(&label("ej4")."-".&label("PIC_point")); |
| 325 | &data_word(&label("ej5")); | 331 | &data_word(&label("ej5")."-".&label("PIC_point")); |
| 326 | &data_word(&label("ej6")); | 332 | &data_word(&label("ej6")."-".&label("PIC_point")); |
| 327 | &data_word(&label("ej7")); | 333 | &data_word(&label("ej7")."-".&label("PIC_point")); |
| 328 | &set_label("cbc_dec_jmp_table",1); | 334 | # not used |
| 329 | &data_word("0"); | 335 | #&set_label("cbc_dec_jmp_table",1); |
| 330 | &data_word(&label("dj1")); | 336 | #&data_word("0"); |
| 331 | &data_word(&label("dj2")); | 337 | #&data_word(&label("dj1")."-".&label("PIC_point")); |
| 332 | &data_word(&label("dj3")); | 338 | #&data_word(&label("dj2")."-".&label("PIC_point")); |
| 333 | &data_word(&label("dj4")); | 339 | #&data_word(&label("dj3")."-".&label("PIC_point")); |
| 334 | &data_word(&label("dj5")); | 340 | #&data_word(&label("dj4")."-".&label("PIC_point")); |
| 335 | &data_word(&label("dj6")); | 341 | #&data_word(&label("dj5")."-".&label("PIC_point")); |
| 336 | &data_word(&label("dj7")); | 342 | #&data_word(&label("dj6")."-".&label("PIC_point")); |
| 343 | #&data_word(&label("dj7")."-".&label("PIC_point")); | ||
| 337 | 344 | ||
| 338 | &function_end_B($name); | 345 | &function_end_B($name); |
| 339 | 346 | ||
diff --git a/src/lib/libcrypto/perlasm/x86asm.pl b/src/lib/libcrypto/perlasm/x86asm.pl index 9a3d85b098..1cb96e914a 100644 --- a/src/lib/libcrypto/perlasm/x86asm.pl +++ b/src/lib/libcrypto/perlasm/x86asm.pl | |||
| @@ -18,9 +18,9 @@ sub main'asm_init | |||
| 18 | ($type,$fn,$i386)=@_; | 18 | ($type,$fn,$i386)=@_; |
| 19 | $filename=$fn; | 19 | $filename=$fn; |
| 20 | 20 | ||
| 21 | $cpp=$sol=$aout=$win32=$gaswin=0; | 21 | $elf=$cpp=$sol=$aout=$win32=$gaswin=0; |
| 22 | if ( ($type eq "elf")) | 22 | if ( ($type eq "elf")) |
| 23 | { require "x86unix.pl"; } | 23 | { $elf=1; require "x86unix.pl"; } |
| 24 | elsif ( ($type eq "a.out")) | 24 | elsif ( ($type eq "a.out")) |
| 25 | { $aout=1; require "x86unix.pl"; } | 25 | { $aout=1; require "x86unix.pl"; } |
| 26 | elsif ( ($type eq "gaswin")) | 26 | elsif ( ($type eq "gaswin")) |
| @@ -47,6 +47,9 @@ EOF | |||
| 47 | exit(1); | 47 | exit(1); |
| 48 | } | 48 | } |
| 49 | 49 | ||
| 50 | $pic=0; | ||
| 51 | for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); } | ||
| 52 | |||
| 50 | &asm_init_output(); | 53 | &asm_init_output(); |
| 51 | 54 | ||
| 52 | &comment("Don't even think of reading this code"); | 55 | &comment("Don't even think of reading this code"); |
| @@ -91,7 +94,7 @@ $tmp | |||
| 91 | #undef SIZE | 94 | #undef SIZE |
| 92 | #undef TYPE | 95 | #undef TYPE |
| 93 | #define SIZE(a,b) | 96 | #define SIZE(a,b) |
| 94 | #define TYPE(a,b) | 97 | #define TYPE(a,b) .def a; .scl 2; .type 32; .endef |
| 95 | #endif /* __CYGWIN || __DJGPP */ | 98 | #endif /* __CYGWIN || __DJGPP */ |
| 96 | #endif | 99 | #endif |
| 97 | 100 | ||
diff --git a/src/lib/libcrypto/perlasm/x86ms.pl b/src/lib/libcrypto/perlasm/x86ms.pl index 206452341d..35f1a4ddb9 100644 --- a/src/lib/libcrypto/perlasm/x86ms.pl +++ b/src/lib/libcrypto/perlasm/x86ms.pl | |||
| @@ -92,6 +92,8 @@ sub get_mem | |||
| 92 | $addr="_$addr"; | 92 | $addr="_$addr"; |
| 93 | } | 93 | } |
| 94 | 94 | ||
| 95 | if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } | ||
| 96 | |||
| 95 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); | 97 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); |
| 96 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); | 98 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); |
| 97 | if (($addr ne "") && ($addr ne 0)) | 99 | if (($addr ne "") && ($addr ne 0)) |
| @@ -111,6 +113,7 @@ sub get_mem | |||
| 111 | { | 113 | { |
| 112 | $ret.="[$reg1$post]" | 114 | $ret.="[$reg1$post]" |
| 113 | } | 115 | } |
| 116 | $ret =~ s/\[\]//; # in case $addr was the only argument | ||
| 114 | return($ret); | 117 | return($ret); |
| 115 | } | 118 | } |
| 116 | 119 | ||
| @@ -151,7 +154,7 @@ sub main'push { &out1("push",@_); $stack+=4; } | |||
| 151 | sub main'pop { &out1("pop",@_); $stack-=4; } | 154 | sub main'pop { &out1("pop",@_); $stack-=4; } |
| 152 | sub main'bswap { &out1("bswap",@_); &using486(); } | 155 | sub main'bswap { &out1("bswap",@_); &using486(); } |
| 153 | sub main'not { &out1("not",@_); } | 156 | sub main'not { &out1("not",@_); } |
| 154 | sub main'call { &out1("call",'_'.$_[0]); } | 157 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } |
| 155 | sub main'ret { &out0("ret"); } | 158 | sub main'ret { &out0("ret"); } |
| 156 | sub main'nop { &out0("nop"); } | 159 | sub main'nop { &out0("nop"); } |
| 157 | 160 | ||
| @@ -338,7 +341,7 @@ sub main'set_label | |||
| 338 | { | 341 | { |
| 339 | if (!defined($label{$_[0]})) | 342 | if (!defined($label{$_[0]})) |
| 340 | { | 343 | { |
| 341 | $label{$_[0]}="${label}${_[0]}"; | 344 | $label{$_[0]}="\$${label}${_[0]}"; |
| 342 | $label++; | 345 | $label++; |
| 343 | } | 346 | } |
| 344 | if((defined $_[2]) && ($_[2] == 1)) | 347 | if((defined $_[2]) && ($_[2] == 1)) |
| @@ -363,3 +366,11 @@ sub out1p | |||
| 363 | 366 | ||
| 364 | push(@out,"\t$name\t ".&conv($p1)."\n"); | 367 | push(@out,"\t$name\t ".&conv($p1)."\n"); |
| 365 | } | 368 | } |
| 369 | |||
| 370 | sub main'picmeup | ||
| 371 | { | ||
| 372 | local($dst,$sym)=@_; | ||
| 373 | &main'lea($dst,&main'DWP($sym)); | ||
| 374 | } | ||
| 375 | |||
| 376 | sub main'blindpop { &out1("pop",@_); } | ||
diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl index 519d8a5867..f30b7466d4 100644 --- a/src/lib/libcrypto/perlasm/x86nasm.pl +++ b/src/lib/libcrypto/perlasm/x86nasm.pl | |||
| @@ -98,6 +98,8 @@ sub get_mem | |||
| 98 | $addr="_$addr"; | 98 | $addr="_$addr"; |
| 99 | } | 99 | } |
| 100 | 100 | ||
| 101 | if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } | ||
| 102 | |||
| 101 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); | 103 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); |
| 102 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); | 104 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); |
| 103 | if (($addr ne "") && ($addr ne 0)) | 105 | if (($addr ne "") && ($addr ne 0)) |
| @@ -117,6 +119,7 @@ sub get_mem | |||
| 117 | { | 119 | { |
| 118 | $ret.="$reg1$post]" | 120 | $ret.="$reg1$post]" |
| 119 | } | 121 | } |
| 122 | $ret =~ s/\+\]/]/; # in case $addr was the only argument | ||
| 120 | return($ret); | 123 | return($ret); |
| 121 | } | 124 | } |
| 122 | 125 | ||
| @@ -160,7 +163,7 @@ sub main'push { &out1("push",@_); $stack+=4; } | |||
| 160 | sub main'pop { &out1("pop",@_); $stack-=4; } | 163 | sub main'pop { &out1("pop",@_); $stack-=4; } |
| 161 | sub main'bswap { &out1("bswap",@_); &using486(); } | 164 | sub main'bswap { &out1("bswap",@_); &using486(); } |
| 162 | sub main'not { &out1("not",@_); } | 165 | sub main'not { &out1("not",@_); } |
| 163 | sub main'call { &out1("call",'_'.$_[0]); } | 166 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } |
| 164 | sub main'ret { &out0("ret"); } | 167 | sub main'ret { &out0("ret"); } |
| 165 | sub main'nop { &out0("nop"); } | 168 | sub main'nop { &out0("nop"); } |
| 166 | 169 | ||
| @@ -322,7 +325,7 @@ sub main'set_label | |||
| 322 | { | 325 | { |
| 323 | if (!defined($label{$_[0]})) | 326 | if (!defined($label{$_[0]})) |
| 324 | { | 327 | { |
| 325 | $label{$_[0]}="${label}${_[0]}"; | 328 | $label{$_[0]}="\$${label}${_[0]}"; |
| 326 | $label++; | 329 | $label++; |
| 327 | } | 330 | } |
| 328 | push(@out,"$label{$_[0]}:\n"); | 331 | push(@out,"$label{$_[0]}:\n"); |
| @@ -340,3 +343,11 @@ sub out1p | |||
| 340 | 343 | ||
| 341 | push(@out,"\t$name\t ".&conv($p1)."\n"); | 344 | push(@out,"\t$name\t ".&conv($p1)."\n"); |
| 342 | } | 345 | } |
| 346 | |||
| 347 | sub main'picmeup | ||
| 348 | { | ||
| 349 | local($dst,$sym)=@_; | ||
| 350 | &main'lea($dst,&main'DWP($sym)); | ||
| 351 | } | ||
| 352 | |||
| 353 | sub main'blindpop { &out1("pop",@_); } | ||
diff --git a/src/lib/libcrypto/perlasm/x86unix.pl b/src/lib/libcrypto/perlasm/x86unix.pl index 9ceabf0705..72bde061c5 100644 --- a/src/lib/libcrypto/perlasm/x86unix.pl +++ b/src/lib/libcrypto/perlasm/x86unix.pl | |||
| @@ -87,12 +87,12 @@ sub main'DWP | |||
| 87 | $ret.=$addr if ($addr ne "") && ($addr ne 0); | 87 | $ret.=$addr if ($addr ne "") && ($addr ne 0); |
| 88 | if ($reg2 ne "") | 88 | if ($reg2 ne "") |
| 89 | { | 89 | { |
| 90 | if($idx ne "") | 90 | if($idx ne "" && $idx != 0) |
| 91 | { $ret.="($reg1,$reg2,$idx)"; } | 91 | { $ret.="($reg1,$reg2,$idx)"; } |
| 92 | else | 92 | else |
| 93 | { $ret.="($reg1,$reg2)"; } | 93 | { $ret.="($reg1,$reg2)"; } |
| 94 | } | 94 | } |
| 95 | else | 95 | elsif ($reg1 ne "") |
| 96 | { $ret.="($reg1)" } | 96 | { $ret.="($reg1)" } |
| 97 | return($ret); | 97 | return($ret); |
| 98 | } | 98 | } |
| @@ -167,7 +167,7 @@ sub main'pop { &out1("popl",@_); $stack-=4; } | |||
| 167 | sub main'pushf { &out0("pushf"); $stack+=4; } | 167 | sub main'pushf { &out0("pushf"); $stack+=4; } |
| 168 | sub main'popf { &out0("popf"); $stack-=4; } | 168 | sub main'popf { &out0("popf"); $stack-=4; } |
| 169 | sub main'not { &out1("notl",@_); } | 169 | sub main'not { &out1("notl",@_); } |
| 170 | sub main'call { &out1("call",$under.$_[0]); } | 170 | sub main'call { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); } |
| 171 | sub main'ret { &out0("ret"); } | 171 | sub main'ret { &out0("ret"); } |
| 172 | sub main'nop { &out0("nop"); } | 172 | sub main'nop { &out0("nop"); } |
| 173 | 173 | ||
| @@ -345,15 +345,15 @@ sub main'function_end | |||
| 345 | popl %ebx | 345 | popl %ebx |
| 346 | popl %ebp | 346 | popl %ebp |
| 347 | ret | 347 | ret |
| 348 | .${func}_end: | 348 | .L_${func}_end: |
| 349 | EOF | 349 | EOF |
| 350 | push(@out,$tmp); | 350 | push(@out,$tmp); |
| 351 | 351 | ||
| 352 | if ($main'cpp) | 352 | if ($main'cpp) |
| 353 | { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } | 353 | { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } |
| 354 | elsif ($main'gaswin) | 354 | elsif ($main'gaswin) |
| 355 | { $tmp=push(@out,"\t.align 4\n"); } | 355 | { $tmp=push(@out,"\t.align 4\n"); } |
| 356 | else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } | 356 | else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } |
| 357 | push(@out,".ident \"$func\"\n"); | 357 | push(@out,".ident \"$func\"\n"); |
| 358 | $stack=0; | 358 | $stack=0; |
| 359 | %label=(); | 359 | %label=(); |
| @@ -426,6 +426,11 @@ sub main'swtmp | |||
| 426 | 426 | ||
| 427 | sub main'comment | 427 | sub main'comment |
| 428 | { | 428 | { |
| 429 | if ($main'elf) # GNU and SVR4 as'es use different comment delimiters, | ||
| 430 | { # so we just skip comments... | ||
| 431 | push(@out,"\n"); | ||
| 432 | return; | ||
| 433 | } | ||
| 429 | foreach (@_) | 434 | foreach (@_) |
| 430 | { | 435 | { |
| 431 | if (/^\s*$/) | 436 | if (/^\s*$/) |
| @@ -542,3 +547,39 @@ sub popvars | |||
| 542 | &main'pop("edx"); | 547 | &main'pop("edx"); |
| 543 | &main'popf(); | 548 | &main'popf(); |
| 544 | } | 549 | } |
| 550 | |||
| 551 | sub main'picmeup | ||
| 552 | { | ||
| 553 | local($dst,$sym)=@_; | ||
| 554 | if ($main'cpp) | ||
| 555 | { | ||
| 556 | local($tmp)=<<___; | ||
| 557 | #if (defined(ELF) || defined(SOL)) && defined(PIC) | ||
| 558 | .align 8 | ||
| 559 | call 1f | ||
| 560 | 1: popl $regs{$dst} | ||
| 561 | addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} | ||
| 562 | movl $sym\@GOT($regs{$dst}),$regs{$dst} | ||
| 563 | #else | ||
| 564 | leal $sym,$regs{$dst} | ||
| 565 | #endif | ||
| 566 | ___ | ||
| 567 | push(@out,$tmp); | ||
| 568 | } | ||
| 569 | elsif ($main'pic && ($main'elf || $main'aout)) | ||
| 570 | { | ||
| 571 | push(@out,"\t.align\t8\n"); | ||
| 572 | &main'call(&main'label("PIC_me_up")); | ||
| 573 | &main'set_label("PIC_me_up"); | ||
| 574 | &main'blindpop($dst); | ||
| 575 | &main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-". | ||
| 576 | &main'label("PIC_me_up") . "]"); | ||
| 577 | &main'mov($dst,&main'DWP($sym."\@GOT",$dst)); | ||
| 578 | } | ||
| 579 | else | ||
| 580 | { | ||
| 581 | &main'lea($dst,&main'DWP($sym)); | ||
| 582 | } | ||
| 583 | } | ||
| 584 | |||
| 585 | sub main'blindpop { &out1("popl",@_); } | ||
diff --git a/src/lib/libcrypto/pkcs12/Makefile.ssl b/src/lib/libcrypto/pkcs12/Makefile.ssl index 2b1d175157..a6e47b4085 100644 --- a/src/lib/libcrypto/pkcs12/Makefile.ssl +++ b/src/lib/libcrypto/pkcs12/Makefile.ssl | |||
| @@ -74,7 +74,7 @@ lint: | |||
| 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 75 | 75 | ||
| 76 | depend: | 76 | depend: |
| 77 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 77 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 78 | 78 | ||
| 79 | dclean: | 79 | dclean: |
| 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c index 97be6a5fb5..5e8958612b 100644 --- a/src/lib/libcrypto/pkcs12/p12_crpt.c +++ b/src/lib/libcrypto/pkcs12/p12_crpt.c | |||
| @@ -118,7 +118,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 118 | } | 118 | } |
| 119 | PBEPARAM_free(pbe); | 119 | PBEPARAM_free(pbe); |
| 120 | EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); | 120 | EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); |
| 121 | memset(key, 0, EVP_MAX_KEY_LENGTH); | 121 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
| 122 | memset(iv, 0, EVP_MAX_IV_LENGTH); | 122 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
| 123 | return 1; | 123 | return 1; |
| 124 | } | 124 | } |
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c index 394af368f4..b5684a83ba 100644 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ b/src/lib/libcrypto/pkcs12/p12_decr.c | |||
| @@ -136,7 +136,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | |||
| 136 | } | 136 | } |
| 137 | #endif | 137 | #endif |
| 138 | ret = ASN1_item_d2i(NULL, &p, outlen, it); | 138 | ret = ASN1_item_d2i(NULL, &p, outlen, it); |
| 139 | if (zbuf) memset(out, 0, outlen); | 139 | if (zbuf) OPENSSL_cleanse(out, outlen); |
| 140 | if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); | 140 | if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); |
| 141 | OPENSSL_free(out); | 141 | OPENSSL_free(out); |
| 142 | return ret; | 142 | return ret; |
| @@ -168,7 +168,7 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i | |||
| 168 | OPENSSL_free(in); | 168 | OPENSSL_free(in); |
| 169 | return NULL; | 169 | return NULL; |
| 170 | } | 170 | } |
| 171 | if (zbuf) memset(in, 0, inlen); | 171 | if (zbuf) OPENSSL_cleanse(in, inlen); |
| 172 | OPENSSL_free(in); | 172 | OPENSSL_free(in); |
| 173 | return oct; | 173 | return oct; |
| 174 | } | 174 | } |
diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c index 0d39ebde8c..9196a34b4a 100644 --- a/src/lib/libcrypto/pkcs12/p12_key.c +++ b/src/lib/libcrypto/pkcs12/p12_key.c | |||
| @@ -91,7 +91,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, | |||
| 91 | ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, | 91 | ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, |
| 92 | id, iter, n, out, md_type); | 92 | id, iter, n, out, md_type); |
| 93 | if(unipass) { | 93 | if(unipass) { |
| 94 | memset(unipass, 0, uniplen); /* Clear password from memory */ | 94 | OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ |
| 95 | OPENSSL_free(unipass); | 95 | OPENSSL_free(unipass); |
| 96 | } | 96 | } |
| 97 | return ret; | 97 | return ret; |
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c index a549433eeb..af708a2743 100644 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ b/src/lib/libcrypto/pkcs12/p12_npas.c | |||
| @@ -107,7 +107,7 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) | |||
| 107 | { | 107 | { |
| 108 | STACK_OF(PKCS7) *asafes, *newsafes; | 108 | STACK_OF(PKCS7) *asafes, *newsafes; |
| 109 | STACK_OF(PKCS12_SAFEBAG) *bags; | 109 | STACK_OF(PKCS12_SAFEBAG) *bags; |
| 110 | int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen; | 110 | int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0; |
| 111 | PKCS7 *p7, *p7new; | 111 | PKCS7 *p7, *p7new; |
| 112 | ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; | 112 | ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; |
| 113 | unsigned char mac[EVP_MAX_MD_SIZE]; | 113 | unsigned char mac[EVP_MAX_MD_SIZE]; |
diff --git a/src/lib/libcrypto/pkcs7/Makefile.ssl b/src/lib/libcrypto/pkcs7/Makefile.ssl index 1302469def..c3bfc7d560 100644 --- a/src/lib/libcrypto/pkcs7/Makefile.ssl +++ b/src/lib/libcrypto/pkcs7/Makefile.ssl | |||
| @@ -89,7 +89,7 @@ lint: | |||
| 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 90 | 90 | ||
| 91 | depend: | 91 | depend: |
| 92 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 92 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 93 | 93 | ||
| 94 | dclean: | 94 | dclean: |
| 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/pkcs7/bio_ber.c b/src/lib/libcrypto/pkcs7/bio_ber.c index 42331f7ab0..895a91177b 100644 --- a/src/lib/libcrypto/pkcs7/bio_ber.c +++ b/src/lib/libcrypto/pkcs7/bio_ber.c | |||
| @@ -145,7 +145,7 @@ static int ber_free(BIO *a) | |||
| 145 | 145 | ||
| 146 | if (a == NULL) return(0); | 146 | if (a == NULL) return(0); |
| 147 | b=(BIO_BER_CTX *)a->ptr; | 147 | b=(BIO_BER_CTX *)a->ptr; |
| 148 | memset(a->ptr,0,sizeof(BIO_BER_CTX)); | 148 | OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); |
| 149 | OPENSSL_free(a->ptr); | 149 | OPENSSL_free(a->ptr); |
| 150 | a->ptr=NULL; | 150 | a->ptr=NULL; |
| 151 | a->init=0; | 151 | a->init=0; |
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c index 4a4ff340ce..0060a2ea3d 100644 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ b/src/lib/libcrypto/pkcs7/pk7_doit.c | |||
| @@ -241,7 +241,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 241 | M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); | 241 | M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); |
| 242 | } | 242 | } |
| 243 | OPENSSL_free(tmp); | 243 | OPENSSL_free(tmp); |
| 244 | memset(key, 0, keylen); | 244 | OPENSSL_cleanse(key, keylen); |
| 245 | 245 | ||
| 246 | if (out == NULL) | 246 | if (out == NULL) |
| 247 | out=btmp; | 247 | out=btmp; |
| @@ -448,7 +448,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | |||
| 448 | } | 448 | } |
| 449 | EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); | 449 | EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); |
| 450 | 450 | ||
| 451 | memset(tmp,0,jj); | 451 | OPENSSL_cleanse(tmp,jj); |
| 452 | 452 | ||
| 453 | if (out == NULL) | 453 | if (out == NULL) |
| 454 | out=etmp; | 454 | out=etmp; |
| @@ -578,7 +578,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 578 | /* We now have the EVP_MD_CTX, lets do the | 578 | /* We now have the EVP_MD_CTX, lets do the |
| 579 | * signing. */ | 579 | * signing. */ |
| 580 | EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); | 580 | EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); |
| 581 | if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey))) | 581 | if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) |
| 582 | { | 582 | { |
| 583 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); | 583 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); |
| 584 | goto err; | 584 | goto err; |
diff --git a/src/lib/libcrypto/rand/Makefile.ssl b/src/lib/libcrypto/rand/Makefile.ssl index 73b5f568e8..df80702373 100644 --- a/src/lib/libcrypto/rand/Makefile.ssl +++ b/src/lib/libcrypto/rand/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ lint: | |||
| 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 71 | 71 | ||
| 72 | depend: | 72 | depend: |
| 73 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 74 | 74 | ||
| 75 | dclean: | 75 | dclean: |
| 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index a00ed70718..eeffc0df4c 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c | |||
| @@ -177,10 +177,10 @@ RAND_METHOD *RAND_SSLeay(void) | |||
| 177 | 177 | ||
| 178 | static void ssleay_rand_cleanup(void) | 178 | static void ssleay_rand_cleanup(void) |
| 179 | { | 179 | { |
| 180 | memset(state,0,sizeof(state)); | 180 | OPENSSL_cleanse(state,sizeof(state)); |
| 181 | state_num=0; | 181 | state_num=0; |
| 182 | state_index=0; | 182 | state_index=0; |
| 183 | memset(md,0,MD_DIGEST_LENGTH); | 183 | OPENSSL_cleanse(md,MD_DIGEST_LENGTH); |
| 184 | md_count[0]=0; | 184 | md_count[0]=0; |
| 185 | md_count[1]=0; | 185 | md_count[1]=0; |
| 186 | entropy=0; | 186 | entropy=0; |
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h index 66e39991ec..606382dd21 100644 --- a/src/lib/libcrypto/rand/rand.h +++ b/src/lib/libcrypto/rand/rand.h | |||
| @@ -87,7 +87,9 @@ extern int rand_predictable; | |||
| 87 | 87 | ||
| 88 | int RAND_set_rand_method(const RAND_METHOD *meth); | 88 | int RAND_set_rand_method(const RAND_METHOD *meth); |
| 89 | const RAND_METHOD *RAND_get_rand_method(void); | 89 | const RAND_METHOD *RAND_get_rand_method(void); |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 90 | int RAND_set_rand_engine(ENGINE *engine); | 91 | int RAND_set_rand_engine(ENGINE *engine); |
| 92 | #endif | ||
| 91 | RAND_METHOD *RAND_SSLeay(void); | 93 | RAND_METHOD *RAND_SSLeay(void); |
| 92 | void RAND_cleanup(void ); | 94 | void RAND_cleanup(void ); |
| 93 | int RAND_bytes(unsigned char *buf,int num); | 95 | int RAND_bytes(unsigned char *buf,int num); |
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c index 96019c07a6..895967476e 100644 --- a/src/lib/libcrypto/rand/rand_egd.c +++ b/src/lib/libcrypto/rand/rand_egd.c | |||
| @@ -94,7 +94,7 @@ | |||
| 94 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. | 94 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. |
| 95 | */ | 95 | */ |
| 96 | 96 | ||
| 97 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(__DJGPP__) | 97 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) |
| 98 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | 98 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) |
| 99 | { | 99 | { |
| 100 | return(-1); | 100 | return(-1); |
| @@ -114,7 +114,7 @@ int RAND_egd_bytes(const char *path,int bytes) | |||
| 114 | #include <sys/types.h> | 114 | #include <sys/types.h> |
| 115 | #include <sys/socket.h> | 115 | #include <sys/socket.h> |
| 116 | #ifndef NO_SYS_UN_H | 116 | #ifndef NO_SYS_UN_H |
| 117 | # ifdef OPENSSL_SYS_VSWORKS | 117 | # ifdef OPENSSL_SYS_VXWORKS |
| 118 | # include <streams/un.h> | 118 | # include <streams/un.h> |
| 119 | # else | 119 | # else |
| 120 | # include <sys/un.h> | 120 | # include <sys/un.h> |
| @@ -143,7 +143,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | |||
| 143 | 143 | ||
| 144 | memset(&addr, 0, sizeof(addr)); | 144 | memset(&addr, 0, sizeof(addr)); |
| 145 | addr.sun_family = AF_UNIX; | 145 | addr.sun_family = AF_UNIX; |
| 146 | if (strlen(path) > sizeof(addr.sun_path)) | 146 | if (strlen(path) >= sizeof(addr.sun_path)) |
| 147 | return (-1); | 147 | return (-1); |
| 148 | strlcpy(addr.sun_path,path,sizeof addr.sun_path); | 148 | strlcpy(addr.sun_path,path,sizeof addr.sun_path); |
| 149 | len = offsetof(struct sockaddr_un, sun_path) + strlen(path); | 149 | len = offsetof(struct sockaddr_un, sun_path) + strlen(path); |
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c index 5cf5dc1188..513e338985 100644 --- a/src/lib/libcrypto/rand/rand_lib.c +++ b/src/lib/libcrypto/rand/rand_lib.c | |||
| @@ -60,19 +60,25 @@ | |||
| 60 | #include <time.h> | 60 | #include <time.h> |
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | ||
| 64 | 66 | ||
| 67 | #ifndef OPENSSL_NO_ENGINE | ||
| 65 | /* non-NULL if default_RAND_meth is ENGINE-provided */ | 68 | /* non-NULL if default_RAND_meth is ENGINE-provided */ |
| 66 | static ENGINE *funct_ref =NULL; | 69 | static ENGINE *funct_ref =NULL; |
| 70 | #endif | ||
| 67 | static const RAND_METHOD *default_RAND_meth = NULL; | 71 | static const RAND_METHOD *default_RAND_meth = NULL; |
| 68 | 72 | ||
| 69 | int RAND_set_rand_method(const RAND_METHOD *meth) | 73 | int RAND_set_rand_method(const RAND_METHOD *meth) |
| 70 | { | 74 | { |
| 75 | #ifndef OPENSSL_NO_ENGINE | ||
| 71 | if(funct_ref) | 76 | if(funct_ref) |
| 72 | { | 77 | { |
| 73 | ENGINE_finish(funct_ref); | 78 | ENGINE_finish(funct_ref); |
| 74 | funct_ref = NULL; | 79 | funct_ref = NULL; |
| 75 | } | 80 | } |
| 81 | #endif | ||
| 76 | default_RAND_meth = meth; | 82 | default_RAND_meth = meth; |
| 77 | return 1; | 83 | return 1; |
| 78 | } | 84 | } |
| @@ -81,6 +87,7 @@ const RAND_METHOD *RAND_get_rand_method(void) | |||
| 81 | { | 87 | { |
| 82 | if (!default_RAND_meth) | 88 | if (!default_RAND_meth) |
| 83 | { | 89 | { |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 84 | ENGINE *e = ENGINE_get_default_RAND(); | 91 | ENGINE *e = ENGINE_get_default_RAND(); |
| 85 | if(e) | 92 | if(e) |
| 86 | { | 93 | { |
| @@ -94,11 +101,13 @@ const RAND_METHOD *RAND_get_rand_method(void) | |||
| 94 | if(e) | 101 | if(e) |
| 95 | funct_ref = e; | 102 | funct_ref = e; |
| 96 | else | 103 | else |
| 104 | #endif | ||
| 97 | default_RAND_meth = RAND_SSLeay(); | 105 | default_RAND_meth = RAND_SSLeay(); |
| 98 | } | 106 | } |
| 99 | return default_RAND_meth; | 107 | return default_RAND_meth; |
| 100 | } | 108 | } |
| 101 | 109 | ||
| 110 | #ifndef OPENSSL_NO_ENGINE | ||
| 102 | int RAND_set_rand_engine(ENGINE *engine) | 111 | int RAND_set_rand_engine(ENGINE *engine) |
| 103 | { | 112 | { |
| 104 | const RAND_METHOD *tmp_meth = NULL; | 113 | const RAND_METHOD *tmp_meth = NULL; |
| @@ -118,6 +127,7 @@ int RAND_set_rand_engine(ENGINE *engine) | |||
| 118 | funct_ref = engine; | 127 | funct_ref = engine; |
| 119 | return 1; | 128 | return 1; |
| 120 | } | 129 | } |
| 130 | #endif | ||
| 121 | 131 | ||
| 122 | void RAND_cleanup(void) | 132 | void RAND_cleanup(void) |
| 123 | { | 133 | { |
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index fa2bab57c6..0599719dd1 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c | |||
| @@ -115,7 +115,7 @@ | |||
| 115 | #include <openssl/rand.h> | 115 | #include <openssl/rand.h> |
| 116 | #include "rand_lcl.h" | 116 | #include "rand_lcl.h" |
| 117 | 117 | ||
| 118 | #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)) | 118 | #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS)) |
| 119 | 119 | ||
| 120 | #include <sys/types.h> | 120 | #include <sys/types.h> |
| 121 | #include <sys/time.h> | 121 | #include <sys/time.h> |
| @@ -233,7 +233,7 @@ int RAND_poll(void) | |||
| 233 | if (n > 0) | 233 | if (n > 0) |
| 234 | { | 234 | { |
| 235 | RAND_add(tmpbuf,sizeof tmpbuf,n); | 235 | RAND_add(tmpbuf,sizeof tmpbuf,n); |
| 236 | memset(tmpbuf,0,n); | 236 | OPENSSL_cleanse(tmpbuf,n); |
| 237 | } | 237 | } |
| 238 | #endif | 238 | #endif |
| 239 | 239 | ||
| @@ -255,3 +255,10 @@ int RAND_poll(void) | |||
| 255 | 255 | ||
| 256 | #endif | 256 | #endif |
| 257 | #endif | 257 | #endif |
| 258 | |||
| 259 | #if defined(OPENSSL_SYS_VXWORKS) | ||
| 260 | int RAND_poll(void) | ||
| 261 | { | ||
| 262 | return 0; | ||
| 263 | } | ||
| 264 | #endif | ||
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c index c1b955b06f..113b58678f 100644 --- a/src/lib/libcrypto/rand/rand_win.c +++ b/src/lib/libcrypto/rand/rand_win.c | |||
| @@ -125,7 +125,7 @@ | |||
| 125 | * http://developer.intel.com/design/security/rng/redist_license.htm | 125 | * http://developer.intel.com/design/security/rng/redist_license.htm |
| 126 | */ | 126 | */ |
| 127 | #define PROV_INTEL_SEC 22 | 127 | #define PROV_INTEL_SEC 22 |
| 128 | #define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider" | 128 | #define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider") |
| 129 | 129 | ||
| 130 | static void readtimer(void); | 130 | static void readtimer(void); |
| 131 | static void readscreen(void); | 131 | static void readscreen(void); |
| @@ -170,7 +170,9 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32); | |||
| 170 | typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); | 170 | typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); |
| 171 | 171 | ||
| 172 | #include <lmcons.h> | 172 | #include <lmcons.h> |
| 173 | #ifndef OPENSSL_SYS_WINCE | ||
| 173 | #include <lmstats.h> | 174 | #include <lmstats.h> |
| 175 | #endif | ||
| 174 | #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE | 176 | #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE |
| 175 | * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was | 177 | * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was |
| 176 | * was added to the Platform SDK to allow the NET API to be used in | 178 | * was added to the Platform SDK to allow the NET API to be used in |
| @@ -209,20 +211,32 @@ int RAND_poll(void) | |||
| 209 | osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; | 211 | osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; |
| 210 | GetVersionEx( &osverinfo ) ; | 212 | GetVersionEx( &osverinfo ) ; |
| 211 | 213 | ||
| 214 | #if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO | ||
| 215 | /* poll the CryptoAPI PRNG */ | ||
| 216 | /* The CryptoAPI returns sizeof(buf) bytes of randomness */ | ||
| 217 | if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) | ||
| 218 | { | ||
| 219 | if (CryptGenRandom(hProvider, sizeof(buf), buf)) | ||
| 220 | RAND_add(buf, sizeof(buf), sizeof(buf)); | ||
| 221 | CryptReleaseContext(hProvider, 0); | ||
| 222 | } | ||
| 223 | #endif | ||
| 224 | |||
| 212 | /* load functions dynamically - not available on all systems */ | 225 | /* load functions dynamically - not available on all systems */ |
| 213 | advapi = LoadLibrary("ADVAPI32.DLL"); | 226 | advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); |
| 214 | kernel = LoadLibrary("KERNEL32.DLL"); | 227 | kernel = LoadLibrary(TEXT("KERNEL32.DLL")); |
| 215 | user = LoadLibrary("USER32.DLL"); | 228 | user = LoadLibrary(TEXT("USER32.DLL")); |
| 216 | netapi = LoadLibrary("NETAPI32.DLL"); | 229 | netapi = LoadLibrary(TEXT("NETAPI32.DLL")); |
| 217 | 230 | ||
| 231 | #ifndef OPENSSL_SYS_WINCE | ||
| 218 | #if 1 /* There was previously a problem with NETSTATGET. Currently, this | 232 | #if 1 /* There was previously a problem with NETSTATGET. Currently, this |
| 219 | * section is still experimental, but if all goes well, this conditional | 233 | * section is still experimental, but if all goes well, this conditional |
| 220 | * will be removed | 234 | * will be removed |
| 221 | */ | 235 | */ |
| 222 | if (netapi) | 236 | if (netapi) |
| 223 | { | 237 | { |
| 224 | netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); | 238 | netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet")); |
| 225 | netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree"); | 239 | netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree")); |
| 226 | } | 240 | } |
| 227 | 241 | ||
| 228 | if (netstatget && netfree) | 242 | if (netstatget && netfree) |
| @@ -249,7 +263,9 @@ int RAND_poll(void) | |||
| 249 | if (netapi) | 263 | if (netapi) |
| 250 | FreeLibrary(netapi); | 264 | FreeLibrary(netapi); |
| 251 | #endif /* 1 */ | 265 | #endif /* 1 */ |
| 266 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 252 | 267 | ||
| 268 | #ifndef OPENSSL_SYS_WINCE | ||
| 253 | /* It appears like this can cause an exception deep within ADVAPI32.DLL | 269 | /* It appears like this can cause an exception deep within ADVAPI32.DLL |
| 254 | * at random times on Windows 2000. Reported by Jeffrey Altman. | 270 | * at random times on Windows 2000. Reported by Jeffrey Altman. |
| 255 | * Only use it on NT. | 271 | * Only use it on NT. |
| @@ -280,30 +296,40 @@ int RAND_poll(void) | |||
| 280 | bufsz += 8192; | 296 | bufsz += 8192; |
| 281 | 297 | ||
| 282 | length = bufsz; | 298 | length = bufsz; |
| 283 | rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, "Global", | 299 | rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"), |
| 284 | NULL, NULL, buf, &length); | 300 | NULL, NULL, buf, &length); |
| 285 | } | 301 | } |
| 286 | if (rc == ERROR_SUCCESS) | 302 | if (rc == ERROR_SUCCESS) |
| 287 | { | 303 | { |
| 288 | /* For entropy count assume only least significant | 304 | /* For entropy count assume only least significant |
| 289 | * byte of each DWORD is random. | 305 | * byte of each DWORD is random. |
| 290 | */ | 306 | */ |
| 291 | RAND_add(&length, sizeof(length), 0); | 307 | RAND_add(&length, sizeof(length), 0); |
| 292 | RAND_add(buf, length, length / 4.0); | 308 | RAND_add(buf, length, length / 4.0); |
| 309 | |||
| 310 | /* Close the Registry Key to allow Windows to cleanup/close | ||
| 311 | * the open handle | ||
| 312 | * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened | ||
| 313 | * when the RegQueryValueEx above is done. However, if | ||
| 314 | * it is not explicitly closed, it can cause disk | ||
| 315 | * partition manipulation problems. | ||
| 316 | */ | ||
| 317 | RegCloseKey(HKEY_PERFORMANCE_DATA); | ||
| 293 | } | 318 | } |
| 294 | if (buf) | 319 | if (buf) |
| 295 | free(buf); | 320 | free(buf); |
| 296 | } | 321 | } |
| 297 | #endif | 322 | #endif |
| 323 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 298 | 324 | ||
| 299 | if (advapi) | 325 | if (advapi) |
| 300 | { | 326 | { |
| 301 | acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi, | 327 | acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi, |
| 302 | "CryptAcquireContextA"); | 328 | TEXT("CryptAcquireContextA")); |
| 303 | gen = (CRYPTGENRANDOM) GetProcAddress(advapi, | 329 | gen = (CRYPTGENRANDOM) GetProcAddress(advapi, |
| 304 | "CryptGenRandom"); | 330 | TEXT("CryptGenRandom")); |
| 305 | release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, | 331 | release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, |
| 306 | "CryptReleaseContext"); | 332 | TEXT("CryptReleaseContext")); |
| 307 | } | 333 | } |
| 308 | 334 | ||
| 309 | if (acquire && gen && release) | 335 | if (acquire && gen && release) |
| @@ -357,9 +383,9 @@ int RAND_poll(void) | |||
| 357 | GETFOREGROUNDWINDOW win; | 383 | GETFOREGROUNDWINDOW win; |
| 358 | GETQUEUESTATUS queue; | 384 | GETQUEUESTATUS queue; |
| 359 | 385 | ||
| 360 | win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow"); | 386 | win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow")); |
| 361 | cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo"); | 387 | cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo")); |
| 362 | queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus"); | 388 | queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus")); |
| 363 | 389 | ||
| 364 | if (win) | 390 | if (win) |
| 365 | { | 391 | { |
| @@ -430,17 +456,17 @@ int RAND_poll(void) | |||
| 430 | MODULEENTRY32 m; | 456 | MODULEENTRY32 m; |
| 431 | 457 | ||
| 432 | snap = (CREATETOOLHELP32SNAPSHOT) | 458 | snap = (CREATETOOLHELP32SNAPSHOT) |
| 433 | GetProcAddress(kernel, "CreateToolhelp32Snapshot"); | 459 | GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot")); |
| 434 | heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First"); | 460 | heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First")); |
| 435 | heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next"); | 461 | heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next")); |
| 436 | heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst"); | 462 | heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst")); |
| 437 | heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext"); | 463 | heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext")); |
| 438 | process_first = (PROCESS32) GetProcAddress(kernel, "Process32First"); | 464 | process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First")); |
| 439 | process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next"); | 465 | process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next")); |
| 440 | thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First"); | 466 | thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First")); |
| 441 | thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next"); | 467 | thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next")); |
| 442 | module_first = (MODULE32) GetProcAddress(kernel, "Module32First"); | 468 | module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First")); |
| 443 | module_next = (MODULE32) GetProcAddress(kernel, "Module32Next"); | 469 | module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next")); |
| 444 | 470 | ||
| 445 | if (snap && heap_first && heap_next && heaplist_first && | 471 | if (snap && heap_first && heap_next && heaplist_first && |
| 446 | heaplist_next && process_first && process_next && | 472 | heaplist_next && process_first && process_next && |
| @@ -575,7 +601,7 @@ static void readtimer(void) | |||
| 575 | DWORD w; | 601 | DWORD w; |
| 576 | LARGE_INTEGER l; | 602 | LARGE_INTEGER l; |
| 577 | static int have_perfc = 1; | 603 | static int have_perfc = 1; |
| 578 | #ifdef _MSC_VER | 604 | #if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE) |
| 579 | static int have_tsc = 1; | 605 | static int have_tsc = 1; |
| 580 | DWORD cyclecount; | 606 | DWORD cyclecount; |
| 581 | 607 | ||
| @@ -628,6 +654,7 @@ static void readtimer(void) | |||
| 628 | 654 | ||
| 629 | static void readscreen(void) | 655 | static void readscreen(void) |
| 630 | { | 656 | { |
| 657 | #ifndef OPENSSL_SYS_WINCE | ||
| 631 | HDC hScrDC; /* screen DC */ | 658 | HDC hScrDC; /* screen DC */ |
| 632 | HDC hMemDC; /* memory DC */ | 659 | HDC hMemDC; /* memory DC */ |
| 633 | HBITMAP hBitmap; /* handle for our bitmap */ | 660 | HBITMAP hBitmap; /* handle for our bitmap */ |
| @@ -641,7 +668,7 @@ static void readscreen(void) | |||
| 641 | int n = 16; /* number of screen lines to grab at a time */ | 668 | int n = 16; /* number of screen lines to grab at a time */ |
| 642 | 669 | ||
| 643 | /* Create a screen DC and a memory DC compatible to screen DC */ | 670 | /* Create a screen DC and a memory DC compatible to screen DC */ |
| 644 | hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL); | 671 | hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); |
| 645 | hMemDC = CreateCompatibleDC(hScrDC); | 672 | hMemDC = CreateCompatibleDC(hScrDC); |
| 646 | 673 | ||
| 647 | /* Get screen resolution */ | 674 | /* Get screen resolution */ |
| @@ -688,6 +715,7 @@ static void readscreen(void) | |||
| 688 | DeleteObject(hBitmap); | 715 | DeleteObject(hBitmap); |
| 689 | DeleteDC(hMemDC); | 716 | DeleteDC(hMemDC); |
| 690 | DeleteDC(hScrDC); | 717 | DeleteDC(hScrDC); |
| 718 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 691 | } | 719 | } |
| 692 | 720 | ||
| 693 | #endif | 721 | #endif |
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index 311dd27a7b..cfbec2ac1f 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c | |||
| @@ -132,7 +132,7 @@ int RAND_load_file(const char *file, long bytes) | |||
| 132 | } | 132 | } |
| 133 | } | 133 | } |
| 134 | fclose(in); | 134 | fclose(in); |
| 135 | memset(buf,0,BUFSIZE); | 135 | OPENSSL_cleanse(buf,BUFSIZE); |
| 136 | err: | 136 | err: |
| 137 | return(ret); | 137 | return(ret); |
| 138 | } | 138 | } |
| @@ -210,7 +210,7 @@ int RAND_write_file(const char *file) | |||
| 210 | #endif /* OPENSSL_SYS_VMS */ | 210 | #endif /* OPENSSL_SYS_VMS */ |
| 211 | 211 | ||
| 212 | fclose(out); | 212 | fclose(out); |
| 213 | memset(buf,0,BUFSIZE); | 213 | OPENSSL_cleanse(buf,BUFSIZE); |
| 214 | err: | 214 | err: |
| 215 | return (rand_err ? -1 : ret); | 215 | return (rand_err ? -1 : ret); |
| 216 | } | 216 | } |
| @@ -225,8 +225,8 @@ const char *RAND_file_name(char *buf, size_t size) | |||
| 225 | s=getenv("RANDFILE"); | 225 | s=getenv("RANDFILE"); |
| 226 | if (s != NULL && *s && strlen(s) + 1 < size) | 226 | if (s != NULL && *s && strlen(s) + 1 < size) |
| 227 | { | 227 | { |
| 228 | strlcpy(buf,s,size); | 228 | if (strlcpy(buf,s,size) >= size) |
| 229 | ok = 1; | 229 | return NULL; |
| 230 | } | 230 | } |
| 231 | else | 231 | else |
| 232 | { | 232 | { |
diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c index b64de616db..701932e6ee 100644 --- a/src/lib/libcrypto/rand/randtest.c +++ b/src/lib/libcrypto/rand/randtest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <openssl/rand.h> | 61 | #include <openssl/rand.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | /* some FIPS 140-1 random number test */ | 65 | /* some FIPS 140-1 random number test */ |
| 64 | /* some simple tests */ | 66 | /* some simple tests */ |
| 65 | 67 | ||
| @@ -209,6 +211,6 @@ int main() | |||
| 209 | printf("test 4 done\n"); | 211 | printf("test 4 done\n"); |
| 210 | err: | 212 | err: |
| 211 | err=((err)?1:0); | 213 | err=((err)?1:0); |
| 212 | exit(err); | 214 | EXIT(err); |
| 213 | return(err); | 215 | return(err); |
| 214 | } | 216 | } |
diff --git a/src/lib/libcrypto/rc2/Makefile.ssl b/src/lib/libcrypto/rc2/Makefile.ssl index 88e41bb98e..98d5960d5d 100644 --- a/src/lib/libcrypto/rc2/Makefile.ssl +++ b/src/lib/libcrypto/rc2/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/rc2/rc2test.c b/src/lib/libcrypto/rc2/rc2test.c index d9a2a0a1cb..b67bafb49f 100644 --- a/src/lib/libcrypto/rc2/rc2test.c +++ b/src/lib/libcrypto/rc2/rc2test.c | |||
| @@ -63,6 +63,8 @@ | |||
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | #include <stdlib.h> | 64 | #include <stdlib.h> |
| 65 | 65 | ||
| 66 | #include "../e_os.h" | ||
| 67 | |||
| 66 | #ifdef OPENSSL_NO_RC2 | 68 | #ifdef OPENSSL_NO_RC2 |
| 67 | int main(int argc, char *argv[]) | 69 | int main(int argc, char *argv[]) |
| 68 | { | 70 | { |
| @@ -203,7 +205,7 @@ int main(int argc, char *argv[]) | |||
| 203 | printf("ok\n"); | 205 | printf("ok\n"); |
| 204 | #endif | 206 | #endif |
| 205 | 207 | ||
| 206 | exit(err); | 208 | EXIT(err); |
| 207 | return(err); | 209 | return(err); |
| 208 | } | 210 | } |
| 209 | 211 | ||
diff --git a/src/lib/libcrypto/rc4/Makefile.ssl b/src/lib/libcrypto/rc4/Makefile.ssl index 6e5bbf9894..9f9e16068f 100644 --- a/src/lib/libcrypto/rc4/Makefile.ssl +++ b/src/lib/libcrypto/rc4/Makefile.ssl | |||
| @@ -52,14 +52,8 @@ lib: $(LIBOBJ) | |||
| 52 | @touch lib | 52 | @touch lib |
| 53 | 53 | ||
| 54 | # elf | 54 | # elf |
| 55 | asm/rx86-elf.o: asm/rx86unix.cpp | 55 | asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl |
| 56 | $(CPP) -DELF -x c asm/rx86unix.cpp | as -o asm/rx86-elf.o | 56 | (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s) |
| 57 | |||
| 58 | # solaris | ||
| 59 | asm/rx86-sol.o: asm/rx86unix.cpp | ||
| 60 | $(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s | ||
| 61 | as -o asm/rx86-sol.o asm/rx86-sol.s | ||
| 62 | rm -f asm/rx86-sol.s | ||
| 63 | 57 | ||
| 64 | # a.out | 58 | # a.out |
| 65 | asm/rx86-out.o: asm/rx86unix.cpp | 59 | asm/rx86-out.o: asm/rx86unix.cpp |
| @@ -97,14 +91,14 @@ lint: | |||
| 97 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 91 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 98 | 92 | ||
| 99 | depend: | 93 | depend: |
| 100 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 94 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 101 | 95 | ||
| 102 | dclean: | 96 | dclean: |
| 103 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 97 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 104 | mv -f Makefile.new $(MAKEFILE) | 98 | mv -f Makefile.new $(MAKEFILE) |
| 105 | 99 | ||
| 106 | clean: | 100 | clean: |
| 107 | rm -f asm/rx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o | 101 | rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o |
| 108 | 102 | ||
| 109 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 103 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 110 | 104 | ||
diff --git a/src/lib/libcrypto/rc4/rc4.c b/src/lib/libcrypto/rc4/rc4.c index c2165b0b75..b39c070292 100644 --- a/src/lib/libcrypto/rc4/rc4.c +++ b/src/lib/libcrypto/rc4/rc4.c | |||
| @@ -155,7 +155,7 @@ bad: | |||
| 155 | i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0); | 155 | i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0); |
| 156 | if (i != 0) | 156 | if (i != 0) |
| 157 | { | 157 | { |
| 158 | memset(buf,0,BUFSIZ); | 158 | OPENSSL_cleanse(buf,BUFSIZ); |
| 159 | fprintf(stderr,"bad password read\n"); | 159 | fprintf(stderr,"bad password read\n"); |
| 160 | exit(1); | 160 | exit(1); |
| 161 | } | 161 | } |
| @@ -163,7 +163,7 @@ bad: | |||
| 163 | } | 163 | } |
| 164 | 164 | ||
| 165 | EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); | 165 | EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); |
| 166 | memset(keystr,0,strlen(keystr)); | 166 | OPENSSL_cleanse(keystr,strlen(keystr)); |
| 167 | RC4_set_key(&key,MD5_DIGEST_LENGTH,md); | 167 | RC4_set_key(&key,MD5_DIGEST_LENGTH,md); |
| 168 | 168 | ||
| 169 | for(;;) | 169 | for(;;) |
diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c index a28d457c8d..b9d8f20975 100644 --- a/src/lib/libcrypto/rc4/rc4test.c +++ b/src/lib/libcrypto/rc4/rc4test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_RC4 | 65 | #ifdef OPENSSL_NO_RC4 |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -195,7 +197,7 @@ int main(int argc, char *argv[]) | |||
| 195 | } | 197 | } |
| 196 | } | 198 | } |
| 197 | printf("done\n"); | 199 | printf("done\n"); |
| 198 | exit(err); | 200 | EXIT(err); |
| 199 | return(0); | 201 | return(0); |
| 200 | } | 202 | } |
| 201 | #endif | 203 | #endif |
diff --git a/src/lib/libcrypto/rc5/Makefile.ssl b/src/lib/libcrypto/rc5/Makefile.ssl index ff31ab47a9..a86f202f7b 100644 --- a/src/lib/libcrypto/rc5/Makefile.ssl +++ b/src/lib/libcrypto/rc5/Makefile.ssl | |||
| @@ -49,14 +49,8 @@ lib: $(LIBOBJ) | |||
| 49 | @touch lib | 49 | @touch lib |
| 50 | 50 | ||
| 51 | # elf | 51 | # elf |
| 52 | asm/r586-elf.o: asm/r586unix.cpp | 52 | asm/r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 53 | $(CPP) -DELF -x c asm/r586unix.cpp | as -o asm/r586-elf.o | 53 | (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > r586-elf.s) |
| 54 | |||
| 55 | # solaris | ||
| 56 | asm/r586-sol.o: asm/r586unix.cpp | ||
| 57 | $(CC) -E -DSOL asm/r586unix.cpp | sed 's/^#.*//' > asm/r586-sol.s | ||
| 58 | as -o asm/r586-sol.o asm/r586-sol.s | ||
| 59 | rm -f asm/r586-sol.s | ||
| 60 | 54 | ||
| 61 | # a.out | 55 | # a.out |
| 62 | asm/r586-out.o: asm/r586unix.cpp | 56 | asm/r586-out.o: asm/r586unix.cpp |
| @@ -94,14 +88,14 @@ lint: | |||
| 94 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 88 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 95 | 89 | ||
| 96 | depend: | 90 | depend: |
| 97 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 91 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 98 | 92 | ||
| 99 | dclean: | 93 | dclean: |
| 100 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 94 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 101 | mv -f Makefile.new $(MAKEFILE) | 95 | mv -f Makefile.new $(MAKEFILE) |
| 102 | 96 | ||
| 103 | clean: | 97 | clean: |
| 104 | rm -f asm/r586unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 98 | rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 105 | 99 | ||
| 106 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 100 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 107 | 101 | ||
diff --git a/src/lib/libcrypto/ripemd/Makefile.ssl b/src/lib/libcrypto/ripemd/Makefile.ssl index 7ab5d2fc9e..d85515353b 100644 --- a/src/lib/libcrypto/ripemd/Makefile.ssl +++ b/src/lib/libcrypto/ripemd/Makefile.ssl | |||
| @@ -47,14 +47,8 @@ lib: $(LIBOBJ) | |||
| 47 | @touch lib | 47 | @touch lib |
| 48 | 48 | ||
| 49 | # elf | 49 | # elf |
| 50 | asm/rm86-elf.o: asm/rm86unix.cpp | 50 | asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl |
| 51 | $(CPP) -DELF -x c asm/rm86unix.cpp | as -o asm/rm86-elf.o | 51 | (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s) |
| 52 | |||
| 53 | # solaris | ||
| 54 | asm/rm86-sol.o: asm/rm86unix.cpp | ||
| 55 | $(CC) -E -DSOL asm/rm86unix.cpp | sed 's/^#.*//' > asm/rm86-sol.s | ||
| 56 | as -o asm/rm86-sol.o asm/rm86-sol.s | ||
| 57 | rm -f asm/rm86-sol.s | ||
| 58 | 52 | ||
| 59 | # a.out | 53 | # a.out |
| 60 | asm/rm86-out.o: asm/rm86unix.cpp | 54 | asm/rm86-out.o: asm/rm86unix.cpp |
| @@ -92,19 +86,22 @@ lint: | |||
| 92 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 86 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 93 | 87 | ||
| 94 | depend: | 88 | depend: |
| 95 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 89 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 96 | 90 | ||
| 97 | dclean: | 91 | dclean: |
| 98 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 92 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 99 | mv -f Makefile.new $(MAKEFILE) | 93 | mv -f Makefile.new $(MAKEFILE) |
| 100 | 94 | ||
| 101 | clean: | 95 | clean: |
| 102 | rm -f asm/rm86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 96 | rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 103 | 97 | ||
| 104 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 98 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 105 | 99 | ||
| 106 | rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 100 | rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 107 | rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h | 101 | rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h |
| 108 | rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h | 102 | rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h |
| 109 | rmd_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 103 | rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 110 | rmd_one.o: ../../include/openssl/ripemd.h rmd_one.c | 104 | rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 105 | rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h | ||
| 106 | rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 107 | rmd_one.o: rmd_one.c | ||
diff --git a/src/lib/libcrypto/ripemd/rmd160.c b/src/lib/libcrypto/ripemd/rmd160.c index 4f8b88a18a..b0ec574498 100644 --- a/src/lib/libcrypto/ripemd/rmd160.c +++ b/src/lib/libcrypto/ripemd/rmd160.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | void do_fp(FILE *f); | 65 | void do_fp(FILE *f); |
| 66 | void pt(unsigned char *md); | 66 | void pt(unsigned char *md); |
| 67 | #ifndef _OSD_POSIX | 67 | #if !defined(_OSD_POSIX) && !defined(__DJGPP__) |
| 68 | int read(int, void *, unsigned int); | 68 | int read(int, void *, unsigned int); |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c index a3170f7c8a..f351f00eea 100644 --- a/src/lib/libcrypto/ripemd/rmd_dgst.c +++ b/src/lib/libcrypto/ripemd/rmd_dgst.c | |||
| @@ -90,8 +90,8 @@ int RIPEMD160_Init(RIPEMD160_CTX *c) | |||
| 90 | void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) | 90 | void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) |
| 91 | { | 91 | { |
| 92 | const RIPEMD160_LONG *XX=p; | 92 | const RIPEMD160_LONG *XX=p; |
| 93 | register unsigned long A,B,C,D,E; | 93 | register unsigned MD32_REG_T A,B,C,D,E; |
| 94 | register unsigned long a,b,c,d,e; | 94 | register unsigned MD32_REG_T a,b,c,d,e; |
| 95 | 95 | ||
| 96 | for (;num--;XX+=HASH_LBLOCK) | 96 | for (;num--;XX+=HASH_LBLOCK) |
| 97 | { | 97 | { |
| @@ -290,12 +290,12 @@ void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) | |||
| 290 | void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) | 290 | void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) |
| 291 | { | 291 | { |
| 292 | const unsigned char *data=p; | 292 | const unsigned char *data=p; |
| 293 | register unsigned long A,B,C,D,E; | 293 | register unsigned MD32_REG_T A,B,C,D,E; |
| 294 | unsigned long a,b,c,d,e,l; | 294 | unsigned MD32_REG_T a,b,c,d,e,l; |
| 295 | #ifndef MD32_XARRAY | 295 | #ifndef MD32_XARRAY |
| 296 | /* See comment in crypto/sha/sha_locl.h for details. */ | 296 | /* See comment in crypto/sha/sha_locl.h for details. */ |
| 297 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 297 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 298 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 298 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 299 | # define X(i) XX##i | 299 | # define X(i) XX##i |
| 300 | #else | 300 | #else |
| 301 | RIPEMD160_LONG XX[16]; | 301 | RIPEMD160_LONG XX[16]; |
diff --git a/src/lib/libcrypto/ripemd/rmd_one.c b/src/lib/libcrypto/ripemd/rmd_one.c index efdf2dd6ef..f8b580c33a 100644 --- a/src/lib/libcrypto/ripemd/rmd_one.c +++ b/src/lib/libcrypto/ripemd/rmd_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/ripemd.h> | 61 | #include <openssl/ripemd.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, | 64 | unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, |
| 64 | unsigned char *md) | 65 | unsigned char *md) |
| @@ -70,7 +71,7 @@ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, | |||
| 70 | RIPEMD160_Init(&c); | 71 | RIPEMD160_Init(&c); |
| 71 | RIPEMD160_Update(&c,d,n); | 72 | RIPEMD160_Update(&c,d,n); |
| 72 | RIPEMD160_Final(md,&c); | 73 | RIPEMD160_Final(md,&c); |
| 73 | memset(&c,0,sizeof(c)); /* security consideration */ | 74 | OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ |
| 74 | return(md); | 75 | return(md); |
| 75 | } | 76 | } |
| 76 | 77 | ||
diff --git a/src/lib/libcrypto/ripemd/rmdtest.c b/src/lib/libcrypto/ripemd/rmdtest.c index be1fb8b1f6..d4c709e646 100644 --- a/src/lib/libcrypto/ripemd/rmdtest.c +++ b/src/lib/libcrypto/ripemd/rmdtest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_RIPEMD | 65 | #ifdef OPENSSL_NO_RIPEMD |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -127,7 +129,7 @@ int main(int argc, char *argv[]) | |||
| 127 | R++; | 129 | R++; |
| 128 | P++; | 130 | P++; |
| 129 | } | 131 | } |
| 130 | exit(err); | 132 | EXIT(err); |
| 131 | return(0); | 133 | return(0); |
| 132 | } | 134 | } |
| 133 | 135 | ||
diff --git a/src/lib/libcrypto/rsa/Makefile.ssl b/src/lib/libcrypto/rsa/Makefile.ssl index 8c44b7f142..8089344a04 100644 --- a/src/lib/libcrypto/rsa/Makefile.ssl +++ b/src/lib/libcrypto/rsa/Makefile.ssl | |||
| @@ -72,7 +72,7 @@ lint: | |||
| 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 73 | 73 | ||
| 74 | depend: | 74 | depend: |
| 75 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 75 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 76 | 76 | ||
| 77 | dclean: | 77 | dclean: |
| 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -104,14 +104,12 @@ rsa_chk.o: rsa_chk.c | |||
| 104 | rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h | 104 | rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h |
| 105 | rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 105 | rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 106 | rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 106 | rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 107 | rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 107 | rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 108 | rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 108 | rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 109 | rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 109 | rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 110 | rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 110 | rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 111 | rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 111 | rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 112 | rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 112 | rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c |
| 113 | rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 114 | rsa_eay.o: ../../include/openssl/ui.h ../cryptlib.h rsa_eay.c | ||
| 115 | rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 113 | rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 116 | rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | 114 | rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 117 | rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 115 | rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| @@ -217,21 +215,21 @@ rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h | |||
| 217 | rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 215 | rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 218 | rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | 216 | rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h |
| 219 | rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 217 | rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 220 | rsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 218 | rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 221 | rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h | 219 | rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 222 | rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | 220 | rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h |
| 223 | rsa_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | 221 | rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h |
| 224 | rsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | 222 | rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 225 | rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 223 | rsa_sign.o: ../../include/openssl/opensslconf.h |
| 226 | rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 224 | rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 227 | rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 225 | rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h |
| 228 | rsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | 226 | rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h |
| 229 | rsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | 227 | rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h |
| 230 | rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 228 | rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 231 | rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 229 | rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 232 | rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 230 | rsa_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 233 | rsa_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h | 231 | rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 234 | rsa_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_sign.c | 232 | rsa_sign.o: ../cryptlib.h rsa_sign.c |
| 235 | rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h | 233 | rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h |
| 236 | rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 234 | rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 237 | rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 235 | rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index 98b3bd7cc5..e26a68b482 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h | |||
| @@ -158,6 +158,11 @@ struct rsa_st | |||
| 158 | #define RSA_FLAG_CACHE_PUBLIC 0x02 | 158 | #define RSA_FLAG_CACHE_PUBLIC 0x02 |
| 159 | #define RSA_FLAG_CACHE_PRIVATE 0x04 | 159 | #define RSA_FLAG_CACHE_PRIVATE 0x04 |
| 160 | #define RSA_FLAG_BLINDING 0x08 | 160 | #define RSA_FLAG_BLINDING 0x08 |
| 161 | #define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in | ||
| 162 | * RSA implementation now uses blinding by | ||
| 163 | * default (ignoring RSA_FLAG_BLINDING), | ||
| 164 | * but other engines might not need it | ||
| 165 | */ | ||
| 161 | #define RSA_FLAG_THREAD_SAFE 0x10 | 166 | #define RSA_FLAG_THREAD_SAFE 0x10 |
| 162 | /* This flag means the private key operations will be handled by rsa_mod_exp | 167 | /* This flag means the private key operations will be handled by rsa_mod_exp |
| 163 | * and that they do not depend on the private key components being present: | 168 | * and that they do not depend on the private key components being present: |
| @@ -170,11 +175,15 @@ struct rsa_st | |||
| 170 | */ | 175 | */ |
| 171 | #define RSA_FLAG_SIGN_VER 0x40 | 176 | #define RSA_FLAG_SIGN_VER 0x40 |
| 172 | 177 | ||
| 178 | #define RSA_FLAG_NO_BLINDING 0x80 | ||
| 179 | |||
| 173 | #define RSA_PKCS1_PADDING 1 | 180 | #define RSA_PKCS1_PADDING 1 |
| 174 | #define RSA_SSLV23_PADDING 2 | 181 | #define RSA_SSLV23_PADDING 2 |
| 175 | #define RSA_NO_PADDING 3 | 182 | #define RSA_NO_PADDING 3 |
| 176 | #define RSA_PKCS1_OAEP_PADDING 4 | 183 | #define RSA_PKCS1_OAEP_PADDING 4 |
| 177 | 184 | ||
| 185 | #define RSA_PKCS1_PADDING_SIZE 11 | ||
| 186 | |||
| 178 | #define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) | 187 | #define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) |
| 179 | #define RSA_get_app_data(s) RSA_get_ex_data(s,0) | 188 | #define RSA_get_app_data(s) RSA_get_ex_data(s,0) |
| 180 | 189 | ||
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index a3f549d8e6..027b4dc754 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c | |||
| @@ -61,7 +61,6 @@ | |||
| 61 | #include <openssl/bn.h> | 61 | #include <openssl/bn.h> |
| 62 | #include <openssl/rsa.h> | 62 | #include <openssl/rsa.h> |
| 63 | #include <openssl/rand.h> | 63 | #include <openssl/rand.h> |
| 64 | #include <openssl/engine.h> | ||
| 65 | 64 | ||
| 66 | #ifndef RSA_NULL | 65 | #ifndef RSA_NULL |
| 67 | 66 | ||
| @@ -187,7 +186,7 @@ err: | |||
| 187 | BN_clear_free(&ret); | 186 | BN_clear_free(&ret); |
| 188 | if (buf != NULL) | 187 | if (buf != NULL) |
| 189 | { | 188 | { |
| 190 | memset(buf,0,num); | 189 | OPENSSL_cleanse(buf,num); |
| 191 | OPENSSL_free(buf); | 190 | OPENSSL_free(buf); |
| 192 | } | 191 | } |
| 193 | return(r); | 192 | return(r); |
| @@ -206,12 +205,46 @@ static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) | |||
| 206 | 205 | ||
| 207 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ | 206 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ |
| 208 | do { \ | 207 | do { \ |
| 209 | if(((rsa)->flags & RSA_FLAG_BLINDING) && \ | 208 | if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ |
| 210 | ((rsa)->blinding == NULL) && \ | 209 | ((rsa)->blinding == NULL) && \ |
| 211 | !rsa_eay_blinding(rsa, ctx)) \ | 210 | !rsa_eay_blinding(rsa, ctx)) \ |
| 212 | err_instr \ | 211 | err_instr \ |
| 213 | } while(0) | 212 | } while(0) |
| 214 | 213 | ||
| 214 | static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) | ||
| 215 | { | ||
| 216 | BIGNUM *A, *Ai; | ||
| 217 | BN_BLINDING *ret = NULL; | ||
| 218 | |||
| 219 | /* added in OpenSSL 0.9.6j and 0.9.7b */ | ||
| 220 | |||
| 221 | /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); | ||
| 222 | * this should be placed in a new function of its own, but for reasons | ||
| 223 | * of binary compatibility can't */ | ||
| 224 | |||
| 225 | BN_CTX_start(ctx); | ||
| 226 | A = BN_CTX_get(ctx); | ||
| 227 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
| 228 | { | ||
| 229 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | ||
| 230 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | ||
| 231 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | ||
| 232 | } | ||
| 233 | else | ||
| 234 | { | ||
| 235 | if (!BN_rand_range(A,rsa->n)) goto err; | ||
| 236 | } | ||
| 237 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | ||
| 238 | |||
| 239 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | ||
| 240 | goto err; | ||
| 241 | ret = BN_BLINDING_new(A,Ai,rsa->n); | ||
| 242 | BN_free(Ai); | ||
| 243 | err: | ||
| 244 | BN_CTX_end(ctx); | ||
| 245 | return ret; | ||
| 246 | } | ||
| 247 | |||
| 215 | /* signing */ | 248 | /* signing */ |
| 216 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | 249 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, |
| 217 | unsigned char *to, RSA *rsa, int padding) | 250 | unsigned char *to, RSA *rsa, int padding) |
| @@ -220,6 +253,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 220 | int i,j,k,num=0,r= -1; | 253 | int i,j,k,num=0,r= -1; |
| 221 | unsigned char *buf=NULL; | 254 | unsigned char *buf=NULL; |
| 222 | BN_CTX *ctx=NULL; | 255 | BN_CTX *ctx=NULL; |
| 256 | int local_blinding = 0; | ||
| 257 | BN_BLINDING *blinding = NULL; | ||
| 223 | 258 | ||
| 224 | BN_init(&f); | 259 | BN_init(&f); |
| 225 | BN_init(&ret); | 260 | BN_init(&ret); |
| @@ -257,9 +292,38 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 257 | } | 292 | } |
| 258 | 293 | ||
| 259 | BLINDING_HELPER(rsa, ctx, goto err;); | 294 | BLINDING_HELPER(rsa, ctx, goto err;); |
| 295 | blinding = rsa->blinding; | ||
| 296 | |||
| 297 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 298 | * But the BN_BLINDING object may be owned by some other thread | ||
| 299 | * (we don't want to keep it constant and we don't want to use | ||
| 300 | * lots of locking to avoid race conditions, so only a single | ||
| 301 | * thread can use it; other threads have to use local blinding | ||
| 302 | * factors) */ | ||
| 303 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | ||
| 304 | { | ||
| 305 | if (blinding == NULL) | ||
| 306 | { | ||
| 307 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); | ||
| 308 | goto err; | ||
| 309 | } | ||
| 310 | } | ||
| 311 | |||
| 312 | if (blinding != NULL) | ||
| 313 | { | ||
| 314 | if (blinding->thread_id != CRYPTO_thread_id()) | ||
| 315 | { | ||
| 316 | /* we need a local one-time blinding factor */ | ||
| 317 | |||
| 318 | blinding = setup_blinding(rsa, ctx); | ||
| 319 | if (blinding == NULL) | ||
| 320 | goto err; | ||
| 321 | local_blinding = 1; | ||
| 322 | } | ||
| 323 | } | ||
| 260 | 324 | ||
| 261 | if (rsa->flags & RSA_FLAG_BLINDING) | 325 | if (blinding) |
| 262 | if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; | 326 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; |
| 263 | 327 | ||
| 264 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 328 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| 265 | ((rsa->p != NULL) && | 329 | ((rsa->p != NULL) && |
| @@ -273,8 +337,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 273 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; | 337 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; |
| 274 | } | 338 | } |
| 275 | 339 | ||
| 276 | if (rsa->flags & RSA_FLAG_BLINDING) | 340 | if (blinding) |
| 277 | if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; | 341 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; |
| 278 | 342 | ||
| 279 | /* put in leading 0 bytes if the number is less than the | 343 | /* put in leading 0 bytes if the number is less than the |
| 280 | * length of the modulus */ | 344 | * length of the modulus */ |
| @@ -288,9 +352,11 @@ err: | |||
| 288 | if (ctx != NULL) BN_CTX_free(ctx); | 352 | if (ctx != NULL) BN_CTX_free(ctx); |
| 289 | BN_clear_free(&ret); | 353 | BN_clear_free(&ret); |
| 290 | BN_clear_free(&f); | 354 | BN_clear_free(&f); |
| 355 | if (local_blinding) | ||
| 356 | BN_BLINDING_free(blinding); | ||
| 291 | if (buf != NULL) | 357 | if (buf != NULL) |
| 292 | { | 358 | { |
| 293 | memset(buf,0,num); | 359 | OPENSSL_cleanse(buf,num); |
| 294 | OPENSSL_free(buf); | 360 | OPENSSL_free(buf); |
| 295 | } | 361 | } |
| 296 | return(r); | 362 | return(r); |
| @@ -304,6 +370,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 304 | unsigned char *p; | 370 | unsigned char *p; |
| 305 | unsigned char *buf=NULL; | 371 | unsigned char *buf=NULL; |
| 306 | BN_CTX *ctx=NULL; | 372 | BN_CTX *ctx=NULL; |
| 373 | int local_blinding = 0; | ||
| 374 | BN_BLINDING *blinding = NULL; | ||
| 307 | 375 | ||
| 308 | BN_init(&f); | 376 | BN_init(&f); |
| 309 | BN_init(&ret); | 377 | BN_init(&ret); |
| @@ -336,9 +404,38 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 336 | } | 404 | } |
| 337 | 405 | ||
| 338 | BLINDING_HELPER(rsa, ctx, goto err;); | 406 | BLINDING_HELPER(rsa, ctx, goto err;); |
| 407 | blinding = rsa->blinding; | ||
| 408 | |||
| 409 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 410 | * But the BN_BLINDING object may be owned by some other thread | ||
| 411 | * (we don't want to keep it constant and we don't want to use | ||
| 412 | * lots of locking to avoid race conditions, so only a single | ||
| 413 | * thread can use it; other threads have to use local blinding | ||
| 414 | * factors) */ | ||
| 415 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | ||
| 416 | { | ||
| 417 | if (blinding == NULL) | ||
| 418 | { | ||
| 419 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); | ||
| 420 | goto err; | ||
| 421 | } | ||
| 422 | } | ||
| 423 | |||
| 424 | if (blinding != NULL) | ||
| 425 | { | ||
| 426 | if (blinding->thread_id != CRYPTO_thread_id()) | ||
| 427 | { | ||
| 428 | /* we need a local one-time blinding factor */ | ||
| 429 | |||
| 430 | blinding = setup_blinding(rsa, ctx); | ||
| 431 | if (blinding == NULL) | ||
| 432 | goto err; | ||
| 433 | local_blinding = 1; | ||
| 434 | } | ||
| 435 | } | ||
| 339 | 436 | ||
| 340 | if (rsa->flags & RSA_FLAG_BLINDING) | 437 | if (blinding) |
| 341 | if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; | 438 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; |
| 342 | 439 | ||
| 343 | /* do the decrypt */ | 440 | /* do the decrypt */ |
| 344 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 441 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| @@ -354,8 +451,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 354 | goto err; | 451 | goto err; |
| 355 | } | 452 | } |
| 356 | 453 | ||
| 357 | if (rsa->flags & RSA_FLAG_BLINDING) | 454 | if (blinding) |
| 358 | if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; | 455 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; |
| 359 | 456 | ||
| 360 | p=buf; | 457 | p=buf; |
| 361 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ | 458 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ |
| @@ -389,7 +486,7 @@ err: | |||
| 389 | BN_clear_free(&ret); | 486 | BN_clear_free(&ret); |
| 390 | if (buf != NULL) | 487 | if (buf != NULL) |
| 391 | { | 488 | { |
| 392 | memset(buf,0,num); | 489 | OPENSSL_cleanse(buf,num); |
| 393 | OPENSSL_free(buf); | 490 | OPENSSL_free(buf); |
| 394 | } | 491 | } |
| 395 | return(r); | 492 | return(r); |
| @@ -486,7 +583,7 @@ err: | |||
| 486 | BN_clear_free(&ret); | 583 | BN_clear_free(&ret); |
| 487 | if (buf != NULL) | 584 | if (buf != NULL) |
| 488 | { | 585 | { |
| 489 | memset(buf,0,num); | 586 | OPENSSL_cleanse(buf,num); |
| 490 | OPENSSL_free(buf); | 587 | OPENSSL_free(buf); |
| 491 | } | 588 | } |
| 492 | return(r); | 589 | return(r); |
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c index 37fff8bce3..53c5092014 100644 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ b/src/lib/libcrypto/rsa/rsa_lib.c | |||
| @@ -62,7 +62,10 @@ | |||
| 62 | #include <openssl/lhash.h> | 62 | #include <openssl/lhash.h> |
| 63 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 64 | #include <openssl/rsa.h> | 64 | #include <openssl/rsa.h> |
| 65 | #include <openssl/rand.h> | ||
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 65 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 66 | 69 | ||
| 67 | const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; | 70 | const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; |
| 68 | 71 | ||
| @@ -72,10 +75,6 @@ RSA *RSA_new(void) | |||
| 72 | { | 75 | { |
| 73 | RSA *r=RSA_new_method(NULL); | 76 | RSA *r=RSA_new_method(NULL); |
| 74 | 77 | ||
| 75 | #ifndef OPENSSL_NO_FORCE_RSA_BLINDING | ||
| 76 | r->flags|=RSA_FLAG_BLINDING; | ||
| 77 | #endif | ||
| 78 | |||
| 79 | return r; | 78 | return r; |
| 80 | } | 79 | } |
| 81 | 80 | ||
| @@ -114,11 +113,13 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) | |||
| 114 | const RSA_METHOD *mtmp; | 113 | const RSA_METHOD *mtmp; |
| 115 | mtmp = rsa->meth; | 114 | mtmp = rsa->meth; |
| 116 | if (mtmp->finish) mtmp->finish(rsa); | 115 | if (mtmp->finish) mtmp->finish(rsa); |
| 116 | #ifndef OPENSSL_NO_ENGINE | ||
| 117 | if (rsa->engine) | 117 | if (rsa->engine) |
| 118 | { | 118 | { |
| 119 | ENGINE_finish(rsa->engine); | 119 | ENGINE_finish(rsa->engine); |
| 120 | rsa->engine = NULL; | 120 | rsa->engine = NULL; |
| 121 | } | 121 | } |
| 122 | #endif | ||
| 122 | rsa->meth = meth; | 123 | rsa->meth = meth; |
| 123 | if (meth->init) meth->init(rsa); | 124 | if (meth->init) meth->init(rsa); |
| 124 | return 1; | 125 | return 1; |
| @@ -136,6 +137,7 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 136 | } | 137 | } |
| 137 | 138 | ||
| 138 | ret->meth = RSA_get_default_method(); | 139 | ret->meth = RSA_get_default_method(); |
| 140 | #ifndef OPENSSL_NO_ENGINE | ||
| 139 | if (engine) | 141 | if (engine) |
| 140 | { | 142 | { |
| 141 | if (!ENGINE_init(engine)) | 143 | if (!ENGINE_init(engine)) |
| @@ -160,6 +162,7 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 160 | return NULL; | 162 | return NULL; |
| 161 | } | 163 | } |
| 162 | } | 164 | } |
| 165 | #endif | ||
| 163 | 166 | ||
| 164 | ret->pad=0; | 167 | ret->pad=0; |
| 165 | ret->version=0; | 168 | ret->version=0; |
| @@ -181,8 +184,10 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 181 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | 184 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); |
| 182 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 185 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 183 | { | 186 | { |
| 187 | #ifndef OPENSSL_NO_ENGINE | ||
| 184 | if (ret->engine) | 188 | if (ret->engine) |
| 185 | ENGINE_finish(ret->engine); | 189 | ENGINE_finish(ret->engine); |
| 190 | #endif | ||
| 186 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | 191 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); |
| 187 | OPENSSL_free(ret); | 192 | OPENSSL_free(ret); |
| 188 | ret=NULL; | 193 | ret=NULL; |
| @@ -211,8 +216,10 @@ void RSA_free(RSA *r) | |||
| 211 | 216 | ||
| 212 | if (r->meth->finish) | 217 | if (r->meth->finish) |
| 213 | r->meth->finish(r); | 218 | r->meth->finish(r); |
| 219 | #ifndef OPENSSL_NO_ENGINE | ||
| 214 | if (r->engine) | 220 | if (r->engine) |
| 215 | ENGINE_finish(r->engine); | 221 | ENGINE_finish(r->engine); |
| 222 | #endif | ||
| 216 | 223 | ||
| 217 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); | 224 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); |
| 218 | 225 | ||
| @@ -303,7 +310,8 @@ void RSA_blinding_off(RSA *rsa) | |||
| 303 | BN_BLINDING_free(rsa->blinding); | 310 | BN_BLINDING_free(rsa->blinding); |
| 304 | rsa->blinding=NULL; | 311 | rsa->blinding=NULL; |
| 305 | } | 312 | } |
| 306 | rsa->flags&= ~RSA_FLAG_BLINDING; | 313 | rsa->flags &= ~RSA_FLAG_BLINDING; |
| 314 | rsa->flags |= RSA_FLAG_NO_BLINDING; | ||
| 307 | } | 315 | } |
| 308 | 316 | ||
| 309 | int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) | 317 | int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) |
| @@ -322,15 +330,32 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) | |||
| 322 | if (rsa->blinding != NULL) | 330 | if (rsa->blinding != NULL) |
| 323 | BN_BLINDING_free(rsa->blinding); | 331 | BN_BLINDING_free(rsa->blinding); |
| 324 | 332 | ||
| 333 | /* NB: similar code appears in setup_blinding (rsa_eay.c); | ||
| 334 | * this should be placed in a new function of its own, but for reasons | ||
| 335 | * of binary compatibility can't */ | ||
| 336 | |||
| 325 | BN_CTX_start(ctx); | 337 | BN_CTX_start(ctx); |
| 326 | A = BN_CTX_get(ctx); | 338 | A = BN_CTX_get(ctx); |
| 327 | if (!BN_rand_range(A,rsa->n)) goto err; | 339 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) |
| 340 | { | ||
| 341 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | ||
| 342 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | ||
| 343 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | ||
| 344 | } | ||
| 345 | else | ||
| 346 | { | ||
| 347 | if (!BN_rand_range(A,rsa->n)) goto err; | ||
| 348 | } | ||
| 328 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | 349 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; |
| 329 | 350 | ||
| 330 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | 351 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) |
| 331 | goto err; | 352 | goto err; |
| 332 | rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); | 353 | if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err; |
| 333 | rsa->flags|=RSA_FLAG_BLINDING; | 354 | /* to make things thread-safe without excessive locking, |
| 355 | * rsa->blinding will be used just by the current thread: */ | ||
| 356 | rsa->blinding->thread_id = CRYPTO_thread_id(); | ||
| 357 | rsa->flags |= RSA_FLAG_BLINDING; | ||
| 358 | rsa->flags &= ~RSA_FLAG_NO_BLINDING; | ||
| 334 | BN_free(Ai); | 359 | BN_free(Ai); |
| 335 | ret=1; | 360 | ret=1; |
| 336 | err: | 361 | err: |
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c index c1edd6764f..8560755f1d 100644 --- a/src/lib/libcrypto/rsa/rsa_pk1.c +++ b/src/lib/libcrypto/rsa/rsa_pk1.c | |||
| @@ -68,7 +68,7 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, | |||
| 68 | int j; | 68 | int j; |
| 69 | unsigned char *p; | 69 | unsigned char *p; |
| 70 | 70 | ||
| 71 | if (flen > (tlen-11)) | 71 | if (flen > (tlen-RSA_PKCS1_PADDING_SIZE)) |
| 72 | { | 72 | { |
| 73 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | 73 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); |
| 74 | return(0); | 74 | return(0); |
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c index 85adacc08f..f462716a57 100644 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ b/src/lib/libcrypto/rsa/rsa_saos.c | |||
| @@ -77,7 +77,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, | |||
| 77 | 77 | ||
| 78 | i=i2d_ASN1_OCTET_STRING(&sig,NULL); | 78 | i=i2d_ASN1_OCTET_STRING(&sig,NULL); |
| 79 | j=RSA_size(rsa); | 79 | j=RSA_size(rsa); |
| 80 | if ((i-RSA_PKCS1_PADDING) > j) | 80 | if (i > (j-RSA_PKCS1_PADDING_SIZE)) |
| 81 | { | 81 | { |
| 82 | RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | 82 | RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); |
| 83 | return(0); | 83 | return(0); |
| @@ -96,7 +96,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, | |||
| 96 | else | 96 | else |
| 97 | *siglen=i; | 97 | *siglen=i; |
| 98 | 98 | ||
| 99 | memset(s,0,(unsigned int)j+1); | 99 | OPENSSL_cleanse(s,(unsigned int)j+1); |
| 100 | OPENSSL_free(s); | 100 | OPENSSL_free(s); |
| 101 | return(ret); | 101 | return(ret); |
| 102 | } | 102 | } |
| @@ -139,7 +139,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, | |||
| 139 | ret=1; | 139 | ret=1; |
| 140 | err: | 140 | err: |
| 141 | if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); | 141 | if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); |
| 142 | memset(s,0,(unsigned int)siglen); | 142 | OPENSSL_cleanse(s,(unsigned int)siglen); |
| 143 | OPENSSL_free(s); | 143 | OPENSSL_free(s); |
| 144 | return(ret); | 144 | return(ret); |
| 145 | } | 145 | } |
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index 2a440901de..8a1e642183 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c | |||
| @@ -62,7 +62,6 @@ | |||
| 62 | #include <openssl/rsa.h> | 62 | #include <openssl/rsa.h> |
| 63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/engine.h> | ||
| 66 | 65 | ||
| 67 | /* Size of an SSL signature: MD5+SHA1 */ | 66 | /* Size of an SSL signature: MD5+SHA1 */ |
| 68 | #define SSL_SIG_LENGTH 36 | 67 | #define SSL_SIG_LENGTH 36 |
| @@ -77,10 +76,11 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 77 | const unsigned char *s = NULL; | 76 | const unsigned char *s = NULL; |
| 78 | X509_ALGOR algor; | 77 | X509_ALGOR algor; |
| 79 | ASN1_OCTET_STRING digest; | 78 | ASN1_OCTET_STRING digest; |
| 80 | if((rsa->flags & RSA_FLAG_SIGN_VER) | 79 | if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) |
| 81 | && ENGINE_get_RSA(rsa->engine)->rsa_sign) | 80 | { |
| 82 | return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, | 81 | return rsa->meth->rsa_sign(type, m, m_len, |
| 83 | m, m_len, sigret, siglen, rsa); | 82 | sigret, siglen, rsa); |
| 83 | } | ||
| 84 | /* Special case: SSL signature, just check the length */ | 84 | /* Special case: SSL signature, just check the length */ |
| 85 | if(type == NID_md5_sha1) { | 85 | if(type == NID_md5_sha1) { |
| 86 | if(m_len != SSL_SIG_LENGTH) { | 86 | if(m_len != SSL_SIG_LENGTH) { |
| @@ -113,7 +113,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 113 | i=i2d_X509_SIG(&sig,NULL); | 113 | i=i2d_X509_SIG(&sig,NULL); |
| 114 | } | 114 | } |
| 115 | j=RSA_size(rsa); | 115 | j=RSA_size(rsa); |
| 116 | if ((i-RSA_PKCS1_PADDING) > j) | 116 | if (i > (j-RSA_PKCS1_PADDING_SIZE)) |
| 117 | { | 117 | { |
| 118 | RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | 118 | RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); |
| 119 | return(0); | 119 | return(0); |
| @@ -136,7 +136,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 136 | *siglen=i; | 136 | *siglen=i; |
| 137 | 137 | ||
| 138 | if(type != NID_md5_sha1) { | 138 | if(type != NID_md5_sha1) { |
| 139 | memset(tmps,0,(unsigned int)j+1); | 139 | OPENSSL_cleanse(tmps,(unsigned int)j+1); |
| 140 | OPENSSL_free(tmps); | 140 | OPENSSL_free(tmps); |
| 141 | } | 141 | } |
| 142 | return(ret); | 142 | return(ret); |
| @@ -155,10 +155,11 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 155 | return(0); | 155 | return(0); |
| 156 | } | 156 | } |
| 157 | 157 | ||
| 158 | if((rsa->flags & RSA_FLAG_SIGN_VER) | 158 | if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) |
| 159 | && ENGINE_get_RSA(rsa->engine)->rsa_verify) | 159 | { |
| 160 | return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, | 160 | return rsa->meth->rsa_verify(dtype, m, m_len, |
| 161 | m, m_len, sigbuf, siglen, rsa); | 161 | sigbuf, siglen, rsa); |
| 162 | } | ||
| 162 | 163 | ||
| 163 | s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); | 164 | s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); |
| 164 | if (s == NULL) | 165 | if (s == NULL) |
| @@ -221,7 +222,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 221 | } | 222 | } |
| 222 | err: | 223 | err: |
| 223 | if (sig != NULL) X509_SIG_free(sig); | 224 | if (sig != NULL) X509_SIG_free(sig); |
| 224 | memset(s,0,(unsigned int)siglen); | 225 | OPENSSL_cleanse(s,(unsigned int)siglen); |
| 225 | OPENSSL_free(s); | 226 | OPENSSL_free(s); |
| 226 | return(ret); | 227 | return(ret); |
| 227 | } | 228 | } |
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c index b8b462d33b..924e9ad1f6 100644 --- a/src/lib/libcrypto/rsa/rsa_test.c +++ b/src/lib/libcrypto/rsa/rsa_test.c | |||
| @@ -16,7 +16,6 @@ int main(int argc, char *argv[]) | |||
| 16 | } | 16 | } |
| 17 | #else | 17 | #else |
| 18 | #include <openssl/rsa.h> | 18 | #include <openssl/rsa.h> |
| 19 | #include <openssl/engine.h> | ||
| 20 | 19 | ||
| 21 | #define SetKey \ | 20 | #define SetKey \ |
| 22 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ | 21 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ |
diff --git a/src/lib/libcrypto/sha/Makefile.ssl b/src/lib/libcrypto/sha/Makefile.ssl index 0aa678d6f4..d52fb62b4f 100644 --- a/src/lib/libcrypto/sha/Makefile.ssl +++ b/src/lib/libcrypto/sha/Makefile.ssl | |||
| @@ -47,14 +47,8 @@ lib: $(LIBOBJ) | |||
| 47 | @touch lib | 47 | @touch lib |
| 48 | 48 | ||
| 49 | # elf | 49 | # elf |
| 50 | asm/sx86-elf.o: asm/sx86unix.cpp | 50 | asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl |
| 51 | $(CPP) -DELF -x c asm/sx86unix.cpp | as -o asm/sx86-elf.o | 51 | (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s) |
| 52 | |||
| 53 | # solaris | ||
| 54 | asm/sx86-sol.o: asm/sx86unix.cpp | ||
| 55 | $(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s | ||
| 56 | as -o asm/sx86-sol.o asm/sx86-sol.s | ||
| 57 | rm -f asm/sx86-sol.s | ||
| 58 | 52 | ||
| 59 | # a.out | 53 | # a.out |
| 60 | asm/sx86-out.o: asm/sx86unix.cpp | 54 | asm/sx86-out.o: asm/sx86unix.cpp |
| @@ -92,24 +86,30 @@ lint: | |||
| 92 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 86 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 93 | 87 | ||
| 94 | depend: | 88 | depend: |
| 95 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 89 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 96 | 90 | ||
| 97 | dclean: | 91 | dclean: |
| 98 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 92 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 99 | mv -f Makefile.new $(MAKEFILE) | 93 | mv -f Makefile.new $(MAKEFILE) |
| 100 | 94 | ||
| 101 | clean: | 95 | clean: |
| 102 | rm -f asm/sx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o | 96 | rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o |
| 103 | 97 | ||
| 104 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 98 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 105 | 99 | ||
| 106 | sha1_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 100 | sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 107 | sha1_one.o: ../../include/openssl/sha.h sha1_one.c | 101 | sha1_one.o: ../../include/openssl/opensslconf.h |
| 102 | sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 103 | sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 104 | sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c | ||
| 108 | sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 105 | sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 109 | sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h | 106 | sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h |
| 110 | sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h | 107 | sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h |
| 111 | sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 108 | sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 112 | sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h | 109 | sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h |
| 113 | sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h | 110 | sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h |
| 114 | sha_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 111 | sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 115 | sha_one.o: ../../include/openssl/sha.h sha_one.c | 112 | sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 113 | sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 114 | sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 115 | sha_one.o: sha_one.c | ||
diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c index e6a24888ed..20e660c71d 100644 --- a/src/lib/libcrypto/sha/sha1_one.c +++ b/src/lib/libcrypto/sha/sha1_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/sha.h> | 61 | #include <openssl/sha.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifndef OPENSSL_NO_SHA1 | 64 | #ifndef OPENSSL_NO_SHA1 |
| 64 | unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) | 65 | unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) |
| @@ -70,7 +71,7 @@ unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 70 | SHA1_Init(&c); | 71 | SHA1_Init(&c); |
| 71 | SHA1_Update(&c,d,n); | 72 | SHA1_Update(&c,d,n); |
| 72 | SHA1_Final(md,&c); | 73 | SHA1_Final(md,&c); |
| 73 | memset(&c,0,sizeof(c)); | 74 | OPENSSL_cleanse(&c,sizeof(c)); |
| 74 | return(md); | 75 | return(md); |
| 75 | } | 76 | } |
| 76 | #endif | 77 | #endif |
diff --git a/src/lib/libcrypto/sha/sha1test.c b/src/lib/libcrypto/sha/sha1test.c index 499a1cf5af..4f2e4ada2d 100644 --- a/src/lib/libcrypto/sha/sha1test.c +++ b/src/lib/libcrypto/sha/sha1test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_SHA | 65 | #ifdef OPENSSL_NO_SHA |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -155,7 +157,7 @@ int main(int argc, char *argv[]) | |||
| 155 | } | 157 | } |
| 156 | else | 158 | else |
| 157 | printf("test 3 ok\n"); | 159 | printf("test 3 ok\n"); |
| 158 | exit(err); | 160 | EXIT(err); |
| 159 | EVP_MD_CTX_cleanup(&c); | 161 | EVP_MD_CTX_cleanup(&c); |
| 160 | return(0); | 162 | return(0); |
| 161 | } | 163 | } |
diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h index 471dfb9f8f..2dd63a62a6 100644 --- a/src/lib/libcrypto/sha/sha_locl.h +++ b/src/lib/libcrypto/sha/sha_locl.h | |||
| @@ -224,10 +224,10 @@ int HASH_INIT (SHA_CTX *c) | |||
| 224 | void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | 224 | void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) |
| 225 | { | 225 | { |
| 226 | const SHA_LONG *W=d; | 226 | const SHA_LONG *W=d; |
| 227 | register unsigned long A,B,C,D,E,T; | 227 | register unsigned MD32_REG_T A,B,C,D,E,T; |
| 228 | #ifndef MD32_XARRAY | 228 | #ifndef MD32_XARRAY |
| 229 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 229 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 230 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 230 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 231 | #else | 231 | #else |
| 232 | SHA_LONG XX[16]; | 232 | SHA_LONG XX[16]; |
| 233 | #endif | 233 | #endif |
| @@ -349,10 +349,10 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | |||
| 349 | void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) | 349 | void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) |
| 350 | { | 350 | { |
| 351 | const unsigned char *data=p; | 351 | const unsigned char *data=p; |
| 352 | register unsigned long A,B,C,D,E,T,l; | 352 | register unsigned MD32_REG_T A,B,C,D,E,T,l; |
| 353 | #ifndef MD32_XARRAY | 353 | #ifndef MD32_XARRAY |
| 354 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 354 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 355 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 355 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 356 | #else | 356 | #else |
| 357 | SHA_LONG XX[16]; | 357 | SHA_LONG XX[16]; |
| 358 | #endif | 358 | #endif |
diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c index 5426faae4a..e61c63f3e9 100644 --- a/src/lib/libcrypto/sha/sha_one.c +++ b/src/lib/libcrypto/sha/sha_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/sha.h> | 61 | #include <openssl/sha.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifndef OPENSSL_NO_SHA0 | 64 | #ifndef OPENSSL_NO_SHA0 |
| 64 | unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) | 65 | unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) |
| @@ -70,7 +71,7 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 70 | SHA_Init(&c); | 71 | SHA_Init(&c); |
| 71 | SHA_Update(&c,d,n); | 72 | SHA_Update(&c,d,n); |
| 72 | SHA_Final(md,&c); | 73 | SHA_Final(md,&c); |
| 73 | memset(&c,0,sizeof(c)); | 74 | OPENSSL_cleanse(&c,sizeof(c)); |
| 74 | return(md); | 75 | return(md); |
| 75 | } | 76 | } |
| 76 | #endif | 77 | #endif |
diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c index 331294a74f..5d2b1d3b1a 100644 --- a/src/lib/libcrypto/sha/shatest.c +++ b/src/lib/libcrypto/sha/shatest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_SHA | 65 | #ifdef OPENSSL_NO_SHA |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -156,7 +158,7 @@ int main(int argc, char *argv[]) | |||
| 156 | else | 158 | else |
| 157 | printf("test 3 ok\n"); | 159 | printf("test 3 ok\n"); |
| 158 | EVP_MD_CTX_cleanup(&c); | 160 | EVP_MD_CTX_cleanup(&c); |
| 159 | exit(err); | 161 | EXIT(err); |
| 160 | return(0); | 162 | return(0); |
| 161 | } | 163 | } |
| 162 | 164 | ||
diff --git a/src/lib/libcrypto/stack/Makefile.ssl b/src/lib/libcrypto/stack/Makefile.ssl index 8574739c76..7120fb804a 100644 --- a/src/lib/libcrypto/stack/Makefile.ssl +++ b/src/lib/libcrypto/stack/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c index c474a63c74..8973921778 100644 --- a/src/lib/libcrypto/threads/mttest.c +++ b/src/lib/libcrypto/threads/mttest.c | |||
| @@ -86,11 +86,6 @@ | |||
| 86 | #include <openssl/err.h> | 86 | #include <openssl/err.h> |
| 87 | #include <openssl/rand.h> | 87 | #include <openssl/rand.h> |
| 88 | 88 | ||
| 89 | #ifdef OPENSSL_NO_FP_API | ||
| 90 | #define APPS_WIN16 | ||
| 91 | #include "../buffer/bss_file.c" | ||
| 92 | #endif | ||
| 93 | |||
| 94 | #define TEST_SERVER_CERT "../../apps/server.pem" | 89 | #define TEST_SERVER_CERT "../../apps/server.pem" |
| 95 | #define TEST_CLIENT_CERT "../../apps/client.pem" | 90 | #define TEST_CLIENT_CERT "../../apps/client.pem" |
| 96 | 91 | ||
diff --git a/src/lib/libcrypto/tmdiff.c b/src/lib/libcrypto/tmdiff.c index 7ebf2b202a..307523ebba 100644 --- a/src/lib/libcrypto/tmdiff.c +++ b/src/lib/libcrypto/tmdiff.c | |||
| @@ -59,13 +59,16 @@ | |||
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/tmdiff.h> | 61 | #include <openssl/tmdiff.h> |
| 62 | #if !defined(OPENSSL_SYS_MSDOS) | ||
| 63 | #include OPENSSL_UNISTD | ||
| 64 | #endif | ||
| 62 | 65 | ||
| 63 | #ifdef TIMEB | 66 | #ifdef TIMEB |
| 64 | #undef OPENSSL_SYS_WIN32 | 67 | #undef OPENSSL_SYS_WIN32 |
| 65 | #undef TIMES | 68 | #undef TIMES |
| 66 | #endif | 69 | #endif |
| 67 | 70 | ||
| 68 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) || defined(__DECC) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_VXWORKS) | 71 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !(defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX_RHAPSODY) && !defined(OPENSSL_SYS_VXWORKS) |
| 69 | # define TIMES | 72 | # define TIMES |
| 70 | #endif | 73 | #endif |
| 71 | 74 | ||
| @@ -101,14 +104,19 @@ | |||
| 101 | 104 | ||
| 102 | /* The following if from times(3) man page. It may need to be changed */ | 105 | /* The following if from times(3) man page. It may need to be changed */ |
| 103 | #ifndef HZ | 106 | #ifndef HZ |
| 104 | # ifndef CLK_TCK | 107 | # if defined(_SC_CLK_TCK) \ |
| 105 | # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ | 108 | && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) |
| 106 | # define HZ 100.0 | 109 | # define HZ ((double)sysconf(_SC_CLK_TCK)) |
| 107 | # else /* _BSD_CLK_TCK_ */ | 110 | # else |
| 108 | # define HZ ((double)_BSD_CLK_TCK_) | 111 | # ifndef CLK_TCK |
| 112 | # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ | ||
| 113 | # define HZ 100.0 | ||
| 114 | # else /* _BSD_CLK_TCK_ */ | ||
| 115 | # define HZ ((double)_BSD_CLK_TCK_) | ||
| 116 | # endif | ||
| 117 | # else /* CLK_TCK */ | ||
| 118 | # define HZ ((double)CLK_TCK) | ||
| 109 | # endif | 119 | # endif |
| 110 | # else /* CLK_TCK */ | ||
| 111 | # define HZ ((double)CLK_TCK) | ||
| 112 | # endif | 120 | # endif |
| 113 | #endif | 121 | #endif |
| 114 | 122 | ||
| @@ -121,7 +129,7 @@ typedef struct ms_tm | |||
| 121 | HANDLE thread_id; | 129 | HANDLE thread_id; |
| 122 | FILETIME ms_win32; | 130 | FILETIME ms_win32; |
| 123 | # else | 131 | # else |
| 124 | # ifdef OPENSSL_SYS_VSWORKS | 132 | # ifdef OPENSSL_SYS_VXWORKS |
| 125 | unsigned long ticks; | 133 | unsigned long ticks; |
| 126 | # else | 134 | # else |
| 127 | struct timeb ms_timeb; | 135 | struct timeb ms_timeb; |
| @@ -163,7 +171,7 @@ void ms_time_get(char *a) | |||
| 163 | # ifdef OPENSSL_SYS_WIN32 | 171 | # ifdef OPENSSL_SYS_WIN32 |
| 164 | GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); | 172 | GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); |
| 165 | # else | 173 | # else |
| 166 | # ifdef OPENSSL_SYS_VSWORKS | 174 | # ifdef OPENSSL_SYS_VXWORKS |
| 167 | tm->ticks = tickGet(); | 175 | tm->ticks = tickGet(); |
| 168 | # else | 176 | # else |
| 169 | ftime(&tm->ms_timeb); | 177 | ftime(&tm->ms_timeb); |
| @@ -197,7 +205,7 @@ double ms_time_diff(char *ap, char *bp) | |||
| 197 | ret=((double)(lb-la))/1e7; | 205 | ret=((double)(lb-la))/1e7; |
| 198 | } | 206 | } |
| 199 | # else | 207 | # else |
| 200 | # ifdef OPENSSL_SYS_VSWORKS | 208 | # ifdef OPENSSL_SYS_VXWORKS |
| 201 | ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); | 209 | ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); |
| 202 | # else | 210 | # else |
| 203 | ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ | 211 | ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ |
| @@ -222,7 +230,7 @@ int ms_time_cmp(char *ap, char *bp) | |||
| 222 | d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; | 230 | d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; |
| 223 | d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; | 231 | d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; |
| 224 | # else | 232 | # else |
| 225 | # ifdef OPENSSL_SYS_VSWORKS | 233 | # ifdef OPENSSL_SYS_VXWORKS |
| 226 | d = (b->ticks - a->ticks); | 234 | d = (b->ticks - a->ticks); |
| 227 | # else | 235 | # else |
| 228 | d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ | 236 | d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ |
diff --git a/src/lib/libcrypto/txt_db/Makefile.ssl b/src/lib/libcrypto/txt_db/Makefile.ssl index 61ff361348..6221dfae4d 100644 --- a/src/lib/libcrypto/txt_db/Makefile.ssl +++ b/src/lib/libcrypto/txt_db/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c index 9b186f2da5..58b300b00b 100644 --- a/src/lib/libcrypto/txt_db/txt_db.c +++ b/src/lib/libcrypto/txt_db/txt_db.c | |||
| @@ -108,7 +108,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) | |||
| 108 | if (offset != 0) | 108 | if (offset != 0) |
| 109 | { | 109 | { |
| 110 | size+=BUFSIZE; | 110 | size+=BUFSIZE; |
| 111 | if (!BUF_MEM_grow(buf,size)) goto err; | 111 | if (!BUF_MEM_grow_clean(buf,size)) goto err; |
| 112 | } | 112 | } |
| 113 | buf->data[offset]='\0'; | 113 | buf->data[offset]='\0'; |
| 114 | BIO_gets(in,&(buf->data[offset]),size-offset); | 114 | BIO_gets(in,&(buf->data[offset]),size-offset); |
| @@ -268,7 +268,7 @@ long TXT_DB_write(BIO *out, TXT_DB *db) | |||
| 268 | if (pp[j] != NULL) | 268 | if (pp[j] != NULL) |
| 269 | l+=strlen(pp[j]); | 269 | l+=strlen(pp[j]); |
| 270 | } | 270 | } |
| 271 | if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err; | 271 | if (!BUF_MEM_grow_clean(buf,(int)(l*2+nn))) goto err; |
| 272 | 272 | ||
| 273 | p=buf->data; | 273 | p=buf->data; |
| 274 | for (j=0; j<nn; j++) | 274 | for (j=0; j<nn; j++) |
diff --git a/src/lib/libcrypto/ui/Makefile.ssl b/src/lib/libcrypto/ui/Makefile.ssl index 57b2e38335..ba46951d1c 100644 --- a/src/lib/libcrypto/ui/Makefile.ssl +++ b/src/lib/libcrypto/ui/Makefile.ssl | |||
| @@ -44,7 +44,7 @@ all: lib | |||
| 44 | 44 | ||
| 45 | lib: $(LIBOBJ) | 45 | lib: $(LIBOBJ) |
| 46 | $(AR) $(LIB) $(LIBOBJ) | 46 | $(AR) $(LIB) $(LIBOBJ) |
| 47 | $(RANLIB) $(LIB) | 47 | $(RANLIB) $(LIB) || echo Never mind. |
| 48 | @touch lib | 48 | @touch lib |
| 49 | 49 | ||
| 50 | files: | 50 | files: |
| @@ -72,7 +72,7 @@ lint: | |||
| 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 73 | 73 | ||
| 74 | depend: | 74 | depend: |
| 75 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 75 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 76 | 76 | ||
| 77 | dclean: | 77 | dclean: |
| 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -95,13 +95,13 @@ ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | |||
| 95 | ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | 95 | ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h |
| 96 | ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 96 | ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 97 | ui_err.o: ../../include/openssl/ui.h ui_err.c | 97 | ui_err.o: ../../include/openssl/ui.h ui_err.c |
| 98 | ui_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 98 | ui_lib.o: ../../e_os.h ../../include/openssl/bio.h |
| 99 | ui_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 99 | ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 100 | ui_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 100 | ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 101 | ui_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 101 | ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 102 | ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 102 | ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h |
| 103 | ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_lib.c | 103 | ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 104 | ui_lib.o: ui_locl.h | 104 | ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h |
| 105 | ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h | 105 | ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h |
| 106 | ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 106 | ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 107 | ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 107 | ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
diff --git a/src/lib/libcrypto/ui/ui_lib.c b/src/lib/libcrypto/ui/ui_lib.c index cce9075ac1..33c86d76ef 100644 --- a/src/lib/libcrypto/ui/ui_lib.c +++ b/src/lib/libcrypto/ui/ui_lib.c | |||
| @@ -62,6 +62,7 @@ | |||
| 62 | #include <openssl/ui.h> | 62 | #include <openssl/ui.h> |
| 63 | #include <openssl/err.h> | 63 | #include <openssl/err.h> |
| 64 | #include "ui_locl.h" | 64 | #include "ui_locl.h" |
| 65 | #include "cryptlib.h" | ||
| 65 | 66 | ||
| 66 | IMPLEMENT_STACK_OF(UI_STRING_ST) | 67 | IMPLEMENT_STACK_OF(UI_STRING_ST) |
| 67 | 68 | ||
| @@ -144,7 +145,8 @@ static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt, | |||
| 144 | { | 145 | { |
| 145 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER); | 146 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER); |
| 146 | } | 147 | } |
| 147 | else if (result_buf == NULL) | 148 | else if ((type == UIT_PROMPT || type == UIT_VERIFY |
| 149 | || type == UIT_BOOLEAN) && result_buf == NULL) | ||
| 148 | { | 150 | { |
| 149 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER); | 151 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER); |
| 150 | } | 152 | } |
| @@ -235,7 +237,7 @@ static int general_allocate_boolean(UI *ui, | |||
| 235 | return ret; | 237 | return ret; |
| 236 | } | 238 | } |
| 237 | 239 | ||
| 238 | /* Returns the index to the place in the stack or 0 for error. Uses a | 240 | /* Returns the index to the place in the stack or -1 for error. Uses a |
| 239 | direct reference to the prompt. */ | 241 | direct reference to the prompt. */ |
| 240 | int UI_add_input_string(UI *ui, const char *prompt, int flags, | 242 | int UI_add_input_string(UI *ui, const char *prompt, int flags, |
| 241 | char *result_buf, int minsize, int maxsize) | 243 | char *result_buf, int minsize, int maxsize) |
| @@ -831,8 +833,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result) | |||
| 831 | case UIT_PROMPT: | 833 | case UIT_PROMPT: |
| 832 | case UIT_VERIFY: | 834 | case UIT_VERIFY: |
| 833 | { | 835 | { |
| 834 | char number1[20]; | 836 | char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize)+1]; |
| 835 | char number2[20]; | 837 | char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize)+1]; |
| 836 | 838 | ||
| 837 | BIO_snprintf(number1, sizeof(number1), "%d", | 839 | BIO_snprintf(number1, sizeof(number1), "%d", |
| 838 | uis->_.string_data.result_minsize); | 840 | uis->_.string_data.result_minsize); |
diff --git a/src/lib/libcrypto/ui/ui_openssl.c b/src/lib/libcrypto/ui/ui_openssl.c index f47ed31cb0..75318d48a1 100644 --- a/src/lib/libcrypto/ui/ui_openssl.c +++ b/src/lib/libcrypto/ui/ui_openssl.c | |||
| @@ -159,8 +159,10 @@ | |||
| 159 | 159 | ||
| 160 | #ifdef WIN_CONSOLE_BUG | 160 | #ifdef WIN_CONSOLE_BUG |
| 161 | # include <windows.h> | 161 | # include <windows.h> |
| 162 | #ifndef OPENSSL_SYS_WINCE | ||
| 162 | # include <wincon.h> | 163 | # include <wincon.h> |
| 163 | #endif | 164 | #endif |
| 165 | #endif | ||
| 164 | 166 | ||
| 165 | 167 | ||
| 166 | /* There are 5 types of terminal interface supported, | 168 | /* There are 5 types of terminal interface supported, |
| @@ -191,7 +193,7 @@ | |||
| 191 | # define SGTTY | 193 | # define SGTTY |
| 192 | #endif | 194 | #endif |
| 193 | 195 | ||
| 194 | #if defined(OPENSSL_SYS_VSWORKS) | 196 | #if defined(OPENSSL_SYS_VXWORKS) |
| 195 | #undef TERMIOS | 197 | #undef TERMIOS |
| 196 | #undef TERMIO | 198 | #undef TERMIO |
| 197 | #undef SGTTY | 199 | #undef SGTTY |
| @@ -221,7 +223,7 @@ | |||
| 221 | # define TTY_set(tty,data) ioctl(tty,TIOCSETP,data) | 223 | # define TTY_set(tty,data) ioctl(tty,TIOCSETP,data) |
| 222 | #endif | 224 | #endif |
| 223 | 225 | ||
| 224 | #if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) | 226 | #if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS) |
| 225 | # include <sys/ioctl.h> | 227 | # include <sys/ioctl.h> |
| 226 | #endif | 228 | #endif |
| 227 | 229 | ||
| @@ -241,6 +243,10 @@ struct IOSB { | |||
| 241 | }; | 243 | }; |
| 242 | #endif | 244 | #endif |
| 243 | 245 | ||
| 246 | #ifdef OPENSSL_SYS_SUNOS | ||
| 247 | typedef int sig_atomic_t; | ||
| 248 | #endif | ||
| 249 | |||
| 244 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) | 250 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) |
| 245 | /* | 251 | /* |
| 246 | * This one needs work. As a matter of fact the code is unoperational | 252 | * This one needs work. As a matter of fact the code is unoperational |
| @@ -277,10 +283,12 @@ static FILE *tty_in, *tty_out; | |||
| 277 | static int is_a_tty; | 283 | static int is_a_tty; |
| 278 | 284 | ||
| 279 | /* Declare static functions */ | 285 | /* Declare static functions */ |
| 286 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 280 | static void read_till_nl(FILE *); | 287 | static void read_till_nl(FILE *); |
| 281 | static void recsig(int); | 288 | static void recsig(int); |
| 282 | static void pushsig(void); | 289 | static void pushsig(void); |
| 283 | static void popsig(void); | 290 | static void popsig(void); |
| 291 | #endif | ||
| 284 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) | 292 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) |
| 285 | static int noecho_fgets(char *buf, int size, FILE *tty); | 293 | static int noecho_fgets(char *buf, int size, FILE *tty); |
| 286 | #endif | 294 | #endif |
| @@ -367,6 +375,7 @@ static int read_string(UI *ui, UI_STRING *uis) | |||
| 367 | } | 375 | } |
| 368 | 376 | ||
| 369 | 377 | ||
| 378 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 370 | /* Internal functions to read a string without echoing */ | 379 | /* Internal functions to read a string without echoing */ |
| 371 | static void read_till_nl(FILE *in) | 380 | static void read_till_nl(FILE *in) |
| 372 | { | 381 | { |
| @@ -379,6 +388,7 @@ static void read_till_nl(FILE *in) | |||
| 379 | } | 388 | } |
| 380 | 389 | ||
| 381 | static volatile sig_atomic_t intr_signal; | 390 | static volatile sig_atomic_t intr_signal; |
| 391 | #endif | ||
| 382 | 392 | ||
| 383 | static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) | 393 | static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) |
| 384 | { | 394 | { |
| @@ -386,9 +396,9 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) | |||
| 386 | int ok; | 396 | int ok; |
| 387 | char result[BUFSIZ]; | 397 | char result[BUFSIZ]; |
| 388 | int maxsize = BUFSIZ-1; | 398 | int maxsize = BUFSIZ-1; |
| 399 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 389 | char *p; | 400 | char *p; |
| 390 | 401 | ||
| 391 | #ifndef OPENSSL_SYS_WIN16 | ||
| 392 | intr_signal=0; | 402 | intr_signal=0; |
| 393 | ok=0; | 403 | ok=0; |
| 394 | ps=0; | 404 | ps=0; |
| @@ -439,7 +449,7 @@ error: | |||
| 439 | ok=1; | 449 | ok=1; |
| 440 | #endif | 450 | #endif |
| 441 | 451 | ||
| 442 | memset(result,0,BUFSIZ); | 452 | OPENSSL_cleanse(result,BUFSIZ); |
| 443 | return ok; | 453 | return ok; |
| 444 | } | 454 | } |
| 445 | 455 | ||
| @@ -450,7 +460,7 @@ static int open_console(UI *ui) | |||
| 450 | CRYPTO_w_lock(CRYPTO_LOCK_UI); | 460 | CRYPTO_w_lock(CRYPTO_LOCK_UI); |
| 451 | is_a_tty = 1; | 461 | is_a_tty = 1; |
| 452 | 462 | ||
| 453 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VSWORKS) | 463 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) |
| 454 | tty_in=stdin; | 464 | tty_in=stdin; |
| 455 | tty_out=stderr; | 465 | tty_out=stderr; |
| 456 | #else | 466 | #else |
| @@ -540,7 +550,7 @@ static int echo_console(UI *ui) | |||
| 540 | 550 | ||
| 541 | static int close_console(UI *ui) | 551 | static int close_console(UI *ui) |
| 542 | { | 552 | { |
| 543 | if (tty_in != stderr) fclose(tty_in); | 553 | if (tty_in != stdin) fclose(tty_in); |
| 544 | if (tty_out != stderr) fclose(tty_out); | 554 | if (tty_out != stderr) fclose(tty_out); |
| 545 | #ifdef OPENSSL_SYS_VMS | 555 | #ifdef OPENSSL_SYS_VMS |
| 546 | status = sys$dassgn(channel); | 556 | status = sys$dassgn(channel); |
| @@ -551,6 +561,7 @@ static int close_console(UI *ui) | |||
| 551 | } | 561 | } |
| 552 | 562 | ||
| 553 | 563 | ||
| 564 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 554 | /* Internal functions to handle signals and act on them */ | 565 | /* Internal functions to handle signals and act on them */ |
| 555 | static void pushsig(void) | 566 | static void pushsig(void) |
| 556 | { | 567 | { |
| @@ -614,9 +625,10 @@ static void recsig(int i) | |||
| 614 | { | 625 | { |
| 615 | intr_signal=i; | 626 | intr_signal=i; |
| 616 | } | 627 | } |
| 628 | #endif | ||
| 617 | 629 | ||
| 618 | /* Internal functions specific for Windows */ | 630 | /* Internal functions specific for Windows */ |
| 619 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) | 631 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) |
| 620 | static int noecho_fgets(char *buf, int size, FILE *tty) | 632 | static int noecho_fgets(char *buf, int size, FILE *tty) |
| 621 | { | 633 | { |
| 622 | int i; | 634 | int i; |
diff --git a/src/lib/libcrypto/ui/ui_util.c b/src/lib/libcrypto/ui/ui_util.c index f05573df33..46bc8c1a9a 100644 --- a/src/lib/libcrypto/ui/ui_util.c +++ b/src/lib/libcrypto/ui/ui_util.c | |||
| @@ -62,7 +62,7 @@ int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify) | |||
| 62 | int ret; | 62 | int ret; |
| 63 | 63 | ||
| 64 | ret=UI_UTIL_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); | 64 | ret=UI_UTIL_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); |
| 65 | memset(buff,0,BUFSIZ); | 65 | OPENSSL_cleanse(buff,BUFSIZ); |
| 66 | return(ret); | 66 | return(ret); |
| 67 | } | 67 | } |
| 68 | 68 | ||
| @@ -78,12 +78,14 @@ int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify) | |||
| 78 | if (ui) | 78 | if (ui) |
| 79 | { | 79 | { |
| 80 | ok = UI_add_input_string(ui,prompt,0,buf,0,size-1); | 80 | ok = UI_add_input_string(ui,prompt,0,buf,0,size-1); |
| 81 | if (ok == 0 && verify) | 81 | if (ok >= 0 && verify) |
| 82 | ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1, | 82 | ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1, |
| 83 | buf); | 83 | buf); |
| 84 | if (ok == 0) | 84 | if (ok >= 0) |
| 85 | ok=UI_process(ui); | 85 | ok=UI_process(ui); |
| 86 | UI_free(ui); | 86 | UI_free(ui); |
| 87 | } | 87 | } |
| 88 | if (ok > 0) | ||
| 89 | ok = 0; | ||
| 88 | return(ok); | 90 | return(ok); |
| 89 | } | 91 | } |
diff --git a/src/lib/libcrypto/uid.c b/src/lib/libcrypto/uid.c index d3d249c36f..73205a4baa 100644 --- a/src/lib/libcrypto/uid.c +++ b/src/lib/libcrypto/uid.c | |||
| @@ -65,7 +65,7 @@ int OPENSSL_issetugid(void) | |||
| 65 | return issetugid(); | 65 | return issetugid(); |
| 66 | } | 66 | } |
| 67 | 67 | ||
| 68 | #elif defined(OPENSSL_SYS_WIN32) | 68 | #elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) |
| 69 | 69 | ||
| 70 | int OPENSSL_issetugid(void) | 70 | int OPENSSL_issetugid(void) |
| 71 | { | 71 | { |
diff --git a/src/lib/libcrypto/util/cygwin.sh b/src/lib/libcrypto/util/cygwin.sh index b607399b02..930f766b4f 100644 --- a/src/lib/libcrypto/util/cygwin.sh +++ b/src/lib/libcrypto/util/cygwin.sh | |||
| @@ -96,6 +96,8 @@ fi | |||
| 96 | 96 | ||
| 97 | get_openssl_version | 97 | get_openssl_version |
| 98 | 98 | ||
| 99 | make depend || exit 1 | ||
| 100 | |||
| 99 | make || exit 1 | 101 | make || exit 1 |
| 100 | 102 | ||
| 101 | base_install | 103 | base_install |
diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd index 8cbe383c16..49310bbdd1 100644 --- a/src/lib/libcrypto/util/domd +++ b/src/lib/libcrypto/util/domd | |||
| @@ -15,9 +15,14 @@ cp Makefile.ssl Makefile.save | |||
| 15 | # fake the presence of Kerberos | 15 | # fake the presence of Kerberos |
| 16 | touch $TOP/krb5.h | 16 | touch $TOP/krb5.h |
| 17 | if [ "$MAKEDEPEND" = "gcc" ]; then | 17 | if [ "$MAKEDEPEND" = "gcc" ]; then |
| 18 | args="" | ||
| 19 | while [ $# -gt 0 ]; do | ||
| 20 | if [ "$1" != "--" ]; then args="$args $1"; fi | ||
| 21 | shift | ||
| 22 | done | ||
| 18 | sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp | 23 | sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp |
| 19 | echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp | 24 | echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp |
| 20 | gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp | 25 | gcc -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp |
| 21 | ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new | 26 | ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new |
| 22 | rm -f Makefile.tmp | 27 | rm -f Makefile.tmp |
| 23 | else | 28 | else |
diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num index 7e5728495f..f5c8c0be8a 100644 --- a/src/lib/libcrypto/util/libeay.num +++ b/src/lib/libcrypto/util/libeay.num | |||
| @@ -980,7 +980,7 @@ BN_mul_word 999 EXIST::FUNCTION: | |||
| 980 | BN_sub_word 1000 EXIST::FUNCTION: | 980 | BN_sub_word 1000 EXIST::FUNCTION: |
| 981 | BN_dec2bn 1001 EXIST::FUNCTION: | 981 | BN_dec2bn 1001 EXIST::FUNCTION: |
| 982 | BN_bn2dec 1002 EXIST::FUNCTION: | 982 | BN_bn2dec 1002 EXIST::FUNCTION: |
| 983 | BIO_ghbn_ctrl 1003 EXIST::FUNCTION: | 983 | BIO_ghbn_ctrl 1003 NOEXIST::FUNCTION: |
| 984 | CRYPTO_free_ex_data 1004 EXIST::FUNCTION: | 984 | CRYPTO_free_ex_data 1004 EXIST::FUNCTION: |
| 985 | CRYPTO_get_ex_data 1005 EXIST::FUNCTION: | 985 | CRYPTO_get_ex_data 1005 EXIST::FUNCTION: |
| 986 | CRYPTO_set_ex_data 1007 EXIST::FUNCTION: | 986 | CRYPTO_set_ex_data 1007 EXIST::FUNCTION: |
| @@ -1881,72 +1881,72 @@ BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION: | |||
| 1881 | BN_bntest_rand 2464 EXIST::FUNCTION: | 1881 | BN_bntest_rand 2464 EXIST::FUNCTION: |
| 1882 | OPENSSL_issetugid 2465 EXIST::FUNCTION: | 1882 | OPENSSL_issetugid 2465 EXIST::FUNCTION: |
| 1883 | BN_rand_range 2466 EXIST::FUNCTION: | 1883 | BN_rand_range 2466 EXIST::FUNCTION: |
| 1884 | ERR_load_ENGINE_strings 2467 EXIST::FUNCTION: | 1884 | ERR_load_ENGINE_strings 2467 EXIST::FUNCTION:ENGINE |
| 1885 | ENGINE_set_DSA 2468 EXIST::FUNCTION: | 1885 | ENGINE_set_DSA 2468 EXIST::FUNCTION:ENGINE |
| 1886 | ENGINE_get_finish_function 2469 EXIST::FUNCTION: | 1886 | ENGINE_get_finish_function 2469 EXIST::FUNCTION:ENGINE |
| 1887 | ENGINE_get_default_RSA 2470 EXIST::FUNCTION: | 1887 | ENGINE_get_default_RSA 2470 EXIST::FUNCTION:ENGINE |
| 1888 | ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION: | 1888 | ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION: |
| 1889 | DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION: | 1889 | DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION: |
| 1890 | ENGINE_set_DH 2473 EXIST::FUNCTION: | 1890 | ENGINE_set_DH 2473 EXIST::FUNCTION:ENGINE |
| 1891 | ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: | 1891 | ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: |
| 1892 | ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: | 1892 | ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: |
| 1893 | ENGINE_init 2475 EXIST::FUNCTION: | 1893 | ENGINE_init 2475 EXIST::FUNCTION:ENGINE |
| 1894 | DH_get_default_openssl_method 2476 NOEXIST::FUNCTION: | 1894 | DH_get_default_openssl_method 2476 NOEXIST::FUNCTION: |
| 1895 | RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION: | 1895 | RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION: |
| 1896 | ENGINE_finish 2478 EXIST::FUNCTION: | 1896 | ENGINE_finish 2478 EXIST::FUNCTION:ENGINE |
| 1897 | ENGINE_load_public_key 2479 EXIST::FUNCTION: | 1897 | ENGINE_load_public_key 2479 EXIST::FUNCTION:ENGINE |
| 1898 | ENGINE_get_DH 2480 EXIST::FUNCTION: | 1898 | ENGINE_get_DH 2480 EXIST::FUNCTION:ENGINE |
| 1899 | ENGINE_ctrl 2481 EXIST::FUNCTION: | 1899 | ENGINE_ctrl 2481 EXIST::FUNCTION:ENGINE |
| 1900 | ENGINE_get_init_function 2482 EXIST::FUNCTION: | 1900 | ENGINE_get_init_function 2482 EXIST::FUNCTION:ENGINE |
| 1901 | ENGINE_set_init_function 2483 EXIST::FUNCTION: | 1901 | ENGINE_set_init_function 2483 EXIST::FUNCTION:ENGINE |
| 1902 | ENGINE_set_default_DSA 2484 EXIST::FUNCTION: | 1902 | ENGINE_set_default_DSA 2484 EXIST::FUNCTION:ENGINE |
| 1903 | ENGINE_get_name 2485 EXIST::FUNCTION: | 1903 | ENGINE_get_name 2485 EXIST::FUNCTION:ENGINE |
| 1904 | ENGINE_get_last 2486 EXIST::FUNCTION: | 1904 | ENGINE_get_last 2486 EXIST::FUNCTION:ENGINE |
| 1905 | ENGINE_get_prev 2487 EXIST::FUNCTION: | 1905 | ENGINE_get_prev 2487 EXIST::FUNCTION:ENGINE |
| 1906 | ENGINE_get_default_DH 2488 EXIST::FUNCTION: | 1906 | ENGINE_get_default_DH 2488 EXIST::FUNCTION:ENGINE |
| 1907 | ENGINE_get_RSA 2489 EXIST::FUNCTION: | 1907 | ENGINE_get_RSA 2489 EXIST::FUNCTION:ENGINE |
| 1908 | ENGINE_set_default 2490 EXIST::FUNCTION: | 1908 | ENGINE_set_default 2490 EXIST::FUNCTION:ENGINE |
| 1909 | ENGINE_get_RAND 2491 EXIST::FUNCTION: | 1909 | ENGINE_get_RAND 2491 EXIST::FUNCTION:ENGINE |
| 1910 | ENGINE_get_first 2492 EXIST::FUNCTION: | 1910 | ENGINE_get_first 2492 EXIST::FUNCTION:ENGINE |
| 1911 | ENGINE_by_id 2493 EXIST::FUNCTION: | 1911 | ENGINE_by_id 2493 EXIST::FUNCTION:ENGINE |
| 1912 | ENGINE_set_finish_function 2494 EXIST::FUNCTION: | 1912 | ENGINE_set_finish_function 2494 EXIST::FUNCTION:ENGINE |
| 1913 | ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: | 1913 | ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: |
| 1914 | ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: | 1914 | ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: |
| 1915 | RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION: | 1915 | RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION: |
| 1916 | ENGINE_set_RSA 2497 EXIST::FUNCTION: | 1916 | ENGINE_set_RSA 2497 EXIST::FUNCTION:ENGINE |
| 1917 | ENGINE_load_private_key 2498 EXIST::FUNCTION: | 1917 | ENGINE_load_private_key 2498 EXIST::FUNCTION:ENGINE |
| 1918 | ENGINE_set_default_RAND 2499 EXIST::FUNCTION: | 1918 | ENGINE_set_default_RAND 2499 EXIST::FUNCTION:ENGINE |
| 1919 | ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION: | 1919 | ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION: |
| 1920 | ENGINE_remove 2501 EXIST::FUNCTION: | 1920 | ENGINE_remove 2501 EXIST::FUNCTION:ENGINE |
| 1921 | ENGINE_free 2502 EXIST::FUNCTION: | 1921 | ENGINE_free 2502 EXIST::FUNCTION:ENGINE |
| 1922 | ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION: | 1922 | ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION: |
| 1923 | ENGINE_get_next 2504 EXIST::FUNCTION: | 1923 | ENGINE_get_next 2504 EXIST::FUNCTION:ENGINE |
| 1924 | ENGINE_set_name 2505 EXIST::FUNCTION: | 1924 | ENGINE_set_name 2505 EXIST::FUNCTION:ENGINE |
| 1925 | ENGINE_get_default_DSA 2506 EXIST::FUNCTION: | 1925 | ENGINE_get_default_DSA 2506 EXIST::FUNCTION:ENGINE |
| 1926 | ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION: | 1926 | ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION: |
| 1927 | ENGINE_set_default_RSA 2508 EXIST::FUNCTION: | 1927 | ENGINE_set_default_RSA 2508 EXIST::FUNCTION:ENGINE |
| 1928 | ENGINE_get_default_RAND 2509 EXIST::FUNCTION: | 1928 | ENGINE_get_default_RAND 2509 EXIST::FUNCTION:ENGINE |
| 1929 | ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION: | 1929 | ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION: |
| 1930 | ENGINE_set_RAND 2511 EXIST::FUNCTION: | 1930 | ENGINE_set_RAND 2511 EXIST::FUNCTION:ENGINE |
| 1931 | ENGINE_set_id 2512 EXIST::FUNCTION: | 1931 | ENGINE_set_id 2512 EXIST::FUNCTION:ENGINE |
| 1932 | ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION: | 1932 | ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION: |
| 1933 | ENGINE_set_default_DH 2514 EXIST::FUNCTION: | 1933 | ENGINE_set_default_DH 2514 EXIST::FUNCTION:ENGINE |
| 1934 | ENGINE_new 2515 EXIST::FUNCTION: | 1934 | ENGINE_new 2515 EXIST::FUNCTION:ENGINE |
| 1935 | ENGINE_get_id 2516 EXIST::FUNCTION: | 1935 | ENGINE_get_id 2516 EXIST::FUNCTION:ENGINE |
| 1936 | DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION: | 1936 | DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION: |
| 1937 | ENGINE_add 2518 EXIST::FUNCTION: | 1937 | ENGINE_add 2518 EXIST::FUNCTION:ENGINE |
| 1938 | DH_set_default_openssl_method 2519 NOEXIST::FUNCTION: | 1938 | DH_set_default_openssl_method 2519 NOEXIST::FUNCTION: |
| 1939 | ENGINE_get_DSA 2520 EXIST::FUNCTION: | 1939 | ENGINE_get_DSA 2520 EXIST::FUNCTION:ENGINE |
| 1940 | ENGINE_get_ctrl_function 2521 EXIST::FUNCTION: | 1940 | ENGINE_get_ctrl_function 2521 EXIST::FUNCTION:ENGINE |
| 1941 | ENGINE_set_ctrl_function 2522 EXIST::FUNCTION: | 1941 | ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE |
| 1942 | BN_pseudo_rand_range 2523 EXIST::FUNCTION: | 1942 | BN_pseudo_rand_range 2523 EXIST::FUNCTION: |
| 1943 | X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION: | 1943 | X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION: |
| 1944 | ERR_load_COMP_strings 2525 EXIST::FUNCTION: | 1944 | ERR_load_COMP_strings 2525 EXIST::FUNCTION: |
| 1945 | PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION: | 1945 | PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION: |
| 1946 | ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1946 | ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1947 | ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1947 | ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 1948 | ENGINE_unregister_ciphers 2528 EXIST::FUNCTION: | 1948 | ENGINE_unregister_ciphers 2528 EXIST::FUNCTION:ENGINE |
| 1949 | ENGINE_get_ciphers 2529 EXIST::FUNCTION: | 1949 | ENGINE_get_ciphers 2529 EXIST::FUNCTION:ENGINE |
| 1950 | d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION: | 1950 | d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION: |
| 1951 | KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1951 | KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1952 | KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1952 | KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -1959,15 +1959,15 @@ X509V3_add1_i2d 2536 EXIST::FUNCTION: | |||
| 1959 | PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1959 | PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1960 | PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1960 | PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 1961 | UI_add_input_boolean 2538 EXIST::FUNCTION: | 1961 | UI_add_input_boolean 2538 EXIST::FUNCTION: |
| 1962 | ENGINE_unregister_RSA 2539 EXIST::FUNCTION: | 1962 | ENGINE_unregister_RSA 2539 EXIST::FUNCTION:ENGINE |
| 1963 | X509V3_EXT_nconf 2540 EXIST::FUNCTION: | 1963 | X509V3_EXT_nconf 2540 EXIST::FUNCTION: |
| 1964 | ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION: | 1964 | ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION: |
| 1965 | d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION: | 1965 | d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION: |
| 1966 | X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION: | 1966 | X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION: |
| 1967 | X509_print_ex 2544 EXIST::FUNCTION:BIO | 1967 | X509_print_ex 2544 EXIST::FUNCTION:BIO |
| 1968 | OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION: | 1968 | OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION: |
| 1969 | ENGINE_register_all_RAND 2546 EXIST::FUNCTION: | 1969 | ENGINE_register_all_RAND 2546 EXIST::FUNCTION:ENGINE |
| 1970 | ENGINE_load_dynamic 2547 EXIST::FUNCTION: | 1970 | ENGINE_load_dynamic 2547 EXIST::FUNCTION:ENGINE |
| 1971 | PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1971 | PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1972 | PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1972 | PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 1973 | EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION: | 1973 | EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION: |
| @@ -1987,7 +1987,7 @@ X509_STORE_set_purpose 2559 EXIST::FUNCTION: | |||
| 1987 | i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION: | 1987 | i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION: |
| 1988 | OCSP_response_status 2561 EXIST::FUNCTION: | 1988 | OCSP_response_status 2561 EXIST::FUNCTION: |
| 1989 | i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION: | 1989 | i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION: |
| 1990 | ENGINE_get_digest_engine 2563 EXIST::FUNCTION: | 1990 | ENGINE_get_digest_engine 2563 EXIST::FUNCTION:ENGINE |
| 1991 | EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC | 1991 | EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC |
| 1992 | OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION: | 1992 | OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION: |
| 1993 | _ossl_old_des_random_key 2566 EXIST::FUNCTION:DES | 1993 | _ossl_old_des_random_key 2566 EXIST::FUNCTION:DES |
| @@ -2011,7 +2011,7 @@ _shadow_DES_rw_mode 2581 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2011 | _shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES | 2011 | _shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES |
| 2012 | asn1_do_adb 2582 EXIST::FUNCTION: | 2012 | asn1_do_adb 2582 EXIST::FUNCTION: |
| 2013 | ASN1_template_i2d 2583 EXIST::FUNCTION: | 2013 | ASN1_template_i2d 2583 EXIST::FUNCTION: |
| 2014 | ENGINE_register_DH 2584 EXIST::FUNCTION: | 2014 | ENGINE_register_DH 2584 EXIST::FUNCTION:ENGINE |
| 2015 | UI_construct_prompt 2585 EXIST::FUNCTION: | 2015 | UI_construct_prompt 2585 EXIST::FUNCTION: |
| 2016 | X509_STORE_set_trust 2586 EXIST::FUNCTION: | 2016 | X509_STORE_set_trust 2586 EXIST::FUNCTION: |
| 2017 | UI_dup_input_string 2587 EXIST::FUNCTION: | 2017 | UI_dup_input_string 2587 EXIST::FUNCTION: |
| @@ -2039,7 +2039,7 @@ OCSP_resp_find 2605 EXIST::FUNCTION: | |||
| 2039 | BN_nnmod 2606 EXIST::FUNCTION: | 2039 | BN_nnmod 2606 EXIST::FUNCTION: |
| 2040 | X509_CRL_sort 2607 EXIST::FUNCTION: | 2040 | X509_CRL_sort 2607 EXIST::FUNCTION: |
| 2041 | X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION: | 2041 | X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION: |
| 2042 | ENGINE_register_RAND 2609 EXIST::FUNCTION: | 2042 | ENGINE_register_RAND 2609 EXIST::FUNCTION:ENGINE |
| 2043 | OCSP_SERVICELOC_new 2610 EXIST::FUNCTION: | 2043 | OCSP_SERVICELOC_new 2610 EXIST::FUNCTION: |
| 2044 | EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC | 2044 | EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC |
| 2045 | EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC | 2045 | EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC |
| @@ -2049,11 +2049,11 @@ SXNET_it 2613 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2049 | UI_dup_input_boolean 2614 EXIST::FUNCTION: | 2049 | UI_dup_input_boolean 2614 EXIST::FUNCTION: |
| 2050 | PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION: | 2050 | PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION: |
| 2051 | EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC | 2051 | EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC |
| 2052 | ENGINE_load_openbsd_dev_crypto 2617 EXIST::FUNCTION: | 2052 | ENGINE_load_cryptodev 2617 EXIST::FUNCTION:ENGINE |
| 2053 | DSO_convert_filename 2618 EXIST::FUNCTION: | 2053 | DSO_convert_filename 2618 EXIST::FUNCTION: |
| 2054 | POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2054 | POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2055 | POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2055 | POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2056 | ENGINE_register_ciphers 2620 EXIST::FUNCTION: | 2056 | ENGINE_register_ciphers 2620 EXIST::FUNCTION:ENGINE |
| 2057 | BN_mod_lshift_quick 2621 EXIST::FUNCTION: | 2057 | BN_mod_lshift_quick 2621 EXIST::FUNCTION: |
| 2058 | DSO_set_filename 2622 EXIST::FUNCTION: | 2058 | DSO_set_filename 2622 EXIST::FUNCTION: |
| 2059 | ASN1_item_free 2623 EXIST::FUNCTION: | 2059 | ASN1_item_free 2623 EXIST::FUNCTION: |
| @@ -2062,7 +2062,7 @@ AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2062 | AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2062 | AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2063 | KRB5_APREQBODY_new 2626 EXIST::FUNCTION: | 2063 | KRB5_APREQBODY_new 2626 EXIST::FUNCTION: |
| 2064 | X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION: | 2064 | X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION: |
| 2065 | ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION: | 2065 | ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION:ENGINE |
| 2066 | i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION: | 2066 | i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION: |
| 2067 | EVP_MD_CTX_init 2630 EXIST::FUNCTION: | 2067 | EVP_MD_CTX_init 2630 EXIST::FUNCTION: |
| 2068 | EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION: | 2068 | EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION: |
| @@ -2071,8 +2071,8 @@ PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2071 | UI_add_error_string 2633 EXIST::FUNCTION: | 2071 | UI_add_error_string 2633 EXIST::FUNCTION: |
| 2072 | KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: | 2072 | KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: |
| 2073 | OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: | 2073 | OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: |
| 2074 | ENGINE_load_ubsec 2636 EXIST::FUNCTION: | 2074 | ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE |
| 2075 | ENGINE_register_all_digests 2637 EXIST::FUNCTION: | 2075 | ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE |
| 2076 | PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2076 | PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2077 | PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2077 | PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2078 | PKCS12_unpack_authsafes 2639 EXIST::FUNCTION: | 2078 | PKCS12_unpack_authsafes 2639 EXIST::FUNCTION: |
| @@ -2098,16 +2098,16 @@ OCSP_CERTSTATUS_free 2653 EXIST::FUNCTION: | |||
| 2098 | _ossl_old_des_crypt 2654 EXIST::FUNCTION:DES | 2098 | _ossl_old_des_crypt 2654 EXIST::FUNCTION:DES |
| 2099 | ASN1_item_i2d 2655 EXIST::FUNCTION: | 2099 | ASN1_item_i2d 2655 EXIST::FUNCTION: |
| 2100 | EVP_DecryptFinal_ex 2656 EXIST::FUNCTION: | 2100 | EVP_DecryptFinal_ex 2656 EXIST::FUNCTION: |
| 2101 | ENGINE_load_openssl 2657 EXIST::FUNCTION: | 2101 | ENGINE_load_openssl 2657 EXIST::FUNCTION:ENGINE |
| 2102 | ENGINE_get_cmd_defns 2658 EXIST::FUNCTION: | 2102 | ENGINE_get_cmd_defns 2658 EXIST::FUNCTION:ENGINE |
| 2103 | ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION: | 2103 | ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION:ENGINE |
| 2104 | ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION: | 2104 | ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION:ENGINE |
| 2105 | EVP_EncryptFinal_ex 2660 EXIST::FUNCTION: | 2105 | EVP_EncryptFinal_ex 2660 EXIST::FUNCTION: |
| 2106 | ENGINE_set_default_digests 2661 EXIST::FUNCTION: | 2106 | ENGINE_set_default_digests 2661 EXIST::FUNCTION:ENGINE |
| 2107 | X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION: | 2107 | X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION: |
| 2108 | asn1_ex_i2c 2663 EXIST::FUNCTION: | 2108 | asn1_ex_i2c 2663 EXIST::FUNCTION: |
| 2109 | ENGINE_register_RSA 2664 EXIST::FUNCTION: | 2109 | ENGINE_register_RSA 2664 EXIST::FUNCTION:ENGINE |
| 2110 | ENGINE_unregister_DSA 2665 EXIST::FUNCTION: | 2110 | ENGINE_unregister_DSA 2665 EXIST::FUNCTION:ENGINE |
| 2111 | _ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES | 2111 | _ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES |
| 2112 | X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2112 | X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2113 | X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2113 | X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2120,7 +2120,7 @@ PKCS12_certbag2x509 2672 EXIST::FUNCTION: | |||
| 2120 | _ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES | 2120 | _ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES |
| 2121 | d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION: | 2121 | d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION: |
| 2122 | ERR_print_errors_cb 2675 EXIST::FUNCTION: | 2122 | ERR_print_errors_cb 2675 EXIST::FUNCTION: |
| 2123 | ENGINE_set_ciphers 2676 EXIST::FUNCTION: | 2123 | ENGINE_set_ciphers 2676 EXIST::FUNCTION:ENGINE |
| 2124 | d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION: | 2124 | d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION: |
| 2125 | UI_method_get_flusher 2678 EXIST::FUNCTION: | 2125 | UI_method_get_flusher 2678 EXIST::FUNCTION: |
| 2126 | X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2126 | X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2156,7 +2156,7 @@ NCONF_get_number_e 2704 EXIST::FUNCTION: | |||
| 2156 | _ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES | 2156 | _ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES |
| 2157 | X509_signature_print 2706 EXIST::FUNCTION:EVP | 2157 | X509_signature_print 2706 EXIST::FUNCTION:EVP |
| 2158 | OCSP_SINGLERESP_free 2707 EXIST::FUNCTION: | 2158 | OCSP_SINGLERESP_free 2707 EXIST::FUNCTION: |
| 2159 | ENGINE_load_builtin_engines 2708 EXIST::FUNCTION: | 2159 | ENGINE_load_builtin_engines 2708 EXIST::FUNCTION:ENGINE |
| 2160 | i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION: | 2160 | i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION: |
| 2161 | OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION: | 2161 | OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION: |
| 2162 | OCSP_RESPBYTES_new 2711 EXIST::FUNCTION: | 2162 | OCSP_RESPBYTES_new 2711 EXIST::FUNCTION: |
| @@ -2184,7 +2184,7 @@ X509_CERT_AUX_it 2727 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2184 | CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2184 | CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2185 | CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2185 | CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2186 | _ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES | 2186 | _ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES |
| 2187 | RAND_set_rand_engine 2730 EXIST::FUNCTION: | 2187 | RAND_set_rand_engine 2730 EXIST::FUNCTION:ENGINE |
| 2188 | DSO_get_loaded_filename 2731 EXIST::FUNCTION: | 2188 | DSO_get_loaded_filename 2731 EXIST::FUNCTION: |
| 2189 | X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2189 | X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2190 | X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2190 | X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2206,7 +2206,7 @@ i2d_OCSP_BASICRESP 2744 EXIST::FUNCTION: | |||
| 2206 | i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION: | 2206 | i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION: |
| 2207 | PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION: | 2207 | PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION: |
| 2208 | HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC | 2208 | HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC |
| 2209 | ENGINE_get_digest 2748 EXIST::FUNCTION: | 2209 | ENGINE_get_digest 2748 EXIST::FUNCTION:ENGINE |
| 2210 | OCSP_RESPONSE_print 2749 EXIST::FUNCTION: | 2210 | OCSP_RESPONSE_print 2749 EXIST::FUNCTION: |
| 2211 | KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2211 | KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2212 | KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2212 | KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2219,16 +2219,16 @@ PBE2PARAM_it 2753 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2219 | PKCS12_certbag2x509crl 2754 EXIST::FUNCTION: | 2219 | PKCS12_certbag2x509crl 2754 EXIST::FUNCTION: |
| 2220 | PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2220 | PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2221 | PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2221 | PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2222 | ENGINE_get_cipher 2756 EXIST::FUNCTION: | 2222 | ENGINE_get_cipher 2756 EXIST::FUNCTION:ENGINE |
| 2223 | i2d_OCSP_CRLID 2757 EXIST::FUNCTION: | 2223 | i2d_OCSP_CRLID 2757 EXIST::FUNCTION: |
| 2224 | OCSP_SINGLERESP_new 2758 EXIST::FUNCTION: | 2224 | OCSP_SINGLERESP_new 2758 EXIST::FUNCTION: |
| 2225 | ENGINE_cmd_is_executable 2759 EXIST::FUNCTION: | 2225 | ENGINE_cmd_is_executable 2759 EXIST::FUNCTION:ENGINE |
| 2226 | RSA_up_ref 2760 EXIST::FUNCTION:RSA | 2226 | RSA_up_ref 2760 EXIST::FUNCTION:RSA |
| 2227 | ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2227 | ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2228 | ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2228 | ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2229 | ENGINE_register_DSA 2762 EXIST::FUNCTION: | 2229 | ENGINE_register_DSA 2762 EXIST::FUNCTION:ENGINE |
| 2230 | X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION: | 2230 | X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION: |
| 2231 | ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION: | 2231 | ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION:ENGINE |
| 2232 | PKCS8_decrypt 2765 EXIST::FUNCTION: | 2232 | PKCS8_decrypt 2765 EXIST::FUNCTION: |
| 2233 | PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO | 2233 | PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO |
| 2234 | DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2234 | DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2265,7 +2265,7 @@ UI_method_set_flusher 2789 EXIST::FUNCTION: | |||
| 2265 | X509_ocspid_print 2790 EXIST::FUNCTION:BIO | 2265 | X509_ocspid_print 2790 EXIST::FUNCTION:BIO |
| 2266 | KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2266 | KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2267 | KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2267 | KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2268 | ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION: | 2268 | ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION:ENGINE |
| 2269 | UI_add_user_data 2793 EXIST::FUNCTION: | 2269 | UI_add_user_data 2793 EXIST::FUNCTION: |
| 2270 | OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION: | 2270 | OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION: |
| 2271 | UI_get_method 2795 EXIST::FUNCTION: | 2271 | UI_get_method 2795 EXIST::FUNCTION: |
| @@ -2289,16 +2289,16 @@ ASN1_FBOOLEAN_it 2806 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2289 | ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2289 | ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2290 | UI_set_ex_data 2807 EXIST::FUNCTION: | 2290 | UI_set_ex_data 2807 EXIST::FUNCTION: |
| 2291 | _ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES | 2291 | _ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES |
| 2292 | ENGINE_register_all_RSA 2809 EXIST::FUNCTION: | 2292 | ENGINE_register_all_RSA 2809 EXIST::FUNCTION:ENGINE |
| 2293 | d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION: | 2293 | d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION: |
| 2294 | OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2294 | OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2295 | OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2295 | OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2296 | X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2296 | X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2297 | X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2297 | X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2298 | ENGINE_unregister_digests 2813 EXIST::FUNCTION: | 2298 | ENGINE_unregister_digests 2813 EXIST::FUNCTION:ENGINE |
| 2299 | d2i_EDIPARTYNAME 2814 EXIST::FUNCTION: | 2299 | d2i_EDIPARTYNAME 2814 EXIST::FUNCTION: |
| 2300 | d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION: | 2300 | d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION: |
| 2301 | ENGINE_get_digests 2816 EXIST::FUNCTION: | 2301 | ENGINE_get_digests 2816 EXIST::FUNCTION:ENGINE |
| 2302 | _ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES | 2302 | _ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES |
| 2303 | OCSP_RESPDATA_free 2818 EXIST::FUNCTION: | 2303 | OCSP_RESPDATA_free 2818 EXIST::FUNCTION: |
| 2304 | d2i_KRB5_TICKET 2819 EXIST::FUNCTION: | 2304 | d2i_KRB5_TICKET 2819 EXIST::FUNCTION: |
| @@ -2309,7 +2309,7 @@ d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION: | |||
| 2309 | X509_CRL_set_version 2823 EXIST::FUNCTION: | 2309 | X509_CRL_set_version 2823 EXIST::FUNCTION: |
| 2310 | BN_mod_sub 2824 EXIST::FUNCTION: | 2310 | BN_mod_sub 2824 EXIST::FUNCTION: |
| 2311 | OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION: | 2311 | OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION: |
| 2312 | ENGINE_get_ex_new_index 2826 EXIST::FUNCTION: | 2312 | ENGINE_get_ex_new_index 2826 EXIST::FUNCTION:ENGINE |
| 2313 | OCSP_REQUEST_free 2827 EXIST::FUNCTION: | 2313 | OCSP_REQUEST_free 2827 EXIST::FUNCTION: |
| 2314 | OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION: | 2314 | OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION: |
| 2315 | X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2315 | X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2343,7 +2343,7 @@ EC_POINT_method_of 2852 EXIST::FUNCTION:EC | |||
| 2343 | i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION: | 2343 | i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION: |
| 2344 | _ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES | 2344 | _ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES |
| 2345 | CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION: | 2345 | CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION: |
| 2346 | ENGINE_get_ex_data 2856 EXIST::FUNCTION: | 2346 | ENGINE_get_ex_data 2856 EXIST::FUNCTION:ENGINE |
| 2347 | UI_destroy_method 2857 EXIST::FUNCTION: | 2347 | UI_destroy_method 2857 EXIST::FUNCTION: |
| 2348 | ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO | 2348 | ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO |
| 2349 | OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION: | 2349 | OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION: |
| @@ -2367,7 +2367,7 @@ PKCS12_SAFEBAGS_it 2872 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2367 | PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2367 | PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2368 | d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION: | 2368 | d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION: |
| 2369 | OCSP_request_add1_nonce 2874 EXIST::FUNCTION: | 2369 | OCSP_request_add1_nonce 2874 EXIST::FUNCTION: |
| 2370 | ENGINE_set_cmd_defns 2875 EXIST::FUNCTION: | 2370 | ENGINE_set_cmd_defns 2875 EXIST::FUNCTION:ENGINE |
| 2371 | OCSP_SERVICELOC_free 2876 EXIST::FUNCTION: | 2371 | OCSP_SERVICELOC_free 2876 EXIST::FUNCTION: |
| 2372 | EC_GROUP_free 2877 EXIST::FUNCTION:EC | 2372 | EC_GROUP_free 2877 EXIST::FUNCTION:EC |
| 2373 | ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2373 | ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2384,7 +2384,7 @@ EC_GROUP_new_curve_GFp 2885 EXIST::FUNCTION:EC | |||
| 2384 | OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION: | 2384 | OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION: |
| 2385 | PKCS12_item_pack_safebag 2887 EXIST::FUNCTION: | 2385 | PKCS12_item_pack_safebag 2887 EXIST::FUNCTION: |
| 2386 | asn1_ex_c2i 2888 EXIST::FUNCTION: | 2386 | asn1_ex_c2i 2888 EXIST::FUNCTION: |
| 2387 | ENGINE_register_digests 2889 EXIST::FUNCTION: | 2387 | ENGINE_register_digests 2889 EXIST::FUNCTION:ENGINE |
| 2388 | i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION: | 2388 | i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION: |
| 2389 | asn1_enc_restore 2891 EXIST::FUNCTION: | 2389 | asn1_enc_restore 2891 EXIST::FUNCTION: |
| 2390 | UI_free 2892 EXIST::FUNCTION: | 2390 | UI_free 2892 EXIST::FUNCTION: |
| @@ -2395,7 +2395,7 @@ EC_POINT_invert 2896 EXIST::FUNCTION:EC | |||
| 2395 | OCSP_basic_sign 2897 EXIST::FUNCTION: | 2395 | OCSP_basic_sign 2897 EXIST::FUNCTION: |
| 2396 | i2d_OCSP_RESPID 2898 EXIST::FUNCTION: | 2396 | i2d_OCSP_RESPID 2898 EXIST::FUNCTION: |
| 2397 | OCSP_check_nonce 2899 EXIST::FUNCTION: | 2397 | OCSP_check_nonce 2899 EXIST::FUNCTION: |
| 2398 | ENGINE_ctrl_cmd 2900 EXIST::FUNCTION: | 2398 | ENGINE_ctrl_cmd 2900 EXIST::FUNCTION:ENGINE |
| 2399 | d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION: | 2399 | d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION: |
| 2400 | OCSP_parse_url 2902 EXIST::FUNCTION: | 2400 | OCSP_parse_url 2902 EXIST::FUNCTION: |
| 2401 | OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION: | 2401 | OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION: |
| @@ -2403,12 +2403,12 @@ OCSP_CRLID_free 2904 EXIST::FUNCTION: | |||
| 2403 | OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION: | 2403 | OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION: |
| 2404 | RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA | 2404 | RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA |
| 2405 | RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA | 2405 | RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA |
| 2406 | ENGINE_register_all_DH 2907 EXIST::FUNCTION: | 2406 | ENGINE_register_all_DH 2907 EXIST::FUNCTION:ENGINE |
| 2407 | i2d_EDIPARTYNAME 2908 EXIST::FUNCTION: | 2407 | i2d_EDIPARTYNAME 2908 EXIST::FUNCTION: |
| 2408 | EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC | 2408 | EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC |
| 2409 | EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC | 2409 | EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC |
| 2410 | OCSP_CRLID_new 2910 EXIST::FUNCTION: | 2410 | OCSP_CRLID_new 2910 EXIST::FUNCTION: |
| 2411 | ENGINE_get_flags 2911 EXIST::FUNCTION: | 2411 | ENGINE_get_flags 2911 EXIST::FUNCTION:ENGINE |
| 2412 | OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2412 | OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2413 | OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2413 | OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2414 | UI_process 2913 EXIST::FUNCTION: | 2414 | UI_process 2913 EXIST::FUNCTION: |
| @@ -2416,8 +2416,8 @@ ASN1_INTEGER_it 2914 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2416 | ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2416 | ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2417 | EVP_CipherInit_ex 2915 EXIST::FUNCTION: | 2417 | EVP_CipherInit_ex 2915 EXIST::FUNCTION: |
| 2418 | UI_get_string_type 2916 EXIST::FUNCTION: | 2418 | UI_get_string_type 2916 EXIST::FUNCTION: |
| 2419 | ENGINE_unregister_DH 2917 EXIST::FUNCTION: | 2419 | ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE |
| 2420 | ENGINE_register_all_DSA 2918 EXIST::FUNCTION: | 2420 | ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE |
| 2421 | OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: | 2421 | OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: |
| 2422 | bn_dup_expand 2920 EXIST::FUNCTION: | 2422 | bn_dup_expand 2920 EXIST::FUNCTION: |
| 2423 | OCSP_cert_id_new 2921 EXIST::FUNCTION: | 2423 | OCSP_cert_id_new 2921 EXIST::FUNCTION: |
| @@ -2438,11 +2438,11 @@ BN_mod_sub_quick 2933 EXIST::FUNCTION: | |||
| 2438 | OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION: | 2438 | OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION: |
| 2439 | OCSP_request_sign 2935 EXIST::FUNCTION: | 2439 | OCSP_request_sign 2935 EXIST::FUNCTION: |
| 2440 | EVP_DigestFinal_ex 2936 EXIST::FUNCTION: | 2440 | EVP_DigestFinal_ex 2936 EXIST::FUNCTION: |
| 2441 | ENGINE_set_digests 2937 EXIST::FUNCTION: | 2441 | ENGINE_set_digests 2937 EXIST::FUNCTION:ENGINE |
| 2442 | OCSP_id_issuer_cmp 2938 EXIST::FUNCTION: | 2442 | OCSP_id_issuer_cmp 2938 EXIST::FUNCTION: |
| 2443 | OBJ_NAME_do_all 2939 EXIST::FUNCTION: | 2443 | OBJ_NAME_do_all 2939 EXIST::FUNCTION: |
| 2444 | EC_POINTs_mul 2940 EXIST::FUNCTION:EC | 2444 | EC_POINTs_mul 2940 EXIST::FUNCTION:EC |
| 2445 | ENGINE_register_complete 2941 EXIST::FUNCTION: | 2445 | ENGINE_register_complete 2941 EXIST::FUNCTION:ENGINE |
| 2446 | X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION: | 2446 | X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION: |
| 2447 | ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2447 | ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2448 | ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2448 | ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2451,7 +2451,7 @@ RAND_query_egd_bytes 2945 EXIST::FUNCTION: | |||
| 2451 | UI_method_get_writer 2946 EXIST::FUNCTION: | 2451 | UI_method_get_writer 2946 EXIST::FUNCTION: |
| 2452 | UI_OpenSSL 2947 EXIST::FUNCTION: | 2452 | UI_OpenSSL 2947 EXIST::FUNCTION: |
| 2453 | PEM_def_callback 2948 EXIST::FUNCTION: | 2453 | PEM_def_callback 2948 EXIST::FUNCTION: |
| 2454 | ENGINE_cleanup 2949 EXIST::FUNCTION: | 2454 | ENGINE_cleanup 2949 EXIST::FUNCTION:ENGINE |
| 2455 | DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2455 | DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2456 | DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2456 | DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2457 | OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2457 | OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2475,7 +2475,7 @@ OCSP_RESPID_new 2967 EXIST::FUNCTION: | |||
| 2475 | OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2475 | OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2476 | OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2476 | OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2477 | d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION: | 2477 | d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION: |
| 2478 | ENGINE_register_all_complete 2970 EXIST::FUNCTION: | 2478 | ENGINE_register_all_complete 2970 EXIST::FUNCTION:ENGINE |
| 2479 | OCSP_check_validity 2971 EXIST::FUNCTION: | 2479 | OCSP_check_validity 2971 EXIST::FUNCTION: |
| 2480 | PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2480 | PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2481 | PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2481 | PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2487,7 +2487,7 @@ KRB5_AUTHENTBODY_it 2976 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2487 | X509_supported_extension 2977 EXIST::FUNCTION: | 2487 | X509_supported_extension 2977 EXIST::FUNCTION: |
| 2488 | i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION: | 2488 | i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION: |
| 2489 | UI_method_get_opener 2979 EXIST::FUNCTION: | 2489 | UI_method_get_opener 2979 EXIST::FUNCTION: |
| 2490 | ENGINE_set_ex_data 2980 EXIST::FUNCTION: | 2490 | ENGINE_set_ex_data 2980 EXIST::FUNCTION:ENGINE |
| 2491 | OCSP_REQUEST_print 2981 EXIST::FUNCTION: | 2491 | OCSP_REQUEST_print 2981 EXIST::FUNCTION: |
| 2492 | CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2492 | CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2493 | CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2493 | CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2501,7 +2501,7 @@ OCSP_single_get0_status 2989 EXIST::FUNCTION: | |||
| 2501 | BN_swap 2990 EXIST::FUNCTION: | 2501 | BN_swap 2990 EXIST::FUNCTION: |
| 2502 | POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2502 | POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2503 | POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2503 | POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2504 | ENGINE_set_destroy_function 2992 EXIST::FUNCTION: | 2504 | ENGINE_set_destroy_function 2992 EXIST::FUNCTION:ENGINE |
| 2505 | asn1_enc_free 2993 EXIST::FUNCTION: | 2505 | asn1_enc_free 2993 EXIST::FUNCTION: |
| 2506 | OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2506 | OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2507 | OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2507 | OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2523,8 +2523,8 @@ EDIPARTYNAME_it 3005 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2523 | NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2523 | NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2524 | NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2524 | NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2525 | UI_get0_test_string 3007 EXIST::FUNCTION: | 2525 | UI_get0_test_string 3007 EXIST::FUNCTION: |
| 2526 | ENGINE_get_cipher_engine 3008 EXIST::FUNCTION: | 2526 | ENGINE_get_cipher_engine 3008 EXIST::FUNCTION:ENGINE |
| 2527 | ENGINE_register_all_ciphers 3009 EXIST::FUNCTION: | 2527 | ENGINE_register_all_ciphers 3009 EXIST::FUNCTION:ENGINE |
| 2528 | EC_POINT_copy 3010 EXIST::FUNCTION:EC | 2528 | EC_POINT_copy 3010 EXIST::FUNCTION:EC |
| 2529 | BN_kronecker 3011 EXIST::FUNCTION: | 2529 | BN_kronecker 3011 EXIST::FUNCTION: |
| 2530 | _ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES | 2530 | _ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES |
| @@ -2545,9 +2545,9 @@ OCSP_RESPONSE_new 3023 EXIST::FUNCTION: | |||
| 2545 | AES_set_encrypt_key 3024 EXIST::FUNCTION:AES | 2545 | AES_set_encrypt_key 3024 EXIST::FUNCTION:AES |
| 2546 | OCSP_resp_count 3025 EXIST::FUNCTION: | 2546 | OCSP_resp_count 3025 EXIST::FUNCTION: |
| 2547 | KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: | 2547 | KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: |
| 2548 | ENGINE_load_cswift 3027 EXIST::FUNCTION: | 2548 | ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE |
| 2549 | OCSP_onereq_get0_id 3028 EXIST::FUNCTION: | 2549 | OCSP_onereq_get0_id 3028 EXIST::FUNCTION: |
| 2550 | ENGINE_set_default_ciphers 3029 EXIST::FUNCTION: | 2550 | ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE |
| 2551 | NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2551 | NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2552 | NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2552 | NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2553 | X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION: | 2553 | X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION: |
| @@ -2565,7 +2565,7 @@ AES_decrypt 3040 EXIST::FUNCTION:AES | |||
| 2565 | asn1_enc_init 3041 EXIST::FUNCTION: | 2565 | asn1_enc_init 3041 EXIST::FUNCTION: |
| 2566 | UI_get_result_maxsize 3042 EXIST::FUNCTION: | 2566 | UI_get_result_maxsize 3042 EXIST::FUNCTION: |
| 2567 | OCSP_CERTID_new 3043 EXIST::FUNCTION: | 2567 | OCSP_CERTID_new 3043 EXIST::FUNCTION: |
| 2568 | ENGINE_unregister_RAND 3044 EXIST::FUNCTION: | 2568 | ENGINE_unregister_RAND 3044 EXIST::FUNCTION:ENGINE |
| 2569 | UI_method_get_closer 3045 EXIST::FUNCTION: | 2569 | UI_method_get_closer 3045 EXIST::FUNCTION: |
| 2570 | d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION: | 2570 | d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION: |
| 2571 | OCSP_request_onereq_count 3047 EXIST::FUNCTION: | 2571 | OCSP_request_onereq_count 3047 EXIST::FUNCTION: |
| @@ -2576,7 +2576,7 @@ ASN1_primitive_free 3051 EXIST::FUNCTION: | |||
| 2576 | i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: | 2576 | i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: |
| 2577 | i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: | 2577 | i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: |
| 2578 | asn1_enc_save 3054 EXIST::FUNCTION: | 2578 | asn1_enc_save 3054 EXIST::FUNCTION: |
| 2579 | ENGINE_load_nuron 3055 EXIST::FUNCTION: | 2579 | ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE |
| 2580 | _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES | 2580 | _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES |
| 2581 | PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2581 | PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2582 | PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2582 | PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2598,15 +2598,15 @@ ASN1_item_d2i_bio 3069 EXIST::FUNCTION:BIO | |||
| 2598 | EC_POINT_dbl 3070 EXIST::FUNCTION:EC | 2598 | EC_POINT_dbl 3070 EXIST::FUNCTION:EC |
| 2599 | asn1_get_choice_selector 3071 EXIST::FUNCTION: | 2599 | asn1_get_choice_selector 3071 EXIST::FUNCTION: |
| 2600 | i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: | 2600 | i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: |
| 2601 | ENGINE_set_table_flags 3073 EXIST::FUNCTION: | 2601 | ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE |
| 2602 | AES_options 3074 EXIST::FUNCTION:AES | 2602 | AES_options 3074 EXIST::FUNCTION:AES |
| 2603 | ENGINE_load_chil 3075 EXIST::FUNCTION: | 2603 | ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE |
| 2604 | OCSP_id_cmp 3076 EXIST::FUNCTION: | 2604 | OCSP_id_cmp 3076 EXIST::FUNCTION: |
| 2605 | OCSP_BASICRESP_new 3077 EXIST::FUNCTION: | 2605 | OCSP_BASICRESP_new 3077 EXIST::FUNCTION: |
| 2606 | OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: | 2606 | OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: |
| 2607 | KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2607 | KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2608 | KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2608 | KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2609 | ENGINE_get_destroy_function 3080 EXIST::FUNCTION: | 2609 | ENGINE_get_destroy_function 3080 EXIST::FUNCTION:ENGINE |
| 2610 | CONF_set_nconf 3081 EXIST::FUNCTION: | 2610 | CONF_set_nconf 3081 EXIST::FUNCTION: |
| 2611 | ASN1_PRINTABLE_free 3082 EXIST::FUNCTION: | 2611 | ASN1_PRINTABLE_free 3082 EXIST::FUNCTION: |
| 2612 | OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION: | 2612 | OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION: |
| @@ -2667,7 +2667,7 @@ OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2667 | OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2667 | OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2668 | i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: | 2668 | i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: |
| 2669 | OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: | 2669 | OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: |
| 2670 | ENGINE_load_atalla 3130 EXIST::FUNCTION: | 2670 | ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE |
| 2671 | X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2671 | X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2672 | X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2672 | X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2673 | USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2673 | USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2685,7 +2685,7 @@ UI_method_set_opener 3140 EXIST::FUNCTION: | |||
| 2685 | ASN1_item_ex_free 3141 EXIST::FUNCTION: | 2685 | ASN1_item_ex_free 3141 EXIST::FUNCTION: |
| 2686 | ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2686 | ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2687 | ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2687 | ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2688 | ENGINE_get_table_flags 3143 EXIST::FUNCTION: | 2688 | ENGINE_get_table_flags 3143 EXIST::FUNCTION:ENGINE |
| 2689 | UI_create_method 3144 EXIST::FUNCTION: | 2689 | UI_create_method 3144 EXIST::FUNCTION: |
| 2690 | OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION: | 2690 | OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION: |
| 2691 | _shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES | 2691 | _shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES |
| @@ -2709,7 +2709,7 @@ PKCS7_it 3160 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2709 | PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2709 | PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2710 | OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION: | 2710 | OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION: |
| 2711 | OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION: | 2711 | OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION: |
| 2712 | ENGINE_set_flags 3162 EXIST::FUNCTION: | 2712 | ENGINE_set_flags 3162 EXIST::FUNCTION:ENGINE |
| 2713 | _ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES | 2713 | _ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES |
| 2714 | OCSP_response_get1_basic 3164 EXIST::FUNCTION: | 2714 | OCSP_response_get1_basic 3164 EXIST::FUNCTION: |
| 2715 | EVP_Digest 3165 EXIST::FUNCTION: | 2715 | EVP_Digest 3165 EXIST::FUNCTION: |
| @@ -2721,8 +2721,8 @@ ASN1_TIME_to_generalizedtime 3169 EXIST::FUNCTION: | |||
| 2721 | BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2721 | BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2722 | BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2722 | BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2723 | AES_cbc_encrypt 3171 EXIST::FUNCTION:AES | 2723 | AES_cbc_encrypt 3171 EXIST::FUNCTION:AES |
| 2724 | ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION: | 2724 | ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION:ENGINE |
| 2725 | ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION: | 2725 | ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION:ENGINE |
| 2726 | OCSP_RESPONSE_free 3173 EXIST::FUNCTION: | 2726 | OCSP_RESPONSE_free 3173 EXIST::FUNCTION: |
| 2727 | UI_method_set_reader 3174 EXIST::FUNCTION: | 2727 | UI_method_set_reader 3174 EXIST::FUNCTION: |
| 2728 | i2d_ASN1_T61STRING 3175 EXIST::FUNCTION: | 2728 | i2d_ASN1_T61STRING 3175 EXIST::FUNCTION: |
| @@ -2736,7 +2736,7 @@ OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION: | |||
| 2736 | OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION: | 2736 | OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION: |
| 2737 | CONF_modules_load_file 3182 EXIST::FUNCTION: | 2737 | CONF_modules_load_file 3182 EXIST::FUNCTION: |
| 2738 | CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: | 2738 | CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: |
| 2739 | ENGINE_set_default_string 3184 EXIST::FUNCTION: | 2739 | ENGINE_set_default_string 3184 EXIST::FUNCTION:ENGINE |
| 2740 | CONF_module_get_usr_data 3185 EXIST::FUNCTION: | 2740 | CONF_module_get_usr_data 3185 EXIST::FUNCTION: |
| 2741 | ASN1_add_oid_module 3186 EXIST::FUNCTION: | 2741 | ASN1_add_oid_module 3186 EXIST::FUNCTION: |
| 2742 | CONF_modules_finish 3187 EXIST::FUNCTION: | 2742 | CONF_modules_finish 3187 EXIST::FUNCTION: |
| @@ -2754,7 +2754,7 @@ CONF_imodule_get_name 3198 EXIST::FUNCTION: | |||
| 2754 | ERR_peek_top_error 3199 NOEXIST::FUNCTION: | 2754 | ERR_peek_top_error 3199 NOEXIST::FUNCTION: |
| 2755 | CONF_imodule_get_usr_data 3200 EXIST::FUNCTION: | 2755 | CONF_imodule_get_usr_data 3200 EXIST::FUNCTION: |
| 2756 | CONF_imodule_set_flags 3201 EXIST::FUNCTION: | 2756 | CONF_imodule_set_flags 3201 EXIST::FUNCTION: |
| 2757 | ENGINE_add_conf_module 3202 EXIST::FUNCTION: | 2757 | ENGINE_add_conf_module 3202 EXIST::FUNCTION:ENGINE |
| 2758 | ERR_peek_last_error_line 3203 EXIST::FUNCTION: | 2758 | ERR_peek_last_error_line 3203 EXIST::FUNCTION: |
| 2759 | ERR_peek_last_error_line_data 3204 EXIST::FUNCTION: | 2759 | ERR_peek_last_error_line_data 3204 EXIST::FUNCTION: |
| 2760 | ERR_peek_last_error 3205 EXIST::FUNCTION: | 2760 | ERR_peek_last_error 3205 EXIST::FUNCTION: |
| @@ -2762,8 +2762,8 @@ DES_read_2passwords 3206 EXIST::FUNCTION:DES | |||
| 2762 | DES_read_password 3207 EXIST::FUNCTION:DES | 2762 | DES_read_password 3207 EXIST::FUNCTION:DES |
| 2763 | UI_UTIL_read_pw 3208 EXIST::FUNCTION: | 2763 | UI_UTIL_read_pw 3208 EXIST::FUNCTION: |
| 2764 | UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: | 2764 | UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: |
| 2765 | ENGINE_load_aep 3210 EXIST::FUNCTION: | 2765 | ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE |
| 2766 | ENGINE_load_sureware 3211 EXIST::FUNCTION: | 2766 | ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE |
| 2767 | OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: | 2767 | OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: |
| 2768 | OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: | 2768 | OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: |
| 2769 | OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: | 2769 | OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: |
| @@ -2772,7 +2772,7 @@ OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION: | |||
| 2772 | AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES | 2772 | AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES |
| 2773 | AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES | 2773 | AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES |
| 2774 | AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES | 2774 | AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES |
| 2775 | ENGINE_load_4758cca 3218 EXIST::FUNCTION: | 2775 | ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE |
| 2776 | _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES | 2776 | _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES |
| 2777 | EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES | 2777 | EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES |
| 2778 | EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES | 2778 | EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES |
| @@ -2793,3 +2793,11 @@ ASN1_UNIVERSALSTRING_it 3234 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2793 | d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION: | 2793 | d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION: |
| 2794 | EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES | 2794 | EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES |
| 2795 | X509_REQ_print_ex 3237 EXIST::FUNCTION:BIO | 2795 | X509_REQ_print_ex 3237 EXIST::FUNCTION:BIO |
| 2796 | ENGINE_up_ref 3238 EXIST::FUNCTION:ENGINE | ||
| 2797 | BUF_MEM_grow_clean 3239 EXIST::FUNCTION: | ||
| 2798 | CRYPTO_realloc_clean 3240 EXIST::FUNCTION: | ||
| 2799 | BUF_strlcat 3241 EXIST::FUNCTION: | ||
| 2800 | BIO_indent 3242 EXIST::FUNCTION: | ||
| 2801 | BUF_strlcpy 3243 EXIST::FUNCTION: | ||
| 2802 | OpenSSLDie 3244 EXIST::FUNCTION: | ||
| 2803 | OPENSSL_cleanse 3245 EXIST::FUNCTION: | ||
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl index c9271bbffe..c538f9dffb 100644 --- a/src/lib/libcrypto/util/mk1mf.pl +++ b/src/lib/libcrypto/util/mk1mf.pl | |||
| @@ -24,6 +24,7 @@ $infile="MINFO"; | |||
| 24 | 24 | ||
| 25 | %ops=( | 25 | %ops=( |
| 26 | "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", | 26 | "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", |
| 27 | "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", | ||
| 27 | "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", | 28 | "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", |
| 28 | "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", | 29 | "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", |
| 29 | "VC-WIN16", "Alias for VC-W31-32", | 30 | "VC-WIN16", "Alias for VC-W31-32", |
| @@ -63,6 +64,8 @@ and [options] can be one of | |||
| 63 | no-asm - No x86 asm | 64 | no-asm - No x86 asm |
| 64 | no-krb5 - No KRB5 | 65 | no-krb5 - No KRB5 |
| 65 | no-ec - No EC | 66 | no-ec - No EC |
| 67 | no-engine - No engine | ||
| 68 | no-hw - No hw | ||
| 66 | nasm - Use NASM for x86 asm | 69 | nasm - Use NASM for x86 asm |
| 67 | gaswin - Use GNU as with Mingw32 | 70 | gaswin - Use GNU as with Mingw32 |
| 68 | no-socks - No socket code | 71 | no-socks - No socket code |
| @@ -137,6 +140,10 @@ elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) | |||
| 137 | $NT = 1 if $platform eq "VC-NT"; | 140 | $NT = 1 if $platform eq "VC-NT"; |
| 138 | require 'VC-32.pl'; | 141 | require 'VC-32.pl'; |
| 139 | } | 142 | } |
| 143 | elsif ($platform eq "VC-CE") | ||
| 144 | { | ||
| 145 | require 'VC-CE.pl'; | ||
| 146 | } | ||
| 140 | elsif ($platform eq "Mingw32") | 147 | elsif ($platform eq "Mingw32") |
| 141 | { | 148 | { |
| 142 | require 'Mingw32.pl'; | 149 | require 'Mingw32.pl'; |
| @@ -213,7 +220,7 @@ $cflags.=" -DOPENSSL_NO_MD4" if $no_md4; | |||
| 213 | $cflags.=" -DOPENSSL_NO_MD5" if $no_md5; | 220 | $cflags.=" -DOPENSSL_NO_MD5" if $no_md5; |
| 214 | $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; | 221 | $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; |
| 215 | $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; | 222 | $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; |
| 216 | $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_rmd160; | 223 | $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd; |
| 217 | $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; | 224 | $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; |
| 218 | $cflags.=" -DOPENSSL_NO_BF" if $no_bf; | 225 | $cflags.=" -DOPENSSL_NO_BF" if $no_bf; |
| 219 | $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; | 226 | $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; |
| @@ -227,6 +234,8 @@ $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; | |||
| 227 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; | 234 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; |
| 228 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; | 235 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; |
| 229 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; | 236 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; |
| 237 | $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; | ||
| 238 | $cflags.=" -DOPENSSL_NO_HW" if $no_hw; | ||
| 230 | #$cflags.=" -DRSAref" if $rsaref ne ""; | 239 | #$cflags.=" -DRSAref" if $rsaref ne ""; |
| 231 | 240 | ||
| 232 | ## if ($unix) | 241 | ## if ($unix) |
| @@ -266,6 +275,17 @@ $defs= <<"EOF"; | |||
| 266 | # The one monster makefile better suits building in non-unix | 275 | # The one monster makefile better suits building in non-unix |
| 267 | # environments. | 276 | # environments. |
| 268 | 277 | ||
| 278 | EOF | ||
| 279 | |||
| 280 | if ($platform eq "VC-CE") | ||
| 281 | { | ||
| 282 | $defs.= <<"EOF"; | ||
| 283 | !INCLUDE <\$(WCECOMPAT)/wcedefs.mak> | ||
| 284 | |||
| 285 | EOF | ||
| 286 | } | ||
| 287 | |||
| 288 | $defs.= <<"EOF"; | ||
| 269 | INSTALLTOP=$INSTALLTOP | 289 | INSTALLTOP=$INSTALLTOP |
| 270 | 290 | ||
| 271 | # Set your compiler options | 291 | # Set your compiler options |
| @@ -632,6 +652,8 @@ sub var_add | |||
| 632 | local($dir,$val)=@_; | 652 | local($dir,$val)=@_; |
| 633 | local(@a,$_,$ret); | 653 | local(@a,$_,$ret); |
| 634 | 654 | ||
| 655 | return("") if $no_engine && $dir =~ /\/engine/; | ||
| 656 | return("") if $no_hw && $dir =~ /\/hw/; | ||
| 635 | return("") if $no_idea && $dir =~ /\/idea/; | 657 | return("") if $no_idea && $dir =~ /\/idea/; |
| 636 | return("") if $no_aes && $dir =~ /\/aes/; | 658 | return("") if $no_aes && $dir =~ /\/aes/; |
| 637 | return("") if $no_rc2 && $dir =~ /\/rc2/; | 659 | return("") if $no_rc2 && $dir =~ /\/rc2/; |
| @@ -641,6 +663,7 @@ sub var_add | |||
| 641 | return("") if $no_rsa && $dir =~ /^rsaref/; | 663 | return("") if $no_rsa && $dir =~ /^rsaref/; |
| 642 | return("") if $no_dsa && $dir =~ /\/dsa/; | 664 | return("") if $no_dsa && $dir =~ /\/dsa/; |
| 643 | return("") if $no_dh && $dir =~ /\/dh/; | 665 | return("") if $no_dh && $dir =~ /\/dh/; |
| 666 | return("") if $no_ec && $dir =~ /\/ec/; | ||
| 644 | if ($no_des && $dir =~ /\/des/) | 667 | if ($no_des && $dir =~ /\/des/) |
| 645 | { | 668 | { |
| 646 | if ($val =~ /read_pwd/) | 669 | if ($val =~ /read_pwd/) |
| @@ -675,7 +698,7 @@ sub var_add | |||
| 675 | @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2; | 698 | @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2; |
| 676 | @a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4; | 699 | @a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4; |
| 677 | @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5; | 700 | @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5; |
| 678 | @a=grep(!/(rmd)|(ripemd)/,@a) if $no_rmd160; | 701 | @a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd; |
| 679 | 702 | ||
| 680 | @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa; | 703 | @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa; |
| 681 | @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa; | 704 | @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa; |
| @@ -692,6 +715,8 @@ sub var_add | |||
| 692 | @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; | 715 | @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; |
| 693 | @a=grep(!/_mdc2$/,@a) if $no_mdc2; | 716 | @a=grep(!/_mdc2$/,@a) if $no_mdc2; |
| 694 | 717 | ||
| 718 | @a=grep(!/^engine$/,@a) if $no_engine; | ||
| 719 | @a=grep(!/^hw$/,@a) if $no_hw; | ||
| 695 | @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; | 720 | @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; |
| 696 | @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa; | 721 | @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa; |
| 697 | @a=grep(!/^gendsa$/,@a) if $no_sha1; | 722 | @a=grep(!/^gendsa$/,@a) if $no_sha1; |
| @@ -885,10 +910,12 @@ sub read_options | |||
| 885 | elsif (/^no-sock$/) { $no_sock=1; } | 910 | elsif (/^no-sock$/) { $no_sock=1; } |
| 886 | elsif (/^no-krb5$/) { $no_krb5=1; } | 911 | elsif (/^no-krb5$/) { $no_krb5=1; } |
| 887 | elsif (/^no-ec$/) { $no_ec=1; } | 912 | elsif (/^no-ec$/) { $no_ec=1; } |
| 913 | elsif (/^no-engine$/) { $no_engine=1; } | ||
| 914 | elsif (/^no-hw$/) { $no_hw=1; } | ||
| 888 | 915 | ||
| 889 | elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; | 916 | elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; |
| 890 | $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; | 917 | $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; |
| 891 | $no_ssl2=$no_err=$no_rmd160=$no_rc5=1; | 918 | $no_ssl2=$no_err=$no_ripemd=$no_rc5=1; |
| 892 | $no_aes=1; } | 919 | $no_aes=1; } |
| 893 | 920 | ||
| 894 | elsif (/^rsaref$/) { } | 921 | elsif (/^rsaref$/) { } |
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl index adfd447dd3..cdd2164c4e 100644 --- a/src/lib/libcrypto/util/mkdef.pl +++ b/src/lib/libcrypto/util/mkdef.pl | |||
| @@ -91,7 +91,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", | |||
| 91 | "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", | 91 | "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", |
| 92 | "LOCKING", | 92 | "LOCKING", |
| 93 | # External "algorithms" | 93 | # External "algorithms" |
| 94 | "FP_API", "STDIO", "SOCK", "KRB5" ); | 94 | "FP_API", "STDIO", "SOCK", "KRB5", "ENGINE", "HW" ); |
| 95 | 95 | ||
| 96 | my $options=""; | 96 | my $options=""; |
| 97 | open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; | 97 | open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; |
| @@ -107,7 +107,7 @@ my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; | |||
| 107 | my $no_cast; | 107 | my $no_cast; |
| 108 | my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; | 108 | my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; |
| 109 | my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; | 109 | my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; |
| 110 | my $no_ec; | 110 | my $no_ec; my $no_engine; my $no_hw; |
| 111 | my $no_fp_api; | 111 | my $no_fp_api; |
| 112 | 112 | ||
| 113 | foreach (@ARGV, split(/ /, $options)) | 113 | foreach (@ARGV, split(/ /, $options)) |
| @@ -176,6 +176,8 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 176 | elsif (/^no-comp$/) { $no_comp=1; } | 176 | elsif (/^no-comp$/) { $no_comp=1; } |
| 177 | elsif (/^no-dso$/) { $no_dso=1; } | 177 | elsif (/^no-dso$/) { $no_dso=1; } |
| 178 | elsif (/^no-krb5$/) { $no_krb5=1; } | 178 | elsif (/^no-krb5$/) { $no_krb5=1; } |
| 179 | elsif (/^no-engine$/) { $no_engine=1; } | ||
| 180 | elsif (/^no-hw$/) { $no_hw=1; } | ||
| 179 | } | 181 | } |
| 180 | 182 | ||
| 181 | 183 | ||
| @@ -235,7 +237,7 @@ $crypto.=" crypto/dh/dh.h" ; # unless $no_dh; | |||
| 235 | $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; | 237 | $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; |
| 236 | $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; | 238 | $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; |
| 237 | 239 | ||
| 238 | $crypto.=" crypto/engine/engine.h"; | 240 | $crypto.=" crypto/engine/engine.h"; # unless $no_engine; |
| 239 | $crypto.=" crypto/stack/stack.h" ; # unless $no_stack; | 241 | $crypto.=" crypto/stack/stack.h" ; # unless $no_stack; |
| 240 | $crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer; | 242 | $crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer; |
| 241 | $crypto.=" crypto/bio/bio.h" ; # unless $no_bio; | 243 | $crypto.=" crypto/bio/bio.h" ; # unless $no_bio; |
| @@ -438,7 +440,12 @@ sub do_defs | |||
| 438 | } | 440 | } |
| 439 | 441 | ||
| 440 | s/\/\*.*?\*\///gs; # ignore comments | 442 | s/\/\*.*?\*\///gs; # ignore comments |
| 443 | if (/\/\*/) { # if we have part | ||
| 444 | $line = $_; # of a comment, | ||
| 445 | next; # continue reading | ||
| 446 | } | ||
| 441 | s/{[^{}]*}//gs; # ignore {} blocks | 447 | s/{[^{}]*}//gs; # ignore {} blocks |
| 448 | print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne ""; | ||
| 442 | print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; | 449 | print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; |
| 443 | if (/^\#\s*ifndef\s+(.*)/) { | 450 | if (/^\#\s*ifndef\s+(.*)/) { |
| 444 | push(@tag,"-"); | 451 | push(@tag,"-"); |
| @@ -812,14 +819,14 @@ sub do_defs | |||
| 812 | } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { | 819 | } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { |
| 813 | $s = $1; | 820 | $s = $1; |
| 814 | print STDERR "DEBUG: found ANSI C function $s\n" if $debug; | 821 | print STDERR "DEBUG: found ANSI C function $s\n" if $debug; |
| 815 | } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s) { | 822 | } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 816 | # K&R C | 823 | # K&R C |
| 817 | print STDERR "DEBUG: found K&R C function $s\n" if $debug; | 824 | print STDERR "DEBUG: found K&R C function $s\n" if $debug; |
| 818 | next; | 825 | next; |
| 819 | } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)$/s) { | 826 | } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 820 | while (not /\(\)$/s) { | 827 | while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 821 | s/[^\(\)]*\)$/\)/s; | 828 | s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 822 | s/\([^\(\)]*\)\)$/\)/s; | 829 | s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 823 | } | 830 | } |
| 824 | s/\(void\)//; | 831 | s/\(void\)//; |
| 825 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; | 832 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; |
| @@ -1052,6 +1059,8 @@ sub is_valid | |||
| 1052 | if ($keyword eq "COMP" && $no_comp) { return 0; } | 1059 | if ($keyword eq "COMP" && $no_comp) { return 0; } |
| 1053 | if ($keyword eq "DSO" && $no_dso) { return 0; } | 1060 | if ($keyword eq "DSO" && $no_dso) { return 0; } |
| 1054 | if ($keyword eq "KRB5" && $no_krb5) { return 0; } | 1061 | if ($keyword eq "KRB5" && $no_krb5) { return 0; } |
| 1062 | if ($keyword eq "ENGINE" && $no_engine) { return 0; } | ||
| 1063 | if ($keyword eq "HW" && $no_hw) { return 0; } | ||
| 1055 | if ($keyword eq "FP_API" && $no_fp_api) { return 0; } | 1064 | if ($keyword eq "FP_API" && $no_fp_api) { return 0; } |
| 1056 | 1065 | ||
| 1057 | # Nothing recognise as true | 1066 | # Nothing recognise as true |
diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl index 4105047b21..1b2915c767 100644 --- a/src/lib/libcrypto/util/mkerr.pl +++ b/src/lib/libcrypto/util/mkerr.pl | |||
| @@ -132,16 +132,16 @@ while (($hdr, $lib) = each %libinc) | |||
| 132 | my $name = $1; | 132 | my $name = $1; |
| 133 | $name =~ tr/[a-z]/[A-Z]/; | 133 | $name =~ tr/[a-z]/[A-Z]/; |
| 134 | $ftrans{$name} = $1; | 134 | $ftrans{$name} = $1; |
| 135 | } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s){ | 135 | } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s){ |
| 136 | # K&R C | 136 | # K&R C |
| 137 | next ; | 137 | next ; |
| 138 | } elsif (/\w+\W+\w+\W*\(.*\)$/s) { | 138 | } elsif (/\w+\W+\w+\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 139 | while (not /\(\)$/s) { | 139 | while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 140 | s/[^\(\)]*\)$/\)/s; | 140 | s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 141 | s/\([^\(\)]*\)\)$/\)/s; | 141 | s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 142 | } | 142 | } |
| 143 | s/\(void\)//; | 143 | s/\(void\)//; |
| 144 | /(\w+)\W*\(\)/s; | 144 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; |
| 145 | my $name = $1; | 145 | my $name = $1; |
| 146 | $name =~ tr/[a-z]/[A-Z]/; | 146 | $name =~ tr/[a-z]/[A-Z]/; |
| 147 | $ftrans{$name} = $1; | 147 | $ftrans{$name} = $1; |
| @@ -262,7 +262,7 @@ foreach $lib (keys %csrc) | |||
| 262 | } else { | 262 | } else { |
| 263 | push @out, | 263 | push @out, |
| 264 | "/* ====================================================================\n", | 264 | "/* ====================================================================\n", |
| 265 | " * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.\n", | 265 | " * Copyright (c) 2001-2003 The OpenSSL Project. All rights reserved.\n", |
| 266 | " *\n", | 266 | " *\n", |
| 267 | " * Redistribution and use in source and binary forms, with or without\n", | 267 | " * Redistribution and use in source and binary forms, with or without\n", |
| 268 | " * modification, are permitted provided that the following conditions\n", | 268 | " * modification, are permitted provided that the following conditions\n", |
| @@ -404,7 +404,7 @@ EOF | |||
| 404 | print OUT <<"EOF"; | 404 | print OUT <<"EOF"; |
| 405 | /* $cfile */ | 405 | /* $cfile */ |
| 406 | /* ==================================================================== | 406 | /* ==================================================================== |
| 407 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. | 407 | * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. |
| 408 | * | 408 | * |
| 409 | * Redistribution and use in source and binary forms, with or without | 409 | * Redistribution and use in source and binary forms, with or without |
| 410 | * modification, are permitted provided that the following conditions | 410 | * modification, are permitted provided that the following conditions |
diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl index bd7a9d9301..e83b336190 100644 --- a/src/lib/libcrypto/util/pl/BC-32.pl +++ b/src/lib/libcrypto/util/pl/BC-32.pl | |||
| @@ -51,9 +51,9 @@ $lfile=''; | |||
| 51 | $shlib_ex_obj=""; | 51 | $shlib_ex_obj=""; |
| 52 | $app_ex_obj="c0x32.obj"; | 52 | $app_ex_obj="c0x32.obj"; |
| 53 | 53 | ||
| 54 | $asm='nasmw'; | 54 | $asm='nasmw -f obj'; |
| 55 | $asm.=" /Zi" if $debug; | 55 | $asm.=" /Zi" if $debug; |
| 56 | $afile='-f obj -o'; | 56 | $afile='-o'; |
| 57 | 57 | ||
| 58 | $bn_mulw_obj=''; | 58 | $bn_mulw_obj=''; |
| 59 | $bn_mulw_src=''; | 59 | $bn_mulw_src=''; |
diff --git a/src/lib/libcrypto/util/pl/Mingw32.pl b/src/lib/libcrypto/util/pl/Mingw32.pl index 45ab685974..043a3a53ee 100644 --- a/src/lib/libcrypto/util/pl/Mingw32.pl +++ b/src/lib/libcrypto/util/pl/Mingw32.pl | |||
| @@ -1,17 +1,17 @@ | |||
| 1 | #!/usr/local/bin/perl | 1 | #!/usr/local/bin/perl |
| 2 | # | 2 | # |
| 3 | # Mingw32.pl -- Mingw32 with GNU cp (Mingw32f.pl uses DOS tools) | 3 | # Mingw32.pl -- Mingw |
| 4 | # | 4 | # |
| 5 | 5 | ||
| 6 | $o='/'; | 6 | $o='/'; |
| 7 | $cp='cp'; | 7 | $cp='cp'; |
| 8 | $rm='rem'; # use 'rm -f' if using GNU file utilities | 8 | $rm='rm -f'; |
| 9 | $mkdir='gmkdir'; | 9 | $mkdir='gmkdir'; |
| 10 | 10 | ||
| 11 | # gcc wouldn't accept backslashes in paths | 11 | $o='\\'; |
| 12 | #$o='\\'; | 12 | $cp='copy'; |
| 13 | #$cp='copy'; | 13 | $rm='del'; |
| 14 | #$rm='del'; | 14 | $mkdir='mkdir'; |
| 15 | 15 | ||
| 16 | # C compiler stuff | 16 | # C compiler stuff |
| 17 | 17 | ||
| @@ -19,29 +19,29 @@ $cc='gcc'; | |||
| 19 | if ($debug) | 19 | if ($debug) |
| 20 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } | 20 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } |
| 21 | else | 21 | else |
| 22 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; } | 22 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; } |
| 23 | 23 | ||
| 24 | if ($gaswin and !$no_asm) | 24 | if ($gaswin and !$no_asm) |
| 25 | { | 25 | { |
| 26 | $bn_asm_obj='$(OBJ_D)/bn-win32.o'; | 26 | $bn_asm_obj='$(OBJ_D)\bn-win32.o'; |
| 27 | $bn_asm_src='crypto/bn/asm/bn-win32.s'; | 27 | $bn_asm_src='crypto/bn/asm/bn-win32.s'; |
| 28 | $bnco_asm_obj='$(OBJ_D)/co-win32.o'; | 28 | $bnco_asm_obj='$(OBJ_D)\co-win32.o'; |
| 29 | $bnco_asm_src='crypto/bn/asm/co-win32.s'; | 29 | $bnco_asm_src='crypto/bn/asm/co-win32.s'; |
| 30 | $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o'; | 30 | $des_enc_obj='$(OBJ_D)\d-win32.o $(OBJ_D)\y-win32.o'; |
| 31 | $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s'; | 31 | $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s'; |
| 32 | $bf_enc_obj='$(OBJ_D)/b-win32.o'; | 32 | $bf_enc_obj='$(OBJ_D)\b-win32.o'; |
| 33 | $bf_enc_src='crypto/bf/asm/b-win32.s'; | 33 | $bf_enc_src='crypto/bf/asm/b-win32.s'; |
| 34 | # $cast_enc_obj='$(OBJ_D)/c-win32.o'; | 34 | # $cast_enc_obj='$(OBJ_D)\c-win32.o'; |
| 35 | # $cast_enc_src='crypto/cast/asm/c-win32.s'; | 35 | # $cast_enc_src='crypto/cast/asm/c-win32.s'; |
| 36 | $rc4_enc_obj='$(OBJ_D)/r4-win32.o'; | 36 | $rc4_enc_obj='$(OBJ_D)\r4-win32.o'; |
| 37 | $rc4_enc_src='crypto/rc4/asm/r4-win32.s'; | 37 | $rc4_enc_src='crypto/rc4/asm/r4-win32.s'; |
| 38 | $rc5_enc_obj='$(OBJ_D)/r5-win32.o'; | 38 | $rc5_enc_obj='$(OBJ_D)\r5-win32.o'; |
| 39 | $rc5_enc_src='crypto/rc5/asm/r5-win32.s'; | 39 | $rc5_enc_src='crypto/rc5/asm/r5-win32.s'; |
| 40 | $md5_asm_obj='$(OBJ_D)/m5-win32.o'; | 40 | $md5_asm_obj='$(OBJ_D)\m5-win32.o'; |
| 41 | $md5_asm_src='crypto/md5/asm/m5-win32.s'; | 41 | $md5_asm_src='crypto/md5/asm/m5-win32.s'; |
| 42 | $rmd160_asm_obj='$(OBJ_D)/rm-win32.o'; | 42 | $rmd160_asm_obj='$(OBJ_D)\rm-win32.o'; |
| 43 | $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; | 43 | $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; |
| 44 | $sha1_asm_obj='$(OBJ_D)/s1-win32.o'; | 44 | $sha1_asm_obj='$(OBJ_D)\s1-win32.o'; |
| 45 | $sha1_asm_src='crypto/sha/asm/s1-win32.s'; | 45 | $sha1_asm_src='crypto/sha/asm/s1-win32.s'; |
| 46 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; | 46 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; |
| 47 | } | 47 | } |
diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl index d6e3a11530..285990c589 100644 --- a/src/lib/libcrypto/util/pl/VC-32.pl +++ b/src/lib/libcrypto/util/pl/VC-32.pl | |||
| @@ -91,7 +91,7 @@ if ($shlib) | |||
| 91 | { | 91 | { |
| 92 | $mlflags.=" $lflags /dll"; | 92 | $mlflags.=" $lflags /dll"; |
| 93 | # $cflags =~ s| /MD| /MT|; | 93 | # $cflags =~ s| /MD| /MT|; |
| 94 | $lib_cflag=" -D_WINDLL -D_DLL"; | 94 | $lib_cflag=" -D_WINDLL"; |
| 95 | $out_def="out32dll"; | 95 | $out_def="out32dll"; |
| 96 | $tmp_def="tmp32dll"; | 96 | $tmp_def="tmp32dll"; |
| 97 | } | 97 | } |
diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num index fdea47205d..46e38a131f 100644 --- a/src/lib/libcrypto/util/ssleay.num +++ b/src/lib/libcrypto/util/ssleay.num | |||
| @@ -169,7 +169,7 @@ SSL_add_file_cert_subjects_to_stack 185 EXIST:!VMS:FUNCTION:STDIO | |||
| 169 | SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO | 169 | SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO |
| 170 | SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA | 170 | SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA |
| 171 | SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH | 171 | SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH |
| 172 | SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS,!WIN32:FUNCTION:STDIO | 172 | SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO |
| 173 | SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: | 173 | SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: |
| 174 | SSL_set_session_id_context 189 EXIST::FUNCTION: | 174 | SSL_set_session_id_context 189 EXIST::FUNCTION: |
| 175 | SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO | 175 | SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO |
diff --git a/src/lib/libcrypto/x509/Makefile.ssl b/src/lib/libcrypto/x509/Makefile.ssl index ee53294699..3a3452536c 100644 --- a/src/lib/libcrypto/x509/Makefile.ssl +++ b/src/lib/libcrypto/x509/Makefile.ssl | |||
| @@ -78,7 +78,7 @@ lint: | |||
| 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 79 | 79 | ||
| 80 | depend: | 80 | depend: |
| 81 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 81 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 82 | 82 | ||
| 83 | dclean: | 83 | dclean: |
| 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c index 92e00d2d73..b4b04183d0 100644 --- a/src/lib/libcrypto/x509/by_file.c +++ b/src/lib/libcrypto/x509/by_file.c | |||
| @@ -100,18 +100,19 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | |||
| 100 | case X509_L_FILE_LOAD: | 100 | case X509_L_FILE_LOAD: |
| 101 | if (argl == X509_FILETYPE_DEFAULT) | 101 | if (argl == X509_FILETYPE_DEFAULT) |
| 102 | { | 102 | { |
| 103 | ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), | 103 | file = (char *)Getenv(X509_get_default_cert_file_env()); |
| 104 | X509_FILETYPE_PEM) != 0); | 104 | if (file) |
| 105 | ok = (X509_load_cert_crl_file(ctx,file, | ||
| 106 | X509_FILETYPE_PEM) != 0); | ||
| 107 | |||
| 108 | else | ||
| 109 | ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), | ||
| 110 | X509_FILETYPE_PEM) != 0); | ||
| 111 | |||
| 105 | if (!ok) | 112 | if (!ok) |
| 106 | { | 113 | { |
| 107 | X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); | 114 | X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); |
| 108 | } | 115 | } |
| 109 | else | ||
| 110 | { | ||
| 111 | file=(char *)Getenv(X509_get_default_cert_file_env()); | ||
| 112 | ok = (X509_load_cert_crl_file(ctx,file, | ||
| 113 | X509_FILETYPE_PEM) != 0); | ||
| 114 | } | ||
| 115 | } | 116 | } |
| 116 | else | 117 | else |
| 117 | { | 118 | { |
| @@ -284,7 +285,8 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) | |||
| 284 | if(itmp->x509) { | 285 | if(itmp->x509) { |
| 285 | X509_STORE_add_cert(ctx->store_ctx, itmp->x509); | 286 | X509_STORE_add_cert(ctx->store_ctx, itmp->x509); |
| 286 | count++; | 287 | count++; |
| 287 | } else if(itmp->crl) { | 288 | } |
| 289 | if(itmp->crl) { | ||
| 288 | X509_STORE_add_crl(ctx->store_ctx, itmp->crl); | 290 | X509_STORE_add_crl(ctx->store_ctx, itmp->crl); |
| 289 | count++; | 291 | count++; |
| 290 | } | 292 | } |
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h index 7095440d36..eaad5685a8 100644 --- a/src/lib/libcrypto/x509/x509.h +++ b/src/lib/libcrypto/x509/x509.h | |||
| @@ -87,7 +87,6 @@ | |||
| 87 | #ifndef OPENSSL_NO_SHA | 87 | #ifndef OPENSSL_NO_SHA |
| 88 | #include <openssl/sha.h> | 88 | #include <openssl/sha.h> |
| 89 | #endif | 89 | #endif |
| 90 | #include <openssl/evp.h> | ||
| 91 | #include <openssl/e_os2.h> | 90 | #include <openssl/e_os2.h> |
| 92 | #include <openssl/ossl_typ.h> | 91 | #include <openssl/ossl_typ.h> |
| 93 | 92 | ||
| @@ -487,10 +486,12 @@ typedef struct Netscape_certificate_sequence | |||
| 487 | STACK_OF(X509) *certs; | 486 | STACK_OF(X509) *certs; |
| 488 | } NETSCAPE_CERT_SEQUENCE; | 487 | } NETSCAPE_CERT_SEQUENCE; |
| 489 | 488 | ||
| 489 | /* Unused (and iv length is wrong) | ||
| 490 | typedef struct CBCParameter_st | 490 | typedef struct CBCParameter_st |
| 491 | { | 491 | { |
| 492 | unsigned char iv[8]; | 492 | unsigned char iv[8]; |
| 493 | } CBC_PARAM; | 493 | } CBC_PARAM; |
| 494 | */ | ||
| 494 | 495 | ||
| 495 | /* Password based encryption structure */ | 496 | /* Password based encryption structure */ |
| 496 | 497 | ||
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index cd20b6d66f..f460102f49 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c | |||
| @@ -57,6 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <ctype.h> | ||
| 60 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
| 62 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| @@ -81,13 +82,14 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) | |||
| 81 | unsigned long ret=0; | 82 | unsigned long ret=0; |
| 82 | EVP_MD_CTX ctx; | 83 | EVP_MD_CTX ctx; |
| 83 | unsigned char md[16]; | 84 | unsigned char md[16]; |
| 84 | char str[256]; | 85 | char *f; |
| 85 | 86 | ||
| 86 | EVP_MD_CTX_init(&ctx); | 87 | EVP_MD_CTX_init(&ctx); |
| 87 | X509_NAME_oneline(a->cert_info->issuer,str,256); | 88 | f=X509_NAME_oneline(a->cert_info->issuer,NULL,0); |
| 88 | ret=strlen(str); | 89 | ret=strlen(f); |
| 89 | EVP_DigestInit_ex(&ctx, EVP_md5(), NULL); | 90 | EVP_DigestInit_ex(&ctx, EVP_md5(), NULL); |
| 90 | EVP_DigestUpdate(&ctx,(unsigned char *)str,ret); | 91 | EVP_DigestUpdate(&ctx,(unsigned char *)f,ret); |
| 92 | OPENSSL_free(f); | ||
| 91 | EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, | 93 | EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, |
| 92 | (unsigned long)a->cert_info->serialNumber->length); | 94 | (unsigned long)a->cert_info->serialNumber->length); |
| 93 | EVP_DigestFinal_ex(&ctx,&(md[0]),NULL); | 95 | EVP_DigestFinal_ex(&ctx,&(md[0]),NULL); |
| @@ -159,6 +161,99 @@ int X509_cmp(const X509 *a, const X509 *b) | |||
| 159 | } | 161 | } |
| 160 | #endif | 162 | #endif |
| 161 | 163 | ||
| 164 | |||
| 165 | /* Case insensitive string comparision */ | ||
| 166 | static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b) | ||
| 167 | { | ||
| 168 | int i; | ||
| 169 | |||
| 170 | if (a->length != b->length) | ||
| 171 | return (a->length - b->length); | ||
| 172 | |||
| 173 | for (i=0; i<a->length; i++) | ||
| 174 | { | ||
| 175 | int ca, cb; | ||
| 176 | |||
| 177 | ca = tolower(a->data[i]); | ||
| 178 | cb = tolower(b->data[i]); | ||
| 179 | |||
| 180 | if (ca != cb) | ||
| 181 | return(ca-cb); | ||
| 182 | } | ||
| 183 | return 0; | ||
| 184 | } | ||
| 185 | |||
| 186 | /* Case insensitive string comparision with space normalization | ||
| 187 | * Space normalization - ignore leading, trailing spaces, | ||
| 188 | * multiple spaces between characters are replaced by single space | ||
| 189 | */ | ||
| 190 | static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b) | ||
| 191 | { | ||
| 192 | unsigned char *pa = NULL, *pb = NULL; | ||
| 193 | int la, lb; | ||
| 194 | |||
| 195 | la = a->length; | ||
| 196 | lb = b->length; | ||
| 197 | pa = a->data; | ||
| 198 | pb = b->data; | ||
| 199 | |||
| 200 | /* skip leading spaces */ | ||
| 201 | while (la > 0 && isspace(*pa)) | ||
| 202 | { | ||
| 203 | la--; | ||
| 204 | pa++; | ||
| 205 | } | ||
| 206 | while (lb > 0 && isspace(*pb)) | ||
| 207 | { | ||
| 208 | lb--; | ||
| 209 | pb++; | ||
| 210 | } | ||
| 211 | |||
| 212 | /* skip trailing spaces */ | ||
| 213 | while (la > 0 && isspace(pa[la-1])) | ||
| 214 | la--; | ||
| 215 | while (lb > 0 && isspace(pb[lb-1])) | ||
| 216 | lb--; | ||
| 217 | |||
| 218 | /* compare strings with space normalization */ | ||
| 219 | while (la > 0 && lb > 0) | ||
| 220 | { | ||
| 221 | int ca, cb; | ||
| 222 | |||
| 223 | /* compare character */ | ||
| 224 | ca = tolower(*pa); | ||
| 225 | cb = tolower(*pb); | ||
| 226 | if (ca != cb) | ||
| 227 | return (ca - cb); | ||
| 228 | |||
| 229 | pa++; pb++; | ||
| 230 | la--; lb--; | ||
| 231 | |||
| 232 | if (la <= 0 || lb <= 0) | ||
| 233 | break; | ||
| 234 | |||
| 235 | /* is white space next character ? */ | ||
| 236 | if (isspace(*pa) && isspace(*pb)) | ||
| 237 | { | ||
| 238 | /* skip remaining white spaces */ | ||
| 239 | while (la > 0 && isspace(*pa)) | ||
| 240 | { | ||
| 241 | la--; | ||
| 242 | pa++; | ||
| 243 | } | ||
| 244 | while (lb > 0 && isspace(*pb)) | ||
| 245 | { | ||
| 246 | lb--; | ||
| 247 | pb++; | ||
| 248 | } | ||
| 249 | } | ||
| 250 | } | ||
| 251 | if (la > 0 || lb > 0) | ||
| 252 | return la - lb; | ||
| 253 | |||
| 254 | return 0; | ||
| 255 | } | ||
| 256 | |||
| 162 | int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) | 257 | int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) |
| 163 | { | 258 | { |
| 164 | int i,j; | 259 | int i,j; |
| @@ -172,10 +267,20 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) | |||
| 172 | { | 267 | { |
| 173 | na=sk_X509_NAME_ENTRY_value(a->entries,i); | 268 | na=sk_X509_NAME_ENTRY_value(a->entries,i); |
| 174 | nb=sk_X509_NAME_ENTRY_value(b->entries,i); | 269 | nb=sk_X509_NAME_ENTRY_value(b->entries,i); |
| 175 | j=na->value->length-nb->value->length; | 270 | j=na->value->type-nb->value->type; |
| 176 | if (j) return(j); | 271 | if (j) return(j); |
| 177 | j=memcmp(na->value->data,nb->value->data, | 272 | if (na->value->type == V_ASN1_PRINTABLESTRING) |
| 178 | na->value->length); | 273 | j=nocase_spacenorm_cmp(na->value, nb->value); |
| 274 | else if (na->value->type == V_ASN1_IA5STRING | ||
| 275 | && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress) | ||
| 276 | j=nocase_cmp(na->value, nb->value); | ||
| 277 | else | ||
| 278 | { | ||
| 279 | j=na->value->length-nb->value->length; | ||
| 280 | if (j) return(j); | ||
| 281 | j=memcmp(na->value->data,nb->value->data, | ||
| 282 | na->value->length); | ||
| 283 | } | ||
| 179 | if (j) return(j); | 284 | if (j) return(j); |
| 180 | j=na->set-nb->set; | 285 | j=na->set-nb->set; |
| 181 | if (j) return(j); | 286 | if (j) return(j); |
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c index b5f7daa2e5..67b1796a92 100644 --- a/src/lib/libcrypto/x509/x509_v3.c +++ b/src/lib/libcrypto/x509/x509_v3.c | |||
| @@ -116,7 +116,7 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, | |||
| 116 | { | 116 | { |
| 117 | ex=sk_X509_EXTENSION_value(sk,lastpos); | 117 | ex=sk_X509_EXTENSION_value(sk,lastpos); |
| 118 | if ( ((ex->critical > 0) && crit) || | 118 | if ( ((ex->critical > 0) && crit) || |
| 119 | (!(ex->critical <= 0) && !crit)) | 119 | ((ex->critical <= 0) && !crit)) |
| 120 | return(lastpos); | 120 | return(lastpos); |
| 121 | } | 121 | } |
| 122 | return(-1); | 122 | return(-1); |
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index db12f7bd35..552d1e7251 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c | |||
| @@ -756,7 +756,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) | |||
| 756 | { | 756 | { |
| 757 | char *str; | 757 | char *str; |
| 758 | ASN1_TIME atm; | 758 | ASN1_TIME atm; |
| 759 | time_t offset; | 759 | long offset; |
| 760 | char buff1[24],buff2[24],*p; | 760 | char buff1[24],buff2[24],*p; |
| 761 | int i,j; | 761 | int i,j; |
| 762 | 762 | ||
diff --git a/src/lib/libcrypto/x509v3/Makefile.ssl b/src/lib/libcrypto/x509v3/Makefile.ssl index 3534e8b236..66df90c346 100644 --- a/src/lib/libcrypto/x509v3/Makefile.ssl +++ b/src/lib/libcrypto/x509v3/Makefile.ssl | |||
| @@ -74,7 +74,7 @@ lint: | |||
| 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 75 | 75 | ||
| 76 | depend: | 76 | depend: |
| 77 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 77 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 78 | 78 | ||
| 79 | dclean: | 79 | dclean: |
| 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libcrypto/x509v3/ext_dat.h b/src/lib/libcrypto/x509v3/ext_dat.h index 2fb97d8925..5442480595 100644 --- a/src/lib/libcrypto/x509v3/ext_dat.h +++ b/src/lib/libcrypto/x509v3/ext_dat.h | |||
| @@ -90,17 +90,23 @@ static X509V3_EXT_METHOD *standard_exts[] = { | |||
| 90 | &v3_crld, | 90 | &v3_crld, |
| 91 | &v3_ext_ku, | 91 | &v3_ext_ku, |
| 92 | &v3_crl_reason, | 92 | &v3_crl_reason, |
| 93 | #ifndef OPENSSL_NO_OCSP | ||
| 93 | &v3_crl_invdate, | 94 | &v3_crl_invdate, |
| 95 | #endif | ||
| 94 | &v3_sxnet, | 96 | &v3_sxnet, |
| 95 | &v3_info, | 97 | &v3_info, |
| 98 | #ifndef OPENSSL_NO_OCSP | ||
| 96 | &v3_ocsp_nonce, | 99 | &v3_ocsp_nonce, |
| 97 | &v3_ocsp_crlid, | 100 | &v3_ocsp_crlid, |
| 98 | &v3_ocsp_accresp, | 101 | &v3_ocsp_accresp, |
| 99 | &v3_ocsp_nocheck, | 102 | &v3_ocsp_nocheck, |
| 100 | &v3_ocsp_acutoff, | 103 | &v3_ocsp_acutoff, |
| 101 | &v3_ocsp_serviceloc, | 104 | &v3_ocsp_serviceloc, |
| 105 | #endif | ||
| 102 | &v3_sinfo, | 106 | &v3_sinfo, |
| 107 | #ifndef OPENSSL_NO_OCSP | ||
| 103 | &v3_crl_hold | 108 | &v3_crl_hold |
| 109 | #endif | ||
| 104 | }; | 110 | }; |
| 105 | 111 | ||
| 106 | /* Number of standard extensions */ | 112 | /* Number of standard extensions */ |
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c index 92b9316b02..28cc00686a 100644 --- a/src/lib/libcrypto/x509v3/v3_info.c +++ b/src/lib/libcrypto/x509v3/v3_info.c | |||
| @@ -113,8 +113,8 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method | |||
| 113 | ret = i2v_GENERAL_NAME(method, desc->location, ret); | 113 | ret = i2v_GENERAL_NAME(method, desc->location, ret); |
| 114 | if(!ret) break; | 114 | if(!ret) break; |
| 115 | vtmp = sk_CONF_VALUE_value(ret, i); | 115 | vtmp = sk_CONF_VALUE_value(ret, i); |
| 116 | i2t_ASN1_OBJECT(objtmp, 80, desc->method); | 116 | i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); |
| 117 | nlen = strlen(objtmp) + strlen(vtmp->name) + 4; | 117 | nlen = strlen(objtmp) + strlen(vtmp->name) + 5; |
| 118 | ntmp = OPENSSL_malloc(nlen); | 118 | ntmp = OPENSSL_malloc(nlen); |
| 119 | if(!ntmp) { | 119 | if(!ntmp) { |
| 120 | X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, | 120 | X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, |
diff --git a/src/lib/libcrypto/x509v3/v3_ocsp.c b/src/lib/libcrypto/x509v3/v3_ocsp.c index 083112314e..21badc13f9 100644 --- a/src/lib/libcrypto/x509v3/v3_ocsp.c +++ b/src/lib/libcrypto/x509v3/v3_ocsp.c | |||
| @@ -56,6 +56,8 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_OCSP | ||
| 60 | |||
| 59 | #include <stdio.h> | 61 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 61 | #include <openssl/conf.h> | 63 | #include <openssl/conf.h> |
| @@ -270,3 +272,4 @@ static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int | |||
| 270 | err: | 272 | err: |
| 271 | return 0; | 273 | return 0; |
| 272 | } | 274 | } |
| 275 | #endif | ||
diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c index aeaf6170fe..754808b625 100644 --- a/src/lib/libcrypto/x509v3/v3_prn.c +++ b/src/lib/libcrypto/x509v3/v3_prn.c | |||
| @@ -178,7 +178,7 @@ int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts | |||
| 178 | ASN1_OBJECT *obj; | 178 | ASN1_OBJECT *obj; |
| 179 | X509_EXTENSION *ex; | 179 | X509_EXTENSION *ex; |
| 180 | ex=sk_X509_EXTENSION_value(exts, i); | 180 | ex=sk_X509_EXTENSION_value(exts, i); |
| 181 | if (BIO_printf(bp,"%*s",indent, "") <= 0) return 0; | 181 | if (indent && BIO_printf(bp,"%*s",indent, "") <= 0) return 0; |
| 182 | obj=X509_EXTENSION_get_object(ex); | 182 | obj=X509_EXTENSION_get_object(ex); |
| 183 | i2a_ASN1_OBJECT(bp,obj); | 183 | i2a_ASN1_OBJECT(bp,obj); |
| 184 | j=X509_EXTENSION_get_critical(ex); | 184 | j=X509_EXTENSION_get_critical(ex); |
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c index b739e4fd83..4d145f71fd 100644 --- a/src/lib/libcrypto/x509v3/v3_purp.c +++ b/src/lib/libcrypto/x509v3/v3_purp.c | |||
| @@ -378,6 +378,10 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 378 | case NID_time_stamp: | 378 | case NID_time_stamp: |
| 379 | x->ex_xkusage |= XKU_TIMESTAMP; | 379 | x->ex_xkusage |= XKU_TIMESTAMP; |
| 380 | break; | 380 | break; |
| 381 | |||
| 382 | case NID_dvcs: | ||
| 383 | x->ex_xkusage |= XKU_DVCS; | ||
| 384 | break; | ||
| 381 | } | 385 | } |
| 382 | } | 386 | } |
| 383 | sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); | 387 | sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); |
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c index 283e943e46..34ac2998de 100644 --- a/src/lib/libcrypto/x509v3/v3_utl.c +++ b/src/lib/libcrypto/x509v3/v3_utl.c | |||
| @@ -491,7 +491,7 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) | |||
| 491 | i = -1; | 491 | i = -1; |
| 492 | /* First supplied X509_NAME */ | 492 | /* First supplied X509_NAME */ |
| 493 | while((i = X509_NAME_get_index_by_NID(name, | 493 | while((i = X509_NAME_get_index_by_NID(name, |
| 494 | NID_pkcs9_emailAddress, i)) > 0) { | 494 | NID_pkcs9_emailAddress, i)) >= 0) { |
| 495 | ne = X509_NAME_get_entry(name, i); | 495 | ne = X509_NAME_get_entry(name, i); |
| 496 | email = X509_NAME_ENTRY_get_data(ne); | 496 | email = X509_NAME_ENTRY_get_data(ne); |
| 497 | if(!append_ia5(&ret, email)) return NULL; | 497 | if(!append_ia5(&ret, email)) return NULL; |
diff --git a/src/lib/libcrypto/x509v3/v3conf.c b/src/lib/libcrypto/x509v3/v3conf.c index 67ee14f334..00cf5b4a5b 100644 --- a/src/lib/libcrypto/x509v3/v3conf.c +++ b/src/lib/libcrypto/x509v3/v3conf.c | |||
| @@ -118,7 +118,7 @@ int main(int argc, char **argv) | |||
| 118 | printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); | 118 | printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); |
| 119 | if(ext->critical) printf(",critical:\n"); | 119 | if(ext->critical) printf(",critical:\n"); |
| 120 | else printf(":\n"); | 120 | else printf(":\n"); |
| 121 | X509V3_EXT_print_fp(stdout, ext, 0); | 121 | X509V3_EXT_print_fp(stdout, ext, 0, 0); |
| 122 | printf("\n"); | 122 | printf("\n"); |
| 123 | 123 | ||
| 124 | } | 124 | } |
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h index daecc55271..fb07a19016 100644 --- a/src/lib/libcrypto/x509v3/x509v3.h +++ b/src/lib/libcrypto/x509v3/x509v3.h | |||
| @@ -352,6 +352,7 @@ DECLARE_ASN1_SET_OF(POLICYINFO) | |||
| 352 | #define XKU_SGC 0x10 | 352 | #define XKU_SGC 0x10 |
| 353 | #define XKU_OCSP_SIGN 0x20 | 353 | #define XKU_OCSP_SIGN 0x20 |
| 354 | #define XKU_TIMESTAMP 0x40 | 354 | #define XKU_TIMESTAMP 0x40 |
| 355 | #define XKU_DVCS 0x80 | ||
| 355 | 356 | ||
| 356 | #define X509_PURPOSE_DYNAMIC 0x1 | 357 | #define X509_PURPOSE_DYNAMIC 0x1 |
| 357 | #define X509_PURPOSE_DYNAMIC_NAME 0x2 | 358 | #define X509_PURPOSE_DYNAMIC_NAME 0x2 |
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE index 7b93e0dbce..dddb07842b 100644 --- a/src/lib/libssl/LICENSE +++ b/src/lib/libssl/LICENSE | |||
| @@ -12,7 +12,7 @@ | |||
| 12 | --------------- | 12 | --------------- |
| 13 | 13 | ||
| 14 | /* ==================================================================== | 14 | /* ==================================================================== |
| 15 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 15 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 16 | * | 16 | * |
| 17 | * Redistribution and use in source and binary forms, with or without | 17 | * Redistribution and use in source and binary forms, with or without |
| 18 | * modification, are permitted provided that the following conditions | 18 | * modification, are permitted provided that the following conditions |
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c index 467e149947..d683ee43e1 100644 --- a/src/lib/libssl/bio_ssl.c +++ b/src/lib/libssl/bio_ssl.c | |||
| @@ -403,6 +403,10 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 403 | { | 403 | { |
| 404 | BIO_free_all(ssl->wbio); | 404 | BIO_free_all(ssl->wbio); |
| 405 | } | 405 | } |
| 406 | if (b->next_bio != NULL) | ||
| 407 | { | ||
| 408 | CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO); | ||
| 409 | } | ||
| 406 | ssl->wbio=NULL; | 410 | ssl->wbio=NULL; |
| 407 | ssl->rbio=NULL; | 411 | ssl->rbio=NULL; |
| 408 | break; | 412 | break; |
| @@ -509,6 +513,7 @@ static int ssl_puts(BIO *bp, const char *str) | |||
| 509 | 513 | ||
| 510 | BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) | 514 | BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) |
| 511 | { | 515 | { |
| 516 | #ifndef OPENSSL_NO_SOCK | ||
| 512 | BIO *ret=NULL,*buf=NULL,*ssl=NULL; | 517 | BIO *ret=NULL,*buf=NULL,*ssl=NULL; |
| 513 | 518 | ||
| 514 | if ((buf=BIO_new(BIO_f_buffer())) == NULL) | 519 | if ((buf=BIO_new(BIO_f_buffer())) == NULL) |
| @@ -521,6 +526,7 @@ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) | |||
| 521 | err: | 526 | err: |
| 522 | if (buf != NULL) BIO_free(buf); | 527 | if (buf != NULL) BIO_free(buf); |
| 523 | if (ssl != NULL) BIO_free(ssl); | 528 | if (ssl != NULL) BIO_free(ssl); |
| 529 | #endif | ||
| 524 | return(NULL); | 530 | return(NULL); |
| 525 | } | 531 | } |
| 526 | 532 | ||
diff --git a/src/lib/libssl/crypto/Makefile b/src/lib/libssl/crypto/Makefile index a9d00105f8..038e162e4d 100644 --- a/src/lib/libssl/crypto/Makefile +++ b/src/lib/libssl/crypto/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.29 2003/01/31 14:05:35 deraadt Exp $ | 1 | # $OpenBSD: Makefile,v 1.30 2003/05/12 02:18:34 markus Exp $ |
| 2 | 2 | ||
| 3 | LIB= crypto | 3 | LIB= crypto |
| 4 | 4 | ||
| @@ -34,7 +34,8 @@ CFLAGS+= -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA | |||
| 34 | CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} | 34 | CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} |
| 35 | CFLAGS+= -I${LCRYPTO_SRC} | 35 | CFLAGS+= -I${LCRYPTO_SRC} |
| 36 | SRCS+= o_time.c | 36 | SRCS+= o_time.c |
| 37 | SRCS+= cryptlib.c ex_data.c cpt_err.c mem.c mem_dbg.c tmdiff.c cversion.c uid.c | 37 | SRCS+= cryptlib.c ex_data.c cpt_err.c mem.c mem_dbg.c mem_clr.c |
| 38 | SRCS+= tmdiff.c cversion.c uid.c | ||
| 38 | SRCS+= md2_dgst.c md2_one.c | 39 | SRCS+= md2_dgst.c md2_one.c |
| 39 | SRCS+= md5_dgst.c md5_one.c | 40 | SRCS+= md5_dgst.c md5_one.c |
| 40 | SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c | 41 | SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c |
diff --git a/src/lib/libssl/crypto/shlib_version b/src/lib/libssl/crypto/shlib_version index 1c5d96eb2a..c10074d52a 100644 --- a/src/lib/libssl/crypto/shlib_version +++ b/src/lib/libssl/crypto/shlib_version | |||
| @@ -1,2 +1,2 @@ | |||
| 1 | major=9 | 1 | major=10 |
| 2 | minor=0 | 2 | minor=0 |
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt index 596d9001e6..edbe2f3a57 100644 --- a/src/lib/libssl/doc/standards.txt +++ b/src/lib/libssl/doc/standards.txt | |||
| @@ -42,20 +42,9 @@ whole or at least great parts) in OpenSSL. | |||
| 42 | 2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest. | 42 | 2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest. |
| 43 | January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL) | 43 | January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL) |
| 44 | 44 | ||
| 45 | 2314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski. | ||
| 46 | March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL) | ||
| 47 | |||
| 48 | 2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski. | 45 | 2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski. |
| 49 | March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL) | 46 | March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL) |
| 50 | 47 | ||
| 51 | 2437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski, | ||
| 52 | J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes | ||
| 53 | RFC2313) (Status: INFORMATIONAL) | ||
| 54 | |||
| 55 | 2459 Internet X.509 Public Key Infrastructure Certificate and CRL | ||
| 56 | Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999. | ||
| 57 | (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD) | ||
| 58 | |||
| 59 | PKCS#8: Private-Key Information Syntax Standard | 48 | PKCS#8: Private-Key Information Syntax Standard |
| 60 | 49 | ||
| 61 | PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. | 50 | PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. |
| @@ -65,6 +54,40 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. | |||
| 65 | C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED | 54 | C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED |
| 66 | STANDARD) | 55 | STANDARD) |
| 67 | 56 | ||
| 57 | 2712 Addition of Kerberos Cipher Suites to Transport Layer Security | ||
| 58 | (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) | ||
| 59 | (Status: PROPOSED STANDARD) | ||
| 60 | |||
| 61 | 2898 PKCS #5: Password-Based Cryptography Specification Version 2.0. | ||
| 62 | B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status: | ||
| 63 | INFORMATIONAL) | ||
| 64 | |||
| 65 | 2986 PKCS #10: Certification Request Syntax Specification Version 1.7. | ||
| 66 | M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes) | ||
| 67 | (Obsoletes RFC2314) (Status: INFORMATIONAL) | ||
| 68 | |||
| 69 | 3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones. | ||
| 70 | September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL) | ||
| 71 | |||
| 72 | 3268 Advanced Encryption Standard (AES) Ciphersuites for Transport | ||
| 73 | Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes) | ||
| 74 | (Status: PROPOSED STANDARD) | ||
| 75 | |||
| 76 | 3279 Algorithms and Identifiers for the Internet X.509 Public Key | ||
| 77 | Infrastructure Certificate and Certificate Revocation List (CRL) | ||
| 78 | Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format: | ||
| 79 | TXT=53833 bytes) (Status: PROPOSED STANDARD) | ||
| 80 | |||
| 81 | 3280 Internet X.509 Public Key Infrastructure Certificate and | ||
| 82 | Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W. | ||
| 83 | Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes | ||
| 84 | RFC2459) (Status: PROPOSED STANDARD) | ||
| 85 | |||
| 86 | 3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography | ||
| 87 | Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003. | ||
| 88 | (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status: | ||
| 89 | INFORMATIONAL) | ||
| 90 | |||
| 68 | 91 | ||
| 69 | Related: | 92 | Related: |
| 70 | -------- | 93 | -------- |
| @@ -90,23 +113,60 @@ STARTTLS documents. | |||
| 90 | Certification and Related Services. B. Kaliski. February 1993. | 113 | Certification and Related Services. B. Kaliski. February 1993. |
| 91 | (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) | 114 | (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) |
| 92 | 115 | ||
| 93 | 2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M. | 116 | 2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October |
| 94 | Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED | 117 | 1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD) |
| 95 | STANDARD) | 118 | |
| 119 | 2510 Internet X.509 Public Key Infrastructure Certificate Management | ||
| 120 | Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178 | ||
| 121 | bytes) (Status: PROPOSED STANDARD) | ||
| 122 | |||
| 123 | 2511 Internet X.509 Certificate Request Message Format. M. Myers, C. | ||
| 124 | Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes) | ||
| 125 | (Status: PROPOSED STANDARD) | ||
| 126 | |||
| 127 | 2527 Internet X.509 Public Key Infrastructure Certificate Policy and | ||
| 128 | Certification Practices Framework. S. Chokhani, W. Ford. March 1999. | ||
| 129 | (Format: TXT=91860 bytes) (Status: INFORMATIONAL) | ||
| 96 | 130 | ||
| 97 | 2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. | 131 | 2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake |
| 98 | January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD) | 132 | 3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status: |
| 133 | PROPOSED STANDARD) | ||
| 134 | |||
| 135 | 2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS). | ||
| 136 | D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status: | ||
| 137 | PROPOSED STANDARD) | ||
| 138 | |||
| 139 | 2559 Internet X.509 Public Key Infrastructure Operational Protocols - | ||
| 140 | LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format: | ||
| 141 | TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD) | ||
| 99 | 142 | ||
| 100 | 2585 Internet X.509 Public Key Infrastructure Operational Protocols: | 143 | 2585 Internet X.509 Public Key Infrastructure Operational Protocols: |
| 101 | FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813 | 144 | FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813 |
| 102 | bytes) (Status: PROPOSED STANDARD) | 145 | bytes) (Status: PROPOSED STANDARD) |
| 103 | 146 | ||
| 147 | 2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S. | ||
| 148 | Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes) | ||
| 149 | (Status: PROPOSED STANDARD) | ||
| 150 | |||
| 104 | 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. | 151 | 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. |
| 105 | (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD) | 152 | (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD) |
| 106 | 153 | ||
| 107 | 2712 Addition of Kerberos Cipher Suites to Transport Layer Security | 154 | 2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999. |
| 108 | (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) | 155 | (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD) |
| 109 | (Status: PROPOSED STANDARD) | 156 | |
| 157 | 2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June | ||
| 158 | 1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD) | ||
| 159 | |||
| 160 | 2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October | ||
| 161 | 1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL) | ||
| 162 | |||
| 163 | 2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace. | ||
| 164 | February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status: | ||
| 165 | EXPERIMENTAL) | ||
| 166 | |||
| 167 | 2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J. | ||
| 168 | Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status: | ||
| 169 | PROPOSED STANDARD) | ||
| 110 | 170 | ||
| 111 | 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May | 171 | 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May |
| 112 | 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED | 172 | 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED |
| @@ -115,6 +175,77 @@ STARTTLS documents. | |||
| 115 | 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) | 175 | 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) |
| 116 | (Status: INFORMATIONAL) | 176 | (Status: INFORMATIONAL) |
| 117 | 177 | ||
| 178 | 2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July | ||
| 179 | 2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL) | ||
| 180 | |||
| 181 | 2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams. | ||
| 182 | October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD) | ||
| 183 | |||
| 184 | 2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0. | ||
| 185 | M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes) | ||
| 186 | (Status: INFORMATIONAL) | ||
| 187 | |||
| 188 | 3029 Internet X.509 Public Key Infrastructure Data Validation and | ||
| 189 | Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev, | ||
| 190 | R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status: | ||
| 191 | EXPERIMENTAL) | ||
| 192 | |||
| 193 | 3039 Internet X.509 Public Key Infrastructure Qualified Certificates | ||
| 194 | Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001. | ||
| 195 | (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD) | ||
| 196 | |||
| 197 | 3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P. | ||
| 198 | Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes) | ||
| 199 | (Status: INFORMATIONAL) | ||
| 200 | |||
| 201 | 3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol | ||
| 202 | (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001. | ||
| 203 | (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD) | ||
| 204 | |||
| 205 | 3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner. | ||
| 206 | October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD) | ||
| 207 | |||
| 208 | 3207 SMTP Service Extension for Secure SMTP over Transport Layer | ||
| 209 | Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes) | ||
| 210 | (Obsoletes RFC2487) (Status: PROPOSED STANDARD) | ||
| 211 | |||
| 212 | 3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001. | ||
| 213 | (Format: TXT=19855 bytes) (Status: INFORMATIONAL) | ||
| 214 | |||
| 215 | 3274 Compressed Data Content Type for Cryptographic Message Syntax | ||
| 216 | (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status: | ||
| 217 | PROPOSED STANDARD) | ||
| 218 | |||
| 219 | 3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in | ||
| 220 | Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P. | ||
| 221 | Lambert. April 2002. (Format: TXT=33779 bytes) (Status: | ||
| 222 | INFORMATIONAL) | ||
| 223 | |||
| 224 | 3281 An Internet Attribute Certificate Profile for Authorization. S. | ||
| 225 | Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status: | ||
| 226 | PROPOSED STANDARD) | ||
| 227 | |||
| 228 | 3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002. | ||
| 229 | (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status: | ||
| 230 | PROPOSED STANDARD) | ||
| 231 | |||
| 232 | 3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August | ||
| 233 | 2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status: | ||
| 234 | PROPOSED STANDARD) | ||
| 235 | |||
| 236 | 3377 Lightweight Directory Access Protocol (v3): Technical | ||
| 237 | Specification. J. Hodges, R. Morgan. September 2002. (Format: | ||
| 238 | TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255, | ||
| 239 | RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD) | ||
| 240 | |||
| 241 | 3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad, | ||
| 242 | R. Housley. September 2002. (Format: TXT=73072 bytes) (Status: | ||
| 243 | INFORMATIONAL) | ||
| 244 | |||
| 245 | 3436 Transport Layer Security over Stream Control Transmission | ||
| 246 | Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002. | ||
| 247 | (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD) | ||
| 248 | |||
| 118 | "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt> | 249 | "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt> |
| 119 | 250 | ||
| 120 | 251 | ||
| @@ -124,7 +255,3 @@ To be implemented: | |||
| 124 | These are documents that describe things that are planed to be | 255 | These are documents that describe things that are planed to be |
| 125 | implemented in the hopefully short future. | 256 | implemented in the hopefully short future. |
| 126 | 257 | ||
| 127 | 2712 Addition of Kerberos Cipher Suites to Transport Layer Security | ||
| 128 | (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) | ||
| 129 | (Status: PROPOSED STANDARD) | ||
| 130 | |||
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 019e9aecee..64ee4269ec 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c | |||
| @@ -87,18 +87,25 @@ SSL_METHOD *SSLv23_client_method(void) | |||
| 87 | 87 | ||
| 88 | if (init) | 88 | if (init) |
| 89 | { | 89 | { |
| 90 | memcpy((char *)&SSLv23_client_data, | 90 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 91 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | 91 | |
| 92 | SSLv23_client_data.ssl_connect=ssl23_connect; | 92 | if (init) |
| 93 | SSLv23_client_data.get_ssl_method=ssl23_get_client_method; | 93 | { |
| 94 | init=0; | 94 | memcpy((char *)&SSLv23_client_data, |
| 95 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | ||
| 96 | SSLv23_client_data.ssl_connect=ssl23_connect; | ||
| 97 | SSLv23_client_data.get_ssl_method=ssl23_get_client_method; | ||
| 98 | init=0; | ||
| 99 | } | ||
| 100 | |||
| 101 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 95 | } | 102 | } |
| 96 | return(&SSLv23_client_data); | 103 | return(&SSLv23_client_data); |
| 97 | } | 104 | } |
| 98 | 105 | ||
| 99 | int ssl23_connect(SSL *s) | 106 | int ssl23_connect(SSL *s) |
| 100 | { | 107 | { |
| 101 | BUF_MEM *buf; | 108 | BUF_MEM *buf=NULL; |
| 102 | unsigned long Time=time(NULL); | 109 | unsigned long Time=time(NULL); |
| 103 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 110 | void (*cb)(const SSL *ssl,int type,int val)=NULL; |
| 104 | int ret= -1; | 111 | int ret= -1; |
| @@ -152,6 +159,7 @@ int ssl23_connect(SSL *s) | |||
| 152 | goto end; | 159 | goto end; |
| 153 | } | 160 | } |
| 154 | s->init_buf=buf; | 161 | s->init_buf=buf; |
| 162 | buf=NULL; | ||
| 155 | } | 163 | } |
| 156 | 164 | ||
| 157 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } | 165 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } |
| @@ -200,6 +208,8 @@ int ssl23_connect(SSL *s) | |||
| 200 | } | 208 | } |
| 201 | end: | 209 | end: |
| 202 | s->in_handshake--; | 210 | s->in_handshake--; |
| 211 | if (buf != NULL) | ||
| 212 | BUF_MEM_free(buf); | ||
| 203 | if (cb != NULL) | 213 | if (cb != NULL) |
| 204 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 214 | cb(s,SSL_CB_CONNECT_EXIT,ret); |
| 205 | return(ret); | 215 | return(ret); |
| @@ -363,7 +373,7 @@ static int ssl23_get_server_hello(SSL *s) | |||
| 363 | 373 | ||
| 364 | if (s->s3 != NULL) ssl3_free(s); | 374 | if (s->s3 != NULL) ssl3_free(s); |
| 365 | 375 | ||
| 366 | if (!BUF_MEM_grow(s->init_buf, | 376 | if (!BUF_MEM_grow_clean(s->init_buf, |
| 367 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) | 377 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) |
| 368 | { | 378 | { |
| 369 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); | 379 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); |
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index 8743b61cbb..c5404ca0bc 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c | |||
| @@ -139,11 +139,18 @@ SSL_METHOD *SSLv23_server_method(void) | |||
| 139 | 139 | ||
| 140 | if (init) | 140 | if (init) |
| 141 | { | 141 | { |
| 142 | memcpy((char *)&SSLv23_server_data, | 142 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 143 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | 143 | |
| 144 | SSLv23_server_data.ssl_accept=ssl23_accept; | 144 | if (init) |
| 145 | SSLv23_server_data.get_ssl_method=ssl23_get_server_method; | 145 | { |
| 146 | init=0; | 146 | memcpy((char *)&SSLv23_server_data, |
| 147 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | ||
| 148 | SSLv23_server_data.ssl_accept=ssl23_accept; | ||
| 149 | SSLv23_server_data.get_ssl_method=ssl23_get_server_method; | ||
| 150 | init=0; | ||
| 151 | } | ||
| 152 | |||
| 153 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 147 | } | 154 | } |
| 148 | return(&SSLv23_server_data); | 155 | return(&SSLv23_server_data); |
| 149 | } | 156 | } |
| @@ -505,7 +512,7 @@ int ssl23_get_client_hello(SSL *s) | |||
| 505 | 512 | ||
| 506 | if (s->s3 != NULL) ssl3_free(s); | 513 | if (s->s3 != NULL) ssl3_free(s); |
| 507 | 514 | ||
| 508 | if (!BUF_MEM_grow(s->init_buf, | 515 | if (!BUF_MEM_grow_clean(s->init_buf, |
| 509 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) | 516 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) |
| 510 | { | 517 | { |
| 511 | goto err; | 518 | goto err; |
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index 8864366f59..64d317b7ac 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c | |||
| @@ -268,16 +268,23 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 268 | X509_STORE_CTX xs_ctx; | 268 | X509_STORE_CTX xs_ctx; |
| 269 | X509_OBJECT obj; | 269 | X509_OBJECT obj; |
| 270 | 270 | ||
| 271 | int no_chain; | ||
| 272 | |||
| 273 | if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs) | ||
| 274 | no_chain = 1; | ||
| 275 | else | ||
| 276 | no_chain = 0; | ||
| 277 | |||
| 271 | /* TLSv1 sends a chain with nothing in it, instead of an alert */ | 278 | /* TLSv1 sends a chain with nothing in it, instead of an alert */ |
| 272 | buf=s->init_buf; | 279 | buf=s->init_buf; |
| 273 | if (!BUF_MEM_grow(buf,(int)(10))) | 280 | if (!BUF_MEM_grow_clean(buf,10)) |
| 274 | { | 281 | { |
| 275 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); | 282 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); |
| 276 | return(0); | 283 | return(0); |
| 277 | } | 284 | } |
| 278 | if (x != NULL) | 285 | if (x != NULL) |
| 279 | { | 286 | { |
| 280 | if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) | 287 | if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) |
| 281 | { | 288 | { |
| 282 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); | 289 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); |
| 283 | return(0); | 290 | return(0); |
| @@ -286,7 +293,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 286 | for (;;) | 293 | for (;;) |
| 287 | { | 294 | { |
| 288 | n=i2d_X509(x,NULL); | 295 | n=i2d_X509(x,NULL); |
| 289 | if (!BUF_MEM_grow(buf,(int)(n+l+3))) | 296 | if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) |
| 290 | { | 297 | { |
| 291 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); | 298 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); |
| 292 | return(0); | 299 | return(0); |
| @@ -295,6 +302,10 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 295 | l2n3(n,p); | 302 | l2n3(n,p); |
| 296 | i2d_X509(x,&p); | 303 | i2d_X509(x,&p); |
| 297 | l+=n+3; | 304 | l+=n+3; |
| 305 | |||
| 306 | if (no_chain) | ||
| 307 | break; | ||
| 308 | |||
| 298 | if (X509_NAME_cmp(X509_get_subject_name(x), | 309 | if (X509_NAME_cmp(X509_get_subject_name(x), |
| 299 | X509_get_issuer_name(x)) == 0) break; | 310 | X509_get_issuer_name(x)) == 0) break; |
| 300 | 311 | ||
| @@ -306,8 +317,8 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 306 | * ref count */ | 317 | * ref count */ |
| 307 | X509_free(x); | 318 | X509_free(x); |
| 308 | } | 319 | } |
| 309 | 320 | if (!no_chain) | |
| 310 | X509_STORE_CTX_cleanup(&xs_ctx); | 321 | X509_STORE_CTX_cleanup(&xs_ctx); |
| 311 | } | 322 | } |
| 312 | 323 | ||
| 313 | /* Thawte special :-) */ | 324 | /* Thawte special :-) */ |
| @@ -316,7 +327,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 316 | { | 327 | { |
| 317 | x=sk_X509_value(s->ctx->extra_certs,i); | 328 | x=sk_X509_value(s->ctx->extra_certs,i); |
| 318 | n=i2d_X509(x,NULL); | 329 | n=i2d_X509(x,NULL); |
| 319 | if (!BUF_MEM_grow(buf,(int)(n+l+3))) | 330 | if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) |
| 320 | { | 331 | { |
| 321 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); | 332 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); |
| 322 | return(0); | 333 | return(0); |
| @@ -439,7 +450,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 439 | SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); | 450 | SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); |
| 440 | goto f_err; | 451 | goto f_err; |
| 441 | } | 452 | } |
| 442 | if (l && !BUF_MEM_grow(s->init_buf,(int)l+4)) | 453 | if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4)) |
| 443 | { | 454 | { |
| 444 | SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); | 455 | SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); |
| 445 | goto err; | 456 | goto err; |
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 7da9363ef5..d32bb1cb9c 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -145,18 +145,25 @@ SSL_METHOD *SSLv3_client_method(void) | |||
| 145 | 145 | ||
| 146 | if (init) | 146 | if (init) |
| 147 | { | 147 | { |
| 148 | init=0; | 148 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 149 | memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), | 149 | |
| 150 | sizeof(SSL_METHOD)); | 150 | if (init) |
| 151 | SSLv3_client_data.ssl_connect=ssl3_connect; | 151 | { |
| 152 | SSLv3_client_data.get_ssl_method=ssl3_get_client_method; | 152 | memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), |
| 153 | sizeof(SSL_METHOD)); | ||
| 154 | SSLv3_client_data.ssl_connect=ssl3_connect; | ||
| 155 | SSLv3_client_data.get_ssl_method=ssl3_get_client_method; | ||
| 156 | init=0; | ||
| 157 | } | ||
| 158 | |||
| 159 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 153 | } | 160 | } |
| 154 | return(&SSLv3_client_data); | 161 | return(&SSLv3_client_data); |
| 155 | } | 162 | } |
| 156 | 163 | ||
| 157 | int ssl3_connect(SSL *s) | 164 | int ssl3_connect(SSL *s) |
| 158 | { | 165 | { |
| 159 | BUF_MEM *buf; | 166 | BUF_MEM *buf=NULL; |
| 160 | unsigned long Time=time(NULL),l; | 167 | unsigned long Time=time(NULL),l; |
| 161 | long num1; | 168 | long num1; |
| 162 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 169 | void (*cb)(const SSL *ssl,int type,int val)=NULL; |
| @@ -217,6 +224,7 @@ int ssl3_connect(SSL *s) | |||
| 217 | goto end; | 224 | goto end; |
| 218 | } | 225 | } |
| 219 | s->init_buf=buf; | 226 | s->init_buf=buf; |
| 227 | buf=NULL; | ||
| 220 | } | 228 | } |
| 221 | 229 | ||
| 222 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } | 230 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } |
| @@ -495,6 +503,8 @@ int ssl3_connect(SSL *s) | |||
| 495 | } | 503 | } |
| 496 | end: | 504 | end: |
| 497 | s->in_handshake--; | 505 | s->in_handshake--; |
| 506 | if (buf != NULL) | ||
| 507 | BUF_MEM_free(buf); | ||
| 498 | if (cb != NULL) | 508 | if (cb != NULL) |
| 499 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 509 | cb(s,SSL_CB_CONNECT_EXIT,ret); |
| 500 | return(ret); | 510 | return(ret); |
| @@ -637,6 +647,7 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 637 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); | 647 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); |
| 638 | goto f_err; | 648 | goto f_err; |
| 639 | } | 649 | } |
| 650 | |||
| 640 | if (j != 0 && j == s->session->session_id_length | 651 | if (j != 0 && j == s->session->session_id_length |
| 641 | && memcmp(p,s->session->session_id,j) == 0) | 652 | && memcmp(p,s->session->session_id,j) == 0) |
| 642 | { | 653 | { |
| @@ -687,7 +698,12 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 687 | goto f_err; | 698 | goto f_err; |
| 688 | } | 699 | } |
| 689 | 700 | ||
| 690 | if (s->hit && (s->session->cipher != c)) | 701 | /* Depending on the session caching (internal/external), the cipher |
| 702 | and/or cipher_id values may not be set. Make sure that | ||
| 703 | cipher_id is set and use it for comparison. */ | ||
| 704 | if (s->session->cipher) | ||
| 705 | s->session->cipher_id = s->session->cipher->id; | ||
| 706 | if (s->hit && (s->session->cipher_id != c->id)) | ||
| 691 | { | 707 | { |
| 692 | if (!(s->options & | 708 | if (!(s->options & |
| 693 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) | 709 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) |
| @@ -1445,16 +1461,16 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1445 | 1461 | ||
| 1446 | tmp_buf[0]=s->client_version>>8; | 1462 | tmp_buf[0]=s->client_version>>8; |
| 1447 | tmp_buf[1]=s->client_version&0xff; | 1463 | tmp_buf[1]=s->client_version&0xff; |
| 1448 | if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0) | 1464 | if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0) |
| 1449 | goto err; | 1465 | goto err; |
| 1450 | 1466 | ||
| 1451 | s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; | 1467 | s->session->master_key_length=sizeof tmp_buf; |
| 1452 | 1468 | ||
| 1453 | q=p; | 1469 | q=p; |
| 1454 | /* Fix buf for TLS and beyond */ | 1470 | /* Fix buf for TLS and beyond */ |
| 1455 | if (s->version > SSL3_VERSION) | 1471 | if (s->version > SSL3_VERSION) |
| 1456 | p+=2; | 1472 | p+=2; |
| 1457 | n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH, | 1473 | n=RSA_public_encrypt(sizeof tmp_buf, |
| 1458 | tmp_buf,p,rsa,RSA_PKCS1_PADDING); | 1474 | tmp_buf,p,rsa,RSA_PKCS1_PADDING); |
| 1459 | #ifdef PKCS1_CHECK | 1475 | #ifdef PKCS1_CHECK |
| 1460 | if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; | 1476 | if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; |
| @@ -1476,8 +1492,8 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1476 | s->session->master_key_length= | 1492 | s->session->master_key_length= |
| 1477 | s->method->ssl3_enc->generate_master_secret(s, | 1493 | s->method->ssl3_enc->generate_master_secret(s, |
| 1478 | s->session->master_key, | 1494 | s->session->master_key, |
| 1479 | tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); | 1495 | tmp_buf,sizeof tmp_buf); |
| 1480 | memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); | 1496 | OPENSSL_cleanse(tmp_buf,sizeof tmp_buf); |
| 1481 | } | 1497 | } |
| 1482 | #endif | 1498 | #endif |
| 1483 | #ifndef OPENSSL_NO_KRB5 | 1499 | #ifndef OPENSSL_NO_KRB5 |
| @@ -1573,7 +1589,7 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1573 | n+=2; | 1589 | n+=2; |
| 1574 | } | 1590 | } |
| 1575 | 1591 | ||
| 1576 | if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0) | 1592 | if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0) |
| 1577 | goto err; | 1593 | goto err; |
| 1578 | 1594 | ||
| 1579 | /* 20010420 VRS. Tried it this way; failed. | 1595 | /* 20010420 VRS. Tried it this way; failed. |
| @@ -1583,11 +1599,11 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1583 | ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); | 1599 | ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); |
| 1584 | */ | 1600 | */ |
| 1585 | 1601 | ||
| 1586 | memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ | 1602 | memset(iv, 0, sizeof iv); /* per RFC 1510 */ |
| 1587 | EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, | 1603 | EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, |
| 1588 | kssl_ctx->key,iv); | 1604 | kssl_ctx->key,iv); |
| 1589 | EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, | 1605 | EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, |
| 1590 | SSL_MAX_MASTER_KEY_LENGTH); | 1606 | sizeof tmp_buf); |
| 1591 | EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); | 1607 | EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); |
| 1592 | outl += padl; | 1608 | outl += padl; |
| 1593 | if (outl > sizeof epms) | 1609 | if (outl > sizeof epms) |
| @@ -1606,10 +1622,10 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1606 | s->session->master_key_length= | 1622 | s->session->master_key_length= |
| 1607 | s->method->ssl3_enc->generate_master_secret(s, | 1623 | s->method->ssl3_enc->generate_master_secret(s, |
| 1608 | s->session->master_key, | 1624 | s->session->master_key, |
| 1609 | tmp_buf, SSL_MAX_MASTER_KEY_LENGTH); | 1625 | tmp_buf, sizeof tmp_buf); |
| 1610 | 1626 | ||
| 1611 | memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH); | 1627 | OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); |
| 1612 | memset(epms, 0, outl); | 1628 | OPENSSL_cleanse(epms, outl); |
| 1613 | } | 1629 | } |
| 1614 | #endif | 1630 | #endif |
| 1615 | #ifndef OPENSSL_NO_DH | 1631 | #ifndef OPENSSL_NO_DH |
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index cc0aeef511..d04096016c 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -514,6 +514,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 514 | SSL_ALL_STRENGTHS, | 514 | SSL_ALL_STRENGTHS, |
| 515 | }, | 515 | }, |
| 516 | 516 | ||
| 517 | #if 0 | ||
| 517 | /* Cipher 1E */ | 518 | /* Cipher 1E */ |
| 518 | { | 519 | { |
| 519 | 0, | 520 | 0, |
| @@ -527,55 +528,70 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 527 | SSL_ALL_CIPHERS, | 528 | SSL_ALL_CIPHERS, |
| 528 | SSL_ALL_STRENGTHS, | 529 | SSL_ALL_STRENGTHS, |
| 529 | }, | 530 | }, |
| 531 | #endif | ||
| 530 | 532 | ||
| 531 | #ifndef OPENSSL_NO_KRB5 | 533 | #ifndef OPENSSL_NO_KRB5 |
| 532 | /* The Kerberos ciphers | 534 | /* The Kerberos ciphers |
| 533 | ** 20000107 VRS: And the first shall be last, | 535 | ** 20000107 VRS: And the first shall be last, |
| 534 | ** in hopes of avoiding the lynx ssl renegotiation problem. | 536 | ** in hopes of avoiding the lynx ssl renegotiation problem. |
| 535 | */ | 537 | */ |
| 536 | /* Cipher 21 VRS */ | 538 | /* Cipher 1E VRS */ |
| 537 | { | 539 | { |
| 538 | 1, | 540 | 1, |
| 539 | SSL3_TXT_KRB5_DES_40_CBC_SHA, | 541 | SSL3_TXT_KRB5_DES_64_CBC_SHA, |
| 540 | SSL3_CK_KRB5_DES_40_CBC_SHA, | 542 | SSL3_CK_KRB5_DES_64_CBC_SHA, |
| 541 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, | 543 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, |
| 542 | SSL_EXPORT|SSL_EXP40, | 544 | SSL_NOT_EXP|SSL_LOW, |
| 543 | 0, | 545 | 0, |
| 544 | 40, | 546 | 56, |
| 545 | 56, | 547 | 56, |
| 546 | SSL_ALL_CIPHERS, | 548 | SSL_ALL_CIPHERS, |
| 547 | SSL_ALL_STRENGTHS, | 549 | SSL_ALL_STRENGTHS, |
| 548 | }, | 550 | }, |
| 549 | 551 | ||
| 550 | /* Cipher 22 VRS */ | 552 | /* Cipher 1F VRS */ |
| 551 | { | 553 | { |
| 552 | 1, | 554 | 1, |
| 553 | SSL3_TXT_KRB5_DES_40_CBC_MD5, | 555 | SSL3_TXT_KRB5_DES_192_CBC3_SHA, |
| 554 | SSL3_CK_KRB5_DES_40_CBC_MD5, | 556 | SSL3_CK_KRB5_DES_192_CBC3_SHA, |
| 555 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, | 557 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, |
| 556 | SSL_EXPORT|SSL_EXP40, | 558 | SSL_NOT_EXP|SSL_HIGH, |
| 557 | 0, | 559 | 0, |
| 558 | 40, | 560 | 112, |
| 559 | 56, | 561 | 168, |
| 560 | SSL_ALL_CIPHERS, | 562 | SSL_ALL_CIPHERS, |
| 561 | SSL_ALL_STRENGTHS, | 563 | SSL_ALL_STRENGTHS, |
| 562 | }, | 564 | }, |
| 563 | 565 | ||
| 564 | /* Cipher 23 VRS */ | 566 | /* Cipher 20 VRS */ |
| 565 | { | 567 | { |
| 566 | 1, | 568 | 1, |
| 567 | SSL3_TXT_KRB5_DES_64_CBC_SHA, | 569 | SSL3_TXT_KRB5_RC4_128_SHA, |
| 568 | SSL3_CK_KRB5_DES_64_CBC_SHA, | 570 | SSL3_CK_KRB5_RC4_128_SHA, |
| 569 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, | 571 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, |
| 570 | SSL_NOT_EXP|SSL_LOW, | 572 | SSL_NOT_EXP|SSL_MEDIUM, |
| 571 | 0, | 573 | 0, |
| 572 | 56, | 574 | 128, |
| 573 | 56, | 575 | 128, |
| 574 | SSL_ALL_CIPHERS, | 576 | SSL_ALL_CIPHERS, |
| 575 | SSL_ALL_STRENGTHS, | 577 | SSL_ALL_STRENGTHS, |
| 576 | }, | 578 | }, |
| 577 | 579 | ||
| 578 | /* Cipher 24 VRS */ | 580 | /* Cipher 21 VRS */ |
| 581 | { | ||
| 582 | 1, | ||
| 583 | SSL3_TXT_KRB5_IDEA_128_CBC_SHA, | ||
| 584 | SSL3_CK_KRB5_IDEA_128_CBC_SHA, | ||
| 585 | SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_SHA1 |SSL_SSLV3, | ||
| 586 | SSL_NOT_EXP|SSL_MEDIUM, | ||
| 587 | 0, | ||
| 588 | 128, | ||
| 589 | 128, | ||
| 590 | SSL_ALL_CIPHERS, | ||
| 591 | SSL_ALL_STRENGTHS, | ||
| 592 | }, | ||
| 593 | |||
| 594 | /* Cipher 22 VRS */ | ||
| 579 | { | 595 | { |
| 580 | 1, | 596 | 1, |
| 581 | SSL3_TXT_KRB5_DES_64_CBC_MD5, | 597 | SSL3_TXT_KRB5_DES_64_CBC_MD5, |
| @@ -589,12 +605,12 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 589 | SSL_ALL_STRENGTHS, | 605 | SSL_ALL_STRENGTHS, |
| 590 | }, | 606 | }, |
| 591 | 607 | ||
| 592 | /* Cipher 25 VRS */ | 608 | /* Cipher 23 VRS */ |
| 593 | { | 609 | { |
| 594 | 1, | 610 | 1, |
| 595 | SSL3_TXT_KRB5_DES_192_CBC3_SHA, | 611 | SSL3_TXT_KRB5_DES_192_CBC3_MD5, |
| 596 | SSL3_CK_KRB5_DES_192_CBC3_SHA, | 612 | SSL3_CK_KRB5_DES_192_CBC3_MD5, |
| 597 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, | 613 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, |
| 598 | SSL_NOT_EXP|SSL_HIGH, | 614 | SSL_NOT_EXP|SSL_HIGH, |
| 599 | 0, | 615 | 0, |
| 600 | 112, | 616 | 112, |
| @@ -603,16 +619,114 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 603 | SSL_ALL_STRENGTHS, | 619 | SSL_ALL_STRENGTHS, |
| 604 | }, | 620 | }, |
| 605 | 621 | ||
| 622 | /* Cipher 24 VRS */ | ||
| 623 | { | ||
| 624 | 1, | ||
| 625 | SSL3_TXT_KRB5_RC4_128_MD5, | ||
| 626 | SSL3_CK_KRB5_RC4_128_MD5, | ||
| 627 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, | ||
| 628 | SSL_NOT_EXP|SSL_MEDIUM, | ||
| 629 | 0, | ||
| 630 | 128, | ||
| 631 | 128, | ||
| 632 | SSL_ALL_CIPHERS, | ||
| 633 | SSL_ALL_STRENGTHS, | ||
| 634 | }, | ||
| 635 | |||
| 636 | /* Cipher 25 VRS */ | ||
| 637 | { | ||
| 638 | 1, | ||
| 639 | SSL3_TXT_KRB5_IDEA_128_CBC_MD5, | ||
| 640 | SSL3_CK_KRB5_IDEA_128_CBC_MD5, | ||
| 641 | SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_MD5 |SSL_SSLV3, | ||
| 642 | SSL_NOT_EXP|SSL_MEDIUM, | ||
| 643 | 0, | ||
| 644 | 128, | ||
| 645 | 128, | ||
| 646 | SSL_ALL_CIPHERS, | ||
| 647 | SSL_ALL_STRENGTHS, | ||
| 648 | }, | ||
| 649 | |||
| 606 | /* Cipher 26 VRS */ | 650 | /* Cipher 26 VRS */ |
| 607 | { | 651 | { |
| 608 | 1, | 652 | 1, |
| 609 | SSL3_TXT_KRB5_DES_192_CBC3_MD5, | 653 | SSL3_TXT_KRB5_DES_40_CBC_SHA, |
| 610 | SSL3_CK_KRB5_DES_192_CBC3_MD5, | 654 | SSL3_CK_KRB5_DES_40_CBC_SHA, |
| 611 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, | 655 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, |
| 612 | SSL_NOT_EXP|SSL_HIGH, | 656 | SSL_EXPORT|SSL_EXP40, |
| 613 | 0, | 657 | 0, |
| 614 | 112, | 658 | 40, |
| 615 | 168, | 659 | 56, |
| 660 | SSL_ALL_CIPHERS, | ||
| 661 | SSL_ALL_STRENGTHS, | ||
| 662 | }, | ||
| 663 | |||
| 664 | /* Cipher 27 VRS */ | ||
| 665 | { | ||
| 666 | 1, | ||
| 667 | SSL3_TXT_KRB5_RC2_40_CBC_SHA, | ||
| 668 | SSL3_CK_KRB5_RC2_40_CBC_SHA, | ||
| 669 | SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_SHA1 |SSL_SSLV3, | ||
| 670 | SSL_EXPORT|SSL_EXP40, | ||
| 671 | 0, | ||
| 672 | 40, | ||
| 673 | 128, | ||
| 674 | SSL_ALL_CIPHERS, | ||
| 675 | SSL_ALL_STRENGTHS, | ||
| 676 | }, | ||
| 677 | |||
| 678 | /* Cipher 28 VRS */ | ||
| 679 | { | ||
| 680 | 1, | ||
| 681 | SSL3_TXT_KRB5_RC4_40_SHA, | ||
| 682 | SSL3_CK_KRB5_RC4_40_SHA, | ||
| 683 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, | ||
| 684 | SSL_EXPORT|SSL_EXP40, | ||
| 685 | 0, | ||
| 686 | 128, | ||
| 687 | 128, | ||
| 688 | SSL_ALL_CIPHERS, | ||
| 689 | SSL_ALL_STRENGTHS, | ||
| 690 | }, | ||
| 691 | |||
| 692 | /* Cipher 29 VRS */ | ||
| 693 | { | ||
| 694 | 1, | ||
| 695 | SSL3_TXT_KRB5_DES_40_CBC_MD5, | ||
| 696 | SSL3_CK_KRB5_DES_40_CBC_MD5, | ||
| 697 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, | ||
| 698 | SSL_EXPORT|SSL_EXP40, | ||
| 699 | 0, | ||
| 700 | 40, | ||
| 701 | 56, | ||
| 702 | SSL_ALL_CIPHERS, | ||
| 703 | SSL_ALL_STRENGTHS, | ||
| 704 | }, | ||
| 705 | |||
| 706 | /* Cipher 2A VRS */ | ||
| 707 | { | ||
| 708 | 1, | ||
| 709 | SSL3_TXT_KRB5_RC2_40_CBC_MD5, | ||
| 710 | SSL3_CK_KRB5_RC2_40_CBC_MD5, | ||
| 711 | SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_MD5 |SSL_SSLV3, | ||
| 712 | SSL_EXPORT|SSL_EXP40, | ||
| 713 | 0, | ||
| 714 | 40, | ||
| 715 | 128, | ||
| 716 | SSL_ALL_CIPHERS, | ||
| 717 | SSL_ALL_STRENGTHS, | ||
| 718 | }, | ||
| 719 | |||
| 720 | /* Cipher 2B VRS */ | ||
| 721 | { | ||
| 722 | 1, | ||
| 723 | SSL3_TXT_KRB5_RC4_40_MD5, | ||
| 724 | SSL3_CK_KRB5_RC4_40_MD5, | ||
| 725 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, | ||
| 726 | SSL_EXPORT|SSL_EXP40, | ||
| 727 | 0, | ||
| 728 | 128, | ||
| 729 | 128, | ||
| 616 | SSL_ALL_CIPHERS, | 730 | SSL_ALL_CIPHERS, |
| 617 | SSL_ALL_STRENGTHS, | 731 | SSL_ALL_STRENGTHS, |
| 618 | }, | 732 | }, |
| @@ -988,7 +1102,7 @@ void ssl3_free(SSL *s) | |||
| 988 | sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); | 1102 | sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); |
| 989 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); | 1103 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); |
| 990 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); | 1104 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); |
| 991 | memset(s->s3,0,sizeof *s->s3); | 1105 | OPENSSL_cleanse(s->s3,sizeof *s->s3); |
| 992 | OPENSSL_free(s->s3); | 1106 | OPENSSL_free(s->s3); |
| 993 | s->s3=NULL; | 1107 | s->s3=NULL; |
| 994 | } | 1108 | } |
| @@ -1343,16 +1457,19 @@ SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) | |||
| 1343 | { | 1457 | { |
| 1344 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); | 1458 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); |
| 1345 | 1459 | ||
| 1346 | for (i=0; i<SSL3_NUM_CIPHERS; i++) | 1460 | if (init) |
| 1347 | sorted[i]= &(ssl3_ciphers[i]); | 1461 | { |
| 1462 | for (i=0; i<SSL3_NUM_CIPHERS; i++) | ||
| 1463 | sorted[i]= &(ssl3_ciphers[i]); | ||
| 1348 | 1464 | ||
| 1349 | qsort( (char *)sorted, | 1465 | qsort(sorted, |
| 1350 | SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *), | 1466 | SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *), |
| 1351 | FP_ICC ssl_cipher_ptr_id_cmp); | 1467 | FP_ICC ssl_cipher_ptr_id_cmp); |
| 1352 | 1468 | ||
| 1469 | init=0; | ||
| 1470 | } | ||
| 1471 | |||
| 1353 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); | 1472 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); |
| 1354 | |||
| 1355 | init=0; | ||
| 1356 | } | 1473 | } |
| 1357 | 1474 | ||
| 1358 | id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; | 1475 | id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; |
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index a2c17f2950..cd7b88eeb5 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -153,11 +153,18 @@ SSL_METHOD *SSLv3_server_method(void) | |||
| 153 | 153 | ||
| 154 | if (init) | 154 | if (init) |
| 155 | { | 155 | { |
| 156 | memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), | 156 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 157 | sizeof(SSL_METHOD)); | 157 | |
| 158 | SSLv3_server_data.ssl_accept=ssl3_accept; | 158 | if (init) |
| 159 | SSLv3_server_data.get_ssl_method=ssl3_get_server_method; | 159 | { |
| 160 | init=0; | 160 | memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), |
| 161 | sizeof(SSL_METHOD)); | ||
| 162 | SSLv3_server_data.ssl_accept=ssl3_accept; | ||
| 163 | SSLv3_server_data.get_ssl_method=ssl3_get_server_method; | ||
| 164 | init=0; | ||
| 165 | } | ||
| 166 | |||
| 167 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 161 | } | 168 | } |
| 162 | return(&SSLv3_server_data); | 169 | return(&SSLv3_server_data); |
| 163 | } | 170 | } |
| @@ -1172,7 +1179,7 @@ static int ssl3_send_server_key_exchange(SSL *s) | |||
| 1172 | kn=0; | 1179 | kn=0; |
| 1173 | } | 1180 | } |
| 1174 | 1181 | ||
| 1175 | if (!BUF_MEM_grow(buf,n+4+kn)) | 1182 | if (!BUF_MEM_grow_clean(buf,n+4+kn)) |
| 1176 | { | 1183 | { |
| 1177 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); | 1184 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); |
| 1178 | goto err; | 1185 | goto err; |
| @@ -1299,7 +1306,7 @@ static int ssl3_send_certificate_request(SSL *s) | |||
| 1299 | { | 1306 | { |
| 1300 | name=sk_X509_NAME_value(sk,i); | 1307 | name=sk_X509_NAME_value(sk,i); |
| 1301 | j=i2d_X509_NAME(name,NULL); | 1308 | j=i2d_X509_NAME(name,NULL); |
| 1302 | if (!BUF_MEM_grow(buf,4+n+j+2)) | 1309 | if (!BUF_MEM_grow_clean(buf,4+n+j+2)) |
| 1303 | { | 1310 | { |
| 1304 | SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB); | 1311 | SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB); |
| 1305 | goto err; | 1312 | goto err; |
| @@ -1466,7 +1473,6 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1466 | * made up by the adversary is properly formatted except | 1473 | * made up by the adversary is properly formatted except |
| 1467 | * that the version number is wrong. To avoid such attacks, | 1474 | * that the version number is wrong. To avoid such attacks, |
| 1468 | * we should treat this just like any other decryption error. */ | 1475 | * we should treat this just like any other decryption error. */ |
| 1469 | p[0] = (char)(int) "CAN-2003-0131 patch 2003-03-20"; | ||
| 1470 | } | 1476 | } |
| 1471 | } | 1477 | } |
| 1472 | 1478 | ||
| @@ -1486,7 +1492,7 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1486 | s->method->ssl3_enc->generate_master_secret(s, | 1492 | s->method->ssl3_enc->generate_master_secret(s, |
| 1487 | s->session->master_key, | 1493 | s->session->master_key, |
| 1488 | p,i); | 1494 | p,i); |
| 1489 | memset(p,0,i); | 1495 | OPENSSL_cleanse(p,i); |
| 1490 | } | 1496 | } |
| 1491 | else | 1497 | else |
| 1492 | #endif | 1498 | #endif |
| @@ -1549,7 +1555,7 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1549 | s->session->master_key_length= | 1555 | s->session->master_key_length= |
| 1550 | s->method->ssl3_enc->generate_master_secret(s, | 1556 | s->method->ssl3_enc->generate_master_secret(s, |
| 1551 | s->session->master_key,p,i); | 1557 | s->session->master_key,p,i); |
| 1552 | memset(p,0,i); | 1558 | OPENSSL_cleanse(p,i); |
| 1553 | } | 1559 | } |
| 1554 | else | 1560 | else |
| 1555 | #endif | 1561 | #endif |
| @@ -1652,7 +1658,7 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1652 | if (enc == NULL) | 1658 | if (enc == NULL) |
| 1653 | goto err; | 1659 | goto err; |
| 1654 | 1660 | ||
| 1655 | memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ | 1661 | memset(iv, 0, sizeof iv); /* per RFC 1510 */ |
| 1656 | 1662 | ||
| 1657 | if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv)) | 1663 | if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv)) |
| 1658 | { | 1664 | { |
| @@ -1740,7 +1746,7 @@ static int ssl3_get_cert_verify(SSL *s) | |||
| 1740 | SSL3_ST_SR_CERT_VRFY_A, | 1746 | SSL3_ST_SR_CERT_VRFY_A, |
| 1741 | SSL3_ST_SR_CERT_VRFY_B, | 1747 | SSL3_ST_SR_CERT_VRFY_B, |
| 1742 | -1, | 1748 | -1, |
| 1743 | 512, /* 512? */ | 1749 | 514, /* 514? */ |
| 1744 | &ok); | 1750 | &ok); |
| 1745 | 1751 | ||
| 1746 | if (!ok) return((int)n); | 1752 | if (!ok) return((int)n); |
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version index 5b844bbf42..d0f0988b41 100644 --- a/src/lib/libssl/shlib_version +++ b/src/lib/libssl/shlib_version | |||
| @@ -1,2 +1,2 @@ | |||
| 1 | major=7 | 1 | major=8 |
| 2 | minor=0 | 2 | minor=0 |
diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES index 03b697cd7e..1e85275800 100644 --- a/src/lib/libssl/src/CHANGES +++ b/src/lib/libssl/src/CHANGES | |||
| @@ -2,7 +2,266 @@ | |||
| 2 | OpenSSL CHANGES | 2 | OpenSSL CHANGES |
| 3 | _______________ | 3 | _______________ |
| 4 | 4 | ||
| 5 | Changes between 0.9.6h and 0.9.7 [XX xxx 2002] | 5 | Changes between 0.9.7a and 0.9.7b [10 Apr 2003] |
| 6 | |||
| 7 | *) Countermeasure against the Klima-Pokorny-Rosa extension of | ||
| 8 | Bleichbacher's attack on PKCS #1 v1.5 padding: treat | ||
| 9 | a protocol version number mismatch like a decryption error | ||
| 10 | in ssl3_get_client_key_exchange (ssl/s3_srvr.c). | ||
| 11 | [Bodo Moeller] | ||
| 12 | |||
| 13 | *) Turn on RSA blinding by default in the default implementation | ||
| 14 | to avoid a timing attack. Applications that don't want it can call | ||
| 15 | RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING. | ||
| 16 | They would be ill-advised to do so in most cases. | ||
| 17 | [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller] | ||
| 18 | |||
| 19 | *) Change RSA blinding code so that it works when the PRNG is not | ||
| 20 | seeded (in this case, the secret RSA exponent is abused as | ||
| 21 | an unpredictable seed -- if it is not unpredictable, there | ||
| 22 | is no point in blinding anyway). Make RSA blinding thread-safe | ||
| 23 | by remembering the creator's thread ID in rsa->blinding and | ||
| 24 | having all other threads use local one-time blinding factors | ||
| 25 | (this requires more computation than sharing rsa->blinding, but | ||
| 26 | avoids excessive locking; and if an RSA object is not shared | ||
| 27 | between threads, blinding will still be very fast). | ||
| 28 | [Bodo Moeller] | ||
| 29 | |||
| 30 | *) Fixed a typo bug that would cause ENGINE_set_default() to set an | ||
| 31 | ENGINE as defaults for all supported algorithms irrespective of | ||
| 32 | the 'flags' parameter. 'flags' is now honoured, so applications | ||
| 33 | should make sure they are passing it correctly. | ||
| 34 | [Geoff Thorpe] | ||
| 35 | |||
| 36 | *) Target "mingw" now allows native Windows code to be generated in | ||
| 37 | the Cygwin environment as well as with the MinGW compiler. | ||
| 38 | [Ulf Moeller] | ||
| 39 | |||
| 40 | Changes between 0.9.7 and 0.9.7a [19 Feb 2003] | ||
| 41 | |||
| 42 | *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked | ||
| 43 | via timing by performing a MAC computation even if incorrrect | ||
| 44 | block cipher padding has been found. This is a countermeasure | ||
| 45 | against active attacks where the attacker has to distinguish | ||
| 46 | between bad padding and a MAC verification error. (CAN-2003-0078) | ||
| 47 | |||
| 48 | [Bodo Moeller; problem pointed out by Brice Canvel (EPFL), | ||
| 49 | Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and | ||
| 50 | Martin Vuagnoux (EPFL, Ilion)] | ||
| 51 | |||
| 52 | *) Make the no-err option work as intended. The intention with no-err | ||
| 53 | is not to have the whole error stack handling routines removed from | ||
| 54 | libcrypto, it's only intended to remove all the function name and | ||
| 55 | reason texts, thereby removing some of the footprint that may not | ||
| 56 | be interesting if those errors aren't displayed anyway. | ||
| 57 | |||
| 58 | NOTE: it's still possible for any application or module to have it's | ||
| 59 | own set of error texts inserted. The routines are there, just not | ||
| 60 | used by default when no-err is given. | ||
| 61 | [Richard Levitte] | ||
| 62 | |||
| 63 | *) Add support for FreeBSD on IA64. | ||
| 64 | [dirk.meyer@dinoex.sub.org via Richard Levitte, resolves #454] | ||
| 65 | |||
| 66 | *) Adjust DES_cbc_cksum() so it returns the same value as the MIT | ||
| 67 | Kerberos function mit_des_cbc_cksum(). Before this change, | ||
| 68 | the value returned by DES_cbc_cksum() was like the one from | ||
| 69 | mit_des_cbc_cksum(), except the bytes were swapped. | ||
| 70 | [Kevin Greaney <Kevin.Greaney@hp.com> and Richard Levitte] | ||
| 71 | |||
| 72 | *) Allow an application to disable the automatic SSL chain building. | ||
| 73 | Before this a rather primitive chain build was always performed in | ||
| 74 | ssl3_output_cert_chain(): an application had no way to send the | ||
| 75 | correct chain if the automatic operation produced an incorrect result. | ||
| 76 | |||
| 77 | Now the chain builder is disabled if either: | ||
| 78 | |||
| 79 | 1. Extra certificates are added via SSL_CTX_add_extra_chain_cert(). | ||
| 80 | |||
| 81 | 2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set. | ||
| 82 | |||
| 83 | The reasoning behind this is that an application would not want the | ||
| 84 | auto chain building to take place if extra chain certificates are | ||
| 85 | present and it might also want a means of sending no additional | ||
| 86 | certificates (for example the chain has two certificates and the | ||
| 87 | root is omitted). | ||
| 88 | [Steve Henson] | ||
| 89 | |||
| 90 | *) Add the possibility to build without the ENGINE framework. | ||
| 91 | [Steven Reddie <smr@essemer.com.au> via Richard Levitte] | ||
| 92 | |||
| 93 | *) Under Win32 gmtime() can return NULL: check return value in | ||
| 94 | OPENSSL_gmtime(). Add error code for case where gmtime() fails. | ||
| 95 | [Steve Henson] | ||
| 96 | |||
| 97 | *) DSA routines: under certain error conditions uninitialized BN objects | ||
| 98 | could be freed. Solution: make sure initialization is performed early | ||
| 99 | enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>, | ||
| 100 | Nils Larsch <nla@trustcenter.de> via PR#459) | ||
| 101 | [Lutz Jaenicke] | ||
| 102 | |||
| 103 | *) Another fix for SSLv2 session ID handling: the session ID was incorrectly | ||
| 104 | checked on reconnect on the client side, therefore session resumption | ||
| 105 | could still fail with a "ssl session id is different" error. This | ||
| 106 | behaviour is masked when SSL_OP_ALL is used due to | ||
| 107 | SSL_OP_MICROSOFT_SESS_ID_BUG being set. | ||
| 108 | Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as | ||
| 109 | followup to PR #377. | ||
| 110 | [Lutz Jaenicke] | ||
| 111 | |||
| 112 | *) IA-32 assembler support enhancements: unified ELF targets, support | ||
| 113 | for SCO/Caldera platforms, fix for Cygwin shared build. | ||
| 114 | [Andy Polyakov] | ||
| 115 | |||
| 116 | *) Add support for FreeBSD on sparc64. As a consequence, support for | ||
| 117 | FreeBSD on non-x86 processors is separate from x86 processors on | ||
| 118 | the config script, much like the NetBSD support. | ||
| 119 | [Richard Levitte & Kris Kennaway <kris@obsecurity.org>] | ||
| 120 | |||
| 121 | Changes between 0.9.6h and 0.9.7 [31 Dec 2002] | ||
| 122 | |||
| 123 | *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED | ||
| 124 | code (06) was taken as the first octet of the session ID and the last | ||
| 125 | octet was ignored consequently. As a result SSLv2 client side session | ||
| 126 | caching could not have worked due to the session ID mismatch between | ||
| 127 | client and server. | ||
| 128 | Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as | ||
| 129 | PR #377. | ||
| 130 | [Lutz Jaenicke] | ||
| 131 | |||
| 132 | *) Change the declaration of needed Kerberos libraries to use EX_LIBS | ||
| 133 | instead of the special (and badly supported) LIBKRB5. LIBKRB5 is | ||
| 134 | removed entirely. | ||
| 135 | [Richard Levitte] | ||
| 136 | |||
| 137 | *) The hw_ncipher.c engine requires dynamic locks. Unfortunately, it | ||
| 138 | seems that in spite of existing for more than a year, many application | ||
| 139 | author have done nothing to provide the necessary callbacks, which | ||
| 140 | means that this particular engine will not work properly anywhere. | ||
| 141 | This is a very unfortunate situation which forces us, in the name | ||
| 142 | of usability, to give the hw_ncipher.c a static lock, which is part | ||
| 143 | of libcrypto. | ||
| 144 | NOTE: This is for the 0.9.7 series ONLY. This hack will never | ||
| 145 | appear in 0.9.8 or later. We EXPECT application authors to have | ||
| 146 | dealt properly with this when 0.9.8 is released (unless we actually | ||
| 147 | make such changes in the libcrypto locking code that changes will | ||
| 148 | have to be made anyway). | ||
| 149 | [Richard Levitte] | ||
| 150 | |||
| 151 | *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content | ||
| 152 | octets have been read, EOF or an error occurs. Without this change | ||
| 153 | some truncated ASN1 structures will not produce an error. | ||
| 154 | [Steve Henson] | ||
| 155 | |||
| 156 | *) Disable Heimdal support, since it hasn't been fully implemented. | ||
| 157 | Still give the possibility to force the use of Heimdal, but with | ||
| 158 | warnings and a request that patches get sent to openssl-dev. | ||
| 159 | [Richard Levitte] | ||
| 160 | |||
| 161 | *) Add the VC-CE target, introduce the WINCE sysname, and add | ||
| 162 | INSTALL.WCE and appropriate conditionals to make it build. | ||
| 163 | [Steven Reddie <smr@essemer.com.au> via Richard Levitte] | ||
| 164 | |||
| 165 | *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and | ||
| 166 | cygssl-x.y.z.dll, where x, y and z are the major, minor and | ||
| 167 | edit numbers of the version. | ||
| 168 | [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte] | ||
| 169 | |||
| 170 | *) Introduce safe string copy and catenation functions | ||
| 171 | (BUF_strlcpy() and BUF_strlcat()). | ||
| 172 | [Ben Laurie (CHATS) and Richard Levitte] | ||
| 173 | |||
| 174 | *) Avoid using fixed-size buffers for one-line DNs. | ||
| 175 | [Ben Laurie (CHATS)] | ||
| 176 | |||
| 177 | *) Add BUF_MEM_grow_clean() to avoid information leakage when | ||
| 178 | resizing buffers containing secrets, and use where appropriate. | ||
| 179 | [Ben Laurie (CHATS)] | ||
| 180 | |||
| 181 | *) Avoid using fixed size buffers for configuration file location. | ||
| 182 | [Ben Laurie (CHATS)] | ||
| 183 | |||
| 184 | *) Avoid filename truncation for various CA files. | ||
| 185 | [Ben Laurie (CHATS)] | ||
| 186 | |||
| 187 | *) Use sizeof in preference to magic numbers. | ||
| 188 | [Ben Laurie (CHATS)] | ||
| 189 | |||
| 190 | *) Avoid filename truncation in cert requests. | ||
| 191 | [Ben Laurie (CHATS)] | ||
| 192 | |||
| 193 | *) Add assertions to check for (supposedly impossible) buffer | ||
| 194 | overflows. | ||
| 195 | [Ben Laurie (CHATS)] | ||
| 196 | |||
| 197 | *) Don't cache truncated DNS entries in the local cache (this could | ||
| 198 | potentially lead to a spoofing attack). | ||
| 199 | [Ben Laurie (CHATS)] | ||
| 200 | |||
| 201 | *) Fix various buffers to be large enough for hex/decimal | ||
| 202 | representations in a platform independent manner. | ||
| 203 | [Ben Laurie (CHATS)] | ||
| 204 | |||
| 205 | *) Add CRYPTO_realloc_clean() to avoid information leakage when | ||
| 206 | resizing buffers containing secrets, and use where appropriate. | ||
| 207 | [Ben Laurie (CHATS)] | ||
| 208 | |||
| 209 | *) Add BIO_indent() to avoid much slightly worrying code to do | ||
| 210 | indents. | ||
| 211 | [Ben Laurie (CHATS)] | ||
| 212 | |||
| 213 | *) Convert sprintf()/BIO_puts() to BIO_printf(). | ||
| 214 | [Ben Laurie (CHATS)] | ||
| 215 | |||
| 216 | *) buffer_gets() could terminate with the buffer only half | ||
| 217 | full. Fixed. | ||
| 218 | [Ben Laurie (CHATS)] | ||
| 219 | |||
| 220 | *) Add assertions to prevent user-supplied crypto functions from | ||
| 221 | overflowing internal buffers by having large block sizes, etc. | ||
| 222 | [Ben Laurie (CHATS)] | ||
| 223 | |||
| 224 | *) New OPENSSL_assert() macro (similar to assert(), but enabled | ||
| 225 | unconditionally). | ||
| 226 | [Ben Laurie (CHATS)] | ||
| 227 | |||
| 228 | *) Eliminate unused copy of key in RC4. | ||
| 229 | [Ben Laurie (CHATS)] | ||
| 230 | |||
| 231 | *) Eliminate unused and incorrectly sized buffers for IV in pem.h. | ||
| 232 | [Ben Laurie (CHATS)] | ||
| 233 | |||
| 234 | *) Fix off-by-one error in EGD path. | ||
| 235 | [Ben Laurie (CHATS)] | ||
| 236 | |||
| 237 | *) If RANDFILE path is too long, ignore instead of truncating. | ||
| 238 | [Ben Laurie (CHATS)] | ||
| 239 | |||
| 240 | *) Eliminate unused and incorrectly sized X.509 structure | ||
| 241 | CBCParameter. | ||
| 242 | [Ben Laurie (CHATS)] | ||
| 243 | |||
| 244 | *) Eliminate unused and dangerous function knumber(). | ||
| 245 | [Ben Laurie (CHATS)] | ||
| 246 | |||
| 247 | *) Eliminate unused and dangerous structure, KSSL_ERR. | ||
| 248 | [Ben Laurie (CHATS)] | ||
| 249 | |||
| 250 | *) Protect against overlong session ID context length in an encoded | ||
| 251 | session object. Since these are local, this does not appear to be | ||
| 252 | exploitable. | ||
| 253 | [Ben Laurie (CHATS)] | ||
| 254 | |||
| 255 | *) Change from security patch (see 0.9.6e below) that did not affect | ||
| 256 | the 0.9.6 release series: | ||
| 257 | |||
| 258 | Remote buffer overflow in SSL3 protocol - an attacker could | ||
| 259 | supply an oversized master key in Kerberos-enabled versions. | ||
| 260 | (CAN-2002-0657) | ||
| 261 | [Ben Laurie (CHATS)] | ||
| 262 | |||
| 263 | *) Change the SSL kerb5 codes to match RFC 2712. | ||
| 264 | [Richard Levitte] | ||
| 6 | 265 | ||
| 7 | *) Make -nameopt work fully for req and add -reqopt switch. | 266 | *) Make -nameopt work fully for req and add -reqopt switch. |
| 8 | [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson] | 267 | [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson] |
| @@ -34,7 +293,7 @@ | |||
| 34 | # is assumed to contain the absolute OpenSSL source directory. | 293 | # is assumed to contain the absolute OpenSSL source directory. |
| 35 | mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`" | 294 | mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`" |
| 36 | cd objtree/"`uname -s`-`uname -r`-`uname -m`" | 295 | cd objtree/"`uname -s`-`uname -r`-`uname -m`" |
| 37 | (cd $OPENSSL_SOURCE; find . -type f -o -type l) | while read F; do | 296 | (cd $OPENSSL_SOURCE; find . -type f) | while read F; do |
| 38 | mkdir -p `dirname $F` | 297 | mkdir -p `dirname $F` |
| 39 | ln -s $OPENSSL_SOURCE/$F $F | 298 | ln -s $OPENSSL_SOURCE/$F $F |
| 40 | done | 299 | done |
| @@ -1534,6 +1793,11 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1534 | be reduced modulo m. | 1793 | be reduced modulo m. |
| 1535 | [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] | 1794 | [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] |
| 1536 | 1795 | ||
| 1796 | #if 0 | ||
| 1797 | The following entry accidentily appeared in the CHANGES file | ||
| 1798 | distributed with OpenSSL 0.9.7. The modifications described in | ||
| 1799 | it do *not* apply to OpenSSL 0.9.7. | ||
| 1800 | |||
| 1537 | *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there | 1801 | *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there |
| 1538 | was actually never needed) and in BN_mul(). The removal in BN_mul() | 1802 | was actually never needed) and in BN_mul(). The removal in BN_mul() |
| 1539 | required a small change in bn_mul_part_recursive() and the addition | 1803 | required a small change in bn_mul_part_recursive() and the addition |
| @@ -1542,6 +1806,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1542 | bn_sub_words() and bn_add_words() except they take arrays with | 1806 | bn_sub_words() and bn_add_words() except they take arrays with |
| 1543 | differing sizes. | 1807 | differing sizes. |
| 1544 | [Richard Levitte] | 1808 | [Richard Levitte] |
| 1809 | #endif | ||
| 1545 | 1810 | ||
| 1546 | *) In 'openssl passwd', verify passwords read from the terminal | 1811 | *) In 'openssl passwd', verify passwords read from the terminal |
| 1547 | unless the '-salt' option is used (which usually means that | 1812 | unless the '-salt' option is used (which usually means that |
| @@ -1673,7 +1938,76 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1673 | *) Clean old EAY MD5 hack from e_os.h. | 1938 | *) Clean old EAY MD5 hack from e_os.h. |
| 1674 | [Richard Levitte] | 1939 | [Richard Levitte] |
| 1675 | 1940 | ||
| 1676 | Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] | 1941 | Changes between 0.9.6h and 0.9.6i [19 Feb 2003] |
| 1942 | |||
| 1943 | *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked | ||
| 1944 | via timing by performing a MAC computation even if incorrrect | ||
| 1945 | block cipher padding has been found. This is a countermeasure | ||
| 1946 | against active attacks where the attacker has to distinguish | ||
| 1947 | between bad padding and a MAC verification error. (CAN-2003-0078) | ||
| 1948 | |||
| 1949 | [Bodo Moeller; problem pointed out by Brice Canvel (EPFL), | ||
| 1950 | Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and | ||
| 1951 | Martin Vuagnoux (EPFL, Ilion)] | ||
| 1952 | |||
| 1953 | Changes between 0.9.6g and 0.9.6h [5 Dec 2002] | ||
| 1954 | |||
| 1955 | *) New function OPENSSL_cleanse(), which is used to cleanse a section of | ||
| 1956 | memory from it's contents. This is done with a counter that will | ||
| 1957 | place alternating values in each byte. This can be used to solve | ||
| 1958 | two issues: 1) the removal of calls to memset() by highly optimizing | ||
| 1959 | compilers, and 2) cleansing with other values than 0, since those can | ||
| 1960 | be read through on certain media, for example a swap space on disk. | ||
| 1961 | [Geoff Thorpe] | ||
| 1962 | |||
| 1963 | *) Bugfix: client side session caching did not work with external caching, | ||
| 1964 | because the session->cipher setting was not restored when reloading | ||
| 1965 | from the external cache. This problem was masked, when | ||
| 1966 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set. | ||
| 1967 | (Found by Steve Haslam <steve@araqnid.ddts.net>.) | ||
| 1968 | [Lutz Jaenicke] | ||
| 1969 | |||
| 1970 | *) Fix client_certificate (ssl/s2_clnt.c): The permissible total | ||
| 1971 | length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33. | ||
| 1972 | [Zeev Lieber <zeev-l@yahoo.com>] | ||
| 1973 | |||
| 1974 | *) Undo an undocumented change introduced in 0.9.6e which caused | ||
| 1975 | repeated calls to OpenSSL_add_all_ciphers() and | ||
| 1976 | OpenSSL_add_all_digests() to be ignored, even after calling | ||
| 1977 | EVP_cleanup(). | ||
| 1978 | [Richard Levitte] | ||
| 1979 | |||
| 1980 | *) Change the default configuration reader to deal with last line not | ||
| 1981 | being properly terminated. | ||
| 1982 | [Richard Levitte] | ||
| 1983 | |||
| 1984 | *) Change X509_NAME_cmp() so it applies the special rules on handling | ||
| 1985 | DN values that are of type PrintableString, as well as RDNs of type | ||
| 1986 | emailAddress where the value has the type ia5String. | ||
| 1987 | [stefank@valicert.com via Richard Levitte] | ||
| 1988 | |||
| 1989 | *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half | ||
| 1990 | the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently | ||
| 1991 | doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be | ||
| 1992 | the bitwise-OR of the two for use by the majority of applications | ||
| 1993 | wanting this behaviour, and update the docs. The documented | ||
| 1994 | behaviour and actual behaviour were inconsistent and had been | ||
| 1995 | changing anyway, so this is more a bug-fix than a behavioural | ||
| 1996 | change. | ||
| 1997 | [Geoff Thorpe, diagnosed by Nadav Har'El] | ||
| 1998 | |||
| 1999 | *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c | ||
| 2000 | (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes). | ||
| 2001 | [Bodo Moeller] | ||
| 2002 | |||
| 2003 | *) Fix initialization code race conditions in | ||
| 2004 | SSLv23_method(), SSLv23_client_method(), SSLv23_server_method(), | ||
| 2005 | SSLv2_method(), SSLv2_client_method(), SSLv2_server_method(), | ||
| 2006 | SSLv3_method(), SSLv3_client_method(), SSLv3_server_method(), | ||
| 2007 | TLSv1_method(), TLSv1_client_method(), TLSv1_server_method(), | ||
| 2008 | ssl2_get_cipher_by_char(), | ||
| 2009 | ssl3_get_cipher_by_char(). | ||
| 2010 | [Patrick McCormick <patrick@tellme.com>, Bodo Moeller] | ||
| 1677 | 2011 | ||
| 1678 | *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after | 2012 | *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after |
| 1679 | the cached sessions are flushed, as the remove_cb() might use ex_data | 2013 | the cached sessions are flushed, as the remove_cb() might use ex_data |
| @@ -1703,7 +2037,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1703 | overflow checks added in 0.9.6e. This prevents DoS (the | 2037 | overflow checks added in 0.9.6e. This prevents DoS (the |
| 1704 | assertions could call abort()). | 2038 | assertions could call abort()). |
| 1705 | [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller] | 2039 | [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller] |
| 1706 | 2040 | ||
| 1707 | Changes between 0.9.6d and 0.9.6e [30 Jul 2002] | 2041 | Changes between 0.9.6d and 0.9.6e [30 Jul 2002] |
| 1708 | 2042 | ||
| 1709 | *) Add various sanity checks to asn1_get_length() to reject | 2043 | *) Add various sanity checks to asn1_get_length() to reject |
| @@ -1755,11 +2089,6 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1755 | [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)> | 2089 | [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)> |
| 1756 | 2090 | ||
| 1757 | *) Remote buffer overflow in SSL3 protocol - an attacker could | 2091 | *) Remote buffer overflow in SSL3 protocol - an attacker could |
| 1758 | supply an oversized master key in Kerberos-enabled versions. | ||
| 1759 | (CAN-2002-0657) | ||
| 1760 | [Ben Laurie (CHATS)] | ||
| 1761 | |||
| 1762 | *) Remote buffer overflow in SSL3 protocol - an attacker could | ||
| 1763 | supply an oversized session ID to a client. (CAN-2002-0656) | 2092 | supply an oversized session ID to a client. (CAN-2002-0656) |
| 1764 | [Ben Laurie (CHATS)] | 2093 | [Ben Laurie (CHATS)] |
| 1765 | 2094 | ||
| @@ -1767,7 +2096,6 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1767 | supply an oversized client master key. (CAN-2002-0656) | 2096 | supply an oversized client master key. (CAN-2002-0656) |
| 1768 | [Ben Laurie (CHATS)] | 2097 | [Ben Laurie (CHATS)] |
| 1769 | 2098 | ||
| 1770 | |||
| 1771 | Changes between 0.9.6c and 0.9.6d [9 May 2002] | 2099 | Changes between 0.9.6c and 0.9.6d [9 May 2002] |
| 1772 | 2100 | ||
| 1773 | *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not | 2101 | *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not |
| @@ -1854,13 +2182,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k | |||
| 1854 | value is 0. | 2182 | value is 0. |
| 1855 | [Richard Levitte] | 2183 | [Richard Levitte] |
| 1856 | 2184 | ||
| 1857 | *) Add the configuration target linux-s390x. | ||
| 1858 | [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte] | ||
| 1859 | |||
| 1860 | *) [In 0.9.6d-engine release:] | 2185 | *) [In 0.9.6d-engine release:] |
| 1861 | Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). | 2186 | Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). |
| 1862 | [Toomas Kiisk <vix@cyber.ee> via Richard Levitte] | 2187 | [Toomas Kiisk <vix@cyber.ee> via Richard Levitte] |
| 1863 | 2188 | ||
| 2189 | *) Add the configuration target linux-s390x. | ||
| 2190 | [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte] | ||
| 2191 | |||
| 1864 | *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of | 2192 | *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of |
| 1865 | ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag | 2193 | ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag |
| 1866 | variable as an indication that a ClientHello message has been | 2194 | variable as an indication that a ClientHello message has been |
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure index 292ca877c6..7763dc4138 100644 --- a/src/lib/libssl/src/Configure +++ b/src/lib/libssl/src/Configure | |||
| @@ -10,7 +10,7 @@ use strict; | |||
| 10 | 10 | ||
| 11 | # see INSTALL for instructions. | 11 | # see INSTALL for instructions. |
| 12 | 12 | ||
| 13 | my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; | 13 | my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; |
| 14 | 14 | ||
| 15 | # Options: | 15 | # Options: |
| 16 | # | 16 | # |
| @@ -38,6 +38,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- | |||
| 38 | # --test-sanity Make a number of sanity checks on the data in this file. | 38 | # --test-sanity Make a number of sanity checks on the data in this file. |
| 39 | # This is a debugging tool for OpenSSL developers. | 39 | # This is a debugging tool for OpenSSL developers. |
| 40 | # | 40 | # |
| 41 | # no-engine do not compile in any engine code. | ||
| 41 | # no-hw-xxx do not compile support for specific crypto hardware. | 42 | # no-hw-xxx do not compile support for specific crypto hardware. |
| 42 | # Generic OpenSSL-style methods relating to this support | 43 | # Generic OpenSSL-style methods relating to this support |
| 43 | # are always compiled but return NULL if the hardware | 44 | # are always compiled but return NULL if the hardware |
| @@ -107,7 +108,6 @@ my $tlib="-lnsl -lsocket"; | |||
| 107 | my $bits1="THIRTY_TWO_BIT "; | 108 | my $bits1="THIRTY_TWO_BIT "; |
| 108 | my $bits2="SIXTY_FOUR_BIT "; | 109 | my $bits2="SIXTY_FOUR_BIT "; |
| 109 | 110 | ||
| 110 | my $x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; | ||
| 111 | my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; | 111 | my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; |
| 112 | my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; | 112 | my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; |
| 113 | my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; | 113 | my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; |
| @@ -145,8 +145,10 @@ my %table=( | |||
| 145 | "debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", | 145 | "debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", |
| 146 | "debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", | 146 | "debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", |
| 147 | "debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn", | 147 | "debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn", |
| 148 | "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 148 | "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 149 | "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 149 | "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 150 | "debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 151 | "debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 150 | "dist", "cc:-O::(unknown)::::::", | 152 | "dist", "cc:-O::(unknown)::::::", |
| 151 | 153 | ||
| 152 | # Basic configs that should work on any (32 and less bit) box | 154 | # Basic configs that should work on any (32 and less bit) box |
| @@ -159,25 +161,25 @@ my %table=( | |||
| 159 | # surrounds it with #APP #NO_APP comment pair which (at least Solaris | 161 | # surrounds it with #APP #NO_APP comment pair which (at least Solaris |
| 160 | # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic" | 162 | # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic" |
| 161 | # error message. | 163 | # error message. |
| 162 | "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 164 | "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 163 | 165 | ||
| 164 | #### Solaris x86 with Sun C setups | 166 | #### Solaris x86 with Sun C setups |
| 165 | "solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 167 | "solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 166 | 168 | ||
| 167 | #### SPARC Solaris with GNU C setups | 169 | #### SPARC Solaris with GNU C setups |
| 168 | "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 170 | "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 169 | "solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 171 | "solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 170 | # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc | 172 | # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc |
| 171 | "solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 173 | "solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 172 | "solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 174 | "solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 173 | # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 | 175 | # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 |
| 174 | # but keep the assembler modules. | 176 | # but keep the assembler modules. |
| 175 | "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 177 | "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 176 | "solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 178 | "solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 177 | 179 | ||
| 178 | #### | 180 | #### |
| 179 | "debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 181 | "debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 180 | "debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 182 | "debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 181 | 183 | ||
| 182 | #### SPARC Solaris with Sun C setups | 184 | #### SPARC Solaris with Sun C setups |
| 183 | # DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests | 185 | # DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests |
| @@ -201,13 +203,12 @@ my %table=( | |||
| 201 | # it's a real mess with -mcpu=ultrasparc option under Linux, but | 203 | # it's a real mess with -mcpu=ultrasparc option under Linux, but |
| 202 | # -Wa,-Av8plus should do the trick no matter what. | 204 | # -Wa,-Av8plus should do the trick no matter what. |
| 203 | "linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 205 | "linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 204 | # !!!Folowing can't be even tested yet!!! | 206 | # GCC 3.1 is a requirement |
| 205 | # We have to wait till 64-bit glibc for SPARC is operational!!! | 207 | "linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 206 | #"linux64-sparcv9","sparc64-linux-gcc:-m64 -mcpu=v9 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:ULTRASPARC::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:", | ||
| 207 | 208 | ||
| 208 | # Sunos configs, assuming sparc for the gcc one. | 209 | # Sunos configs, assuming sparc for the gcc one. |
| 209 | ##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):::DES_UNROLL:::", | 210 | ##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:::", |
| 210 | "sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::", | 211 | "sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::", |
| 211 | 212 | ||
| 212 | #### IRIX 5.x configs | 213 | #### IRIX 5.x configs |
| 213 | # -mips2 flag is added by ./config when appropriate. | 214 | # -mips2 flag is added by ./config when appropriate. |
| @@ -218,7 +219,7 @@ my %table=( | |||
| 218 | # './Configure irix-[g]cc' manually. | 219 | # './Configure irix-[g]cc' manually. |
| 219 | # -mips4 flag is added by ./config when appropriate. | 220 | # -mips4 flag is added by ./config when appropriate. |
| 220 | "irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 221 | "irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 221 | "irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 222 | "irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 222 | # N64 ABI builds. | 223 | # N64 ABI builds. |
| 223 | "irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 224 | "irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 224 | "irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 225 | "irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| @@ -261,22 +262,21 @@ my %table=( | |||
| 261 | "hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 262 | "hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 262 | 263 | ||
| 263 | # IA-64 targets | 264 | # IA-64 targets |
| 264 | # I have no idea if this one actually works, feedback needed. <appro> | 265 | "hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 265 | "hpux-ia64-cc","cc:-Ae +DD32 +O3 +ESlit -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 266 | # Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with | 266 | # Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with |
| 267 | # with debugging of the following config. | 267 | # with debugging of the following config. |
| 268 | "hpux64-ia64-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 268 | "hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 269 | 269 | ||
| 270 | # More attempts at unified 10.X and 11.X targets for HP C compiler. | 270 | # More attempts at unified 10.X and 11.X targets for HP C compiler. |
| 271 | # | 271 | # |
| 272 | # Chris Ruemmler <ruemmler@cup.hp.com> | 272 | # Chris Ruemmler <ruemmler@cup.hp.com> |
| 273 | # Kevin Steves <ks@hp.se> | 273 | # Kevin Steves <ks@hp.se> |
| 274 | "hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 274 | "hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 275 | "hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 275 | "hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 276 | "hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 276 | "hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 277 | # Isn't the line below meaningless? HP-UX cc optimizes for host by default. | 277 | # Isn't the line below meaningless? HP-UX cc optimizes for host by default. |
| 278 | # hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro> | 278 | # hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro> |
| 279 | "hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 279 | "hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 280 | 280 | ||
| 281 | # HPUX 9.X config. | 281 | # HPUX 9.X config. |
| 282 | # Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or | 282 | # Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or |
| @@ -383,17 +383,21 @@ my %table=( | |||
| 383 | "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 383 | "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 384 | "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", | 384 | "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", |
| 385 | "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", | 385 | "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", |
| 386 | "linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::", | 386 | "linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 387 | "linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::", | 387 | "linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 388 | "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 388 | "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 389 | "linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::", | 389 | "linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::", |
| 390 | "linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 390 | "linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 391 | "linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 391 | "linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 392 | "linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 392 | "linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 393 | "linux-ia64-ecc", "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 394 | "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 393 | "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 395 | "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 394 | "NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 396 | "NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 395 | "NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 397 | "NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 396 | "FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 398 | "FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 399 | "FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 400 | "FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 397 | "FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", | 401 | "FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", |
| 398 | "bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}", | 402 | "bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}", |
| 399 | "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 403 | "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| @@ -401,7 +405,7 @@ my %table=( | |||
| 401 | "nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", | 405 | "nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", |
| 402 | 406 | ||
| 403 | # NCR MP-RAS UNIX ver 02.03.01 | 407 | # NCR MP-RAS UNIX ver 02.03.01 |
| 404 | "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::", | 408 | "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::", |
| 405 | 409 | ||
| 406 | # QNX 4 | 410 | # QNX 4 |
| 407 | "qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:", | 411 | "qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:", |
| @@ -412,33 +416,36 @@ my %table=( | |||
| 412 | # Linux on ARM | 416 | # Linux on ARM |
| 413 | "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 417 | "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 414 | 418 | ||
| 419 | # SCO/Caldera targets. | ||
| 420 | # | ||
| 421 | # Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc. | ||
| 422 | # Now we only have blended unixware-* as it's the only one used by ./config. | ||
| 423 | # If you want to optimize for particular microarchitecture, bypass ./config | ||
| 424 | # and './Configure unixware-7 -Kpentium_pro' or whatever appropriate. | ||
| 425 | # Note that not all targets include assembler support. Mostly because of | ||
| 426 | # lack of motivation to support out-of-date platforms with out-of-date | ||
| 427 | # compiler drivers and assemblers. Tim Rice <tim@multitalents.net> has | ||
| 428 | # patiently assisted to debug most of it. | ||
| 429 | # | ||
| 415 | # UnixWare 2.0x fails destest with -O | 430 | # UnixWare 2.0x fails destest with -O |
| 416 | "unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", | 431 | "unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", |
| 417 | "unixware-2.0-pentium","cc:-DFILIO_H -DNO_STRINGS_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", | ||
| 418 | |||
| 419 | # UnixWare 2.1 | ||
| 420 | "unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", | 432 | "unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", |
| 421 | "unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", | 433 | "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 422 | "unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", | 434 | "unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 423 | 435 | "OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | |
| 424 | # UnixWare 7 | 436 | "OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 425 | "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 437 | "sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ... |
| 426 | "unixware-7-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 438 | # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the SCO cc. |
| 427 | "unixware-7-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 439 | "sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 428 | "unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 440 | "sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 429 | 441 | ||
| 430 | # OpenUNIX 8 | ||
| 431 | "OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 432 | "OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 433 | "OpenUNIX-8-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 434 | "OpenUNIX-8-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | ||
| 435 | 442 | ||
| 436 | # IBM's AIX. | 443 | # IBM's AIX. |
| 437 | "aix-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", | 444 | "aix-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", |
| 438 | "aix-gcc", "gcc:-O3 -DB_ENDIAN::(unknown):AIX::BN_LLONG RC4_CHAR:::", | 445 | "aix-gcc", "gcc:-O3 -DB_ENDIAN::(unknown):AIX::BN_LLONG RC4_CHAR:::", |
| 439 | "aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:", | 446 | "aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::", |
| 440 | "aix43-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:", | 447 | "aix43-gcc", "gcc:-O1 -DAIX -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:", |
| 441 | "aix64-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384 -q64::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHAR::::::::::dlfcn::::::-X 64", | 448 | "aix64-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384 -q64::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHAR::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64", |
| 442 | 449 | ||
| 443 | # | 450 | # |
| 444 | # Cray T90 and similar (SDSC) | 451 | # Cray T90 and similar (SDSC) |
| @@ -471,15 +478,6 @@ my %table=( | |||
| 471 | "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::", | 478 | "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::", |
| 472 | "dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", | 479 | "dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", |
| 473 | 480 | ||
| 474 | # SCO 3 - Tim Rice <tim@multitalents.net> | ||
| 475 | "sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ... | ||
| 476 | |||
| 477 | # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the | ||
| 478 | # SCO cc. | ||
| 479 | "sco5-cc", "cc:-belf::(unknown)::-lsocket -lresolv -lnsl:${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-Kpic", # des options? | ||
| 480 | "sco5-cc-pentium", "cc:-Kpentium::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options? | ||
| 481 | "sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lresolv -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC", # the SCO assembler doesn't seem to like our assembler files ... | ||
| 482 | |||
| 483 | # Sinix/ReliantUNIX RM400 | 481 | # Sinix/ReliantUNIX RM400 |
| 484 | # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */ | 482 | # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */ |
| 485 | "ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 483 | "ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| @@ -498,6 +496,7 @@ my %table=( | |||
| 498 | # Windows NT, Microsoft Visual C++ 4.0 | 496 | # Windows NT, Microsoft Visual C++ 4.0 |
| 499 | 497 | ||
| 500 | "VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", | 498 | "VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", |
| 499 | "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", | ||
| 501 | "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", | 500 | "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32", |
| 502 | "VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", | 501 | "VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::", |
| 503 | "VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", | 502 | "VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", |
| @@ -505,26 +504,24 @@ my %table=( | |||
| 505 | "VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", | 504 | "VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::", |
| 506 | 505 | ||
| 507 | # Borland C++ 4.5 | 506 | # Borland C++ 4.5 |
| 508 | "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX::::::::::win32", | 507 | "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN::::::::::win32", |
| 509 | "BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", | 508 | "BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::", |
| 510 | 509 | ||
| 511 | # Mingw32 | 510 | # MinGW |
| 512 | # (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl | 511 | "mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall:::MINGW32:-mno-cygwin -lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32::::.dll", |
| 513 | # and its library files in util/pl/*) | ||
| 514 | "Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", | ||
| 515 | 512 | ||
| 516 | # UWIN | 513 | # UWIN |
| 517 | "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", | 514 | "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", |
| 518 | 515 | ||
| 519 | # Cygwin | 516 | # Cygwin |
| 520 | "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", | 517 | "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32", |
| 521 | "Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll", | 518 | "Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll", |
| 522 | 519 | ||
| 523 | # DJGPP | 520 | # DJGPP |
| 524 | "DJGPP", "gcc:-I/dev/env/DJDIR/watt32/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/DJDIR/watt32/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::", | 521 | "DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::", |
| 525 | 522 | ||
| 526 | # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at> | 523 | # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at> |
| 527 | "ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown):::::::", | 524 | "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::", |
| 528 | "ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::", | 525 | "ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::", |
| 529 | # K&R C is no longer supported; you need gcc on old Ultrix installations | 526 | # K&R C is no longer supported; you need gcc on old Ultrix installations |
| 530 | ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::", | 527 | ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::", |
| @@ -543,10 +540,13 @@ my %table=( | |||
| 543 | "OpenBSD-hppa", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 540 | "OpenBSD-hppa", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 544 | 541 | ||
| 545 | ##### MacOS X (a.k.a. Rhapsody or Darwin) setup | 542 | ##### MacOS X (a.k.a. Rhapsody or Darwin) setup |
| 546 | "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", | 543 | "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", |
| 547 | "darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 544 | "darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 548 | "darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 545 | "darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 549 | 546 | ||
| 547 | ##### A/UX | ||
| 548 | "aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", | ||
| 549 | |||
| 550 | ##### Sony NEWS-OS 4.x | 550 | ##### Sony NEWS-OS 4.x |
| 551 | "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", | 551 | "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", |
| 552 | 552 | ||
| @@ -558,11 +558,16 @@ my %table=( | |||
| 558 | 558 | ||
| 559 | ##### VxWorks for various targets | 559 | ##### VxWorks for various targets |
| 560 | "vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::", | 560 | "vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::", |
| 561 | "vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::", | ||
| 562 | "vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::", | ||
| 563 | |||
| 564 | ##### Compaq Non-Stop Kernel (Tandem) | ||
| 565 | "tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::", | ||
| 561 | 566 | ||
| 562 | ); | 567 | ); |
| 563 | 568 | ||
| 564 | my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32 | 569 | my @WinTargets=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS |
| 565 | BC-16 Mingw32 OS2-EMX); | 570 | BC-32 BC-16 Mingw32 OS2-EMX); |
| 566 | 571 | ||
| 567 | my $idx = 0; | 572 | my $idx = 0; |
| 568 | my $idx_cc = $idx++; | 573 | my $idx_cc = $idx++; |
| @@ -645,6 +650,7 @@ my $openssl_thread_defines; | |||
| 645 | my $openssl_sys_defines=""; | 650 | my $openssl_sys_defines=""; |
| 646 | my $openssl_other_defines; | 651 | my $openssl_other_defines; |
| 647 | my $libs; | 652 | my $libs; |
| 653 | my $libkrb5=""; | ||
| 648 | my $target; | 654 | my $target; |
| 649 | my $options; | 655 | my $options; |
| 650 | my $symlink; | 656 | my $symlink; |
| @@ -685,6 +691,11 @@ PROCESS_ARGS: | |||
| 685 | $flags .= "-DOPENSSL_NO_ASM "; | 691 | $flags .= "-DOPENSSL_NO_ASM "; |
| 686 | $openssl_other_defines .= "#define OPENSSL_NO_ASM\n"; | 692 | $openssl_other_defines .= "#define OPENSSL_NO_ASM\n"; |
| 687 | } | 693 | } |
| 694 | elsif (/^no-err$/) | ||
| 695 | { | ||
| 696 | $flags .= "-DOPENSSL_NO_ERR "; | ||
| 697 | $openssl_other_defines .= "#define OPENSSL_NO_ERR\n"; | ||
| 698 | } | ||
| 688 | elsif (/^no-hw-(.+)$/) | 699 | elsif (/^no-hw-(.+)$/) |
| 689 | { | 700 | { |
| 690 | my $hw=$1; | 701 | my $hw=$1; |
| @@ -707,7 +718,7 @@ PROCESS_ARGS: | |||
| 707 | { $threads=1; } | 718 | { $threads=1; } |
| 708 | elsif (/^no-shared$/) | 719 | elsif (/^no-shared$/) |
| 709 | { $no_shared=1; } | 720 | { $no_shared=1; } |
| 710 | elsif (/^shared$/) | 721 | elsif (/^shared$/ || /^-shared$/ || /^--shared$/) |
| 711 | { $no_shared=0; } | 722 | { $no_shared=0; } |
| 712 | elsif (/^no-zlib$/) | 723 | elsif (/^no-zlib$/) |
| 713 | { $zlib=0; } | 724 | { $zlib=0; } |
| @@ -735,6 +746,7 @@ PROCESS_ARGS: | |||
| 735 | $openssl_algorithm_defines .= "#define OPENSSL_NO_$algo\n"; | 746 | $openssl_algorithm_defines .= "#define OPENSSL_NO_$algo\n"; |
| 736 | if ($algo eq "RIJNDAEL") | 747 | if ($algo eq "RIJNDAEL") |
| 737 | { | 748 | { |
| 749 | push @skip, "aes"; | ||
| 738 | $flags .= "-DOPENSSL_NO_AES "; | 750 | $flags .= "-DOPENSSL_NO_AES "; |
| 739 | $depflags .= "-DOPENSSL_NO_AES "; | 751 | $depflags .= "-DOPENSSL_NO_AES "; |
| 740 | $openssl_algorithm_defines .= "#define OPENSSL_NO_AES\n"; | 752 | $openssl_algorithm_defines .= "#define OPENSSL_NO_AES\n"; |
| @@ -944,6 +956,8 @@ my $shared_extension = $fields[$idx_shared_extension]; | |||
| 944 | my $ranlib = $fields[$idx_ranlib]; | 956 | my $ranlib = $fields[$idx_ranlib]; |
| 945 | my $arflags = $fields[$idx_arflags]; | 957 | my $arflags = $fields[$idx_arflags]; |
| 946 | 958 | ||
| 959 | my $no_shared_warn=0; | ||
| 960 | |||
| 947 | $cflags="$flags$cflags" if ($flags ne ""); | 961 | $cflags="$flags$cflags" if ($flags ne ""); |
| 948 | 962 | ||
| 949 | # Kerberos settings. The flavor must be provided from outside, either through | 963 | # Kerberos settings. The flavor must be provided from outside, either through |
| @@ -961,6 +975,17 @@ else | |||
| 961 | my ($lresolv, $lpath, $lext); | 975 | my ($lresolv, $lpath, $lext); |
| 962 | if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) | 976 | if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) |
| 963 | { | 977 | { |
| 978 | die "Sorry, Heimdal is currently not supported\n"; | ||
| 979 | } | ||
| 980 | ##### HACK to force use of Heimdal. | ||
| 981 | ##### WARNING: Since we don't really have adequate support for Heimdal, | ||
| 982 | ##### using this will break the build. You'll have to make | ||
| 983 | ##### changes to the source, and if you do, please send | ||
| 984 | ##### patches to openssl-dev@openssl.org | ||
| 985 | if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/) | ||
| 986 | { | ||
| 987 | warn "Heimdal isn't really supported. Your build WILL break\n"; | ||
| 988 | warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n"; | ||
| 964 | $withargs{"krb5-dir"} = "/usr/heimdal" | 989 | $withargs{"krb5-dir"} = "/usr/heimdal" |
| 965 | if $withargs{"krb5-dir"} eq ""; | 990 | if $withargs{"krb5-dir"} eq ""; |
| 966 | $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. | 991 | $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. |
| @@ -993,7 +1018,7 @@ else | |||
| 993 | } | 1018 | } |
| 994 | } | 1019 | } |
| 995 | $withargs{"krb5-lib"} .= " -lresolv" | 1020 | $withargs{"krb5-lib"} .= " -lresolv" |
| 996 | if ("$lresolv"); | 1021 | if ("$lresolv" ne ""); |
| 997 | $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" | 1022 | $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" |
| 998 | if $withargs{"krb5-include"} eq "" && | 1023 | if $withargs{"krb5-include"} eq "" && |
| 999 | $withargs{"krb5-dir"} ne ""; | 1024 | $withargs{"krb5-dir"} ne ""; |
| @@ -1052,7 +1077,7 @@ else | |||
| 1052 | # } | 1077 | # } |
| 1053 | } | 1078 | } |
| 1054 | 1079 | ||
| 1055 | $lflags="$libs$lflags"if ($libs ne ""); | 1080 | $lflags="$libs$lflags" if ($libs ne ""); |
| 1056 | 1081 | ||
| 1057 | if ($no_asm) | 1082 | if ($no_asm) |
| 1058 | { | 1083 | { |
| @@ -1060,6 +1085,11 @@ if ($no_asm) | |||
| 1060 | $sha1_obj=$md5_obj=$rmd160_obj=""; | 1085 | $sha1_obj=$md5_obj=$rmd160_obj=""; |
| 1061 | } | 1086 | } |
| 1062 | 1087 | ||
| 1088 | if (!$no_shared) | ||
| 1089 | { | ||
| 1090 | $cast_obj=""; # CAST assembler is not PIC | ||
| 1091 | } | ||
| 1092 | |||
| 1063 | if ($threads) | 1093 | if ($threads) |
| 1064 | { | 1094 | { |
| 1065 | $cflags=$thread_cflags; | 1095 | $cflags=$thread_cflags; |
| @@ -1075,20 +1105,17 @@ if ($zlib) | |||
| 1075 | 1105 | ||
| 1076 | # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org | 1106 | # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org |
| 1077 | my $shared_mark = ""; | 1107 | my $shared_mark = ""; |
| 1078 | if ($shared_target ne "") | 1108 | if ($shared_target eq "") |
| 1109 | { | ||
| 1110 | $no_shared_warn = 1 if !$no_shared; | ||
| 1111 | $no_shared = 1; | ||
| 1112 | } | ||
| 1113 | if (!$no_shared) | ||
| 1079 | { | 1114 | { |
| 1080 | if ($shared_cflag ne "") | 1115 | if ($shared_cflag ne "") |
| 1081 | { | 1116 | { |
| 1082 | $cflags = "$shared_cflag $cflags"; | 1117 | $cflags = "$shared_cflag $cflags"; |
| 1083 | } | 1118 | } |
| 1084 | if (!$no_shared) | ||
| 1085 | { | ||
| 1086 | #$shared_mark = "\$(SHARED_LIBS)"; | ||
| 1087 | } | ||
| 1088 | } | ||
| 1089 | else | ||
| 1090 | { | ||
| 1091 | $no_shared = 1; | ||
| 1092 | } | 1119 | } |
| 1093 | 1120 | ||
| 1094 | if ($sys_id ne "") | 1121 | if ($sys_id ne "") |
| @@ -1262,8 +1289,6 @@ print "ARFLAGS =$arflags\n"; | |||
| 1262 | print "PERL =$perl\n"; | 1289 | print "PERL =$perl\n"; |
| 1263 | print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n" | 1290 | print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n" |
| 1264 | if $withargs{"krb5-include"} ne ""; | 1291 | if $withargs{"krb5-include"} ne ""; |
| 1265 | print "LIBKRB5 =",$withargs{"krb5-lib"},"\n" | ||
| 1266 | if $withargs{"krb5-lib"} ne ""; | ||
| 1267 | 1292 | ||
| 1268 | my $des_ptr=0; | 1293 | my $des_ptr=0; |
| 1269 | my $des_risc1=0; | 1294 | my $des_risc1=0; |
| @@ -1490,6 +1515,16 @@ applications as the compiler options required on this system are not known. | |||
| 1490 | See file INSTALL for details if you need multi-threading. | 1515 | See file INSTALL for details if you need multi-threading. |
| 1491 | EOF | 1516 | EOF |
| 1492 | 1517 | ||
| 1518 | print <<\EOF if ($no_shared_warn); | ||
| 1519 | |||
| 1520 | You gave the option 'shared'. Normally, that would give you shared libraries. | ||
| 1521 | Unfortunately, the OpenSSL configuration doesn't include shared library support | ||
| 1522 | for this platform yet, so it will pretend you gave the option 'no-shared'. If | ||
| 1523 | you can inform the developpers (openssl-dev\@openssl.org) how to support shared | ||
| 1524 | libraries on this platform, they will at least look at it and try their best | ||
| 1525 | (but please first make sure you have tried with a current version of OpenSSL). | ||
| 1526 | EOF | ||
| 1527 | |||
| 1493 | exit(0); | 1528 | exit(0); |
| 1494 | 1529 | ||
| 1495 | sub usage | 1530 | sub usage |
diff --git a/src/lib/libssl/src/FAQ b/src/lib/libssl/src/FAQ index 28027fdcac..7812ae88cb 100644 --- a/src/lib/libssl/src/FAQ +++ b/src/lib/libssl/src/FAQ | |||
| @@ -9,6 +9,7 @@ OpenSSL - Frequently Asked Questions | |||
| 9 | * Where can I get a compiled version of OpenSSL? | 9 | * Where can I get a compiled version of OpenSSL? |
| 10 | * Why aren't tools like 'autoconf' and 'libtool' used? | 10 | * Why aren't tools like 'autoconf' and 'libtool' used? |
| 11 | * What is an 'engine' version? | 11 | * What is an 'engine' version? |
| 12 | * How do I check the authenticity of the OpenSSL distribution? | ||
| 12 | 13 | ||
| 13 | [LEGAL] Legal questions | 14 | [LEGAL] Legal questions |
| 14 | 15 | ||
| @@ -43,6 +44,8 @@ OpenSSL - Frequently Asked Questions | |||
| 43 | * What is special about OpenSSL on Redhat? | 44 | * What is special about OpenSSL on Redhat? |
| 44 | * Why does the OpenSSL compilation fail on MacOS X? | 45 | * Why does the OpenSSL compilation fail on MacOS X? |
| 45 | * Why does the OpenSSL test suite fail on MacOS X? | 46 | * Why does the OpenSSL test suite fail on MacOS X? |
| 47 | * Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]? | ||
| 48 | * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"? | ||
| 46 | 49 | ||
| 47 | [PROG] Questions about programming with OpenSSL | 50 | [PROG] Questions about programming with OpenSSL |
| 48 | 51 | ||
| @@ -65,7 +68,7 @@ OpenSSL - Frequently Asked Questions | |||
| 65 | * Which is the current version of OpenSSL? | 68 | * Which is the current version of OpenSSL? |
| 66 | 69 | ||
| 67 | The current version is available from <URL: http://www.openssl.org>. | 70 | The current version is available from <URL: http://www.openssl.org>. |
| 68 | OpenSSL 0.9.6g was released on August 9, 2002. | 71 | OpenSSL 0.9.7b was released on April 10, 2003. |
| 69 | 72 | ||
| 70 | In addition to the current stable release, you can also access daily | 73 | In addition to the current stable release, you can also access daily |
| 71 | snapshots of the OpenSSL development version at <URL: | 74 | snapshots of the OpenSSL development version at <URL: |
| @@ -136,6 +139,19 @@ hardware. This was realized in a special release '0.9.6-engine'. With | |||
| 136 | version 0.9.7 (not yet released) the changes were merged into the main | 139 | version 0.9.7 (not yet released) the changes were merged into the main |
| 137 | development line, so that the special release is no longer necessary. | 140 | development line, so that the special release is no longer necessary. |
| 138 | 141 | ||
| 142 | * How do I check the authenticity of the OpenSSL distribution? | ||
| 143 | |||
| 144 | We provide MD5 digests and ASC signatures of each tarball. | ||
| 145 | Use MD5 to check that a tarball from a mirror site is identical: | ||
| 146 | |||
| 147 | md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5 | ||
| 148 | |||
| 149 | You can check authenticity using pgp or gpg. You need the OpenSSL team | ||
| 150 | member public key used to sign it (download it from a key server). Then | ||
| 151 | just do: | ||
| 152 | |||
| 153 | pgp TARBALL.asc | ||
| 154 | |||
| 139 | [LEGAL] ======================================================================= | 155 | [LEGAL] ======================================================================= |
| 140 | 156 | ||
| 141 | * Do I need patent licenses to use OpenSSL? | 157 | * Do I need patent licenses to use OpenSSL? |
| @@ -173,18 +189,30 @@ for permission to use their software with OpenSSL. | |||
| 173 | 189 | ||
| 174 | Cryptographic software needs a source of unpredictable data to work | 190 | Cryptographic software needs a source of unpredictable data to work |
| 175 | correctly. Many open source operating systems provide a "randomness | 191 | correctly. Many open source operating systems provide a "randomness |
| 176 | device" that serves this purpose. On other systems, applications have | 192 | device" (/dev/urandom or /dev/random) that serves this purpose. |
| 177 | to call the RAND_add() or RAND_seed() function with appropriate data | 193 | All OpenSSL versions try to use /dev/urandom by default; starting with |
| 178 | before generating keys or performing public key encryption. | 194 | version 0.9.7, OpenSSL also tries /dev/random if /dev/urandom is not |
| 179 | (These functions initialize the pseudo-random number generator, PRNG.) | 195 | available. |
| 180 | 196 | ||
| 181 | Some broken applications do not do this. As of version 0.9.5, the | 197 | On other systems, applications have to call the RAND_add() or |
| 182 | OpenSSL functions that need randomness report an error if the random | 198 | RAND_seed() function with appropriate data before generating keys or |
| 183 | number generator has not been seeded with at least 128 bits of | 199 | performing public key encryption. (These functions initialize the |
| 184 | randomness. If this error occurs, please contact the author of the | 200 | pseudo-random number generator, PRNG.) Some broken applications do |
| 185 | application you are using. It is likely that it never worked | 201 | not do this. As of version 0.9.5, the OpenSSL functions that need |
| 186 | correctly. OpenSSL 0.9.5 and later make the error visible by refusing | 202 | randomness report an error if the random number generator has not been |
| 187 | to perform potentially insecure encryption. | 203 | seeded with at least 128 bits of randomness. If this error occurs and |
| 204 | is not discussed in the documentation of the application you are | ||
| 205 | using, please contact the author of that application; it is likely | ||
| 206 | that it never worked correctly. OpenSSL 0.9.5 and later make the | ||
| 207 | error visible by refusing to perform potentially insecure encryption. | ||
| 208 | |||
| 209 | If you are using Solaris 8, you can add /dev/urandom and /dev/random | ||
| 210 | devices by installing patch 112438 (Sparc) or 112439 (x86), which are | ||
| 211 | available via the Patchfinder at <URL: http://sunsolve.sun.com> | ||
| 212 | (Solaris 9 includes these devices by default). For /dev/random support | ||
| 213 | for earlier Solaris versions, see Sun's statement at | ||
| 214 | <URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski> | ||
| 215 | (the SUNWski package is available in patch 105710). | ||
| 188 | 216 | ||
| 189 | On systems without /dev/urandom and /dev/random, it is a good idea to | 217 | On systems without /dev/urandom and /dev/random, it is a good idea to |
| 190 | use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for | 218 | use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for |
| @@ -217,16 +245,6 @@ OpenSSL command line tools. Applications using the OpenSSL library | |||
| 217 | provide their own configuration options to specify the entropy source, | 245 | provide their own configuration options to specify the entropy source, |
| 218 | please check out the documentation coming the with application. | 246 | please check out the documentation coming the with application. |
| 219 | 247 | ||
| 220 | For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested | ||
| 221 | installing the SUNski package from Sun patch 105710-01 (Sparc) which | ||
| 222 | adds a /dev/random device and make sure it gets used, usually through | ||
| 223 | $RANDFILE. There are probably similar patches for the other Solaris | ||
| 224 | versions. An official statement from Sun with respect to /dev/random | ||
| 225 | support can be found at | ||
| 226 | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski | ||
| 227 | However, be warned that /dev/random is usually a blocking device, which | ||
| 228 | may have some effects on OpenSSL. | ||
| 229 | |||
| 230 | 248 | ||
| 231 | * Why do I get an "unable to write 'random state'" error message? | 249 | * Why do I get an "unable to write 'random state'" error message? |
| 232 | 250 | ||
| @@ -472,10 +490,13 @@ and then redo the compilation. What you should really do is make sure | |||
| 472 | Sometimes, you may get reports from VC++ command line (cl) that it | 490 | Sometimes, you may get reports from VC++ command line (cl) that it |
| 473 | can't find standard include files like stdio.h and other weirdnesses. | 491 | can't find standard include files like stdio.h and other weirdnesses. |
| 474 | One possible cause is that the environment isn't correctly set up. | 492 | One possible cause is that the environment isn't correctly set up. |
| 475 | To solve that problem, one should run VCVARS32.BAT which is found in | 493 | To solve that problem for VC++ versions up to 6, one should run |
| 476 | the 'bin' subdirectory of the VC++ installation directory (somewhere | 494 | VCVARS32.BAT which is found in the 'bin' subdirectory of the VC++ |
| 477 | under 'Program Files'). This needs to be done prior to running NMAKE, | 495 | installation directory (somewhere under 'Program Files'). For VC++ |
| 478 | and the changes are only valid for the current DOS session. | 496 | version 7 (and up?), which is also called VS.NET, the file is called |
| 497 | VSVARS32.BAT instead. | ||
| 498 | This needs to be done prior to running NMAKE, and the changes are only | ||
| 499 | valid for the current DOS session. | ||
| 479 | 500 | ||
| 480 | 501 | ||
| 481 | * What is special about OpenSSL on Redhat? | 502 | * What is special about OpenSSL on Redhat? |
| @@ -536,6 +557,37 @@ libraries you just built. | |||
| 536 | Look in the file PROBLEMS for a more detailed explanation and for possible | 557 | Look in the file PROBLEMS for a more detailed explanation and for possible |
| 537 | solutions. | 558 | solutions. |
| 538 | 559 | ||
| 560 | * Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]? | ||
| 561 | |||
| 562 | Failure in BN_sqr test is most likely caused by a failure to configure the | ||
| 563 | toolkit for current platform or lack of support for the platform in question. | ||
| 564 | Run './config -t' and './apps/openssl version -p'. Do these platform | ||
| 565 | identifiers match? If they don't, then you most likely failed to run | ||
| 566 | ./config and you're hereby advised to do so before filing a bug report. | ||
| 567 | If ./config itself fails to run, then it's most likely problem with your | ||
| 568 | local environment and you should turn to your system administrator (or | ||
| 569 | similar). If identifiers match (and/or no alternative identifier is | ||
| 570 | suggested by ./config script), then the platform is unsupported. There might | ||
| 571 | or might not be a workaround. Most notably on SPARC64 platforms with GNU | ||
| 572 | C compiler you should be able to produce a working build by running | ||
| 573 | './config -m32'. I understand that -m32 might not be what you want/need, | ||
| 574 | but the build should be operational. For further details turn to | ||
| 575 | <openssl-dev@openssl.org>. | ||
| 576 | |||
| 577 | * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"? | ||
| 578 | |||
| 579 | As of 0.9.7 assembler routines were overhauled for position independence | ||
| 580 | of the machine code, which is essential for shared library support. For | ||
| 581 | some reason OpenBSD is equipped with an out-of-date GNU assembler which | ||
| 582 | finds the new code offensive. To work around the problem, configure with | ||
| 583 | no-asm (and sacrifice a great deal of performance) or patch your assembler | ||
| 584 | according to <URL: http://www.openssl.org/~appro/gas-1.92.3.OpenBSD.patch>. | ||
| 585 | For your convenience a pre-compiled replacement binary is provided at | ||
| 586 | <URL: http://www.openssl.org/~appro/gas-1.92.3.static.aout.bin>. | ||
| 587 | Reportedly elder *BSD a.out platforms also suffer from this problem and | ||
| 588 | remedy should be same. Provided binary is statically linked and should be | ||
| 589 | working across wider range of *BSD branches, not just OpenBSD. | ||
| 590 | |||
| 539 | [PROG] ======================================================================== | 591 | [PROG] ======================================================================== |
| 540 | 592 | ||
| 541 | * Is OpenSSL thread-safe? | 593 | * Is OpenSSL thread-safe? |
| @@ -680,6 +732,7 @@ The general answer is to check the config.log file generated when running | |||
| 680 | the OpenSSH configure script. It should contain the detailed information | 732 | the OpenSSH configure script. It should contain the detailed information |
| 681 | on why the OpenSSL library was not detected or considered incompatible. | 733 | on why the OpenSSL library was not detected or considered incompatible. |
| 682 | 734 | ||
| 735 | |||
| 683 | * Can I use OpenSSL's SSL library with non-blocking I/O? | 736 | * Can I use OpenSSL's SSL library with non-blocking I/O? |
| 684 | 737 | ||
| 685 | Yes; make sure to read the SSL_get_error(3) manual page! | 738 | Yes; make sure to read the SSL_get_error(3) manual page! |
diff --git a/src/lib/libssl/src/INSTALL b/src/lib/libssl/src/INSTALL index af86485e00..1c3f3c3fe9 100644 --- a/src/lib/libssl/src/INSTALL +++ b/src/lib/libssl/src/INSTALL | |||
| @@ -140,8 +140,8 @@ | |||
| 140 | standard headers). If it is a problem with OpenSSL itself, please | 140 | standard headers). If it is a problem with OpenSSL itself, please |
| 141 | report the problem to <openssl-bugs@openssl.org> (note that your | 141 | report the problem to <openssl-bugs@openssl.org> (note that your |
| 142 | message will be recorded in the request tracker publicly readable | 142 | message will be recorded in the request tracker publicly readable |
| 143 | via http://www.openssl.org/rt2.html and will be forwarded to a public | 143 | via http://www.openssl.org/support/rt2.html and will be forwarded to a |
| 144 | mailing list). Include the output of "make report" in your message. | 144 | public mailing list). Include the output of "make report" in your message. |
| 145 | Please check out the request tracker. Maybe the bug was already | 145 | Please check out the request tracker. Maybe the bug was already |
| 146 | reported or has already been fixed. | 146 | reported or has already been fixed. |
| 147 | 147 | ||
| @@ -158,11 +158,11 @@ | |||
| 158 | If a test fails, look at the output. There may be reasons for | 158 | If a test fails, look at the output. There may be reasons for |
| 159 | the failure that isn't a problem in OpenSSL itself (like a missing | 159 | the failure that isn't a problem in OpenSSL itself (like a missing |
| 160 | or malfunctioning bc). If it is a problem with OpenSSL itself, | 160 | or malfunctioning bc). If it is a problem with OpenSSL itself, |
| 161 | try removing any compiler optimization flags from the CFLAGS line | 161 | try removing any compiler optimization flags from the CFLAG line |
| 162 | in Makefile.ssl and run "make clean; make". Please send a bug | 162 | in Makefile.ssl and run "make clean; make". Please send a bug |
| 163 | report to <openssl-bugs@openssl.org>, including the output of | 163 | report to <openssl-bugs@openssl.org>, including the output of |
| 164 | "make report" in order to be added to the request tracker at | 164 | "make report" in order to be added to the request tracker at |
| 165 | http://www.openssl.org/rt2.html. | 165 | http://www.openssl.org/support/rt2.html. |
| 166 | 166 | ||
| 167 | 4. If everything tests ok, install OpenSSL with | 167 | 4. If everything tests ok, install OpenSSL with |
| 168 | 168 | ||
| @@ -296,3 +296,37 @@ | |||
| 296 | targets for shared library creation, like linux-shared. Those targets | 296 | targets for shared library creation, like linux-shared. Those targets |
| 297 | can currently be used on their own just as well, but this is expected | 297 | can currently be used on their own just as well, but this is expected |
| 298 | to change in future versions of OpenSSL. | 298 | to change in future versions of OpenSSL. |
| 299 | |||
| 300 | Note on random number generation | ||
| 301 | -------------------------------- | ||
| 302 | |||
| 303 | Availability of cryptographically secure random numbers is required for | ||
| 304 | secret key generation. OpenSSL provides several options to seed the | ||
| 305 | internal PRNG. If not properly seeded, the internal PRNG will refuse | ||
| 306 | to deliver random bytes and a "PRNG not seeded error" will occur. | ||
| 307 | On systems without /dev/urandom (or similar) device, it may be necessary | ||
| 308 | to install additional support software to obtain random seed. | ||
| 309 | Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(), | ||
| 310 | and the FAQ for more information. | ||
| 311 | |||
| 312 | Note on support for multiple builds | ||
| 313 | ----------------------------------- | ||
| 314 | |||
| 315 | OpenSSL is usually built in it's source tree. Unfortunately, this doesn't | ||
| 316 | support building for multiple platforms from the same source tree very well. | ||
| 317 | It is however possible to build in a separate tree through the use of lots | ||
| 318 | of symbolic links, which should be prepared like this: | ||
| 319 | |||
| 320 | mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`" | ||
| 321 | cd objtree/"`uname -s`-`uname -r`-`uname -m`" | ||
| 322 | (cd $OPENSSL_SOURCE; find . -type f) | while read F; do | ||
| 323 | mkdir -p `dirname $F` | ||
| 324 | rm -f $F; ln -s $OPENSSL_SOURCE/$F $F | ||
| 325 | echo $F '->' $OPENSSL_SOURCE/$F | ||
| 326 | done | ||
| 327 | make -f Makefile.org clean | ||
| 328 | |||
| 329 | OPENSSL_SOURCE is an environment variable that contains the absolute (this | ||
| 330 | is important!) path to the OpenSSL source tree. | ||
| 331 | |||
| 332 | Also, operations like 'make update' should still be made in the source tree. | ||
diff --git a/src/lib/libssl/src/INSTALL.W32 b/src/lib/libssl/src/INSTALL.W32 index 3de6544fc5..78d289e16a 100644 --- a/src/lib/libssl/src/INSTALL.W32 +++ b/src/lib/libssl/src/INSTALL.W32 | |||
| @@ -2,19 +2,28 @@ | |||
| 2 | INSTALLATION ON THE WIN32 PLATFORM | 2 | INSTALLATION ON THE WIN32 PLATFORM |
| 3 | ---------------------------------- | 3 | ---------------------------------- |
| 4 | 4 | ||
| 5 | [Instructions for building for Windows CE can be found in INSTALL.WCE] | ||
| 6 | |||
| 5 | Heres a few comments about building OpenSSL in Windows environments. Most | 7 | Heres a few comments about building OpenSSL in Windows environments. Most |
| 6 | of this is tested on Win32 but it may also work in Win 3.1 with some | 8 | of this is tested on Win32 but it may also work in Win 3.1 with some |
| 7 | modification. | 9 | modification. |
| 8 | 10 | ||
| 9 | You need Perl for Win32. Unless you will build on Cygwin, you will need | 11 | You need Perl for Win32. Unless you will build on Cygwin, you will need |
| 10 | ActiveState Perl, available from http://www.activestate.com/ActivePerl. | 12 | ActiveState Perl, available from http://www.activestate.com/ActivePerl. |
| 11 | For Cygwin users, there's more info in the Cygwin section. | ||
| 12 | 13 | ||
| 13 | and one of the following C compilers: | 14 | and one of the following C compilers: |
| 14 | 15 | ||
| 15 | * Visual C++ | 16 | * Visual C++ |
| 16 | * Borland C | 17 | * Borland C |
| 17 | * GNU C (Mingw32 or Cygwin) | 18 | * GNU C (Cygwin or MinGW) |
| 19 | |||
| 20 | If you are compiling from a tarball or a CVS snapshot then the Win32 files | ||
| 21 | may well be not up to date. This may mean that some "tweaking" is required to | ||
| 22 | get it all to work. See the trouble shooting section later on for if (when?) | ||
| 23 | it goes wrong. | ||
| 24 | |||
| 25 | Visual C++ | ||
| 26 | ---------- | ||
| 18 | 27 | ||
| 19 | If you want to compile in the assembly language routines with Visual C++ then | 28 | If you want to compile in the assembly language routines with Visual C++ then |
| 20 | you will need an assembler. This is worth doing because it will result in | 29 | you will need an assembler. This is worth doing because it will result in |
| @@ -24,26 +33,19 @@ | |||
| 24 | * Microsoft MASM (aka "ml") | 33 | * Microsoft MASM (aka "ml") |
| 25 | * Free Netwide Assembler NASM. | 34 | * Free Netwide Assembler NASM. |
| 26 | 35 | ||
| 27 | MASM was at one point distributed with VC++. It is now distributed with some | 36 | MASM is distributed with most versions of VC++. For the versions where it is |
| 28 | Microsoft DDKs, for example the Windows NT 4.0 DDK and the Windows 98 DDK. If | 37 | not included in VC++, it is also distributed with some Microsoft DDKs, for |
| 29 | you do not have either of these DDKs then you can just download the binaries | 38 | example the Windows NT 4.0 DDK and the Windows 98 DDK. If you do not have |
| 30 | for the Windows 98 DDK and extract and rename the two files XXXXXml.exe and | 39 | either of these DDKs then you can just download the binaries for the Windows |
| 31 | XXXXXml.err, to ml.exe and ml.err and install somewhere on your PATH. Both | 40 | 98 DDK and extract and rename the two files XXXXXml.exe and XXXXXml.err, to |
| 32 | DDKs can be downloaded from the Microsoft developers site www.msdn.com. | 41 | ml.exe and ml.err and install somewhere on your PATH. Both DDKs can be |
| 42 | downloaded from the Microsoft developers site www.msdn.com. | ||
| 33 | 43 | ||
| 34 | NASM is freely available. Version 0.98 was used during testing: other versions | 44 | NASM is freely available. Version 0.98 was used during testing: other versions |
| 35 | may also work. It is available from many places, see for example: | 45 | may also work. It is available from many places, see for example: |
| 36 | http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ | 46 | http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ |
| 37 | The NASM binary nasmw.exe needs to be installed anywhere on your PATH. | 47 | The NASM binary nasmw.exe needs to be installed anywhere on your PATH. |
| 38 | 48 | ||
| 39 | If you are compiling from a tarball or a CVS snapshot then the Win32 files | ||
| 40 | may well be not up to date. This may mean that some "tweaking" is required to | ||
| 41 | get it all to work. See the trouble shooting section later on for if (when?) | ||
| 42 | it goes wrong. | ||
| 43 | |||
| 44 | Visual C++ | ||
| 45 | ---------- | ||
| 46 | |||
| 47 | Firstly you should run Configure: | 49 | Firstly you should run Configure: |
| 48 | 50 | ||
| 49 | > perl Configure VC-WIN32 | 51 | > perl Configure VC-WIN32 |
| @@ -82,7 +84,8 @@ | |||
| 82 | There are various changes you can make to the Win32 compile environment. By | 84 | There are various changes you can make to the Win32 compile environment. By |
| 83 | default the library is not compiled with debugging symbols. If you add 'debug' | 85 | default the library is not compiled with debugging symbols. If you add 'debug' |
| 84 | to the mk1mf.pl lines in the do_* batch file then debugging symbols will be | 86 | to the mk1mf.pl lines in the do_* batch file then debugging symbols will be |
| 85 | compiled in. | 87 | compiled in. Note that mk1mf.pl expects the platform to be the last argument |
| 88 | on the command line, so 'debug' must appear before that, as all other options. | ||
| 86 | 89 | ||
| 87 | The default Win32 environment is to leave out any Windows NT specific | 90 | The default Win32 environment is to leave out any Windows NT specific |
| 88 | features. | 91 | features. |
| @@ -116,62 +119,35 @@ | |||
| 116 | * Run make: | 119 | * Run make: |
| 117 | > make -f bcb.mak | 120 | > make -f bcb.mak |
| 118 | 121 | ||
| 119 | GNU C (Mingw32) | ||
| 120 | --------------- | ||
| 121 | |||
| 122 | To build OpenSSL, you need the Mingw32 package and GNU make. | ||
| 123 | |||
| 124 | * Compiler installation: | ||
| 125 | |||
| 126 | Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/ | ||
| 127 | gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. Extract it | ||
| 128 | to a directory such as C:\gcc-2.95.2 and add c:\gcc-2.95.2\bin to | ||
| 129 | the PATH environment variable in "System Properties"; or edit and | ||
| 130 | run C:\gcc-2.95.2\mingw32.bat to set the PATH. | ||
| 131 | |||
| 132 | * Compile OpenSSL: | ||
| 133 | |||
| 134 | > ms\mingw32 | ||
| 135 | |||
| 136 | This will create the library and binaries in out. In case any problems | ||
| 137 | occur, try | ||
| 138 | > ms\mingw32 no-asm | ||
| 139 | instead. | ||
| 140 | |||
| 141 | libcrypto.a and libssl.a are the static libraries. To use the DLLs, | ||
| 142 | link with libeay32.a and libssl32.a instead. | ||
| 143 | |||
| 144 | See troubleshooting if you get error messages about functions not having | ||
| 145 | a number assigned. | ||
| 146 | |||
| 147 | * You can now try the tests: | ||
| 148 | |||
| 149 | > cd out | ||
| 150 | > ..\ms\test | ||
| 151 | |||
| 152 | GNU C (Cygwin) | 122 | GNU C (Cygwin) |
| 153 | -------------- | 123 | -------------- |
| 154 | 124 | ||
| 155 | Cygwin provides a bash shell and GNU tools environment running | 125 | Cygwin provides a bash shell and GNU tools environment running |
| 156 | on NT 4.0, Windows 9x, Windows ME, Windows 2000, and Windows XP. | 126 | on NT 4.0, Windows 9x, Windows ME, Windows 2000, and Windows XP. |
| 157 | Consequently, a make of OpenSSL with Cygwin is closer to a GNU | 127 | Consequently, a make of OpenSSL with Cygwin is closer to a GNU |
| 158 | bash environment such as Linux than to other W32 makes which are | 128 | bash environment such as Linux than to other the other Win32 |
| 159 | based on a single makefile approach. Cygwin implements Posix/Unix | 129 | makes. |
| 160 | calls through cygwin1.dll, and is contrasted to Mingw32 which links | 130 | |
| 161 | dynamically to msvcrt.dll or crtdll.dll. | 131 | Cygwin implements a Posix/Unix runtime system (cygwin1.dll). |
| 132 | It is also possible to create Win32 binaries that only use the | ||
| 133 | Microsoft C runtime system (msvcrt.dll or crtdll.dll) using | ||
| 134 | MinGW. MinGW can be used in the Cygwin development environment | ||
| 135 | or in a standalone setup as described in the following section. | ||
| 162 | 136 | ||
| 163 | To build OpenSSL using Cygwin: | 137 | To build OpenSSL using Cygwin: |
| 164 | 138 | ||
| 165 | * Install Cygwin (see http://cygwin.com/) | 139 | * Install Cygwin (see http://cygwin.com/) |
| 166 | 140 | ||
| 167 | * Install Perl and ensure it is in the path (recent Cygwin perl | 141 | * Install Perl and ensure it is in the path. Both Cygwin perl |
| 168 | (version 5.6.1-2 of the latter has been reported to work) or | 142 | (5.6.1-2 or newer) and ActivePerl work. |
| 169 | ActivePerl) | ||
| 170 | 143 | ||
| 171 | * Run the Cygwin bash shell | 144 | * Run the Cygwin bash shell |
| 172 | 145 | ||
| 173 | * $ tar zxvf openssl-x.x.x.tar.gz | 146 | * $ tar zxvf openssl-x.x.x.tar.gz |
| 174 | $ cd openssl-x.x.x | 147 | $ cd openssl-x.x.x |
| 148 | |||
| 149 | To build the Cygwin version of OpenSSL: | ||
| 150 | |||
| 175 | $ ./config | 151 | $ ./config |
| 176 | [...] | 152 | [...] |
| 177 | $ make | 153 | $ make |
| @@ -179,7 +155,16 @@ | |||
| 179 | $ make test | 155 | $ make test |
| 180 | $ make install | 156 | $ make install |
| 181 | 157 | ||
| 182 | This will create a default install in /usr/local/ssl. | 158 | This will create a default install in /usr/local/ssl. |
| 159 | |||
| 160 | To build the MinGW version (native Windows) in Cygwin: | ||
| 161 | |||
| 162 | $ ./Configure mingw | ||
| 163 | [...] | ||
| 164 | $ make | ||
| 165 | [...] | ||
| 166 | $ make test | ||
| 167 | $ make install | ||
| 183 | 168 | ||
| 184 | Cygwin Notes: | 169 | Cygwin Notes: |
| 185 | 170 | ||
| @@ -192,6 +177,35 @@ | |||
| 192 | non-fatal error in "make test" but is otherwise harmless. If | 177 | non-fatal error in "make test" but is otherwise harmless. If |
| 193 | desired and needed, GNU bc can be built with Cygwin without change. | 178 | desired and needed, GNU bc can be built with Cygwin without change. |
| 194 | 179 | ||
| 180 | GNU C (MinGW) | ||
| 181 | ------------- | ||
| 182 | |||
| 183 | * Compiler installation: | ||
| 184 | |||
| 185 | MinGW is available from http://www.mingw.org. Run the installer and | ||
| 186 | set the MinGW bin directory to the PATH in "System Properties" or | ||
| 187 | autoexec.bat. | ||
| 188 | |||
| 189 | * Compile OpenSSL: | ||
| 190 | |||
| 191 | > ms\mingw32 | ||
| 192 | |||
| 193 | This will create the library and binaries in out. In case any problems | ||
| 194 | occur, try | ||
| 195 | > ms\mingw32 no-asm | ||
| 196 | instead. | ||
| 197 | |||
| 198 | libcrypto.a and libssl.a are the static libraries. To use the DLLs, | ||
| 199 | link with libeay32.a and libssl32.a instead. | ||
| 200 | |||
| 201 | See troubleshooting if you get error messages about functions not having | ||
| 202 | a number assigned. | ||
| 203 | |||
| 204 | * You can now try the tests: | ||
| 205 | |||
| 206 | > cd out | ||
| 207 | > ..\ms\test | ||
| 208 | |||
| 195 | 209 | ||
| 196 | Installation | 210 | Installation |
| 197 | ------------ | 211 | ------------ |
diff --git a/src/lib/libssl/src/LICENSE b/src/lib/libssl/src/LICENSE index 7b93e0dbce..dddb07842b 100644 --- a/src/lib/libssl/src/LICENSE +++ b/src/lib/libssl/src/LICENSE | |||
| @@ -12,7 +12,7 @@ | |||
| 12 | --------------- | 12 | --------------- |
| 13 | 13 | ||
| 14 | /* ==================================================================== | 14 | /* ==================================================================== |
| 15 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 15 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. |
| 16 | * | 16 | * |
| 17 | * Redistribution and use in source and binary forms, with or without | 17 | * Redistribution and use in source and binary forms, with or without |
| 18 | * modification, are permitted provided that the following conditions | 18 | * modification, are permitted provided that the following conditions |
diff --git a/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp b/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp index aaf2a68ca9..c95d804d5d 100644 --- a/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp +++ b/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.cpp | |||
| @@ -1287,7 +1287,7 @@ EXITPOINT: | |||
| 1287 | 1287 | ||
| 1288 | // Send some bytes | 1288 | // Send some bytes |
| 1289 | 1289 | ||
| 1290 | int MacSocket_send(const int inSocketNum,void *inBuff,int inBuffLength) | 1290 | int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength) |
| 1291 | { | 1291 | { |
| 1292 | OSErr errCode = noErr; | 1292 | OSErr errCode = noErr; |
| 1293 | int bytesSent = 0; | 1293 | int bytesSent = 0; |
diff --git a/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.h b/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.h index 6e90a5bb44..ad59dc9e4f 100644 --- a/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.h +++ b/src/lib/libssl/src/MacOS/GetHTTPS.src/MacSocket.h | |||
| @@ -62,7 +62,7 @@ int MacSocket_recv(const int inSocketNum,void *outBuff,int outBuffLength,const B | |||
| 62 | 62 | ||
| 63 | // Call this to send data on a socket | 63 | // Call this to send data on a socket |
| 64 | 64 | ||
| 65 | int MacSocket_send(const int inSocketNum,void *inBuff,int inBuffLength); | 65 | int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength); |
| 66 | 66 | ||
| 67 | 67 | ||
| 68 | // If zero bytes were read in a call to MacSocket_recv(), it may be that the remote end has done a half-close | 68 | // If zero bytes were read in a call to MacSocket_recv(), it may be that the remote end has done a half-close |
diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org index d7af0815f3..4d0627bfdd 100644 --- a/src/lib/libssl/src/Makefile.org +++ b/src/lib/libssl/src/Makefile.org | |||
| @@ -15,6 +15,11 @@ OPTIONS= | |||
| 15 | CONFIGURE_ARGS= | 15 | CONFIGURE_ARGS= |
| 16 | SHLIB_TARGET= | 16 | SHLIB_TARGET= |
| 17 | 17 | ||
| 18 | # HERE indicates where this Makefile lives. This can be used to indicate | ||
| 19 | # where sub-Makefiles are expected to be. Currently has very limited usage, | ||
| 20 | # and should probably not be bothered with at all. | ||
| 21 | HERE=. | ||
| 22 | |||
| 18 | # INSTALL_PREFIX is for package builders so that they can configure | 23 | # INSTALL_PREFIX is for package builders so that they can configure |
| 19 | # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/. | 24 | # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/. |
| 20 | # Normally it is left empty. | 25 | # Normally it is left empty. |
| @@ -67,6 +72,14 @@ TAR= tar | |||
| 67 | TARFLAGS= --no-recursion | 72 | TARFLAGS= --no-recursion |
| 68 | MAKEDEPPROG=makedepend | 73 | MAKEDEPPROG=makedepend |
| 69 | 74 | ||
| 75 | # We let the C compiler driver to take care of .s files. This is done in | ||
| 76 | # order to be excused from maintaining a separate set of architecture | ||
| 77 | # dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC | ||
| 78 | # gcc, then the driver will automatically translate it to -xarch=v8plus | ||
| 79 | # and pass it down to assembler. | ||
| 80 | AS=$(CC) -c | ||
| 81 | ASFLAGS=$(CFLAG) | ||
| 82 | |||
| 70 | # Set BN_ASM to bn_asm.o if you want to use the C version | 83 | # Set BN_ASM to bn_asm.o if you want to use the C version |
| 71 | BN_ASM= bn_asm.o | 84 | BN_ASM= bn_asm.o |
| 72 | #BN_ASM= bn_asm.o | 85 | #BN_ASM= bn_asm.o |
| @@ -205,14 +218,14 @@ HEADER= e_os.h | |||
| 205 | # When we're prepared to use shared libraries in the programs we link here | 218 | # When we're prepared to use shared libraries in the programs we link here |
| 206 | # we might remove 'clean-shared' from the targets to perform at this stage | 219 | # we might remove 'clean-shared' from the targets to perform at this stage |
| 207 | 220 | ||
| 208 | all: Makefile.ssl sub_all | 221 | all: Makefile.ssl sub_all openssl.pc |
| 209 | 222 | ||
| 210 | sub_all: | 223 | sub_all: |
| 211 | @for i in $(DIRS); \ | 224 | @for i in $(DIRS); \ |
| 212 | do \ | 225 | do \ |
| 213 | if [ -d "$$i" ]; then \ | 226 | if [ -d "$$i" ]; then \ |
| 214 | (cd $$i && echo "making all in $$i..." && \ | 227 | (cd $$i && echo "making all in $$i..." && \ |
| 215 | $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \ | 228 | $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAGS='${ASFLAGS}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \ |
| 216 | else \ | 229 | else \ |
| 217 | $(MAKE) $$i; \ | 230 | $(MAKE) $$i; \ |
| 218 | fi; \ | 231 | fi; \ |
| @@ -242,7 +255,7 @@ clean-shared: | |||
| 242 | fi; \ | 255 | fi; \ |
| 243 | ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \ | 256 | ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \ |
| 244 | if [ "$(PLATFORM)" = "Cygwin" ]; then \ | 257 | if [ "$(PLATFORM)" = "Cygwin" ]; then \ |
| 245 | ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ | 258 | ( set -x; rm -f cyg$$i-$(SHLIB_VERSION_NUMBER)$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ |
| 246 | fi; \ | 259 | fi; \ |
| 247 | done | 260 | done |
| 248 | 261 | ||
| @@ -265,39 +278,45 @@ do_bsd-gcc-shared: do_gnu-shared | |||
| 265 | do_linux-shared: do_gnu-shared | 278 | do_linux-shared: do_gnu-shared |
| 266 | do_gnu-shared: | 279 | do_gnu-shared: |
| 267 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 280 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 281 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 282 | libs="$(LIBKRB5) $$libs"; \ | ||
| 283 | fi; \ | ||
| 268 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ | 284 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ |
| 269 | -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 285 | -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 270 | -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 286 | -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 271 | -Wl,-Bsymbolic \ | 287 | -Wl,-Bsymbolic \ |
| 272 | -Wl,--whole-archive lib$$i.a \ | 288 | -Wl,--whole-archive lib$$i.a \ |
| 273 | -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \ | 289 | -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \ |
| 274 | libs="$$libs -l$$i"; \ | 290 | libs="-l$$i $$libs"; \ |
| 275 | done | 291 | done |
| 276 | 292 | ||
| 277 | DETECT_GNU_LD=${CC} -v 2>&1 | grep '^gcc' >/dev/null 2>&1 && \ | 293 | DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null |
| 278 | my_ld=`gcc -print-prog-name=ld 2>&1` && \ | ||
| 279 | [ -n "$$my_ld" ] && \ | ||
| 280 | $$my_ld -v 2>&1 | grep 'GNU ld' >/dev/null 2>&1 | ||
| 281 | 294 | ||
| 282 | # For Darwin AKA Mac OS/X (dyld) | 295 | # For Darwin AKA Mac OS/X (dyld) |
| 283 | do_darwin-shared: | 296 | do_darwin-shared: |
| 284 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 297 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 285 | ( set -x ; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \ | 298 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ |
| 299 | libs="$(LIBKRB5) $$libs"; \ | ||
| 300 | fi; \ | ||
| 301 | ( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \ | ||
| 286 | lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 302 | lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 287 | -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \ | 303 | -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \ |
| 288 | -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \ | 304 | -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \ |
| 289 | libs="$$libs -l`basename $$i${SHLIB_EXT} .dylib`"; \ | 305 | libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \ |
| 290 | echo "" ; \ | 306 | echo "" ; \ |
| 291 | done | 307 | done |
| 292 | 308 | ||
| 293 | do_cygwin-shared: | 309 | do_cygwin-shared: |
| 294 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 310 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 295 | ( set -x; ${CC} -shared -o cyg$$i.dll \ | 311 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ |
| 312 | libs="$(LIBKRB5) $$libs"; \ | ||
| 313 | fi; \ | ||
| 314 | ( set -x; ${CC} -shared -o cyg$$i-$(SHLIB_VERSION_NUMBER).dll \ | ||
| 296 | -Wl,-Bsymbolic \ | 315 | -Wl,-Bsymbolic \ |
| 297 | -Wl,--whole-archive lib$$i.a \ | 316 | -Wl,--whole-archive lib$$i.a \ |
| 298 | -Wl,--out-implib,lib$$i.dll.a \ | 317 | -Wl,--out-implib,lib$$i.dll.a \ |
| 299 | -Wl,--no-whole-archive $$libs ) || exit 1; \ | 318 | -Wl,--no-whole-archive $$libs ) || exit 1; \ |
| 300 | libs="$$libs -l$$i"; \ | 319 | libs="-l$$i $$libs"; \ |
| 301 | done | 320 | done |
| 302 | 321 | ||
| 303 | # This assumes that GNU utilities are *not* used | 322 | # This assumes that GNU utilities are *not* used |
| @@ -306,11 +325,14 @@ do_alpha-osf1-shared: | |||
| 306 | $(MAKE) do_gnu-shared; \ | 325 | $(MAKE) do_gnu-shared; \ |
| 307 | else \ | 326 | else \ |
| 308 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 327 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 328 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 329 | libs="$(LIBKRB5) $$libs"; \ | ||
| 330 | fi; \ | ||
| 309 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ | 331 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ |
| 310 | -shared -o lib$$i.so \ | 332 | -shared -o lib$$i.so \ |
| 311 | -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ | 333 | -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ |
| 312 | -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ | 334 | -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ |
| 313 | libs="$$libs -l$$i"; \ | 335 | libs="-l$$i $$libs"; \ |
| 314 | done; \ | 336 | done; \ |
| 315 | fi | 337 | fi |
| 316 | 338 | ||
| @@ -322,11 +344,14 @@ do_tru64-shared: | |||
| 322 | $(MAKE) do_gnu-shared; \ | 344 | $(MAKE) do_gnu-shared; \ |
| 323 | else \ | 345 | else \ |
| 324 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 346 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 347 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 348 | libs="$(LIBKRB5) $$libs"; \ | ||
| 349 | fi; \ | ||
| 325 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ | 350 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ |
| 326 | -shared -msym -o lib$$i.so \ | 351 | -shared -msym -o lib$$i.so \ |
| 327 | -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ | 352 | -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ |
| 328 | -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ | 353 | -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ |
| 329 | libs="$$libs -l$$i"; \ | 354 | libs="-l$$i $$libs"; \ |
| 330 | done; \ | 355 | done; \ |
| 331 | fi | 356 | fi |
| 332 | 357 | ||
| @@ -338,12 +363,15 @@ do_tru64-shared-rpath: | |||
| 338 | $(MAKE) do_gnu-shared; \ | 363 | $(MAKE) do_gnu-shared; \ |
| 339 | else \ | 364 | else \ |
| 340 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 365 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 366 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 367 | libs="$(LIBKRB5) $$libs"; \ | ||
| 368 | fi; \ | ||
| 341 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ | 369 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ |
| 342 | -shared -msym -o lib$$i.so \ | 370 | -shared -msym -o lib$$i.so \ |
| 343 | -rpath ${INSTALLTOP}/lib \ | 371 | -rpath ${INSTALLTOP}/lib \ |
| 344 | -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ | 372 | -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \ |
| 345 | -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ | 373 | -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \ |
| 346 | libs="$$libs -l$$i"; \ | 374 | libs="-l$$i $$libs"; \ |
| 347 | done; \ | 375 | done; \ |
| 348 | fi | 376 | fi |
| 349 | 377 | ||
| @@ -354,12 +382,18 @@ do_solaris-shared: | |||
| 354 | $(MAKE) do_gnu-shared; \ | 382 | $(MAKE) do_gnu-shared; \ |
| 355 | else \ | 383 | else \ |
| 356 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 384 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 385 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 386 | libs="$(LIBKRB5) $$libs"; \ | ||
| 387 | fi; \ | ||
| 357 | ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ | 388 | ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ |
| 358 | set -x; ${CC} ${SHARED_LDFLAGS} \ | 389 | MINUSZ='-z '; \ |
| 359 | -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 390 | (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \ |
| 391 | set -x; ${CC} ${SHARED_LDFLAGS} -G -dy -z text \ | ||
| 392 | -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | ||
| 360 | -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 393 | -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 361 | -z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \ | 394 | $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \ |
| 362 | libs="$$libs -l$$i"; \ | 395 | $$libs ${EX_LIBS} -lc ) || exit 1; \ |
| 396 | libs="-l$$i $$libs"; \ | ||
| 363 | done; \ | 397 | done; \ |
| 364 | fi | 398 | fi |
| 365 | 399 | ||
| @@ -369,16 +403,20 @@ do_svr3-shared: | |||
| 369 | $(MAKE) do_gnu-shared; \ | 403 | $(MAKE) do_gnu-shared; \ |
| 370 | else \ | 404 | else \ |
| 371 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 405 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 406 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 407 | libs="$(LIBKRB5) $$libs"; \ | ||
| 408 | fi; \ | ||
| 372 | ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ | 409 | ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ |
| 373 | find . -name "*.o" -print > allobjs ; \ | 410 | find . -name "*.o" -print > allobjs ; \ |
| 374 | OBJS= ; export OBJS ; \ | 411 | OBJS= ; export OBJS ; \ |
| 375 | for obj in `ar t lib$$i.a` ; do \ | 412 | for obj in `ar t lib$$i.a` ; do \ |
| 376 | OBJS="$${OBJS} `grep $$obj allobjs`" ; \ | 413 | OBJS="$${OBJS} `grep $$obj allobjs`" ; \ |
| 377 | done ; \ | 414 | done ; \ |
| 378 | set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 415 | set -x; ${CC} ${SHARED_LDFLAGS} \ |
| 416 | -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | ||
| 379 | -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 417 | -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 380 | $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ | 418 | $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ |
| 381 | libs="$$libs -l$$i"; \ | 419 | libs="-l$$i $$libs"; \ |
| 382 | done; \ | 420 | done; \ |
| 383 | fi | 421 | fi |
| 384 | 422 | ||
| @@ -388,17 +426,23 @@ do_svr5-shared: | |||
| 388 | $(MAKE) do_gnu-shared; \ | 426 | $(MAKE) do_gnu-shared; \ |
| 389 | else \ | 427 | else \ |
| 390 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 428 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 429 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 430 | libs="$(LIBKRB5) $$libs"; \ | ||
| 431 | fi; \ | ||
| 391 | ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ | 432 | ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \ |
| 433 | SHARE_FLAG='-G'; \ | ||
| 434 | (${CC} -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \ | ||
| 392 | find . -name "*.o" -print > allobjs ; \ | 435 | find . -name "*.o" -print > allobjs ; \ |
| 393 | OBJS= ; export OBJS ; \ | 436 | OBJS= ; export OBJS ; \ |
| 394 | for obj in `ar t lib$$i.a` ; do \ | 437 | for obj in `ar t lib$$i.a` ; do \ |
| 395 | OBJS="$${OBJS} `grep $$obj allobjs`" ; \ | 438 | OBJS="$${OBJS} `grep $$obj allobjs`" ; \ |
| 396 | done ; \ | 439 | done ; \ |
| 397 | set -x; ${CC} ${SHARED_LDFLAGS} \ | 440 | set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \ |
| 398 | -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 441 | ${CC} ${SHARED_LDFLAGS} \ |
| 442 | $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | ||
| 399 | -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 443 | -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 400 | $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ | 444 | $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \ |
| 401 | libs="$$libs -l$$i"; \ | 445 | libs="-l$$i $$libs"; \ |
| 402 | done; \ | 446 | done; \ |
| 403 | fi | 447 | fi |
| 404 | 448 | ||
| @@ -408,11 +452,14 @@ do_irix-shared: | |||
| 408 | $(MAKE) do_gnu-shared; \ | 452 | $(MAKE) do_gnu-shared; \ |
| 409 | else \ | 453 | else \ |
| 410 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 454 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 455 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 456 | libs="$(LIBKRB5) $$libs"; \ | ||
| 457 | fi; \ | ||
| 411 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ | 458 | ( set -x; ${CC} ${SHARED_LDFLAGS} \ |
| 412 | -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 459 | -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 413 | -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 460 | -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| 414 | -all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \ | 461 | -all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \ |
| 415 | libs="$$libs -l$$i"; \ | 462 | libs="-l$$i $$libs"; \ |
| 416 | done; \ | 463 | done; \ |
| 417 | fi | 464 | fi |
| 418 | 465 | ||
| @@ -429,6 +476,9 @@ do_irix-shared: | |||
| 429 | # | 476 | # |
| 430 | do_hpux-shared: | 477 | do_hpux-shared: |
| 431 | for i in ${SHLIBDIRS}; do \ | 478 | for i in ${SHLIBDIRS}; do \ |
| 479 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 480 | libs="$(LIBKRB5) $$libs"; \ | ||
| 481 | fi; \ | ||
| 432 | ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \ | 482 | ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \ |
| 433 | +vnocompatwarnings \ | 483 | +vnocompatwarnings \ |
| 434 | -b -z +s \ | 484 | -b -z +s \ |
| @@ -449,6 +499,9 @@ do_hpux-shared: | |||
| 449 | # | 499 | # |
| 450 | do_hpux64-shared: | 500 | do_hpux64-shared: |
| 451 | for i in ${SHLIBDIRS}; do \ | 501 | for i in ${SHLIBDIRS}; do \ |
| 502 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 503 | libs="$(LIBKRB5) $$libs"; \ | ||
| 504 | fi; \ | ||
| 452 | ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \ | 505 | ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \ |
| 453 | -b -z \ | 506 | -b -z \ |
| 454 | -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ | 507 | -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \ |
| @@ -491,17 +544,24 @@ SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE | |||
| 491 | SHAREDCMD=$(CC) | 544 | SHAREDCMD=$(CC) |
| 492 | do_aix-shared: | 545 | do_aix-shared: |
| 493 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 546 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 547 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 548 | libs="$(LIBKRB5) $$libs"; \ | ||
| 549 | fi; \ | ||
| 494 | ( set -x; \ | 550 | ( set -x; \ |
| 495 | ld -r -o $$i.o $(ALLSYMSFLAG) lib$$i.a && \ | 551 | ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \ |
| 496 | ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \ | 552 | ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \ |
| 497 | $(SHAREDCMD) $(SHAREDFLAG) -o lib$$i.so lib$$i.o \ | 553 | $(SHAREDCMD) $(SHAREDFLAGS) \ |
| 554 | -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \ | ||
| 498 | $$libs ${EX_LIBS} ) ) \ | 555 | $$libs ${EX_LIBS} ) ) \ |
| 499 | || exit 1; \ | 556 | || exit 1; \ |
| 500 | libs="$$libs -l$$i"; \ | 557 | libs="-l$$i $$libs"; \ |
| 501 | done | 558 | done |
| 502 | 559 | ||
| 503 | do_reliantunix-shared: | 560 | do_reliantunix-shared: |
| 504 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ | 561 | libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \ |
| 562 | if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \ | ||
| 563 | libs="$(LIBKRB5) $$libs"; \ | ||
| 564 | fi; \ | ||
| 505 | tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \ | 565 | tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \ |
| 506 | ( set -x; \ | 566 | ( set -x; \ |
| 507 | ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \ | 567 | ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \ |
| @@ -511,19 +571,32 @@ do_reliantunix-shared: | |||
| 511 | cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \ | 571 | cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \ |
| 512 | ) || exit 1; \ | 572 | ) || exit 1; \ |
| 513 | rm -rf $$tmpdir ; \ | 573 | rm -rf $$tmpdir ; \ |
| 514 | libs="$$libs -l$$i"; \ | 574 | libs="-l$$i $$libs"; \ |
| 515 | done | 575 | done |
| 516 | 576 | ||
| 577 | openssl.pc: Makefile.ssl | ||
| 578 | @ ( echo 'prefix=$(INSTALLTOP)'; \ | ||
| 579 | echo 'exec_prefix=$${prefix}'; \ | ||
| 580 | echo 'libdir=$${exec_prefix}/lib'; \ | ||
| 581 | echo 'includedir=$${prefix}/include'; \ | ||
| 582 | echo ''; \ | ||
| 583 | echo 'Name: OpenSSL'; \ | ||
| 584 | echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ | ||
| 585 | echo 'Version: '$(VERSION); \ | ||
| 586 | echo 'Requires: '; \ | ||
| 587 | echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \ | ||
| 588 | echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc | ||
| 589 | |||
| 517 | Makefile.ssl: Makefile.org | 590 | Makefile.ssl: Makefile.org |
| 518 | @echo "Makefile.ssl is older than Makefile.org." | 591 | @echo "Makefile.ssl is older than Makefile.org." |
| 519 | @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please." | 592 | @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please." |
| 520 | @false | 593 | @false |
| 521 | 594 | ||
| 522 | libclean: | 595 | libclean: |
| 523 | rm -f *.a */lib */*/lib | 596 | rm -f *.map *.so *.so.* engines/*.so *.a */lib */*/lib |
| 524 | 597 | ||
| 525 | clean: | 598 | clean: libclean |
| 526 | rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c | 599 | rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c |
| 527 | @for i in $(DIRS) ;\ | 600 | @for i in $(DIRS) ;\ |
| 528 | do \ | 601 | do \ |
| 529 | if [ -d "$$i" ]; then \ | 602 | if [ -d "$$i" ]; then \ |
| @@ -532,7 +605,8 @@ clean: | |||
| 532 | rm -f $(LIBS); \ | 605 | rm -f $(LIBS); \ |
| 533 | fi; \ | 606 | fi; \ |
| 534 | done; | 607 | done; |
| 535 | rm -f *.a *.o speed.* *.map *.so .pure core | 608 | rm -f openssl.pc |
| 609 | rm -f speed.* .pure | ||
| 536 | rm -f $(TARFILE) | 610 | rm -f $(TARFILE) |
| 537 | @for i in $(ONEDIRS) ;\ | 611 | @for i in $(ONEDIRS) ;\ |
| 538 | do \ | 612 | do \ |
| @@ -582,8 +656,12 @@ rehash: rehash.time | |||
| 582 | rehash.time: certs | 656 | rehash.time: certs |
| 583 | @(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \ | 657 | @(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \ |
| 584 | export OPENSSL OPENSSL_DEBUG_MEMORY; \ | 658 | export OPENSSL OPENSSL_DEBUG_MEMORY; \ |
| 585 | LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ | 659 | LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \ |
| 586 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ | 660 | DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \ |
| 661 | SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \ | ||
| 662 | LIBPATH="`pwd`:$$LIBPATH"; \ | ||
| 663 | if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \ | ||
| 664 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \ | ||
| 587 | $(PERL) tools/c_rehash certs) | 665 | $(PERL) tools/c_rehash certs) |
| 588 | touch rehash.time | 666 | touch rehash.time |
| 589 | 667 | ||
| @@ -592,9 +670,13 @@ test: tests | |||
| 592 | tests: rehash | 670 | tests: rehash |
| 593 | @(cd test && echo "testing..." && \ | 671 | @(cd test && echo "testing..." && \ |
| 594 | $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); | 672 | $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); |
| 595 | @LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ | 673 | @LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \ |
| 596 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ | 674 | DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \ |
| 597 | apps/openssl version -a | 675 | SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \ |
| 676 | LIBPATH="`pwd`:$$LIBPATH"; \ | ||
| 677 | if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \ | ||
| 678 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \ | ||
| 679 | apps/openssl version -a | ||
| 598 | 680 | ||
| 599 | report: | 681 | report: |
| 600 | @$(PERL) util/selftest.pl | 682 | @$(PERL) util/selftest.pl |
| @@ -656,6 +738,9 @@ update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_ | |||
| 656 | # and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal | 738 | # and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal |
| 657 | # tar does not support the --files-from option. | 739 | # tar does not support the --files-from option. |
| 658 | tar: | 740 | tar: |
| 741 | find . -type d -print | xargs chmod 755 | ||
| 742 | find . -type f -print | xargs chmod a+r | ||
| 743 | find . -type f -perm -0100 -print | xargs chmod a+x | ||
| 659 | find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \ | 744 | find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \ |
| 660 | $(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \ | 745 | $(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \ |
| 661 | tardy --user_number=0 --user_name=openssl \ | 746 | tardy --user_number=0 --user_name=openssl \ |
| @@ -685,6 +770,7 @@ dist_pem_h: | |||
| 685 | install: all install_docs | 770 | install: all install_docs |
| 686 | @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ | 771 | @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ |
| 687 | $(INSTALL_PREFIX)$(INSTALLTOP)/lib \ | 772 | $(INSTALL_PREFIX)$(INSTALLTOP)/lib \ |
| 773 | $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \ | ||
| 688 | $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \ | 774 | $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \ |
| 689 | $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ | 775 | $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ |
| 690 | $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ | 776 | $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ |
| @@ -706,9 +792,10 @@ install: all install_docs | |||
| 706 | do \ | 792 | do \ |
| 707 | if [ -f "$$i" ]; then \ | 793 | if [ -f "$$i" ]; then \ |
| 708 | ( echo installing $$i; \ | 794 | ( echo installing $$i; \ |
| 709 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ | 795 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ |
| 710 | $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ | 796 | $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ |
| 711 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ | 797 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ |
| 798 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ | ||
| 712 | fi; \ | 799 | fi; \ |
| 713 | done; | 800 | done; |
| 714 | @if [ -n "$(SHARED_LIBS)" ]; then \ | 801 | @if [ -n "$(SHARED_LIBS)" ]; then \ |
| @@ -718,14 +805,17 @@ install: all install_docs | |||
| 718 | if [ -f "$$i" -o -f "$$i.a" ]; then \ | 805 | if [ -f "$$i" -o -f "$$i.a" ]; then \ |
| 719 | ( echo installing $$i; \ | 806 | ( echo installing $$i; \ |
| 720 | if [ "$(PLATFORM)" != "Cygwin" ]; then \ | 807 | if [ "$(PLATFORM)" != "Cygwin" ]; then \ |
| 721 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ | 808 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ |
| 722 | chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ | 809 | chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ |
| 810 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ | ||
| 723 | else \ | 811 | else \ |
| 724 | c=`echo $$i | sed 's/^lib/cyg/'`; \ | 812 | c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ |
| 725 | cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ | 813 | cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ |
| 726 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ | 814 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ |
| 727 | cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ | 815 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ |
| 728 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ | 816 | cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ |
| 817 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \ | ||
| 818 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \ | ||
| 729 | fi ); \ | 819 | fi ); \ |
| 730 | fi; \ | 820 | fi; \ |
| 731 | done; \ | 821 | done; \ |
| @@ -733,7 +823,14 @@ install: all install_docs | |||
| 733 | cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ | 823 | cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ |
| 734 | set $(MAKE); \ | 824 | set $(MAKE); \ |
| 735 | $$1 -f $$here/Makefile link-shared ); \ | 825 | $$1 -f $$here/Makefile link-shared ); \ |
| 826 | if [ "$(INSTALLTOP)" != "/usr" ]; then \ | ||
| 827 | echo 'OpenSSL shared libraries have been installed in:'; \ | ||
| 828 | echo ' $(INSTALLTOP)'; \ | ||
| 829 | echo ''; \ | ||
| 830 | sed -e '1,/^$$/d' doc/openssl-shared.txt; \ | ||
| 831 | fi; \ | ||
| 736 | fi | 832 | fi |
| 833 | cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig | ||
| 737 | 834 | ||
| 738 | install_docs: | 835 | install_docs: |
| 739 | @$(PERL) $(TOP)/util/mkdir-p.pl \ | 836 | @$(PERL) $(TOP)/util/mkdir-p.pl \ |
| @@ -742,25 +839,42 @@ install_docs: | |||
| 742 | $(INSTALL_PREFIX)$(MANDIR)/man5 \ | 839 | $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
| 743 | $(INSTALL_PREFIX)$(MANDIR)/man7 | 840 | $(INSTALL_PREFIX)$(MANDIR)/man7 |
| 744 | @pod2man="`cd util; ./pod2mantest $(PERL)`"; \ | 841 | @pod2man="`cd util; ./pod2mantest $(PERL)`"; \ |
| 842 | here="`pwd`"; \ | ||
| 843 | filecase=; \ | ||
| 844 | if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" ]; then \ | ||
| 845 | filecase=-i; \ | ||
| 846 | fi; \ | ||
| 745 | for i in doc/apps/*.pod; do \ | 847 | for i in doc/apps/*.pod; do \ |
| 746 | fn=`basename $$i .pod`; \ | 848 | fn=`basename $$i .pod`; \ |
| 747 | if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \ | 849 | if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \ |
| 748 | echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ | 850 | echo "installing man$$sec/$$fn.$$sec"; \ |
| 749 | (cd `$(PERL) util/dirname.pl $$i`; \ | 851 | (cd `$(PERL) util/dirname.pl $$i`; \ |
| 750 | sh -c "$$pod2man \ | 852 | sh -c "$$pod2man \ |
| 751 | --section=$$sec --center=OpenSSL \ | 853 | --section=$$sec --center=OpenSSL \ |
| 752 | --release=$(VERSION) `basename $$i`") \ | 854 | --release=$(VERSION) `basename $$i`") \ |
| 753 | > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ | 855 | > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \ |
| 856 | $(PERL) util/extract-names.pl < $$i | \ | ||
| 857 | grep -v $$filecase "^$$fn\$$" | \ | ||
| 858 | (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ | ||
| 859 | while read n; do \ | ||
| 860 | $$here/util/point.sh $$fn.$$sec $$n.$$sec; \ | ||
| 861 | done); \ | ||
| 754 | done; \ | 862 | done; \ |
| 755 | for i in doc/crypto/*.pod doc/ssl/*.pod; do \ | 863 | for i in doc/crypto/*.pod doc/ssl/*.pod; do \ |
| 756 | fn=`basename $$i .pod`; \ | 864 | fn=`basename $$i .pod`; \ |
| 757 | if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \ | 865 | if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \ |
| 758 | echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ | 866 | echo "installing man$$sec/$$fn.$$sec"; \ |
| 759 | (cd `$(PERL) util/dirname.pl $$i`; \ | 867 | (cd `$(PERL) util/dirname.pl $$i`; \ |
| 760 | sh -c "$$pod2man \ | 868 | sh -c "$$pod2man \ |
| 761 | --section=$$sec --center=OpenSSL \ | 869 | --section=$$sec --center=OpenSSL \ |
| 762 | --release=$(VERSION) `basename $$i`") \ | 870 | --release=$(VERSION) `basename $$i`") \ |
| 763 | > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ | 871 | > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \ |
| 872 | $(PERL) util/extract-names.pl < $$i | \ | ||
| 873 | grep -v $$filecase "^$$fn\$$" | \ | ||
| 874 | (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \ | ||
| 875 | while read n; do \ | ||
| 876 | $$here/util/point.sh $$fn.$$sec $$n.$$sec; \ | ||
| 877 | done); \ | ||
| 764 | done | 878 | done |
| 765 | 879 | ||
| 766 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 880 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS index 418b3b0505..dce63f0549 100644 --- a/src/lib/libssl/src/NEWS +++ b/src/lib/libssl/src/NEWS | |||
| @@ -5,6 +5,28 @@ | |||
| 5 | This file gives a brief overview of the major changes between each OpenSSL | 5 | This file gives a brief overview of the major changes between each OpenSSL |
| 6 | release. For more details please read the CHANGES file. | 6 | release. For more details please read the CHANGES file. |
| 7 | 7 | ||
| 8 | Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b: | ||
| 9 | |||
| 10 | o Security: counter the Klima-Pokorny-Rosa extension of | ||
| 11 | Bleichbacher's attack | ||
| 12 | o Security: make RSA blinding default. | ||
| 13 | o Configuration: Irix fixes, AIX fixes, better mingw support. | ||
| 14 | o Support for new platforms: linux-ia64-ecc. | ||
| 15 | o Build: shared library support fixes. | ||
| 16 | o ASN.1: treat domainComponent correctly. | ||
| 17 | o Documentation: fixes and additions. | ||
| 18 | |||
| 19 | Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a: | ||
| 20 | |||
| 21 | o Security: Important security related bugfixes. | ||
| 22 | o Enhanced compatibility with MIT Kerberos. | ||
| 23 | o Can be built without the ENGINE framework. | ||
| 24 | o IA32 assembler enhancements. | ||
| 25 | o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64. | ||
| 26 | o Configuration: the no-err option now works properly. | ||
| 27 | o SSL/TLS: now handles manual certificate chain building. | ||
| 28 | o SSL/TLS: certain session ID malfunctions corrected. | ||
| 29 | |||
| 8 | Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7: | 30 | Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7: |
| 9 | 31 | ||
| 10 | o New library section OCSP. | 32 | o New library section OCSP. |
| @@ -17,6 +39,15 @@ | |||
| 17 | a separate distribution. | 39 | a separate distribution. |
| 18 | o New elliptic curve library section. | 40 | o New elliptic curve library section. |
| 19 | o New AES (Rijndael) library section. | 41 | o New AES (Rijndael) library section. |
| 42 | o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit, | ||
| 43 | Linux x86_64, Linux 64-bit on Sparc v9 | ||
| 44 | o Extended support for some platforms: VxWorks | ||
| 45 | o Enhanced support for shared libraries. | ||
| 46 | o Now only builds PIC code when shared library support is requested. | ||
| 47 | o Support for pkg-config. | ||
| 48 | o Lots of new manuals. | ||
| 49 | o Makes symbolic links to or copies of manuals to cover all described | ||
| 50 | functions. | ||
| 20 | o Change DES API to clean up the namespace (some applications link also | 51 | o Change DES API to clean up the namespace (some applications link also |
| 21 | against libdes providing similar functions having the same name). | 52 | against libdes providing similar functions having the same name). |
| 22 | Provide macros for backward compatibility (will be removed in the | 53 | Provide macros for backward compatibility (will be removed in the |
| @@ -30,16 +61,43 @@ | |||
| 30 | o Reworked parts of the BIGNUM code. | 61 | o Reworked parts of the BIGNUM code. |
| 31 | o Support for new engines: Broadcom ubsec, Accelerated Encryption | 62 | o Support for new engines: Broadcom ubsec, Accelerated Encryption |
| 32 | Processing, IBM 4758. | 63 | Processing, IBM 4758. |
| 64 | o A few new engines added in the demos area. | ||
| 33 | o Extended and corrected OID (object identifier) table. | 65 | o Extended and corrected OID (object identifier) table. |
| 34 | o PRNG: query at more locations for a random device, automatic query for | 66 | o PRNG: query at more locations for a random device, automatic query for |
| 35 | EGD style random sources at several locations. | 67 | EGD style random sources at several locations. |
| 36 | o SSL/TLS: allow optional cipher choice according to server's preference. | 68 | o SSL/TLS: allow optional cipher choice according to server's preference. |
| 37 | o SSL/TLS: allow server to explicitly set new session ids. | 69 | o SSL/TLS: allow server to explicitly set new session ids. |
| 38 | o SSL/TLS: support Kerberos cipher suites (RFC2712). | 70 | o SSL/TLS: support Kerberos cipher suites (RFC2712). |
| 71 | Only supports MIT Kerberos for now. | ||
| 39 | o SSL/TLS: allow more precise control of renegotiations and sessions. | 72 | o SSL/TLS: allow more precise control of renegotiations and sessions. |
| 40 | o SSL/TLS: add callback to retrieve SSL/TLS messages. | 73 | o SSL/TLS: add callback to retrieve SSL/TLS messages. |
| 41 | o SSL/TLS: support AES cipher suites (RFC3268). | 74 | o SSL/TLS: support AES cipher suites (RFC3268). |
| 42 | 75 | ||
| 76 | Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j: | ||
| 77 | |||
| 78 | o Security: counter the Klima-Pokorny-Rosa extension of | ||
| 79 | Bleichbacher's attack | ||
| 80 | o Security: make RSA blinding default. | ||
| 81 | o Build: shared library support fixes. | ||
| 82 | |||
| 83 | Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i: | ||
| 84 | |||
| 85 | o Important security related bugfixes. | ||
| 86 | |||
| 87 | Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h: | ||
| 88 | |||
| 89 | o New configuration targets for Tandem OSS and A/UX. | ||
| 90 | o New OIDs for Microsoft attributes. | ||
| 91 | o Better handling of SSL session caching. | ||
| 92 | o Better comparison of distinguished names. | ||
| 93 | o Better handling of shared libraries in a mixed GNU/non-GNU environment. | ||
| 94 | o Support assembler code with Borland C. | ||
| 95 | o Fixes for length problems. | ||
| 96 | o Fixes for uninitialised variables. | ||
| 97 | o Fixes for memory leaks, some unusual crashes and some race conditions. | ||
| 98 | o Fixes for smaller building problems. | ||
| 99 | o Updates of manuals, FAQ and other instructive documents. | ||
| 100 | |||
| 43 | Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g: | 101 | Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g: |
| 44 | 102 | ||
| 45 | o Important building fixes on Unix. | 103 | o Important building fixes on Unix. |
diff --git a/src/lib/libssl/src/README b/src/lib/libssl/src/README index 4228e145f9..3af69bfdb5 100644 --- a/src/lib/libssl/src/README +++ b/src/lib/libssl/src/README | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | 1 | ||
| 2 | OpenSSL 0.9.7-beta3 30 Jul 2002 | 2 | OpenSSL 0.9.7b 10 Apr 2003 |
| 3 | 3 | ||
| 4 | Copyright (c) 1998-2002 The OpenSSL Project | 4 | Copyright (c) 1998-2003 The OpenSSL Project |
| 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
| 6 | All rights reserved. | 6 | All rights reserved. |
| 7 | 7 | ||
diff --git a/src/lib/libssl/src/apps/Makefile.ssl b/src/lib/libssl/src/apps/Makefile.ssl index bb66ebbd60..7068286204 100644 --- a/src/lib/libssl/src/apps/Makefile.ssl +++ b/src/lib/libssl/src/apps/Makefile.ssl | |||
| @@ -87,6 +87,7 @@ all: exe | |||
| 87 | exe: $(PROGRAM) | 87 | exe: $(PROGRAM) |
| 88 | 88 | ||
| 89 | req: sreq.o $(A_OBJ) $(DLIBCRYPTO) | 89 | req: sreq.o $(A_OBJ) $(DLIBCRYPTO) |
| 90 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 90 | $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 91 | $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) |
| 91 | 92 | ||
| 92 | sreq.o: req.c | 93 | sreq.o: req.c |
| @@ -99,17 +100,20 @@ install: | |||
| 99 | @for i in $(EXE); \ | 100 | @for i in $(EXE); \ |
| 100 | do \ | 101 | do \ |
| 101 | (echo installing $$i; \ | 102 | (echo installing $$i; \ |
| 102 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ | 103 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ |
| 103 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ | 104 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ |
| 105 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ | ||
| 104 | done; | 106 | done; |
| 105 | @for i in $(SCRIPTS); \ | 107 | @for i in $(SCRIPTS); \ |
| 106 | do \ | 108 | do \ |
| 107 | (echo installing $$i; \ | 109 | (echo installing $$i; \ |
| 108 | cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ | 110 | cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ |
| 109 | chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ | 111 | chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ |
| 112 | mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ | ||
| 110 | done | 113 | done |
| 111 | @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \ | 114 | @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \ |
| 112 | chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf | 115 | chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \ |
| 116 | mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf | ||
| 113 | 117 | ||
| 114 | tags: | 118 | tags: |
| 115 | ctags $(SRC) | 119 | ctags $(SRC) |
| @@ -123,7 +127,7 @@ lint: | |||
| 123 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 127 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 124 | 128 | ||
| 125 | depend: | 129 | depend: |
| 126 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC) | 130 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC) |
| 127 | 131 | ||
| 128 | dclean: | 132 | dclean: |
| 129 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 133 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -134,21 +138,26 @@ clean: | |||
| 134 | rm -f req | 138 | rm -f req |
| 135 | 139 | ||
| 136 | $(DLIBSSL): | 140 | $(DLIBSSL): |
| 137 | (cd ../ssl; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}') | 141 | (cd ..; $(MAKE) DIRS=ssl all) |
| 138 | 142 | ||
| 139 | $(DLIBCRYPTO): | 143 | $(DLIBCRYPTO): |
| 140 | (cd ../crypto; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}') | 144 | (cd ..; $(MAKE) DIRS=crypto all) |
| 141 | 145 | ||
| 142 | $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) | 146 | $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) |
| 143 | $(RM) $(PROGRAM) | 147 | $(RM) $(PROGRAM) |
| 144 | if [ "$(SHLIB_TARGET)" = "hpux-shared" ] ; then \ | 148 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 145 | $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ | 149 | $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ |
| 146 | else \ | 150 | else \ |
| 151 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 147 | $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ | 152 | $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ |
| 148 | fi | 153 | fi |
| 149 | -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \ | 154 | -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \ |
| 150 | LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \ | 155 | LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \ |
| 151 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ | 156 | DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \ |
| 157 | SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \ | ||
| 158 | LIBPATH="`pwd`:$$LIBPATH"; \ | ||
| 159 | if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \ | ||
| 160 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \ | ||
| 152 | $(PERL) tools/c_rehash certs) | 161 | $(PERL) tools/c_rehash certs) |
| 153 | 162 | ||
| 154 | progs.h: progs.pl | 163 | progs.h: progs.pl |
| @@ -762,30 +771,30 @@ rand.o: ../include/openssl/sha.h ../include/openssl/stack.h | |||
| 762 | rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 771 | rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 763 | rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | 772 | rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h |
| 764 | rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c | 773 | rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c |
| 765 | req.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 774 | req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h |
| 766 | req.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 775 | req.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 767 | req.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 776 | req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| 768 | req.o: ../include/openssl/cast.h ../include/openssl/conf.h | 777 | req.o: ../include/openssl/buffer.h ../include/openssl/cast.h |
| 769 | req.o: ../include/openssl/crypto.h ../include/openssl/des.h | 778 | req.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| 770 | req.o: ../include/openssl/des_old.h ../include/openssl/dh.h | 779 | req.o: ../include/openssl/des.h ../include/openssl/des_old.h |
| 771 | req.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | 780 | req.o: ../include/openssl/dh.h ../include/openssl/dsa.h |
| 772 | req.o: ../include/openssl/engine.h ../include/openssl/err.h | 781 | req.o: ../include/openssl/e_os2.h ../include/openssl/engine.h |
| 773 | req.o: ../include/openssl/evp.h ../include/openssl/idea.h | 782 | req.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 774 | req.o: ../include/openssl/lhash.h ../include/openssl/md2.h | 783 | req.o: ../include/openssl/idea.h ../include/openssl/lhash.h |
| 775 | req.o: ../include/openssl/md4.h ../include/openssl/md5.h | 784 | req.o: ../include/openssl/md2.h ../include/openssl/md4.h |
| 776 | req.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h | 785 | req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h |
| 777 | req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 786 | req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 778 | req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 787 | req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 779 | req.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 788 | req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 780 | req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 789 | req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 781 | req.o: ../include/openssl/rc2.h ../include/openssl/rc4.h | 790 | req.o: ../include/openssl/rand.h ../include/openssl/rc2.h |
| 782 | req.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h | 791 | req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h |
| 783 | req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 792 | req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h |
| 784 | req.o: ../include/openssl/sha.h ../include/openssl/stack.h | 793 | req.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 785 | req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 794 | req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 786 | req.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | 795 | req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h |
| 787 | req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 796 | req.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 788 | req.o: ../include/openssl/x509v3.h apps.h req.c | 797 | req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c |
| 789 | rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 798 | rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 790 | rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 799 | rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 791 | rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 800 | rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c index 1a24b1c596..c4dfafd778 100644 --- a/src/lib/libssl/src/apps/apps.c +++ b/src/lib/libssl/src/apps/apps.c | |||
| @@ -114,9 +114,7 @@ | |||
| 114 | #include <string.h> | 114 | #include <string.h> |
| 115 | #include <sys/types.h> | 115 | #include <sys/types.h> |
| 116 | #include <sys/stat.h> | 116 | #include <sys/stat.h> |
| 117 | #define NON_MAIN | 117 | #include <ctype.h> |
| 118 | #include "apps.h" | ||
| 119 | #undef NON_MAIN | ||
| 120 | #include <openssl/err.h> | 118 | #include <openssl/err.h> |
| 121 | #include <openssl/x509.h> | 119 | #include <openssl/x509.h> |
| 122 | #include <openssl/x509v3.h> | 120 | #include <openssl/x509v3.h> |
| @@ -124,7 +122,9 @@ | |||
| 124 | #include <openssl/pkcs12.h> | 122 | #include <openssl/pkcs12.h> |
| 125 | #include <openssl/ui.h> | 123 | #include <openssl/ui.h> |
| 126 | #include <openssl/safestack.h> | 124 | #include <openssl/safestack.h> |
| 125 | #ifndef OPENSSL_NO_ENGINE | ||
| 127 | #include <openssl/engine.h> | 126 | #include <openssl/engine.h> |
| 127 | #endif | ||
| 128 | 128 | ||
| 129 | #ifdef OPENSSL_SYS_WINDOWS | 129 | #ifdef OPENSSL_SYS_WINDOWS |
| 130 | #define strcasecmp _stricmp | 130 | #define strcasecmp _stricmp |
| @@ -136,9 +136,9 @@ | |||
| 136 | # endif /* NO_STRINGS_H */ | 136 | # endif /* NO_STRINGS_H */ |
| 137 | #endif | 137 | #endif |
| 138 | 138 | ||
| 139 | #ifdef OPENSSL_SYS_WINDOWS | 139 | #define NON_MAIN |
| 140 | # include "bss_file.c" | 140 | #include "apps.h" |
| 141 | #endif | 141 | #undef NON_MAIN |
| 142 | 142 | ||
| 143 | typedef struct { | 143 | typedef struct { |
| 144 | char *name; | 144 | char *name; |
| @@ -335,8 +335,7 @@ void program_name(char *in, char *out, int size) | |||
| 335 | p++; | 335 | p++; |
| 336 | else | 336 | else |
| 337 | p=in; | 337 | p=in; |
| 338 | strncpy(out,p,size-1); | 338 | BUF_strlcpy(out,p,size); |
| 339 | out[size-1]='\0'; | ||
| 340 | } | 339 | } |
| 341 | #endif | 340 | #endif |
| 342 | #endif | 341 | #endif |
| @@ -344,6 +343,7 @@ void program_name(char *in, char *out, int size) | |||
| 344 | #ifdef OPENSSL_SYS_WIN32 | 343 | #ifdef OPENSSL_SYS_WIN32 |
| 345 | int WIN32_rename(char *from, char *to) | 344 | int WIN32_rename(char *from, char *to) |
| 346 | { | 345 | { |
| 346 | #ifndef OPENSSL_SYS_WINCE | ||
| 347 | /* Windows rename gives an error if 'to' exists, so delete it | 347 | /* Windows rename gives an error if 'to' exists, so delete it |
| 348 | * first and ignore file not found errror | 348 | * first and ignore file not found errror |
| 349 | */ | 349 | */ |
| @@ -351,6 +351,46 @@ int WIN32_rename(char *from, char *to) | |||
| 351 | return -1; | 351 | return -1; |
| 352 | #undef rename | 352 | #undef rename |
| 353 | return rename(from, to); | 353 | return rename(from, to); |
| 354 | #else | ||
| 355 | /* convert strings to UNICODE */ | ||
| 356 | { | ||
| 357 | BOOL result = FALSE; | ||
| 358 | WCHAR* wfrom; | ||
| 359 | WCHAR* wto; | ||
| 360 | int i; | ||
| 361 | wfrom = malloc((strlen(from)+1)*2); | ||
| 362 | wto = malloc((strlen(to)+1)*2); | ||
| 363 | if (wfrom != NULL && wto != NULL) | ||
| 364 | { | ||
| 365 | for (i=0; i<(int)strlen(from)+1; i++) | ||
| 366 | wfrom[i] = (short)from[i]; | ||
| 367 | for (i=0; i<(int)strlen(to)+1; i++) | ||
| 368 | wto[i] = (short)to[i]; | ||
| 369 | result = MoveFile(wfrom, wto); | ||
| 370 | } | ||
| 371 | if (wfrom != NULL) | ||
| 372 | free(wfrom); | ||
| 373 | if (wto != NULL) | ||
| 374 | free(wto); | ||
| 375 | return result; | ||
| 376 | } | ||
| 377 | #endif | ||
| 378 | } | ||
| 379 | #endif | ||
| 380 | |||
| 381 | #ifdef OPENSSL_SYS_VMS | ||
| 382 | int VMS_strcasecmp(const char *str1, const char *str2) | ||
| 383 | { | ||
| 384 | while (*str1 && *str2) | ||
| 385 | { | ||
| 386 | int res = toupper(*str1) - toupper(*str2); | ||
| 387 | if (res) return res < 0 ? -1 : 1; | ||
| 388 | } | ||
| 389 | if (*str1) | ||
| 390 | return 1; | ||
| 391 | if (*str2) | ||
| 392 | return -1; | ||
| 393 | return 0; | ||
| 354 | } | 394 | } |
| 355 | #endif | 395 | #endif |
| 356 | 396 | ||
| @@ -429,16 +469,20 @@ int app_init(long mesgwin) | |||
| 429 | 469 | ||
| 430 | int dump_cert_text (BIO *out, X509 *x) | 470 | int dump_cert_text (BIO *out, X509 *x) |
| 431 | { | 471 | { |
| 432 | char buf[256]; | 472 | char *p; |
| 433 | X509_NAME_oneline(X509_get_subject_name(x),buf,256); | 473 | |
| 474 | p=X509_NAME_oneline(X509_get_subject_name(x),NULL,0); | ||
| 434 | BIO_puts(out,"subject="); | 475 | BIO_puts(out,"subject="); |
| 435 | BIO_puts(out,buf); | 476 | BIO_puts(out,p); |
| 477 | OPENSSL_free(p); | ||
| 436 | 478 | ||
| 437 | X509_NAME_oneline(X509_get_issuer_name(x),buf,256); | 479 | p=X509_NAME_oneline(X509_get_issuer_name(x),NULL,0); |
| 438 | BIO_puts(out,"\nissuer= "); | 480 | BIO_puts(out,"\nissuer="); |
| 439 | BIO_puts(out,buf); | 481 | BIO_puts(out,p); |
| 440 | BIO_puts(out,"\n"); | 482 | BIO_puts(out,"\n"); |
| 441 | return 0; | 483 | OPENSSL_free(p); |
| 484 | |||
| 485 | return 0; | ||
| 442 | } | 486 | } |
| 443 | 487 | ||
| 444 | static int ui_open(UI *ui) | 488 | static int ui_open(UI *ui) |
| @@ -569,7 +613,7 @@ int password_callback(char *buf, int bufsiz, int verify, | |||
| 569 | 613 | ||
| 570 | if (buff) | 614 | if (buff) |
| 571 | { | 615 | { |
| 572 | memset(buff,0,(unsigned int)bufsiz); | 616 | OPENSSL_cleanse(buff,(unsigned int)bufsiz); |
| 573 | OPENSSL_free(buff); | 617 | OPENSSL_free(buff); |
| 574 | } | 618 | } |
| 575 | 619 | ||
| @@ -579,13 +623,13 @@ int password_callback(char *buf, int bufsiz, int verify, | |||
| 579 | { | 623 | { |
| 580 | BIO_printf(bio_err, "User interface error\n"); | 624 | BIO_printf(bio_err, "User interface error\n"); |
| 581 | ERR_print_errors(bio_err); | 625 | ERR_print_errors(bio_err); |
| 582 | memset(buf,0,(unsigned int)bufsiz); | 626 | OPENSSL_cleanse(buf,(unsigned int)bufsiz); |
| 583 | res = 0; | 627 | res = 0; |
| 584 | } | 628 | } |
| 585 | if (ok == -2) | 629 | if (ok == -2) |
| 586 | { | 630 | { |
| 587 | BIO_printf(bio_err,"aborted!\n"); | 631 | BIO_printf(bio_err,"aborted!\n"); |
| 588 | memset(buf,0,(unsigned int)bufsiz); | 632 | OPENSSL_cleanse(buf,(unsigned int)bufsiz); |
| 589 | res = 0; | 633 | res = 0; |
| 590 | } | 634 | } |
| 591 | UI_free(ui); | 635 | UI_free(ui); |
| @@ -813,6 +857,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, | |||
| 813 | BIO_printf(err,"no keyfile specified\n"); | 857 | BIO_printf(err,"no keyfile specified\n"); |
| 814 | goto end; | 858 | goto end; |
| 815 | } | 859 | } |
| 860 | #ifndef OPENSSL_NO_ENGINE | ||
| 816 | if (format == FORMAT_ENGINE) | 861 | if (format == FORMAT_ENGINE) |
| 817 | { | 862 | { |
| 818 | if (!e) | 863 | if (!e) |
| @@ -822,6 +867,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, | |||
| 822 | ui_method, &cb_data); | 867 | ui_method, &cb_data); |
| 823 | goto end; | 868 | goto end; |
| 824 | } | 869 | } |
| 870 | #endif | ||
| 825 | key=BIO_new(BIO_s_file()); | 871 | key=BIO_new(BIO_s_file()); |
| 826 | if (key == NULL) | 872 | if (key == NULL) |
| 827 | { | 873 | { |
| @@ -889,6 +935,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, | |||
| 889 | BIO_printf(err,"no keyfile specified\n"); | 935 | BIO_printf(err,"no keyfile specified\n"); |
| 890 | goto end; | 936 | goto end; |
| 891 | } | 937 | } |
| 938 | #ifndef OPENSSL_NO_ENGINE | ||
| 892 | if (format == FORMAT_ENGINE) | 939 | if (format == FORMAT_ENGINE) |
| 893 | { | 940 | { |
| 894 | if (!e) | 941 | if (!e) |
| @@ -898,6 +945,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, | |||
| 898 | ui_method, &cb_data); | 945 | ui_method, &cb_data); |
| 899 | goto end; | 946 | goto end; |
| 900 | } | 947 | } |
| 948 | #endif | ||
| 901 | key=BIO_new(BIO_s_file()); | 949 | key=BIO_new(BIO_s_file()); |
| 902 | if (key == NULL) | 950 | if (key == NULL) |
| 903 | { | 951 | { |
| @@ -960,7 +1008,7 @@ load_netscape_key(BIO *err, BIO *key, const char *file, | |||
| 960 | goto error; | 1008 | goto error; |
| 961 | for (;;) | 1009 | for (;;) |
| 962 | { | 1010 | { |
| 963 | if (!BUF_MEM_grow(buf,size+1024*10)) | 1011 | if (!BUF_MEM_grow_clean(buf,size+1024*10)) |
| 964 | goto error; | 1012 | goto error; |
| 965 | i = BIO_read(key, &(buf->data[size]), 1024*10); | 1013 | i = BIO_read(key, &(buf->data[size]), 1024*10); |
| 966 | size += i; | 1014 | size += i; |
| @@ -1235,6 +1283,7 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) | |||
| 1235 | char *buf; | 1283 | char *buf; |
| 1236 | char mline = 0; | 1284 | char mline = 0; |
| 1237 | int indent = 0; | 1285 | int indent = 0; |
| 1286 | |||
| 1238 | if(title) BIO_puts(out, title); | 1287 | if(title) BIO_puts(out, title); |
| 1239 | if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { | 1288 | if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { |
| 1240 | mline = 1; | 1289 | mline = 1; |
| @@ -1282,6 +1331,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath) | |||
| 1282 | return NULL; | 1331 | return NULL; |
| 1283 | } | 1332 | } |
| 1284 | 1333 | ||
| 1334 | #ifndef OPENSSL_NO_ENGINE | ||
| 1285 | /* Try to load an engine in a shareable library */ | 1335 | /* Try to load an engine in a shareable library */ |
| 1286 | static ENGINE *try_load_engine(BIO *err, const char *engine, int debug) | 1336 | static ENGINE *try_load_engine(BIO *err, const char *engine, int debug) |
| 1287 | { | 1337 | { |
| @@ -1338,6 +1388,7 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug) | |||
| 1338 | } | 1388 | } |
| 1339 | return e; | 1389 | return e; |
| 1340 | } | 1390 | } |
| 1391 | #endif | ||
| 1341 | 1392 | ||
| 1342 | int load_config(BIO *err, CONF *cnf) | 1393 | int load_config(BIO *err, CONF *cnf) |
| 1343 | { | 1394 | { |
| @@ -1356,3 +1407,20 @@ int load_config(BIO *err, CONF *cnf) | |||
| 1356 | } | 1407 | } |
| 1357 | return 1; | 1408 | return 1; |
| 1358 | } | 1409 | } |
| 1410 | |||
| 1411 | char *make_config_name() | ||
| 1412 | { | ||
| 1413 | const char *t=X509_get_default_cert_area(); | ||
| 1414 | size_t len; | ||
| 1415 | char *p; | ||
| 1416 | |||
| 1417 | len=strlen(t)+strlen(OPENSSL_CONF)+2; | ||
| 1418 | p=OPENSSL_malloc(len); | ||
| 1419 | strlcpy(p,t,len); | ||
| 1420 | #ifndef OPENSSL_SYS_VMS | ||
| 1421 | strlcat(p,"/",len); | ||
| 1422 | #endif | ||
| 1423 | strlcat(p,OPENSSL_CONF,len); | ||
| 1424 | |||
| 1425 | return p; | ||
| 1426 | } | ||
diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h index 32a79605ee..c36b9d2566 100644 --- a/src/lib/libssl/src/apps/apps.h +++ b/src/lib/libssl/src/apps/apps.h | |||
| @@ -121,7 +121,9 @@ | |||
| 121 | #include <openssl/lhash.h> | 121 | #include <openssl/lhash.h> |
| 122 | #include <openssl/conf.h> | 122 | #include <openssl/conf.h> |
| 123 | #include <openssl/txt_db.h> | 123 | #include <openssl/txt_db.h> |
| 124 | #ifndef OPENSSL_NO_ENGINE | ||
| 124 | #include <openssl/engine.h> | 125 | #include <openssl/engine.h> |
| 126 | #endif | ||
| 125 | #include <openssl/ossl_typ.h> | 127 | #include <openssl/ossl_typ.h> |
| 126 | 128 | ||
| 127 | int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); | 129 | int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); |
| @@ -139,13 +141,21 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read, | |||
| 139 | int WIN32_rename(char *oldname,char *newname); | 141 | int WIN32_rename(char *oldname,char *newname); |
| 140 | #endif | 142 | #endif |
| 141 | 143 | ||
| 144 | /* VMS below version 7.0 doesn't have strcasecmp() */ | ||
| 145 | #ifdef OPENSSL_SYS_VMS | ||
| 146 | #define strcasecmp(str1,str2) VMS_strcasecmp((str1),(str2)) | ||
| 147 | int VMS_strcasecmp(const char *str1, const char *str2); | ||
| 148 | #endif | ||
| 149 | |||
| 142 | #ifndef MONOLITH | 150 | #ifndef MONOLITH |
| 143 | 151 | ||
| 144 | #define MAIN(a,v) main(a,v) | 152 | #define MAIN(a,v) main(a,v) |
| 145 | 153 | ||
| 146 | #ifndef NON_MAIN | 154 | #ifndef NON_MAIN |
| 155 | CONF *config=NULL; | ||
| 147 | BIO *bio_err=NULL; | 156 | BIO *bio_err=NULL; |
| 148 | #else | 157 | #else |
| 158 | extern CONF *config; | ||
| 149 | extern BIO *bio_err; | 159 | extern BIO *bio_err; |
| 150 | #endif | 160 | #endif |
| 151 | 161 | ||
| @@ -171,30 +181,57 @@ extern BIO *bio_err; | |||
| 171 | do_pipe_sig() | 181 | do_pipe_sig() |
| 172 | # define apps_shutdown() | 182 | # define apps_shutdown() |
| 173 | #else | 183 | #else |
| 174 | # if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \ | 184 | # ifndef OPENSSL_NO_ENGINE |
| 175 | defined(OPENSSL_SYS_WIN32) | 185 | # if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \ |
| 176 | # ifdef _O_BINARY | 186 | defined(OPENSSL_SYS_WIN32) |
| 177 | # define apps_startup() \ | 187 | # ifdef _O_BINARY |
| 178 | do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ | 188 | # define apps_startup() \ |
| 179 | ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ | 189 | do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ |
| 180 | ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) | 190 | ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ |
| 191 | ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) | ||
| 192 | # else | ||
| 193 | # define apps_startup() \ | ||
| 194 | do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ | ||
| 195 | ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ | ||
| 196 | ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) | ||
| 197 | # endif | ||
| 181 | # else | 198 | # else |
| 182 | # define apps_startup() \ | 199 | # define apps_startup() \ |
| 183 | do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ | 200 | do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ |
| 184 | ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ | 201 | ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \ |
| 185 | ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) | 202 | setup_ui_method(); } while(0) |
| 186 | # endif | 203 | # endif |
| 204 | # define apps_shutdown() \ | ||
| 205 | do { CONF_modules_unload(1); destroy_ui_method(); \ | ||
| 206 | EVP_cleanup(); ENGINE_cleanup(); \ | ||
| 207 | CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ | ||
| 208 | ERR_free_strings(); } while(0) | ||
| 187 | # else | 209 | # else |
| 188 | # define apps_startup() \ | 210 | # if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \ |
| 189 | do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ | 211 | defined(OPENSSL_SYS_WIN32) |
| 190 | ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \ | 212 | # ifdef _O_BINARY |
| 191 | setup_ui_method(); } while(0) | 213 | # define apps_startup() \ |
| 214 | do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ | ||
| 215 | ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ | ||
| 216 | setup_ui_method(); } while(0) | ||
| 217 | # else | ||
| 218 | # define apps_startup() \ | ||
| 219 | do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ | ||
| 220 | ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ | ||
| 221 | setup_ui_method(); } while(0) | ||
| 222 | # endif | ||
| 223 | # else | ||
| 224 | # define apps_startup() \ | ||
| 225 | do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ | ||
| 226 | ERR_load_crypto_strings(); \ | ||
| 227 | setup_ui_method(); } while(0) | ||
| 228 | # endif | ||
| 229 | # define apps_shutdown() \ | ||
| 230 | do { CONF_modules_unload(1); destroy_ui_method(); \ | ||
| 231 | EVP_cleanup(); \ | ||
| 232 | CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ | ||
| 233 | ERR_free_strings(); } while(0) | ||
| 192 | # endif | 234 | # endif |
| 193 | # define apps_shutdown() \ | ||
| 194 | do { CONF_modules_unload(1); destroy_ui_method(); \ | ||
| 195 | EVP_cleanup(); ENGINE_cleanup(); \ | ||
| 196 | CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ | ||
| 197 | ERR_free_strings(); } while(0) | ||
| 198 | #endif | 235 | #endif |
| 199 | 236 | ||
| 200 | typedef struct args_st | 237 | typedef struct args_st |
| @@ -240,9 +277,12 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, | |||
| 240 | STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, | 277 | STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, |
| 241 | const char *pass, ENGINE *e, const char *cert_descrip); | 278 | const char *pass, ENGINE *e, const char *cert_descrip); |
| 242 | X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); | 279 | X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); |
| 280 | #ifndef OPENSSL_NO_ENGINE | ||
| 243 | ENGINE *setup_engine(BIO *err, const char *engine, int debug); | 281 | ENGINE *setup_engine(BIO *err, const char *engine, int debug); |
| 282 | #endif | ||
| 244 | 283 | ||
| 245 | int load_config(BIO *err, CONF *cnf); | 284 | int load_config(BIO *err, CONF *cnf); |
| 285 | char *make_config_name(void); | ||
| 246 | 286 | ||
| 247 | /* Functions defined in ca.c and also used in ocsp.c */ | 287 | /* Functions defined in ca.c and also used in ocsp.c */ |
| 248 | int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, | 288 | int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, |
diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c index 8f178db851..8367415405 100644 --- a/src/lib/libssl/src/apps/asn1pars.c +++ b/src/lib/libssl/src/apps/asn1pars.c | |||
| @@ -332,6 +332,6 @@ end: | |||
| 332 | if (osk != NULL) sk_free(osk); | 332 | if (osk != NULL) sk_free(osk); |
| 333 | OBJ_cleanup(); | 333 | OBJ_cleanup(); |
| 334 | apps_shutdown(); | 334 | apps_shutdown(); |
| 335 | EXIT(ret); | 335 | OPENSSL_EXIT(ret); |
| 336 | } | 336 | } |
| 337 | 337 | ||
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c index 60bc4e5191..6c6d3f0d26 100644 --- a/src/lib/libssl/src/apps/ca.c +++ b/src/lib/libssl/src/apps/ca.c | |||
| @@ -64,7 +64,6 @@ | |||
| 64 | #include <ctype.h> | 64 | #include <ctype.h> |
| 65 | #include <sys/types.h> | 65 | #include <sys/types.h> |
| 66 | #include <sys/stat.h> | 66 | #include <sys/stat.h> |
| 67 | #include "apps.h" | ||
| 68 | #include <openssl/conf.h> | 67 | #include <openssl/conf.h> |
| 69 | #include <openssl/bio.h> | 68 | #include <openssl/bio.h> |
| 70 | #include <openssl/err.h> | 69 | #include <openssl/err.h> |
| @@ -94,11 +93,13 @@ | |||
| 94 | # else | 93 | # else |
| 95 | # include <unixlib.h> | 94 | # include <unixlib.h> |
| 96 | # endif | 95 | # endif |
| 97 | # elif !defined(OPENSSL_SYS_VXWORKS) | 96 | # elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) |
| 98 | # include <sys/file.h> | 97 | # include <sys/file.h> |
| 99 | # endif | 98 | # endif |
| 100 | #endif | 99 | #endif |
| 101 | 100 | ||
| 101 | #include "apps.h" | ||
| 102 | |||
| 102 | #ifndef W_OK | 103 | #ifndef W_OK |
| 103 | # define F_OK 0 | 104 | # define F_OK 0 |
| 104 | # define X_OK 1 | 105 | # define X_OK 1 |
| @@ -195,7 +196,9 @@ static char *ca_usage[]={ | |||
| 195 | " -extensions .. - Extension section (override value in config file)\n", | 196 | " -extensions .. - Extension section (override value in config file)\n", |
| 196 | " -extfile file - Configuration file with X509v3 extentions to add\n", | 197 | " -extfile file - Configuration file with X509v3 extentions to add\n", |
| 197 | " -crlexts .. - CRL extension section (override value in config file)\n", | 198 | " -crlexts .. - CRL extension section (override value in config file)\n", |
| 199 | #ifndef OPENSSL_NO_ENGINE | ||
| 198 | " -engine e - use engine e, possibly a hardware device.\n", | 200 | " -engine e - use engine e, possibly a hardware device.\n", |
| 201 | #endif | ||
| 199 | " -status serial - Shows certificate status given the serial number\n", | 202 | " -status serial - Shows certificate status given the serial number\n", |
| 200 | " -updatedb - Updates db for expired certificates\n", | 203 | " -updatedb - Updates db for expired certificates\n", |
| 201 | NULL | 204 | NULL |
| @@ -332,7 +335,10 @@ int MAIN(int argc, char **argv) | |||
| 332 | #define BSIZE 256 | 335 | #define BSIZE 256 |
| 333 | MS_STATIC char buf[3][BSIZE]; | 336 | MS_STATIC char buf[3][BSIZE]; |
| 334 | char *randfile=NULL; | 337 | char *randfile=NULL; |
| 338 | #ifndef OPENSSL_NO_ENGINE | ||
| 335 | char *engine = NULL; | 339 | char *engine = NULL; |
| 340 | #endif | ||
| 341 | char *tofree=NULL; | ||
| 336 | 342 | ||
| 337 | #ifdef EFENCE | 343 | #ifdef EFENCE |
| 338 | EF_PROTECT_FREE=1; | 344 | EF_PROTECT_FREE=1; |
| @@ -535,11 +541,13 @@ EF_ALIGNMENT=0; | |||
| 535 | rev_arg = *(++argv); | 541 | rev_arg = *(++argv); |
| 536 | rev_type = REV_CA_COMPROMISE; | 542 | rev_type = REV_CA_COMPROMISE; |
| 537 | } | 543 | } |
| 544 | #ifndef OPENSSL_NO_ENGINE | ||
| 538 | else if (strcmp(*argv,"-engine") == 0) | 545 | else if (strcmp(*argv,"-engine") == 0) |
| 539 | { | 546 | { |
| 540 | if (--argc < 1) goto bad; | 547 | if (--argc < 1) goto bad; |
| 541 | engine= *(++argv); | 548 | engine= *(++argv); |
| 542 | } | 549 | } |
| 550 | #endif | ||
| 543 | else | 551 | else |
| 544 | { | 552 | { |
| 545 | bad: | 553 | bad: |
| @@ -560,25 +568,31 @@ bad: | |||
| 560 | 568 | ||
| 561 | ERR_load_crypto_strings(); | 569 | ERR_load_crypto_strings(); |
| 562 | 570 | ||
| 563 | e = setup_engine(bio_err, engine, 0); | 571 | #ifndef OPENSSL_NO_ENGINE |
| 572 | e = setup_engine(bio_err, engine, 0); | ||
| 573 | #endif | ||
| 564 | 574 | ||
| 565 | /*****************************************************************/ | 575 | /*****************************************************************/ |
| 576 | tofree=NULL; | ||
| 566 | if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); | 577 | if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); |
| 567 | if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); | 578 | if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); |
| 568 | if (configfile == NULL) | 579 | if (configfile == NULL) |
| 569 | { | 580 | { |
| 570 | /* We will just use 'buf[0]' as a temporary buffer. */ | 581 | const char *s=X509_get_default_cert_area(); |
| 582 | size_t len; | ||
| 583 | |||
| 571 | #ifdef OPENSSL_SYS_VMS | 584 | #ifdef OPENSSL_SYS_VMS |
| 572 | strncpy(buf[0],X509_get_default_cert_area(), | 585 | len = strlen(s)+sizeof(CONFIG_FILE); |
| 573 | sizeof(buf[0])-1-sizeof(CONFIG_FILE)); | 586 | tofree=OPENSSL_malloc(len); |
| 587 | strcpy(tofree,s); | ||
| 574 | #else | 588 | #else |
| 575 | strncpy(buf[0],X509_get_default_cert_area(), | 589 | len = strlen(s)+sizeof(CONFIG_FILE)+1; |
| 576 | sizeof(buf[0])-2-sizeof(CONFIG_FILE)); | 590 | tofree=OPENSSL_malloc(len); |
| 577 | buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0'; | 591 | strlcpy(tofree,s,len); |
| 578 | strlcat(buf[0],"/",sizeof(buf[0])); | 592 | strlcat(tofree,"/",len); |
| 579 | #endif | 593 | #endif |
| 580 | strlcat(buf[0],CONFIG_FILE,sizeof(buf[0])); | 594 | strlcat(tofree,CONFIG_FILE,len); |
| 581 | configfile=buf[0]; | 595 | configfile=tofree; |
| 582 | } | 596 | } |
| 583 | 597 | ||
| 584 | BIO_printf(bio_err,"Using configuration from %s\n",configfile); | 598 | BIO_printf(bio_err,"Using configuration from %s\n",configfile); |
| @@ -593,6 +607,11 @@ bad: | |||
| 593 | ,errorline,configfile); | 607 | ,errorline,configfile); |
| 594 | goto err; | 608 | goto err; |
| 595 | } | 609 | } |
| 610 | if(tofree) | ||
| 611 | { | ||
| 612 | OPENSSL_free(tofree); | ||
| 613 | tofree = NULL; | ||
| 614 | } | ||
| 596 | 615 | ||
| 597 | if (!load_config(bio_err, conf)) | 616 | if (!load_config(bio_err, conf)) |
| 598 | goto err; | 617 | goto err; |
| @@ -701,7 +720,7 @@ bad: | |||
| 701 | } | 720 | } |
| 702 | pkey = load_key(bio_err, keyfile, keyform, 0, key, e, | 721 | pkey = load_key(bio_err, keyfile, keyform, 0, key, e, |
| 703 | "CA private key"); | 722 | "CA private key"); |
| 704 | if (key) memset(key,0,strlen(key)); | 723 | if (key) OPENSSL_cleanse(key,strlen(key)); |
| 705 | if (pkey == NULL) | 724 | if (pkey == NULL) |
| 706 | { | 725 | { |
| 707 | /* load_key() has already printed an appropriate message */ | 726 | /* load_key() has already printed an appropriate message */ |
| @@ -1158,9 +1177,14 @@ bad: | |||
| 1158 | } | 1177 | } |
| 1159 | if (verbose) | 1178 | if (verbose) |
| 1160 | { | 1179 | { |
| 1161 | if ((f=BN_bn2hex(serial)) == NULL) goto err; | 1180 | if (BN_is_zero(serial)) |
| 1162 | BIO_printf(bio_err,"next serial number is %s\n",f); | 1181 | BIO_printf(bio_err,"next serial number is 00\n"); |
| 1163 | OPENSSL_free(f); | 1182 | else |
| 1183 | { | ||
| 1184 | if ((f=BN_bn2hex(serial)) == NULL) goto err; | ||
| 1185 | BIO_printf(bio_err,"next serial number is %s\n",f); | ||
| 1186 | OPENSSL_free(f); | ||
| 1187 | } | ||
| 1164 | } | 1188 | } |
| 1165 | 1189 | ||
| 1166 | if ((attribs=NCONF_get_section(conf,policy)) == NULL) | 1190 | if ((attribs=NCONF_get_section(conf,policy)) == NULL) |
| @@ -1280,8 +1304,13 @@ bad: | |||
| 1280 | 1304 | ||
| 1281 | BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk)); | 1305 | BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk)); |
| 1282 | 1306 | ||
| 1283 | strncpy(buf[0],serialfile,BSIZE-4); | 1307 | if(strlen(serialfile) > BSIZE-5 || strlen(dbfile) > BSIZE-5) |
| 1284 | buf[0][BSIZE-4]='\0'; | 1308 | { |
| 1309 | BIO_printf(bio_err,"file name too long\n"); | ||
| 1310 | goto err; | ||
| 1311 | } | ||
| 1312 | |||
| 1313 | strcpy(buf[0],serialfile); | ||
| 1285 | 1314 | ||
| 1286 | #ifdef OPENSSL_SYS_VMS | 1315 | #ifdef OPENSSL_SYS_VMS |
| 1287 | strcat(buf[0],"-new"); | 1316 | strcat(buf[0],"-new"); |
| @@ -1291,8 +1320,7 @@ bad: | |||
| 1291 | 1320 | ||
| 1292 | if (!save_serial(buf[0],serial)) goto err; | 1321 | if (!save_serial(buf[0],serial)) goto err; |
| 1293 | 1322 | ||
| 1294 | strncpy(buf[1],dbfile,BSIZE-4); | 1323 | strcpy(buf[1],dbfile); |
| 1295 | buf[1][BSIZE-4]='\0'; | ||
| 1296 | 1324 | ||
| 1297 | #ifdef OPENSSL_SYS_VMS | 1325 | #ifdef OPENSSL_SYS_VMS |
| 1298 | strcat(buf[1],"-new"); | 1326 | strcat(buf[1],"-new"); |
| @@ -1322,8 +1350,13 @@ bad: | |||
| 1322 | j=x->cert_info->serialNumber->length; | 1350 | j=x->cert_info->serialNumber->length; |
| 1323 | p=(char *)x->cert_info->serialNumber->data; | 1351 | p=(char *)x->cert_info->serialNumber->data; |
| 1324 | 1352 | ||
| 1325 | strncpy(buf[2],outdir,BSIZE-(j*2)-6); | 1353 | if(strlen(outdir) >= (size_t)(j ? BSIZE-j*2-6 : BSIZE-8)) |
| 1326 | buf[2][BSIZE-(j*2)-6]='\0'; | 1354 | { |
| 1355 | BIO_printf(bio_err,"certificate file name too long\n"); | ||
| 1356 | goto err; | ||
| 1357 | } | ||
| 1358 | |||
| 1359 | strcpy(buf[2],outdir); | ||
| 1327 | 1360 | ||
| 1328 | #ifndef OPENSSL_SYS_VMS | 1361 | #ifndef OPENSSL_SYS_VMS |
| 1329 | strlcat(buf[2],"/",sizeof(buf[2])); | 1362 | strlcat(buf[2],"/",sizeof(buf[2])); |
| @@ -1561,8 +1594,13 @@ bad: | |||
| 1561 | if (j <= 0) goto err; | 1594 | if (j <= 0) goto err; |
| 1562 | X509_free(revcert); | 1595 | X509_free(revcert); |
| 1563 | 1596 | ||
| 1564 | strncpy(buf[0],dbfile,BSIZE-4); | 1597 | if(strlen(dbfile) > BSIZE-5) |
| 1565 | buf[0][BSIZE-4]='\0'; | 1598 | { |
| 1599 | BIO_printf(bio_err,"filename too long\n"); | ||
| 1600 | goto err; | ||
| 1601 | } | ||
| 1602 | |||
| 1603 | strcpy(buf[0],dbfile); | ||
| 1566 | #ifndef OPENSSL_SYS_VMS | 1604 | #ifndef OPENSSL_SYS_VMS |
| 1567 | strlcat(buf[0],".new",sizeof(buf[0])); | 1605 | strlcat(buf[0],".new",sizeof(buf[0])); |
| 1568 | #else | 1606 | #else |
| @@ -1606,16 +1644,19 @@ bad: | |||
| 1606 | /*****************************************************************/ | 1644 | /*****************************************************************/ |
| 1607 | ret=0; | 1645 | ret=0; |
| 1608 | err: | 1646 | err: |
| 1647 | if(tofree) | ||
| 1648 | OPENSSL_free(tofree); | ||
| 1609 | BIO_free_all(Cout); | 1649 | BIO_free_all(Cout); |
| 1610 | BIO_free_all(Sout); | 1650 | BIO_free_all(Sout); |
| 1611 | BIO_free_all(out); | 1651 | BIO_free_all(out); |
| 1612 | BIO_free_all(in); | 1652 | BIO_free_all(in); |
| 1613 | 1653 | ||
| 1614 | sk_X509_pop_free(cert_sk,X509_free); | 1654 | if (cert_sk) |
| 1655 | sk_X509_pop_free(cert_sk,X509_free); | ||
| 1615 | 1656 | ||
| 1616 | if (ret) ERR_print_errors(bio_err); | 1657 | if (ret) ERR_print_errors(bio_err); |
| 1617 | app_RAND_write_file(randfile, bio_err); | 1658 | app_RAND_write_file(randfile, bio_err); |
| 1618 | if (free_key) | 1659 | if (free_key && key) |
| 1619 | OPENSSL_free(key); | 1660 | OPENSSL_free(key); |
| 1620 | BN_free(serial); | 1661 | BN_free(serial); |
| 1621 | TXT_DB_free(db); | 1662 | TXT_DB_free(db); |
| @@ -1625,7 +1666,7 @@ err: | |||
| 1625 | NCONF_free(conf); | 1666 | NCONF_free(conf); |
| 1626 | OBJ_cleanup(); | 1667 | OBJ_cleanup(); |
| 1627 | apps_shutdown(); | 1668 | apps_shutdown(); |
| 1628 | EXIT(ret); | 1669 | OPENSSL_EXIT(ret); |
| 1629 | } | 1670 | } |
| 1630 | 1671 | ||
| 1631 | static void lookup_fail(char *name, char *tag) | 1672 | static void lookup_fail(char *name, char *tag) |
| @@ -1690,7 +1731,7 @@ static BIGNUM *load_serial(char *serialfile) | |||
| 1690 | ret=ASN1_INTEGER_to_BN(ai,NULL); | 1731 | ret=ASN1_INTEGER_to_BN(ai,NULL); |
| 1691 | if (ret == NULL) | 1732 | if (ret == NULL) |
| 1692 | { | 1733 | { |
| 1693 | BIO_printf(bio_err,"error converting number from bin to BIGNUM"); | 1734 | BIO_printf(bio_err,"error converting number from bin to BIGNUM\n"); |
| 1694 | goto err; | 1735 | goto err; |
| 1695 | } | 1736 | } |
| 1696 | err: | 1737 | err: |
| @@ -2093,7 +2134,10 @@ again2: | |||
| 2093 | } | 2134 | } |
| 2094 | } | 2135 | } |
| 2095 | 2136 | ||
| 2096 | row[DB_serial]=BN_bn2hex(serial); | 2137 | if (BN_is_zero(serial)) |
| 2138 | row[DB_serial]=BUF_strdup("00"); | ||
| 2139 | else | ||
| 2140 | row[DB_serial]=BN_bn2hex(serial); | ||
| 2097 | if (row[DB_serial] == NULL) | 2141 | if (row[DB_serial] == NULL) |
| 2098 | { | 2142 | { |
| 2099 | BIO_printf(bio_err,"Memory allocation failure\n"); | 2143 | BIO_printf(bio_err,"Memory allocation failure\n"); |
| @@ -2156,7 +2200,7 @@ again2: | |||
| 2156 | 2200 | ||
| 2157 | #ifdef X509_V3 | 2201 | #ifdef X509_V3 |
| 2158 | /* Make it an X509 v3 certificate. */ | 2202 | /* Make it an X509 v3 certificate. */ |
| 2159 | if (!X509_set_version(x509,2)) goto err; | 2203 | if (!X509_set_version(ret,2)) goto err; |
| 2160 | #endif | 2204 | #endif |
| 2161 | 2205 | ||
| 2162 | if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL) | 2206 | if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL) |
| @@ -2577,7 +2621,10 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value) | |||
| 2577 | row[i]=NULL; | 2621 | row[i]=NULL; |
| 2578 | row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0); | 2622 | row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0); |
| 2579 | bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL); | 2623 | bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL); |
| 2580 | row[DB_serial]=BN_bn2hex(bn); | 2624 | if (BN_is_zero(bn)) |
| 2625 | row[DB_serial]=BUF_strdup("00"); | ||
| 2626 | else | ||
| 2627 | row[DB_serial]=BN_bn2hex(bn); | ||
| 2581 | BN_free(bn); | 2628 | BN_free(bn); |
| 2582 | if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) | 2629 | if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) |
| 2583 | { | 2630 | { |
| @@ -3046,55 +3093,59 @@ X509_NAME *do_subject(char *subject, long chtype) | |||
| 3046 | sp++; /* skip leading / */ | 3093 | sp++; /* skip leading / */ |
| 3047 | 3094 | ||
| 3048 | while (*sp) | 3095 | while (*sp) |
| 3049 | { | 3096 | { |
| 3050 | /* collect type */ | 3097 | /* collect type */ |
| 3051 | ne_types[ne_num] = bp; | 3098 | ne_types[ne_num] = bp; |
| 3052 | while (*sp) | 3099 | while (*sp) |
| 3053 | { | 3100 | { |
| 3054 | if (*sp == '\\') /* is there anything to escape in the type...? */ | 3101 | if (*sp == '\\') /* is there anything to escape in the type...? */ |
| 3102 | { | ||
| 3055 | if (*++sp) | 3103 | if (*++sp) |
| 3056 | *bp++ = *sp++; | 3104 | *bp++ = *sp++; |
| 3057 | else | 3105 | else |
| 3058 | { | 3106 | { |
| 3059 | BIO_printf(bio_err, "escape character at end of string\n"); | 3107 | BIO_printf(bio_err, "escape character at end of string\n"); |
| 3060 | goto error; | 3108 | goto error; |
| 3109 | } | ||
| 3061 | } | 3110 | } |
| 3062 | else if (*sp == '=') | 3111 | else if (*sp == '=') |
| 3063 | { | 3112 | { |
| 3064 | sp++; | 3113 | sp++; |
| 3065 | *bp++ = '\0'; | 3114 | *bp++ = '\0'; |
| 3066 | break; | 3115 | break; |
| 3067 | } | 3116 | } |
| 3068 | else | 3117 | else |
| 3069 | *bp++ = *sp++; | 3118 | *bp++ = *sp++; |
| 3070 | } | 3119 | } |
| 3071 | if (!*sp) | 3120 | if (!*sp) |
| 3072 | { | 3121 | { |
| 3073 | BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); | 3122 | BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); |
| 3074 | goto error; | 3123 | goto error; |
| 3075 | } | 3124 | } |
| 3076 | ne_values[ne_num] = bp; | 3125 | ne_values[ne_num] = bp; |
| 3077 | while (*sp) | 3126 | while (*sp) |
| 3078 | { | 3127 | { |
| 3079 | if (*sp == '\\') | 3128 | if (*sp == '\\') |
| 3129 | { | ||
| 3080 | if (*++sp) | 3130 | if (*++sp) |
| 3081 | *bp++ = *sp++; | 3131 | *bp++ = *sp++; |
| 3082 | else | 3132 | else |
| 3083 | { | 3133 | { |
| 3084 | BIO_printf(bio_err, "escape character at end of string\n"); | 3134 | BIO_printf(bio_err, "escape character at end of string\n"); |
| 3085 | goto error; | 3135 | goto error; |
| 3136 | } | ||
| 3086 | } | 3137 | } |
| 3087 | else if (*sp == '/') | 3138 | else if (*sp == '/') |
| 3088 | { | 3139 | { |
| 3089 | sp++; | 3140 | sp++; |
| 3090 | break; | 3141 | break; |
| 3091 | } | 3142 | } |
| 3092 | else | 3143 | else |
| 3093 | *bp++ = *sp++; | 3144 | *bp++ = *sp++; |
| 3094 | } | 3145 | } |
| 3095 | *bp++ = '\0'; | 3146 | *bp++ = '\0'; |
| 3096 | ne_num++; | 3147 | ne_num++; |
| 3097 | } | 3148 | } |
| 3098 | 3149 | ||
| 3099 | if (!(n = X509_NAME_new())) | 3150 | if (!(n = X509_NAME_new())) |
| 3100 | goto error; | 3151 | goto error; |
diff --git a/src/lib/libssl/src/apps/ciphers.c b/src/lib/libssl/src/apps/ciphers.c index 2d6e104790..7c62fc5dc3 100644 --- a/src/lib/libssl/src/apps/ciphers.c +++ b/src/lib/libssl/src/apps/ciphers.c | |||
| @@ -187,7 +187,7 @@ int MAIN(int argc, char **argv) | |||
| 187 | { | 187 | { |
| 188 | BIO_puts(STDout,SSL_CIPHER_description( | 188 | BIO_puts(STDout,SSL_CIPHER_description( |
| 189 | sk_SSL_CIPHER_value(sk,i), | 189 | sk_SSL_CIPHER_value(sk,i), |
| 190 | buf,512)); | 190 | buf,sizeof buf)); |
| 191 | } | 191 | } |
| 192 | } | 192 | } |
| 193 | 193 | ||
| @@ -203,6 +203,6 @@ end: | |||
| 203 | if (ssl != NULL) SSL_free(ssl); | 203 | if (ssl != NULL) SSL_free(ssl); |
| 204 | if (STDout != NULL) BIO_free_all(STDout); | 204 | if (STDout != NULL) BIO_free_all(STDout); |
| 205 | apps_shutdown(); | 205 | apps_shutdown(); |
| 206 | EXIT(ret); | 206 | OPENSSL_EXIT(ret); |
| 207 | } | 207 | } |
| 208 | 208 | ||
diff --git a/src/lib/libssl/src/apps/crl.c b/src/lib/libssl/src/apps/crl.c index 00946b4d20..81d66587c1 100644 --- a/src/lib/libssl/src/apps/crl.c +++ b/src/lib/libssl/src/apps/crl.c | |||
| @@ -81,6 +81,7 @@ static char *crl_usage[]={ | |||
| 81 | " -in arg - input file - default stdin\n", | 81 | " -in arg - input file - default stdin\n", |
| 82 | " -out arg - output file - default stdout\n", | 82 | " -out arg - output file - default stdout\n", |
| 83 | " -hash - print hash value\n", | 83 | " -hash - print hash value\n", |
| 84 | " -fingerprint - print the crl fingerprint\n", | ||
| 84 | " -issuer - print issuer DN\n", | 85 | " -issuer - print issuer DN\n", |
| 85 | " -lastupdate - lastUpdate field\n", | 86 | " -lastupdate - lastUpdate field\n", |
| 86 | " -nextupdate - nextUpdate field\n", | 87 | " -nextupdate - nextUpdate field\n", |
| @@ -377,7 +378,7 @@ end: | |||
| 377 | X509_STORE_free(store); | 378 | X509_STORE_free(store); |
| 378 | } | 379 | } |
| 379 | apps_shutdown(); | 380 | apps_shutdown(); |
| 380 | EXIT(ret); | 381 | OPENSSL_EXIT(ret); |
| 381 | } | 382 | } |
| 382 | 383 | ||
| 383 | static X509_CRL *load_crl(char *infile, int format) | 384 | static X509_CRL *load_crl(char *infile, int format) |
diff --git a/src/lib/libssl/src/apps/crl2p7.c b/src/lib/libssl/src/apps/crl2p7.c index 8729068462..b2f2d121d5 100644 --- a/src/lib/libssl/src/apps/crl2p7.c +++ b/src/lib/libssl/src/apps/crl2p7.c | |||
| @@ -280,7 +280,7 @@ end: | |||
| 280 | if (crl != NULL) X509_CRL_free(crl); | 280 | if (crl != NULL) X509_CRL_free(crl); |
| 281 | 281 | ||
| 282 | apps_shutdown(); | 282 | apps_shutdown(); |
| 283 | EXIT(ret); | 283 | OPENSSL_EXIT(ret); |
| 284 | } | 284 | } |
| 285 | 285 | ||
| 286 | /* | 286 | /* |
diff --git a/src/lib/libssl/src/apps/dgst.c b/src/lib/libssl/src/apps/dgst.c index 18bdd56c62..71298b7524 100644 --- a/src/lib/libssl/src/apps/dgst.c +++ b/src/lib/libssl/src/apps/dgst.c | |||
| @@ -100,7 +100,9 @@ int MAIN(int argc, char **argv) | |||
| 100 | EVP_PKEY *sigkey = NULL; | 100 | EVP_PKEY *sigkey = NULL; |
| 101 | unsigned char *sigbuf = NULL; | 101 | unsigned char *sigbuf = NULL; |
| 102 | int siglen = 0; | 102 | int siglen = 0; |
| 103 | #ifndef OPENSSL_NO_ENGINE | ||
| 103 | char *engine=NULL; | 104 | char *engine=NULL; |
| 105 | #endif | ||
| 104 | 106 | ||
| 105 | apps_startup(); | 107 | apps_startup(); |
| 106 | 108 | ||
| @@ -117,7 +119,7 @@ int MAIN(int argc, char **argv) | |||
| 117 | goto end; | 119 | goto end; |
| 118 | 120 | ||
| 119 | /* first check the program name */ | 121 | /* first check the program name */ |
| 120 | program_name(argv[0],pname,PROG_NAME_SIZE); | 122 | program_name(argv[0],pname,sizeof pname); |
| 121 | 123 | ||
| 122 | md=EVP_get_digestbyname(pname); | 124 | md=EVP_get_digestbyname(pname); |
| 123 | 125 | ||
| @@ -166,11 +168,13 @@ int MAIN(int argc, char **argv) | |||
| 166 | if (--argc < 1) break; | 168 | if (--argc < 1) break; |
| 167 | keyform=str2fmt(*(++argv)); | 169 | keyform=str2fmt(*(++argv)); |
| 168 | } | 170 | } |
| 171 | #ifndef OPENSSL_NO_ENGINE | ||
| 169 | else if (strcmp(*argv,"-engine") == 0) | 172 | else if (strcmp(*argv,"-engine") == 0) |
| 170 | { | 173 | { |
| 171 | if (--argc < 1) break; | 174 | if (--argc < 1) break; |
| 172 | engine= *(++argv); | 175 | engine= *(++argv); |
| 173 | } | 176 | } |
| 177 | #endif | ||
| 174 | else if (strcmp(*argv,"-hex") == 0) | 178 | else if (strcmp(*argv,"-hex") == 0) |
| 175 | out_bin = 0; | 179 | out_bin = 0; |
| 176 | else if (strcmp(*argv,"-binary") == 0) | 180 | else if (strcmp(*argv,"-binary") == 0) |
| @@ -207,7 +211,10 @@ int MAIN(int argc, char **argv) | |||
| 207 | BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); | 211 | BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); |
| 208 | BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); | 212 | BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); |
| 209 | BIO_printf(bio_err,"-signature file signature to verify\n"); | 213 | BIO_printf(bio_err,"-signature file signature to verify\n"); |
| 214 | BIO_printf(bio_err,"-binary output in binary form\n"); | ||
| 215 | #ifndef OPENSSL_NO_ENGINE | ||
| 210 | BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); | 216 | BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); |
| 217 | #endif | ||
| 211 | 218 | ||
| 212 | BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", | 219 | BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", |
| 213 | LN_md5,LN_md5); | 220 | LN_md5,LN_md5); |
| @@ -227,7 +234,9 @@ int MAIN(int argc, char **argv) | |||
| 227 | goto end; | 234 | goto end; |
| 228 | } | 235 | } |
| 229 | 236 | ||
| 237 | #ifndef OPENSSL_NO_ENGINE | ||
| 230 | e = setup_engine(bio_err, engine, 0); | 238 | e = setup_engine(bio_err, engine, 0); |
| 239 | #endif | ||
| 231 | 240 | ||
| 232 | in=BIO_new(BIO_s_file()); | 241 | in=BIO_new(BIO_s_file()); |
| 233 | bmd=BIO_new(BIO_f_md()); | 242 | bmd=BIO_new(BIO_f_md()); |
| @@ -356,7 +365,7 @@ int MAIN(int argc, char **argv) | |||
| 356 | end: | 365 | end: |
| 357 | if (buf != NULL) | 366 | if (buf != NULL) |
| 358 | { | 367 | { |
| 359 | memset(buf,0,BUFSIZE); | 368 | OPENSSL_cleanse(buf,BUFSIZE); |
| 360 | OPENSSL_free(buf); | 369 | OPENSSL_free(buf); |
| 361 | } | 370 | } |
| 362 | if (in != NULL) BIO_free(in); | 371 | if (in != NULL) BIO_free(in); |
| @@ -365,7 +374,7 @@ end: | |||
| 365 | if(sigbuf) OPENSSL_free(sigbuf); | 374 | if(sigbuf) OPENSSL_free(sigbuf); |
| 366 | if (bmd != NULL) BIO_free(bmd); | 375 | if (bmd != NULL) BIO_free(bmd); |
| 367 | apps_shutdown(); | 376 | apps_shutdown(); |
| 368 | EXIT(err); | 377 | OPENSSL_EXIT(err); |
| 369 | } | 378 | } |
| 370 | 379 | ||
| 371 | int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, | 380 | int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, |
diff --git a/src/lib/libssl/src/apps/dh.c b/src/lib/libssl/src/apps/dh.c index 27c3dc8df2..cd01fed139 100644 --- a/src/lib/libssl/src/apps/dh.c +++ b/src/lib/libssl/src/apps/dh.c | |||
| @@ -87,12 +87,17 @@ int MAIN(int, char **); | |||
| 87 | 87 | ||
| 88 | int MAIN(int argc, char **argv) | 88 | int MAIN(int argc, char **argv) |
| 89 | { | 89 | { |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 90 | ENGINE *e = NULL; | 91 | ENGINE *e = NULL; |
| 92 | #endif | ||
| 91 | DH *dh=NULL; | 93 | DH *dh=NULL; |
| 92 | int i,badops=0,text=0; | 94 | int i,badops=0,text=0; |
| 93 | BIO *in=NULL,*out=NULL; | 95 | BIO *in=NULL,*out=NULL; |
| 94 | int informat,outformat,check=0,noout=0,C=0,ret=1; | 96 | int informat,outformat,check=0,noout=0,C=0,ret=1; |
| 95 | char *infile,*outfile,*prog,*engine; | 97 | char *infile,*outfile,*prog; |
| 98 | #ifndef OPENSSL_NO_ENGINE | ||
| 99 | char *engine; | ||
| 100 | #endif | ||
| 96 | 101 | ||
| 97 | apps_startup(); | 102 | apps_startup(); |
| 98 | 103 | ||
| @@ -103,7 +108,9 @@ int MAIN(int argc, char **argv) | |||
| 103 | if (!load_config(bio_err, NULL)) | 108 | if (!load_config(bio_err, NULL)) |
| 104 | goto end; | 109 | goto end; |
| 105 | 110 | ||
| 111 | #ifndef OPENSSL_NO_ENGINE | ||
| 106 | engine=NULL; | 112 | engine=NULL; |
| 113 | #endif | ||
| 107 | infile=NULL; | 114 | infile=NULL; |
| 108 | outfile=NULL; | 115 | outfile=NULL; |
| 109 | informat=FORMAT_PEM; | 116 | informat=FORMAT_PEM; |
| @@ -134,11 +141,13 @@ int MAIN(int argc, char **argv) | |||
| 134 | if (--argc < 1) goto bad; | 141 | if (--argc < 1) goto bad; |
| 135 | outfile= *(++argv); | 142 | outfile= *(++argv); |
| 136 | } | 143 | } |
| 144 | #ifndef OPENSSL_NO_ENGINE | ||
| 137 | else if (strcmp(*argv,"-engine") == 0) | 145 | else if (strcmp(*argv,"-engine") == 0) |
| 138 | { | 146 | { |
| 139 | if (--argc < 1) goto bad; | 147 | if (--argc < 1) goto bad; |
| 140 | engine= *(++argv); | 148 | engine= *(++argv); |
| 141 | } | 149 | } |
| 150 | #endif | ||
| 142 | else if (strcmp(*argv,"-check") == 0) | 151 | else if (strcmp(*argv,"-check") == 0) |
| 143 | check=1; | 152 | check=1; |
| 144 | else if (strcmp(*argv,"-text") == 0) | 153 | else if (strcmp(*argv,"-text") == 0) |
| @@ -170,13 +179,17 @@ bad: | |||
| 170 | BIO_printf(bio_err," -text print a text form of the DH parameters\n"); | 179 | BIO_printf(bio_err," -text print a text form of the DH parameters\n"); |
| 171 | BIO_printf(bio_err," -C Output C code\n"); | 180 | BIO_printf(bio_err," -C Output C code\n"); |
| 172 | BIO_printf(bio_err," -noout no output\n"); | 181 | BIO_printf(bio_err," -noout no output\n"); |
| 182 | #ifndef OPENSSL_NO_ENGINE | ||
| 173 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 183 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 184 | #endif | ||
| 174 | goto end; | 185 | goto end; |
| 175 | } | 186 | } |
| 176 | 187 | ||
| 177 | ERR_load_crypto_strings(); | 188 | ERR_load_crypto_strings(); |
| 178 | 189 | ||
| 190 | #ifndef OPENSSL_NO_ENGINE | ||
| 179 | e = setup_engine(bio_err, engine, 0); | 191 | e = setup_engine(bio_err, engine, 0); |
| 192 | #endif | ||
| 180 | 193 | ||
| 181 | in=BIO_new(BIO_s_file()); | 194 | in=BIO_new(BIO_s_file()); |
| 182 | out=BIO_new(BIO_s_file()); | 195 | out=BIO_new(BIO_s_file()); |
| @@ -333,6 +346,6 @@ end: | |||
| 333 | if (out != NULL) BIO_free_all(out); | 346 | if (out != NULL) BIO_free_all(out); |
| 334 | if (dh != NULL) DH_free(dh); | 347 | if (dh != NULL) DH_free(dh); |
| 335 | apps_shutdown(); | 348 | apps_shutdown(); |
| 336 | EXIT(ret); | 349 | OPENSSL_EXIT(ret); |
| 337 | } | 350 | } |
| 338 | #endif | 351 | #endif |
diff --git a/src/lib/libssl/src/apps/dhparam.c b/src/lib/libssl/src/apps/dhparam.c index ea15ef3236..dc00355b95 100644 --- a/src/lib/libssl/src/apps/dhparam.c +++ b/src/lib/libssl/src/apps/dhparam.c | |||
| @@ -148,7 +148,9 @@ int MAIN(int, char **); | |||
| 148 | 148 | ||
| 149 | int MAIN(int argc, char **argv) | 149 | int MAIN(int argc, char **argv) |
| 150 | { | 150 | { |
| 151 | #ifndef OPENSSL_NO_ENGINE | ||
| 151 | ENGINE *e = NULL; | 152 | ENGINE *e = NULL; |
| 153 | #endif | ||
| 152 | DH *dh=NULL; | 154 | DH *dh=NULL; |
| 153 | int i,badops=0,text=0; | 155 | int i,badops=0,text=0; |
| 154 | #ifndef OPENSSL_NO_DSA | 156 | #ifndef OPENSSL_NO_DSA |
| @@ -157,7 +159,10 @@ int MAIN(int argc, char **argv) | |||
| 157 | BIO *in=NULL,*out=NULL; | 159 | BIO *in=NULL,*out=NULL; |
| 158 | int informat,outformat,check=0,noout=0,C=0,ret=1; | 160 | int informat,outformat,check=0,noout=0,C=0,ret=1; |
| 159 | char *infile,*outfile,*prog; | 161 | char *infile,*outfile,*prog; |
| 160 | char *inrand=NULL,*engine=NULL; | 162 | char *inrand=NULL; |
| 163 | #ifndef OPENSSL_NO_ENGINE | ||
| 164 | char *engine=NULL; | ||
| 165 | #endif | ||
| 161 | int num = 0, g = 0; | 166 | int num = 0, g = 0; |
| 162 | 167 | ||
| 163 | apps_startup(); | 168 | apps_startup(); |
| @@ -199,11 +204,13 @@ int MAIN(int argc, char **argv) | |||
| 199 | if (--argc < 1) goto bad; | 204 | if (--argc < 1) goto bad; |
| 200 | outfile= *(++argv); | 205 | outfile= *(++argv); |
| 201 | } | 206 | } |
| 207 | #ifndef OPENSSL_NO_ENGINE | ||
| 202 | else if (strcmp(*argv,"-engine") == 0) | 208 | else if (strcmp(*argv,"-engine") == 0) |
| 203 | { | 209 | { |
| 204 | if (--argc < 1) goto bad; | 210 | if (--argc < 1) goto bad; |
| 205 | engine= *(++argv); | 211 | engine= *(++argv); |
| 206 | } | 212 | } |
| 213 | #endif | ||
| 207 | else if (strcmp(*argv,"-check") == 0) | 214 | else if (strcmp(*argv,"-check") == 0) |
| 208 | check=1; | 215 | check=1; |
| 209 | else if (strcmp(*argv,"-text") == 0) | 216 | else if (strcmp(*argv,"-text") == 0) |
| @@ -249,7 +256,9 @@ bad: | |||
| 249 | BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); | 256 | BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); |
| 250 | BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); | 257 | BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); |
| 251 | BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); | 258 | BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); |
| 259 | #ifndef OPENSSL_NO_ENGINE | ||
| 252 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 260 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 261 | #endif | ||
| 253 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 262 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 254 | BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); | 263 | BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); |
| 255 | BIO_printf(bio_err," the random number generator\n"); | 264 | BIO_printf(bio_err," the random number generator\n"); |
| @@ -259,7 +268,9 @@ bad: | |||
| 259 | 268 | ||
| 260 | ERR_load_crypto_strings(); | 269 | ERR_load_crypto_strings(); |
| 261 | 270 | ||
| 271 | #ifndef OPENSSL_NO_ENGINE | ||
| 262 | e = setup_engine(bio_err, engine, 0); | 272 | e = setup_engine(bio_err, engine, 0); |
| 273 | #endif | ||
| 263 | 274 | ||
| 264 | if (g && !num) | 275 | if (g && !num) |
| 265 | num = DEFBITS; | 276 | num = DEFBITS; |
| @@ -519,7 +530,7 @@ end: | |||
| 519 | if (out != NULL) BIO_free_all(out); | 530 | if (out != NULL) BIO_free_all(out); |
| 520 | if (dh != NULL) DH_free(dh); | 531 | if (dh != NULL) DH_free(dh); |
| 521 | apps_shutdown(); | 532 | apps_shutdown(); |
| 522 | EXIT(ret); | 533 | OPENSSL_EXIT(ret); |
| 523 | } | 534 | } |
| 524 | 535 | ||
| 525 | /* dh_cb is identical to dsa_cb in apps/dsaparam.c */ | 536 | /* dh_cb is identical to dsa_cb in apps/dsaparam.c */ |
diff --git a/src/lib/libssl/src/apps/dsa.c b/src/lib/libssl/src/apps/dsa.c index 9da1a41645..e9de3a3bdf 100644 --- a/src/lib/libssl/src/apps/dsa.c +++ b/src/lib/libssl/src/apps/dsa.c | |||
| @@ -90,7 +90,9 @@ int MAIN(int, char **); | |||
| 90 | 90 | ||
| 91 | int MAIN(int argc, char **argv) | 91 | int MAIN(int argc, char **argv) |
| 92 | { | 92 | { |
| 93 | #ifndef OPENSSL_NO_ENGINE | ||
| 93 | ENGINE *e = NULL; | 94 | ENGINE *e = NULL; |
| 95 | #endif | ||
| 94 | int ret=1; | 96 | int ret=1; |
| 95 | DSA *dsa=NULL; | 97 | DSA *dsa=NULL; |
| 96 | int i,badops=0; | 98 | int i,badops=0; |
| @@ -98,7 +100,10 @@ int MAIN(int argc, char **argv) | |||
| 98 | BIO *in=NULL,*out=NULL; | 100 | BIO *in=NULL,*out=NULL; |
| 99 | int informat,outformat,text=0,noout=0; | 101 | int informat,outformat,text=0,noout=0; |
| 100 | int pubin = 0, pubout = 0; | 102 | int pubin = 0, pubout = 0; |
| 101 | char *infile,*outfile,*prog,*engine; | 103 | char *infile,*outfile,*prog; |
| 104 | #ifndef OPENSSL_NO_ENGINE | ||
| 105 | char *engine; | ||
| 106 | #endif | ||
| 102 | char *passargin = NULL, *passargout = NULL; | 107 | char *passargin = NULL, *passargout = NULL; |
| 103 | char *passin = NULL, *passout = NULL; | 108 | char *passin = NULL, *passout = NULL; |
| 104 | int modulus=0; | 109 | int modulus=0; |
| @@ -112,7 +117,9 @@ int MAIN(int argc, char **argv) | |||
| 112 | if (!load_config(bio_err, NULL)) | 117 | if (!load_config(bio_err, NULL)) |
| 113 | goto end; | 118 | goto end; |
| 114 | 119 | ||
| 120 | #ifndef OPENSSL_NO_ENGINE | ||
| 115 | engine=NULL; | 121 | engine=NULL; |
| 122 | #endif | ||
| 116 | infile=NULL; | 123 | infile=NULL; |
| 117 | outfile=NULL; | 124 | outfile=NULL; |
| 118 | informat=FORMAT_PEM; | 125 | informat=FORMAT_PEM; |
| @@ -153,11 +160,13 @@ int MAIN(int argc, char **argv) | |||
| 153 | if (--argc < 1) goto bad; | 160 | if (--argc < 1) goto bad; |
| 154 | passargout= *(++argv); | 161 | passargout= *(++argv); |
| 155 | } | 162 | } |
| 163 | #ifndef OPENSSL_NO_ENGINE | ||
| 156 | else if (strcmp(*argv,"-engine") == 0) | 164 | else if (strcmp(*argv,"-engine") == 0) |
| 157 | { | 165 | { |
| 158 | if (--argc < 1) goto bad; | 166 | if (--argc < 1) goto bad; |
| 159 | engine= *(++argv); | 167 | engine= *(++argv); |
| 160 | } | 168 | } |
| 169 | #endif | ||
| 161 | else if (strcmp(*argv,"-noout") == 0) | 170 | else if (strcmp(*argv,"-noout") == 0) |
| 162 | noout=1; | 171 | noout=1; |
| 163 | else if (strcmp(*argv,"-text") == 0) | 172 | else if (strcmp(*argv,"-text") == 0) |
| @@ -189,7 +198,9 @@ bad: | |||
| 189 | BIO_printf(bio_err," -passin arg input file pass phrase source\n"); | 198 | BIO_printf(bio_err," -passin arg input file pass phrase source\n"); |
| 190 | BIO_printf(bio_err," -out arg output file\n"); | 199 | BIO_printf(bio_err," -out arg output file\n"); |
| 191 | BIO_printf(bio_err," -passout arg output file pass phrase source\n"); | 200 | BIO_printf(bio_err," -passout arg output file pass phrase source\n"); |
| 201 | #ifndef OPENSSL_NO_ENGINE | ||
| 192 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 202 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 203 | #endif | ||
| 193 | BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); | 204 | BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); |
| 194 | BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); | 205 | BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); |
| 195 | #ifndef OPENSSL_NO_IDEA | 206 | #ifndef OPENSSL_NO_IDEA |
| @@ -207,7 +218,9 @@ bad: | |||
| 207 | 218 | ||
| 208 | ERR_load_crypto_strings(); | 219 | ERR_load_crypto_strings(); |
| 209 | 220 | ||
| 221 | #ifndef OPENSSL_NO_ENGINE | ||
| 210 | e = setup_engine(bio_err, engine, 0); | 222 | e = setup_engine(bio_err, engine, 0); |
| 223 | #endif | ||
| 211 | 224 | ||
| 212 | if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { | 225 | if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { |
| 213 | BIO_printf(bio_err, "Error getting passwords\n"); | 226 | BIO_printf(bio_err, "Error getting passwords\n"); |
| @@ -314,6 +327,6 @@ end: | |||
| 314 | if(passin) OPENSSL_free(passin); | 327 | if(passin) OPENSSL_free(passin); |
| 315 | if(passout) OPENSSL_free(passout); | 328 | if(passout) OPENSSL_free(passout); |
| 316 | apps_shutdown(); | 329 | apps_shutdown(); |
| 317 | EXIT(ret); | 330 | OPENSSL_EXIT(ret); |
| 318 | } | 331 | } |
| 319 | #endif | 332 | #endif |
diff --git a/src/lib/libssl/src/apps/dsaparam.c b/src/lib/libssl/src/apps/dsaparam.c index 2f436803e3..04861e8986 100644 --- a/src/lib/libssl/src/apps/dsaparam.c +++ b/src/lib/libssl/src/apps/dsaparam.c | |||
| @@ -90,7 +90,9 @@ int MAIN(int, char **); | |||
| 90 | 90 | ||
| 91 | int MAIN(int argc, char **argv) | 91 | int MAIN(int argc, char **argv) |
| 92 | { | 92 | { |
| 93 | #ifndef OPENSSL_NO_ENGINE | ||
| 93 | ENGINE *e = NULL; | 94 | ENGINE *e = NULL; |
| 95 | #endif | ||
| 94 | DSA *dsa=NULL; | 96 | DSA *dsa=NULL; |
| 95 | int i,badops=0,text=0; | 97 | int i,badops=0,text=0; |
| 96 | BIO *in=NULL,*out=NULL; | 98 | BIO *in=NULL,*out=NULL; |
| @@ -98,7 +100,9 @@ int MAIN(int argc, char **argv) | |||
| 98 | char *infile,*outfile,*prog,*inrand=NULL; | 100 | char *infile,*outfile,*prog,*inrand=NULL; |
| 99 | int numbits= -1,num,genkey=0; | 101 | int numbits= -1,num,genkey=0; |
| 100 | int need_rand=0; | 102 | int need_rand=0; |
| 103 | #ifndef OPENSSL_NO_ENGINE | ||
| 101 | char *engine=NULL; | 104 | char *engine=NULL; |
| 105 | #endif | ||
| 102 | 106 | ||
| 103 | apps_startup(); | 107 | apps_startup(); |
| 104 | 108 | ||
| @@ -139,11 +143,13 @@ int MAIN(int argc, char **argv) | |||
| 139 | if (--argc < 1) goto bad; | 143 | if (--argc < 1) goto bad; |
| 140 | outfile= *(++argv); | 144 | outfile= *(++argv); |
| 141 | } | 145 | } |
| 146 | #ifndef OPENSSL_NO_ENGINE | ||
| 142 | else if(strcmp(*argv, "-engine") == 0) | 147 | else if(strcmp(*argv, "-engine") == 0) |
| 143 | { | 148 | { |
| 144 | if (--argc < 1) goto bad; | 149 | if (--argc < 1) goto bad; |
| 145 | engine = *(++argv); | 150 | engine = *(++argv); |
| 146 | } | 151 | } |
| 152 | #endif | ||
| 147 | else if (strcmp(*argv,"-text") == 0) | 153 | else if (strcmp(*argv,"-text") == 0) |
| 148 | text=1; | 154 | text=1; |
| 149 | else if (strcmp(*argv,"-C") == 0) | 155 | else if (strcmp(*argv,"-C") == 0) |
| @@ -191,7 +197,9 @@ bad: | |||
| 191 | BIO_printf(bio_err," -noout no output\n"); | 197 | BIO_printf(bio_err," -noout no output\n"); |
| 192 | BIO_printf(bio_err," -genkey generate a DSA key\n"); | 198 | BIO_printf(bio_err," -genkey generate a DSA key\n"); |
| 193 | BIO_printf(bio_err," -rand files to use for random number input\n"); | 199 | BIO_printf(bio_err," -rand files to use for random number input\n"); |
| 200 | #ifndef OPENSSL_NO_ENGINE | ||
| 194 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 201 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 202 | #endif | ||
| 195 | BIO_printf(bio_err," number number of bits to use for generating private key\n"); | 203 | BIO_printf(bio_err," number number of bits to use for generating private key\n"); |
| 196 | goto end; | 204 | goto end; |
| 197 | } | 205 | } |
| @@ -235,7 +243,9 @@ bad: | |||
| 235 | } | 243 | } |
| 236 | } | 244 | } |
| 237 | 245 | ||
| 246 | #ifndef OPENSSL_NO_ENGINE | ||
| 238 | e = setup_engine(bio_err, engine, 0); | 247 | e = setup_engine(bio_err, engine, 0); |
| 248 | #endif | ||
| 239 | 249 | ||
| 240 | if (need_rand) | 250 | if (need_rand) |
| 241 | { | 251 | { |
| @@ -372,7 +382,7 @@ end: | |||
| 372 | if (out != NULL) BIO_free_all(out); | 382 | if (out != NULL) BIO_free_all(out); |
| 373 | if (dsa != NULL) DSA_free(dsa); | 383 | if (dsa != NULL) DSA_free(dsa); |
| 374 | apps_shutdown(); | 384 | apps_shutdown(); |
| 375 | EXIT(ret); | 385 | OPENSSL_EXIT(ret); |
| 376 | } | 386 | } |
| 377 | 387 | ||
| 378 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | 388 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) |
diff --git a/src/lib/libssl/src/apps/enc.c b/src/lib/libssl/src/apps/enc.c index cb2fa59db9..9299ab3e13 100644 --- a/src/lib/libssl/src/apps/enc.c +++ b/src/lib/libssl/src/apps/enc.c | |||
| @@ -100,9 +100,11 @@ int MAIN(int, char **); | |||
| 100 | 100 | ||
| 101 | int MAIN(int argc, char **argv) | 101 | int MAIN(int argc, char **argv) |
| 102 | { | 102 | { |
| 103 | #ifndef OPENSSL_NO_ENGINE | ||
| 103 | ENGINE *e = NULL; | 104 | ENGINE *e = NULL; |
| 105 | #endif | ||
| 104 | static const char magic[]="Salted__"; | 106 | static const char magic[]="Salted__"; |
| 105 | char mbuf[8]; /* should be 1 smaller than magic */ | 107 | char mbuf[sizeof magic-1]; |
| 106 | char *strbuf=NULL; | 108 | char *strbuf=NULL; |
| 107 | unsigned char *buff=NULL,*bufsize=NULL; | 109 | unsigned char *buff=NULL,*bufsize=NULL; |
| 108 | int bsize=BSIZE,verbose=0; | 110 | int bsize=BSIZE,verbose=0; |
| @@ -119,7 +121,9 @@ int MAIN(int argc, char **argv) | |||
| 119 | BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; | 121 | BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; |
| 120 | #define PROG_NAME_SIZE 39 | 122 | #define PROG_NAME_SIZE 39 |
| 121 | char pname[PROG_NAME_SIZE+1]; | 123 | char pname[PROG_NAME_SIZE+1]; |
| 124 | #ifndef OPENSSL_NO_ENGINE | ||
| 122 | char *engine = NULL; | 125 | char *engine = NULL; |
| 126 | #endif | ||
| 123 | 127 | ||
| 124 | apps_startup(); | 128 | apps_startup(); |
| 125 | 129 | ||
| @@ -131,7 +135,7 @@ int MAIN(int argc, char **argv) | |||
| 131 | goto end; | 135 | goto end; |
| 132 | 136 | ||
| 133 | /* first check the program name */ | 137 | /* first check the program name */ |
| 134 | program_name(argv[0],pname,PROG_NAME_SIZE); | 138 | program_name(argv[0],pname,sizeof pname); |
| 135 | if (strcmp(pname,"base64") == 0) | 139 | if (strcmp(pname,"base64") == 0) |
| 136 | base64=1; | 140 | base64=1; |
| 137 | 141 | ||
| @@ -163,11 +167,13 @@ int MAIN(int argc, char **argv) | |||
| 163 | if (--argc < 1) goto bad; | 167 | if (--argc < 1) goto bad; |
| 164 | passarg= *(++argv); | 168 | passarg= *(++argv); |
| 165 | } | 169 | } |
| 170 | #ifndef OPENSSL_NO_ENGINE | ||
| 166 | else if (strcmp(*argv,"-engine") == 0) | 171 | else if (strcmp(*argv,"-engine") == 0) |
| 167 | { | 172 | { |
| 168 | if (--argc < 1) goto bad; | 173 | if (--argc < 1) goto bad; |
| 169 | engine= *(++argv); | 174 | engine= *(++argv); |
| 170 | } | 175 | } |
| 176 | #endif | ||
| 171 | else if (strcmp(*argv,"-d") == 0) | 177 | else if (strcmp(*argv,"-d") == 0) |
| 172 | enc=0; | 178 | enc=0; |
| 173 | else if (strcmp(*argv,"-p") == 0) | 179 | else if (strcmp(*argv,"-p") == 0) |
| @@ -216,7 +222,7 @@ int MAIN(int argc, char **argv) | |||
| 216 | goto bad; | 222 | goto bad; |
| 217 | } | 223 | } |
| 218 | buf[0]='\0'; | 224 | buf[0]='\0'; |
| 219 | fgets(buf,128,infile); | 225 | fgets(buf,sizeof buf,infile); |
| 220 | fclose(infile); | 226 | fclose(infile); |
| 221 | i=strlen(buf); | 227 | i=strlen(buf); |
| 222 | if ((i > 0) && | 228 | if ((i > 0) && |
| @@ -270,7 +276,9 @@ bad: | |||
| 270 | BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv"); | 276 | BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv"); |
| 271 | BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]"); | 277 | BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]"); |
| 272 | BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>"); | 278 | BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>"); |
| 279 | #ifndef OPENSSL_NO_ENGINE | ||
| 273 | BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e"); | 280 | BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e"); |
| 281 | #endif | ||
| 274 | 282 | ||
| 275 | BIO_printf(bio_err,"Cipher Types\n"); | 283 | BIO_printf(bio_err,"Cipher Types\n"); |
| 276 | OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, | 284 | OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, |
| @@ -284,7 +292,9 @@ bad: | |||
| 284 | argv++; | 292 | argv++; |
| 285 | } | 293 | } |
| 286 | 294 | ||
| 295 | #ifndef OPENSSL_NO_ENGINE | ||
| 287 | e = setup_engine(bio_err, engine, 0); | 296 | e = setup_engine(bio_err, engine, 0); |
| 297 | #endif | ||
| 288 | 298 | ||
| 289 | if (bufsize != NULL) | 299 | if (bufsize != NULL) |
| 290 | { | 300 | { |
| @@ -442,12 +452,12 @@ bad: | |||
| 442 | else { | 452 | else { |
| 443 | if(enc) { | 453 | if(enc) { |
| 444 | if(hsalt) { | 454 | if(hsalt) { |
| 445 | if(!set_hex(hsalt,salt,PKCS5_SALT_LEN)) { | 455 | if(!set_hex(hsalt,salt,sizeof salt)) { |
| 446 | BIO_printf(bio_err, | 456 | BIO_printf(bio_err, |
| 447 | "invalid hex salt value\n"); | 457 | "invalid hex salt value\n"); |
| 448 | goto end; | 458 | goto end; |
| 449 | } | 459 | } |
| 450 | } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0) | 460 | } else if (RAND_pseudo_bytes(salt, sizeof salt) < 0) |
| 451 | goto end; | 461 | goto end; |
| 452 | /* If -P option then don't bother writing */ | 462 | /* If -P option then don't bother writing */ |
| 453 | if((printkey != 2) | 463 | if((printkey != 2) |
| @@ -455,14 +465,14 @@ bad: | |||
| 455 | sizeof magic-1) != sizeof magic-1 | 465 | sizeof magic-1) != sizeof magic-1 |
| 456 | || BIO_write(wbio, | 466 | || BIO_write(wbio, |
| 457 | (char *)salt, | 467 | (char *)salt, |
| 458 | PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) { | 468 | sizeof salt) != sizeof salt)) { |
| 459 | BIO_printf(bio_err,"error writing output file\n"); | 469 | BIO_printf(bio_err,"error writing output file\n"); |
| 460 | goto end; | 470 | goto end; |
| 461 | } | 471 | } |
| 462 | } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf | 472 | } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf |
| 463 | || BIO_read(rbio, | 473 | || BIO_read(rbio, |
| 464 | (unsigned char *)salt, | 474 | (unsigned char *)salt, |
| 465 | PKCS5_SALT_LEN) != PKCS5_SALT_LEN) { | 475 | sizeof salt) != sizeof salt) { |
| 466 | BIO_printf(bio_err,"error reading input file\n"); | 476 | BIO_printf(bio_err,"error reading input file\n"); |
| 467 | goto end; | 477 | goto end; |
| 468 | } else if(memcmp(mbuf,magic,sizeof magic-1)) { | 478 | } else if(memcmp(mbuf,magic,sizeof magic-1)) { |
| @@ -481,9 +491,9 @@ bad: | |||
| 481 | * bug picked up by | 491 | * bug picked up by |
| 482 | * Larry J. Hughes Jr. <hughes@indiana.edu> */ | 492 | * Larry J. Hughes Jr. <hughes@indiana.edu> */ |
| 483 | if (str == strbuf) | 493 | if (str == strbuf) |
| 484 | memset(str,0,SIZE); | 494 | OPENSSL_cleanse(str,SIZE); |
| 485 | else | 495 | else |
| 486 | memset(str,0,strlen(str)); | 496 | OPENSSL_cleanse(str,strlen(str)); |
| 487 | } | 497 | } |
| 488 | if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv)) | 498 | if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv)) |
| 489 | { | 499 | { |
| @@ -524,7 +534,7 @@ bad: | |||
| 524 | if (!nosalt) | 534 | if (!nosalt) |
| 525 | { | 535 | { |
| 526 | printf("salt="); | 536 | printf("salt="); |
| 527 | for (i=0; i<PKCS5_SALT_LEN; i++) | 537 | for (i=0; i<sizeof salt; i++) |
| 528 | printf("%02X",salt[i]); | 538 | printf("%02X",salt[i]); |
| 529 | printf("\n"); | 539 | printf("\n"); |
| 530 | } | 540 | } |
| @@ -586,7 +596,7 @@ end: | |||
| 586 | if (b64 != NULL) BIO_free(b64); | 596 | if (b64 != NULL) BIO_free(b64); |
| 587 | if(pass) OPENSSL_free(pass); | 597 | if(pass) OPENSSL_free(pass); |
| 588 | apps_shutdown(); | 598 | apps_shutdown(); |
| 589 | EXIT(ret); | 599 | OPENSSL_EXIT(ret); |
| 590 | } | 600 | } |
| 591 | 601 | ||
| 592 | int set_hex(char *in, unsigned char *out, int size) | 602 | int set_hex(char *in, unsigned char *out, int size) |
diff --git a/src/lib/libssl/src/apps/engine.c b/src/lib/libssl/src/apps/engine.c index 3c94c3c4ed..0e7082abb9 100644 --- a/src/lib/libssl/src/apps/engine.c +++ b/src/lib/libssl/src/apps/engine.c | |||
| @@ -56,6 +56,8 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_ENGINE | ||
| 60 | |||
| 59 | #include <stdio.h> | 61 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 62 | #include <stdlib.h> |
| 61 | #include <string.h> | 63 | #include <string.h> |
| @@ -516,5 +518,12 @@ end: | |||
| 516 | sk_pop_free(post_cmds, identity); | 518 | sk_pop_free(post_cmds, identity); |
| 517 | if (bio_out != NULL) BIO_free_all(bio_out); | 519 | if (bio_out != NULL) BIO_free_all(bio_out); |
| 518 | apps_shutdown(); | 520 | apps_shutdown(); |
| 519 | EXIT(ret); | 521 | OPENSSL_EXIT(ret); |
| 520 | } | 522 | } |
| 523 | #else | ||
| 524 | |||
| 525 | # if PEDANTIC | ||
| 526 | static void *dummy=&dummy; | ||
| 527 | # endif | ||
| 528 | |||
| 529 | #endif | ||
diff --git a/src/lib/libssl/src/apps/errstr.c b/src/lib/libssl/src/apps/errstr.c index fedb568d68..19489b0df3 100644 --- a/src/lib/libssl/src/apps/errstr.c +++ b/src/lib/libssl/src/apps/errstr.c | |||
| @@ -122,5 +122,5 @@ int MAIN(int argc, char **argv) | |||
| 122 | } | 122 | } |
| 123 | } | 123 | } |
| 124 | apps_shutdown(); | 124 | apps_shutdown(); |
| 125 | EXIT(ret); | 125 | OPENSSL_EXIT(ret); |
| 126 | } | 126 | } |
diff --git a/src/lib/libssl/src/apps/gendh.c b/src/lib/libssl/src/apps/gendh.c index f2542960bf..a34a862caf 100644 --- a/src/lib/libssl/src/apps/gendh.c +++ b/src/lib/libssl/src/apps/gendh.c | |||
| @@ -81,13 +81,17 @@ int MAIN(int, char **); | |||
| 81 | 81 | ||
| 82 | int MAIN(int argc, char **argv) | 82 | int MAIN(int argc, char **argv) |
| 83 | { | 83 | { |
| 84 | #ifndef OPENSSL_NO_ENGINE | ||
| 84 | ENGINE *e = NULL; | 85 | ENGINE *e = NULL; |
| 86 | #endif | ||
| 85 | DH *dh=NULL; | 87 | DH *dh=NULL; |
| 86 | int ret=1,num=DEFBITS; | 88 | int ret=1,num=DEFBITS; |
| 87 | int g=2; | 89 | int g=2; |
| 88 | char *outfile=NULL; | 90 | char *outfile=NULL; |
| 89 | char *inrand=NULL; | 91 | char *inrand=NULL; |
| 92 | #ifndef OPENSSL_NO_ENGINE | ||
| 90 | char *engine=NULL; | 93 | char *engine=NULL; |
| 94 | #endif | ||
| 91 | BIO *out=NULL; | 95 | BIO *out=NULL; |
| 92 | 96 | ||
| 93 | apps_startup(); | 97 | apps_startup(); |
| @@ -115,11 +119,13 @@ int MAIN(int argc, char **argv) | |||
| 115 | g=3; */ | 119 | g=3; */ |
| 116 | else if (strcmp(*argv,"-5") == 0) | 120 | else if (strcmp(*argv,"-5") == 0) |
| 117 | g=5; | 121 | g=5; |
| 122 | #ifndef OPENSSL_NO_ENGINE | ||
| 118 | else if (strcmp(*argv,"-engine") == 0) | 123 | else if (strcmp(*argv,"-engine") == 0) |
| 119 | { | 124 | { |
| 120 | if (--argc < 1) goto bad; | 125 | if (--argc < 1) goto bad; |
| 121 | engine= *(++argv); | 126 | engine= *(++argv); |
| 122 | } | 127 | } |
| 128 | #endif | ||
| 123 | else if (strcmp(*argv,"-rand") == 0) | 129 | else if (strcmp(*argv,"-rand") == 0) |
| 124 | { | 130 | { |
| 125 | if (--argc < 1) goto bad; | 131 | if (--argc < 1) goto bad; |
| @@ -138,14 +144,18 @@ bad: | |||
| 138 | BIO_printf(bio_err," -2 - use 2 as the generator value\n"); | 144 | BIO_printf(bio_err," -2 - use 2 as the generator value\n"); |
| 139 | /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */ | 145 | /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */ |
| 140 | BIO_printf(bio_err," -5 - use 5 as the generator value\n"); | 146 | BIO_printf(bio_err," -5 - use 5 as the generator value\n"); |
| 147 | #ifndef OPENSSL_NO_ENGINE | ||
| 141 | BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); | 148 | BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); |
| 149 | #endif | ||
| 142 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 150 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 143 | BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); | 151 | BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); |
| 144 | BIO_printf(bio_err," the random number generator\n"); | 152 | BIO_printf(bio_err," the random number generator\n"); |
| 145 | goto end; | 153 | goto end; |
| 146 | } | 154 | } |
| 147 | 155 | ||
| 156 | #ifndef OPENSSL_NO_ENGINE | ||
| 148 | e = setup_engine(bio_err, engine, 0); | 157 | e = setup_engine(bio_err, engine, 0); |
| 158 | #endif | ||
| 149 | 159 | ||
| 150 | out=BIO_new(BIO_s_file()); | 160 | out=BIO_new(BIO_s_file()); |
| 151 | if (out == NULL) | 161 | if (out == NULL) |
| @@ -198,7 +208,7 @@ end: | |||
| 198 | if (out != NULL) BIO_free_all(out); | 208 | if (out != NULL) BIO_free_all(out); |
| 199 | if (dh != NULL) DH_free(dh); | 209 | if (dh != NULL) DH_free(dh); |
| 200 | apps_shutdown(); | 210 | apps_shutdown(); |
| 201 | EXIT(ret); | 211 | OPENSSL_EXIT(ret); |
| 202 | } | 212 | } |
| 203 | 213 | ||
| 204 | static void MS_CALLBACK dh_cb(int p, int n, void *arg) | 214 | static void MS_CALLBACK dh_cb(int p, int n, void *arg) |
diff --git a/src/lib/libssl/src/apps/gendsa.c b/src/lib/libssl/src/apps/gendsa.c index 1e1e9f3e4c..6d2ed06c81 100644 --- a/src/lib/libssl/src/apps/gendsa.c +++ b/src/lib/libssl/src/apps/gendsa.c | |||
| @@ -77,7 +77,9 @@ int MAIN(int, char **); | |||
| 77 | 77 | ||
| 78 | int MAIN(int argc, char **argv) | 78 | int MAIN(int argc, char **argv) |
| 79 | { | 79 | { |
| 80 | #ifndef OPENSSL_NO_ENGINE | ||
| 80 | ENGINE *e = NULL; | 81 | ENGINE *e = NULL; |
| 82 | #endif | ||
| 81 | DSA *dsa=NULL; | 83 | DSA *dsa=NULL; |
| 82 | int ret=1; | 84 | int ret=1; |
| 83 | char *outfile=NULL; | 85 | char *outfile=NULL; |
| @@ -85,7 +87,9 @@ int MAIN(int argc, char **argv) | |||
| 85 | char *passargout = NULL, *passout = NULL; | 87 | char *passargout = NULL, *passout = NULL; |
| 86 | BIO *out=NULL,*in=NULL; | 88 | BIO *out=NULL,*in=NULL; |
| 87 | const EVP_CIPHER *enc=NULL; | 89 | const EVP_CIPHER *enc=NULL; |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 88 | char *engine=NULL; | 91 | char *engine=NULL; |
| 92 | #endif | ||
| 89 | 93 | ||
| 90 | apps_startup(); | 94 | apps_startup(); |
| 91 | 95 | ||
| @@ -111,11 +115,13 @@ int MAIN(int argc, char **argv) | |||
| 111 | if (--argc < 1) goto bad; | 115 | if (--argc < 1) goto bad; |
| 112 | passargout= *(++argv); | 116 | passargout= *(++argv); |
| 113 | } | 117 | } |
| 118 | #ifndef OPENSSL_NO_ENGINE | ||
| 114 | else if (strcmp(*argv,"-engine") == 0) | 119 | else if (strcmp(*argv,"-engine") == 0) |
| 115 | { | 120 | { |
| 116 | if (--argc < 1) goto bad; | 121 | if (--argc < 1) goto bad; |
| 117 | engine= *(++argv); | 122 | engine= *(++argv); |
| 118 | } | 123 | } |
| 124 | #endif | ||
| 119 | else if (strcmp(*argv,"-rand") == 0) | 125 | else if (strcmp(*argv,"-rand") == 0) |
| 120 | { | 126 | { |
| 121 | if (--argc < 1) goto bad; | 127 | if (--argc < 1) goto bad; |
| @@ -167,7 +173,9 @@ bad: | |||
| 167 | BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); | 173 | BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); |
| 168 | BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); | 174 | BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); |
| 169 | #endif | 175 | #endif |
| 176 | #ifndef OPENSSL_NO_ENGINE | ||
| 170 | BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); | 177 | BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); |
| 178 | #endif | ||
| 171 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 179 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 172 | BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); | 180 | BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); |
| 173 | BIO_printf(bio_err," the random number generator\n"); | 181 | BIO_printf(bio_err," the random number generator\n"); |
| @@ -176,7 +184,9 @@ bad: | |||
| 176 | goto end; | 184 | goto end; |
| 177 | } | 185 | } |
| 178 | 186 | ||
| 187 | #ifndef OPENSSL_NO_ENGINE | ||
| 179 | e = setup_engine(bio_err, engine, 0); | 188 | e = setup_engine(bio_err, engine, 0); |
| 189 | #endif | ||
| 180 | 190 | ||
| 181 | if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { | 191 | if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { |
| 182 | BIO_printf(bio_err, "Error getting password\n"); | 192 | BIO_printf(bio_err, "Error getting password\n"); |
| @@ -246,6 +256,6 @@ end: | |||
| 246 | if (dsa != NULL) DSA_free(dsa); | 256 | if (dsa != NULL) DSA_free(dsa); |
| 247 | if(passout) OPENSSL_free(passout); | 257 | if(passout) OPENSSL_free(passout); |
| 248 | apps_shutdown(); | 258 | apps_shutdown(); |
| 249 | EXIT(ret); | 259 | OPENSSL_EXIT(ret); |
| 250 | } | 260 | } |
| 251 | #endif | 261 | #endif |
diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c index 515bd7c901..63be873b7b 100644 --- a/src/lib/libssl/src/apps/genrsa.c +++ b/src/lib/libssl/src/apps/genrsa.c | |||
| @@ -81,7 +81,9 @@ int MAIN(int, char **); | |||
| 81 | 81 | ||
| 82 | int MAIN(int argc, char **argv) | 82 | int MAIN(int argc, char **argv) |
| 83 | { | 83 | { |
| 84 | #ifndef OPENSSL_NO_ENGINE | ||
| 84 | ENGINE *e = NULL; | 85 | ENGINE *e = NULL; |
| 86 | #endif | ||
| 85 | int ret=1; | 87 | int ret=1; |
| 86 | RSA *rsa=NULL; | 88 | RSA *rsa=NULL; |
| 87 | int i,num=DEFBITS; | 89 | int i,num=DEFBITS; |
| @@ -90,7 +92,9 @@ int MAIN(int argc, char **argv) | |||
| 90 | unsigned long f4=RSA_F4; | 92 | unsigned long f4=RSA_F4; |
| 91 | char *outfile=NULL; | 93 | char *outfile=NULL; |
| 92 | char *passargout = NULL, *passout = NULL; | 94 | char *passargout = NULL, *passout = NULL; |
| 95 | #ifndef OPENSSL_NO_ENGINE | ||
| 93 | char *engine=NULL; | 96 | char *engine=NULL; |
| 97 | #endif | ||
| 94 | char *inrand=NULL; | 98 | char *inrand=NULL; |
| 95 | BIO *out=NULL; | 99 | BIO *out=NULL; |
| 96 | 100 | ||
| @@ -122,11 +126,13 @@ int MAIN(int argc, char **argv) | |||
| 122 | f4=3; | 126 | f4=3; |
| 123 | else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) | 127 | else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) |
| 124 | f4=RSA_F4; | 128 | f4=RSA_F4; |
| 129 | #ifndef OPENSSL_NO_ENGINE | ||
| 125 | else if (strcmp(*argv,"-engine") == 0) | 130 | else if (strcmp(*argv,"-engine") == 0) |
| 126 | { | 131 | { |
| 127 | if (--argc < 1) goto bad; | 132 | if (--argc < 1) goto bad; |
| 128 | engine= *(++argv); | 133 | engine= *(++argv); |
| 129 | } | 134 | } |
| 135 | #endif | ||
| 130 | else if (strcmp(*argv,"-rand") == 0) | 136 | else if (strcmp(*argv,"-rand") == 0) |
| 131 | { | 137 | { |
| 132 | if (--argc < 1) goto bad; | 138 | if (--argc < 1) goto bad; |
| @@ -177,7 +183,9 @@ bad: | |||
| 177 | BIO_printf(bio_err," -passout arg output file pass phrase source\n"); | 183 | BIO_printf(bio_err," -passout arg output file pass phrase source\n"); |
| 178 | BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); | 184 | BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); |
| 179 | BIO_printf(bio_err," -3 use 3 for the E value\n"); | 185 | BIO_printf(bio_err," -3 use 3 for the E value\n"); |
| 186 | #ifndef OPENSSL_NO_ENGINE | ||
| 180 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 187 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 188 | #endif | ||
| 181 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 189 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 182 | BIO_printf(bio_err," load the file (or the files in the directory) into\n"); | 190 | BIO_printf(bio_err," load the file (or the files in the directory) into\n"); |
| 183 | BIO_printf(bio_err," the random number generator\n"); | 191 | BIO_printf(bio_err," the random number generator\n"); |
| @@ -191,7 +199,9 @@ bad: | |||
| 191 | goto err; | 199 | goto err; |
| 192 | } | 200 | } |
| 193 | 201 | ||
| 202 | #ifndef OPENSSL_NO_ENGINE | ||
| 194 | e = setup_engine(bio_err, engine, 0); | 203 | e = setup_engine(bio_err, engine, 0); |
| 204 | #endif | ||
| 195 | 205 | ||
| 196 | if (outfile == NULL) | 206 | if (outfile == NULL) |
| 197 | { | 207 | { |
| @@ -258,7 +268,7 @@ err: | |||
| 258 | if (ret != 0) | 268 | if (ret != 0) |
| 259 | ERR_print_errors(bio_err); | 269 | ERR_print_errors(bio_err); |
| 260 | apps_shutdown(); | 270 | apps_shutdown(); |
| 261 | EXIT(ret); | 271 | OPENSSL_EXIT(ret); |
| 262 | } | 272 | } |
| 263 | 273 | ||
| 264 | static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) | 274 | static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) |
diff --git a/src/lib/libssl/src/apps/makeapps.com b/src/lib/libssl/src/apps/makeapps.com index 148246facc..0197c8a171 100644 --- a/src/lib/libssl/src/apps/makeapps.com +++ b/src/lib/libssl/src/apps/makeapps.com | |||
| @@ -15,22 +15,10 @@ $! | |||
| 15 | $! It was written so it would try to determine what "C" compiler to | 15 | $! It was written so it would try to determine what "C" compiler to |
| 16 | $! use or you can specify which "C" compiler to use. | 16 | $! use or you can specify which "C" compiler to use. |
| 17 | $! | 17 | $! |
| 18 | $! Specify RSAREF as P1 to compile with the RSAREF library instead of | 18 | $! Specify DEBUG or NODEBUG as P1 to compile with or without debugger |
| 19 | $! the regular one. If you specify NORSAREF it will compile with the | ||
| 20 | $! regular RSAREF routines. (Note: If you are in the United States | ||
| 21 | $! you MUST compile with RSAREF unless you have a license from RSA). | ||
| 22 | $! | ||
| 23 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 24 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 25 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 26 | $! directory structure stored. You have to extract the file | ||
| 27 | $! into the [.RSAREF] directory under the root directory as that | ||
| 28 | $! is where the scripts will look for the files. | ||
| 29 | $! | ||
| 30 | $! Specify DEBUG or NODEBUG as P2 to compile with or without debugger | ||
| 31 | $! information. | 19 | $! information. |
| 32 | $! | 20 | $! |
| 33 | $! Specify which compiler at P3 to try to compile under. | 21 | $! Specify which compiler at P2 to try to compile under. |
| 34 | $! | 22 | $! |
| 35 | $! VAXC For VAX C. | 23 | $! VAXC For VAX C. |
| 36 | $! DECC For DEC C. | 24 | $! DECC For DEC C. |
| @@ -39,16 +27,16 @@ $! | |||
| 39 | $! If you don't speficy a compiler, it will try to determine which | 27 | $! If you don't speficy a compiler, it will try to determine which |
| 40 | $! "C" compiler to use. | 28 | $! "C" compiler to use. |
| 41 | $! | 29 | $! |
| 42 | $! P4, if defined, sets a TCP/IP library to use, through one of the following | 30 | $! P3, if defined, sets a TCP/IP library to use, through one of the following |
| 43 | $! keywords: | 31 | $! keywords: |
| 44 | $! | 32 | $! |
| 45 | $! UCX for UCX | 33 | $! UCX for UCX |
| 46 | $! SOCKETSHR for SOCKETSHR+NETLIB | 34 | $! SOCKETSHR for SOCKETSHR+NETLIB |
| 47 | $! TCPIP for TCPIP (post UCX) | 35 | $! TCPIP for TCPIP (post UCX) |
| 48 | $! | 36 | $! |
| 49 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | 37 | $! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) |
| 50 | $! | 38 | $! |
| 51 | $! P6, if defined, sets a choice of programs to compile. | 39 | $! P5, if defined, sets a choice of programs to compile. |
| 52 | $! | 40 | $! |
| 53 | $! | 41 | $! |
| 54 | $! Define A TCP/IP Library That We Will Need To Link To. | 42 | $! Define A TCP/IP Library That We Will Need To Link To. |
| @@ -101,10 +89,6 @@ $! Define The CRYPTO Library. | |||
| 101 | $! | 89 | $! |
| 102 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB | 90 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB |
| 103 | $! | 91 | $! |
| 104 | $! Define The RSAREF Library. | ||
| 105 | $! | ||
| 106 | $ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB | ||
| 107 | $! | ||
| 108 | $! Define The SSL Library. | 92 | $! Define The SSL Library. |
| 109 | $! | 93 | $! |
| 110 | $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB | 94 | $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB |
| @@ -182,7 +166,7 @@ $! TCPIP_PROGRAMS = ",S_SERVER,S_CLIENT,SESS_ID,CIPHERS,S_TIME," | |||
| 182 | $! | 166 | $! |
| 183 | $! Setup exceptional compilations | 167 | $! Setup exceptional compilations |
| 184 | $! | 168 | $! |
| 185 | $ COMPILEWITH_CC2 = ",S_SOCKET,S_SERVER,S_CLIENT," | 169 | $ COMPILEWITH_CC2 = ",S_SERVER,S_CLIENT," |
| 186 | $! | 170 | $! |
| 187 | $ PHASE := LIB | 171 | $ PHASE := LIB |
| 188 | $! | 172 | $! |
| @@ -293,73 +277,31 @@ $ WRITE SYS$OUTPUT FILE_NAME," needs a TCP/IP library. Can't link. Skipping. | |||
| 293 | $ GOTO NEXT_FILE | 277 | $ GOTO NEXT_FILE |
| 294 | $ ENDIF | 278 | $ ENDIF |
| 295 | $! | 279 | $! |
| 296 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. | 280 | $! Link The Program. |
| 281 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 297 | $! | 282 | $! |
| 298 | $ IF (RSAREF.EQS."TRUE") | 283 | $ IF (TCPIP_LIB.NES."") |
| 299 | $ THEN | 284 | $ THEN |
| 300 | $! | 285 | $! |
| 301 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 286 | $! Don't Link With The RSAREF Routines And TCP/IP Library. |
| 302 | $! | ||
| 303 | $ IF (TCPIP_LIB.NES."") | ||
| 304 | $ THEN | ||
| 305 | $! | ||
| 306 | $! Link With The RSAREF Library And A Specific TCP/IP Library. | ||
| 307 | $! | ||
| 308 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 309 | 'OBJECT_FILE''EXTRA_OBJ', - | ||
| 310 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 311 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 312 | $! | 287 | $! |
| 313 | $! Else... | 288 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - |
| 314 | $! | 289 | 'OBJECT_FILE''EXTRA_OBJ', - |
| 315 | $ ELSE | 290 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - |
| 316 | $! | 291 | 'TCPIP_LIB','OPT_FILE'/OPTION |
| 317 | $! Link With The RSAREF Library And NO TCP/IP Library. | ||
| 318 | $! | ||
| 319 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 320 | 'OBJECT_FILE''EXTRA_OBJ', - | ||
| 321 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 322 | 'OPT_FILE'/OPTION | ||
| 323 | $! | ||
| 324 | $! End The TCP/IP Library Check. | ||
| 325 | $! | ||
| 326 | $ ENDIF | ||
| 327 | $! | 292 | $! |
| 328 | $! Else... | 293 | $! Else... |
| 329 | $! | 294 | $! |
| 330 | $ ELSE | 295 | $ ELSE |
| 331 | $! | 296 | $! |
| 332 | $! Don't Link With The RSAREF Routines. | 297 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. |
| 333 | $! | ||
| 334 | $! | 298 | $! |
| 335 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 299 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - |
| 300 | 'OBJECT_FILE''EXTRA_OBJ', - | ||
| 301 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | ||
| 302 | 'OPT_FILE'/OPTION | ||
| 336 | $! | 303 | $! |
| 337 | $ IF (TCPIP_LIB.NES."") | 304 | $! End The TCP/IP Library Check. |
| 338 | $ THEN | ||
| 339 | $! | ||
| 340 | $! Don't Link With The RSAREF Routines And TCP/IP Library. | ||
| 341 | $! | ||
| 342 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 343 | 'OBJECT_FILE''EXTRA_OBJ', - | ||
| 344 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | ||
| 345 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 346 | $! | ||
| 347 | $! Else... | ||
| 348 | $! | ||
| 349 | $ ELSE | ||
| 350 | $! | ||
| 351 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. | ||
| 352 | $! | ||
| 353 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 354 | 'OBJECT_FILE''EXTRA_OBJ', - | ||
| 355 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | ||
| 356 | 'OPT_FILE'/OPTION | ||
| 357 | $! | ||
| 358 | $! End The TCP/IP Library Check. | ||
| 359 | $! | ||
| 360 | $ ENDIF | ||
| 361 | $! | ||
| 362 | $! End The RSAREF Link Check. | ||
| 363 | $! | 305 | $! |
| 364 | $ ENDIF | 306 | $ ENDIF |
| 365 | $! | 307 | $! |
| @@ -526,32 +468,6 @@ $! End The Crypto Library Check. | |||
| 526 | $! | 468 | $! |
| 527 | $ ENDIF | 469 | $ ENDIF |
| 528 | $! | 470 | $! |
| 529 | $! See If We Need The RSAREF Library. | ||
| 530 | $! | ||
| 531 | $ IF (RSAREF.EQS."TRUE") | ||
| 532 | $ THEN | ||
| 533 | $! | ||
| 534 | $! Look For The Library LIBRSAGLUE.OLB. | ||
| 535 | $! | ||
| 536 | $ IF (F$SEARCH(RSAREF_LIB).EQS."") | ||
| 537 | $ THEN | ||
| 538 | $! | ||
| 539 | $! Tell The User We Can't Find The LIBRSAGLUE.OLB Library. | ||
| 540 | $! | ||
| 541 | $ WRITE SYS$OUTPUT "" | ||
| 542 | $ WRITE SYS$OUTPUT "Can't Find The Library ",RSAREF_LIB,"." | ||
| 543 | $ WRITE SYS$OUTPUT "We Can't Link Without It." | ||
| 544 | $ WRITE SYS$OUTPUT "" | ||
| 545 | $! | ||
| 546 | $! Since We Can't Link Without It, Exit. | ||
| 547 | $! | ||
| 548 | $ EXIT | ||
| 549 | $ ENDIF | ||
| 550 | $! | ||
| 551 | $! End The RSAREF Library Check. | ||
| 552 | $! | ||
| 553 | $ ENDIF | ||
| 554 | $! | ||
| 555 | $! Look For The Library LIBSSL.OLB. | 471 | $! Look For The Library LIBSSL.OLB. |
| 556 | $! | 472 | $! |
| 557 | $ IF (F$SEARCH(SSL_LIB).EQS."") | 473 | $ IF (F$SEARCH(SSL_LIB).EQS."") |
| @@ -582,87 +498,10 @@ $ CHECK_OPTIONS: | |||
| 582 | $! | 498 | $! |
| 583 | $! Check To See If P1 Is Blank. | 499 | $! Check To See If P1 Is Blank. |
| 584 | $! | 500 | $! |
| 585 | $ P1 = "NORSAREF" | 501 | $ IF (P1.EQS."NODEBUG") |
| 586 | $ IF (P1.EQS."NORSAREF") | ||
| 587 | $ THEN | 502 | $ THEN |
| 588 | $! | 503 | $! |
| 589 | $! P1 Is NORSAREF, So Compile With The Regular RSA Libraries. | 504 | $! P1 Is NODEBUG, So Compile Without Debugger Information. |
| 590 | $! | ||
| 591 | $ RSAREF = "FALSE" | ||
| 592 | $! | ||
| 593 | $! Else... | ||
| 594 | $! | ||
| 595 | $ ELSE | ||
| 596 | $! | ||
| 597 | $! Check To See If We Are To Use The RSAREF Library. | ||
| 598 | $! | ||
| 599 | $ IF (P1.EQS."RSAREF") | ||
| 600 | $ THEN | ||
| 601 | $! | ||
| 602 | $! Check To Make Sure We Have The RSAREF Source Code Directory. | ||
| 603 | $! | ||
| 604 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."") | ||
| 605 | $ THEN | ||
| 606 | $! | ||
| 607 | $! We Don't Have The RSAREF Souce Code Directory, So Tell The | ||
| 608 | $! User This. | ||
| 609 | $! | ||
| 610 | $ WRITE SYS$OUTPUT "" | ||
| 611 | $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." | ||
| 612 | $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" | ||
| 613 | $ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the" | ||
| 614 | $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" | ||
| 615 | $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" | ||
| 616 | $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." | ||
| 617 | $ WRITE SYS$OUTPUT "" | ||
| 618 | $! | ||
| 619 | $! Time To Exit. | ||
| 620 | $! | ||
| 621 | $ EXIT | ||
| 622 | $! | ||
| 623 | $! Else... | ||
| 624 | $! | ||
| 625 | $ ELSE | ||
| 626 | $! | ||
| 627 | $! Compile Using The RSAREF Library. | ||
| 628 | $! | ||
| 629 | $ RSAREF = "TRUE" | ||
| 630 | $! | ||
| 631 | $! End The RSAREF Soure Directory Check. | ||
| 632 | $! | ||
| 633 | $ ENDIF | ||
| 634 | $! | ||
| 635 | $! Else... | ||
| 636 | $! | ||
| 637 | $ ELSE | ||
| 638 | $! | ||
| 639 | $! They Entered An Invalid Option.. | ||
| 640 | $! | ||
| 641 | $ WRITE SYS$OUTPUT "" | ||
| 642 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" | ||
| 643 | $ WRITE SYS$OUTPUT "" | ||
| 644 | $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." | ||
| 645 | $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." | ||
| 646 | $ WRITE SYS$OUTPUT "" | ||
| 647 | $! | ||
| 648 | $! Time To EXIT. | ||
| 649 | $! | ||
| 650 | $ EXIT | ||
| 651 | $! | ||
| 652 | $! End The Valid Arguement Check. | ||
| 653 | $! | ||
| 654 | $ ENDIF | ||
| 655 | $! | ||
| 656 | $! End P1 Check. | ||
| 657 | $! | ||
| 658 | $ ENDIF | ||
| 659 | $! | ||
| 660 | $! Check To See If P2 Is Blank. | ||
| 661 | $! | ||
| 662 | $ IF (P2.EQS."NODEBUG") | ||
| 663 | $ THEN | ||
| 664 | $! | ||
| 665 | $! P2 Is NODEBUG, So Compile Without Debugger Information. | ||
| 666 | $! | 505 | $! |
| 667 | $ DEBUGGER = "NODEBUG" | 506 | $ DEBUGGER = "NODEBUG" |
| 668 | $ TRACEBACK = "NOTRACEBACK" | 507 | $ TRACEBACK = "NOTRACEBACK" |
| @@ -677,7 +516,7 @@ $ ELSE | |||
| 677 | $! | 516 | $! |
| 678 | $! Check To See If We Are To Compile With Debugger Information. | 517 | $! Check To See If We Are To Compile With Debugger Information. |
| 679 | $! | 518 | $! |
| 680 | $ IF (P2.EQS."DEBUG") | 519 | $ IF (P1.EQS."DEBUG") |
| 681 | $ THEN | 520 | $ THEN |
| 682 | $! | 521 | $! |
| 683 | $! Compile With Debugger Information. | 522 | $! Compile With Debugger Information. |
| @@ -693,7 +532,7 @@ $! | |||
| 693 | $! Tell The User Entered An Invalid Option.. | 532 | $! Tell The User Entered An Invalid Option.. |
| 694 | $! | 533 | $! |
| 695 | $ WRITE SYS$OUTPUT "" | 534 | $ WRITE SYS$OUTPUT "" |
| 696 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | 535 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" |
| 697 | $ WRITE SYS$OUTPUT "" | 536 | $ WRITE SYS$OUTPUT "" |
| 698 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | 537 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." |
| 699 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | 538 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." |
| @@ -707,13 +546,13 @@ $! End The Valid Arguement Check. | |||
| 707 | $! | 546 | $! |
| 708 | $ ENDIF | 547 | $ ENDIF |
| 709 | $! | 548 | $! |
| 710 | $! End The P2 Check. | 549 | $! End The P1 Check. |
| 711 | $! | 550 | $! |
| 712 | $ ENDIF | 551 | $ ENDIF |
| 713 | $! | 552 | $! |
| 714 | $! Check To See If P3 Is Blank. | 553 | $! Check To See If P2 Is Blank. |
| 715 | $! | 554 | $! |
| 716 | $ IF (P3.EQS."") | 555 | $ IF (P2.EQS."") |
| 717 | $ THEN | 556 | $ THEN |
| 718 | $! | 557 | $! |
| 719 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | 558 | $! O.K., The User Didn't Specify A Compiler, Let's Try To |
| @@ -726,7 +565,7 @@ $ THEN | |||
| 726 | $! | 565 | $! |
| 727 | $! Looks Like GNUC, Set To Use GNUC. | 566 | $! Looks Like GNUC, Set To Use GNUC. |
| 728 | $! | 567 | $! |
| 729 | $ P3 = "GNUC" | 568 | $ P2 = "GNUC" |
| 730 | $! | 569 | $! |
| 731 | $! Else... | 570 | $! Else... |
| 732 | $! | 571 | $! |
| @@ -739,7 +578,7 @@ $ THEN | |||
| 739 | $! | 578 | $! |
| 740 | $! Looks Like DECC, Set To Use DECC. | 579 | $! Looks Like DECC, Set To Use DECC. |
| 741 | $! | 580 | $! |
| 742 | $ P3 = "DECC" | 581 | $ P2 = "DECC" |
| 743 | $! | 582 | $! |
| 744 | $! Else... | 583 | $! Else... |
| 745 | $! | 584 | $! |
| @@ -747,7 +586,7 @@ $ ELSE | |||
| 747 | $! | 586 | $! |
| 748 | $! Looks Like VAXC, Set To Use VAXC. | 587 | $! Looks Like VAXC, Set To Use VAXC. |
| 749 | $! | 588 | $! |
| 750 | $ P3 = "VAXC" | 589 | $ P2 = "VAXC" |
| 751 | $! | 590 | $! |
| 752 | $! End The VAXC Compiler Check. | 591 | $! End The VAXC Compiler Check. |
| 753 | $! | 592 | $! |
| @@ -761,9 +600,9 @@ $! End The Compiler Check. | |||
| 761 | $! | 600 | $! |
| 762 | $ ENDIF | 601 | $ ENDIF |
| 763 | $! | 602 | $! |
| 764 | $! Check To See If We Have A Option For P4. | 603 | $! Check To See If We Have A Option For P3. |
| 765 | $! | 604 | $! |
| 766 | $ IF (P4.EQS."") | 605 | $ IF (P3.EQS."") |
| 767 | $ THEN | 606 | $ THEN |
| 768 | $! | 607 | $! |
| 769 | $! Find out what socket library we have available | 608 | $! Find out what socket library we have available |
| @@ -773,7 +612,7 @@ $ THEN | |||
| 773 | $! | 612 | $! |
| 774 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | 613 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. |
| 775 | $! | 614 | $! |
| 776 | $ P4 = "SOCKETSHR" | 615 | $ P3 = "SOCKETSHR" |
| 777 | $! | 616 | $! |
| 778 | $! Tell the user | 617 | $! Tell the user |
| 779 | $! | 618 | $! |
| @@ -793,7 +632,7 @@ $ THEN | |||
| 793 | $! | 632 | $! |
| 794 | $! Last resort: a UCX or UCX-compatible library | 633 | $! Last resort: a UCX or UCX-compatible library |
| 795 | $! | 634 | $! |
| 796 | $ P4 = "UCX" | 635 | $ P3 = "UCX" |
| 797 | $! | 636 | $! |
| 798 | $! Tell the user | 637 | $! Tell the user |
| 799 | $! | 638 | $! |
| @@ -817,12 +656,12 @@ $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | |||
| 817 | $! | 656 | $! |
| 818 | $! Check To See If The User Entered A Valid Paramter. | 657 | $! Check To See If The User Entered A Valid Paramter. |
| 819 | $! | 658 | $! |
| 820 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") | 659 | $ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC") |
| 821 | $ THEN | 660 | $ THEN |
| 822 | $! | 661 | $! |
| 823 | $! Check To See If The User Wanted DECC. | 662 | $! Check To See If The User Wanted DECC. |
| 824 | $! | 663 | $! |
| 825 | $ IF (P3.EQS."DECC") | 664 | $ IF (P2.EQS."DECC") |
| 826 | $ THEN | 665 | $ THEN |
| 827 | $! | 666 | $! |
| 828 | $! Looks Like DECC, Set To Use DECC. | 667 | $! Looks Like DECC, Set To Use DECC. |
| @@ -852,7 +691,7 @@ $ ENDIF | |||
| 852 | $! | 691 | $! |
| 853 | $! Check To See If We Are To Use VAXC. | 692 | $! Check To See If We Are To Use VAXC. |
| 854 | $! | 693 | $! |
| 855 | $ IF (P3.EQS."VAXC") | 694 | $ IF (P2.EQS."VAXC") |
| 856 | $ THEN | 695 | $ THEN |
| 857 | $! | 696 | $! |
| 858 | $! Looks Like VAXC, Set To Use VAXC. | 697 | $! Looks Like VAXC, Set To Use VAXC. |
| @@ -889,7 +728,7 @@ $ ENDIF | |||
| 889 | $! | 728 | $! |
| 890 | $! Check To See If We Are To Use GNU C. | 729 | $! Check To See If We Are To Use GNU C. |
| 891 | $! | 730 | $! |
| 892 | $ IF (P3.EQS."GNUC") | 731 | $ IF (P2.EQS."GNUC") |
| 893 | $ THEN | 732 | $ THEN |
| 894 | $! | 733 | $! |
| 895 | $! Looks Like GNUC, Set To Use GNUC. | 734 | $! Looks Like GNUC, Set To Use GNUC. |
| @@ -918,31 +757,6 @@ $! Set up default defines | |||
| 918 | $! | 757 | $! |
| 919 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | 758 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS |
| 920 | $! | 759 | $! |
| 921 | $! Check To See If We Are To Compile With RSAREF Routines. | ||
| 922 | $! | ||
| 923 | $ IF (RSAREF.EQS."TRUE") | ||
| 924 | $ THEN | ||
| 925 | $! | ||
| 926 | $! Compile With RSAREF. | ||
| 927 | $! | ||
| 928 | $ CCDEFS = CCDEFS + ",""RSAref=1""" | ||
| 929 | $! | ||
| 930 | $! Tell The User This. | ||
| 931 | $! | ||
| 932 | $ WRITE SYS$OUTPUT "Compiling With RSAREF Routines." | ||
| 933 | $! | ||
| 934 | $! Else, We Don't Care. Compile Without The RSAREF Library. | ||
| 935 | $! | ||
| 936 | $ ELSE | ||
| 937 | $! | ||
| 938 | $! Tell The User We Are Compile Without The RSAREF Routines. | ||
| 939 | $! | ||
| 940 | $ WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines. | ||
| 941 | $! | ||
| 942 | $! End The RSAREF Check. | ||
| 943 | $! | ||
| 944 | $ ENDIF | ||
| 945 | $! | ||
| 946 | $! Else The User Entered An Invalid Arguement. | 760 | $! Else The User Entered An Invalid Arguement. |
| 947 | $! | 761 | $! |
| 948 | $ ELSE | 762 | $ ELSE |
| @@ -950,7 +764,7 @@ $! | |||
| 950 | $! Tell The User We Don't Know What They Want. | 764 | $! Tell The User We Don't Know What They Want. |
| 951 | $! | 765 | $! |
| 952 | $ WRITE SYS$OUTPUT "" | 766 | $ WRITE SYS$OUTPUT "" |
| 953 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | 767 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" |
| 954 | $ WRITE SYS$OUTPUT "" | 768 | $ WRITE SYS$OUTPUT "" |
| 955 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | 769 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." |
| 956 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | 770 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." |
| @@ -964,13 +778,13 @@ $ ENDIF | |||
| 964 | $! | 778 | $! |
| 965 | $! Time to check the contents, and to make sure we get the correct library. | 779 | $! Time to check the contents, and to make sure we get the correct library. |
| 966 | $! | 780 | $! |
| 967 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - | 781 | $ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" - |
| 968 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" | 782 | .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE" |
| 969 | $ THEN | 783 | $ THEN |
| 970 | $! | 784 | $! |
| 971 | $! Check to see if SOCKETSHR was chosen | 785 | $! Check to see if SOCKETSHR was chosen |
| 972 | $! | 786 | $! |
| 973 | $ IF P4.EQS."SOCKETSHR" | 787 | $ IF P3.EQS."SOCKETSHR" |
| 974 | $ THEN | 788 | $ THEN |
| 975 | $! | 789 | $! |
| 976 | $! Set the library to use SOCKETSHR | 790 | $! Set the library to use SOCKETSHR |
| @@ -983,12 +797,12 @@ $ ENDIF | |||
| 983 | $! | 797 | $! |
| 984 | $! Check to see if MULTINET was chosen | 798 | $! Check to see if MULTINET was chosen |
| 985 | $! | 799 | $! |
| 986 | $ IF P4.EQS."MULTINET" | 800 | $ IF P3.EQS."MULTINET" |
| 987 | $ THEN | 801 | $ THEN |
| 988 | $! | 802 | $! |
| 989 | $! Set the library to use UCX emulation. | 803 | $! Set the library to use UCX emulation. |
| 990 | $! | 804 | $! |
| 991 | $ P4 = "UCX" | 805 | $ P3 = "UCX" |
| 992 | $! | 806 | $! |
| 993 | $! Done with MULTINET | 807 | $! Done with MULTINET |
| 994 | $! | 808 | $! |
| @@ -996,7 +810,7 @@ $ ENDIF | |||
| 996 | $! | 810 | $! |
| 997 | $! Check to see if UCX was chosen | 811 | $! Check to see if UCX was chosen |
| 998 | $! | 812 | $! |
| 999 | $ IF P4.EQS."UCX" | 813 | $ IF P3.EQS."UCX" |
| 1000 | $ THEN | 814 | $ THEN |
| 1001 | $! | 815 | $! |
| 1002 | $! Set the library to use UCX. | 816 | $! Set the library to use UCX. |
| @@ -1016,7 +830,7 @@ $ ENDIF | |||
| 1016 | $! | 830 | $! |
| 1017 | $! Check to see if TCPIP (post UCX) was chosen | 831 | $! Check to see if TCPIP (post UCX) was chosen |
| 1018 | $! | 832 | $! |
| 1019 | $ IF P4.EQS."TCPIP" | 833 | $ IF P3.EQS."TCPIP" |
| 1020 | $ THEN | 834 | $ THEN |
| 1021 | $! | 835 | $! |
| 1022 | $! Set the library to use TCPIP. | 836 | $! Set the library to use TCPIP. |
| @@ -1029,7 +843,7 @@ $ ENDIF | |||
| 1029 | $! | 843 | $! |
| 1030 | $! Check to see if NONE was chosen | 844 | $! Check to see if NONE was chosen |
| 1031 | $! | 845 | $! |
| 1032 | $ IF P4.EQS."NONE" | 846 | $ IF P3.EQS."NONE" |
| 1033 | $ THEN | 847 | $ THEN |
| 1034 | $! | 848 | $! |
| 1035 | $! Do not use TCPIP. | 849 | $! Do not use TCPIP. |
| @@ -1042,7 +856,7 @@ $ ENDIF | |||
| 1042 | $! | 856 | $! |
| 1043 | $! Add TCP/IP type to CC definitions. | 857 | $! Add TCP/IP type to CC definitions. |
| 1044 | $! | 858 | $! |
| 1045 | $ CCDEFS = CCDEFS + ",TCPIP_TYPE_''P4'" | 859 | $ CCDEFS = CCDEFS + ",TCPIP_TYPE_''P3'" |
| 1046 | $! | 860 | $! |
| 1047 | $! Print info | 861 | $! Print info |
| 1048 | $! | 862 | $! |
| @@ -1055,7 +869,7 @@ $! | |||
| 1055 | $! Tell The User We Don't Know What They Want. | 869 | $! Tell The User We Don't Know What They Want. |
| 1056 | $! | 870 | $! |
| 1057 | $ WRITE SYS$OUTPUT "" | 871 | $ WRITE SYS$OUTPUT "" |
| 1058 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | 872 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" |
| 1059 | $ WRITE SYS$OUTPUT "" | 873 | $ WRITE SYS$OUTPUT "" |
| 1060 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | 874 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." |
| 1061 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | 875 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." |
| @@ -1094,9 +908,9 @@ $! Written By: Richard Levitte | |||
| 1094 | $! richard@levitte.org | 908 | $! richard@levitte.org |
| 1095 | $! | 909 | $! |
| 1096 | $! | 910 | $! |
| 1097 | $! Check To See If We Have A Option For P5. | 911 | $! Check To See If We Have A Option For P4. |
| 1098 | $! | 912 | $! |
| 1099 | $ IF (P5.EQS."") | 913 | $ IF (P4.EQS."") |
| 1100 | $ THEN | 914 | $ THEN |
| 1101 | $! | 915 | $! |
| 1102 | $! Get The Version Of VMS We Are Using. | 916 | $! Get The Version Of VMS We Are Using. |
| @@ -1118,15 +932,15 @@ $! End The VMS Version Check. | |||
| 1118 | $! | 932 | $! |
| 1119 | $ ENDIF | 933 | $ ENDIF |
| 1120 | $! | 934 | $! |
| 1121 | $! End The P5 Check. | 935 | $! End The P4 Check. |
| 1122 | $! | 936 | $! |
| 1123 | $ ENDIF | 937 | $ ENDIF |
| 1124 | $! | 938 | $! |
| 1125 | $! Check if the user wanted to compile just a subset of all the programs. | 939 | $! Check if the user wanted to compile just a subset of all the programs. |
| 1126 | $! | 940 | $! |
| 1127 | $ IF P6 .NES. "" | 941 | $ IF P5 .NES. "" |
| 1128 | $ THEN | 942 | $ THEN |
| 1129 | $ PROGRAMS = P6 | 943 | $ PROGRAMS = P5 |
| 1130 | $ ENDIF | 944 | $ ENDIF |
| 1131 | $! | 945 | $! |
| 1132 | $! Time To RETURN... | 946 | $! Time To RETURN... |
diff --git a/src/lib/libssl/src/apps/nseq.c b/src/lib/libssl/src/apps/nseq.c index c26f62cb61..dc71d45012 100644 --- a/src/lib/libssl/src/apps/nseq.c +++ b/src/lib/libssl/src/apps/nseq.c | |||
| @@ -102,7 +102,7 @@ int MAIN(int argc, char **argv) | |||
| 102 | BIO_printf (bio_err, "-in file input file\n"); | 102 | BIO_printf (bio_err, "-in file input file\n"); |
| 103 | BIO_printf (bio_err, "-out file output file\n"); | 103 | BIO_printf (bio_err, "-out file output file\n"); |
| 104 | BIO_printf (bio_err, "-toseq output NS Sequence file\n"); | 104 | BIO_printf (bio_err, "-toseq output NS Sequence file\n"); |
| 105 | EXIT(1); | 105 | OPENSSL_EXIT(1); |
| 106 | } | 106 | } |
| 107 | 107 | ||
| 108 | if (infile) { | 108 | if (infile) { |
| @@ -162,6 +162,6 @@ end: | |||
| 162 | BIO_free_all(out); | 162 | BIO_free_all(out); |
| 163 | NETSCAPE_CERT_SEQUENCE_free(seq); | 163 | NETSCAPE_CERT_SEQUENCE_free(seq); |
| 164 | 164 | ||
| 165 | EXIT(ret); | 165 | OPENSSL_EXIT(ret); |
| 166 | } | 166 | } |
| 167 | 167 | ||
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c index 59b97a634b..17e84366d9 100644 --- a/src/lib/libssl/src/apps/ocsp.c +++ b/src/lib/libssl/src/apps/ocsp.c | |||
| @@ -55,6 +55,7 @@ | |||
| 55 | * Hudson (tjh@cryptsoft.com). | 55 | * Hudson (tjh@cryptsoft.com). |
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | #ifndef OPENSSL_NO_OCSP | ||
| 58 | 59 | ||
| 59 | #include <stdio.h> | 60 | #include <stdio.h> |
| 60 | #include <string.h> | 61 | #include <string.h> |
| @@ -523,7 +524,7 @@ int MAIN(int argc, char **argv) | |||
| 523 | BIO_printf (bio_err, "-serial n serial number to check\n"); | 524 | BIO_printf (bio_err, "-serial n serial number to check\n"); |
| 524 | BIO_printf (bio_err, "-signer file certificate to sign OCSP request with\n"); | 525 | BIO_printf (bio_err, "-signer file certificate to sign OCSP request with\n"); |
| 525 | BIO_printf (bio_err, "-signkey file private key to sign OCSP request with\n"); | 526 | BIO_printf (bio_err, "-signkey file private key to sign OCSP request with\n"); |
| 526 | BIO_printf (bio_err, "-sign_certs file additional certificates to include in signed request\n"); | 527 | BIO_printf (bio_err, "-sign_other file additional certificates to include in signed request\n"); |
| 527 | BIO_printf (bio_err, "-no_certs don't include any certificates in signed request\n"); | 528 | BIO_printf (bio_err, "-no_certs don't include any certificates in signed request\n"); |
| 528 | BIO_printf (bio_err, "-req_text print text form of request\n"); | 529 | BIO_printf (bio_err, "-req_text print text form of request\n"); |
| 529 | BIO_printf (bio_err, "-resp_text print text form of response\n"); | 530 | BIO_printf (bio_err, "-resp_text print text form of response\n"); |
| @@ -543,10 +544,10 @@ int MAIN(int argc, char **argv) | |||
| 543 | BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n"); | 544 | BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n"); |
| 544 | BIO_printf (bio_err, "-status_age n maximum status age in seconds\n"); | 545 | BIO_printf (bio_err, "-status_age n maximum status age in seconds\n"); |
| 545 | BIO_printf (bio_err, "-noverify don't verify response at all\n"); | 546 | BIO_printf (bio_err, "-noverify don't verify response at all\n"); |
| 546 | BIO_printf (bio_err, "-verify_certs file additional certificates to search for signer\n"); | 547 | BIO_printf (bio_err, "-verify_other file additional certificates to search for signer\n"); |
| 547 | BIO_printf (bio_err, "-trust_other don't verify additional certificates\n"); | 548 | BIO_printf (bio_err, "-trust_other don't verify additional certificates\n"); |
| 548 | BIO_printf (bio_err, "-no_intern don't search certificates contained in response for signer\n"); | 549 | BIO_printf (bio_err, "-no_intern don't search certificates contained in response for signer\n"); |
| 549 | BIO_printf (bio_err, "-no_sig_verify don't check signature on response\n"); | 550 | BIO_printf (bio_err, "-no_signature_verify don't check signature on response\n"); |
| 550 | BIO_printf (bio_err, "-no_cert_verify don't check signing certificate\n"); | 551 | BIO_printf (bio_err, "-no_cert_verify don't check signing certificate\n"); |
| 551 | BIO_printf (bio_err, "-no_chain don't chain verify response\n"); | 552 | BIO_printf (bio_err, "-no_chain don't chain verify response\n"); |
| 552 | BIO_printf (bio_err, "-no_cert_checks don't do additional checks on signing certificate\n"); | 553 | BIO_printf (bio_err, "-no_cert_checks don't do additional checks on signing certificate\n"); |
| @@ -722,7 +723,12 @@ int MAIN(int argc, char **argv) | |||
| 722 | } | 723 | } |
| 723 | else if (host) | 724 | else if (host) |
| 724 | { | 725 | { |
| 726 | #ifndef OPENSSL_NO_SOCK | ||
| 725 | cbio = BIO_new_connect(host); | 727 | cbio = BIO_new_connect(host); |
| 728 | #else | ||
| 729 | BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n"); | ||
| 730 | goto end; | ||
| 731 | #endif | ||
| 726 | if (!cbio) | 732 | if (!cbio) |
| 727 | { | 733 | { |
| 728 | BIO_printf(bio_err, "Error creating connect BIO\n"); | 734 | BIO_printf(bio_err, "Error creating connect BIO\n"); |
| @@ -732,7 +738,16 @@ int MAIN(int argc, char **argv) | |||
| 732 | if (use_ssl == 1) | 738 | if (use_ssl == 1) |
| 733 | { | 739 | { |
| 734 | BIO *sbio; | 740 | BIO *sbio; |
| 741 | #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) | ||
| 735 | ctx = SSL_CTX_new(SSLv23_client_method()); | 742 | ctx = SSL_CTX_new(SSLv23_client_method()); |
| 743 | #elif !defined(OPENSSL_NO_SSL3) | ||
| 744 | ctx = SSL_CTX_new(SSLv3_client_method()); | ||
| 745 | #elif !defined(OPENSSL_NO_SSL2) | ||
| 746 | ctx = SSL_CTX_new(SSLv2_client_method()); | ||
| 747 | #else | ||
| 748 | BIO_printf(bio_err, "SSL is disabled\n"); | ||
| 749 | goto end; | ||
| 750 | #endif | ||
| 736 | SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); | 751 | SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); |
| 737 | sbio = BIO_new_ssl(ctx, 1); | 752 | sbio = BIO_new_ssl(ctx, 1); |
| 738 | cbio = BIO_push(sbio, cbio); | 753 | cbio = BIO_push(sbio, cbio); |
| @@ -899,7 +914,7 @@ end: | |||
| 899 | SSL_CTX_free(ctx); | 914 | SSL_CTX_free(ctx); |
| 900 | } | 915 | } |
| 901 | 916 | ||
| 902 | EXIT(ret); | 917 | OPENSSL_EXIT(ret); |
| 903 | } | 918 | } |
| 904 | 919 | ||
| 905 | static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer, | 920 | static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer, |
| @@ -1120,7 +1135,10 @@ static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser) | |||
| 1120 | char *itmp, *row[DB_NUMBER],**rrow; | 1135 | char *itmp, *row[DB_NUMBER],**rrow; |
| 1121 | for (i = 0; i < DB_NUMBER; i++) row[i] = NULL; | 1136 | for (i = 0; i < DB_NUMBER; i++) row[i] = NULL; |
| 1122 | bn = ASN1_INTEGER_to_BN(ser,NULL); | 1137 | bn = ASN1_INTEGER_to_BN(ser,NULL); |
| 1123 | itmp = BN_bn2hex(bn); | 1138 | if (BN_is_zero(bn)) |
| 1139 | itmp = BUF_strdup("00"); | ||
| 1140 | else | ||
| 1141 | itmp = BN_bn2hex(bn); | ||
| 1124 | row[DB_serial] = itmp; | 1142 | row[DB_serial] = itmp; |
| 1125 | BN_free(bn); | 1143 | BN_free(bn); |
| 1126 | rrow=TXT_DB_get_by_index(db,DB_serial,row); | 1144 | rrow=TXT_DB_get_by_index(db,DB_serial,row); |
| @@ -1136,7 +1154,11 @@ static BIO *init_responder(char *port) | |||
| 1136 | bufbio = BIO_new(BIO_f_buffer()); | 1154 | bufbio = BIO_new(BIO_f_buffer()); |
| 1137 | if (!bufbio) | 1155 | if (!bufbio) |
| 1138 | goto err; | 1156 | goto err; |
| 1157 | #ifndef OPENSSL_NO_SOCK | ||
| 1139 | acbio = BIO_new_accept(port); | 1158 | acbio = BIO_new_accept(port); |
| 1159 | #else | ||
| 1160 | BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n"); | ||
| 1161 | #endif | ||
| 1140 | if (!acbio) | 1162 | if (!acbio) |
| 1141 | goto err; | 1163 | goto err; |
| 1142 | BIO_set_accept_bios(acbio, bufbio); | 1164 | BIO_set_accept_bios(acbio, bufbio); |
| @@ -1176,7 +1198,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port | |||
| 1176 | 1198 | ||
| 1177 | for(;;) | 1199 | for(;;) |
| 1178 | { | 1200 | { |
| 1179 | len = BIO_gets(cbio, inbuf, 1024); | 1201 | len = BIO_gets(cbio, inbuf, sizeof inbuf); |
| 1180 | if (len <= 0) | 1202 | if (len <= 0) |
| 1181 | return 1; | 1203 | return 1; |
| 1182 | /* Look for "POST" signalling start of query */ | 1204 | /* Look for "POST" signalling start of query */ |
| @@ -1223,3 +1245,4 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) | |||
| 1223 | return 1; | 1245 | return 1; |
| 1224 | } | 1246 | } |
| 1225 | 1247 | ||
| 1248 | #endif | ||
diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c index 811b305622..45af2ba7f9 100644 --- a/src/lib/libssl/src/apps/openssl.c +++ b/src/lib/libssl/src/apps/openssl.c | |||
| @@ -122,7 +122,9 @@ | |||
| 122 | #include <openssl/x509.h> | 122 | #include <openssl/x509.h> |
| 123 | #include <openssl/pem.h> | 123 | #include <openssl/pem.h> |
| 124 | #include <openssl/ssl.h> | 124 | #include <openssl/ssl.h> |
| 125 | #ifndef OPENSSL_NO_ENGINE | ||
| 125 | #include <openssl/engine.h> | 126 | #include <openssl/engine.h> |
| 127 | #endif | ||
| 126 | #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ | 128 | #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ |
| 127 | #include "progs.h" | 129 | #include "progs.h" |
| 128 | #include "s_apps.h" | 130 | #include "s_apps.h" |
| @@ -139,11 +141,11 @@ static unsigned long MS_CALLBACK hash(const void *a_void); | |||
| 139 | static int MS_CALLBACK cmp(const void *a_void,const void *b_void); | 141 | static int MS_CALLBACK cmp(const void *a_void,const void *b_void); |
| 140 | static LHASH *prog_init(void ); | 142 | static LHASH *prog_init(void ); |
| 141 | static int do_cmd(LHASH *prog,int argc,char *argv[]); | 143 | static int do_cmd(LHASH *prog,int argc,char *argv[]); |
| 142 | CONF *config=NULL; | ||
| 143 | char *default_config_file=NULL; | 144 | char *default_config_file=NULL; |
| 144 | 145 | ||
| 145 | /* Make sure there is only one when MONOLITH is defined */ | 146 | /* Make sure there is only one when MONOLITH is defined */ |
| 146 | #ifdef MONOLITH | 147 | #ifdef MONOLITH |
| 148 | CONF *config=NULL; | ||
| 147 | BIO *bio_err=NULL; | 149 | BIO *bio_err=NULL; |
| 148 | #endif | 150 | #endif |
| 149 | 151 | ||
| @@ -218,7 +220,8 @@ int main(int Argc, char *Argv[]) | |||
| 218 | #define PROG_NAME_SIZE 39 | 220 | #define PROG_NAME_SIZE 39 |
| 219 | char pname[PROG_NAME_SIZE+1]; | 221 | char pname[PROG_NAME_SIZE+1]; |
| 220 | FUNCTION f,*fp; | 222 | FUNCTION f,*fp; |
| 221 | MS_STATIC char *prompt,buf[1024],config_name[256]; | 223 | MS_STATIC char *prompt,buf[1024]; |
| 224 | char *to_free=NULL; | ||
| 222 | int n,i,ret=0; | 225 | int n,i,ret=0; |
| 223 | int argc; | 226 | int argc; |
| 224 | char **argv,*p; | 227 | char **argv,*p; |
| @@ -228,6 +231,10 @@ int main(int Argc, char *Argv[]) | |||
| 228 | arg.data=NULL; | 231 | arg.data=NULL; |
| 229 | arg.count=0; | 232 | arg.count=0; |
| 230 | 233 | ||
| 234 | if (bio_err == NULL) | ||
| 235 | if ((bio_err=BIO_new(BIO_s_file())) != NULL) | ||
| 236 | BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); | ||
| 237 | |||
| 231 | if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */ | 238 | if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */ |
| 232 | { | 239 | { |
| 233 | if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))) | 240 | if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))) |
| @@ -252,23 +259,12 @@ int main(int Argc, char *Argv[]) | |||
| 252 | 259 | ||
| 253 | apps_startup(); | 260 | apps_startup(); |
| 254 | 261 | ||
| 255 | if (bio_err == NULL) | ||
| 256 | if ((bio_err=BIO_new(BIO_s_file())) != NULL) | ||
| 257 | BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); | ||
| 258 | |||
| 259 | /* Lets load up our environment a little */ | 262 | /* Lets load up our environment a little */ |
| 260 | p=getenv("OPENSSL_CONF"); | 263 | p=getenv("OPENSSL_CONF"); |
| 261 | if (p == NULL) | 264 | if (p == NULL) |
| 262 | p=getenv("SSLEAY_CONF"); | 265 | p=getenv("SSLEAY_CONF"); |
| 263 | if (p == NULL) | 266 | if (p == NULL) |
| 264 | { | 267 | p=to_free=make_config_name(); |
| 265 | strlcpy(config_name,X509_get_default_cert_area(),sizeof config_name); | ||
| 266 | #ifndef OPENSSL_SYS_VMS | ||
| 267 | strlcat(config_name,"/",sizeof config_name); | ||
| 268 | #endif | ||
| 269 | strlcat(config_name,OPENSSL_CONF,sizeof config_name); | ||
| 270 | p=config_name; | ||
| 271 | } | ||
| 272 | 268 | ||
| 273 | default_config_file=p; | 269 | default_config_file=p; |
| 274 | 270 | ||
| @@ -284,7 +280,7 @@ int main(int Argc, char *Argv[]) | |||
| 284 | prog=prog_init(); | 280 | prog=prog_init(); |
| 285 | 281 | ||
| 286 | /* first check the program name */ | 282 | /* first check the program name */ |
| 287 | program_name(Argv[0],pname,PROG_NAME_SIZE); | 283 | program_name(Argv[0],pname,sizeof pname); |
| 288 | 284 | ||
| 289 | f.name=pname; | 285 | f.name=pname; |
| 290 | fp=(FUNCTION *)lh_retrieve(prog,&f); | 286 | fp=(FUNCTION *)lh_retrieve(prog,&f); |
| @@ -312,7 +308,7 @@ int main(int Argc, char *Argv[]) | |||
| 312 | { | 308 | { |
| 313 | ret=0; | 309 | ret=0; |
| 314 | p=buf; | 310 | p=buf; |
| 315 | n=1024; | 311 | n=sizeof buf; |
| 316 | i=0; | 312 | i=0; |
| 317 | for (;;) | 313 | for (;;) |
| 318 | { | 314 | { |
| @@ -346,6 +342,8 @@ int main(int Argc, char *Argv[]) | |||
| 346 | BIO_printf(bio_err,"bad exit\n"); | 342 | BIO_printf(bio_err,"bad exit\n"); |
| 347 | ret=1; | 343 | ret=1; |
| 348 | end: | 344 | end: |
| 345 | if (to_free) | ||
| 346 | OPENSSL_free(to_free); | ||
| 349 | if (config != NULL) | 347 | if (config != NULL) |
| 350 | { | 348 | { |
| 351 | NCONF_free(config); | 349 | NCONF_free(config); |
| @@ -362,7 +360,7 @@ end: | |||
| 362 | BIO_free(bio_err); | 360 | BIO_free(bio_err); |
| 363 | bio_err=NULL; | 361 | bio_err=NULL; |
| 364 | } | 362 | } |
| 365 | EXIT(ret); | 363 | OPENSSL_EXIT(ret); |
| 366 | } | 364 | } |
| 367 | 365 | ||
| 368 | #define LIST_STANDARD_COMMANDS "list-standard-commands" | 366 | #define LIST_STANDARD_COMMANDS "list-standard-commands" |
diff --git a/src/lib/libssl/src/apps/passwd.c b/src/lib/libssl/src/apps/passwd.c index ad8e7b0349..3ad91d89d6 100644 --- a/src/lib/libssl/src/apps/passwd.c +++ b/src/lib/libssl/src/apps/passwd.c | |||
| @@ -19,7 +19,6 @@ | |||
| 19 | # include <openssl/des.h> | 19 | # include <openssl/des.h> |
| 20 | #endif | 20 | #endif |
| 21 | #ifndef NO_MD5CRYPT_1 | 21 | #ifndef NO_MD5CRYPT_1 |
| 22 | # include <openssl/evp.h> | ||
| 23 | # include <openssl/md5.h> | 22 | # include <openssl/md5.h> |
| 24 | #endif | 23 | #endif |
| 25 | 24 | ||
| @@ -293,7 +292,7 @@ err: | |||
| 293 | if (out) | 292 | if (out) |
| 294 | BIO_free_all(out); | 293 | BIO_free_all(out); |
| 295 | apps_shutdown(); | 294 | apps_shutdown(); |
| 296 | EXIT(ret); | 295 | OPENSSL_EXIT(ret); |
| 297 | } | 296 | } |
| 298 | 297 | ||
| 299 | 298 | ||
| @@ -506,6 +505,6 @@ err: | |||
| 506 | int MAIN(int argc, char **argv) | 505 | int MAIN(int argc, char **argv) |
| 507 | { | 506 | { |
| 508 | fputs("Program not available.\n", stderr) | 507 | fputs("Program not available.\n", stderr) |
| 509 | EXIT(1); | 508 | OPENSSL_EXIT(1); |
| 510 | } | 509 | } |
| 511 | #endif | 510 | #endif |
diff --git a/src/lib/libssl/src/apps/pkcs12.c b/src/lib/libssl/src/apps/pkcs12.c index a438bc6c84..bb446d6b65 100644 --- a/src/lib/libssl/src/apps/pkcs12.c +++ b/src/lib/libssl/src/apps/pkcs12.c | |||
| @@ -120,7 +120,9 @@ int MAIN(int argc, char **argv) | |||
| 120 | char *passin = NULL, *passout = NULL; | 120 | char *passin = NULL, *passout = NULL; |
| 121 | char *inrand = NULL; | 121 | char *inrand = NULL; |
| 122 | char *CApath = NULL, *CAfile = NULL; | 122 | char *CApath = NULL, *CAfile = NULL; |
| 123 | #ifndef OPENSSL_NO_ENGINE | ||
| 123 | char *engine=NULL; | 124 | char *engine=NULL; |
| 125 | #endif | ||
| 124 | 126 | ||
| 125 | apps_startup(); | 127 | apps_startup(); |
| 126 | 128 | ||
| @@ -252,11 +254,13 @@ int MAIN(int argc, char **argv) | |||
| 252 | args++; | 254 | args++; |
| 253 | CAfile = *args; | 255 | CAfile = *args; |
| 254 | } else badarg = 1; | 256 | } else badarg = 1; |
| 257 | #ifndef OPENSSL_NO_ENGINE | ||
| 255 | } else if (!strcmp(*args,"-engine")) { | 258 | } else if (!strcmp(*args,"-engine")) { |
| 256 | if (args[1]) { | 259 | if (args[1]) { |
| 257 | args++; | 260 | args++; |
| 258 | engine = *args; | 261 | engine = *args; |
| 259 | } else badarg = 1; | 262 | } else badarg = 1; |
| 263 | #endif | ||
| 260 | } else badarg = 1; | 264 | } else badarg = 1; |
| 261 | 265 | ||
| 262 | } else badarg = 1; | 266 | } else badarg = 1; |
| @@ -304,14 +308,18 @@ int MAIN(int argc, char **argv) | |||
| 304 | BIO_printf (bio_err, "-password p set import/export password source\n"); | 308 | BIO_printf (bio_err, "-password p set import/export password source\n"); |
| 305 | BIO_printf (bio_err, "-passin p input file pass phrase source\n"); | 309 | BIO_printf (bio_err, "-passin p input file pass phrase source\n"); |
| 306 | BIO_printf (bio_err, "-passout p output file pass phrase source\n"); | 310 | BIO_printf (bio_err, "-passout p output file pass phrase source\n"); |
| 311 | #ifndef OPENSSL_NO_ENGINE | ||
| 307 | BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); | 312 | BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); |
| 313 | #endif | ||
| 308 | BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 314 | BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 309 | BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); | 315 | BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); |
| 310 | BIO_printf(bio_err, " the random number generator\n"); | 316 | BIO_printf(bio_err, " the random number generator\n"); |
| 311 | goto end; | 317 | goto end; |
| 312 | } | 318 | } |
| 313 | 319 | ||
| 320 | #ifndef OPENSSL_NO_ENGINE | ||
| 314 | e = setup_engine(bio_err, engine, 0); | 321 | e = setup_engine(bio_err, engine, 0); |
| 322 | #endif | ||
| 315 | 323 | ||
| 316 | if(passarg) { | 324 | if(passarg) { |
| 317 | if(export_cert) passargout = passarg; | 325 | if(export_cert) passargout = passarg; |
| @@ -399,7 +407,7 @@ int MAIN(int argc, char **argv) | |||
| 399 | #ifdef CRYPTO_MDEBUG | 407 | #ifdef CRYPTO_MDEBUG |
| 400 | CRYPTO_push_info("read MAC password"); | 408 | CRYPTO_push_info("read MAC password"); |
| 401 | #endif | 409 | #endif |
| 402 | if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert)) | 410 | if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) |
| 403 | { | 411 | { |
| 404 | BIO_printf (bio_err, "Can't read Password\n"); | 412 | BIO_printf (bio_err, "Can't read Password\n"); |
| 405 | goto end; | 413 | goto end; |
| @@ -545,7 +553,7 @@ int MAIN(int argc, char **argv) | |||
| 545 | #endif | 553 | #endif |
| 546 | 554 | ||
| 547 | if(!noprompt && | 555 | if(!noprompt && |
| 548 | EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) { | 556 | EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) { |
| 549 | BIO_printf (bio_err, "Can't read Password\n"); | 557 | BIO_printf (bio_err, "Can't read Password\n"); |
| 550 | goto export_end; | 558 | goto export_end; |
| 551 | } | 559 | } |
| @@ -642,7 +650,7 @@ int MAIN(int argc, char **argv) | |||
| 642 | #ifdef CRYPTO_MDEBUG | 650 | #ifdef CRYPTO_MDEBUG |
| 643 | CRYPTO_push_info("read import password"); | 651 | CRYPTO_push_info("read import password"); |
| 644 | #endif | 652 | #endif |
| 645 | if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) { | 653 | if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) { |
| 646 | BIO_printf (bio_err, "Can't read Password\n"); | 654 | BIO_printf (bio_err, "Can't read Password\n"); |
| 647 | goto end; | 655 | goto end; |
| 648 | } | 656 | } |
| @@ -696,7 +704,7 @@ int MAIN(int argc, char **argv) | |||
| 696 | if(passin) OPENSSL_free(passin); | 704 | if(passin) OPENSSL_free(passin); |
| 697 | if(passout) OPENSSL_free(passout); | 705 | if(passout) OPENSSL_free(passout); |
| 698 | apps_shutdown(); | 706 | apps_shutdown(); |
| 699 | EXIT(ret); | 707 | OPENSSL_EXIT(ret); |
| 700 | } | 708 | } |
| 701 | 709 | ||
| 702 | int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, | 710 | int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, |
diff --git a/src/lib/libssl/src/apps/pkcs7.c b/src/lib/libssl/src/apps/pkcs7.c index 0cced40f0f..6c58c67eb2 100644 --- a/src/lib/libssl/src/apps/pkcs7.c +++ b/src/lib/libssl/src/apps/pkcs7.c | |||
| @@ -82,7 +82,9 @@ int MAIN(int, char **); | |||
| 82 | 82 | ||
| 83 | int MAIN(int argc, char **argv) | 83 | int MAIN(int argc, char **argv) |
| 84 | { | 84 | { |
| 85 | #ifndef OPENSSL_NO_ENGINE | ||
| 85 | ENGINE *e = NULL; | 86 | ENGINE *e = NULL; |
| 87 | #endif | ||
| 86 | PKCS7 *p7=NULL; | 88 | PKCS7 *p7=NULL; |
| 87 | int i,badops=0; | 89 | int i,badops=0; |
| 88 | BIO *in=NULL,*out=NULL; | 90 | BIO *in=NULL,*out=NULL; |
| @@ -90,7 +92,9 @@ int MAIN(int argc, char **argv) | |||
| 90 | char *infile,*outfile,*prog; | 92 | char *infile,*outfile,*prog; |
| 91 | int print_certs=0,text=0,noout=0; | 93 | int print_certs=0,text=0,noout=0; |
| 92 | int ret=1; | 94 | int ret=1; |
| 95 | #ifndef OPENSSL_NO_ENGINE | ||
| 93 | char *engine=NULL; | 96 | char *engine=NULL; |
| 97 | #endif | ||
| 94 | 98 | ||
| 95 | apps_startup(); | 99 | apps_startup(); |
| 96 | 100 | ||
| @@ -134,11 +138,13 @@ int MAIN(int argc, char **argv) | |||
| 134 | text=1; | 138 | text=1; |
| 135 | else if (strcmp(*argv,"-print_certs") == 0) | 139 | else if (strcmp(*argv,"-print_certs") == 0) |
| 136 | print_certs=1; | 140 | print_certs=1; |
| 141 | #ifndef OPENSSL_NO_ENGINE | ||
| 137 | else if (strcmp(*argv,"-engine") == 0) | 142 | else if (strcmp(*argv,"-engine") == 0) |
| 138 | { | 143 | { |
| 139 | if (--argc < 1) goto bad; | 144 | if (--argc < 1) goto bad; |
| 140 | engine= *(++argv); | 145 | engine= *(++argv); |
| 141 | } | 146 | } |
| 147 | #endif | ||
| 142 | else | 148 | else |
| 143 | { | 149 | { |
| 144 | BIO_printf(bio_err,"unknown option %s\n",*argv); | 150 | BIO_printf(bio_err,"unknown option %s\n",*argv); |
| @@ -161,14 +167,18 @@ bad: | |||
| 161 | BIO_printf(bio_err," -print_certs print any certs or crl in the input\n"); | 167 | BIO_printf(bio_err," -print_certs print any certs or crl in the input\n"); |
| 162 | BIO_printf(bio_err," -text print full details of certificates\n"); | 168 | BIO_printf(bio_err," -text print full details of certificates\n"); |
| 163 | BIO_printf(bio_err," -noout don't output encoded data\n"); | 169 | BIO_printf(bio_err," -noout don't output encoded data\n"); |
| 170 | #ifndef OPENSSL_NO_ENGINE | ||
| 164 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 171 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 172 | #endif | ||
| 165 | ret = 1; | 173 | ret = 1; |
| 166 | goto end; | 174 | goto end; |
| 167 | } | 175 | } |
| 168 | 176 | ||
| 169 | ERR_load_crypto_strings(); | 177 | ERR_load_crypto_strings(); |
| 170 | 178 | ||
| 179 | #ifndef OPENSSL_NO_ENGINE | ||
| 171 | e = setup_engine(bio_err, engine, 0); | 180 | e = setup_engine(bio_err, engine, 0); |
| 181 | #endif | ||
| 172 | 182 | ||
| 173 | in=BIO_new(BIO_s_file()); | 183 | in=BIO_new(BIO_s_file()); |
| 174 | out=BIO_new(BIO_s_file()); | 184 | out=BIO_new(BIO_s_file()); |
| @@ -301,5 +311,5 @@ end: | |||
| 301 | if (in != NULL) BIO_free(in); | 311 | if (in != NULL) BIO_free(in); |
| 302 | if (out != NULL) BIO_free_all(out); | 312 | if (out != NULL) BIO_free_all(out); |
| 303 | apps_shutdown(); | 313 | apps_shutdown(); |
| 304 | EXIT(ret); | 314 | OPENSSL_EXIT(ret); |
| 305 | } | 315 | } |
diff --git a/src/lib/libssl/src/apps/pkcs8.c b/src/lib/libssl/src/apps/pkcs8.c index 912e32006b..6be27e7f44 100644 --- a/src/lib/libssl/src/apps/pkcs8.c +++ b/src/lib/libssl/src/apps/pkcs8.c | |||
| @@ -63,7 +63,6 @@ | |||
| 63 | #include <openssl/evp.h> | 63 | #include <openssl/evp.h> |
| 64 | #include <openssl/pkcs12.h> | 64 | #include <openssl/pkcs12.h> |
| 65 | 65 | ||
| 66 | #include "apps.h" | ||
| 67 | #define PROG pkcs8_main | 66 | #define PROG pkcs8_main |
| 68 | 67 | ||
| 69 | int MAIN(int, char **); | 68 | int MAIN(int, char **); |
| @@ -86,7 +85,9 @@ int MAIN(int argc, char **argv) | |||
| 86 | EVP_PKEY *pkey=NULL; | 85 | EVP_PKEY *pkey=NULL; |
| 87 | char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; | 86 | char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; |
| 88 | int badarg = 0; | 87 | int badarg = 0; |
| 88 | #ifndef OPENSSL_NO_ENGINE | ||
| 89 | char *engine=NULL; | 89 | char *engine=NULL; |
| 90 | #endif | ||
| 90 | 91 | ||
| 91 | if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); | 92 | if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); |
| 92 | 93 | ||
| @@ -146,11 +147,13 @@ int MAIN(int argc, char **argv) | |||
| 146 | if (!args[1]) goto bad; | 147 | if (!args[1]) goto bad; |
| 147 | passargout= *(++args); | 148 | passargout= *(++args); |
| 148 | } | 149 | } |
| 150 | #ifndef OPENSSL_NO_ENGINE | ||
| 149 | else if (strcmp(*args,"-engine") == 0) | 151 | else if (strcmp(*args,"-engine") == 0) |
| 150 | { | 152 | { |
| 151 | if (!args[1]) goto bad; | 153 | if (!args[1]) goto bad; |
| 152 | engine= *(++args); | 154 | engine= *(++args); |
| 153 | } | 155 | } |
| 156 | #endif | ||
| 154 | else if (!strcmp (*args, "-in")) { | 157 | else if (!strcmp (*args, "-in")) { |
| 155 | if (args[1]) { | 158 | if (args[1]) { |
| 156 | args++; | 159 | args++; |
| @@ -183,11 +186,15 @@ int MAIN(int argc, char **argv) | |||
| 183 | BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n"); | 186 | BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n"); |
| 184 | BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); | 187 | BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); |
| 185 | BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n"); | 188 | BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n"); |
| 189 | #ifndef OPENSSL_NO_ENGINE | ||
| 186 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 190 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 191 | #endif | ||
| 187 | return (1); | 192 | return (1); |
| 188 | } | 193 | } |
| 189 | 194 | ||
| 195 | #ifndef OPENSSL_NO_ENGINE | ||
| 190 | e = setup_engine(bio_err, engine, 0); | 196 | e = setup_engine(bio_err, engine, 0); |
| 197 | #endif | ||
| 191 | 198 | ||
| 192 | if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { | 199 | if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { |
| 193 | BIO_printf(bio_err, "Error getting passwords\n"); | 200 | BIO_printf(bio_err, "Error getting passwords\n"); |
| @@ -245,7 +252,8 @@ int MAIN(int argc, char **argv) | |||
| 245 | if(passout) p8pass = passout; | 252 | if(passout) p8pass = passout; |
| 246 | else { | 253 | else { |
| 247 | p8pass = pass; | 254 | p8pass = pass; |
| 248 | EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1); | 255 | if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1)) |
| 256 | return (1); | ||
| 249 | } | 257 | } |
| 250 | app_RAND_load_file(NULL, bio_err, 0); | 258 | app_RAND_load_file(NULL, bio_err, 0); |
| 251 | if (!(p8 = PKCS8_encrypt(pbe_nid, cipher, | 259 | if (!(p8 = PKCS8_encrypt(pbe_nid, cipher, |
| @@ -302,7 +310,7 @@ int MAIN(int argc, char **argv) | |||
| 302 | if(passin) p8pass = passin; | 310 | if(passin) p8pass = passin; |
| 303 | else { | 311 | else { |
| 304 | p8pass = pass; | 312 | p8pass = pass; |
| 305 | EVP_read_pw_string(pass, 50, "Enter Password:", 0); | 313 | EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0); |
| 306 | } | 314 | } |
| 307 | p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass)); | 315 | p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass)); |
| 308 | X509_SIG_free(p8); | 316 | X509_SIG_free(p8); |
diff --git a/src/lib/libssl/src/apps/progs.h b/src/lib/libssl/src/apps/progs.h index 752385d3a7..70e4dbac07 100644 --- a/src/lib/libssl/src/apps/progs.h +++ b/src/lib/libssl/src/apps/progs.h | |||
| @@ -35,7 +35,9 @@ extern int pkcs8_main(int argc,char *argv[]); | |||
| 35 | extern int spkac_main(int argc,char *argv[]); | 35 | extern int spkac_main(int argc,char *argv[]); |
| 36 | extern int smime_main(int argc,char *argv[]); | 36 | extern int smime_main(int argc,char *argv[]); |
| 37 | extern int rand_main(int argc,char *argv[]); | 37 | extern int rand_main(int argc,char *argv[]); |
| 38 | #ifndef OPENSSL_NO_ENGINE | ||
| 38 | extern int engine_main(int argc,char *argv[]); | 39 | extern int engine_main(int argc,char *argv[]); |
| 40 | #endif | ||
| 39 | extern int ocsp_main(int argc,char *argv[]); | 41 | extern int ocsp_main(int argc,char *argv[]); |
| 40 | 42 | ||
| 41 | #define FUNC_TYPE_GENERAL 1 | 43 | #define FUNC_TYPE_GENERAL 1 |
| @@ -92,7 +94,9 @@ FUNCTION functions[] = { | |||
| 92 | #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) | 94 | #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) |
| 93 | {FUNC_TYPE_GENERAL,"s_client",s_client_main}, | 95 | {FUNC_TYPE_GENERAL,"s_client",s_client_main}, |
| 94 | #endif | 96 | #endif |
| 97 | #ifndef OPENSSL_NO_SPEED | ||
| 95 | {FUNC_TYPE_GENERAL,"speed",speed_main}, | 98 | {FUNC_TYPE_GENERAL,"speed",speed_main}, |
| 99 | #endif | ||
| 96 | #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) | 100 | #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) |
| 97 | {FUNC_TYPE_GENERAL,"s_time",s_time_main}, | 101 | {FUNC_TYPE_GENERAL,"s_time",s_time_main}, |
| 98 | #endif | 102 | #endif |
| @@ -111,7 +115,9 @@ FUNCTION functions[] = { | |||
| 111 | {FUNC_TYPE_GENERAL,"spkac",spkac_main}, | 115 | {FUNC_TYPE_GENERAL,"spkac",spkac_main}, |
| 112 | {FUNC_TYPE_GENERAL,"smime",smime_main}, | 116 | {FUNC_TYPE_GENERAL,"smime",smime_main}, |
| 113 | {FUNC_TYPE_GENERAL,"rand",rand_main}, | 117 | {FUNC_TYPE_GENERAL,"rand",rand_main}, |
| 118 | #ifndef OPENSSL_NO_ENGINE | ||
| 114 | {FUNC_TYPE_GENERAL,"engine",engine_main}, | 119 | {FUNC_TYPE_GENERAL,"engine",engine_main}, |
| 120 | #endif | ||
| 115 | {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, | 121 | {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, |
| 116 | #ifndef OPENSSL_NO_MD2 | 122 | #ifndef OPENSSL_NO_MD2 |
| 117 | {FUNC_TYPE_MD,"md2",dgst_main}, | 123 | {FUNC_TYPE_MD,"md2",dgst_main}, |
diff --git a/src/lib/libssl/src/apps/rand.c b/src/lib/libssl/src/apps/rand.c index f51f5bec35..63724bc730 100644 --- a/src/lib/libssl/src/apps/rand.c +++ b/src/lib/libssl/src/apps/rand.c | |||
| @@ -76,7 +76,9 @@ int MAIN(int, char **); | |||
| 76 | 76 | ||
| 77 | int MAIN(int argc, char **argv) | 77 | int MAIN(int argc, char **argv) |
| 78 | { | 78 | { |
| 79 | #ifndef OPENSSL_NO_ENGINE | ||
| 79 | ENGINE *e = NULL; | 80 | ENGINE *e = NULL; |
| 81 | #endif | ||
| 80 | int i, r, ret = 1; | 82 | int i, r, ret = 1; |
| 81 | int badopt; | 83 | int badopt; |
| 82 | char *outfile = NULL; | 84 | char *outfile = NULL; |
| @@ -84,7 +86,9 @@ int MAIN(int argc, char **argv) | |||
| 84 | int base64 = 0; | 86 | int base64 = 0; |
| 85 | BIO *out = NULL; | 87 | BIO *out = NULL; |
| 86 | int num = -1; | 88 | int num = -1; |
| 89 | #ifndef OPENSSL_NO_ENGINE | ||
| 87 | char *engine=NULL; | 90 | char *engine=NULL; |
| 91 | #endif | ||
| 88 | 92 | ||
| 89 | apps_startup(); | 93 | apps_startup(); |
| 90 | 94 | ||
| @@ -106,6 +110,7 @@ int MAIN(int argc, char **argv) | |||
| 106 | else | 110 | else |
| 107 | badopt = 1; | 111 | badopt = 1; |
| 108 | } | 112 | } |
| 113 | #ifndef OPENSSL_NO_ENGINE | ||
| 109 | else if (strcmp(argv[i], "-engine") == 0) | 114 | else if (strcmp(argv[i], "-engine") == 0) |
| 110 | { | 115 | { |
| 111 | if ((argv[i+1] != NULL) && (engine == NULL)) | 116 | if ((argv[i+1] != NULL) && (engine == NULL)) |
| @@ -113,6 +118,7 @@ int MAIN(int argc, char **argv) | |||
| 113 | else | 118 | else |
| 114 | badopt = 1; | 119 | badopt = 1; |
| 115 | } | 120 | } |
| 121 | #endif | ||
| 116 | else if (strcmp(argv[i], "-rand") == 0) | 122 | else if (strcmp(argv[i], "-rand") == 0) |
| 117 | { | 123 | { |
| 118 | if ((argv[i+1] != NULL) && (inrand == NULL)) | 124 | if ((argv[i+1] != NULL) && (inrand == NULL)) |
| @@ -150,13 +156,17 @@ int MAIN(int argc, char **argv) | |||
| 150 | BIO_printf(bio_err, "Usage: rand [options] num\n"); | 156 | BIO_printf(bio_err, "Usage: rand [options] num\n"); |
| 151 | BIO_printf(bio_err, "where options are\n"); | 157 | BIO_printf(bio_err, "where options are\n"); |
| 152 | BIO_printf(bio_err, "-out file - write to file\n"); | 158 | BIO_printf(bio_err, "-out file - write to file\n"); |
| 159 | #ifndef OPENSSL_NO_ENGINE | ||
| 153 | BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n"); | 160 | BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n"); |
| 161 | #endif | ||
| 154 | BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 162 | BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 155 | BIO_printf(bio_err, "-base64 - encode output\n"); | 163 | BIO_printf(bio_err, "-base64 - encode output\n"); |
| 156 | goto err; | 164 | goto err; |
| 157 | } | 165 | } |
| 158 | 166 | ||
| 167 | #ifndef OPENSSL_NO_ENGINE | ||
| 159 | e = setup_engine(bio_err, engine, 0); | 168 | e = setup_engine(bio_err, engine, 0); |
| 169 | #endif | ||
| 160 | 170 | ||
| 161 | app_RAND_load_file(NULL, bio_err, (inrand != NULL)); | 171 | app_RAND_load_file(NULL, bio_err, (inrand != NULL)); |
| 162 | if (inrand != NULL) | 172 | if (inrand != NULL) |
| @@ -213,5 +223,5 @@ err: | |||
| 213 | if (out) | 223 | if (out) |
| 214 | BIO_free_all(out); | 224 | BIO_free_all(out); |
| 215 | apps_shutdown(); | 225 | apps_shutdown(); |
| 216 | EXIT(ret); | 226 | OPENSSL_EXIT(ret); |
| 217 | } | 227 | } |
diff --git a/src/lib/libssl/src/apps/req.c b/src/lib/libssl/src/apps/req.c index c53752335b..c6464e9401 100644 --- a/src/lib/libssl/src/apps/req.c +++ b/src/lib/libssl/src/apps/req.c | |||
| @@ -73,6 +73,7 @@ | |||
| 73 | #include <openssl/x509v3.h> | 73 | #include <openssl/x509v3.h> |
| 74 | #include <openssl/objects.h> | 74 | #include <openssl/objects.h> |
| 75 | #include <openssl/pem.h> | 75 | #include <openssl/pem.h> |
| 76 | #include "../crypto/cryptlib.h" | ||
| 76 | 77 | ||
| 77 | #define SECTION "req" | 78 | #define SECTION "req" |
| 78 | 79 | ||
| @@ -134,7 +135,6 @@ static int req_check_len(int len,int n_min,int n_max); | |||
| 134 | static int check_end(char *str, char *end); | 135 | static int check_end(char *str, char *end); |
| 135 | #ifndef MONOLITH | 136 | #ifndef MONOLITH |
| 136 | static char *default_config_file=NULL; | 137 | static char *default_config_file=NULL; |
| 137 | static CONF *config=NULL; | ||
| 138 | #endif | 138 | #endif |
| 139 | static CONF *req_conf=NULL; | 139 | static CONF *req_conf=NULL; |
| 140 | static int batch=0; | 140 | static int batch=0; |
| @@ -162,7 +162,9 @@ int MAIN(int argc, char **argv) | |||
| 162 | int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; | 162 | int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; |
| 163 | int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; | 163 | int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; |
| 164 | char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; | 164 | char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; |
| 165 | #ifndef OPENSSL_NO_ENGINE | ||
| 165 | char *engine=NULL; | 166 | char *engine=NULL; |
| 167 | #endif | ||
| 166 | char *extensions = NULL; | 168 | char *extensions = NULL; |
| 167 | char *req_exts = NULL; | 169 | char *req_exts = NULL; |
| 168 | const EVP_CIPHER *cipher=NULL; | 170 | const EVP_CIPHER *cipher=NULL; |
| @@ -176,7 +178,7 @@ int MAIN(int argc, char **argv) | |||
| 176 | const EVP_MD *md_alg=NULL,*digest=EVP_md5(); | 178 | const EVP_MD *md_alg=NULL,*digest=EVP_md5(); |
| 177 | unsigned long chtype = MBSTRING_ASC; | 179 | unsigned long chtype = MBSTRING_ASC; |
| 178 | #ifndef MONOLITH | 180 | #ifndef MONOLITH |
| 179 | MS_STATIC char config_name[256]; | 181 | char *to_free; |
| 180 | long errline; | 182 | long errline; |
| 181 | #endif | 183 | #endif |
| 182 | 184 | ||
| @@ -210,11 +212,13 @@ int MAIN(int argc, char **argv) | |||
| 210 | if (--argc < 1) goto bad; | 212 | if (--argc < 1) goto bad; |
| 211 | outformat=str2fmt(*(++argv)); | 213 | outformat=str2fmt(*(++argv)); |
| 212 | } | 214 | } |
| 215 | #ifndef OPENSSL_NO_ENGINE | ||
| 213 | else if (strcmp(*argv,"-engine") == 0) | 216 | else if (strcmp(*argv,"-engine") == 0) |
| 214 | { | 217 | { |
| 215 | if (--argc < 1) goto bad; | 218 | if (--argc < 1) goto bad; |
| 216 | engine= *(++argv); | 219 | engine= *(++argv); |
| 217 | } | 220 | } |
| 221 | #endif | ||
| 218 | else if (strcmp(*argv,"-key") == 0) | 222 | else if (strcmp(*argv,"-key") == 0) |
| 219 | { | 223 | { |
| 220 | if (--argc < 1) goto bad; | 224 | if (--argc < 1) goto bad; |
| @@ -428,7 +432,9 @@ bad: | |||
| 428 | BIO_printf(bio_err," -verify verify signature on REQ\n"); | 432 | BIO_printf(bio_err," -verify verify signature on REQ\n"); |
| 429 | BIO_printf(bio_err," -modulus RSA modulus\n"); | 433 | BIO_printf(bio_err," -modulus RSA modulus\n"); |
| 430 | BIO_printf(bio_err," -nodes don't encrypt the output key\n"); | 434 | BIO_printf(bio_err," -nodes don't encrypt the output key\n"); |
| 435 | #ifndef OPENSSL_NO_ENGINE | ||
| 431 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n"); | 436 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n"); |
| 437 | #endif | ||
| 432 | BIO_printf(bio_err," -subject output the request's subject\n"); | 438 | BIO_printf(bio_err," -subject output the request's subject\n"); |
| 433 | BIO_printf(bio_err," -passin private key password source\n"); | 439 | BIO_printf(bio_err," -passin private key password source\n"); |
| 434 | BIO_printf(bio_err," -key file use the private key contained in file\n"); | 440 | BIO_printf(bio_err," -key file use the private key contained in file\n"); |
| @@ -453,7 +459,7 @@ bad: | |||
| 453 | BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); | 459 | BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); |
| 454 | BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); | 460 | BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); |
| 455 | BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); | 461 | BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); |
| 456 | BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); | 462 | BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); |
| 457 | BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); | 463 | BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); |
| 458 | goto end; | 464 | goto end; |
| 459 | } | 465 | } |
| @@ -470,14 +476,7 @@ bad: | |||
| 470 | if (p == NULL) | 476 | if (p == NULL) |
| 471 | p=getenv("SSLEAY_CONF"); | 477 | p=getenv("SSLEAY_CONF"); |
| 472 | if (p == NULL) | 478 | if (p == NULL) |
| 473 | { | 479 | p=to_free=make_config_name(); |
| 474 | strlcpy(config_name,X509_get_default_cert_area(),sizeof config_name); | ||
| 475 | #ifndef OPENSSL_SYS_VMS | ||
| 476 | strlcat(config_name,"/",sizeof config_name); | ||
| 477 | #endif | ||
| 478 | strlcat(config_name,OPENSSL_CONF,sizeof config_name); | ||
| 479 | p=config_name; | ||
| 480 | } | ||
| 481 | default_config_file=p; | 480 | default_config_file=p; |
| 482 | config=NCONF_new(NULL); | 481 | config=NCONF_new(NULL); |
| 483 | i=NCONF_load(config, p, &errline); | 482 | i=NCONF_load(config, p, &errline); |
| @@ -485,7 +484,7 @@ bad: | |||
| 485 | 484 | ||
| 486 | if (template != NULL) | 485 | if (template != NULL) |
| 487 | { | 486 | { |
| 488 | long errline; | 487 | long errline = -1; |
| 489 | 488 | ||
| 490 | if( verbose ) | 489 | if( verbose ) |
| 491 | BIO_printf(bio_err,"Using configuration from %s\n",template); | 490 | BIO_printf(bio_err,"Using configuration from %s\n",template); |
| @@ -624,7 +623,9 @@ bad: | |||
| 624 | if ((in == NULL) || (out == NULL)) | 623 | if ((in == NULL) || (out == NULL)) |
| 625 | goto end; | 624 | goto end; |
| 626 | 625 | ||
| 626 | #ifndef OPENSSL_NO_ENGINE | ||
| 627 | e = setup_engine(bio_err, engine, 0); | 627 | e = setup_engine(bio_err, engine, 0); |
| 628 | #endif | ||
| 628 | 629 | ||
| 629 | if (keyfile != NULL) | 630 | if (keyfile != NULL) |
| 630 | { | 631 | { |
| @@ -1059,6 +1060,10 @@ loop: | |||
| 1059 | } | 1060 | } |
| 1060 | ex=0; | 1061 | ex=0; |
| 1061 | end: | 1062 | end: |
| 1063 | #ifndef MONOLITH | ||
| 1064 | if(to_free) | ||
| 1065 | OPENSSL_free(to_free); | ||
| 1066 | #endif | ||
| 1062 | if (ex) | 1067 | if (ex) |
| 1063 | { | 1068 | { |
| 1064 | ERR_print_errors(bio_err); | 1069 | ERR_print_errors(bio_err); |
| @@ -1077,7 +1082,7 @@ end: | |||
| 1077 | if (dsa_params != NULL) DSA_free(dsa_params); | 1082 | if (dsa_params != NULL) DSA_free(dsa_params); |
| 1078 | #endif | 1083 | #endif |
| 1079 | apps_shutdown(); | 1084 | apps_shutdown(); |
| 1080 | EXIT(ex); | 1085 | OPENSSL_EXIT(ex); |
| 1081 | } | 1086 | } |
| 1082 | 1087 | ||
| 1083 | static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs, | 1088 | static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs, |
| @@ -1218,7 +1223,13 @@ start: for (;;) | |||
| 1218 | } | 1223 | } |
| 1219 | /* If OBJ not recognised ignore it */ | 1224 | /* If OBJ not recognised ignore it */ |
| 1220 | if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; | 1225 | if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; |
| 1221 | snprintf(buf,sizeof buf,"%s_default",v->name); | 1226 | if (snprintf(buf,sizeof buf,"%s_default",v->name) |
| 1227 | >= sizeof buf) | ||
| 1228 | { | ||
| 1229 | BIO_printf(bio_err,"Name '%s' too long\n",v->name); | ||
| 1230 | return 0; | ||
| 1231 | } | ||
| 1232 | |||
| 1222 | if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) | 1233 | if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) |
| 1223 | { | 1234 | { |
| 1224 | ERR_clear_error(); | 1235 | ERR_clear_error(); |
| @@ -1234,11 +1245,17 @@ start: for (;;) | |||
| 1234 | 1245 | ||
| 1235 | snprintf(buf,sizeof buf,"%s_min",v->name); | 1246 | snprintf(buf,sizeof buf,"%s_min",v->name); |
| 1236 | if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min)) | 1247 | if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min)) |
| 1248 | { | ||
| 1249 | ERR_clear_error(); | ||
| 1237 | n_min = -1; | 1250 | n_min = -1; |
| 1251 | } | ||
| 1238 | 1252 | ||
| 1239 | snprintf(buf,sizeof buf,"%s_max",v->name); | 1253 | snprintf(buf,sizeof buf,"%s_max",v->name); |
| 1240 | if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max)) | 1254 | if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max)) |
| 1255 | { | ||
| 1256 | ERR_clear_error(); | ||
| 1241 | n_max = -1; | 1257 | n_max = -1; |
| 1258 | } | ||
| 1242 | 1259 | ||
| 1243 | if (!add_DN_object(subj,v->value,def,value,nid, | 1260 | if (!add_DN_object(subj,v->value,def,value,nid, |
| 1244 | n_min,n_max, chtype)) | 1261 | n_min,n_max, chtype)) |
| @@ -1271,7 +1288,13 @@ start2: for (;;) | |||
| 1271 | if ((nid=OBJ_txt2nid(type)) == NID_undef) | 1288 | if ((nid=OBJ_txt2nid(type)) == NID_undef) |
| 1272 | goto start2; | 1289 | goto start2; |
| 1273 | 1290 | ||
| 1274 | snprintf(buf,sizeof buf,"%s_default",type); | 1291 | if (snprintf(buf,sizeof buf,"%s_default",type) |
| 1292 | >= sizeof buf) | ||
| 1293 | { | ||
| 1294 | BIO_printf(bio_err,"Name '%s' too long\n",v->name); | ||
| 1295 | return 0; | ||
| 1296 | } | ||
| 1297 | |||
| 1275 | if ((def=NCONF_get_string(req_conf,attr_sect,buf)) | 1298 | if ((def=NCONF_get_string(req_conf,attr_sect,buf)) |
| 1276 | == NULL) | 1299 | == NULL) |
| 1277 | { | 1300 | { |
| @@ -1383,7 +1406,7 @@ start: | |||
| 1383 | buf[0]='\0'; | 1406 | buf[0]='\0'; |
| 1384 | if (!batch) | 1407 | if (!batch) |
| 1385 | { | 1408 | { |
| 1386 | fgets(buf,1024,stdin); | 1409 | fgets(buf,sizeof buf,stdin); |
| 1387 | } | 1410 | } |
| 1388 | else | 1411 | else |
| 1389 | { | 1412 | { |
| @@ -1441,7 +1464,7 @@ start: | |||
| 1441 | buf[0]='\0'; | 1464 | buf[0]='\0'; |
| 1442 | if (!batch) | 1465 | if (!batch) |
| 1443 | { | 1466 | { |
| 1444 | fgets(buf,1024,stdin); | 1467 | fgets(buf,sizeof buf,stdin); |
| 1445 | } | 1468 | } |
| 1446 | else | 1469 | else |
| 1447 | { | 1470 | { |
diff --git a/src/lib/libssl/src/apps/rsa.c b/src/lib/libssl/src/apps/rsa.c index 4e19bc16fb..0acdb08b24 100644 --- a/src/lib/libssl/src/apps/rsa.c +++ b/src/lib/libssl/src/apps/rsa.c | |||
| @@ -104,7 +104,9 @@ int MAIN(int argc, char **argv) | |||
| 104 | char *infile,*outfile,*prog; | 104 | char *infile,*outfile,*prog; |
| 105 | char *passargin = NULL, *passargout = NULL; | 105 | char *passargin = NULL, *passargout = NULL; |
| 106 | char *passin = NULL, *passout = NULL; | 106 | char *passin = NULL, *passout = NULL; |
| 107 | #ifndef OPENSSL_NO_ENGINE | ||
| 107 | char *engine=NULL; | 108 | char *engine=NULL; |
| 109 | #endif | ||
| 108 | int modulus=0; | 110 | int modulus=0; |
| 109 | 111 | ||
| 110 | apps_startup(); | 112 | apps_startup(); |
| @@ -156,11 +158,13 @@ int MAIN(int argc, char **argv) | |||
| 156 | if (--argc < 1) goto bad; | 158 | if (--argc < 1) goto bad; |
| 157 | passargout= *(++argv); | 159 | passargout= *(++argv); |
| 158 | } | 160 | } |
| 161 | #ifndef OPENSSL_NO_ENGINE | ||
| 159 | else if (strcmp(*argv,"-engine") == 0) | 162 | else if (strcmp(*argv,"-engine") == 0) |
| 160 | { | 163 | { |
| 161 | if (--argc < 1) goto bad; | 164 | if (--argc < 1) goto bad; |
| 162 | engine= *(++argv); | 165 | engine= *(++argv); |
| 163 | } | 166 | } |
| 167 | #endif | ||
| 164 | else if (strcmp(*argv,"-sgckey") == 0) | 168 | else if (strcmp(*argv,"-sgckey") == 0) |
| 165 | sgckey=1; | 169 | sgckey=1; |
| 166 | else if (strcmp(*argv,"-pubin") == 0) | 170 | else if (strcmp(*argv,"-pubin") == 0) |
| @@ -212,13 +216,17 @@ bad: | |||
| 212 | BIO_printf(bio_err," -check verify key consistency\n"); | 216 | BIO_printf(bio_err," -check verify key consistency\n"); |
| 213 | BIO_printf(bio_err," -pubin expect a public key in input file\n"); | 217 | BIO_printf(bio_err," -pubin expect a public key in input file\n"); |
| 214 | BIO_printf(bio_err," -pubout output a public key\n"); | 218 | BIO_printf(bio_err," -pubout output a public key\n"); |
| 219 | #ifndef OPENSSL_NO_ENGINE | ||
| 215 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 220 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 221 | #endif | ||
| 216 | goto end; | 222 | goto end; |
| 217 | } | 223 | } |
| 218 | 224 | ||
| 219 | ERR_load_crypto_strings(); | 225 | ERR_load_crypto_strings(); |
| 220 | 226 | ||
| 227 | #ifndef OPENSSL_NO_ENGINE | ||
| 221 | e = setup_engine(bio_err, engine, 0); | 228 | e = setup_engine(bio_err, engine, 0); |
| 229 | #endif | ||
| 222 | 230 | ||
| 223 | if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { | 231 | if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { |
| 224 | BIO_printf(bio_err, "Error getting passwords\n"); | 232 | BIO_printf(bio_err, "Error getting passwords\n"); |
| @@ -369,7 +377,7 @@ end: | |||
| 369 | if(passin) OPENSSL_free(passin); | 377 | if(passin) OPENSSL_free(passin); |
| 370 | if(passout) OPENSSL_free(passout); | 378 | if(passout) OPENSSL_free(passout); |
| 371 | apps_shutdown(); | 379 | apps_shutdown(); |
| 372 | EXIT(ret); | 380 | OPENSSL_EXIT(ret); |
| 373 | } | 381 | } |
| 374 | #else /* !OPENSSL_NO_RSA */ | 382 | #else /* !OPENSSL_NO_RSA */ |
| 375 | 383 | ||
diff --git a/src/lib/libssl/src/apps/rsautl.c b/src/lib/libssl/src/apps/rsautl.c index 36957e5b84..5a6fd115f4 100644 --- a/src/lib/libssl/src/apps/rsautl.c +++ b/src/lib/libssl/src/apps/rsautl.c | |||
| @@ -85,7 +85,9 @@ int MAIN(int argc, char **argv) | |||
| 85 | ENGINE *e = NULL; | 85 | ENGINE *e = NULL; |
| 86 | BIO *in = NULL, *out = NULL; | 86 | BIO *in = NULL, *out = NULL; |
| 87 | char *infile = NULL, *outfile = NULL; | 87 | char *infile = NULL, *outfile = NULL; |
| 88 | #ifndef OPENSSL_NO_ENGINE | ||
| 88 | char *engine = NULL; | 89 | char *engine = NULL; |
| 90 | #endif | ||
| 89 | char *keyfile = NULL; | 91 | char *keyfile = NULL; |
| 90 | char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; | 92 | char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; |
| 91 | int keyform = FORMAT_PEM; | 93 | int keyform = FORMAT_PEM; |
| @@ -125,9 +127,11 @@ int MAIN(int argc, char **argv) | |||
| 125 | } else if (strcmp(*argv,"-keyform") == 0) { | 127 | } else if (strcmp(*argv,"-keyform") == 0) { |
| 126 | if (--argc < 1) badarg = 1; | 128 | if (--argc < 1) badarg = 1; |
| 127 | keyform=str2fmt(*(++argv)); | 129 | keyform=str2fmt(*(++argv)); |
| 130 | #ifndef OPENSSL_NO_ENGINE | ||
| 128 | } else if(!strcmp(*argv, "-engine")) { | 131 | } else if(!strcmp(*argv, "-engine")) { |
| 129 | if (--argc < 1) badarg = 1; | 132 | if (--argc < 1) badarg = 1; |
| 130 | engine = *(++argv); | 133 | engine = *(++argv); |
| 134 | #endif | ||
| 131 | } else if(!strcmp(*argv, "-pubin")) { | 135 | } else if(!strcmp(*argv, "-pubin")) { |
| 132 | key_type = KEY_PUBKEY; | 136 | key_type = KEY_PUBKEY; |
| 133 | } else if(!strcmp(*argv, "-certin")) { | 137 | } else if(!strcmp(*argv, "-certin")) { |
| @@ -162,7 +166,9 @@ int MAIN(int argc, char **argv) | |||
| 162 | goto end; | 166 | goto end; |
| 163 | } | 167 | } |
| 164 | 168 | ||
| 169 | #ifndef OPENSSL_NO_ENGINE | ||
| 165 | e = setup_engine(bio_err, engine, 0); | 170 | e = setup_engine(bio_err, engine, 0); |
| 171 | #endif | ||
| 166 | 172 | ||
| 167 | /* FIXME: seed PRNG only if needed */ | 173 | /* FIXME: seed PRNG only if needed */ |
| 168 | app_RAND_load_file(NULL, bio_err, 0); | 174 | app_RAND_load_file(NULL, bio_err, 0); |
| @@ -305,7 +311,9 @@ static void usage() | |||
| 305 | BIO_printf(bio_err, "-encrypt encrypt with public key\n"); | 311 | BIO_printf(bio_err, "-encrypt encrypt with public key\n"); |
| 306 | BIO_printf(bio_err, "-decrypt decrypt with private key\n"); | 312 | BIO_printf(bio_err, "-decrypt decrypt with private key\n"); |
| 307 | BIO_printf(bio_err, "-hexdump hex dump output\n"); | 313 | BIO_printf(bio_err, "-hexdump hex dump output\n"); |
| 314 | #ifndef OPENSSL_NO_ENGINE | ||
| 308 | BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); | 315 | BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); |
| 316 | #endif | ||
| 309 | 317 | ||
| 310 | } | 318 | } |
| 311 | 319 | ||
diff --git a/src/lib/libssl/src/apps/s_cb.c b/src/lib/libssl/src/apps/s_cb.c index ca5b24548c..675527df1f 100644 --- a/src/lib/libssl/src/apps/s_cb.c +++ b/src/lib/libssl/src/apps/s_cb.c | |||
| @@ -134,7 +134,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) | |||
| 134 | err= X509_STORE_CTX_get_error(ctx); | 134 | err= X509_STORE_CTX_get_error(ctx); |
| 135 | depth= X509_STORE_CTX_get_error_depth(ctx); | 135 | depth= X509_STORE_CTX_get_error_depth(ctx); |
| 136 | 136 | ||
| 137 | X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); | 137 | X509_NAME_oneline(X509_get_subject_name(err_cert),buf,sizeof buf); |
| 138 | BIO_printf(bio_err,"depth=%d %s\n",depth,buf); | 138 | BIO_printf(bio_err,"depth=%d %s\n",depth,buf); |
| 139 | if (!ok) | 139 | if (!ok) |
| 140 | { | 140 | { |
| @@ -154,7 +154,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) | |||
| 154 | switch (ctx->error) | 154 | switch (ctx->error) |
| 155 | { | 155 | { |
| 156 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: | 156 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: |
| 157 | X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256); | 157 | X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,sizeof buf); |
| 158 | BIO_printf(bio_err,"issuer= %s\n",buf); | 158 | BIO_printf(bio_err,"issuer= %s\n",buf); |
| 159 | break; | 159 | break; |
| 160 | case X509_V_ERR_CERT_NOT_YET_VALID: | 160 | case X509_V_ERR_CERT_NOT_YET_VALID: |
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index 658a79d390..2e73f34676 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c | |||
| @@ -140,6 +140,14 @@ typedef unsigned int u_int; | |||
| 140 | #include <conio.h> | 140 | #include <conio.h> |
| 141 | #endif | 141 | #endif |
| 142 | 142 | ||
| 143 | #ifdef OPENSSL_SYS_WINCE | ||
| 144 | /* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */ | ||
| 145 | #ifdef fileno | ||
| 146 | #undef fileno | ||
| 147 | #endif | ||
| 148 | #define fileno(a) (int)_fileno(a) | ||
| 149 | #endif | ||
| 150 | |||
| 143 | 151 | ||
| 144 | #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) | 152 | #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) |
| 145 | /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ | 153 | /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ |
| @@ -214,7 +222,9 @@ static void sc_usage(void) | |||
| 214 | BIO_printf(bio_err," for those protocols that support it, where\n"); | 222 | BIO_printf(bio_err," for those protocols that support it, where\n"); |
| 215 | BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); | 223 | BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); |
| 216 | BIO_printf(bio_err," only \"smtp\" is supported.\n"); | 224 | BIO_printf(bio_err," only \"smtp\" is supported.\n"); |
| 225 | #ifndef OPENSSL_NO_ENGINE | ||
| 217 | BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); | 226 | BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); |
| 227 | #endif | ||
| 218 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 228 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 219 | 229 | ||
| 220 | } | 230 | } |
| @@ -246,8 +256,10 @@ int MAIN(int argc, char **argv) | |||
| 246 | SSL_METHOD *meth=NULL; | 256 | SSL_METHOD *meth=NULL; |
| 247 | BIO *sbio; | 257 | BIO *sbio; |
| 248 | char *inrand=NULL; | 258 | char *inrand=NULL; |
| 259 | #ifndef OPENSSL_NO_ENGINE | ||
| 249 | char *engine_id=NULL; | 260 | char *engine_id=NULL; |
| 250 | ENGINE *e=NULL; | 261 | ENGINE *e=NULL; |
| 262 | #endif | ||
| 251 | #ifdef OPENSSL_SYS_WINDOWS | 263 | #ifdef OPENSSL_SYS_WINDOWS |
| 252 | struct timeval tv; | 264 | struct timeval tv; |
| 253 | #endif | 265 | #endif |
| @@ -407,11 +419,13 @@ int MAIN(int argc, char **argv) | |||
| 407 | else | 419 | else |
| 408 | goto bad; | 420 | goto bad; |
| 409 | } | 421 | } |
| 422 | #ifndef OPENSSL_NO_ENGINE | ||
| 410 | else if (strcmp(*argv,"-engine") == 0) | 423 | else if (strcmp(*argv,"-engine") == 0) |
| 411 | { | 424 | { |
| 412 | if (--argc < 1) goto bad; | 425 | if (--argc < 1) goto bad; |
| 413 | engine_id = *(++argv); | 426 | engine_id = *(++argv); |
| 414 | } | 427 | } |
| 428 | #endif | ||
| 415 | else if (strcmp(*argv,"-rand") == 0) | 429 | else if (strcmp(*argv,"-rand") == 0) |
| 416 | { | 430 | { |
| 417 | if (--argc < 1) goto bad; | 431 | if (--argc < 1) goto bad; |
| @@ -436,7 +450,9 @@ bad: | |||
| 436 | OpenSSL_add_ssl_algorithms(); | 450 | OpenSSL_add_ssl_algorithms(); |
| 437 | SSL_load_error_strings(); | 451 | SSL_load_error_strings(); |
| 438 | 452 | ||
| 453 | #ifndef OPENSSL_NO_ENGINE | ||
| 439 | e = setup_engine(bio_err, engine_id, 1); | 454 | e = setup_engine(bio_err, engine_id, 1); |
| 455 | #endif | ||
| 440 | 456 | ||
| 441 | if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL | 457 | if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL |
| 442 | && !RAND_status()) | 458 | && !RAND_status()) |
| @@ -662,7 +678,11 @@ re_start: | |||
| 662 | tv.tv_usec = 0; | 678 | tv.tv_usec = 0; |
| 663 | i=select(width,(void *)&readfds,(void *)&writefds, | 679 | i=select(width,(void *)&readfds,(void *)&writefds, |
| 664 | NULL,&tv); | 680 | NULL,&tv); |
| 681 | #ifdef OPENSSL_SYS_WINCE | ||
| 682 | if(!i && (!_kbhit() || !read_tty) ) continue; | ||
| 683 | #else | ||
| 665 | if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; | 684 | if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; |
| 685 | #endif | ||
| 666 | } else i=select(width,(void *)&readfds,(void *)&writefds, | 686 | } else i=select(width,(void *)&readfds,(void *)&writefds, |
| 667 | NULL,NULL); | 687 | NULL,NULL); |
| 668 | } | 688 | } |
| @@ -746,8 +766,8 @@ re_start: | |||
| 746 | goto shut; | 766 | goto shut; |
| 747 | } | 767 | } |
| 748 | } | 768 | } |
| 749 | #ifdef OPENSSL_SYS_WINDOWS | 769 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) |
| 750 | /* Assume Windows can always write */ | 770 | /* Assume Windows/DOS can always write */ |
| 751 | else if (!ssl_pending && write_tty) | 771 | else if (!ssl_pending && write_tty) |
| 752 | #else | 772 | #else |
| 753 | else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds)) | 773 | else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds)) |
| @@ -828,7 +848,11 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 | |||
| 828 | } | 848 | } |
| 829 | 849 | ||
| 830 | #ifdef OPENSSL_SYS_WINDOWS | 850 | #ifdef OPENSSL_SYS_WINDOWS |
| 851 | #ifdef OPENSSL_SYS_WINCE | ||
| 852 | else if (_kbhit()) | ||
| 853 | #else | ||
| 831 | else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) | 854 | else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) |
| 855 | #endif | ||
| 832 | #else | 856 | #else |
| 833 | else if (FD_ISSET(fileno(stdin),&readfds)) | 857 | else if (FD_ISSET(fileno(stdin),&readfds)) |
| 834 | #endif | 858 | #endif |
| @@ -892,16 +916,16 @@ end: | |||
| 892 | if (con != NULL) SSL_free(con); | 916 | if (con != NULL) SSL_free(con); |
| 893 | if (con2 != NULL) SSL_free(con2); | 917 | if (con2 != NULL) SSL_free(con2); |
| 894 | if (ctx != NULL) SSL_CTX_free(ctx); | 918 | if (ctx != NULL) SSL_CTX_free(ctx); |
| 895 | if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); } | 919 | if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } |
| 896 | if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); } | 920 | if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } |
| 897 | if (mbuf != NULL) { memset(mbuf,0,BUFSIZZ); OPENSSL_free(mbuf); } | 921 | if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } |
| 898 | if (bio_c_out != NULL) | 922 | if (bio_c_out != NULL) |
| 899 | { | 923 | { |
| 900 | BIO_free(bio_c_out); | 924 | BIO_free(bio_c_out); |
| 901 | bio_c_out=NULL; | 925 | bio_c_out=NULL; |
| 902 | } | 926 | } |
| 903 | apps_shutdown(); | 927 | apps_shutdown(); |
| 904 | EXIT(ret); | 928 | OPENSSL_EXIT(ret); |
| 905 | } | 929 | } |
| 906 | 930 | ||
| 907 | 931 | ||
| @@ -930,10 +954,10 @@ static void print_stuff(BIO *bio, SSL *s, int full) | |||
| 930 | for (i=0; i<sk_X509_num(sk); i++) | 954 | for (i=0; i<sk_X509_num(sk); i++) |
| 931 | { | 955 | { |
| 932 | X509_NAME_oneline(X509_get_subject_name( | 956 | X509_NAME_oneline(X509_get_subject_name( |
| 933 | sk_X509_value(sk,i)),buf,BUFSIZ); | 957 | sk_X509_value(sk,i)),buf,sizeof buf); |
| 934 | BIO_printf(bio,"%2d s:%s\n",i,buf); | 958 | BIO_printf(bio,"%2d s:%s\n",i,buf); |
| 935 | X509_NAME_oneline(X509_get_issuer_name( | 959 | X509_NAME_oneline(X509_get_issuer_name( |
| 936 | sk_X509_value(sk,i)),buf,BUFSIZ); | 960 | sk_X509_value(sk,i)),buf,sizeof buf); |
| 937 | BIO_printf(bio," i:%s\n",buf); | 961 | BIO_printf(bio," i:%s\n",buf); |
| 938 | if (c_showcerts) | 962 | if (c_showcerts) |
| 939 | PEM_write_bio_X509(bio,sk_X509_value(sk,i)); | 963 | PEM_write_bio_X509(bio,sk_X509_value(sk,i)); |
| @@ -948,10 +972,10 @@ static void print_stuff(BIO *bio, SSL *s, int full) | |||
| 948 | if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ | 972 | if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ |
| 949 | PEM_write_bio_X509(bio,peer); | 973 | PEM_write_bio_X509(bio,peer); |
| 950 | X509_NAME_oneline(X509_get_subject_name(peer), | 974 | X509_NAME_oneline(X509_get_subject_name(peer), |
| 951 | buf,BUFSIZ); | 975 | buf,sizeof buf); |
| 952 | BIO_printf(bio,"subject=%s\n",buf); | 976 | BIO_printf(bio,"subject=%s\n",buf); |
| 953 | X509_NAME_oneline(X509_get_issuer_name(peer), | 977 | X509_NAME_oneline(X509_get_issuer_name(peer), |
| 954 | buf,BUFSIZ); | 978 | buf,sizeof buf); |
| 955 | BIO_printf(bio,"issuer=%s\n",buf); | 979 | BIO_printf(bio,"issuer=%s\n",buf); |
| 956 | } | 980 | } |
| 957 | else | 981 | else |
| @@ -973,7 +997,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) | |||
| 973 | { | 997 | { |
| 974 | BIO_printf(bio,"---\nNo client certificate CA names sent\n"); | 998 | BIO_printf(bio,"---\nNo client certificate CA names sent\n"); |
| 975 | } | 999 | } |
| 976 | p=SSL_get_shared_ciphers(s,buf,BUFSIZ); | 1000 | p=SSL_get_shared_ciphers(s,buf,sizeof buf); |
| 977 | if (p != NULL) | 1001 | if (p != NULL) |
| 978 | { | 1002 | { |
| 979 | /* This works only for SSL 2. In later protocol | 1003 | /* This works only for SSL 2. In later protocol |
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index b03231f3ba..5157aae4d1 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c | |||
| @@ -144,6 +144,14 @@ typedef unsigned int u_int; | |||
| 144 | #include <conio.h> | 144 | #include <conio.h> |
| 145 | #endif | 145 | #endif |
| 146 | 146 | ||
| 147 | #ifdef OPENSSL_SYS_WINCE | ||
| 148 | /* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */ | ||
| 149 | #ifdef fileno | ||
| 150 | #undef fileno | ||
| 151 | #endif | ||
| 152 | #define fileno(a) (int)_fileno(a) | ||
| 153 | #endif | ||
| 154 | |||
| 147 | #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) | 155 | #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) |
| 148 | /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ | 156 | /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ |
| 149 | #undef FIONBIO | 157 | #undef FIONBIO |
| @@ -234,7 +242,9 @@ static int s_msg=0; | |||
| 234 | static int s_quiet=0; | 242 | static int s_quiet=0; |
| 235 | 243 | ||
| 236 | static int hack=0; | 244 | static int hack=0; |
| 245 | #ifndef OPENSSL_NO_ENGINE | ||
| 237 | static char *engine_id=NULL; | 246 | static char *engine_id=NULL; |
| 247 | #endif | ||
| 238 | static const char *session_id_prefix=NULL; | 248 | static const char *session_id_prefix=NULL; |
| 239 | 249 | ||
| 240 | #ifdef MONOLITH | 250 | #ifdef MONOLITH |
| @@ -259,7 +269,9 @@ static void s_server_init(void) | |||
| 259 | s_msg=0; | 269 | s_msg=0; |
| 260 | s_quiet=0; | 270 | s_quiet=0; |
| 261 | hack=0; | 271 | hack=0; |
| 272 | #ifndef OPENSSL_NO_ENGINE | ||
| 262 | engine_id=NULL; | 273 | engine_id=NULL; |
| 274 | #endif | ||
| 263 | } | 275 | } |
| 264 | #endif | 276 | #endif |
| 265 | 277 | ||
| @@ -308,7 +320,9 @@ static void sv_usage(void) | |||
| 308 | BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); | 320 | BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); |
| 309 | BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); | 321 | BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); |
| 310 | BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); | 322 | BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); |
| 323 | #ifndef OPENSSL_NO_ENGINE | ||
| 311 | BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); | 324 | BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); |
| 325 | #endif | ||
| 312 | BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); | 326 | BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); |
| 313 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 327 | BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 314 | } | 328 | } |
| @@ -482,7 +496,9 @@ int MAIN(int argc, char *argv[]) | |||
| 482 | int no_tmp_rsa=0,no_dhe=0,nocert=0; | 496 | int no_tmp_rsa=0,no_dhe=0,nocert=0; |
| 483 | int state=0; | 497 | int state=0; |
| 484 | SSL_METHOD *meth=NULL; | 498 | SSL_METHOD *meth=NULL; |
| 499 | #ifndef OPENSSL_NO_ENGINE | ||
| 485 | ENGINE *e=NULL; | 500 | ENGINE *e=NULL; |
| 501 | #endif | ||
| 486 | char *inrand=NULL; | 502 | char *inrand=NULL; |
| 487 | 503 | ||
| 488 | #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) | 504 | #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) |
| @@ -657,11 +673,13 @@ int MAIN(int argc, char *argv[]) | |||
| 657 | if (--argc < 1) goto bad; | 673 | if (--argc < 1) goto bad; |
| 658 | session_id_prefix = *(++argv); | 674 | session_id_prefix = *(++argv); |
| 659 | } | 675 | } |
| 676 | #ifndef OPENSSL_NO_ENGINE | ||
| 660 | else if (strcmp(*argv,"-engine") == 0) | 677 | else if (strcmp(*argv,"-engine") == 0) |
| 661 | { | 678 | { |
| 662 | if (--argc < 1) goto bad; | 679 | if (--argc < 1) goto bad; |
| 663 | engine_id= *(++argv); | 680 | engine_id= *(++argv); |
| 664 | } | 681 | } |
| 682 | #endif | ||
| 665 | else if (strcmp(*argv,"-rand") == 0) | 683 | else if (strcmp(*argv,"-rand") == 0) |
| 666 | { | 684 | { |
| 667 | if (--argc < 1) goto bad; | 685 | if (--argc < 1) goto bad; |
| @@ -686,7 +704,9 @@ bad: | |||
| 686 | SSL_load_error_strings(); | 704 | SSL_load_error_strings(); |
| 687 | OpenSSL_add_ssl_algorithms(); | 705 | OpenSSL_add_ssl_algorithms(); |
| 688 | 706 | ||
| 707 | #ifndef OPENSSL_NO_ENGINE | ||
| 689 | e = setup_engine(bio_err, engine_id, 1); | 708 | e = setup_engine(bio_err, engine_id, 1); |
| 709 | #endif | ||
| 690 | 710 | ||
| 691 | if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL | 711 | if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL |
| 692 | && !RAND_status()) | 712 | && !RAND_status()) |
| @@ -860,7 +880,7 @@ end: | |||
| 860 | bio_s_out=NULL; | 880 | bio_s_out=NULL; |
| 861 | } | 881 | } |
| 862 | apps_shutdown(); | 882 | apps_shutdown(); |
| 863 | EXIT(ret); | 883 | OPENSSL_EXIT(ret); |
| 864 | } | 884 | } |
| 865 | 885 | ||
| 866 | static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) | 886 | static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) |
| @@ -1176,7 +1196,7 @@ err: | |||
| 1176 | BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); | 1196 | BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); |
| 1177 | if (buf != NULL) | 1197 | if (buf != NULL) |
| 1178 | { | 1198 | { |
| 1179 | memset(buf,0,bufsize); | 1199 | OPENSSL_cleanse(buf,bufsize); |
| 1180 | OPENSSL_free(buf); | 1200 | OPENSSL_free(buf); |
| 1181 | } | 1201 | } |
| 1182 | if (ret >= 0) | 1202 | if (ret >= 0) |
| @@ -1228,14 +1248,14 @@ static int init_ssl_connection(SSL *con) | |||
| 1228 | { | 1248 | { |
| 1229 | BIO_printf(bio_s_out,"Client certificate\n"); | 1249 | BIO_printf(bio_s_out,"Client certificate\n"); |
| 1230 | PEM_write_bio_X509(bio_s_out,peer); | 1250 | PEM_write_bio_X509(bio_s_out,peer); |
| 1231 | X509_NAME_oneline(X509_get_subject_name(peer),buf,BUFSIZ); | 1251 | X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf); |
| 1232 | BIO_printf(bio_s_out,"subject=%s\n",buf); | 1252 | BIO_printf(bio_s_out,"subject=%s\n",buf); |
| 1233 | X509_NAME_oneline(X509_get_issuer_name(peer),buf,BUFSIZ); | 1253 | X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf); |
| 1234 | BIO_printf(bio_s_out,"issuer=%s\n",buf); | 1254 | BIO_printf(bio_s_out,"issuer=%s\n",buf); |
| 1235 | X509_free(peer); | 1255 | X509_free(peer); |
| 1236 | } | 1256 | } |
| 1237 | 1257 | ||
| 1238 | if (SSL_get_shared_ciphers(con,buf,BUFSIZ) != NULL) | 1258 | if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL) |
| 1239 | BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); | 1259 | BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); |
| 1240 | str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); | 1260 | str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); |
| 1241 | BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); | 1261 | BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); |
| @@ -1395,7 +1415,7 @@ static int www_body(char *hostname, int s, unsigned char *context) | |||
| 1395 | else | 1415 | else |
| 1396 | { | 1416 | { |
| 1397 | BIO_printf(bio_s_out,"read R BLOCK\n"); | 1417 | BIO_printf(bio_s_out,"read R BLOCK\n"); |
| 1398 | #ifndef OPENSSL_SYS_MSDOS | 1418 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) |
| 1399 | sleep(1); | 1419 | sleep(1); |
| 1400 | #endif | 1420 | #endif |
| 1401 | continue; | 1421 | continue; |
diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c index 17e087d4da..02c3f640cf 100644 --- a/src/lib/libssl/src/apps/s_socket.c +++ b/src/lib/libssl/src/apps/s_socket.c | |||
| @@ -83,9 +83,9 @@ typedef unsigned int u_int; | |||
| 83 | 83 | ||
| 84 | static struct hostent *GetHostByName(char *name); | 84 | static struct hostent *GetHostByName(char *name); |
| 85 | #ifdef OPENSSL_SYS_WINDOWS | 85 | #ifdef OPENSSL_SYS_WINDOWS |
| 86 | static void sock_cleanup(void); | 86 | static void ssl_sock_cleanup(void); |
| 87 | #endif | 87 | #endif |
| 88 | static int sock_init(void); | 88 | static int ssl_sock_init(void); |
| 89 | static int init_client_ip(int *sock,unsigned char ip[4], int port); | 89 | static int init_client_ip(int *sock,unsigned char ip[4], int port); |
| 90 | static int init_server(int *sock, int port); | 90 | static int init_server(int *sock, int port); |
| 91 | static int init_server_long(int *sock, int port,char *ip); | 91 | static int init_server_long(int *sock, int port,char *ip); |
| @@ -118,7 +118,7 @@ static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam, | |||
| 118 | case WM_DESTROY: | 118 | case WM_DESTROY: |
| 119 | case WM_CLOSE: | 119 | case WM_CLOSE: |
| 120 | SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc); | 120 | SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc); |
| 121 | sock_cleanup(); | 121 | ssl_sock_cleanup(); |
| 122 | break; | 122 | break; |
| 123 | } | 123 | } |
| 124 | } | 124 | } |
| @@ -135,26 +135,34 @@ static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam) | |||
| 135 | #endif /* OPENSSL_SYS_WINDOWS */ | 135 | #endif /* OPENSSL_SYS_WINDOWS */ |
| 136 | 136 | ||
| 137 | #ifdef OPENSSL_SYS_WINDOWS | 137 | #ifdef OPENSSL_SYS_WINDOWS |
| 138 | static void sock_cleanup(void) | 138 | static void ssl_sock_cleanup(void) |
| 139 | { | 139 | { |
| 140 | if (wsa_init_done) | 140 | if (wsa_init_done) |
| 141 | { | 141 | { |
| 142 | wsa_init_done=0; | 142 | wsa_init_done=0; |
| 143 | #ifndef OPENSSL_SYS_WINCE | ||
| 143 | WSACancelBlockingCall(); | 144 | WSACancelBlockingCall(); |
| 145 | #endif | ||
| 144 | WSACleanup(); | 146 | WSACleanup(); |
| 145 | } | 147 | } |
| 146 | } | 148 | } |
| 147 | #endif | 149 | #endif |
| 148 | 150 | ||
| 149 | static int sock_init(void) | 151 | static int ssl_sock_init(void) |
| 150 | { | 152 | { |
| 151 | #ifdef OPENSSL_SYS_WINDOWS | 153 | #ifdef WATT32 |
| 154 | extern int _watt_do_exit; | ||
| 155 | _watt_do_exit = 0; | ||
| 156 | dbug_init(); | ||
| 157 | if (sock_init()) | ||
| 158 | return (0); | ||
| 159 | #elif defined(OPENSSL_SYS_WINDOWS) | ||
| 152 | if (!wsa_init_done) | 160 | if (!wsa_init_done) |
| 153 | { | 161 | { |
| 154 | int err; | 162 | int err; |
| 155 | 163 | ||
| 156 | #ifdef SIGINT | 164 | #ifdef SIGINT |
| 157 | signal(SIGINT,(void (*)(int))sock_cleanup); | 165 | signal(SIGINT,(void (*)(int))ssl_sock_cleanup); |
| 158 | #endif | 166 | #endif |
| 159 | wsa_init_done=1; | 167 | wsa_init_done=1; |
| 160 | memset(&wsa_state,0,sizeof(wsa_state)); | 168 | memset(&wsa_state,0,sizeof(wsa_state)); |
| @@ -196,7 +204,7 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port) | |||
| 196 | struct sockaddr_in them; | 204 | struct sockaddr_in them; |
| 197 | int s,i; | 205 | int s,i; |
| 198 | 206 | ||
| 199 | if (!sock_init()) return(0); | 207 | if (!ssl_sock_init()) return(0); |
| 200 | 208 | ||
| 201 | memset((char *)&them,0,sizeof(them)); | 209 | memset((char *)&them,0,sizeof(them)); |
| 202 | them.sin_family=AF_INET; | 210 | them.sin_family=AF_INET; |
| @@ -261,7 +269,7 @@ static int init_server_long(int *sock, int port, char *ip) | |||
| 261 | struct sockaddr_in server; | 269 | struct sockaddr_in server; |
| 262 | int s= -1,i; | 270 | int s= -1,i; |
| 263 | 271 | ||
| 264 | if (!sock_init()) return(0); | 272 | if (!ssl_sock_init()) return(0); |
| 265 | 273 | ||
| 266 | memset((char *)&server,0,sizeof(server)); | 274 | memset((char *)&server,0,sizeof(server)); |
| 267 | server.sin_family=AF_INET; | 275 | server.sin_family=AF_INET; |
| @@ -318,7 +326,7 @@ static int do_accept(int acc_sock, int *sock, char **host) | |||
| 318 | int len; | 326 | int len; |
| 319 | /* struct linger ling; */ | 327 | /* struct linger ling; */ |
| 320 | 328 | ||
| 321 | if (!sock_init()) return(0); | 329 | if (!ssl_sock_init()) return(0); |
| 322 | 330 | ||
| 323 | #ifndef OPENSSL_SYS_WINDOWS | 331 | #ifndef OPENSSL_SYS_WINDOWS |
| 324 | redoit: | 332 | redoit: |
| @@ -448,7 +456,7 @@ static int host_ip(char *str, unsigned char ip[4]) | |||
| 448 | { /* do a gethostbyname */ | 456 | { /* do a gethostbyname */ |
| 449 | struct hostent *he; | 457 | struct hostent *he; |
| 450 | 458 | ||
| 451 | if (!sock_init()) return(0); | 459 | if (!ssl_sock_init()) return(0); |
| 452 | 460 | ||
| 453 | he=GetHostByName(str); | 461 | he=GetHostByName(str); |
| 454 | if (he == NULL) | 462 | if (he == NULL) |
| @@ -529,9 +537,12 @@ static struct hostent *GetHostByName(char *name) | |||
| 529 | ret=gethostbyname(name); | 537 | ret=gethostbyname(name); |
| 530 | if (ret == NULL) return(NULL); | 538 | if (ret == NULL) return(NULL); |
| 531 | /* else add to cache */ | 539 | /* else add to cache */ |
| 532 | strncpy(ghbn_cache[lowi].name,name,128); | 540 | if(strlen(name) < sizeof ghbn_cache[0].name) |
| 533 | memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent)); | 541 | { |
| 534 | ghbn_cache[lowi].order=ghbn_miss+ghbn_hits; | 542 | strcpy(ghbn_cache[lowi].name,name); |
| 543 | memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent)); | ||
| 544 | ghbn_cache[lowi].order=ghbn_miss+ghbn_hits; | ||
| 545 | } | ||
| 535 | return(ret); | 546 | return(ret); |
| 536 | } | 547 | } |
| 537 | else | 548 | else |
diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c index 7ba5b4293c..8a699de0ea 100644 --- a/src/lib/libssl/src/apps/s_time.c +++ b/src/lib/libssl/src/apps/s_time.c | |||
| @@ -146,6 +146,8 @@ | |||
| 146 | #undef BUFSIZZ | 146 | #undef BUFSIZZ |
| 147 | #define BUFSIZZ 1024*10 | 147 | #define BUFSIZZ 1024*10 |
| 148 | 148 | ||
| 149 | #define MYBUFSIZ 1024*8 | ||
| 150 | |||
| 149 | #undef min | 151 | #undef min |
| 150 | #undef max | 152 | #undef max |
| 151 | #define min(a,b) (((a) < (b)) ? (a) : (b)) | 153 | #define min(a,b) (((a) < (b)) ? (a) : (b)) |
| @@ -320,6 +322,11 @@ static int parseArgs(int argc, char **argv) | |||
| 320 | { | 322 | { |
| 321 | if (--argc < 1) goto bad; | 323 | if (--argc < 1) goto bad; |
| 322 | s_www_path= *(++argv); | 324 | s_www_path= *(++argv); |
| 325 | if(strlen(s_www_path) > MYBUFSIZ-100) | ||
| 326 | { | ||
| 327 | BIO_printf(bio_err,"-www option too long\n"); | ||
| 328 | badop=1; | ||
| 329 | } | ||
| 323 | } | 330 | } |
| 324 | else if(strcmp(*argv,"-bugs") == 0) | 331 | else if(strcmp(*argv,"-bugs") == 0) |
| 325 | st_bugs=1; | 332 | st_bugs=1; |
| @@ -480,7 +487,7 @@ int MAIN(int argc, char **argv) | |||
| 480 | tm_Time_F(START); | 487 | tm_Time_F(START); |
| 481 | for (;;) | 488 | for (;;) |
| 482 | { | 489 | { |
| 483 | if (finishtime < time(NULL)) break; | 490 | if (finishtime < (long)time(NULL)) break; |
| 484 | #ifdef WIN32_STUFF | 491 | #ifdef WIN32_STUFF |
| 485 | 492 | ||
| 486 | if( flushWinMsgs(0) == -1 ) | 493 | if( flushWinMsgs(0) == -1 ) |
| @@ -531,9 +538,9 @@ int MAIN(int argc, char **argv) | |||
| 531 | } | 538 | } |
| 532 | totalTime += tm_Time_F(STOP); /* Add the time for this iteration */ | 539 | totalTime += tm_Time_F(STOP); /* Add the time for this iteration */ |
| 533 | 540 | ||
| 534 | i=(int)(time(NULL)-finishtime+maxTime); | 541 | i=(int)((long)time(NULL)-finishtime+maxTime); |
| 535 | printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read); | 542 | printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read); |
| 536 | printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn); | 543 | printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn); |
| 537 | 544 | ||
| 538 | /* Now loop and time connections using the same session id over and over */ | 545 | /* Now loop and time connections using the same session id over and over */ |
| 539 | 546 | ||
| @@ -565,7 +572,7 @@ next: | |||
| 565 | nConn = 0; | 572 | nConn = 0; |
| 566 | totalTime = 0.0; | 573 | totalTime = 0.0; |
| 567 | 574 | ||
| 568 | finishtime=time(NULL)+maxTime; | 575 | finishtime=(long)time(NULL)+maxTime; |
| 569 | 576 | ||
| 570 | printf( "starting\n" ); | 577 | printf( "starting\n" ); |
| 571 | bytes_read=0; | 578 | bytes_read=0; |
| @@ -573,7 +580,7 @@ next: | |||
| 573 | 580 | ||
| 574 | for (;;) | 581 | for (;;) |
| 575 | { | 582 | { |
| 576 | if (finishtime < time(NULL)) break; | 583 | if (finishtime < (long)time(NULL)) break; |
| 577 | 584 | ||
| 578 | #ifdef WIN32_STUFF | 585 | #ifdef WIN32_STUFF |
| 579 | if( flushWinMsgs(0) == -1 ) | 586 | if( flushWinMsgs(0) == -1 ) |
| @@ -623,7 +630,7 @@ next: | |||
| 623 | 630 | ||
| 624 | 631 | ||
| 625 | printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read); | 632 | printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read); |
| 626 | printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn); | 633 | printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn); |
| 627 | 634 | ||
| 628 | ret=0; | 635 | ret=0; |
| 629 | end: | 636 | end: |
| @@ -635,7 +642,7 @@ end: | |||
| 635 | tm_ctx=NULL; | 642 | tm_ctx=NULL; |
| 636 | } | 643 | } |
| 637 | apps_shutdown(); | 644 | apps_shutdown(); |
| 638 | EXIT(ret); | 645 | OPENSSL_EXIT(ret); |
| 639 | } | 646 | } |
| 640 | 647 | ||
| 641 | /*********************************************************************** | 648 | /*********************************************************************** |
diff --git a/src/lib/libssl/src/apps/sess_id.c b/src/lib/libssl/src/apps/sess_id.c index 41c3b3f4a3..d91d84d220 100644 --- a/src/lib/libssl/src/apps/sess_id.c +++ b/src/lib/libssl/src/apps/sess_id.c | |||
| @@ -273,7 +273,7 @@ end: | |||
| 273 | if (out != NULL) BIO_free_all(out); | 273 | if (out != NULL) BIO_free_all(out); |
| 274 | if (x != NULL) SSL_SESSION_free(x); | 274 | if (x != NULL) SSL_SESSION_free(x); |
| 275 | apps_shutdown(); | 275 | apps_shutdown(); |
| 276 | EXIT(ret); | 276 | OPENSSL_EXIT(ret); |
| 277 | } | 277 | } |
| 278 | 278 | ||
| 279 | static SSL_SESSION *load_sess_id(char *infile, int format) | 279 | static SSL_SESSION *load_sess_id(char *infile, int format) |
diff --git a/src/lib/libssl/src/apps/smime.c b/src/lib/libssl/src/apps/smime.c index ef0e477464..cc248d377b 100644 --- a/src/lib/libssl/src/apps/smime.c +++ b/src/lib/libssl/src/apps/smime.c | |||
| @@ -104,7 +104,9 @@ int MAIN(int argc, char **argv) | |||
| 104 | int need_rand = 0; | 104 | int need_rand = 0; |
| 105 | int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; | 105 | int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; |
| 106 | int keyform = FORMAT_PEM; | 106 | int keyform = FORMAT_PEM; |
| 107 | #ifndef OPENSSL_NO_ENGINE | ||
| 107 | char *engine=NULL; | 108 | char *engine=NULL; |
| 109 | #endif | ||
| 108 | 110 | ||
| 109 | args = argv + 1; | 111 | args = argv + 1; |
| 110 | ret = 1; | 112 | ret = 1; |
| @@ -176,11 +178,13 @@ int MAIN(int argc, char **argv) | |||
| 176 | inrand = *args; | 178 | inrand = *args; |
| 177 | } else badarg = 1; | 179 | } else badarg = 1; |
| 178 | need_rand = 1; | 180 | need_rand = 1; |
| 181 | #ifndef OPENSSL_NO_ENGINE | ||
| 179 | } else if (!strcmp(*args,"-engine")) { | 182 | } else if (!strcmp(*args,"-engine")) { |
| 180 | if (args[1]) { | 183 | if (args[1]) { |
| 181 | args++; | 184 | args++; |
| 182 | engine = *args; | 185 | engine = *args; |
| 183 | } else badarg = 1; | 186 | } else badarg = 1; |
| 187 | #endif | ||
| 184 | } else if (!strcmp(*args,"-passin")) { | 188 | } else if (!strcmp(*args,"-passin")) { |
| 185 | if (args[1]) { | 189 | if (args[1]) { |
| 186 | args++; | 190 | args++; |
| @@ -330,7 +334,9 @@ int MAIN(int argc, char **argv) | |||
| 330 | BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); | 334 | BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); |
| 331 | BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); | 335 | BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); |
| 332 | BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); | 336 | BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); |
| 337 | #ifndef OPENSSL_NO_ENGINE | ||
| 333 | BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); | 338 | BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); |
| 339 | #endif | ||
| 334 | BIO_printf (bio_err, "-passin arg input file pass phrase source\n"); | 340 | BIO_printf (bio_err, "-passin arg input file pass phrase source\n"); |
| 335 | BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 341 | BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 336 | BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); | 342 | BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); |
| @@ -339,7 +345,9 @@ int MAIN(int argc, char **argv) | |||
| 339 | goto end; | 345 | goto end; |
| 340 | } | 346 | } |
| 341 | 347 | ||
| 348 | #ifndef OPENSSL_NO_ENGINE | ||
| 342 | e = setup_engine(bio_err, engine, 0); | 349 | e = setup_engine(bio_err, engine, 0); |
| 350 | #endif | ||
| 343 | 351 | ||
| 344 | if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { | 352 | if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { |
| 345 | BIO_printf(bio_err, "Error getting password\n"); | 353 | BIO_printf(bio_err, "Error getting password\n"); |
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c index b9ab4cfcb9..ec55b4188c 100644 --- a/src/lib/libssl/src/apps/speed.c +++ b/src/lib/libssl/src/apps/speed.c | |||
| @@ -58,6 +58,8 @@ | |||
| 58 | 58 | ||
| 59 | /* most of this code has been pilfered from my libdes speed.c program */ | 59 | /* most of this code has been pilfered from my libdes speed.c program */ |
| 60 | 60 | ||
| 61 | #ifndef OPENSSL_NO_SPEED | ||
| 62 | |||
| 61 | #undef SECONDS | 63 | #undef SECONDS |
| 62 | #define SECONDS 3 | 64 | #define SECONDS 3 |
| 63 | #define RSA_SECONDS 10 | 65 | #define RSA_SECONDS 10 |
| @@ -187,7 +189,8 @@ | |||
| 187 | 189 | ||
| 188 | /* The following if from times(3) man page. It may need to be changed */ | 190 | /* The following if from times(3) man page. It may need to be changed */ |
| 189 | #ifndef HZ | 191 | #ifndef HZ |
| 190 | # ifdef _SC_CLK_TCK | 192 | # if defined(_SC_CLK_TCK) \ |
| 193 | && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) | ||
| 191 | # define HZ ((double)sysconf(_SC_CLK_TCK)) | 194 | # define HZ ((double)sysconf(_SC_CLK_TCK)) |
| 192 | # else | 195 | # else |
| 193 | # ifndef CLK_TCK | 196 | # ifndef CLK_TCK |
| @@ -369,7 +372,9 @@ int MAIN(int, char **); | |||
| 369 | 372 | ||
| 370 | int MAIN(int argc, char **argv) | 373 | int MAIN(int argc, char **argv) |
| 371 | { | 374 | { |
| 375 | #ifndef OPENSSL_NO_ENGINE | ||
| 372 | ENGINE *e = NULL; | 376 | ENGINE *e = NULL; |
| 377 | #endif | ||
| 373 | unsigned char *buf=NULL,*buf2=NULL; | 378 | unsigned char *buf=NULL,*buf2=NULL; |
| 374 | int mret=1; | 379 | int mret=1; |
| 375 | long count=0,save_count=0; | 380 | long count=0,save_count=0; |
| @@ -589,6 +594,7 @@ int MAIN(int argc, char **argv) | |||
| 589 | j--; /* Otherwise, -elapsed gets confused with | 594 | j--; /* Otherwise, -elapsed gets confused with |
| 590 | an algorithm. */ | 595 | an algorithm. */ |
| 591 | } | 596 | } |
| 597 | #ifndef OPENSSL_NO_ENGINE | ||
| 592 | else if ((argc > 0) && (strcmp(*argv,"-engine") == 0)) | 598 | else if ((argc > 0) && (strcmp(*argv,"-engine") == 0)) |
| 593 | { | 599 | { |
| 594 | argc--; | 600 | argc--; |
| @@ -605,6 +611,7 @@ int MAIN(int argc, char **argv) | |||
| 605 | means all of them should be run) */ | 611 | means all of them should be run) */ |
| 606 | j--; | 612 | j--; |
| 607 | } | 613 | } |
| 614 | #endif | ||
| 608 | #ifdef HAVE_FORK | 615 | #ifdef HAVE_FORK |
| 609 | else if ((argc > 0) && (strcmp(*argv,"-multi") == 0)) | 616 | else if ((argc > 0) && (strcmp(*argv,"-multi") == 0)) |
| 610 | { | 617 | { |
| @@ -864,7 +871,9 @@ int MAIN(int argc, char **argv) | |||
| 864 | #if defined(TIMES) || defined(USE_TOD) | 871 | #if defined(TIMES) || defined(USE_TOD) |
| 865 | BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n"); | 872 | BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n"); |
| 866 | #endif | 873 | #endif |
| 874 | #ifndef OPENSSL_NO_ENGINE | ||
| 867 | BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); | 875 | BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); |
| 876 | #endif | ||
| 868 | BIO_printf(bio_err,"-evp e use EVP e.\n"); | 877 | BIO_printf(bio_err,"-evp e use EVP e.\n"); |
| 869 | BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n"); | 878 | BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n"); |
| 870 | BIO_printf(bio_err,"-mr produce machine readable output.\n"); | 879 | BIO_printf(bio_err,"-mr produce machine readable output.\n"); |
| @@ -1392,6 +1401,7 @@ int MAIN(int argc, char **argv) | |||
| 1392 | else | 1401 | else |
| 1393 | EVP_EncryptFinal_ex(&ctx,buf,&outl); | 1402 | EVP_EncryptFinal_ex(&ctx,buf,&outl); |
| 1394 | d=Time_F(STOP); | 1403 | d=Time_F(STOP); |
| 1404 | EVP_CIPHER_CTX_cleanup(&ctx); | ||
| 1395 | } | 1405 | } |
| 1396 | if (evp_md) | 1406 | if (evp_md) |
| 1397 | { | 1407 | { |
| @@ -1728,7 +1738,7 @@ end: | |||
| 1728 | DSA_free(dsa_key[i]); | 1738 | DSA_free(dsa_key[i]); |
| 1729 | #endif | 1739 | #endif |
| 1730 | apps_shutdown(); | 1740 | apps_shutdown(); |
| 1731 | EXIT(mret); | 1741 | OPENSSL_EXIT(mret); |
| 1732 | } | 1742 | } |
| 1733 | 1743 | ||
| 1734 | static void print_message(const char *s, long num, int length) | 1744 | static void print_message(const char *s, long num, int length) |
| @@ -1781,7 +1791,7 @@ static char *sstrsep(char **string, const char *delim) | |||
| 1781 | if (**string == 0) | 1791 | if (**string == 0) |
| 1782 | return NULL; | 1792 | return NULL; |
| 1783 | 1793 | ||
| 1784 | memset(isdelim, 0, 256); | 1794 | memset(isdelim, 0, sizeof isdelim); |
| 1785 | isdelim[0] = 1; | 1795 | isdelim[0] = 1; |
| 1786 | 1796 | ||
| 1787 | while (*delim) | 1797 | while (*delim) |
| @@ -1938,3 +1948,4 @@ static int do_multi(int multi) | |||
| 1938 | return 1; | 1948 | return 1; |
| 1939 | } | 1949 | } |
| 1940 | #endif | 1950 | #endif |
| 1951 | #endif | ||
diff --git a/src/lib/libssl/src/apps/spkac.c b/src/lib/libssl/src/apps/spkac.c index 4ce53e36c9..47ee53f1ee 100644 --- a/src/lib/libssl/src/apps/spkac.c +++ b/src/lib/libssl/src/apps/spkac.c | |||
| @@ -92,7 +92,9 @@ int MAIN(int argc, char **argv) | |||
| 92 | CONF *conf = NULL; | 92 | CONF *conf = NULL; |
| 93 | NETSCAPE_SPKI *spki = NULL; | 93 | NETSCAPE_SPKI *spki = NULL; |
| 94 | EVP_PKEY *pkey = NULL; | 94 | EVP_PKEY *pkey = NULL; |
| 95 | #ifndef OPENSSL_NO_ENGINE | ||
| 95 | char *engine=NULL; | 96 | char *engine=NULL; |
| 97 | #endif | ||
| 96 | 98 | ||
| 97 | apps_startup(); | 99 | apps_startup(); |
| 98 | 100 | ||
| @@ -141,11 +143,13 @@ int MAIN(int argc, char **argv) | |||
| 141 | if (--argc < 1) goto bad; | 143 | if (--argc < 1) goto bad; |
| 142 | spksect= *(++argv); | 144 | spksect= *(++argv); |
| 143 | } | 145 | } |
| 146 | #ifndef OPENSSL_NO_ENGINE | ||
| 144 | else if (strcmp(*argv,"-engine") == 0) | 147 | else if (strcmp(*argv,"-engine") == 0) |
| 145 | { | 148 | { |
| 146 | if (--argc < 1) goto bad; | 149 | if (--argc < 1) goto bad; |
| 147 | engine= *(++argv); | 150 | engine= *(++argv); |
| 148 | } | 151 | } |
| 152 | #endif | ||
| 149 | else if (strcmp(*argv,"-noout") == 0) | 153 | else if (strcmp(*argv,"-noout") == 0) |
| 150 | noout=1; | 154 | noout=1; |
| 151 | else if (strcmp(*argv,"-pubkey") == 0) | 155 | else if (strcmp(*argv,"-pubkey") == 0) |
| @@ -171,7 +175,9 @@ bad: | |||
| 171 | BIO_printf(bio_err," -noout don't print SPKAC\n"); | 175 | BIO_printf(bio_err," -noout don't print SPKAC\n"); |
| 172 | BIO_printf(bio_err," -pubkey output public key\n"); | 176 | BIO_printf(bio_err," -pubkey output public key\n"); |
| 173 | BIO_printf(bio_err," -verify verify SPKAC signature\n"); | 177 | BIO_printf(bio_err," -verify verify SPKAC signature\n"); |
| 178 | #ifndef OPENSSL_NO_ENGINE | ||
| 174 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); | 179 | BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); |
| 180 | #endif | ||
| 175 | goto end; | 181 | goto end; |
| 176 | } | 182 | } |
| 177 | 183 | ||
| @@ -181,7 +187,9 @@ bad: | |||
| 181 | goto end; | 187 | goto end; |
| 182 | } | 188 | } |
| 183 | 189 | ||
| 190 | #ifndef OPENSSL_NO_ENGINE | ||
| 184 | e = setup_engine(bio_err, engine, 0); | 191 | e = setup_engine(bio_err, engine, 0); |
| 192 | #endif | ||
| 185 | 193 | ||
| 186 | if(keyfile) { | 194 | if(keyfile) { |
| 187 | pkey = load_key(bio_err, | 195 | pkey = load_key(bio_err, |
| @@ -295,5 +303,5 @@ end: | |||
| 295 | EVP_PKEY_free(pkey); | 303 | EVP_PKEY_free(pkey); |
| 296 | if(passin) OPENSSL_free(passin); | 304 | if(passin) OPENSSL_free(passin); |
| 297 | apps_shutdown(); | 305 | apps_shutdown(); |
| 298 | EXIT(ret); | 306 | OPENSSL_EXIT(ret); |
| 299 | } | 307 | } |
diff --git a/src/lib/libssl/src/apps/verify.c b/src/lib/libssl/src/apps/verify.c index 215ef84fc7..6a93c018b8 100644 --- a/src/lib/libssl/src/apps/verify.c +++ b/src/lib/libssl/src/apps/verify.c | |||
| @@ -86,7 +86,9 @@ int MAIN(int argc, char **argv) | |||
| 86 | STACK_OF(X509) *untrusted = NULL, *trusted = NULL; | 86 | STACK_OF(X509) *untrusted = NULL, *trusted = NULL; |
| 87 | X509_STORE *cert_ctx=NULL; | 87 | X509_STORE *cert_ctx=NULL; |
| 88 | X509_LOOKUP *lookup=NULL; | 88 | X509_LOOKUP *lookup=NULL; |
| 89 | #ifndef OPENSSL_NO_ENGINE | ||
| 89 | char *engine=NULL; | 90 | char *engine=NULL; |
| 91 | #endif | ||
| 90 | 92 | ||
| 91 | cert_ctx=X509_STORE_new(); | 93 | cert_ctx=X509_STORE_new(); |
| 92 | if (cert_ctx == NULL) goto end; | 94 | if (cert_ctx == NULL) goto end; |
| @@ -142,11 +144,13 @@ int MAIN(int argc, char **argv) | |||
| 142 | if (argc-- < 1) goto end; | 144 | if (argc-- < 1) goto end; |
| 143 | trustfile= *(++argv); | 145 | trustfile= *(++argv); |
| 144 | } | 146 | } |
| 147 | #ifndef OPENSSL_NO_ENGINE | ||
| 145 | else if (strcmp(*argv,"-engine") == 0) | 148 | else if (strcmp(*argv,"-engine") == 0) |
| 146 | { | 149 | { |
| 147 | if (--argc < 1) goto end; | 150 | if (--argc < 1) goto end; |
| 148 | engine= *(++argv); | 151 | engine= *(++argv); |
| 149 | } | 152 | } |
| 153 | #endif | ||
| 150 | else if (strcmp(*argv,"-help") == 0) | 154 | else if (strcmp(*argv,"-help") == 0) |
| 151 | goto end; | 155 | goto end; |
| 152 | else if (strcmp(*argv,"-ignore_critical") == 0) | 156 | else if (strcmp(*argv,"-ignore_critical") == 0) |
| @@ -170,7 +174,9 @@ int MAIN(int argc, char **argv) | |||
| 170 | break; | 174 | break; |
| 171 | } | 175 | } |
| 172 | 176 | ||
| 177 | #ifndef OPENSSL_NO_ENGINE | ||
| 173 | e = setup_engine(bio_err, engine, 0); | 178 | e = setup_engine(bio_err, engine, 0); |
| 179 | #endif | ||
| 174 | 180 | ||
| 175 | lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file()); | 181 | lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file()); |
| 176 | if (lookup == NULL) abort(); | 182 | if (lookup == NULL) abort(); |
| @@ -219,7 +225,11 @@ int MAIN(int argc, char **argv) | |||
| 219 | ret=0; | 225 | ret=0; |
| 220 | end: | 226 | end: |
| 221 | if (ret == 1) { | 227 | if (ret == 1) { |
| 222 | BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-engine e] cert1 cert2 ...\n"); | 228 | BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]"); |
| 229 | #ifndef OPENSSL_NO_ENGINE | ||
| 230 | BIO_printf(bio_err," [-engine e]"); | ||
| 231 | #endif | ||
| 232 | BIO_printf(bio_err," cert1 cert2 ...\n"); | ||
| 223 | BIO_printf(bio_err,"recognized usages:\n"); | 233 | BIO_printf(bio_err,"recognized usages:\n"); |
| 224 | for(i = 0; i < X509_PURPOSE_get_count(); i++) { | 234 | for(i = 0; i < X509_PURPOSE_get_count(); i++) { |
| 225 | X509_PURPOSE *ptmp; | 235 | X509_PURPOSE *ptmp; |
| @@ -232,7 +242,7 @@ end: | |||
| 232 | sk_X509_pop_free(untrusted, X509_free); | 242 | sk_X509_pop_free(untrusted, X509_free); |
| 233 | sk_X509_pop_free(trusted, X509_free); | 243 | sk_X509_pop_free(trusted, X509_free); |
| 234 | apps_shutdown(); | 244 | apps_shutdown(); |
| 235 | EXIT(ret); | 245 | OPENSSL_EXIT(ret); |
| 236 | } | 246 | } |
| 237 | 247 | ||
| 238 | static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e) | 248 | static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e) |
| @@ -330,7 +340,8 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) | |||
| 330 | if (!ok) | 340 | if (!ok) |
| 331 | { | 341 | { |
| 332 | X509_NAME_oneline( | 342 | X509_NAME_oneline( |
| 333 | X509_get_subject_name(ctx->current_cert),buf,256); | 343 | X509_get_subject_name(ctx->current_cert),buf, |
| 344 | sizeof buf); | ||
| 334 | printf("%s\n",buf); | 345 | printf("%s\n",buf); |
| 335 | printf("error %d at %d depth lookup:%s\n",ctx->error, | 346 | printf("error %d at %d depth lookup:%s\n",ctx->error, |
| 336 | ctx->error_depth, | 347 | ctx->error_depth, |
diff --git a/src/lib/libssl/src/apps/version.c b/src/lib/libssl/src/apps/version.c index 0cbcb47f88..0843b67565 100644 --- a/src/lib/libssl/src/apps/version.c +++ b/src/lib/libssl/src/apps/version.c | |||
| @@ -200,5 +200,5 @@ int MAIN(int argc, char **argv) | |||
| 200 | if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR)); | 200 | if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR)); |
| 201 | end: | 201 | end: |
| 202 | apps_shutdown(); | 202 | apps_shutdown(); |
| 203 | EXIT(ret); | 203 | OPENSSL_EXIT(ret); |
| 204 | } | 204 | } |
diff --git a/src/lib/libssl/src/apps/winrand.c b/src/lib/libssl/src/apps/winrand.c index d042258b50..59bede3d70 100644 --- a/src/lib/libssl/src/apps/winrand.c +++ b/src/lib/libssl/src/apps/winrand.c | |||
| @@ -118,7 +118,6 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam) | |||
| 118 | HDC hdc; | 118 | HDC hdc; |
| 119 | PAINTSTRUCT ps; | 119 | PAINTSTRUCT ps; |
| 120 | RECT rect; | 120 | RECT rect; |
| 121 | char buffer[200]; | ||
| 122 | static int seeded = 0; | 121 | static int seeded = 0; |
| 123 | 122 | ||
| 124 | switch (iMsg) | 123 | switch (iMsg) |
diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c index 7681e7e8ba..e300bb82cf 100644 --- a/src/lib/libssl/src/apps/x509.c +++ b/src/lib/libssl/src/apps/x509.c | |||
| @@ -122,7 +122,7 @@ static char *x509_usage[]={ | |||
| 122 | " -CAkey arg - set the CA key, must be PEM format\n", | 122 | " -CAkey arg - set the CA key, must be PEM format\n", |
| 123 | " missing, it is assumed to be in the CA file.\n", | 123 | " missing, it is assumed to be in the CA file.\n", |
| 124 | " -CAcreateserial - create serial number file if it does not exist\n", | 124 | " -CAcreateserial - create serial number file if it does not exist\n", |
| 125 | " -CAserial - serial file\n", | 125 | " -CAserial arg - serial file\n", |
| 126 | " -set_serial - serial number to use\n", | 126 | " -set_serial - serial number to use\n", |
| 127 | " -text - print the certificate in text form\n", | 127 | " -text - print the certificate in text form\n", |
| 128 | " -C - print out C code forms\n", | 128 | " -C - print out C code forms\n", |
| @@ -131,7 +131,9 @@ static char *x509_usage[]={ | |||
| 131 | " -extensions - section from config file with X509V3 extensions to add\n", | 131 | " -extensions - section from config file with X509V3 extensions to add\n", |
| 132 | " -clrext - delete extensions before signing and input certificate\n", | 132 | " -clrext - delete extensions before signing and input certificate\n", |
| 133 | " -nameopt arg - various certificate name options\n", | 133 | " -nameopt arg - various certificate name options\n", |
| 134 | #ifndef OPENSSL_NO_ENGINE | ||
| 134 | " -engine e - use engine e, possibly a hardware device.\n", | 135 | " -engine e - use engine e, possibly a hardware device.\n", |
| 136 | #endif | ||
| 135 | " -certopt arg - various certificate text options\n", | 137 | " -certopt arg - various certificate text options\n", |
| 136 | NULL | 138 | NULL |
| 137 | }; | 139 | }; |
| @@ -183,7 +185,9 @@ int MAIN(int argc, char **argv) | |||
| 183 | int need_rand = 0; | 185 | int need_rand = 0; |
| 184 | int checkend=0,checkoffset=0; | 186 | int checkend=0,checkoffset=0; |
| 185 | unsigned long nmflag = 0, certflag = 0; | 187 | unsigned long nmflag = 0, certflag = 0; |
| 188 | #ifndef OPENSSL_NO_ENGINE | ||
| 186 | char *engine=NULL; | 189 | char *engine=NULL; |
| 190 | #endif | ||
| 187 | 191 | ||
| 188 | reqfile=0; | 192 | reqfile=0; |
| 189 | 193 | ||
| @@ -354,17 +358,13 @@ int MAIN(int argc, char **argv) | |||
| 354 | if (--argc < 1) goto bad; | 358 | if (--argc < 1) goto bad; |
| 355 | if (!set_name_ex(&nmflag, *(++argv))) goto bad; | 359 | if (!set_name_ex(&nmflag, *(++argv))) goto bad; |
| 356 | } | 360 | } |
| 357 | else if (strcmp(*argv,"-setalias") == 0) | 361 | #ifndef OPENSSL_NO_ENGINE |
| 358 | { | ||
| 359 | if (--argc < 1) goto bad; | ||
| 360 | alias= *(++argv); | ||
| 361 | trustout = 1; | ||
| 362 | } | ||
| 363 | else if (strcmp(*argv,"-engine") == 0) | 362 | else if (strcmp(*argv,"-engine") == 0) |
| 364 | { | 363 | { |
| 365 | if (--argc < 1) goto bad; | 364 | if (--argc < 1) goto bad; |
| 366 | engine= *(++argv); | 365 | engine= *(++argv); |
| 367 | } | 366 | } |
| 367 | #endif | ||
| 368 | else if (strcmp(*argv,"-C") == 0) | 368 | else if (strcmp(*argv,"-C") == 0) |
| 369 | C= ++num; | 369 | C= ++num; |
| 370 | else if (strcmp(*argv,"-email") == 0) | 370 | else if (strcmp(*argv,"-email") == 0) |
| @@ -450,7 +450,9 @@ bad: | |||
| 450 | goto end; | 450 | goto end; |
| 451 | } | 451 | } |
| 452 | 452 | ||
| 453 | #ifndef OPENSSL_NO_ENGINE | ||
| 453 | e = setup_engine(bio_err, engine, 0); | 454 | e = setup_engine(bio_err, engine, 0); |
| 455 | #endif | ||
| 454 | 456 | ||
| 455 | if (need_rand) | 457 | if (need_rand) |
| 456 | app_RAND_load_file(NULL, bio_err, 0); | 458 | app_RAND_load_file(NULL, bio_err, 0); |
| @@ -479,7 +481,7 @@ bad: | |||
| 479 | 481 | ||
| 480 | if (extfile) | 482 | if (extfile) |
| 481 | { | 483 | { |
| 482 | long errorline; | 484 | long errorline = -1; |
| 483 | X509V3_CTX ctx2; | 485 | X509V3_CTX ctx2; |
| 484 | extconf = NCONF_new(NULL); | 486 | extconf = NCONF_new(NULL); |
| 485 | if (!NCONF_load(extconf, extfile,&errorline)) | 487 | if (!NCONF_load(extconf, extfile,&errorline)) |
| @@ -770,10 +772,11 @@ bad: | |||
| 770 | int y,z; | 772 | int y,z; |
| 771 | 773 | ||
| 772 | X509_NAME_oneline(X509_get_subject_name(x), | 774 | X509_NAME_oneline(X509_get_subject_name(x), |
| 773 | buf,256); | 775 | buf,sizeof buf); |
| 774 | BIO_printf(STDout,"/* subject:%s */\n",buf); | 776 | BIO_printf(STDout,"/* subject:%s */\n",buf); |
| 775 | m=X509_NAME_oneline( | 777 | m=X509_NAME_oneline( |
| 776 | X509_get_issuer_name(x),buf,256); | 778 | X509_get_issuer_name(x),buf, |
| 779 | sizeof buf); | ||
| 777 | BIO_printf(STDout,"/* issuer :%s */\n",buf); | 780 | BIO_printf(STDout,"/* issuer :%s */\n",buf); |
| 778 | 781 | ||
| 779 | z=i2d_X509(x,NULL); | 782 | z=i2d_X509(x,NULL); |
| @@ -1016,7 +1019,7 @@ end: | |||
| 1016 | sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); | 1019 | sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); |
| 1017 | if (passin) OPENSSL_free(passin); | 1020 | if (passin) OPENSSL_free(passin); |
| 1018 | apps_shutdown(); | 1021 | apps_shutdown(); |
| 1019 | EXIT(ret); | 1022 | OPENSSL_EXIT(ret); |
| 1020 | } | 1023 | } |
| 1021 | 1024 | ||
| 1022 | static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create) | 1025 | static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create) |
| @@ -1076,7 +1079,7 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create) | |||
| 1076 | } | 1079 | } |
| 1077 | else | 1080 | else |
| 1078 | { | 1081 | { |
| 1079 | if (!a2i_ASN1_INTEGER(io,bs,buf2,1024)) | 1082 | if (!a2i_ASN1_INTEGER(io,bs,buf2,sizeof buf2)) |
| 1080 | { | 1083 | { |
| 1081 | BIO_printf(bio_err,"unable to load serial number from %s\n",buf); | 1084 | BIO_printf(bio_err,"unable to load serial number from %s\n",buf); |
| 1082 | ERR_print_errors(bio_err); | 1085 | ERR_print_errors(bio_err); |
diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config index 3e9af7680a..b3bd96bbfc 100644 --- a/src/lib/libssl/src/config +++ b/src/lib/libssl/src/config | |||
| @@ -74,34 +74,27 @@ if [ "x$XREL" != "x" ]; then | |||
| 74 | echo "whatever-whatever-sco5"; exit 0 | 74 | echo "whatever-whatever-sco5"; exit 0 |
| 75 | ;; | 75 | ;; |
| 76 | 4.2MP) | 76 | 4.2MP) |
| 77 | if [ "x$VERSION" = "x2.01" ]; then | 77 | case "x${VERSION}" in |
| 78 | echo "${MACHINE}-whatever-unixware201"; exit 0 | 78 | x2.0*) echo "whatever-whatever-unixware20"; exit 0 ;; |
| 79 | elif [ "x$VERSION" = "x2.02" ]; then | 79 | x2.1*) echo "whatever-whatever-unixware21"; exit 0 ;; |
| 80 | echo "${MACHINE}-whatever-unixware202"; exit 0 | 80 | x2*) echo "whatever-whatever-unixware2"; exit 0 ;; |
| 81 | elif [ "x$VERSION" = "x2.03" ]; then | 81 | esac |
| 82 | echo "${MACHINE}-whatever-unixware203"; exit 0 | ||
| 83 | elif [ "x$VERSION" = "x2.1.1" ]; then | ||
| 84 | echo "${MACHINE}-whatever-unixware211"; exit 0 | ||
| 85 | elif [ "x$VERSION" = "x2.1.2" ]; then | ||
| 86 | echo "${MACHINE}-whatever-unixware212"; exit 0 | ||
| 87 | elif [ "x$VERSION" = "x2.1.3" ]; then | ||
| 88 | echo "${MACHINE}-whatever-unixware213"; exit 0 | ||
| 89 | else | ||
| 90 | echo "${MACHINE}-whatever-unixware2"; exit 0 | ||
| 91 | fi | ||
| 92 | ;; | 82 | ;; |
| 93 | 4.2) | 83 | 4.2) |
| 94 | echo "whatever-whatever-unixware1"; exit 0 | 84 | echo "i386-whatever-unixware1"; exit 0 |
| 95 | ;; | ||
| 96 | OpenUNIX) | ||
| 97 | if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x8" ]; then | ||
| 98 | echo "${MACHINE}-unknown-OpenUNIX${VERSION}"; exit 0 | ||
| 99 | fi | ||
| 100 | ;; | 85 | ;; |
| 101 | 5) | 86 | 5) |
| 102 | if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x7" ]; then | 87 | case "x${VERSION}" in |
| 103 | echo "${MACHINE}-sco-unixware7"; exit 0 | 88 | # We hardcode i586 in place of ${MACHINE} for the |
| 104 | fi | 89 | # following reason. The catch is that even though Pentium |
| 90 | # is minimum requirement for platforms in question, | ||
| 91 | # ${MACHINE} gets always assigned to i386. Now, problem | ||
| 92 | # with i386 is that it makes ./config pass 386 to | ||
| 93 | # ./Configure, which in turn makes make generate | ||
| 94 | # inefficient SHA-1 (for this moment) code. | ||
| 95 | x7*) echo "i586-sco-unixware7"; exit 0 ;; | ||
| 96 | x8*) echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;; | ||
| 97 | esac | ||
| 105 | ;; | 98 | ;; |
| 106 | esac | 99 | esac |
| 107 | fi | 100 | fi |
| @@ -196,7 +189,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in | |||
| 196 | echo "${MACHINE}-whatever-bsdi"; exit 0 | 189 | echo "${MACHINE}-whatever-bsdi"; exit 0 |
| 197 | ;; | 190 | ;; |
| 198 | 191 | ||
| 199 | FreeBSD:*) | 192 | FreeBSD:*:*:*386*) |
| 200 | VERS=`echo ${RELEASE} | sed -e 's/[-(].*//'` | 193 | VERS=`echo ${RELEASE} | sed -e 's/[-(].*//'` |
| 201 | MACH=`sysctl -n hw.model` | 194 | MACH=`sysctl -n hw.model` |
| 202 | ARCH='whatever' | 195 | ARCH='whatever' |
| @@ -205,7 +198,6 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in | |||
| 205 | *486* ) MACH="i486" ;; | 198 | *486* ) MACH="i486" ;; |
| 206 | Pentium\ II*) MACH="i686" ;; | 199 | Pentium\ II*) MACH="i686" ;; |
| 207 | Pentium* ) MACH="i586" ;; | 200 | Pentium* ) MACH="i586" ;; |
| 208 | Alpha* ) MACH="alpha" ;; | ||
| 209 | * ) MACH="$MACHINE" ;; | 201 | * ) MACH="$MACHINE" ;; |
| 210 | esac | 202 | esac |
| 211 | case ${MACH} in | 203 | case ${MACH} in |
| @@ -214,6 +206,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in | |||
| 214 | echo "${MACH}-${ARCH}-freebsd${VERS}"; exit 0 | 206 | echo "${MACH}-${ARCH}-freebsd${VERS}"; exit 0 |
| 215 | ;; | 207 | ;; |
| 216 | 208 | ||
| 209 | FreeBSD:*) | ||
| 210 | echo "${MACHINE}-whatever-freebsd"; exit 0 | ||
| 211 | ;; | ||
| 212 | |||
| 217 | NetBSD:*:*:*386*) | 213 | NetBSD:*:*:*386*) |
| 218 | echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0 | 214 | echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0 |
| 219 | ;; | 215 | ;; |
| @@ -351,6 +347,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in | |||
| 351 | *CRAY*) | 347 | *CRAY*) |
| 352 | echo "j90-cray-unicos"; exit 0; | 348 | echo "j90-cray-unicos"; exit 0; |
| 353 | ;; | 349 | ;; |
| 350 | |||
| 351 | NONSTOP_KERNEL*) | ||
| 352 | echo "nsr-tandem-nsk"; exit 0; | ||
| 353 | ;; | ||
| 354 | esac | 354 | esac |
| 355 | 355 | ||
| 356 | # | 356 | # |
| @@ -457,6 +457,10 @@ if [ "${SYSTEM}-${MACHINE}" = "Linux-alpha" ]; then | |||
| 457 | fi | 457 | fi |
| 458 | fi | 458 | fi |
| 459 | 459 | ||
| 460 | if [ "${SYSTEM}" = "AIX" ]; then # favor vendor cc over gcc | ||
| 461 | (cc) 2>&1 | grep -iv "not found" > /dev/null && CC=cc | ||
| 462 | fi | ||
| 463 | |||
| 460 | CCVER=${CCVER:-0} | 464 | CCVER=${CCVER:-0} |
| 461 | 465 | ||
| 462 | # read the output of the embedded GuessOS | 466 | # read the output of the embedded GuessOS |
| @@ -469,7 +473,7 @@ echo Operating system: $GUESSOS | |||
| 469 | # more time that I want to waste at the moment | 473 | # more time that I want to waste at the moment |
| 470 | case "$GUESSOS" in | 474 | case "$GUESSOS" in |
| 471 | mips2-sgi-irix) | 475 | mips2-sgi-irix) |
| 472 | CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'` | 476 | CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'` |
| 473 | CPU=${CPU:-0} | 477 | CPU=${CPU:-0} |
| 474 | if [ $CPU -ge 4000 ]; then | 478 | if [ $CPU -ge 4000 ]; then |
| 475 | options="$options -mips2" | 479 | options="$options -mips2" |
| @@ -477,7 +481,7 @@ case "$GUESSOS" in | |||
| 477 | OUT="irix-$CC" | 481 | OUT="irix-$CC" |
| 478 | ;; | 482 | ;; |
| 479 | mips3-sgi-irix) | 483 | mips3-sgi-irix) |
| 480 | CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'` | 484 | CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'` |
| 481 | CPU=${CPU:-0} | 485 | CPU=${CPU:-0} |
| 482 | if [ $CPU -ge 5000 ]; then | 486 | if [ $CPU -ge 5000 ]; then |
| 483 | options="$options -mips4" | 487 | options="$options -mips4" |
| @@ -493,7 +497,7 @@ case "$GUESSOS" in | |||
| 493 | echo " You have about 5 seconds to press Ctrl-C to abort." | 497 | echo " You have about 5 seconds to press Ctrl-C to abort." |
| 494 | (stty -icanon min 0 time 50; read waste) < /dev/tty | 498 | (stty -icanon min 0 time 50; read waste) < /dev/tty |
| 495 | fi | 499 | fi |
| 496 | CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'` | 500 | CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'` |
| 497 | CPU=${CPU:-0} | 501 | CPU=${CPU:-0} |
| 498 | if [ $CPU -ge 5000 ]; then | 502 | if [ $CPU -ge 5000 ]; then |
| 499 | options="$options -mips4" | 503 | options="$options -mips4" |
| @@ -543,12 +547,13 @@ EOF | |||
| 543 | ppc-apple-darwin*) OUT="darwin-ppc-cc" ;; | 547 | ppc-apple-darwin*) OUT="darwin-ppc-cc" ;; |
| 544 | i386-apple-darwin*) OUT="darwin-i386-cc" ;; | 548 | i386-apple-darwin*) OUT="darwin-i386-cc" ;; |
| 545 | sparc64-*-linux2) | 549 | sparc64-*-linux2) |
| 546 | #Before we can uncomment following lines we have to wait at least | 550 | echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI" |
| 547 | #till 64-bit glibc for SPARC is operational:-( | 551 | echo " and wish to build 64-bit library, then you have to" |
| 548 | #echo "WARNING! If you wish to build 64-bit library, then you have to" | 552 | echo " invoke './Configure linux64-sparcv9' *manually*." |
| 549 | #echo " invoke './Configure linux64-sparcv9' *manually*." | 553 | if [ "$TEST" = "false" ]; then |
| 550 | #echo " Type return if you want to continue, Ctrl-C to abort." | 554 | echo " You have about 5 seconds to press Ctrl-C to abort." |
| 551 | #read waste < /dev/tty | 555 | (stty -icanon min 0 time 50; read waste) < /dev/tty |
| 556 | fi | ||
| 552 | OUT="linux-sparcv9" ;; | 557 | OUT="linux-sparcv9" ;; |
| 553 | sparc-*-linux2) | 558 | sparc-*-linux2) |
| 554 | KARCH=`awk '/^type/{print$3}' /proc/cpuinfo` | 559 | KARCH=`awk '/^type/{print$3}' /proc/cpuinfo` |
| @@ -581,6 +586,7 @@ EOF | |||
| 581 | arm*-*-linux2) OUT="linux-elf-arm" ;; | 586 | arm*-*-linux2) OUT="linux-elf-arm" ;; |
| 582 | s390-*-linux2) OUT="linux-s390" ;; | 587 | s390-*-linux2) OUT="linux-s390" ;; |
| 583 | s390x-*-linux?) OUT="linux-s390x" ;; | 588 | s390x-*-linux?) OUT="linux-s390x" ;; |
| 589 | x86_64-*-linux?) OUT="linux-x86_64" ;; | ||
| 584 | *-*-linux2) OUT="linux-elf" | 590 | *-*-linux2) OUT="linux-elf" |
| 585 | if [ "$GCCVER" -gt 28 ]; then | 591 | if [ "$GCCVER" -gt 28 ]; then |
| 586 | if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then | 592 | if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then |
| @@ -634,6 +640,8 @@ EOF | |||
| 634 | *86*-*-solaris2) OUT="solaris-x86-$CC" ;; | 640 | *86*-*-solaris2) OUT="solaris-x86-$CC" ;; |
| 635 | *-*-sunos4) OUT="sunos-$CC" ;; | 641 | *-*-sunos4) OUT="sunos-$CC" ;; |
| 636 | alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;; | 642 | alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;; |
| 643 | sparc64-*-freebsd*) OUT="FreeBSD-sparc64" ;; | ||
| 644 | ia64-*-freebsd*) OUT="FreeBSD-ia64" ;; | ||
| 637 | *-freebsd[3-9]*) OUT="FreeBSD-elf" ;; | 645 | *-freebsd[3-9]*) OUT="FreeBSD-elf" ;; |
| 638 | *-freebsd[1-2]*) OUT="FreeBSD" ;; | 646 | *-freebsd[1-2]*) OUT="FreeBSD" ;; |
| 639 | *86*-*-netbsd) OUT="NetBSD-x86" ;; | 647 | *86*-*-netbsd) OUT="NetBSD-x86" ;; |
| @@ -690,9 +698,11 @@ EOF | |||
| 690 | CPU_VERSION=${CPU_VERSION:-0} | 698 | CPU_VERSION=${CPU_VERSION:-0} |
| 691 | # See <sys/unistd.h> for further info on CPU_VERSION. | 699 | # See <sys/unistd.h> for further info on CPU_VERSION. |
| 692 | if [ $CPU_VERSION -ge 768 ]; then # IA-64 CPU | 700 | if [ $CPU_VERSION -ge 768 ]; then # IA-64 CPU |
| 693 | echo "NOTICE! 64-bit is the only ABI currently operational on HP-UXi." | 701 | echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi." |
| 694 | echo " Post request to openssl-dev@openssl.org for 32-bit support." | 702 | echo " If you wish to build 32-bit library, the you have to" |
| 703 | echo " invoke './Configure hpux-ia32-cc' *manually*." | ||
| 695 | if [ "$TEST" = "false" ]; then | 704 | if [ "$TEST" = "false" ]; then |
| 705 | echo " You have about 5 seconds to press Ctrl-C to abort." | ||
| 696 | (stty -icanon min 0 time 50; read waste) < /dev/tty | 706 | (stty -icanon min 0 time 50; read waste) < /dev/tty |
| 697 | fi | 707 | fi |
| 698 | OUT="hpux64-ia64-cc" | 708 | OUT="hpux64-ia64-cc" |
| @@ -725,6 +735,7 @@ EOF | |||
| 725 | *-*-cygwin) OUT="Cygwin" ;; | 735 | *-*-cygwin) OUT="Cygwin" ;; |
| 726 | t3e-cray-unicosmk) OUT="cray-t3e" ;; | 736 | t3e-cray-unicosmk) OUT="cray-t3e" ;; |
| 727 | j90-cray-unicos) OUT="cray-j90" ;; | 737 | j90-cray-unicos) OUT="cray-j90" ;; |
| 738 | nsr-tandem-nsk) OUT="tandem-c89" ;; | ||
| 728 | *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; | 739 | *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; |
| 729 | esac | 740 | esac |
| 730 | 741 | ||
| @@ -759,7 +770,7 @@ case "$GUESSOS" in | |||
| 759 | i386-*) options="$options 386" ;; | 770 | i386-*) options="$options 386" ;; |
| 760 | esac | 771 | esac |
| 761 | 772 | ||
| 762 | for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 rijndael ripemd rsa sha | 773 | for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 aes ripemd rsa sha |
| 763 | do | 774 | do |
| 764 | if [ ! -d crypto/$i ] | 775 | if [ ! -d crypto/$i ] |
| 765 | then | 776 | then |
diff --git a/src/lib/libssl/src/crypto/Makefile.ssl b/src/lib/libssl/src/crypto/Makefile.ssl index db8baf385e..3071e3cb86 100644 --- a/src/lib/libssl/src/crypto/Makefile.ssl +++ b/src/lib/libssl/src/crypto/Makefile.ssl | |||
| @@ -36,8 +36,8 @@ GENERAL=Makefile README crypto-lib.com install.com | |||
| 36 | 36 | ||
| 37 | LIB= $(TOP)/libcrypto.a | 37 | LIB= $(TOP)/libcrypto.a |
| 38 | SHARED_LIB= libcrypto$(SHLIB_EXT) | 38 | SHARED_LIB= libcrypto$(SHLIB_EXT) |
| 39 | LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c | 39 | LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c |
| 40 | LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o | 40 | LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o |
| 41 | 41 | ||
| 42 | SRC= $(LIBSRC) | 42 | SRC= $(LIBSRC) |
| 43 | 43 | ||
| @@ -136,12 +136,12 @@ lint: | |||
| 136 | 136 | ||
| 137 | depend: | 137 | depend: |
| 138 | if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist | 138 | if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist |
| 139 | $(MAKEDEPEND) $(CFLAG) $(INCLUDE) $(DEPFLAG) $(PROGS) $(LIBSRC) | 139 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 140 | if [ ! -s buildinf.h ]; then rm buildinf.h; fi | 140 | if [ ! -s buildinf.h ]; then rm buildinf.h; fi |
| 141 | @for i in $(SDIRS) ;\ | 141 | @for i in $(SDIRS) ;\ |
| 142 | do \ | 142 | do \ |
| 143 | (cd $$i && echo "making depend in crypto/$$i..." && \ | 143 | (cd $$i && echo "making depend in crypto/$$i..." && \ |
| 144 | $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ); \ | 144 | $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ |
| 145 | done; | 145 | done; |
| 146 | 146 | ||
| 147 | clean: | 147 | clean: |
| @@ -193,6 +193,10 @@ mem.o: ../include/openssl/err.h ../include/openssl/lhash.h | |||
| 193 | mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 193 | mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 194 | mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 194 | mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 195 | mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c | 195 | mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c |
| 196 | mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 197 | mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 198 | mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 199 | mem_clr.o: ../include/openssl/symhacks.h mem_clr.c | ||
| 196 | mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h | 200 | mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h |
| 197 | mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 201 | mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 198 | mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h | 202 | mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h |
diff --git a/src/lib/libssl/src/crypto/aes/Makefile.ssl b/src/lib/libssl/src/crypto/aes/Makefile.ssl index 9358802a2e..f353aeb697 100644 --- a/src/lib/libssl/src/crypto/aes/Makefile.ssl +++ b/src/lib/libssl/src/crypto/aes/Makefile.ssl | |||
| @@ -75,7 +75,7 @@ lint: | |||
| 75 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 75 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 76 | 76 | ||
| 77 | depend: | 77 | depend: |
| 78 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 78 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 79 | 79 | ||
| 80 | dclean: | 80 | dclean: |
| 81 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 81 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/aes/aes.h b/src/lib/libssl/src/crypto/aes/aes.h index e8da921ec5..8294a41a3a 100644 --- a/src/lib/libssl/src/crypto/aes/aes.h +++ b/src/lib/libssl/src/crypto/aes/aes.h | |||
| @@ -56,8 +56,9 @@ | |||
| 56 | #error AES is disabled. | 56 | #error AES is disabled. |
| 57 | #endif | 57 | #endif |
| 58 | 58 | ||
| 59 | static const int AES_DECRYPT = 0; | 59 | #define AES_ENCRYPT 1 |
| 60 | static const int AES_ENCRYPT = 1; | 60 | #define AES_DECRYPT 0 |
| 61 | |||
| 61 | /* Because array size can't be a const in C, the following two are macros. | 62 | /* Because array size can't be a const in C, the following two are macros. |
| 62 | Both sizes are in bytes. */ | 63 | Both sizes are in bytes. */ |
| 63 | #define AES_MAXNR 14 | 64 | #define AES_MAXNR 14 |
| @@ -99,7 +100,9 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, | |||
| 99 | unsigned char *ivec, int *num); | 100 | unsigned char *ivec, int *num); |
| 100 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, | 101 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, |
| 101 | const unsigned long length, const AES_KEY *key, | 102 | const unsigned long length, const AES_KEY *key, |
| 102 | unsigned char *counter, unsigned int *num); | 103 | unsigned char counter[AES_BLOCK_SIZE], |
| 104 | unsigned char ecount_buf[AES_BLOCK_SIZE], | ||
| 105 | unsigned int *num); | ||
| 103 | 106 | ||
| 104 | 107 | ||
| 105 | #ifdef __cplusplus | 108 | #ifdef __cplusplus |
diff --git a/src/lib/libssl/src/crypto/aes/aes_cbc.c b/src/lib/libssl/src/crypto/aes/aes_cbc.c index 3dfd7aba2a..de438306b1 100644 --- a/src/lib/libssl/src/crypto/aes/aes_cbc.c +++ b/src/lib/libssl/src/crypto/aes/aes_cbc.c | |||
| @@ -49,7 +49,13 @@ | |||
| 49 | * | 49 | * |
| 50 | */ | 50 | */ |
| 51 | 51 | ||
| 52 | #ifndef AES_DEBUG | ||
| 53 | # ifndef NDEBUG | ||
| 54 | # define NDEBUG | ||
| 55 | # endif | ||
| 56 | #endif | ||
| 52 | #include <assert.h> | 57 | #include <assert.h> |
| 58 | |||
| 53 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 55 | 61 | ||
| @@ -57,33 +63,49 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
| 57 | const unsigned long length, const AES_KEY *key, | 63 | const unsigned long length, const AES_KEY *key, |
| 58 | unsigned char *ivec, const int enc) { | 64 | unsigned char *ivec, const int enc) { |
| 59 | 65 | ||
| 60 | int n; | 66 | unsigned long n; |
| 61 | unsigned long len = length; | 67 | unsigned long len = length; |
| 62 | unsigned char tmp[16]; | 68 | unsigned char tmp[AES_BLOCK_SIZE]; |
| 63 | 69 | ||
| 64 | assert(in && out && key && ivec); | 70 | assert(in && out && key && ivec); |
| 65 | assert(length % AES_BLOCK_SIZE == 0); | ||
| 66 | assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); | 71 | assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); |
| 67 | 72 | ||
| 68 | if (AES_ENCRYPT == enc) | 73 | if (AES_ENCRYPT == enc) { |
| 69 | while (len > 0) { | 74 | while (len >= AES_BLOCK_SIZE) { |
| 70 | for(n=0; n < 16; ++n) | 75 | for(n=0; n < sizeof tmp; ++n) |
| 71 | tmp[n] = in[n] ^ ivec[n]; | 76 | tmp[n] = in[n] ^ ivec[n]; |
| 72 | AES_encrypt(tmp, out, key); | 77 | AES_encrypt(tmp, out, key); |
| 73 | memcpy(ivec, out, 16); | 78 | memcpy(ivec, out, AES_BLOCK_SIZE); |
| 74 | len -= 16; | 79 | len -= AES_BLOCK_SIZE; |
| 75 | in += 16; | 80 | in += AES_BLOCK_SIZE; |
| 76 | out += 16; | 81 | out += AES_BLOCK_SIZE; |
| 77 | } | 82 | } |
| 78 | else | 83 | if (len) { |
| 79 | while (len > 0) { | 84 | for(n=0; n < len; ++n) |
| 80 | memcpy(tmp, in, 16); | 85 | tmp[n] = in[n] ^ ivec[n]; |
| 86 | for(n=len; n < AES_BLOCK_SIZE; ++n) | ||
| 87 | tmp[n] = ivec[n]; | ||
| 88 | AES_encrypt(tmp, tmp, key); | ||
| 89 | memcpy(out, tmp, len); | ||
| 90 | memcpy(ivec, tmp, sizeof tmp); | ||
| 91 | } | ||
| 92 | } else { | ||
| 93 | while (len >= AES_BLOCK_SIZE) { | ||
| 94 | memcpy(tmp, in, sizeof tmp); | ||
| 81 | AES_decrypt(in, out, key); | 95 | AES_decrypt(in, out, key); |
| 82 | for(n=0; n < 16; ++n) | 96 | for(n=0; n < AES_BLOCK_SIZE; ++n) |
| 83 | out[n] ^= ivec[n]; | 97 | out[n] ^= ivec[n]; |
| 84 | memcpy(ivec, tmp, 16); | 98 | memcpy(ivec, tmp, AES_BLOCK_SIZE); |
| 85 | len -= 16; | 99 | len -= AES_BLOCK_SIZE; |
| 86 | in += 16; | 100 | in += AES_BLOCK_SIZE; |
| 87 | out += 16; | 101 | out += AES_BLOCK_SIZE; |
| 88 | } | 102 | } |
| 103 | if (len) { | ||
| 104 | memcpy(tmp, in, sizeof tmp); | ||
| 105 | AES_decrypt(tmp, tmp, key); | ||
| 106 | for(n=0; n < len; ++n) | ||
| 107 | out[n] ^= ivec[n]; | ||
| 108 | memcpy(ivec, tmp, sizeof tmp); | ||
| 109 | } | ||
| 110 | } | ||
| 89 | } | 111 | } |
diff --git a/src/lib/libssl/src/crypto/aes/aes_cfb.c b/src/lib/libssl/src/crypto/aes/aes_cfb.c index 41c2a5ec3d..9b569dda90 100644 --- a/src/lib/libssl/src/crypto/aes/aes_cfb.c +++ b/src/lib/libssl/src/crypto/aes/aes_cfb.c | |||
| @@ -105,7 +105,13 @@ | |||
| 105 | * [including the GNU Public Licence.] | 105 | * [including the GNU Public Licence.] |
| 106 | */ | 106 | */ |
| 107 | 107 | ||
| 108 | #ifndef AES_DEBUG | ||
| 109 | # ifndef NDEBUG | ||
| 110 | # define NDEBUG | ||
| 111 | # endif | ||
| 112 | #endif | ||
| 108 | #include <assert.h> | 113 | #include <assert.h> |
| 114 | |||
| 109 | #include <openssl/aes.h> | 115 | #include <openssl/aes.h> |
| 110 | #include "aes_locl.h" | 116 | #include "aes_locl.h" |
| 111 | 117 | ||
diff --git a/src/lib/libssl/src/crypto/aes/aes_core.c b/src/lib/libssl/src/crypto/aes/aes_core.c index 937988dd8c..2f41a825f8 100644 --- a/src/lib/libssl/src/crypto/aes/aes_core.c +++ b/src/lib/libssl/src/crypto/aes/aes_core.c | |||
| @@ -28,7 +28,13 @@ | |||
| 28 | /* Note: rewritten a little bit to provide error control and an OpenSSL- | 28 | /* Note: rewritten a little bit to provide error control and an OpenSSL- |
| 29 | compatible API */ | 29 | compatible API */ |
| 30 | 30 | ||
| 31 | #ifndef AES_DEBUG | ||
| 32 | # ifndef NDEBUG | ||
| 33 | # define NDEBUG | ||
| 34 | # endif | ||
| 35 | #endif | ||
| 31 | #include <assert.h> | 36 | #include <assert.h> |
| 37 | |||
| 32 | #include <stdlib.h> | 38 | #include <stdlib.h> |
| 33 | #include <openssl/aes.h> | 39 | #include <openssl/aes.h> |
| 34 | #include "aes_locl.h" | 40 | #include "aes_locl.h" |
| @@ -744,7 +750,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 744 | rk[2] = GETU32(userKey + 8); | 750 | rk[2] = GETU32(userKey + 8); |
| 745 | rk[3] = GETU32(userKey + 12); | 751 | rk[3] = GETU32(userKey + 12); |
| 746 | if (bits == 128) { | 752 | if (bits == 128) { |
| 747 | for (;;) { | 753 | while (1) { |
| 748 | temp = rk[3]; | 754 | temp = rk[3]; |
| 749 | rk[4] = rk[0] ^ | 755 | rk[4] = rk[0] ^ |
| 750 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 756 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
| @@ -764,7 +770,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 764 | rk[4] = GETU32(userKey + 16); | 770 | rk[4] = GETU32(userKey + 16); |
| 765 | rk[5] = GETU32(userKey + 20); | 771 | rk[5] = GETU32(userKey + 20); |
| 766 | if (bits == 192) { | 772 | if (bits == 192) { |
| 767 | for (;;) { | 773 | while (1) { |
| 768 | temp = rk[ 5]; | 774 | temp = rk[ 5]; |
| 769 | rk[ 6] = rk[ 0] ^ | 775 | rk[ 6] = rk[ 0] ^ |
| 770 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 776 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
| @@ -786,7 +792,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 786 | rk[6] = GETU32(userKey + 24); | 792 | rk[6] = GETU32(userKey + 24); |
| 787 | rk[7] = GETU32(userKey + 28); | 793 | rk[7] = GETU32(userKey + 28); |
| 788 | if (bits == 256) { | 794 | if (bits == 256) { |
| 789 | for (;;) { | 795 | while (1) { |
| 790 | temp = rk[ 7]; | 796 | temp = rk[ 7]; |
| 791 | rk[ 8] = rk[ 0] ^ | 797 | rk[ 8] = rk[ 0] ^ |
| 792 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 798 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
diff --git a/src/lib/libssl/src/crypto/aes/aes_ctr.c b/src/lib/libssl/src/crypto/aes/aes_ctr.c index aea3db2092..59088499a0 100644 --- a/src/lib/libssl/src/crypto/aes/aes_ctr.c +++ b/src/lib/libssl/src/crypto/aes/aes_ctr.c | |||
| @@ -49,7 +49,13 @@ | |||
| 49 | * | 49 | * |
| 50 | */ | 50 | */ |
| 51 | 51 | ||
| 52 | #ifndef AES_DEBUG | ||
| 53 | # ifndef NDEBUG | ||
| 54 | # define NDEBUG | ||
| 55 | # endif | ||
| 56 | #endif | ||
| 52 | #include <assert.h> | 57 | #include <assert.h> |
| 58 | |||
| 53 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 55 | 61 | ||
| @@ -90,26 +96,31 @@ static void AES_ctr128_inc(unsigned char *counter) { | |||
| 90 | 96 | ||
| 91 | /* The input encrypted as though 128bit counter mode is being | 97 | /* The input encrypted as though 128bit counter mode is being |
| 92 | * used. The extra state information to record how much of the | 98 | * used. The extra state information to record how much of the |
| 93 | * 128bit block we have used is contained in *num; | 99 | * 128bit block we have used is contained in *num, and the |
| 100 | * encrypted counter is kept in ecount_buf. Both *num and | ||
| 101 | * ecount_buf must be initialised with zeros before the first | ||
| 102 | * call to AES_ctr128_encrypt(). | ||
| 94 | */ | 103 | */ |
| 95 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, | 104 | void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, |
| 96 | const unsigned long length, const AES_KEY *key, | 105 | const unsigned long length, const AES_KEY *key, |
| 97 | unsigned char *counter, unsigned int *num) { | 106 | unsigned char counter[AES_BLOCK_SIZE], |
| 107 | unsigned char ecount_buf[AES_BLOCK_SIZE], | ||
| 108 | unsigned int *num) { | ||
| 98 | 109 | ||
| 99 | unsigned int n; | 110 | unsigned int n; |
| 100 | unsigned long l=length; | 111 | unsigned long l=length; |
| 101 | unsigned char tmp[AES_BLOCK_SIZE]; | ||
| 102 | 112 | ||
| 103 | assert(in && out && key && counter && num); | 113 | assert(in && out && key && counter && num); |
| 114 | assert(*num < AES_BLOCK_SIZE); | ||
| 104 | 115 | ||
| 105 | n = *num; | 116 | n = *num; |
| 106 | 117 | ||
| 107 | while (l--) { | 118 | while (l--) { |
| 108 | if (n == 0) { | 119 | if (n == 0) { |
| 109 | AES_encrypt(counter, tmp, key); | 120 | AES_encrypt(counter, ecount_buf, key); |
| 110 | AES_ctr128_inc(counter); | 121 | AES_ctr128_inc(counter); |
| 111 | } | 122 | } |
| 112 | *(out++) = *(in++) ^ tmp[n]; | 123 | *(out++) = *(in++) ^ ecount_buf[n]; |
| 113 | n = (n+1) % AES_BLOCK_SIZE; | 124 | n = (n+1) % AES_BLOCK_SIZE; |
| 114 | } | 125 | } |
| 115 | 126 | ||
diff --git a/src/lib/libssl/src/crypto/aes/aes_ecb.c b/src/lib/libssl/src/crypto/aes/aes_ecb.c index 1cb2e07d3d..28aa561c2d 100644 --- a/src/lib/libssl/src/crypto/aes/aes_ecb.c +++ b/src/lib/libssl/src/crypto/aes/aes_ecb.c | |||
| @@ -49,7 +49,13 @@ | |||
| 49 | * | 49 | * |
| 50 | */ | 50 | */ |
| 51 | 51 | ||
| 52 | #ifndef AES_DEBUG | ||
| 53 | # ifndef NDEBUG | ||
| 54 | # define NDEBUG | ||
| 55 | # endif | ||
| 56 | #endif | ||
| 52 | #include <assert.h> | 57 | #include <assert.h> |
| 58 | |||
| 53 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 54 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 55 | 61 | ||
diff --git a/src/lib/libssl/src/crypto/aes/aes_locl.h b/src/lib/libssl/src/crypto/aes/aes_locl.h index 18fc2d0747..f290946058 100644 --- a/src/lib/libssl/src/crypto/aes/aes_locl.h +++ b/src/lib/libssl/src/crypto/aes/aes_locl.h | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | #include <stdlib.h> | 62 | #include <stdlib.h> |
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | 64 | ||
| 65 | #ifdef _MSC_VER | 65 | #if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE) |
| 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) | 66 | # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) |
| 67 | # define GETU32(p) SWAP(*((u32 *)(p))) | 67 | # define GETU32(p) SWAP(*((u32 *)(p))) |
| 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } | 68 | # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); } |
diff --git a/src/lib/libssl/src/crypto/aes/aes_ofb.c b/src/lib/libssl/src/crypto/aes/aes_ofb.c index e33bdaea28..f358bb39e2 100644 --- a/src/lib/libssl/src/crypto/aes/aes_ofb.c +++ b/src/lib/libssl/src/crypto/aes/aes_ofb.c | |||
| @@ -105,7 +105,13 @@ | |||
| 105 | * [including the GNU Public Licence.] | 105 | * [including the GNU Public Licence.] |
| 106 | */ | 106 | */ |
| 107 | 107 | ||
| 108 | #ifndef AES_DEBUG | ||
| 109 | # ifndef NDEBUG | ||
| 110 | # define NDEBUG | ||
| 111 | # endif | ||
| 112 | #endif | ||
| 108 | #include <assert.h> | 113 | #include <assert.h> |
| 114 | |||
| 109 | #include <openssl/aes.h> | 115 | #include <openssl/aes.h> |
| 110 | #include "aes_locl.h" | 116 | #include "aes_locl.h" |
| 111 | 117 | ||
diff --git a/src/lib/libssl/src/crypto/asn1/Makefile.ssl b/src/lib/libssl/src/crypto/asn1/Makefile.ssl index b5a186c904..cb45194d48 100644 --- a/src/lib/libssl/src/crypto/asn1/Makefile.ssl +++ b/src/lib/libssl/src/crypto/asn1/Makefile.ssl | |||
| @@ -98,7 +98,7 @@ lint: | |||
| 98 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 98 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 99 | 99 | ||
| 100 | depend: | 100 | depend: |
| 101 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 101 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 102 | 102 | ||
| 103 | dclean: | 103 | dclean: |
| 104 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 104 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -286,13 +286,14 @@ a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | |||
| 286 | a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 286 | a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 287 | a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 287 | a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 288 | a_sign.o: ../cryptlib.h a_sign.c | 288 | a_sign.o: ../cryptlib.h a_sign.c |
| 289 | a_strex.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 289 | a_strex.o: ../../e_os.h ../../include/openssl/aes.h |
| 290 | a_strex.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | 290 | a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 291 | a_strex.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 291 | a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h |
| 292 | a_strex.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h | 292 | a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h |
| 293 | a_strex.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 293 | a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 294 | a_strex.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 294 | a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h |
| 295 | a_strex.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h | 295 | a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 296 | a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 296 | a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | 297 | a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 297 | a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | 298 | a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h |
| 298 | a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | 299 | a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h |
| @@ -305,7 +306,7 @@ a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | |||
| 305 | a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 306 | a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 306 | a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 307 | a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 307 | a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h | 308 | a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h |
| 308 | a_strex.o: ../../include/openssl/x509_vfy.h a_strex.c charmap.h | 309 | a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h |
| 309 | a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h | 310 | a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h |
| 310 | a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 311 | a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 311 | a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 312 | a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
diff --git a/src/lib/libssl/src/crypto/asn1/a_bitstr.c b/src/lib/libssl/src/crypto/asn1/a_bitstr.c index e0265f69d2..f4ea96cd54 100644 --- a/src/lib/libssl/src/crypto/asn1/a_bitstr.c +++ b/src/lib/libssl/src/crypto/asn1/a_bitstr.c | |||
| @@ -191,7 +191,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) | |||
| 191 | if (a->data == NULL) | 191 | if (a->data == NULL) |
| 192 | c=(unsigned char *)OPENSSL_malloc(w+1); | 192 | c=(unsigned char *)OPENSSL_malloc(w+1); |
| 193 | else | 193 | else |
| 194 | c=(unsigned char *)OPENSSL_realloc(a->data,w+1); | 194 | c=(unsigned char *)OPENSSL_realloc_clean(a->data, |
| 195 | a->length, | ||
| 196 | w+1); | ||
| 195 | if (c == NULL) return(0); | 197 | if (c == NULL) return(0); |
| 196 | if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); | 198 | if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); |
| 197 | a->data=c; | 199 | a->data=c; |
diff --git a/src/lib/libssl/src/crypto/asn1/a_bytes.c b/src/lib/libssl/src/crypto/asn1/a_bytes.c index bb88660f58..afd27b80e1 100644 --- a/src/lib/libssl/src/crypto/asn1/a_bytes.c +++ b/src/lib/libssl/src/crypto/asn1/a_bytes.c | |||
| @@ -285,7 +285,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) | |||
| 285 | goto err; | 285 | goto err; |
| 286 | } | 286 | } |
| 287 | 287 | ||
| 288 | if (!BUF_MEM_grow(&b,num+os->length)) | 288 | if (!BUF_MEM_grow_clean(&b,num+os->length)) |
| 289 | { | 289 | { |
| 290 | c->error=ERR_R_BUF_LIB; | 290 | c->error=ERR_R_BUF_LIB; |
| 291 | goto err; | 291 | goto err; |
diff --git a/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c b/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c index a80fbe9ff7..b67b75e7c2 100644 --- a/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c +++ b/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c | |||
| @@ -149,7 +149,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 149 | ASN1_CTX c; | 149 | ASN1_CTX c; |
| 150 | int want=HEADER_SIZE; | 150 | int want=HEADER_SIZE; |
| 151 | int eos=0; | 151 | int eos=0; |
| 152 | #if defined(__GNUC__) && defined(__ia64) | ||
| 153 | /* pathetic compiler bug in all known versions as of Nov. 2002 */ | ||
| 154 | long off=0; | ||
| 155 | #else | ||
| 152 | int off=0; | 156 | int off=0; |
| 157 | #endif | ||
| 153 | int len=0; | 158 | int len=0; |
| 154 | 159 | ||
| 155 | b=BUF_MEM_new(); | 160 | b=BUF_MEM_new(); |
| @@ -166,7 +171,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 166 | { | 171 | { |
| 167 | want-=(len-off); | 172 | want-=(len-off); |
| 168 | 173 | ||
| 169 | if (!BUF_MEM_grow(b,len+want)) | 174 | if (!BUF_MEM_grow_clean(b,len+want)) |
| 170 | { | 175 | { |
| 171 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 176 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); |
| 172 | goto err; | 177 | goto err; |
| @@ -221,18 +226,23 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) | |||
| 221 | if (want > (len-off)) | 226 | if (want > (len-off)) |
| 222 | { | 227 | { |
| 223 | want-=(len-off); | 228 | want-=(len-off); |
| 224 | if (!BUF_MEM_grow(b,len+want)) | 229 | if (!BUF_MEM_grow_clean(b,len+want)) |
| 225 | { | 230 | { |
| 226 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); | 231 | ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); |
| 227 | goto err; | 232 | goto err; |
| 228 | } | 233 | } |
| 229 | i=BIO_read(in,&(b->data[len]),want); | 234 | while (want > 0) |
| 230 | if (i <= 0) | ||
| 231 | { | 235 | { |
| 232 | ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); | 236 | i=BIO_read(in,&(b->data[len]),want); |
| 233 | goto err; | 237 | if (i <= 0) |
| 238 | { | ||
| 239 | ASN1err(ASN1_F_ASN1_D2I_BIO, | ||
| 240 | ASN1_R_NOT_ENOUGH_DATA); | ||
| 241 | goto err; | ||
| 242 | } | ||
| 243 | len+=i; | ||
| 244 | want -= i; | ||
| 234 | } | 245 | } |
| 235 | len+=i; | ||
| 236 | } | 246 | } |
| 237 | off+=(int)c.slen; | 247 | off+=(int)c.slen; |
| 238 | if (eos <= 0) | 248 | if (eos <= 0) |
diff --git a/src/lib/libssl/src/crypto/asn1/a_object.c b/src/lib/libssl/src/crypto/asn1/a_object.c index 71ce7c3896..0a8e6c287c 100644 --- a/src/lib/libssl/src/crypto/asn1/a_object.c +++ b/src/lib/libssl/src/crypto/asn1/a_object.c | |||
| @@ -183,8 +183,8 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) | |||
| 183 | 183 | ||
| 184 | if ((a == NULL) || (a->data == NULL)) | 184 | if ((a == NULL) || (a->data == NULL)) |
| 185 | return(BIO_write(bp,"NULL",4)); | 185 | return(BIO_write(bp,"NULL",4)); |
| 186 | i=i2t_ASN1_OBJECT(buf,80,a); | 186 | i=i2t_ASN1_OBJECT(buf,sizeof buf,a); |
| 187 | if (i > 80) i=80; | 187 | if (i > sizeof buf) i=sizeof buf; |
| 188 | BIO_write(bp,buf,i); | 188 | BIO_write(bp,buf,i); |
| 189 | return(i); | 189 | return(i); |
| 190 | } | 190 | } |
diff --git a/src/lib/libssl/src/crypto/asn1/a_sign.c b/src/lib/libssl/src/crypto/asn1/a_sign.c index de53b44144..52ce7e3974 100644 --- a/src/lib/libssl/src/crypto/asn1/a_sign.c +++ b/src/lib/libssl/src/crypto/asn1/a_sign.c | |||
| @@ -204,9 +204,9 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 204 | err: | 204 | err: |
| 205 | EVP_MD_CTX_cleanup(&ctx); | 205 | EVP_MD_CTX_cleanup(&ctx); |
| 206 | if (buf_in != NULL) | 206 | if (buf_in != NULL) |
| 207 | { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } | 207 | { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } |
| 208 | if (buf_out != NULL) | 208 | if (buf_out != NULL) |
| 209 | { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } | 209 | { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } |
| 210 | return(outl); | 210 | return(outl); |
| 211 | } | 211 | } |
| 212 | 212 | ||
| @@ -287,8 +287,8 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 287 | err: | 287 | err: |
| 288 | EVP_MD_CTX_cleanup(&ctx); | 288 | EVP_MD_CTX_cleanup(&ctx); |
| 289 | if (buf_in != NULL) | 289 | if (buf_in != NULL) |
| 290 | { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } | 290 | { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } |
| 291 | if (buf_out != NULL) | 291 | if (buf_out != NULL) |
| 292 | { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } | 292 | { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } |
| 293 | return(outl); | 293 | return(outl); |
| 294 | } | 294 | } |
diff --git a/src/lib/libssl/src/crypto/asn1/a_strex.c b/src/lib/libssl/src/crypto/asn1/a_strex.c index 7ddb7662f1..1def6c6549 100644 --- a/src/lib/libssl/src/crypto/asn1/a_strex.c +++ b/src/lib/libssl/src/crypto/asn1/a_strex.c | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/asn1.h> | 63 | #include <openssl/asn1.h> |
| 64 | 64 | ||
| 65 | #include "charmap.h" | 65 | #include "charmap.h" |
| 66 | #include "cryptlib.h" | ||
| 66 | 67 | ||
| 67 | /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). | 68 | /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). |
| 68 | * Enhanced string and name printing routines handling | 69 | * Enhanced string and name printing routines handling |
| @@ -114,14 +115,17 @@ typedef int char_io(void *arg, const void *buf, int len); | |||
| 114 | static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg) | 115 | static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg) |
| 115 | { | 116 | { |
| 116 | unsigned char chflgs, chtmp; | 117 | unsigned char chflgs, chtmp; |
| 117 | char tmphex[11]; | 118 | char tmphex[HEX_SIZE(long)+3]; |
| 119 | |||
| 120 | if(c > 0xffffffffL) | ||
| 121 | return -1; | ||
| 118 | if(c > 0xffff) { | 122 | if(c > 0xffff) { |
| 119 | BIO_snprintf(tmphex, 11, "\\W%08lX", c); | 123 | BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c); |
| 120 | if(!io_ch(arg, tmphex, 10)) return -1; | 124 | if(!io_ch(arg, tmphex, 10)) return -1; |
| 121 | return 10; | 125 | return 10; |
| 122 | } | 126 | } |
| 123 | if(c > 0xff) { | 127 | if(c > 0xff) { |
| 124 | BIO_snprintf(tmphex, 11, "\\U%04lX", c); | 128 | BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c); |
| 125 | if(!io_ch(arg, tmphex, 6)) return -1; | 129 | if(!io_ch(arg, tmphex, 6)) return -1; |
| 126 | return 6; | 130 | return 6; |
| 127 | } | 131 | } |
| @@ -195,7 +199,7 @@ static int do_buf(unsigned char *buf, int buflen, | |||
| 195 | if(type & BUF_TYPE_CONVUTF8) { | 199 | if(type & BUF_TYPE_CONVUTF8) { |
| 196 | unsigned char utfbuf[6]; | 200 | unsigned char utfbuf[6]; |
| 197 | int utflen; | 201 | int utflen; |
| 198 | utflen = UTF8_putc(utfbuf, 6, c); | 202 | utflen = UTF8_putc(utfbuf, sizeof utfbuf, c); |
| 199 | for(i = 0; i < utflen; i++) { | 203 | for(i = 0; i < utflen; i++) { |
| 200 | /* We don't need to worry about setting orflags correctly | 204 | /* We don't need to worry about setting orflags correctly |
| 201 | * because if utflen==1 its value will be correct anyway | 205 | * because if utflen==1 its value will be correct anyway |
| @@ -461,7 +465,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, | |||
| 461 | if(fn_opt != XN_FLAG_FN_NONE) { | 465 | if(fn_opt != XN_FLAG_FN_NONE) { |
| 462 | int objlen, fld_len; | 466 | int objlen, fld_len; |
| 463 | if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { | 467 | if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { |
| 464 | OBJ_obj2txt(objtmp, 80, fn, 1); | 468 | OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1); |
| 465 | fld_len = 0; /* XXX: what should this be? */ | 469 | fld_len = 0; /* XXX: what should this be? */ |
| 466 | objbuf = objtmp; | 470 | objbuf = objtmp; |
| 467 | } else { | 471 | } else { |
diff --git a/src/lib/libssl/src/crypto/asn1/a_strnid.c b/src/lib/libssl/src/crypto/asn1/a_strnid.c index 04789d1c63..aa49e9d7d0 100644 --- a/src/lib/libssl/src/crypto/asn1/a_strnid.c +++ b/src/lib/libssl/src/crypto/asn1/a_strnid.c | |||
| @@ -173,6 +173,7 @@ static ASN1_STRING_TABLE tbl_standard[] = { | |||
| 173 | {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, | 173 | {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, |
| 174 | {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, | 174 | {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, |
| 175 | {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, | 175 | {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, |
| 176 | {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK}, | ||
| 176 | {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} | 177 | {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} |
| 177 | }; | 178 | }; |
| 178 | 179 | ||
| @@ -249,4 +250,38 @@ static void st_free(ASN1_STRING_TABLE *tbl) | |||
| 249 | if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); | 250 | if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); |
| 250 | } | 251 | } |
| 251 | 252 | ||
| 253 | |||
| 252 | IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) | 254 | IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) |
| 255 | |||
| 256 | #ifdef STRING_TABLE_TEST | ||
| 257 | |||
| 258 | main() | ||
| 259 | { | ||
| 260 | ASN1_STRING_TABLE *tmp; | ||
| 261 | int i, last_nid = -1; | ||
| 262 | |||
| 263 | for (tmp = tbl_standard, i = 0; | ||
| 264 | i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) | ||
| 265 | { | ||
| 266 | if (tmp->nid < last_nid) | ||
| 267 | { | ||
| 268 | last_nid = 0; | ||
| 269 | break; | ||
| 270 | } | ||
| 271 | last_nid = tmp->nid; | ||
| 272 | } | ||
| 273 | |||
| 274 | if (last_nid != 0) | ||
| 275 | { | ||
| 276 | printf("Table order OK\n"); | ||
| 277 | exit(0); | ||
| 278 | } | ||
| 279 | |||
| 280 | for (tmp = tbl_standard, i = 0; | ||
| 281 | i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) | ||
| 282 | printf("Index %d, NID %d, Name=%s\n", i, tmp->nid, | ||
| 283 | OBJ_nid2ln(tmp->nid)); | ||
| 284 | |||
| 285 | } | ||
| 286 | |||
| 287 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/asn1/a_time.c b/src/lib/libssl/src/crypto/asn1/a_time.c index 8216783aa8..b8c031fc8f 100644 --- a/src/lib/libssl/src/crypto/asn1/a_time.c +++ b/src/lib/libssl/src/crypto/asn1/a_time.c | |||
| @@ -105,7 +105,10 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) | |||
| 105 | 105 | ||
| 106 | ts=OPENSSL_gmtime(&t,&data); | 106 | ts=OPENSSL_gmtime(&t,&data); |
| 107 | if (ts == NULL) | 107 | if (ts == NULL) |
| 108 | { | ||
| 109 | ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME); | ||
| 108 | return NULL; | 110 | return NULL; |
| 111 | } | ||
| 109 | if((ts->tm_year >= 50) && (ts->tm_year < 150)) | 112 | if((ts->tm_year >= 50) && (ts->tm_year < 150)) |
| 110 | return ASN1_UTCTIME_set(s, t); | 113 | return ASN1_UTCTIME_set(s, t); |
| 111 | return ASN1_GENERALIZEDTIME_set(s,t); | 114 | return ASN1_GENERALIZEDTIME_set(s,t); |
diff --git a/src/lib/libssl/src/crypto/asn1/a_type.c b/src/lib/libssl/src/crypto/asn1/a_type.c index 96e111cf23..fe3fcd40b0 100644 --- a/src/lib/libssl/src/crypto/asn1/a_type.c +++ b/src/lib/libssl/src/crypto/asn1/a_type.c | |||
| @@ -62,7 +62,7 @@ | |||
| 62 | 62 | ||
| 63 | int ASN1_TYPE_get(ASN1_TYPE *a) | 63 | int ASN1_TYPE_get(ASN1_TYPE *a) |
| 64 | { | 64 | { |
| 65 | if (a->value.ptr != NULL) | 65 | if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) |
| 66 | return(a->type); | 66 | return(a->type); |
| 67 | else | 67 | else |
| 68 | return(0); | 68 | return(0); |
diff --git a/src/lib/libssl/src/crypto/asn1/a_verify.c b/src/lib/libssl/src/crypto/asn1/a_verify.c index bf41de5146..da2a0a6d69 100644 --- a/src/lib/libssl/src/crypto/asn1/a_verify.c +++ b/src/lib/libssl/src/crypto/asn1/a_verify.c | |||
| @@ -103,7 +103,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, | |||
| 103 | EVP_VerifyInit_ex(&ctx,type, NULL); | 103 | EVP_VerifyInit_ex(&ctx,type, NULL); |
| 104 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); | 104 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); |
| 105 | 105 | ||
| 106 | memset(buf_in,0,(unsigned int)inl); | 106 | OPENSSL_cleanse(buf_in,(unsigned int)inl); |
| 107 | OPENSSL_free(buf_in); | 107 | OPENSSL_free(buf_in); |
| 108 | 108 | ||
| 109 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, | 109 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, |
| @@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat | |||
| 153 | EVP_VerifyInit_ex(&ctx,type, NULL); | 153 | EVP_VerifyInit_ex(&ctx,type, NULL); |
| 154 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); | 154 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); |
| 155 | 155 | ||
| 156 | memset(buf_in,0,(unsigned int)inl); | 156 | OPENSSL_cleanse(buf_in,(unsigned int)inl); |
| 157 | OPENSSL_free(buf_in); | 157 | OPENSSL_free(buf_in); |
| 158 | 158 | ||
| 159 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, | 159 | if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, |
diff --git a/src/lib/libssl/src/crypto/asn1/asn1.h b/src/lib/libssl/src/crypto/asn1/asn1.h index dbb30f4f22..3414509f1b 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1.h +++ b/src/lib/libssl/src/crypto/asn1/asn1.h | |||
| @@ -70,7 +70,6 @@ | |||
| 70 | 70 | ||
| 71 | #include <openssl/symhacks.h> | 71 | #include <openssl/symhacks.h> |
| 72 | 72 | ||
| 73 | #include <openssl/e_os2.h> | ||
| 74 | #include <openssl/ossl_typ.h> | 73 | #include <openssl/ossl_typ.h> |
| 75 | 74 | ||
| 76 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO | 75 | #ifdef OPENSSL_BUILD_SHLIBCRYPTO |
| @@ -133,7 +132,7 @@ extern "C" { | |||
| 133 | #define B_ASN1_NUMERICSTRING 0x0001 | 132 | #define B_ASN1_NUMERICSTRING 0x0001 |
| 134 | #define B_ASN1_PRINTABLESTRING 0x0002 | 133 | #define B_ASN1_PRINTABLESTRING 0x0002 |
| 135 | #define B_ASN1_T61STRING 0x0004 | 134 | #define B_ASN1_T61STRING 0x0004 |
| 136 | #define B_ASN1_TELETEXSTRING 0x0008 | 135 | #define B_ASN1_TELETEXSTRING 0x0004 |
| 137 | #define B_ASN1_VIDEOTEXSTRING 0x0008 | 136 | #define B_ASN1_VIDEOTEXSTRING 0x0008 |
| 138 | #define B_ASN1_IA5STRING 0x0010 | 137 | #define B_ASN1_IA5STRING 0x0010 |
| 139 | #define B_ASN1_GRAPHICSTRING 0x0020 | 138 | #define B_ASN1_GRAPHICSTRING 0x0020 |
| @@ -981,6 +980,7 @@ void ERR_load_ASN1_strings(void); | |||
| 981 | #define ASN1_F_ASN1_TEMPLATE_D2I 131 | 980 | #define ASN1_F_ASN1_TEMPLATE_D2I 131 |
| 982 | #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 | 981 | #define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 |
| 983 | #define ASN1_F_ASN1_TEMPLATE_NEW 133 | 982 | #define ASN1_F_ASN1_TEMPLATE_NEW 133 |
| 983 | #define ASN1_F_ASN1_TIME_SET 175 | ||
| 984 | #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 | 984 | #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 |
| 985 | #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 | 985 | #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 |
| 986 | #define ASN1_F_ASN1_UNPACK_STRING 136 | 986 | #define ASN1_F_ASN1_UNPACK_STRING 136 |
| @@ -1038,6 +1038,7 @@ void ERR_load_ASN1_strings(void); | |||
| 1038 | #define ASN1_R_DECODE_ERROR 110 | 1038 | #define ASN1_R_DECODE_ERROR 110 |
| 1039 | #define ASN1_R_DECODING_ERROR 111 | 1039 | #define ASN1_R_DECODING_ERROR 111 |
| 1040 | #define ASN1_R_ENCODE_ERROR 112 | 1040 | #define ASN1_R_ENCODE_ERROR 112 |
| 1041 | #define ASN1_R_ERROR_GETTING_TIME 173 | ||
| 1041 | #define ASN1_R_ERROR_LOADING_SECTION 172 | 1042 | #define ASN1_R_ERROR_LOADING_SECTION 172 |
| 1042 | #define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 | 1043 | #define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 |
| 1043 | #define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 | 1044 | #define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 |
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_err.c b/src/lib/libssl/src/crypto/asn1/asn1_err.c index c4c3d2a91d..094ec06fda 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_err.c +++ b/src/lib/libssl/src/crypto/asn1/asn1_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/asn1/asn1_err.c */ | 1 | /* crypto/asn1/asn1_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -100,6 +100,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= | |||
| 100 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, | 100 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, |
| 101 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"}, | 101 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"}, |
| 102 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"}, | 102 | {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"}, |
| 103 | {ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0), "ASN1_TIME_set"}, | ||
| 103 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, | 104 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, |
| 104 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, | 105 | {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, |
| 105 | {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, | 106 | {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, |
| @@ -160,6 +161,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]= | |||
| 160 | {ASN1_R_DECODE_ERROR ,"decode error"}, | 161 | {ASN1_R_DECODE_ERROR ,"decode error"}, |
| 161 | {ASN1_R_DECODING_ERROR ,"decoding error"}, | 162 | {ASN1_R_DECODING_ERROR ,"decoding error"}, |
| 162 | {ASN1_R_ENCODE_ERROR ,"encode error"}, | 163 | {ASN1_R_ENCODE_ERROR ,"encode error"}, |
| 164 | {ASN1_R_ERROR_GETTING_TIME ,"error getting time"}, | ||
| 163 | {ASN1_R_ERROR_LOADING_SECTION ,"error loading section"}, | 165 | {ASN1_R_ERROR_LOADING_SECTION ,"error loading section"}, |
| 164 | {ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, | 166 | {ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, |
| 165 | {ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, | 167 | {ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, |
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_par.c b/src/lib/libssl/src/crypto/asn1/asn1_par.c index 4223c9ae45..1799657141 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_par.c +++ b/src/lib/libssl/src/crypto/asn1/asn1_par.c | |||
| @@ -79,12 +79,7 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, | |||
| 79 | else | 79 | else |
| 80 | p="prim: "; | 80 | p="prim: "; |
| 81 | if (BIO_write(bp,p,6) < 6) goto err; | 81 | if (BIO_write(bp,p,6) < 6) goto err; |
| 82 | if (indent) | 82 | BIO_indent(bp,indent,128); |
| 83 | { | ||
| 84 | if (indent > 128) indent=128; | ||
| 85 | memset(str,' ',indent); | ||
| 86 | if (BIO_write(bp,str,indent) < indent) goto err; | ||
| 87 | } | ||
| 88 | 83 | ||
| 89 | p=str; | 84 | p=str; |
| 90 | if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) | 85 | if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) |
diff --git a/src/lib/libssl/src/crypto/asn1/f_int.c b/src/lib/libssl/src/crypto/asn1/f_int.c index 48cc3bfb90..9494e597ab 100644 --- a/src/lib/libssl/src/crypto/asn1/f_int.c +++ b/src/lib/libssl/src/crypto/asn1/f_int.c | |||
| @@ -169,8 +169,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) | |||
| 169 | sp=(unsigned char *)OPENSSL_malloc( | 169 | sp=(unsigned char *)OPENSSL_malloc( |
| 170 | (unsigned int)num+i*2); | 170 | (unsigned int)num+i*2); |
| 171 | else | 171 | else |
| 172 | sp=(unsigned char *)OPENSSL_realloc(s, | 172 | sp=OPENSSL_realloc_clean(s,slen,num+i*2); |
| 173 | (unsigned int)num+i*2); | ||
| 174 | if (sp == NULL) | 173 | if (sp == NULL) |
| 175 | { | 174 | { |
| 176 | ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); | 175 | ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); |
diff --git a/src/lib/libssl/src/crypto/asn1/n_pkey.c b/src/lib/libssl/src/crypto/asn1/n_pkey.c index 9146ee02c9..766b51c538 100644 --- a/src/lib/libssl/src/crypto/asn1/n_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/n_pkey.c | |||
| @@ -187,7 +187,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 187 | i2d_NETSCAPE_PKEY(pkey,&zz); | 187 | i2d_NETSCAPE_PKEY(pkey,&zz); |
| 188 | 188 | ||
| 189 | /* Wipe the private key encoding */ | 189 | /* Wipe the private key encoding */ |
| 190 | memset(pkey->private_key->data, 0, rsalen); | 190 | OPENSSL_cleanse(pkey->private_key->data, rsalen); |
| 191 | 191 | ||
| 192 | if (cb == NULL) | 192 | if (cb == NULL) |
| 193 | cb=EVP_read_pw_string; | 193 | cb=EVP_read_pw_string; |
| @@ -206,7 +206,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | |||
| 206 | } | 206 | } |
| 207 | 207 | ||
| 208 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); | 208 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); |
| 209 | memset(buf,0,256); | 209 | OPENSSL_cleanse(buf,256); |
| 210 | 210 | ||
| 211 | /* Encrypt private key in place */ | 211 | /* Encrypt private key in place */ |
| 212 | zz = enckey->enckey->digest->data; | 212 | zz = enckey->enckey->digest->data; |
| @@ -294,7 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, | |||
| 294 | } | 294 | } |
| 295 | 295 | ||
| 296 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); | 296 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); |
| 297 | memset(buf,0,256); | 297 | OPENSSL_cleanse(buf,256); |
| 298 | 298 | ||
| 299 | EVP_CIPHER_CTX_init(&ctx); | 299 | EVP_CIPHER_CTX_init(&ctx); |
| 300 | EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL); | 300 | EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL); |
diff --git a/src/lib/libssl/src/crypto/asn1/p8_pkey.c b/src/lib/libssl/src/crypto/asn1/p8_pkey.c index b634d5bc85..24b409132f 100644 --- a/src/lib/libssl/src/crypto/asn1/p8_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/p8_pkey.c | |||
| @@ -68,8 +68,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 68 | if(operation == ASN1_OP_FREE_PRE) { | 68 | if(operation == ASN1_OP_FREE_PRE) { |
| 69 | PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; | 69 | PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; |
| 70 | if (key->pkey->value.octet_string) | 70 | if (key->pkey->value.octet_string) |
| 71 | memset(key->pkey->value.octet_string->data, | 71 | OPENSSL_cleanse(key->pkey->value.octet_string->data, |
| 72 | 0, key->pkey->value.octet_string->length); | 72 | key->pkey->value.octet_string->length); |
| 73 | } | 73 | } |
| 74 | return 1; | 74 | return 1; |
| 75 | } | 75 | } |
diff --git a/src/lib/libssl/src/crypto/asn1/t_crl.c b/src/lib/libssl/src/crypto/asn1/t_crl.c index 60db305756..757c148df8 100644 --- a/src/lib/libssl/src/crypto/asn1/t_crl.c +++ b/src/lib/libssl/src/crypto/asn1/t_crl.c | |||
| @@ -84,11 +84,11 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) | |||
| 84 | 84 | ||
| 85 | int X509_CRL_print(BIO *out, X509_CRL *x) | 85 | int X509_CRL_print(BIO *out, X509_CRL *x) |
| 86 | { | 86 | { |
| 87 | char buf[256]; | ||
| 88 | STACK_OF(X509_REVOKED) *rev; | 87 | STACK_OF(X509_REVOKED) *rev; |
| 89 | X509_REVOKED *r; | 88 | X509_REVOKED *r; |
| 90 | long l; | 89 | long l; |
| 91 | int i, n; | 90 | int i, n; |
| 91 | char *p; | ||
| 92 | 92 | ||
| 93 | BIO_printf(out, "Certificate Revocation List (CRL):\n"); | 93 | BIO_printf(out, "Certificate Revocation List (CRL):\n"); |
| 94 | l = X509_CRL_get_version(x); | 94 | l = X509_CRL_get_version(x); |
| @@ -96,8 +96,9 @@ int X509_CRL_print(BIO *out, X509_CRL *x) | |||
| 96 | i = OBJ_obj2nid(x->sig_alg->algorithm); | 96 | i = OBJ_obj2nid(x->sig_alg->algorithm); |
| 97 | BIO_printf(out, "%8sSignature Algorithm: %s\n", "", | 97 | BIO_printf(out, "%8sSignature Algorithm: %s\n", "", |
| 98 | (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); | 98 | (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); |
| 99 | X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256); | 99 | p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0); |
| 100 | BIO_printf(out,"%8sIssuer: %s\n","",buf); | 100 | BIO_printf(out,"%8sIssuer: %s\n","",p); |
| 101 | OPENSSL_free(p); | ||
| 101 | BIO_printf(out,"%8sLast Update: ",""); | 102 | BIO_printf(out,"%8sLast Update: ",""); |
| 102 | ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); | 103 | ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); |
| 103 | BIO_printf(out,"\n%8sNext Update: ",""); | 104 | BIO_printf(out,"\n%8sNext Update: ",""); |
diff --git a/src/lib/libssl/src/crypto/asn1/t_pkey.c b/src/lib/libssl/src/crypto/asn1/t_pkey.c index b3f8364012..e1c5e5ae13 100644 --- a/src/lib/libssl/src/crypto/asn1/t_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/t_pkey.c | |||
| @@ -130,14 +130,10 @@ int RSA_print(BIO *bp, const RSA *x, int off) | |||
| 130 | goto err; | 130 | goto err; |
| 131 | } | 131 | } |
| 132 | 132 | ||
| 133 | if (off) | ||
| 134 | { | ||
| 135 | if (off > 128) off=128; | ||
| 136 | memset(str,' ',off); | ||
| 137 | } | ||
| 138 | if (x->d != NULL) | 133 | if (x->d != NULL) |
| 139 | { | 134 | { |
| 140 | if (off && (BIO_write(bp,str,off) <= 0)) goto err; | 135 | if(!BIO_indent(bp,off,128)) |
| 136 | goto err; | ||
| 141 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) | 137 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) |
| 142 | <= 0) goto err; | 138 | <= 0) goto err; |
| 143 | } | 139 | } |
| @@ -183,7 +179,6 @@ int DSA_print_fp(FILE *fp, const DSA *x, int off) | |||
| 183 | 179 | ||
| 184 | int DSA_print(BIO *bp, const DSA *x, int off) | 180 | int DSA_print(BIO *bp, const DSA *x, int off) |
| 185 | { | 181 | { |
| 186 | char str[128]; | ||
| 187 | unsigned char *m=NULL; | 182 | unsigned char *m=NULL; |
| 188 | int ret=0; | 183 | int ret=0; |
| 189 | size_t buf_len=0,i; | 184 | size_t buf_len=0,i; |
| @@ -210,14 +205,10 @@ int DSA_print(BIO *bp, const DSA *x, int off) | |||
| 210 | goto err; | 205 | goto err; |
| 211 | } | 206 | } |
| 212 | 207 | ||
| 213 | if (off) | ||
| 214 | { | ||
| 215 | if (off > 128) off=128; | ||
| 216 | memset(str,' ',off); | ||
| 217 | } | ||
| 218 | if (x->priv_key != NULL) | 208 | if (x->priv_key != NULL) |
| 219 | { | 209 | { |
| 220 | if (off && (BIO_write(bp,str,off) <= 0)) goto err; | 210 | if(!BIO_indent(bp,off,128)) |
| 211 | goto err; | ||
| 221 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) | 212 | if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) |
| 222 | <= 0) goto err; | 213 | <= 0) goto err; |
| 223 | } | 214 | } |
| @@ -240,17 +231,12 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, | |||
| 240 | int off) | 231 | int off) |
| 241 | { | 232 | { |
| 242 | int n,i; | 233 | int n,i; |
| 243 | char str[128]; | ||
| 244 | const char *neg; | 234 | const char *neg; |
| 245 | 235 | ||
| 246 | if (num == NULL) return(1); | 236 | if (num == NULL) return(1); |
| 247 | neg=(num->neg)?"-":""; | 237 | neg=(num->neg)?"-":""; |
| 248 | if (off) | 238 | if(!BIO_indent(bp,off,128)) |
| 249 | { | 239 | return 0; |
| 250 | if (off > 128) off=128; | ||
| 251 | memset(str,' ',off); | ||
| 252 | if (BIO_write(bp,str,off) <= 0) return(0); | ||
| 253 | } | ||
| 254 | 240 | ||
| 255 | if (BN_num_bytes(num) <= BN_BYTES) | 241 | if (BN_num_bytes(num) <= BN_BYTES) |
| 256 | { | 242 | { |
| @@ -274,9 +260,9 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, | |||
| 274 | { | 260 | { |
| 275 | if ((i%15) == 0) | 261 | if ((i%15) == 0) |
| 276 | { | 262 | { |
| 277 | str[0]='\n'; | 263 | if(BIO_puts(bp,"\n") <= 0 |
| 278 | memset(&(str[1]),' ',off+4); | 264 | || !BIO_indent(bp,off+4,128)) |
| 279 | if (BIO_write(bp,str,off+1+4) <= 0) return(0); | 265 | return 0; |
| 280 | } | 266 | } |
| 281 | if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":") | 267 | if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":") |
| 282 | <= 0) return(0); | 268 | <= 0) return(0); |
diff --git a/src/lib/libssl/src/crypto/asn1/t_req.c b/src/lib/libssl/src/crypto/asn1/t_req.c index eca97e00cb..740cee80c0 100644 --- a/src/lib/libssl/src/crypto/asn1/t_req.c +++ b/src/lib/libssl/src/crypto/asn1/t_req.c | |||
| @@ -91,7 +91,6 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 91 | EVP_PKEY *pkey; | 91 | EVP_PKEY *pkey; |
| 92 | STACK_OF(X509_ATTRIBUTE) *sk; | 92 | STACK_OF(X509_ATTRIBUTE) *sk; |
| 93 | STACK_OF(X509_EXTENSION) *exts; | 93 | STACK_OF(X509_EXTENSION) *exts; |
| 94 | char str[128]; | ||
| 95 | char mlch = ' '; | 94 | char mlch = ' '; |
| 96 | int nmindent = 0; | 95 | int nmindent = 0; |
| 97 | 96 | ||
| @@ -116,9 +115,9 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 116 | l=0; | 115 | l=0; |
| 117 | for (i=0; i<ri->version->length; i++) | 116 | for (i=0; i<ri->version->length; i++) |
| 118 | { l<<=8; l+=ri->version->data[i]; } | 117 | { l<<=8; l+=ri->version->data[i]; } |
| 119 | snprintf(str,sizeof str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg, | 118 | if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg, |
| 120 | l,neg,l); | 119 | l) <= 0) |
| 121 | if (BIO_puts(bp,str) <= 0) goto err; | 120 | goto err; |
| 122 | } | 121 | } |
| 123 | if(!(cflag & X509_FLAG_NO_SUBJECT)) | 122 | if(!(cflag & X509_FLAG_NO_SUBJECT)) |
| 124 | { | 123 | { |
| @@ -169,14 +168,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 169 | if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) | 168 | if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) |
| 170 | { | 169 | { |
| 171 | /* may not be */ | 170 | /* may not be */ |
| 172 | snprintf(str,sizeof str,"%8sAttributes:\n",""); | 171 | if(BIO_printf(bp,"%8sAttributes:\n","") <= 0) |
| 173 | if (BIO_puts(bp,str) <= 0) goto err; | 172 | goto err; |
| 174 | 173 | ||
| 175 | sk=x->req_info->attributes; | 174 | sk=x->req_info->attributes; |
| 176 | if (sk_X509_ATTRIBUTE_num(sk) == 0) | 175 | if (sk_X509_ATTRIBUTE_num(sk) == 0) |
| 177 | { | 176 | { |
| 178 | snprintf(str,sizeof str,"%12sa0:00\n",""); | 177 | if(BIO_printf(bp,"%12sa0:00\n","") <= 0) |
| 179 | if (BIO_puts(bp,str) <= 0) goto err; | 178 | goto err; |
| 180 | } | 179 | } |
| 181 | else | 180 | else |
| 182 | { | 181 | { |
| @@ -191,8 +190,8 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long | |||
| 191 | a=sk_X509_ATTRIBUTE_value(sk,i); | 190 | a=sk_X509_ATTRIBUTE_value(sk,i); |
| 192 | if(X509_REQ_extension_nid(OBJ_obj2nid(a->object))) | 191 | if(X509_REQ_extension_nid(OBJ_obj2nid(a->object))) |
| 193 | continue; | 192 | continue; |
| 194 | snprintf(str,sizeof str,"%12s",""); | 193 | if(BIO_printf(bp,"%12s","") <= 0) |
| 195 | if (BIO_puts(bp,str) <= 0) goto err; | 194 | goto err; |
| 196 | if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) | 195 | if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) |
| 197 | { | 196 | { |
| 198 | if (a->single) | 197 | if (a->single) |
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c index 5de4833ed0..d1034c47f8 100644 --- a/src/lib/libssl/src/crypto/asn1/t_x509.c +++ b/src/lib/libssl/src/crypto/asn1/t_x509.c | |||
| @@ -433,15 +433,17 @@ err: | |||
| 433 | 433 | ||
| 434 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) | 434 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) |
| 435 | { | 435 | { |
| 436 | char *s,*c; | 436 | char *s,*c,*b; |
| 437 | int ret=0,l,ll,i,first=1; | 437 | int ret=0,l,ll,i,first=1; |
| 438 | char buf[256]; | ||
| 439 | 438 | ||
| 440 | ll=80-2-obase; | 439 | ll=80-2-obase; |
| 441 | 440 | ||
| 442 | s=X509_NAME_oneline(name,buf,256); | 441 | b=s=X509_NAME_oneline(name,NULL,0); |
| 443 | if (!*s) | 442 | if (!*s) |
| 443 | { | ||
| 444 | OPENSSL_free(b); | ||
| 444 | return 1; | 445 | return 1; |
| 446 | } | ||
| 445 | s++; /* skip the first slash */ | 447 | s++; /* skip the first slash */ |
| 446 | 448 | ||
| 447 | l=ll; | 449 | l=ll; |
| @@ -497,6 +499,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) | |||
| 497 | err: | 499 | err: |
| 498 | X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); | 500 | X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); |
| 499 | } | 501 | } |
| 502 | OPENSSL_free(b); | ||
| 500 | return(ret); | 503 | return(ret); |
| 501 | } | 504 | } |
| 502 | 505 | ||
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509a.c b/src/lib/libssl/src/crypto/asn1/t_x509a.c index 7d4a6e6084..ffbbfb51f4 100644 --- a/src/lib/libssl/src/crypto/asn1/t_x509a.c +++ b/src/lib/libssl/src/crypto/asn1/t_x509a.c | |||
| @@ -77,7 +77,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) | |||
| 77 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { | 77 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { |
| 78 | if(!first) BIO_puts(out, ", "); | 78 | if(!first) BIO_puts(out, ", "); |
| 79 | else first = 0; | 79 | else first = 0; |
| 80 | OBJ_obj2txt(oidstr, 80, | 80 | OBJ_obj2txt(oidstr, sizeof oidstr, |
| 81 | sk_ASN1_OBJECT_value(aux->trust, i), 0); | 81 | sk_ASN1_OBJECT_value(aux->trust, i), 0); |
| 82 | BIO_puts(out, oidstr); | 82 | BIO_puts(out, oidstr); |
| 83 | } | 83 | } |
| @@ -90,7 +90,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) | |||
| 90 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { | 90 | for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { |
| 91 | if(!first) BIO_puts(out, ", "); | 91 | if(!first) BIO_puts(out, ", "); |
| 92 | else first = 0; | 92 | else first = 0; |
| 93 | OBJ_obj2txt(oidstr, 80, | 93 | OBJ_obj2txt(oidstr, sizeof oidstr, |
| 94 | sk_ASN1_OBJECT_value(aux->reject, i), 0); | 94 | sk_ASN1_OBJECT_value(aux->reject, i), 0); |
| 95 | BIO_puts(out, oidstr); | 95 | BIO_puts(out, oidstr); |
| 96 | } | 96 | } |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c index f87c08793a..76fc023230 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c | |||
| @@ -664,7 +664,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl | |||
| 664 | if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; | 664 | if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; |
| 665 | len = buf.length; | 665 | len = buf.length; |
| 666 | /* Append a final null to string */ | 666 | /* Append a final null to string */ |
| 667 | if(!BUF_MEM_grow(&buf, len + 1)) { | 667 | if(!BUF_MEM_grow_clean(&buf, len + 1)) { |
| 668 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); | 668 | ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); |
| 669 | return 0; | 669 | return 0; |
| 670 | } | 670 | } |
| @@ -857,7 +857,7 @@ static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) | |||
| 857 | int len; | 857 | int len; |
| 858 | if(buf) { | 858 | if(buf) { |
| 859 | len = buf->length; | 859 | len = buf->length; |
| 860 | if(!BUF_MEM_grow(buf, len + plen)) { | 860 | if(!BUF_MEM_grow_clean(buf, len + plen)) { |
| 861 | ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); | 861 | ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); |
| 862 | return 0; | 862 | return 0; |
| 863 | } | 863 | } |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_fre.c b/src/lib/libssl/src/crypto/asn1/tasn_fre.c index c7610776f2..2dd844159e 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_fre.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_fre.c | |||
| @@ -206,7 +206,10 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 206 | break; | 206 | break; |
| 207 | 207 | ||
| 208 | case V_ASN1_BOOLEAN: | 208 | case V_ASN1_BOOLEAN: |
| 209 | *(ASN1_BOOLEAN *)pval = it->size; | 209 | if (it) |
| 210 | *(ASN1_BOOLEAN *)pval = it->size; | ||
| 211 | else | ||
| 212 | *(ASN1_BOOLEAN *)pval = -1; | ||
| 210 | return; | 213 | return; |
| 211 | 214 | ||
| 212 | case V_ASN1_NULL: | 215 | case V_ASN1_NULL: |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_new.c b/src/lib/libssl/src/crypto/asn1/tasn_new.c index e33861f864..a0e3db574f 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_new.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_new.c | |||
| @@ -305,7 +305,10 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) | |||
| 305 | return 1; | 305 | return 1; |
| 306 | 306 | ||
| 307 | case V_ASN1_BOOLEAN: | 307 | case V_ASN1_BOOLEAN: |
| 308 | *(ASN1_BOOLEAN *)pval = it->size; | 308 | if (it) |
| 309 | *(ASN1_BOOLEAN *)pval = it->size; | ||
| 310 | else | ||
| 311 | *(ASN1_BOOLEAN *)pval = -1; | ||
| 309 | return 1; | 312 | return 1; |
| 310 | 313 | ||
| 311 | case V_ASN1_NULL: | 314 | case V_ASN1_NULL: |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_prn.c b/src/lib/libssl/src/crypto/asn1/tasn_prn.c index fab67ae5ac..719639b511 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_prn.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_prn.c | |||
| @@ -186,7 +186,7 @@ if(*bool == -1) printf("BOOL MISSING\n"); | |||
| 186 | char objbuf[80], *ln; | 186 | char objbuf[80], *ln; |
| 187 | ln = OBJ_nid2ln(OBJ_obj2nid(fld)); | 187 | ln = OBJ_nid2ln(OBJ_obj2nid(fld)); |
| 188 | if(!ln) ln = ""; | 188 | if(!ln) ln = ""; |
| 189 | OBJ_obj2txt(objbuf, 80, fld, 1); | 189 | OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1); |
| 190 | BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf); | 190 | BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf); |
| 191 | } else { | 191 | } else { |
| 192 | BIO_printf(out, "%*s%s:", indent, "", name); | 192 | BIO_printf(out, "%*s%s:", indent, "", name); |
diff --git a/src/lib/libssl/src/crypto/bf/Makefile.ssl b/src/lib/libssl/src/crypto/bf/Makefile.ssl index 079f7e860c..7dfdf9d871 100644 --- a/src/lib/libssl/src/crypto/bf/Makefile.ssl +++ b/src/lib/libssl/src/crypto/bf/Makefile.ssl | |||
| @@ -49,14 +49,8 @@ lib: $(LIBOBJ) | |||
| 49 | @touch lib | 49 | @touch lib |
| 50 | 50 | ||
| 51 | # elf | 51 | # elf |
| 52 | asm/bx86-elf.o: asm/bx86unix.cpp | 52 | asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 53 | $(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o | 53 | (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s) |
| 54 | |||
| 55 | # solaris | ||
| 56 | asm/bx86-sol.o: asm/bx86unix.cpp | ||
| 57 | $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s | ||
| 58 | as -o asm/bx86-sol.o asm/bx86-sol.s | ||
| 59 | rm -f asm/bx86-sol.s | ||
| 60 | 54 | ||
| 61 | # a.out | 55 | # a.out |
| 62 | asm/bx86-out.o: asm/bx86unix.cpp | 56 | asm/bx86-out.o: asm/bx86unix.cpp |
| @@ -96,14 +90,14 @@ lint: | |||
| 96 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 90 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 97 | 91 | ||
| 98 | depend: | 92 | depend: |
| 99 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 93 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 100 | 94 | ||
| 101 | dclean: | 95 | dclean: |
| 102 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 96 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 103 | mv -f Makefile.new $(MAKEFILE) | 97 | mv -f Makefile.new $(MAKEFILE) |
| 104 | 98 | ||
| 105 | clean: | 99 | clean: |
| 106 | rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 100 | rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 107 | 101 | ||
| 108 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 102 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 109 | 103 | ||
diff --git a/src/lib/libssl/src/crypto/bf/bftest.c b/src/lib/libssl/src/crypto/bf/bftest.c index 09895f2542..24d526b14b 100644 --- a/src/lib/libssl/src/crypto/bf/bftest.c +++ b/src/lib/libssl/src/crypto/bf/bftest.c | |||
| @@ -63,6 +63,8 @@ | |||
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | #include <stdlib.h> | 64 | #include <stdlib.h> |
| 65 | 65 | ||
| 66 | #include "../e_os.h" | ||
| 67 | |||
| 66 | #ifdef OPENSSL_NO_BF | 68 | #ifdef OPENSSL_NO_BF |
| 67 | int main(int argc, char *argv[]) | 69 | int main(int argc, char *argv[]) |
| 68 | { | 70 | { |
| @@ -275,7 +277,7 @@ int main(int argc, char *argv[]) | |||
| 275 | else | 277 | else |
| 276 | ret=test(); | 278 | ret=test(); |
| 277 | 279 | ||
| 278 | exit(ret); | 280 | EXIT(ret); |
| 279 | return(0); | 281 | return(0); |
| 280 | } | 282 | } |
| 281 | 283 | ||
| @@ -454,9 +456,9 @@ static int test(void) | |||
| 454 | len=strlen(cbc_data)+1; | 456 | len=strlen(cbc_data)+1; |
| 455 | 457 | ||
| 456 | BF_set_key(&key,16,cbc_key); | 458 | BF_set_key(&key,16,cbc_key); |
| 457 | memset(cbc_in,0,40); | 459 | memset(cbc_in,0,sizeof cbc_in); |
| 458 | memset(cbc_out,0,40); | 460 | memset(cbc_out,0,sizeof cbc_out); |
| 459 | memcpy(iv,cbc_iv,8); | 461 | memcpy(iv,cbc_iv,sizeof iv); |
| 460 | BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len, | 462 | BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len, |
| 461 | &key,iv,BF_ENCRYPT); | 463 | &key,iv,BF_ENCRYPT); |
| 462 | if (memcmp(cbc_out,cbc_ok,32) != 0) | 464 | if (memcmp(cbc_out,cbc_ok,32) != 0) |
diff --git a/src/lib/libssl/src/crypto/bio/Makefile.ssl b/src/lib/libssl/src/crypto/bio/Makefile.ssl index dfcee03448..d0b9e297b0 100644 --- a/src/lib/libssl/src/crypto/bio/Makefile.ssl +++ b/src/lib/libssl/src/crypto/bio/Makefile.ssl | |||
| @@ -78,7 +78,7 @@ lint: | |||
| 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 79 | 79 | ||
| 80 | depend: | 80 | depend: |
| 81 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 81 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 82 | 82 | ||
| 83 | dclean: | 83 | dclean: |
| 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/bio/b_print.c b/src/lib/libssl/src/crypto/bio/b_print.c index 80c9cb69db..a9e552f245 100644 --- a/src/lib/libssl/src/crypto/bio/b_print.c +++ b/src/lib/libssl/src/crypto/bio/b_print.c | |||
| @@ -378,7 +378,7 @@ _dopr( | |||
| 378 | case 'p': | 378 | case 'p': |
| 379 | value = (long)va_arg(args, void *); | 379 | value = (long)va_arg(args, void *); |
| 380 | fmtint(sbuffer, buffer, &currlen, maxlen, | 380 | fmtint(sbuffer, buffer, &currlen, maxlen, |
| 381 | value, 16, min, max, flags); | 381 | value, 16, min, max, flags|DP_F_NUM); |
| 382 | break; | 382 | break; |
| 383 | case 'n': /* XXX */ | 383 | case 'n': /* XXX */ |
| 384 | if (cflags == DP_C_SHORT) { | 384 | if (cflags == DP_C_SHORT) { |
| @@ -482,8 +482,9 @@ fmtint( | |||
| 482 | int flags) | 482 | int flags) |
| 483 | { | 483 | { |
| 484 | int signvalue = 0; | 484 | int signvalue = 0; |
| 485 | char *prefix = ""; | ||
| 485 | unsigned LLONG uvalue; | 486 | unsigned LLONG uvalue; |
| 486 | char convert[20]; | 487 | char convert[DECIMAL_SIZE(value)+3]; |
| 487 | int place = 0; | 488 | int place = 0; |
| 488 | int spadlen = 0; | 489 | int spadlen = 0; |
| 489 | int zpadlen = 0; | 490 | int zpadlen = 0; |
| @@ -501,6 +502,10 @@ fmtint( | |||
| 501 | else if (flags & DP_F_SPACE) | 502 | else if (flags & DP_F_SPACE) |
| 502 | signvalue = ' '; | 503 | signvalue = ' '; |
| 503 | } | 504 | } |
| 505 | if (flags & DP_F_NUM) { | ||
| 506 | if (base == 8) prefix = "0"; | ||
| 507 | if (base == 16) prefix = "0x"; | ||
| 508 | } | ||
| 504 | if (flags & DP_F_UP) | 509 | if (flags & DP_F_UP) |
| 505 | caps = 1; | 510 | caps = 1; |
| 506 | do { | 511 | do { |
| @@ -508,13 +513,13 @@ fmtint( | |||
| 508 | (caps ? "0123456789ABCDEF" : "0123456789abcdef") | 513 | (caps ? "0123456789ABCDEF" : "0123456789abcdef") |
| 509 | [uvalue % (unsigned) base]; | 514 | [uvalue % (unsigned) base]; |
| 510 | uvalue = (uvalue / (unsigned) base); | 515 | uvalue = (uvalue / (unsigned) base); |
| 511 | } while (uvalue && (place < 20)); | 516 | } while (uvalue && (place < sizeof convert)); |
| 512 | if (place == 20) | 517 | if (place == sizeof convert) |
| 513 | place--; | 518 | place--; |
| 514 | convert[place] = 0; | 519 | convert[place] = 0; |
| 515 | 520 | ||
| 516 | zpadlen = max - place; | 521 | zpadlen = max - place; |
| 517 | spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0); | 522 | spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix); |
| 518 | if (zpadlen < 0) | 523 | if (zpadlen < 0) |
| 519 | zpadlen = 0; | 524 | zpadlen = 0; |
| 520 | if (spadlen < 0) | 525 | if (spadlen < 0) |
| @@ -536,6 +541,12 @@ fmtint( | |||
| 536 | if (signvalue) | 541 | if (signvalue) |
| 537 | doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); | 542 | doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); |
| 538 | 543 | ||
| 544 | /* prefix */ | ||
| 545 | while (*prefix) { | ||
| 546 | doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix); | ||
| 547 | prefix++; | ||
| 548 | } | ||
| 549 | |||
| 539 | /* zeros */ | 550 | /* zeros */ |
| 540 | if (zpadlen > 0) { | 551 | if (zpadlen > 0) { |
| 541 | while (zpadlen > 0) { | 552 | while (zpadlen > 0) { |
| @@ -641,8 +652,8 @@ fmtfp( | |||
| 641 | (caps ? "0123456789ABCDEF" | 652 | (caps ? "0123456789ABCDEF" |
| 642 | : "0123456789abcdef")[intpart % 10]; | 653 | : "0123456789abcdef")[intpart % 10]; |
| 643 | intpart = (intpart / 10); | 654 | intpart = (intpart / 10); |
| 644 | } while (intpart && (iplace < 20)); | 655 | } while (intpart && (iplace < sizeof iplace)); |
| 645 | if (iplace == 20) | 656 | if (iplace == sizeof iplace) |
| 646 | iplace--; | 657 | iplace--; |
| 647 | iconvert[iplace] = 0; | 658 | iconvert[iplace] = 0; |
| 648 | 659 | ||
| @@ -653,7 +664,7 @@ fmtfp( | |||
| 653 | : "0123456789abcdef")[fracpart % 10]; | 664 | : "0123456789abcdef")[fracpart % 10]; |
| 654 | fracpart = (fracpart / 10); | 665 | fracpart = (fracpart / 10); |
| 655 | } while (fplace < max); | 666 | } while (fplace < max); |
| 656 | if (fplace == 20) | 667 | if (fplace == sizeof fplace) |
| 657 | fplace--; | 668 | fplace--; |
| 658 | fconvert[fplace] = 0; | 669 | fconvert[fplace] = 0; |
| 659 | 670 | ||
| @@ -692,7 +703,7 @@ fmtfp( | |||
| 692 | * Decimal point. This should probably use locale to find the correct | 703 | * Decimal point. This should probably use locale to find the correct |
| 693 | * char to print out. | 704 | * char to print out. |
| 694 | */ | 705 | */ |
| 695 | if (max > 0) { | 706 | if (max > 0 || (flags & DP_F_NUM)) { |
| 696 | doapr_outch(sbuffer, buffer, currlen, maxlen, '.'); | 707 | doapr_outch(sbuffer, buffer, currlen, maxlen, '.'); |
| 697 | 708 | ||
| 698 | while (fplace > 0) | 709 | while (fplace > 0) |
diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c index 7632c2d85e..5282f8a8f7 100644 --- a/src/lib/libssl/src/crypto/bio/b_sock.c +++ b/src/lib/libssl/src/crypto/bio/b_sock.c | |||
| @@ -83,6 +83,7 @@ | |||
| 83 | static int wsa_init_done=0; | 83 | static int wsa_init_done=0; |
| 84 | #endif | 84 | #endif |
| 85 | 85 | ||
| 86 | #if 0 | ||
| 86 | static unsigned long BIO_ghbn_hits=0L; | 87 | static unsigned long BIO_ghbn_hits=0L; |
| 87 | static unsigned long BIO_ghbn_miss=0L; | 88 | static unsigned long BIO_ghbn_miss=0L; |
| 88 | 89 | ||
| @@ -93,6 +94,7 @@ static struct ghbn_cache_st | |||
| 93 | struct hostent *ent; | 94 | struct hostent *ent; |
| 94 | unsigned long order; | 95 | unsigned long order; |
| 95 | } ghbn_cache[GHBN_NUM]; | 96 | } ghbn_cache[GHBN_NUM]; |
| 97 | #endif | ||
| 96 | 98 | ||
| 97 | static int get_ip(const char *str,unsigned char *ip); | 99 | static int get_ip(const char *str,unsigned char *ip); |
| 98 | #if 0 | 100 | #if 0 |
| @@ -230,6 +232,7 @@ int BIO_sock_error(int sock) | |||
| 230 | return(j); | 232 | return(j); |
| 231 | } | 233 | } |
| 232 | 234 | ||
| 235 | #if 0 | ||
| 233 | long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) | 236 | long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) |
| 234 | { | 237 | { |
| 235 | int i; | 238 | int i; |
| @@ -267,6 +270,7 @@ long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) | |||
| 267 | } | 270 | } |
| 268 | return(1); | 271 | return(1); |
| 269 | } | 272 | } |
| 273 | #endif | ||
| 270 | 274 | ||
| 271 | #if 0 | 275 | #if 0 |
| 272 | static struct hostent *ghbn_dup(struct hostent *a) | 276 | static struct hostent *ghbn_dup(struct hostent *a) |
| @@ -463,6 +467,12 @@ int BIO_sock_init(void) | |||
| 463 | } | 467 | } |
| 464 | } | 468 | } |
| 465 | #endif /* OPENSSL_SYS_WINDOWS */ | 469 | #endif /* OPENSSL_SYS_WINDOWS */ |
| 470 | #ifdef WATT32 | ||
| 471 | extern int _watt_do_exit; | ||
| 472 | _watt_do_exit = 0; /* don't make sock_init() call exit() */ | ||
| 473 | if (sock_init()) | ||
| 474 | return (-1); | ||
| 475 | #endif | ||
| 466 | return(1); | 476 | return(1); |
| 467 | } | 477 | } |
| 468 | 478 | ||
| @@ -472,7 +482,9 @@ void BIO_sock_cleanup(void) | |||
| 472 | if (wsa_init_done) | 482 | if (wsa_init_done) |
| 473 | { | 483 | { |
| 474 | wsa_init_done=0; | 484 | wsa_init_done=0; |
| 485 | #ifndef OPENSSL_SYS_WINCE | ||
| 475 | WSACancelBlockingCall(); | 486 | WSACancelBlockingCall(); |
| 487 | #endif | ||
| 476 | WSACleanup(); | 488 | WSACleanup(); |
| 477 | } | 489 | } |
| 478 | #endif | 490 | #endif |
| @@ -480,7 +492,7 @@ void BIO_sock_cleanup(void) | |||
| 480 | 492 | ||
| 481 | #if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000 | 493 | #if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000 |
| 482 | 494 | ||
| 483 | int BIO_socket_ioctl(int fd, long type, unsigned long *arg) | 495 | int BIO_socket_ioctl(int fd, long type, void *arg) |
| 484 | { | 496 | { |
| 485 | int i; | 497 | int i; |
| 486 | 498 | ||
| @@ -730,7 +742,7 @@ int BIO_set_tcp_ndelay(int s, int on) | |||
| 730 | int BIO_socket_nbio(int s, int mode) | 742 | int BIO_socket_nbio(int s, int mode) |
| 731 | { | 743 | { |
| 732 | int ret= -1; | 744 | int ret= -1; |
| 733 | unsigned long l; | 745 | int l; |
| 734 | 746 | ||
| 735 | l=mode; | 747 | l=mode; |
| 736 | #ifdef FIONBIO | 748 | #ifdef FIONBIO |
diff --git a/src/lib/libssl/src/crypto/bio/bf_buff.c b/src/lib/libssl/src/crypto/bio/bf_buff.c index 6ccda06596..1cecd70579 100644 --- a/src/lib/libssl/src/crypto/bio/bf_buff.c +++ b/src/lib/libssl/src/crypto/bio/bf_buff.c | |||
| @@ -482,7 +482,7 @@ static int buffer_gets(BIO *b, char *buf, int size) | |||
| 482 | size-=i; | 482 | size-=i; |
| 483 | ctx->ibuf_len-=i; | 483 | ctx->ibuf_len-=i; |
| 484 | ctx->ibuf_off+=i; | 484 | ctx->ibuf_off+=i; |
| 485 | if ((flag) || (i == size)) | 485 | if (flag || size == 0) |
| 486 | { | 486 | { |
| 487 | *buf='\0'; | 487 | *buf='\0'; |
| 488 | return(num); | 488 | return(num); |
diff --git a/src/lib/libssl/src/crypto/bio/bio.h b/src/lib/libssl/src/crypto/bio/bio.h index c5caf253c9..fbbc16d00c 100644 --- a/src/lib/libssl/src/crypto/bio/bio.h +++ b/src/lib/libssl/src/crypto/bio/bio.h | |||
| @@ -244,7 +244,7 @@ typedef struct bio_method_st | |||
| 244 | long (_far *ctrl)(); | 244 | long (_far *ctrl)(); |
| 245 | int (_far *create)(); | 245 | int (_far *create)(); |
| 246 | int (_far *destroy)(); | 246 | int (_far *destroy)(); |
| 247 | long (_fat *callback_ctrl)(); | 247 | long (_far *callback_ctrl)(); |
| 248 | } BIO_METHOD; | 248 | } BIO_METHOD; |
| 249 | #endif | 249 | #endif |
| 250 | 250 | ||
| @@ -522,6 +522,7 @@ int BIO_read(BIO *b, void *data, int len); | |||
| 522 | int BIO_gets(BIO *bp,char *buf, int size); | 522 | int BIO_gets(BIO *bp,char *buf, int size); |
| 523 | int BIO_write(BIO *b, const void *data, int len); | 523 | int BIO_write(BIO *b, const void *data, int len); |
| 524 | int BIO_puts(BIO *bp,const char *buf); | 524 | int BIO_puts(BIO *bp,const char *buf); |
| 525 | int BIO_indent(BIO *b,int indent,int max); | ||
| 525 | long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); | 526 | long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); |
| 526 | long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)); | 527 | long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)); |
| 527 | char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg); | 528 | char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg); |
| @@ -584,7 +585,7 @@ struct hostent *BIO_gethostbyname(const char *name); | |||
| 584 | * and an appropriate error code is set). | 585 | * and an appropriate error code is set). |
| 585 | */ | 586 | */ |
| 586 | int BIO_sock_error(int sock); | 587 | int BIO_sock_error(int sock); |
| 587 | int BIO_socket_ioctl(int fd, long type, unsigned long *arg); | 588 | int BIO_socket_ioctl(int fd, long type, void *arg); |
| 588 | int BIO_socket_nbio(int fd,int mode); | 589 | int BIO_socket_nbio(int fd,int mode); |
| 589 | int BIO_get_port(const char *str, unsigned short *port_ptr); | 590 | int BIO_get_port(const char *str, unsigned short *port_ptr); |
| 590 | int BIO_get_host_ip(const char *str, unsigned char *ip); | 591 | int BIO_get_host_ip(const char *str, unsigned char *ip); |
| @@ -608,7 +609,7 @@ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, | |||
| 608 | 609 | ||
| 609 | void BIO_copy_next_retry(BIO *b); | 610 | void BIO_copy_next_retry(BIO *b); |
| 610 | 611 | ||
| 611 | long BIO_ghbn_ctrl(int cmd,int iarg,char *parg); | 612 | /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ |
| 612 | 613 | ||
| 613 | int BIO_printf(BIO *bio, const char *format, ...); | 614 | int BIO_printf(BIO *bio, const char *format, ...); |
| 614 | int BIO_vprintf(BIO *bio, const char *format, va_list args); | 615 | int BIO_vprintf(BIO *bio, const char *format, va_list args); |
diff --git a/src/lib/libssl/src/crypto/bio/bio_lib.c b/src/lib/libssl/src/crypto/bio/bio_lib.c index 50df2238fa..692c8fb5c6 100644 --- a/src/lib/libssl/src/crypto/bio/bio_lib.c +++ b/src/lib/libssl/src/crypto/bio/bio_lib.c | |||
| @@ -272,6 +272,18 @@ int BIO_gets(BIO *b, char *in, int inl) | |||
| 272 | return(i); | 272 | return(i); |
| 273 | } | 273 | } |
| 274 | 274 | ||
| 275 | int BIO_indent(BIO *b,int indent,int max) | ||
| 276 | { | ||
| 277 | if(indent < 0) | ||
| 278 | indent=0; | ||
| 279 | if(indent > max) | ||
| 280 | indent=max; | ||
| 281 | while(indent--) | ||
| 282 | if(BIO_puts(b," ") != 1) | ||
| 283 | return 0; | ||
| 284 | return 1; | ||
| 285 | } | ||
| 286 | |||
| 275 | long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg) | 287 | long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg) |
| 276 | { | 288 | { |
| 277 | int i; | 289 | int i; |
| @@ -383,6 +395,8 @@ BIO *BIO_pop(BIO *b) | |||
| 383 | if (b == NULL) return(NULL); | 395 | if (b == NULL) return(NULL); |
| 384 | ret=b->next_bio; | 396 | ret=b->next_bio; |
| 385 | 397 | ||
| 398 | BIO_ctrl(b,BIO_CTRL_POP,0,NULL); | ||
| 399 | |||
| 386 | if (b->prev_bio != NULL) | 400 | if (b->prev_bio != NULL) |
| 387 | b->prev_bio->next_bio=b->next_bio; | 401 | b->prev_bio->next_bio=b->next_bio; |
| 388 | if (b->next_bio != NULL) | 402 | if (b->next_bio != NULL) |
| @@ -390,7 +404,6 @@ BIO *BIO_pop(BIO *b) | |||
| 390 | 404 | ||
| 391 | b->next_bio=NULL; | 405 | b->next_bio=NULL; |
| 392 | b->prev_bio=NULL; | 406 | b->prev_bio=NULL; |
| 393 | BIO_ctrl(b,BIO_CTRL_POP,0,NULL); | ||
| 394 | return(ret); | 407 | return(ret); |
| 395 | } | 408 | } |
| 396 | 409 | ||
diff --git a/src/lib/libssl/src/crypto/bio/bss_bio.c b/src/lib/libssl/src/crypto/bio/bss_bio.c index 1c485a4479..aa58dab046 100644 --- a/src/lib/libssl/src/crypto/bio/bss_bio.c +++ b/src/lib/libssl/src/crypto/bio/bss_bio.c | |||
| @@ -28,13 +28,12 @@ | |||
| 28 | 28 | ||
| 29 | #include <openssl/bio.h> | 29 | #include <openssl/bio.h> |
| 30 | #include <openssl/err.h> | 30 | #include <openssl/err.h> |
| 31 | #include <openssl/err.h> | ||
| 32 | #include <openssl/crypto.h> | 31 | #include <openssl/crypto.h> |
| 33 | 32 | ||
| 34 | #include "e_os.h" | 33 | #include "e_os.h" |
| 35 | 34 | ||
| 36 | /* VxWorks defines SSIZE_MAX with an empty value causing compile errors */ | 35 | /* VxWorks defines SSIZE_MAX with an empty value causing compile errors */ |
| 37 | #if defined(OPENSSL_SYS_VSWORKS) | 36 | #if defined(OPENSSL_SYS_VXWORKS) |
| 38 | # undef SSIZE_MAX | 37 | # undef SSIZE_MAX |
| 39 | #endif | 38 | #endif |
| 40 | #ifndef SSIZE_MAX | 39 | #ifndef SSIZE_MAX |
diff --git a/src/lib/libssl/src/crypto/bio/bss_conn.c b/src/lib/libssl/src/crypto/bio/bss_conn.c index 81f27dba4c..8c694140ed 100644 --- a/src/lib/libssl/src/crypto/bio/bss_conn.c +++ b/src/lib/libssl/src/crypto/bio/bss_conn.c | |||
| @@ -519,7 +519,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 519 | else if (num == 2) | 519 | else if (num == 2) |
| 520 | { | 520 | { |
| 521 | char buf[16]; | 521 | char buf[16]; |
| 522 | char *p = ptr; | 522 | unsigned char *p = ptr; |
| 523 | 523 | ||
| 524 | snprintf(buf,sizeof buf,"%d.%d.%d.%d", | 524 | snprintf(buf,sizeof buf,"%d.%d.%d.%d", |
| 525 | p[0],p[1],p[2],p[3]); | 525 | p[0],p[1],p[2],p[3]); |
| @@ -530,7 +530,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 530 | } | 530 | } |
| 531 | else if (num == 3) | 531 | else if (num == 3) |
| 532 | { | 532 | { |
| 533 | char buf[16]; | 533 | char buf[DECIMAL_SIZE(int)+1]; |
| 534 | 534 | ||
| 535 | snprintf(buf,sizeof buf,"%d",*(int *)ptr); | 535 | snprintf(buf,sizeof buf,"%d",*(int *)ptr); |
| 536 | if (data->param_port != NULL) | 536 | if (data->param_port != NULL) |
diff --git a/src/lib/libssl/src/crypto/bio/bss_file.c b/src/lib/libssl/src/crypto/bio/bss_file.c index 18e7bb86e6..e4e9df144c 100644 --- a/src/lib/libssl/src/crypto/bio/bss_file.c +++ b/src/lib/libssl/src/crypto/bio/bss_file.c | |||
| @@ -247,7 +247,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 247 | ret=0; | 247 | ret=0; |
| 248 | break; | 248 | break; |
| 249 | } | 249 | } |
| 250 | #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) | 250 | #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) |
| 251 | if (!(num & BIO_FP_TEXT)) | 251 | if (!(num & BIO_FP_TEXT)) |
| 252 | strcat(p,"b"); | 252 | strcat(p,"b"); |
| 253 | else | 253 | else |
diff --git a/src/lib/libssl/src/crypto/bio/bss_log.c b/src/lib/libssl/src/crypto/bio/bss_log.c index a39d95297c..1eb678cac0 100644 --- a/src/lib/libssl/src/crypto/bio/bss_log.c +++ b/src/lib/libssl/src/crypto/bio/bss_log.c | |||
| @@ -68,7 +68,8 @@ | |||
| 68 | 68 | ||
| 69 | #include "cryptlib.h" | 69 | #include "cryptlib.h" |
| 70 | 70 | ||
| 71 | #if defined(OPENSSL_SYS_WIN32) | 71 | #if defined(OPENSSL_SYS_WINCE) |
| 72 | #elif defined(OPENSSL_SYS_WIN32) | ||
| 72 | # include <process.h> | 73 | # include <process.h> |
| 73 | #elif defined(OPENSSL_SYS_VMS) | 74 | #elif defined(OPENSSL_SYS_VMS) |
| 74 | # include <opcdef.h> | 75 | # include <opcdef.h> |
| @@ -77,7 +78,7 @@ | |||
| 77 | # include <starlet.h> | 78 | # include <starlet.h> |
| 78 | #elif defined(__ultrix) | 79 | #elif defined(__ultrix) |
| 79 | # include <sys/syslog.h> | 80 | # include <sys/syslog.h> |
| 80 | #elif !defined(MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) /* Unix */ | 81 | #elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG) |
| 81 | # include <syslog.h> | 82 | # include <syslog.h> |
| 82 | #endif | 83 | #endif |
| 83 | 84 | ||
| @@ -274,7 +275,7 @@ static void xsyslog(BIO *bp, int priority, const char *string) | |||
| 274 | LPCSTR lpszStrings[2]; | 275 | LPCSTR lpszStrings[2]; |
| 275 | WORD evtype= EVENTLOG_ERROR_TYPE; | 276 | WORD evtype= EVENTLOG_ERROR_TYPE; |
| 276 | int pid = _getpid(); | 277 | int pid = _getpid(); |
| 277 | char pidbuf[20]; | 278 | char pidbuf[DECIMAL_SIZE(pid)+4]; |
| 278 | 279 | ||
| 279 | switch (priority) | 280 | switch (priority) |
| 280 | { | 281 | { |
| @@ -373,11 +374,15 @@ static void xcloselog(BIO* bp) | |||
| 373 | { | 374 | { |
| 374 | } | 375 | } |
| 375 | 376 | ||
| 376 | #else /* Unix */ | 377 | #else /* Unix/Watt32 */ |
| 377 | 378 | ||
| 378 | static void xopenlog(BIO* bp, char* name, int level) | 379 | static void xopenlog(BIO* bp, char* name, int level) |
| 379 | { | 380 | { |
| 381 | #ifdef WATT32 /* djgpp/DOS */ | ||
| 382 | openlog(name, LOG_PID|LOG_CONS|LOG_NDELAY, level); | ||
| 383 | #else | ||
| 380 | openlog(name, LOG_PID|LOG_CONS, level); | 384 | openlog(name, LOG_PID|LOG_CONS, level); |
| 385 | #endif | ||
| 381 | } | 386 | } |
| 382 | 387 | ||
| 383 | static void xsyslog(BIO *bp, int priority, const char *string) | 388 | static void xsyslog(BIO *bp, int priority, const char *string) |
diff --git a/src/lib/libssl/src/crypto/bio/bss_mem.c b/src/lib/libssl/src/crypto/bio/bss_mem.c index 28ff7582bf..a4edb711ae 100644 --- a/src/lib/libssl/src/crypto/bio/bss_mem.c +++ b/src/lib/libssl/src/crypto/bio/bss_mem.c | |||
| @@ -190,7 +190,7 @@ static int mem_write(BIO *b, const char *in, int inl) | |||
| 190 | 190 | ||
| 191 | BIO_clear_retry_flags(b); | 191 | BIO_clear_retry_flags(b); |
| 192 | blen=bm->length; | 192 | blen=bm->length; |
| 193 | if (BUF_MEM_grow(bm,blen+inl) != (blen+inl)) | 193 | if (BUF_MEM_grow_clean(bm,blen+inl) != (blen+inl)) |
| 194 | goto end; | 194 | goto end; |
| 195 | memcpy(&(bm->data[blen]),in,inl); | 195 | memcpy(&(bm->data[blen]),in,inl); |
| 196 | ret=inl; | 196 | ret=inl; |
| @@ -284,7 +284,11 @@ static int mem_gets(BIO *bp, char *buf, int size) | |||
| 284 | 284 | ||
| 285 | BIO_clear_retry_flags(bp); | 285 | BIO_clear_retry_flags(bp); |
| 286 | j=bm->length; | 286 | j=bm->length; |
| 287 | if (j <= 0) return(0); | 287 | if (j <= 0) |
| 288 | { | ||
| 289 | *buf='\0'; | ||
| 290 | return 0; | ||
| 291 | } | ||
| 288 | p=bm->data; | 292 | p=bm->data; |
| 289 | for (i=0; i<j; i++) | 293 | for (i=0; i<j; i++) |
| 290 | { | 294 | { |
diff --git a/src/lib/libssl/src/crypto/bio/bss_sock.c b/src/lib/libssl/src/crypto/bio/bss_sock.c index fdabd16d7e..2c1c405ec7 100644 --- a/src/lib/libssl/src/crypto/bio/bss_sock.c +++ b/src/lib/libssl/src/crypto/bio/bss_sock.c | |||
| @@ -64,6 +64,12 @@ | |||
| 64 | #include "cryptlib.h" | 64 | #include "cryptlib.h" |
| 65 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 66 | 66 | ||
| 67 | #ifdef WATT32 | ||
| 68 | #define sock_write SockWrite /* Watt-32 uses same names */ | ||
| 69 | #define sock_read SockRead | ||
| 70 | #define sock_puts SockPuts | ||
| 71 | #endif | ||
| 72 | |||
| 67 | static int sock_write(BIO *h, const char *buf, int num); | 73 | static int sock_write(BIO *h, const char *buf, int num); |
| 68 | static int sock_read(BIO *h, char *buf, int size); | 74 | static int sock_read(BIO *h, char *buf, int size); |
| 69 | static int sock_puts(BIO *h, const char *str); | 75 | static int sock_puts(BIO *h, const char *str); |
diff --git a/src/lib/libssl/src/crypto/bn/Makefile.ssl b/src/lib/libssl/src/crypto/bn/Makefile.ssl index 6a479726c4..fa17d3c7d8 100644 --- a/src/lib/libssl/src/crypto/bn/Makefile.ssl +++ b/src/lib/libssl/src/crypto/bn/Makefile.ssl | |||
| @@ -23,14 +23,6 @@ BN_ASM= bn_asm.o | |||
| 23 | 23 | ||
| 24 | CFLAGS= $(INCLUDES) $(CFLAG) | 24 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 25 | 25 | ||
| 26 | # We let the C compiler driver to take care of .s files. This is done in | ||
| 27 | # order to be excused from maintaining a separate set of architecture | ||
| 28 | # dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC | ||
| 29 | # gcc, then the driver will automatically translate it to -xarch=v8plus | ||
| 30 | # and pass it down to assembler. | ||
| 31 | AS=$(CC) -c | ||
| 32 | ASFLAGS=$(CFLAGS) | ||
| 33 | |||
| 34 | GENERAL=Makefile | 26 | GENERAL=Makefile |
| 35 | TEST=bntest.c exptest.c | 27 | TEST=bntest.c exptest.c |
| 36 | APPS= | 28 | APPS= |
| @@ -73,22 +65,11 @@ lib: $(LIBOBJ) | |||
| 73 | @touch lib | 65 | @touch lib |
| 74 | 66 | ||
| 75 | # elf | 67 | # elf |
| 76 | asm/bn86-elf.o: asm/bn86unix.cpp | 68 | asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl |
| 77 | $(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o | 69 | (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s) |
| 78 | |||
| 79 | asm/co86-elf.o: asm/co86unix.cpp | ||
| 80 | $(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o | ||
| 81 | 70 | ||
| 82 | # solaris | 71 | asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl |
| 83 | asm/bn86-sol.o: asm/bn86unix.cpp | 72 | (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s) |
| 84 | $(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s | ||
| 85 | as -o asm/bn86-sol.o asm/bn86-sol.s | ||
| 86 | rm -f asm/bn86-sol.s | ||
| 87 | |||
| 88 | asm/co86-sol.o: asm/co86unix.cpp | ||
| 89 | $(CC) -E -DSOL asm/co86unix.cpp | sed 's/^#.*//' > asm/co86-sol.s | ||
| 90 | as -o asm/co86-sol.o asm/co86-sol.s | ||
| 91 | rm -f asm/co86-sol.s | ||
| 92 | 73 | ||
| 93 | # a.out | 74 | # a.out |
| 94 | asm/bn86-out.o: asm/bn86unix.cpp | 75 | asm/bn86-out.o: asm/bn86unix.cpp |
| @@ -136,6 +117,8 @@ asm/ia64-cpp.o: asm/ia64.S | |||
| 136 | $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ | 117 | $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \ |
| 137 | rm -f /tmp/ia64.$$$$.s | 118 | rm -f /tmp/ia64.$$$$.s |
| 138 | 119 | ||
| 120 | asm/x86_64-gcc.o: asm/x86_64-gcc.c | ||
| 121 | |||
| 139 | files: | 122 | files: |
| 140 | $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO | 123 | $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO |
| 141 | 124 | ||
| @@ -169,14 +152,14 @@ lint: | |||
| 169 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 152 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 170 | 153 | ||
| 171 | depend: | 154 | depend: |
| 172 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 155 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 173 | 156 | ||
| 174 | dclean: | 157 | dclean: |
| 175 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 158 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 176 | mv -f Makefile.new $(MAKEFILE) | 159 | mv -f Makefile.new $(MAKEFILE) |
| 177 | 160 | ||
| 178 | clean: | 161 | clean: |
| 179 | rm -f asm/co86unix.cpp asm/bn86unix.cpp *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s | 162 | rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s |
| 180 | 163 | ||
| 181 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 164 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 182 | 165 | ||
diff --git a/src/lib/libssl/src/crypto/bn/asm/ia64.S b/src/lib/libssl/src/crypto/bn/asm/ia64.S index ae56066310..7dfda85566 100644 --- a/src/lib/libssl/src/crypto/bn/asm/ia64.S +++ b/src/lib/libssl/src/crypto/bn/asm/ia64.S | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | .explicit | 1 | .explicit |
| 2 | .text | 2 | .text |
| 3 | .ident "ia64.S, Version 1.1" | 3 | .ident "ia64.S, Version 2.0" |
| 4 | .ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>" | 4 | .ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>" |
| 5 | 5 | ||
| 6 | // | 6 | // |
| @@ -13,6 +13,35 @@ | |||
| 13 | // disclaimed. | 13 | // disclaimed. |
| 14 | // ==================================================================== | 14 | // ==================================================================== |
| 15 | // | 15 | // |
| 16 | // Version 2.x is Itanium2 re-tune. Few words about how Itanum2 is | ||
| 17 | // different from Itanium to this module viewpoint. Most notably, is it | ||
| 18 | // "wider" than Itanium? Can you experience loop scalability as | ||
| 19 | // discussed in commentary sections? Not really:-( Itanium2 has 6 | ||
| 20 | // integer ALU ports, i.e. it's 2 ports wider, but it's not enough to | ||
| 21 | // spin twice as fast, as I need 8 IALU ports. Amount of floating point | ||
| 22 | // ports is the same, i.e. 2, while I need 4. In other words, to this | ||
| 23 | // module Itanium2 remains effectively as "wide" as Itanium. Yet it's | ||
| 24 | // essentially different in respect to this module, and a re-tune was | ||
| 25 | // required. Well, because some intruction latencies has changed. Most | ||
| 26 | // noticeably those intensively used: | ||
| 27 | // | ||
| 28 | // Itanium Itanium2 | ||
| 29 | // ldf8 9 6 L2 hit | ||
| 30 | // ld8 2 1 L1 hit | ||
| 31 | // getf 2 5 | ||
| 32 | // xma[->getf] 7[+1] 4[+0] | ||
| 33 | // add[->st8] 1[+1] 1[+0] | ||
| 34 | // | ||
| 35 | // What does it mean? You might ratiocinate that the original code | ||
| 36 | // should run just faster... Because sum of latencies is smaller... | ||
| 37 | // Wrong! Note that getf latency increased. This means that if a loop is | ||
| 38 | // scheduled for lower latency (and they are), then it will suffer from | ||
| 39 | // stall condition and the code will therefore turn anti-scalable, e.g. | ||
| 40 | // original bn_mul_words spun at 5*n or 2.5 times slower than expected | ||
| 41 | // on Itanium2! What to do? Reschedule loops for Itanium2? But then | ||
| 42 | // Itanium would exhibit anti-scalability. So I've chosen to reschedule | ||
| 43 | // for worst latency for every instruction aiming for best *all-round* | ||
| 44 | // performance. | ||
| 16 | 45 | ||
| 17 | // Q. How much faster does it get? | 46 | // Q. How much faster does it get? |
| 18 | // A. Here is the output from 'openssl speed rsa dsa' for vanilla | 47 | // A. Here is the output from 'openssl speed rsa dsa' for vanilla |
| @@ -149,12 +178,27 @@ bn_add_words: | |||
| 149 | brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 | 178 | brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16 |
| 150 | } | 179 | } |
| 151 | .body | 180 | .body |
| 152 | { .mib; mov r14=r32 // rp | 181 | { .mib; |
| 182 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 183 | addp4 r14=0,r32 // rp | ||
| 184 | #else | ||
| 185 | mov r14=r32 // rp | ||
| 186 | #endif | ||
| 153 | mov r9=pr };; | 187 | mov r9=pr };; |
| 154 | { .mii; mov r15=r33 // ap | 188 | { .mii; |
| 189 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 190 | addp4 r15=0,r33 // ap | ||
| 191 | #else | ||
| 192 | mov r15=r33 // ap | ||
| 193 | #endif | ||
| 155 | mov ar.lc=r10 | 194 | mov ar.lc=r10 |
| 156 | mov ar.ec=6 } | 195 | mov ar.ec=6 } |
| 157 | { .mib; mov r16=r34 // bp | 196 | { .mib; |
| 197 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 198 | addp4 r16=0,r34 // bp | ||
| 199 | #else | ||
| 200 | mov r16=r34 // bp | ||
| 201 | #endif | ||
| 158 | mov pr.rot=1<<16 };; | 202 | mov pr.rot=1<<16 };; |
| 159 | 203 | ||
| 160 | .L_bn_add_words_ctop: | 204 | .L_bn_add_words_ctop: |
| @@ -174,7 +218,7 @@ bn_add_words: | |||
| 174 | 218 | ||
| 175 | { .mii; | 219 | { .mii; |
| 176 | (p59) add r8=1,r8 // return value | 220 | (p59) add r8=1,r8 // return value |
| 177 | mov pr=r9,-1 | 221 | mov pr=r9,0x1ffff |
| 178 | mov ar.lc=r3 } | 222 | mov ar.lc=r3 } |
| 179 | { .mbb; nop.b 0x0 | 223 | { .mbb; nop.b 0x0 |
| 180 | br.ret.sptk.many b0 };; | 224 | br.ret.sptk.many b0 };; |
| @@ -202,12 +246,27 @@ bn_sub_words: | |||
| 202 | brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 | 246 | brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16 |
| 203 | } | 247 | } |
| 204 | .body | 248 | .body |
| 205 | { .mib; mov r14=r32 // rp | 249 | { .mib; |
| 250 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 251 | addp4 r14=0,r32 // rp | ||
| 252 | #else | ||
| 253 | mov r14=r32 // rp | ||
| 254 | #endif | ||
| 206 | mov r9=pr };; | 255 | mov r9=pr };; |
| 207 | { .mii; mov r15=r33 // ap | 256 | { .mii; |
| 257 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 258 | addp4 r15=0,r33 // ap | ||
| 259 | #else | ||
| 260 | mov r15=r33 // ap | ||
| 261 | #endif | ||
| 208 | mov ar.lc=r10 | 262 | mov ar.lc=r10 |
| 209 | mov ar.ec=6 } | 263 | mov ar.ec=6 } |
| 210 | { .mib; mov r16=r34 // bp | 264 | { .mib; |
| 265 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 266 | addp4 r16=0,r34 // bp | ||
| 267 | #else | ||
| 268 | mov r16=r34 // bp | ||
| 269 | #endif | ||
| 211 | mov pr.rot=1<<16 };; | 270 | mov pr.rot=1<<16 };; |
| 212 | 271 | ||
| 213 | .L_bn_sub_words_ctop: | 272 | .L_bn_sub_words_ctop: |
| @@ -227,7 +286,7 @@ bn_sub_words: | |||
| 227 | 286 | ||
| 228 | { .mii; | 287 | { .mii; |
| 229 | (p59) add r8=1,r8 // return value | 288 | (p59) add r8=1,r8 // return value |
| 230 | mov pr=r9,-1 | 289 | mov pr=r9,0x1ffff |
| 231 | mov ar.lc=r3 } | 290 | mov ar.lc=r3 } |
| 232 | { .mbb; nop.b 0x0 | 291 | { .mbb; nop.b 0x0 |
| 233 | br.ret.sptk.many b0 };; | 292 | br.ret.sptk.many b0 };; |
| @@ -253,7 +312,7 @@ bn_mul_words: | |||
| 253 | #ifdef XMA_TEMPTATION | 312 | #ifdef XMA_TEMPTATION |
| 254 | { .mfi; alloc r2=ar.pfs,4,0,0,0 };; | 313 | { .mfi; alloc r2=ar.pfs,4,0,0,0 };; |
| 255 | #else | 314 | #else |
| 256 | { .mfi; alloc r2=ar.pfs,4,4,0,8 };; | 315 | { .mfi; alloc r2=ar.pfs,4,12,0,16 };; |
| 257 | #endif | 316 | #endif |
| 258 | { .mib; mov r8=r0 // return value | 317 | { .mib; mov r8=r0 // return value |
| 259 | cmp4.le p6,p0=r34,r0 | 318 | cmp4.le p6,p0=r34,r0 |
| @@ -266,24 +325,30 @@ bn_mul_words: | |||
| 266 | 325 | ||
| 267 | .body | 326 | .body |
| 268 | { .mib; setf.sig f8=r35 // w | 327 | { .mib; setf.sig f8=r35 // w |
| 269 | mov pr.rot=0x400001<<16 | 328 | mov pr.rot=0x800001<<16 |
| 270 | // ------^----- serves as (p48) at first (p26) | 329 | // ------^----- serves as (p50) at first (p27) |
| 271 | brp.loop.imp .L_bn_mul_words_ctop,.L_bn_mul_words_cend-16 | 330 | brp.loop.imp .L_bn_mul_words_ctop,.L_bn_mul_words_cend-16 |
| 272 | } | 331 | } |
| 273 | 332 | ||
| 274 | #ifndef XMA_TEMPTATION | 333 | #ifndef XMA_TEMPTATION |
| 275 | 334 | ||
| 276 | { .mii; mov r14=r32 // rp | 335 | { .mii; |
| 277 | mov r15=r33 // ap | 336 | #if defined(_HPUX_SOURCE) && defined(_ILP32) |
| 337 | addp4 r14=0,r32 // rp | ||
| 338 | addp4 r15=0,r33 // ap | ||
| 339 | #else | ||
| 340 | mov r14=r32 // rp | ||
| 341 | mov r15=r33 // ap | ||
| 342 | #endif | ||
| 278 | mov ar.lc=r10 } | 343 | mov ar.lc=r10 } |
| 279 | { .mii; mov r39=0 // serves as r33 at first (p26) | 344 | { .mii; mov r40=0 // serves as r35 at first (p27) |
| 280 | mov ar.ec=12 };; | 345 | mov ar.ec=13 };; |
| 281 | 346 | ||
| 282 | // This loop spins in 2*(n+11) ticks. It's scheduled for data in L2 | 347 | // This loop spins in 2*(n+12) ticks. It's scheduled for data in Itanium |
| 283 | // cache (i.e. 9 ticks away) as floating point load/store instructions | 348 | // L2 cache (i.e. 9 ticks away) as floating point load/store instructions |
| 284 | // bypass L1 cache and L2 latency is actually best-case scenario for | 349 | // bypass L1 cache and L2 latency is actually best-case scenario for |
| 285 | // ldf8. The loop is not scalable and shall run in 2*(n+11) even on | 350 | // ldf8. The loop is not scalable and shall run in 2*(n+12) even on |
| 286 | // "wider" IA-64 implementations. It's a trade-off here. n+22 loop | 351 | // "wider" IA-64 implementations. It's a trade-off here. n+24 loop |
| 287 | // would give us ~5% in *overall* performance improvement on "wider" | 352 | // would give us ~5% in *overall* performance improvement on "wider" |
| 288 | // IA-64, but would hurt Itanium for about same because of longer | 353 | // IA-64, but would hurt Itanium for about same because of longer |
| 289 | // epilogue. As it's a matter of few percents in either case I've | 354 | // epilogue. As it's a matter of few percents in either case I've |
| @@ -291,25 +356,25 @@ bn_mul_words: | |||
| 291 | // this very instruction sequence in bn_mul_add_words loop which in | 356 | // this very instruction sequence in bn_mul_add_words loop which in |
| 292 | // turn is scalable). | 357 | // turn is scalable). |
| 293 | .L_bn_mul_words_ctop: | 358 | .L_bn_mul_words_ctop: |
| 294 | { .mfi; (p25) getf.sig r36=f49 // low | 359 | { .mfi; (p25) getf.sig r36=f52 // low |
| 295 | (p21) xmpy.lu f45=f37,f8 | 360 | (p21) xmpy.lu f48=f37,f8 |
| 296 | (p27) cmp.ltu p52,p48=r39,r38 } | 361 | (p28) cmp.ltu p54,p50=r41,r39 } |
| 297 | { .mfi; (p16) ldf8 f32=[r15],8 | 362 | { .mfi; (p16) ldf8 f32=[r15],8 |
| 298 | (p21) xmpy.hu f38=f37,f8 | 363 | (p21) xmpy.hu f40=f37,f8 |
| 299 | (p0) nop.i 0x0 };; | 364 | (p0) nop.i 0x0 };; |
| 300 | { .mii; (p26) getf.sig r32=f43 // high | 365 | { .mii; (p25) getf.sig r32=f44 // high |
| 301 | .pred.rel "mutex",p48,p52 | 366 | .pred.rel "mutex",p50,p54 |
| 302 | (p48) add r38=r37,r33 // (p26) | 367 | (p50) add r40=r38,r35 // (p27) |
| 303 | (p52) add r38=r37,r33,1 } // (p26) | 368 | (p54) add r40=r38,r35,1 } // (p27) |
| 304 | { .mfb; (p27) st8 [r14]=r39,8 | 369 | { .mfb; (p28) st8 [r14]=r41,8 |
| 305 | (p0) nop.f 0x0 | 370 | (p0) nop.f 0x0 |
| 306 | br.ctop.sptk .L_bn_mul_words_ctop };; | 371 | br.ctop.sptk .L_bn_mul_words_ctop };; |
| 307 | .L_bn_mul_words_cend: | 372 | .L_bn_mul_words_cend: |
| 308 | 373 | ||
| 309 | { .mii; nop.m 0x0 | 374 | { .mii; nop.m 0x0 |
| 310 | .pred.rel "mutex",p49,p53 | 375 | .pred.rel "mutex",p51,p55 |
| 311 | (p49) add r8=r34,r0 | 376 | (p51) add r8=r36,r0 |
| 312 | (p53) add r8=r34,r0,1 } | 377 | (p55) add r8=r36,r0,1 } |
| 313 | { .mfb; nop.m 0x0 | 378 | { .mfb; nop.m 0x0 |
| 314 | nop.f 0x0 | 379 | nop.f 0x0 |
| 315 | nop.b 0x0 } | 380 | nop.b 0x0 } |
| @@ -344,7 +409,7 @@ bn_mul_words: | |||
| 344 | #endif // XMA_TEMPTATION | 409 | #endif // XMA_TEMPTATION |
| 345 | 410 | ||
| 346 | { .mii; nop.m 0x0 | 411 | { .mii; nop.m 0x0 |
| 347 | mov pr=r9,-1 | 412 | mov pr=r9,0x1ffff |
| 348 | mov ar.lc=r3 } | 413 | mov ar.lc=r3 } |
| 349 | { .mfb; rum 1<<5 // clear um.mfh | 414 | { .mfb; rum 1<<5 // clear um.mfh |
| 350 | nop.f 0x0 | 415 | nop.f 0x0 |
| @@ -376,59 +441,69 @@ bn_mul_add_words: | |||
| 376 | 441 | ||
| 377 | .body | 442 | .body |
| 378 | { .mib; setf.sig f8=r35 // w | 443 | { .mib; setf.sig f8=r35 // w |
| 379 | mov pr.rot=0x400001<<16 | 444 | mov pr.rot=0x800001<<16 |
| 380 | // ------^----- serves as (p48) at first (p26) | 445 | // ------^----- serves as (p50) at first (p27) |
| 381 | brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 | 446 | brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16 |
| 382 | } | 447 | } |
| 383 | { .mii; mov r14=r32 // rp | 448 | { .mii; |
| 384 | mov r15=r33 // ap | 449 | #if defined(_HPUX_SOURCE) && defined(_ILP32) |
| 450 | addp4 r14=0,r32 // rp | ||
| 451 | addp4 r15=0,r33 // ap | ||
| 452 | #else | ||
| 453 | mov r14=r32 // rp | ||
| 454 | mov r15=r33 // ap | ||
| 455 | #endif | ||
| 385 | mov ar.lc=r10 } | 456 | mov ar.lc=r10 } |
| 386 | { .mii; mov r39=0 // serves as r33 at first (p26) | 457 | { .mii; mov r40=0 // serves as r35 at first (p27) |
| 387 | mov r18=r32 // rp copy | 458 | #if defined(_HPUX_SOURCE) && defined(_ILP32) |
| 388 | mov ar.ec=14 };; | 459 | addp4 r18=0,r32 // rp copy |
| 460 | #else | ||
| 461 | mov r18=r32 // rp copy | ||
| 462 | #endif | ||
| 463 | mov ar.ec=15 };; | ||
| 389 | 464 | ||
| 390 | // This loop spins in 3*(n+13) ticks on Itanium and should spin in | 465 | // This loop spins in 3*(n+14) ticks on Itanium and should spin in |
| 391 | // 2*(n+13) on "wider" IA-64 implementations (to be verified with new | 466 | // 2*(n+14) on "wider" IA-64 implementations (to be verified with new |
| 392 | // µ-architecture manuals as they become available). As usual it's | 467 | // µ-architecture manuals as they become available). As usual it's |
| 393 | // possible to compress the epilogue, down to 10 in this case, at the | 468 | // possible to compress the epilogue, down to 10 in this case, at the |
| 394 | // cost of scalability. Compressed (and therefore non-scalable) loop | 469 | // cost of scalability. Compressed (and therefore non-scalable) loop |
| 395 | // running at 3*(n+10) would buy you ~10% on Itanium but take ~35% | 470 | // running at 3*(n+11) would buy you ~10% on Itanium but take ~35% |
| 396 | // from "wider" IA-64 so let it be scalable! Special attention was | 471 | // from "wider" IA-64 so let it be scalable! Special attention was |
| 397 | // paid for having the loop body split at 64-byte boundary. ld8 is | 472 | // paid for having the loop body split at 64-byte boundary. ld8 is |
| 398 | // scheduled for L1 cache as the data is more than likely there. | 473 | // scheduled for L1 cache as the data is more than likely there. |
| 399 | // Indeed, bn_mul_words has put it there a moment ago:-) | 474 | // Indeed, bn_mul_words has put it there a moment ago:-) |
| 400 | .L_bn_mul_add_words_ctop: | 475 | .L_bn_mul_add_words_ctop: |
| 401 | { .mfi; (p25) getf.sig r36=f49 // low | 476 | { .mfi; (p25) getf.sig r36=f52 // low |
| 402 | (p21) xmpy.lu f45=f37,f8 | 477 | (p21) xmpy.lu f48=f37,f8 |
| 403 | (p27) cmp.ltu p52,p48=r39,r38 } | 478 | (p28) cmp.ltu p54,p50=r41,r39 } |
| 404 | { .mfi; (p16) ldf8 f32=[r15],8 | 479 | { .mfi; (p16) ldf8 f32=[r15],8 |
| 405 | (p21) xmpy.hu f38=f37,f8 | 480 | (p21) xmpy.hu f40=f37,f8 |
| 406 | (p27) add r43=r43,r39 };; | 481 | (p28) add r45=r45,r41 };; |
| 407 | { .mii; (p26) getf.sig r32=f43 // high | 482 | { .mii; (p25) getf.sig r32=f44 // high |
| 408 | .pred.rel "mutex",p48,p52 | 483 | .pred.rel "mutex",p50,p54 |
| 409 | (p48) add r38=r37,r33 // (p26) | 484 | (p50) add r40=r38,r35 // (p27) |
| 410 | (p52) add r38=r37,r33,1 } // (p26) | 485 | (p54) add r40=r38,r35,1 } // (p27) |
| 411 | { .mfb; (p27) cmp.ltu.unc p56,p0=r43,r39 | 486 | { .mfb; (p28) cmp.ltu.unc p60,p0=r45,r41 |
| 412 | (p0) nop.f 0x0 | 487 | (p0) nop.f 0x0 |
| 413 | (p0) nop.b 0x0 } | 488 | (p0) nop.b 0x0 } |
| 414 | { .mii; (p26) ld8 r42=[r18],8 | 489 | { .mii; (p27) ld8 r44=[r18],8 |
| 415 | (p58) cmp.eq.or p57,p0=-1,r44 | 490 | (p62) cmp.eq.or p61,p0=-1,r46 |
| 416 | (p58) add r44=1,r44 } | 491 | (p62) add r46=1,r46 } |
| 417 | { .mfb; (p29) st8 [r14]=r45,8 | 492 | { .mfb; (p30) st8 [r14]=r47,8 |
| 418 | (p0) nop.f 0x0 | 493 | (p0) nop.f 0x0 |
| 419 | br.ctop.sptk .L_bn_mul_add_words_ctop};; | 494 | br.ctop.sptk .L_bn_mul_add_words_ctop};; |
| 420 | .L_bn_mul_add_words_cend: | 495 | .L_bn_mul_add_words_cend: |
| 421 | 496 | ||
| 422 | { .mii; nop.m 0x0 | 497 | { .mii; nop.m 0x0 |
| 423 | .pred.rel "mutex",p51,p55 | 498 | .pred.rel "mutex",p53,p57 |
| 424 | (p51) add r8=r36,r0 | 499 | (p53) add r8=r38,r0 |
| 425 | (p55) add r8=r36,r0,1 } | 500 | (p57) add r8=r38,r0,1 } |
| 426 | { .mfb; nop.m 0x0 | 501 | { .mfb; nop.m 0x0 |
| 427 | nop.f 0x0 | 502 | nop.f 0x0 |
| 428 | nop.b 0x0 };; | 503 | nop.b 0x0 };; |
| 429 | { .mii; | 504 | { .mii; |
| 430 | (p59) add r8=1,r8 | 505 | (p63) add r8=1,r8 |
| 431 | mov pr=r9,-1 | 506 | mov pr=r9,0x1ffff |
| 432 | mov ar.lc=r3 } | 507 | mov ar.lc=r3 } |
| 433 | { .mfb; rum 1<<5 // clear um.mfh | 508 | { .mfb; rum 1<<5 // clear um.mfh |
| 434 | nop.f 0x0 | 509 | nop.f 0x0 |
| @@ -461,6 +536,10 @@ bn_sqr_words: | |||
| 461 | mov r9=pr };; | 536 | mov r9=pr };; |
| 462 | 537 | ||
| 463 | .body | 538 | .body |
| 539 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 540 | { .mii; addp4 r32=0,r32 | ||
| 541 | addp4 r33=0,r33 };; | ||
| 542 | #endif | ||
| 464 | { .mib; | 543 | { .mib; |
| 465 | mov pr.rot=1<<16 | 544 | mov pr.rot=1<<16 |
| 466 | brp.loop.imp .L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16 | 545 | brp.loop.imp .L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16 |
| @@ -492,7 +571,7 @@ bn_sqr_words: | |||
| 492 | .L_bn_sqr_words_cend: | 571 | .L_bn_sqr_words_cend: |
| 493 | 572 | ||
| 494 | { .mii; nop.m 0x0 | 573 | { .mii; nop.m 0x0 |
| 495 | mov pr=r9,-1 | 574 | mov pr=r9,0x1ffff |
| 496 | mov ar.lc=r3 } | 575 | mov ar.lc=r3 } |
| 497 | { .mfb; rum 1<<5 // clear um.mfh | 576 | { .mfb; rum 1<<5 // clear um.mfh |
| 498 | nop.f 0x0 | 577 | nop.f 0x0 |
| @@ -526,7 +605,14 @@ bn_sqr_comba8: | |||
| 526 | .prologue | 605 | .prologue |
| 527 | .fframe 0 | 606 | .fframe 0 |
| 528 | .save ar.pfs,r2 | 607 | .save ar.pfs,r2 |
| 608 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 529 | { .mii; alloc r2=ar.pfs,2,1,0,0 | 609 | { .mii; alloc r2=ar.pfs,2,1,0,0 |
| 610 | addp4 r33=0,r33 | ||
| 611 | addp4 r32=0,r32 };; | ||
| 612 | { .mii; | ||
| 613 | #else | ||
| 614 | { .mii; alloc r2=ar.pfs,2,1,0,0 | ||
| 615 | #endif | ||
| 530 | mov r34=r33 | 616 | mov r34=r33 |
| 531 | add r14=8,r33 };; | 617 | add r14=8,r33 };; |
| 532 | .body | 618 | .body |
| @@ -587,7 +673,14 @@ bn_mul_comba8: | |||
| 587 | .prologue | 673 | .prologue |
| 588 | .fframe 0 | 674 | .fframe 0 |
| 589 | .save ar.pfs,r2 | 675 | .save ar.pfs,r2 |
| 676 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 590 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 677 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| 678 | addp4 r33=0,r33 | ||
| 679 | addp4 r34=0,r34 };; | ||
| 680 | { .mii; addp4 r32=0,r32 | ||
| 681 | #else | ||
| 682 | { .mii; alloc r2=ar.pfs,3,0,0,0 | ||
| 683 | #endif | ||
| 591 | add r14=8,r33 | 684 | add r14=8,r33 |
| 592 | add r17=8,r34 } | 685 | add r17=8,r34 } |
| 593 | .body | 686 | .body |
| @@ -1138,7 +1231,14 @@ bn_sqr_comba4: | |||
| 1138 | .prologue | 1231 | .prologue |
| 1139 | .fframe 0 | 1232 | .fframe 0 |
| 1140 | .save ar.pfs,r2 | 1233 | .save ar.pfs,r2 |
| 1234 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 1235 | { .mii; alloc r2=ar.pfs,2,1,0,0 | ||
| 1236 | addp4 r32=0,r32 | ||
| 1237 | addp4 r33=0,r33 };; | ||
| 1238 | { .mii; | ||
| 1239 | #else | ||
| 1141 | { .mii; alloc r2=ar.pfs,2,1,0,0 | 1240 | { .mii; alloc r2=ar.pfs,2,1,0,0 |
| 1241 | #endif | ||
| 1142 | mov r34=r33 | 1242 | mov r34=r33 |
| 1143 | add r14=8,r33 };; | 1243 | add r14=8,r33 };; |
| 1144 | .body | 1244 | .body |
| @@ -1164,7 +1264,14 @@ bn_mul_comba4: | |||
| 1164 | .prologue | 1264 | .prologue |
| 1165 | .fframe 0 | 1265 | .fframe 0 |
| 1166 | .save ar.pfs,r2 | 1266 | .save ar.pfs,r2 |
| 1267 | #if defined(_HPUX_SOURCE) && defined(_ILP32) | ||
| 1268 | { .mii; alloc r2=ar.pfs,3,0,0,0 | ||
| 1269 | addp4 r33=0,r33 | ||
| 1270 | addp4 r34=0,r34 };; | ||
| 1271 | { .mii; addp4 r32=0,r32 | ||
| 1272 | #else | ||
| 1167 | { .mii; alloc r2=ar.pfs,3,0,0,0 | 1273 | { .mii; alloc r2=ar.pfs,3,0,0,0 |
| 1274 | #endif | ||
| 1168 | add r14=8,r33 | 1275 | add r14=8,r33 |
| 1169 | add r17=8,r34 } | 1276 | add r17=8,r34 } |
| 1170 | .body | 1277 | .body |
| @@ -1464,7 +1571,7 @@ bn_div_words: | |||
| 1464 | or r8=r8,r33 | 1571 | or r8=r8,r33 |
| 1465 | mov ar.pfs=r2 };; | 1572 | mov ar.pfs=r2 };; |
| 1466 | { .mii; shr.u r9=H,I // remainder if anybody wants it | 1573 | { .mii; shr.u r9=H,I // remainder if anybody wants it |
| 1467 | mov pr=r10,-1 } | 1574 | mov pr=r10,0x1ffff } |
| 1468 | { .mfb; br.ret.sptk.many b0 };; | 1575 | { .mfb; br.ret.sptk.many b0 };; |
| 1469 | 1576 | ||
| 1470 | // Unsigned 64 by 32 (well, by 64 for the moment) bit integer division | 1577 | // Unsigned 64 by 32 (well, by 64 for the moment) bit integer division |
diff --git a/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s b/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s index af9730d062..f3b16290eb 100644 --- a/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s +++ b/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s | |||
| @@ -747,8 +747,8 @@ bn_div_words | |||
| 747 | .PROC | 747 | .PROC |
| 748 | .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN | 748 | .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN |
| 749 | .IMPORT BN_num_bits_word,CODE | 749 | .IMPORT BN_num_bits_word,CODE |
| 750 | .IMPORT __iob,DATA | 750 | ;--- not PIC .IMPORT __iob,DATA |
| 751 | .IMPORT fprintf,CODE | 751 | ;--- not PIC .IMPORT fprintf,CODE |
| 752 | .IMPORT abort,CODE | 752 | .IMPORT abort,CODE |
| 753 | .IMPORT $$div2U,MILLICODE | 753 | .IMPORT $$div2U,MILLICODE |
| 754 | .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE | 754 | .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE |
| @@ -844,12 +844,12 @@ $0006001A | |||
| 844 | MOVIB,TR 2,%r8,$0006001C ;offset 0xa18 | 844 | MOVIB,TR 2,%r8,$0006001C ;offset 0xa18 |
| 845 | EXTRD,U %r3,63,32,%r7 ;offset 0xa1c | 845 | EXTRD,U %r3,63,32,%r7 ;offset 0xa1c |
| 846 | $D2 | 846 | $D2 |
| 847 | ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20 | 847 | ;--- not PIC ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20 |
| 848 | LDIL LR'C$7,%r21 ;offset 0xa24 | 848 | ;--- not PIC LDIL LR'C$7,%r21 ;offset 0xa24 |
| 849 | LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28 | 849 | ;--- not PIC LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28 |
| 850 | .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28; | 850 | ;--- not PIC .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28; |
| 851 | B,L fprintf,%r2 ;offset 0xa2c | 851 | ;--- not PIC B,L fprintf,%r2 ;offset 0xa2c |
| 852 | LDO RR'C$7(%r21),%r25 ;offset 0xa30 | 852 | ;--- not PIC LDO RR'C$7(%r21),%r25 ;offset 0xa30 |
| 853 | .CALL ; | 853 | .CALL ; |
| 854 | B,L abort,%r2 ;offset 0xa34 | 854 | B,L abort,%r2 ;offset 0xa34 |
| 855 | NOP ;offset 0xa38 | 855 | NOP ;offset 0xa38 |
| @@ -1605,14 +1605,14 @@ bn_mul_comba4 | |||
| 1605 | .PROCEND | 1605 | .PROCEND |
| 1606 | 1606 | ||
| 1607 | 1607 | ||
| 1608 | .SPACE $TEXT$ | 1608 | ;--- not PIC .SPACE $TEXT$ |
| 1609 | .SUBSPA $CODE$ | 1609 | ;--- not PIC .SUBSPA $CODE$ |
| 1610 | .SPACE $PRIVATE$,SORT=16 | 1610 | ;--- not PIC .SPACE $PRIVATE$,SORT=16 |
| 1611 | .IMPORT $global$,DATA | 1611 | ;--- not PIC .IMPORT $global$,DATA |
| 1612 | .SPACE $TEXT$ | 1612 | ;--- not PIC .SPACE $TEXT$ |
| 1613 | .SUBSPA $CODE$ | 1613 | ;--- not PIC .SUBSPA $CODE$ |
| 1614 | .SUBSPA $LIT$,ACCESS=0x2c | 1614 | ;--- not PIC .SUBSPA $LIT$,ACCESS=0x2c |
| 1615 | C$7 | 1615 | ;--- not PIC C$7 |
| 1616 | .ALIGN 8 | 1616 | ;--- not PIC .ALIGN 8 |
| 1617 | .STRINGZ "Division would overflow (%d)\n" | 1617 | ;--- not PIC .STRINGZ "Division would overflow (%d)\n" |
| 1618 | .END | 1618 | .END |
diff --git a/src/lib/libssl/src/crypto/bn/asm/vms.mar b/src/lib/libssl/src/crypto/bn/asm/vms.mar index 465f2774b6..aefab15cdb 100644 --- a/src/lib/libssl/src/crypto/bn/asm/vms.mar +++ b/src/lib/libssl/src/crypto/bn/asm/vms.mar | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .title vax_bn_mul_add_word unsigned multiply & add, 32*32+32+32=>64 | 1 | .title vax_bn_mul_add_words unsigned multiply & add, 32*32+32+32=>64 |
| 2 | ; | 2 | ; |
| 3 | ; w.j.m. 15-jan-1999 | 3 | ; w.j.m. 15-jan-1999 |
| 4 | ; | 4 | ; |
| @@ -59,7 +59,7 @@ w=16 ;(AP) w by value (input) | |||
| 59 | movl r6,r0 ; return c | 59 | movl r6,r0 ; return c |
| 60 | ret | 60 | ret |
| 61 | 61 | ||
| 62 | .title vax_bn_mul_word unsigned multiply & add, 32*32+32=>64 | 62 | .title vax_bn_mul_words unsigned multiply & add, 32*32+32=>64 |
| 63 | ; | 63 | ; |
| 64 | ; w.j.m. 15-jan-1999 | 64 | ; w.j.m. 15-jan-1999 |
| 65 | ; | 65 | ; |
| @@ -172,147 +172,175 @@ n=12 ;(AP) n by value (input) | |||
| 172 | ; } | 172 | ; } |
| 173 | ; | 173 | ; |
| 174 | ; Using EDIV would be very easy, if it didn't do signed calculations. | 174 | ; Using EDIV would be very easy, if it didn't do signed calculations. |
| 175 | ; Therefore, som extra things have to happen around it. The way to | 175 | ; Any time any of the input numbers are signed, there are problems, |
| 176 | ; handle that is to shift all operands right one step (basically dividing | 176 | ; usually with integer overflow, at which point it returns useless |
| 177 | ; them by 2) and handle the different cases depending on what the lowest | 177 | ; data (the quotient gets the value of l, and the remainder becomes 0). |
| 178 | ; bit of each operand was. | ||
| 179 | ; | 178 | ; |
| 180 | ; To start with, let's define the following: | 179 | ; If it was just for the dividend, it would be very easy, just divide |
| 180 | ; it by 2 (unsigned), do the division, multiply the resulting quotient | ||
| 181 | ; and remainder by 2, add the bit that was dropped when dividing by 2 | ||
| 182 | ; to the remainder, and do some adjustment so the remainder doesn't | ||
| 183 | ; end up larger than the divisor. For some cases when the divisor is | ||
| 184 | ; negative (from EDIV's point of view, i.e. when the highest bit is set), | ||
| 185 | ; dividing the dividend by 2 isn't enough, and since some operations | ||
| 186 | ; might generate integer overflows even when the dividend is divided by | ||
| 187 | ; 4 (when the high part of the shifted down dividend ends up being exactly | ||
| 188 | ; half of the divisor, the result is the quotient 0x80000000, which is | ||
| 189 | ; negative...) it needs to be divided by 8. Furthermore, the divisor needs | ||
| 190 | ; to be divided by 2 (unsigned) as well, to avoid more problems with the sign. | ||
| 191 | ; In this case, a little extra fiddling with the remainder is required. | ||
| 181 | ; | 192 | ; |
| 182 | ; a' = l & 1 | 193 | ; So, the simplest way to handle this is always to divide the dividend |
| 183 | ; a2 = <h,l> >> 1 # UNSIGNED shift! | 194 | ; by 8, and to divide the divisor by 2 if it's highest bit is set. |
| 184 | ; b' = d & 1 | 195 | ; After EDIV has been used, the quotient gets multiplied by 8 if the |
| 185 | ; b2 = d >> 1 # UNSIGNED shift! | 196 | ; original divisor was positive, otherwise 4. The remainder, oddly |
| 197 | ; enough, is *always* multiplied by 8. | ||
| 198 | ; NOTE: in the case mentioned above, where the high part of the shifted | ||
| 199 | ; down dividend ends up being exactly half the shifted down divisor, we | ||
| 200 | ; end up with a 33 bit quotient. That's no problem however, it usually | ||
| 201 | ; means we have ended up with a too large remainder as well, and the | ||
| 202 | ; problem is fixed by the last part of the algorithm (next paragraph). | ||
| 186 | ; | 203 | ; |
| 187 | ; Now, use EDIV to calculate a quotient and a remainder: | 204 | ; The routine ends with comparing the resulting remainder with the |
| 205 | ; original divisor and if the remainder is larger, subtract the | ||
| 206 | ; original divisor from it, and increase the quotient by 1. This is | ||
| 207 | ; done until the remainder is smaller than the divisor. | ||
| 188 | ; | 208 | ; |
| 189 | ; q'' = a2/b2 | 209 | ; The complete algorithm looks like this: |
| 190 | ; r'' = a2 - q''*b2 | ||
| 191 | ; | 210 | ; |
| 192 | ; If b' is 0, the quotient is already correct, we just need to adjust the | 211 | ; d' = d |
| 193 | ; remainder: | 212 | ; l' = l & 7 |
| 213 | ; [h,l] = [h,l] >> 3 | ||
| 214 | ; [q,r] = floor([h,l] / d) # This is the EDIV operation | ||
| 215 | ; if (q < 0) q = -q # I doubt this is necessary any more | ||
| 194 | ; | 216 | ; |
| 195 | ; if (b' == 0) | 217 | ; r' = r >> 29 |
| 196 | ; { | 218 | ; if (d' >= 0) |
| 197 | ; r = 2*r'' + a' | 219 | ; q' = q >> 29 |
| 198 | ; q = q'' | 220 | ; q = q << 3 |
| 199 | ; } | 221 | ; else |
| 200 | ; | 222 | ; q' = q >> 30 |
| 201 | ; If b' is 1, we need to do other adjustements. The first thought is the | 223 | ; q = q << 2 |
| 202 | ; following (note that r' will not always have the right value, but an | 224 | ; r = (r << 3) + l' |
| 203 | ; adjustement follows further down): | ||
| 204 | ; | ||
| 205 | ; if (b' == 1) | ||
| 206 | ; { | ||
| 207 | ; q' = q'' | ||
| 208 | ; r' = a - q'*b | ||
| 209 | ; | ||
| 210 | ; However, one can note the folowing relationship: | ||
| 211 | ; | ||
| 212 | ; r'' = a2 - q''*b2 | ||
| 213 | ; => 2*r'' = 2*a2 - 2*q''*b2 | ||
| 214 | ; = { a = 2*a2 + a', b = 2*b2 + b' = 2*b2 + 1, | ||
| 215 | ; q' = q'' } | ||
| 216 | ; = a - a' - q'*(b - 1) | ||
| 217 | ; = a - q'*b - a' + q' | ||
| 218 | ; = r' - a' + q' | ||
| 219 | ; => r' = 2*r'' - q' + a' | ||
| 220 | ; | 225 | ; |
| 221 | ; This enables us to use r'' instead of discarding and calculating another | 226 | ; if (d' < 0) |
| 222 | ; modulo: | ||
| 223 | ; | ||
| 224 | ; if (b' == 1) | ||
| 225 | ; { | 227 | ; { |
| 226 | ; q' = q'' | 228 | ; [r',r] = [r',r] - q |
| 227 | ; r' = (r'' << 1) - q' + a' | 229 | ; while ([r',r] < 0) |
| 228 | ; | ||
| 229 | ; Now, all we have to do is adjust r', because it might be < 0: | ||
| 230 | ; | ||
| 231 | ; while (r' < 0) | ||
| 232 | ; { | 230 | ; { |
| 233 | ; r' = r' + b | 231 | ; [r',r] = [r',r] + d |
| 234 | ; q' = q' - 1 | 232 | ; [q',q] = [q',q] - 1 |
| 235 | ; } | 233 | ; } |
| 236 | ; } | 234 | ; } |
| 237 | ; | 235 | ; |
| 238 | ; return q' | 236 | ; while ([r',r] >= d') |
| 237 | ; { | ||
| 238 | ; [r',r] = [r',r] - d' | ||
| 239 | ; [q',q] = [q',q] + 1 | ||
| 240 | ; } | ||
| 241 | ; | ||
| 242 | ; return q | ||
| 239 | 243 | ||
| 240 | h=4 ;(AP) h by value (input) | 244 | h=4 ;(AP) h by value (input) |
| 241 | l=8 ;(AP) l by value (input) | 245 | l=8 ;(AP) l by value (input) |
| 242 | d=12 ;(AP) d by value (input) | 246 | d=12 ;(AP) d by value (input) |
| 243 | 247 | ||
| 244 | ;aprim=r5 | 248 | ;r2 = l, q |
| 245 | ;a2=r6 | 249 | ;r3 = h, r |
| 246 | ;a20=r6 | 250 | ;r4 = d |
| 247 | ;a21=r7 | 251 | ;r5 = l' |
| 248 | ;bprim=r8 | 252 | ;r6 = r' |
| 249 | ;b2=r9 | 253 | ;r7 = d' |
| 250 | ;qprim=r10 ; initially used as q'' | 254 | ;r8 = q' |
| 251 | ;rprim=r11 ; initially used as r'' | ||
| 252 | |||
| 253 | 255 | ||
| 254 | .psect code,nowrt | 256 | .psect code,nowrt |
| 255 | 257 | ||
| 256 | .entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11> | 258 | .entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8> |
| 257 | movl l(ap),r2 | 259 | movl l(ap),r2 |
| 258 | movl h(ap),r3 | 260 | movl h(ap),r3 |
| 259 | movl d(ap),r4 | 261 | movl d(ap),r4 |
| 260 | 262 | ||
| 261 | movl #0,r5 | 263 | bicl3 #^XFFFFFFF8,r2,r5 ; l' = l & 7 |
| 262 | movl #0,r8 | 264 | bicl3 #^X00000007,r2,r2 |
| 263 | movl #0,r0 | ||
| 264 | ; movl #0,r1 | ||
| 265 | 265 | ||
| 266 | rotl #-1,r2,r6 ; a20 = l >> 1 (almost) | 266 | bicl3 #^XFFFFFFF8,r3,r6 |
| 267 | rotl #-1,r3,r7 ; a21 = h >> 1 (almost) | 267 | bicl3 #^X00000007,r3,r3 |
| 268 | rotl #-1,r4,r9 ; b2 = d >> 1 (almost) | 268 | |
| 269 | addl r6,r2 | ||
| 269 | 270 | ||
| 270 | tstl r6 | 271 | rotl #-3,r2,r2 ; l = l >> 3 |
| 271 | bgeq 1$ | 272 | rotl #-3,r3,r3 ; h = h >> 3 |
| 272 | xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 0 | 273 | |
| 273 | incl r5 ; a' = 1 | 274 | movl r4,r7 ; d' = d |
| 274 | 1$: | 275 | |
| 275 | tstl r7 | 276 | movl #0,r6 ; r' = 0 |
| 276 | bgeq 2$ | 277 | movl #0,r8 ; q' = 0 |
| 277 | xorl2 #^X80000000,r6 ; fixup a20 so highest bit is 1, | 278 | |
| 278 | ; since that's what was lowest in a21 | 279 | tstl r4 |
| 279 | xorl2 #^X80000000,r7 ; fixup a21 so highest bit is 1 | ||
| 280 | 2$: | ||
| 281 | tstl r9 | ||
| 282 | beql 666$ ; Uh-oh, the divisor is 0... | 280 | beql 666$ ; Uh-oh, the divisor is 0... |
| 283 | bgtr 3$ | 281 | bgtr 1$ |
| 284 | xorl2 #^X80000000,r9 ; fixup b2 so highest bit is 0 | 282 | rotl #-1,r4,r4 ; If d is negative, shift it right. |
| 285 | incl r8 ; b' = 1 | 283 | bicl2 #^X80000000,r4 ; Since d is then a large number, the |
| 286 | 3$: | 284 | ; lowest bit is insignificant |
| 287 | tstl r9 | 285 | ; (contradict that, and I'll fix the problem!) |
| 288 | bneq 4$ ; if b2 is 0, we know that b' is 1 | 286 | 1$: |
| 289 | tstl r3 | 287 | ediv r4,r2,r2,r3 ; Do the actual division |
| 290 | bneq 666$ ; if higher half isn't 0, we overflow | 288 | |
| 291 | movl r2,r10 ; otherwise, we have our result | 289 | tstl r2 |
| 292 | brb 42$ ; This is a success, really. | 290 | bgeq 3$ |
| 293 | 4$: | 291 | mnegl r2,r2 ; if q < 0, negate it |
| 294 | ediv r9,r6,r10,r11 | 292 | 3$: |
| 295 | 293 | tstl r7 | |
| 296 | tstl r8 | 294 | blss 4$ |
| 297 | bneq 5$ ; If b' != 0, go to the other part | 295 | rotl #3,r2,r2 ; q = q << 3 |
| 298 | ; addl3 r11,r11,r1 | 296 | bicl3 #^XFFFFFFF8,r2,r8 ; q' gets the high bits from q |
| 299 | ; addl2 r5,r1 | 297 | bicl3 #^X00000007,r2,r2 |
| 300 | brb 42$ | 298 | bsb 41$ |
| 301 | 5$: | 299 | 4$: ; else |
| 302 | ashl #1,r11,r11 | 300 | rotl #2,r2,r2 ; q = q << 2 |
| 303 | subl2 r10,r11 | 301 | bicl3 #^XFFFFFFFC,r2,r8 ; q' gets the high bits from q |
| 304 | addl2 r5,r11 | 302 | bicl3 #^X00000003,r2,r2 |
| 305 | bgeq 7$ | 303 | 41$: |
| 306 | 6$: | 304 | rotl #3,r3,r3 ; r = r << 3 |
| 307 | decl r10 | 305 | bicl3 #^XFFFFFFF8,r3,r6 ; r' gets the high bits from r |
| 308 | addl2 r4,r11 | 306 | bicl3 #^X00000007,r3,r3 |
| 309 | blss 6$ | 307 | addl r5,r3 ; r = r + l' |
| 310 | 7$: | 308 | |
| 311 | ; movl r11,r1 | 309 | tstl r7 |
| 310 | bgeq 5$ | ||
| 311 | bitl #1,r7 | ||
| 312 | beql 5$ ; if d' < 0 && d' & 1 | ||
| 313 | subl r2,r3 ; [r',r] = [r',r] - [q',q] | ||
| 314 | sbwc r8,r6 | ||
| 315 | 45$: | ||
| 316 | bgeq 5$ ; while r < 0 | ||
| 317 | decl r2 ; [q',q] = [q',q] - 1 | ||
| 318 | sbwc #0,r8 | ||
| 319 | addl r7,r3 ; [r',r] = [r',r] + d' | ||
| 320 | adwc #0,r6 | ||
| 321 | brb 45$ | ||
| 322 | |||
| 323 | ; The return points are placed in the middle to keep a short distance from | ||
| 324 | ; all the branch points | ||
| 312 | 42$: | 325 | 42$: |
| 313 | movl r10,r0 | 326 | ; movl r3,r1 |
| 327 | movl r2,r0 | ||
| 328 | ret | ||
| 314 | 666$: | 329 | 666$: |
| 330 | movl #^XFFFFFFFF,r0 | ||
| 315 | ret | 331 | ret |
| 332 | |||
| 333 | 5$: | ||
| 334 | tstl r6 | ||
| 335 | bneq 6$ | ||
| 336 | cmpl r3,r7 | ||
| 337 | blssu 42$ ; while [r',r] >= d' | ||
| 338 | 6$: | ||
| 339 | subl r7,r3 ; [r',r] = [r',r] - d' | ||
| 340 | sbwc #0,r6 | ||
| 341 | incl r2 ; [q',q] = [q',q] + 1 | ||
| 342 | adwc #0,r8 | ||
| 343 | brb 5$ | ||
| 316 | 344 | ||
| 317 | .title vax_bn_add_words unsigned add of two arrays | 345 | .title vax_bn_add_words unsigned add of two arrays |
| 318 | ; | 346 | ; |
diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h index b40682f831..3da6d8ced9 100644 --- a/src/lib/libssl/src/crypto/bn/bn.h +++ b/src/lib/libssl/src/crypto/bn/bn.h | |||
| @@ -248,6 +248,8 @@ typedef struct bn_blinding_st | |||
| 248 | BIGNUM *A; | 248 | BIGNUM *A; |
| 249 | BIGNUM *Ai; | 249 | BIGNUM *Ai; |
| 250 | BIGNUM *mod; /* just a reference */ | 250 | BIGNUM *mod; /* just a reference */ |
| 251 | unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; | ||
| 252 | * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ | ||
| 251 | } BN_BLINDING; | 253 | } BN_BLINDING; |
| 252 | 254 | ||
| 253 | /* Used for montgomery multiplication */ | 255 | /* Used for montgomery multiplication */ |
diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c index f9a095e3b3..580d1201bc 100644 --- a/src/lib/libssl/src/crypto/bn/bn_div.c +++ b/src/lib/libssl/src/crypto/bn/bn_div.c | |||
| @@ -150,6 +150,20 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, | |||
| 150 | q; \ | 150 | q; \ |
| 151 | }) | 151 | }) |
| 152 | # define REMAINDER_IS_ALREADY_CALCULATED | 152 | # define REMAINDER_IS_ALREADY_CALCULATED |
| 153 | # elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG) | ||
| 154 | /* | ||
| 155 | * Same story here, but it's 128-bit by 64-bit division. Wow! | ||
| 156 | * <appro@fy.chalmers.se> | ||
| 157 | */ | ||
| 158 | # define bn_div_words(n0,n1,d0) \ | ||
| 159 | ({ asm volatile ( \ | ||
| 160 | "divq %4" \ | ||
| 161 | : "=a"(q), "=d"(rem) \ | ||
| 162 | : "a"(n1), "d"(n0), "g"(d0) \ | ||
| 163 | : "cc"); \ | ||
| 164 | q; \ | ||
| 165 | }) | ||
| 166 | # define REMAINDER_IS_ALREADY_CALCULATED | ||
| 153 | # endif /* __<cpu> */ | 167 | # endif /* __<cpu> */ |
| 154 | # endif /* __GNUC__ */ | 168 | # endif /* __GNUC__ */ |
| 155 | #endif /* OPENSSL_NO_ASM */ | 169 | #endif /* OPENSSL_NO_ASM */ |
| @@ -268,6 +282,11 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 268 | q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0); | 282 | q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0); |
| 269 | #else | 283 | #else |
| 270 | q=bn_div_words(n0,n1,d0); | 284 | q=bn_div_words(n0,n1,d0); |
| 285 | #ifdef BN_DEBUG_LEVITTE | ||
| 286 | fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\ | ||
| 287 | X) -> 0x%08X\n", | ||
| 288 | n0, n1, d0, q); | ||
| 289 | #endif | ||
| 271 | #endif | 290 | #endif |
| 272 | 291 | ||
| 273 | #ifndef REMAINDER_IS_ALREADY_CALCULATED | 292 | #ifndef REMAINDER_IS_ALREADY_CALCULATED |
| @@ -292,11 +311,18 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 292 | BN_ULONG t2l,t2h,ql,qh; | 311 | BN_ULONG t2l,t2h,ql,qh; |
| 293 | 312 | ||
| 294 | q=bn_div_words(n0,n1,d0); | 313 | q=bn_div_words(n0,n1,d0); |
| 314 | #ifdef BN_DEBUG_LEVITTE | ||
| 315 | fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\ | ||
| 316 | X) -> 0x%08X\n", | ||
| 317 | n0, n1, d0, q); | ||
| 318 | #endif | ||
| 295 | #ifndef REMAINDER_IS_ALREADY_CALCULATED | 319 | #ifndef REMAINDER_IS_ALREADY_CALCULATED |
| 296 | rem=(n1-q*d0)&BN_MASK2; | 320 | rem=(n1-q*d0)&BN_MASK2; |
| 297 | #endif | 321 | #endif |
| 298 | 322 | ||
| 299 | #ifdef BN_UMULT_HIGH | 323 | #if defined(BN_UMULT_LOHI) |
| 324 | BN_UMULT_LOHI(t2l,t2h,d1,q); | ||
| 325 | #elif defined(BN_UMULT_HIGH) | ||
| 300 | t2l = d1 * q; | 326 | t2l = d1 * q; |
| 301 | t2h = BN_UMULT_HIGH(d1,q); | 327 | t2h = BN_UMULT_HIGH(d1,q); |
| 302 | #else | 328 | #else |
diff --git a/src/lib/libssl/src/crypto/bn/bn_lcl.h b/src/lib/libssl/src/crypto/bn/bn_lcl.h index 8a4dba375a..5614bc6164 100644 --- a/src/lib/libssl/src/crypto/bn/bn_lcl.h +++ b/src/lib/libssl/src/crypto/bn/bn_lcl.h | |||
| @@ -230,6 +230,21 @@ struct bignum_ctx | |||
| 230 | : "r"(a), "r"(b)); \ | 230 | : "r"(a), "r"(b)); \ |
| 231 | ret; }) | 231 | ret; }) |
| 232 | # endif /* compiler */ | 232 | # endif /* compiler */ |
| 233 | # elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG) | ||
| 234 | # if defined(__GNUC__) | ||
| 235 | # define BN_UMULT_HIGH(a,b) ({ \ | ||
| 236 | register BN_ULONG ret,discard; \ | ||
| 237 | asm ("mulq %3" \ | ||
| 238 | : "=a"(discard),"=d"(ret) \ | ||
| 239 | : "a"(a), "g"(b) \ | ||
| 240 | : "cc"); \ | ||
| 241 | ret; }) | ||
| 242 | # define BN_UMULT_LOHI(low,high,a,b) \ | ||
| 243 | asm ("mulq %3" \ | ||
| 244 | : "=a"(low),"=d"(high) \ | ||
| 245 | : "a"(a),"g"(b) \ | ||
| 246 | : "cc"); | ||
| 247 | # endif | ||
| 233 | # endif /* cpu */ | 248 | # endif /* cpu */ |
| 234 | #endif /* OPENSSL_NO_ASM */ | 249 | #endif /* OPENSSL_NO_ASM */ |
| 235 | 250 | ||
| @@ -337,7 +352,7 @@ struct bignum_ctx | |||
| 337 | 352 | ||
| 338 | #define LBITS(a) ((a)&BN_MASK2l) | 353 | #define LBITS(a) ((a)&BN_MASK2l) |
| 339 | #define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l) | 354 | #define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l) |
| 340 | #define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4) | 355 | #define L2HBITS(a) (((a)<<BN_BITS4)&BN_MASK2) |
| 341 | 356 | ||
| 342 | #define LLBITS(a) ((a)&BN_MASKl) | 357 | #define LLBITS(a) ((a)&BN_MASKl) |
| 343 | #define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl) | 358 | #define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl) |
| @@ -353,7 +368,7 @@ struct bignum_ctx | |||
| 353 | lt=(bl)*(lt); \ | 368 | lt=(bl)*(lt); \ |
| 354 | m1=(bl)*(ht); \ | 369 | m1=(bl)*(ht); \ |
| 355 | ht =(bh)*(ht); \ | 370 | ht =(bh)*(ht); \ |
| 356 | m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \ | 371 | m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \ |
| 357 | ht+=HBITS(m); \ | 372 | ht+=HBITS(m); \ |
| 358 | m1=L2HBITS(m); \ | 373 | m1=L2HBITS(m); \ |
| 359 | lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \ | 374 | lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \ |
| @@ -418,20 +433,19 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a); | |||
| 418 | int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); | 433 | int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n); |
| 419 | int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, | 434 | int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, |
| 420 | int cl, int dl); | 435 | int cl, int dl); |
| 436 | #if 0 | ||
| 437 | /* bn_mul.c rollback <appro> */ | ||
| 421 | void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, | 438 | void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, |
| 422 | int dna,int dnb,BN_ULONG *t); | 439 | int dna,int dnb,BN_ULONG *t); |
| 423 | void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, | 440 | void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, |
| 424 | int n,int tna,int tnb,BN_ULONG *t); | 441 | int n,int tna,int tnb,BN_ULONG *t); |
| 442 | #endif | ||
| 425 | void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); | 443 | void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t); |
| 426 | void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); | 444 | void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); |
| 427 | void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, | 445 | void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, |
| 428 | BN_ULONG *t); | 446 | BN_ULONG *t); |
| 429 | void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, | 447 | void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, |
| 430 | BN_ULONG *t); | 448 | BN_ULONG *t); |
| 431 | BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, | ||
| 432 | int cl, int dl); | ||
| 433 | BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, | ||
| 434 | int cl, int dl); | ||
| 435 | 449 | ||
| 436 | #ifdef __cplusplus | 450 | #ifdef __cplusplus |
| 437 | } | 451 | } |
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c index ce2ae78419..463463cfcb 100644 --- a/src/lib/libssl/src/crypto/bn/bn_lib.c +++ b/src/lib/libssl/src/crypto/bn/bn_lib.c | |||
| @@ -263,12 +263,12 @@ void BN_clear_free(BIGNUM *a) | |||
| 263 | if (a == NULL) return; | 263 | if (a == NULL) return; |
| 264 | if (a->d != NULL) | 264 | if (a->d != NULL) |
| 265 | { | 265 | { |
| 266 | memset(a->d,0,a->dmax*sizeof(a->d[0])); | 266 | OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); |
| 267 | if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) | 267 | if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) |
| 268 | OPENSSL_free(a->d); | 268 | OPENSSL_free(a->d); |
| 269 | } | 269 | } |
| 270 | i=BN_get_flags(a,BN_FLG_MALLOCED); | 270 | i=BN_get_flags(a,BN_FLG_MALLOCED); |
| 271 | memset(a,0,sizeof(BIGNUM)); | 271 | OPENSSL_cleanse(a,sizeof(BIGNUM)); |
| 272 | if (i) | 272 | if (i) |
| 273 | OPENSSL_free(a); | 273 | OPENSSL_free(a); |
| 274 | } | 274 | } |
diff --git a/src/lib/libssl/src/crypto/bn/bn_mul.c b/src/lib/libssl/src/crypto/bn/bn_mul.c index b03458d002..cb93ac3356 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mul.c +++ b/src/lib/libssl/src/crypto/bn/bn_mul.c | |||
| @@ -56,325 +56,10 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef BN_DEBUG | ||
| 60 | # undef NDEBUG /* avoid conflicting definitions */ | ||
| 61 | # define NDEBUG | ||
| 62 | #endif | ||
| 63 | |||
| 64 | #include <stdio.h> | 59 | #include <stdio.h> |
| 65 | #include <assert.h> | ||
| 66 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 67 | #include "bn_lcl.h" | 61 | #include "bn_lcl.h" |
| 68 | 62 | ||
| 69 | #if defined(OPENSSL_NO_ASM) || !(defined(__i386) || defined(__i386__)) || defined(__DJGPP__) /* Assembler implementation exists only for x86 */ | ||
| 70 | /* Here follows specialised variants of bn_add_words() and | ||
| 71 | bn_sub_words(). They have the property performing operations on | ||
| 72 | arrays of different sizes. The sizes of those arrays is expressed through | ||
| 73 | cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl, | ||
| 74 | which is the delta between the two lengths, calculated as len(a)-len(b). | ||
| 75 | All lengths are the number of BN_ULONGs... For the operations that require | ||
| 76 | a result array as parameter, it must have the length cl+abs(dl). | ||
| 77 | These functions should probably end up in bn_asm.c as soon as there are | ||
| 78 | assembler counterparts for the systems that use assembler files. */ | ||
| 79 | |||
| 80 | BN_ULONG bn_sub_part_words(BN_ULONG *r, | ||
| 81 | const BN_ULONG *a, const BN_ULONG *b, | ||
| 82 | int cl, int dl) | ||
| 83 | { | ||
| 84 | BN_ULONG c, t; | ||
| 85 | |||
| 86 | assert(cl >= 0); | ||
| 87 | c = bn_sub_words(r, a, b, cl); | ||
| 88 | |||
| 89 | if (dl == 0) | ||
| 90 | return c; | ||
| 91 | |||
| 92 | r += cl; | ||
| 93 | a += cl; | ||
| 94 | b += cl; | ||
| 95 | |||
| 96 | if (dl < 0) | ||
| 97 | { | ||
| 98 | #ifdef BN_COUNT | ||
| 99 | fprintf(stderr, " bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); | ||
| 100 | #endif | ||
| 101 | for (;;) | ||
| 102 | { | ||
| 103 | t = b[0]; | ||
| 104 | r[0] = (0-t-c)&BN_MASK2; | ||
| 105 | if (t != 0) c=1; | ||
| 106 | if (++dl >= 0) break; | ||
| 107 | |||
| 108 | t = b[1]; | ||
| 109 | r[1] = (0-t-c)&BN_MASK2; | ||
| 110 | if (t != 0) c=1; | ||
| 111 | if (++dl >= 0) break; | ||
| 112 | |||
| 113 | t = b[2]; | ||
| 114 | r[2] = (0-t-c)&BN_MASK2; | ||
| 115 | if (t != 0) c=1; | ||
| 116 | if (++dl >= 0) break; | ||
| 117 | |||
| 118 | t = b[3]; | ||
| 119 | r[3] = (0-t-c)&BN_MASK2; | ||
| 120 | if (t != 0) c=1; | ||
| 121 | if (++dl >= 0) break; | ||
| 122 | |||
| 123 | b += 4; | ||
| 124 | r += 4; | ||
| 125 | } | ||
| 126 | } | ||
| 127 | else | ||
| 128 | { | ||
| 129 | int save_dl = dl; | ||
| 130 | #ifdef BN_COUNT | ||
| 131 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl, dl, c); | ||
| 132 | #endif | ||
| 133 | while(c) | ||
| 134 | { | ||
| 135 | t = a[0]; | ||
| 136 | r[0] = (t-c)&BN_MASK2; | ||
| 137 | if (t != 0) c=0; | ||
| 138 | if (--dl <= 0) break; | ||
| 139 | |||
| 140 | t = a[1]; | ||
| 141 | r[1] = (t-c)&BN_MASK2; | ||
| 142 | if (t != 0) c=0; | ||
| 143 | if (--dl <= 0) break; | ||
| 144 | |||
| 145 | t = a[2]; | ||
| 146 | r[2] = (t-c)&BN_MASK2; | ||
| 147 | if (t != 0) c=0; | ||
| 148 | if (--dl <= 0) break; | ||
| 149 | |||
| 150 | t = a[3]; | ||
| 151 | r[3] = (t-c)&BN_MASK2; | ||
| 152 | if (t != 0) c=0; | ||
| 153 | if (--dl <= 0) break; | ||
| 154 | |||
| 155 | save_dl = dl; | ||
| 156 | a += 4; | ||
| 157 | r += 4; | ||
| 158 | } | ||
| 159 | if (dl > 0) | ||
| 160 | { | ||
| 161 | #ifdef BN_COUNT | ||
| 162 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); | ||
| 163 | #endif | ||
| 164 | if (save_dl > dl) | ||
| 165 | { | ||
| 166 | switch (save_dl - dl) | ||
| 167 | { | ||
| 168 | case 1: | ||
| 169 | r[1] = a[1]; | ||
| 170 | if (--dl <= 0) break; | ||
| 171 | case 2: | ||
| 172 | r[2] = a[2]; | ||
| 173 | if (--dl <= 0) break; | ||
| 174 | case 3: | ||
| 175 | r[3] = a[3]; | ||
| 176 | if (--dl <= 0) break; | ||
| 177 | } | ||
| 178 | a += 4; | ||
| 179 | r += 4; | ||
| 180 | } | ||
| 181 | } | ||
| 182 | if (dl > 0) | ||
| 183 | { | ||
| 184 | #ifdef BN_COUNT | ||
| 185 | fprintf(stderr, " bn_sub_part_words %d + %d (dl > 0, copy)\n", cl, dl); | ||
| 186 | #endif | ||
| 187 | for(;;) | ||
| 188 | { | ||
| 189 | r[0] = a[0]; | ||
| 190 | if (--dl <= 0) break; | ||
| 191 | r[1] = a[1]; | ||
| 192 | if (--dl <= 0) break; | ||
| 193 | r[2] = a[2]; | ||
| 194 | if (--dl <= 0) break; | ||
| 195 | r[3] = a[3]; | ||
| 196 | if (--dl <= 0) break; | ||
| 197 | |||
| 198 | a += 4; | ||
| 199 | r += 4; | ||
| 200 | } | ||
| 201 | } | ||
| 202 | } | ||
| 203 | return c; | ||
| 204 | } | ||
| 205 | #endif | ||
| 206 | |||
| 207 | BN_ULONG bn_add_part_words(BN_ULONG *r, | ||
| 208 | const BN_ULONG *a, const BN_ULONG *b, | ||
| 209 | int cl, int dl) | ||
| 210 | { | ||
| 211 | BN_ULONG c, l, t; | ||
| 212 | |||
| 213 | assert(cl >= 0); | ||
| 214 | c = bn_add_words(r, a, b, cl); | ||
| 215 | |||
| 216 | if (dl == 0) | ||
| 217 | return c; | ||
| 218 | |||
| 219 | r += cl; | ||
| 220 | a += cl; | ||
| 221 | b += cl; | ||
| 222 | |||
| 223 | if (dl < 0) | ||
| 224 | { | ||
| 225 | int save_dl = dl; | ||
| 226 | #ifdef BN_COUNT | ||
| 227 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl, dl, c); | ||
| 228 | #endif | ||
| 229 | while (c) | ||
| 230 | { | ||
| 231 | l=(c+b[0])&BN_MASK2; | ||
| 232 | c=(l < c); | ||
| 233 | r[0]=l; | ||
| 234 | if (++dl >= 0) break; | ||
| 235 | |||
| 236 | l=(c+b[1])&BN_MASK2; | ||
| 237 | c=(l < c); | ||
| 238 | r[1]=l; | ||
| 239 | if (++dl >= 0) break; | ||
| 240 | |||
| 241 | l=(c+b[2])&BN_MASK2; | ||
| 242 | c=(l < c); | ||
| 243 | r[2]=l; | ||
| 244 | if (++dl >= 0) break; | ||
| 245 | |||
| 246 | l=(c+b[3])&BN_MASK2; | ||
| 247 | c=(l < c); | ||
| 248 | r[3]=l; | ||
| 249 | if (++dl >= 0) break; | ||
| 250 | |||
| 251 | save_dl = dl; | ||
| 252 | b+=4; | ||
| 253 | r+=4; | ||
| 254 | } | ||
| 255 | if (dl < 0) | ||
| 256 | { | ||
| 257 | #ifdef BN_COUNT | ||
| 258 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, c == 0)\n", cl, dl); | ||
| 259 | #endif | ||
| 260 | if (save_dl < dl) | ||
| 261 | { | ||
| 262 | switch (dl - save_dl) | ||
| 263 | { | ||
| 264 | case 1: | ||
| 265 | r[1] = b[1]; | ||
| 266 | if (++dl >= 0) break; | ||
| 267 | case 2: | ||
| 268 | r[2] = b[2]; | ||
| 269 | if (++dl >= 0) break; | ||
| 270 | case 3: | ||
| 271 | r[3] = b[3]; | ||
| 272 | if (++dl >= 0) break; | ||
| 273 | } | ||
| 274 | b += 4; | ||
| 275 | r += 4; | ||
| 276 | } | ||
| 277 | } | ||
| 278 | if (dl < 0) | ||
| 279 | { | ||
| 280 | #ifdef BN_COUNT | ||
| 281 | fprintf(stderr, " bn_add_part_words %d + %d (dl < 0, copy)\n", cl, dl); | ||
| 282 | #endif | ||
| 283 | for(;;) | ||
| 284 | { | ||
| 285 | r[0] = b[0]; | ||
| 286 | if (++dl >= 0) break; | ||
| 287 | r[1] = b[1]; | ||
| 288 | if (++dl >= 0) break; | ||
| 289 | r[2] = b[2]; | ||
| 290 | if (++dl >= 0) break; | ||
| 291 | r[3] = b[3]; | ||
| 292 | if (++dl >= 0) break; | ||
| 293 | |||
| 294 | b += 4; | ||
| 295 | r += 4; | ||
| 296 | } | ||
| 297 | } | ||
| 298 | } | ||
| 299 | else | ||
| 300 | { | ||
| 301 | int save_dl = dl; | ||
| 302 | #ifdef BN_COUNT | ||
| 303 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0)\n", cl, dl); | ||
| 304 | #endif | ||
| 305 | while (c) | ||
| 306 | { | ||
| 307 | t=(a[0]+c)&BN_MASK2; | ||
| 308 | c=(t < c); | ||
| 309 | r[0]=t; | ||
| 310 | if (--dl <= 0) break; | ||
| 311 | |||
| 312 | t=(a[1]+c)&BN_MASK2; | ||
| 313 | c=(t < c); | ||
| 314 | r[1]=t; | ||
| 315 | if (--dl <= 0) break; | ||
| 316 | |||
| 317 | t=(a[2]+c)&BN_MASK2; | ||
| 318 | c=(t < c); | ||
| 319 | r[2]=t; | ||
| 320 | if (--dl <= 0) break; | ||
| 321 | |||
| 322 | t=(a[3]+c)&BN_MASK2; | ||
| 323 | c=(t < c); | ||
| 324 | r[3]=t; | ||
| 325 | if (--dl <= 0) break; | ||
| 326 | |||
| 327 | save_dl = dl; | ||
| 328 | a+=4; | ||
| 329 | r+=4; | ||
| 330 | } | ||
| 331 | #ifdef BN_COUNT | ||
| 332 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl); | ||
| 333 | #endif | ||
| 334 | if (dl > 0) | ||
| 335 | { | ||
| 336 | if (save_dl > dl) | ||
| 337 | { | ||
| 338 | switch (save_dl - dl) | ||
| 339 | { | ||
| 340 | case 1: | ||
| 341 | r[1] = a[1]; | ||
| 342 | if (--dl <= 0) break; | ||
| 343 | case 2: | ||
| 344 | r[2] = a[2]; | ||
| 345 | if (--dl <= 0) break; | ||
| 346 | case 3: | ||
| 347 | r[3] = a[3]; | ||
| 348 | if (--dl <= 0) break; | ||
| 349 | } | ||
| 350 | a += 4; | ||
| 351 | r += 4; | ||
| 352 | } | ||
| 353 | } | ||
| 354 | if (dl > 0) | ||
| 355 | { | ||
| 356 | #ifdef BN_COUNT | ||
| 357 | fprintf(stderr, " bn_add_part_words %d + %d (dl > 0, copy)\n", cl, dl); | ||
| 358 | #endif | ||
| 359 | for(;;) | ||
| 360 | { | ||
| 361 | r[0] = a[0]; | ||
| 362 | if (--dl <= 0) break; | ||
| 363 | r[1] = a[1]; | ||
| 364 | if (--dl <= 0) break; | ||
| 365 | r[2] = a[2]; | ||
| 366 | if (--dl <= 0) break; | ||
| 367 | r[3] = a[3]; | ||
| 368 | if (--dl <= 0) break; | ||
| 369 | |||
| 370 | a += 4; | ||
| 371 | r += 4; | ||
| 372 | } | ||
| 373 | } | ||
| 374 | } | ||
| 375 | return c; | ||
| 376 | } | ||
| 377 | |||
| 378 | #ifdef BN_RECURSION | 63 | #ifdef BN_RECURSION |
| 379 | /* Karatsuba recursive multiplication algorithm | 64 | /* Karatsuba recursive multiplication algorithm |
| 380 | * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ | 65 | * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ |
| @@ -390,15 +75,14 @@ BN_ULONG bn_add_part_words(BN_ULONG *r, | |||
| 390 | * a[1]*b[1] | 75 | * a[1]*b[1] |
| 391 | */ | 76 | */ |
| 392 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | 77 | void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, |
| 393 | int dna, int dnb, BN_ULONG *t) | 78 | BN_ULONG *t) |
| 394 | { | 79 | { |
| 395 | int n=n2/2,c1,c2; | 80 | int n=n2/2,c1,c2; |
| 396 | int tna=n+dna, tnb=n+dnb; | ||
| 397 | unsigned int neg,zero; | 81 | unsigned int neg,zero; |
| 398 | BN_ULONG ln,lo,*p; | 82 | BN_ULONG ln,lo,*p; |
| 399 | 83 | ||
| 400 | # ifdef BN_COUNT | 84 | # ifdef BN_COUNT |
| 401 | fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2); | 85 | printf(" bn_mul_recursive %d * %d\n",n2,n2); |
| 402 | # endif | 86 | # endif |
| 403 | # ifdef BN_MUL_COMBA | 87 | # ifdef BN_MUL_COMBA |
| 404 | # if 0 | 88 | # if 0 |
| @@ -408,40 +92,34 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 408 | return; | 92 | return; |
| 409 | } | 93 | } |
| 410 | # endif | 94 | # endif |
| 411 | /* Only call bn_mul_comba 8 if n2 == 8 and the | 95 | if (n2 == 8) |
| 412 | * two arrays are complete [steve] | ||
| 413 | */ | ||
| 414 | if (n2 == 8 && dna == 0 && dnb == 0) | ||
| 415 | { | 96 | { |
| 416 | bn_mul_comba8(r,a,b); | 97 | bn_mul_comba8(r,a,b); |
| 417 | return; | 98 | return; |
| 418 | } | 99 | } |
| 419 | # endif /* BN_MUL_COMBA */ | 100 | # endif /* BN_MUL_COMBA */ |
| 420 | /* Else do normal multiply */ | ||
| 421 | if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) | 101 | if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) |
| 422 | { | 102 | { |
| 423 | bn_mul_normal(r,a,n2+dna,b,n2+dnb); | 103 | /* This should not happen */ |
| 424 | if ((dna + dnb) < 0) | 104 | bn_mul_normal(r,a,n2,b,n2); |
| 425 | memset(&r[2*n2 + dna + dnb], 0, | ||
| 426 | sizeof(BN_ULONG) * -(dna + dnb)); | ||
| 427 | return; | 105 | return; |
| 428 | } | 106 | } |
| 429 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ | 107 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ |
| 430 | c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); | 108 | c1=bn_cmp_words(a,&(a[n]),n); |
| 431 | c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); | 109 | c2=bn_cmp_words(&(b[n]),b,n); |
| 432 | zero=neg=0; | 110 | zero=neg=0; |
| 433 | switch (c1*3+c2) | 111 | switch (c1*3+c2) |
| 434 | { | 112 | { |
| 435 | case -4: | 113 | case -4: |
| 436 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 114 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 437 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 115 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 438 | break; | 116 | break; |
| 439 | case -3: | 117 | case -3: |
| 440 | zero=1; | 118 | zero=1; |
| 441 | break; | 119 | break; |
| 442 | case -2: | 120 | case -2: |
| 443 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 121 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 444 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ | 122 | bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ |
| 445 | neg=1; | 123 | neg=1; |
| 446 | break; | 124 | break; |
| 447 | case -1: | 125 | case -1: |
| @@ -450,22 +128,21 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 450 | zero=1; | 128 | zero=1; |
| 451 | break; | 129 | break; |
| 452 | case 2: | 130 | case 2: |
| 453 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ | 131 | bn_sub_words(t, a, &(a[n]),n); /* + */ |
| 454 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 132 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 455 | neg=1; | 133 | neg=1; |
| 456 | break; | 134 | break; |
| 457 | case 3: | 135 | case 3: |
| 458 | zero=1; | 136 | zero=1; |
| 459 | break; | 137 | break; |
| 460 | case 4: | 138 | case 4: |
| 461 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); | 139 | bn_sub_words(t, a, &(a[n]),n); |
| 462 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); | 140 | bn_sub_words(&(t[n]),&(b[n]),b, n); |
| 463 | break; | 141 | break; |
| 464 | } | 142 | } |
| 465 | 143 | ||
| 466 | # ifdef BN_MUL_COMBA | 144 | # ifdef BN_MUL_COMBA |
| 467 | if (n == 4 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba4 could take | 145 | if (n == 4) |
| 468 | extra args to do this well */ | ||
| 469 | { | 146 | { |
| 470 | if (!zero) | 147 | if (!zero) |
| 471 | bn_mul_comba4(&(t[n2]),t,&(t[n])); | 148 | bn_mul_comba4(&(t[n2]),t,&(t[n])); |
| @@ -475,9 +152,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 475 | bn_mul_comba4(r,a,b); | 152 | bn_mul_comba4(r,a,b); |
| 476 | bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); | 153 | bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); |
| 477 | } | 154 | } |
| 478 | else if (n == 8 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba8 could | 155 | else if (n == 8) |
| 479 | take extra args to do this | ||
| 480 | well */ | ||
| 481 | { | 156 | { |
| 482 | if (!zero) | 157 | if (!zero) |
| 483 | bn_mul_comba8(&(t[n2]),t,&(t[n])); | 158 | bn_mul_comba8(&(t[n2]),t,&(t[n])); |
| @@ -492,11 +167,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 492 | { | 167 | { |
| 493 | p= &(t[n2*2]); | 168 | p= &(t[n2*2]); |
| 494 | if (!zero) | 169 | if (!zero) |
| 495 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); | 170 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); |
| 496 | else | 171 | else |
| 497 | memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); | 172 | memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); |
| 498 | bn_mul_recursive(r,a,b,n,0,0,p); | 173 | bn_mul_recursive(r,a,b,n,p); |
| 499 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p); | 174 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); |
| 500 | } | 175 | } |
| 501 | 176 | ||
| 502 | /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign | 177 | /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign |
| @@ -545,39 +220,39 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 545 | 220 | ||
| 546 | /* n+tn is the word length | 221 | /* n+tn is the word length |
| 547 | * t needs to be n*4 is size, as does r */ | 222 | * t needs to be n*4 is size, as does r */ |
| 548 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, | 223 | void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, |
| 549 | int tna, int tnb, BN_ULONG *t) | 224 | int n, BN_ULONG *t) |
| 550 | { | 225 | { |
| 551 | int i,j,n2=n*2; | 226 | int i,j,n2=n*2; |
| 552 | unsigned int c1,c2,neg,zero; | 227 | unsigned int c1,c2,neg,zero; |
| 553 | BN_ULONG ln,lo,*p; | 228 | BN_ULONG ln,lo,*p; |
| 554 | 229 | ||
| 555 | # ifdef BN_COUNT | 230 | # ifdef BN_COUNT |
| 556 | fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n", | 231 | printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); |
| 557 | tna, n, tnb, n); | ||
| 558 | # endif | 232 | # endif |
| 559 | if (n < 8) | 233 | if (n < 8) |
| 560 | { | 234 | { |
| 561 | bn_mul_normal(r,a,n+tna,b,n+tnb); | 235 | i=tn+n; |
| 236 | bn_mul_normal(r,a,i,b,i); | ||
| 562 | return; | 237 | return; |
| 563 | } | 238 | } |
| 564 | 239 | ||
| 565 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ | 240 | /* r=(a[0]-a[1])*(b[1]-b[0]) */ |
| 566 | c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); | 241 | c1=bn_cmp_words(a,&(a[n]),n); |
| 567 | c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); | 242 | c2=bn_cmp_words(&(b[n]),b,n); |
| 568 | zero=neg=0; | 243 | zero=neg=0; |
| 569 | switch (c1*3+c2) | 244 | switch (c1*3+c2) |
| 570 | { | 245 | { |
| 571 | case -4: | 246 | case -4: |
| 572 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 247 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 573 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 248 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 574 | break; | 249 | break; |
| 575 | case -3: | 250 | case -3: |
| 576 | zero=1; | 251 | zero=1; |
| 577 | /* break; */ | 252 | /* break; */ |
| 578 | case -2: | 253 | case -2: |
| 579 | bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ | 254 | bn_sub_words(t, &(a[n]),a, n); /* - */ |
| 580 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); /* + */ | 255 | bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ |
| 581 | neg=1; | 256 | neg=1; |
| 582 | break; | 257 | break; |
| 583 | case -1: | 258 | case -1: |
| @@ -586,16 +261,16 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, | |||
| 586 | zero=1; | 261 | zero=1; |
| 587 | /* break; */ | 262 | /* break; */ |
| 588 | case 2: | 263 | case 2: |
| 589 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ | 264 | bn_sub_words(t, a, &(a[n]),n); /* + */ |
| 590 | bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ | 265 | bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ |
| 591 | neg=1; | 266 | neg=1; |
| 592 | break; | 267 | break; |
| 593 | case 3: | 268 | case 3: |
| 594 | zero=1; | 269 | zero=1; |
| 595 | /* break; */ | 270 | /* break; */ |
| 596 | case 4: | 271 | case 4: |
| 597 | bn_sub_part_words(t, a, &(a[n]),tna,n-tna); | 272 | bn_sub_words(t, a, &(a[n]),n); |
| 598 | bn_sub_part_words(&(t[n]),&(b[n]),b, tnb,tnb-n); | 273 | bn_sub_words(&(t[n]),&(b[n]),b, n); |
| 599 | break; | 274 | break; |
| 600 | } | 275 | } |
| 601 | /* The zero case isn't yet implemented here. The speedup | 276 | /* The zero case isn't yet implemented here. The speedup |
| @@ -614,59 +289,54 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, | |||
| 614 | { | 289 | { |
| 615 | bn_mul_comba8(&(t[n2]),t,&(t[n])); | 290 | bn_mul_comba8(&(t[n2]),t,&(t[n])); |
| 616 | bn_mul_comba8(r,a,b); | 291 | bn_mul_comba8(r,a,b); |
| 617 | bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); | 292 | bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); |
| 618 | memset(&(r[n2+tna+tnb]),0,sizeof(BN_ULONG)*(n2-tna-tnb)); | 293 | memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); |
| 619 | } | 294 | } |
| 620 | else | 295 | else |
| 621 | { | 296 | { |
| 622 | p= &(t[n2*2]); | 297 | p= &(t[n2*2]); |
| 623 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,0,0,p); | 298 | bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); |
| 624 | bn_mul_recursive(r,a,b,n,0,0,p); | 299 | bn_mul_recursive(r,a,b,n,p); |
| 625 | i=n/2; | 300 | i=n/2; |
| 626 | /* If there is only a bottom half to the number, | 301 | /* If there is only a bottom half to the number, |
| 627 | * just do it */ | 302 | * just do it */ |
| 628 | if (tna > tnb) | 303 | j=tn-i; |
| 629 | j = tna - i; | ||
| 630 | else | ||
| 631 | j = tnb - i; | ||
| 632 | if (j == 0) | 304 | if (j == 0) |
| 633 | { | 305 | { |
| 634 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]), | 306 | bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); |
| 635 | i,tna-i,tnb-i,p); | ||
| 636 | memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); | 307 | memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); |
| 637 | } | 308 | } |
| 638 | else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ | 309 | else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ |
| 639 | { | 310 | { |
| 640 | bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), | 311 | bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), |
| 641 | i,tna-i,tnb-i,p); | 312 | j,i,p); |
| 642 | memset(&(r[n2+tna+tnb]),0, | 313 | memset(&(r[n2+tn*2]),0, |
| 643 | sizeof(BN_ULONG)*(n2-tna-tnb)); | 314 | sizeof(BN_ULONG)*(n2-tn*2)); |
| 644 | } | 315 | } |
| 645 | else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ | 316 | else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ |
| 646 | { | 317 | { |
| 647 | memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); | 318 | memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); |
| 648 | if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL | 319 | if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) |
| 649 | && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) | ||
| 650 | { | 320 | { |
| 651 | bn_mul_normal(&(r[n2]),&(a[n]),tna,&(b[n]),tnb); | 321 | bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); |
| 652 | } | 322 | } |
| 653 | else | 323 | else |
| 654 | { | 324 | { |
| 655 | for (;;) | 325 | for (;;) |
| 656 | { | 326 | { |
| 657 | i/=2; | 327 | i/=2; |
| 658 | if (i < tna && i < tnb) | 328 | if (i < tn) |
| 659 | { | 329 | { |
| 660 | bn_mul_part_recursive(&(r[n2]), | 330 | bn_mul_part_recursive(&(r[n2]), |
| 661 | &(a[n]),&(b[n]), | 331 | &(a[n]),&(b[n]), |
| 662 | i,tna-i,tnb-i,p); | 332 | tn-i,i,p); |
| 663 | break; | 333 | break; |
| 664 | } | 334 | } |
| 665 | else if (i <= tna && i <= tnb) | 335 | else if (i == tn) |
| 666 | { | 336 | { |
| 667 | bn_mul_recursive(&(r[n2]), | 337 | bn_mul_recursive(&(r[n2]), |
| 668 | &(a[n]),&(b[n]), | 338 | &(a[n]),&(b[n]), |
| 669 | i,tna-i,tnb-i,p); | 339 | i,p); |
| 670 | break; | 340 | break; |
| 671 | } | 341 | } |
| 672 | } | 342 | } |
| @@ -727,10 +397,10 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, | |||
| 727 | int n=n2/2; | 397 | int n=n2/2; |
| 728 | 398 | ||
| 729 | # ifdef BN_COUNT | 399 | # ifdef BN_COUNT |
| 730 | fprintf(stderr," bn_mul_low_recursive %d * %d\n",n2,n2); | 400 | printf(" bn_mul_low_recursive %d * %d\n",n2,n2); |
| 731 | # endif | 401 | # endif |
| 732 | 402 | ||
| 733 | bn_mul_recursive(r,a,b,n,0,0,&(t[0])); | 403 | bn_mul_recursive(r,a,b,n,&(t[0])); |
| 734 | if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) | 404 | if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) |
| 735 | { | 405 | { |
| 736 | bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); | 406 | bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); |
| @@ -761,7 +431,7 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 761 | BN_ULONG ll,lc,*lp,*mp; | 431 | BN_ULONG ll,lc,*lp,*mp; |
| 762 | 432 | ||
| 763 | # ifdef BN_COUNT | 433 | # ifdef BN_COUNT |
| 764 | fprintf(stderr," bn_mul_high %d * %d\n",n2,n2); | 434 | printf(" bn_mul_high %d * %d\n",n2,n2); |
| 765 | # endif | 435 | # endif |
| 766 | n=n2/2; | 436 | n=n2/2; |
| 767 | 437 | ||
| @@ -814,8 +484,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 814 | else | 484 | else |
| 815 | # endif | 485 | # endif |
| 816 | { | 486 | { |
| 817 | bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,0,0,&(t[n2])); | 487 | bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); |
| 818 | bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2])); | 488 | bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); |
| 819 | } | 489 | } |
| 820 | 490 | ||
| 821 | /* s0 == low(al*bl) | 491 | /* s0 == low(al*bl) |
| @@ -940,19 +610,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, | |||
| 940 | 610 | ||
| 941 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | 611 | int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) |
| 942 | { | 612 | { |
| 943 | int ret=0; | ||
| 944 | int top,al,bl; | 613 | int top,al,bl; |
| 945 | BIGNUM *rr; | 614 | BIGNUM *rr; |
| 615 | int ret = 0; | ||
| 946 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) | 616 | #if defined(BN_MUL_COMBA) || defined(BN_RECURSION) |
| 947 | int i; | 617 | int i; |
| 948 | #endif | 618 | #endif |
| 949 | #ifdef BN_RECURSION | 619 | #ifdef BN_RECURSION |
| 950 | BIGNUM *t=NULL; | 620 | BIGNUM *t; |
| 951 | int j=0,k; | 621 | int j,k; |
| 952 | #endif | 622 | #endif |
| 953 | 623 | ||
| 954 | #ifdef BN_COUNT | 624 | #ifdef BN_COUNT |
| 955 | fprintf(stderr,"BN_mul %d * %d\n",a->top,b->top); | 625 | printf("BN_mul %d * %d\n",a->top,b->top); |
| 956 | #endif | 626 | #endif |
| 957 | 627 | ||
| 958 | bn_check_top(a); | 628 | bn_check_top(a); |
| @@ -1005,55 +675,21 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 1005 | #ifdef BN_RECURSION | 675 | #ifdef BN_RECURSION |
| 1006 | if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) | 676 | if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) |
| 1007 | { | 677 | { |
| 1008 | if (i >= -1 && i <= 1) | 678 | if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA) && bl<b->dmax) |
| 1009 | { | 679 | { |
| 1010 | int sav_j =0; | 680 | #if 0 /* tribute to const-ification, bl<b->dmax above covers for this */ |
| 1011 | /* Find out the power of two lower or equal | 681 | if (bn_wexpand(b,al) == NULL) goto err; |
| 1012 | to the longest of the two numbers */ | 682 | #endif |
| 1013 | if (i >= 0) | 683 | b->d[bl]=0; |
| 1014 | { | ||
| 1015 | j = BN_num_bits_word((BN_ULONG)al); | ||
| 1016 | } | ||
| 1017 | if (i == -1) | ||
| 1018 | { | ||
| 1019 | j = BN_num_bits_word((BN_ULONG)bl); | ||
| 1020 | } | ||
| 1021 | sav_j = j; | ||
| 1022 | j = 1<<(j-1); | ||
| 1023 | assert(j <= al || j <= bl); | ||
| 1024 | k = j+j; | ||
| 1025 | t = BN_CTX_get(ctx); | ||
| 1026 | if (al > j || bl > j) | ||
| 1027 | { | ||
| 1028 | bn_wexpand(t,k*4); | ||
| 1029 | bn_wexpand(rr,k*4); | ||
| 1030 | bn_mul_part_recursive(rr->d,a->d,b->d, | ||
| 1031 | j,al-j,bl-j,t->d); | ||
| 1032 | } | ||
| 1033 | else /* al <= j || bl <= j */ | ||
| 1034 | { | ||
| 1035 | bn_wexpand(t,k*2); | ||
| 1036 | bn_wexpand(rr,k*2); | ||
| 1037 | bn_mul_recursive(rr->d,a->d,b->d, | ||
| 1038 | j,al-j,bl-j,t->d); | ||
| 1039 | } | ||
| 1040 | rr->top=top; | ||
| 1041 | goto end; | ||
| 1042 | } | ||
| 1043 | #if 0 | ||
| 1044 | if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) | ||
| 1045 | { | ||
| 1046 | BIGNUM *tmp_bn = (BIGNUM *)b; | ||
| 1047 | if (bn_wexpand(tmp_bn,al) == NULL) goto err; | ||
| 1048 | tmp_bn->d[bl]=0; | ||
| 1049 | bl++; | 684 | bl++; |
| 1050 | i--; | 685 | i--; |
| 1051 | } | 686 | } |
| 1052 | else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) | 687 | else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA) && al<a->dmax) |
| 1053 | { | 688 | { |
| 1054 | BIGNUM *tmp_bn = (BIGNUM *)a; | 689 | #if 0 /* tribute to const-ification, al<a->dmax above covers for this */ |
| 1055 | if (bn_wexpand(tmp_bn,bl) == NULL) goto err; | 690 | if (bn_wexpand(a,bl) == NULL) goto err; |
| 1056 | tmp_bn->d[al]=0; | 691 | #endif |
| 692 | a->d[al]=0; | ||
| 1057 | al++; | 693 | al++; |
| 1058 | i++; | 694 | i++; |
| 1059 | } | 695 | } |
| @@ -1070,17 +706,26 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) | |||
| 1070 | if (bn_wexpand(t,k*2) == NULL) goto err; | 706 | if (bn_wexpand(t,k*2) == NULL) goto err; |
| 1071 | if (bn_wexpand(rr,k*2) == NULL) goto err; | 707 | if (bn_wexpand(rr,k*2) == NULL) goto err; |
| 1072 | bn_mul_recursive(rr->d,a->d,b->d,al,t->d); | 708 | bn_mul_recursive(rr->d,a->d,b->d,al,t->d); |
| 709 | rr->top=top; | ||
| 710 | goto end; | ||
| 1073 | } | 711 | } |
| 712 | #if 0 /* tribute to const-ification, rsa/dsa performance is not affected */ | ||
| 1074 | else | 713 | else |
| 1075 | { | 714 | { |
| 1076 | if (bn_wexpand(t,k*4) == NULL) goto err; | 715 | if (bn_wexpand(a,k) == NULL ) goto err; |
| 1077 | if (bn_wexpand(rr,k*4) == NULL) goto err; | 716 | if (bn_wexpand(b,k) == NULL ) goto err; |
| 717 | if (bn_wexpand(t,k*4) == NULL ) goto err; | ||
| 718 | if (bn_wexpand(rr,k*4) == NULL ) goto err; | ||
| 719 | for (i=a->top; i<k; i++) | ||
| 720 | a->d[i]=0; | ||
| 721 | for (i=b->top; i<k; i++) | ||
| 722 | b->d[i]=0; | ||
| 1078 | bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); | 723 | bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); |
| 1079 | } | 724 | } |
| 1080 | rr->top=top; | 725 | rr->top=top; |
| 1081 | goto end; | 726 | goto end; |
| 1082 | } | ||
| 1083 | #endif | 727 | #endif |
| 728 | } | ||
| 1084 | } | 729 | } |
| 1085 | #endif /* BN_RECURSION */ | 730 | #endif /* BN_RECURSION */ |
| 1086 | if (bn_wexpand(rr,top) == NULL) goto err; | 731 | if (bn_wexpand(rr,top) == NULL) goto err; |
| @@ -1103,7 +748,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 1103 | BN_ULONG *rr; | 748 | BN_ULONG *rr; |
| 1104 | 749 | ||
| 1105 | #ifdef BN_COUNT | 750 | #ifdef BN_COUNT |
| 1106 | fprintf(stderr," bn_mul_normal %d * %d\n",na,nb); | 751 | printf(" bn_mul_normal %d * %d\n",na,nb); |
| 1107 | #endif | 752 | #endif |
| 1108 | 753 | ||
| 1109 | if (na < nb) | 754 | if (na < nb) |
| @@ -1116,13 +761,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 1116 | 761 | ||
| 1117 | } | 762 | } |
| 1118 | rr= &(r[na]); | 763 | rr= &(r[na]); |
| 1119 | if (nb <= 0) | 764 | rr[0]=bn_mul_words(r,a,na,b[0]); |
| 1120 | { | ||
| 1121 | (void)bn_mul_words(r,a,na,0); | ||
| 1122 | return; | ||
| 1123 | } | ||
| 1124 | else | ||
| 1125 | rr[0]=bn_mul_words(r,a,na,b[0]); | ||
| 1126 | 765 | ||
| 1127 | for (;;) | 766 | for (;;) |
| 1128 | { | 767 | { |
| @@ -1143,7 +782,7 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) | |||
| 1143 | void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) | 782 | void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) |
| 1144 | { | 783 | { |
| 1145 | #ifdef BN_COUNT | 784 | #ifdef BN_COUNT |
| 1146 | fprintf(stderr," bn_mul_low_normal %d * %d\n",n,n); | 785 | printf(" bn_mul_low_normal %d * %d\n",n,n); |
| 1147 | #endif | 786 | #endif |
| 1148 | bn_mul_words(r,a,n,b[0]); | 787 | bn_mul_words(r,a,n,b[0]); |
| 1149 | 788 | ||
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c index 918b9237c6..e072d9255c 100644 --- a/src/lib/libssl/src/crypto/bn/bn_prime.c +++ b/src/lib/libssl/src/crypto/bn/bn_prime.c | |||
| @@ -140,6 +140,7 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, | |||
| 140 | BN_CTX *ctx; | 140 | BN_CTX *ctx; |
| 141 | int checks = BN_prime_checks_for_size(bits); | 141 | int checks = BN_prime_checks_for_size(bits); |
| 142 | 142 | ||
| 143 | BN_init(&t); | ||
| 143 | ctx=BN_CTX_new(); | 144 | ctx=BN_CTX_new(); |
| 144 | if (ctx == NULL) goto err; | 145 | if (ctx == NULL) goto err; |
| 145 | if (ret == NULL) | 146 | if (ret == NULL) |
| @@ -148,7 +149,6 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, | |||
| 148 | } | 149 | } |
| 149 | else | 150 | else |
| 150 | rnd=ret; | 151 | rnd=ret; |
| 151 | BN_init(&t); | ||
| 152 | loop: | 152 | loop: |
| 153 | /* make a random number and set the top and bottom bits */ | 153 | /* make a random number and set the top and bottom bits */ |
| 154 | if (add == NULL) | 154 | if (add == NULL) |
diff --git a/src/lib/libssl/src/crypto/bn/bn_rand.c b/src/lib/libssl/src/crypto/bn/bn_rand.c index 9e08ccd22e..893c9d2af9 100644 --- a/src/lib/libssl/src/crypto/bn/bn_rand.c +++ b/src/lib/libssl/src/crypto/bn/bn_rand.c | |||
| @@ -201,7 +201,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) | |||
| 201 | err: | 201 | err: |
| 202 | if (buf != NULL) | 202 | if (buf != NULL) |
| 203 | { | 203 | { |
| 204 | memset(buf,0,bytes); | 204 | OPENSSL_cleanse(buf,bytes); |
| 205 | OPENSSL_free(buf); | 205 | OPENSSL_free(buf); |
| 206 | } | 206 | } |
| 207 | return(ret); | 207 | return(ret); |
diff --git a/src/lib/libssl/src/crypto/bn/bn_word.c b/src/lib/libssl/src/crypto/bn/bn_word.c index cd59baa2c4..988e0ca7b3 100644 --- a/src/lib/libssl/src/crypto/bn/bn_word.c +++ b/src/lib/libssl/src/crypto/bn/bn_word.c | |||
| @@ -123,7 +123,10 @@ int BN_add_word(BIGNUM *a, BN_ULONG w) | |||
| 123 | i=0; | 123 | i=0; |
| 124 | for (;;) | 124 | for (;;) |
| 125 | { | 125 | { |
| 126 | l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; | 126 | if (i >= a->top) |
| 127 | l=w; | ||
| 128 | else | ||
| 129 | l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; | ||
| 127 | a->d[i]=l; | 130 | a->d[i]=l; |
| 128 | if (w > l) | 131 | if (w > l) |
| 129 | w=1; | 132 | w=1; |
diff --git a/src/lib/libssl/src/crypto/bn/bntest.c b/src/lib/libssl/src/crypto/bn/bntest.c index 8158a67374..3c8c540387 100644 --- a/src/lib/libssl/src/crypto/bn/bntest.c +++ b/src/lib/libssl/src/crypto/bn/bntest.c | |||
| @@ -68,10 +68,6 @@ | |||
| 68 | #include <openssl/x509.h> | 68 | #include <openssl/x509.h> |
| 69 | #include <openssl/err.h> | 69 | #include <openssl/err.h> |
| 70 | 70 | ||
| 71 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 72 | #include "../bio/bss_file.c" | ||
| 73 | #endif | ||
| 74 | |||
| 75 | const int num0 = 100; /* number of tests */ | 71 | const int num0 = 100; /* number of tests */ |
| 76 | const int num1 = 50; /* additional tests for some functions */ | 72 | const int num1 = 50; /* additional tests for some functions */ |
| 77 | const int num2 = 5; /* number of tests for slow functions */ | 73 | const int num2 = 5; /* number of tests for slow functions */ |
| @@ -96,11 +92,6 @@ int test_sqrt(BIO *bp,BN_CTX *ctx); | |||
| 96 | int rand_neg(void); | 92 | int rand_neg(void); |
| 97 | static int results=0; | 93 | static int results=0; |
| 98 | 94 | ||
| 99 | #ifdef OPENSSL_NO_STDIO | ||
| 100 | #define APPS_WIN16 | ||
| 101 | #include "bss_file.c" | ||
| 102 | #endif | ||
| 103 | |||
| 104 | static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" | 95 | static unsigned char lst[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" |
| 105 | "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; | 96 | "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; |
| 106 | 97 | ||
| @@ -141,10 +132,10 @@ int main(int argc, char *argv[]) | |||
| 141 | 132 | ||
| 142 | 133 | ||
| 143 | ctx=BN_CTX_new(); | 134 | ctx=BN_CTX_new(); |
| 144 | if (ctx == NULL) exit(1); | 135 | if (ctx == NULL) EXIT(1); |
| 145 | 136 | ||
| 146 | out=BIO_new(BIO_s_file()); | 137 | out=BIO_new(BIO_s_file()); |
| 147 | if (out == NULL) exit(1); | 138 | if (out == NULL) EXIT(1); |
| 148 | if (outfile == NULL) | 139 | if (outfile == NULL) |
| 149 | { | 140 | { |
| 150 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 141 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| @@ -154,7 +145,7 @@ int main(int argc, char *argv[]) | |||
| 154 | if (!BIO_write_filename(out,outfile)) | 145 | if (!BIO_write_filename(out,outfile)) |
| 155 | { | 146 | { |
| 156 | perror(outfile); | 147 | perror(outfile); |
| 157 | exit(1); | 148 | EXIT(1); |
| 158 | } | 149 | } |
| 159 | } | 150 | } |
| 160 | 151 | ||
| @@ -238,14 +229,14 @@ int main(int argc, char *argv[]) | |||
| 238 | BIO_free(out); | 229 | BIO_free(out); |
| 239 | 230 | ||
| 240 | /**/ | 231 | /**/ |
| 241 | exit(0); | 232 | EXIT(0); |
| 242 | err: | 233 | err: |
| 243 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices | 234 | BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices |
| 244 | * the failure, see test_bn in test/Makefile.ssl*/ | 235 | * the failure, see test_bn in test/Makefile.ssl*/ |
| 245 | BIO_flush(out); | 236 | BIO_flush(out); |
| 246 | ERR_load_crypto_strings(); | 237 | ERR_load_crypto_strings(); |
| 247 | ERR_print_errors_fp(stderr); | 238 | ERR_print_errors_fp(stderr); |
| 248 | exit(1); | 239 | EXIT(1); |
| 249 | return(1); | 240 | return(1); |
| 250 | } | 241 | } |
| 251 | 242 | ||
| @@ -488,7 +479,7 @@ int test_mul(BIO *bp) | |||
| 488 | BN_CTX *ctx; | 479 | BN_CTX *ctx; |
| 489 | 480 | ||
| 490 | ctx = BN_CTX_new(); | 481 | ctx = BN_CTX_new(); |
| 491 | if (ctx == NULL) exit(1); | 482 | if (ctx == NULL) EXIT(1); |
| 492 | 483 | ||
| 493 | BN_init(&a); | 484 | BN_init(&a); |
| 494 | BN_init(&b); | 485 | BN_init(&b); |
| @@ -726,7 +717,7 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx) | |||
| 726 | while ((l=ERR_get_error())) | 717 | while ((l=ERR_get_error())) |
| 727 | fprintf(stderr,"ERROR:%s\n", | 718 | fprintf(stderr,"ERROR:%s\n", |
| 728 | ERR_error_string(l,NULL)); | 719 | ERR_error_string(l,NULL)); |
| 729 | exit(1); | 720 | EXIT(1); |
| 730 | } | 721 | } |
| 731 | if (bp != NULL) | 722 | if (bp != NULL) |
| 732 | { | 723 | { |
diff --git a/src/lib/libssl/src/crypto/bn/divtest.c b/src/lib/libssl/src/crypto/bn/divtest.c index 13ba86e3c4..d3fc688f33 100644 --- a/src/lib/libssl/src/crypto/bn/divtest.c +++ b/src/lib/libssl/src/crypto/bn/divtest.c | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | #include <openssl/bn.h> | 1 | #include <openssl/bn.h> |
| 2 | #include <openssl/rand.h> | 2 | #include <openssl/rand.h> |
| 3 | 3 | ||
| 4 | static int rand(n) | 4 | static int Rand(n) |
| 5 | { | 5 | { |
| 6 | unsigned char x[2]; | 6 | unsigned char x[2]; |
| 7 | RAND_pseudo_bytes(x,2); | 7 | RAND_pseudo_bytes(x,2); |
| @@ -26,8 +26,8 @@ main() | |||
| 26 | BN_CTX *ctx=BN_CTX_new(); | 26 | BN_CTX *ctx=BN_CTX_new(); |
| 27 | 27 | ||
| 28 | for(;;) { | 28 | for(;;) { |
| 29 | BN_pseudo_rand(a,rand(),0,0); | 29 | BN_pseudo_rand(a,Rand(),0,0); |
| 30 | BN_pseudo_rand(b,rand(),0,0); | 30 | BN_pseudo_rand(b,Rand(),0,0); |
| 31 | if (BN_is_zero(b)) continue; | 31 | if (BN_is_zero(b)) continue; |
| 32 | 32 | ||
| 33 | BN_RECP_CTX_set(recp,b,ctx); | 33 | BN_RECP_CTX_set(recp,b,ctx); |
diff --git a/src/lib/libssl/src/crypto/bn/exptest.c b/src/lib/libssl/src/crypto/bn/exptest.c index 5ca570d1a8..b09cf88705 100644 --- a/src/lib/libssl/src/crypto/bn/exptest.c +++ b/src/lib/libssl/src/crypto/bn/exptest.c | |||
| @@ -59,13 +59,13 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | |||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 62 | #include <openssl/bio.h> | 65 | #include <openssl/bio.h> |
| 63 | #include <openssl/bn.h> | 66 | #include <openssl/bn.h> |
| 64 | #include <openssl/rand.h> | 67 | #include <openssl/rand.h> |
| 65 | #include <openssl/err.h> | 68 | #include <openssl/err.h> |
| 66 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 67 | #include "../bio/bss_file.c" | ||
| 68 | #endif | ||
| 69 | 69 | ||
| 70 | #define NUM_BITS (BN_BITS*2) | 70 | #define NUM_BITS (BN_BITS*2) |
| 71 | 71 | ||
| @@ -86,7 +86,7 @@ int main(int argc, char *argv[]) | |||
| 86 | ERR_load_BN_strings(); | 86 | ERR_load_BN_strings(); |
| 87 | 87 | ||
| 88 | ctx=BN_CTX_new(); | 88 | ctx=BN_CTX_new(); |
| 89 | if (ctx == NULL) exit(1); | 89 | if (ctx == NULL) EXIT(1); |
| 90 | r_mont=BN_new(); | 90 | r_mont=BN_new(); |
| 91 | r_recp=BN_new(); | 91 | r_recp=BN_new(); |
| 92 | r_simple=BN_new(); | 92 | r_simple=BN_new(); |
| @@ -99,7 +99,7 @@ int main(int argc, char *argv[]) | |||
| 99 | 99 | ||
| 100 | out=BIO_new(BIO_s_file()); | 100 | out=BIO_new(BIO_s_file()); |
| 101 | 101 | ||
| 102 | if (out == NULL) exit(1); | 102 | if (out == NULL) EXIT(1); |
| 103 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 103 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| 104 | 104 | ||
| 105 | for (i=0; i<200; i++) | 105 | for (i=0; i<200; i++) |
| @@ -124,7 +124,7 @@ int main(int argc, char *argv[]) | |||
| 124 | { | 124 | { |
| 125 | printf("BN_mod_exp_mont() problems\n"); | 125 | printf("BN_mod_exp_mont() problems\n"); |
| 126 | ERR_print_errors(out); | 126 | ERR_print_errors(out); |
| 127 | exit(1); | 127 | EXIT(1); |
| 128 | } | 128 | } |
| 129 | 129 | ||
| 130 | ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); | 130 | ret=BN_mod_exp_recp(r_recp,a,b,m,ctx); |
| @@ -132,7 +132,7 @@ int main(int argc, char *argv[]) | |||
| 132 | { | 132 | { |
| 133 | printf("BN_mod_exp_recp() problems\n"); | 133 | printf("BN_mod_exp_recp() problems\n"); |
| 134 | ERR_print_errors(out); | 134 | ERR_print_errors(out); |
| 135 | exit(1); | 135 | EXIT(1); |
| 136 | } | 136 | } |
| 137 | 137 | ||
| 138 | ret=BN_mod_exp_simple(r_simple,a,b,m,ctx); | 138 | ret=BN_mod_exp_simple(r_simple,a,b,m,ctx); |
| @@ -140,7 +140,7 @@ int main(int argc, char *argv[]) | |||
| 140 | { | 140 | { |
| 141 | printf("BN_mod_exp_simple() problems\n"); | 141 | printf("BN_mod_exp_simple() problems\n"); |
| 142 | ERR_print_errors(out); | 142 | ERR_print_errors(out); |
| 143 | exit(1); | 143 | EXIT(1); |
| 144 | } | 144 | } |
| 145 | 145 | ||
| 146 | if (BN_cmp(r_simple, r_mont) == 0 | 146 | if (BN_cmp(r_simple, r_mont) == 0 |
| @@ -163,7 +163,7 @@ int main(int argc, char *argv[]) | |||
| 163 | printf("\nrecp ="); BN_print(out,r_recp); | 163 | printf("\nrecp ="); BN_print(out,r_recp); |
| 164 | printf("\nmont ="); BN_print(out,r_mont); | 164 | printf("\nmont ="); BN_print(out,r_mont); |
| 165 | printf("\n"); | 165 | printf("\n"); |
| 166 | exit(1); | 166 | EXIT(1); |
| 167 | } | 167 | } |
| 168 | } | 168 | } |
| 169 | BN_free(r_mont); | 169 | BN_free(r_mont); |
| @@ -177,11 +177,11 @@ int main(int argc, char *argv[]) | |||
| 177 | CRYPTO_mem_leaks(out); | 177 | CRYPTO_mem_leaks(out); |
| 178 | BIO_free(out); | 178 | BIO_free(out); |
| 179 | printf(" done\n"); | 179 | printf(" done\n"); |
| 180 | exit(0); | 180 | EXIT(0); |
| 181 | err: | 181 | err: |
| 182 | ERR_load_crypto_strings(); | 182 | ERR_load_crypto_strings(); |
| 183 | ERR_print_errors(out); | 183 | ERR_print_errors(out); |
| 184 | exit(1); | 184 | EXIT(1); |
| 185 | return(1); | 185 | return(1); |
| 186 | } | 186 | } |
| 187 | 187 | ||
diff --git a/src/lib/libssl/src/crypto/buffer/Makefile.ssl b/src/lib/libssl/src/crypto/buffer/Makefile.ssl index 240a6b9a89..b131ca3078 100644 --- a/src/lib/libssl/src/crypto/buffer/Makefile.ssl +++ b/src/lib/libssl/src/crypto/buffer/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/buffer/buffer.c b/src/lib/libssl/src/crypto/buffer/buffer.c index 9299baba9e..d96487e7db 100644 --- a/src/lib/libssl/src/crypto/buffer/buffer.c +++ b/src/lib/libssl/src/crypto/buffer/buffer.c | |||
| @@ -125,6 +125,43 @@ int BUF_MEM_grow(BUF_MEM *str, int len) | |||
| 125 | return(len); | 125 | return(len); |
| 126 | } | 126 | } |
| 127 | 127 | ||
| 128 | int BUF_MEM_grow_clean(BUF_MEM *str, int len) | ||
| 129 | { | ||
| 130 | char *ret; | ||
| 131 | unsigned int n; | ||
| 132 | |||
| 133 | if (str->length >= len) | ||
| 134 | { | ||
| 135 | memset(&str->data[len],0,str->length-len); | ||
| 136 | str->length=len; | ||
| 137 | return(len); | ||
| 138 | } | ||
| 139 | if (str->max >= len) | ||
| 140 | { | ||
| 141 | memset(&str->data[str->length],0,len-str->length); | ||
| 142 | str->length=len; | ||
| 143 | return(len); | ||
| 144 | } | ||
| 145 | n=(len+3)/3*4; | ||
| 146 | if (str->data == NULL) | ||
| 147 | ret=OPENSSL_malloc(n); | ||
| 148 | else | ||
| 149 | ret=OPENSSL_realloc_clean(str->data,str->max,n); | ||
| 150 | if (ret == NULL) | ||
| 151 | { | ||
| 152 | BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); | ||
| 153 | len=0; | ||
| 154 | } | ||
| 155 | else | ||
| 156 | { | ||
| 157 | str->data=ret; | ||
| 158 | str->max=n; | ||
| 159 | memset(&str->data[str->length],0,len-str->length); | ||
| 160 | str->length=len; | ||
| 161 | } | ||
| 162 | return(len); | ||
| 163 | } | ||
| 164 | |||
| 128 | char *BUF_strdup(const char *str) | 165 | char *BUF_strdup(const char *str) |
| 129 | { | 166 | { |
| 130 | char *ret; | 167 | char *ret; |
| @@ -143,3 +180,23 @@ char *BUF_strdup(const char *str) | |||
| 143 | return(ret); | 180 | return(ret); |
| 144 | } | 181 | } |
| 145 | 182 | ||
| 183 | size_t BUF_strlcpy(char *dst, const char *src, size_t size) | ||
| 184 | { | ||
| 185 | size_t l = 0; | ||
| 186 | for(; size > 1 && *src; size--) | ||
| 187 | { | ||
| 188 | *dst++ = *src++; | ||
| 189 | l++; | ||
| 190 | } | ||
| 191 | if (size) | ||
| 192 | *dst = '\0'; | ||
| 193 | return l + strlen(src); | ||
| 194 | } | ||
| 195 | |||
| 196 | size_t BUF_strlcat(char *dst, const char *src, size_t size) | ||
| 197 | { | ||
| 198 | size_t l = 0; | ||
| 199 | for(; size > 0 && *dst; size--, dst++) | ||
| 200 | l++; | ||
| 201 | return l + BUF_strlcpy(dst, src, size); | ||
| 202 | } | ||
diff --git a/src/lib/libssl/src/crypto/buffer/buffer.h b/src/lib/libssl/src/crypto/buffer/buffer.h index 11e2d0359a..465dc34f3f 100644 --- a/src/lib/libssl/src/crypto/buffer/buffer.h +++ b/src/lib/libssl/src/crypto/buffer/buffer.h | |||
| @@ -63,6 +63,9 @@ | |||
| 63 | extern "C" { | 63 | extern "C" { |
| 64 | #endif | 64 | #endif |
| 65 | 65 | ||
| 66 | #include <stddef.h> | ||
| 67 | #include <sys/types.h> | ||
| 68 | |||
| 66 | typedef struct buf_mem_st | 69 | typedef struct buf_mem_st |
| 67 | { | 70 | { |
| 68 | int length; /* current number of bytes */ | 71 | int length; /* current number of bytes */ |
| @@ -73,8 +76,14 @@ typedef struct buf_mem_st | |||
| 73 | BUF_MEM *BUF_MEM_new(void); | 76 | BUF_MEM *BUF_MEM_new(void); |
| 74 | void BUF_MEM_free(BUF_MEM *a); | 77 | void BUF_MEM_free(BUF_MEM *a); |
| 75 | int BUF_MEM_grow(BUF_MEM *str, int len); | 78 | int BUF_MEM_grow(BUF_MEM *str, int len); |
| 79 | int BUF_MEM_grow_clean(BUF_MEM *str, int len); | ||
| 76 | char * BUF_strdup(const char *str); | 80 | char * BUF_strdup(const char *str); |
| 77 | 81 | ||
| 82 | /* safe string functions */ | ||
| 83 | size_t BUF_strlcpy(char *dst,const char *src,size_t siz); | ||
| 84 | size_t BUF_strlcat(char *dst,const char *src,size_t siz); | ||
| 85 | |||
| 86 | |||
| 78 | /* BEGIN ERROR CODES */ | 87 | /* BEGIN ERROR CODES */ |
| 79 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 88 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| 80 | * made after this point may be overwritten when the script is next run. | 89 | * made after this point may be overwritten when the script is next run. |
diff --git a/src/lib/libssl/src/crypto/cast/Makefile.ssl b/src/lib/libssl/src/crypto/cast/Makefile.ssl index 2defbdd68a..2dc1c855ad 100644 --- a/src/lib/libssl/src/crypto/cast/Makefile.ssl +++ b/src/lib/libssl/src/crypto/cast/Makefile.ssl | |||
| @@ -52,14 +52,8 @@ lib: $(LIBOBJ) | |||
| 52 | @touch lib | 52 | @touch lib |
| 53 | 53 | ||
| 54 | # elf | 54 | # elf |
| 55 | asm/cx86-elf.o: asm/cx86unix.cpp | 55 | asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 56 | $(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o | 56 | (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s) |
| 57 | |||
| 58 | # solaris | ||
| 59 | asm/cx86-sol.o: asm/cx86unix.cpp | ||
| 60 | $(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s | ||
| 61 | as -o asm/cx86-sol.o asm/cx86-sol.s | ||
| 62 | rm -f asm/cx86-sol.s | ||
| 63 | 57 | ||
| 64 | # a.out | 58 | # a.out |
| 65 | asm/cx86-out.o: asm/cx86unix.cpp | 59 | asm/cx86-out.o: asm/cx86unix.cpp |
| @@ -97,14 +91,14 @@ lint: | |||
| 97 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 91 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 98 | 92 | ||
| 99 | depend: | 93 | depend: |
| 100 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 94 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 101 | 95 | ||
| 102 | dclean: | 96 | dclean: |
| 103 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 97 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 104 | mv -f Makefile.new $(MAKEFILE) | 98 | mv -f Makefile.new $(MAKEFILE) |
| 105 | 99 | ||
| 106 | clean: | 100 | clean: |
| 107 | rm -f asm/cx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 101 | rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 108 | 102 | ||
| 109 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 103 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 110 | 104 | ||
diff --git a/src/lib/libssl/src/crypto/cast/casttest.c b/src/lib/libssl/src/crypto/cast/casttest.c index 099e790886..83e5a16c73 100644 --- a/src/lib/libssl/src/crypto/cast/casttest.c +++ b/src/lib/libssl/src/crypto/cast/casttest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_CAST | 65 | #ifdef OPENSSL_NO_CAST |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -224,7 +226,7 @@ int main(int argc, char *argv[]) | |||
| 224 | } | 226 | } |
| 225 | #endif | 227 | #endif |
| 226 | 228 | ||
| 227 | exit(err); | 229 | EXIT(err); |
| 228 | return(err); | 230 | return(err); |
| 229 | } | 231 | } |
| 230 | #endif | 232 | #endif |
diff --git a/src/lib/libssl/src/crypto/comp/Makefile.ssl b/src/lib/libssl/src/crypto/comp/Makefile.ssl index 7c1ec81229..f70ba1b285 100644 --- a/src/lib/libssl/src/crypto/comp/Makefile.ssl +++ b/src/lib/libssl/src/crypto/comp/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/comp/c_zlib.c b/src/lib/libssl/src/crypto/comp/c_zlib.c index cd2f8a491b..8c0876151a 100644 --- a/src/lib/libssl/src/crypto/comp/c_zlib.c +++ b/src/lib/libssl/src/crypto/comp/c_zlib.c | |||
| @@ -208,11 +208,11 @@ COMP_METHOD *COMP_zlib(void) | |||
| 208 | = (inflateInit__ft) DSO_bind_func(zlib_dso, | 208 | = (inflateInit__ft) DSO_bind_func(zlib_dso, |
| 209 | "inflateInit_"); | 209 | "inflateInit_"); |
| 210 | zlib_loaded++; | 210 | zlib_loaded++; |
| 211 | meth = &zlib_method; | ||
| 212 | } | 211 | } |
| 213 | } | 212 | } |
| 214 | 213 | ||
| 215 | #elif defined(ZLIB) | 214 | #endif |
| 215 | #if defined(ZLIB) || defined(ZLIB_SHARED) | ||
| 216 | meth = &zlib_method; | 216 | meth = &zlib_method; |
| 217 | #endif | 217 | #endif |
| 218 | 218 | ||
diff --git a/src/lib/libssl/src/crypto/conf/Makefile.ssl b/src/lib/libssl/src/crypto/conf/Makefile.ssl index 133c2329e6..c5873bc6e7 100644 --- a/src/lib/libssl/src/crypto/conf/Makefile.ssl +++ b/src/lib/libssl/src/crypto/conf/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c index 48ff6f1120..b52ee01a3c 100644 --- a/src/lib/libssl/src/crypto/conf/conf_def.c +++ b/src/lib/libssl/src/crypto/conf/conf_def.c | |||
| @@ -208,7 +208,8 @@ static int def_load(CONF *conf, const char *name, long *line) | |||
| 208 | 208 | ||
| 209 | static int def_load_bio(CONF *conf, BIO *in, long *line) | 209 | static int def_load_bio(CONF *conf, BIO *in, long *line) |
| 210 | { | 210 | { |
| 211 | #define BUFSIZE 512 | 211 | /* The macro BUFSIZE conflicts with a system macro in VxWorks */ |
| 212 | #define CONFBUFSIZE 512 | ||
| 212 | int bufnum=0,i,ii; | 213 | int bufnum=0,i,ii; |
| 213 | BUF_MEM *buff=NULL; | 214 | BUF_MEM *buff=NULL; |
| 214 | char *s,*p,*end; | 215 | char *s,*p,*end; |
| @@ -252,20 +253,21 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) | |||
| 252 | section_sk=(STACK_OF(CONF_VALUE) *)sv->value; | 253 | section_sk=(STACK_OF(CONF_VALUE) *)sv->value; |
| 253 | 254 | ||
| 254 | bufnum=0; | 255 | bufnum=0; |
| 256 | again=0; | ||
| 255 | for (;;) | 257 | for (;;) |
| 256 | { | 258 | { |
| 257 | again=0; | 259 | if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE)) |
| 258 | if (!BUF_MEM_grow(buff,bufnum+BUFSIZE)) | ||
| 259 | { | 260 | { |
| 260 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); | 261 | CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); |
| 261 | goto err; | 262 | goto err; |
| 262 | } | 263 | } |
| 263 | p= &(buff->data[bufnum]); | 264 | p= &(buff->data[bufnum]); |
| 264 | *p='\0'; | 265 | *p='\0'; |
| 265 | BIO_gets(in, p, BUFSIZE-1); | 266 | BIO_gets(in, p, CONFBUFSIZE-1); |
| 266 | p[BUFSIZE-1]='\0'; | 267 | p[CONFBUFSIZE-1]='\0'; |
| 267 | ii=i=strlen(p); | 268 | ii=i=strlen(p); |
| 268 | if (i == 0) break; | 269 | if (i == 0 && !again) break; |
| 270 | again=0; | ||
| 269 | while (i > 0) | 271 | while (i > 0) |
| 270 | { | 272 | { |
| 271 | if ((p[i-1] != '\r') && (p[i-1] != '\n')) | 273 | if ((p[i-1] != '\r') && (p[i-1] != '\n')) |
| @@ -275,7 +277,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) | |||
| 275 | } | 277 | } |
| 276 | /* we removed some trailing stuff so there is a new | 278 | /* we removed some trailing stuff so there is a new |
| 277 | * line on the end. */ | 279 | * line on the end. */ |
| 278 | if (i == ii) | 280 | if (ii && i == ii) |
| 279 | again=1; /* long line */ | 281 | again=1; /* long line */ |
| 280 | else | 282 | else |
| 281 | { | 283 | { |
| @@ -627,7 +629,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) | |||
| 627 | CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); | 629 | CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); |
| 628 | goto err; | 630 | goto err; |
| 629 | } | 631 | } |
| 630 | BUF_MEM_grow(buf,(strlen(p)+len-(e-from))); | 632 | BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from))); |
| 631 | while (*p) | 633 | while (*p) |
| 632 | buf->data[to++]= *(p++); | 634 | buf->data[to++]= *(p++); |
| 633 | from=e; | 635 | from=e; |
diff --git a/src/lib/libssl/src/crypto/conf/conf_mall.c b/src/lib/libssl/src/crypto/conf/conf_mall.c index d702af689b..4ba40cf44c 100644 --- a/src/lib/libssl/src/crypto/conf/conf_mall.c +++ b/src/lib/libssl/src/crypto/conf/conf_mall.c | |||
| @@ -63,7 +63,9 @@ | |||
| 63 | #include <openssl/dso.h> | 63 | #include <openssl/dso.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 66 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 67 | 69 | ||
| 68 | /* Load all OpenSSL builtin modules */ | 70 | /* Load all OpenSSL builtin modules */ |
| 69 | 71 | ||
| @@ -71,6 +73,8 @@ void OPENSSL_load_builtin_modules(void) | |||
| 71 | { | 73 | { |
| 72 | /* Add builtin modules here */ | 74 | /* Add builtin modules here */ |
| 73 | ASN1_add_oid_module(); | 75 | ASN1_add_oid_module(); |
| 76 | #ifndef OPENSSL_NO_ENGINE | ||
| 74 | ENGINE_add_conf_module(); | 77 | ENGINE_add_conf_module(); |
| 78 | #endif | ||
| 75 | } | 79 | } |
| 76 | 80 | ||
diff --git a/src/lib/libssl/src/crypto/conf/conf_sap.c b/src/lib/libssl/src/crypto/conf/conf_sap.c index 97fb174303..e15c2e5546 100644 --- a/src/lib/libssl/src/crypto/conf/conf_sap.c +++ b/src/lib/libssl/src/crypto/conf/conf_sap.c | |||
| @@ -63,7 +63,9 @@ | |||
| 63 | #include <openssl/dso.h> | 63 | #include <openssl/dso.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 66 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 67 | 69 | ||
| 68 | /* This is the automatic configuration loader: it is called automatically by | 70 | /* This is the automatic configuration loader: it is called automatically by |
| 69 | * OpenSSL when any of a number of standard initialisation functions are called, | 71 | * OpenSSL when any of a number of standard initialisation functions are called, |
| @@ -78,8 +80,10 @@ void OPENSSL_config(const char *config_name) | |||
| 78 | return; | 80 | return; |
| 79 | 81 | ||
| 80 | OPENSSL_load_builtin_modules(); | 82 | OPENSSL_load_builtin_modules(); |
| 83 | #ifndef OPENSSL_NO_ENGINE | ||
| 81 | /* Need to load ENGINEs */ | 84 | /* Need to load ENGINEs */ |
| 82 | ENGINE_load_builtin_engines(); | 85 | ENGINE_load_builtin_engines(); |
| 86 | #endif | ||
| 83 | /* Add others here? */ | 87 | /* Add others here? */ |
| 84 | 88 | ||
| 85 | 89 | ||
diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c index 612b3b93b4..2924def2bb 100644 --- a/src/lib/libssl/src/crypto/cryptlib.c +++ b/src/lib/libssl/src/crypto/cryptlib.c | |||
| @@ -89,6 +89,7 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = | |||
| 89 | "ssl_session", | 89 | "ssl_session", |
| 90 | "ssl_sess_cert", | 90 | "ssl_sess_cert", |
| 91 | "ssl", | 91 | "ssl", |
| 92 | "ssl_method", | ||
| 92 | "rand", | 93 | "rand", |
| 93 | "rand2", | 94 | "rand2", |
| 94 | "debug_malloc", | 95 | "debug_malloc", |
| @@ -103,7 +104,8 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = | |||
| 103 | "dynlock", | 104 | "dynlock", |
| 104 | "engine", | 105 | "engine", |
| 105 | "ui", | 106 | "ui", |
| 106 | #if CRYPTO_NUM_LOCKS != 31 | 107 | "hwcrhk", /* This is a HACK which will disappear in 0.9.8 */ |
| 108 | #if CRYPTO_NUM_LOCKS != 33 | ||
| 107 | # error "Inconsistency between crypto.h and cryptlib.c" | 109 | # error "Inconsistency between crypto.h and cryptlib.c" |
| 108 | #endif | 110 | #endif |
| 109 | }; | 111 | }; |
| @@ -206,10 +208,18 @@ int CRYPTO_get_new_dynlockid(void) | |||
| 206 | i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); | 208 | i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); |
| 207 | /* If there was none, push, thereby creating a new one */ | 209 | /* If there was none, push, thereby creating a new one */ |
| 208 | if (i == -1) | 210 | if (i == -1) |
| 209 | i=sk_CRYPTO_dynlock_push(dyn_locks,pointer); | 211 | /* Since sk_push() returns the number of items on the |
| 212 | stack, not the location of the pushed item, we need | ||
| 213 | to transform the returned number into a position, | ||
| 214 | by decreasing it. */ | ||
| 215 | i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; | ||
| 216 | else | ||
| 217 | /* If we found a place with a NULL pointer, put our pointer | ||
| 218 | in it. */ | ||
| 219 | sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); | ||
| 210 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | 220 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); |
| 211 | 221 | ||
| 212 | if (!i) | 222 | if (i == -1) |
| 213 | { | 223 | { |
| 214 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); | 224 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); |
| 215 | OPENSSL_free(pointer); | 225 | OPENSSL_free(pointer); |
| @@ -401,15 +411,17 @@ void CRYPTO_lock(int mode, int type, const char *file, int line) | |||
| 401 | #endif | 411 | #endif |
| 402 | if (type < 0) | 412 | if (type < 0) |
| 403 | { | 413 | { |
| 404 | struct CRYPTO_dynlock_value *pointer | 414 | if (dynlock_lock_callback != NULL) |
| 405 | = CRYPTO_get_dynlock_value(type); | ||
| 406 | |||
| 407 | if (pointer && dynlock_lock_callback) | ||
| 408 | { | 415 | { |
| 416 | struct CRYPTO_dynlock_value *pointer | ||
| 417 | = CRYPTO_get_dynlock_value(type); | ||
| 418 | |||
| 419 | OPENSSL_assert(pointer != NULL); | ||
| 420 | |||
| 409 | dynlock_lock_callback(mode, pointer, file, line); | 421 | dynlock_lock_callback(mode, pointer, file, line); |
| 410 | } | ||
| 411 | 422 | ||
| 412 | CRYPTO_destroy_dynlockid(type); | 423 | CRYPTO_destroy_dynlockid(type); |
| 424 | } | ||
| 413 | } | 425 | } |
| 414 | else | 426 | else |
| 415 | if (locking_callback != NULL) | 427 | if (locking_callback != NULL) |
| @@ -460,7 +472,7 @@ const char *CRYPTO_get_lock_name(int type) | |||
| 460 | return("dynamic"); | 472 | return("dynamic"); |
| 461 | else if (type < CRYPTO_NUM_LOCKS) | 473 | else if (type < CRYPTO_NUM_LOCKS) |
| 462 | return(lock_names[type]); | 474 | return(lock_names[type]); |
| 463 | else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks)) | 475 | else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks)) |
| 464 | return("ERROR"); | 476 | return("ERROR"); |
| 465 | else | 477 | else |
| 466 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); | 478 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); |
| @@ -492,3 +504,11 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason, | |||
| 492 | #endif | 504 | #endif |
| 493 | 505 | ||
| 494 | #endif | 506 | #endif |
| 507 | |||
| 508 | void OpenSSLDie(const char *file,int line,const char *assertion) | ||
| 509 | { | ||
| 510 | fprintf(stderr, | ||
| 511 | "%s(%d): OpenSSL internal error, assertion failed: %s\n", | ||
| 512 | file,line,assertion); | ||
| 513 | abort(); | ||
| 514 | } | ||
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h index 88e4ae509f..0d6b9d59f0 100644 --- a/src/lib/libssl/src/crypto/cryptlib.h +++ b/src/lib/libssl/src/crypto/cryptlib.h | |||
| @@ -89,9 +89,9 @@ extern "C" { | |||
| 89 | #define X509_CERT_DIR_EVP "SSL_CERT_DIR" | 89 | #define X509_CERT_DIR_EVP "SSL_CERT_DIR" |
| 90 | #define X509_CERT_FILE_EVP "SSL_CERT_FILE" | 90 | #define X509_CERT_FILE_EVP "SSL_CERT_FILE" |
| 91 | 91 | ||
| 92 | /* size of string represenations */ | 92 | /* size of string representations */ |
| 93 | #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) | 93 | #define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) |
| 94 | #define HEX_SIZE(type) ((sizeof(type)*2) | 94 | #define HEX_SIZE(type) (sizeof(type)*2) |
| 95 | 95 | ||
| 96 | #ifdef __cplusplus | 96 | #ifdef __cplusplus |
| 97 | } | 97 | } |
diff --git a/src/lib/libssl/src/crypto/crypto-lib.com b/src/lib/libssl/src/crypto/crypto-lib.com index dfcff11860..39e78c69e5 100644 --- a/src/lib/libssl/src/crypto/crypto-lib.com +++ b/src/lib/libssl/src/crypto/crypto-lib.com | |||
| @@ -21,22 +21,10 @@ $! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. | |||
| 21 | $! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE | 21 | $! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE |
| 22 | $! ALL To do both LIBRARY and APPS | 22 | $! ALL To do both LIBRARY and APPS |
| 23 | $! | 23 | $! |
| 24 | $! Specify RSAREF as P2 to compile with the RSAREF library instead of | 24 | $! Specify DEBUG or NODEBUG as P2 to compile with or without debugger |
| 25 | $! the regular one. If you specify NORSAREF it will compile with the | ||
| 26 | $! regular RSAREF routines. (Note: If you are in the United States | ||
| 27 | $! you MUST compile with RSAREF unless you have a license from RSA). | ||
| 28 | $! | ||
| 29 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 30 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 31 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 32 | $! directory structure stored. You have to extract the file | ||
| 33 | $! into the [.RSAREF] directory under the root directory as that | ||
| 34 | $! is where the scripts will look for the files. | ||
| 35 | $! | ||
| 36 | $! Specify DEBUG or NODEBUG as P3 to compile with or without debugger | ||
| 37 | $! information. | 25 | $! information. |
| 38 | $! | 26 | $! |
| 39 | $! Specify which compiler at P4 to try to compile under. | 27 | $! Specify which compiler at P3 to try to compile under. |
| 40 | $! | 28 | $! |
| 41 | $! VAXC For VAX C. | 29 | $! VAXC For VAX C. |
| 42 | $! DECC For DEC C. | 30 | $! DECC For DEC C. |
| @@ -45,16 +33,16 @@ $! | |||
| 45 | $! If you don't speficy a compiler, it will try to determine which | 33 | $! If you don't speficy a compiler, it will try to determine which |
| 46 | $! "C" compiler to use. | 34 | $! "C" compiler to use. |
| 47 | $! | 35 | $! |
| 48 | $! P5, if defined, sets a TCP/IP library to use, through one of the following | 36 | $! P4, if defined, sets a TCP/IP library to use, through one of the following |
| 49 | $! keywords: | 37 | $! keywords: |
| 50 | $! | 38 | $! |
| 51 | $! UCX for UCX | 39 | $! UCX for UCX |
| 52 | $! TCPIP for TCPIP (post UCX) | 40 | $! TCPIP for TCPIP (post UCX) |
| 53 | $! SOCKETSHR for SOCKETSHR+NETLIB | 41 | $! SOCKETSHR for SOCKETSHR+NETLIB |
| 54 | $! | 42 | $! |
| 55 | $! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | 43 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) |
| 56 | $! | 44 | $! |
| 57 | $! P7, if defined, sets a choice of crypto methods to compile. | 45 | $! P6, if defined, sets a choice of crypto methods to compile. |
| 58 | $! WARNING: this should only be done to recompile some part of an already | 46 | $! WARNING: this should only be done to recompile some part of an already |
| 59 | $! fully compiled library. | 47 | $! fully compiled library. |
| 60 | $! | 48 | $! |
| @@ -93,7 +81,6 @@ $ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ - | |||
| 93 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - | 81 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ - |
| 94 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - | 82 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - |
| 95 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" | 83 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5" |
| 96 | $ ENCRYPT_PROGRAMS = "DES,PKCS7" | ||
| 97 | $! | 84 | $! |
| 98 | $! Check To Make Sure We Have Valid Command Line Parameters. | 85 | $! Check To Make Sure We Have Valid Command Line Parameters. |
| 99 | $! | 86 | $! |
| @@ -149,10 +136,6 @@ $! Define The CRYPTO-LIB We Are To Use. | |||
| 149 | $! | 136 | $! |
| 150 | $ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB | 137 | $ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB |
| 151 | $! | 138 | $! |
| 152 | $! Define The RSAREF-LIB We Are To Use. | ||
| 153 | $! | ||
| 154 | $ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB | ||
| 155 | $! | ||
| 156 | $! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... | 139 | $! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... |
| 157 | $! | 140 | $! |
| 158 | $ IF (F$SEARCH(LIB_NAME).EQS."") | 141 | $ IF (F$SEARCH(LIB_NAME).EQS."") |
| @@ -175,7 +158,7 @@ $! | |||
| 175 | $ APPS_DES = "DES/DES,CBC3_ENC" | 158 | $ APPS_DES = "DES/DES,CBC3_ENC" |
| 176 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" | 159 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" |
| 177 | $ | 160 | $ |
| 178 | $ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" | 161 | $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" |
| 179 | $ LIB_MD2 = "md2_dgst,md2_one" | 162 | $ LIB_MD2 = "md2_dgst,md2_one" |
| 180 | $ LIB_MD4 = "md4_dgst,md4_one" | 163 | $ LIB_MD4 = "md4_dgst,md4_one" |
| 181 | $ LIB_MD5 = "md5_dgst,md5_one" | 164 | $ LIB_MD5 = "md5_dgst,md5_one" |
| @@ -216,7 +199,7 @@ $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - | |||
| 216 | "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - | 199 | "tb_rsa,tb_dsa,tb_dh,tb_rand,tb_cipher,tb_digest,"+ - |
| 217 | "eng_openssl,eng_dyn,eng_cnf,"+ - | 200 | "eng_openssl,eng_dyn,eng_cnf,"+ - |
| 218 | "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - | 201 | "hw_atalla,hw_cswift,hw_ncipher,hw_nuron,hw_ubsec,"+ - |
| 219 | "hw_openbsd_dev_crypto,hw_aep,hw_sureware,hw_4758_cca" | 202 | "hw_cryptodev,hw_aep,hw_sureware,hw_4758_cca" |
| 220 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" | 203 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr" |
| 221 | $ LIB_BUFFER = "buffer,buf_err" | 204 | $ LIB_BUFFER = "buffer,buf_err" |
| 222 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - | 205 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - |
| @@ -287,86 +270,6 @@ $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," | |||
| 287 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - | 270 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - |
| 288 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," | 271 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," |
| 289 | $! | 272 | $! |
| 290 | $! Check To See If We Are Going To Use RSAREF. | ||
| 291 | $! | ||
| 292 | $ IF (RSAREF.EQS."TRUE" .AND. ENCRYPT_TYPES - "RSA".NES.ENCRYPT_TYPES - | ||
| 293 | .AND. (BUILDALL .EQS. "TRUE" .OR. BUILDALL .EQS. "LIBRARY")) | ||
| 294 | $ THEN | ||
| 295 | $! | ||
| 296 | $! Check To See If The File [-.RSAREF]RSAREF.C Is Actually There. | ||
| 297 | $! | ||
| 298 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAREF.C").EQS."") | ||
| 299 | $ THEN | ||
| 300 | $! | ||
| 301 | $! Tell The User That The File Doesn't Exist. | ||
| 302 | $! | ||
| 303 | $ WRITE SYS$OUTPUT "" | ||
| 304 | $ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAREF.C Doesn't Exist." | ||
| 305 | $ WRITE SYS$OUTPUT "" | ||
| 306 | $! | ||
| 307 | $! Exit The Build. | ||
| 308 | $! | ||
| 309 | $ GOTO EXIT | ||
| 310 | $! | ||
| 311 | $! End The [-.RSAREF]RSAREF.C Check. | ||
| 312 | $! | ||
| 313 | $ ENDIF | ||
| 314 | $! | ||
| 315 | $! Tell The User We Are Compiling The [-.RSAREF]RSAREF File. | ||
| 316 | $! | ||
| 317 | $ WRITE SYS$OUTPUT "Compiling The [-.RSAREF]RSAREF File." | ||
| 318 | $! | ||
| 319 | $! Compile [-.RSAREF]RSAREF.C | ||
| 320 | $! | ||
| 321 | $ CC/OBJECT='OBJ_DIR'RSAREF.OBJ SYS$DISK:[-.RSAREF]RSAREF.C | ||
| 322 | $! | ||
| 323 | $! Add It To The Library. | ||
| 324 | $! | ||
| 325 | $ LIBRARY/REPLACE 'LIB_NAME' 'OBJ_DIR'RSAREF.OBJ | ||
| 326 | $! | ||
| 327 | $! Delete The Object File. | ||
| 328 | $! | ||
| 329 | $ DELETE 'OBJ_DIR'RSAREF.OBJ;* | ||
| 330 | $! | ||
| 331 | $! Check To See If The File [-.RSAREF]RSAR_ERR.C Is Actually There. | ||
| 332 | $! | ||
| 333 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAR_ERR.C").EQS."") | ||
| 334 | $ THEN | ||
| 335 | $! | ||
| 336 | $! Tell The User That The File Doesn't Exist. | ||
| 337 | $! | ||
| 338 | $ WRITE SYS$OUTPUT "" | ||
| 339 | $ WRITE SYS$OUTPUT "The File [-.RSAREF]RSAR_ERR.C Doesn't Exist." | ||
| 340 | $ WRITE SYS$OUTPUT "" | ||
| 341 | $! | ||
| 342 | $! Exit The Build. | ||
| 343 | $! | ||
| 344 | $ GOTO EXIT | ||
| 345 | $! | ||
| 346 | $! End The [-.RSAREF]RSAR_ERR.C File Check. | ||
| 347 | $! | ||
| 348 | $ ENDIF | ||
| 349 | $! | ||
| 350 | $! Tell The User We Are Compiling The [-.RSAREF]RSAR_ERR File. | ||
| 351 | $! | ||
| 352 | $ WRITE SYS$OUTPUT "Compiling The [-.RSAREF]RSAR_ERR File." | ||
| 353 | $! | ||
| 354 | $! Compile [-.RSAREF]RSAR_ERR.C | ||
| 355 | $! | ||
| 356 | $ CC/OBJECT='OBJ_DIR'RSAR_ERR.OBJ SYS$DISK:[-.RSAREF]RSAR_ERR.C | ||
| 357 | $! | ||
| 358 | $! Add It To The Library. | ||
| 359 | $! | ||
| 360 | $ LIBRARY/REPLACE 'LIB_NAME' 'OBJ_DIR'RSAR_ERR.OBJ | ||
| 361 | $! | ||
| 362 | $! Delete The Object File. | ||
| 363 | $! | ||
| 364 | $ DELETE 'OBJ_DIR'RSAR_ERR.OBJ;* | ||
| 365 | $! | ||
| 366 | $! End The RSAREF Check. | ||
| 367 | $! | ||
| 368 | $ ENDIF | ||
| 369 | $! | ||
| 370 | $! Figure Out What Other Modules We Are To Build. | 273 | $! Figure Out What Other Modules We Are To Build. |
| 371 | $! | 274 | $! |
| 372 | $ BUILD_SET: | 275 | $ BUILD_SET: |
| @@ -639,74 +542,34 @@ $! Tell the user what happens | |||
| 639 | $! | 542 | $! |
| 640 | $ WRITE SYS$OUTPUT " ",APPLICATION,".exe" | 543 | $ WRITE SYS$OUTPUT " ",APPLICATION,".exe" |
| 641 | $! | 544 | $! |
| 642 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. | 545 | $! Link The Program. |
| 643 | $! | 546 | $! |
| 644 | $ ON ERROR THEN GOTO NEXT_APPLICATION | 547 | $ ON ERROR THEN GOTO NEXT_APPLICATION |
| 645 | $ IF (RSAREF.EQS."TRUE") | ||
| 646 | $ THEN | ||
| 647 | $! | 548 | $! |
| 648 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 549 | $! Check To See If We Are To Link With A Specific TCP/IP Library. |
| 649 | $! | 550 | $! |
| 650 | $ IF (TCPIP_LIB.NES."") | 551 | $ IF (TCPIP_LIB.NES."") |
| 651 | $ THEN | 552 | $ THEN |
| 652 | $! | ||
| 653 | $! Link With The RSAREF Library And A Specific TCP/IP Library. | ||
| 654 | $! | ||
| 655 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
| 656 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 657 | 'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 658 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 659 | $! | ||
| 660 | $! Else... | ||
| 661 | $! | ||
| 662 | $ ELSE | ||
| 663 | $! | ||
| 664 | $! Link With The RSAREF Library And NO TCP/IP Library. | ||
| 665 | $! | 553 | $! |
| 666 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | 554 | $! Link With A TCP/IP Library. |
| 667 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 668 | 'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 669 | 'OPT_FILE'/OPTION | ||
| 670 | $! | 555 | $! |
| 671 | $! End The TCP/IP Library Check. | 556 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - |
| 557 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 558 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 559 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 672 | $! | 560 | $! |
| 673 | $ ENDIF | 561 | $! Else... |
| 674 | $! | ||
| 675 | $! Else... | ||
| 676 | $! | 562 | $! |
| 677 | $ ELSE | 563 | $ ELSE |
| 678 | $! | 564 | $! |
| 679 | $! Don't Link With The RSAREF Routines. | 565 | $! Don't Link With A TCP/IP Library. |
| 680 | $! | ||
| 681 | $! | ||
| 682 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 683 | $! | ||
| 684 | $ IF (TCPIP_LIB.NES."") | ||
| 685 | $ THEN | ||
| 686 | $! | ||
| 687 | $! Don't Link With The RSAREF Routines And TCP/IP Library. | ||
| 688 | $! | ||
| 689 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
| 690 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
| 691 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 692 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 693 | $! | ||
| 694 | $! Else... | ||
| 695 | $! | ||
| 696 | $ ELSE | ||
| 697 | $! | ||
| 698 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. | ||
| 699 | $! | ||
| 700 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
| 701 | 'OBJ_DIR''APPLICATION_OBJECTS',- | ||
| 702 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 703 | 'OPT_FILE'/OPTION | ||
| 704 | $! | 566 | $! |
| 705 | $! End The TCP/IP Library Check. | 567 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - |
| 568 | 'OBJ_DIR''APPLICATION_OBJECTS',- | ||
| 569 | 'CRYPTO_LIB'/LIBRARY, - | ||
| 570 | 'OPT_FILE'/OPTION | ||
| 706 | $! | 571 | $! |
| 707 | $ ENDIF | 572 | $! End The TCP/IP Library Check. |
| 708 | $! | ||
| 709 | $! End The RSAREF Link Check. | ||
| 710 | $! | 573 | $! |
| 711 | $ ENDIF | 574 | $ ENDIF |
| 712 | $ GOTO NEXT_APPLICATION | 575 | $ GOTO NEXT_APPLICATION |
| @@ -912,75 +775,10 @@ $ ENDIF | |||
| 912 | $! | 775 | $! |
| 913 | $! Check To See If P2 Is Blank. | 776 | $! Check To See If P2 Is Blank. |
| 914 | $! | 777 | $! |
| 915 | $ P2 = "NORSAREF" | 778 | $ IF (P2.EQS."NODEBUG") |
| 916 | $ IF (P2.EQS."NORSAREF") | ||
| 917 | $ THEN | 779 | $ THEN |
| 918 | $! | 780 | $! |
| 919 | $! P2 Is NORSAREF, So Compile With The Regular RSA Libraries. | 781 | $! P2 Is NODEBUG, So Compile Without The Debugger Information. |
| 920 | $! | ||
| 921 | $ RSAREF = "FALSE" | ||
| 922 | $ ELSE | ||
| 923 | $! | ||
| 924 | $! Check To See If We Are To Use The RSAREF Library. | ||
| 925 | $! | ||
| 926 | $ IF (P2.EQS."RSAREF") | ||
| 927 | $ THEN | ||
| 928 | $! | ||
| 929 | $! Check To Make Sure We Have The RSAREF Source Code Directory. | ||
| 930 | $! | ||
| 931 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."") | ||
| 932 | $ THEN | ||
| 933 | $! | ||
| 934 | $! We Don't Have The RSAREF Souce Code Directory, So Tell The | ||
| 935 | $! User This. | ||
| 936 | $! | ||
| 937 | $ WRITE SYS$OUTPUT "" | ||
| 938 | $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." | ||
| 939 | $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" | ||
| 940 | $ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file doesn't have the" | ||
| 941 | $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" | ||
| 942 | $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" | ||
| 943 | $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." | ||
| 944 | $ WRITE SYS$OUTPUT "" | ||
| 945 | $! | ||
| 946 | $! Time To Exit. | ||
| 947 | $! | ||
| 948 | $ EXIT | ||
| 949 | $! | ||
| 950 | $! Else, Compile Using The RSAREF Library. | ||
| 951 | $! | ||
| 952 | $ ELSE | ||
| 953 | $ RSAREF = "TRUE" | ||
| 954 | $ ENDIF | ||
| 955 | $ ELSE | ||
| 956 | $! | ||
| 957 | $! They Entered An Invalid Option.. | ||
| 958 | $! | ||
| 959 | $ WRITE SYS$OUTPUT "" | ||
| 960 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | ||
| 961 | $ WRITE SYS$OUTPUT "" | ||
| 962 | $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." | ||
| 963 | $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." | ||
| 964 | $ WRITE SYS$OUTPUT "" | ||
| 965 | $! | ||
| 966 | $! Time To EXIT. | ||
| 967 | $! | ||
| 968 | $ EXIT | ||
| 969 | $! | ||
| 970 | $! End The Valid Arguement Check. | ||
| 971 | $! | ||
| 972 | $ ENDIF | ||
| 973 | $! | ||
| 974 | $! End The P2 Check. | ||
| 975 | $! | ||
| 976 | $ ENDIF | ||
| 977 | $! | ||
| 978 | $! Check To See If P3 Is Blank. | ||
| 979 | $! | ||
| 980 | $ IF (P3.EQS."NODEBUG") | ||
| 981 | $ THEN | ||
| 982 | $! | ||
| 983 | $! P3 Is NODEBUG, So Compile Without The Debugger Information. | ||
| 984 | $! | 782 | $! |
| 985 | $ DEBUGGER = "NODEBUG" | 783 | $ DEBUGGER = "NODEBUG" |
| 986 | $ TRACEBACK = "NOTRACEBACK" | 784 | $ TRACEBACK = "NOTRACEBACK" |
| @@ -993,7 +791,7 @@ $ ELSE | |||
| 993 | $! | 791 | $! |
| 994 | $! Check To See If We Are To Compile With Debugger Information. | 792 | $! Check To See If We Are To Compile With Debugger Information. |
| 995 | $! | 793 | $! |
| 996 | $ IF (P3.EQS."DEBUG") | 794 | $ IF (P2.EQS."DEBUG") |
| 997 | $ THEN | 795 | $ THEN |
| 998 | $! | 796 | $! |
| 999 | $! Compile With Debugger Information. | 797 | $! Compile With Debugger Information. |
| @@ -1010,7 +808,7 @@ $! | |||
| 1010 | $! They Entered An Invalid Option.. | 808 | $! They Entered An Invalid Option.. |
| 1011 | $! | 809 | $! |
| 1012 | $ WRITE SYS$OUTPUT "" | 810 | $ WRITE SYS$OUTPUT "" |
| 1013 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | 811 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" |
| 1014 | $ WRITE SYS$OUTPUT "" | 812 | $ WRITE SYS$OUTPUT "" |
| 1015 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | 813 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." |
| 1016 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | 814 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." |
| @@ -1024,7 +822,7 @@ $! End The Valid Arguement Check. | |||
| 1024 | $! | 822 | $! |
| 1025 | $ ENDIF | 823 | $ ENDIF |
| 1026 | $! | 824 | $! |
| 1027 | $! End The P3 Check. | 825 | $! End The P2 Check. |
| 1028 | $! | 826 | $! |
| 1029 | $ ENDIF | 827 | $ ENDIF |
| 1030 | $! | 828 | $! |
| @@ -1034,9 +832,9 @@ $! Written By: Richard Levitte | |||
| 1034 | $! richard@levitte.org | 832 | $! richard@levitte.org |
| 1035 | $! | 833 | $! |
| 1036 | $! | 834 | $! |
| 1037 | $! Check To See If We Have A Option For P6. | 835 | $! Check To See If We Have A Option For P5. |
| 1038 | $! | 836 | $! |
| 1039 | $ IF (P6.EQS."") | 837 | $ IF (P5.EQS."") |
| 1040 | $ THEN | 838 | $ THEN |
| 1041 | $! | 839 | $! |
| 1042 | $! Get The Version Of VMS We Are Using. | 840 | $! Get The Version Of VMS We Are Using. |
| @@ -1058,13 +856,13 @@ $! End The VMS Version Check. | |||
| 1058 | $! | 856 | $! |
| 1059 | $ ENDIF | 857 | $ ENDIF |
| 1060 | $! | 858 | $! |
| 1061 | $! End The P6 Check. | 859 | $! End The P5 Check. |
| 1062 | $! | 860 | $! |
| 1063 | $ ENDIF | 861 | $ ENDIF |
| 1064 | $! | 862 | $! |
| 1065 | $! Check To See If P4 Is Blank. | 863 | $! Check To See If P3 Is Blank. |
| 1066 | $! | 864 | $! |
| 1067 | $ IF (P4.EQS."") | 865 | $ IF (P3.EQS."") |
| 1068 | $ THEN | 866 | $ THEN |
| 1069 | $! | 867 | $! |
| 1070 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | 868 | $! O.K., The User Didn't Specify A Compiler, Let's Try To |
| @@ -1077,7 +875,7 @@ $ THEN | |||
| 1077 | $! | 875 | $! |
| 1078 | $! Looks Like GNUC, Set To Use GNUC. | 876 | $! Looks Like GNUC, Set To Use GNUC. |
| 1079 | $! | 877 | $! |
| 1080 | $ P4 = "GNUC" | 878 | $ P3 = "GNUC" |
| 1081 | $! | 879 | $! |
| 1082 | $! Else... | 880 | $! Else... |
| 1083 | $! | 881 | $! |
| @@ -1090,7 +888,7 @@ $ THEN | |||
| 1090 | $! | 888 | $! |
| 1091 | $! Looks Like DECC, Set To Use DECC. | 889 | $! Looks Like DECC, Set To Use DECC. |
| 1092 | $! | 890 | $! |
| 1093 | $ P4 = "DECC" | 891 | $ P3 = "DECC" |
| 1094 | $! | 892 | $! |
| 1095 | $! Else... | 893 | $! Else... |
| 1096 | $! | 894 | $! |
| @@ -1098,7 +896,7 @@ $ ELSE | |||
| 1098 | $! | 896 | $! |
| 1099 | $! Looks Like VAXC, Set To Use VAXC. | 897 | $! Looks Like VAXC, Set To Use VAXC. |
| 1100 | $! | 898 | $! |
| 1101 | $ P4 = "VAXC" | 899 | $ P3 = "VAXC" |
| 1102 | $! | 900 | $! |
| 1103 | $! End The VAXC Compiler Check. | 901 | $! End The VAXC Compiler Check. |
| 1104 | $! | 902 | $! |
| @@ -1112,9 +910,9 @@ $! End The Compiler Check. | |||
| 1112 | $! | 910 | $! |
| 1113 | $ ENDIF | 911 | $ ENDIF |
| 1114 | $! | 912 | $! |
| 1115 | $! Check To See If We Have A Option For P5. | 913 | $! Check To See If We Have A Option For P4. |
| 1116 | $! | 914 | $! |
| 1117 | $ IF (P5.EQS."") | 915 | $ IF (P4.EQS."") |
| 1118 | $ THEN | 916 | $ THEN |
| 1119 | $! | 917 | $! |
| 1120 | $! Find out what socket library we have available | 918 | $! Find out what socket library we have available |
| @@ -1124,7 +922,7 @@ $ THEN | |||
| 1124 | $! | 922 | $! |
| 1125 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | 923 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. |
| 1126 | $! | 924 | $! |
| 1127 | $ P5 = "SOCKETSHR" | 925 | $ P4 = "SOCKETSHR" |
| 1128 | $! | 926 | $! |
| 1129 | $! Tell the user | 927 | $! Tell the user |
| 1130 | $! | 928 | $! |
| @@ -1144,7 +942,7 @@ $ THEN | |||
| 1144 | $! | 942 | $! |
| 1145 | $! Last resort: a UCX or UCX-compatible library | 943 | $! Last resort: a UCX or UCX-compatible library |
| 1146 | $! | 944 | $! |
| 1147 | $ P5 = "UCX" | 945 | $ P4 = "UCX" |
| 1148 | $! | 946 | $! |
| 1149 | $! Tell the user | 947 | $! Tell the user |
| 1150 | $! | 948 | $! |
| @@ -1158,7 +956,7 @@ $ ENDIF | |||
| 1158 | $! | 956 | $! |
| 1159 | $! Set Up Initial CC Definitions, Possibly With User Ones | 957 | $! Set Up Initial CC Definitions, Possibly With User Ones |
| 1160 | $! | 958 | $! |
| 1161 | $ CCDEFS = "TCPIP_TYPE_''P5',DSO_VMS" | 959 | $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" |
| 1162 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | 960 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS |
| 1163 | $ CCEXTRAFLAGS = "" | 961 | $ CCEXTRAFLAGS = "" |
| 1164 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | 962 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS |
| @@ -1168,12 +966,12 @@ $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | |||
| 1168 | $! | 966 | $! |
| 1169 | $! Check To See If The User Entered A Valid Paramter. | 967 | $! Check To See If The User Entered A Valid Paramter. |
| 1170 | $! | 968 | $! |
| 1171 | $ IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC") | 969 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") |
| 1172 | $ THEN | 970 | $ THEN |
| 1173 | $! | 971 | $! |
| 1174 | $! Check To See If The User Wanted DECC. | 972 | $! Check To See If The User Wanted DECC. |
| 1175 | $! | 973 | $! |
| 1176 | $ IF (P4.EQS."DECC") | 974 | $ IF (P3.EQS."DECC") |
| 1177 | $ THEN | 975 | $ THEN |
| 1178 | $! | 976 | $! |
| 1179 | $! Looks Like DECC, Set To Use DECC. | 977 | $! Looks Like DECC, Set To Use DECC. |
| @@ -1204,7 +1002,7 @@ $ ENDIF | |||
| 1204 | $! | 1002 | $! |
| 1205 | $! Check To See If We Are To Use VAXC. | 1003 | $! Check To See If We Are To Use VAXC. |
| 1206 | $! | 1004 | $! |
| 1207 | $ IF (P4.EQS."VAXC") | 1005 | $ IF (P3.EQS."VAXC") |
| 1208 | $ THEN | 1006 | $ THEN |
| 1209 | $! | 1007 | $! |
| 1210 | $! Looks Like VAXC, Set To Use VAXC. | 1008 | $! Looks Like VAXC, Set To Use VAXC. |
| @@ -1243,7 +1041,7 @@ $ ENDIF | |||
| 1243 | $! | 1041 | $! |
| 1244 | $! Check To See If We Are To Use GNU C. | 1042 | $! Check To See If We Are To Use GNU C. |
| 1245 | $! | 1043 | $! |
| 1246 | $ IF (P4.EQS."GNUC") | 1044 | $ IF (P3.EQS."GNUC") |
| 1247 | $ THEN | 1045 | $ THEN |
| 1248 | $! | 1046 | $! |
| 1249 | $! Looks Like GNUC, Set To Use GNUC. | 1047 | $! Looks Like GNUC, Set To Use GNUC. |
| @@ -1272,31 +1070,6 @@ $! Set up default defines | |||
| 1272 | $! | 1070 | $! |
| 1273 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | 1071 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS |
| 1274 | $! | 1072 | $! |
| 1275 | $! Check To See If We Are To Compile With RSAREF Routines. | ||
| 1276 | $! | ||
| 1277 | $ IF (RSAREF.EQS."TRUE") | ||
| 1278 | $ THEN | ||
| 1279 | $! | ||
| 1280 | $! Compile With RSAREF. | ||
| 1281 | $! | ||
| 1282 | $ CCDEFS = CCDEFS + ",""RSAref=1""" | ||
| 1283 | $! | ||
| 1284 | $! Tell The User This. | ||
| 1285 | $! | ||
| 1286 | $ WRITE SYS$OUTPUT "Compiling With RSAREF Routines." | ||
| 1287 | $! | ||
| 1288 | $! Else, We Don't Care. Compile Without The RSAREF Library. | ||
| 1289 | $! | ||
| 1290 | $ ELSE | ||
| 1291 | $! | ||
| 1292 | $! Tell The User We Are Compile Without The RSAREF Routines. | ||
| 1293 | $! | ||
| 1294 | $ WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines. | ||
| 1295 | $! | ||
| 1296 | $! End The RSAREF Check. | ||
| 1297 | $! | ||
| 1298 | $ ENDIF | ||
| 1299 | $! | ||
| 1300 | $! Finish up the definition of CC. | 1073 | $! Finish up the definition of CC. |
| 1301 | $! | 1074 | $! |
| 1302 | $ IF COMPILER .EQS. "DECC" | 1075 | $ IF COMPILER .EQS. "DECC" |
| @@ -1315,7 +1088,7 @@ $ CC4DISABLEWARNINGS = "" | |||
| 1315 | $ ENDIF | 1088 | $ ENDIF |
| 1316 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS | 1089 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS |
| 1317 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS | 1090 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS |
| 1318 | $ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P3 .NES. "DEBUG" | 1091 | $ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG" |
| 1319 | $ THEN | 1092 | $ THEN |
| 1320 | $ CC5 = CC + "/OPTIMIZE=NODISJOINT" | 1093 | $ CC5 = CC + "/OPTIMIZE=NODISJOINT" |
| 1321 | $ ELSE | 1094 | $ ELSE |
| @@ -1334,7 +1107,7 @@ $! | |||
| 1334 | $! Tell The User We Don't Know What They Want. | 1107 | $! Tell The User We Don't Know What They Want. |
| 1335 | $! | 1108 | $! |
| 1336 | $ WRITE SYS$OUTPUT "" | 1109 | $ WRITE SYS$OUTPUT "" |
| 1337 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | 1110 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" |
| 1338 | $ WRITE SYS$OUTPUT "" | 1111 | $ WRITE SYS$OUTPUT "" |
| 1339 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | 1112 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." |
| 1340 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | 1113 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." |
| @@ -1360,13 +1133,13 @@ $ WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO | |||
| 1360 | $! | 1133 | $! |
| 1361 | $! Time to check the contents, and to make sure we get the correct library. | 1134 | $! Time to check the contents, and to make sure we get the correct library. |
| 1362 | $! | 1135 | $! |
| 1363 | $ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" - | 1136 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - |
| 1364 | .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE" | 1137 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" |
| 1365 | $ THEN | 1138 | $ THEN |
| 1366 | $! | 1139 | $! |
| 1367 | $! Check to see if SOCKETSHR was chosen | 1140 | $! Check to see if SOCKETSHR was chosen |
| 1368 | $! | 1141 | $! |
| 1369 | $ IF P5.EQS."SOCKETSHR" | 1142 | $ IF P4.EQS."SOCKETSHR" |
| 1370 | $ THEN | 1143 | $ THEN |
| 1371 | $! | 1144 | $! |
| 1372 | $! Set the library to use SOCKETSHR | 1145 | $! Set the library to use SOCKETSHR |
| @@ -1379,12 +1152,12 @@ $ ENDIF | |||
| 1379 | $! | 1152 | $! |
| 1380 | $! Check to see if MULTINET was chosen | 1153 | $! Check to see if MULTINET was chosen |
| 1381 | $! | 1154 | $! |
| 1382 | $ IF P5.EQS."MULTINET" | 1155 | $ IF P4.EQS."MULTINET" |
| 1383 | $ THEN | 1156 | $ THEN |
| 1384 | $! | 1157 | $! |
| 1385 | $! Set the library to use UCX emulation. | 1158 | $! Set the library to use UCX emulation. |
| 1386 | $! | 1159 | $! |
| 1387 | $ P5 = "UCX" | 1160 | $ P4 = "UCX" |
| 1388 | $! | 1161 | $! |
| 1389 | $! Done with MULTINET | 1162 | $! Done with MULTINET |
| 1390 | $! | 1163 | $! |
| @@ -1392,7 +1165,7 @@ $ ENDIF | |||
| 1392 | $! | 1165 | $! |
| 1393 | $! Check to see if UCX was chosen | 1166 | $! Check to see if UCX was chosen |
| 1394 | $! | 1167 | $! |
| 1395 | $ IF P5.EQS."UCX" | 1168 | $ IF P4.EQS."UCX" |
| 1396 | $ THEN | 1169 | $ THEN |
| 1397 | $! | 1170 | $! |
| 1398 | $! Set the library to use UCX. | 1171 | $! Set the library to use UCX. |
| @@ -1412,7 +1185,7 @@ $ ENDIF | |||
| 1412 | $! | 1185 | $! |
| 1413 | $! Check to see if TCPIP was chosen | 1186 | $! Check to see if TCPIP was chosen |
| 1414 | $! | 1187 | $! |
| 1415 | $ IF P5.EQS."TCPIP" | 1188 | $ IF P4.EQS."TCPIP" |
| 1416 | $ THEN | 1189 | $ THEN |
| 1417 | $! | 1190 | $! |
| 1418 | $! Set the library to use TCPIP (post UCX). | 1191 | $! Set the library to use TCPIP (post UCX). |
| @@ -1425,7 +1198,7 @@ $ ENDIF | |||
| 1425 | $! | 1198 | $! |
| 1426 | $! Check to see if NONE was chosen | 1199 | $! Check to see if NONE was chosen |
| 1427 | $! | 1200 | $! |
| 1428 | $ IF P5.EQS."NONE" | 1201 | $ IF P4.EQS."NONE" |
| 1429 | $ THEN | 1202 | $ THEN |
| 1430 | $! | 1203 | $! |
| 1431 | $! Do not use a TCPIP library. | 1204 | $! Do not use a TCPIP library. |
| @@ -1447,7 +1220,7 @@ $! | |||
| 1447 | $! Tell The User We Don't Know What They Want. | 1220 | $! Tell The User We Don't Know What They Want. |
| 1448 | $! | 1221 | $! |
| 1449 | $ WRITE SYS$OUTPUT "" | 1222 | $ WRITE SYS$OUTPUT "" |
| 1450 | $ WRITE SYS$OUTPUT "The Option ",P5," Is Invalid. The Valid Options Are:" | 1223 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" |
| 1451 | $ WRITE SYS$OUTPUT "" | 1224 | $ WRITE SYS$OUTPUT "" |
| 1452 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | 1225 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." |
| 1453 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | 1226 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." |
| @@ -1465,10 +1238,9 @@ $! | |||
| 1465 | $! Check if the user wanted to compile just a subset of all the encryption | 1238 | $! Check if the user wanted to compile just a subset of all the encryption |
| 1466 | $! methods. | 1239 | $! methods. |
| 1467 | $! | 1240 | $! |
| 1468 | $ IF P7 .NES. "" | 1241 | $ IF P6 .NES. "" |
| 1469 | $ THEN | 1242 | $ THEN |
| 1470 | $ ENCRYPT_TYPES = P7 | 1243 | $ ENCRYPT_TYPES = P6 |
| 1471 | $! NYI: ENCRYPT_PROGRAMS = P7 | ||
| 1472 | $ ENDIF | 1244 | $ ENDIF |
| 1473 | $! | 1245 | $! |
| 1474 | $! Time To RETURN... | 1246 | $! Time To RETURN... |
diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h index fc6ff860af..273bc5e3f8 100644 --- a/src/lib/libssl/src/crypto/crypto.h +++ b/src/lib/libssl/src/crypto/crypto.h | |||
| @@ -96,37 +96,39 @@ extern "C" { | |||
| 96 | * names in cryptlib.c | 96 | * names in cryptlib.c |
| 97 | */ | 97 | */ |
| 98 | 98 | ||
| 99 | #define CRYPTO_LOCK_ERR 1 | 99 | #define CRYPTO_LOCK_ERR 1 |
| 100 | #define CRYPTO_LOCK_EX_DATA 2 | 100 | #define CRYPTO_LOCK_EX_DATA 2 |
| 101 | #define CRYPTO_LOCK_X509 3 | 101 | #define CRYPTO_LOCK_X509 3 |
| 102 | #define CRYPTO_LOCK_X509_INFO 4 | 102 | #define CRYPTO_LOCK_X509_INFO 4 |
| 103 | #define CRYPTO_LOCK_X509_PKEY 5 | 103 | #define CRYPTO_LOCK_X509_PKEY 5 |
| 104 | #define CRYPTO_LOCK_X509_CRL 6 | 104 | #define CRYPTO_LOCK_X509_CRL 6 |
| 105 | #define CRYPTO_LOCK_X509_REQ 7 | 105 | #define CRYPTO_LOCK_X509_REQ 7 |
| 106 | #define CRYPTO_LOCK_DSA 8 | 106 | #define CRYPTO_LOCK_DSA 8 |
| 107 | #define CRYPTO_LOCK_RSA 9 | 107 | #define CRYPTO_LOCK_RSA 9 |
| 108 | #define CRYPTO_LOCK_EVP_PKEY 10 | 108 | #define CRYPTO_LOCK_EVP_PKEY 10 |
| 109 | #define CRYPTO_LOCK_X509_STORE 11 | 109 | #define CRYPTO_LOCK_X509_STORE 11 |
| 110 | #define CRYPTO_LOCK_SSL_CTX 12 | 110 | #define CRYPTO_LOCK_SSL_CTX 12 |
| 111 | #define CRYPTO_LOCK_SSL_CERT 13 | 111 | #define CRYPTO_LOCK_SSL_CERT 13 |
| 112 | #define CRYPTO_LOCK_SSL_SESSION 14 | 112 | #define CRYPTO_LOCK_SSL_SESSION 14 |
| 113 | #define CRYPTO_LOCK_SSL_SESS_CERT 15 | 113 | #define CRYPTO_LOCK_SSL_SESS_CERT 15 |
| 114 | #define CRYPTO_LOCK_SSL 16 | 114 | #define CRYPTO_LOCK_SSL 16 |
| 115 | #define CRYPTO_LOCK_RAND 17 | 115 | #define CRYPTO_LOCK_SSL_METHOD 17 |
| 116 | #define CRYPTO_LOCK_RAND2 18 | 116 | #define CRYPTO_LOCK_RAND 18 |
| 117 | #define CRYPTO_LOCK_MALLOC 19 | 117 | #define CRYPTO_LOCK_RAND2 19 |
| 118 | #define CRYPTO_LOCK_BIO 20 | 118 | #define CRYPTO_LOCK_MALLOC 20 |
| 119 | #define CRYPTO_LOCK_GETHOSTBYNAME 21 | 119 | #define CRYPTO_LOCK_BIO 21 |
| 120 | #define CRYPTO_LOCK_GETSERVBYNAME 22 | 120 | #define CRYPTO_LOCK_GETHOSTBYNAME 22 |
| 121 | #define CRYPTO_LOCK_READDIR 23 | 121 | #define CRYPTO_LOCK_GETSERVBYNAME 23 |
| 122 | #define CRYPTO_LOCK_RSA_BLINDING 24 | 122 | #define CRYPTO_LOCK_READDIR 24 |
| 123 | #define CRYPTO_LOCK_DH 25 | 123 | #define CRYPTO_LOCK_RSA_BLINDING 25 |
| 124 | #define CRYPTO_LOCK_MALLOC2 26 | 124 | #define CRYPTO_LOCK_DH 26 |
| 125 | #define CRYPTO_LOCK_DSO 27 | 125 | #define CRYPTO_LOCK_MALLOC2 27 |
| 126 | #define CRYPTO_LOCK_DYNLOCK 28 | 126 | #define CRYPTO_LOCK_DSO 28 |
| 127 | #define CRYPTO_LOCK_ENGINE 29 | 127 | #define CRYPTO_LOCK_DYNLOCK 29 |
| 128 | #define CRYPTO_LOCK_UI 30 | 128 | #define CRYPTO_LOCK_ENGINE 30 |
| 129 | #define CRYPTO_NUM_LOCKS 31 | 129 | #define CRYPTO_LOCK_UI 31 |
| 130 | #define CRYPTO_LOCK_HWCRHK 32 /* This is a HACK which will disappear in 0.9.8 */ | ||
| 131 | #define CRYPTO_NUM_LOCKS 33 | ||
| 130 | 132 | ||
| 131 | #define CRYPTO_LOCK 1 | 133 | #define CRYPTO_LOCK 1 |
| 132 | #define CRYPTO_UNLOCK 2 | 134 | #define CRYPTO_UNLOCK 2 |
| @@ -148,7 +150,7 @@ extern "C" { | |||
| 148 | #endif | 150 | #endif |
| 149 | #else | 151 | #else |
| 150 | #define CRYPTO_w_lock(a) | 152 | #define CRYPTO_w_lock(a) |
| 151 | #define CRYPTO_w_unlock(a) | 153 | #define CRYPTO_w_unlock(a) |
| 152 | #define CRYPTO_r_lock(a) | 154 | #define CRYPTO_r_lock(a) |
| 153 | #define CRYPTO_r_unlock(a) | 155 | #define CRYPTO_r_unlock(a) |
| 154 | #define CRYPTO_add(a,b,c) ((*(a))+=(b)) | 156 | #define CRYPTO_add(a,b,c) ((*(a))+=(b)) |
| @@ -278,6 +280,8 @@ int CRYPTO_is_mem_check_on(void); | |||
| 278 | #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) | 280 | #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) |
| 279 | #define OPENSSL_realloc(addr,num) \ | 281 | #define OPENSSL_realloc(addr,num) \ |
| 280 | CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) | 282 | CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) |
| 283 | #define OPENSSL_realloc_clean(addr,old_num,num) \ | ||
| 284 | CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) | ||
| 281 | #define OPENSSL_remalloc(addr,num) \ | 285 | #define OPENSSL_remalloc(addr,num) \ |
| 282 | CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) | 286 | CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) |
| 283 | #define OPENSSL_freeFunc CRYPTO_free | 287 | #define OPENSSL_freeFunc CRYPTO_free |
| @@ -380,8 +384,12 @@ void CRYPTO_free_locked(void *); | |||
| 380 | void *CRYPTO_malloc(int num, const char *file, int line); | 384 | void *CRYPTO_malloc(int num, const char *file, int line); |
| 381 | void CRYPTO_free(void *); | 385 | void CRYPTO_free(void *); |
| 382 | void *CRYPTO_realloc(void *addr,int num, const char *file, int line); | 386 | void *CRYPTO_realloc(void *addr,int num, const char *file, int line); |
| 387 | void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, | ||
| 388 | int line); | ||
| 383 | void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); | 389 | void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); |
| 384 | 390 | ||
| 391 | void OPENSSL_cleanse(void *ptr, size_t len); | ||
| 392 | |||
| 385 | void CRYPTO_set_mem_debug_options(long bits); | 393 | void CRYPTO_set_mem_debug_options(long bits); |
| 386 | long CRYPTO_get_mem_debug_options(void); | 394 | long CRYPTO_get_mem_debug_options(void); |
| 387 | 395 | ||
| @@ -422,6 +430,9 @@ void CRYPTO_mem_leaks(struct bio_st *bio); | |||
| 422 | typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *); | 430 | typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *); |
| 423 | void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); | 431 | void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); |
| 424 | 432 | ||
| 433 | /* die if we have to */ | ||
| 434 | void OpenSSLDie(const char *file,int line,const char *assertion); | ||
| 435 | #define OPENSSL_assert(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) | ||
| 425 | 436 | ||
| 426 | /* BEGIN ERROR CODES */ | 437 | /* BEGIN ERROR CODES */ |
| 427 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 438 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
diff --git a/src/lib/libssl/src/crypto/des/Makefile.ssl b/src/lib/libssl/src/crypto/des/Makefile.ssl index 826ffcc58c..45eba0b3c9 100644 --- a/src/lib/libssl/src/crypto/des/Makefile.ssl +++ b/src/lib/libssl/src/crypto/des/Makefile.ssl | |||
| @@ -66,22 +66,11 @@ des: des.o cbc3_enc.o lib | |||
| 66 | $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) | 66 | $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) |
| 67 | 67 | ||
| 68 | # elf | 68 | # elf |
| 69 | asm/dx86-elf.o: asm/dx86unix.cpp | 69 | asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 70 | $(CPP) -DELF -x c asm/dx86unix.cpp | as -o asm/dx86-elf.o | 70 | (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s) |
| 71 | 71 | ||
| 72 | asm/yx86-elf.o: asm/yx86unix.cpp | 72 | asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 73 | $(CPP) -DELF -x c asm/yx86unix.cpp | as -o asm/yx86-elf.o | 73 | (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s) |
| 74 | |||
| 75 | # solaris | ||
| 76 | asm/dx86-sol.o: asm/dx86unix.cpp | ||
| 77 | $(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s | ||
| 78 | as -o asm/dx86-sol.o asm/dx86-sol.s | ||
| 79 | rm -f asm/dx86-sol.s | ||
| 80 | |||
| 81 | asm/yx86-sol.o: asm/yx86unix.cpp | ||
| 82 | $(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s | ||
| 83 | as -o asm/yx86-sol.o asm/yx86-sol.s | ||
| 84 | rm -f asm/yx86-sol.s | ||
| 85 | 74 | ||
| 86 | # a.out | 75 | # a.out |
| 87 | asm/dx86-out.o: asm/dx86unix.cpp | 76 | asm/dx86-out.o: asm/dx86unix.cpp |
| @@ -130,14 +119,14 @@ lint: | |||
| 130 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 119 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 131 | 120 | ||
| 132 | depend: | 121 | depend: |
| 133 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 122 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 134 | 123 | ||
| 135 | dclean: | 124 | dclean: |
| 136 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 125 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 137 | mv -f Makefile.new $(MAKEFILE) | 126 | mv -f Makefile.new $(MAKEFILE) |
| 138 | 127 | ||
| 139 | clean: | 128 | clean: |
| 140 | rm -f asm/dx86unix.cpp asm/yx86unix.cpp *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff | 129 | rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff |
| 141 | 130 | ||
| 142 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 131 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 143 | 132 | ||
diff --git a/src/lib/libssl/src/crypto/des/asm/crypt586.pl b/src/lib/libssl/src/crypto/des/asm/crypt586.pl index 3d41d82f69..1d04ed6def 100644 --- a/src/lib/libssl/src/crypto/des/asm/crypt586.pl +++ b/src/lib/libssl/src/crypto/des/asm/crypt586.pl | |||
| @@ -26,11 +26,18 @@ sub fcrypt_body | |||
| 26 | 26 | ||
| 27 | &comment(""); | 27 | &comment(""); |
| 28 | &comment("Load the 2 words"); | 28 | &comment("Load the 2 words"); |
| 29 | $ks="ebp"; | 29 | $trans="ebp"; |
| 30 | 30 | ||
| 31 | &xor( $L, $L); | 31 | &xor( $L, $L); |
| 32 | &xor( $R, $R); | 32 | &xor( $R, $R); |
| 33 | &mov($ks,&wparam(1)); | 33 | |
| 34 | # PIC-ification:-) | ||
| 35 | &picmeup("edx","DES_SPtrans"); | ||
| 36 | #if ($cpp) { &picmeup("edx","DES_SPtrans"); } | ||
| 37 | #else { &lea("edx",&DWP("DES_SPtrans")); } | ||
| 38 | &push("edx"); # becomes &swtmp(1) | ||
| 39 | # | ||
| 40 | &mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT | ||
| 34 | 41 | ||
| 35 | &push(&DWC(25)); # add a variable | 42 | &push(&DWC(25)); # add a variable |
| 36 | 43 | ||
| @@ -39,11 +46,11 @@ sub fcrypt_body | |||
| 39 | { | 46 | { |
| 40 | &comment(""); | 47 | &comment(""); |
| 41 | &comment("Round $i"); | 48 | &comment("Round $i"); |
| 42 | &D_ENCRYPT($i,$L,$R,$i*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 49 | &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); |
| 43 | 50 | ||
| 44 | &comment(""); | 51 | &comment(""); |
| 45 | &comment("Round ".sprintf("%d",$i+1)); | 52 | &comment("Round ".sprintf("%d",$i+1)); |
| 46 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 53 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); |
| 47 | } | 54 | } |
| 48 | &mov("ebx", &swtmp(0)); | 55 | &mov("ebx", &swtmp(0)); |
| 49 | &mov("eax", $L); | 56 | &mov("eax", $L); |
| @@ -61,14 +68,14 @@ sub fcrypt_body | |||
| 61 | &mov(&DWP(0,"edx","",0),"eax"); | 68 | &mov(&DWP(0,"edx","",0),"eax"); |
| 62 | &mov(&DWP(4,"edx","",0),$L); | 69 | &mov(&DWP(4,"edx","",0),$L); |
| 63 | 70 | ||
| 64 | &pop("ecx"); # remove variable | 71 | &add("esp",8); # remove variables |
| 65 | 72 | ||
| 66 | &function_end($name); | 73 | &function_end($name); |
| 67 | } | 74 | } |
| 68 | 75 | ||
| 69 | sub D_ENCRYPT | 76 | sub D_ENCRYPT |
| 70 | { | 77 | { |
| 71 | local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; | 78 | local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; |
| 72 | 79 | ||
| 73 | &mov( $u, &wparam(2)); # 2 | 80 | &mov( $u, &wparam(2)); # 2 |
| 74 | &mov( $t, $R); | 81 | &mov( $t, $R); |
| @@ -85,9 +92,9 @@ sub D_ENCRYPT | |||
| 85 | &shl( $tmp2, 16); # 1 | 92 | &shl( $tmp2, 16); # 1 |
| 86 | &xor( $u, $tmp1); # 2 | 93 | &xor( $u, $tmp1); # 2 |
| 87 | &xor( $t, $tmp2); # 2 | 94 | &xor( $t, $tmp2); # 2 |
| 88 | &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2 | 95 | &mov( $tmp1, &DWP(&n2a($S*4),$trans,"",0)); # 2 |
| 89 | &xor( $u, $tmp1); | 96 | &xor( $u, $tmp1); |
| 90 | &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2 | 97 | &mov( $tmp2, &DWP(&n2a(($S+1)*4),$trans,"",0)); # 2 |
| 91 | &xor( $u, $R); | 98 | &xor( $u, $R); |
| 92 | &xor( $t, $R); | 99 | &xor( $t, $R); |
| 93 | &xor( $t, $tmp2); | 100 | &xor( $t, $tmp2); |
| @@ -99,31 +106,28 @@ sub D_ENCRYPT | |||
| 99 | &movb( &LB($tmp1), &LB($u) ); | 106 | &movb( &LB($tmp1), &LB($u) ); |
| 100 | &movb( &LB($tmp2), &HB($u) ); | 107 | &movb( &LB($tmp2), &HB($u) ); |
| 101 | &rotr( $t, 4 ); | 108 | &rotr( $t, 4 ); |
| 102 | &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); | 109 | &mov( $trans, &swtmp(1)); |
| 110 | &xor( $L, &DWP(" ",$trans,$tmp1,0)); | ||
| 103 | &movb( &LB($tmp1), &LB($t) ); | 111 | &movb( &LB($tmp1), &LB($t) ); |
| 104 | &xor( $L, $ks); | 112 | &xor( $L, &DWP("0x200",$trans,$tmp2,0)); |
| 105 | &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); | ||
| 106 | &xor( $L, $ks); | ||
| 107 | &movb( &LB($tmp2), &HB($t) ); | 113 | &movb( &LB($tmp2), &HB($t) ); |
| 108 | &shr( $u, 16); | 114 | &shr( $u, 16); |
| 109 | &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); | 115 | &xor( $L, &DWP("0x100",$trans,$tmp1,0)); |
| 110 | &xor( $L, $ks); | ||
| 111 | &movb( &LB($tmp1), &HB($u) ); | 116 | &movb( &LB($tmp1), &HB($u) ); |
| 112 | &shr( $t, 16); | 117 | &shr( $t, 16); |
| 113 | &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); | 118 | &xor( $L, &DWP("0x300",$trans,$tmp2,0)); |
| 114 | &xor( $L, $ks); | ||
| 115 | &mov( $ks, &wparam(1)); | ||
| 116 | &movb( &LB($tmp2), &HB($t) ); | 119 | &movb( &LB($tmp2), &HB($t) ); |
| 117 | &and( $u, "0xff" ); | 120 | &and( $u, "0xff" ); |
| 118 | &and( $t, "0xff" ); | 121 | &and( $t, "0xff" ); |
| 119 | &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); | 122 | &mov( $tmp1, &DWP("0x600",$trans,$tmp1,0)); |
| 120 | &xor( $L, $tmp1); | 123 | &xor( $L, $tmp1); |
| 121 | &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); | 124 | &mov( $tmp1, &DWP("0x700",$trans,$tmp2,0)); |
| 122 | &xor( $L, $tmp1); | 125 | &xor( $L, $tmp1); |
| 123 | &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); | 126 | &mov( $tmp1, &DWP("0x400",$trans,$u,0)); |
| 124 | &xor( $L, $tmp1); | 127 | &xor( $L, $tmp1); |
| 125 | &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); | 128 | &mov( $tmp1, &DWP("0x500",$trans,$t,0)); |
| 126 | &xor( $L, $tmp1); | 129 | &xor( $L, $tmp1); |
| 130 | &mov( $trans, &wparam(1)); | ||
| 127 | } | 131 | } |
| 128 | 132 | ||
| 129 | sub n2a | 133 | sub n2a |
diff --git a/src/lib/libssl/src/crypto/des/asm/des-586.pl b/src/lib/libssl/src/crypto/des/asm/des-586.pl index 0d08e8a3a9..b75d3c6b3a 100644 --- a/src/lib/libssl/src/crypto/des/asm/des-586.pl +++ b/src/lib/libssl/src/crypto/des/asm/des-586.pl | |||
| @@ -40,7 +40,7 @@ sub DES_encrypt | |||
| 40 | 40 | ||
| 41 | &comment(""); | 41 | &comment(""); |
| 42 | &comment("Load the 2 words"); | 42 | &comment("Load the 2 words"); |
| 43 | $ks="ebp"; | 43 | $trans="ebp"; |
| 44 | 44 | ||
| 45 | if ($do_ip) | 45 | if ($do_ip) |
| 46 | { | 46 | { |
| @@ -72,7 +72,12 @@ sub DES_encrypt | |||
| 72 | &rotl($L,3); | 72 | &rotl($L,3); |
| 73 | } | 73 | } |
| 74 | 74 | ||
| 75 | &mov( $ks, &wparam(1) ); | 75 | # PIC-ification:-) |
| 76 | &picmeup($trans,"DES_SPtrans"); | ||
| 77 | #if ($cpp) { &picmeup($trans,"DES_SPtrans"); } | ||
| 78 | #else { &lea($trans,&DWP("DES_SPtrans")); } | ||
| 79 | |||
| 80 | &mov( "ecx", &wparam(1) ); | ||
| 76 | &cmp("ebx","0"); | 81 | &cmp("ebx","0"); |
| 77 | &je(&label("start_decrypt")); | 82 | &je(&label("start_decrypt")); |
| 78 | 83 | ||
| @@ -80,11 +85,11 @@ sub DES_encrypt | |||
| 80 | { | 85 | { |
| 81 | &comment(""); | 86 | &comment(""); |
| 82 | &comment("Round $i"); | 87 | &comment("Round $i"); |
| 83 | &D_ENCRYPT($i,$L,$R,$i*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 88 | &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); |
| 84 | 89 | ||
| 85 | &comment(""); | 90 | &comment(""); |
| 86 | &comment("Round ".sprintf("%d",$i+1)); | 91 | &comment("Round ".sprintf("%d",$i+1)); |
| 87 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 92 | &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); |
| 88 | } | 93 | } |
| 89 | &jmp(&label("end")); | 94 | &jmp(&label("end")); |
| 90 | 95 | ||
| @@ -94,10 +99,10 @@ sub DES_encrypt | |||
| 94 | { | 99 | { |
| 95 | &comment(""); | 100 | &comment(""); |
| 96 | &comment("Round $i"); | 101 | &comment("Round $i"); |
| 97 | &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 102 | &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); |
| 98 | &comment(""); | 103 | &comment(""); |
| 99 | &comment("Round ".sprintf("%d",$i-1)); | 104 | &comment("Round ".sprintf("%d",$i-1)); |
| 100 | &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"DES_SPtrans","eax","ebx","ecx","edx"); | 105 | &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx"); |
| 101 | } | 106 | } |
| 102 | 107 | ||
| 103 | &set_label("end"); | 108 | &set_label("end"); |
| @@ -134,43 +139,36 @@ sub DES_encrypt | |||
| 134 | 139 | ||
| 135 | sub D_ENCRYPT | 140 | sub D_ENCRYPT |
| 136 | { | 141 | { |
| 137 | local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; | 142 | local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; |
| 138 | 143 | ||
| 139 | &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); | 144 | &mov( $u, &DWP(&n2a($S*4),$tmp2,"",0)); |
| 140 | &xor( $tmp1, $tmp1); | 145 | &xor( $tmp1, $tmp1); |
| 141 | &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); | 146 | &mov( $t, &DWP(&n2a(($S+1)*4),$tmp2,"",0)); |
| 142 | &xor( $u, $R); | 147 | &xor( $u, $R); |
| 148 | &xor( $tmp2, $tmp2); | ||
| 143 | &xor( $t, $R); | 149 | &xor( $t, $R); |
| 144 | &and( $u, "0xfcfcfcfc" ); | 150 | &and( $u, "0xfcfcfcfc" ); |
| 145 | &and( $t, "0xcfcfcfcf" ); | 151 | &and( $t, "0xcfcfcfcf" ); |
| 146 | &movb( &LB($tmp1), &LB($u) ); | 152 | &movb( &LB($tmp1), &LB($u) ); |
| 147 | &movb( &LB($tmp2), &HB($u) ); | 153 | &movb( &LB($tmp2), &HB($u) ); |
| 148 | &rotr( $t, 4 ); | 154 | &rotr( $t, 4 ); |
| 149 | &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); | 155 | &xor( $L, &DWP(" ",$trans,$tmp1,0)); |
| 150 | &movb( &LB($tmp1), &LB($t) ); | 156 | &movb( &LB($tmp1), &LB($t) ); |
| 151 | &xor( $L, $ks); | 157 | &xor( $L, &DWP("0x200",$trans,$tmp2,0)); |
| 152 | &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); | ||
| 153 | &xor( $L, $ks); ###### | ||
| 154 | &movb( &LB($tmp2), &HB($t) ); | 158 | &movb( &LB($tmp2), &HB($t) ); |
| 155 | &shr( $u, 16); | 159 | &shr( $u, 16); |
| 156 | &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); | 160 | &xor( $L, &DWP("0x100",$trans,$tmp1,0)); |
| 157 | &xor( $L, $ks); ###### | ||
| 158 | &movb( &LB($tmp1), &HB($u) ); | 161 | &movb( &LB($tmp1), &HB($u) ); |
| 159 | &shr( $t, 16); | 162 | &shr( $t, 16); |
| 160 | &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); | 163 | &xor( $L, &DWP("0x300",$trans,$tmp2,0)); |
| 161 | &xor( $L, $ks); | ||
| 162 | &mov( $ks, &wparam(1) ); | ||
| 163 | &movb( &LB($tmp2), &HB($t) ); | 164 | &movb( &LB($tmp2), &HB($t) ); |
| 164 | &and( $u, "0xff" ); | 165 | &and( $u, "0xff" ); |
| 165 | &and( $t, "0xff" ); | 166 | &and( $t, "0xff" ); |
| 166 | &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); | 167 | &xor( $L, &DWP("0x600",$trans,$tmp1,0)); |
| 167 | &xor( $L, $tmp1); | 168 | &xor( $L, &DWP("0x700",$trans,$tmp2,0)); |
| 168 | &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); | 169 | &mov( $tmp2, &wparam(1) ); |
| 169 | &xor( $L, $tmp1); | 170 | &xor( $L, &DWP("0x400",$trans,$u,0)); |
| 170 | &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); | 171 | &xor( $L, &DWP("0x500",$trans,$t,0)); |
| 171 | &xor( $L, $tmp1); | ||
| 172 | &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); | ||
| 173 | &xor( $L, $tmp1); | ||
| 174 | } | 172 | } |
| 175 | 173 | ||
| 176 | sub n2a | 174 | sub n2a |
diff --git a/src/lib/libssl/src/crypto/des/cbc_cksm.c b/src/lib/libssl/src/crypto/des/cbc_cksm.c index 6c5305b99d..09a7ba56aa 100644 --- a/src/lib/libssl/src/crypto/des/cbc_cksm.c +++ b/src/lib/libssl/src/crypto/des/cbc_cksm.c | |||
| @@ -93,5 +93,14 @@ DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output, | |||
| 93 | l2c(tout1,out); | 93 | l2c(tout1,out); |
| 94 | } | 94 | } |
| 95 | tout0=tin0=tin1=tin[0]=tin[1]=0; | 95 | tout0=tin0=tin1=tin[0]=tin[1]=0; |
| 96 | /* | ||
| 97 | Transform the data in tout1 so that it will | ||
| 98 | match the return value that the MIT Kerberos | ||
| 99 | mit_des_cbc_cksum API returns. | ||
| 100 | */ | ||
| 101 | tout1 = ((tout1 >> 24L) & 0x000000FF) | ||
| 102 | | ((tout1 >> 8L) & 0x0000FF00) | ||
| 103 | | ((tout1 << 8L) & 0x00FF0000) | ||
| 104 | | ((tout1 << 24L) & 0xFF000000); | ||
| 96 | return(tout1); | 105 | return(tout1); |
| 97 | } | 106 | } |
diff --git a/src/lib/libssl/src/crypto/des/des.c b/src/lib/libssl/src/crypto/des/des.c index d8c846b23d..343135ff9e 100644 --- a/src/lib/libssl/src/crypto/des/des.c +++ b/src/lib/libssl/src/crypto/des/des.c | |||
| @@ -427,7 +427,7 @@ void doencryption(void) | |||
| 427 | k2[i-8]=k; | 427 | k2[i-8]=k; |
| 428 | } | 428 | } |
| 429 | DES_set_key_unchecked(&k2,&ks2); | 429 | DES_set_key_unchecked(&k2,&ks2); |
| 430 | memset(k2,0,sizeof(k2)); | 430 | OPENSSL_cleanse(k2,sizeof(k2)); |
| 431 | } | 431 | } |
| 432 | else if (longk || flag3) | 432 | else if (longk || flag3) |
| 433 | { | 433 | { |
| @@ -435,7 +435,7 @@ void doencryption(void) | |||
| 435 | { | 435 | { |
| 436 | DES_string_to_2keys(key,&kk,&k2); | 436 | DES_string_to_2keys(key,&kk,&k2); |
| 437 | DES_set_key_unchecked(&k2,&ks2); | 437 | DES_set_key_unchecked(&k2,&ks2); |
| 438 | memset(k2,0,sizeof(k2)); | 438 | OPENSSL_cleanse(k2,sizeof(k2)); |
| 439 | } | 439 | } |
| 440 | else | 440 | else |
| 441 | DES_string_to_key(key,&kk); | 441 | DES_string_to_key(key,&kk); |
| @@ -457,8 +457,8 @@ void doencryption(void) | |||
| 457 | } | 457 | } |
| 458 | 458 | ||
| 459 | DES_set_key_unchecked(&kk,&ks); | 459 | DES_set_key_unchecked(&kk,&ks); |
| 460 | memset(key,0,sizeof(key)); | 460 | OPENSSL_cleanse(key,sizeof(key)); |
| 461 | memset(kk,0,sizeof(kk)); | 461 | OPENSSL_cleanse(kk,sizeof(kk)); |
| 462 | /* woops - A bug that does not showup under unix :-( */ | 462 | /* woops - A bug that does not showup under unix :-( */ |
| 463 | memset(iv,0,sizeof(iv)); | 463 | memset(iv,0,sizeof(iv)); |
| 464 | memset(iv2,0,sizeof(iv2)); | 464 | memset(iv2,0,sizeof(iv2)); |
| @@ -666,18 +666,18 @@ void doencryption(void) | |||
| 666 | if (l) fclose(CKSUM_OUT); | 666 | if (l) fclose(CKSUM_OUT); |
| 667 | } | 667 | } |
| 668 | problems: | 668 | problems: |
| 669 | memset(buf,0,sizeof(buf)); | 669 | OPENSSL_cleanse(buf,sizeof(buf)); |
| 670 | memset(obuf,0,sizeof(obuf)); | 670 | OPENSSL_cleanse(obuf,sizeof(obuf)); |
| 671 | memset(&ks,0,sizeof(ks)); | 671 | OPENSSL_cleanse(&ks,sizeof(ks)); |
| 672 | memset(&ks2,0,sizeof(ks2)); | 672 | OPENSSL_cleanse(&ks2,sizeof(ks2)); |
| 673 | memset(iv,0,sizeof(iv)); | 673 | OPENSSL_cleanse(iv,sizeof(iv)); |
| 674 | memset(iv2,0,sizeof(iv2)); | 674 | OPENSSL_cleanse(iv2,sizeof(iv2)); |
| 675 | memset(kk,0,sizeof(kk)); | 675 | OPENSSL_cleanse(kk,sizeof(kk)); |
| 676 | memset(k2,0,sizeof(k2)); | 676 | OPENSSL_cleanse(k2,sizeof(k2)); |
| 677 | memset(uubuf,0,sizeof(uubuf)); | 677 | OPENSSL_cleanse(uubuf,sizeof(uubuf)); |
| 678 | memset(b,0,sizeof(b)); | 678 | OPENSSL_cleanse(b,sizeof(b)); |
| 679 | memset(bb,0,sizeof(bb)); | 679 | OPENSSL_cleanse(bb,sizeof(bb)); |
| 680 | memset(cksum,0,sizeof(cksum)); | 680 | OPENSSL_cleanse(cksum,sizeof(cksum)); |
| 681 | if (Exit) EXIT(Exit); | 681 | if (Exit) EXIT(Exit); |
| 682 | } | 682 | } |
| 683 | 683 | ||
diff --git a/src/lib/libssl/src/crypto/des/des_locl.h b/src/lib/libssl/src/crypto/des/des_locl.h index 70e833be3f..e44e8e98b2 100644 --- a/src/lib/libssl/src/crypto/des/des_locl.h +++ b/src/lib/libssl/src/crypto/des/des_locl.h | |||
| @@ -162,7 +162,18 @@ | |||
| 162 | 162 | ||
| 163 | #if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) | 163 | #if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER) |
| 164 | #define ROTATE(a,n) (_lrotr(a,n)) | 164 | #define ROTATE(a,n) (_lrotr(a,n)) |
| 165 | #else | 165 | #elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC) |
| 166 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) | ||
| 167 | # define ROTATE(a,n) ({ register unsigned int ret; \ | ||
| 168 | asm ("rorl %1,%0" \ | ||
| 169 | : "=r"(ret) \ | ||
| 170 | : "I"(n),"0"(a) \ | ||
| 171 | : "cc"); \ | ||
| 172 | ret; \ | ||
| 173 | }) | ||
| 174 | # endif | ||
| 175 | #endif | ||
| 176 | #ifndef ROTATE | ||
| 166 | #define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n)))) | 177 | #define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n)))) |
| 167 | #endif | 178 | #endif |
| 168 | 179 | ||
diff --git a/src/lib/libssl/src/crypto/des/des_old.h b/src/lib/libssl/src/crypto/des/des_old.h index fe32f21f61..1d8bf65101 100644 --- a/src/lib/libssl/src/crypto/des/des_old.h +++ b/src/lib/libssl/src/crypto/des/des_old.h | |||
| @@ -173,10 +173,12 @@ typedef struct _ossl_old_des_ks_struct | |||
| 173 | DES_fcrypt((b),(s),(r)) | 173 | DES_fcrypt((b),(s),(r)) |
| 174 | #define des_crypt(b,s)\ | 174 | #define des_crypt(b,s)\ |
| 175 | DES_crypt((b),(s)) | 175 | DES_crypt((b),(s)) |
| 176 | #if 0 | ||
| 176 | #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) | 177 | #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) |
| 177 | #define crypt(b,s)\ | 178 | #define crypt(b,s)\ |
| 178 | DES_crypt((b),(s)) | 179 | DES_crypt((b),(s)) |
| 179 | #endif | 180 | #endif |
| 181 | #endif | ||
| 180 | #define des_ofb_encrypt(i,o,n,l,k,iv)\ | 182 | #define des_ofb_encrypt(i,o,n,l,k,iv)\ |
| 181 | DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv)) | 183 | DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv)) |
| 182 | #define des_pcbc_encrypt(i,o,l,k,iv,e)\ | 184 | #define des_pcbc_encrypt(i,o,l,k,iv,e)\ |
diff --git a/src/lib/libssl/src/crypto/des/des_ver.h b/src/lib/libssl/src/crypto/des/des_ver.h index ec9cc736e3..379bbadda2 100644 --- a/src/lib/libssl/src/crypto/des/des_ver.h +++ b/src/lib/libssl/src/crypto/des/des_ver.h | |||
| @@ -63,5 +63,9 @@ | |||
| 63 | # define OPENSSL_EXTERN OPENSSL_EXPORT | 63 | # define OPENSSL_EXTERN OPENSSL_EXPORT |
| 64 | #endif | 64 | #endif |
| 65 | 65 | ||
| 66 | OPENSSL_EXTERN const char *DES_version; /* SSLeay version string */ | 66 | /* The following macros make sure the names are different from libdes names */ |
| 67 | OPENSSL_EXTERN const char *libdes_version; /* old libdes version string */ | 67 | #define DES_version OSSL_DES_version |
| 68 | #define libdes_version OSSL_libdes_version | ||
| 69 | |||
| 70 | OPENSSL_EXTERN const char *OSSL_DES_version; /* SSLeay version string */ | ||
| 71 | OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */ | ||
diff --git a/src/lib/libssl/src/crypto/des/destest.c b/src/lib/libssl/src/crypto/des/destest.c index 58e8c35dcb..687c00c792 100644 --- a/src/lib/libssl/src/crypto/des/destest.c +++ b/src/lib/libssl/src/crypto/des/destest.c | |||
| @@ -84,9 +84,7 @@ int main(int argc, char *argv[]) | |||
| 84 | #else | 84 | #else |
| 85 | #include <openssl/des.h> | 85 | #include <openssl/des.h> |
| 86 | 86 | ||
| 87 | #if defined(PERL5) || defined(__FreeBSD__) || defined(NeXT) | ||
| 88 | #define crypt(c,s) (des_crypt((c),(s))) | 87 | #define crypt(c,s) (des_crypt((c),(s))) |
| 89 | #endif | ||
| 90 | 88 | ||
| 91 | /* tisk tisk - the test keys don't all have odd parity :-( */ | 89 | /* tisk tisk - the test keys don't all have odd parity :-( */ |
| 92 | /* test data */ | 90 | /* test data */ |
| @@ -322,7 +320,11 @@ static unsigned char ofb_cipher[24]= | |||
| 322 | 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 | 320 | 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 |
| 323 | }; | 321 | }; |
| 324 | 322 | ||
| 323 | #if 0 | ||
| 325 | static DES_LONG cbc_cksum_ret=0xB462FEF7L; | 324 | static DES_LONG cbc_cksum_ret=0xB462FEF7L; |
| 325 | #else | ||
| 326 | static DES_LONG cbc_cksum_ret=0xF7FE62B4L; | ||
| 327 | #endif | ||
| 326 | static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; | 328 | static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; |
| 327 | 329 | ||
| 328 | static char *pt(unsigned char *p); | 330 | static char *pt(unsigned char *p); |
diff --git a/src/lib/libssl/src/crypto/des/read2pwd.c b/src/lib/libssl/src/crypto/des/read2pwd.c index b4720c3a98..3a63c4016c 100644 --- a/src/lib/libssl/src/crypto/des/read2pwd.c +++ b/src/lib/libssl/src/crypto/des/read2pwd.c | |||
| @@ -120,8 +120,8 @@ int DES_read_password(DES_cblock *key, const char *prompt, int verify) | |||
| 120 | 120 | ||
| 121 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) | 121 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) |
| 122 | DES_string_to_key(buf,key); | 122 | DES_string_to_key(buf,key); |
| 123 | memset(buf,0,BUFSIZ); | 123 | OPENSSL_cleanse(buf,BUFSIZ); |
| 124 | memset(buff,0,BUFSIZ); | 124 | OPENSSL_cleanse(buff,BUFSIZ); |
| 125 | return(ok); | 125 | return(ok); |
| 126 | } | 126 | } |
| 127 | 127 | ||
| @@ -133,7 +133,7 @@ int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt, | |||
| 133 | 133 | ||
| 134 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) | 134 | if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) |
| 135 | DES_string_to_2keys(buf,key1,key2); | 135 | DES_string_to_2keys(buf,key1,key2); |
| 136 | memset(buf,0,BUFSIZ); | 136 | OPENSSL_cleanse(buf,BUFSIZ); |
| 137 | memset(buff,0,BUFSIZ); | 137 | OPENSSL_cleanse(buff,BUFSIZ); |
| 138 | return(ok); | 138 | return(ok); |
| 139 | } | 139 | } |
diff --git a/src/lib/libssl/src/crypto/des/read_pwd.c b/src/lib/libssl/src/crypto/des/read_pwd.c index 9061935f21..ce5fa00a37 100644 --- a/src/lib/libssl/src/crypto/des/read_pwd.c +++ b/src/lib/libssl/src/crypto/des/read_pwd.c | |||
| @@ -101,8 +101,10 @@ | |||
| 101 | 101 | ||
| 102 | #ifdef WIN_CONSOLE_BUG | 102 | #ifdef WIN_CONSOLE_BUG |
| 103 | #include <windows.h> | 103 | #include <windows.h> |
| 104 | #ifndef OPENSSL_SYS_WINCE | ||
| 104 | #include <wincon.h> | 105 | #include <wincon.h> |
| 105 | #endif | 106 | #endif |
| 107 | #endif | ||
| 106 | 108 | ||
| 107 | 109 | ||
| 108 | /* There are 5 types of terminal interface supported, | 110 | /* There are 5 types of terminal interface supported, |
| @@ -133,7 +135,7 @@ | |||
| 133 | #define SGTTY | 135 | #define SGTTY |
| 134 | #endif | 136 | #endif |
| 135 | 137 | ||
| 136 | #if defined(OPENSSL_SYS_VSWORKS) | 138 | #if defined(OPENSSL_SYS_VXWORKS) |
| 137 | #undef TERMIOS | 139 | #undef TERMIOS |
| 138 | #undef TERMIO | 140 | #undef TERMIO |
| 139 | #undef SGTTY | 141 | #undef SGTTY |
| @@ -167,7 +169,7 @@ | |||
| 167 | #include <sys/ioctl.h> | 169 | #include <sys/ioctl.h> |
| 168 | #endif | 170 | #endif |
| 169 | 171 | ||
| 170 | #if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) | 172 | #if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) && !defined(OPENSSL_SYS_WINCE) |
| 171 | #include <conio.h> | 173 | #include <conio.h> |
| 172 | #define fgets(a,b,c) noecho_fgets(a,b,c) | 174 | #define fgets(a,b,c) noecho_fgets(a,b,c) |
| 173 | #endif | 175 | #endif |
| @@ -218,11 +220,29 @@ int des_read_pw_string(char *buf, int length, const char *prompt, | |||
| 218 | int ret; | 220 | int ret; |
| 219 | 221 | ||
| 220 | ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); | 222 | ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); |
| 221 | memset(buff,0,BUFSIZ); | 223 | OPENSSL_cleanse(buff,BUFSIZ); |
| 222 | return(ret); | 224 | return(ret); |
| 223 | } | 225 | } |
| 224 | 226 | ||
| 225 | #ifndef OPENSSL_SYS_WIN16 | 227 | #ifdef OPENSSL_SYS_WINCE |
| 228 | |||
| 229 | int des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify) | ||
| 230 | { | ||
| 231 | memset(buf,0,size); | ||
| 232 | memset(buff,0,size); | ||
| 233 | return(0); | ||
| 234 | } | ||
| 235 | |||
| 236 | #elif defined(OPENSSL_SYS_WIN16) | ||
| 237 | |||
| 238 | int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify) | ||
| 239 | { | ||
| 240 | memset(buf,0,size); | ||
| 241 | memset(buff,0,size); | ||
| 242 | return(0); | ||
| 243 | } | ||
| 244 | |||
| 245 | #else /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */ | ||
| 226 | 246 | ||
| 227 | static void read_till_nl(FILE *in) | 247 | static void read_till_nl(FILE *in) |
| 228 | { | 248 | { |
| @@ -274,7 +294,7 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt, | |||
| 274 | #ifdef OPENSSL_SYS_MSDOS | 294 | #ifdef OPENSSL_SYS_MSDOS |
| 275 | if ((tty=fopen("con","r")) == NULL) | 295 | if ((tty=fopen("con","r")) == NULL) |
| 276 | tty=stdin; | 296 | tty=stdin; |
| 277 | #elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VSWORKS) | 297 | #elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS) |
| 278 | tty=stdin; | 298 | tty=stdin; |
| 279 | #else | 299 | #else |
| 280 | #ifndef OPENSSL_SYS_MPE | 300 | #ifndef OPENSSL_SYS_MPE |
| @@ -393,17 +413,6 @@ error: | |||
| 393 | return(!ok); | 413 | return(!ok); |
| 394 | } | 414 | } |
| 395 | 415 | ||
| 396 | #else /* OPENSSL_SYS_WIN16 */ | ||
| 397 | |||
| 398 | int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify) | ||
| 399 | { | ||
| 400 | memset(buf,0,size); | ||
| 401 | memset(buff,0,size); | ||
| 402 | return(0); | ||
| 403 | } | ||
| 404 | |||
| 405 | #endif | ||
| 406 | |||
| 407 | static void pushsig(void) | 416 | static void pushsig(void) |
| 408 | { | 417 | { |
| 409 | int i; | 418 | int i; |
| @@ -466,7 +475,7 @@ static void recsig(int i) | |||
| 466 | #endif | 475 | #endif |
| 467 | } | 476 | } |
| 468 | 477 | ||
| 469 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) | 478 | #ifdef OPENSSL_SYS_MSDOS |
| 470 | static int noecho_fgets(char *buf, int size, FILE *tty) | 479 | static int noecho_fgets(char *buf, int size, FILE *tty) |
| 471 | { | 480 | { |
| 472 | int i; | 481 | int i; |
| @@ -509,3 +518,4 @@ static int noecho_fgets(char *buf, int size, FILE *tty) | |||
| 509 | return(strlen(buf)); | 518 | return(strlen(buf)); |
| 510 | } | 519 | } |
| 511 | #endif | 520 | #endif |
| 521 | #endif /* !OPENSSL_SYS_WINCE && !WIN16 */ | ||
diff --git a/src/lib/libssl/src/crypto/des/str2key.c b/src/lib/libssl/src/crypto/des/str2key.c index 36c3f81d99..0373db469c 100644 --- a/src/lib/libssl/src/crypto/des/str2key.c +++ b/src/lib/libssl/src/crypto/des/str2key.c | |||
| @@ -94,7 +94,7 @@ void DES_string_to_key(const char *str, DES_cblock *key) | |||
| 94 | DES_set_key_unchecked(key,&ks); | 94 | DES_set_key_unchecked(key,&ks); |
| 95 | #endif | 95 | #endif |
| 96 | DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); | 96 | DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); |
| 97 | memset(&ks,0,sizeof(ks)); | 97 | OPENSSL_cleanse(&ks,sizeof(ks)); |
| 98 | DES_set_odd_parity(key); | 98 | DES_set_odd_parity(key); |
| 99 | } | 99 | } |
| 100 | 100 | ||
| @@ -167,7 +167,7 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2) | |||
| 167 | DES_set_key_unchecked(key2,&ks); | 167 | DES_set_key_unchecked(key2,&ks); |
| 168 | #endif | 168 | #endif |
| 169 | DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); | 169 | DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); |
| 170 | memset(&ks,0,sizeof(ks)); | 170 | OPENSSL_cleanse(&ks,sizeof(ks)); |
| 171 | DES_set_odd_parity(key1); | 171 | DES_set_odd_parity(key1); |
| 172 | DES_set_odd_parity(key2); | 172 | DES_set_odd_parity(key2); |
| 173 | } | 173 | } |
diff --git a/src/lib/libssl/src/crypto/dh/Makefile.ssl b/src/lib/libssl/src/crypto/dh/Makefile.ssl index 5e1aaae160..e05fc01a12 100644 --- a/src/lib/libssl/src/crypto/dh/Makefile.ssl +++ b/src/lib/libssl/src/crypto/dh/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -112,17 +112,14 @@ dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | |||
| 112 | dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 112 | dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 113 | dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 113 | dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 114 | dh_gen.o: ../cryptlib.h dh_gen.c | 114 | dh_gen.o: ../cryptlib.h dh_gen.c |
| 115 | dh_key.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 115 | dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 116 | dh_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 116 | dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 117 | dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 117 | dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h |
| 118 | dh_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 118 | dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h |
| 119 | dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 119 | dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 120 | dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 120 | dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 121 | dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 122 | dh_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | ||
| 123 | dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 121 | dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 124 | dh_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 122 | dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c |
| 125 | dh_key.o: ../cryptlib.h dh_key.c | ||
| 126 | dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 123 | dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 127 | dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 124 | dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 128 | dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 125 | dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c index 1a0efca2c4..77f2f50b51 100644 --- a/src/lib/libssl/src/crypto/dh/dh_key.c +++ b/src/lib/libssl/src/crypto/dh/dh_key.c | |||
| @@ -61,7 +61,6 @@ | |||
| 61 | #include <openssl/bn.h> | 61 | #include <openssl/bn.h> |
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #include <openssl/dh.h> | 63 | #include <openssl/dh.h> |
| 64 | #include <openssl/engine.h> | ||
| 65 | 64 | ||
| 66 | static int generate_key(DH *dh); | 65 | static int generate_key(DH *dh); |
| 67 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); | 66 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); |
diff --git a/src/lib/libssl/src/crypto/dh/dh_lib.c b/src/lib/libssl/src/crypto/dh/dh_lib.c index ba5fd41057..09965ee2ea 100644 --- a/src/lib/libssl/src/crypto/dh/dh_lib.c +++ b/src/lib/libssl/src/crypto/dh/dh_lib.c | |||
| @@ -60,7 +60,9 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/bn.h> | 61 | #include <openssl/bn.h> |
| 62 | #include <openssl/dh.h> | 62 | #include <openssl/dh.h> |
| 63 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | ||
| 64 | 66 | ||
| 65 | const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; | 67 | const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; |
| 66 | 68 | ||
| @@ -85,11 +87,13 @@ int DH_set_method(DH *dh, const DH_METHOD *meth) | |||
| 85 | const DH_METHOD *mtmp; | 87 | const DH_METHOD *mtmp; |
| 86 | mtmp = dh->meth; | 88 | mtmp = dh->meth; |
| 87 | if (mtmp->finish) mtmp->finish(dh); | 89 | if (mtmp->finish) mtmp->finish(dh); |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 88 | if (dh->engine) | 91 | if (dh->engine) |
| 89 | { | 92 | { |
| 90 | ENGINE_finish(dh->engine); | 93 | ENGINE_finish(dh->engine); |
| 91 | dh->engine = NULL; | 94 | dh->engine = NULL; |
| 92 | } | 95 | } |
| 96 | #endif | ||
| 93 | dh->meth = meth; | 97 | dh->meth = meth; |
| 94 | if (meth->init) meth->init(dh); | 98 | if (meth->init) meth->init(dh); |
| 95 | return 1; | 99 | return 1; |
| @@ -112,6 +116,7 @@ DH *DH_new_method(ENGINE *engine) | |||
| 112 | } | 116 | } |
| 113 | 117 | ||
| 114 | ret->meth = DH_get_default_method(); | 118 | ret->meth = DH_get_default_method(); |
| 119 | #ifndef OPENSSL_NO_ENGINE | ||
| 115 | if (engine) | 120 | if (engine) |
| 116 | { | 121 | { |
| 117 | if (!ENGINE_init(engine)) | 122 | if (!ENGINE_init(engine)) |
| @@ -135,6 +140,7 @@ DH *DH_new_method(ENGINE *engine) | |||
| 135 | return NULL; | 140 | return NULL; |
| 136 | } | 141 | } |
| 137 | } | 142 | } |
| 143 | #endif | ||
| 138 | 144 | ||
| 139 | ret->pad=0; | 145 | ret->pad=0; |
| 140 | ret->version=0; | 146 | ret->version=0; |
| @@ -154,8 +160,10 @@ DH *DH_new_method(ENGINE *engine) | |||
| 154 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | 160 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
| 155 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 161 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 156 | { | 162 | { |
| 163 | #ifndef OPENSSL_NO_ENGINE | ||
| 157 | if (ret->engine) | 164 | if (ret->engine) |
| 158 | ENGINE_finish(ret->engine); | 165 | ENGINE_finish(ret->engine); |
| 166 | #endif | ||
| 159 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | 167 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
| 160 | OPENSSL_free(ret); | 168 | OPENSSL_free(ret); |
| 161 | ret=NULL; | 169 | ret=NULL; |
| @@ -182,8 +190,10 @@ void DH_free(DH *r) | |||
| 182 | 190 | ||
| 183 | if (r->meth->finish) | 191 | if (r->meth->finish) |
| 184 | r->meth->finish(r); | 192 | r->meth->finish(r); |
| 193 | #ifndef OPENSSL_NO_ENGINE | ||
| 185 | if (r->engine) | 194 | if (r->engine) |
| 186 | ENGINE_finish(r->engine); | 195 | ENGINE_finish(r->engine); |
| 196 | #endif | ||
| 187 | 197 | ||
| 188 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); | 198 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); |
| 189 | 199 | ||
diff --git a/src/lib/libssl/src/crypto/dh/dhtest.c b/src/lib/libssl/src/crypto/dh/dhtest.c index 34894ced73..d75077f9fa 100644 --- a/src/lib/libssl/src/crypto/dh/dhtest.c +++ b/src/lib/libssl/src/crypto/dh/dhtest.c | |||
| @@ -59,9 +59,9 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #ifdef OPENSSL_SYS_WINDOWS | 62 | |
| 63 | #include "../bio/bss_file.c" | 63 | #include "../e_os.h" |
| 64 | #endif | 64 | |
| 65 | #include <openssl/crypto.h> | 65 | #include <openssl/crypto.h> |
| 66 | #include <openssl/bio.h> | 66 | #include <openssl/bio.h> |
| 67 | #include <openssl/bn.h> | 67 | #include <openssl/bn.h> |
| @@ -84,10 +84,6 @@ int main(int argc, char *argv[]) | |||
| 84 | #endif | 84 | #endif |
| 85 | 85 | ||
| 86 | static void MS_CALLBACK cb(int p, int n, void *arg); | 86 | static void MS_CALLBACK cb(int p, int n, void *arg); |
| 87 | #ifdef OPENSSL_NO_STDIO | ||
| 88 | #define APPS_WIN16 | ||
| 89 | #include "bss_file.c" | ||
| 90 | #endif | ||
| 91 | 87 | ||
| 92 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | 88 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; |
| 93 | 89 | ||
| @@ -111,7 +107,7 @@ int main(int argc, char *argv[]) | |||
| 111 | RAND_seed(rnd_seed, sizeof rnd_seed); | 107 | RAND_seed(rnd_seed, sizeof rnd_seed); |
| 112 | 108 | ||
| 113 | out=BIO_new(BIO_s_file()); | 109 | out=BIO_new(BIO_s_file()); |
| 114 | if (out == NULL) exit(1); | 110 | if (out == NULL) EXIT(1); |
| 115 | BIO_set_fp(out,stdout,BIO_NOCLOSE); | 111 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
| 116 | 112 | ||
| 117 | a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); | 113 | a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); |
| @@ -195,7 +191,7 @@ err: | |||
| 195 | CRYPTO_cleanup_all_ex_data(); | 191 | CRYPTO_cleanup_all_ex_data(); |
| 196 | ERR_remove_state(0); | 192 | ERR_remove_state(0); |
| 197 | CRYPTO_mem_leaks_fp(stderr); | 193 | CRYPTO_mem_leaks_fp(stderr); |
| 198 | exit(ret); | 194 | EXIT(ret); |
| 199 | return(ret); | 195 | return(ret); |
| 200 | } | 196 | } |
| 201 | 197 | ||
diff --git a/src/lib/libssl/src/crypto/dsa/Makefile.ssl b/src/lib/libssl/src/crypto/dsa/Makefile.ssl index d308caafca..e5f8a8cf51 100644 --- a/src/lib/libssl/src/crypto/dsa/Makefile.ssl +++ b/src/lib/libssl/src/crypto/dsa/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ lint: | |||
| 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 71 | 71 | ||
| 72 | depend: | 72 | depend: |
| 73 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 74 | 74 | ||
| 75 | dclean: | 75 | dclean: |
| 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -143,35 +143,29 @@ dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 143 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 143 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 144 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 144 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 145 | dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 145 | dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 146 | dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 146 | dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 147 | dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 147 | dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 148 | dsa_ossl.o: ../../include/openssl/opensslconf.h | ||
| 149 | dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 148 | dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 150 | dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 149 | dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 151 | dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 150 | dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 152 | dsa_ossl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 153 | dsa_ossl.o: ../cryptlib.h dsa_ossl.c | 151 | dsa_ossl.o: ../cryptlib.h dsa_ossl.c |
| 154 | dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h | 152 | dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h |
| 155 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 153 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 156 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 154 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 157 | dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 155 | dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 158 | dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 156 | dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 159 | dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 157 | dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 160 | dsa_sign.o: ../../include/openssl/opensslconf.h | ||
| 161 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 158 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 162 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 159 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 163 | dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 160 | dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 164 | dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 165 | dsa_sign.o: ../cryptlib.h dsa_sign.c | 161 | dsa_sign.o: ../cryptlib.h dsa_sign.c |
| 166 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h | 162 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h |
| 167 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | 163 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h |
| 168 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 164 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 169 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 165 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| 170 | dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 166 | dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 171 | dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 167 | dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h |
| 172 | dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 168 | dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 173 | dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 169 | dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 174 | dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | ||
| 175 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 170 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 176 | dsa_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 171 | dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c |
| 177 | dsa_vrf.o: ../cryptlib.h dsa_vrf.c | ||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_lib.c b/src/lib/libssl/src/crypto/dsa/dsa_lib.c index da2cdfa3d6..4171af24c6 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_lib.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_lib.c | |||
| @@ -63,7 +63,9 @@ | |||
| 63 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 66 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 67 | 69 | ||
| 68 | const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; | 70 | const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; |
| 69 | 71 | ||
| @@ -93,11 +95,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) | |||
| 93 | const DSA_METHOD *mtmp; | 95 | const DSA_METHOD *mtmp; |
| 94 | mtmp = dsa->meth; | 96 | mtmp = dsa->meth; |
| 95 | if (mtmp->finish) mtmp->finish(dsa); | 97 | if (mtmp->finish) mtmp->finish(dsa); |
| 98 | #ifndef OPENSSL_NO_ENGINE | ||
| 96 | if (dsa->engine) | 99 | if (dsa->engine) |
| 97 | { | 100 | { |
| 98 | ENGINE_finish(dsa->engine); | 101 | ENGINE_finish(dsa->engine); |
| 99 | dsa->engine = NULL; | 102 | dsa->engine = NULL; |
| 100 | } | 103 | } |
| 104 | #endif | ||
| 101 | dsa->meth = meth; | 105 | dsa->meth = meth; |
| 102 | if (meth->init) meth->init(dsa); | 106 | if (meth->init) meth->init(dsa); |
| 103 | return 1; | 107 | return 1; |
| @@ -114,6 +118,7 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 114 | return(NULL); | 118 | return(NULL); |
| 115 | } | 119 | } |
| 116 | ret->meth = DSA_get_default_method(); | 120 | ret->meth = DSA_get_default_method(); |
| 121 | #ifndef OPENSSL_NO_ENGINE | ||
| 117 | if (engine) | 122 | if (engine) |
| 118 | { | 123 | { |
| 119 | if (!ENGINE_init(engine)) | 124 | if (!ENGINE_init(engine)) |
| @@ -138,6 +143,7 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 138 | return NULL; | 143 | return NULL; |
| 139 | } | 144 | } |
| 140 | } | 145 | } |
| 146 | #endif | ||
| 141 | 147 | ||
| 142 | ret->pad=0; | 148 | ret->pad=0; |
| 143 | ret->version=0; | 149 | ret->version=0; |
| @@ -158,8 +164,10 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 158 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); | 164 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
| 159 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 165 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 160 | { | 166 | { |
| 167 | #ifndef OPENSSL_NO_ENGINE | ||
| 161 | if (ret->engine) | 168 | if (ret->engine) |
| 162 | ENGINE_finish(ret->engine); | 169 | ENGINE_finish(ret->engine); |
| 170 | #endif | ||
| 163 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); | 171 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
| 164 | OPENSSL_free(ret); | 172 | OPENSSL_free(ret); |
| 165 | ret=NULL; | 173 | ret=NULL; |
| @@ -189,8 +197,10 @@ void DSA_free(DSA *r) | |||
| 189 | 197 | ||
| 190 | if(r->meth->finish) | 198 | if(r->meth->finish) |
| 191 | r->meth->finish(r); | 199 | r->meth->finish(r); |
| 200 | #ifndef OPENSSL_NO_ENGINE | ||
| 192 | if(r->engine) | 201 | if(r->engine) |
| 193 | ENGINE_finish(r->engine); | 202 | ENGINE_finish(r->engine); |
| 203 | #endif | ||
| 194 | 204 | ||
| 195 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); | 205 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
| 196 | 206 | ||
| @@ -224,7 +234,10 @@ int DSA_size(const DSA *r) | |||
| 224 | { | 234 | { |
| 225 | int ret,i; | 235 | int ret,i; |
| 226 | ASN1_INTEGER bs; | 236 | ASN1_INTEGER bs; |
| 227 | unsigned char buf[4]; | 237 | unsigned char buf[4]; /* 4 bytes looks really small. |
| 238 | However, i2d_ASN1_INTEGER() will not look | ||
| 239 | beyond the first byte, as long as the second | ||
| 240 | parameter is NULL. */ | ||
| 228 | 241 | ||
| 229 | i=BN_num_bits(r->q); | 242 | i=BN_num_bits(r->q); |
| 230 | bs.length=(i+7)/8; | 243 | bs.length=(i+7)/8; |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c index 37dd5fc994..b9e7f3ea5c 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c | |||
| @@ -64,7 +64,6 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/engine.h> | ||
| 68 | 67 | ||
| 69 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | 68 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); |
| 70 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); | 69 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); |
| @@ -106,13 +105,15 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
| 106 | int i,reason=ERR_R_BN_LIB; | 105 | int i,reason=ERR_R_BN_LIB; |
| 107 | DSA_SIG *ret=NULL; | 106 | DSA_SIG *ret=NULL; |
| 108 | 107 | ||
| 108 | BN_init(&m); | ||
| 109 | BN_init(&xr); | ||
| 110 | |||
| 109 | if (!dsa->p || !dsa->q || !dsa->g) | 111 | if (!dsa->p || !dsa->q || !dsa->g) |
| 110 | { | 112 | { |
| 111 | reason=DSA_R_MISSING_PARAMETERS; | 113 | reason=DSA_R_MISSING_PARAMETERS; |
| 112 | goto err; | 114 | goto err; |
| 113 | } | 115 | } |
| 114 | BN_init(&m); | 116 | |
| 115 | BN_init(&xr); | ||
| 116 | s=BN_new(); | 117 | s=BN_new(); |
| 117 | if (s == NULL) goto err; | 118 | if (s == NULL) goto err; |
| 118 | 119 | ||
| @@ -178,6 +179,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 178 | DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); | 179 | DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); |
| 179 | return 0; | 180 | return 0; |
| 180 | } | 181 | } |
| 182 | |||
| 183 | BN_init(&k); | ||
| 184 | |||
| 181 | if (ctx_in == NULL) | 185 | if (ctx_in == NULL) |
| 182 | { | 186 | { |
| 183 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 187 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| @@ -185,7 +189,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 185 | else | 189 | else |
| 186 | ctx=ctx_in; | 190 | ctx=ctx_in; |
| 187 | 191 | ||
| 188 | BN_init(&k); | ||
| 189 | if ((r=BN_new()) == NULL) goto err; | 192 | if ((r=BN_new()) == NULL) goto err; |
| 190 | kinv=NULL; | 193 | kinv=NULL; |
| 191 | 194 | ||
| @@ -241,11 +244,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | |||
| 241 | return -1; | 244 | return -1; |
| 242 | } | 245 | } |
| 243 | 246 | ||
| 244 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
| 245 | BN_init(&u1); | 247 | BN_init(&u1); |
| 246 | BN_init(&u2); | 248 | BN_init(&u2); |
| 247 | BN_init(&t1); | 249 | BN_init(&t1); |
| 248 | 250 | ||
| 251 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
| 252 | |||
| 249 | if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) | 253 | if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) |
| 250 | { | 254 | { |
| 251 | ret = 0; | 255 | ret = 0; |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c index e9469ca62f..89205026f0 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_sign.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c | |||
| @@ -64,7 +64,6 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/engine.h> | ||
| 68 | 67 | ||
| 69 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | 68 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
| 70 | { | 69 | { |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c index 066c6b5b28..c4aeddd056 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c | |||
| @@ -65,7 +65,6 @@ | |||
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/asn1_mac.h> | 67 | #include <openssl/asn1_mac.h> |
| 68 | #include <openssl/engine.h> | ||
| 69 | 68 | ||
| 70 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 69 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
| 71 | DSA *dsa) | 70 | DSA *dsa) |
diff --git a/src/lib/libssl/src/crypto/dsa/dsagen.c b/src/lib/libssl/src/crypto/dsa/dsagen.c index a0b0976640..1b6a1cca0f 100644 --- a/src/lib/libssl/src/crypto/dsa/dsagen.c +++ b/src/lib/libssl/src/crypto/dsa/dsagen.c | |||
| @@ -103,7 +103,7 @@ main() | |||
| 103 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | 103 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); |
| 104 | 104 | ||
| 105 | memcpy(seed_buf,seed,20); | 105 | memcpy(seed_buf,seed,20); |
| 106 | dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb); | 106 | dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err); |
| 107 | 107 | ||
| 108 | if (dsa == NULL) | 108 | if (dsa == NULL) |
| 109 | DSA_print(bio_err,dsa,0); | 109 | DSA_print(bio_err,dsa,0); |
diff --git a/src/lib/libssl/src/crypto/dsa/dsatest.c b/src/lib/libssl/src/crypto/dsa/dsatest.c index 12da64f9f4..4734ce4af8 100644 --- a/src/lib/libssl/src/crypto/dsa/dsatest.c +++ b/src/lib/libssl/src/crypto/dsa/dsatest.c | |||
| @@ -61,14 +61,13 @@ | |||
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <sys/types.h> | 62 | #include <sys/types.h> |
| 63 | #include <sys/stat.h> | 63 | #include <sys/stat.h> |
| 64 | |||
| 65 | #include "../e_os.h" | ||
| 66 | |||
| 64 | #include <openssl/crypto.h> | 67 | #include <openssl/crypto.h> |
| 65 | #include <openssl/rand.h> | 68 | #include <openssl/rand.h> |
| 66 | #include <openssl/bio.h> | 69 | #include <openssl/bio.h> |
| 67 | #include <openssl/err.h> | 70 | #include <openssl/err.h> |
| 68 | #include <openssl/engine.h> | ||
| 69 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 70 | #include "../bio/bss_file.c" | ||
| 71 | #endif | ||
| 72 | 71 | ||
| 73 | #ifdef OPENSSL_NO_DSA | 72 | #ifdef OPENSSL_NO_DSA |
| 74 | int main(int argc, char *argv[]) | 73 | int main(int argc, char *argv[]) |
| @@ -212,10 +211,16 @@ end: | |||
| 212 | BIO_free(bio_err); | 211 | BIO_free(bio_err); |
| 213 | bio_err = NULL; | 212 | bio_err = NULL; |
| 214 | } | 213 | } |
| 215 | exit(!ret); | 214 | EXIT(!ret); |
| 216 | return(0); | 215 | return(0); |
| 217 | } | 216 | } |
| 218 | 217 | ||
| 218 | static int cb_exit(int ec) | ||
| 219 | { | ||
| 220 | EXIT(ec); | ||
| 221 | return(0); /* To keep some compilers quiet */ | ||
| 222 | } | ||
| 223 | |||
| 219 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | 224 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) |
| 220 | { | 225 | { |
| 221 | char c='*'; | 226 | char c='*'; |
| @@ -231,7 +236,7 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | |||
| 231 | if (!ok && (p == 0) && (num > 1)) | 236 | if (!ok && (p == 0) && (num > 1)) |
| 232 | { | 237 | { |
| 233 | BIO_printf((BIO *)arg,"error in dsatest\n"); | 238 | BIO_printf((BIO *)arg,"error in dsatest\n"); |
| 234 | exit(1); | 239 | cb_exit(1); |
| 235 | } | 240 | } |
| 236 | } | 241 | } |
| 237 | #endif | 242 | #endif |
diff --git a/src/lib/libssl/src/crypto/dso/Makefile.ssl b/src/lib/libssl/src/crypto/dso/Makefile.ssl index 5a55125824..c0449d184e 100644 --- a/src/lib/libssl/src/crypto/dso/Makefile.ssl +++ b/src/lib/libssl/src/crypto/dso/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ lint: | |||
| 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 71 | 71 | ||
| 72 | depend: | 72 | depend: |
| 73 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 74 | 74 | ||
| 75 | dclean: | 75 | dclean: |
| 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/dso/dso_dl.c b/src/lib/libssl/src/crypto/dso/dso_dl.c index 195717e993..79d2cb4d8c 100644 --- a/src/lib/libssl/src/crypto/dso/dso_dl.c +++ b/src/lib/libssl/src/crypto/dso/dso_dl.c | |||
| @@ -126,7 +126,7 @@ static int dl_load(DSO *dso) | |||
| 126 | DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); | 126 | DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME); |
| 127 | goto err; | 127 | goto err; |
| 128 | } | 128 | } |
| 129 | ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, NULL); | 129 | ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L); |
| 130 | if(ptr == NULL) | 130 | if(ptr == NULL) |
| 131 | { | 131 | { |
| 132 | DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); | 132 | DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED); |
diff --git a/src/lib/libssl/src/crypto/dso/dso_win32.c b/src/lib/libssl/src/crypto/dso/dso_win32.c index af8586d754..6c30deb250 100644 --- a/src/lib/libssl/src/crypto/dso/dso_win32.c +++ b/src/lib/libssl/src/crypto/dso/dso_win32.c | |||
| @@ -61,7 +61,7 @@ | |||
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/dso.h> | 62 | #include <openssl/dso.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_SYS_WIN32 | 64 | #if !defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE) |
| 65 | DSO_METHOD *DSO_METHOD_win32(void) | 65 | DSO_METHOD *DSO_METHOD_win32(void) |
| 66 | { | 66 | { |
| 67 | return NULL; | 67 | return NULL; |
diff --git a/src/lib/libssl/src/crypto/ec/Makefile.ssl b/src/lib/libssl/src/crypto/ec/Makefile.ssl index ed602b4a7f..a2805c47a2 100644 --- a/src/lib/libssl/src/crypto/ec/Makefile.ssl +++ b/src/lib/libssl/src/crypto/ec/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/ec/ec.h b/src/lib/libssl/src/crypto/ec/ec.h index a52d4edf14..6d6a9b7127 100644 --- a/src/lib/libssl/src/crypto/ec/ec.h +++ b/src/lib/libssl/src/crypto/ec/ec.h | |||
| @@ -195,7 +195,6 @@ void ERR_load_EC_strings(void); | |||
| 195 | #define EC_F_EC_GROUP_GET0_GENERATOR 139 | 195 | #define EC_F_EC_GROUP_GET0_GENERATOR 139 |
| 196 | #define EC_F_EC_GROUP_GET_COFACTOR 140 | 196 | #define EC_F_EC_GROUP_GET_COFACTOR 140 |
| 197 | #define EC_F_EC_GROUP_GET_CURVE_GFP 130 | 197 | #define EC_F_EC_GROUP_GET_CURVE_GFP 130 |
| 198 | #define EC_F_EC_GROUP_GET_EXTRA_DATA 107 | ||
| 199 | #define EC_F_EC_GROUP_GET_ORDER 141 | 198 | #define EC_F_EC_GROUP_GET_ORDER 141 |
| 200 | #define EC_F_EC_GROUP_NEW 108 | 199 | #define EC_F_EC_GROUP_NEW 108 |
| 201 | #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 | 200 | #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 |
| @@ -232,7 +231,6 @@ void ERR_load_EC_strings(void); | |||
| 232 | #define EC_R_INVALID_FIELD 103 | 231 | #define EC_R_INVALID_FIELD 103 |
| 233 | #define EC_R_INVALID_FORM 104 | 232 | #define EC_R_INVALID_FORM 104 |
| 234 | #define EC_R_NOT_INITIALIZED 111 | 233 | #define EC_R_NOT_INITIALIZED 111 |
| 235 | #define EC_R_NO_SUCH_EXTRA_DATA 105 | ||
| 236 | #define EC_R_POINT_AT_INFINITY 106 | 234 | #define EC_R_POINT_AT_INFINITY 106 |
| 237 | #define EC_R_POINT_IS_NOT_ON_CURVE 107 | 235 | #define EC_R_POINT_IS_NOT_ON_CURVE 107 |
| 238 | #define EC_R_SLOT_FULL 108 | 236 | #define EC_R_SLOT_FULL 108 |
diff --git a/src/lib/libssl/src/crypto/ec/ec_err.c b/src/lib/libssl/src/crypto/ec/ec_err.c index 394cdc021f..d37b6aba87 100644 --- a/src/lib/libssl/src/crypto/ec/ec_err.c +++ b/src/lib/libssl/src/crypto/ec/ec_err.c | |||
| @@ -84,7 +84,6 @@ static ERR_STRING_DATA EC_str_functs[]= | |||
| 84 | {ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0), "EC_GROUP_get0_generator"}, | 84 | {ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0), "EC_GROUP_get0_generator"}, |
| 85 | {ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0), "EC_GROUP_get_cofactor"}, | 85 | {ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0), "EC_GROUP_get_cofactor"}, |
| 86 | {ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0), "EC_GROUP_get_curve_GFp"}, | 86 | {ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0), "EC_GROUP_get_curve_GFp"}, |
| 87 | {ERR_PACK(0,EC_F_EC_GROUP_GET_EXTRA_DATA,0), "EC_GROUP_get_extra_data"}, | ||
| 88 | {ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"}, | 87 | {ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"}, |
| 89 | {ERR_PACK(0,EC_F_EC_GROUP_NEW,0), "EC_GROUP_new"}, | 88 | {ERR_PACK(0,EC_F_EC_GROUP_NEW,0), "EC_GROUP_new"}, |
| 90 | {ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0), "EC_GROUP_precompute_mult"}, | 89 | {ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0), "EC_GROUP_precompute_mult"}, |
| @@ -124,7 +123,6 @@ static ERR_STRING_DATA EC_str_reasons[]= | |||
| 124 | {EC_R_INVALID_FIELD ,"invalid field"}, | 123 | {EC_R_INVALID_FIELD ,"invalid field"}, |
| 125 | {EC_R_INVALID_FORM ,"invalid form"}, | 124 | {EC_R_INVALID_FORM ,"invalid form"}, |
| 126 | {EC_R_NOT_INITIALIZED ,"not initialized"}, | 125 | {EC_R_NOT_INITIALIZED ,"not initialized"}, |
| 127 | {EC_R_NO_SUCH_EXTRA_DATA ,"no such extra data"}, | ||
| 128 | {EC_R_POINT_AT_INFINITY ,"point at infinity"}, | 126 | {EC_R_POINT_AT_INFINITY ,"point at infinity"}, |
| 129 | {EC_R_POINT_IS_NOT_ON_CURVE ,"point is not on curve"}, | 127 | {EC_R_POINT_IS_NOT_ON_CURVE ,"point is not on curve"}, |
| 130 | {EC_R_SLOT_FULL ,"slot full"}, | 128 | {EC_R_SLOT_FULL ,"slot full"}, |
diff --git a/src/lib/libssl/src/crypto/ec/ec_lib.c b/src/lib/libssl/src/crypto/ec/ec_lib.c index 0cf485de60..deb522060f 100644 --- a/src/lib/libssl/src/crypto/ec/ec_lib.c +++ b/src/lib/libssl/src/crypto/ec/ec_lib.c | |||
| @@ -128,7 +128,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) | |||
| 128 | 128 | ||
| 129 | EC_GROUP_clear_free_extra_data(group); | 129 | EC_GROUP_clear_free_extra_data(group); |
| 130 | 130 | ||
| 131 | memset(group, 0, sizeof *group); | 131 | OPENSSL_cleanse(group, sizeof *group); |
| 132 | OPENSSL_free(group); | 132 | OPENSSL_free(group); |
| 133 | } | 133 | } |
| 134 | 134 | ||
| @@ -268,7 +268,9 @@ void *EC_GROUP_get_extra_data(const EC_GROUP *group, void *(*extra_data_dup_func | |||
| 268 | || (group->extra_data_free_func != extra_data_free_func) | 268 | || (group->extra_data_free_func != extra_data_free_func) |
| 269 | || (group->extra_data_clear_free_func != extra_data_clear_free_func)) | 269 | || (group->extra_data_clear_free_func != extra_data_clear_free_func)) |
| 270 | { | 270 | { |
| 271 | ECerr(EC_F_EC_GROUP_GET_EXTRA_DATA, EC_R_NO_SUCH_EXTRA_DATA); | 271 | #if 0 /* this was an error in 0.9.7, but that does not make a lot of sense */ |
| 272 | ECerr(..._F_EC_GROUP_GET_EXTRA_DATA, ..._R_NO_SUCH_EXTRA_DATA); | ||
| 273 | #endif | ||
| 272 | return NULL; | 274 | return NULL; |
| 273 | } | 275 | } |
| 274 | 276 | ||
| @@ -357,7 +359,7 @@ void EC_POINT_clear_free(EC_POINT *point) | |||
| 357 | point->meth->point_clear_finish(point); | 359 | point->meth->point_clear_finish(point); |
| 358 | else if (point->meth != NULL && point->meth->point_finish != 0) | 360 | else if (point->meth != NULL && point->meth->point_finish != 0) |
| 359 | point->meth->point_finish(point); | 361 | point->meth->point_finish(point); |
| 360 | memset(point, 0, sizeof *point); | 362 | OPENSSL_cleanse(point, sizeof *point); |
| 361 | OPENSSL_free(point); | 363 | OPENSSL_free(point); |
| 362 | } | 364 | } |
| 363 | 365 | ||
diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c index 603ba31b81..4dbc931120 100644 --- a/src/lib/libssl/src/crypto/ec/ec_mult.c +++ b/src/lib/libssl/src/crypto/ec/ec_mult.c | |||
| @@ -209,6 +209,17 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 209 | EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */ | 209 | EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */ |
| 210 | int ret = 0; | 210 | int ret = 0; |
| 211 | 211 | ||
| 212 | if (group->meth != r->meth) | ||
| 213 | { | ||
| 214 | ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS); | ||
| 215 | return 0; | ||
| 216 | } | ||
| 217 | |||
| 218 | if ((scalar == NULL) && (num == 0)) | ||
| 219 | { | ||
| 220 | return EC_POINT_set_to_infinity(group, r); | ||
| 221 | } | ||
| 222 | |||
| 212 | if (scalar != NULL) | 223 | if (scalar != NULL) |
| 213 | { | 224 | { |
| 214 | generator = EC_GROUP_get0_generator(group); | 225 | generator = EC_GROUP_get0_generator(group); |
diff --git a/src/lib/libssl/src/crypto/ec/ectest.c b/src/lib/libssl/src/crypto/ec/ectest.c index eab46cc080..345d3e4289 100644 --- a/src/lib/libssl/src/crypto/ec/ectest.c +++ b/src/lib/libssl/src/crypto/ec/ectest.c | |||
| @@ -55,6 +55,11 @@ | |||
| 55 | 55 | ||
| 56 | #include <stdio.h> | 56 | #include <stdio.h> |
| 57 | #include <stdlib.h> | 57 | #include <stdlib.h> |
| 58 | #ifdef FLAT_INC | ||
| 59 | #include "e_os.h" | ||
| 60 | #else | ||
| 61 | #include "../e_os.h" | ||
| 62 | #endif | ||
| 58 | #include <string.h> | 63 | #include <string.h> |
| 59 | #include <time.h> | 64 | #include <time.h> |
| 60 | 65 | ||
| @@ -65,14 +70,16 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur | |||
| 65 | 70 | ||
| 66 | 71 | ||
| 67 | #include <openssl/ec.h> | 72 | #include <openssl/ec.h> |
| 73 | #ifndef OPENSSL_NO_ENGINE | ||
| 68 | #include <openssl/engine.h> | 74 | #include <openssl/engine.h> |
| 75 | #endif | ||
| 69 | #include <openssl/err.h> | 76 | #include <openssl/err.h> |
| 70 | 77 | ||
| 71 | #define ABORT do { \ | 78 | #define ABORT do { \ |
| 72 | fflush(stdout); \ | 79 | fflush(stdout); \ |
| 73 | fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ | 80 | fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ |
| 74 | ERR_print_errors_fp(stderr); \ | 81 | ERR_print_errors_fp(stderr); \ |
| 75 | exit(1); \ | 82 | EXIT(1); \ |
| 76 | } while (0) | 83 | } while (0) |
| 77 | 84 | ||
| 78 | #if 0 | 85 | #if 0 |
| @@ -623,7 +630,9 @@ int main(int argc, char *argv[]) | |||
| 623 | if (P_384) EC_GROUP_free(P_384); | 630 | if (P_384) EC_GROUP_free(P_384); |
| 624 | if (P_521) EC_GROUP_free(P_521); | 631 | if (P_521) EC_GROUP_free(P_521); |
| 625 | 632 | ||
| 633 | #ifndef OPENSSL_NO_ENGINE | ||
| 626 | ENGINE_cleanup(); | 634 | ENGINE_cleanup(); |
| 635 | #endif | ||
| 627 | CRYPTO_cleanup_all_ex_data(); | 636 | CRYPTO_cleanup_all_ex_data(); |
| 628 | ERR_free_strings(); | 637 | ERR_free_strings(); |
| 629 | ERR_remove_state(0); | 638 | ERR_remove_state(0); |
diff --git a/src/lib/libssl/src/crypto/engine/Makefile.ssl b/src/lib/libssl/src/crypto/engine/Makefile.ssl index 8bc8985e02..30a4446ff9 100644 --- a/src/lib/libssl/src/crypto/engine/Makefile.ssl +++ b/src/lib/libssl/src/crypto/engine/Makefile.ssl | |||
| @@ -50,7 +50,7 @@ all: lib | |||
| 50 | 50 | ||
| 51 | lib: $(LIBOBJ) | 51 | lib: $(LIBOBJ) |
| 52 | $(AR) $(LIB) $(LIBOBJ) | 52 | $(AR) $(LIB) $(LIBOBJ) |
| 53 | $(RANLIB) $(LIB) | 53 | $(RANLIB) $(LIB) || echo Never mind. |
| 54 | @touch lib | 54 | @touch lib |
| 55 | 55 | ||
| 56 | files: | 56 | files: |
| @@ -82,7 +82,7 @@ lint: | |||
| 82 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 82 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 83 | 83 | ||
| 84 | depend: | 84 | depend: |
| 85 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 85 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 86 | 86 | ||
| 87 | dclean: | 87 | dclean: |
| 88 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 88 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -304,6 +304,27 @@ hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | |||
| 304 | hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 304 | hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 305 | hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h | 305 | hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h |
| 306 | hw_atalla.o: vendor_defns/atalla.h | 306 | hw_atalla.o: vendor_defns/atalla.h |
| 307 | hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | ||
| 308 | hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | ||
| 309 | hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h | ||
| 310 | hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
| 311 | hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | ||
| 312 | hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
| 313 | hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 314 | hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h | ||
| 315 | hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | ||
| 316 | hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | ||
| 317 | hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | ||
| 318 | hw_cryptodev.o: ../../include/openssl/objects.h | ||
| 319 | hw_cryptodev.o: ../../include/openssl/opensslconf.h | ||
| 320 | hw_cryptodev.o: ../../include/openssl/opensslv.h | ||
| 321 | hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
| 322 | hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | ||
| 323 | hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | ||
| 324 | hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 325 | hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 326 | hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 327 | hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c | ||
| 307 | hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h | 328 | hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h |
| 308 | hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 329 | hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 309 | hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 330 | hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| @@ -354,45 +375,6 @@ hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | |||
| 354 | hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 375 | hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 355 | hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 376 | hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 356 | hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h | 377 | hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h |
| 357 | hw_cryptodev.o: ../../include/openssl/aes.h | ||
| 358 | hw_cryptodev.o: ../../include/openssl/asn1.h | ||
| 359 | hw_cryptodev.o: ../../include/openssl/bio.h | ||
| 360 | hw_cryptodev.o: ../../include/openssl/blowfish.h | ||
| 361 | hw_cryptodev.o: ../../include/openssl/bn.h | ||
| 362 | hw_cryptodev.o: ../../include/openssl/cast.h | ||
| 363 | hw_cryptodev.o: ../../include/openssl/conf.h | ||
| 364 | hw_cryptodev.o: ../../include/openssl/crypto.h | ||
| 365 | hw_cryptodev.o: ../../include/openssl/des.h | ||
| 366 | hw_cryptodev.o: ../../include/openssl/des_old.h | ||
| 367 | hw_cryptodev.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
| 368 | hw_cryptodev.o: ../../include/openssl/e_os2.h | ||
| 369 | hw_cryptodev.o: ../../include/openssl/engine.h | ||
| 370 | hw_cryptodev.o: ../../include/openssl/err.h | ||
| 371 | hw_cryptodev.o: ../../include/openssl/evp.h | ||
| 372 | hw_cryptodev.o: ../../include/openssl/idea.h | ||
| 373 | hw_cryptodev.o: ../../include/openssl/lhash.h | ||
| 374 | hw_cryptodev.o: ../../include/openssl/md2.h | ||
| 375 | hw_cryptodev.o: ../../include/openssl/md4.h | ||
| 376 | hw_cryptodev.o: ../../include/openssl/md5.h | ||
| 377 | hw_cryptodev.o: ../../include/openssl/mdc2.h | ||
| 378 | hw_cryptodev.o: ../../include/openssl/obj_mac.h | ||
| 379 | hw_cryptodev.o: ../../include/openssl/objects.h | ||
| 380 | hw_cryptodev.o: ../../include/openssl/opensslconf.h | ||
| 381 | hw_cryptodev.o: ../../include/openssl/opensslv.h | ||
| 382 | hw_cryptodev.o: ../../include/openssl/ossl_typ.h | ||
| 383 | hw_cryptodev.o: ../../include/openssl/rand.h | ||
| 384 | hw_cryptodev.o: ../../include/openssl/rc2.h | ||
| 385 | hw_cryptodev.o: ../../include/openssl/rc4.h | ||
| 386 | hw_cryptodev.o: ../../include/openssl/rc5.h | ||
| 387 | hw_cryptodev.o: ../../include/openssl/ripemd.h | ||
| 388 | hw_cryptodev.o: ../../include/openssl/rsa.h | ||
| 389 | hw_cryptodev.o: ../../include/openssl/safestack.h | ||
| 390 | hw_cryptodev.o: ../../include/openssl/sha.h | ||
| 391 | hw_cryptodev.o: ../../include/openssl/stack.h | ||
| 392 | hw_cryptodev.o: ../../include/openssl/symhacks.h | ||
| 393 | hw_cryptodev.o: ../../include/openssl/ui.h | ||
| 394 | hw_cryptodev.o: ../../include/openssl/ui_compat.h ../evp/evp_locl.h | ||
| 395 | hw_cryptodev.o: eng_int.h hw_cryptodev.c | ||
| 396 | hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h | 378 | hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h |
| 397 | hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 379 | hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 398 | hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | 380 | hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h |
diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c index bc50465422..0f6992a40d 100644 --- a/src/lib/libssl/src/crypto/engine/eng_all.c +++ b/src/lib/libssl/src/crypto/engine/eng_all.c | |||
| @@ -60,10 +60,6 @@ | |||
| 60 | #include <openssl/engine.h> | 60 | #include <openssl/engine.h> |
| 61 | #include "eng_int.h" | 61 | #include "eng_int.h" |
| 62 | 62 | ||
| 63 | #ifdef __OpenBSD__ | ||
| 64 | static int openbsd_default_loaded = 0; | ||
| 65 | #endif | ||
| 66 | |||
| 67 | void ENGINE_load_builtin_engines(void) | 63 | void ENGINE_load_builtin_engines(void) |
| 68 | { | 64 | { |
| 69 | /* There's no longer any need for an "openssl" ENGINE unless, one day, | 65 | /* There's no longer any need for an "openssl" ENGINE unless, one day, |
| @@ -99,21 +95,19 @@ void ENGINE_load_builtin_engines(void) | |||
| 99 | #ifndef OPENSSL_NO_HW_4758_CCA | 95 | #ifndef OPENSSL_NO_HW_4758_CCA |
| 100 | ENGINE_load_4758cca(); | 96 | ENGINE_load_4758cca(); |
| 101 | #endif | 97 | #endif |
| 102 | #ifdef OPENSSL_OPENBSD_DEV_CRYPTO | 98 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 103 | ENGINE_load_openbsd_dev_crypto(); | ||
| 104 | #endif | ||
| 105 | #ifdef __OpenBSD__ | ||
| 106 | ENGINE_load_cryptodev(); | 99 | ENGINE_load_cryptodev(); |
| 107 | #endif | 100 | #endif |
| 108 | #endif | 101 | #endif |
| 109 | } | 102 | } |
| 110 | 103 | ||
| 111 | #ifdef __OpenBSD__ | 104 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 112 | void ENGINE_setup_openbsd(void) { | 105 | void ENGINE_setup_bsd_cryptodev(void) { |
| 113 | if (!openbsd_default_loaded) { | 106 | static int bsd_cryptodev_default_loaded = 0; |
| 107 | if (!bsd_cryptodev_default_loaded) { | ||
| 114 | ENGINE_load_cryptodev(); | 108 | ENGINE_load_cryptodev(); |
| 115 | ENGINE_register_all_complete(); | 109 | ENGINE_register_all_complete(); |
| 116 | } | 110 | } |
| 117 | openbsd_default_loaded=1; | 111 | bsd_cryptodev_default_loaded=1; |
| 118 | } | 112 | } |
| 119 | #endif | 113 | #endif |
diff --git a/src/lib/libssl/src/crypto/engine/eng_err.c b/src/lib/libssl/src/crypto/engine/eng_err.c index f6c5630395..814d95ee32 100644 --- a/src/lib/libssl/src/crypto/engine/eng_err.c +++ b/src/lib/libssl/src/crypto/engine/eng_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/engine/eng_err.c */ | 1 | /* crypto/engine/eng_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -96,6 +96,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 96 | {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"}, | 96 | {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"}, |
| 97 | {ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"}, | 97 | {ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"}, |
| 98 | {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"}, | 98 | {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"}, |
| 99 | {ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0), "ENGINE_up_ref"}, | ||
| 99 | {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"}, | 100 | {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"}, |
| 100 | {ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0), "INT_ENGINE_CONFIGURE"}, | 101 | {ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0), "INT_ENGINE_CONFIGURE"}, |
| 101 | {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"}, | 102 | {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"}, |
diff --git a/src/lib/libssl/src/crypto/engine/eng_fat.c b/src/lib/libssl/src/crypto/engine/eng_fat.c index f7edb5ad32..0d7dae00b2 100644 --- a/src/lib/libssl/src/crypto/engine/eng_fat.c +++ b/src/lib/libssl/src/crypto/engine/eng_fat.c | |||
| @@ -66,18 +66,18 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) | |||
| 66 | if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) | 66 | if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) |
| 67 | return 0; | 67 | return 0; |
| 68 | #ifndef OPENSSL_NO_RSA | 68 | #ifndef OPENSSL_NO_RSA |
| 69 | if((flags & ENGINE_METHOD_RSA) & !ENGINE_set_default_RSA(e)) | 69 | if((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) |
| 70 | return 0; | 70 | return 0; |
| 71 | #endif | 71 | #endif |
| 72 | #ifndef OPENSSL_NO_DSA | 72 | #ifndef OPENSSL_NO_DSA |
| 73 | if((flags & ENGINE_METHOD_DSA) & !ENGINE_set_default_DSA(e)) | 73 | if((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) |
| 74 | return 0; | 74 | return 0; |
| 75 | #endif | 75 | #endif |
| 76 | #ifndef OPENSSL_NO_DH | 76 | #ifndef OPENSSL_NO_DH |
| 77 | if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e)) | 77 | if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) |
| 78 | return 0; | 78 | return 0; |
| 79 | #endif | 79 | #endif |
| 80 | if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e)) | 80 | if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) |
| 81 | return 0; | 81 | return 0; |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
diff --git a/src/lib/libssl/src/crypto/engine/eng_list.c b/src/lib/libssl/src/crypto/engine/eng_list.c index 0c220558e7..1cc3217f4c 100644 --- a/src/lib/libssl/src/crypto/engine/eng_list.c +++ b/src/lib/libssl/src/crypto/engine/eng_list.c | |||
| @@ -191,14 +191,14 @@ ENGINE *ENGINE_get_first(void) | |||
| 191 | { | 191 | { |
| 192 | ENGINE *ret; | 192 | ENGINE *ret; |
| 193 | 193 | ||
| 194 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 194 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 195 | ret = engine_list_head; | 195 | ret = engine_list_head; |
| 196 | if(ret) | 196 | if(ret) |
| 197 | { | 197 | { |
| 198 | ret->struct_ref++; | 198 | ret->struct_ref++; |
| 199 | engine_ref_debug(ret, 0, 1) | 199 | engine_ref_debug(ret, 0, 1) |
| 200 | } | 200 | } |
| 201 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 201 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 202 | return ret; | 202 | return ret; |
| 203 | } | 203 | } |
| 204 | 204 | ||
| @@ -206,14 +206,14 @@ ENGINE *ENGINE_get_last(void) | |||
| 206 | { | 206 | { |
| 207 | ENGINE *ret; | 207 | ENGINE *ret; |
| 208 | 208 | ||
| 209 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 209 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 210 | ret = engine_list_tail; | 210 | ret = engine_list_tail; |
| 211 | if(ret) | 211 | if(ret) |
| 212 | { | 212 | { |
| 213 | ret->struct_ref++; | 213 | ret->struct_ref++; |
| 214 | engine_ref_debug(ret, 0, 1) | 214 | engine_ref_debug(ret, 0, 1) |
| 215 | } | 215 | } |
| 216 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 216 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 217 | return ret; | 217 | return ret; |
| 218 | } | 218 | } |
| 219 | 219 | ||
| @@ -227,7 +227,7 @@ ENGINE *ENGINE_get_next(ENGINE *e) | |||
| 227 | ERR_R_PASSED_NULL_PARAMETER); | 227 | ERR_R_PASSED_NULL_PARAMETER); |
| 228 | return 0; | 228 | return 0; |
| 229 | } | 229 | } |
| 230 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 230 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 231 | ret = e->next; | 231 | ret = e->next; |
| 232 | if(ret) | 232 | if(ret) |
| 233 | { | 233 | { |
| @@ -235,7 +235,7 @@ ENGINE *ENGINE_get_next(ENGINE *e) | |||
| 235 | ret->struct_ref++; | 235 | ret->struct_ref++; |
| 236 | engine_ref_debug(ret, 0, 1) | 236 | engine_ref_debug(ret, 0, 1) |
| 237 | } | 237 | } |
| 238 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 238 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 239 | /* Release the structural reference to the previous ENGINE */ | 239 | /* Release the structural reference to the previous ENGINE */ |
| 240 | ENGINE_free(e); | 240 | ENGINE_free(e); |
| 241 | return ret; | 241 | return ret; |
| @@ -250,7 +250,7 @@ ENGINE *ENGINE_get_prev(ENGINE *e) | |||
| 250 | ERR_R_PASSED_NULL_PARAMETER); | 250 | ERR_R_PASSED_NULL_PARAMETER); |
| 251 | return 0; | 251 | return 0; |
| 252 | } | 252 | } |
| 253 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 253 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 254 | ret = e->prev; | 254 | ret = e->prev; |
| 255 | if(ret) | 255 | if(ret) |
| 256 | { | 256 | { |
| @@ -258,7 +258,7 @@ ENGINE *ENGINE_get_prev(ENGINE *e) | |||
| 258 | ret->struct_ref++; | 258 | ret->struct_ref++; |
| 259 | engine_ref_debug(ret, 0, 1) | 259 | engine_ref_debug(ret, 0, 1) |
| 260 | } | 260 | } |
| 261 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 261 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 262 | /* Release the structural reference to the previous ENGINE */ | 262 | /* Release the structural reference to the previous ENGINE */ |
| 263 | ENGINE_free(e); | 263 | ENGINE_free(e); |
| 264 | return ret; | 264 | return ret; |
| @@ -346,7 +346,7 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 346 | ERR_R_PASSED_NULL_PARAMETER); | 346 | ERR_R_PASSED_NULL_PARAMETER); |
| 347 | return NULL; | 347 | return NULL; |
| 348 | } | 348 | } |
| 349 | CRYPTO_r_lock(CRYPTO_LOCK_ENGINE); | 349 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
| 350 | iterator = engine_list_head; | 350 | iterator = engine_list_head; |
| 351 | while(iterator && (strcmp(id, iterator->id) != 0)) | 351 | while(iterator && (strcmp(id, iterator->id) != 0)) |
| 352 | iterator = iterator->next; | 352 | iterator = iterator->next; |
| @@ -372,7 +372,7 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 372 | engine_ref_debug(iterator, 0, 1) | 372 | engine_ref_debug(iterator, 0, 1) |
| 373 | } | 373 | } |
| 374 | } | 374 | } |
| 375 | CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE); | 375 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
| 376 | if(iterator == NULL) | 376 | if(iterator == NULL) |
| 377 | { | 377 | { |
| 378 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, | 378 | ENGINEerr(ENGINE_F_ENGINE_BY_ID, |
| @@ -381,3 +381,14 @@ ENGINE *ENGINE_by_id(const char *id) | |||
| 381 | } | 381 | } |
| 382 | return iterator; | 382 | return iterator; |
| 383 | } | 383 | } |
| 384 | |||
| 385 | int ENGINE_up_ref(ENGINE *e) | ||
| 386 | { | ||
| 387 | if (e == NULL) | ||
| 388 | { | ||
| 389 | ENGINEerr(ENGINE_F_ENGINE_UP_REF,ERR_R_PASSED_NULL_PARAMETER); | ||
| 390 | return 0; | ||
| 391 | } | ||
| 392 | CRYPTO_add(&e->struct_ref,1,CRYPTO_LOCK_ENGINE); | ||
| 393 | return 1; | ||
| 394 | } | ||
diff --git a/src/lib/libssl/src/crypto/engine/eng_openssl.c b/src/lib/libssl/src/crypto/engine/eng_openssl.c index e9d976f46b..54579eea2e 100644 --- a/src/lib/libssl/src/crypto/engine/eng_openssl.c +++ b/src/lib/libssl/src/crypto/engine/eng_openssl.c | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/engine.h> | 63 | #include <openssl/engine.h> |
| 64 | #include <openssl/dso.h> | 64 | #include <openssl/dso.h> |
| 65 | #include <openssl/pem.h> | 65 | #include <openssl/pem.h> |
| 66 | #include <openssl/evp.h> | ||
| 66 | 67 | ||
| 67 | /* This testing gunk is implemented (and explained) lower down. It also assumes | 68 | /* This testing gunk is implemented (and explained) lower down. It also assumes |
| 68 | * the application explicitly calls "ENGINE_load_openssl()" because this is no | 69 | * the application explicitly calls "ENGINE_load_openssl()" because this is no |
| @@ -78,6 +79,21 @@ | |||
| 78 | /* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */ | 79 | /* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */ |
| 79 | /* #define TEST_ENG_OPENSSL_SHA_P_FINAL */ | 80 | /* #define TEST_ENG_OPENSSL_SHA_P_FINAL */ |
| 80 | 81 | ||
| 82 | /* Now check what of those algorithms are actually enabled */ | ||
| 83 | #ifdef OPENSSL_NO_RC4 | ||
| 84 | #undef TEST_ENG_OPENSSL_RC4 | ||
| 85 | #undef TEST_ENG_OPENSSL_RC4_OTHERS | ||
| 86 | #undef TEST_ENG_OPENSSL_RC4_P_INIT | ||
| 87 | #undef TEST_ENG_OPENSSL_RC4_P_CIPHER | ||
| 88 | #endif | ||
| 89 | #if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1) | ||
| 90 | #undef TEST_ENG_OPENSSL_SHA | ||
| 91 | #undef TEST_ENG_OPENSSL_SHA_OTHERS | ||
| 92 | #undef TEST_ENG_OPENSSL_SHA_P_INIT | ||
| 93 | #undef TEST_ENG_OPENSSL_SHA_P_UPDATE | ||
| 94 | #undef TEST_ENG_OPENSSL_SHA_P_FINAL | ||
| 95 | #endif | ||
| 96 | |||
| 81 | #ifdef TEST_ENG_OPENSSL_RC4 | 97 | #ifdef TEST_ENG_OPENSSL_RC4 |
| 82 | static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | 98 | static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
| 83 | const int **nids, int nid); | 99 | const int **nids, int nid); |
| @@ -180,7 +196,6 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) | |||
| 180 | * the "init_key" handler is called. | 196 | * the "init_key" handler is called. |
| 181 | * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler. | 197 | * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler. |
| 182 | */ | 198 | */ |
| 183 | #include <openssl/evp.h> | ||
| 184 | #include <openssl/rc4.h> | 199 | #include <openssl/rc4.h> |
| 185 | #define TEST_RC4_KEY_SIZE 16 | 200 | #define TEST_RC4_KEY_SIZE 16 |
| 186 | static int test_cipher_nids[] = {NID_rc4,NID_rc4_40}; | 201 | static int test_cipher_nids[] = {NID_rc4,NID_rc4_40}; |
| @@ -265,7 +280,6 @@ static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |||
| 265 | 280 | ||
| 266 | #ifdef TEST_ENG_OPENSSL_SHA | 281 | #ifdef TEST_ENG_OPENSSL_SHA |
| 267 | /* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */ | 282 | /* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */ |
| 268 | #include <openssl/evp.h> | ||
| 269 | #include <openssl/sha.h> | 283 | #include <openssl/sha.h> |
| 270 | static int test_digest_nids[] = {NID_sha1}; | 284 | static int test_digest_nids[] = {NID_sha1}; |
| 271 | static int test_digest_nids_number = 1; | 285 | static int test_digest_nids_number = 1; |
diff --git a/src/lib/libssl/src/crypto/engine/engine.h b/src/lib/libssl/src/crypto/engine/engine.h index fd17ff616d..8686879e1a 100644 --- a/src/lib/libssl/src/crypto/engine/engine.h +++ b/src/lib/libssl/src/crypto/engine/engine.h | |||
| @@ -59,6 +59,12 @@ | |||
| 59 | #ifndef HEADER_ENGINE_H | 59 | #ifndef HEADER_ENGINE_H |
| 60 | #define HEADER_ENGINE_H | 60 | #define HEADER_ENGINE_H |
| 61 | 61 | ||
| 62 | #include <openssl/opensslconf.h> | ||
| 63 | |||
| 64 | #ifdef OPENSSL_NO_ENGINE | ||
| 65 | #error ENGINE is disabled. | ||
| 66 | #endif | ||
| 67 | |||
| 62 | #include <openssl/ossl_typ.h> | 68 | #include <openssl/ossl_typ.h> |
| 63 | #include <openssl/bn.h> | 69 | #include <openssl/bn.h> |
| 64 | #ifndef OPENSSL_NO_RSA | 70 | #ifndef OPENSSL_NO_RSA |
| @@ -307,11 +313,8 @@ void ENGINE_load_ubsec(void); | |||
| 307 | void ENGINE_load_aep(void); | 313 | void ENGINE_load_aep(void); |
| 308 | void ENGINE_load_sureware(void); | 314 | void ENGINE_load_sureware(void); |
| 309 | void ENGINE_load_4758cca(void); | 315 | void ENGINE_load_4758cca(void); |
| 310 | void ENGINE_load_openbsd_dev_crypto(void); | ||
| 311 | void ENGINE_load_builtin_engines(void); | ||
| 312 | #ifdef __OpenBSD__ | ||
| 313 | void ENGINE_load_cryptodev(void); | 316 | void ENGINE_load_cryptodev(void); |
| 314 | #endif | 317 | void ENGINE_load_builtin_engines(void); |
| 315 | 318 | ||
| 316 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation | 319 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation |
| 317 | * "registry" handling. */ | 320 | * "registry" handling. */ |
| @@ -409,6 +412,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, | |||
| 409 | * compatibility! */ | 412 | * compatibility! */ |
| 410 | ENGINE *ENGINE_new(void); | 413 | ENGINE *ENGINE_new(void); |
| 411 | int ENGINE_free(ENGINE *e); | 414 | int ENGINE_free(ENGINE *e); |
| 415 | int ENGINE_up_ref(ENGINE *e); | ||
| 412 | int ENGINE_set_id(ENGINE *e, const char *id); | 416 | int ENGINE_set_id(ENGINE *e, const char *id); |
| 413 | int ENGINE_set_name(ENGINE *e, const char *name); | 417 | int ENGINE_set_name(ENGINE *e, const char *name); |
| 414 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); | 418 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); |
| @@ -665,6 +669,7 @@ void ERR_load_ENGINE_strings(void); | |||
| 665 | #define ENGINE_F_ENGINE_SET_NAME 130 | 669 | #define ENGINE_F_ENGINE_SET_NAME 130 |
| 666 | #define ENGINE_F_ENGINE_TABLE_REGISTER 184 | 670 | #define ENGINE_F_ENGINE_TABLE_REGISTER 184 |
| 667 | #define ENGINE_F_ENGINE_UNLOAD_KEY 152 | 671 | #define ENGINE_F_ENGINE_UNLOAD_KEY 152 |
| 672 | #define ENGINE_F_ENGINE_UP_REF 190 | ||
| 668 | #define ENGINE_F_INT_CTRL_HELPER 172 | 673 | #define ENGINE_F_INT_CTRL_HELPER 172 |
| 669 | #define ENGINE_F_INT_ENGINE_CONFIGURE 188 | 674 | #define ENGINE_F_INT_ENGINE_CONFIGURE 188 |
| 670 | #define ENGINE_F_LOG_MESSAGE 141 | 675 | #define ENGINE_F_LOG_MESSAGE 141 |
diff --git a/src/lib/libssl/src/crypto/engine/enginetest.c b/src/lib/libssl/src/crypto/engine/enginetest.c index 87fa8c57b7..c2d0297392 100644 --- a/src/lib/libssl/src/crypto/engine/enginetest.c +++ b/src/lib/libssl/src/crypto/engine/enginetest.c | |||
| @@ -56,9 +56,17 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/e_os2.h> | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include <string.h> | 60 | #include <string.h> |
| 61 | |||
| 62 | #ifdef OPENSSL_NO_ENGINE | ||
| 63 | int main(int argc, char *argv[]) | ||
| 64 | { | ||
| 65 | printf("No ENGINE support\n"); | ||
| 66 | return(0); | ||
| 67 | } | ||
| 68 | #else | ||
| 69 | #include <openssl/e_os2.h> | ||
| 62 | #include <openssl/buffer.h> | 70 | #include <openssl/buffer.h> |
| 63 | #include <openssl/crypto.h> | 71 | #include <openssl/crypto.h> |
| 64 | #include <openssl/engine.h> | 72 | #include <openssl/engine.h> |
| @@ -272,3 +280,4 @@ end: | |||
| 272 | CRYPTO_mem_leaks_fp(stderr); | 280 | CRYPTO_mem_leaks_fp(stderr); |
| 273 | return to_return; | 281 | return to_return; |
| 274 | } | 282 | } |
| 283 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/engine/hw_4758_cca.c b/src/lib/libssl/src/crypto/engine/hw_4758_cca.c index 6d41b9ed2a..4f5ae8a46d 100644 --- a/src/lib/libssl/src/crypto/engine/hw_4758_cca.c +++ b/src/lib/libssl/src/crypto/engine/hw_4758_cca.c | |||
| @@ -223,6 +223,7 @@ static int bind_helper(ENGINE *e) | |||
| 223 | return 1; | 223 | return 1; |
| 224 | } | 224 | } |
| 225 | 225 | ||
| 226 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 226 | static ENGINE *engine_4758_cca(void) | 227 | static ENGINE *engine_4758_cca(void) |
| 227 | { | 228 | { |
| 228 | ENGINE *ret = ENGINE_new(); | 229 | ENGINE *ret = ENGINE_new(); |
| @@ -244,6 +245,7 @@ void ENGINE_load_4758cca(void) | |||
| 244 | ENGINE_free(e_4758); | 245 | ENGINE_free(e_4758); |
| 245 | ERR_clear_error(); | 246 | ERR_clear_error(); |
| 246 | } | 247 | } |
| 248 | #endif | ||
| 247 | 249 | ||
| 248 | static int ibm_4758_cca_destroy(ENGINE *e) | 250 | static int ibm_4758_cca_destroy(ENGINE *e) |
| 249 | { | 251 | { |
| @@ -715,7 +717,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, | |||
| 715 | 717 | ||
| 716 | if (type == NID_sha1 || type == NID_md5) | 718 | if (type == NID_sha1 || type == NID_md5) |
| 717 | { | 719 | { |
| 718 | memset(hashBuffer, 0, keyLength+1); | 720 | OPENSSL_cleanse(hashBuffer, keyLength+1); |
| 719 | OPENSSL_free(hashBuffer); | 721 | OPENSSL_free(hashBuffer); |
| 720 | } | 722 | } |
| 721 | 723 | ||
| @@ -838,7 +840,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 838 | 840 | ||
| 839 | if (type == NID_sha1 || type == NID_md5) | 841 | if (type == NID_sha1 || type == NID_md5) |
| 840 | { | 842 | { |
| 841 | memset(hashBuffer, 0, keyLength+1); | 843 | OPENSSL_cleanse(hashBuffer, keyLength+1); |
| 842 | OPENSSL_free(hashBuffer); | 844 | OPENSSL_free(hashBuffer); |
| 843 | } | 845 | } |
| 844 | 846 | ||
diff --git a/src/lib/libssl/src/crypto/engine/hw_atalla.c b/src/lib/libssl/src/crypto/engine/hw_atalla.c index 6151c46902..e9eff9fad1 100644 --- a/src/lib/libssl/src/crypto/engine/hw_atalla.c +++ b/src/lib/libssl/src/crypto/engine/hw_atalla.c | |||
| @@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e) | |||
| 242 | return 1; | 242 | return 1; |
| 243 | } | 243 | } |
| 244 | 244 | ||
| 245 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 245 | static ENGINE *engine_atalla(void) | 246 | static ENGINE *engine_atalla(void) |
| 246 | { | 247 | { |
| 247 | ENGINE *ret = ENGINE_new(); | 248 | ENGINE *ret = ENGINE_new(); |
| @@ -264,6 +265,7 @@ void ENGINE_load_atalla(void) | |||
| 264 | ENGINE_free(toadd); | 265 | ENGINE_free(toadd); |
| 265 | ERR_clear_error(); | 266 | ERR_clear_error(); |
| 266 | } | 267 | } |
| 268 | #endif | ||
| 267 | 269 | ||
| 268 | /* This is a process-global DSO handle used for loading and unloading | 270 | /* This is a process-global DSO handle used for loading and unloading |
| 269 | * the Atalla library. NB: This is only set (or unset) during an | 271 | * the Atalla library. NB: This is only set (or unset) during an |
diff --git a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c index 034c7ca213..139119b80c 100644 --- a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c +++ b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c | |||
| @@ -29,8 +29,32 @@ | |||
| 29 | * | 29 | * |
| 30 | */ | 30 | */ |
| 31 | 31 | ||
| 32 | #include <sys/types.h> | 32 | #include <openssl/objects.h> |
| 33 | #include <openssl/engine.h> | ||
| 34 | #include <openssl/evp.h> | ||
| 35 | |||
| 36 | #if (defined(__unix__) || defined(unix)) && !defined(USG) | ||
| 33 | #include <sys/param.h> | 37 | #include <sys/param.h> |
| 38 | # if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) | ||
| 39 | # define HAVE_CRYPTODEV | ||
| 40 | # endif | ||
| 41 | # if (OpenBSD >= 200110) | ||
| 42 | # define HAVE_SYSLOG_R | ||
| 43 | # endif | ||
| 44 | #endif | ||
| 45 | |||
| 46 | #ifndef HAVE_CRYPTODEV | ||
| 47 | |||
| 48 | void | ||
| 49 | ENGINE_load_cryptodev(void) | ||
| 50 | { | ||
| 51 | /* This is a NOP on platforms without /dev/crypto */ | ||
| 52 | return; | ||
| 53 | } | ||
| 54 | |||
| 55 | #else | ||
| 56 | |||
| 57 | #include <sys/types.h> | ||
| 34 | #include <crypto/cryptodev.h> | 58 | #include <crypto/cryptodev.h> |
| 35 | #include <sys/ioctl.h> | 59 | #include <sys/ioctl.h> |
| 36 | #include <errno.h> | 60 | #include <errno.h> |
| @@ -39,9 +63,6 @@ | |||
| 39 | #include <fcntl.h> | 63 | #include <fcntl.h> |
| 40 | #include <stdarg.h> | 64 | #include <stdarg.h> |
| 41 | #include <syslog.h> | 65 | #include <syslog.h> |
| 42 | #include <ssl/objects.h> | ||
| 43 | #include <ssl/engine.h> | ||
| 44 | #include <ssl/evp.h> | ||
| 45 | #include <errno.h> | 66 | #include <errno.h> |
| 46 | #include <string.h> | 67 | #include <string.h> |
| 47 | 68 | ||
| @@ -101,10 +122,6 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | |||
| 101 | void ENGINE_load_cryptodev(void); | 122 | void ENGINE_load_cryptodev(void); |
| 102 | 123 | ||
| 103 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | 124 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { |
| 104 | {ENGINE_CMD_BASE, | ||
| 105 | "SO_PATH", | ||
| 106 | "Specifies the path to the some stupid shared library", | ||
| 107 | ENGINE_CMD_FLAG_STRING}, | ||
| 108 | { 0, NULL, NULL, 0 } | 125 | { 0, NULL, NULL, 0 } |
| 109 | }; | 126 | }; |
| 110 | 127 | ||
| @@ -1011,12 +1028,18 @@ static DH_METHOD cryptodev_dh = { | |||
| 1011 | static int | 1028 | static int |
| 1012 | cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | 1029 | cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) |
| 1013 | { | 1030 | { |
| 1031 | #ifdef HAVE_SYSLOG_R | ||
| 1014 | struct syslog_data sd = SYSLOG_DATA_INIT; | 1032 | struct syslog_data sd = SYSLOG_DATA_INIT; |
| 1033 | #endif | ||
| 1015 | 1034 | ||
| 1016 | switch (cmd) { | 1035 | switch (cmd) { |
| 1017 | default: | 1036 | default: |
| 1037 | #ifdef HAVE_SYSLOG_R | ||
| 1018 | syslog_r(LOG_ERR, &sd, | 1038 | syslog_r(LOG_ERR, &sd, |
| 1019 | "cryptodev_ctrl: unknown command %d", cmd); | 1039 | "cryptodev_ctrl: unknown command %d", cmd); |
| 1040 | #else | ||
| 1041 | syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd); | ||
| 1042 | #endif | ||
| 1020 | break; | 1043 | break; |
| 1021 | } | 1044 | } |
| 1022 | return (1); | 1045 | return (1); |
| @@ -1043,7 +1066,7 @@ ENGINE_load_cryptodev(void) | |||
| 1043 | close(fd); | 1066 | close(fd); |
| 1044 | 1067 | ||
| 1045 | if (!ENGINE_set_id(engine, "cryptodev") || | 1068 | if (!ENGINE_set_id(engine, "cryptodev") || |
| 1046 | !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || | 1069 | !ENGINE_set_name(engine, "BSD cryptodev engine") || |
| 1047 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | 1070 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || |
| 1048 | !ENGINE_set_digests(engine, cryptodev_engine_digests) || | 1071 | !ENGINE_set_digests(engine, cryptodev_engine_digests) || |
| 1049 | !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || | 1072 | !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || |
| @@ -1104,3 +1127,5 @@ ENGINE_load_cryptodev(void) | |||
| 1104 | ENGINE_free(engine); | 1127 | ENGINE_free(engine); |
| 1105 | ERR_clear_error(); | 1128 | ERR_clear_error(); |
| 1106 | } | 1129 | } |
| 1130 | |||
| 1131 | #endif /* HAVE_CRYPTODEV */ | ||
diff --git a/src/lib/libssl/src/crypto/engine/hw_cswift.c b/src/lib/libssl/src/crypto/engine/hw_cswift.c index f5c897bdbb..f128ee5a68 100644 --- a/src/lib/libssl/src/crypto/engine/hw_cswift.c +++ b/src/lib/libssl/src/crypto/engine/hw_cswift.c | |||
| @@ -121,6 +121,10 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | |||
| 121 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 121 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); |
| 122 | #endif | 122 | #endif |
| 123 | 123 | ||
| 124 | /* RAND stuff */ | ||
| 125 | static int cswift_rand_bytes(unsigned char *buf, int num); | ||
| 126 | static int cswift_rand_status(void); | ||
| 127 | |||
| 124 | /* The definitions for control commands specific to this engine */ | 128 | /* The definitions for control commands specific to this engine */ |
| 125 | #define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE | 129 | #define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE |
| 126 | static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { | 130 | static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { |
| @@ -183,6 +187,18 @@ static DH_METHOD cswift_dh = | |||
| 183 | }; | 187 | }; |
| 184 | #endif | 188 | #endif |
| 185 | 189 | ||
| 190 | static RAND_METHOD cswift_random = | ||
| 191 | { | ||
| 192 | /* "CryptoSwift RAND method", */ | ||
| 193 | NULL, | ||
| 194 | cswift_rand_bytes, | ||
| 195 | NULL, | ||
| 196 | NULL, | ||
| 197 | cswift_rand_bytes, | ||
| 198 | cswift_rand_status, | ||
| 199 | }; | ||
| 200 | |||
| 201 | |||
| 186 | /* Constants used when creating the ENGINE */ | 202 | /* Constants used when creating the ENGINE */ |
| 187 | static const char *engine_cswift_id = "cswift"; | 203 | static const char *engine_cswift_id = "cswift"; |
| 188 | static const char *engine_cswift_name = "CryptoSwift hardware engine support"; | 204 | static const char *engine_cswift_name = "CryptoSwift hardware engine support"; |
| @@ -208,6 +224,7 @@ static int bind_helper(ENGINE *e) | |||
| 208 | #ifndef OPENSSL_NO_DH | 224 | #ifndef OPENSSL_NO_DH |
| 209 | !ENGINE_set_DH(e, &cswift_dh) || | 225 | !ENGINE_set_DH(e, &cswift_dh) || |
| 210 | #endif | 226 | #endif |
| 227 | !ENGINE_set_RAND(e, &cswift_random) || | ||
| 211 | !ENGINE_set_destroy_function(e, cswift_destroy) || | 228 | !ENGINE_set_destroy_function(e, cswift_destroy) || |
| 212 | !ENGINE_set_init_function(e, cswift_init) || | 229 | !ENGINE_set_init_function(e, cswift_init) || |
| 213 | !ENGINE_set_finish_function(e, cswift_finish) || | 230 | !ENGINE_set_finish_function(e, cswift_finish) || |
| @@ -242,6 +259,7 @@ static int bind_helper(ENGINE *e) | |||
| 242 | return 1; | 259 | return 1; |
| 243 | } | 260 | } |
| 244 | 261 | ||
| 262 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 245 | static ENGINE *engine_cswift(void) | 263 | static ENGINE *engine_cswift(void) |
| 246 | { | 264 | { |
| 247 | ENGINE *ret = ENGINE_new(); | 265 | ENGINE *ret = ENGINE_new(); |
| @@ -264,6 +282,7 @@ void ENGINE_load_cswift(void) | |||
| 264 | ENGINE_free(toadd); | 282 | ENGINE_free(toadd); |
| 265 | ERR_clear_error(); | 283 | ERR_clear_error(); |
| 266 | } | 284 | } |
| 285 | #endif | ||
| 267 | 286 | ||
| 268 | /* This is a process-global DSO handle used for loading and unloading | 287 | /* This is a process-global DSO handle used for loading and unloading |
| 269 | * the CryptoSwift library. NB: This is only set (or unset) during an | 288 | * the CryptoSwift library. NB: This is only set (or unset) during an |
| @@ -905,6 +924,60 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | |||
| 905 | } | 924 | } |
| 906 | #endif | 925 | #endif |
| 907 | 926 | ||
| 927 | /* Random bytes are good */ | ||
| 928 | static int cswift_rand_bytes(unsigned char *buf, int num) | ||
| 929 | { | ||
| 930 | SW_CONTEXT_HANDLE hac; | ||
| 931 | SW_STATUS swrc; | ||
| 932 | SW_LARGENUMBER largenum; | ||
| 933 | size_t nbytes = 0; | ||
| 934 | int acquired = 0; | ||
| 935 | int to_return = 0; /* assume failure */ | ||
| 936 | |||
| 937 | if (!get_context(&hac)) | ||
| 938 | { | ||
| 939 | CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE); | ||
| 940 | goto err; | ||
| 941 | } | ||
| 942 | acquired = 1; | ||
| 943 | |||
| 944 | while (nbytes < (size_t)num) | ||
| 945 | { | ||
| 946 | /* tell CryptoSwift how many bytes we want and where we want it. | ||
| 947 | * Note: - CryptoSwift cannot do more than 4096 bytes at a time. | ||
| 948 | * - CryptoSwift can only do multiple of 32-bits. */ | ||
| 949 | largenum.value = (SW_BYTE *) buf + nbytes; | ||
| 950 | if (4096 > num - nbytes) | ||
| 951 | largenum.nbytes = num - nbytes; | ||
| 952 | else | ||
| 953 | largenum.nbytes = 4096; | ||
| 954 | |||
| 955 | swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); | ||
| 956 | if (swrc != SW_OK) | ||
| 957 | { | ||
| 958 | char tmpbuf[20]; | ||
| 959 | CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); | ||
| 960 | sprintf(tmpbuf, "%ld", swrc); | ||
| 961 | ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); | ||
| 962 | goto err; | ||
| 963 | } | ||
| 964 | |||
| 965 | nbytes += largenum.nbytes; | ||
| 966 | } | ||
| 967 | to_return = 1; /* success */ | ||
| 968 | |||
| 969 | err: | ||
| 970 | if (acquired) | ||
| 971 | release_context(hac); | ||
| 972 | return to_return; | ||
| 973 | } | ||
| 974 | |||
| 975 | static int cswift_rand_status(void) | ||
| 976 | { | ||
| 977 | return 1; | ||
| 978 | } | ||
| 979 | |||
| 980 | |||
| 908 | /* This stuff is needed if this ENGINE is being compiled into a self-contained | 981 | /* This stuff is needed if this ENGINE is being compiled into a self-contained |
| 909 | * shared-library. */ | 982 | * shared-library. */ |
| 910 | #ifdef ENGINE_DYNAMIC_SUPPORT | 983 | #ifdef ENGINE_DYNAMIC_SUPPORT |
diff --git a/src/lib/libssl/src/crypto/engine/hw_ncipher.c b/src/lib/libssl/src/crypto/engine/hw_ncipher.c index a43d4360f2..0d1c6b8df0 100644 --- a/src/lib/libssl/src/crypto/engine/hw_ncipher.c +++ b/src/lib/libssl/src/crypto/engine/hw_ncipher.c | |||
| @@ -91,11 +91,19 @@ static int hwcrhk_init(ENGINE *e); | |||
| 91 | static int hwcrhk_finish(ENGINE *e); | 91 | static int hwcrhk_finish(ENGINE *e); |
| 92 | static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); | 92 | static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); |
| 93 | 93 | ||
| 94 | /* Functions to handle mutexes */ | 94 | /* Functions to handle mutexes if have dynamic locks */ |
| 95 | static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); | 95 | static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); |
| 96 | static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); | 96 | static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); |
| 97 | static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); | 97 | static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); |
| 98 | static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); | 98 | static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); |
| 99 | #if 1 /* This is a HACK which will disappear in 0.9.8 */ | ||
| 100 | /* Functions to handle mutexes if only have static locks */ | ||
| 101 | static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, | ||
| 102 | HWCryptoHook_CallerContext *c); | ||
| 103 | static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m); | ||
| 104 | static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m); | ||
| 105 | static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m); | ||
| 106 | #endif | ||
| 99 | 107 | ||
| 100 | /* BIGNUM stuff */ | 108 | /* BIGNUM stuff */ |
| 101 | static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 109 | static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
| @@ -373,6 +381,7 @@ static int bind_helper(ENGINE *e) | |||
| 373 | return 1; | 381 | return 1; |
| 374 | } | 382 | } |
| 375 | 383 | ||
| 384 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 376 | static ENGINE *engine_ncipher(void) | 385 | static ENGINE *engine_ncipher(void) |
| 377 | { | 386 | { |
| 378 | ENGINE *ret = ENGINE_new(); | 387 | ENGINE *ret = ENGINE_new(); |
| @@ -395,6 +404,7 @@ void ENGINE_load_chil(void) | |||
| 395 | ENGINE_free(toadd); | 404 | ENGINE_free(toadd); |
| 396 | ERR_clear_error(); | 405 | ERR_clear_error(); |
| 397 | } | 406 | } |
| 407 | #endif | ||
| 398 | 408 | ||
| 399 | /* This is a process-global DSO handle used for loading and unloading | 409 | /* This is a process-global DSO handle used for loading and unloading |
| 400 | * the HWCryptoHook library. NB: This is only set (or unset) during an | 410 | * the HWCryptoHook library. NB: This is only set (or unset) during an |
| @@ -558,15 +568,31 @@ static int hwcrhk_init(ENGINE *e) | |||
| 558 | 568 | ||
| 559 | /* Check if the application decided to support dynamic locks, | 569 | /* Check if the application decided to support dynamic locks, |
| 560 | and if it does, use them. */ | 570 | and if it does, use them. */ |
| 561 | if (disable_mutex_callbacks == 0 && | 571 | if (disable_mutex_callbacks == 0) |
| 562 | CRYPTO_get_dynlock_create_callback() != NULL && | ||
| 563 | CRYPTO_get_dynlock_lock_callback() != NULL && | ||
| 564 | CRYPTO_get_dynlock_destroy_callback() != NULL) | ||
| 565 | { | 572 | { |
| 566 | hwcrhk_globals.mutex_init = hwcrhk_mutex_init; | 573 | if (CRYPTO_get_dynlock_create_callback() != NULL && |
| 567 | hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; | 574 | CRYPTO_get_dynlock_lock_callback() != NULL && |
| 568 | hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; | 575 | CRYPTO_get_dynlock_destroy_callback() != NULL) |
| 569 | hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; | 576 | { |
| 577 | hwcrhk_globals.mutex_init = hwcrhk_mutex_init; | ||
| 578 | hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; | ||
| 579 | hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; | ||
| 580 | hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; | ||
| 581 | } | ||
| 582 | else if (CRYPTO_get_locking_callback() != NULL) | ||
| 583 | { | ||
| 584 | HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING); | ||
| 585 | ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()"); | ||
| 586 | #if 1 /* This is a HACK which will disappear in 0.9.8 */ | ||
| 587 | hwcrhk_globals.maxmutexes = 1; /* Only have one lock */ | ||
| 588 | hwcrhk_globals.mutex_init = hwcrhk_static_mutex_init; | ||
| 589 | hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock; | ||
| 590 | hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock; | ||
| 591 | hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy; | ||
| 592 | #else | ||
| 593 | goto err; | ||
| 594 | #endif | ||
| 595 | } | ||
| 570 | } | 596 | } |
| 571 | 597 | ||
| 572 | /* Try and get a context - if not, we may have a DSO but no | 598 | /* Try and get a context - if not, we may have a DSO but no |
| @@ -1020,7 +1046,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) | |||
| 1020 | 1046 | ||
| 1021 | /* Perform the operation */ | 1047 | /* Perform the operation */ |
| 1022 | ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, | 1048 | ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, |
| 1023 | m_dmp1, m_dmq1, m_iqmp, &m_r, NULL); | 1049 | m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg); |
| 1024 | 1050 | ||
| 1025 | /* Convert the response */ | 1051 | /* Convert the response */ |
| 1026 | r->top = m_r.size / sizeof(BN_ULONG); | 1052 | r->top = m_r.size / sizeof(BN_ULONG); |
| @@ -1171,6 +1197,26 @@ static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt) | |||
| 1171 | CRYPTO_destroy_dynlockid(mt->lockid); | 1197 | CRYPTO_destroy_dynlockid(mt->lockid); |
| 1172 | } | 1198 | } |
| 1173 | 1199 | ||
| 1200 | /* Mutex upcalls to use if the application does not support dynamic locks */ | ||
| 1201 | |||
| 1202 | static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, | ||
| 1203 | HWCryptoHook_CallerContext *c) | ||
| 1204 | { | ||
| 1205 | return 0; | ||
| 1206 | } | ||
| 1207 | static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m) | ||
| 1208 | { | ||
| 1209 | CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK); | ||
| 1210 | return 0; | ||
| 1211 | } | ||
| 1212 | static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m) | ||
| 1213 | { | ||
| 1214 | CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK); | ||
| 1215 | } | ||
| 1216 | static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m) | ||
| 1217 | { | ||
| 1218 | } | ||
| 1219 | |||
| 1174 | static int hwcrhk_get_pass(const char *prompt_info, | 1220 | static int hwcrhk_get_pass(const char *prompt_info, |
| 1175 | int *len_io, char *buf, | 1221 | int *len_io, char *buf, |
| 1176 | HWCryptoHook_PassphraseContext *ppctx, | 1222 | HWCryptoHook_PassphraseContext *ppctx, |
| @@ -1318,7 +1364,7 @@ static void hwcrhk_log_message(void *logstr, const char *message) | |||
| 1318 | lstream=*(BIO **)logstr; | 1364 | lstream=*(BIO **)logstr; |
| 1319 | if (lstream) | 1365 | if (lstream) |
| 1320 | { | 1366 | { |
| 1321 | BIO_write(lstream, message, strlen(message)); | 1367 | BIO_printf(lstream, "%s\n", message); |
| 1322 | } | 1368 | } |
| 1323 | CRYPTO_w_unlock(CRYPTO_LOCK_BIO); | 1369 | CRYPTO_w_unlock(CRYPTO_LOCK_BIO); |
| 1324 | } | 1370 | } |
diff --git a/src/lib/libssl/src/crypto/engine/hw_ncipher_err.c b/src/lib/libssl/src/crypto/engine/hw_ncipher_err.c index 24024cfc6f..5bc94581b7 100644 --- a/src/lib/libssl/src/crypto/engine/hw_ncipher_err.c +++ b/src/lib/libssl/src/crypto/engine/hw_ncipher_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* hw_ncipher_err.c */ | 1 | /* hw_ncipher_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -86,6 +86,7 @@ static ERR_STRING_DATA HWCRHK_str_reasons[]= | |||
| 86 | {HWCRHK_R_CHIL_ERROR ,"chil error"}, | 86 | {HWCRHK_R_CHIL_ERROR ,"chil error"}, |
| 87 | {HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, | 87 | {HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, |
| 88 | {HWCRHK_R_DSO_FAILURE ,"dso failure"}, | 88 | {HWCRHK_R_DSO_FAILURE ,"dso failure"}, |
| 89 | {HWCRHK_R_DYNAMIC_LOCKING_MISSING ,"dynamic locking missing"}, | ||
| 89 | {HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, | 90 | {HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, |
| 90 | {HWCRHK_R_NOT_INITIALISED ,"not initialised"}, | 91 | {HWCRHK_R_NOT_INITIALISED ,"not initialised"}, |
| 91 | {HWCRHK_R_NOT_LOADED ,"not loaded"}, | 92 | {HWCRHK_R_NOT_LOADED ,"not loaded"}, |
diff --git a/src/lib/libssl/src/crypto/engine/hw_ncipher_err.h b/src/lib/libssl/src/crypto/engine/hw_ncipher_err.h index 4d65b1d470..d232d02319 100644 --- a/src/lib/libssl/src/crypto/engine/hw_ncipher_err.h +++ b/src/lib/libssl/src/crypto/engine/hw_ncipher_err.h | |||
| @@ -84,6 +84,7 @@ static void ERR_HWCRHK_error(int function, int reason, char *file, int line); | |||
| 84 | #define HWCRHK_R_CHIL_ERROR 102 | 84 | #define HWCRHK_R_CHIL_ERROR 102 |
| 85 | #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 | 85 | #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 |
| 86 | #define HWCRHK_R_DSO_FAILURE 104 | 86 | #define HWCRHK_R_DSO_FAILURE 104 |
| 87 | #define HWCRHK_R_DYNAMIC_LOCKING_MISSING 114 | ||
| 87 | #define HWCRHK_R_MISSING_KEY_COMPONENTS 105 | 88 | #define HWCRHK_R_MISSING_KEY_COMPONENTS 105 |
| 88 | #define HWCRHK_R_NOT_INITIALISED 106 | 89 | #define HWCRHK_R_NOT_INITIALISED 106 |
| 89 | #define HWCRHK_R_NOT_LOADED 107 | 90 | #define HWCRHK_R_NOT_LOADED 107 |
diff --git a/src/lib/libssl/src/crypto/engine/hw_nuron.c b/src/lib/libssl/src/crypto/engine/hw_nuron.c index 130b6d8b40..fb9188bfe5 100644 --- a/src/lib/libssl/src/crypto/engine/hw_nuron.c +++ b/src/lib/libssl/src/crypto/engine/hw_nuron.c | |||
| @@ -374,6 +374,7 @@ static int bind_helper(ENGINE *e) | |||
| 374 | return 1; | 374 | return 1; |
| 375 | } | 375 | } |
| 376 | 376 | ||
| 377 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 377 | static ENGINE *engine_nuron(void) | 378 | static ENGINE *engine_nuron(void) |
| 378 | { | 379 | { |
| 379 | ENGINE *ret = ENGINE_new(); | 380 | ENGINE *ret = ENGINE_new(); |
| @@ -396,6 +397,7 @@ void ENGINE_load_nuron(void) | |||
| 396 | ENGINE_free(toadd); | 397 | ENGINE_free(toadd); |
| 397 | ERR_clear_error(); | 398 | ERR_clear_error(); |
| 398 | } | 399 | } |
| 400 | #endif | ||
| 399 | 401 | ||
| 400 | /* This stuff is needed if this ENGINE is being compiled into a self-contained | 402 | /* This stuff is needed if this ENGINE is being compiled into a self-contained |
| 401 | * shared-library. */ | 403 | * shared-library. */ |
diff --git a/src/lib/libssl/src/crypto/engine/hw_ubsec.c b/src/lib/libssl/src/crypto/engine/hw_ubsec.c index ed8401ec16..6286dd851c 100644 --- a/src/lib/libssl/src/crypto/engine/hw_ubsec.c +++ b/src/lib/libssl/src/crypto/engine/hw_ubsec.c | |||
| @@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e) | |||
| 242 | return 1; | 242 | return 1; |
| 243 | } | 243 | } |
| 244 | 244 | ||
| 245 | #ifndef ENGINE_DYNAMIC_SUPPORT | ||
| 245 | static ENGINE *engine_ubsec(void) | 246 | static ENGINE *engine_ubsec(void) |
| 246 | { | 247 | { |
| 247 | ENGINE *ret = ENGINE_new(); | 248 | ENGINE *ret = ENGINE_new(); |
| @@ -264,6 +265,7 @@ void ENGINE_load_ubsec(void) | |||
| 264 | ENGINE_free(toadd); | 265 | ENGINE_free(toadd); |
| 265 | ERR_clear_error(); | 266 | ERR_clear_error(); |
| 266 | } | 267 | } |
| 268 | #endif | ||
| 267 | 269 | ||
| 268 | /* This is a process-global DSO handle used for loading and unloading | 270 | /* This is a process-global DSO handle used for loading and unloading |
| 269 | * the UBSEC library. NB: This is only set (or unset) during an | 271 | * the UBSEC library. NB: This is only set (or unset) during an |
diff --git a/src/lib/libssl/src/crypto/engine/tb_cipher.c b/src/lib/libssl/src/crypto/engine/tb_cipher.c index c5a50fc910..50b3cec1fa 100644 --- a/src/lib/libssl/src/crypto/engine/tb_cipher.c +++ b/src/lib/libssl/src/crypto/engine/tb_cipher.c | |||
| @@ -81,7 +81,7 @@ int ENGINE_register_ciphers(ENGINE *e) | |||
| 81 | int num_nids = e->ciphers(e, NULL, &nids, 0); | 81 | int num_nids = e->ciphers(e, NULL, &nids, 0); |
| 82 | if(num_nids > 0) | 82 | if(num_nids > 0) |
| 83 | return engine_table_register(&cipher_table, | 83 | return engine_table_register(&cipher_table, |
| 84 | &engine_unregister_all_ciphers, e, nids, | 84 | engine_unregister_all_ciphers, e, nids, |
| 85 | num_nids, 0); | 85 | num_nids, 0); |
| 86 | } | 86 | } |
| 87 | return 1; | 87 | return 1; |
| @@ -103,7 +103,7 @@ int ENGINE_set_default_ciphers(ENGINE *e) | |||
| 103 | int num_nids = e->ciphers(e, NULL, &nids, 0); | 103 | int num_nids = e->ciphers(e, NULL, &nids, 0); |
| 104 | if(num_nids > 0) | 104 | if(num_nids > 0) |
| 105 | return engine_table_register(&cipher_table, | 105 | return engine_table_register(&cipher_table, |
| 106 | &engine_unregister_all_ciphers, e, nids, | 106 | engine_unregister_all_ciphers, e, nids, |
| 107 | num_nids, 1); | 107 | num_nids, 1); |
| 108 | } | 108 | } |
| 109 | return 1; | 109 | return 1; |
diff --git a/src/lib/libssl/src/crypto/engine/tb_dh.c b/src/lib/libssl/src/crypto/engine/tb_dh.c index c9347235ea..e290e1702b 100644 --- a/src/lib/libssl/src/crypto/engine/tb_dh.c +++ b/src/lib/libssl/src/crypto/engine/tb_dh.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_DH(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->dh_meth) | 79 | if(e->dh_meth) |
| 80 | return engine_table_register(&dh_table, | 80 | return engine_table_register(&dh_table, |
| 81 | &engine_unregister_all_DH, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_DH, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_DH(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->dh_meth) | 95 | if(e->dh_meth) |
| 96 | return engine_table_register(&dh_table, | 96 | return engine_table_register(&dh_table, |
| 97 | &engine_unregister_all_DH, e, &dummy_nid, 1, 1); | 97 | engine_unregister_all_DH, e, &dummy_nid, 1, 1); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libssl/src/crypto/engine/tb_digest.c b/src/lib/libssl/src/crypto/engine/tb_digest.c index 2c4dd6f796..e82d2a17c9 100644 --- a/src/lib/libssl/src/crypto/engine/tb_digest.c +++ b/src/lib/libssl/src/crypto/engine/tb_digest.c | |||
| @@ -81,7 +81,7 @@ int ENGINE_register_digests(ENGINE *e) | |||
| 81 | int num_nids = e->digests(e, NULL, &nids, 0); | 81 | int num_nids = e->digests(e, NULL, &nids, 0); |
| 82 | if(num_nids > 0) | 82 | if(num_nids > 0) |
| 83 | return engine_table_register(&digest_table, | 83 | return engine_table_register(&digest_table, |
| 84 | &engine_unregister_all_digests, e, nids, | 84 | engine_unregister_all_digests, e, nids, |
| 85 | num_nids, 0); | 85 | num_nids, 0); |
| 86 | } | 86 | } |
| 87 | return 1; | 87 | return 1; |
| @@ -103,7 +103,7 @@ int ENGINE_set_default_digests(ENGINE *e) | |||
| 103 | int num_nids = e->digests(e, NULL, &nids, 0); | 103 | int num_nids = e->digests(e, NULL, &nids, 0); |
| 104 | if(num_nids > 0) | 104 | if(num_nids > 0) |
| 105 | return engine_table_register(&digest_table, | 105 | return engine_table_register(&digest_table, |
| 106 | &engine_unregister_all_digests, e, nids, | 106 | engine_unregister_all_digests, e, nids, |
| 107 | num_nids, 1); | 107 | num_nids, 1); |
| 108 | } | 108 | } |
| 109 | return 1; | 109 | return 1; |
diff --git a/src/lib/libssl/src/crypto/engine/tb_dsa.c b/src/lib/libssl/src/crypto/engine/tb_dsa.c index e9209476b8..80170591f2 100644 --- a/src/lib/libssl/src/crypto/engine/tb_dsa.c +++ b/src/lib/libssl/src/crypto/engine/tb_dsa.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_DSA(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->dsa_meth) | 79 | if(e->dsa_meth) |
| 80 | return engine_table_register(&dsa_table, | 80 | return engine_table_register(&dsa_table, |
| 81 | &engine_unregister_all_DSA, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_DSA, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_DSA(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->dsa_meth) | 95 | if(e->dsa_meth) |
| 96 | return engine_table_register(&dsa_table, | 96 | return engine_table_register(&dsa_table, |
| 97 | &engine_unregister_all_DSA, e, &dummy_nid, 1, 0); | 97 | engine_unregister_all_DSA, e, &dummy_nid, 1, 0); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libssl/src/crypto/engine/tb_rand.c b/src/lib/libssl/src/crypto/engine/tb_rand.c index 0b1d031f1e..69b67111bc 100644 --- a/src/lib/libssl/src/crypto/engine/tb_rand.c +++ b/src/lib/libssl/src/crypto/engine/tb_rand.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_RAND(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->rand_meth) | 79 | if(e->rand_meth) |
| 80 | return engine_table_register(&rand_table, | 80 | return engine_table_register(&rand_table, |
| 81 | &engine_unregister_all_RAND, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_RAND, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_RAND(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->rand_meth) | 95 | if(e->rand_meth) |
| 96 | return engine_table_register(&rand_table, | 96 | return engine_table_register(&rand_table, |
| 97 | &engine_unregister_all_RAND, e, &dummy_nid, 1, 1); | 97 | engine_unregister_all_RAND, e, &dummy_nid, 1, 1); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libssl/src/crypto/engine/tb_rsa.c b/src/lib/libssl/src/crypto/engine/tb_rsa.c index f84fea3968..fee4867f52 100644 --- a/src/lib/libssl/src/crypto/engine/tb_rsa.c +++ b/src/lib/libssl/src/crypto/engine/tb_rsa.c | |||
| @@ -78,7 +78,7 @@ int ENGINE_register_RSA(ENGINE *e) | |||
| 78 | { | 78 | { |
| 79 | if(e->rsa_meth) | 79 | if(e->rsa_meth) |
| 80 | return engine_table_register(&rsa_table, | 80 | return engine_table_register(&rsa_table, |
| 81 | &engine_unregister_all_RSA, e, &dummy_nid, 1, 0); | 81 | engine_unregister_all_RSA, e, &dummy_nid, 1, 0); |
| 82 | return 1; | 82 | return 1; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| @@ -94,7 +94,7 @@ int ENGINE_set_default_RSA(ENGINE *e) | |||
| 94 | { | 94 | { |
| 95 | if(e->rsa_meth) | 95 | if(e->rsa_meth) |
| 96 | return engine_table_register(&rsa_table, | 96 | return engine_table_register(&rsa_table, |
| 97 | &engine_unregister_all_RSA, e, &dummy_nid, 1, 1); | 97 | engine_unregister_all_RSA, e, &dummy_nid, 1, 1); |
| 98 | return 1; | 98 | return 1; |
| 99 | } | 99 | } |
| 100 | 100 | ||
diff --git a/src/lib/libssl/src/crypto/err/Makefile.ssl b/src/lib/libssl/src/crypto/err/Makefile.ssl index f0c95e2ef2..b253061d07 100644 --- a/src/lib/libssl/src/crypto/err/Makefile.ssl +++ b/src/lib/libssl/src/crypto/err/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c index 9b532d1f4c..a4f4a260af 100644 --- a/src/lib/libssl/src/crypto/err/err.c +++ b/src/lib/libssl/src/crypto/err/err.c | |||
| @@ -211,6 +211,7 @@ static ERR_STRING_DATA ERR_str_reasons[]= | |||
| 211 | 211 | ||
| 212 | {0,NULL}, | 212 | {0,NULL}, |
| 213 | }; | 213 | }; |
| 214 | #endif | ||
| 214 | 215 | ||
| 215 | 216 | ||
| 216 | /* Define the predeclared (but externally opaque) "ERR_FNS" type */ | 217 | /* Define the predeclared (but externally opaque) "ERR_FNS" type */ |
| @@ -491,6 +492,7 @@ static int int_err_get_next_lib(void) | |||
| 491 | } | 492 | } |
| 492 | 493 | ||
| 493 | 494 | ||
| 495 | #ifndef OPENSSL_NO_ERR | ||
| 494 | #define NUM_SYS_STR_REASONS 127 | 496 | #define NUM_SYS_STR_REASONS 127 |
| 495 | #define LEN_SYS_STR_REASON 32 | 497 | #define LEN_SYS_STR_REASON 32 |
| 496 | 498 | ||
diff --git a/src/lib/libssl/src/crypto/err/err_all.c b/src/lib/libssl/src/crypto/err/err_all.c index 90029fd159..dc505d9d9d 100644 --- a/src/lib/libssl/src/crypto/err/err_all.c +++ b/src/lib/libssl/src/crypto/err/err_all.c | |||
| @@ -82,7 +82,9 @@ | |||
| 82 | #include <openssl/pkcs12.h> | 82 | #include <openssl/pkcs12.h> |
| 83 | #include <openssl/rand.h> | 83 | #include <openssl/rand.h> |
| 84 | #include <openssl/dso.h> | 84 | #include <openssl/dso.h> |
| 85 | #ifndef OPENSSL_NO_ENGINE | ||
| 85 | #include <openssl/engine.h> | 86 | #include <openssl/engine.h> |
| 87 | #endif | ||
| 86 | #include <openssl/ocsp.h> | 88 | #include <openssl/ocsp.h> |
| 87 | #include <openssl/err.h> | 89 | #include <openssl/err.h> |
| 88 | 90 | ||
| @@ -122,7 +124,9 @@ void ERR_load_crypto_strings(void) | |||
| 122 | ERR_load_PKCS12_strings(); | 124 | ERR_load_PKCS12_strings(); |
| 123 | ERR_load_RAND_strings(); | 125 | ERR_load_RAND_strings(); |
| 124 | ERR_load_DSO_strings(); | 126 | ERR_load_DSO_strings(); |
| 127 | #ifndef OPENSSL_NO_ENGINE | ||
| 125 | ERR_load_ENGINE_strings(); | 128 | ERR_load_ENGINE_strings(); |
| 129 | #endif | ||
| 126 | ERR_load_OCSP_strings(); | 130 | ERR_load_OCSP_strings(); |
| 127 | ERR_load_UI_strings(); | 131 | ERR_load_UI_strings(); |
| 128 | #endif | 132 | #endif |
diff --git a/src/lib/libssl/src/crypto/err/err_prn.c b/src/lib/libssl/src/crypto/err/err_prn.c index c156663f0e..81e34bd6ce 100644 --- a/src/lib/libssl/src/crypto/err/err_prn.c +++ b/src/lib/libssl/src/crypto/err/err_prn.c | |||
| @@ -62,7 +62,6 @@ | |||
| 62 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 63 | #include <openssl/buffer.h> | 63 | #include <openssl/buffer.h> |
| 64 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 65 | #include <openssl/crypto.h> | ||
| 66 | 65 | ||
| 67 | void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), | 66 | void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), |
| 68 | void *u) | 67 | void *u) |
diff --git a/src/lib/libssl/src/crypto/evp/Makefile.ssl b/src/lib/libssl/src/crypto/evp/Makefile.ssl index 58843f61a9..b4172406ae 100644 --- a/src/lib/libssl/src/crypto/evp/Makefile.ssl +++ b/src/lib/libssl/src/crypto/evp/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ links: | |||
| 70 | @sh $(TOP)/util/point.sh Makefile.ssl Makefile | 70 | @sh $(TOP)/util/point.sh Makefile.ssl Makefile |
| 71 | @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) | 71 | @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) |
| 72 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) | 72 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) |
| 73 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TESTDATA) | 73 | cp $(TESTDATA) ../../test |
| 74 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) | 74 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) |
| 75 | 75 | ||
| 76 | install: | 76 | install: |
| @@ -89,7 +89,7 @@ lint: | |||
| 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 90 | 90 | ||
| 91 | depend: | 91 | depend: |
| 92 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 92 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 93 | 93 | ||
| 94 | dclean: | 94 | dclean: |
| 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -496,21 +496,19 @@ evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h | |||
| 496 | evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 496 | evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 497 | evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 497 | evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 498 | evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 498 | evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 499 | evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 499 | evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 500 | evp_acnf.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 500 | evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h |
| 501 | evp_acnf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | 501 | evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h |
| 502 | evp_acnf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | 502 | evp_acnf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h |
| 503 | evp_acnf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | 503 | evp_acnf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h |
| 504 | evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 504 | evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 505 | evp_acnf.o: ../../include/openssl/opensslconf.h | ||
| 506 | evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 505 | evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 507 | evp_acnf.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h | 506 | evp_acnf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h |
| 508 | evp_acnf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h | 507 | evp_acnf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h |
| 509 | evp_acnf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h | 508 | evp_acnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 510 | evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 509 | evp_acnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 511 | evp_acnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 510 | evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 512 | evp_acnf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 511 | evp_acnf.o: ../../include/openssl/ui_compat.h ../cryptlib.h evp_acnf.c |
| 513 | evp_acnf.o: ../cryptlib.h evp_acnf.c | ||
| 514 | evp_enc.o: ../../e_os.h ../../include/openssl/aes.h | 512 | evp_enc.o: ../../e_os.h ../../include/openssl/aes.h |
| 515 | evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 513 | evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 516 | evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | 514 | evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h |
diff --git a/src/lib/libssl/src/crypto/evp/bio_b64.c b/src/lib/libssl/src/crypto/evp/bio_b64.c index f12eac1b55..6e550f6a43 100644 --- a/src/lib/libssl/src/crypto/evp/bio_b64.c +++ b/src/lib/libssl/src/crypto/evp/bio_b64.c | |||
| @@ -165,6 +165,7 @@ static int b64_read(BIO *b, char *out, int outl) | |||
| 165 | { | 165 | { |
| 166 | i=ctx->buf_len-ctx->buf_off; | 166 | i=ctx->buf_len-ctx->buf_off; |
| 167 | if (i > outl) i=outl; | 167 | if (i > outl) i=outl; |
| 168 | OPENSSL_assert(ctx->buf_off+i < sizeof ctx->buf); | ||
| 168 | memcpy(out,&(ctx->buf[ctx->buf_off]),i); | 169 | memcpy(out,&(ctx->buf[ctx->buf_off]),i); |
| 169 | ret=i; | 170 | ret=i; |
| 170 | out+=i; | 171 | out+=i; |
diff --git a/src/lib/libssl/src/crypto/evp/bio_enc.c b/src/lib/libssl/src/crypto/evp/bio_enc.c index 64fb2353af..ab81851503 100644 --- a/src/lib/libssl/src/crypto/evp/bio_enc.c +++ b/src/lib/libssl/src/crypto/evp/bio_enc.c | |||
| @@ -132,7 +132,7 @@ static int enc_free(BIO *a) | |||
| 132 | if (a == NULL) return(0); | 132 | if (a == NULL) return(0); |
| 133 | b=(BIO_ENC_CTX *)a->ptr; | 133 | b=(BIO_ENC_CTX *)a->ptr; |
| 134 | EVP_CIPHER_CTX_cleanup(&(b->cipher)); | 134 | EVP_CIPHER_CTX_cleanup(&(b->cipher)); |
| 135 | memset(a->ptr,0,sizeof(BIO_ENC_CTX)); | 135 | OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX)); |
| 136 | OPENSSL_free(a->ptr); | 136 | OPENSSL_free(a->ptr); |
| 137 | a->ptr=NULL; | 137 | a->ptr=NULL; |
| 138 | a->init=0; | 138 | a->init=0; |
| @@ -271,7 +271,7 @@ static int enc_write(BIO *b, const char *in, int inl) | |||
| 271 | if (i <= 0) | 271 | if (i <= 0) |
| 272 | { | 272 | { |
| 273 | BIO_copy_next_retry(b); | 273 | BIO_copy_next_retry(b); |
| 274 | return(i); | 274 | return (ret == inl) ? i : ret - inl; |
| 275 | } | 275 | } |
| 276 | n-=i; | 276 | n-=i; |
| 277 | ctx->buf_off+=i; | 277 | ctx->buf_off+=i; |
| @@ -325,10 +325,7 @@ again: | |||
| 325 | { | 325 | { |
| 326 | i=enc_write(b,NULL,0); | 326 | i=enc_write(b,NULL,0); |
| 327 | if (i < 0) | 327 | if (i < 0) |
| 328 | { | 328 | return i; |
| 329 | ret=i; | ||
| 330 | break; | ||
| 331 | } | ||
| 332 | } | 329 | } |
| 333 | 330 | ||
| 334 | if (!ctx->finished) | 331 | if (!ctx->finished) |
diff --git a/src/lib/libssl/src/crypto/evp/bio_ok.c b/src/lib/libssl/src/crypto/evp/bio_ok.c index d2be03be82..4e3f10141b 100644 --- a/src/lib/libssl/src/crypto/evp/bio_ok.c +++ b/src/lib/libssl/src/crypto/evp/bio_ok.c | |||
| @@ -211,7 +211,7 @@ static int ok_free(BIO *a) | |||
| 211 | { | 211 | { |
| 212 | if (a == NULL) return(0); | 212 | if (a == NULL) return(0); |
| 213 | EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); | 213 | EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); |
| 214 | memset(a->ptr,0,sizeof(BIO_OK_CTX)); | 214 | OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX)); |
| 215 | OPENSSL_free(a->ptr); | 215 | OPENSSL_free(a->ptr); |
| 216 | a->ptr=NULL; | 216 | a->ptr=NULL; |
| 217 | a->init=0; | 217 | a->init=0; |
diff --git a/src/lib/libssl/src/crypto/evp/c_all.c b/src/lib/libssl/src/crypto/evp/c_all.c index 3d59812e20..1b31a14e37 100644 --- a/src/lib/libssl/src/crypto/evp/c_all.c +++ b/src/lib/libssl/src/crypto/evp/c_all.c | |||
| @@ -73,5 +73,9 @@ void OPENSSL_add_all_algorithms_noconf(void) | |||
| 73 | { | 73 | { |
| 74 | OpenSSL_add_all_ciphers(); | 74 | OpenSSL_add_all_ciphers(); |
| 75 | OpenSSL_add_all_digests(); | 75 | OpenSSL_add_all_digests(); |
| 76 | ENGINE_setup_openbsd(); | 76 | #ifndef OPENSSL_NO_ENGINE |
| 77 | # if defined(__OpenBSD__) || defined(__FreeBSD__) | ||
| 78 | ENGINE_setup_bsd_cryptodev(); | ||
| 79 | # endif | ||
| 80 | #endif | ||
| 77 | } | 81 | } |
diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c index a969ac69ed..b22eed4421 100644 --- a/src/lib/libssl/src/crypto/evp/digest.c +++ b/src/lib/libssl/src/crypto/evp/digest.c | |||
| @@ -113,7 +113,9 @@ | |||
| 113 | #include "cryptlib.h" | 113 | #include "cryptlib.h" |
| 114 | #include <openssl/objects.h> | 114 | #include <openssl/objects.h> |
| 115 | #include <openssl/evp.h> | 115 | #include <openssl/evp.h> |
| 116 | #ifndef OPENSSL_NO_ENGINE | ||
| 116 | #include <openssl/engine.h> | 117 | #include <openssl/engine.h> |
| 118 | #endif | ||
| 117 | 119 | ||
| 118 | void EVP_MD_CTX_init(EVP_MD_CTX *ctx) | 120 | void EVP_MD_CTX_init(EVP_MD_CTX *ctx) |
| 119 | { | 121 | { |
| @@ -138,6 +140,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) | |||
| 138 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | 140 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) |
| 139 | { | 141 | { |
| 140 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | 142 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); |
| 143 | #ifndef OPENSSL_NO_ENGINE | ||
| 141 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | 144 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts |
| 142 | * so this context may already have an ENGINE! Try to avoid releasing | 145 | * so this context may already have an ENGINE! Try to avoid releasing |
| 143 | * the previous handle, re-querying for an ENGINE, and having a | 146 | * the previous handle, re-querying for an ENGINE, and having a |
| @@ -183,11 +186,13 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 183 | else | 186 | else |
| 184 | ctx->engine = NULL; | 187 | ctx->engine = NULL; |
| 185 | } | 188 | } |
| 186 | else if(!ctx->digest) | 189 | else |
| 190 | if(!ctx->digest) | ||
| 187 | { | 191 | { |
| 188 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); | 192 | EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); |
| 189 | return 0; | 193 | return 0; |
| 190 | } | 194 | } |
| 195 | #endif | ||
| 191 | if (ctx->digest != type) | 196 | if (ctx->digest != type) |
| 192 | { | 197 | { |
| 193 | if (ctx->digest && ctx->digest->ctx_size) | 198 | if (ctx->digest && ctx->digest->ctx_size) |
| @@ -196,7 +201,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 196 | if (type->ctx_size) | 201 | if (type->ctx_size) |
| 197 | ctx->md_data=OPENSSL_malloc(type->ctx_size); | 202 | ctx->md_data=OPENSSL_malloc(type->ctx_size); |
| 198 | } | 203 | } |
| 204 | #ifndef OPENSSL_NO_ENGINE | ||
| 199 | skip_to_init: | 205 | skip_to_init: |
| 206 | #endif | ||
| 200 | return ctx->digest->init(ctx); | 207 | return ctx->digest->init(ctx); |
| 201 | } | 208 | } |
| 202 | 209 | ||
| @@ -219,6 +226,8 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | |||
| 219 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | 226 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) |
| 220 | { | 227 | { |
| 221 | int ret; | 228 | int ret; |
| 229 | |||
| 230 | OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); | ||
| 222 | ret=ctx->digest->final(ctx,md); | 231 | ret=ctx->digest->final(ctx,md); |
| 223 | if (size != NULL) | 232 | if (size != NULL) |
| 224 | *size=ctx->digest->md_size; | 233 | *size=ctx->digest->md_size; |
| @@ -244,12 +253,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | |||
| 244 | EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); | 253 | EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); |
| 245 | return 0; | 254 | return 0; |
| 246 | } | 255 | } |
| 256 | #ifndef OPENSSL_NO_ENGINE | ||
| 247 | /* Make sure it's safe to copy a digest context using an ENGINE */ | 257 | /* Make sure it's safe to copy a digest context using an ENGINE */ |
| 248 | if (in->engine && !ENGINE_init(in->engine)) | 258 | if (in->engine && !ENGINE_init(in->engine)) |
| 249 | { | 259 | { |
| 250 | EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); | 260 | EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); |
| 251 | return 0; | 261 | return 0; |
| 252 | } | 262 | } |
| 263 | #endif | ||
| 253 | 264 | ||
| 254 | EVP_MD_CTX_cleanup(out); | 265 | EVP_MD_CTX_cleanup(out); |
| 255 | memcpy(out,in,sizeof *out); | 266 | memcpy(out,in,sizeof *out); |
| @@ -299,13 +310,15 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) | |||
| 299 | ctx->digest->cleanup(ctx); | 310 | ctx->digest->cleanup(ctx); |
| 300 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) | 311 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) |
| 301 | { | 312 | { |
| 302 | memset(ctx->md_data,0,ctx->digest->ctx_size); | 313 | OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); |
| 303 | OPENSSL_free(ctx->md_data); | 314 | OPENSSL_free(ctx->md_data); |
| 304 | } | 315 | } |
| 316 | #ifndef OPENSSL_NO_ENGINE | ||
| 305 | if(ctx->engine) | 317 | if(ctx->engine) |
| 306 | /* The EVP_MD we used belongs to an ENGINE, release the | 318 | /* The EVP_MD we used belongs to an ENGINE, release the |
| 307 | * functional reference we held for this reason. */ | 319 | * functional reference we held for this reason. */ |
| 308 | ENGINE_finish(ctx->engine); | 320 | ENGINE_finish(ctx->engine); |
| 321 | #endif | ||
| 309 | memset(ctx,'\0',sizeof *ctx); | 322 | memset(ctx,'\0',sizeof *ctx); |
| 310 | 323 | ||
| 311 | return 1; | 324 | return 1; |
diff --git a/src/lib/libssl/src/crypto/evp/e_aes.c b/src/lib/libssl/src/crypto/evp/e_aes.c index c323fa2892..fe8bcda631 100644 --- a/src/lib/libssl/src/crypto/evp/e_aes.c +++ b/src/lib/libssl/src/crypto/evp/e_aes.c | |||
| @@ -52,7 +52,6 @@ | |||
| 52 | #include <openssl/evp.h> | 52 | #include <openssl/evp.h> |
| 53 | #include <openssl/err.h> | 53 | #include <openssl/err.h> |
| 54 | #include <string.h> | 54 | #include <string.h> |
| 55 | #include <assert.h> | ||
| 56 | #include <openssl/aes.h> | 55 | #include <openssl/aes.h> |
| 57 | #include "evp_locl.h" | 56 | #include "evp_locl.h" |
| 58 | 57 | ||
diff --git a/src/lib/libssl/src/crypto/evp/e_idea.c b/src/lib/libssl/src/crypto/evp/e_idea.c index ed838d3e62..b9efa75ae7 100644 --- a/src/lib/libssl/src/crypto/evp/e_idea.c +++ b/src/lib/libssl/src/crypto/evp/e_idea.c | |||
| @@ -109,7 +109,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 109 | 109 | ||
| 110 | idea_set_encrypt_key(key,&tmp); | 110 | idea_set_encrypt_key(key,&tmp); |
| 111 | idea_set_decrypt_key(&tmp,ctx->cipher_data); | 111 | idea_set_decrypt_key(&tmp,ctx->cipher_data); |
| 112 | memset((unsigned char *)&tmp,0, | 112 | OPENSSL_cleanse((unsigned char *)&tmp, |
| 113 | sizeof(IDEA_KEY_SCHEDULE)); | 113 | sizeof(IDEA_KEY_SCHEDULE)); |
| 114 | } | 114 | } |
| 115 | return 1; | 115 | return 1; |
diff --git a/src/lib/libssl/src/crypto/evp/e_rc2.c b/src/lib/libssl/src/crypto/evp/e_rc2.c index 4685198e2e..d42cbfd17e 100644 --- a/src/lib/libssl/src/crypto/evp/e_rc2.c +++ b/src/lib/libssl/src/crypto/evp/e_rc2.c | |||
| @@ -174,6 +174,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 174 | if (type != NULL) | 174 | if (type != NULL) |
| 175 | { | 175 | { |
| 176 | l=EVP_CIPHER_CTX_iv_length(c); | 176 | l=EVP_CIPHER_CTX_iv_length(c); |
| 177 | OPENSSL_assert(l <= sizeof iv); | ||
| 177 | i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); | 178 | i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); |
| 178 | if (i != l) | 179 | if (i != l) |
| 179 | return(-1); | 180 | return(-1); |
diff --git a/src/lib/libssl/src/crypto/evp/e_rc4.c b/src/lib/libssl/src/crypto/evp/e_rc4.c index 4064cc5fa0..d58f507837 100644 --- a/src/lib/libssl/src/crypto/evp/e_rc4.c +++ b/src/lib/libssl/src/crypto/evp/e_rc4.c | |||
| @@ -69,8 +69,6 @@ | |||
| 69 | 69 | ||
| 70 | typedef struct | 70 | typedef struct |
| 71 | { | 71 | { |
| 72 | /* FIXME: what is the key for? */ | ||
| 73 | unsigned char key[EVP_RC4_KEY_SIZE]; | ||
| 74 | RC4_KEY ks; /* working key */ | 72 | RC4_KEY ks; /* working key */ |
| 75 | } EVP_RC4_KEY; | 73 | } EVP_RC4_KEY; |
| 76 | 74 | ||
| @@ -121,9 +119,8 @@ const EVP_CIPHER *EVP_rc4_40(void) | |||
| 121 | static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 119 | static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 122 | const unsigned char *iv, int enc) | 120 | const unsigned char *iv, int enc) |
| 123 | { | 121 | { |
| 124 | memcpy(&data(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx)); | ||
| 125 | RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), | 122 | RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx), |
| 126 | data(ctx)->key); | 123 | key); |
| 127 | return 1; | 124 | return 1; |
| 128 | } | 125 | } |
| 129 | 126 | ||
diff --git a/src/lib/libssl/src/crypto/evp/encode.c b/src/lib/libssl/src/crypto/evp/encode.c index 12c6379df1..08209357ce 100644 --- a/src/lib/libssl/src/crypto/evp/encode.c +++ b/src/lib/libssl/src/crypto/evp/encode.c | |||
| @@ -136,6 +136,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | |||
| 136 | 136 | ||
| 137 | *outl=0; | 137 | *outl=0; |
| 138 | if (inl == 0) return; | 138 | if (inl == 0) return; |
| 139 | OPENSSL_assert(ctx->length <= sizeof ctx->enc_data); | ||
| 139 | if ((ctx->num+inl) < ctx->length) | 140 | if ((ctx->num+inl) < ctx->length) |
| 140 | { | 141 | { |
| 141 | memcpy(&(ctx->enc_data[ctx->num]),in,inl); | 142 | memcpy(&(ctx->enc_data[ctx->num]),in,inl); |
| @@ -258,6 +259,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, | |||
| 258 | /* only save the good data :-) */ | 259 | /* only save the good data :-) */ |
| 259 | if (!B64_NOT_BASE64(v)) | 260 | if (!B64_NOT_BASE64(v)) |
| 260 | { | 261 | { |
| 262 | OPENSSL_assert(n < sizeof ctx->enc_data); | ||
| 261 | d[n++]=tmp; | 263 | d[n++]=tmp; |
| 262 | ln++; | 264 | ln++; |
| 263 | } | 265 | } |
diff --git a/src/lib/libssl/src/crypto/evp/evp_acnf.c b/src/lib/libssl/src/crypto/evp/evp_acnf.c index a68b979bdb..ff3e311cc5 100644 --- a/src/lib/libssl/src/crypto/evp/evp_acnf.c +++ b/src/lib/libssl/src/crypto/evp/evp_acnf.c | |||
| @@ -59,7 +59,6 @@ | |||
| 59 | #include "cryptlib.h" | 59 | #include "cryptlib.h" |
| 60 | #include <openssl/evp.h> | 60 | #include <openssl/evp.h> |
| 61 | #include <openssl/conf.h> | 61 | #include <openssl/conf.h> |
| 62 | #include <openssl/engine.h> | ||
| 63 | 62 | ||
| 64 | 63 | ||
| 65 | /* Load all algorithms and configure OpenSSL. | 64 | /* Load all algorithms and configure OpenSSL. |
diff --git a/src/lib/libssl/src/crypto/evp/evp_enc.c b/src/lib/libssl/src/crypto/evp/evp_enc.c index 32a1c7a2e9..be0758a879 100644 --- a/src/lib/libssl/src/crypto/evp/evp_enc.c +++ b/src/lib/libssl/src/crypto/evp/evp_enc.c | |||
| @@ -60,11 +60,11 @@ | |||
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/evp.h> | 61 | #include <openssl/evp.h> |
| 62 | #include <openssl/err.h> | 62 | #include <openssl/err.h> |
| 63 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | ||
| 64 | #include "evp_locl.h" | 66 | #include "evp_locl.h" |
| 65 | 67 | ||
| 66 | #include <assert.h> | ||
| 67 | |||
| 68 | const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; | 68 | const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; |
| 69 | 69 | ||
| 70 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) | 70 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) |
| @@ -93,6 +93,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 93 | enc = 1; | 93 | enc = 1; |
| 94 | ctx->encrypt = enc; | 94 | ctx->encrypt = enc; |
| 95 | } | 95 | } |
| 96 | #ifndef OPENSSL_NO_ENGINE | ||
| 96 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | 97 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts |
| 97 | * so this context may already have an ENGINE! Try to avoid releasing | 98 | * so this context may already have an ENGINE! Try to avoid releasing |
| 98 | * the previous handle, re-querying for an ENGINE, and having a | 99 | * the previous handle, re-querying for an ENGINE, and having a |
| @@ -100,6 +101,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 100 | if (ctx->engine && ctx->cipher && (!cipher || | 101 | if (ctx->engine && ctx->cipher && (!cipher || |
| 101 | (cipher && (cipher->nid == ctx->cipher->nid)))) | 102 | (cipher && (cipher->nid == ctx->cipher->nid)))) |
| 102 | goto skip_to_init; | 103 | goto skip_to_init; |
| 104 | #endif | ||
| 103 | if (cipher) | 105 | if (cipher) |
| 104 | { | 106 | { |
| 105 | /* Ensure a context left lying around from last time is cleared | 107 | /* Ensure a context left lying around from last time is cleared |
| @@ -109,6 +111,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 109 | 111 | ||
| 110 | /* Restore encrypt field: it is zeroed by cleanup */ | 112 | /* Restore encrypt field: it is zeroed by cleanup */ |
| 111 | ctx->encrypt = enc; | 113 | ctx->encrypt = enc; |
| 114 | #ifndef OPENSSL_NO_ENGINE | ||
| 112 | if(impl) | 115 | if(impl) |
| 113 | { | 116 | { |
| 114 | if (!ENGINE_init(impl)) | 117 | if (!ENGINE_init(impl)) |
| @@ -142,6 +145,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 142 | } | 145 | } |
| 143 | else | 146 | else |
| 144 | ctx->engine = NULL; | 147 | ctx->engine = NULL; |
| 148 | #endif | ||
| 145 | 149 | ||
| 146 | ctx->cipher=cipher; | 150 | ctx->cipher=cipher; |
| 147 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); | 151 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); |
| @@ -161,11 +165,13 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp | |||
| 161 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); | 165 | EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); |
| 162 | return 0; | 166 | return 0; |
| 163 | } | 167 | } |
| 168 | #ifndef OPENSSL_NO_ENGINE | ||
| 164 | skip_to_init: | 169 | skip_to_init: |
| 170 | #endif | ||
| 165 | /* we assume block size is a power of 2 in *cryptUpdate */ | 171 | /* we assume block size is a power of 2 in *cryptUpdate */ |
| 166 | assert(ctx->cipher->block_size == 1 | 172 | OPENSSL_assert(ctx->cipher->block_size == 1 |
| 167 | || ctx->cipher->block_size == 8 | 173 | || ctx->cipher->block_size == 8 |
| 168 | || ctx->cipher->block_size == 16); | 174 | || ctx->cipher->block_size == 16); |
| 169 | 175 | ||
| 170 | if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { | 176 | if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { |
| 171 | switch(EVP_CIPHER_CTX_mode(ctx)) { | 177 | switch(EVP_CIPHER_CTX_mode(ctx)) { |
| @@ -181,6 +187,7 @@ skip_to_init: | |||
| 181 | 187 | ||
| 182 | case EVP_CIPH_CBC_MODE: | 188 | case EVP_CIPH_CBC_MODE: |
| 183 | 189 | ||
| 190 | OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv); | ||
| 184 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); | 191 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); |
| 185 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); | 192 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); |
| 186 | break; | 193 | break; |
| @@ -237,7 +244,7 @@ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *imp | |||
| 237 | int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, | 244 | int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, |
| 238 | const unsigned char *key, const unsigned char *iv) | 245 | const unsigned char *key, const unsigned char *iv) |
| 239 | { | 246 | { |
| 240 | return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0); | 247 | return EVP_CipherInit(ctx, cipher, key, iv, 0); |
| 241 | } | 248 | } |
| 242 | 249 | ||
| 243 | int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, | 250 | int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, |
| @@ -251,6 +258,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 251 | { | 258 | { |
| 252 | int i,j,bl; | 259 | int i,j,bl; |
| 253 | 260 | ||
| 261 | OPENSSL_assert(inl > 0); | ||
| 254 | if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) | 262 | if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) |
| 255 | { | 263 | { |
| 256 | if(ctx->cipher->do_cipher(ctx,out,in,inl)) | 264 | if(ctx->cipher->do_cipher(ctx,out,in,inl)) |
| @@ -266,6 +274,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 266 | } | 274 | } |
| 267 | i=ctx->buf_len; | 275 | i=ctx->buf_len; |
| 268 | bl=ctx->cipher->block_size; | 276 | bl=ctx->cipher->block_size; |
| 277 | OPENSSL_assert(bl <= sizeof ctx->buf); | ||
| 269 | if (i != 0) | 278 | if (i != 0) |
| 270 | { | 279 | { |
| 271 | if (i+inl < bl) | 280 | if (i+inl < bl) |
| @@ -314,6 +323,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 314 | int i,n,b,bl,ret; | 323 | int i,n,b,bl,ret; |
| 315 | 324 | ||
| 316 | b=ctx->cipher->block_size; | 325 | b=ctx->cipher->block_size; |
| 326 | OPENSSL_assert(b <= sizeof ctx->buf); | ||
| 317 | if (b == 1) | 327 | if (b == 1) |
| 318 | { | 328 | { |
| 319 | *outl=0; | 329 | *outl=0; |
| @@ -358,6 +368,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 358 | return EVP_EncryptUpdate(ctx, out, outl, in, inl); | 368 | return EVP_EncryptUpdate(ctx, out, outl, in, inl); |
| 359 | 369 | ||
| 360 | b=ctx->cipher->block_size; | 370 | b=ctx->cipher->block_size; |
| 371 | OPENSSL_assert(b <= sizeof ctx->final); | ||
| 361 | 372 | ||
| 362 | if(ctx->final_used) | 373 | if(ctx->final_used) |
| 363 | { | 374 | { |
| @@ -420,6 +431,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 420 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); | 431 | EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); |
| 421 | return(0); | 432 | return(0); |
| 422 | } | 433 | } |
| 434 | OPENSSL_assert(b <= sizeof ctx->final); | ||
| 423 | n=ctx->final[b-1]; | 435 | n=ctx->final[b-1]; |
| 424 | if (n > b) | 436 | if (n > b) |
| 425 | { | 437 | { |
| @@ -450,16 +462,18 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) | |||
| 450 | { | 462 | { |
| 451 | if(c->cipher->cleanup && !c->cipher->cleanup(c)) | 463 | if(c->cipher->cleanup && !c->cipher->cleanup(c)) |
| 452 | return 0; | 464 | return 0; |
| 453 | /* Zero cipher context data */ | 465 | /* Cleanse cipher context data */ |
| 454 | if (c->cipher_data) | 466 | if (c->cipher_data) |
| 455 | memset(c->cipher_data, 0, c->cipher->ctx_size); | 467 | OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); |
| 456 | } | 468 | } |
| 457 | if (c->cipher_data) | 469 | if (c->cipher_data) |
| 458 | OPENSSL_free(c->cipher_data); | 470 | OPENSSL_free(c->cipher_data); |
| 471 | #ifndef OPENSSL_NO_ENGINE | ||
| 459 | if (c->engine) | 472 | if (c->engine) |
| 460 | /* The EVP_CIPHER we used belongs to an ENGINE, release the | 473 | /* The EVP_CIPHER we used belongs to an ENGINE, release the |
| 461 | * functional reference we held for this reason. */ | 474 | * functional reference we held for this reason. */ |
| 462 | ENGINE_finish(c->engine); | 475 | ENGINE_finish(c->engine); |
| 476 | #endif | ||
| 463 | memset(c,0,sizeof(EVP_CIPHER_CTX)); | 477 | memset(c,0,sizeof(EVP_CIPHER_CTX)); |
| 464 | return 1; | 478 | return 1; |
| 465 | } | 479 | } |
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c index 4271393069..5f387a94d3 100644 --- a/src/lib/libssl/src/crypto/evp/evp_key.c +++ b/src/lib/libssl/src/crypto/evp/evp_key.c | |||
| @@ -103,7 +103,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) | |||
| 103 | buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); | 103 | buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); |
| 104 | ret = UI_process(ui); | 104 | ret = UI_process(ui); |
| 105 | UI_free(ui); | 105 | UI_free(ui); |
| 106 | memset(buff,0,BUFSIZ); | 106 | OPENSSL_cleanse(buff,BUFSIZ); |
| 107 | return ret; | 107 | return ret; |
| 108 | } | 108 | } |
| 109 | 109 | ||
| @@ -118,6 +118,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, | |||
| 118 | 118 | ||
| 119 | nkey=type->key_len; | 119 | nkey=type->key_len; |
| 120 | niv=type->iv_len; | 120 | niv=type->iv_len; |
| 121 | OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); | ||
| 122 | OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); | ||
| 121 | 123 | ||
| 122 | if (data == NULL) return(nkey); | 124 | if (data == NULL) return(nkey); |
| 123 | 125 | ||
| @@ -166,7 +168,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, | |||
| 166 | if ((nkey == 0) && (niv == 0)) break; | 168 | if ((nkey == 0) && (niv == 0)) break; |
| 167 | } | 169 | } |
| 168 | EVP_MD_CTX_cleanup(&c); | 170 | EVP_MD_CTX_cleanup(&c); |
| 169 | memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); | 171 | OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); |
| 170 | return(type->key_len); | 172 | return(type->key_len); |
| 171 | } | 173 | } |
| 172 | 174 | ||
diff --git a/src/lib/libssl/src/crypto/evp/evp_lib.c b/src/lib/libssl/src/crypto/evp/evp_lib.c index a431945ef5..52a3b287be 100644 --- a/src/lib/libssl/src/crypto/evp/evp_lib.c +++ b/src/lib/libssl/src/crypto/evp/evp_lib.c | |||
| @@ -90,6 +90,7 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 90 | if (type != NULL) | 90 | if (type != NULL) |
| 91 | { | 91 | { |
| 92 | l=EVP_CIPHER_CTX_iv_length(c); | 92 | l=EVP_CIPHER_CTX_iv_length(c); |
| 93 | OPENSSL_assert(l <= sizeof c->iv); | ||
| 93 | i=ASN1_TYPE_get_octetstring(type,c->oiv,l); | 94 | i=ASN1_TYPE_get_octetstring(type,c->oiv,l); |
| 94 | if (i != l) | 95 | if (i != l) |
| 95 | return(-1); | 96 | return(-1); |
| @@ -106,6 +107,7 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 106 | if (type != NULL) | 107 | if (type != NULL) |
| 107 | { | 108 | { |
| 108 | j=EVP_CIPHER_CTX_iv_length(c); | 109 | j=EVP_CIPHER_CTX_iv_length(c); |
| 110 | OPENSSL_assert(j <= sizeof c->iv); | ||
| 109 | i=ASN1_TYPE_set_octetstring(type,c->oiv,j); | 111 | i=ASN1_TYPE_set_octetstring(type,c->oiv,j); |
| 110 | } | 112 | } |
| 111 | return(i); | 113 | return(i); |
diff --git a/src/lib/libssl/src/crypto/evp/evp_pbe.c b/src/lib/libssl/src/crypto/evp/evp_pbe.c index 4234cd7684..bc98e63363 100644 --- a/src/lib/libssl/src/crypto/evp/evp_pbe.c +++ b/src/lib/libssl/src/crypto/evp/evp_pbe.c | |||
| @@ -88,7 +88,7 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, | |||
| 88 | char obj_tmp[80]; | 88 | char obj_tmp[80]; |
| 89 | EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); | 89 | EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); |
| 90 | if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); | 90 | if (!pbe_obj) strlcpy (obj_tmp, "NULL", sizeof obj_tmp); |
| 91 | else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj); | 91 | else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); |
| 92 | ERR_add_error_data(2, "TYPE=", obj_tmp); | 92 | ERR_add_error_data(2, "TYPE=", obj_tmp); |
| 93 | return 0; | 93 | return 0; |
| 94 | } | 94 | } |
diff --git a/src/lib/libssl/src/crypto/evp/evp_test.c b/src/lib/libssl/src/crypto/evp/evp_test.c index 90294ef686..28460173f7 100644 --- a/src/lib/libssl/src/crypto/evp/evp_test.c +++ b/src/lib/libssl/src/crypto/evp/evp_test.c | |||
| @@ -49,8 +49,14 @@ | |||
| 49 | 49 | ||
| 50 | #include <stdio.h> | 50 | #include <stdio.h> |
| 51 | #include <string.h> | 51 | #include <string.h> |
| 52 | |||
| 53 | #include "../e_os.h" | ||
| 54 | |||
| 52 | #include <openssl/evp.h> | 55 | #include <openssl/evp.h> |
| 56 | #ifndef OPENSSL_NO_ENGINE | ||
| 53 | #include <openssl/engine.h> | 57 | #include <openssl/engine.h> |
| 58 | #endif | ||
| 59 | #include <openssl/err.h> | ||
| 54 | #include <openssl/conf.h> | 60 | #include <openssl/conf.h> |
| 55 | 61 | ||
| 56 | static void hexdump(FILE *f,const char *title,const unsigned char *s,int l) | 62 | static void hexdump(FILE *f,const char *title,const unsigned char *s,int l) |
| @@ -78,7 +84,7 @@ static int convert(unsigned char *s) | |||
| 78 | if(!s[1]) | 84 | if(!s[1]) |
| 79 | { | 85 | { |
| 80 | fprintf(stderr,"Odd number of hex digits!"); | 86 | fprintf(stderr,"Odd number of hex digits!"); |
| 81 | exit(4); | 87 | EXIT(4); |
| 82 | } | 88 | } |
| 83 | sscanf((char *)s,"%2x",&n); | 89 | sscanf((char *)s,"%2x",&n); |
| 84 | *d=(unsigned char)n; | 90 | *d=(unsigned char)n; |
| @@ -120,6 +126,12 @@ static char *sstrsep(char **string, const char *delim) | |||
| 120 | static unsigned char *ustrsep(char **p,const char *sep) | 126 | static unsigned char *ustrsep(char **p,const char *sep) |
| 121 | { return (unsigned char *)sstrsep(p,sep); } | 127 | { return (unsigned char *)sstrsep(p,sep); } |
| 122 | 128 | ||
| 129 | static int test1_exit(int ec) | ||
| 130 | { | ||
| 131 | EXIT(ec); | ||
| 132 | return(0); /* To keep some compilers quiet */ | ||
| 133 | } | ||
| 134 | |||
| 123 | static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | 135 | static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, |
| 124 | const unsigned char *iv,int in, | 136 | const unsigned char *iv,int in, |
| 125 | const unsigned char *plaintext,int pn, | 137 | const unsigned char *plaintext,int pn, |
| @@ -142,7 +154,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 142 | { | 154 | { |
| 143 | fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn, | 155 | fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn, |
| 144 | c->key_len); | 156 | c->key_len); |
| 145 | exit(5); | 157 | test1_exit(5); |
| 146 | } | 158 | } |
| 147 | EVP_CIPHER_CTX_init(&ctx); | 159 | EVP_CIPHER_CTX_init(&ctx); |
| 148 | if (encdec != 0) | 160 | if (encdec != 0) |
| @@ -150,26 +162,26 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 150 | if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv)) | 162 | if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv)) |
| 151 | { | 163 | { |
| 152 | fprintf(stderr,"EncryptInit failed\n"); | 164 | fprintf(stderr,"EncryptInit failed\n"); |
| 153 | exit(10); | 165 | test1_exit(10); |
| 154 | } | 166 | } |
| 155 | EVP_CIPHER_CTX_set_padding(&ctx,0); | 167 | EVP_CIPHER_CTX_set_padding(&ctx,0); |
| 156 | 168 | ||
| 157 | if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) | 169 | if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn)) |
| 158 | { | 170 | { |
| 159 | fprintf(stderr,"Encrypt failed\n"); | 171 | fprintf(stderr,"Encrypt failed\n"); |
| 160 | exit(6); | 172 | test1_exit(6); |
| 161 | } | 173 | } |
| 162 | if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2)) | 174 | if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2)) |
| 163 | { | 175 | { |
| 164 | fprintf(stderr,"EncryptFinal failed\n"); | 176 | fprintf(stderr,"EncryptFinal failed\n"); |
| 165 | exit(7); | 177 | test1_exit(7); |
| 166 | } | 178 | } |
| 167 | 179 | ||
| 168 | if(outl+outl2 != cn) | 180 | if(outl+outl2 != cn) |
| 169 | { | 181 | { |
| 170 | fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", | 182 | fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n", |
| 171 | outl+outl2,cn); | 183 | outl+outl2,cn); |
| 172 | exit(8); | 184 | test1_exit(8); |
| 173 | } | 185 | } |
| 174 | 186 | ||
| 175 | if(memcmp(out,ciphertext,cn)) | 187 | if(memcmp(out,ciphertext,cn)) |
| @@ -177,7 +189,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 177 | fprintf(stderr,"Ciphertext mismatch\n"); | 189 | fprintf(stderr,"Ciphertext mismatch\n"); |
| 178 | hexdump(stderr,"Got",out,cn); | 190 | hexdump(stderr,"Got",out,cn); |
| 179 | hexdump(stderr,"Expected",ciphertext,cn); | 191 | hexdump(stderr,"Expected",ciphertext,cn); |
| 180 | exit(9); | 192 | test1_exit(9); |
| 181 | } | 193 | } |
| 182 | } | 194 | } |
| 183 | 195 | ||
| @@ -186,26 +198,26 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 186 | if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv)) | 198 | if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv)) |
| 187 | { | 199 | { |
| 188 | fprintf(stderr,"DecryptInit failed\n"); | 200 | fprintf(stderr,"DecryptInit failed\n"); |
| 189 | exit(11); | 201 | test1_exit(11); |
| 190 | } | 202 | } |
| 191 | EVP_CIPHER_CTX_set_padding(&ctx,0); | 203 | EVP_CIPHER_CTX_set_padding(&ctx,0); |
| 192 | 204 | ||
| 193 | if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) | 205 | if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn)) |
| 194 | { | 206 | { |
| 195 | fprintf(stderr,"Decrypt failed\n"); | 207 | fprintf(stderr,"Decrypt failed\n"); |
| 196 | exit(6); | 208 | test1_exit(6); |
| 197 | } | 209 | } |
| 198 | if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2)) | 210 | if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2)) |
| 199 | { | 211 | { |
| 200 | fprintf(stderr,"DecryptFinal failed\n"); | 212 | fprintf(stderr,"DecryptFinal failed\n"); |
| 201 | exit(7); | 213 | test1_exit(7); |
| 202 | } | 214 | } |
| 203 | 215 | ||
| 204 | if(outl+outl2 != cn) | 216 | if(outl+outl2 != cn) |
| 205 | { | 217 | { |
| 206 | fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", | 218 | fprintf(stderr,"Plaintext length mismatch got %d expected %d\n", |
| 207 | outl+outl2,cn); | 219 | outl+outl2,cn); |
| 208 | exit(8); | 220 | test1_exit(8); |
| 209 | } | 221 | } |
| 210 | 222 | ||
| 211 | if(memcmp(out,plaintext,cn)) | 223 | if(memcmp(out,plaintext,cn)) |
| @@ -213,7 +225,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, | |||
| 213 | fprintf(stderr,"Plaintext mismatch\n"); | 225 | fprintf(stderr,"Plaintext mismatch\n"); |
| 214 | hexdump(stderr,"Got",out,cn); | 226 | hexdump(stderr,"Got",out,cn); |
| 215 | hexdump(stderr,"Expected",plaintext,cn); | 227 | hexdump(stderr,"Expected",plaintext,cn); |
| 216 | exit(9); | 228 | test1_exit(9); |
| 217 | } | 229 | } |
| 218 | } | 230 | } |
| 219 | 231 | ||
| @@ -260,24 +272,24 @@ static int test_digest(const char *digest, | |||
| 260 | if(!EVP_DigestInit_ex(&ctx,d, NULL)) | 272 | if(!EVP_DigestInit_ex(&ctx,d, NULL)) |
| 261 | { | 273 | { |
| 262 | fprintf(stderr,"DigestInit failed\n"); | 274 | fprintf(stderr,"DigestInit failed\n"); |
| 263 | exit(100); | 275 | EXIT(100); |
| 264 | } | 276 | } |
| 265 | if(!EVP_DigestUpdate(&ctx,plaintext,pn)) | 277 | if(!EVP_DigestUpdate(&ctx,plaintext,pn)) |
| 266 | { | 278 | { |
| 267 | fprintf(stderr,"DigestUpdate failed\n"); | 279 | fprintf(stderr,"DigestUpdate failed\n"); |
| 268 | exit(101); | 280 | EXIT(101); |
| 269 | } | 281 | } |
| 270 | if(!EVP_DigestFinal_ex(&ctx,md,&mdn)) | 282 | if(!EVP_DigestFinal_ex(&ctx,md,&mdn)) |
| 271 | { | 283 | { |
| 272 | fprintf(stderr,"DigestFinal failed\n"); | 284 | fprintf(stderr,"DigestFinal failed\n"); |
| 273 | exit(101); | 285 | EXIT(101); |
| 274 | } | 286 | } |
| 275 | EVP_MD_CTX_cleanup(&ctx); | 287 | EVP_MD_CTX_cleanup(&ctx); |
| 276 | 288 | ||
| 277 | if(mdn != cn) | 289 | if(mdn != cn) |
| 278 | { | 290 | { |
| 279 | fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn); | 291 | fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn); |
| 280 | exit(102); | 292 | EXIT(102); |
| 281 | } | 293 | } |
| 282 | 294 | ||
| 283 | if(memcmp(md,ciphertext,cn)) | 295 | if(memcmp(md,ciphertext,cn)) |
| @@ -285,7 +297,7 @@ static int test_digest(const char *digest, | |||
| 285 | fprintf(stderr,"Digest mismatch\n"); | 297 | fprintf(stderr,"Digest mismatch\n"); |
| 286 | hexdump(stderr,"Got",md,cn); | 298 | hexdump(stderr,"Got",md,cn); |
| 287 | hexdump(stderr,"Expected",ciphertext,cn); | 299 | hexdump(stderr,"Expected",ciphertext,cn); |
| 288 | exit(103); | 300 | EXIT(103); |
| 289 | } | 301 | } |
| 290 | 302 | ||
| 291 | printf("\n"); | 303 | printf("\n"); |
| @@ -303,7 +315,7 @@ int main(int argc,char **argv) | |||
| 303 | if(argc != 2) | 315 | if(argc != 2) |
| 304 | { | 316 | { |
| 305 | fprintf(stderr,"%s <test file>\n",argv[0]); | 317 | fprintf(stderr,"%s <test file>\n",argv[0]); |
| 306 | exit(1); | 318 | EXIT(1); |
| 307 | } | 319 | } |
| 308 | CRYPTO_malloc_debug_init(); | 320 | CRYPTO_malloc_debug_init(); |
| 309 | CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); | 321 | CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); |
| @@ -315,17 +327,20 @@ int main(int argc,char **argv) | |||
| 315 | if(!f) | 327 | if(!f) |
| 316 | { | 328 | { |
| 317 | perror(szTestFile); | 329 | perror(szTestFile); |
| 318 | exit(2); | 330 | EXIT(2); |
| 319 | } | 331 | } |
| 320 | 332 | ||
| 321 | /* Load up the software EVP_CIPHER and EVP_MD definitions */ | 333 | /* Load up the software EVP_CIPHER and EVP_MD definitions */ |
| 322 | OpenSSL_add_all_ciphers(); | 334 | OpenSSL_add_all_ciphers(); |
| 323 | OpenSSL_add_all_digests(); | 335 | OpenSSL_add_all_digests(); |
| 336 | #ifndef OPENSSL_NO_ENGINE | ||
| 324 | /* Load all compiled-in ENGINEs */ | 337 | /* Load all compiled-in ENGINEs */ |
| 325 | ENGINE_load_builtin_engines(); | 338 | ENGINE_load_builtin_engines(); |
| 339 | #endif | ||
| 326 | #if 0 | 340 | #if 0 |
| 327 | OPENSSL_config(); | 341 | OPENSSL_config(); |
| 328 | #endif | 342 | #endif |
| 343 | #ifndef OPENSSL_NO_ENGINE | ||
| 329 | /* Register all available ENGINE implementations of ciphers and digests. | 344 | /* Register all available ENGINE implementations of ciphers and digests. |
| 330 | * This could perhaps be changed to "ENGINE_register_all_complete()"? */ | 345 | * This could perhaps be changed to "ENGINE_register_all_complete()"? */ |
| 331 | ENGINE_register_all_ciphers(); | 346 | ENGINE_register_all_ciphers(); |
| @@ -334,6 +349,7 @@ int main(int argc,char **argv) | |||
| 334 | * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if | 349 | * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if |
| 335 | * they weren't already initialised. */ | 350 | * they weren't already initialised. */ |
| 336 | /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */ | 351 | /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */ |
| 352 | #endif | ||
| 337 | 353 | ||
| 338 | for( ; ; ) | 354 | for( ; ; ) |
| 339 | { | 355 | { |
| @@ -371,11 +387,13 @@ int main(int argc,char **argv) | |||
| 371 | && !test_digest(cipher,plaintext,pn,ciphertext,cn)) | 387 | && !test_digest(cipher,plaintext,pn,ciphertext,cn)) |
| 372 | { | 388 | { |
| 373 | fprintf(stderr,"Can't find %s\n",cipher); | 389 | fprintf(stderr,"Can't find %s\n",cipher); |
| 374 | exit(3); | 390 | EXIT(3); |
| 375 | } | 391 | } |
| 376 | } | 392 | } |
| 377 | 393 | ||
| 394 | #ifndef OPENSSL_NO_ENGINE | ||
| 378 | ENGINE_cleanup(); | 395 | ENGINE_cleanup(); |
| 396 | #endif | ||
| 379 | EVP_cleanup(); | 397 | EVP_cleanup(); |
| 380 | CRYPTO_cleanup_all_ex_data(); | 398 | CRYPTO_cleanup_all_ex_data(); |
| 381 | ERR_remove_state(0); | 399 | ERR_remove_state(0); |
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt.c b/src/lib/libssl/src/crypto/evp/p5_crpt.c index 27a8286489..a1874e83b2 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt.c | |||
| @@ -140,12 +140,14 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, | |||
| 140 | EVP_DigestFinal_ex (&ctx, md_tmp, NULL); | 140 | EVP_DigestFinal_ex (&ctx, md_tmp, NULL); |
| 141 | } | 141 | } |
| 142 | EVP_MD_CTX_cleanup(&ctx); | 142 | EVP_MD_CTX_cleanup(&ctx); |
| 143 | OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp); | ||
| 143 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); | 144 | memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); |
| 145 | OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); | ||
| 144 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), | 146 | memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), |
| 145 | EVP_CIPHER_iv_length(cipher)); | 147 | EVP_CIPHER_iv_length(cipher)); |
| 146 | EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); | 148 | EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); |
| 147 | memset(md_tmp, 0, EVP_MAX_MD_SIZE); | 149 | OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); |
| 148 | memset(key, 0, EVP_MAX_KEY_LENGTH); | 150 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
| 149 | memset(iv, 0, EVP_MAX_IV_LENGTH); | 151 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
| 150 | return 1; | 152 | return 1; |
| 151 | } | 153 | } |
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c index 7485d6a278..1f94e1ef88 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c | |||
| @@ -190,6 +190,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 190 | goto err; | 190 | goto err; |
| 191 | } | 191 | } |
| 192 | keylen = EVP_CIPHER_CTX_key_length(ctx); | 192 | keylen = EVP_CIPHER_CTX_key_length(ctx); |
| 193 | OPENSSL_assert(keylen <= sizeof key); | ||
| 193 | 194 | ||
| 194 | /* Now decode key derivation function */ | 195 | /* Now decode key derivation function */ |
| 195 | 196 | ||
| @@ -230,7 +231,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 230 | iter = ASN1_INTEGER_get(kdf->iter); | 231 | iter = ASN1_INTEGER_get(kdf->iter); |
| 231 | PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); | 232 | PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); |
| 232 | EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); | 233 | EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); |
| 233 | memset(key, 0, keylen); | 234 | OPENSSL_cleanse(key, keylen); |
| 234 | PBKDF2PARAM_free(kdf); | 235 | PBKDF2PARAM_free(kdf); |
| 235 | return 1; | 236 | return 1; |
| 236 | 237 | ||
diff --git a/src/lib/libssl/src/crypto/evp/p_open.c b/src/lib/libssl/src/crypto/evp/p_open.c index 6976f2a867..5a933d1cda 100644 --- a/src/lib/libssl/src/crypto/evp/p_open.c +++ b/src/lib/libssl/src/crypto/evp/p_open.c | |||
| @@ -101,7 +101,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek, | |||
| 101 | 101 | ||
| 102 | ret=1; | 102 | ret=1; |
| 103 | err: | 103 | err: |
| 104 | if (key != NULL) memset(key,0,size); | 104 | if (key != NULL) OPENSSL_cleanse(key,size); |
| 105 | OPENSSL_free(key); | 105 | OPENSSL_free(key); |
| 106 | return(ret); | 106 | return(ret); |
| 107 | } | 107 | } |
diff --git a/src/lib/libssl/src/crypto/hmac/Makefile.ssl b/src/lib/libssl/src/crypto/hmac/Makefile.ssl index 2bb3264f0e..f1c07322c4 100644 --- a/src/lib/libssl/src/crypto/hmac/Makefile.ssl +++ b/src/lib/libssl/src/crypto/hmac/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -79,21 +79,23 @@ clean: | |||
| 79 | 79 | ||
| 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 81 | 81 | ||
| 82 | hmac.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 82 | hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h |
| 83 | hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | 83 | hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h |
| 84 | hmac.o: ../../include/openssl/bn.h ../../include/openssl/cast.h | 84 | hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 85 | hmac.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 85 | hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h |
| 86 | hmac.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | 86 | hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 87 | hmac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 87 | hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 88 | hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 88 | hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h | 89 | hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h |
| 89 | hmac.o: ../../include/openssl/idea.h ../../include/openssl/md2.h | 90 | hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 90 | hmac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | 91 | hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h |
| 91 | hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | 92 | hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h |
| 92 | hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 93 | hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 93 | hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 94 | hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 94 | hmac.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | 95 | hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h |
| 95 | hmac.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | 96 | hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h |
| 96 | hmac.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 97 | hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h |
| 97 | hmac.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 98 | hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 98 | hmac.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 99 | hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 99 | hmac.o: ../../include/openssl/ui_compat.h hmac.c | 100 | hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 101 | hmac.o: ../cryptlib.h hmac.c | ||
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c index da363b7950..4c91f919d5 100644 --- a/src/lib/libssl/src/crypto/hmac/hmac.c +++ b/src/lib/libssl/src/crypto/hmac/hmac.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/hmac.h> | 61 | #include <openssl/hmac.h> |
| 62 | #include "cryptlib.h" | ||
| 62 | 63 | ||
| 63 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | 64 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, |
| 64 | const EVP_MD *md, ENGINE *impl) | 65 | const EVP_MD *md, ENGINE *impl) |
| @@ -78,6 +79,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | |||
| 78 | { | 79 | { |
| 79 | reset=1; | 80 | reset=1; |
| 80 | j=EVP_MD_block_size(md); | 81 | j=EVP_MD_block_size(md); |
| 82 | OPENSSL_assert(j <= sizeof ctx->key); | ||
| 81 | if (j < len) | 83 | if (j < len) |
| 82 | { | 84 | { |
| 83 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); | 85 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); |
| @@ -87,6 +89,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | |||
| 87 | } | 89 | } |
| 88 | else | 90 | else |
| 89 | { | 91 | { |
| 92 | OPENSSL_assert(len <= sizeof ctx->key); | ||
| 90 | memcpy(ctx->key,key,len); | 93 | memcpy(ctx->key,key,len); |
| 91 | ctx->key_length=len; | 94 | ctx->key_length=len; |
| 92 | } | 95 | } |
diff --git a/src/lib/libssl/src/crypto/hmac/hmactest.c b/src/lib/libssl/src/crypto/hmac/hmactest.c index 96d3beb8e6..1b906b81af 100644 --- a/src/lib/libssl/src/crypto/hmac/hmactest.c +++ b/src/lib/libssl/src/crypto/hmac/hmactest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_HMAC | 65 | #ifdef OPENSSL_NO_HMAC |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -68,12 +70,15 @@ int main(int argc, char *argv[]) | |||
| 68 | } | 70 | } |
| 69 | #else | 71 | #else |
| 70 | #include <openssl/hmac.h> | 72 | #include <openssl/hmac.h> |
| 73 | #ifndef OPENSSL_NO_MD5 | ||
| 71 | #include <openssl/md5.h> | 74 | #include <openssl/md5.h> |
| 75 | #endif | ||
| 72 | 76 | ||
| 73 | #ifdef CHARSET_EBCDIC | 77 | #ifdef CHARSET_EBCDIC |
| 74 | #include <openssl/ebcdic.h> | 78 | #include <openssl/ebcdic.h> |
| 75 | #endif | 79 | #endif |
| 76 | 80 | ||
| 81 | #ifndef OPENSSL_NO_MD5 | ||
| 77 | static struct test_st | 82 | static struct test_st |
| 78 | { | 83 | { |
| 79 | unsigned char key[16]; | 84 | unsigned char key[16]; |
| @@ -113,13 +118,20 @@ static struct test_st | |||
| 113 | (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6", | 118 | (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6", |
| 114 | }, | 119 | }, |
| 115 | }; | 120 | }; |
| 116 | 121 | #endif | |
| 117 | 122 | ||
| 118 | static char *pt(unsigned char *md); | 123 | static char *pt(unsigned char *md); |
| 119 | int main(int argc, char *argv[]) | 124 | int main(int argc, char *argv[]) |
| 120 | { | 125 | { |
| 121 | int i,err=0; | 126 | #ifndef OPENSSL_NO_MD5 |
| 127 | int i; | ||
| 122 | char *p; | 128 | char *p; |
| 129 | #endif | ||
| 130 | int err=0; | ||
| 131 | |||
| 132 | #ifdef OPENSSL_NO_MD5 | ||
| 133 | printf("test skipped: MD5 disabled\n"); | ||
| 134 | #else | ||
| 123 | 135 | ||
| 124 | #ifdef CHARSET_EBCDIC | 136 | #ifdef CHARSET_EBCDIC |
| 125 | ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); | 137 | ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); |
| @@ -144,10 +156,12 @@ int main(int argc, char *argv[]) | |||
| 144 | else | 156 | else |
| 145 | printf("test %d ok\n",i); | 157 | printf("test %d ok\n",i); |
| 146 | } | 158 | } |
| 147 | exit(err); | 159 | #endif /* OPENSSL_NO_MD5 */ |
| 160 | EXIT(err); | ||
| 148 | return(0); | 161 | return(0); |
| 149 | } | 162 | } |
| 150 | 163 | ||
| 164 | #ifndef OPENSSL_NO_MD5 | ||
| 151 | static char *pt(unsigned char *md) | 165 | static char *pt(unsigned char *md) |
| 152 | { | 166 | { |
| 153 | int i; | 167 | int i; |
| @@ -158,3 +172,4 @@ static char *pt(unsigned char *md) | |||
| 158 | return(buf); | 172 | return(buf); |
| 159 | } | 173 | } |
| 160 | #endif | 174 | #endif |
| 175 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/idea/Makefile.ssl b/src/lib/libssl/src/crypto/idea/Makefile.ssl index 87c9aa484b..fa016ea399 100644 --- a/src/lib/libssl/src/crypto/idea/Makefile.ssl +++ b/src/lib/libssl/src/crypto/idea/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/krb5/Makefile.ssl b/src/lib/libssl/src/crypto/krb5/Makefile.ssl index 7ad0cbb0bc..d9224c0f09 100644 --- a/src/lib/libssl/src/crypto/krb5/Makefile.ssl +++ b/src/lib/libssl/src/crypto/krb5/Makefile.ssl | |||
| @@ -41,7 +41,7 @@ all: lib | |||
| 41 | 41 | ||
| 42 | lib: $(LIBOBJ) | 42 | lib: $(LIBOBJ) |
| 43 | $(AR) $(LIB) $(LIBOBJ) | 43 | $(AR) $(LIB) $(LIBOBJ) |
| 44 | $(RANLIB) $(LIB) | 44 | $(RANLIB) $(LIB) || echo Never mind. |
| 45 | @touch lib | 45 | @touch lib |
| 46 | 46 | ||
| 47 | files: | 47 | files: |
| @@ -69,7 +69,7 @@ lint: | |||
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 70 | ||
| 71 | depend: | 71 | depend: |
| 72 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 73 | 73 | ||
| 74 | dclean: | 74 | dclean: |
| 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/lhash/Makefile.ssl b/src/lib/libssl/src/crypto/lhash/Makefile.ssl index b3ad272cf7..60e7ee3393 100644 --- a/src/lib/libssl/src/crypto/lhash/Makefile.ssl +++ b/src/lib/libssl/src/crypto/lhash/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/lhash/lh_stats.c b/src/lib/libssl/src/crypto/lhash/lh_stats.c index 8e6f57c741..5aa7766aa6 100644 --- a/src/lib/libssl/src/crypto/lhash/lh_stats.c +++ b/src/lib/libssl/src/crypto/lhash/lh_stats.c | |||
| @@ -179,63 +179,29 @@ end:; | |||
| 179 | 179 | ||
| 180 | void lh_stats_bio(const LHASH *lh, BIO *out) | 180 | void lh_stats_bio(const LHASH *lh, BIO *out) |
| 181 | { | 181 | { |
| 182 | char buf[128]; | 182 | BIO_printf(out,"num_items = %lu\n",lh->num_items); |
| 183 | 183 | BIO_printf(out,"num_nodes = %u\n",lh->num_nodes); | |
| 184 | snprintf(buf,sizeof buf,"num_items = %lu\n",lh->num_items); | 184 | BIO_printf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes); |
| 185 | BIO_puts(out,buf); | 185 | BIO_printf(out,"num_expands = %lu\n",lh->num_expands); |
| 186 | snprintf(buf,sizeof buf,"num_nodes = %u\n",lh->num_nodes); | 186 | BIO_printf(out,"num_expand_reallocs = %lu\n", |
| 187 | BIO_puts(out,buf); | 187 | lh->num_expand_reallocs); |
| 188 | snprintf(buf,sizeof buf,"num_alloc_nodes = %u\n", | 188 | BIO_printf(out,"num_contracts = %lu\n",lh->num_contracts); |
| 189 | lh->num_alloc_nodes); | 189 | BIO_printf(out,"num_contract_reallocs = %lu\n", |
| 190 | BIO_puts(out,buf); | 190 | lh->num_contract_reallocs); |
| 191 | snprintf(buf,sizeof buf,"num_expands = %lu\n", | 191 | BIO_printf(out,"num_hash_calls = %lu\n",lh->num_hash_calls); |
| 192 | lh->num_expands); | 192 | BIO_printf(out,"num_comp_calls = %lu\n",lh->num_comp_calls); |
| 193 | BIO_puts(out,buf); | 193 | BIO_printf(out,"num_insert = %lu\n",lh->num_insert); |
| 194 | snprintf(buf,sizeof buf,"num_expand_reallocs = %lu\n", | 194 | BIO_printf(out,"num_replace = %lu\n",lh->num_replace); |
| 195 | lh->num_expand_reallocs); | 195 | BIO_printf(out,"num_delete = %lu\n",lh->num_delete); |
| 196 | BIO_puts(out,buf); | 196 | BIO_printf(out,"num_no_delete = %lu\n",lh->num_no_delete); |
| 197 | snprintf(buf,sizeof buf,"num_contracts = %lu\n", | 197 | BIO_printf(out,"num_retrieve = %lu\n",lh->num_retrieve); |
| 198 | lh->num_contracts); | 198 | BIO_printf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss); |
| 199 | BIO_puts(out,buf); | 199 | BIO_printf(out,"num_hash_comps = %lu\n",lh->num_hash_comps); |
| 200 | snprintf(buf,sizeof buf,"num_contract_reallocs = %lu\n", | ||
| 201 | lh->num_contract_reallocs); | ||
| 202 | BIO_puts(out,buf); | ||
| 203 | snprintf(buf,sizeof buf,"num_hash_calls = %lu\n", | ||
| 204 | lh->num_hash_calls); | ||
| 205 | BIO_puts(out,buf); | ||
| 206 | snprintf(buf,sizeof buf,"num_comp_calls = %lu\n", | ||
| 207 | lh->num_comp_calls); | ||
| 208 | BIO_puts(out,buf); | ||
| 209 | snprintf(buf,sizeof buf,"num_insert = %lu\n", | ||
| 210 | lh->num_insert); | ||
| 211 | BIO_puts(out,buf); | ||
| 212 | snprintf(buf,sizeof buf,"num_replace = %lu\n", | ||
| 213 | lh->num_replace); | ||
| 214 | BIO_puts(out,buf); | ||
| 215 | snprintf(buf,sizeof buf,"num_delete = %lu\n", | ||
| 216 | lh->num_delete); | ||
| 217 | BIO_puts(out,buf); | ||
| 218 | snprintf(buf,sizeof buf,"num_no_delete = %lu\n", | ||
| 219 | lh->num_no_delete); | ||
| 220 | BIO_puts(out,buf); | ||
| 221 | snprintf(buf,sizeof buf,"num_retrieve = %lu\n", | ||
| 222 | lh->num_retrieve); | ||
| 223 | BIO_puts(out,buf); | ||
| 224 | snprintf(buf,sizeof buf,"num_retrieve_miss = %lu\n", | ||
| 225 | lh->num_retrieve_miss); | ||
| 226 | BIO_puts(out,buf); | ||
| 227 | snprintf(buf,sizeof buf,"num_hash_comps = %lu\n", | ||
| 228 | lh->num_hash_comps); | ||
| 229 | BIO_puts(out,buf); | ||
| 230 | #if 0 | 200 | #if 0 |
| 231 | snprintf(buf,sizeof buf,"p = %u\n",lh->p); | 201 | BIO_printf(out,"p = %u\n",lh->p); |
| 232 | BIO_puts(out,buf); | 202 | BIO_printf(out,"pmax = %u\n",lh->pmax); |
| 233 | snprintf(buf,sizeof buf,"pmax = %u\n",lh->pmax); | 203 | BIO_printf(out,"up_load = %lu\n",lh->up_load); |
| 234 | BIO_puts(out,buf); | 204 | BIO_printf(out,"down_load = %lu\n",lh->down_load); |
| 235 | snprintf(buf,sizeof buf,"up_load = %lu\n",lh->up_load); | ||
| 236 | BIO_puts(out,buf); | ||
| 237 | snprintf(buf,sizeof buf,"down_load = %lu\n",lh->down_load); | ||
| 238 | BIO_puts(out,buf); | ||
| 239 | #endif | 205 | #endif |
| 240 | } | 206 | } |
| 241 | 207 | ||
| @@ -243,14 +209,12 @@ void lh_node_stats_bio(const LHASH *lh, BIO *out) | |||
| 243 | { | 209 | { |
| 244 | LHASH_NODE *n; | 210 | LHASH_NODE *n; |
| 245 | unsigned int i,num; | 211 | unsigned int i,num; |
| 246 | char buf[128]; | ||
| 247 | 212 | ||
| 248 | for (i=0; i<lh->num_nodes; i++) | 213 | for (i=0; i<lh->num_nodes; i++) |
| 249 | { | 214 | { |
| 250 | for (n=lh->b[i],num=0; n != NULL; n=n->next) | 215 | for (n=lh->b[i],num=0; n != NULL; n=n->next) |
| 251 | num++; | 216 | num++; |
| 252 | snprintf(buf,sizeof buf,"node %6u -> %3u\n",i,num); | 217 | BIO_printf(out,"node %6u -> %3u\n",i,num); |
| 253 | BIO_puts(out,buf); | ||
| 254 | } | 218 | } |
| 255 | } | 219 | } |
| 256 | 220 | ||
| @@ -260,7 +224,6 @@ void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) | |||
| 260 | unsigned long num; | 224 | unsigned long num; |
| 261 | unsigned int i; | 225 | unsigned int i; |
| 262 | unsigned long total=0,n_used=0; | 226 | unsigned long total=0,n_used=0; |
| 263 | char buf[128]; | ||
| 264 | 227 | ||
| 265 | for (i=0; i<lh->num_nodes; i++) | 228 | for (i=0; i<lh->num_nodes; i++) |
| 266 | { | 229 | { |
| @@ -272,18 +235,14 @@ void lh_node_usage_stats_bio(const LHASH *lh, BIO *out) | |||
| 272 | total+=num; | 235 | total+=num; |
| 273 | } | 236 | } |
| 274 | } | 237 | } |
| 275 | snprintf(buf,sizeof buf,"%lu nodes used out of %u\n",n_used, | 238 | BIO_printf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes); |
| 276 | lh->num_nodes); | 239 | BIO_printf(out,"%lu items\n",total); |
| 277 | BIO_puts(out,buf); | ||
| 278 | snprintf(buf,sizeof buf,"%lu items\n",total); | ||
| 279 | BIO_puts(out,buf); | ||
| 280 | if (n_used == 0) return; | 240 | if (n_used == 0) return; |
| 281 | snprintf(buf,sizeof buf,"load %d.%02d actual load %d.%02d\n", | 241 | BIO_printf(out,"load %d.%02d actual load %d.%02d\n", |
| 282 | (int)(total/lh->num_nodes), | 242 | (int)(total/lh->num_nodes), |
| 283 | (int)((total%lh->num_nodes)*100/lh->num_nodes), | 243 | (int)((total%lh->num_nodes)*100/lh->num_nodes), |
| 284 | (int)(total/n_used), | 244 | (int)(total/n_used), |
| 285 | (int)((total%n_used)*100/n_used)); | 245 | (int)((total%n_used)*100/n_used)); |
| 286 | BIO_puts(out,buf); | ||
| 287 | } | 246 | } |
| 288 | 247 | ||
| 289 | #endif | 248 | #endif |
diff --git a/src/lib/libssl/src/crypto/md2/Makefile.ssl b/src/lib/libssl/src/crypto/md2/Makefile.ssl index e89a17f3a4..3206924c90 100644 --- a/src/lib/libssl/src/crypto/md2/Makefile.ssl +++ b/src/lib/libssl/src/crypto/md2/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -79,8 +79,11 @@ clean: | |||
| 79 | 79 | ||
| 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 80 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 81 | 81 | ||
| 82 | md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 82 | md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h | 83 | md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h |
| 83 | md2_dgst.o: ../../include/openssl/opensslv.h md2_dgst.c | 84 | md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h |
| 85 | md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 86 | md2_dgst.o: md2_dgst.c | ||
| 84 | md2_one.o: ../../e_os.h ../../include/openssl/bio.h | 87 | md2_one.o: ../../e_os.h ../../include/openssl/bio.h |
| 85 | md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 88 | md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 86 | md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 89 | md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
diff --git a/src/lib/libssl/src/crypto/md2/md2_dgst.c b/src/lib/libssl/src/crypto/md2/md2_dgst.c index e25dd00e02..ecb64f0ec4 100644 --- a/src/lib/libssl/src/crypto/md2/md2_dgst.c +++ b/src/lib/libssl/src/crypto/md2/md2_dgst.c | |||
| @@ -61,6 +61,7 @@ | |||
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <openssl/md2.h> | 62 | #include <openssl/md2.h> |
| 63 | #include <openssl/opensslv.h> | 63 | #include <openssl/opensslv.h> |
| 64 | #include <openssl/crypto.h> | ||
| 64 | 65 | ||
| 65 | const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; | 66 | const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; |
| 66 | 67 | ||
| @@ -118,9 +119,9 @@ const char *MD2_options(void) | |||
| 118 | int MD2_Init(MD2_CTX *c) | 119 | int MD2_Init(MD2_CTX *c) |
| 119 | { | 120 | { |
| 120 | c->num=0; | 121 | c->num=0; |
| 121 | memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT)); | 122 | memset(c->state,0,sizeof c->state); |
| 122 | memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT)); | 123 | memset(c->cksm,0,sizeof c->cksm); |
| 123 | memset(c->data,0,MD2_BLOCK); | 124 | memset(c->data,0,sizeof c->data); |
| 124 | return 1; | 125 | return 1; |
| 125 | } | 126 | } |
| 126 | 127 | ||
| @@ -196,7 +197,7 @@ static void md2_block(MD2_CTX *c, const unsigned char *d) | |||
| 196 | t=(t+i)&0xff; | 197 | t=(t+i)&0xff; |
| 197 | } | 198 | } |
| 198 | memcpy(sp1,state,16*sizeof(MD2_INT)); | 199 | memcpy(sp1,state,16*sizeof(MD2_INT)); |
| 199 | memset(state,0,48*sizeof(MD2_INT)); | 200 | OPENSSL_cleanse(state,48*sizeof(MD2_INT)); |
| 200 | } | 201 | } |
| 201 | 202 | ||
| 202 | int MD2_Final(unsigned char *md, MD2_CTX *c) | 203 | int MD2_Final(unsigned char *md, MD2_CTX *c) |
diff --git a/src/lib/libssl/src/crypto/md2/md2_one.c b/src/lib/libssl/src/crypto/md2/md2_one.c index b12c37ce4d..835160ef56 100644 --- a/src/lib/libssl/src/crypto/md2/md2_one.c +++ b/src/lib/libssl/src/crypto/md2/md2_one.c | |||
| @@ -88,6 +88,6 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 88 | } | 88 | } |
| 89 | #endif | 89 | #endif |
| 90 | MD2_Final(md,&c); | 90 | MD2_Final(md,&c); |
| 91 | memset(&c,0,sizeof(c)); /* Security consideration */ | 91 | OPENSSL_cleanse(&c,sizeof(c)); /* Security consideration */ |
| 92 | return(md); | 92 | return(md); |
| 93 | } | 93 | } |
diff --git a/src/lib/libssl/src/crypto/md2/md2test.c b/src/lib/libssl/src/crypto/md2/md2test.c index 7d3664faf5..901d0a7d8e 100644 --- a/src/lib/libssl/src/crypto/md2/md2test.c +++ b/src/lib/libssl/src/crypto/md2/md2test.c | |||
| @@ -61,6 +61,8 @@ | |||
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <openssl/md2.h> | 62 | #include <openssl/md2.h> |
| 63 | 63 | ||
| 64 | #include "../e_os.h" | ||
| 65 | |||
| 64 | #ifdef OPENSSL_NO_MD2 | 66 | #ifdef OPENSSL_NO_MD2 |
| 65 | int main(int argc, char *argv[]) | 67 | int main(int argc, char *argv[]) |
| 66 | { | 68 | { |
| @@ -122,8 +124,7 @@ int main(int argc, char *argv[]) | |||
| 122 | R++; | 124 | R++; |
| 123 | P++; | 125 | P++; |
| 124 | } | 126 | } |
| 125 | exit(err); | 127 | EXIT(err); |
| 126 | return(0); | ||
| 127 | } | 128 | } |
| 128 | 129 | ||
| 129 | static char *pt(unsigned char *md) | 130 | static char *pt(unsigned char *md) |
diff --git a/src/lib/libssl/src/crypto/md32_common.h b/src/lib/libssl/src/crypto/md32_common.h index 353d2b96ad..573850b122 100644 --- a/src/lib/libssl/src/crypto/md32_common.h +++ b/src/lib/libssl/src/crypto/md32_common.h | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/md32_common.h */ | 1 | /* crypto/md32_common.h */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -198,7 +198,7 @@ | |||
| 198 | * | 198 | * |
| 199 | * <appro@fy.chalmers.se> | 199 | * <appro@fy.chalmers.se> |
| 200 | */ | 200 | */ |
| 201 | # if defined(__i386) || defined(__i386__) | 201 | # if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) |
| 202 | # define ROTATE(a,n) ({ register unsigned int ret; \ | 202 | # define ROTATE(a,n) ({ register unsigned int ret; \ |
| 203 | asm ( \ | 203 | asm ( \ |
| 204 | "roll %1,%0" \ | 204 | "roll %1,%0" \ |
| @@ -224,7 +224,7 @@ | |||
| 224 | */ | 224 | */ |
| 225 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) | 225 | # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) |
| 226 | /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */ | 226 | /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */ |
| 227 | # if (defined(__i386) || defined(__i386__)) && !defined(I386_ONLY) | 227 | # if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY) |
| 228 | # define BE_FETCH32(a) ({ register unsigned int l=(a);\ | 228 | # define BE_FETCH32(a) ({ register unsigned int l=(a);\ |
| 229 | asm ( \ | 229 | asm ( \ |
| 230 | "bswapl %0" \ | 230 | "bswapl %0" \ |
| @@ -456,7 +456,10 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) | |||
| 456 | { | 456 | { |
| 457 | ew=(c->num>>2); | 457 | ew=(c->num>>2); |
| 458 | ec=(c->num&0x03); | 458 | ec=(c->num&0x03); |
| 459 | l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; | 459 | if (sc) |
| 460 | l=p[sw]; | ||
| 461 | HOST_p_c2l(data,l,sc); | ||
| 462 | p[sw++]=l; | ||
| 460 | for (; sw < ew; sw++) | 463 | for (; sw < ew; sw++) |
| 461 | { | 464 | { |
| 462 | HOST_c2l(data,l); p[sw]=l; | 465 | HOST_c2l(data,l); p[sw]=l; |
| @@ -603,7 +606,32 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) | |||
| 603 | c->num=0; | 606 | c->num=0; |
| 604 | /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack | 607 | /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack |
| 605 | * but I'm not worried :-) | 608 | * but I'm not worried :-) |
| 606 | memset((void *)c,0,sizeof(HASH_CTX)); | 609 | OPENSSL_cleanse((void *)c,sizeof(HASH_CTX)); |
| 607 | */ | 610 | */ |
| 608 | return 1; | 611 | return 1; |
| 609 | } | 612 | } |
| 613 | |||
| 614 | #ifndef MD32_REG_T | ||
| 615 | #define MD32_REG_T long | ||
| 616 | /* | ||
| 617 | * This comment was originaly written for MD5, which is why it | ||
| 618 | * discusses A-D. But it basically applies to all 32-bit digests, | ||
| 619 | * which is why it was moved to common header file. | ||
| 620 | * | ||
| 621 | * In case you wonder why A-D are declared as long and not | ||
| 622 | * as MD5_LONG. Doing so results in slight performance | ||
| 623 | * boost on LP64 architectures. The catch is we don't | ||
| 624 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 625 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 626 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 627 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 628 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 629 | * Well, to be honest it should say that this *prevents* | ||
| 630 | * performance degradation. | ||
| 631 | * <appro@fy.chalmers.se> | ||
| 632 | * Apparently there're LP64 compilers that generate better | ||
| 633 | * code if A-D are declared int. Most notably GCC-x86_64 | ||
| 634 | * generates better code. | ||
| 635 | * <appro@fy.chalmers.se> | ||
| 636 | */ | ||
| 637 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/md4/Makefile.ssl b/src/lib/libssl/src/crypto/md4/Makefile.ssl index 1de72571d8..7d2e8d8d3b 100644 --- a/src/lib/libssl/src/crypto/md4/Makefile.ssl +++ b/src/lib/libssl/src/crypto/md4/Makefile.ssl | |||
| @@ -69,7 +69,7 @@ lint: | |||
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 70 | ||
| 71 | depend: | 71 | depend: |
| 72 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 73 | 73 | ||
| 74 | dclean: | 74 | dclean: |
| 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -84,5 +84,8 @@ md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h | |||
| 84 | md4_dgst.o: ../../include/openssl/opensslconf.h | 84 | md4_dgst.o: ../../include/openssl/opensslconf.h |
| 85 | md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c | 85 | md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c |
| 86 | md4_dgst.o: md4_locl.h | 86 | md4_dgst.o: md4_locl.h |
| 87 | md4_one.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h | 87 | md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 88 | md4_one.o: ../../include/openssl/opensslconf.h md4_one.c | 88 | md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h |
| 89 | md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 90 | md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 91 | md4_one.o: md4_one.c | ||
diff --git a/src/lib/libssl/src/crypto/md4/md4.c b/src/lib/libssl/src/crypto/md4/md4.c index e4b0aac011..141415ad4d 100644 --- a/src/lib/libssl/src/crypto/md4/md4.c +++ b/src/lib/libssl/src/crypto/md4/md4.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | void do_fp(FILE *f); | 65 | void do_fp(FILE *f); |
| 66 | void pt(unsigned char *md); | 66 | void pt(unsigned char *md); |
| 67 | #ifndef _OSD_POSIX | 67 | #if !defined(_OSD_POSIX) && !defined(__DJGPP__) |
| 68 | int read(int, void *, unsigned int); | 68 | int read(int, void *, unsigned int); |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
| @@ -108,7 +108,7 @@ void do_fp(FILE *f) | |||
| 108 | MD4_Init(&c); | 108 | MD4_Init(&c); |
| 109 | for (;;) | 109 | for (;;) |
| 110 | { | 110 | { |
| 111 | i=read(fd,buf,BUFSIZE); | 111 | i=read(fd,buf,sizeof buf); |
| 112 | if (i <= 0) break; | 112 | if (i <= 0) break; |
| 113 | MD4_Update(&c,buf,(unsigned long)i); | 113 | MD4_Update(&c,buf,(unsigned long)i); |
| 114 | } | 114 | } |
diff --git a/src/lib/libssl/src/crypto/md4/md4_dgst.c b/src/lib/libssl/src/crypto/md4/md4_dgst.c index 6446f5f5e7..7afb7185b6 100644 --- a/src/lib/libssl/src/crypto/md4/md4_dgst.c +++ b/src/lib/libssl/src/crypto/md4/md4_dgst.c | |||
| @@ -86,21 +86,7 @@ int MD4_Init(MD4_CTX *c) | |||
| 86 | void md4_block_host_order (MD4_CTX *c, const void *data, int num) | 86 | void md4_block_host_order (MD4_CTX *c, const void *data, int num) |
| 87 | { | 87 | { |
| 88 | const MD4_LONG *X=data; | 88 | const MD4_LONG *X=data; |
| 89 | register unsigned long A,B,C,D; | 89 | register unsigned MD32_REG_T A,B,C,D; |
| 90 | /* | ||
| 91 | * In case you wonder why A-D are declared as long and not | ||
| 92 | * as MD4_LONG. Doing so results in slight performance | ||
| 93 | * boost on LP64 architectures. The catch is we don't | ||
| 94 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 95 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 96 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 97 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 98 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 99 | * Well, to be honest it should say that this *prevents* | ||
| 100 | * performance degradation. | ||
| 101 | * | ||
| 102 | * <appro@fy.chalmers.se> | ||
| 103 | */ | ||
| 104 | 90 | ||
| 105 | A=c->A; | 91 | A=c->A; |
| 106 | B=c->B; | 92 | B=c->B; |
| @@ -176,25 +162,11 @@ void md4_block_host_order (MD4_CTX *c, const void *data, int num) | |||
| 176 | void md4_block_data_order (MD4_CTX *c, const void *data_, int num) | 162 | void md4_block_data_order (MD4_CTX *c, const void *data_, int num) |
| 177 | { | 163 | { |
| 178 | const unsigned char *data=data_; | 164 | const unsigned char *data=data_; |
| 179 | register unsigned long A,B,C,D,l; | 165 | register unsigned MD32_REG_T A,B,C,D,l; |
| 180 | /* | ||
| 181 | * In case you wonder why A-D are declared as long and not | ||
| 182 | * as MD4_LONG. Doing so results in slight performance | ||
| 183 | * boost on LP64 architectures. The catch is we don't | ||
| 184 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 185 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 186 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 187 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 188 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 189 | * Well, to be honest it should say that this *prevents* | ||
| 190 | * performance degradation. | ||
| 191 | * | ||
| 192 | * <appro@fy.chalmers.se> | ||
| 193 | */ | ||
| 194 | #ifndef MD32_XARRAY | 166 | #ifndef MD32_XARRAY |
| 195 | /* See comment in crypto/sha/sha_locl.h for details. */ | 167 | /* See comment in crypto/sha/sha_locl.h for details. */ |
| 196 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 168 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 197 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 169 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 198 | # define X(i) XX##i | 170 | # define X(i) XX##i |
| 199 | #else | 171 | #else |
| 200 | MD4_LONG XX[MD4_LBLOCK]; | 172 | MD4_LONG XX[MD4_LBLOCK]; |
diff --git a/src/lib/libssl/src/crypto/md4/md4_one.c b/src/lib/libssl/src/crypto/md4/md4_one.c index 87a995d38d..00565507e4 100644 --- a/src/lib/libssl/src/crypto/md4/md4_one.c +++ b/src/lib/libssl/src/crypto/md4/md4_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/md4.h> | 61 | #include <openssl/md4.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifdef CHARSET_EBCDIC | 64 | #ifdef CHARSET_EBCDIC |
| 64 | #include <openssl/ebcdic.h> | 65 | #include <openssl/ebcdic.h> |
| @@ -89,7 +90,7 @@ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 89 | } | 90 | } |
| 90 | #endif | 91 | #endif |
| 91 | MD4_Final(md,&c); | 92 | MD4_Final(md,&c); |
| 92 | memset(&c,0,sizeof(c)); /* security consideration */ | 93 | OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ |
| 93 | return(md); | 94 | return(md); |
| 94 | } | 95 | } |
| 95 | 96 | ||
diff --git a/src/lib/libssl/src/crypto/md4/md4test.c b/src/lib/libssl/src/crypto/md4/md4test.c index e0fdc42282..21a77d96f7 100644 --- a/src/lib/libssl/src/crypto/md4/md4test.c +++ b/src/lib/libssl/src/crypto/md4/md4test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_MD4 | 65 | #ifdef OPENSSL_NO_MD4 |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -118,7 +120,7 @@ int main(int argc, char *argv[]) | |||
| 118 | R++; | 120 | R++; |
| 119 | P++; | 121 | P++; |
| 120 | } | 122 | } |
| 121 | exit(err); | 123 | EXIT(err); |
| 122 | return(0); | 124 | return(0); |
| 123 | } | 125 | } |
| 124 | 126 | ||
diff --git a/src/lib/libssl/src/crypto/md5/Makefile.ssl b/src/lib/libssl/src/crypto/md5/Makefile.ssl index 5f1bbfb8ff..b11ab476d6 100644 --- a/src/lib/libssl/src/crypto/md5/Makefile.ssl +++ b/src/lib/libssl/src/crypto/md5/Makefile.ssl | |||
| @@ -21,14 +21,6 @@ MD5_ASM_OBJ= | |||
| 21 | 21 | ||
| 22 | CFLAGS= $(INCLUDES) $(CFLAG) | 22 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 23 | 23 | ||
| 24 | # We let the C compiler driver to take care of .s files. This is done in | ||
| 25 | # order to be excused from maintaining a separate set of architecture | ||
| 26 | # dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC | ||
| 27 | # gcc, then the driver will automatically translate it to -xarch=v8plus | ||
| 28 | # and pass it down to assembler. | ||
| 29 | AS=$(CC) -c | ||
| 30 | ASFLAGS=$(CFLAGS) | ||
| 31 | |||
| 32 | GENERAL=Makefile | 24 | GENERAL=Makefile |
| 33 | TEST=md5test.c | 25 | TEST=md5test.c |
| 34 | APPS= | 26 | APPS= |
| @@ -55,14 +47,8 @@ lib: $(LIBOBJ) | |||
| 55 | @touch lib | 47 | @touch lib |
| 56 | 48 | ||
| 57 | # elf | 49 | # elf |
| 58 | asm/mx86-elf.o: asm/mx86unix.cpp | 50 | asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl |
| 59 | $(CPP) -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o | 51 | (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s) |
| 60 | |||
| 61 | # solaris | ||
| 62 | asm/mx86-sol.o: asm/mx86unix.cpp | ||
| 63 | $(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s | ||
| 64 | as -o asm/mx86-sol.o asm/mx86-sol.s | ||
| 65 | rm -f asm/mx86-sol.s | ||
| 66 | 52 | ||
| 67 | # a.out | 53 | # a.out |
| 68 | asm/mx86-out.o: asm/mx86unix.cpp | 54 | asm/mx86-out.o: asm/mx86unix.cpp |
| @@ -118,18 +104,23 @@ lint: | |||
| 118 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 104 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 119 | 105 | ||
| 120 | depend: | 106 | depend: |
| 121 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 107 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 122 | 108 | ||
| 123 | dclean: | 109 | dclean: |
| 124 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 110 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 125 | mv -f Makefile.new $(MAKEFILE) | 111 | mv -f Makefile.new $(MAKEFILE) |
| 126 | 112 | ||
| 127 | clean: | 113 | clean: |
| 128 | rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 114 | rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 129 | 115 | ||
| 130 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 116 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 131 | 117 | ||
| 132 | md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h | 118 | md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h |
| 119 | md5_dgst.o: ../../include/openssl/opensslconf.h | ||
| 133 | md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c | 120 | md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c |
| 134 | md5_dgst.o: md5_locl.h | 121 | md5_dgst.o: md5_locl.h |
| 135 | md5_one.o: ../../include/openssl/md5.h md5_one.c | 122 | md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 123 | md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h | ||
| 124 | md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 125 | md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 126 | md5_one.o: md5_one.c | ||
diff --git a/src/lib/libssl/src/crypto/md5/md5.c b/src/lib/libssl/src/crypto/md5/md5.c index 7ed0024ae1..563733abc5 100644 --- a/src/lib/libssl/src/crypto/md5/md5.c +++ b/src/lib/libssl/src/crypto/md5/md5.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | void do_fp(FILE *f); | 65 | void do_fp(FILE *f); |
| 66 | void pt(unsigned char *md); | 66 | void pt(unsigned char *md); |
| 67 | #ifndef _OSD_POSIX | 67 | #if !defined(_OSD_POSIX) && !defined(__DJGPP__) |
| 68 | int read(int, void *, unsigned int); | 68 | int read(int, void *, unsigned int); |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
diff --git a/src/lib/libssl/src/crypto/md5/md5.h b/src/lib/libssl/src/crypto/md5/md5.h index 52cb753e6a..a252e02115 100644 --- a/src/lib/libssl/src/crypto/md5/md5.h +++ b/src/lib/libssl/src/crypto/md5/md5.h | |||
| @@ -59,6 +59,8 @@ | |||
| 59 | #ifndef HEADER_MD5_H | 59 | #ifndef HEADER_MD5_H |
| 60 | #define HEADER_MD5_H | 60 | #define HEADER_MD5_H |
| 61 | 61 | ||
| 62 | #include <openssl/e_os2.h> | ||
| 63 | |||
| 62 | #ifdef __cplusplus | 64 | #ifdef __cplusplus |
| 63 | extern "C" { | 65 | extern "C" { |
| 64 | #endif | 66 | #endif |
| @@ -76,7 +78,7 @@ extern "C" { | |||
| 76 | 78 | ||
| 77 | #if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) | 79 | #if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) |
| 78 | #define MD5_LONG unsigned long | 80 | #define MD5_LONG unsigned long |
| 79 | #elif defined(OENSSL_SYS_CRAY) || defined(__ILP64__) | 81 | #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) |
| 80 | #define MD5_LONG unsigned long | 82 | #define MD5_LONG unsigned long |
| 81 | #define MD5_LONG_LOG2 3 | 83 | #define MD5_LONG_LOG2 3 |
| 82 | /* | 84 | /* |
diff --git a/src/lib/libssl/src/crypto/md5/md5_dgst.c b/src/lib/libssl/src/crypto/md5/md5_dgst.c index c38a3f021e..9c7abc3697 100644 --- a/src/lib/libssl/src/crypto/md5/md5_dgst.c +++ b/src/lib/libssl/src/crypto/md5/md5_dgst.c | |||
| @@ -86,21 +86,7 @@ int MD5_Init(MD5_CTX *c) | |||
| 86 | void md5_block_host_order (MD5_CTX *c, const void *data, int num) | 86 | void md5_block_host_order (MD5_CTX *c, const void *data, int num) |
| 87 | { | 87 | { |
| 88 | const MD5_LONG *X=data; | 88 | const MD5_LONG *X=data; |
| 89 | register unsigned long A,B,C,D; | 89 | register unsigned MD32_REG_T A,B,C,D; |
| 90 | /* | ||
| 91 | * In case you wonder why A-D are declared as long and not | ||
| 92 | * as MD5_LONG. Doing so results in slight performance | ||
| 93 | * boost on LP64 architectures. The catch is we don't | ||
| 94 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 95 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 96 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 97 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 98 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 99 | * Well, to be honest it should say that this *prevents* | ||
| 100 | * performance degradation. | ||
| 101 | * | ||
| 102 | * <appro@fy.chalmers.se> | ||
| 103 | */ | ||
| 104 | 90 | ||
| 105 | A=c->A; | 91 | A=c->A; |
| 106 | B=c->B; | 92 | B=c->B; |
| @@ -193,25 +179,11 @@ void md5_block_host_order (MD5_CTX *c, const void *data, int num) | |||
| 193 | void md5_block_data_order (MD5_CTX *c, const void *data_, int num) | 179 | void md5_block_data_order (MD5_CTX *c, const void *data_, int num) |
| 194 | { | 180 | { |
| 195 | const unsigned char *data=data_; | 181 | const unsigned char *data=data_; |
| 196 | register unsigned long A,B,C,D,l; | 182 | register unsigned MD32_REG_T A,B,C,D,l; |
| 197 | /* | ||
| 198 | * In case you wonder why A-D are declared as long and not | ||
| 199 | * as MD5_LONG. Doing so results in slight performance | ||
| 200 | * boost on LP64 architectures. The catch is we don't | ||
| 201 | * really care if 32 MSBs of a 64-bit register get polluted | ||
| 202 | * with eventual overflows as we *save* only 32 LSBs in | ||
| 203 | * *either* case. Now declaring 'em long excuses the compiler | ||
| 204 | * from keeping 32 MSBs zeroed resulting in 13% performance | ||
| 205 | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. | ||
| 206 | * Well, to be honest it should say that this *prevents* | ||
| 207 | * performance degradation. | ||
| 208 | * | ||
| 209 | * <appro@fy.chalmers.se> | ||
| 210 | */ | ||
| 211 | #ifndef MD32_XARRAY | 183 | #ifndef MD32_XARRAY |
| 212 | /* See comment in crypto/sha/sha_locl.h for details. */ | 184 | /* See comment in crypto/sha/sha_locl.h for details. */ |
| 213 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 185 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 214 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 186 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 215 | # define X(i) XX##i | 187 | # define X(i) XX##i |
| 216 | #else | 188 | #else |
| 217 | MD5_LONG XX[MD5_LBLOCK]; | 189 | MD5_LONG XX[MD5_LBLOCK]; |
diff --git a/src/lib/libssl/src/crypto/md5/md5_locl.h b/src/lib/libssl/src/crypto/md5/md5_locl.h index 34c5257306..9e360da732 100644 --- a/src/lib/libssl/src/crypto/md5/md5_locl.h +++ b/src/lib/libssl/src/crypto/md5/md5_locl.h | |||
| @@ -58,7 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/opensslconf.h> | 61 | #include <openssl/e_os2.h> |
| 62 | #include <openssl/md5.h> | 62 | #include <openssl/md5.h> |
| 63 | 63 | ||
| 64 | #ifndef MD5_LONG_LOG2 | 64 | #ifndef MD5_LONG_LOG2 |
diff --git a/src/lib/libssl/src/crypto/md5/md5_one.c b/src/lib/libssl/src/crypto/md5/md5_one.c index b89dec850d..c5dd2d81db 100644 --- a/src/lib/libssl/src/crypto/md5/md5_one.c +++ b/src/lib/libssl/src/crypto/md5/md5_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/md5.h> | 61 | #include <openssl/md5.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifdef CHARSET_EBCDIC | 64 | #ifdef CHARSET_EBCDIC |
| 64 | #include <openssl/ebcdic.h> | 65 | #include <openssl/ebcdic.h> |
| @@ -89,7 +90,7 @@ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 89 | } | 90 | } |
| 90 | #endif | 91 | #endif |
| 91 | MD5_Final(md,&c); | 92 | MD5_Final(md,&c); |
| 92 | memset(&c,0,sizeof(c)); /* security consideration */ | 93 | OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ |
| 93 | return(md); | 94 | return(md); |
| 94 | } | 95 | } |
| 95 | 96 | ||
diff --git a/src/lib/libssl/src/crypto/md5/md5test.c b/src/lib/libssl/src/crypto/md5/md5test.c index 862b89658a..bfd62629ed 100644 --- a/src/lib/libssl/src/crypto/md5/md5test.c +++ b/src/lib/libssl/src/crypto/md5/md5test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_MD5 | 65 | #ifdef OPENSSL_NO_MD5 |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -118,7 +120,7 @@ int main(int argc, char *argv[]) | |||
| 118 | R++; | 120 | R++; |
| 119 | P++; | 121 | P++; |
| 120 | } | 122 | } |
| 121 | exit(err); | 123 | EXIT(err); |
| 122 | return(0); | 124 | return(0); |
| 123 | } | 125 | } |
| 124 | 126 | ||
diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile.ssl b/src/lib/libssl/src/crypto/mdc2/Makefile.ssl index 087b8eb9ee..33f366fb08 100644 --- a/src/lib/libssl/src/crypto/mdc2/Makefile.ssl +++ b/src/lib/libssl/src/crypto/mdc2/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/mem.c b/src/lib/libssl/src/crypto/mem.c index 87d0ebc714..29df7d35b2 100644 --- a/src/lib/libssl/src/crypto/mem.c +++ b/src/lib/libssl/src/crypto/mem.c | |||
| @@ -250,6 +250,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), | |||
| 250 | void *CRYPTO_malloc_locked(int num, const char *file, int line) | 250 | void *CRYPTO_malloc_locked(int num, const char *file, int line) |
| 251 | { | 251 | { |
| 252 | void *ret = NULL; | 252 | void *ret = NULL; |
| 253 | extern unsigned char cleanse_ctr; | ||
| 253 | 254 | ||
| 254 | if (num < 0) return NULL; | 255 | if (num < 0) return NULL; |
| 255 | 256 | ||
| @@ -266,6 +267,12 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) | |||
| 266 | if (malloc_debug_func != NULL) | 267 | if (malloc_debug_func != NULL) |
| 267 | malloc_debug_func(ret, num, file, line, 1); | 268 | malloc_debug_func(ret, num, file, line, 1); |
| 268 | 269 | ||
| 270 | /* Create a dependency on the value of 'cleanse_ctr' so our memory | ||
| 271 | * sanitisation function can't be optimised out. NB: We only do | ||
| 272 | * this for >2Kb so the overhead doesn't bother us. */ | ||
| 273 | if(ret && (num > 2048)) | ||
| 274 | ((unsigned char *)ret)[0] = cleanse_ctr; | ||
| 275 | |||
| 269 | return ret; | 276 | return ret; |
| 270 | } | 277 | } |
| 271 | 278 | ||
| @@ -284,6 +291,7 @@ void CRYPTO_free_locked(void *str) | |||
| 284 | void *CRYPTO_malloc(int num, const char *file, int line) | 291 | void *CRYPTO_malloc(int num, const char *file, int line) |
| 285 | { | 292 | { |
| 286 | void *ret = NULL; | 293 | void *ret = NULL; |
| 294 | extern unsigned char cleanse_ctr; | ||
| 287 | 295 | ||
| 288 | if (num < 0) return NULL; | 296 | if (num < 0) return NULL; |
| 289 | 297 | ||
| @@ -300,6 +308,12 @@ void *CRYPTO_malloc(int num, const char *file, int line) | |||
| 300 | if (malloc_debug_func != NULL) | 308 | if (malloc_debug_func != NULL) |
| 301 | malloc_debug_func(ret, num, file, line, 1); | 309 | malloc_debug_func(ret, num, file, line, 1); |
| 302 | 310 | ||
| 311 | /* Create a dependency on the value of 'cleanse_ctr' so our memory | ||
| 312 | * sanitisation function can't be optimised out. NB: We only do | ||
| 313 | * this for >2Kb so the overhead doesn't bother us. */ | ||
| 314 | if(ret && (num > 2048)) | ||
| 315 | ((unsigned char *)ret)[0] = cleanse_ctr; | ||
| 316 | |||
| 303 | return ret; | 317 | return ret; |
| 304 | } | 318 | } |
| 305 | 319 | ||
| @@ -310,8 +324,8 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) | |||
| 310 | if (str == NULL) | 324 | if (str == NULL) |
| 311 | return CRYPTO_malloc(num, file, line); | 325 | return CRYPTO_malloc(num, file, line); |
| 312 | 326 | ||
| 313 | if (num < 0) return NULL; | 327 | if (num < 0) return NULL; |
| 314 | 328 | ||
| 315 | if (realloc_debug_func != NULL) | 329 | if (realloc_debug_func != NULL) |
| 316 | realloc_debug_func(str, NULL, num, file, line, 0); | 330 | realloc_debug_func(str, NULL, num, file, line, 0); |
| 317 | ret = realloc_ex_func(str,num,file,line); | 331 | ret = realloc_ex_func(str,num,file,line); |
| @@ -324,6 +338,32 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) | |||
| 324 | return ret; | 338 | return ret; |
| 325 | } | 339 | } |
| 326 | 340 | ||
| 341 | void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, | ||
| 342 | int line) | ||
| 343 | { | ||
| 344 | void *ret = NULL; | ||
| 345 | |||
| 346 | if (str == NULL) | ||
| 347 | return CRYPTO_malloc(num, file, line); | ||
| 348 | |||
| 349 | if (num < 0) return NULL; | ||
| 350 | |||
| 351 | if (realloc_debug_func != NULL) | ||
| 352 | realloc_debug_func(str, NULL, num, file, line, 0); | ||
| 353 | ret=malloc_ex_func(num,file,line); | ||
| 354 | if(ret) | ||
| 355 | memcpy(ret,str,old_len); | ||
| 356 | OPENSSL_cleanse(str,old_len); | ||
| 357 | free_func(str); | ||
| 358 | #ifdef LEVITTE_DEBUG_MEM | ||
| 359 | fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num); | ||
| 360 | #endif | ||
| 361 | if (realloc_debug_func != NULL) | ||
| 362 | realloc_debug_func(str, ret, num, file, line, 1); | ||
| 363 | |||
| 364 | return ret; | ||
| 365 | } | ||
| 366 | |||
| 327 | void CRYPTO_free(void *str) | 367 | void CRYPTO_free(void *str) |
| 328 | { | 368 | { |
| 329 | if (free_debug_func != NULL) | 369 | if (free_debug_func != NULL) |
| @@ -343,7 +383,6 @@ void *CRYPTO_remalloc(void *a, int num, const char *file, int line) | |||
| 343 | return(a); | 383 | return(a); |
| 344 | } | 384 | } |
| 345 | 385 | ||
| 346 | |||
| 347 | void CRYPTO_set_mem_debug_options(long bits) | 386 | void CRYPTO_set_mem_debug_options(long bits) |
| 348 | { | 387 | { |
| 349 | if (set_debug_options_func != NULL) | 388 | if (set_debug_options_func != NULL) |
diff --git a/src/lib/libssl/src/crypto/mem_dbg.c b/src/lib/libssl/src/crypto/mem_dbg.c index ea94eee6f4..9221df00bd 100644 --- a/src/lib/libssl/src/crypto/mem_dbg.c +++ b/src/lib/libssl/src/crypto/mem_dbg.c | |||
| @@ -102,6 +102,8 @@ typedef struct app_mem_info_st | |||
| 102 | int references; | 102 | int references; |
| 103 | } APP_INFO; | 103 | } APP_INFO; |
| 104 | 104 | ||
| 105 | static void app_info_free(APP_INFO *); | ||
| 106 | |||
| 105 | static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's | 107 | static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's |
| 106 | * that are at the top of their thread's stack | 108 | * that are at the top of their thread's stack |
| 107 | * (with `thread' as key); | 109 | * (with `thread' as key); |
| @@ -140,6 +142,18 @@ static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0. | |||
| 140 | * thread named in disabling_thread). | 142 | * thread named in disabling_thread). |
| 141 | */ | 143 | */ |
| 142 | 144 | ||
| 145 | static void app_info_free(APP_INFO *inf) | ||
| 146 | { | ||
| 147 | if (--(inf->references) <= 0) | ||
| 148 | { | ||
| 149 | if (inf->next != NULL) | ||
| 150 | { | ||
| 151 | app_info_free(inf->next); | ||
| 152 | } | ||
| 153 | OPENSSL_free(inf); | ||
| 154 | } | ||
| 155 | } | ||
| 156 | |||
| 143 | int CRYPTO_mem_ctrl(int mode) | 157 | int CRYPTO_mem_ctrl(int mode) |
| 144 | { | 158 | { |
| 145 | int ret=mh_mode; | 159 | int ret=mh_mode; |
| @@ -502,9 +516,7 @@ void CRYPTO_dbg_free(void *addr, int before_p) | |||
| 502 | mp->order, mp->addr, mp->num); | 516 | mp->order, mp->addr, mp->num); |
| 503 | #endif | 517 | #endif |
| 504 | if (mp->app_info != NULL) | 518 | if (mp->app_info != NULL) |
| 505 | { | 519 | app_info_free(mp->app_info); |
| 506 | mp->app_info->references--; | ||
| 507 | } | ||
| 508 | OPENSSL_free(mp); | 520 | OPENSSL_free(mp); |
| 509 | } | 521 | } |
| 510 | 522 | ||
| @@ -669,7 +681,6 @@ static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *) | |||
| 669 | void CRYPTO_mem_leaks(BIO *b) | 681 | void CRYPTO_mem_leaks(BIO *b) |
| 670 | { | 682 | { |
| 671 | MEM_LEAK ml; | 683 | MEM_LEAK ml; |
| 672 | char buf[80]; | ||
| 673 | 684 | ||
| 674 | if (mh == NULL && amih == NULL) | 685 | if (mh == NULL && amih == NULL) |
| 675 | return; | 686 | return; |
| @@ -684,9 +695,8 @@ void CRYPTO_mem_leaks(BIO *b) | |||
| 684 | (char *)&ml); | 695 | (char *)&ml); |
| 685 | if (ml.chunks != 0) | 696 | if (ml.chunks != 0) |
| 686 | { | 697 | { |
| 687 | snprintf(buf,sizeof buf,"%ld bytes leaked in %d chunks\n", | 698 | BIO_printf(b,"%ld bytes leaked in %d chunks\n", |
| 688 | ml.bytes,ml.chunks); | 699 | ml.bytes,ml.chunks); |
| 689 | BIO_puts(b,buf); | ||
| 690 | } | 700 | } |
| 691 | else | 701 | else |
| 692 | { | 702 | { |
diff --git a/src/lib/libssl/src/crypto/o_time.c b/src/lib/libssl/src/crypto/o_time.c index 1bc0297b36..723eb1b5af 100644 --- a/src/lib/libssl/src/crypto/o_time.c +++ b/src/lib/libssl/src/crypto/o_time.c | |||
| @@ -80,6 +80,9 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) | |||
| 80 | ts = result; | 80 | ts = result; |
| 81 | #elif !defined(OPENSSL_SYS_VMS) | 81 | #elif !defined(OPENSSL_SYS_VMS) |
| 82 | ts = gmtime(timer); | 82 | ts = gmtime(timer); |
| 83 | if (ts == NULL) | ||
| 84 | return NULL; | ||
| 85 | |||
| 83 | memcpy(result, ts, sizeof(struct tm)); | 86 | memcpy(result, ts, sizeof(struct tm)); |
| 84 | ts = result; | 87 | ts = result; |
| 85 | #endif | 88 | #endif |
diff --git a/src/lib/libssl/src/crypto/objects/Makefile.ssl b/src/lib/libssl/src/crypto/objects/Makefile.ssl index cd5cbc95ce..3e7a194cf9 100644 --- a/src/lib/libssl/src/crypto/objects/Makefile.ssl +++ b/src/lib/libssl/src/crypto/objects/Makefile.ssl | |||
| @@ -76,7 +76,7 @@ lint: | |||
| 76 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 76 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 77 | 77 | ||
| 78 | depend: | 78 | depend: |
| 79 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 79 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 80 | 80 | ||
| 81 | dclean: | 81 | dclean: |
| 82 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 82 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c index 202bd168ac..ae97108e93 100644 --- a/src/lib/libssl/src/crypto/objects/obj_dat.c +++ b/src/lib/libssl/src/crypto/objects/obj_dat.c | |||
| @@ -464,7 +464,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | |||
| 464 | 464 | ||
| 465 | snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); | 465 | snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); |
| 466 | i=strlen(tbuf); | 466 | i=strlen(tbuf); |
| 467 | strncpy(buf,tbuf,buf_len); | 467 | BUF_strlcpy(buf,tbuf,buf_len); |
| 468 | buf_len-=i; | 468 | buf_len-=i; |
| 469 | buf+=i; | 469 | buf+=i; |
| 470 | n+=i; | 470 | n+=i; |
| @@ -476,7 +476,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | |||
| 476 | snprintf(tbuf,sizeof tbuf,".%lu",l); | 476 | snprintf(tbuf,sizeof tbuf,".%lu",l); |
| 477 | i=strlen(tbuf); | 477 | i=strlen(tbuf); |
| 478 | if (buf_len > 0) | 478 | if (buf_len > 0) |
| 479 | strncpy(buf,tbuf,buf_len); | 479 | BUF_strlcpy(buf,tbuf,buf_len); |
| 480 | buf_len-=i; | 480 | buf_len-=i; |
| 481 | buf+=i; | 481 | buf+=i; |
| 482 | n+=i; | 482 | n+=i; |
| @@ -488,10 +488,9 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | |||
| 488 | s=OBJ_nid2ln(nid); | 488 | s=OBJ_nid2ln(nid); |
| 489 | if (s == NULL) | 489 | if (s == NULL) |
| 490 | s=OBJ_nid2sn(nid); | 490 | s=OBJ_nid2sn(nid); |
| 491 | strncpy(buf,s,buf_len); | 491 | BUF_strlcpy(buf,s,buf_len); |
| 492 | n=strlen(s); | 492 | n=strlen(s); |
| 493 | } | 493 | } |
| 494 | buf[buf_len-1]='\0'; | ||
| 495 | return(n); | 494 | return(n); |
| 496 | } | 495 | } |
| 497 | 496 | ||
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.num b/src/lib/libssl/src/crypto/objects/obj_mac.num index 1486199661..9838072b65 100644 --- a/src/lib/libssl/src/crypto/objects/obj_mac.num +++ b/src/lib/libssl/src/crypto/objects/obj_mac.num | |||
| @@ -645,3 +645,5 @@ rsaOAEPEncryptionSET 644 | |||
| 645 | itu_t 645 | 645 | itu_t 645 |
| 646 | joint_iso_itu_t 646 | 646 | joint_iso_itu_t 646 |
| 647 | international_organizations 647 | 647 | international_organizations 647 |
| 648 | ms_smartcard_login 648 | ||
| 649 | ms_upn 649 | ||
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt index 71a4908485..3ba11f65cc 100644 --- a/src/lib/libssl/src/crypto/objects/objects.txt +++ b/src/lib/libssl/src/crypto/objects/objects.txt | |||
| @@ -276,6 +276,10 @@ rsadsi 3 8 : RC5-CBC : rc5-cbc | |||
| 276 | 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto | 276 | 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto |
| 277 | !Cname ms-efs | 277 | !Cname ms-efs |
| 278 | 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System | 278 | 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System |
| 279 | !Cname ms-smartcard-login | ||
| 280 | 1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin | ||
| 281 | !Cname ms-upn | ||
| 282 | 1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name | ||
| 279 | 283 | ||
| 280 | 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc | 284 | 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc |
| 281 | : IDEA-ECB : idea-ecb | 285 | : IDEA-ECB : idea-ecb |
| @@ -537,7 +541,7 @@ X509 11 : OU : organizationalUnitName | |||
| 537 | X509 12 : : title | 541 | X509 12 : : title |
| 538 | X509 13 : : description | 542 | X509 13 : : description |
| 539 | X509 41 : name : name | 543 | X509 41 : name : name |
| 540 | X509 42 : gn : givenName | 544 | X509 42 : GN : givenName |
| 541 | X509 43 : : initials | 545 | X509 43 : : initials |
| 542 | X509 44 : : generationQualifier | 546 | X509 44 : : generationQualifier |
| 543 | X509 45 : : x500UniqueIdentifier | 547 | X509 45 : : x500UniqueIdentifier |
diff --git a/src/lib/libssl/src/crypto/ocsp/Makefile.ssl b/src/lib/libssl/src/crypto/ocsp/Makefile.ssl index 2be98179ae..02477be538 100644 --- a/src/lib/libssl/src/crypto/ocsp/Makefile.ssl +++ b/src/lib/libssl/src/crypto/ocsp/Makefile.ssl | |||
| @@ -43,7 +43,7 @@ all: lib | |||
| 43 | 43 | ||
| 44 | lib: $(LIBOBJ) | 44 | lib: $(LIBOBJ) |
| 45 | $(AR) $(LIB) $(LIBOBJ) | 45 | $(AR) $(LIB) $(LIBOBJ) |
| 46 | $(RANLIB) $(LIB) | 46 | $(RANLIB) $(LIB) || echo Never mind. |
| 47 | @touch lib | 47 | @touch lib |
| 48 | 48 | ||
| 49 | files: | 49 | files: |
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c b/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c index 8c148cda6a..6a3a360d54 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c | |||
| @@ -117,7 +117,7 @@ IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE) | |||
| 117 | 117 | ||
| 118 | ASN1_CHOICE(OCSP_RESPID) = { | 118 | ASN1_CHOICE(OCSP_RESPID) = { |
| 119 | ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1), | 119 | ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1), |
| 120 | ASN1_IMP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2) | 120 | ASN1_EXP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2) |
| 121 | } ASN1_CHOICE_END(OCSP_RESPID) | 121 | } ASN1_CHOICE_END(OCSP_RESPID) |
| 122 | 122 | ||
| 123 | IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID) | 123 | IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID) |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c index b78cd37092..9213e58ae4 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c | |||
| @@ -64,6 +64,9 @@ | |||
| 64 | #include <openssl/ocsp.h> | 64 | #include <openssl/ocsp.h> |
| 65 | #include <openssl/err.h> | 65 | #include <openssl/err.h> |
| 66 | #include <openssl/buffer.h> | 66 | #include <openssl/buffer.h> |
| 67 | #ifdef OPENSSL_SYS_SUNOS | ||
| 68 | #define strtoul (unsigned long)strtol | ||
| 69 | #endif /* OPENSSL_SYS_SUNOS */ | ||
| 67 | 70 | ||
| 68 | /* Quick and dirty HTTP OCSP request handler. | 71 | /* Quick and dirty HTTP OCSP request handler. |
| 69 | * Could make this a bit cleverer by adding | 72 | * Could make this a bit cleverer by adding |
| @@ -94,7 +97,7 @@ Content-Length: %d\r\n\r\n"; | |||
| 94 | } | 97 | } |
| 95 | if(!(mem = BIO_new(BIO_s_mem()))) goto err; | 98 | if(!(mem = BIO_new(BIO_s_mem()))) goto err; |
| 96 | /* Copy response to a memory BIO: socket bios can't do gets! */ | 99 | /* Copy response to a memory BIO: socket bios can't do gets! */ |
| 97 | while ((len = BIO_read(b, tmpbuf, 1024))) { | 100 | while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) { |
| 98 | if(len < 0) { | 101 | if(len < 0) { |
| 99 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); | 102 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); |
| 100 | goto err; | 103 | goto err; |
| @@ -107,7 +110,7 @@ Content-Length: %d\r\n\r\n"; | |||
| 107 | } | 110 | } |
| 108 | /* Parse the HTTP response. This will look like this: | 111 | /* Parse the HTTP response. This will look like this: |
| 109 | * "HTTP/1.0 200 OK". We need to obtain the numeric code and | 112 | * "HTTP/1.0 200 OK". We need to obtain the numeric code and |
| 110 | * informational message. | 113 | * (optional) informational message. |
| 111 | */ | 114 | */ |
| 112 | 115 | ||
| 113 | /* Skip to first white space (passed protocol info) */ | 116 | /* Skip to first white space (passed protocol info) */ |
| @@ -135,13 +138,19 @@ Content-Length: %d\r\n\r\n"; | |||
| 135 | if(*r) goto err; | 138 | if(*r) goto err; |
| 136 | /* Skip over any leading white space in message */ | 139 | /* Skip over any leading white space in message */ |
| 137 | while(*q && isspace((unsigned char)*q)) q++; | 140 | while(*q && isspace((unsigned char)*q)) q++; |
| 138 | if(!*q) goto err; | 141 | if(*q) { |
| 139 | /* Finally zap any trailing white space in message (include CRLF) */ | 142 | /* Finally zap any trailing white space in message (include CRLF) */ |
| 140 | /* We know q has a non white space character so this is OK */ | 143 | /* We know q has a non white space character so this is OK */ |
| 141 | for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; | 144 | for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; |
| 145 | } | ||
| 142 | if(retcode != 200) { | 146 | if(retcode != 200) { |
| 143 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); | 147 | OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); |
| 144 | ERR_add_error_data(4, "Code=", p, ",Reason=", q); | 148 | if(!*q) { |
| 149 | ERR_add_error_data(2, "Code=", p); | ||
| 150 | } | ||
| 151 | else { | ||
| 152 | ERR_add_error_data(4, "Code=", p, ",Reason=", q); | ||
| 153 | } | ||
| 145 | goto err; | 154 | goto err; |
| 146 | } | 155 | } |
| 147 | /* Find blank line marking beginning of content */ | 156 | /* Find blank line marking beginning of content */ |
diff --git a/src/lib/libssl/src/crypto/opensslconf.h.in b/src/lib/libssl/src/crypto/opensslconf.h.in index 9082a16c46..685e83b7a3 100644 --- a/src/lib/libssl/src/crypto/opensslconf.h.in +++ b/src/lib/libssl/src/crypto/opensslconf.h.in | |||
| @@ -47,7 +47,7 @@ | |||
| 47 | #endif | 47 | #endif |
| 48 | #endif | 48 | #endif |
| 49 | 49 | ||
| 50 | #if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG) | 50 | #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) |
| 51 | /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a | 51 | /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a |
| 52 | * %20 speed up (longs are 8 bytes, int's are 4). */ | 52 | * %20 speed up (longs are 8 bytes, int's are 4). */ |
| 53 | #ifndef DES_LONG | 53 | #ifndef DES_LONG |
diff --git a/src/lib/libssl/src/crypto/opensslv.h b/src/lib/libssl/src/crypto/opensslv.h index 9689b49c5b..08cb1d5018 100644 --- a/src/lib/libssl/src/crypto/opensslv.h +++ b/src/lib/libssl/src/crypto/opensslv.h | |||
| @@ -25,8 +25,8 @@ | |||
| 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for | 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 26 | * major minor fix final patch/beta) | 26 | * major minor fix final patch/beta) |
| 27 | */ | 27 | */ |
| 28 | #define OPENSSL_VERSION_NUMBER 0x00907003L | 28 | #define OPENSSL_VERSION_NUMBER 0x0090702fL |
| 29 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7-beta3 30 Jul 2002" | 29 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7b 10 Apr 2003" |
| 30 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT | 30 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
| 31 | 31 | ||
| 32 | 32 | ||
diff --git a/src/lib/libssl/src/crypto/ossl_typ.h b/src/lib/libssl/src/crypto/ossl_typ.h index 6bd42aee4d..285fd0b1d9 100644 --- a/src/lib/libssl/src/crypto/ossl_typ.h +++ b/src/lib/libssl/src/crypto/ossl_typ.h | |||
| @@ -55,6 +55,8 @@ | |||
| 55 | #ifndef HEADER_OPENSSL_TYPES_H | 55 | #ifndef HEADER_OPENSSL_TYPES_H |
| 56 | #define HEADER_OPENSSL_TYPES_H | 56 | #define HEADER_OPENSSL_TYPES_H |
| 57 | 57 | ||
| 58 | #include <openssl/e_os2.h> | ||
| 59 | |||
| 58 | #ifdef NO_ASN1_TYPEDEFS | 60 | #ifdef NO_ASN1_TYPEDEFS |
| 59 | #define ASN1_INTEGER ASN1_STRING | 61 | #define ASN1_INTEGER ASN1_STRING |
| 60 | #define ASN1_ENUMERATED ASN1_STRING | 62 | #define ASN1_ENUMERATED ASN1_STRING |
diff --git a/src/lib/libssl/src/crypto/pem/Makefile.ssl b/src/lib/libssl/src/crypto/pem/Makefile.ssl index 5075d9107b..d3043eb401 100644 --- a/src/lib/libssl/src/crypto/pem/Makefile.ssl +++ b/src/lib/libssl/src/crypto/pem/Makefile.ssl | |||
| @@ -71,7 +71,7 @@ lint: | |||
| 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 71 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 72 | 72 | ||
| 73 | depend: | 73 | depend: |
| 74 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(LIBSRC) | 74 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) |
| 75 | 75 | ||
| 76 | dclean: | 76 | dclean: |
| 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 77 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/pem/pem.h b/src/lib/libssl/src/crypto/pem/pem.h index 3785fca77d..d330cbf9a3 100644 --- a/src/lib/libssl/src/crypto/pem/pem.h +++ b/src/lib/libssl/src/crypto/pem/pem.h | |||
| @@ -149,7 +149,7 @@ typedef struct pem_recip_st | |||
| 149 | 149 | ||
| 150 | int cipher; | 150 | int cipher; |
| 151 | int key_enc; | 151 | int key_enc; |
| 152 | char iv[8]; | 152 | /* char iv[8]; unused and wrong size */ |
| 153 | } PEM_USER; | 153 | } PEM_USER; |
| 154 | 154 | ||
| 155 | typedef struct pem_ctx_st | 155 | typedef struct pem_ctx_st |
| @@ -165,7 +165,8 @@ typedef struct pem_ctx_st | |||
| 165 | 165 | ||
| 166 | struct { | 166 | struct { |
| 167 | int cipher; | 167 | int cipher; |
| 168 | unsigned char iv[8]; | 168 | /* unused, and wrong size |
| 169 | unsigned char iv[8]; */ | ||
| 169 | } DEK_info; | 170 | } DEK_info; |
| 170 | 171 | ||
| 171 | PEM_USER *originator; | 172 | PEM_USER *originator; |
| @@ -187,7 +188,8 @@ typedef struct pem_ctx_st | |||
| 187 | EVP_CIPHER *dec; /* date encryption cipher */ | 188 | EVP_CIPHER *dec; /* date encryption cipher */ |
| 188 | int key_len; /* key length */ | 189 | int key_len; /* key length */ |
| 189 | unsigned char *key; /* key */ | 190 | unsigned char *key; /* key */ |
| 190 | unsigned char iv[8]; /* the iv */ | 191 | /* unused, and wrong size |
| 192 | unsigned char iv[8]; */ | ||
| 191 | 193 | ||
| 192 | 194 | ||
| 193 | int data_enc; /* is the data encrypted */ | 195 | int data_enc; /* is the data encrypted */ |
diff --git a/src/lib/libssl/src/crypto/pem/pem_info.c b/src/lib/libssl/src/crypto/pem/pem_info.c index 9a6dffb45c..9e4af29c95 100644 --- a/src/lib/libssl/src/crypto/pem/pem_info.c +++ b/src/lib/libssl/src/crypto/pem/pem_info.c | |||
| @@ -324,6 +324,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, | |||
| 324 | } | 324 | } |
| 325 | 325 | ||
| 326 | /* create the right magic header stuff */ | 326 | /* create the right magic header stuff */ |
| 327 | OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf); | ||
| 327 | buf[0]='\0'; | 328 | buf[0]='\0'; |
| 328 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); | 329 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); |
| 329 | PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv); | 330 | PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv); |
| @@ -358,7 +359,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, | |||
| 358 | ret=1; | 359 | ret=1; |
| 359 | 360 | ||
| 360 | err: | 361 | err: |
| 361 | memset((char *)&ctx,0,sizeof(ctx)); | 362 | OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); |
| 362 | memset(buf,0,PEM_BUFSIZE); | 363 | OPENSSL_cleanse(buf,PEM_BUFSIZE); |
| 363 | return(ret); | 364 | return(ret); |
| 364 | } | 365 | } |
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c index 50f5733654..3bec2d7e9f 100644 --- a/src/lib/libssl/src/crypto/pem/pem_lib.c +++ b/src/lib/libssl/src/crypto/pem/pem_lib.c | |||
| @@ -138,7 +138,7 @@ void PEM_proc_type(char *buf, int type) | |||
| 138 | 138 | ||
| 139 | void PEM_dek_info(char *buf, const char *type, int len, char *str) | 139 | void PEM_dek_info(char *buf, const char *type, int len, char *str) |
| 140 | { | 140 | { |
| 141 | static unsigned char map[17]="0123456789ABCDEF"; | 141 | static const unsigned char map[17]="0123456789ABCDEF"; |
| 142 | long i; | 142 | long i; |
| 143 | int j; | 143 | int j; |
| 144 | 144 | ||
| @@ -251,7 +251,7 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char | |||
| 251 | ret = 1; | 251 | ret = 1; |
| 252 | 252 | ||
| 253 | err: | 253 | err: |
| 254 | if (!pnm) OPENSSL_free(nm); | 254 | if (!ret || !pnm) OPENSSL_free(nm); |
| 255 | OPENSSL_free(header); | 255 | OPENSSL_free(header); |
| 256 | if (!ret) OPENSSL_free(data); | 256 | if (!ret) OPENSSL_free(data); |
| 257 | return ret; | 257 | return ret; |
| @@ -306,6 +306,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 306 | goto err; | 306 | goto err; |
| 307 | } | 307 | } |
| 308 | /* dzise + 8 bytes are needed */ | 308 | /* dzise + 8 bytes are needed */ |
| 309 | /* actually it needs the cipher block size extra... */ | ||
| 309 | data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); | 310 | data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); |
| 310 | if (data == NULL) | 311 | if (data == NULL) |
| 311 | { | 312 | { |
| @@ -335,13 +336,16 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 335 | kstr=(unsigned char *)buf; | 336 | kstr=(unsigned char *)buf; |
| 336 | } | 337 | } |
| 337 | RAND_add(data,i,0);/* put in the RSA key. */ | 338 | RAND_add(data,i,0);/* put in the RSA key. */ |
| 339 | OPENSSL_assert(enc->iv_len <= sizeof iv); | ||
| 338 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ | 340 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ |
| 339 | goto err; | 341 | goto err; |
| 340 | /* The 'iv' is used as the iv and as a salt. It is | 342 | /* The 'iv' is used as the iv and as a salt. It is |
| 341 | * NOT taken from the BytesToKey function */ | 343 | * NOT taken from the BytesToKey function */ |
| 342 | EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL); | 344 | EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL); |
| 343 | 345 | ||
| 344 | if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE); | 346 | if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE); |
| 347 | |||
| 348 | OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf); | ||
| 345 | 349 | ||
| 346 | buf[0]='\0'; | 350 | buf[0]='\0'; |
| 347 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); | 351 | PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); |
| @@ -364,13 +368,13 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, | |||
| 364 | i=PEM_write_bio(bp,name,buf,data,i); | 368 | i=PEM_write_bio(bp,name,buf,data,i); |
| 365 | if (i <= 0) ret=0; | 369 | if (i <= 0) ret=0; |
| 366 | err: | 370 | err: |
| 367 | memset(key,0,sizeof(key)); | 371 | OPENSSL_cleanse(key,sizeof(key)); |
| 368 | memset(iv,0,sizeof(iv)); | 372 | OPENSSL_cleanse(iv,sizeof(iv)); |
| 369 | memset((char *)&ctx,0,sizeof(ctx)); | 373 | OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); |
| 370 | memset(buf,0,PEM_BUFSIZE); | 374 | OPENSSL_cleanse(buf,PEM_BUFSIZE); |
| 371 | if (data != NULL) | 375 | if (data != NULL) |
| 372 | { | 376 | { |
| 373 | memset(data,0,(unsigned int)dsize); | 377 | OPENSSL_cleanse(data,(unsigned int)dsize); |
| 374 | OPENSSL_free(data); | 378 | OPENSSL_free(data); |
| 375 | } | 379 | } |
| 376 | return(ret); | 380 | return(ret); |
| @@ -411,8 +415,8 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, | |||
| 411 | EVP_DecryptUpdate(&ctx,data,&i,data,j); | 415 | EVP_DecryptUpdate(&ctx,data,&i,data,j); |
| 412 | o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j); | 416 | o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j); |
| 413 | EVP_CIPHER_CTX_cleanup(&ctx); | 417 | EVP_CIPHER_CTX_cleanup(&ctx); |
| 414 | memset((char *)buf,0,sizeof(buf)); | 418 | OPENSSL_cleanse((char *)buf,sizeof(buf)); |
| 415 | memset((char *)key,0,sizeof(key)); | 419 | OPENSSL_cleanse((char *)key,sizeof(key)); |
| 416 | j+=i; | 420 | j+=i; |
| 417 | if (!o) | 421 | if (!o) |
| 418 | { | 422 | { |
| @@ -693,7 +697,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 693 | if (strncmp(buf,"-----END ",9) == 0) | 697 | if (strncmp(buf,"-----END ",9) == 0) |
| 694 | break; | 698 | break; |
| 695 | if (i > 65) break; | 699 | if (i > 65) break; |
| 696 | if (!BUF_MEM_grow(dataB,i+bl+9)) | 700 | if (!BUF_MEM_grow_clean(dataB,i+bl+9)) |
| 697 | { | 701 | { |
| 698 | PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); | 702 | PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); |
| 699 | goto err; | 703 | goto err; |
diff --git a/src/lib/libssl/src/crypto/pem/pem_pk8.c b/src/lib/libssl/src/crypto/pem/pem_pk8.c index f44182ffb5..db38a2a79d 100644 --- a/src/lib/libssl/src/crypto/pem/pem_pk8.c +++ b/src/lib/libssl/src/crypto/pem/pem_pk8.c | |||
| @@ -136,7 +136,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER | |||
| 136 | kstr = buf; | 136 | kstr = buf; |
| 137 | } | 137 | } |
| 138 | p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); | 138 | p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); |
| 139 | if(kstr == buf) memset(buf, 0, klen); | 139 | if(kstr == buf) OPENSSL_cleanse(buf, klen); |
| 140 | PKCS8_PRIV_KEY_INFO_free(p8inf); | 140 | PKCS8_PRIV_KEY_INFO_free(p8inf); |
| 141 | if(isder) ret = i2d_PKCS8_bio(bp, p8); | 141 | if(isder) ret = i2d_PKCS8_bio(bp, p8); |
| 142 | else ret = PEM_write_bio_PKCS8(bp, p8); | 142 | else ret = PEM_write_bio_PKCS8(bp, p8); |
diff --git a/src/lib/libssl/src/crypto/pem/pem_seal.c b/src/lib/libssl/src/crypto/pem/pem_seal.c index ae463a301d..56e08abd70 100644 --- a/src/lib/libssl/src/crypto/pem/pem_seal.c +++ b/src/lib/libssl/src/crypto/pem/pem_seal.c | |||
| @@ -112,7 +112,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, | |||
| 112 | ret=npubk; | 112 | ret=npubk; |
| 113 | err: | 113 | err: |
| 114 | if (s != NULL) OPENSSL_free(s); | 114 | if (s != NULL) OPENSSL_free(s); |
| 115 | memset(key,0,EVP_MAX_KEY_LENGTH); | 115 | OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH); |
| 116 | return(ret); | 116 | return(ret); |
| 117 | } | 117 | } |
| 118 | 118 | ||
diff --git a/src/lib/libssl/src/crypto/perlasm/cbc.pl b/src/lib/libssl/src/crypto/perlasm/cbc.pl index 0145c4f0cc..22149c680e 100644 --- a/src/lib/libssl/src/crypto/perlasm/cbc.pl +++ b/src/lib/libssl/src/crypto/perlasm/cbc.pl | |||
| @@ -146,9 +146,15 @@ sub cbc | |||
| 146 | &mov($count, &wparam(2)); # length | 146 | &mov($count, &wparam(2)); # length |
| 147 | &and($count, 7); | 147 | &and($count, 7); |
| 148 | &jz(&label("finish")); | 148 | &jz(&label("finish")); |
| 149 | &call(&label("PIC_point")); | ||
| 150 | &set_label("PIC_point"); | ||
| 151 | &blindpop("edx"); | ||
| 152 | &lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx")); | ||
| 153 | &mov($count,&DWP(0,"ecx",$count,4)) | ||
| 154 | &add($count,"edx"); | ||
| 149 | &xor("ecx","ecx"); | 155 | &xor("ecx","ecx"); |
| 150 | &xor("edx","edx"); | 156 | &xor("edx","edx"); |
| 151 | &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); | 157 | #&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); |
| 152 | &jmp_ptr($count); | 158 | &jmp_ptr($count); |
| 153 | 159 | ||
| 154 | &set_label("ej7"); | 160 | &set_label("ej7"); |
| @@ -318,22 +324,23 @@ sub cbc | |||
| 318 | 324 | ||
| 319 | &set_label("cbc_enc_jmp_table",1); | 325 | &set_label("cbc_enc_jmp_table",1); |
| 320 | &data_word("0"); | 326 | &data_word("0"); |
| 321 | &data_word(&label("ej1")); | 327 | &data_word(&label("ej1")."-".&label("PIC_point")); |
| 322 | &data_word(&label("ej2")); | 328 | &data_word(&label("ej2")."-".&label("PIC_point")); |
| 323 | &data_word(&label("ej3")); | 329 | &data_word(&label("ej3")."-".&label("PIC_point")); |
| 324 | &data_word(&label("ej4")); | 330 | &data_word(&label("ej4")."-".&label("PIC_point")); |
| 325 | &data_word(&label("ej5")); | 331 | &data_word(&label("ej5")."-".&label("PIC_point")); |
| 326 | &data_word(&label("ej6")); | 332 | &data_word(&label("ej6")."-".&label("PIC_point")); |
| 327 | &data_word(&label("ej7")); | 333 | &data_word(&label("ej7")."-".&label("PIC_point")); |
| 328 | &set_label("cbc_dec_jmp_table",1); | 334 | # not used |
| 329 | &data_word("0"); | 335 | #&set_label("cbc_dec_jmp_table",1); |
| 330 | &data_word(&label("dj1")); | 336 | #&data_word("0"); |
| 331 | &data_word(&label("dj2")); | 337 | #&data_word(&label("dj1")."-".&label("PIC_point")); |
| 332 | &data_word(&label("dj3")); | 338 | #&data_word(&label("dj2")."-".&label("PIC_point")); |
| 333 | &data_word(&label("dj4")); | 339 | #&data_word(&label("dj3")."-".&label("PIC_point")); |
| 334 | &data_word(&label("dj5")); | 340 | #&data_word(&label("dj4")."-".&label("PIC_point")); |
| 335 | &data_word(&label("dj6")); | 341 | #&data_word(&label("dj5")."-".&label("PIC_point")); |
| 336 | &data_word(&label("dj7")); | 342 | #&data_word(&label("dj6")."-".&label("PIC_point")); |
| 343 | #&data_word(&label("dj7")."-".&label("PIC_point")); | ||
| 337 | 344 | ||
| 338 | &function_end_B($name); | 345 | &function_end_B($name); |
| 339 | 346 | ||
diff --git a/src/lib/libssl/src/crypto/perlasm/x86asm.pl b/src/lib/libssl/src/crypto/perlasm/x86asm.pl index 9a3d85b098..1cb96e914a 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86asm.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86asm.pl | |||
| @@ -18,9 +18,9 @@ sub main'asm_init | |||
| 18 | ($type,$fn,$i386)=@_; | 18 | ($type,$fn,$i386)=@_; |
| 19 | $filename=$fn; | 19 | $filename=$fn; |
| 20 | 20 | ||
| 21 | $cpp=$sol=$aout=$win32=$gaswin=0; | 21 | $elf=$cpp=$sol=$aout=$win32=$gaswin=0; |
| 22 | if ( ($type eq "elf")) | 22 | if ( ($type eq "elf")) |
| 23 | { require "x86unix.pl"; } | 23 | { $elf=1; require "x86unix.pl"; } |
| 24 | elsif ( ($type eq "a.out")) | 24 | elsif ( ($type eq "a.out")) |
| 25 | { $aout=1; require "x86unix.pl"; } | 25 | { $aout=1; require "x86unix.pl"; } |
| 26 | elsif ( ($type eq "gaswin")) | 26 | elsif ( ($type eq "gaswin")) |
| @@ -47,6 +47,9 @@ EOF | |||
| 47 | exit(1); | 47 | exit(1); |
| 48 | } | 48 | } |
| 49 | 49 | ||
| 50 | $pic=0; | ||
| 51 | for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); } | ||
| 52 | |||
| 50 | &asm_init_output(); | 53 | &asm_init_output(); |
| 51 | 54 | ||
| 52 | &comment("Don't even think of reading this code"); | 55 | &comment("Don't even think of reading this code"); |
| @@ -91,7 +94,7 @@ $tmp | |||
| 91 | #undef SIZE | 94 | #undef SIZE |
| 92 | #undef TYPE | 95 | #undef TYPE |
| 93 | #define SIZE(a,b) | 96 | #define SIZE(a,b) |
| 94 | #define TYPE(a,b) | 97 | #define TYPE(a,b) .def a; .scl 2; .type 32; .endef |
| 95 | #endif /* __CYGWIN || __DJGPP */ | 98 | #endif /* __CYGWIN || __DJGPP */ |
| 96 | #endif | 99 | #endif |
| 97 | 100 | ||
diff --git a/src/lib/libssl/src/crypto/perlasm/x86ms.pl b/src/lib/libssl/src/crypto/perlasm/x86ms.pl index 206452341d..35f1a4ddb9 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86ms.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86ms.pl | |||
| @@ -92,6 +92,8 @@ sub get_mem | |||
| 92 | $addr="_$addr"; | 92 | $addr="_$addr"; |
| 93 | } | 93 | } |
| 94 | 94 | ||
| 95 | if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } | ||
| 96 | |||
| 95 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); | 97 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); |
| 96 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); | 98 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); |
| 97 | if (($addr ne "") && ($addr ne 0)) | 99 | if (($addr ne "") && ($addr ne 0)) |
| @@ -111,6 +113,7 @@ sub get_mem | |||
| 111 | { | 113 | { |
| 112 | $ret.="[$reg1$post]" | 114 | $ret.="[$reg1$post]" |
| 113 | } | 115 | } |
| 116 | $ret =~ s/\[\]//; # in case $addr was the only argument | ||
| 114 | return($ret); | 117 | return($ret); |
| 115 | } | 118 | } |
| 116 | 119 | ||
| @@ -151,7 +154,7 @@ sub main'push { &out1("push",@_); $stack+=4; } | |||
| 151 | sub main'pop { &out1("pop",@_); $stack-=4; } | 154 | sub main'pop { &out1("pop",@_); $stack-=4; } |
| 152 | sub main'bswap { &out1("bswap",@_); &using486(); } | 155 | sub main'bswap { &out1("bswap",@_); &using486(); } |
| 153 | sub main'not { &out1("not",@_); } | 156 | sub main'not { &out1("not",@_); } |
| 154 | sub main'call { &out1("call",'_'.$_[0]); } | 157 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } |
| 155 | sub main'ret { &out0("ret"); } | 158 | sub main'ret { &out0("ret"); } |
| 156 | sub main'nop { &out0("nop"); } | 159 | sub main'nop { &out0("nop"); } |
| 157 | 160 | ||
| @@ -338,7 +341,7 @@ sub main'set_label | |||
| 338 | { | 341 | { |
| 339 | if (!defined($label{$_[0]})) | 342 | if (!defined($label{$_[0]})) |
| 340 | { | 343 | { |
| 341 | $label{$_[0]}="${label}${_[0]}"; | 344 | $label{$_[0]}="\$${label}${_[0]}"; |
| 342 | $label++; | 345 | $label++; |
| 343 | } | 346 | } |
| 344 | if((defined $_[2]) && ($_[2] == 1)) | 347 | if((defined $_[2]) && ($_[2] == 1)) |
| @@ -363,3 +366,11 @@ sub out1p | |||
| 363 | 366 | ||
| 364 | push(@out,"\t$name\t ".&conv($p1)."\n"); | 367 | push(@out,"\t$name\t ".&conv($p1)."\n"); |
| 365 | } | 368 | } |
| 369 | |||
| 370 | sub main'picmeup | ||
| 371 | { | ||
| 372 | local($dst,$sym)=@_; | ||
| 373 | &main'lea($dst,&main'DWP($sym)); | ||
| 374 | } | ||
| 375 | |||
| 376 | sub main'blindpop { &out1("pop",@_); } | ||
diff --git a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl index 519d8a5867..f30b7466d4 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl | |||
| @@ -98,6 +98,8 @@ sub get_mem | |||
| 98 | $addr="_$addr"; | 98 | $addr="_$addr"; |
| 99 | } | 99 | } |
| 100 | 100 | ||
| 101 | if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; } | ||
| 102 | |||
| 101 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); | 103 | $reg1="$regs{$reg1}" if defined($regs{$reg1}); |
| 102 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); | 104 | $reg2="$regs{$reg2}" if defined($regs{$reg2}); |
| 103 | if (($addr ne "") && ($addr ne 0)) | 105 | if (($addr ne "") && ($addr ne 0)) |
| @@ -117,6 +119,7 @@ sub get_mem | |||
| 117 | { | 119 | { |
| 118 | $ret.="$reg1$post]" | 120 | $ret.="$reg1$post]" |
| 119 | } | 121 | } |
| 122 | $ret =~ s/\+\]/]/; # in case $addr was the only argument | ||
| 120 | return($ret); | 123 | return($ret); |
| 121 | } | 124 | } |
| 122 | 125 | ||
| @@ -160,7 +163,7 @@ sub main'push { &out1("push",@_); $stack+=4; } | |||
| 160 | sub main'pop { &out1("pop",@_); $stack-=4; } | 163 | sub main'pop { &out1("pop",@_); $stack-=4; } |
| 161 | sub main'bswap { &out1("bswap",@_); &using486(); } | 164 | sub main'bswap { &out1("bswap",@_); &using486(); } |
| 162 | sub main'not { &out1("not",@_); } | 165 | sub main'not { &out1("not",@_); } |
| 163 | sub main'call { &out1("call",'_'.$_[0]); } | 166 | sub main'call { &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); } |
| 164 | sub main'ret { &out0("ret"); } | 167 | sub main'ret { &out0("ret"); } |
| 165 | sub main'nop { &out0("nop"); } | 168 | sub main'nop { &out0("nop"); } |
| 166 | 169 | ||
| @@ -322,7 +325,7 @@ sub main'set_label | |||
| 322 | { | 325 | { |
| 323 | if (!defined($label{$_[0]})) | 326 | if (!defined($label{$_[0]})) |
| 324 | { | 327 | { |
| 325 | $label{$_[0]}="${label}${_[0]}"; | 328 | $label{$_[0]}="\$${label}${_[0]}"; |
| 326 | $label++; | 329 | $label++; |
| 327 | } | 330 | } |
| 328 | push(@out,"$label{$_[0]}:\n"); | 331 | push(@out,"$label{$_[0]}:\n"); |
| @@ -340,3 +343,11 @@ sub out1p | |||
| 340 | 343 | ||
| 341 | push(@out,"\t$name\t ".&conv($p1)."\n"); | 344 | push(@out,"\t$name\t ".&conv($p1)."\n"); |
| 342 | } | 345 | } |
| 346 | |||
| 347 | sub main'picmeup | ||
| 348 | { | ||
| 349 | local($dst,$sym)=@_; | ||
| 350 | &main'lea($dst,&main'DWP($sym)); | ||
| 351 | } | ||
| 352 | |||
| 353 | sub main'blindpop { &out1("pop",@_); } | ||
diff --git a/src/lib/libssl/src/crypto/perlasm/x86unix.pl b/src/lib/libssl/src/crypto/perlasm/x86unix.pl index 9ceabf0705..72bde061c5 100644 --- a/src/lib/libssl/src/crypto/perlasm/x86unix.pl +++ b/src/lib/libssl/src/crypto/perlasm/x86unix.pl | |||
| @@ -87,12 +87,12 @@ sub main'DWP | |||
| 87 | $ret.=$addr if ($addr ne "") && ($addr ne 0); | 87 | $ret.=$addr if ($addr ne "") && ($addr ne 0); |
| 88 | if ($reg2 ne "") | 88 | if ($reg2 ne "") |
| 89 | { | 89 | { |
| 90 | if($idx ne "") | 90 | if($idx ne "" && $idx != 0) |
| 91 | { $ret.="($reg1,$reg2,$idx)"; } | 91 | { $ret.="($reg1,$reg2,$idx)"; } |
| 92 | else | 92 | else |
| 93 | { $ret.="($reg1,$reg2)"; } | 93 | { $ret.="($reg1,$reg2)"; } |
| 94 | } | 94 | } |
| 95 | else | 95 | elsif ($reg1 ne "") |
| 96 | { $ret.="($reg1)" } | 96 | { $ret.="($reg1)" } |
| 97 | return($ret); | 97 | return($ret); |
| 98 | } | 98 | } |
| @@ -167,7 +167,7 @@ sub main'pop { &out1("popl",@_); $stack-=4; } | |||
| 167 | sub main'pushf { &out0("pushf"); $stack+=4; } | 167 | sub main'pushf { &out0("pushf"); $stack+=4; } |
| 168 | sub main'popf { &out0("popf"); $stack-=4; } | 168 | sub main'popf { &out0("popf"); $stack-=4; } |
| 169 | sub main'not { &out1("notl",@_); } | 169 | sub main'not { &out1("notl",@_); } |
| 170 | sub main'call { &out1("call",$under.$_[0]); } | 170 | sub main'call { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); } |
| 171 | sub main'ret { &out0("ret"); } | 171 | sub main'ret { &out0("ret"); } |
| 172 | sub main'nop { &out0("nop"); } | 172 | sub main'nop { &out0("nop"); } |
| 173 | 173 | ||
| @@ -345,15 +345,15 @@ sub main'function_end | |||
| 345 | popl %ebx | 345 | popl %ebx |
| 346 | popl %ebp | 346 | popl %ebp |
| 347 | ret | 347 | ret |
| 348 | .${func}_end: | 348 | .L_${func}_end: |
| 349 | EOF | 349 | EOF |
| 350 | push(@out,$tmp); | 350 | push(@out,$tmp); |
| 351 | 351 | ||
| 352 | if ($main'cpp) | 352 | if ($main'cpp) |
| 353 | { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } | 353 | { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } |
| 354 | elsif ($main'gaswin) | 354 | elsif ($main'gaswin) |
| 355 | { $tmp=push(@out,"\t.align 4\n"); } | 355 | { $tmp=push(@out,"\t.align 4\n"); } |
| 356 | else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } | 356 | else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } |
| 357 | push(@out,".ident \"$func\"\n"); | 357 | push(@out,".ident \"$func\"\n"); |
| 358 | $stack=0; | 358 | $stack=0; |
| 359 | %label=(); | 359 | %label=(); |
| @@ -426,6 +426,11 @@ sub main'swtmp | |||
| 426 | 426 | ||
| 427 | sub main'comment | 427 | sub main'comment |
| 428 | { | 428 | { |
| 429 | if ($main'elf) # GNU and SVR4 as'es use different comment delimiters, | ||
| 430 | { # so we just skip comments... | ||
| 431 | push(@out,"\n"); | ||
| 432 | return; | ||
| 433 | } | ||
| 429 | foreach (@_) | 434 | foreach (@_) |
| 430 | { | 435 | { |
| 431 | if (/^\s*$/) | 436 | if (/^\s*$/) |
| @@ -542,3 +547,39 @@ sub popvars | |||
| 542 | &main'pop("edx"); | 547 | &main'pop("edx"); |
| 543 | &main'popf(); | 548 | &main'popf(); |
| 544 | } | 549 | } |
| 550 | |||
| 551 | sub main'picmeup | ||
| 552 | { | ||
| 553 | local($dst,$sym)=@_; | ||
| 554 | if ($main'cpp) | ||
| 555 | { | ||
| 556 | local($tmp)=<<___; | ||
| 557 | #if (defined(ELF) || defined(SOL)) && defined(PIC) | ||
| 558 | .align 8 | ||
| 559 | call 1f | ||
| 560 | 1: popl $regs{$dst} | ||
| 561 | addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} | ||
| 562 | movl $sym\@GOT($regs{$dst}),$regs{$dst} | ||
| 563 | #else | ||
| 564 | leal $sym,$regs{$dst} | ||
| 565 | #endif | ||
| 566 | ___ | ||
| 567 | push(@out,$tmp); | ||
| 568 | } | ||
| 569 | elsif ($main'pic && ($main'elf || $main'aout)) | ||
| 570 | { | ||
| 571 | push(@out,"\t.align\t8\n"); | ||
| 572 | &main'call(&main'label("PIC_me_up")); | ||
| 573 | &main'set_label("PIC_me_up"); | ||
| 574 | &main'blindpop($dst); | ||
| 575 | &main'add($dst,"\$$under"."_GLOBAL_OFFSET_TABLE_+[.-". | ||
| 576 | &main'label("PIC_me_up") . "]"); | ||
| 577 | &main'mov($dst,&main'DWP($sym."\@GOT",$dst)); | ||
| 578 | } | ||
| 579 | else | ||
| 580 | { | ||
| 581 | &main'lea($dst,&main'DWP($sym)); | ||
| 582 | } | ||
| 583 | } | ||
| 584 | |||
| 585 | sub main'blindpop { &out1("popl",@_); } | ||
diff --git a/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl b/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl index 2b1d175157..a6e47b4085 100644 --- a/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl +++ b/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl | |||
| @@ -74,7 +74,7 @@ lint: | |||
| 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 75 | 75 | ||
| 76 | depend: | 76 | depend: |
| 77 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 77 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 78 | 78 | ||
| 79 | dclean: | 79 | dclean: |
| 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c index 97be6a5fb5..5e8958612b 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c | |||
| @@ -118,7 +118,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 118 | } | 118 | } |
| 119 | PBEPARAM_free(pbe); | 119 | PBEPARAM_free(pbe); |
| 120 | EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); | 120 | EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); |
| 121 | memset(key, 0, EVP_MAX_KEY_LENGTH); | 121 | OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); |
| 122 | memset(iv, 0, EVP_MAX_IV_LENGTH); | 122 | OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); |
| 123 | return 1; | 123 | return 1; |
| 124 | } | 124 | } |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_decr.c b/src/lib/libssl/src/crypto/pkcs12/p12_decr.c index 394af368f4..b5684a83ba 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_decr.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_decr.c | |||
| @@ -136,7 +136,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | |||
| 136 | } | 136 | } |
| 137 | #endif | 137 | #endif |
| 138 | ret = ASN1_item_d2i(NULL, &p, outlen, it); | 138 | ret = ASN1_item_d2i(NULL, &p, outlen, it); |
| 139 | if (zbuf) memset(out, 0, outlen); | 139 | if (zbuf) OPENSSL_cleanse(out, outlen); |
| 140 | if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); | 140 | if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); |
| 141 | OPENSSL_free(out); | 141 | OPENSSL_free(out); |
| 142 | return ret; | 142 | return ret; |
| @@ -168,7 +168,7 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i | |||
| 168 | OPENSSL_free(in); | 168 | OPENSSL_free(in); |
| 169 | return NULL; | 169 | return NULL; |
| 170 | } | 170 | } |
| 171 | if (zbuf) memset(in, 0, inlen); | 171 | if (zbuf) OPENSSL_cleanse(in, inlen); |
| 172 | OPENSSL_free(in); | 172 | OPENSSL_free(in); |
| 173 | return oct; | 173 | return oct; |
| 174 | } | 174 | } |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_key.c b/src/lib/libssl/src/crypto/pkcs12/p12_key.c index 0d39ebde8c..9196a34b4a 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_key.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_key.c | |||
| @@ -91,7 +91,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, | |||
| 91 | ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, | 91 | ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, |
| 92 | id, iter, n, out, md_type); | 92 | id, iter, n, out, md_type); |
| 93 | if(unipass) { | 93 | if(unipass) { |
| 94 | memset(unipass, 0, uniplen); /* Clear password from memory */ | 94 | OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ |
| 95 | OPENSSL_free(unipass); | 95 | OPENSSL_free(unipass); |
| 96 | } | 96 | } |
| 97 | return ret; | 97 | return ret; |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_npas.c b/src/lib/libssl/src/crypto/pkcs12/p12_npas.c index a549433eeb..af708a2743 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_npas.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_npas.c | |||
| @@ -107,7 +107,7 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) | |||
| 107 | { | 107 | { |
| 108 | STACK_OF(PKCS7) *asafes, *newsafes; | 108 | STACK_OF(PKCS7) *asafes, *newsafes; |
| 109 | STACK_OF(PKCS12_SAFEBAG) *bags; | 109 | STACK_OF(PKCS12_SAFEBAG) *bags; |
| 110 | int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen; | 110 | int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0; |
| 111 | PKCS7 *p7, *p7new; | 111 | PKCS7 *p7, *p7new; |
| 112 | ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; | 112 | ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; |
| 113 | unsigned char mac[EVP_MAX_MD_SIZE]; | 113 | unsigned char mac[EVP_MAX_MD_SIZE]; |
diff --git a/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl b/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl index 1302469def..c3bfc7d560 100644 --- a/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl +++ b/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl | |||
| @@ -89,7 +89,7 @@ lint: | |||
| 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 89 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 90 | 90 | ||
| 91 | depend: | 91 | depend: |
| 92 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 92 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 93 | 93 | ||
| 94 | dclean: | 94 | dclean: |
| 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 95 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/pkcs7/bio_ber.c b/src/lib/libssl/src/crypto/pkcs7/bio_ber.c index 42331f7ab0..895a91177b 100644 --- a/src/lib/libssl/src/crypto/pkcs7/bio_ber.c +++ b/src/lib/libssl/src/crypto/pkcs7/bio_ber.c | |||
| @@ -145,7 +145,7 @@ static int ber_free(BIO *a) | |||
| 145 | 145 | ||
| 146 | if (a == NULL) return(0); | 146 | if (a == NULL) return(0); |
| 147 | b=(BIO_BER_CTX *)a->ptr; | 147 | b=(BIO_BER_CTX *)a->ptr; |
| 148 | memset(a->ptr,0,sizeof(BIO_BER_CTX)); | 148 | OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); |
| 149 | OPENSSL_free(a->ptr); | 149 | OPENSSL_free(a->ptr); |
| 150 | a->ptr=NULL; | 150 | a->ptr=NULL; |
| 151 | a->init=0; | 151 | a->init=0; |
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c index 4a4ff340ce..0060a2ea3d 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c | |||
| @@ -241,7 +241,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) | |||
| 241 | M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); | 241 | M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); |
| 242 | } | 242 | } |
| 243 | OPENSSL_free(tmp); | 243 | OPENSSL_free(tmp); |
| 244 | memset(key, 0, keylen); | 244 | OPENSSL_cleanse(key, keylen); |
| 245 | 245 | ||
| 246 | if (out == NULL) | 246 | if (out == NULL) |
| 247 | out=btmp; | 247 | out=btmp; |
| @@ -448,7 +448,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) | |||
| 448 | } | 448 | } |
| 449 | EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); | 449 | EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); |
| 450 | 450 | ||
| 451 | memset(tmp,0,jj); | 451 | OPENSSL_cleanse(tmp,jj); |
| 452 | 452 | ||
| 453 | if (out == NULL) | 453 | if (out == NULL) |
| 454 | out=etmp; | 454 | out=etmp; |
| @@ -578,7 +578,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) | |||
| 578 | /* We now have the EVP_MD_CTX, lets do the | 578 | /* We now have the EVP_MD_CTX, lets do the |
| 579 | * signing. */ | 579 | * signing. */ |
| 580 | EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); | 580 | EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); |
| 581 | if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey))) | 581 | if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey))) |
| 582 | { | 582 | { |
| 583 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); | 583 | PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); |
| 584 | goto err; | 584 | goto err; |
diff --git a/src/lib/libssl/src/crypto/rand/Makefile.ssl b/src/lib/libssl/src/crypto/rand/Makefile.ssl index 73b5f568e8..df80702373 100644 --- a/src/lib/libssl/src/crypto/rand/Makefile.ssl +++ b/src/lib/libssl/src/crypto/rand/Makefile.ssl | |||
| @@ -70,7 +70,7 @@ lint: | |||
| 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 70 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 71 | 71 | ||
| 72 | depend: | 72 | depend: |
| 73 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 74 | 74 | ||
| 75 | dclean: | 75 | dclean: |
| 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/rand/md_rand.c b/src/lib/libssl/src/crypto/rand/md_rand.c index a00ed70718..eeffc0df4c 100644 --- a/src/lib/libssl/src/crypto/rand/md_rand.c +++ b/src/lib/libssl/src/crypto/rand/md_rand.c | |||
| @@ -177,10 +177,10 @@ RAND_METHOD *RAND_SSLeay(void) | |||
| 177 | 177 | ||
| 178 | static void ssleay_rand_cleanup(void) | 178 | static void ssleay_rand_cleanup(void) |
| 179 | { | 179 | { |
| 180 | memset(state,0,sizeof(state)); | 180 | OPENSSL_cleanse(state,sizeof(state)); |
| 181 | state_num=0; | 181 | state_num=0; |
| 182 | state_index=0; | 182 | state_index=0; |
| 183 | memset(md,0,MD_DIGEST_LENGTH); | 183 | OPENSSL_cleanse(md,MD_DIGEST_LENGTH); |
| 184 | md_count[0]=0; | 184 | md_count[0]=0; |
| 185 | md_count[1]=0; | 185 | md_count[1]=0; |
| 186 | entropy=0; | 186 | entropy=0; |
diff --git a/src/lib/libssl/src/crypto/rand/rand.h b/src/lib/libssl/src/crypto/rand/rand.h index 66e39991ec..606382dd21 100644 --- a/src/lib/libssl/src/crypto/rand/rand.h +++ b/src/lib/libssl/src/crypto/rand/rand.h | |||
| @@ -87,7 +87,9 @@ extern int rand_predictable; | |||
| 87 | 87 | ||
| 88 | int RAND_set_rand_method(const RAND_METHOD *meth); | 88 | int RAND_set_rand_method(const RAND_METHOD *meth); |
| 89 | const RAND_METHOD *RAND_get_rand_method(void); | 89 | const RAND_METHOD *RAND_get_rand_method(void); |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 90 | int RAND_set_rand_engine(ENGINE *engine); | 91 | int RAND_set_rand_engine(ENGINE *engine); |
| 92 | #endif | ||
| 91 | RAND_METHOD *RAND_SSLeay(void); | 93 | RAND_METHOD *RAND_SSLeay(void); |
| 92 | void RAND_cleanup(void ); | 94 | void RAND_cleanup(void ); |
| 93 | int RAND_bytes(unsigned char *buf,int num); | 95 | int RAND_bytes(unsigned char *buf,int num); |
diff --git a/src/lib/libssl/src/crypto/rand/rand_egd.c b/src/lib/libssl/src/crypto/rand/rand_egd.c index 96019c07a6..895967476e 100644 --- a/src/lib/libssl/src/crypto/rand/rand_egd.c +++ b/src/lib/libssl/src/crypto/rand/rand_egd.c | |||
| @@ -94,7 +94,7 @@ | |||
| 94 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. | 94 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. |
| 95 | */ | 95 | */ |
| 96 | 96 | ||
| 97 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(__DJGPP__) | 97 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) |
| 98 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | 98 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) |
| 99 | { | 99 | { |
| 100 | return(-1); | 100 | return(-1); |
| @@ -114,7 +114,7 @@ int RAND_egd_bytes(const char *path,int bytes) | |||
| 114 | #include <sys/types.h> | 114 | #include <sys/types.h> |
| 115 | #include <sys/socket.h> | 115 | #include <sys/socket.h> |
| 116 | #ifndef NO_SYS_UN_H | 116 | #ifndef NO_SYS_UN_H |
| 117 | # ifdef OPENSSL_SYS_VSWORKS | 117 | # ifdef OPENSSL_SYS_VXWORKS |
| 118 | # include <streams/un.h> | 118 | # include <streams/un.h> |
| 119 | # else | 119 | # else |
| 120 | # include <sys/un.h> | 120 | # include <sys/un.h> |
| @@ -143,7 +143,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | |||
| 143 | 143 | ||
| 144 | memset(&addr, 0, sizeof(addr)); | 144 | memset(&addr, 0, sizeof(addr)); |
| 145 | addr.sun_family = AF_UNIX; | 145 | addr.sun_family = AF_UNIX; |
| 146 | if (strlen(path) > sizeof(addr.sun_path)) | 146 | if (strlen(path) >= sizeof(addr.sun_path)) |
| 147 | return (-1); | 147 | return (-1); |
| 148 | strlcpy(addr.sun_path,path,sizeof addr.sun_path); | 148 | strlcpy(addr.sun_path,path,sizeof addr.sun_path); |
| 149 | len = offsetof(struct sockaddr_un, sun_path) + strlen(path); | 149 | len = offsetof(struct sockaddr_un, sun_path) + strlen(path); |
diff --git a/src/lib/libssl/src/crypto/rand/rand_lib.c b/src/lib/libssl/src/crypto/rand/rand_lib.c index 5cf5dc1188..513e338985 100644 --- a/src/lib/libssl/src/crypto/rand/rand_lib.c +++ b/src/lib/libssl/src/crypto/rand/rand_lib.c | |||
| @@ -60,19 +60,25 @@ | |||
| 60 | #include <time.h> | 60 | #include <time.h> |
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | ||
| 64 | 66 | ||
| 67 | #ifndef OPENSSL_NO_ENGINE | ||
| 65 | /* non-NULL if default_RAND_meth is ENGINE-provided */ | 68 | /* non-NULL if default_RAND_meth is ENGINE-provided */ |
| 66 | static ENGINE *funct_ref =NULL; | 69 | static ENGINE *funct_ref =NULL; |
| 70 | #endif | ||
| 67 | static const RAND_METHOD *default_RAND_meth = NULL; | 71 | static const RAND_METHOD *default_RAND_meth = NULL; |
| 68 | 72 | ||
| 69 | int RAND_set_rand_method(const RAND_METHOD *meth) | 73 | int RAND_set_rand_method(const RAND_METHOD *meth) |
| 70 | { | 74 | { |
| 75 | #ifndef OPENSSL_NO_ENGINE | ||
| 71 | if(funct_ref) | 76 | if(funct_ref) |
| 72 | { | 77 | { |
| 73 | ENGINE_finish(funct_ref); | 78 | ENGINE_finish(funct_ref); |
| 74 | funct_ref = NULL; | 79 | funct_ref = NULL; |
| 75 | } | 80 | } |
| 81 | #endif | ||
| 76 | default_RAND_meth = meth; | 82 | default_RAND_meth = meth; |
| 77 | return 1; | 83 | return 1; |
| 78 | } | 84 | } |
| @@ -81,6 +87,7 @@ const RAND_METHOD *RAND_get_rand_method(void) | |||
| 81 | { | 87 | { |
| 82 | if (!default_RAND_meth) | 88 | if (!default_RAND_meth) |
| 83 | { | 89 | { |
| 90 | #ifndef OPENSSL_NO_ENGINE | ||
| 84 | ENGINE *e = ENGINE_get_default_RAND(); | 91 | ENGINE *e = ENGINE_get_default_RAND(); |
| 85 | if(e) | 92 | if(e) |
| 86 | { | 93 | { |
| @@ -94,11 +101,13 @@ const RAND_METHOD *RAND_get_rand_method(void) | |||
| 94 | if(e) | 101 | if(e) |
| 95 | funct_ref = e; | 102 | funct_ref = e; |
| 96 | else | 103 | else |
| 104 | #endif | ||
| 97 | default_RAND_meth = RAND_SSLeay(); | 105 | default_RAND_meth = RAND_SSLeay(); |
| 98 | } | 106 | } |
| 99 | return default_RAND_meth; | 107 | return default_RAND_meth; |
| 100 | } | 108 | } |
| 101 | 109 | ||
| 110 | #ifndef OPENSSL_NO_ENGINE | ||
| 102 | int RAND_set_rand_engine(ENGINE *engine) | 111 | int RAND_set_rand_engine(ENGINE *engine) |
| 103 | { | 112 | { |
| 104 | const RAND_METHOD *tmp_meth = NULL; | 113 | const RAND_METHOD *tmp_meth = NULL; |
| @@ -118,6 +127,7 @@ int RAND_set_rand_engine(ENGINE *engine) | |||
| 118 | funct_ref = engine; | 127 | funct_ref = engine; |
| 119 | return 1; | 128 | return 1; |
| 120 | } | 129 | } |
| 130 | #endif | ||
| 121 | 131 | ||
| 122 | void RAND_cleanup(void) | 132 | void RAND_cleanup(void) |
| 123 | { | 133 | { |
diff --git a/src/lib/libssl/src/crypto/rand/rand_unix.c b/src/lib/libssl/src/crypto/rand/rand_unix.c index fa2bab57c6..0599719dd1 100644 --- a/src/lib/libssl/src/crypto/rand/rand_unix.c +++ b/src/lib/libssl/src/crypto/rand/rand_unix.c | |||
| @@ -115,7 +115,7 @@ | |||
| 115 | #include <openssl/rand.h> | 115 | #include <openssl/rand.h> |
| 116 | #include "rand_lcl.h" | 116 | #include "rand_lcl.h" |
| 117 | 117 | ||
| 118 | #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)) | 118 | #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS)) |
| 119 | 119 | ||
| 120 | #include <sys/types.h> | 120 | #include <sys/types.h> |
| 121 | #include <sys/time.h> | 121 | #include <sys/time.h> |
| @@ -233,7 +233,7 @@ int RAND_poll(void) | |||
| 233 | if (n > 0) | 233 | if (n > 0) |
| 234 | { | 234 | { |
| 235 | RAND_add(tmpbuf,sizeof tmpbuf,n); | 235 | RAND_add(tmpbuf,sizeof tmpbuf,n); |
| 236 | memset(tmpbuf,0,n); | 236 | OPENSSL_cleanse(tmpbuf,n); |
| 237 | } | 237 | } |
| 238 | #endif | 238 | #endif |
| 239 | 239 | ||
| @@ -255,3 +255,10 @@ int RAND_poll(void) | |||
| 255 | 255 | ||
| 256 | #endif | 256 | #endif |
| 257 | #endif | 257 | #endif |
| 258 | |||
| 259 | #if defined(OPENSSL_SYS_VXWORKS) | ||
| 260 | int RAND_poll(void) | ||
| 261 | { | ||
| 262 | return 0; | ||
| 263 | } | ||
| 264 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/rand/rand_win.c b/src/lib/libssl/src/crypto/rand/rand_win.c index c1b955b06f..113b58678f 100644 --- a/src/lib/libssl/src/crypto/rand/rand_win.c +++ b/src/lib/libssl/src/crypto/rand/rand_win.c | |||
| @@ -125,7 +125,7 @@ | |||
| 125 | * http://developer.intel.com/design/security/rng/redist_license.htm | 125 | * http://developer.intel.com/design/security/rng/redist_license.htm |
| 126 | */ | 126 | */ |
| 127 | #define PROV_INTEL_SEC 22 | 127 | #define PROV_INTEL_SEC 22 |
| 128 | #define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider" | 128 | #define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider") |
| 129 | 129 | ||
| 130 | static void readtimer(void); | 130 | static void readtimer(void); |
| 131 | static void readscreen(void); | 131 | static void readscreen(void); |
| @@ -170,7 +170,9 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32); | |||
| 170 | typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); | 170 | typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32); |
| 171 | 171 | ||
| 172 | #include <lmcons.h> | 172 | #include <lmcons.h> |
| 173 | #ifndef OPENSSL_SYS_WINCE | ||
| 173 | #include <lmstats.h> | 174 | #include <lmstats.h> |
| 175 | #endif | ||
| 174 | #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE | 176 | #if 1 /* The NET API is Unicode only. It requires the use of the UNICODE |
| 175 | * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was | 177 | * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was |
| 176 | * was added to the Platform SDK to allow the NET API to be used in | 178 | * was added to the Platform SDK to allow the NET API to be used in |
| @@ -209,20 +211,32 @@ int RAND_poll(void) | |||
| 209 | osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; | 211 | osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; |
| 210 | GetVersionEx( &osverinfo ) ; | 212 | GetVersionEx( &osverinfo ) ; |
| 211 | 213 | ||
| 214 | #if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO | ||
| 215 | /* poll the CryptoAPI PRNG */ | ||
| 216 | /* The CryptoAPI returns sizeof(buf) bytes of randomness */ | ||
| 217 | if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) | ||
| 218 | { | ||
| 219 | if (CryptGenRandom(hProvider, sizeof(buf), buf)) | ||
| 220 | RAND_add(buf, sizeof(buf), sizeof(buf)); | ||
| 221 | CryptReleaseContext(hProvider, 0); | ||
| 222 | } | ||
| 223 | #endif | ||
| 224 | |||
| 212 | /* load functions dynamically - not available on all systems */ | 225 | /* load functions dynamically - not available on all systems */ |
| 213 | advapi = LoadLibrary("ADVAPI32.DLL"); | 226 | advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); |
| 214 | kernel = LoadLibrary("KERNEL32.DLL"); | 227 | kernel = LoadLibrary(TEXT("KERNEL32.DLL")); |
| 215 | user = LoadLibrary("USER32.DLL"); | 228 | user = LoadLibrary(TEXT("USER32.DLL")); |
| 216 | netapi = LoadLibrary("NETAPI32.DLL"); | 229 | netapi = LoadLibrary(TEXT("NETAPI32.DLL")); |
| 217 | 230 | ||
| 231 | #ifndef OPENSSL_SYS_WINCE | ||
| 218 | #if 1 /* There was previously a problem with NETSTATGET. Currently, this | 232 | #if 1 /* There was previously a problem with NETSTATGET. Currently, this |
| 219 | * section is still experimental, but if all goes well, this conditional | 233 | * section is still experimental, but if all goes well, this conditional |
| 220 | * will be removed | 234 | * will be removed |
| 221 | */ | 235 | */ |
| 222 | if (netapi) | 236 | if (netapi) |
| 223 | { | 237 | { |
| 224 | netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet"); | 238 | netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet")); |
| 225 | netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree"); | 239 | netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree")); |
| 226 | } | 240 | } |
| 227 | 241 | ||
| 228 | if (netstatget && netfree) | 242 | if (netstatget && netfree) |
| @@ -249,7 +263,9 @@ int RAND_poll(void) | |||
| 249 | if (netapi) | 263 | if (netapi) |
| 250 | FreeLibrary(netapi); | 264 | FreeLibrary(netapi); |
| 251 | #endif /* 1 */ | 265 | #endif /* 1 */ |
| 266 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 252 | 267 | ||
| 268 | #ifndef OPENSSL_SYS_WINCE | ||
| 253 | /* It appears like this can cause an exception deep within ADVAPI32.DLL | 269 | /* It appears like this can cause an exception deep within ADVAPI32.DLL |
| 254 | * at random times on Windows 2000. Reported by Jeffrey Altman. | 270 | * at random times on Windows 2000. Reported by Jeffrey Altman. |
| 255 | * Only use it on NT. | 271 | * Only use it on NT. |
| @@ -280,30 +296,40 @@ int RAND_poll(void) | |||
| 280 | bufsz += 8192; | 296 | bufsz += 8192; |
| 281 | 297 | ||
| 282 | length = bufsz; | 298 | length = bufsz; |
| 283 | rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, "Global", | 299 | rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"), |
| 284 | NULL, NULL, buf, &length); | 300 | NULL, NULL, buf, &length); |
| 285 | } | 301 | } |
| 286 | if (rc == ERROR_SUCCESS) | 302 | if (rc == ERROR_SUCCESS) |
| 287 | { | 303 | { |
| 288 | /* For entropy count assume only least significant | 304 | /* For entropy count assume only least significant |
| 289 | * byte of each DWORD is random. | 305 | * byte of each DWORD is random. |
| 290 | */ | 306 | */ |
| 291 | RAND_add(&length, sizeof(length), 0); | 307 | RAND_add(&length, sizeof(length), 0); |
| 292 | RAND_add(buf, length, length / 4.0); | 308 | RAND_add(buf, length, length / 4.0); |
| 309 | |||
| 310 | /* Close the Registry Key to allow Windows to cleanup/close | ||
| 311 | * the open handle | ||
| 312 | * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened | ||
| 313 | * when the RegQueryValueEx above is done. However, if | ||
| 314 | * it is not explicitly closed, it can cause disk | ||
| 315 | * partition manipulation problems. | ||
| 316 | */ | ||
| 317 | RegCloseKey(HKEY_PERFORMANCE_DATA); | ||
| 293 | } | 318 | } |
| 294 | if (buf) | 319 | if (buf) |
| 295 | free(buf); | 320 | free(buf); |
| 296 | } | 321 | } |
| 297 | #endif | 322 | #endif |
| 323 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 298 | 324 | ||
| 299 | if (advapi) | 325 | if (advapi) |
| 300 | { | 326 | { |
| 301 | acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi, | 327 | acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi, |
| 302 | "CryptAcquireContextA"); | 328 | TEXT("CryptAcquireContextA")); |
| 303 | gen = (CRYPTGENRANDOM) GetProcAddress(advapi, | 329 | gen = (CRYPTGENRANDOM) GetProcAddress(advapi, |
| 304 | "CryptGenRandom"); | 330 | TEXT("CryptGenRandom")); |
| 305 | release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, | 331 | release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, |
| 306 | "CryptReleaseContext"); | 332 | TEXT("CryptReleaseContext")); |
| 307 | } | 333 | } |
| 308 | 334 | ||
| 309 | if (acquire && gen && release) | 335 | if (acquire && gen && release) |
| @@ -357,9 +383,9 @@ int RAND_poll(void) | |||
| 357 | GETFOREGROUNDWINDOW win; | 383 | GETFOREGROUNDWINDOW win; |
| 358 | GETQUEUESTATUS queue; | 384 | GETQUEUESTATUS queue; |
| 359 | 385 | ||
| 360 | win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow"); | 386 | win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow")); |
| 361 | cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo"); | 387 | cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo")); |
| 362 | queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus"); | 388 | queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus")); |
| 363 | 389 | ||
| 364 | if (win) | 390 | if (win) |
| 365 | { | 391 | { |
| @@ -430,17 +456,17 @@ int RAND_poll(void) | |||
| 430 | MODULEENTRY32 m; | 456 | MODULEENTRY32 m; |
| 431 | 457 | ||
| 432 | snap = (CREATETOOLHELP32SNAPSHOT) | 458 | snap = (CREATETOOLHELP32SNAPSHOT) |
| 433 | GetProcAddress(kernel, "CreateToolhelp32Snapshot"); | 459 | GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot")); |
| 434 | heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First"); | 460 | heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First")); |
| 435 | heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next"); | 461 | heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next")); |
| 436 | heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst"); | 462 | heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst")); |
| 437 | heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext"); | 463 | heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext")); |
| 438 | process_first = (PROCESS32) GetProcAddress(kernel, "Process32First"); | 464 | process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First")); |
| 439 | process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next"); | 465 | process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next")); |
| 440 | thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First"); | 466 | thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First")); |
| 441 | thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next"); | 467 | thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next")); |
| 442 | module_first = (MODULE32) GetProcAddress(kernel, "Module32First"); | 468 | module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First")); |
| 443 | module_next = (MODULE32) GetProcAddress(kernel, "Module32Next"); | 469 | module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next")); |
| 444 | 470 | ||
| 445 | if (snap && heap_first && heap_next && heaplist_first && | 471 | if (snap && heap_first && heap_next && heaplist_first && |
| 446 | heaplist_next && process_first && process_next && | 472 | heaplist_next && process_first && process_next && |
| @@ -575,7 +601,7 @@ static void readtimer(void) | |||
| 575 | DWORD w; | 601 | DWORD w; |
| 576 | LARGE_INTEGER l; | 602 | LARGE_INTEGER l; |
| 577 | static int have_perfc = 1; | 603 | static int have_perfc = 1; |
| 578 | #ifdef _MSC_VER | 604 | #if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE) |
| 579 | static int have_tsc = 1; | 605 | static int have_tsc = 1; |
| 580 | DWORD cyclecount; | 606 | DWORD cyclecount; |
| 581 | 607 | ||
| @@ -628,6 +654,7 @@ static void readtimer(void) | |||
| 628 | 654 | ||
| 629 | static void readscreen(void) | 655 | static void readscreen(void) |
| 630 | { | 656 | { |
| 657 | #ifndef OPENSSL_SYS_WINCE | ||
| 631 | HDC hScrDC; /* screen DC */ | 658 | HDC hScrDC; /* screen DC */ |
| 632 | HDC hMemDC; /* memory DC */ | 659 | HDC hMemDC; /* memory DC */ |
| 633 | HBITMAP hBitmap; /* handle for our bitmap */ | 660 | HBITMAP hBitmap; /* handle for our bitmap */ |
| @@ -641,7 +668,7 @@ static void readscreen(void) | |||
| 641 | int n = 16; /* number of screen lines to grab at a time */ | 668 | int n = 16; /* number of screen lines to grab at a time */ |
| 642 | 669 | ||
| 643 | /* Create a screen DC and a memory DC compatible to screen DC */ | 670 | /* Create a screen DC and a memory DC compatible to screen DC */ |
| 644 | hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL); | 671 | hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); |
| 645 | hMemDC = CreateCompatibleDC(hScrDC); | 672 | hMemDC = CreateCompatibleDC(hScrDC); |
| 646 | 673 | ||
| 647 | /* Get screen resolution */ | 674 | /* Get screen resolution */ |
| @@ -688,6 +715,7 @@ static void readscreen(void) | |||
| 688 | DeleteObject(hBitmap); | 715 | DeleteObject(hBitmap); |
| 689 | DeleteDC(hMemDC); | 716 | DeleteDC(hMemDC); |
| 690 | DeleteDC(hScrDC); | 717 | DeleteDC(hScrDC); |
| 718 | #endif /* !OPENSSL_SYS_WINCE */ | ||
| 691 | } | 719 | } |
| 692 | 720 | ||
| 693 | #endif | 721 | #endif |
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c index 311dd27a7b..cfbec2ac1f 100644 --- a/src/lib/libssl/src/crypto/rand/randfile.c +++ b/src/lib/libssl/src/crypto/rand/randfile.c | |||
| @@ -132,7 +132,7 @@ int RAND_load_file(const char *file, long bytes) | |||
| 132 | } | 132 | } |
| 133 | } | 133 | } |
| 134 | fclose(in); | 134 | fclose(in); |
| 135 | memset(buf,0,BUFSIZE); | 135 | OPENSSL_cleanse(buf,BUFSIZE); |
| 136 | err: | 136 | err: |
| 137 | return(ret); | 137 | return(ret); |
| 138 | } | 138 | } |
| @@ -210,7 +210,7 @@ int RAND_write_file(const char *file) | |||
| 210 | #endif /* OPENSSL_SYS_VMS */ | 210 | #endif /* OPENSSL_SYS_VMS */ |
| 211 | 211 | ||
| 212 | fclose(out); | 212 | fclose(out); |
| 213 | memset(buf,0,BUFSIZE); | 213 | OPENSSL_cleanse(buf,BUFSIZE); |
| 214 | err: | 214 | err: |
| 215 | return (rand_err ? -1 : ret); | 215 | return (rand_err ? -1 : ret); |
| 216 | } | 216 | } |
| @@ -225,8 +225,8 @@ const char *RAND_file_name(char *buf, size_t size) | |||
| 225 | s=getenv("RANDFILE"); | 225 | s=getenv("RANDFILE"); |
| 226 | if (s != NULL && *s && strlen(s) + 1 < size) | 226 | if (s != NULL && *s && strlen(s) + 1 < size) |
| 227 | { | 227 | { |
| 228 | strlcpy(buf,s,size); | 228 | if (strlcpy(buf,s,size) >= size) |
| 229 | ok = 1; | 229 | return NULL; |
| 230 | } | 230 | } |
| 231 | else | 231 | else |
| 232 | { | 232 | { |
diff --git a/src/lib/libssl/src/crypto/rand/randtest.c b/src/lib/libssl/src/crypto/rand/randtest.c index b64de616db..701932e6ee 100644 --- a/src/lib/libssl/src/crypto/rand/randtest.c +++ b/src/lib/libssl/src/crypto/rand/randtest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <openssl/rand.h> | 61 | #include <openssl/rand.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | /* some FIPS 140-1 random number test */ | 65 | /* some FIPS 140-1 random number test */ |
| 64 | /* some simple tests */ | 66 | /* some simple tests */ |
| 65 | 67 | ||
| @@ -209,6 +211,6 @@ int main() | |||
| 209 | printf("test 4 done\n"); | 211 | printf("test 4 done\n"); |
| 210 | err: | 212 | err: |
| 211 | err=((err)?1:0); | 213 | err=((err)?1:0); |
| 212 | exit(err); | 214 | EXIT(err); |
| 213 | return(err); | 215 | return(err); |
| 214 | } | 216 | } |
diff --git a/src/lib/libssl/src/crypto/rc2/Makefile.ssl b/src/lib/libssl/src/crypto/rc2/Makefile.ssl index 88e41bb98e..98d5960d5d 100644 --- a/src/lib/libssl/src/crypto/rc2/Makefile.ssl +++ b/src/lib/libssl/src/crypto/rc2/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/rc2/rc2test.c b/src/lib/libssl/src/crypto/rc2/rc2test.c index d9a2a0a1cb..b67bafb49f 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2test.c +++ b/src/lib/libssl/src/crypto/rc2/rc2test.c | |||
| @@ -63,6 +63,8 @@ | |||
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | #include <stdlib.h> | 64 | #include <stdlib.h> |
| 65 | 65 | ||
| 66 | #include "../e_os.h" | ||
| 67 | |||
| 66 | #ifdef OPENSSL_NO_RC2 | 68 | #ifdef OPENSSL_NO_RC2 |
| 67 | int main(int argc, char *argv[]) | 69 | int main(int argc, char *argv[]) |
| 68 | { | 70 | { |
| @@ -203,7 +205,7 @@ int main(int argc, char *argv[]) | |||
| 203 | printf("ok\n"); | 205 | printf("ok\n"); |
| 204 | #endif | 206 | #endif |
| 205 | 207 | ||
| 206 | exit(err); | 208 | EXIT(err); |
| 207 | return(err); | 209 | return(err); |
| 208 | } | 210 | } |
| 209 | 211 | ||
diff --git a/src/lib/libssl/src/crypto/rc4/Makefile.ssl b/src/lib/libssl/src/crypto/rc4/Makefile.ssl index 6e5bbf9894..9f9e16068f 100644 --- a/src/lib/libssl/src/crypto/rc4/Makefile.ssl +++ b/src/lib/libssl/src/crypto/rc4/Makefile.ssl | |||
| @@ -52,14 +52,8 @@ lib: $(LIBOBJ) | |||
| 52 | @touch lib | 52 | @touch lib |
| 53 | 53 | ||
| 54 | # elf | 54 | # elf |
| 55 | asm/rx86-elf.o: asm/rx86unix.cpp | 55 | asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl |
| 56 | $(CPP) -DELF -x c asm/rx86unix.cpp | as -o asm/rx86-elf.o | 56 | (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s) |
| 57 | |||
| 58 | # solaris | ||
| 59 | asm/rx86-sol.o: asm/rx86unix.cpp | ||
| 60 | $(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s | ||
| 61 | as -o asm/rx86-sol.o asm/rx86-sol.s | ||
| 62 | rm -f asm/rx86-sol.s | ||
| 63 | 57 | ||
| 64 | # a.out | 58 | # a.out |
| 65 | asm/rx86-out.o: asm/rx86unix.cpp | 59 | asm/rx86-out.o: asm/rx86unix.cpp |
| @@ -97,14 +91,14 @@ lint: | |||
| 97 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 91 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 98 | 92 | ||
| 99 | depend: | 93 | depend: |
| 100 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 94 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 101 | 95 | ||
| 102 | dclean: | 96 | dclean: |
| 103 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 97 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 104 | mv -f Makefile.new $(MAKEFILE) | 98 | mv -f Makefile.new $(MAKEFILE) |
| 105 | 99 | ||
| 106 | clean: | 100 | clean: |
| 107 | rm -f asm/rx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o | 101 | rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o |
| 108 | 102 | ||
| 109 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 103 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 110 | 104 | ||
diff --git a/src/lib/libssl/src/crypto/rc4/rc4.c b/src/lib/libssl/src/crypto/rc4/rc4.c index c2165b0b75..b39c070292 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4.c +++ b/src/lib/libssl/src/crypto/rc4/rc4.c | |||
| @@ -155,7 +155,7 @@ bad: | |||
| 155 | i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0); | 155 | i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0); |
| 156 | if (i != 0) | 156 | if (i != 0) |
| 157 | { | 157 | { |
| 158 | memset(buf,0,BUFSIZ); | 158 | OPENSSL_cleanse(buf,BUFSIZ); |
| 159 | fprintf(stderr,"bad password read\n"); | 159 | fprintf(stderr,"bad password read\n"); |
| 160 | exit(1); | 160 | exit(1); |
| 161 | } | 161 | } |
| @@ -163,7 +163,7 @@ bad: | |||
| 163 | } | 163 | } |
| 164 | 164 | ||
| 165 | EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); | 165 | EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); |
| 166 | memset(keystr,0,strlen(keystr)); | 166 | OPENSSL_cleanse(keystr,strlen(keystr)); |
| 167 | RC4_set_key(&key,MD5_DIGEST_LENGTH,md); | 167 | RC4_set_key(&key,MD5_DIGEST_LENGTH,md); |
| 168 | 168 | ||
| 169 | for(;;) | 169 | for(;;) |
diff --git a/src/lib/libssl/src/crypto/rc4/rc4test.c b/src/lib/libssl/src/crypto/rc4/rc4test.c index a28d457c8d..b9d8f20975 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4test.c +++ b/src/lib/libssl/src/crypto/rc4/rc4test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_RC4 | 65 | #ifdef OPENSSL_NO_RC4 |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -195,7 +197,7 @@ int main(int argc, char *argv[]) | |||
| 195 | } | 197 | } |
| 196 | } | 198 | } |
| 197 | printf("done\n"); | 199 | printf("done\n"); |
| 198 | exit(err); | 200 | EXIT(err); |
| 199 | return(0); | 201 | return(0); |
| 200 | } | 202 | } |
| 201 | #endif | 203 | #endif |
diff --git a/src/lib/libssl/src/crypto/rc5/Makefile.ssl b/src/lib/libssl/src/crypto/rc5/Makefile.ssl index ff31ab47a9..a86f202f7b 100644 --- a/src/lib/libssl/src/crypto/rc5/Makefile.ssl +++ b/src/lib/libssl/src/crypto/rc5/Makefile.ssl | |||
| @@ -49,14 +49,8 @@ lib: $(LIBOBJ) | |||
| 49 | @touch lib | 49 | @touch lib |
| 50 | 50 | ||
| 51 | # elf | 51 | # elf |
| 52 | asm/r586-elf.o: asm/r586unix.cpp | 52 | asm/r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl |
| 53 | $(CPP) -DELF -x c asm/r586unix.cpp | as -o asm/r586-elf.o | 53 | (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > r586-elf.s) |
| 54 | |||
| 55 | # solaris | ||
| 56 | asm/r586-sol.o: asm/r586unix.cpp | ||
| 57 | $(CC) -E -DSOL asm/r586unix.cpp | sed 's/^#.*//' > asm/r586-sol.s | ||
| 58 | as -o asm/r586-sol.o asm/r586-sol.s | ||
| 59 | rm -f asm/r586-sol.s | ||
| 60 | 54 | ||
| 61 | # a.out | 55 | # a.out |
| 62 | asm/r586-out.o: asm/r586unix.cpp | 56 | asm/r586-out.o: asm/r586unix.cpp |
| @@ -94,14 +88,14 @@ lint: | |||
| 94 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 88 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 95 | 89 | ||
| 96 | depend: | 90 | depend: |
| 97 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 91 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 98 | 92 | ||
| 99 | dclean: | 93 | dclean: |
| 100 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 94 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 101 | mv -f Makefile.new $(MAKEFILE) | 95 | mv -f Makefile.new $(MAKEFILE) |
| 102 | 96 | ||
| 103 | clean: | 97 | clean: |
| 104 | rm -f asm/r586unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 98 | rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 105 | 99 | ||
| 106 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 100 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 107 | 101 | ||
diff --git a/src/lib/libssl/src/crypto/ripemd/Makefile.ssl b/src/lib/libssl/src/crypto/ripemd/Makefile.ssl index 7ab5d2fc9e..d85515353b 100644 --- a/src/lib/libssl/src/crypto/ripemd/Makefile.ssl +++ b/src/lib/libssl/src/crypto/ripemd/Makefile.ssl | |||
| @@ -47,14 +47,8 @@ lib: $(LIBOBJ) | |||
| 47 | @touch lib | 47 | @touch lib |
| 48 | 48 | ||
| 49 | # elf | 49 | # elf |
| 50 | asm/rm86-elf.o: asm/rm86unix.cpp | 50 | asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl |
| 51 | $(CPP) -DELF -x c asm/rm86unix.cpp | as -o asm/rm86-elf.o | 51 | (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s) |
| 52 | |||
| 53 | # solaris | ||
| 54 | asm/rm86-sol.o: asm/rm86unix.cpp | ||
| 55 | $(CC) -E -DSOL asm/rm86unix.cpp | sed 's/^#.*//' > asm/rm86-sol.s | ||
| 56 | as -o asm/rm86-sol.o asm/rm86-sol.s | ||
| 57 | rm -f asm/rm86-sol.s | ||
| 58 | 52 | ||
| 59 | # a.out | 53 | # a.out |
| 60 | asm/rm86-out.o: asm/rm86unix.cpp | 54 | asm/rm86-out.o: asm/rm86unix.cpp |
| @@ -92,19 +86,22 @@ lint: | |||
| 92 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 86 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 93 | 87 | ||
| 94 | depend: | 88 | depend: |
| 95 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 89 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 96 | 90 | ||
| 97 | dclean: | 91 | dclean: |
| 98 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 92 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 99 | mv -f Makefile.new $(MAKEFILE) | 93 | mv -f Makefile.new $(MAKEFILE) |
| 100 | 94 | ||
| 101 | clean: | 95 | clean: |
| 102 | rm -f asm/rm86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 96 | rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 103 | 97 | ||
| 104 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 98 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 105 | 99 | ||
| 106 | rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 100 | rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 107 | rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h | 101 | rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h |
| 108 | rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h | 102 | rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h |
| 109 | rmd_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 103 | rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 110 | rmd_one.o: ../../include/openssl/ripemd.h rmd_one.c | 104 | rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 105 | rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h | ||
| 106 | rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 107 | rmd_one.o: rmd_one.c | ||
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd160.c b/src/lib/libssl/src/crypto/ripemd/rmd160.c index 4f8b88a18a..b0ec574498 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd160.c +++ b/src/lib/libssl/src/crypto/ripemd/rmd160.c | |||
| @@ -64,7 +64,7 @@ | |||
| 64 | 64 | ||
| 65 | void do_fp(FILE *f); | 65 | void do_fp(FILE *f); |
| 66 | void pt(unsigned char *md); | 66 | void pt(unsigned char *md); |
| 67 | #ifndef _OSD_POSIX | 67 | #if !defined(_OSD_POSIX) && !defined(__DJGPP__) |
| 68 | int read(int, void *, unsigned int); | 68 | int read(int, void *, unsigned int); |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c index a3170f7c8a..f351f00eea 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c +++ b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c | |||
| @@ -90,8 +90,8 @@ int RIPEMD160_Init(RIPEMD160_CTX *c) | |||
| 90 | void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) | 90 | void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) |
| 91 | { | 91 | { |
| 92 | const RIPEMD160_LONG *XX=p; | 92 | const RIPEMD160_LONG *XX=p; |
| 93 | register unsigned long A,B,C,D,E; | 93 | register unsigned MD32_REG_T A,B,C,D,E; |
| 94 | register unsigned long a,b,c,d,e; | 94 | register unsigned MD32_REG_T a,b,c,d,e; |
| 95 | 95 | ||
| 96 | for (;num--;XX+=HASH_LBLOCK) | 96 | for (;num--;XX+=HASH_LBLOCK) |
| 97 | { | 97 | { |
| @@ -290,12 +290,12 @@ void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) | |||
| 290 | void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) | 290 | void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) |
| 291 | { | 291 | { |
| 292 | const unsigned char *data=p; | 292 | const unsigned char *data=p; |
| 293 | register unsigned long A,B,C,D,E; | 293 | register unsigned MD32_REG_T A,B,C,D,E; |
| 294 | unsigned long a,b,c,d,e,l; | 294 | unsigned MD32_REG_T a,b,c,d,e,l; |
| 295 | #ifndef MD32_XARRAY | 295 | #ifndef MD32_XARRAY |
| 296 | /* See comment in crypto/sha/sha_locl.h for details. */ | 296 | /* See comment in crypto/sha/sha_locl.h for details. */ |
| 297 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 297 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 298 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 298 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 299 | # define X(i) XX##i | 299 | # define X(i) XX##i |
| 300 | #else | 300 | #else |
| 301 | RIPEMD160_LONG XX[16]; | 301 | RIPEMD160_LONG XX[16]; |
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_one.c b/src/lib/libssl/src/crypto/ripemd/rmd_one.c index efdf2dd6ef..f8b580c33a 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_one.c +++ b/src/lib/libssl/src/crypto/ripemd/rmd_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/ripemd.h> | 61 | #include <openssl/ripemd.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, | 64 | unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, |
| 64 | unsigned char *md) | 65 | unsigned char *md) |
| @@ -70,7 +71,7 @@ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, | |||
| 70 | RIPEMD160_Init(&c); | 71 | RIPEMD160_Init(&c); |
| 71 | RIPEMD160_Update(&c,d,n); | 72 | RIPEMD160_Update(&c,d,n); |
| 72 | RIPEMD160_Final(md,&c); | 73 | RIPEMD160_Final(md,&c); |
| 73 | memset(&c,0,sizeof(c)); /* security consideration */ | 74 | OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ |
| 74 | return(md); | 75 | return(md); |
| 75 | } | 76 | } |
| 76 | 77 | ||
diff --git a/src/lib/libssl/src/crypto/ripemd/rmdtest.c b/src/lib/libssl/src/crypto/ripemd/rmdtest.c index be1fb8b1f6..d4c709e646 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmdtest.c +++ b/src/lib/libssl/src/crypto/ripemd/rmdtest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_RIPEMD | 65 | #ifdef OPENSSL_NO_RIPEMD |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -127,7 +129,7 @@ int main(int argc, char *argv[]) | |||
| 127 | R++; | 129 | R++; |
| 128 | P++; | 130 | P++; |
| 129 | } | 131 | } |
| 130 | exit(err); | 132 | EXIT(err); |
| 131 | return(0); | 133 | return(0); |
| 132 | } | 134 | } |
| 133 | 135 | ||
diff --git a/src/lib/libssl/src/crypto/rsa/Makefile.ssl b/src/lib/libssl/src/crypto/rsa/Makefile.ssl index 8c44b7f142..8089344a04 100644 --- a/src/lib/libssl/src/crypto/rsa/Makefile.ssl +++ b/src/lib/libssl/src/crypto/rsa/Makefile.ssl | |||
| @@ -72,7 +72,7 @@ lint: | |||
| 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 73 | 73 | ||
| 74 | depend: | 74 | depend: |
| 75 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 75 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 76 | 76 | ||
| 77 | dclean: | 77 | dclean: |
| 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -104,14 +104,12 @@ rsa_chk.o: rsa_chk.c | |||
| 104 | rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h | 104 | rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h |
| 105 | rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 105 | rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 106 | rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 106 | rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 107 | rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 107 | rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 108 | rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 108 | rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 109 | rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 109 | rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 110 | rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 110 | rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 111 | rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 111 | rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 112 | rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 112 | rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c |
| 113 | rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 114 | rsa_eay.o: ../../include/openssl/ui.h ../cryptlib.h rsa_eay.c | ||
| 115 | rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 113 | rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 116 | rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | 114 | rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 117 | rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 115 | rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| @@ -217,21 +215,21 @@ rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h | |||
| 217 | rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 215 | rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 218 | rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | 216 | rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h |
| 219 | rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 217 | rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 220 | rsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 218 | rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 221 | rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h | 219 | rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 222 | rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | 220 | rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h |
| 223 | rsa_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | 221 | rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h |
| 224 | rsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | 222 | rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 225 | rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 223 | rsa_sign.o: ../../include/openssl/opensslconf.h |
| 226 | rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 224 | rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 227 | rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 225 | rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h |
| 228 | rsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | 226 | rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h |
| 229 | rsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | 227 | rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h |
| 230 | rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 228 | rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 231 | rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 229 | rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 232 | rsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 230 | rsa_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 233 | rsa_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h | 231 | rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 234 | rsa_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_sign.c | 232 | rsa_sign.o: ../cryptlib.h rsa_sign.c |
| 235 | rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h | 233 | rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h |
| 236 | rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 234 | rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 237 | rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 235 | rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h index 98b3bd7cc5..e26a68b482 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa.h +++ b/src/lib/libssl/src/crypto/rsa/rsa.h | |||
| @@ -158,6 +158,11 @@ struct rsa_st | |||
| 158 | #define RSA_FLAG_CACHE_PUBLIC 0x02 | 158 | #define RSA_FLAG_CACHE_PUBLIC 0x02 |
| 159 | #define RSA_FLAG_CACHE_PRIVATE 0x04 | 159 | #define RSA_FLAG_CACHE_PRIVATE 0x04 |
| 160 | #define RSA_FLAG_BLINDING 0x08 | 160 | #define RSA_FLAG_BLINDING 0x08 |
| 161 | #define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in | ||
| 162 | * RSA implementation now uses blinding by | ||
| 163 | * default (ignoring RSA_FLAG_BLINDING), | ||
| 164 | * but other engines might not need it | ||
| 165 | */ | ||
| 161 | #define RSA_FLAG_THREAD_SAFE 0x10 | 166 | #define RSA_FLAG_THREAD_SAFE 0x10 |
| 162 | /* This flag means the private key operations will be handled by rsa_mod_exp | 167 | /* This flag means the private key operations will be handled by rsa_mod_exp |
| 163 | * and that they do not depend on the private key components being present: | 168 | * and that they do not depend on the private key components being present: |
| @@ -170,11 +175,15 @@ struct rsa_st | |||
| 170 | */ | 175 | */ |
| 171 | #define RSA_FLAG_SIGN_VER 0x40 | 176 | #define RSA_FLAG_SIGN_VER 0x40 |
| 172 | 177 | ||
| 178 | #define RSA_FLAG_NO_BLINDING 0x80 | ||
| 179 | |||
| 173 | #define RSA_PKCS1_PADDING 1 | 180 | #define RSA_PKCS1_PADDING 1 |
| 174 | #define RSA_SSLV23_PADDING 2 | 181 | #define RSA_SSLV23_PADDING 2 |
| 175 | #define RSA_NO_PADDING 3 | 182 | #define RSA_NO_PADDING 3 |
| 176 | #define RSA_PKCS1_OAEP_PADDING 4 | 183 | #define RSA_PKCS1_OAEP_PADDING 4 |
| 177 | 184 | ||
| 185 | #define RSA_PKCS1_PADDING_SIZE 11 | ||
| 186 | |||
| 178 | #define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) | 187 | #define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) |
| 179 | #define RSA_get_app_data(s) RSA_get_ex_data(s,0) | 188 | #define RSA_get_app_data(s) RSA_get_ex_data(s,0) |
| 180 | 189 | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c index a3f549d8e6..027b4dc754 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c | |||
| @@ -61,7 +61,6 @@ | |||
| 61 | #include <openssl/bn.h> | 61 | #include <openssl/bn.h> |
| 62 | #include <openssl/rsa.h> | 62 | #include <openssl/rsa.h> |
| 63 | #include <openssl/rand.h> | 63 | #include <openssl/rand.h> |
| 64 | #include <openssl/engine.h> | ||
| 65 | 64 | ||
| 66 | #ifndef RSA_NULL | 65 | #ifndef RSA_NULL |
| 67 | 66 | ||
| @@ -187,7 +186,7 @@ err: | |||
| 187 | BN_clear_free(&ret); | 186 | BN_clear_free(&ret); |
| 188 | if (buf != NULL) | 187 | if (buf != NULL) |
| 189 | { | 188 | { |
| 190 | memset(buf,0,num); | 189 | OPENSSL_cleanse(buf,num); |
| 191 | OPENSSL_free(buf); | 190 | OPENSSL_free(buf); |
| 192 | } | 191 | } |
| 193 | return(r); | 192 | return(r); |
| @@ -206,12 +205,46 @@ static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) | |||
| 206 | 205 | ||
| 207 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ | 206 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ |
| 208 | do { \ | 207 | do { \ |
| 209 | if(((rsa)->flags & RSA_FLAG_BLINDING) && \ | 208 | if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ |
| 210 | ((rsa)->blinding == NULL) && \ | 209 | ((rsa)->blinding == NULL) && \ |
| 211 | !rsa_eay_blinding(rsa, ctx)) \ | 210 | !rsa_eay_blinding(rsa, ctx)) \ |
| 212 | err_instr \ | 211 | err_instr \ |
| 213 | } while(0) | 212 | } while(0) |
| 214 | 213 | ||
| 214 | static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) | ||
| 215 | { | ||
| 216 | BIGNUM *A, *Ai; | ||
| 217 | BN_BLINDING *ret = NULL; | ||
| 218 | |||
| 219 | /* added in OpenSSL 0.9.6j and 0.9.7b */ | ||
| 220 | |||
| 221 | /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); | ||
| 222 | * this should be placed in a new function of its own, but for reasons | ||
| 223 | * of binary compatibility can't */ | ||
| 224 | |||
| 225 | BN_CTX_start(ctx); | ||
| 226 | A = BN_CTX_get(ctx); | ||
| 227 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
| 228 | { | ||
| 229 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | ||
| 230 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | ||
| 231 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | ||
| 232 | } | ||
| 233 | else | ||
| 234 | { | ||
| 235 | if (!BN_rand_range(A,rsa->n)) goto err; | ||
| 236 | } | ||
| 237 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | ||
| 238 | |||
| 239 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | ||
| 240 | goto err; | ||
| 241 | ret = BN_BLINDING_new(A,Ai,rsa->n); | ||
| 242 | BN_free(Ai); | ||
| 243 | err: | ||
| 244 | BN_CTX_end(ctx); | ||
| 245 | return ret; | ||
| 246 | } | ||
| 247 | |||
| 215 | /* signing */ | 248 | /* signing */ |
| 216 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | 249 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, |
| 217 | unsigned char *to, RSA *rsa, int padding) | 250 | unsigned char *to, RSA *rsa, int padding) |
| @@ -220,6 +253,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 220 | int i,j,k,num=0,r= -1; | 253 | int i,j,k,num=0,r= -1; |
| 221 | unsigned char *buf=NULL; | 254 | unsigned char *buf=NULL; |
| 222 | BN_CTX *ctx=NULL; | 255 | BN_CTX *ctx=NULL; |
| 256 | int local_blinding = 0; | ||
| 257 | BN_BLINDING *blinding = NULL; | ||
| 223 | 258 | ||
| 224 | BN_init(&f); | 259 | BN_init(&f); |
| 225 | BN_init(&ret); | 260 | BN_init(&ret); |
| @@ -257,9 +292,38 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 257 | } | 292 | } |
| 258 | 293 | ||
| 259 | BLINDING_HELPER(rsa, ctx, goto err;); | 294 | BLINDING_HELPER(rsa, ctx, goto err;); |
| 295 | blinding = rsa->blinding; | ||
| 296 | |||
| 297 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 298 | * But the BN_BLINDING object may be owned by some other thread | ||
| 299 | * (we don't want to keep it constant and we don't want to use | ||
| 300 | * lots of locking to avoid race conditions, so only a single | ||
| 301 | * thread can use it; other threads have to use local blinding | ||
| 302 | * factors) */ | ||
| 303 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | ||
| 304 | { | ||
| 305 | if (blinding == NULL) | ||
| 306 | { | ||
| 307 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); | ||
| 308 | goto err; | ||
| 309 | } | ||
| 310 | } | ||
| 311 | |||
| 312 | if (blinding != NULL) | ||
| 313 | { | ||
| 314 | if (blinding->thread_id != CRYPTO_thread_id()) | ||
| 315 | { | ||
| 316 | /* we need a local one-time blinding factor */ | ||
| 317 | |||
| 318 | blinding = setup_blinding(rsa, ctx); | ||
| 319 | if (blinding == NULL) | ||
| 320 | goto err; | ||
| 321 | local_blinding = 1; | ||
| 322 | } | ||
| 323 | } | ||
| 260 | 324 | ||
| 261 | if (rsa->flags & RSA_FLAG_BLINDING) | 325 | if (blinding) |
| 262 | if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; | 326 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; |
| 263 | 327 | ||
| 264 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 328 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| 265 | ((rsa->p != NULL) && | 329 | ((rsa->p != NULL) && |
| @@ -273,8 +337,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 273 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; | 337 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; |
| 274 | } | 338 | } |
| 275 | 339 | ||
| 276 | if (rsa->flags & RSA_FLAG_BLINDING) | 340 | if (blinding) |
| 277 | if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; | 341 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; |
| 278 | 342 | ||
| 279 | /* put in leading 0 bytes if the number is less than the | 343 | /* put in leading 0 bytes if the number is less than the |
| 280 | * length of the modulus */ | 344 | * length of the modulus */ |
| @@ -288,9 +352,11 @@ err: | |||
| 288 | if (ctx != NULL) BN_CTX_free(ctx); | 352 | if (ctx != NULL) BN_CTX_free(ctx); |
| 289 | BN_clear_free(&ret); | 353 | BN_clear_free(&ret); |
| 290 | BN_clear_free(&f); | 354 | BN_clear_free(&f); |
| 355 | if (local_blinding) | ||
| 356 | BN_BLINDING_free(blinding); | ||
| 291 | if (buf != NULL) | 357 | if (buf != NULL) |
| 292 | { | 358 | { |
| 293 | memset(buf,0,num); | 359 | OPENSSL_cleanse(buf,num); |
| 294 | OPENSSL_free(buf); | 360 | OPENSSL_free(buf); |
| 295 | } | 361 | } |
| 296 | return(r); | 362 | return(r); |
| @@ -304,6 +370,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 304 | unsigned char *p; | 370 | unsigned char *p; |
| 305 | unsigned char *buf=NULL; | 371 | unsigned char *buf=NULL; |
| 306 | BN_CTX *ctx=NULL; | 372 | BN_CTX *ctx=NULL; |
| 373 | int local_blinding = 0; | ||
| 374 | BN_BLINDING *blinding = NULL; | ||
| 307 | 375 | ||
| 308 | BN_init(&f); | 376 | BN_init(&f); |
| 309 | BN_init(&ret); | 377 | BN_init(&ret); |
| @@ -336,9 +404,38 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 336 | } | 404 | } |
| 337 | 405 | ||
| 338 | BLINDING_HELPER(rsa, ctx, goto err;); | 406 | BLINDING_HELPER(rsa, ctx, goto err;); |
| 407 | blinding = rsa->blinding; | ||
| 408 | |||
| 409 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 410 | * But the BN_BLINDING object may be owned by some other thread | ||
| 411 | * (we don't want to keep it constant and we don't want to use | ||
| 412 | * lots of locking to avoid race conditions, so only a single | ||
| 413 | * thread can use it; other threads have to use local blinding | ||
| 414 | * factors) */ | ||
| 415 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | ||
| 416 | { | ||
| 417 | if (blinding == NULL) | ||
| 418 | { | ||
| 419 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); | ||
| 420 | goto err; | ||
| 421 | } | ||
| 422 | } | ||
| 423 | |||
| 424 | if (blinding != NULL) | ||
| 425 | { | ||
| 426 | if (blinding->thread_id != CRYPTO_thread_id()) | ||
| 427 | { | ||
| 428 | /* we need a local one-time blinding factor */ | ||
| 429 | |||
| 430 | blinding = setup_blinding(rsa, ctx); | ||
| 431 | if (blinding == NULL) | ||
| 432 | goto err; | ||
| 433 | local_blinding = 1; | ||
| 434 | } | ||
| 435 | } | ||
| 339 | 436 | ||
| 340 | if (rsa->flags & RSA_FLAG_BLINDING) | 437 | if (blinding) |
| 341 | if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; | 438 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; |
| 342 | 439 | ||
| 343 | /* do the decrypt */ | 440 | /* do the decrypt */ |
| 344 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 441 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| @@ -354,8 +451,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 354 | goto err; | 451 | goto err; |
| 355 | } | 452 | } |
| 356 | 453 | ||
| 357 | if (rsa->flags & RSA_FLAG_BLINDING) | 454 | if (blinding) |
| 358 | if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; | 455 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; |
| 359 | 456 | ||
| 360 | p=buf; | 457 | p=buf; |
| 361 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ | 458 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ |
| @@ -389,7 +486,7 @@ err: | |||
| 389 | BN_clear_free(&ret); | 486 | BN_clear_free(&ret); |
| 390 | if (buf != NULL) | 487 | if (buf != NULL) |
| 391 | { | 488 | { |
| 392 | memset(buf,0,num); | 489 | OPENSSL_cleanse(buf,num); |
| 393 | OPENSSL_free(buf); | 490 | OPENSSL_free(buf); |
| 394 | } | 491 | } |
| 395 | return(r); | 492 | return(r); |
| @@ -486,7 +583,7 @@ err: | |||
| 486 | BN_clear_free(&ret); | 583 | BN_clear_free(&ret); |
| 487 | if (buf != NULL) | 584 | if (buf != NULL) |
| 488 | { | 585 | { |
| 489 | memset(buf,0,num); | 586 | OPENSSL_cleanse(buf,num); |
| 490 | OPENSSL_free(buf); | 587 | OPENSSL_free(buf); |
| 491 | } | 588 | } |
| 492 | return(r); | 589 | return(r); |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c index 37fff8bce3..53c5092014 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_lib.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c | |||
| @@ -62,7 +62,10 @@ | |||
| 62 | #include <openssl/lhash.h> | 62 | #include <openssl/lhash.h> |
| 63 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 64 | #include <openssl/rsa.h> | 64 | #include <openssl/rsa.h> |
| 65 | #include <openssl/rand.h> | ||
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 65 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | ||
| 66 | 69 | ||
| 67 | const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; | 70 | const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; |
| 68 | 71 | ||
| @@ -72,10 +75,6 @@ RSA *RSA_new(void) | |||
| 72 | { | 75 | { |
| 73 | RSA *r=RSA_new_method(NULL); | 76 | RSA *r=RSA_new_method(NULL); |
| 74 | 77 | ||
| 75 | #ifndef OPENSSL_NO_FORCE_RSA_BLINDING | ||
| 76 | r->flags|=RSA_FLAG_BLINDING; | ||
| 77 | #endif | ||
| 78 | |||
| 79 | return r; | 78 | return r; |
| 80 | } | 79 | } |
| 81 | 80 | ||
| @@ -114,11 +113,13 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) | |||
| 114 | const RSA_METHOD *mtmp; | 113 | const RSA_METHOD *mtmp; |
| 115 | mtmp = rsa->meth; | 114 | mtmp = rsa->meth; |
| 116 | if (mtmp->finish) mtmp->finish(rsa); | 115 | if (mtmp->finish) mtmp->finish(rsa); |
| 116 | #ifndef OPENSSL_NO_ENGINE | ||
| 117 | if (rsa->engine) | 117 | if (rsa->engine) |
| 118 | { | 118 | { |
| 119 | ENGINE_finish(rsa->engine); | 119 | ENGINE_finish(rsa->engine); |
| 120 | rsa->engine = NULL; | 120 | rsa->engine = NULL; |
| 121 | } | 121 | } |
| 122 | #endif | ||
| 122 | rsa->meth = meth; | 123 | rsa->meth = meth; |
| 123 | if (meth->init) meth->init(rsa); | 124 | if (meth->init) meth->init(rsa); |
| 124 | return 1; | 125 | return 1; |
| @@ -136,6 +137,7 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 136 | } | 137 | } |
| 137 | 138 | ||
| 138 | ret->meth = RSA_get_default_method(); | 139 | ret->meth = RSA_get_default_method(); |
| 140 | #ifndef OPENSSL_NO_ENGINE | ||
| 139 | if (engine) | 141 | if (engine) |
| 140 | { | 142 | { |
| 141 | if (!ENGINE_init(engine)) | 143 | if (!ENGINE_init(engine)) |
| @@ -160,6 +162,7 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 160 | return NULL; | 162 | return NULL; |
| 161 | } | 163 | } |
| 162 | } | 164 | } |
| 165 | #endif | ||
| 163 | 166 | ||
| 164 | ret->pad=0; | 167 | ret->pad=0; |
| 165 | ret->version=0; | 168 | ret->version=0; |
| @@ -181,8 +184,10 @@ RSA *RSA_new_method(ENGINE *engine) | |||
| 181 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | 184 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); |
| 182 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 185 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 183 | { | 186 | { |
| 187 | #ifndef OPENSSL_NO_ENGINE | ||
| 184 | if (ret->engine) | 188 | if (ret->engine) |
| 185 | ENGINE_finish(ret->engine); | 189 | ENGINE_finish(ret->engine); |
| 190 | #endif | ||
| 186 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | 191 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); |
| 187 | OPENSSL_free(ret); | 192 | OPENSSL_free(ret); |
| 188 | ret=NULL; | 193 | ret=NULL; |
| @@ -211,8 +216,10 @@ void RSA_free(RSA *r) | |||
| 211 | 216 | ||
| 212 | if (r->meth->finish) | 217 | if (r->meth->finish) |
| 213 | r->meth->finish(r); | 218 | r->meth->finish(r); |
| 219 | #ifndef OPENSSL_NO_ENGINE | ||
| 214 | if (r->engine) | 220 | if (r->engine) |
| 215 | ENGINE_finish(r->engine); | 221 | ENGINE_finish(r->engine); |
| 222 | #endif | ||
| 216 | 223 | ||
| 217 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); | 224 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); |
| 218 | 225 | ||
| @@ -303,7 +310,8 @@ void RSA_blinding_off(RSA *rsa) | |||
| 303 | BN_BLINDING_free(rsa->blinding); | 310 | BN_BLINDING_free(rsa->blinding); |
| 304 | rsa->blinding=NULL; | 311 | rsa->blinding=NULL; |
| 305 | } | 312 | } |
| 306 | rsa->flags&= ~RSA_FLAG_BLINDING; | 313 | rsa->flags &= ~RSA_FLAG_BLINDING; |
| 314 | rsa->flags |= RSA_FLAG_NO_BLINDING; | ||
| 307 | } | 315 | } |
| 308 | 316 | ||
| 309 | int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) | 317 | int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) |
| @@ -322,15 +330,32 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) | |||
| 322 | if (rsa->blinding != NULL) | 330 | if (rsa->blinding != NULL) |
| 323 | BN_BLINDING_free(rsa->blinding); | 331 | BN_BLINDING_free(rsa->blinding); |
| 324 | 332 | ||
| 333 | /* NB: similar code appears in setup_blinding (rsa_eay.c); | ||
| 334 | * this should be placed in a new function of its own, but for reasons | ||
| 335 | * of binary compatibility can't */ | ||
| 336 | |||
| 325 | BN_CTX_start(ctx); | 337 | BN_CTX_start(ctx); |
| 326 | A = BN_CTX_get(ctx); | 338 | A = BN_CTX_get(ctx); |
| 327 | if (!BN_rand_range(A,rsa->n)) goto err; | 339 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) |
| 340 | { | ||
| 341 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | ||
| 342 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | ||
| 343 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | ||
| 344 | } | ||
| 345 | else | ||
| 346 | { | ||
| 347 | if (!BN_rand_range(A,rsa->n)) goto err; | ||
| 348 | } | ||
| 328 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | 349 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; |
| 329 | 350 | ||
| 330 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | 351 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) |
| 331 | goto err; | 352 | goto err; |
| 332 | rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); | 353 | if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err; |
| 333 | rsa->flags|=RSA_FLAG_BLINDING; | 354 | /* to make things thread-safe without excessive locking, |
| 355 | * rsa->blinding will be used just by the current thread: */ | ||
| 356 | rsa->blinding->thread_id = CRYPTO_thread_id(); | ||
| 357 | rsa->flags |= RSA_FLAG_BLINDING; | ||
| 358 | rsa->flags &= ~RSA_FLAG_NO_BLINDING; | ||
| 334 | BN_free(Ai); | 359 | BN_free(Ai); |
| 335 | ret=1; | 360 | ret=1; |
| 336 | err: | 361 | err: |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_pk1.c b/src/lib/libssl/src/crypto/rsa/rsa_pk1.c index c1edd6764f..8560755f1d 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_pk1.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_pk1.c | |||
| @@ -68,7 +68,7 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, | |||
| 68 | int j; | 68 | int j; |
| 69 | unsigned char *p; | 69 | unsigned char *p; |
| 70 | 70 | ||
| 71 | if (flen > (tlen-11)) | 71 | if (flen > (tlen-RSA_PKCS1_PADDING_SIZE)) |
| 72 | { | 72 | { |
| 73 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | 73 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); |
| 74 | return(0); | 74 | return(0); |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_saos.c b/src/lib/libssl/src/crypto/rsa/rsa_saos.c index 85adacc08f..f462716a57 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_saos.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_saos.c | |||
| @@ -77,7 +77,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, | |||
| 77 | 77 | ||
| 78 | i=i2d_ASN1_OCTET_STRING(&sig,NULL); | 78 | i=i2d_ASN1_OCTET_STRING(&sig,NULL); |
| 79 | j=RSA_size(rsa); | 79 | j=RSA_size(rsa); |
| 80 | if ((i-RSA_PKCS1_PADDING) > j) | 80 | if (i > (j-RSA_PKCS1_PADDING_SIZE)) |
| 81 | { | 81 | { |
| 82 | RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | 82 | RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); |
| 83 | return(0); | 83 | return(0); |
| @@ -96,7 +96,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, | |||
| 96 | else | 96 | else |
| 97 | *siglen=i; | 97 | *siglen=i; |
| 98 | 98 | ||
| 99 | memset(s,0,(unsigned int)j+1); | 99 | OPENSSL_cleanse(s,(unsigned int)j+1); |
| 100 | OPENSSL_free(s); | 100 | OPENSSL_free(s); |
| 101 | return(ret); | 101 | return(ret); |
| 102 | } | 102 | } |
| @@ -139,7 +139,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, | |||
| 139 | ret=1; | 139 | ret=1; |
| 140 | err: | 140 | err: |
| 141 | if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); | 141 | if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); |
| 142 | memset(s,0,(unsigned int)siglen); | 142 | OPENSSL_cleanse(s,(unsigned int)siglen); |
| 143 | OPENSSL_free(s); | 143 | OPENSSL_free(s); |
| 144 | return(ret); | 144 | return(ret); |
| 145 | } | 145 | } |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_sign.c b/src/lib/libssl/src/crypto/rsa/rsa_sign.c index 2a440901de..8a1e642183 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_sign.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_sign.c | |||
| @@ -62,7 +62,6 @@ | |||
| 62 | #include <openssl/rsa.h> | 62 | #include <openssl/rsa.h> |
| 63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/engine.h> | ||
| 66 | 65 | ||
| 67 | /* Size of an SSL signature: MD5+SHA1 */ | 66 | /* Size of an SSL signature: MD5+SHA1 */ |
| 68 | #define SSL_SIG_LENGTH 36 | 67 | #define SSL_SIG_LENGTH 36 |
| @@ -77,10 +76,11 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 77 | const unsigned char *s = NULL; | 76 | const unsigned char *s = NULL; |
| 78 | X509_ALGOR algor; | 77 | X509_ALGOR algor; |
| 79 | ASN1_OCTET_STRING digest; | 78 | ASN1_OCTET_STRING digest; |
| 80 | if((rsa->flags & RSA_FLAG_SIGN_VER) | 79 | if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) |
| 81 | && ENGINE_get_RSA(rsa->engine)->rsa_sign) | 80 | { |
| 82 | return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, | 81 | return rsa->meth->rsa_sign(type, m, m_len, |
| 83 | m, m_len, sigret, siglen, rsa); | 82 | sigret, siglen, rsa); |
| 83 | } | ||
| 84 | /* Special case: SSL signature, just check the length */ | 84 | /* Special case: SSL signature, just check the length */ |
| 85 | if(type == NID_md5_sha1) { | 85 | if(type == NID_md5_sha1) { |
| 86 | if(m_len != SSL_SIG_LENGTH) { | 86 | if(m_len != SSL_SIG_LENGTH) { |
| @@ -113,7 +113,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 113 | i=i2d_X509_SIG(&sig,NULL); | 113 | i=i2d_X509_SIG(&sig,NULL); |
| 114 | } | 114 | } |
| 115 | j=RSA_size(rsa); | 115 | j=RSA_size(rsa); |
| 116 | if ((i-RSA_PKCS1_PADDING) > j) | 116 | if (i > (j-RSA_PKCS1_PADDING_SIZE)) |
| 117 | { | 117 | { |
| 118 | RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | 118 | RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); |
| 119 | return(0); | 119 | return(0); |
| @@ -136,7 +136,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 136 | *siglen=i; | 136 | *siglen=i; |
| 137 | 137 | ||
| 138 | if(type != NID_md5_sha1) { | 138 | if(type != NID_md5_sha1) { |
| 139 | memset(tmps,0,(unsigned int)j+1); | 139 | OPENSSL_cleanse(tmps,(unsigned int)j+1); |
| 140 | OPENSSL_free(tmps); | 140 | OPENSSL_free(tmps); |
| 141 | } | 141 | } |
| 142 | return(ret); | 142 | return(ret); |
| @@ -155,10 +155,11 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 155 | return(0); | 155 | return(0); |
| 156 | } | 156 | } |
| 157 | 157 | ||
| 158 | if((rsa->flags & RSA_FLAG_SIGN_VER) | 158 | if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) |
| 159 | && ENGINE_get_RSA(rsa->engine)->rsa_verify) | 159 | { |
| 160 | return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, | 160 | return rsa->meth->rsa_verify(dtype, m, m_len, |
| 161 | m, m_len, sigbuf, siglen, rsa); | 161 | sigbuf, siglen, rsa); |
| 162 | } | ||
| 162 | 163 | ||
| 163 | s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); | 164 | s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); |
| 164 | if (s == NULL) | 165 | if (s == NULL) |
| @@ -221,7 +222,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 221 | } | 222 | } |
| 222 | err: | 223 | err: |
| 223 | if (sig != NULL) X509_SIG_free(sig); | 224 | if (sig != NULL) X509_SIG_free(sig); |
| 224 | memset(s,0,(unsigned int)siglen); | 225 | OPENSSL_cleanse(s,(unsigned int)siglen); |
| 225 | OPENSSL_free(s); | 226 | OPENSSL_free(s); |
| 226 | return(ret); | 227 | return(ret); |
| 227 | } | 228 | } |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_test.c b/src/lib/libssl/src/crypto/rsa/rsa_test.c index b8b462d33b..924e9ad1f6 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_test.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_test.c | |||
| @@ -16,7 +16,6 @@ int main(int argc, char *argv[]) | |||
| 16 | } | 16 | } |
| 17 | #else | 17 | #else |
| 18 | #include <openssl/rsa.h> | 18 | #include <openssl/rsa.h> |
| 19 | #include <openssl/engine.h> | ||
| 20 | 19 | ||
| 21 | #define SetKey \ | 20 | #define SetKey \ |
| 22 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ | 21 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ |
diff --git a/src/lib/libssl/src/crypto/sha/Makefile.ssl b/src/lib/libssl/src/crypto/sha/Makefile.ssl index 0aa678d6f4..d52fb62b4f 100644 --- a/src/lib/libssl/src/crypto/sha/Makefile.ssl +++ b/src/lib/libssl/src/crypto/sha/Makefile.ssl | |||
| @@ -47,14 +47,8 @@ lib: $(LIBOBJ) | |||
| 47 | @touch lib | 47 | @touch lib |
| 48 | 48 | ||
| 49 | # elf | 49 | # elf |
| 50 | asm/sx86-elf.o: asm/sx86unix.cpp | 50 | asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl |
| 51 | $(CPP) -DELF -x c asm/sx86unix.cpp | as -o asm/sx86-elf.o | 51 | (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s) |
| 52 | |||
| 53 | # solaris | ||
| 54 | asm/sx86-sol.o: asm/sx86unix.cpp | ||
| 55 | $(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s | ||
| 56 | as -o asm/sx86-sol.o asm/sx86-sol.s | ||
| 57 | rm -f asm/sx86-sol.s | ||
| 58 | 52 | ||
| 59 | # a.out | 53 | # a.out |
| 60 | asm/sx86-out.o: asm/sx86unix.cpp | 54 | asm/sx86-out.o: asm/sx86unix.cpp |
| @@ -92,24 +86,30 @@ lint: | |||
| 92 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 86 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 93 | 87 | ||
| 94 | depend: | 88 | depend: |
| 95 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 89 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 96 | 90 | ||
| 97 | dclean: | 91 | dclean: |
| 98 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 92 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 99 | mv -f Makefile.new $(MAKEFILE) | 93 | mv -f Makefile.new $(MAKEFILE) |
| 100 | 94 | ||
| 101 | clean: | 95 | clean: |
| 102 | rm -f asm/sx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o | 96 | rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o |
| 103 | 97 | ||
| 104 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 98 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 105 | 99 | ||
| 106 | sha1_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 100 | sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 107 | sha1_one.o: ../../include/openssl/sha.h sha1_one.c | 101 | sha1_one.o: ../../include/openssl/opensslconf.h |
| 102 | sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | ||
| 103 | sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 104 | sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c | ||
| 108 | sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 105 | sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 109 | sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h | 106 | sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h |
| 110 | sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h | 107 | sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h |
| 111 | sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 108 | sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 112 | sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h | 109 | sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h |
| 113 | sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h | 110 | sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h |
| 114 | sha_one.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 111 | sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 115 | sha_one.o: ../../include/openssl/sha.h sha_one.c | 112 | sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 113 | sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 114 | sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 115 | sha_one.o: sha_one.c | ||
diff --git a/src/lib/libssl/src/crypto/sha/sha1_one.c b/src/lib/libssl/src/crypto/sha/sha1_one.c index e6a24888ed..20e660c71d 100644 --- a/src/lib/libssl/src/crypto/sha/sha1_one.c +++ b/src/lib/libssl/src/crypto/sha/sha1_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/sha.h> | 61 | #include <openssl/sha.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifndef OPENSSL_NO_SHA1 | 64 | #ifndef OPENSSL_NO_SHA1 |
| 64 | unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) | 65 | unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) |
| @@ -70,7 +71,7 @@ unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 70 | SHA1_Init(&c); | 71 | SHA1_Init(&c); |
| 71 | SHA1_Update(&c,d,n); | 72 | SHA1_Update(&c,d,n); |
| 72 | SHA1_Final(md,&c); | 73 | SHA1_Final(md,&c); |
| 73 | memset(&c,0,sizeof(c)); | 74 | OPENSSL_cleanse(&c,sizeof(c)); |
| 74 | return(md); | 75 | return(md); |
| 75 | } | 76 | } |
| 76 | #endif | 77 | #endif |
diff --git a/src/lib/libssl/src/crypto/sha/sha1test.c b/src/lib/libssl/src/crypto/sha/sha1test.c index 499a1cf5af..4f2e4ada2d 100644 --- a/src/lib/libssl/src/crypto/sha/sha1test.c +++ b/src/lib/libssl/src/crypto/sha/sha1test.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_SHA | 65 | #ifdef OPENSSL_NO_SHA |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -155,7 +157,7 @@ int main(int argc, char *argv[]) | |||
| 155 | } | 157 | } |
| 156 | else | 158 | else |
| 157 | printf("test 3 ok\n"); | 159 | printf("test 3 ok\n"); |
| 158 | exit(err); | 160 | EXIT(err); |
| 159 | EVP_MD_CTX_cleanup(&c); | 161 | EVP_MD_CTX_cleanup(&c); |
| 160 | return(0); | 162 | return(0); |
| 161 | } | 163 | } |
diff --git a/src/lib/libssl/src/crypto/sha/sha_locl.h b/src/lib/libssl/src/crypto/sha/sha_locl.h index 471dfb9f8f..2dd63a62a6 100644 --- a/src/lib/libssl/src/crypto/sha/sha_locl.h +++ b/src/lib/libssl/src/crypto/sha/sha_locl.h | |||
| @@ -224,10 +224,10 @@ int HASH_INIT (SHA_CTX *c) | |||
| 224 | void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | 224 | void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) |
| 225 | { | 225 | { |
| 226 | const SHA_LONG *W=d; | 226 | const SHA_LONG *W=d; |
| 227 | register unsigned long A,B,C,D,E,T; | 227 | register unsigned MD32_REG_T A,B,C,D,E,T; |
| 228 | #ifndef MD32_XARRAY | 228 | #ifndef MD32_XARRAY |
| 229 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 229 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 230 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 230 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 231 | #else | 231 | #else |
| 232 | SHA_LONG XX[16]; | 232 | SHA_LONG XX[16]; |
| 233 | #endif | 233 | #endif |
| @@ -349,10 +349,10 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) | |||
| 349 | void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) | 349 | void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) |
| 350 | { | 350 | { |
| 351 | const unsigned char *data=p; | 351 | const unsigned char *data=p; |
| 352 | register unsigned long A,B,C,D,E,T,l; | 352 | register unsigned MD32_REG_T A,B,C,D,E,T,l; |
| 353 | #ifndef MD32_XARRAY | 353 | #ifndef MD32_XARRAY |
| 354 | unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, | 354 | unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, |
| 355 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; | 355 | XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; |
| 356 | #else | 356 | #else |
| 357 | SHA_LONG XX[16]; | 357 | SHA_LONG XX[16]; |
| 358 | #endif | 358 | #endif |
diff --git a/src/lib/libssl/src/crypto/sha/sha_one.c b/src/lib/libssl/src/crypto/sha/sha_one.c index 5426faae4a..e61c63f3e9 100644 --- a/src/lib/libssl/src/crypto/sha/sha_one.c +++ b/src/lib/libssl/src/crypto/sha/sha_one.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/sha.h> | 61 | #include <openssl/sha.h> |
| 62 | #include <openssl/crypto.h> | ||
| 62 | 63 | ||
| 63 | #ifndef OPENSSL_NO_SHA0 | 64 | #ifndef OPENSSL_NO_SHA0 |
| 64 | unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) | 65 | unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) |
| @@ -70,7 +71,7 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) | |||
| 70 | SHA_Init(&c); | 71 | SHA_Init(&c); |
| 71 | SHA_Update(&c,d,n); | 72 | SHA_Update(&c,d,n); |
| 72 | SHA_Final(md,&c); | 73 | SHA_Final(md,&c); |
| 73 | memset(&c,0,sizeof(c)); | 74 | OPENSSL_cleanse(&c,sizeof(c)); |
| 74 | return(md); | 75 | return(md); |
| 75 | } | 76 | } |
| 76 | #endif | 77 | #endif |
diff --git a/src/lib/libssl/src/crypto/sha/shatest.c b/src/lib/libssl/src/crypto/sha/shatest.c index 331294a74f..5d2b1d3b1a 100644 --- a/src/lib/libssl/src/crypto/sha/shatest.c +++ b/src/lib/libssl/src/crypto/sha/shatest.c | |||
| @@ -60,6 +60,8 @@ | |||
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| 62 | 62 | ||
| 63 | #include "../e_os.h" | ||
| 64 | |||
| 63 | #ifdef OPENSSL_NO_SHA | 65 | #ifdef OPENSSL_NO_SHA |
| 64 | int main(int argc, char *argv[]) | 66 | int main(int argc, char *argv[]) |
| 65 | { | 67 | { |
| @@ -156,7 +158,7 @@ int main(int argc, char *argv[]) | |||
| 156 | else | 158 | else |
| 157 | printf("test 3 ok\n"); | 159 | printf("test 3 ok\n"); |
| 158 | EVP_MD_CTX_cleanup(&c); | 160 | EVP_MD_CTX_cleanup(&c); |
| 159 | exit(err); | 161 | EXIT(err); |
| 160 | return(0); | 162 | return(0); |
| 161 | } | 163 | } |
| 162 | 164 | ||
diff --git a/src/lib/libssl/src/crypto/stack/Makefile.ssl b/src/lib/libssl/src/crypto/stack/Makefile.ssl index 8574739c76..7120fb804a 100644 --- a/src/lib/libssl/src/crypto/stack/Makefile.ssl +++ b/src/lib/libssl/src/crypto/stack/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/threads/mttest.c b/src/lib/libssl/src/crypto/threads/mttest.c index c474a63c74..8973921778 100644 --- a/src/lib/libssl/src/crypto/threads/mttest.c +++ b/src/lib/libssl/src/crypto/threads/mttest.c | |||
| @@ -86,11 +86,6 @@ | |||
| 86 | #include <openssl/err.h> | 86 | #include <openssl/err.h> |
| 87 | #include <openssl/rand.h> | 87 | #include <openssl/rand.h> |
| 88 | 88 | ||
| 89 | #ifdef OPENSSL_NO_FP_API | ||
| 90 | #define APPS_WIN16 | ||
| 91 | #include "../buffer/bss_file.c" | ||
| 92 | #endif | ||
| 93 | |||
| 94 | #define TEST_SERVER_CERT "../../apps/server.pem" | 89 | #define TEST_SERVER_CERT "../../apps/server.pem" |
| 95 | #define TEST_CLIENT_CERT "../../apps/client.pem" | 90 | #define TEST_CLIENT_CERT "../../apps/client.pem" |
| 96 | 91 | ||
diff --git a/src/lib/libssl/src/crypto/tmdiff.c b/src/lib/libssl/src/crypto/tmdiff.c index 7ebf2b202a..307523ebba 100644 --- a/src/lib/libssl/src/crypto/tmdiff.c +++ b/src/lib/libssl/src/crypto/tmdiff.c | |||
| @@ -59,13 +59,16 @@ | |||
| 59 | #include <stdlib.h> | 59 | #include <stdlib.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/tmdiff.h> | 61 | #include <openssl/tmdiff.h> |
| 62 | #if !defined(OPENSSL_SYS_MSDOS) | ||
| 63 | #include OPENSSL_UNISTD | ||
| 64 | #endif | ||
| 62 | 65 | ||
| 63 | #ifdef TIMEB | 66 | #ifdef TIMEB |
| 64 | #undef OPENSSL_SYS_WIN32 | 67 | #undef OPENSSL_SYS_WIN32 |
| 65 | #undef TIMES | 68 | #undef TIMES |
| 66 | #endif | 69 | #endif |
| 67 | 70 | ||
| 68 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) || defined(__DECC) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_VXWORKS) | 71 | #if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !(defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX_RHAPSODY) && !defined(OPENSSL_SYS_VXWORKS) |
| 69 | # define TIMES | 72 | # define TIMES |
| 70 | #endif | 73 | #endif |
| 71 | 74 | ||
| @@ -101,14 +104,19 @@ | |||
| 101 | 104 | ||
| 102 | /* The following if from times(3) man page. It may need to be changed */ | 105 | /* The following if from times(3) man page. It may need to be changed */ |
| 103 | #ifndef HZ | 106 | #ifndef HZ |
| 104 | # ifndef CLK_TCK | 107 | # if defined(_SC_CLK_TCK) \ |
| 105 | # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ | 108 | && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) |
| 106 | # define HZ 100.0 | 109 | # define HZ ((double)sysconf(_SC_CLK_TCK)) |
| 107 | # else /* _BSD_CLK_TCK_ */ | 110 | # else |
| 108 | # define HZ ((double)_BSD_CLK_TCK_) | 111 | # ifndef CLK_TCK |
| 112 | # ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ | ||
| 113 | # define HZ 100.0 | ||
| 114 | # else /* _BSD_CLK_TCK_ */ | ||
| 115 | # define HZ ((double)_BSD_CLK_TCK_) | ||
| 116 | # endif | ||
| 117 | # else /* CLK_TCK */ | ||
| 118 | # define HZ ((double)CLK_TCK) | ||
| 109 | # endif | 119 | # endif |
| 110 | # else /* CLK_TCK */ | ||
| 111 | # define HZ ((double)CLK_TCK) | ||
| 112 | # endif | 120 | # endif |
| 113 | #endif | 121 | #endif |
| 114 | 122 | ||
| @@ -121,7 +129,7 @@ typedef struct ms_tm | |||
| 121 | HANDLE thread_id; | 129 | HANDLE thread_id; |
| 122 | FILETIME ms_win32; | 130 | FILETIME ms_win32; |
| 123 | # else | 131 | # else |
| 124 | # ifdef OPENSSL_SYS_VSWORKS | 132 | # ifdef OPENSSL_SYS_VXWORKS |
| 125 | unsigned long ticks; | 133 | unsigned long ticks; |
| 126 | # else | 134 | # else |
| 127 | struct timeb ms_timeb; | 135 | struct timeb ms_timeb; |
| @@ -163,7 +171,7 @@ void ms_time_get(char *a) | |||
| 163 | # ifdef OPENSSL_SYS_WIN32 | 171 | # ifdef OPENSSL_SYS_WIN32 |
| 164 | GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); | 172 | GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32)); |
| 165 | # else | 173 | # else |
| 166 | # ifdef OPENSSL_SYS_VSWORKS | 174 | # ifdef OPENSSL_SYS_VXWORKS |
| 167 | tm->ticks = tickGet(); | 175 | tm->ticks = tickGet(); |
| 168 | # else | 176 | # else |
| 169 | ftime(&tm->ms_timeb); | 177 | ftime(&tm->ms_timeb); |
| @@ -197,7 +205,7 @@ double ms_time_diff(char *ap, char *bp) | |||
| 197 | ret=((double)(lb-la))/1e7; | 205 | ret=((double)(lb-la))/1e7; |
| 198 | } | 206 | } |
| 199 | # else | 207 | # else |
| 200 | # ifdef OPENSSL_SYS_VSWORKS | 208 | # ifdef OPENSSL_SYS_VXWORKS |
| 201 | ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); | 209 | ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet(); |
| 202 | # else | 210 | # else |
| 203 | ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ | 211 | ret= (double)(b->ms_timeb.time-a->ms_timeb.time)+ |
| @@ -222,7 +230,7 @@ int ms_time_cmp(char *ap, char *bp) | |||
| 222 | d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; | 230 | d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7; |
| 223 | d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; | 231 | d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7; |
| 224 | # else | 232 | # else |
| 225 | # ifdef OPENSSL_SYS_VSWORKS | 233 | # ifdef OPENSSL_SYS_VXWORKS |
| 226 | d = (b->ticks - a->ticks); | 234 | d = (b->ticks - a->ticks); |
| 227 | # else | 235 | # else |
| 228 | d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ | 236 | d= (double)(b->ms_timeb.time-a->ms_timeb.time)+ |
diff --git a/src/lib/libssl/src/crypto/txt_db/Makefile.ssl b/src/lib/libssl/src/crypto/txt_db/Makefile.ssl index 61ff361348..6221dfae4d 100644 --- a/src/lib/libssl/src/crypto/txt_db/Makefile.ssl +++ b/src/lib/libssl/src/crypto/txt_db/Makefile.ssl | |||
| @@ -68,7 +68,7 @@ lint: | |||
| 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 68 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 69 | 69 | ||
| 70 | depend: | 70 | depend: |
| 71 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 71 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 72 | 72 | ||
| 73 | dclean: | 73 | dclean: |
| 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 74 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/txt_db/txt_db.c b/src/lib/libssl/src/crypto/txt_db/txt_db.c index 9b186f2da5..58b300b00b 100644 --- a/src/lib/libssl/src/crypto/txt_db/txt_db.c +++ b/src/lib/libssl/src/crypto/txt_db/txt_db.c | |||
| @@ -108,7 +108,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) | |||
| 108 | if (offset != 0) | 108 | if (offset != 0) |
| 109 | { | 109 | { |
| 110 | size+=BUFSIZE; | 110 | size+=BUFSIZE; |
| 111 | if (!BUF_MEM_grow(buf,size)) goto err; | 111 | if (!BUF_MEM_grow_clean(buf,size)) goto err; |
| 112 | } | 112 | } |
| 113 | buf->data[offset]='\0'; | 113 | buf->data[offset]='\0'; |
| 114 | BIO_gets(in,&(buf->data[offset]),size-offset); | 114 | BIO_gets(in,&(buf->data[offset]),size-offset); |
| @@ -268,7 +268,7 @@ long TXT_DB_write(BIO *out, TXT_DB *db) | |||
| 268 | if (pp[j] != NULL) | 268 | if (pp[j] != NULL) |
| 269 | l+=strlen(pp[j]); | 269 | l+=strlen(pp[j]); |
| 270 | } | 270 | } |
| 271 | if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err; | 271 | if (!BUF_MEM_grow_clean(buf,(int)(l*2+nn))) goto err; |
| 272 | 272 | ||
| 273 | p=buf->data; | 273 | p=buf->data; |
| 274 | for (j=0; j<nn; j++) | 274 | for (j=0; j<nn; j++) |
diff --git a/src/lib/libssl/src/crypto/ui/Makefile.ssl b/src/lib/libssl/src/crypto/ui/Makefile.ssl index 57b2e38335..ba46951d1c 100644 --- a/src/lib/libssl/src/crypto/ui/Makefile.ssl +++ b/src/lib/libssl/src/crypto/ui/Makefile.ssl | |||
| @@ -44,7 +44,7 @@ all: lib | |||
| 44 | 44 | ||
| 45 | lib: $(LIBOBJ) | 45 | lib: $(LIBOBJ) |
| 46 | $(AR) $(LIB) $(LIBOBJ) | 46 | $(AR) $(LIB) $(LIBOBJ) |
| 47 | $(RANLIB) $(LIB) | 47 | $(RANLIB) $(LIB) || echo Never mind. |
| 48 | @touch lib | 48 | @touch lib |
| 49 | 49 | ||
| 50 | files: | 50 | files: |
| @@ -72,7 +72,7 @@ lint: | |||
| 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 73 | 73 | ||
| 74 | depend: | 74 | depend: |
| 75 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 75 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 76 | 76 | ||
| 77 | dclean: | 77 | dclean: |
| 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -95,13 +95,13 @@ ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | |||
| 95 | ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h | 95 | ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h |
| 96 | ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 96 | ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 97 | ui_err.o: ../../include/openssl/ui.h ui_err.c | 97 | ui_err.o: ../../include/openssl/ui.h ui_err.c |
| 98 | ui_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 98 | ui_lib.o: ../../e_os.h ../../include/openssl/bio.h |
| 99 | ui_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 99 | ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 100 | ui_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 100 | ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 101 | ui_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 101 | ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 102 | ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 102 | ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h |
| 103 | ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_lib.c | 103 | ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 104 | ui_lib.o: ui_locl.h | 104 | ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h |
| 105 | ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h | 105 | ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h |
| 106 | ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 106 | ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 107 | ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 107 | ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
diff --git a/src/lib/libssl/src/crypto/ui/ui_lib.c b/src/lib/libssl/src/crypto/ui/ui_lib.c index cce9075ac1..33c86d76ef 100644 --- a/src/lib/libssl/src/crypto/ui/ui_lib.c +++ b/src/lib/libssl/src/crypto/ui/ui_lib.c | |||
| @@ -62,6 +62,7 @@ | |||
| 62 | #include <openssl/ui.h> | 62 | #include <openssl/ui.h> |
| 63 | #include <openssl/err.h> | 63 | #include <openssl/err.h> |
| 64 | #include "ui_locl.h" | 64 | #include "ui_locl.h" |
| 65 | #include "cryptlib.h" | ||
| 65 | 66 | ||
| 66 | IMPLEMENT_STACK_OF(UI_STRING_ST) | 67 | IMPLEMENT_STACK_OF(UI_STRING_ST) |
| 67 | 68 | ||
| @@ -144,7 +145,8 @@ static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt, | |||
| 144 | { | 145 | { |
| 145 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER); | 146 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER); |
| 146 | } | 147 | } |
| 147 | else if (result_buf == NULL) | 148 | else if ((type == UIT_PROMPT || type == UIT_VERIFY |
| 149 | || type == UIT_BOOLEAN) && result_buf == NULL) | ||
| 148 | { | 150 | { |
| 149 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER); | 151 | UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER); |
| 150 | } | 152 | } |
| @@ -235,7 +237,7 @@ static int general_allocate_boolean(UI *ui, | |||
| 235 | return ret; | 237 | return ret; |
| 236 | } | 238 | } |
| 237 | 239 | ||
| 238 | /* Returns the index to the place in the stack or 0 for error. Uses a | 240 | /* Returns the index to the place in the stack or -1 for error. Uses a |
| 239 | direct reference to the prompt. */ | 241 | direct reference to the prompt. */ |
| 240 | int UI_add_input_string(UI *ui, const char *prompt, int flags, | 242 | int UI_add_input_string(UI *ui, const char *prompt, int flags, |
| 241 | char *result_buf, int minsize, int maxsize) | 243 | char *result_buf, int minsize, int maxsize) |
| @@ -831,8 +833,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result) | |||
| 831 | case UIT_PROMPT: | 833 | case UIT_PROMPT: |
| 832 | case UIT_VERIFY: | 834 | case UIT_VERIFY: |
| 833 | { | 835 | { |
| 834 | char number1[20]; | 836 | char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize)+1]; |
| 835 | char number2[20]; | 837 | char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize)+1]; |
| 836 | 838 | ||
| 837 | BIO_snprintf(number1, sizeof(number1), "%d", | 839 | BIO_snprintf(number1, sizeof(number1), "%d", |
| 838 | uis->_.string_data.result_minsize); | 840 | uis->_.string_data.result_minsize); |
diff --git a/src/lib/libssl/src/crypto/ui/ui_openssl.c b/src/lib/libssl/src/crypto/ui/ui_openssl.c index f47ed31cb0..75318d48a1 100644 --- a/src/lib/libssl/src/crypto/ui/ui_openssl.c +++ b/src/lib/libssl/src/crypto/ui/ui_openssl.c | |||
| @@ -159,8 +159,10 @@ | |||
| 159 | 159 | ||
| 160 | #ifdef WIN_CONSOLE_BUG | 160 | #ifdef WIN_CONSOLE_BUG |
| 161 | # include <windows.h> | 161 | # include <windows.h> |
| 162 | #ifndef OPENSSL_SYS_WINCE | ||
| 162 | # include <wincon.h> | 163 | # include <wincon.h> |
| 163 | #endif | 164 | #endif |
| 165 | #endif | ||
| 164 | 166 | ||
| 165 | 167 | ||
| 166 | /* There are 5 types of terminal interface supported, | 168 | /* There are 5 types of terminal interface supported, |
| @@ -191,7 +193,7 @@ | |||
| 191 | # define SGTTY | 193 | # define SGTTY |
| 192 | #endif | 194 | #endif |
| 193 | 195 | ||
| 194 | #if defined(OPENSSL_SYS_VSWORKS) | 196 | #if defined(OPENSSL_SYS_VXWORKS) |
| 195 | #undef TERMIOS | 197 | #undef TERMIOS |
| 196 | #undef TERMIO | 198 | #undef TERMIO |
| 197 | #undef SGTTY | 199 | #undef SGTTY |
| @@ -221,7 +223,7 @@ | |||
| 221 | # define TTY_set(tty,data) ioctl(tty,TIOCSETP,data) | 223 | # define TTY_set(tty,data) ioctl(tty,TIOCSETP,data) |
| 222 | #endif | 224 | #endif |
| 223 | 225 | ||
| 224 | #if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) | 226 | #if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS) |
| 225 | # include <sys/ioctl.h> | 227 | # include <sys/ioctl.h> |
| 226 | #endif | 228 | #endif |
| 227 | 229 | ||
| @@ -241,6 +243,10 @@ struct IOSB { | |||
| 241 | }; | 243 | }; |
| 242 | #endif | 244 | #endif |
| 243 | 245 | ||
| 246 | #ifdef OPENSSL_SYS_SUNOS | ||
| 247 | typedef int sig_atomic_t; | ||
| 248 | #endif | ||
| 249 | |||
| 244 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) | 250 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) |
| 245 | /* | 251 | /* |
| 246 | * This one needs work. As a matter of fact the code is unoperational | 252 | * This one needs work. As a matter of fact the code is unoperational |
| @@ -277,10 +283,12 @@ static FILE *tty_in, *tty_out; | |||
| 277 | static int is_a_tty; | 283 | static int is_a_tty; |
| 278 | 284 | ||
| 279 | /* Declare static functions */ | 285 | /* Declare static functions */ |
| 286 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 280 | static void read_till_nl(FILE *); | 287 | static void read_till_nl(FILE *); |
| 281 | static void recsig(int); | 288 | static void recsig(int); |
| 282 | static void pushsig(void); | 289 | static void pushsig(void); |
| 283 | static void popsig(void); | 290 | static void popsig(void); |
| 291 | #endif | ||
| 284 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) | 292 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) |
| 285 | static int noecho_fgets(char *buf, int size, FILE *tty); | 293 | static int noecho_fgets(char *buf, int size, FILE *tty); |
| 286 | #endif | 294 | #endif |
| @@ -367,6 +375,7 @@ static int read_string(UI *ui, UI_STRING *uis) | |||
| 367 | } | 375 | } |
| 368 | 376 | ||
| 369 | 377 | ||
| 378 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 370 | /* Internal functions to read a string without echoing */ | 379 | /* Internal functions to read a string without echoing */ |
| 371 | static void read_till_nl(FILE *in) | 380 | static void read_till_nl(FILE *in) |
| 372 | { | 381 | { |
| @@ -379,6 +388,7 @@ static void read_till_nl(FILE *in) | |||
| 379 | } | 388 | } |
| 380 | 389 | ||
| 381 | static volatile sig_atomic_t intr_signal; | 390 | static volatile sig_atomic_t intr_signal; |
| 391 | #endif | ||
| 382 | 392 | ||
| 383 | static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) | 393 | static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) |
| 384 | { | 394 | { |
| @@ -386,9 +396,9 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) | |||
| 386 | int ok; | 396 | int ok; |
| 387 | char result[BUFSIZ]; | 397 | char result[BUFSIZ]; |
| 388 | int maxsize = BUFSIZ-1; | 398 | int maxsize = BUFSIZ-1; |
| 399 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 389 | char *p; | 400 | char *p; |
| 390 | 401 | ||
| 391 | #ifndef OPENSSL_SYS_WIN16 | ||
| 392 | intr_signal=0; | 402 | intr_signal=0; |
| 393 | ok=0; | 403 | ok=0; |
| 394 | ps=0; | 404 | ps=0; |
| @@ -439,7 +449,7 @@ error: | |||
| 439 | ok=1; | 449 | ok=1; |
| 440 | #endif | 450 | #endif |
| 441 | 451 | ||
| 442 | memset(result,0,BUFSIZ); | 452 | OPENSSL_cleanse(result,BUFSIZ); |
| 443 | return ok; | 453 | return ok; |
| 444 | } | 454 | } |
| 445 | 455 | ||
| @@ -450,7 +460,7 @@ static int open_console(UI *ui) | |||
| 450 | CRYPTO_w_lock(CRYPTO_LOCK_UI); | 460 | CRYPTO_w_lock(CRYPTO_LOCK_UI); |
| 451 | is_a_tty = 1; | 461 | is_a_tty = 1; |
| 452 | 462 | ||
| 453 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VSWORKS) | 463 | #if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) |
| 454 | tty_in=stdin; | 464 | tty_in=stdin; |
| 455 | tty_out=stderr; | 465 | tty_out=stderr; |
| 456 | #else | 466 | #else |
| @@ -540,7 +550,7 @@ static int echo_console(UI *ui) | |||
| 540 | 550 | ||
| 541 | static int close_console(UI *ui) | 551 | static int close_console(UI *ui) |
| 542 | { | 552 | { |
| 543 | if (tty_in != stderr) fclose(tty_in); | 553 | if (tty_in != stdin) fclose(tty_in); |
| 544 | if (tty_out != stderr) fclose(tty_out); | 554 | if (tty_out != stderr) fclose(tty_out); |
| 545 | #ifdef OPENSSL_SYS_VMS | 555 | #ifdef OPENSSL_SYS_VMS |
| 546 | status = sys$dassgn(channel); | 556 | status = sys$dassgn(channel); |
| @@ -551,6 +561,7 @@ static int close_console(UI *ui) | |||
| 551 | } | 561 | } |
| 552 | 562 | ||
| 553 | 563 | ||
| 564 | #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) | ||
| 554 | /* Internal functions to handle signals and act on them */ | 565 | /* Internal functions to handle signals and act on them */ |
| 555 | static void pushsig(void) | 566 | static void pushsig(void) |
| 556 | { | 567 | { |
| @@ -614,9 +625,10 @@ static void recsig(int i) | |||
| 614 | { | 625 | { |
| 615 | intr_signal=i; | 626 | intr_signal=i; |
| 616 | } | 627 | } |
| 628 | #endif | ||
| 617 | 629 | ||
| 618 | /* Internal functions specific for Windows */ | 630 | /* Internal functions specific for Windows */ |
| 619 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) | 631 | #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) |
| 620 | static int noecho_fgets(char *buf, int size, FILE *tty) | 632 | static int noecho_fgets(char *buf, int size, FILE *tty) |
| 621 | { | 633 | { |
| 622 | int i; | 634 | int i; |
diff --git a/src/lib/libssl/src/crypto/ui/ui_util.c b/src/lib/libssl/src/crypto/ui/ui_util.c index f05573df33..46bc8c1a9a 100644 --- a/src/lib/libssl/src/crypto/ui/ui_util.c +++ b/src/lib/libssl/src/crypto/ui/ui_util.c | |||
| @@ -62,7 +62,7 @@ int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify) | |||
| 62 | int ret; | 62 | int ret; |
| 63 | 63 | ||
| 64 | ret=UI_UTIL_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); | 64 | ret=UI_UTIL_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); |
| 65 | memset(buff,0,BUFSIZ); | 65 | OPENSSL_cleanse(buff,BUFSIZ); |
| 66 | return(ret); | 66 | return(ret); |
| 67 | } | 67 | } |
| 68 | 68 | ||
| @@ -78,12 +78,14 @@ int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify) | |||
| 78 | if (ui) | 78 | if (ui) |
| 79 | { | 79 | { |
| 80 | ok = UI_add_input_string(ui,prompt,0,buf,0,size-1); | 80 | ok = UI_add_input_string(ui,prompt,0,buf,0,size-1); |
| 81 | if (ok == 0 && verify) | 81 | if (ok >= 0 && verify) |
| 82 | ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1, | 82 | ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1, |
| 83 | buf); | 83 | buf); |
| 84 | if (ok == 0) | 84 | if (ok >= 0) |
| 85 | ok=UI_process(ui); | 85 | ok=UI_process(ui); |
| 86 | UI_free(ui); | 86 | UI_free(ui); |
| 87 | } | 87 | } |
| 88 | if (ok > 0) | ||
| 89 | ok = 0; | ||
| 88 | return(ok); | 90 | return(ok); |
| 89 | } | 91 | } |
diff --git a/src/lib/libssl/src/crypto/uid.c b/src/lib/libssl/src/crypto/uid.c index d3d249c36f..73205a4baa 100644 --- a/src/lib/libssl/src/crypto/uid.c +++ b/src/lib/libssl/src/crypto/uid.c | |||
| @@ -65,7 +65,7 @@ int OPENSSL_issetugid(void) | |||
| 65 | return issetugid(); | 65 | return issetugid(); |
| 66 | } | 66 | } |
| 67 | 67 | ||
| 68 | #elif defined(OPENSSL_SYS_WIN32) | 68 | #elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) |
| 69 | 69 | ||
| 70 | int OPENSSL_issetugid(void) | 70 | int OPENSSL_issetugid(void) |
| 71 | { | 71 | { |
diff --git a/src/lib/libssl/src/crypto/x509/Makefile.ssl b/src/lib/libssl/src/crypto/x509/Makefile.ssl index ee53294699..3a3452536c 100644 --- a/src/lib/libssl/src/crypto/x509/Makefile.ssl +++ b/src/lib/libssl/src/crypto/x509/Makefile.ssl | |||
| @@ -78,7 +78,7 @@ lint: | |||
| 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 78 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 79 | 79 | ||
| 80 | depend: | 80 | depend: |
| 81 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 81 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 82 | 82 | ||
| 83 | dclean: | 83 | dclean: |
| 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 84 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/x509/by_file.c b/src/lib/libssl/src/crypto/x509/by_file.c index 92e00d2d73..b4b04183d0 100644 --- a/src/lib/libssl/src/crypto/x509/by_file.c +++ b/src/lib/libssl/src/crypto/x509/by_file.c | |||
| @@ -100,18 +100,19 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | |||
| 100 | case X509_L_FILE_LOAD: | 100 | case X509_L_FILE_LOAD: |
| 101 | if (argl == X509_FILETYPE_DEFAULT) | 101 | if (argl == X509_FILETYPE_DEFAULT) |
| 102 | { | 102 | { |
| 103 | ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), | 103 | file = (char *)Getenv(X509_get_default_cert_file_env()); |
| 104 | X509_FILETYPE_PEM) != 0); | 104 | if (file) |
| 105 | ok = (X509_load_cert_crl_file(ctx,file, | ||
| 106 | X509_FILETYPE_PEM) != 0); | ||
| 107 | |||
| 108 | else | ||
| 109 | ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), | ||
| 110 | X509_FILETYPE_PEM) != 0); | ||
| 111 | |||
| 105 | if (!ok) | 112 | if (!ok) |
| 106 | { | 113 | { |
| 107 | X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); | 114 | X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); |
| 108 | } | 115 | } |
| 109 | else | ||
| 110 | { | ||
| 111 | file=(char *)Getenv(X509_get_default_cert_file_env()); | ||
| 112 | ok = (X509_load_cert_crl_file(ctx,file, | ||
| 113 | X509_FILETYPE_PEM) != 0); | ||
| 114 | } | ||
| 115 | } | 116 | } |
| 116 | else | 117 | else |
| 117 | { | 118 | { |
| @@ -284,7 +285,8 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) | |||
| 284 | if(itmp->x509) { | 285 | if(itmp->x509) { |
| 285 | X509_STORE_add_cert(ctx->store_ctx, itmp->x509); | 286 | X509_STORE_add_cert(ctx->store_ctx, itmp->x509); |
| 286 | count++; | 287 | count++; |
| 287 | } else if(itmp->crl) { | 288 | } |
| 289 | if(itmp->crl) { | ||
| 288 | X509_STORE_add_crl(ctx->store_ctx, itmp->crl); | 290 | X509_STORE_add_crl(ctx->store_ctx, itmp->crl); |
| 289 | count++; | 291 | count++; |
| 290 | } | 292 | } |
diff --git a/src/lib/libssl/src/crypto/x509/x509.h b/src/lib/libssl/src/crypto/x509/x509.h index 7095440d36..eaad5685a8 100644 --- a/src/lib/libssl/src/crypto/x509/x509.h +++ b/src/lib/libssl/src/crypto/x509/x509.h | |||
| @@ -87,7 +87,6 @@ | |||
| 87 | #ifndef OPENSSL_NO_SHA | 87 | #ifndef OPENSSL_NO_SHA |
| 88 | #include <openssl/sha.h> | 88 | #include <openssl/sha.h> |
| 89 | #endif | 89 | #endif |
| 90 | #include <openssl/evp.h> | ||
| 91 | #include <openssl/e_os2.h> | 90 | #include <openssl/e_os2.h> |
| 92 | #include <openssl/ossl_typ.h> | 91 | #include <openssl/ossl_typ.h> |
| 93 | 92 | ||
| @@ -487,10 +486,12 @@ typedef struct Netscape_certificate_sequence | |||
| 487 | STACK_OF(X509) *certs; | 486 | STACK_OF(X509) *certs; |
| 488 | } NETSCAPE_CERT_SEQUENCE; | 487 | } NETSCAPE_CERT_SEQUENCE; |
| 489 | 488 | ||
| 489 | /* Unused (and iv length is wrong) | ||
| 490 | typedef struct CBCParameter_st | 490 | typedef struct CBCParameter_st |
| 491 | { | 491 | { |
| 492 | unsigned char iv[8]; | 492 | unsigned char iv[8]; |
| 493 | } CBC_PARAM; | 493 | } CBC_PARAM; |
| 494 | */ | ||
| 494 | 495 | ||
| 495 | /* Password based encryption structure */ | 496 | /* Password based encryption structure */ |
| 496 | 497 | ||
diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c index cd20b6d66f..f460102f49 100644 --- a/src/lib/libssl/src/crypto/x509/x509_cmp.c +++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c | |||
| @@ -57,6 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <ctype.h> | ||
| 60 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
| 62 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
| @@ -81,13 +82,14 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) | |||
| 81 | unsigned long ret=0; | 82 | unsigned long ret=0; |
| 82 | EVP_MD_CTX ctx; | 83 | EVP_MD_CTX ctx; |
| 83 | unsigned char md[16]; | 84 | unsigned char md[16]; |
| 84 | char str[256]; | 85 | char *f; |
| 85 | 86 | ||
| 86 | EVP_MD_CTX_init(&ctx); | 87 | EVP_MD_CTX_init(&ctx); |
| 87 | X509_NAME_oneline(a->cert_info->issuer,str,256); | 88 | f=X509_NAME_oneline(a->cert_info->issuer,NULL,0); |
| 88 | ret=strlen(str); | 89 | ret=strlen(f); |
| 89 | EVP_DigestInit_ex(&ctx, EVP_md5(), NULL); | 90 | EVP_DigestInit_ex(&ctx, EVP_md5(), NULL); |
| 90 | EVP_DigestUpdate(&ctx,(unsigned char *)str,ret); | 91 | EVP_DigestUpdate(&ctx,(unsigned char *)f,ret); |
| 92 | OPENSSL_free(f); | ||
| 91 | EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, | 93 | EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, |
| 92 | (unsigned long)a->cert_info->serialNumber->length); | 94 | (unsigned long)a->cert_info->serialNumber->length); |
| 93 | EVP_DigestFinal_ex(&ctx,&(md[0]),NULL); | 95 | EVP_DigestFinal_ex(&ctx,&(md[0]),NULL); |
| @@ -159,6 +161,99 @@ int X509_cmp(const X509 *a, const X509 *b) | |||
| 159 | } | 161 | } |
| 160 | #endif | 162 | #endif |
| 161 | 163 | ||
| 164 | |||
| 165 | /* Case insensitive string comparision */ | ||
| 166 | static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b) | ||
| 167 | { | ||
| 168 | int i; | ||
| 169 | |||
| 170 | if (a->length != b->length) | ||
| 171 | return (a->length - b->length); | ||
| 172 | |||
| 173 | for (i=0; i<a->length; i++) | ||
| 174 | { | ||
| 175 | int ca, cb; | ||
| 176 | |||
| 177 | ca = tolower(a->data[i]); | ||
| 178 | cb = tolower(b->data[i]); | ||
| 179 | |||
| 180 | if (ca != cb) | ||
| 181 | return(ca-cb); | ||
| 182 | } | ||
| 183 | return 0; | ||
| 184 | } | ||
| 185 | |||
| 186 | /* Case insensitive string comparision with space normalization | ||
| 187 | * Space normalization - ignore leading, trailing spaces, | ||
| 188 | * multiple spaces between characters are replaced by single space | ||
| 189 | */ | ||
| 190 | static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b) | ||
| 191 | { | ||
| 192 | unsigned char *pa = NULL, *pb = NULL; | ||
| 193 | int la, lb; | ||
| 194 | |||
| 195 | la = a->length; | ||
| 196 | lb = b->length; | ||
| 197 | pa = a->data; | ||
| 198 | pb = b->data; | ||
| 199 | |||
| 200 | /* skip leading spaces */ | ||
| 201 | while (la > 0 && isspace(*pa)) | ||
| 202 | { | ||
| 203 | la--; | ||
| 204 | pa++; | ||
| 205 | } | ||
| 206 | while (lb > 0 && isspace(*pb)) | ||
| 207 | { | ||
| 208 | lb--; | ||
| 209 | pb++; | ||
| 210 | } | ||
| 211 | |||
| 212 | /* skip trailing spaces */ | ||
| 213 | while (la > 0 && isspace(pa[la-1])) | ||
| 214 | la--; | ||
| 215 | while (lb > 0 && isspace(pb[lb-1])) | ||
| 216 | lb--; | ||
| 217 | |||
| 218 | /* compare strings with space normalization */ | ||
| 219 | while (la > 0 && lb > 0) | ||
| 220 | { | ||
| 221 | int ca, cb; | ||
| 222 | |||
| 223 | /* compare character */ | ||
| 224 | ca = tolower(*pa); | ||
| 225 | cb = tolower(*pb); | ||
| 226 | if (ca != cb) | ||
| 227 | return (ca - cb); | ||
| 228 | |||
| 229 | pa++; pb++; | ||
| 230 | la--; lb--; | ||
| 231 | |||
| 232 | if (la <= 0 || lb <= 0) | ||
| 233 | break; | ||
| 234 | |||
| 235 | /* is white space next character ? */ | ||
| 236 | if (isspace(*pa) && isspace(*pb)) | ||
| 237 | { | ||
| 238 | /* skip remaining white spaces */ | ||
| 239 | while (la > 0 && isspace(*pa)) | ||
| 240 | { | ||
| 241 | la--; | ||
| 242 | pa++; | ||
| 243 | } | ||
| 244 | while (lb > 0 && isspace(*pb)) | ||
| 245 | { | ||
| 246 | lb--; | ||
| 247 | pb++; | ||
| 248 | } | ||
| 249 | } | ||
| 250 | } | ||
| 251 | if (la > 0 || lb > 0) | ||
| 252 | return la - lb; | ||
| 253 | |||
| 254 | return 0; | ||
| 255 | } | ||
| 256 | |||
| 162 | int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) | 257 | int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) |
| 163 | { | 258 | { |
| 164 | int i,j; | 259 | int i,j; |
| @@ -172,10 +267,20 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) | |||
| 172 | { | 267 | { |
| 173 | na=sk_X509_NAME_ENTRY_value(a->entries,i); | 268 | na=sk_X509_NAME_ENTRY_value(a->entries,i); |
| 174 | nb=sk_X509_NAME_ENTRY_value(b->entries,i); | 269 | nb=sk_X509_NAME_ENTRY_value(b->entries,i); |
| 175 | j=na->value->length-nb->value->length; | 270 | j=na->value->type-nb->value->type; |
| 176 | if (j) return(j); | 271 | if (j) return(j); |
| 177 | j=memcmp(na->value->data,nb->value->data, | 272 | if (na->value->type == V_ASN1_PRINTABLESTRING) |
| 178 | na->value->length); | 273 | j=nocase_spacenorm_cmp(na->value, nb->value); |
| 274 | else if (na->value->type == V_ASN1_IA5STRING | ||
| 275 | && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress) | ||
| 276 | j=nocase_cmp(na->value, nb->value); | ||
| 277 | else | ||
| 278 | { | ||
| 279 | j=na->value->length-nb->value->length; | ||
| 280 | if (j) return(j); | ||
| 281 | j=memcmp(na->value->data,nb->value->data, | ||
| 282 | na->value->length); | ||
| 283 | } | ||
| 179 | if (j) return(j); | 284 | if (j) return(j); |
| 180 | j=na->set-nb->set; | 285 | j=na->set-nb->set; |
| 181 | if (j) return(j); | 286 | if (j) return(j); |
diff --git a/src/lib/libssl/src/crypto/x509/x509_v3.c b/src/lib/libssl/src/crypto/x509/x509_v3.c index b5f7daa2e5..67b1796a92 100644 --- a/src/lib/libssl/src/crypto/x509/x509_v3.c +++ b/src/lib/libssl/src/crypto/x509/x509_v3.c | |||
| @@ -116,7 +116,7 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, | |||
| 116 | { | 116 | { |
| 117 | ex=sk_X509_EXTENSION_value(sk,lastpos); | 117 | ex=sk_X509_EXTENSION_value(sk,lastpos); |
| 118 | if ( ((ex->critical > 0) && crit) || | 118 | if ( ((ex->critical > 0) && crit) || |
| 119 | (!(ex->critical <= 0) && !crit)) | 119 | ((ex->critical <= 0) && !crit)) |
| 120 | return(lastpos); | 120 | return(lastpos); |
| 121 | } | 121 | } |
| 122 | return(-1); | 122 | return(-1); |
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c index db12f7bd35..552d1e7251 100644 --- a/src/lib/libssl/src/crypto/x509/x509_vfy.c +++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c | |||
| @@ -756,7 +756,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) | |||
| 756 | { | 756 | { |
| 757 | char *str; | 757 | char *str; |
| 758 | ASN1_TIME atm; | 758 | ASN1_TIME atm; |
| 759 | time_t offset; | 759 | long offset; |
| 760 | char buff1[24],buff2[24],*p; | 760 | char buff1[24],buff2[24],*p; |
| 761 | int i,j; | 761 | int i,j; |
| 762 | 762 | ||
diff --git a/src/lib/libssl/src/crypto/x509v3/Makefile.ssl b/src/lib/libssl/src/crypto/x509v3/Makefile.ssl index 3534e8b236..66df90c346 100644 --- a/src/lib/libssl/src/crypto/x509v3/Makefile.ssl +++ b/src/lib/libssl/src/crypto/x509v3/Makefile.ssl | |||
| @@ -74,7 +74,7 @@ lint: | |||
| 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 74 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 75 | 75 | ||
| 76 | depend: | 76 | depend: |
| 77 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 77 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 78 | 78 | ||
| 79 | dclean: | 79 | dclean: |
| 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 80 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
diff --git a/src/lib/libssl/src/crypto/x509v3/ext_dat.h b/src/lib/libssl/src/crypto/x509v3/ext_dat.h index 2fb97d8925..5442480595 100644 --- a/src/lib/libssl/src/crypto/x509v3/ext_dat.h +++ b/src/lib/libssl/src/crypto/x509v3/ext_dat.h | |||
| @@ -90,17 +90,23 @@ static X509V3_EXT_METHOD *standard_exts[] = { | |||
| 90 | &v3_crld, | 90 | &v3_crld, |
| 91 | &v3_ext_ku, | 91 | &v3_ext_ku, |
| 92 | &v3_crl_reason, | 92 | &v3_crl_reason, |
| 93 | #ifndef OPENSSL_NO_OCSP | ||
| 93 | &v3_crl_invdate, | 94 | &v3_crl_invdate, |
| 95 | #endif | ||
| 94 | &v3_sxnet, | 96 | &v3_sxnet, |
| 95 | &v3_info, | 97 | &v3_info, |
| 98 | #ifndef OPENSSL_NO_OCSP | ||
| 96 | &v3_ocsp_nonce, | 99 | &v3_ocsp_nonce, |
| 97 | &v3_ocsp_crlid, | 100 | &v3_ocsp_crlid, |
| 98 | &v3_ocsp_accresp, | 101 | &v3_ocsp_accresp, |
| 99 | &v3_ocsp_nocheck, | 102 | &v3_ocsp_nocheck, |
| 100 | &v3_ocsp_acutoff, | 103 | &v3_ocsp_acutoff, |
| 101 | &v3_ocsp_serviceloc, | 104 | &v3_ocsp_serviceloc, |
| 105 | #endif | ||
| 102 | &v3_sinfo, | 106 | &v3_sinfo, |
| 107 | #ifndef OPENSSL_NO_OCSP | ||
| 103 | &v3_crl_hold | 108 | &v3_crl_hold |
| 109 | #endif | ||
| 104 | }; | 110 | }; |
| 105 | 111 | ||
| 106 | /* Number of standard extensions */ | 112 | /* Number of standard extensions */ |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c index 92b9316b02..28cc00686a 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_info.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c | |||
| @@ -113,8 +113,8 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method | |||
| 113 | ret = i2v_GENERAL_NAME(method, desc->location, ret); | 113 | ret = i2v_GENERAL_NAME(method, desc->location, ret); |
| 114 | if(!ret) break; | 114 | if(!ret) break; |
| 115 | vtmp = sk_CONF_VALUE_value(ret, i); | 115 | vtmp = sk_CONF_VALUE_value(ret, i); |
| 116 | i2t_ASN1_OBJECT(objtmp, 80, desc->method); | 116 | i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); |
| 117 | nlen = strlen(objtmp) + strlen(vtmp->name) + 4; | 117 | nlen = strlen(objtmp) + strlen(vtmp->name) + 5; |
| 118 | ntmp = OPENSSL_malloc(nlen); | 118 | ntmp = OPENSSL_malloc(nlen); |
| 119 | if(!ntmp) { | 119 | if(!ntmp) { |
| 120 | X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, | 120 | X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c b/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c index 083112314e..21badc13f9 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c | |||
| @@ -56,6 +56,8 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_OCSP | ||
| 60 | |||
| 59 | #include <stdio.h> | 61 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
| 61 | #include <openssl/conf.h> | 63 | #include <openssl/conf.h> |
| @@ -270,3 +272,4 @@ static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int | |||
| 270 | err: | 272 | err: |
| 271 | return 0; | 273 | return 0; |
| 272 | } | 274 | } |
| 275 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_prn.c b/src/lib/libssl/src/crypto/x509v3/v3_prn.c index aeaf6170fe..754808b625 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_prn.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_prn.c | |||
| @@ -178,7 +178,7 @@ int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts | |||
| 178 | ASN1_OBJECT *obj; | 178 | ASN1_OBJECT *obj; |
| 179 | X509_EXTENSION *ex; | 179 | X509_EXTENSION *ex; |
| 180 | ex=sk_X509_EXTENSION_value(exts, i); | 180 | ex=sk_X509_EXTENSION_value(exts, i); |
| 181 | if (BIO_printf(bp,"%*s",indent, "") <= 0) return 0; | 181 | if (indent && BIO_printf(bp,"%*s",indent, "") <= 0) return 0; |
| 182 | obj=X509_EXTENSION_get_object(ex); | 182 | obj=X509_EXTENSION_get_object(ex); |
| 183 | i2a_ASN1_OBJECT(bp,obj); | 183 | i2a_ASN1_OBJECT(bp,obj); |
| 184 | j=X509_EXTENSION_get_critical(ex); | 184 | j=X509_EXTENSION_get_critical(ex); |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_purp.c b/src/lib/libssl/src/crypto/x509v3/v3_purp.c index b739e4fd83..4d145f71fd 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_purp.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_purp.c | |||
| @@ -378,6 +378,10 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 378 | case NID_time_stamp: | 378 | case NID_time_stamp: |
| 379 | x->ex_xkusage |= XKU_TIMESTAMP; | 379 | x->ex_xkusage |= XKU_TIMESTAMP; |
| 380 | break; | 380 | break; |
| 381 | |||
| 382 | case NID_dvcs: | ||
| 383 | x->ex_xkusage |= XKU_DVCS; | ||
| 384 | break; | ||
| 381 | } | 385 | } |
| 382 | } | 386 | } |
| 383 | sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); | 387 | sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_utl.c b/src/lib/libssl/src/crypto/x509v3/v3_utl.c index 283e943e46..34ac2998de 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_utl.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_utl.c | |||
| @@ -491,7 +491,7 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) | |||
| 491 | i = -1; | 491 | i = -1; |
| 492 | /* First supplied X509_NAME */ | 492 | /* First supplied X509_NAME */ |
| 493 | while((i = X509_NAME_get_index_by_NID(name, | 493 | while((i = X509_NAME_get_index_by_NID(name, |
| 494 | NID_pkcs9_emailAddress, i)) > 0) { | 494 | NID_pkcs9_emailAddress, i)) >= 0) { |
| 495 | ne = X509_NAME_get_entry(name, i); | 495 | ne = X509_NAME_get_entry(name, i); |
| 496 | email = X509_NAME_ENTRY_get_data(ne); | 496 | email = X509_NAME_ENTRY_get_data(ne); |
| 497 | if(!append_ia5(&ret, email)) return NULL; | 497 | if(!append_ia5(&ret, email)) return NULL; |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3conf.c b/src/lib/libssl/src/crypto/x509v3/v3conf.c index 67ee14f334..00cf5b4a5b 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3conf.c +++ b/src/lib/libssl/src/crypto/x509v3/v3conf.c | |||
| @@ -118,7 +118,7 @@ int main(int argc, char **argv) | |||
| 118 | printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); | 118 | printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); |
| 119 | if(ext->critical) printf(",critical:\n"); | 119 | if(ext->critical) printf(",critical:\n"); |
| 120 | else printf(":\n"); | 120 | else printf(":\n"); |
| 121 | X509V3_EXT_print_fp(stdout, ext, 0); | 121 | X509V3_EXT_print_fp(stdout, ext, 0, 0); |
| 122 | printf("\n"); | 122 | printf("\n"); |
| 123 | 123 | ||
| 124 | } | 124 | } |
diff --git a/src/lib/libssl/src/crypto/x509v3/x509v3.h b/src/lib/libssl/src/crypto/x509v3/x509v3.h index daecc55271..fb07a19016 100644 --- a/src/lib/libssl/src/crypto/x509v3/x509v3.h +++ b/src/lib/libssl/src/crypto/x509v3/x509v3.h | |||
| @@ -352,6 +352,7 @@ DECLARE_ASN1_SET_OF(POLICYINFO) | |||
| 352 | #define XKU_SGC 0x10 | 352 | #define XKU_SGC 0x10 |
| 353 | #define XKU_OCSP_SIGN 0x20 | 353 | #define XKU_OCSP_SIGN 0x20 |
| 354 | #define XKU_TIMESTAMP 0x40 | 354 | #define XKU_TIMESTAMP 0x40 |
| 355 | #define XKU_DVCS 0x80 | ||
| 355 | 356 | ||
| 356 | #define X509_PURPOSE_DYNAMIC 0x1 | 357 | #define X509_PURPOSE_DYNAMIC 0x1 |
| 357 | #define X509_PURPOSE_DYNAMIC_NAME 0x2 | 358 | #define X509_PURPOSE_DYNAMIC_NAME 0x2 |
diff --git a/src/lib/libssl/src/demos/b64.c b/src/lib/libssl/src/demos/b64.c index 113da89baf..efdd44457d 100644 --- a/src/lib/libssl/src/demos/b64.c +++ b/src/lib/libssl/src/demos/b64.c | |||
| @@ -83,7 +83,6 @@ char **argv; | |||
| 83 | unsigned char *buff=NULL,*bufsize=NULL; | 83 | unsigned char *buff=NULL,*bufsize=NULL; |
| 84 | int bsize=BSIZE,verbose=0; | 84 | int bsize=BSIZE,verbose=0; |
| 85 | int ret=1,inl; | 85 | int ret=1,inl; |
| 86 | unsigned char key[24],iv[MD5_DIGEST_LENGTH]; | ||
| 87 | char *str=NULL; | 86 | char *str=NULL; |
| 88 | char *hkey=NULL,*hiv=NULL; | 87 | char *hkey=NULL,*hiv=NULL; |
| 89 | int enc=1,printkey=0,i,base64=0; | 88 | int enc=1,printkey=0,i,base64=0; |
| @@ -92,7 +91,6 @@ char **argv; | |||
| 92 | char *inf=NULL,*outf=NULL; | 91 | char *inf=NULL,*outf=NULL; |
| 93 | BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; | 92 | BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; |
| 94 | #define PROG_NAME_SIZE 39 | 93 | #define PROG_NAME_SIZE 39 |
| 95 | char pname[PROG_NAME_SIZE+1]; | ||
| 96 | 94 | ||
| 97 | 95 | ||
| 98 | apps_startup(); | 96 | apps_startup(); |
diff --git a/src/lib/libssl/src/demos/bio/saccept.c b/src/lib/libssl/src/demos/bio/saccept.c index 933d6699ee..40cd4daad2 100644 --- a/src/lib/libssl/src/demos/bio/saccept.c +++ b/src/lib/libssl/src/demos/bio/saccept.c | |||
| @@ -45,6 +45,11 @@ char *argv[]; | |||
| 45 | 45 | ||
| 46 | SSL_load_error_strings(); | 46 | SSL_load_error_strings(); |
| 47 | 47 | ||
| 48 | #ifdef WATT32 | ||
| 49 | dbug_init(); | ||
| 50 | sock_init(); | ||
| 51 | #endif | ||
| 52 | |||
| 48 | /* Add ciphers and message digests */ | 53 | /* Add ciphers and message digests */ |
| 49 | OpenSSL_add_ssl_algorithms(); | 54 | OpenSSL_add_ssl_algorithms(); |
| 50 | 55 | ||
diff --git a/src/lib/libssl/src/demos/bio/sconnect.c b/src/lib/libssl/src/demos/bio/sconnect.c index 87b380b258..880344eb78 100644 --- a/src/lib/libssl/src/demos/bio/sconnect.c +++ b/src/lib/libssl/src/demos/bio/sconnect.c | |||
| @@ -32,6 +32,11 @@ char *argv[]; | |||
| 32 | else | 32 | else |
| 33 | host=argv[1]; | 33 | host=argv[1]; |
| 34 | 34 | ||
| 35 | #ifdef WATT32 | ||
| 36 | dbug_init(); | ||
| 37 | sock_init(); | ||
| 38 | #endif | ||
| 39 | |||
| 35 | /* Lets get nice error messages */ | 40 | /* Lets get nice error messages */ |
| 36 | SSL_load_error_strings(); | 41 | SSL_load_error_strings(); |
| 37 | 42 | ||
diff --git a/src/lib/libssl/src/demos/spkigen.c b/src/lib/libssl/src/demos/spkigen.c index d87881197c..2cd5dfea97 100644 --- a/src/lib/libssl/src/demos/spkigen.c +++ b/src/lib/libssl/src/demos/spkigen.c | |||
| @@ -65,7 +65,8 @@ char *argv[]; | |||
| 65 | 65 | ||
| 66 | fprintf(stderr,"please enter challenge string:"); | 66 | fprintf(stderr,"please enter challenge string:"); |
| 67 | fflush(stderr); | 67 | fflush(stderr); |
| 68 | fgets(buf,120,stdin); | 68 | buf[0]='\0'; |
| 69 | fgets(buf,sizeof buf,stdin); | ||
| 69 | i=strlen(buf); | 70 | i=strlen(buf); |
| 70 | if (i > 0) buf[--i]='\0'; | 71 | if (i > 0) buf[--i]='\0'; |
| 71 | if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge, | 72 | if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge, |
diff --git a/src/lib/libssl/src/demos/x509/mkcert.c b/src/lib/libssl/src/demos/x509/mkcert.c index 4709e18e7c..c5e67b8e28 100644 --- a/src/lib/libssl/src/demos/x509/mkcert.c +++ b/src/lib/libssl/src/demos/x509/mkcert.c | |||
| @@ -9,7 +9,9 @@ | |||
| 9 | #include <openssl/pem.h> | 9 | #include <openssl/pem.h> |
| 10 | #include <openssl/conf.h> | 10 | #include <openssl/conf.h> |
| 11 | #include <openssl/x509v3.h> | 11 | #include <openssl/x509v3.h> |
| 12 | #ifndef OPENSSL_NO_ENGINE | ||
| 12 | #include <openssl/engine.h> | 13 | #include <openssl/engine.h> |
| 14 | #endif | ||
| 13 | 15 | ||
| 14 | int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days); | 16 | int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days); |
| 15 | int add_ext(X509 *cert, int nid, char *value); | 17 | int add_ext(X509 *cert, int nid, char *value); |
| @@ -35,7 +37,9 @@ int main(int argc, char **argv) | |||
| 35 | X509_free(x509); | 37 | X509_free(x509); |
| 36 | EVP_PKEY_free(pkey); | 38 | EVP_PKEY_free(pkey); |
| 37 | 39 | ||
| 40 | #ifndef OPENSSL_NO_ENGINE | ||
| 38 | ENGINE_cleanup(); | 41 | ENGINE_cleanup(); |
| 42 | #endif | ||
| 39 | CRYPTO_cleanup_all_ex_data(); | 43 | CRYPTO_cleanup_all_ex_data(); |
| 40 | 44 | ||
| 41 | CRYPTO_mem_leaks(bio_err); | 45 | CRYPTO_mem_leaks(bio_err); |
| @@ -88,7 +92,7 @@ int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days) | |||
| 88 | } | 92 | } |
| 89 | rsa=NULL; | 93 | rsa=NULL; |
| 90 | 94 | ||
| 91 | X509_set_version(x,3); | 95 | X509_set_version(x,2); |
| 92 | ASN1_INTEGER_set(X509_get_serialNumber(x),serial); | 96 | ASN1_INTEGER_set(X509_get_serialNumber(x),serial); |
| 93 | X509_gmtime_adj(X509_get_notBefore(x),0); | 97 | X509_gmtime_adj(X509_get_notBefore(x),0); |
| 94 | X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days); | 98 | X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days); |
diff --git a/src/lib/libssl/src/demos/x509/mkreq.c b/src/lib/libssl/src/demos/x509/mkreq.c index d69dcc392b..3dfc65f164 100644 --- a/src/lib/libssl/src/demos/x509/mkreq.c +++ b/src/lib/libssl/src/demos/x509/mkreq.c | |||
| @@ -8,7 +8,9 @@ | |||
| 8 | #include <openssl/pem.h> | 8 | #include <openssl/pem.h> |
| 9 | #include <openssl/conf.h> | 9 | #include <openssl/conf.h> |
| 10 | #include <openssl/x509v3.h> | 10 | #include <openssl/x509v3.h> |
| 11 | #ifndef OPENSSL_NO_ENGINE | ||
| 11 | #include <openssl/engine.h> | 12 | #include <openssl/engine.h> |
| 13 | #endif | ||
| 12 | 14 | ||
| 13 | int mkreq(X509_REQ **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days); | 15 | int mkreq(X509_REQ **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days); |
| 14 | int add_ext(STACK_OF(X509_REQUEST) *sk, int nid, char *value); | 16 | int add_ext(STACK_OF(X509_REQUEST) *sk, int nid, char *value); |
| @@ -33,7 +35,9 @@ int main(int argc, char **argv) | |||
| 33 | X509_REQ_free(req); | 35 | X509_REQ_free(req); |
| 34 | EVP_PKEY_free(pkey); | 36 | EVP_PKEY_free(pkey); |
| 35 | 37 | ||
| 38 | #ifndef OPENSSL_NO_ENGINE | ||
| 36 | ENGINE_cleanup(); | 39 | ENGINE_cleanup(); |
| 40 | #endif | ||
| 37 | CRYPTO_cleanup_all_ex_data(); | 41 | CRYPTO_cleanup_all_ex_data(); |
| 38 | 42 | ||
| 39 | CRYPTO_mem_leaks(bio_err); | 43 | CRYPTO_mem_leaks(bio_err); |
diff --git a/src/lib/libssl/src/doc/HOWTO/certificates.txt b/src/lib/libssl/src/doc/HOWTO/certificates.txt index 88048645db..d3a62545ad 100644 --- a/src/lib/libssl/src/doc/HOWTO/certificates.txt +++ b/src/lib/libssl/src/doc/HOWTO/certificates.txt | |||
| @@ -1,6 +1,8 @@ | |||
| 1 | <DRAFT!> | 1 | <DRAFT!> |
| 2 | HOWTO certificates | 2 | HOWTO certificates |
| 3 | 3 | ||
| 4 | 1. Introduction | ||
| 5 | |||
| 4 | How you handle certificates depend a great deal on what your role is. | 6 | How you handle certificates depend a great deal on what your role is. |
| 5 | Your role can be one or several of: | 7 | Your role can be one or several of: |
| 6 | 8 | ||
| @@ -13,12 +15,14 @@ Certificate authorities should read ca.txt. | |||
| 13 | 15 | ||
| 14 | In all the cases shown below, the standard configuration file, as | 16 | In all the cases shown below, the standard configuration file, as |
| 15 | compiled into openssl, will be used. You may find it in /etc/, | 17 | compiled into openssl, will be used. You may find it in /etc/, |
| 16 | /usr/local/ssr/ or somewhere else. The name is openssl.cnf, and | 18 | /usr/local/ssl/ or somewhere else. The name is openssl.cnf, and |
| 17 | is better described in another HOWTO <config.txt?>. If you want to | 19 | is better described in another HOWTO <config.txt?>. If you want to |
| 18 | use a different configuration file, use the argument '-config {file}' | 20 | use a different configuration file, use the argument '-config {file}' |
| 19 | with the command shown below. | 21 | with the command shown below. |
| 20 | 22 | ||
| 21 | 23 | ||
| 24 | 2. Relationship with keys | ||
| 25 | |||
| 22 | Certificates are related to public key cryptography by containing a | 26 | Certificates are related to public key cryptography by containing a |
| 23 | public key. To be useful, there must be a corresponding private key | 27 | public key. To be useful, there must be a corresponding private key |
| 24 | somewhere. With OpenSSL, public keys are easily derived from private | 28 | somewhere. With OpenSSL, public keys are easily derived from private |
| @@ -26,22 +30,25 @@ keys, so before you create a certificate or a certificate request, you | |||
| 26 | need to create a private key. | 30 | need to create a private key. |
| 27 | 31 | ||
| 28 | Private keys are generated with 'openssl genrsa' if you want a RSA | 32 | Private keys are generated with 'openssl genrsa' if you want a RSA |
| 29 | private key, or 'openssl gendsa' if you want a DSA private key. More | 33 | private key, or 'openssl gendsa' if you want a DSA private key. |
| 30 | info on how to handle these commands are found in the manual pages for | 34 | Further information on how to create private keys can be found in |
| 31 | those commands or by running them with the argument '-h'. For the | 35 | another HOWTO <keys.txt?>. The rest of this text assumes you have |
| 32 | sake of the description in this file, let's assume that the private | 36 | a private key in the file privkey.pem. |
| 33 | key ended up in the file privkey.pem (which is the default in some | 37 | |
| 34 | cases). | 38 | |
| 35 | 39 | 3. Creating a certificate request | |
| 36 | 40 | ||
| 37 | Let's start with the most normal way of getting a certificate. Most | 41 | To create a certificate, you need to start with a certificate |
| 38 | often, you want or need to get a certificate from a certificate | 42 | request (or, as some certificate authorities like to put |
| 39 | authority. To handle that, the certificate authority needs a | ||
| 40 | certificate request (or, as some certificate authorities like to put | ||
| 41 | it, "certificate signing request", since that's exactly what they do, | 43 | it, "certificate signing request", since that's exactly what they do, |
| 42 | they sign it and give you the result back, thus making it authentic | 44 | they sign it and give you the result back, thus making it authentic |
| 43 | according to their policies) from you. To generate a request, use the | 45 | according to their policies). A certificate request can then be sent |
| 44 | command 'openssl req' like this: | 46 | to a certificate authority to get it signed into a certificate, or if |
| 47 | you have your own certificate authority, you may sign it yourself, or | ||
| 48 | if you need a self-signed certificate (because you just want a test | ||
| 49 | certificate or because you are setting up your own CA). | ||
| 50 | |||
| 51 | The certificate request is created like this: | ||
| 45 | 52 | ||
| 46 | openssl req -new -key privkey.pem -out cert.csr | 53 | openssl req -new -key privkey.pem -out cert.csr |
| 47 | 54 | ||
| @@ -55,9 +62,23 @@ When the certificate authority has then done the checks the need to | |||
| 55 | do (and probably gotten payment from you), they will hand over your | 62 | do (and probably gotten payment from you), they will hand over your |
| 56 | new certificate to you. | 63 | new certificate to you. |
| 57 | 64 | ||
| 65 | Section 5 will tell you more on how to handle the certificate you | ||
| 66 | received. | ||
| 67 | |||
| 68 | |||
| 69 | 4. Creating a self-signed certificate | ||
| 70 | |||
| 71 | If you don't want to deal with another certificate authority, or just | ||
| 72 | want to create a test certificate for yourself, or are setting up a | ||
| 73 | certificate authority of your own, you may want to make the requested | ||
| 74 | certificate a self-signed one. This is similar to creating a | ||
| 75 | certificate request, but creates a certificate instead of a | ||
| 76 | certificate request (1095 is 3 years): | ||
| 77 | |||
| 78 | openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 | ||
| 58 | 79 | ||
| 59 | [fill in on how to create a self-signed certificate] | ||
| 60 | 80 | ||
| 81 | 5. What to do with the certificate | ||
| 61 | 82 | ||
| 62 | If you created everything yourself, or if the certificate authority | 83 | If you created everything yourself, or if the certificate authority |
| 63 | was kind enough, your certificate is a raw DER thing in PEM format. | 84 | was kind enough, your certificate is a raw DER thing in PEM format. |
diff --git a/src/lib/libssl/src/doc/apps/ca.pod b/src/lib/libssl/src/doc/apps/ca.pod index c2ca8f2400..de66c534b5 100644 --- a/src/lib/libssl/src/doc/apps/ca.pod +++ b/src/lib/libssl/src/doc/apps/ca.pod | |||
| @@ -13,6 +13,10 @@ B<openssl> B<ca> | |||
| 13 | [B<-name section>] | 13 | [B<-name section>] |
| 14 | [B<-gencrl>] | 14 | [B<-gencrl>] |
| 15 | [B<-revoke file>] | 15 | [B<-revoke file>] |
| 16 | [B<-crl_reason reason>] | ||
| 17 | [B<-crl_hold instruction>] | ||
| 18 | [B<-crl_compromise time>] | ||
| 19 | [B<-crl_CA_compromise time>] | ||
| 16 | [B<-subj arg>] | 20 | [B<-subj arg>] |
| 17 | [B<-crldays days>] | 21 | [B<-crldays days>] |
| 18 | [B<-crlhours hours>] | 22 | [B<-crlhours hours>] |
| @@ -39,6 +43,7 @@ B<openssl> B<ca> | |||
| 39 | [B<-msie_hack>] | 43 | [B<-msie_hack>] |
| 40 | [B<-extensions section>] | 44 | [B<-extensions section>] |
| 41 | [B<-extfile section>] | 45 | [B<-extfile section>] |
| 46 | [B<-engine id>] | ||
| 42 | 47 | ||
| 43 | =head1 DESCRIPTION | 48 | =head1 DESCRIPTION |
| 44 | 49 | ||
| @@ -74,7 +79,7 @@ a single self signed certificate to be signed by the CA. | |||
| 74 | =item B<-spkac filename> | 79 | =item B<-spkac filename> |
| 75 | 80 | ||
| 76 | a file containing a single Netscape signed public key and challenge | 81 | a file containing a single Netscape signed public key and challenge |
| 77 | and additional field values to be signed by the CA. See the B<NOTES> | 82 | and additional field values to be signed by the CA. See the B<SPKAC FORMAT> |
| 78 | section for information on the required format. | 83 | section for information on the required format. |
| 79 | 84 | ||
| 80 | =item B<-infiles> | 85 | =item B<-infiles> |
| @@ -191,6 +196,13 @@ an additional configuration file to read certificate extensions from | |||
| 191 | (using the default section unless the B<-extensions> option is also | 196 | (using the default section unless the B<-extensions> option is also |
| 192 | used). | 197 | used). |
| 193 | 198 | ||
| 199 | =item B<-engine id> | ||
| 200 | |||
| 201 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 202 | to attempt to obtain a functional reference to the specified engine, | ||
| 203 | thus initialising it if needed. The engine will then be set as the default | ||
| 204 | for all available algorithms. | ||
| 205 | |||
| 194 | =back | 206 | =back |
| 195 | 207 | ||
| 196 | =head1 CRL OPTIONS | 208 | =head1 CRL OPTIONS |
| @@ -214,6 +226,33 @@ the number of hours before the next CRL is due. | |||
| 214 | 226 | ||
| 215 | a filename containing a certificate to revoke. | 227 | a filename containing a certificate to revoke. |
| 216 | 228 | ||
| 229 | =item B<-crl_reason reason> | ||
| 230 | |||
| 231 | revocation reason, where B<reason> is one of: B<unspecified>, B<keyCompromise>, | ||
| 232 | B<CACompromise>, B<affiliationChanged>, B<superseded>, B<cessationOfOperation>, | ||
| 233 | B<certificateHold> or B<removeFromCRL>. The matching of B<reason> is case | ||
| 234 | insensitive. Setting any revocation reason will make the CRL v2. | ||
| 235 | |||
| 236 | In practive B<removeFromCRL> is not particularly useful because it is only used | ||
| 237 | in delta CRLs which are not currently implemented. | ||
| 238 | |||
| 239 | =item B<-crl_hold instruction> | ||
| 240 | |||
| 241 | This sets the CRL revocation reason code to B<certificateHold> and the hold | ||
| 242 | instruction to B<instruction> which must be an OID. Although any OID can be | ||
| 243 | used only B<holdInstructionNone> (the use of which is discouraged by RFC2459) | ||
| 244 | B<holdInstructionCallIssuer> or B<holdInstructionReject> will normally be used. | ||
| 245 | |||
| 246 | =item B<-crl_compromise time> | ||
| 247 | |||
| 248 | This sets the revocation reason to B<keyCompromise> and the compromise time to | ||
| 249 | B<time>. B<time> should be in GeneralizedTime format that is B<YYYYMMDDHHMMSSZ>. | ||
| 250 | |||
| 251 | =item B<-crl_CA_compromise time> | ||
| 252 | |||
| 253 | This is the same as B<crl_compromise> except the revocation reason is set to | ||
| 254 | B<CACompromise>. | ||
| 255 | |||
| 217 | =item B<-subj arg> | 256 | =item B<-subj arg> |
| 218 | 257 | ||
| 219 | supersedes subject name given in the request. | 258 | supersedes subject name given in the request. |
| @@ -486,18 +525,6 @@ A sample configuration file with the relevant sections for B<ca>: | |||
| 486 | commonName = supplied | 525 | commonName = supplied |
| 487 | emailAddress = optional | 526 | emailAddress = optional |
| 488 | 527 | ||
| 489 | =head1 WARNINGS | ||
| 490 | |||
| 491 | The B<ca> command is quirky and at times downright unfriendly. | ||
| 492 | |||
| 493 | The B<ca> utility was originally meant as an example of how to do things | ||
| 494 | in a CA. It was not supposed to be used as a full blown CA itself: | ||
| 495 | nevertheless some people are using it for this purpose. | ||
| 496 | |||
| 497 | The B<ca> command is effectively a single user command: no locking is | ||
| 498 | done on the various files and attempts to run more than one B<ca> command | ||
| 499 | on the same database can have unpredictable results. | ||
| 500 | |||
| 501 | =head1 FILES | 528 | =head1 FILES |
| 502 | 529 | ||
| 503 | Note: the location of all files can change either by compile time options, | 530 | Note: the location of all files can change either by compile time options, |
| @@ -527,9 +554,6 @@ if corrupted it can be difficult to fix. It is theoretically possible | |||
| 527 | to rebuild the index file from all the issued certificates and a current | 554 | to rebuild the index file from all the issued certificates and a current |
| 528 | CRL: however there is no option to do this. | 555 | CRL: however there is no option to do this. |
| 529 | 556 | ||
| 530 | CRL entry extensions cannot currently be created: only CRL extensions | ||
| 531 | can be added. | ||
| 532 | |||
| 533 | V2 CRL features like delta CRL support and CRL numbers are not currently | 557 | V2 CRL features like delta CRL support and CRL numbers are not currently |
| 534 | supported. | 558 | supported. |
| 535 | 559 | ||
| @@ -565,6 +589,16 @@ create an empty file. | |||
| 565 | 589 | ||
| 566 | =head1 WARNINGS | 590 | =head1 WARNINGS |
| 567 | 591 | ||
| 592 | The B<ca> command is quirky and at times downright unfriendly. | ||
| 593 | |||
| 594 | The B<ca> utility was originally meant as an example of how to do things | ||
| 595 | in a CA. It was not supposed to be used as a full blown CA itself: | ||
| 596 | nevertheless some people are using it for this purpose. | ||
| 597 | |||
| 598 | The B<ca> command is effectively a single user command: no locking is | ||
| 599 | done on the various files and attempts to run more than one B<ca> command | ||
| 600 | on the same database can have unpredictable results. | ||
| 601 | |||
| 568 | The B<copy_extensions> option should be used with caution. If care is | 602 | The B<copy_extensions> option should be used with caution. If care is |
| 569 | not taken then it can be a security risk. For example if a certificate | 603 | not taken then it can be a security risk. For example if a certificate |
| 570 | request contains a basicConstraints extension with CA:TRUE and the | 604 | request contains a basicConstraints extension with CA:TRUE and the |
diff --git a/src/lib/libssl/src/doc/apps/ciphers.pod b/src/lib/libssl/src/doc/apps/ciphers.pod index b7e577b24f..81a2c43893 100644 --- a/src/lib/libssl/src/doc/apps/ciphers.pod +++ b/src/lib/libssl/src/doc/apps/ciphers.pod | |||
| @@ -203,6 +203,10 @@ cipher suites using DH, including anonymous DH. | |||
| 203 | 203 | ||
| 204 | anonymous DH cipher suites. | 204 | anonymous DH cipher suites. |
| 205 | 205 | ||
| 206 | =item B<AES> | ||
| 207 | |||
| 208 | cipher suites using AES. | ||
| 209 | |||
| 206 | =item B<3DES> | 210 | =item B<3DES> |
| 207 | 211 | ||
| 208 | cipher suites using triple DES. | 212 | cipher suites using triple DES. |
| @@ -236,7 +240,9 @@ cipher suites using SHA1. | |||
| 236 | =head1 CIPHER SUITE NAMES | 240 | =head1 CIPHER SUITE NAMES |
| 237 | 241 | ||
| 238 | The following lists give the SSL or TLS cipher suites names from the | 242 | The following lists give the SSL or TLS cipher suites names from the |
| 239 | relevant specification and their OpenSSL equivalents. | 243 | relevant specification and their OpenSSL equivalents. It should be noted, |
| 244 | that several cipher suite names do not include the authentication used, | ||
| 245 | e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. | ||
| 240 | 246 | ||
| 241 | =head2 SSL v3.0 cipher suites. | 247 | =head2 SSL v3.0 cipher suites. |
| 242 | 248 | ||
| @@ -306,6 +312,24 @@ relevant specification and their OpenSSL equivalents. | |||
| 306 | TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA | 312 | TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA |
| 307 | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA | 313 | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA |
| 308 | 314 | ||
| 315 | =head2 AES ciphersuites from RFC3268, extending TLS v1.0 | ||
| 316 | |||
| 317 | TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA | ||
| 318 | TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA | ||
| 319 | |||
| 320 | TLS_DH_DSS_WITH_AES_128_CBC_SHA DH-DSS-AES128-SHA | ||
| 321 | TLS_DH_DSS_WITH_AES_256_CBC_SHA DH-DSS-AES256-SHA | ||
| 322 | TLS_DH_RSA_WITH_AES_128_CBC_SHA DH-RSA-AES128-SHA | ||
| 323 | TLS_DH_RSA_WITH_AES_256_CBC_SHA DH-RSA-AES256-SHA | ||
| 324 | |||
| 325 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA | ||
| 326 | TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA | ||
| 327 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE-RSA-AES128-SHA | ||
| 328 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE-RSA-AES256-SHA | ||
| 329 | |||
| 330 | TLS_DH_anon_WITH_AES_128_CBC_SHA ADH-AES128-SHA | ||
| 331 | TLS_DH_anon_WITH_AES_256_CBC_SHA ADH-AES256-SHA | ||
| 332 | |||
| 309 | =head2 Additional Export 1024 and other cipher suites | 333 | =head2 Additional Export 1024 and other cipher suites |
| 310 | 334 | ||
| 311 | Note: these ciphers can also be used in SSL v3. | 335 | Note: these ciphers can also be used in SSL v3. |
diff --git a/src/lib/libssl/src/doc/apps/dhparam.pod b/src/lib/libssl/src/doc/apps/dhparam.pod index ff8a6e5e5b..c31db95a47 100644 --- a/src/lib/libssl/src/doc/apps/dhparam.pod +++ b/src/lib/libssl/src/doc/apps/dhparam.pod | |||
| @@ -18,6 +18,7 @@ B<openssl dhparam> | |||
| 18 | [B<-2>] | 18 | [B<-2>] |
| 19 | [B<-5>] | 19 | [B<-5>] |
| 20 | [B<-rand> I<file(s)>] | 20 | [B<-rand> I<file(s)>] |
| 21 | [B<-engine id>] | ||
| 21 | [I<numbits>] | 22 | [I<numbits>] |
| 22 | 23 | ||
| 23 | =head1 DESCRIPTION | 24 | =head1 DESCRIPTION |
| @@ -96,6 +97,13 @@ this option prints out the DH parameters in human readable form. | |||
| 96 | this option converts the parameters into C code. The parameters can then | 97 | this option converts the parameters into C code. The parameters can then |
| 97 | be loaded by calling the B<get_dh>I<numbits>B<()> function. | 98 | be loaded by calling the B<get_dh>I<numbits>B<()> function. |
| 98 | 99 | ||
| 100 | =item B<-engine id> | ||
| 101 | |||
| 102 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 103 | to attempt to obtain a functional reference to the specified engine, | ||
| 104 | thus initialising it if needed. The engine will then be set as the default | ||
| 105 | for all available algorithms. | ||
| 106 | |||
| 99 | =back | 107 | =back |
| 100 | 108 | ||
| 101 | =head1 WARNINGS | 109 | =head1 WARNINGS |
diff --git a/src/lib/libssl/src/doc/apps/dsa.pod b/src/lib/libssl/src/doc/apps/dsa.pod index 28e534bb95..ed06b8806d 100644 --- a/src/lib/libssl/src/doc/apps/dsa.pod +++ b/src/lib/libssl/src/doc/apps/dsa.pod | |||
| @@ -21,6 +21,7 @@ B<openssl> B<dsa> | |||
| 21 | [B<-modulus>] | 21 | [B<-modulus>] |
| 22 | [B<-pubin>] | 22 | [B<-pubin>] |
| 23 | [B<-pubout>] | 23 | [B<-pubout>] |
| 24 | [B<-engine id>] | ||
| 24 | 25 | ||
| 25 | =head1 DESCRIPTION | 26 | =head1 DESCRIPTION |
| 26 | 27 | ||
| @@ -106,6 +107,13 @@ by default a private key is output. With this option a public | |||
| 106 | key will be output instead. This option is automatically set if the input is | 107 | key will be output instead. This option is automatically set if the input is |
| 107 | a public key. | 108 | a public key. |
| 108 | 109 | ||
| 110 | =item B<-engine id> | ||
| 111 | |||
| 112 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 113 | to attempt to obtain a functional reference to the specified engine, | ||
| 114 | thus initialising it if needed. The engine will then be set as the default | ||
| 115 | for all available algorithms. | ||
| 116 | |||
| 109 | =back | 117 | =back |
| 110 | 118 | ||
| 111 | =head1 NOTES | 119 | =head1 NOTES |
diff --git a/src/lib/libssl/src/doc/apps/dsaparam.pod b/src/lib/libssl/src/doc/apps/dsaparam.pod index 50c2f61242..b9b1b93b42 100644 --- a/src/lib/libssl/src/doc/apps/dsaparam.pod +++ b/src/lib/libssl/src/doc/apps/dsaparam.pod | |||
| @@ -16,6 +16,7 @@ B<openssl dsaparam> | |||
| 16 | [B<-C>] | 16 | [B<-C>] |
| 17 | [B<-rand file(s)>] | 17 | [B<-rand file(s)>] |
| 18 | [B<-genkey>] | 18 | [B<-genkey>] |
| 19 | [B<-engine id>] | ||
| 19 | [B<numbits>] | 20 | [B<numbits>] |
| 20 | 21 | ||
| 21 | =head1 DESCRIPTION | 22 | =head1 DESCRIPTION |
| @@ -82,6 +83,13 @@ this option specifies that a parameter set should be generated of size | |||
| 82 | B<numbits>. It must be the last option. If this option is included then | 83 | B<numbits>. It must be the last option. If this option is included then |
| 83 | the input file (if any) is ignored. | 84 | the input file (if any) is ignored. |
| 84 | 85 | ||
| 86 | =item B<-engine id> | ||
| 87 | |||
| 88 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 89 | to attempt to obtain a functional reference to the specified engine, | ||
| 90 | thus initialising it if needed. The engine will then be set as the default | ||
| 91 | for all available algorithms. | ||
| 92 | |||
| 85 | =back | 93 | =back |
| 86 | 94 | ||
| 87 | =head1 NOTES | 95 | =head1 NOTES |
diff --git a/src/lib/libssl/src/doc/apps/gendsa.pod b/src/lib/libssl/src/doc/apps/gendsa.pod index 74318fe7fb..2c56cc7888 100644 --- a/src/lib/libssl/src/doc/apps/gendsa.pod +++ b/src/lib/libssl/src/doc/apps/gendsa.pod | |||
| @@ -12,6 +12,7 @@ B<openssl> B<gendsa> | |||
| 12 | [B<-des3>] | 12 | [B<-des3>] |
| 13 | [B<-idea>] | 13 | [B<-idea>] |
| 14 | [B<-rand file(s)>] | 14 | [B<-rand file(s)>] |
| 15 | [B<-engine id>] | ||
| 15 | [B<paramfile>] | 16 | [B<paramfile>] |
| 16 | 17 | ||
| 17 | =head1 DESCRIPTION | 18 | =head1 DESCRIPTION |
| @@ -37,6 +38,13 @@ Multiple files can be specified separated by a OS-dependent character. | |||
| 37 | The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for | 38 | The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for |
| 38 | all others. | 39 | all others. |
| 39 | 40 | ||
| 41 | =item B<-engine id> | ||
| 42 | |||
| 43 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 44 | to attempt to obtain a functional reference to the specified engine, | ||
| 45 | thus initialising it if needed. The engine will then be set as the default | ||
| 46 | for all available algorithms. | ||
| 47 | |||
| 40 | =item B<paramfile> | 48 | =item B<paramfile> |
| 41 | 49 | ||
| 42 | This option specifies the DSA parameter file to use. The parameters in this | 50 | This option specifies the DSA parameter file to use. The parameters in this |
diff --git a/src/lib/libssl/src/doc/apps/genrsa.pod b/src/lib/libssl/src/doc/apps/genrsa.pod index cdcc03c123..25af4d1475 100644 --- a/src/lib/libssl/src/doc/apps/genrsa.pod +++ b/src/lib/libssl/src/doc/apps/genrsa.pod | |||
| @@ -15,6 +15,7 @@ B<openssl> B<genrsa> | |||
| 15 | [B<-f4>] | 15 | [B<-f4>] |
| 16 | [B<-3>] | 16 | [B<-3>] |
| 17 | [B<-rand file(s)>] | 17 | [B<-rand file(s)>] |
| 18 | [B<-engine id>] | ||
| 18 | [B<numbits>] | 19 | [B<numbits>] |
| 19 | 20 | ||
| 20 | =head1 DESCRIPTION | 21 | =head1 DESCRIPTION |
| @@ -54,6 +55,13 @@ Multiple files can be specified separated by a OS-dependent character. | |||
| 54 | The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for | 55 | The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for |
| 55 | all others. | 56 | all others. |
| 56 | 57 | ||
| 58 | =item B<-engine id> | ||
| 59 | |||
| 60 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 61 | to attempt to obtain a functional reference to the specified engine, | ||
| 62 | thus initialising it if needed. The engine will then be set as the default | ||
| 63 | for all available algorithms. | ||
| 64 | |||
| 57 | =item B<numbits> | 65 | =item B<numbits> |
| 58 | 66 | ||
| 59 | the size of the private key to generate in bits. This must be the last option | 67 | the size of the private key to generate in bits. This must be the last option |
diff --git a/src/lib/libssl/src/doc/apps/ocsp.pod b/src/lib/libssl/src/doc/apps/ocsp.pod index da201b95e6..4f266058e5 100644 --- a/src/lib/libssl/src/doc/apps/ocsp.pod +++ b/src/lib/libssl/src/doc/apps/ocsp.pod | |||
| @@ -11,6 +11,10 @@ B<openssl> B<ocsp> | |||
| 11 | [B<-issuer file>] | 11 | [B<-issuer file>] |
| 12 | [B<-cert file>] | 12 | [B<-cert file>] |
| 13 | [B<-serial n>] | 13 | [B<-serial n>] |
| 14 | [B<-signer file>] | ||
| 15 | [B<-signkey file>] | ||
| 16 | [B<-sign_other file>] | ||
| 17 | [B<-no_certs>] | ||
| 14 | [B<-req_text>] | 18 | [B<-req_text>] |
| 15 | [B<-resp_text>] | 19 | [B<-resp_text>] |
| 16 | [B<-text>] | 20 | [B<-text>] |
| @@ -20,27 +24,36 @@ B<openssl> B<ocsp> | |||
| 20 | [B<-respin file>] | 24 | [B<-respin file>] |
| 21 | [B<-nonce>] | 25 | [B<-nonce>] |
| 22 | [B<-no_nonce>] | 26 | [B<-no_nonce>] |
| 23 | [B<-url responder_url>] | 27 | [B<-url URL>] |
| 24 | [B<-host host:n>] | 28 | [B<-host host:n>] |
| 25 | [B<-path>] | 29 | [B<-path>] |
| 26 | [B<-CApath file>] | 30 | [B<-CApath dir>] |
| 27 | [B<-CAfile file>] | 31 | [B<-CAfile file>] |
| 28 | [B<-VAfile file>] | 32 | [B<-VAfile file>] |
| 29 | [B<-verify_certs file>] | 33 | [B<-validity_period n>] |
| 34 | [B<-status_age n>] | ||
| 30 | [B<-noverify>] | 35 | [B<-noverify>] |
| 36 | [B<-verify_other file>] | ||
| 31 | [B<-trust_other>] | 37 | [B<-trust_other>] |
| 32 | [B<-no_intern>] | 38 | [B<-no_intern>] |
| 33 | [B<-no_sig_verify>] | 39 | [B<-no_signature_verify>] |
| 34 | [B<-no_cert_verify>] | 40 | [B<-no_cert_verify>] |
| 35 | [B<-no_chain>] | 41 | [B<-no_chain>] |
| 36 | [B<-no_cert_checks>] | 42 | [B<-no_cert_checks>] |
| 37 | [B<-validity_period nsec>] | 43 | [B<-port num>] |
| 38 | [B<-status_age nsec>] | 44 | [B<-index file>] |
| 45 | [B<-CA file>] | ||
| 46 | [B<-rsigner file>] | ||
| 47 | [B<-rkey file>] | ||
| 48 | [B<-rother file>] | ||
| 49 | [B<-resp_no_certs>] | ||
| 50 | [B<-nmin n>] | ||
| 51 | [B<-ndays n>] | ||
| 52 | [B<-resp_key_id>] | ||
| 53 | [B<-nrequest n>] | ||
| 39 | 54 | ||
| 40 | =head1 DESCRIPTION | 55 | =head1 DESCRIPTION |
| 41 | 56 | ||
| 42 | B<WARNING: this documentation is preliminary and subject to change.> | ||
| 43 | |||
| 44 | The Online Certificate Status Protocol (OCSP) enables applications to | 57 | The Online Certificate Status Protocol (OCSP) enables applications to |
| 45 | determine the (revocation) state of an identified certificate (RFC 2560). | 58 | determine the (revocation) state of an identified certificate (RFC 2560). |
| 46 | 59 | ||
| @@ -83,6 +96,10 @@ the B<signkey> option is not present then the private key is read | |||
| 83 | from the same file as the certificate. If neither option is specified then | 96 | from the same file as the certificate. If neither option is specified then |
| 84 | the OCSP request is not signed. | 97 | the OCSP request is not signed. |
| 85 | 98 | ||
| 99 | =item B<-sign_other filename> | ||
| 100 | |||
| 101 | Additional certificates to include in the signed request. | ||
| 102 | |||
| 86 | =item B<-nonce>, B<-no_nonce> | 103 | =item B<-nonce>, B<-no_nonce> |
| 87 | 104 | ||
| 88 | Add an OCSP nonce extension to a request or disable OCSP nonce addition. | 105 | Add an OCSP nonce extension to a request or disable OCSP nonce addition. |
| @@ -120,7 +137,7 @@ or "/" by default. | |||
| 120 | file or pathname containing trusted CA certificates. These are used to verify | 137 | file or pathname containing trusted CA certificates. These are used to verify |
| 121 | the signature on the OCSP response. | 138 | the signature on the OCSP response. |
| 122 | 139 | ||
| 123 | =item B<-verify_certs file> | 140 | =item B<-verify_other file> |
| 124 | 141 | ||
| 125 | file containing additional certificates to search when attempting to locate | 142 | file containing additional certificates to search when attempting to locate |
| 126 | the OCSP response signing certificate. Some responders omit the actual signer's | 143 | the OCSP response signing certificate. Some responders omit the actual signer's |
| @@ -151,7 +168,7 @@ ignore certificates contained in the OCSP response when searching for the | |||
| 151 | signers certificate. With this option the signers certificate must be specified | 168 | signers certificate. With this option the signers certificate must be specified |
| 152 | with either the B<-verify_certs> or B<-VAfile> options. | 169 | with either the B<-verify_certs> or B<-VAfile> options. |
| 153 | 170 | ||
| 154 | =item B<-no_sig_verify> | 171 | =item B<-no_signature_verify> |
| 155 | 172 | ||
| 156 | don't check the signature on the OCSP response. Since this option tolerates invalid | 173 | don't check the signature on the OCSP response. Since this option tolerates invalid |
| 157 | signatures on OCSP responses it will normally only be used for testing purposes. | 174 | signatures on OCSP responses it will normally only be used for testing purposes. |
diff --git a/src/lib/libssl/src/doc/apps/passwd.pod b/src/lib/libssl/src/doc/apps/passwd.pod index 07d849c824..f44982549b 100644 --- a/src/lib/libssl/src/doc/apps/passwd.pod +++ b/src/lib/libssl/src/doc/apps/passwd.pod | |||
| @@ -75,7 +75,7 @@ to each password hash. | |||
| 75 | 75 | ||
| 76 | B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>. | 76 | B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>. |
| 77 | 77 | ||
| 78 | B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$8XJIcl6ZXqBMCK0qFevqT1>. | 78 | B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>. |
| 79 | 79 | ||
| 80 | B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. | 80 | B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. |
| 81 | 81 | ||
diff --git a/src/lib/libssl/src/doc/apps/pkcs7.pod b/src/lib/libssl/src/doc/apps/pkcs7.pod index 9871c0e0cd..a0a636328b 100644 --- a/src/lib/libssl/src/doc/apps/pkcs7.pod +++ b/src/lib/libssl/src/doc/apps/pkcs7.pod | |||
| @@ -14,6 +14,7 @@ B<openssl> B<pkcs7> | |||
| 14 | [B<-print_certs>] | 14 | [B<-print_certs>] |
| 15 | [B<-text>] | 15 | [B<-text>] |
| 16 | [B<-noout>] | 16 | [B<-noout>] |
| 17 | [B<-engine id>] | ||
| 17 | 18 | ||
| 18 | =head1 DESCRIPTION | 19 | =head1 DESCRIPTION |
| 19 | 20 | ||
| @@ -59,6 +60,13 @@ issuer names. | |||
| 59 | don't output the encoded version of the PKCS#7 structure (or certificates | 60 | don't output the encoded version of the PKCS#7 structure (or certificates |
| 60 | is B<-print_certs> is set). | 61 | is B<-print_certs> is set). |
| 61 | 62 | ||
| 63 | =item B<-engine id> | ||
| 64 | |||
| 65 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 66 | to attempt to obtain a functional reference to the specified engine, | ||
| 67 | thus initialising it if needed. The engine will then be set as the default | ||
| 68 | for all available algorithms. | ||
| 69 | |||
| 62 | =back | 70 | =back |
| 63 | 71 | ||
| 64 | =head1 EXAMPLES | 72 | =head1 EXAMPLES |
diff --git a/src/lib/libssl/src/doc/apps/pkcs8.pod b/src/lib/libssl/src/doc/apps/pkcs8.pod index a56b2dd002..68ecd65b10 100644 --- a/src/lib/libssl/src/doc/apps/pkcs8.pod +++ b/src/lib/libssl/src/doc/apps/pkcs8.pod | |||
| @@ -21,6 +21,7 @@ B<openssl> B<pkcs8> | |||
| 21 | [B<-nsdb>] | 21 | [B<-nsdb>] |
| 22 | [B<-v2 alg>] | 22 | [B<-v2 alg>] |
| 23 | [B<-v1 alg>] | 23 | [B<-v1 alg>] |
| 24 | [B<-engine id>] | ||
| 24 | 25 | ||
| 25 | =head1 DESCRIPTION | 26 | =head1 DESCRIPTION |
| 26 | 27 | ||
| @@ -122,6 +123,13 @@ B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used. | |||
| 122 | This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete | 123 | This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete |
| 123 | list of possible algorithms is included below. | 124 | list of possible algorithms is included below. |
| 124 | 125 | ||
| 126 | =item B<-engine id> | ||
| 127 | |||
| 128 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 129 | to attempt to obtain a functional reference to the specified engine, | ||
| 130 | thus initialising it if needed. The engine will then be set as the default | ||
| 131 | for all available algorithms. | ||
| 132 | |||
| 125 | =back | 133 | =back |
| 126 | 134 | ||
| 127 | =head1 NOTES | 135 | =head1 NOTES |
diff --git a/src/lib/libssl/src/doc/apps/req.pod b/src/lib/libssl/src/doc/apps/req.pod index 10e4e12a5c..e2b5d0d8ec 100644 --- a/src/lib/libssl/src/doc/apps/req.pod +++ b/src/lib/libssl/src/doc/apps/req.pod | |||
| @@ -41,6 +41,7 @@ B<openssl> B<req> | |||
| 41 | [B<-nameopt>] | 41 | [B<-nameopt>] |
| 42 | [B<-batch>] | 42 | [B<-batch>] |
| 43 | [B<-verbose>] | 43 | [B<-verbose>] |
| 44 | [B<-engine id>] | ||
| 44 | 45 | ||
| 45 | =head1 DESCRIPTION | 46 | =head1 DESCRIPTION |
| 46 | 47 | ||
| @@ -244,6 +245,13 @@ non-interactive mode. | |||
| 244 | 245 | ||
| 245 | print extra details about the operations being performed. | 246 | print extra details about the operations being performed. |
| 246 | 247 | ||
| 248 | =item B<-engine id> | ||
| 249 | |||
| 250 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 251 | to attempt to obtain a functional reference to the specified engine, | ||
| 252 | thus initialising it if needed. The engine will then be set as the default | ||
| 253 | for all available algorithms. | ||
| 254 | |||
| 247 | =back | 255 | =back |
| 248 | 256 | ||
| 249 | =head1 CONFIGURATION FILE FORMAT | 257 | =head1 CONFIGURATION FILE FORMAT |
| @@ -406,7 +414,7 @@ be input by calling it "1.organizationName". | |||
| 406 | The actual permitted field names are any object identifier short or | 414 | The actual permitted field names are any object identifier short or |
| 407 | long names. These are compiled into OpenSSL and include the usual | 415 | long names. These are compiled into OpenSSL and include the usual |
| 408 | values such as commonName, countryName, localityName, organizationName, | 416 | values such as commonName, countryName, localityName, organizationName, |
| 409 | organizationUnitName, stateOrPrivinceName. Additionally emailAddress | 417 | organizationUnitName, stateOrProvinceName. Additionally emailAddress |
| 410 | is include as well as name, surname, givenName initials and dnQualifier. | 418 | is include as well as name, surname, givenName initials and dnQualifier. |
| 411 | 419 | ||
| 412 | Additional object identifiers can be defined with the B<oid_file> or | 420 | Additional object identifiers can be defined with the B<oid_file> or |
| @@ -512,13 +520,13 @@ Sample configuration containing all field values: | |||
| 512 | 520 | ||
| 513 | The header and footer lines in the B<PEM> format are normally: | 521 | The header and footer lines in the B<PEM> format are normally: |
| 514 | 522 | ||
| 515 | -----BEGIN CERTIFICATE REQUEST---- | 523 | -----BEGIN CERTIFICATE REQUEST----- |
| 516 | -----END CERTIFICATE REQUEST---- | 524 | -----END CERTIFICATE REQUEST----- |
| 517 | 525 | ||
| 518 | some software (some versions of Netscape certificate server) instead needs: | 526 | some software (some versions of Netscape certificate server) instead needs: |
| 519 | 527 | ||
| 520 | -----BEGIN NEW CERTIFICATE REQUEST---- | 528 | -----BEGIN NEW CERTIFICATE REQUEST----- |
| 521 | -----END NEW CERTIFICATE REQUEST---- | 529 | -----END NEW CERTIFICATE REQUEST----- |
| 522 | 530 | ||
| 523 | which is produced with the B<-newhdr> option but is otherwise compatible. | 531 | which is produced with the B<-newhdr> option but is otherwise compatible. |
| 524 | Either form is accepted transparently on input. | 532 | Either form is accepted transparently on input. |
diff --git a/src/lib/libssl/src/doc/apps/rsa.pod b/src/lib/libssl/src/doc/apps/rsa.pod index ef74f1adff..4d7640995e 100644 --- a/src/lib/libssl/src/doc/apps/rsa.pod +++ b/src/lib/libssl/src/doc/apps/rsa.pod | |||
| @@ -24,6 +24,7 @@ B<openssl> B<rsa> | |||
| 24 | [B<-check>] | 24 | [B<-check>] |
| 25 | [B<-pubin>] | 25 | [B<-pubin>] |
| 26 | [B<-pubout>] | 26 | [B<-pubout>] |
| 27 | [B<-engine id>] | ||
| 27 | 28 | ||
| 28 | =head1 DESCRIPTION | 29 | =head1 DESCRIPTION |
| 29 | 30 | ||
| @@ -117,6 +118,13 @@ by default a private key is output: with this option a public | |||
| 117 | key will be output instead. This option is automatically set if | 118 | key will be output instead. This option is automatically set if |
| 118 | the input is a public key. | 119 | the input is a public key. |
| 119 | 120 | ||
| 121 | =item B<-engine id> | ||
| 122 | |||
| 123 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 124 | to attempt to obtain a functional reference to the specified engine, | ||
| 125 | thus initialising it if needed. The engine will then be set as the default | ||
| 126 | for all available algorithms. | ||
| 127 | |||
| 120 | =back | 128 | =back |
| 121 | 129 | ||
| 122 | =head1 NOTES | 130 | =head1 NOTES |
diff --git a/src/lib/libssl/src/doc/apps/s_client.pod b/src/lib/libssl/src/doc/apps/s_client.pod index 7fca9cbdbd..47dc93cb3f 100644 --- a/src/lib/libssl/src/doc/apps/s_client.pod +++ b/src/lib/libssl/src/doc/apps/s_client.pod | |||
| @@ -33,6 +33,7 @@ B<openssl> B<s_client> | |||
| 33 | [B<-no_tls1>] | 33 | [B<-no_tls1>] |
| 34 | [B<-bugs>] | 34 | [B<-bugs>] |
| 35 | [B<-cipher cipherlist>] | 35 | [B<-cipher cipherlist>] |
| 36 | [B<-starttls protocol>] | ||
| 36 | [B<-engine id>] | 37 | [B<-engine id>] |
| 37 | [B<-rand file(s)>] | 38 | [B<-rand file(s)>] |
| 38 | 39 | ||
| @@ -163,6 +164,12 @@ the server determines which cipher suite is used it should take the first | |||
| 163 | supported cipher in the list sent by the client. See the B<ciphers> | 164 | supported cipher in the list sent by the client. See the B<ciphers> |
| 164 | command for more information. | 165 | command for more information. |
| 165 | 166 | ||
| 167 | =item B<-starttls protocol> | ||
| 168 | |||
| 169 | send the protocol-specific message(s) to switch to TLS for communication. | ||
| 170 | B<protocol> is a keyword for the intended protocol. Currently, the only | ||
| 171 | supported keyword is "smtp". | ||
| 172 | |||
| 166 | =item B<-engine id> | 173 | =item B<-engine id> |
| 167 | 174 | ||
| 168 | specifying an engine (by it's unique B<id> string) will cause B<s_client> | 175 | specifying an engine (by it's unique B<id> string) will cause B<s_client> |
diff --git a/src/lib/libssl/src/doc/apps/s_server.pod b/src/lib/libssl/src/doc/apps/s_server.pod index 4b1e4260ef..1d21921e47 100644 --- a/src/lib/libssl/src/doc/apps/s_server.pod +++ b/src/lib/libssl/src/doc/apps/s_server.pod | |||
| @@ -42,6 +42,7 @@ B<openssl> B<s_server> | |||
| 42 | [B<-WWW>] | 42 | [B<-WWW>] |
| 43 | [B<-HTTP>] | 43 | [B<-HTTP>] |
| 44 | [B<-engine id>] | 44 | [B<-engine id>] |
| 45 | [B<-id_prefix arg>] | ||
| 45 | [B<-rand file(s)>] | 46 | [B<-rand file(s)>] |
| 46 | 47 | ||
| 47 | =head1 DESCRIPTION | 48 | =head1 DESCRIPTION |
| @@ -209,6 +210,13 @@ to attempt to obtain a functional reference to the specified engine, | |||
| 209 | thus initialising it if needed. The engine will then be set as the default | 210 | thus initialising it if needed. The engine will then be set as the default |
| 210 | for all available algorithms. | 211 | for all available algorithms. |
| 211 | 212 | ||
| 213 | =item B<-id_prefix arg> | ||
| 214 | |||
| 215 | generate SSL/TLS session IDs prefixed by B<arg>. This is mostly useful | ||
| 216 | for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple | ||
| 217 | servers, when each of which might be generating a unique range of session | ||
| 218 | IDs (eg. with a certain prefix). | ||
| 219 | |||
| 212 | =item B<-rand file(s)> | 220 | =item B<-rand file(s)> |
| 213 | 221 | ||
| 214 | a file or files containing random data used to seed the random number | 222 | a file or files containing random data used to seed the random number |
diff --git a/src/lib/libssl/src/doc/apps/smime.pod b/src/lib/libssl/src/doc/apps/smime.pod index fa5d23e8dc..2453dd2738 100644 --- a/src/lib/libssl/src/doc/apps/smime.pod +++ b/src/lib/libssl/src/doc/apps/smime.pod | |||
| @@ -340,8 +340,8 @@ detached signature format. You can use this program to verify the | |||
| 340 | signature by line wrapping the base64 encoded structure and surrounding | 340 | signature by line wrapping the base64 encoded structure and surrounding |
| 341 | it with: | 341 | it with: |
| 342 | 342 | ||
| 343 | -----BEGIN PKCS7---- | 343 | -----BEGIN PKCS7----- |
| 344 | -----END PKCS7---- | 344 | -----END PKCS7----- |
| 345 | 345 | ||
| 346 | and using the command, | 346 | and using the command, |
| 347 | 347 | ||
diff --git a/src/lib/libssl/src/doc/apps/speed.pod b/src/lib/libssl/src/doc/apps/speed.pod index 8101851ec6..0dcdba873e 100644 --- a/src/lib/libssl/src/doc/apps/speed.pod +++ b/src/lib/libssl/src/doc/apps/speed.pod | |||
| @@ -54,4 +54,6 @@ for all available algorithms. | |||
| 54 | If any options are given, B<speed> tests those algorithms, otherwise all of | 54 | If any options are given, B<speed> tests those algorithms, otherwise all of |
| 55 | the above are tested. | 55 | the above are tested. |
| 56 | 56 | ||
| 57 | =back | ||
| 58 | |||
| 57 | =cut | 59 | =cut |
diff --git a/src/lib/libssl/src/doc/apps/spkac.pod b/src/lib/libssl/src/doc/apps/spkac.pod index bb84dfbe33..c3f1ff9c64 100644 --- a/src/lib/libssl/src/doc/apps/spkac.pod +++ b/src/lib/libssl/src/doc/apps/spkac.pod | |||
| @@ -17,7 +17,7 @@ B<openssl> B<spkac> | |||
| 17 | [B<-spksect section>] | 17 | [B<-spksect section>] |
| 18 | [B<-noout>] | 18 | [B<-noout>] |
| 19 | [B<-verify>] | 19 | [B<-verify>] |
| 20 | 20 | [B<-engine id>] | |
| 21 | 21 | ||
| 22 | =head1 DESCRIPTION | 22 | =head1 DESCRIPTION |
| 23 | 23 | ||
| @@ -79,6 +79,12 @@ being created). | |||
| 79 | 79 | ||
| 80 | verifies the digital signature on the supplied SPKAC. | 80 | verifies the digital signature on the supplied SPKAC. |
| 81 | 81 | ||
| 82 | =item B<-engine id> | ||
| 83 | |||
| 84 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 85 | to attempt to obtain a functional reference to the specified engine, | ||
| 86 | thus initialising it if needed. The engine will then be set as the default | ||
| 87 | for all available algorithms. | ||
| 82 | 88 | ||
| 83 | =back | 89 | =back |
| 84 | 90 | ||
diff --git a/src/lib/libssl/src/doc/apps/x509.pod b/src/lib/libssl/src/doc/apps/x509.pod index 4a17e338dd..50343cd685 100644 --- a/src/lib/libssl/src/doc/apps/x509.pod +++ b/src/lib/libssl/src/doc/apps/x509.pod | |||
| @@ -50,6 +50,7 @@ B<openssl> B<x509> | |||
| 50 | [B<-clrext>] | 50 | [B<-clrext>] |
| 51 | [B<-extfile filename>] | 51 | [B<-extfile filename>] |
| 52 | [B<-extensions section>] | 52 | [B<-extensions section>] |
| 53 | [B<-engine id>] | ||
| 53 | 54 | ||
| 54 | =head1 DESCRIPTION | 55 | =head1 DESCRIPTION |
| 55 | 56 | ||
| @@ -61,8 +62,9 @@ certificate trust settings. | |||
| 61 | Since there are a large number of options they will split up into | 62 | Since there are a large number of options they will split up into |
| 62 | various sections. | 63 | various sections. |
| 63 | 64 | ||
| 65 | =head1 OPTIONS | ||
| 64 | 66 | ||
| 65 | =head1 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS | 67 | =head2 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS |
| 66 | 68 | ||
| 67 | =over 4 | 69 | =over 4 |
| 68 | 70 | ||
| @@ -97,13 +99,19 @@ digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not | |||
| 97 | specified then MD5 is used. If the key being used to sign with is a DSA key then | 99 | specified then MD5 is used. If the key being used to sign with is a DSA key then |
| 98 | this option has no effect: SHA1 is always used with DSA keys. | 100 | this option has no effect: SHA1 is always used with DSA keys. |
| 99 | 101 | ||
| 102 | =item B<-engine id> | ||
| 103 | |||
| 104 | specifying an engine (by it's unique B<id> string) will cause B<req> | ||
| 105 | to attempt to obtain a functional reference to the specified engine, | ||
| 106 | thus initialising it if needed. The engine will then be set as the default | ||
| 107 | for all available algorithms. | ||
| 100 | 108 | ||
| 101 | =back | 109 | =back |
| 102 | 110 | ||
| 103 | =head1 DISPLAY OPTIONS | 111 | =head2 DISPLAY OPTIONS |
| 104 | 112 | ||
| 105 | Note: the B<-alias> and B<-purpose> options are also display options | 113 | Note: the B<-alias> and B<-purpose> options are also display options |
| 106 | but are described in the B<TRUST OPTIONS> section. | 114 | but are described in the B<TRUST SETTINGS> section. |
| 107 | 115 | ||
| 108 | =over 4 | 116 | =over 4 |
| 109 | 117 | ||
| @@ -181,7 +189,7 @@ this outputs the certificate in the form of a C source file. | |||
| 181 | 189 | ||
| 182 | =back | 190 | =back |
| 183 | 191 | ||
| 184 | =head1 TRUST SETTINGS | 192 | =head2 TRUST SETTINGS |
| 185 | 193 | ||
| 186 | Please note these options are currently experimental and may well change. | 194 | Please note these options are currently experimental and may well change. |
| 187 | 195 | ||
| @@ -252,7 +260,7 @@ EXTENSIONS> section. | |||
| 252 | 260 | ||
| 253 | =back | 261 | =back |
| 254 | 262 | ||
| 255 | =head1 SIGNING OPTIONS | 263 | =head2 SIGNING OPTIONS |
| 256 | 264 | ||
| 257 | The B<x509> utility can be used to sign certificates and requests: it | 265 | The B<x509> utility can be used to sign certificates and requests: it |
| 258 | can thus behave like a "mini CA". | 266 | can thus behave like a "mini CA". |
| @@ -341,7 +349,7 @@ The default filename consists of the CA certificate file base name with | |||
| 341 | ".srl" appended. For example if the CA certificate file is called | 349 | ".srl" appended. For example if the CA certificate file is called |
| 342 | "mycacert.pem" it expects to find a serial number file called "mycacert.srl". | 350 | "mycacert.pem" it expects to find a serial number file called "mycacert.srl". |
| 343 | 351 | ||
| 344 | =item B<-CAcreateserial filename> | 352 | =item B<-CAcreateserial> |
| 345 | 353 | ||
| 346 | with this option the CA serial number file is created if it does not exist: | 354 | with this option the CA serial number file is created if it does not exist: |
| 347 | it will contain the serial number "02" and the certificate being signed will | 355 | it will contain the serial number "02" and the certificate being signed will |
| @@ -362,7 +370,7 @@ specified then the extensions should either be contained in the unnamed | |||
| 362 | 370 | ||
| 363 | =back | 371 | =back |
| 364 | 372 | ||
| 365 | =head1 NAME OPTIONS | 373 | =head2 NAME OPTIONS |
| 366 | 374 | ||
| 367 | The B<nameopt> command line switch determines how the subject and issuer | 375 | The B<nameopt> command line switch determines how the subject and issuer |
| 368 | names are displayed. If no B<nameopt> switch is present the default "oneline" | 376 | names are displayed. If no B<nameopt> switch is present the default "oneline" |
| @@ -499,7 +507,7 @@ name. | |||
| 499 | 507 | ||
| 500 | =back | 508 | =back |
| 501 | 509 | ||
| 502 | =head1 TEXT OPTIONS | 510 | =head2 TEXT OPTIONS |
| 503 | 511 | ||
| 504 | As well as customising the name output format, it is also possible to | 512 | As well as customising the name output format, it is also possible to |
| 505 | customise the actual fields printed using the B<certopt> options when | 513 | customise the actual fields printed using the B<certopt> options when |
| @@ -636,25 +644,25 @@ certificate extensions: | |||
| 636 | Set a certificate to be trusted for SSL client use and change set its alias to | 644 | Set a certificate to be trusted for SSL client use and change set its alias to |
| 637 | "Steve's Class 1 CA" | 645 | "Steve's Class 1 CA" |
| 638 | 646 | ||
| 639 | openssl x509 -in cert.pem -addtrust sslclient \ | 647 | openssl x509 -in cert.pem -addtrust clientAuth \ |
| 640 | -alias "Steve's Class 1 CA" -out trust.pem | 648 | -setalias "Steve's Class 1 CA" -out trust.pem |
| 641 | 649 | ||
| 642 | =head1 NOTES | 650 | =head1 NOTES |
| 643 | 651 | ||
| 644 | The PEM format uses the header and footer lines: | 652 | The PEM format uses the header and footer lines: |
| 645 | 653 | ||
| 646 | -----BEGIN CERTIFICATE---- | 654 | -----BEGIN CERTIFICATE----- |
| 647 | -----END CERTIFICATE---- | 655 | -----END CERTIFICATE----- |
| 648 | 656 | ||
| 649 | it will also handle files containing: | 657 | it will also handle files containing: |
| 650 | 658 | ||
| 651 | -----BEGIN X509 CERTIFICATE---- | 659 | -----BEGIN X509 CERTIFICATE----- |
| 652 | -----END X509 CERTIFICATE---- | 660 | -----END X509 CERTIFICATE----- |
| 653 | 661 | ||
| 654 | Trusted certificates have the lines | 662 | Trusted certificates have the lines |
| 655 | 663 | ||
| 656 | -----BEGIN TRUSTED CERTIFICATE---- | 664 | -----BEGIN TRUSTED CERTIFICATE----- |
| 657 | -----END TRUSTED CERTIFICATE---- | 665 | -----END TRUSTED CERTIFICATE----- |
| 658 | 666 | ||
| 659 | The conversion to UTF8 format used with the name options assumes that | 667 | The conversion to UTF8 format used with the name options assumes that |
| 660 | T61Strings use the ISO8859-1 character set. This is wrong but Netscape | 668 | T61Strings use the ISO8859-1 character set. This is wrong but Netscape |
diff --git a/src/lib/libssl/src/doc/c-indentation.el b/src/lib/libssl/src/doc/c-indentation.el index 48ca3cf69b..cbf01cb172 100644 --- a/src/lib/libssl/src/doc/c-indentation.el +++ b/src/lib/libssl/src/doc/c-indentation.el | |||
| @@ -13,12 +13,10 @@ | |||
| 13 | ; | 13 | ; |
| 14 | ; Apparently statement blocks that are not introduced by a statement | 14 | ; Apparently statement blocks that are not introduced by a statement |
| 15 | ; such as "if" and that are not the body of a function cannot | 15 | ; such as "if" and that are not the body of a function cannot |
| 16 | ; be handled too well by CC mode with this indentation style. | 16 | ; be handled too well by CC mode with this indentation style, |
| 17 | ; The style defined below does not indent them at all. | 17 | ; so you have to indent them manually (you can use C-q tab). |
| 18 | ; To insert tabs manually, prefix them with ^Q (the "quoted-insert" | 18 | ; |
| 19 | ; command of Emacs). If you know a solution to this problem | 19 | ; For suggesting improvements, please send e-mail to bodo@openssl.org. |
| 20 | ; or find other problems with this indentation style definition, | ||
| 21 | ; please send e-mail to bodo@openssl.org. | ||
| 22 | 20 | ||
| 23 | (c-add-style "eay" | 21 | (c-add-style "eay" |
| 24 | '((c-basic-offset . 8) | 22 | '((c-basic-offset . 8) |
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod b/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod index 4182f2c309..02439cea94 100644 --- a/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod +++ b/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod | |||
| @@ -28,7 +28,7 @@ BIO_flush() on an encryption BIO that is being written through is | |||
| 28 | used to signal that no more data is to be encrypted: this is used | 28 | used to signal that no more data is to be encrypted: this is used |
| 29 | to flush and possibly pad the final block through the BIO. | 29 | to flush and possibly pad the final block through the BIO. |
| 30 | 30 | ||
| 31 | BIO_set_cipher() sets the cipher of BIO <b> to B<cipher> using key B<key> | 31 | BIO_set_cipher() sets the cipher of BIO B<b> to B<cipher> using key B<key> |
| 32 | and IV B<iv>. B<enc> should be set to 1 for encryption and zero for | 32 | and IV B<iv>. B<enc> should be set to 1 for encryption and zero for |
| 33 | decryption. | 33 | decryption. |
| 34 | 34 | ||
diff --git a/src/lib/libssl/src/doc/crypto/BIO_s_accept.pod b/src/lib/libssl/src/doc/crypto/BIO_s_accept.pod index 55e4b730b9..7b63e4621b 100644 --- a/src/lib/libssl/src/doc/crypto/BIO_s_accept.pod +++ b/src/lib/libssl/src/doc/crypto/BIO_s_accept.pod | |||
| @@ -2,7 +2,7 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | BIO_s_accept, BIO_set_nbio, BIO_set_accept_port, BIO_get_accept_port, | 5 | BIO_s_accept, BIO_set_accept_port, BIO_get_accept_port, |
| 6 | BIO_set_nbio_accept, BIO_set_accept_bios, BIO_set_bind_mode, | 6 | BIO_set_nbio_accept, BIO_set_accept_bios, BIO_set_bind_mode, |
| 7 | BIO_get_bind_mode, BIO_do_accept - accept BIO | 7 | BIO_get_bind_mode, BIO_do_accept - accept BIO |
| 8 | 8 | ||
diff --git a/src/lib/libssl/src/doc/crypto/BIO_s_bio.pod b/src/lib/libssl/src/doc/crypto/BIO_s_bio.pod index 95ae802e47..8d0a55a025 100644 --- a/src/lib/libssl/src/doc/crypto/BIO_s_bio.pod +++ b/src/lib/libssl/src/doc/crypto/BIO_s_bio.pod | |||
| @@ -76,7 +76,9 @@ BIO_get_write_buf_size() returns the size of the write buffer. | |||
| 76 | BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and | 76 | BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and |
| 77 | BIO_set_write_buf_size() to create a connected pair of BIOs B<bio1>, B<bio2> | 77 | BIO_set_write_buf_size() to create a connected pair of BIOs B<bio1>, B<bio2> |
| 78 | with write buffer sizes B<writebuf1> and B<writebuf2>. If either size is | 78 | with write buffer sizes B<writebuf1> and B<writebuf2>. If either size is |
| 79 | zero then the default size is used. | 79 | zero then the default size is used. BIO_new_bio_pair() does not check whether |
| 80 | B<bio1> or B<bio2> do point to some other BIO, the values are overwritten, | ||
| 81 | BIO_free() is not called. | ||
| 80 | 82 | ||
| 81 | BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum | 83 | BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum |
| 82 | length of data that can be currently written to the BIO. Writes larger than this | 84 | length of data that can be currently written to the BIO. Writes larger than this |
| @@ -118,9 +120,59 @@ the application then waits for data to be available on the underlying transport | |||
| 118 | before flushing the write buffer it will never succeed because the request was | 120 | before flushing the write buffer it will never succeed because the request was |
| 119 | never sent! | 121 | never sent! |
| 120 | 122 | ||
| 123 | =head1 RETURN VALUES | ||
| 124 | |||
| 125 | BIO_new_bio_pair() returns 1 on success, with the new BIOs available in | ||
| 126 | B<bio1> and B<bio2>, or 0 on failure, with NULL pointers stored into the | ||
| 127 | locations for B<bio1> and B<bio2>. Check the error stack for more information. | ||
| 128 | |||
| 129 | [XXXXX: More return values need to be added here] | ||
| 130 | |||
| 121 | =head1 EXAMPLE | 131 | =head1 EXAMPLE |
| 122 | 132 | ||
| 123 | TBA | 133 | The BIO pair can be used to have full control over the network access of an |
| 134 | application. The application can call select() on the socket as required | ||
| 135 | without having to go through the SSL-interface. | ||
| 136 | |||
| 137 | BIO *internal_bio, *network_bio; | ||
| 138 | ... | ||
| 139 | BIO_new_bio_pair(internal_bio, 0, network_bio, 0); | ||
| 140 | SSL_set_bio(ssl, internal_bio, internal_bio); | ||
| 141 | SSL_operations(); | ||
| 142 | ... | ||
| 143 | |||
| 144 | application | TLS-engine | ||
| 145 | | | | ||
| 146 | +----------> SSL_operations() | ||
| 147 | | /\ || | ||
| 148 | | || \/ | ||
| 149 | | BIO-pair (internal_bio) | ||
| 150 | +----------< BIO-pair (network_bio) | ||
| 151 | | | | ||
| 152 | socket | | ||
| 153 | |||
| 154 | ... | ||
| 155 | SSL_free(ssl); /* implicitly frees internal_bio */ | ||
| 156 | BIO_free(network_bio); | ||
| 157 | ... | ||
| 158 | |||
| 159 | As the BIO pair will only buffer the data and never directly access the | ||
| 160 | connection, it behaves non-blocking and will return as soon as the write | ||
| 161 | buffer is full or the read buffer is drained. Then the application has to | ||
| 162 | flush the write buffer and/or fill the read buffer. | ||
| 163 | |||
| 164 | Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO | ||
| 165 | and must be transfered to the network. Use BIO_ctrl_get_read_request() to | ||
| 166 | find out, how many bytes must be written into the buffer before the | ||
| 167 | SSL_operation() can successfully be continued. | ||
| 168 | |||
| 169 | =head1 WARNING | ||
| 170 | |||
| 171 | As the data is buffered, SSL_operation() may return with a ERROR_SSL_WANT_READ | ||
| 172 | condition, but there is still data in the write buffer. An application must | ||
| 173 | not rely on the error value of SSL_operation() but must assure that the | ||
| 174 | write buffer is always flushed first. Otherwise a deadlock may occur as | ||
| 175 | the peer might be waiting for the data before being able to continue. | ||
| 124 | 176 | ||
| 125 | =head1 SEE ALSO | 177 | =head1 SEE ALSO |
| 126 | 178 | ||
diff --git a/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod b/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod index 6ea23791d1..7dccacbc1e 100644 --- a/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod +++ b/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod | |||
| @@ -70,7 +70,7 @@ If B<do_trial_division == 0>, this test is skipped. | |||
| 70 | 70 | ||
| 71 | Both BN_is_prime() and BN_is_prime_fasttest() perform a Miller-Rabin | 71 | Both BN_is_prime() and BN_is_prime_fasttest() perform a Miller-Rabin |
| 72 | probabilistic primality test with B<checks> iterations. If | 72 | probabilistic primality test with B<checks> iterations. If |
| 73 | B<checks == BN_prime_check>, a number of iterations is used that | 73 | B<checks == BN_prime_checks>, a number of iterations is used that |
| 74 | yields a false positive rate of at most 2^-80 for random input. | 74 | yields a false positive rate of at most 2^-80 for random input. |
| 75 | 75 | ||
| 76 | If B<callback> is not B<NULL>, B<callback(1, j, cb_arg)> is called | 76 | If B<callback> is not B<NULL>, B<callback(1, j, cb_arg)> is called |
diff --git a/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod b/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod index 4a2d653758..9081e9ea7c 100644 --- a/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod +++ b/src/lib/libssl/src/doc/crypto/DH_generate_parameters.pod | |||
| @@ -59,7 +59,8 @@ a usable generator. | |||
| 59 | 59 | ||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_free(3)|DH_free(3)> | 62 | L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, |
| 63 | L<DH_free(3)|DH_free(3)> | ||
| 63 | 64 | ||
| 64 | =head1 HISTORY | 65 | =head1 HISTORY |
| 65 | 66 | ||
diff --git a/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod b/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod index 45df4c0661..3ac6140038 100644 --- a/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod +++ b/src/lib/libssl/src/doc/crypto/DSA_SIG_new.pod | |||
| @@ -30,7 +30,8 @@ DSA_SIG_free() returns no value. | |||
| 30 | 30 | ||
| 31 | =head1 SEE ALSO | 31 | =head1 SEE ALSO |
| 32 | 32 | ||
| 33 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)> | 33 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, |
| 34 | L<DSA_do_sign(3)|DSA_do_sign(3)> | ||
| 34 | 35 | ||
| 35 | =head1 HISTORY | 36 | =head1 HISTORY |
| 36 | 37 | ||
diff --git a/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod b/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod index 9906a2d7e0..af83ccfaa1 100644 --- a/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod +++ b/src/lib/libssl/src/doc/crypto/DSA_generate_key.pod | |||
| @@ -24,7 +24,8 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. | |||
| 24 | 24 | ||
| 25 | =head1 SEE ALSO | 25 | =head1 SEE ALSO |
| 26 | 26 | ||
| 27 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DSA_generate_parameters(3)|DSA_generate_parameters(3)> | 27 | L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, |
| 28 | L<DSA_generate_parameters(3)|DSA_generate_parameters(3)> | ||
| 28 | 29 | ||
| 29 | =head1 HISTORY | 30 | =head1 HISTORY |
| 30 | 31 | ||
diff --git a/src/lib/libssl/src/doc/crypto/ERR_get_error.pod b/src/lib/libssl/src/doc/crypto/ERR_get_error.pod index 9fdedbcb91..34443045fc 100644 --- a/src/lib/libssl/src/doc/crypto/ERR_get_error.pod +++ b/src/lib/libssl/src/doc/crypto/ERR_get_error.pod | |||
| @@ -5,7 +5,7 @@ | |||
| 5 | ERR_get_error, ERR_peek_error, ERR_peek_last_error, | 5 | ERR_get_error, ERR_peek_error, ERR_peek_last_error, |
| 6 | ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, | 6 | ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, |
| 7 | ERR_get_error_line_data, ERR_peek_error_line_data, | 7 | ERR_get_error_line_data, ERR_peek_error_line_data, |
| 8 | ERR_peek_error_line_data - obtain error code and data | 8 | ERR_peek_last_error_line_data - obtain error code and data |
| 9 | 9 | ||
| 10 | =head1 SYNOPSIS | 10 | =head1 SYNOPSIS |
| 11 | 11 | ||
diff --git a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod index 75cceb1ca2..daf57e5895 100644 --- a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod +++ b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod | |||
| @@ -419,7 +419,7 @@ Encrypt a string using blowfish: | |||
| 419 | EVP_CIPHER_CTX ctx; | 419 | EVP_CIPHER_CTX ctx; |
| 420 | FILE *out; | 420 | FILE *out; |
| 421 | EVP_CIPHER_CTX_init(&ctx); | 421 | EVP_CIPHER_CTX_init(&ctx); |
| 422 | EVP_EncryptInit_ex(&ctx, NULL, EVP_bf_cbc(), key, iv); | 422 | EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv); |
| 423 | 423 | ||
| 424 | if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) | 424 | if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) |
| 425 | { | 425 | { |
diff --git a/src/lib/libssl/src/doc/crypto/EVP_SealInit.pod b/src/lib/libssl/src/doc/crypto/EVP_SealInit.pod index 25ef07f7c7..b5e477e294 100644 --- a/src/lib/libssl/src/doc/crypto/EVP_SealInit.pod +++ b/src/lib/libssl/src/doc/crypto/EVP_SealInit.pod | |||
| @@ -18,22 +18,28 @@ EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption | |||
| 18 | =head1 DESCRIPTION | 18 | =head1 DESCRIPTION |
| 19 | 19 | ||
| 20 | The EVP envelope routines are a high level interface to envelope | 20 | The EVP envelope routines are a high level interface to envelope |
| 21 | encryption. They generate a random key and then "envelope" it by | 21 | encryption. They generate a random key and IV (if required) then |
| 22 | using public key encryption. Data can then be encrypted using this | 22 | "envelope" it by using public key encryption. Data can then be |
| 23 | key. | 23 | encrypted using this key. |
| 24 | 24 | ||
| 25 | EVP_SealInit() initializes a cipher context B<ctx> for encryption | 25 | EVP_SealInit() initializes a cipher context B<ctx> for encryption |
| 26 | with cipher B<type> using a random secret key and IV supplied in | 26 | with cipher B<type> using a random secret key and IV. B<type> is normally |
| 27 | the B<iv> parameter. B<type> is normally supplied by a function such | 27 | supplied by a function such as EVP_des_cbc(). The secret key is encrypted |
| 28 | as EVP_des_cbc(). The secret key is encrypted using one or more public | 28 | using one or more public keys, this allows the same encrypted data to be |
| 29 | keys, this allows the same encrypted data to be decrypted using any | 29 | decrypted using any of the corresponding private keys. B<ek> is an array of |
| 30 | of the corresponding private keys. B<ek> is an array of buffers where | 30 | buffers where the public key encrypted secret key will be written, each buffer |
| 31 | the public key encrypted secret key will be written, each buffer must | 31 | must contain enough room for the corresponding encrypted key: that is |
| 32 | contain enough room for the corresponding encrypted key: that is | ||
| 33 | B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual | 32 | B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual |
| 34 | size of each encrypted secret key is written to the array B<ekl>. B<pubk> is | 33 | size of each encrypted secret key is written to the array B<ekl>. B<pubk> is |
| 35 | an array of B<npubk> public keys. | 34 | an array of B<npubk> public keys. |
| 36 | 35 | ||
| 36 | The B<iv> parameter is a buffer where the generated IV is written to. It must | ||
| 37 | contain enough room for the corresponding cipher's IV, as determined by (for | ||
| 38 | example) EVP_CIPHER_iv_length(type). | ||
| 39 | |||
| 40 | If the cipher does not require an IV then the B<iv> parameter is ignored | ||
| 41 | and can be B<NULL>. | ||
| 42 | |||
| 37 | EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties | 43 | EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties |
| 38 | as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as | 44 | as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as |
| 39 | documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual | 45 | documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual |
diff --git a/src/lib/libssl/src/doc/crypto/RAND_bytes.pod b/src/lib/libssl/src/doc/crypto/RAND_bytes.pod index b03748b918..ce6329ce54 100644 --- a/src/lib/libssl/src/doc/crypto/RAND_bytes.pod +++ b/src/lib/libssl/src/doc/crypto/RAND_bytes.pod | |||
| @@ -35,7 +35,8 @@ method. | |||
| 35 | 35 | ||
| 36 | =head1 SEE ALSO | 36 | =head1 SEE ALSO |
| 37 | 37 | ||
| 38 | L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<RAND_add(3)|RAND_add(3)> | 38 | L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, |
| 39 | L<RAND_add(3)|RAND_add(3)> | ||
| 39 | 40 | ||
| 40 | =head1 HISTORY | 41 | =head1 HISTORY |
| 41 | 42 | ||
diff --git a/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod b/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod index 11bc0b3459..52dbb14a53 100644 --- a/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod +++ b/src/lib/libssl/src/doc/crypto/RSA_generate_key.pod | |||
| @@ -59,7 +59,8 @@ RSA_generate_key() goes into an infinite loop for illegal input values. | |||
| 59 | 59 | ||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_free(3)|RSA_free(3)> | 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, |
| 63 | L<RSA_free(3)|RSA_free(3)> | ||
| 63 | 64 | ||
| 64 | =head1 HISTORY | 65 | =head1 HISTORY |
| 65 | 66 | ||
diff --git a/src/lib/libssl/src/doc/crypto/RSA_print.pod b/src/lib/libssl/src/doc/crypto/RSA_print.pod index ff2d353d1a..c971e91f4d 100644 --- a/src/lib/libssl/src/doc/crypto/RSA_print.pod +++ b/src/lib/libssl/src/doc/crypto/RSA_print.pod | |||
| @@ -2,9 +2,9 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | RSA_print, RSA_print_fp, DHparams_print, DHparams_print_fp, DSA_print, | 5 | RSA_print, RSA_print_fp, |
| 6 | DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic | 6 | DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, |
| 7 | parameters | 7 | DHparams_print, DHparams_print_fp - print cryptographic parameters |
| 8 | 8 | ||
| 9 | =head1 SYNOPSIS | 9 | =head1 SYNOPSIS |
| 10 | 10 | ||
diff --git a/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod b/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod index 0d1b2bd541..746a80c79e 100644 --- a/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod +++ b/src/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod | |||
| @@ -59,8 +59,8 @@ obtained by L<ERR_get_error(3)|ERR_get_error(3)>. | |||
| 59 | 59 | ||
| 60 | =head1 SEE ALSO | 60 | =head1 SEE ALSO |
| 61 | 61 | ||
| 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, | 62 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>, |
| 63 | L<RSA_verify(3)|RSA_verify(3)> | 63 | L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)> |
| 64 | 64 | ||
| 65 | =head1 HISTORY | 65 | =head1 HISTORY |
| 66 | 66 | ||
diff --git a/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod b/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod index 8022a23f99..d53e19d2b7 100644 --- a/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod +++ b/src/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod | |||
| @@ -72,7 +72,8 @@ SSL, PKCS #1 v2.0 | |||
| 72 | 72 | ||
| 73 | =head1 SEE ALSO | 73 | =head1 SEE ALSO |
| 74 | 74 | ||
| 75 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)> | 75 | L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, |
| 76 | L<RSA_size(3)|RSA_size(3)> | ||
| 76 | 77 | ||
| 77 | =head1 HISTORY | 78 | =head1 HISTORY |
| 78 | 79 | ||
diff --git a/src/lib/libssl/src/doc/crypto/RSA_set_method.pod b/src/lib/libssl/src/doc/crypto/RSA_set_method.pod index 0687c2242a..0a305f6b14 100644 --- a/src/lib/libssl/src/doc/crypto/RSA_set_method.pod +++ b/src/lib/libssl/src/doc/crypto/RSA_set_method.pod | |||
| @@ -3,13 +3,12 @@ | |||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | RSA_set_default_method, RSA_get_default_method, RSA_set_method, | 5 | RSA_set_default_method, RSA_get_default_method, RSA_set_method, |
| 6 | RSA_get_method, RSA_PKCS1_SSLeay, | 6 | RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags, |
| 7 | RSA_null_method, RSA_flags, RSA_new_method - select RSA method | 7 | RSA_new_method - select RSA method |
| 8 | 8 | ||
| 9 | =head1 SYNOPSIS | 9 | =head1 SYNOPSIS |
| 10 | 10 | ||
| 11 | #include <openssl/rsa.h> | 11 | #include <openssl/rsa.h> |
| 12 | #include <openssl/engine.h> | ||
| 13 | 12 | ||
| 14 | void RSA_set_default_method(const RSA_METHOD *meth); | 13 | void RSA_set_default_method(const RSA_METHOD *meth); |
| 15 | 14 | ||
| @@ -25,7 +24,7 @@ RSA_null_method, RSA_flags, RSA_new_method - select RSA method | |||
| 25 | 24 | ||
| 26 | int RSA_flags(const RSA *rsa); | 25 | int RSA_flags(const RSA *rsa); |
| 27 | 26 | ||
| 28 | RSA *RSA_new_method(ENGINE *engine); | 27 | RSA *RSA_new_method(RSA_METHOD *method); |
| 29 | 28 | ||
| 30 | =head1 DESCRIPTION | 29 | =head1 DESCRIPTION |
| 31 | 30 | ||
| @@ -70,6 +69,12 @@ B<engine> will be used for the RSA operations. If B<engine> is NULL, the | |||
| 70 | default ENGINE for RSA operations is used, and if no default ENGINE is set, | 69 | default ENGINE for RSA operations is used, and if no default ENGINE is set, |
| 71 | the RSA_METHOD controlled by RSA_set_default_method() is used. | 70 | the RSA_METHOD controlled by RSA_set_default_method() is used. |
| 72 | 71 | ||
| 72 | RSA_flags() returns the B<flags> that are set for B<rsa>'s current method. | ||
| 73 | |||
| 74 | RSA_new_method() allocates and initializes an B<RSA> structure so that | ||
| 75 | B<method> will be used for the RSA operations. If B<method> is B<NULL>, | ||
| 76 | the default method is used. | ||
| 77 | |||
| 73 | =head1 THE RSA_METHOD STRUCTURE | 78 | =head1 THE RSA_METHOD STRUCTURE |
| 74 | 79 | ||
| 75 | typedef struct rsa_meth_st | 80 | typedef struct rsa_meth_st |
diff --git a/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod index b8c7bbb7e3..e70380bbfc 100644 --- a/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod +++ b/src/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod | |||
| @@ -47,8 +47,8 @@ These functions serve no recognizable purpose. | |||
| 47 | 47 | ||
| 48 | =head1 SEE ALSO | 48 | =head1 SEE ALSO |
| 49 | 49 | ||
| 50 | L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, L<rand(3)|rand(3)>, | 50 | L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, |
| 51 | L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, | 51 | L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, |
| 52 | L<RSA_verify(3)|RSA_verify(3)> | 52 | L<RSA_verify(3)|RSA_verify(3)> |
| 53 | 53 | ||
| 54 | =head1 HISTORY | 54 | =head1 HISTORY |
diff --git a/src/lib/libssl/src/doc/crypto/crypto.pod b/src/lib/libssl/src/doc/crypto/crypto.pod index c12eec1409..7a527992bb 100644 --- a/src/lib/libssl/src/doc/crypto/crypto.pod +++ b/src/lib/libssl/src/doc/crypto/crypto.pod | |||
| @@ -62,6 +62,22 @@ L<txt_db(3)|txt_db(3)> | |||
| 62 | 62 | ||
| 63 | =back | 63 | =back |
| 64 | 64 | ||
| 65 | =head1 NOTES | ||
| 66 | |||
| 67 | Some of the newer functions follow a naming convention using the numbers | ||
| 68 | B<0> and B<1>. For example the functions: | ||
| 69 | |||
| 70 | int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); | ||
| 71 | int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); | ||
| 72 | |||
| 73 | The B<0> version uses the supplied structure pointer directly | ||
| 74 | in the parent and it will be freed up when the parent is freed. | ||
| 75 | In the above example B<crl> would be freed but B<rev> would not. | ||
| 76 | |||
| 77 | The B<1> function uses a copy of the supplied structure pointer | ||
| 78 | (or in some cases increases its link count) in the parent and | ||
| 79 | so both (B<x> and B<obj> above) should be freed up. | ||
| 80 | |||
| 65 | =head1 SEE ALSO | 81 | =head1 SEE ALSO |
| 66 | 82 | ||
| 67 | L<openssl(1)|openssl(1)>, L<ssl(3)|ssl(3)> | 83 | L<openssl(1)|openssl(1)>, L<ssl(3)|ssl(3)> |
diff --git a/src/lib/libssl/src/doc/crypto/d2i_DHparams.pod b/src/lib/libssl/src/doc/crypto/d2i_DHparams.pod index a6d1743d39..1e98aebeca 100644 --- a/src/lib/libssl/src/doc/crypto/d2i_DHparams.pod +++ b/src/lib/libssl/src/doc/crypto/d2i_DHparams.pod | |||
| @@ -2,7 +2,7 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | d2i_DHparams, i2d_DHparams - ... | 5 | d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions. |
| 6 | 6 | ||
| 7 | =head1 SYNOPSIS | 7 | =head1 SYNOPSIS |
| 8 | 8 | ||
| @@ -13,18 +13,18 @@ d2i_DHparams, i2d_DHparams - ... | |||
| 13 | 13 | ||
| 14 | =head1 DESCRIPTION | 14 | =head1 DESCRIPTION |
| 15 | 15 | ||
| 16 | ... | 16 | These functions decode and encode PKCS#3 DH parameters using the |
| 17 | DHparameter structure described in PKCS#3. | ||
| 17 | 18 | ||
| 18 | =head1 RETURN VALUES | 19 | Othewise these behave in a similar way to d2i_X509() and i2d_X509() |
| 19 | 20 | described in the L<d2i_X509(3)|d2i_X509(3)> manual page. | |
| 20 | ... | ||
| 21 | 21 | ||
| 22 | =head1 SEE ALSO | 22 | =head1 SEE ALSO |
| 23 | 23 | ||
| 24 | ... | 24 | L<d2i_X509(3)|d2i_X509(3)> |
| 25 | 25 | ||
| 26 | =head1 HISTORY | 26 | =head1 HISTORY |
| 27 | 27 | ||
| 28 | ... | 28 | TBA |
| 29 | 29 | ||
| 30 | =cut | 30 | =cut |
diff --git a/src/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod b/src/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod index ff4d0d57db..7c71bcbf3d 100644 --- a/src/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod +++ b/src/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod | |||
| @@ -2,7 +2,9 @@ | |||
| 2 | 2 | ||
| 3 | =head1 NAME | 3 | =head1 NAME |
| 4 | 4 | ||
| 5 | d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ... | 5 | d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, |
| 6 | d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA, | ||
| 7 | d2i_Netscape_RSA - RSA public and private key encoding functions. | ||
| 6 | 8 | ||
| 7 | =head1 SYNOPSIS | 9 | =head1 SYNOPSIS |
| 8 | 10 | ||
| @@ -12,6 +14,10 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne | |||
| 12 | 14 | ||
| 13 | int i2d_RSAPublicKey(RSA *a, unsigned char **pp); | 15 | int i2d_RSAPublicKey(RSA *a, unsigned char **pp); |
| 14 | 16 | ||
| 17 | RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length); | ||
| 18 | |||
| 19 | int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); | ||
| 20 | |||
| 15 | RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); | 21 | RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); |
| 16 | 22 | ||
| 17 | int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); | 23 | int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); |
| @@ -22,18 +28,39 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne | |||
| 22 | 28 | ||
| 23 | =head1 DESCRIPTION | 29 | =head1 DESCRIPTION |
| 24 | 30 | ||
| 25 | ... | 31 | d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey |
| 32 | structure. | ||
| 33 | |||
| 34 | d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a | ||
| 35 | SubjectPublicKeyInfo (certificate public key) structure. | ||
| 36 | |||
| 37 | d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey | ||
| 38 | structure. | ||
| 39 | |||
| 40 | d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in | ||
| 41 | NET format. | ||
| 42 | |||
| 43 | The usage of all of these functions is similar to the d2i_X509() and | ||
| 44 | i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page. | ||
| 45 | |||
| 46 | =head1 NOTES | ||
| 47 | |||
| 48 | The B<RSA> structure passed to the private key encoding functions should have | ||
| 49 | all the PKCS#1 private key components present. | ||
| 26 | 50 | ||
| 27 | =head1 RETURN VALUES | 51 | The data encoded by the private key functions is unencrypted and therefore |
| 52 | offers no private key security. | ||
| 28 | 53 | ||
| 29 | ... | 54 | The NET format functions are present to provide compatibility with certain very |
| 55 | old software. This format has some severe security weaknesses and should be | ||
| 56 | avoided if possible. | ||
| 30 | 57 | ||
| 31 | =head1 SEE ALSO | 58 | =head1 SEE ALSO |
| 32 | 59 | ||
| 33 | ... | 60 | L<d2i_X509(3)|d2i_X509(3)> |
| 34 | 61 | ||
| 35 | =head1 HISTORY | 62 | =head1 HISTORY |
| 36 | 63 | ||
| 37 | ... | 64 | TBA |
| 38 | 65 | ||
| 39 | =cut | 66 | =cut |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod index af326c2f73..82676b26b2 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod | |||
| @@ -37,6 +37,14 @@ removed and replaced by the new session. If the session is actually | |||
| 37 | identical (the SSL_SESSION object is identical), SSL_CTX_add_session() | 37 | identical (the SSL_SESSION object is identical), SSL_CTX_add_session() |
| 38 | is a no-op, and the return value is 0. | 38 | is a no-op, and the return value is 0. |
| 39 | 39 | ||
| 40 | If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE | ||
| 41 | flag then the internal cache will not be populated automatically by new | ||
| 42 | sessions negotiated by the SSL/TLS implementation, even though the internal | ||
| 43 | cache will be searched automatically for session-resume requests (the | ||
| 44 | latter can be surpressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the | ||
| 45 | application can use SSL_CTX_add_session() directly to have full control | ||
| 46 | over the sessions that can be resumed if desired. | ||
| 47 | |||
| 40 | 48 | ||
| 41 | =head1 RETURN VALUES | 49 | =head1 RETURN VALUES |
| 42 | 50 | ||
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_free.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_free.pod index 55e592f5f8..51d8676968 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_free.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_free.pod | |||
| @@ -20,12 +20,22 @@ It also calls the free()ing procedures for indirectly affected items, if | |||
| 20 | applicable: the session cache, the list of ciphers, the list of Client CAs, | 20 | applicable: the session cache, the list of ciphers, the list of Client CAs, |
| 21 | the certificates and keys. | 21 | the certificates and keys. |
| 22 | 22 | ||
| 23 | =head1 WARNINGS | ||
| 24 | |||
| 25 | If a session-remove callback is set (SSL_CTX_sess_set_remove_cb()), this | ||
| 26 | callback will be called for each session being freed from B<ctx>'s | ||
| 27 | session cache. This implies, that all corresponding sessions from an | ||
| 28 | external session cache are removed as well. If this is not desired, the user | ||
| 29 | should explicitly unset the callback by calling | ||
| 30 | SSL_CTX_sess_set_remove_cb(B<ctx>, NULL) prior to calling SSL_CTX_free(). | ||
| 31 | |||
| 23 | =head1 RETURN VALUES | 32 | =head1 RETURN VALUES |
| 24 | 33 | ||
| 25 | SSL_CTX_free() does not provide diagnostic information. | 34 | SSL_CTX_free() does not provide diagnostic information. |
| 26 | 35 | ||
| 27 | =head1 SEE ALSO | 36 | =head1 SEE ALSO |
| 28 | 37 | ||
| 29 | L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<ssl(3)|ssl(3)> | 38 | L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<ssl(3)|ssl(3)>, |
| 39 | L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)> | ||
| 30 | 40 | ||
| 31 | =cut | 41 | =cut |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod index 7c0b2baf6c..b9d54a40a1 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.pod | |||
| @@ -60,10 +60,11 @@ B<sess>. If the callback returns B<0>, the session will be immediately | |||
| 60 | removed again. | 60 | removed again. |
| 61 | 61 | ||
| 62 | The remove_session_cb() is called, whenever the SSL engine removes a session | 62 | The remove_session_cb() is called, whenever the SSL engine removes a session |
| 63 | from the internal cache. This happens if the session is removed because | 63 | from the internal cache. This happens when the session is removed because |
| 64 | it is expired or when a connection was not shutdown cleanly. The | 64 | it is expired or when a connection was not shutdown cleanly. It also happens |
| 65 | remove_session_cb() is passed the B<ctx> and the ssl session B<sess>. | 65 | for all sessions in the internal session cache when |
| 66 | It does not provide any feedback. | 66 | L<SSL_CTX_free(3)|SSL_CTX_free(3)> is called. The remove_session_cb() is passed |
| 67 | the B<ctx> and the ssl session B<sess>. It does not provide any feedback. | ||
| 67 | 68 | ||
| 68 | The get_session_cb() is only called on SSL/TLS servers with the session id | 69 | The get_session_cb() is only called on SSL/TLS servers with the session id |
| 69 | proposed by the client. The get_session_cb() is always called, also when | 70 | proposed by the client. The get_session_cb() is always called, also when |
| @@ -80,6 +81,7 @@ L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>. | |||
| 80 | L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>, | 81 | L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>, |
| 81 | L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, | 82 | L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, |
| 82 | L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, | 83 | L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, |
| 83 | L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> | 84 | L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, |
| 85 | L<SSL_CTX_free(3)|SSL_CTX_free(3)> | ||
| 84 | 86 | ||
| 85 | =cut | 87 | =cut |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod index f5e2ec3555..766f0c9200 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | |||
| @@ -176,7 +176,7 @@ will send his list of preferences to the client and the client chooses. | |||
| 176 | =item SSL_OP_NETSCAPE_CA_DN_BUG | 176 | =item SSL_OP_NETSCAPE_CA_DN_BUG |
| 177 | 177 | ||
| 178 | If we accept a netscape connection, demand a client cert, have a | 178 | If we accept a netscape connection, demand a client cert, have a |
| 179 | non-self-sighed CA which does not have it's CA in netscape, and the | 179 | non-self-signed CA which does not have its CA in netscape, and the |
| 180 | browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta | 180 | browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta |
| 181 | 181 | ||
| 182 | =item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG | 182 | =item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod index 9aa6c6b2e3..c5d2f43dff 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod | |||
| @@ -26,12 +26,14 @@ SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX | |||
| 26 | object. | 26 | object. |
| 27 | 27 | ||
| 28 | In order to reuse a session, a client must send the session's id to the | 28 | In order to reuse a session, a client must send the session's id to the |
| 29 | server. It can only send exactly one id. The server then decides whether it | 29 | server. It can only send exactly one id. The server then either |
| 30 | agrees in reusing the session or starts the handshake for a new session. | 30 | agrees to reuse the session or it starts a full handshake (to create a new |
| 31 | session). | ||
| 31 | 32 | ||
| 32 | A server will lookup up the session in its internal session storage. If | 33 | A server will lookup up the session in its internal session storage. If the |
| 33 | the session is not found in internal storage or internal storage is | 34 | session is not found in internal storage or lookups for the internal storage |
| 34 | deactivated, the server will try the external storage if available. | 35 | have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try |
| 36 | the external storage if available. | ||
| 35 | 37 | ||
| 36 | Since a client may try to reuse a session intended for use in a different | 38 | Since a client may try to reuse a session intended for use in a different |
| 37 | context, the session id context must be set by the server (see | 39 | context, the session id context must be set by the server (see |
| @@ -57,9 +59,10 @@ function. This option is not activated by default. | |||
| 57 | =item SSL_SESS_CACHE_SERVER | 59 | =item SSL_SESS_CACHE_SERVER |
| 58 | 60 | ||
| 59 | Server sessions are added to the session cache. When a client proposes a | 61 | Server sessions are added to the session cache. When a client proposes a |
| 60 | session to be reused, the session is looked up in the internal session cache. | 62 | session to be reused, the server looks for the corresponding session in (first) |
| 61 | If the session is found, the server will try to reuse the session. | 63 | the internal session cache (unless SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is set), |
| 62 | This is the default. | 64 | then (second) in the external cache if available. If the session is found, the |
| 65 | server will try to reuse the session. This is the default. | ||
| 63 | 66 | ||
| 64 | =item SSL_SESS_CACHE_BOTH | 67 | =item SSL_SESS_CACHE_BOTH |
| 65 | 68 | ||
| @@ -77,12 +80,32 @@ explicitly by the application. | |||
| 77 | 80 | ||
| 78 | =item SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | 81 | =item SSL_SESS_CACHE_NO_INTERNAL_LOOKUP |
| 79 | 82 | ||
| 80 | By setting this flag sessions are cached in the internal storage but | 83 | By setting this flag, session-resume operations in an SSL/TLS server will not |
| 81 | they are not looked up automatically. If an external session cache | 84 | automatically look up sessions in the internal cache, even if sessions are |
| 82 | is enabled, sessions are looked up in the external cache. As automatic | 85 | automatically stored there. If external session caching callbacks are in use, |
| 83 | lookup only applies for SSL/TLS servers, the flag has no effect on | 86 | this flag guarantees that all lookups are directed to the external cache. |
| 87 | As automatic lookup only applies for SSL/TLS servers, the flag has no effect on | ||
| 84 | clients. | 88 | clients. |
| 85 | 89 | ||
| 90 | =item SSL_SESS_CACHE_NO_INTERNAL_STORE | ||
| 91 | |||
| 92 | Depending on the presence of SSL_SESS_CACHE_CLIENT and/or SSL_SESS_CACHE_SERVER, | ||
| 93 | sessions negotiated in an SSL/TLS handshake may be cached for possible reuse. | ||
| 94 | Normally a new session is added to the internal cache as well as any external | ||
| 95 | session caching (callback) that is configured for the SSL_CTX. This flag will | ||
| 96 | prevent sessions being stored in the internal cache (though the application can | ||
| 97 | add them manually using L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>). Note: | ||
| 98 | in any SSL/TLS servers where external caching is configured, any successful | ||
| 99 | session lookups in the external cache (ie. for session-resume requests) would | ||
| 100 | normally be copied into the local cache before processing continues - this flag | ||
| 101 | prevents these additions to the internal cache as well. | ||
| 102 | |||
| 103 | =item SSL_SESS_CACHE_NO_INTERNAL | ||
| 104 | |||
| 105 | Enable both SSL_SESS_CACHE_NO_INTERNAL_LOOKUP and | ||
| 106 | SSL_SESS_CACHE_NO_INTERNAL_STORE at the same time. | ||
| 107 | |||
| 108 | |||
| 86 | =back | 109 | =back |
| 87 | 110 | ||
| 88 | The default mode is SSL_SESS_CACHE_SERVER. | 111 | The default mode is SSL_SESS_CACHE_SERVER. |
| @@ -98,6 +121,7 @@ SSL_CTX_get_session_cache_mode() returns the currently set cache mode. | |||
| 98 | 121 | ||
| 99 | L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>, | 122 | L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>, |
| 100 | L<SSL_session_reused(3)|SSL_session_reused(3)>, | 123 | L<SSL_session_reused(3)|SSL_session_reused(3)>, |
| 124 | L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>, | ||
| 101 | L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, | 125 | L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, |
| 102 | L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, | 126 | L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, |
| 103 | L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, | 127 | L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, |
| @@ -105,4 +129,9 @@ L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, | |||
| 105 | L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, | 129 | L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, |
| 106 | L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> | 130 | L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> |
| 107 | 131 | ||
| 132 | =head1 HISTORY | ||
| 133 | |||
| 134 | SSL_SESS_CACHE_NO_INTERNAL_STORE and SSL_SESS_CACHE_NO_INTERNAL | ||
| 135 | were introduced in OpenSSL 0.9.6h. | ||
| 136 | |||
| 108 | =cut | 137 | =cut |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod index 5bb21ca535..d15b2a3a1a 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod | |||
| @@ -235,7 +235,7 @@ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>). | |||
| 235 | * At this point, err contains the last verification error. We can use | 235 | * At this point, err contains the last verification error. We can use |
| 236 | * it for something special | 236 | * it for something special |
| 237 | */ | 237 | */ |
| 238 | if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) | 238 | if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) |
| 239 | { | 239 | { |
| 240 | X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256); | 240 | X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256); |
| 241 | printf("issuer= %s\n", buf); | 241 | printf("issuer= %s\n", buf); |
diff --git a/src/lib/libssl/src/doc/ssl/ssl.pod b/src/lib/libssl/src/doc/ssl/ssl.pod index ac4b573a7a..4d7a6b7e2b 100644 --- a/src/lib/libssl/src/doc/ssl/ssl.pod +++ b/src/lib/libssl/src/doc/ssl/ssl.pod | |||
| @@ -351,7 +351,7 @@ appropriate size (using ???) and return it. | |||
| 351 | 351 | ||
| 352 | long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength)); | 352 | long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength)); |
| 353 | 353 | ||
| 354 | The same as L<"SSL_CTX_set_tmp_rsa_callback">, except it operates on an SSL | 354 | The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL |
| 355 | session instead of a context. | 355 | session instead of a context. |
| 356 | 356 | ||
| 357 | =item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void)) | 357 | =item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void)) |
diff --git a/src/lib/libssl/src/doc/standards.txt b/src/lib/libssl/src/doc/standards.txt index 596d9001e6..edbe2f3a57 100644 --- a/src/lib/libssl/src/doc/standards.txt +++ b/src/lib/libssl/src/doc/standards.txt | |||
| @@ -42,20 +42,9 @@ whole or at least great parts) in OpenSSL. | |||
| 42 | 2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest. | 42 | 2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest. |
| 43 | January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL) | 43 | January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL) |
| 44 | 44 | ||
| 45 | 2314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski. | ||
| 46 | March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL) | ||
| 47 | |||
| 48 | 2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski. | 45 | 2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski. |
| 49 | March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL) | 46 | March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL) |
| 50 | 47 | ||
| 51 | 2437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski, | ||
| 52 | J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes | ||
| 53 | RFC2313) (Status: INFORMATIONAL) | ||
| 54 | |||
| 55 | 2459 Internet X.509 Public Key Infrastructure Certificate and CRL | ||
| 56 | Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999. | ||
| 57 | (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD) | ||
| 58 | |||
| 59 | PKCS#8: Private-Key Information Syntax Standard | 48 | PKCS#8: Private-Key Information Syntax Standard |
| 60 | 49 | ||
| 61 | PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. | 50 | PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. |
| @@ -65,6 +54,40 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. | |||
| 65 | C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED | 54 | C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED |
| 66 | STANDARD) | 55 | STANDARD) |
| 67 | 56 | ||
| 57 | 2712 Addition of Kerberos Cipher Suites to Transport Layer Security | ||
| 58 | (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) | ||
| 59 | (Status: PROPOSED STANDARD) | ||
| 60 | |||
| 61 | 2898 PKCS #5: Password-Based Cryptography Specification Version 2.0. | ||
| 62 | B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status: | ||
| 63 | INFORMATIONAL) | ||
| 64 | |||
| 65 | 2986 PKCS #10: Certification Request Syntax Specification Version 1.7. | ||
| 66 | M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes) | ||
| 67 | (Obsoletes RFC2314) (Status: INFORMATIONAL) | ||
| 68 | |||
| 69 | 3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones. | ||
| 70 | September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL) | ||
| 71 | |||
| 72 | 3268 Advanced Encryption Standard (AES) Ciphersuites for Transport | ||
| 73 | Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes) | ||
| 74 | (Status: PROPOSED STANDARD) | ||
| 75 | |||
| 76 | 3279 Algorithms and Identifiers for the Internet X.509 Public Key | ||
| 77 | Infrastructure Certificate and Certificate Revocation List (CRL) | ||
| 78 | Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format: | ||
| 79 | TXT=53833 bytes) (Status: PROPOSED STANDARD) | ||
| 80 | |||
| 81 | 3280 Internet X.509 Public Key Infrastructure Certificate and | ||
| 82 | Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W. | ||
| 83 | Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes | ||
| 84 | RFC2459) (Status: PROPOSED STANDARD) | ||
| 85 | |||
| 86 | 3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography | ||
| 87 | Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003. | ||
| 88 | (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status: | ||
| 89 | INFORMATIONAL) | ||
| 90 | |||
| 68 | 91 | ||
| 69 | Related: | 92 | Related: |
| 70 | -------- | 93 | -------- |
| @@ -90,23 +113,60 @@ STARTTLS documents. | |||
| 90 | Certification and Related Services. B. Kaliski. February 1993. | 113 | Certification and Related Services. B. Kaliski. February 1993. |
| 91 | (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) | 114 | (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) |
| 92 | 115 | ||
| 93 | 2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M. | 116 | 2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October |
| 94 | Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED | 117 | 1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD) |
| 95 | STANDARD) | 118 | |
| 119 | 2510 Internet X.509 Public Key Infrastructure Certificate Management | ||
| 120 | Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178 | ||
| 121 | bytes) (Status: PROPOSED STANDARD) | ||
| 122 | |||
| 123 | 2511 Internet X.509 Certificate Request Message Format. M. Myers, C. | ||
| 124 | Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes) | ||
| 125 | (Status: PROPOSED STANDARD) | ||
| 126 | |||
| 127 | 2527 Internet X.509 Public Key Infrastructure Certificate Policy and | ||
| 128 | Certification Practices Framework. S. Chokhani, W. Ford. March 1999. | ||
| 129 | (Format: TXT=91860 bytes) (Status: INFORMATIONAL) | ||
| 96 | 130 | ||
| 97 | 2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. | 131 | 2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake |
| 98 | January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD) | 132 | 3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status: |
| 133 | PROPOSED STANDARD) | ||
| 134 | |||
| 135 | 2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS). | ||
| 136 | D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status: | ||
| 137 | PROPOSED STANDARD) | ||
| 138 | |||
| 139 | 2559 Internet X.509 Public Key Infrastructure Operational Protocols - | ||
| 140 | LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format: | ||
| 141 | TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD) | ||
| 99 | 142 | ||
| 100 | 2585 Internet X.509 Public Key Infrastructure Operational Protocols: | 143 | 2585 Internet X.509 Public Key Infrastructure Operational Protocols: |
| 101 | FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813 | 144 | FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813 |
| 102 | bytes) (Status: PROPOSED STANDARD) | 145 | bytes) (Status: PROPOSED STANDARD) |
| 103 | 146 | ||
| 147 | 2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S. | ||
| 148 | Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes) | ||
| 149 | (Status: PROPOSED STANDARD) | ||
| 150 | |||
| 104 | 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. | 151 | 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. |
| 105 | (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD) | 152 | (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD) |
| 106 | 153 | ||
| 107 | 2712 Addition of Kerberos Cipher Suites to Transport Layer Security | 154 | 2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999. |
| 108 | (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) | 155 | (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD) |
| 109 | (Status: PROPOSED STANDARD) | 156 | |
| 157 | 2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June | ||
| 158 | 1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD) | ||
| 159 | |||
| 160 | 2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October | ||
| 161 | 1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL) | ||
| 162 | |||
| 163 | 2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace. | ||
| 164 | February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status: | ||
| 165 | EXPERIMENTAL) | ||
| 166 | |||
| 167 | 2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J. | ||
| 168 | Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status: | ||
| 169 | PROPOSED STANDARD) | ||
| 110 | 170 | ||
| 111 | 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May | 171 | 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May |
| 112 | 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED | 172 | 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED |
| @@ -115,6 +175,77 @@ STARTTLS documents. | |||
| 115 | 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) | 175 | 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) |
| 116 | (Status: INFORMATIONAL) | 176 | (Status: INFORMATIONAL) |
| 117 | 177 | ||
| 178 | 2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July | ||
| 179 | 2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL) | ||
| 180 | |||
| 181 | 2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams. | ||
| 182 | October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD) | ||
| 183 | |||
| 184 | 2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0. | ||
| 185 | M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes) | ||
| 186 | (Status: INFORMATIONAL) | ||
| 187 | |||
| 188 | 3029 Internet X.509 Public Key Infrastructure Data Validation and | ||
| 189 | Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev, | ||
| 190 | R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status: | ||
| 191 | EXPERIMENTAL) | ||
| 192 | |||
| 193 | 3039 Internet X.509 Public Key Infrastructure Qualified Certificates | ||
| 194 | Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001. | ||
| 195 | (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD) | ||
| 196 | |||
| 197 | 3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P. | ||
| 198 | Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes) | ||
| 199 | (Status: INFORMATIONAL) | ||
| 200 | |||
| 201 | 3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol | ||
| 202 | (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001. | ||
| 203 | (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD) | ||
| 204 | |||
| 205 | 3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner. | ||
| 206 | October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD) | ||
| 207 | |||
| 208 | 3207 SMTP Service Extension for Secure SMTP over Transport Layer | ||
| 209 | Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes) | ||
| 210 | (Obsoletes RFC2487) (Status: PROPOSED STANDARD) | ||
| 211 | |||
| 212 | 3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001. | ||
| 213 | (Format: TXT=19855 bytes) (Status: INFORMATIONAL) | ||
| 214 | |||
| 215 | 3274 Compressed Data Content Type for Cryptographic Message Syntax | ||
| 216 | (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status: | ||
| 217 | PROPOSED STANDARD) | ||
| 218 | |||
| 219 | 3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in | ||
| 220 | Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P. | ||
| 221 | Lambert. April 2002. (Format: TXT=33779 bytes) (Status: | ||
| 222 | INFORMATIONAL) | ||
| 223 | |||
| 224 | 3281 An Internet Attribute Certificate Profile for Authorization. S. | ||
| 225 | Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status: | ||
| 226 | PROPOSED STANDARD) | ||
| 227 | |||
| 228 | 3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002. | ||
| 229 | (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status: | ||
| 230 | PROPOSED STANDARD) | ||
| 231 | |||
| 232 | 3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August | ||
| 233 | 2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status: | ||
| 234 | PROPOSED STANDARD) | ||
| 235 | |||
| 236 | 3377 Lightweight Directory Access Protocol (v3): Technical | ||
| 237 | Specification. J. Hodges, R. Morgan. September 2002. (Format: | ||
| 238 | TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255, | ||
| 239 | RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD) | ||
| 240 | |||
| 241 | 3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad, | ||
| 242 | R. Housley. September 2002. (Format: TXT=73072 bytes) (Status: | ||
| 243 | INFORMATIONAL) | ||
| 244 | |||
| 245 | 3436 Transport Layer Security over Stream Control Transmission | ||
| 246 | Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002. | ||
| 247 | (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD) | ||
| 248 | |||
| 118 | "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt> | 249 | "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt> |
| 119 | 250 | ||
| 120 | 251 | ||
| @@ -124,7 +255,3 @@ To be implemented: | |||
| 124 | These are documents that describe things that are planed to be | 255 | These are documents that describe things that are planed to be |
| 125 | implemented in the hopefully short future. | 256 | implemented in the hopefully short future. |
| 126 | 257 | ||
| 127 | 2712 Addition of Kerberos Cipher Suites to Transport Layer Security | ||
| 128 | (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) | ||
| 129 | (Status: PROPOSED STANDARD) | ||
| 130 | |||
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h index 00edebe6d4..f7d09c5295 100644 --- a/src/lib/libssl/src/e_os.h +++ b/src/lib/libssl/src/e_os.h | |||
| @@ -154,6 +154,13 @@ extern "C" { | |||
| 154 | #define readsocket(s,b,n) recv((s),(b),(n),0) | 154 | #define readsocket(s,b,n) recv((s),(b),(n),0) |
| 155 | #define writesocket(s,b,n) send((s),(b),(n),0) | 155 | #define writesocket(s,b,n) send((s),(b),(n),0) |
| 156 | #define EADDRINUSE WSAEADDRINUSE | 156 | #define EADDRINUSE WSAEADDRINUSE |
| 157 | #elif defined(__DJGPP__) | ||
| 158 | #define WATT32 | ||
| 159 | #define get_last_socket_error() errno | ||
| 160 | #define clear_socket_error() errno=0 | ||
| 161 | #define closesocket(s) close_s(s) | ||
| 162 | #define readsocket(s,b,n) read_s(s,b,n) | ||
| 163 | #define writesocket(s,b,n) send(s,b,n,0) | ||
| 157 | #elif defined(MAC_OS_pre_X) | 164 | #elif defined(MAC_OS_pre_X) |
| 158 | #define get_last_socket_error() errno | 165 | #define get_last_socket_error() errno |
| 159 | #define clear_socket_error() errno=0 | 166 | #define clear_socket_error() errno=0 |
| @@ -194,6 +201,9 @@ extern "C" { | |||
| 194 | # ifdef __DJGPP__ | 201 | # ifdef __DJGPP__ |
| 195 | # include <unistd.h> | 202 | # include <unistd.h> |
| 196 | # include <sys/stat.h> | 203 | # include <sys/stat.h> |
| 204 | # include <sys/socket.h> | ||
| 205 | # include <tcp.h> | ||
| 206 | # include <netdb.h> | ||
| 197 | # define _setmode setmode | 207 | # define _setmode setmode |
| 198 | # define _O_TEXT O_TEXT | 208 | # define _O_TEXT O_TEXT |
| 199 | # define _O_BINARY O_BINARY | 209 | # define _O_BINARY O_BINARY |
| @@ -207,7 +217,7 @@ extern "C" { | |||
| 207 | # define S_IFMT _S_IFMT | 217 | # define S_IFMT _S_IFMT |
| 208 | # endif | 218 | # endif |
| 209 | 219 | ||
| 210 | # if !defined(WINNT) | 220 | # if !defined(WINNT) && !defined(__DJGPP__) |
| 211 | # define NO_SYSLOG | 221 | # define NO_SYSLOG |
| 212 | # endif | 222 | # endif |
| 213 | # define NO_DIRENT | 223 | # define NO_DIRENT |
| @@ -222,6 +232,10 @@ extern "C" { | |||
| 222 | # include <io.h> | 232 | # include <io.h> |
| 223 | # include <fcntl.h> | 233 | # include <fcntl.h> |
| 224 | 234 | ||
| 235 | # ifdef OPENSSL_SYS_WINCE | ||
| 236 | # include <winsock_extras.h> | ||
| 237 | # endif | ||
| 238 | |||
| 225 | # define ssize_t long | 239 | # define ssize_t long |
| 226 | 240 | ||
| 227 | # if defined (__BORLANDC__) | 241 | # if defined (__BORLANDC__) |
| @@ -232,10 +246,11 @@ extern "C" { | |||
| 232 | # define _kbhit kbhit | 246 | # define _kbhit kbhit |
| 233 | # endif | 247 | # endif |
| 234 | 248 | ||
| 235 | # if defined(WIN16) && !defined(MONOLITH) && defined(SSLEAY) && defined(_WINEXITNOPERSIST) | 249 | # if defined(WIN16) && defined(SSLEAY) && defined(_WINEXITNOPERSIST) |
| 236 | # define EXIT(n) { if (n == 0) _wsetexit(_WINEXITNOPERSIST); return(n); } | 250 | # define EXIT(n) _wsetexit(_WINEXITNOPERSIST) |
| 251 | # define OPENSSL_EXIT(n) do { if (n == 0) EXIT(n); return(n); } while(0) | ||
| 237 | # else | 252 | # else |
| 238 | # define EXIT(n) return(n); | 253 | # define EXIT(n) return(n) |
| 239 | # endif | 254 | # endif |
| 240 | # define LIST_SEPARATOR_CHAR ';' | 255 | # define LIST_SEPARATOR_CHAR ';' |
| 241 | # ifndef X_OK | 256 | # ifndef X_OK |
| @@ -251,7 +266,11 @@ extern "C" { | |||
| 251 | # define SSLEAY_CONF OPENSSL_CONF | 266 | # define SSLEAY_CONF OPENSSL_CONF |
| 252 | # define NUL_DEV "nul" | 267 | # define NUL_DEV "nul" |
| 253 | # define RFILE ".rnd" | 268 | # define RFILE ".rnd" |
| 254 | # define DEFAULT_HOME "C:" | 269 | # ifdef OPENSSL_SYS_WINCE |
| 270 | # define DEFAULT_HOME "" | ||
| 271 | # else | ||
| 272 | # define DEFAULT_HOME "C:" | ||
| 273 | # endif | ||
| 255 | 274 | ||
| 256 | #else /* The non-microsoft world world */ | 275 | #else /* The non-microsoft world world */ |
| 257 | 276 | ||
| @@ -287,18 +306,13 @@ extern "C" { | |||
| 287 | the status is tagged as an error, which I believe is what is wanted here. | 306 | the status is tagged as an error, which I believe is what is wanted here. |
| 288 | -- Richard Levitte | 307 | -- Richard Levitte |
| 289 | */ | 308 | */ |
| 290 | # if !defined(MONOLITH) || defined(OPENSSL_C) | 309 | # define EXIT(n) do { int __VMS_EXIT = n; \ |
| 291 | # define EXIT(n) do { int __VMS_EXIT = n; \ | ||
| 292 | if (__VMS_EXIT == 0) \ | 310 | if (__VMS_EXIT == 0) \ |
| 293 | __VMS_EXIT = 1; \ | 311 | __VMS_EXIT = 1; \ |
| 294 | else \ | 312 | else \ |
| 295 | __VMS_EXIT = (n << 3) | 2; \ | 313 | __VMS_EXIT = (n << 3) | 2; \ |
| 296 | __VMS_EXIT |= 0x10000000; \ | 314 | __VMS_EXIT |= 0x10000000; \ |
| 297 | exit(__VMS_EXIT); \ | 315 | exit(__VMS_EXIT); } while(0) |
| 298 | return(__VMS_EXIT); } while(0) | ||
| 299 | # else | ||
| 300 | # define EXIT(n) return(n) | ||
| 301 | # endif | ||
| 302 | # define NO_SYS_PARAM_H | 316 | # define NO_SYS_PARAM_H |
| 303 | # else | 317 | # else |
| 304 | /* !defined VMS */ | 318 | /* !defined VMS */ |
| @@ -329,11 +343,7 @@ extern "C" { | |||
| 329 | # define RFILE ".rnd" | 343 | # define RFILE ".rnd" |
| 330 | # define LIST_SEPARATOR_CHAR ':' | 344 | # define LIST_SEPARATOR_CHAR ':' |
| 331 | # define NUL_DEV "/dev/null" | 345 | # define NUL_DEV "/dev/null" |
| 332 | # ifndef MONOLITH | 346 | # define EXIT(n) exit(n) |
| 333 | # define EXIT(n) exit(n); return(n) | ||
| 334 | # else | ||
| 335 | # define EXIT(n) return(n) | ||
| 336 | # endif | ||
| 337 | # endif | 347 | # endif |
| 338 | 348 | ||
| 339 | # define SSLeay_getpid() getpid() | 349 | # define SSLeay_getpid() getpid() |
| @@ -344,7 +354,7 @@ extern "C" { | |||
| 344 | /*************/ | 354 | /*************/ |
| 345 | 355 | ||
| 346 | #ifdef USE_SOCKETS | 356 | #ifdef USE_SOCKETS |
| 347 | # if (defined(WINDOWS) || defined(MSDOS)) && !defined(__DJGPP__) | 357 | # if defined(WINDOWS) || defined(MSDOS) |
| 348 | /* windows world */ | 358 | /* windows world */ |
| 349 | 359 | ||
| 350 | # ifdef OPENSSL_NO_SOCK | 360 | # ifdef OPENSSL_NO_SOCK |
| @@ -352,13 +362,18 @@ extern "C" { | |||
| 352 | # define SSLeay_Read(a,b,c) (-1) | 362 | # define SSLeay_Read(a,b,c) (-1) |
| 353 | # define SHUTDOWN(fd) close(fd) | 363 | # define SHUTDOWN(fd) close(fd) |
| 354 | # define SHUTDOWN2(fd) close(fd) | 364 | # define SHUTDOWN2(fd) close(fd) |
| 355 | # else | 365 | # elif !defined(__DJGPP__) |
| 356 | # include <winsock.h> | 366 | # include <winsock.h> |
| 357 | extern HINSTANCE _hInstance; | 367 | extern HINSTANCE _hInstance; |
| 358 | # define SSLeay_Write(a,b,c) send((a),(b),(c),0) | 368 | # define SSLeay_Write(a,b,c) send((a),(b),(c),0) |
| 359 | # define SSLeay_Read(a,b,c) recv((a),(b),(c),0) | 369 | # define SSLeay_Read(a,b,c) recv((a),(b),(c),0) |
| 360 | # define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); } | 370 | # define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); } |
| 361 | # define SHUTDOWN2(fd) { shutdown((fd),2); closesocket(fd); } | 371 | # define SHUTDOWN2(fd) { shutdown((fd),2); closesocket(fd); } |
| 372 | # else | ||
| 373 | # define SSLeay_Write(a,b,c) write_s(a,b,c,0) | ||
| 374 | # define SSLeay_Read(a,b,c) read_s(a,b,c) | ||
| 375 | # define SHUTDOWN(fd) close_s(fd) | ||
| 376 | # define SHUTDOWN2(fd) close_s(fd) | ||
| 362 | # endif | 377 | # endif |
| 363 | 378 | ||
| 364 | # elif defined(MAC_OS_pre_X) | 379 | # elif defined(MAC_OS_pre_X) |
| @@ -455,6 +470,14 @@ extern char *sys_errlist[]; extern int sys_nerr; | |||
| 455 | (((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum]) | 470 | (((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum]) |
| 456 | #endif | 471 | #endif |
| 457 | 472 | ||
| 473 | #ifndef OPENSSL_EXIT | ||
| 474 | # if defined(MONOLITH) && !defined(OPENSSL_C) | ||
| 475 | # define OPENSSL_EXIT(n) return(n) | ||
| 476 | # else | ||
| 477 | # define OPENSSL_EXIT(n) do { EXIT(n); return(n); } while(0) | ||
| 478 | # endif | ||
| 479 | #endif | ||
| 480 | |||
| 458 | /***********************************************/ | 481 | /***********************************************/ |
| 459 | 482 | ||
| 460 | /* do we need to do this for getenv. | 483 | /* do we need to do this for getenv. |
| @@ -485,6 +508,36 @@ extern char *sys_errlist[]; extern int sys_nerr; | |||
| 485 | # define strcasecmp stricmp | 508 | # define strcasecmp stricmp |
| 486 | #endif | 509 | #endif |
| 487 | 510 | ||
| 511 | /* vxworks */ | ||
| 512 | #if defined(OPENSSL_SYS_VXWORKS) | ||
| 513 | #include <ioLib.h> | ||
| 514 | #include <tickLib.h> | ||
| 515 | #include <sysLib.h> | ||
| 516 | |||
| 517 | #define TTY_STRUCT int | ||
| 518 | |||
| 519 | #define sleep(a) taskDelay((a) * sysClkRateGet()) | ||
| 520 | #if defined(ioctlsocket) | ||
| 521 | #undef ioctlsocket | ||
| 522 | #endif | ||
| 523 | #define ioctlsocket(a,b,c) ioctl((a),(b),*(c)) | ||
| 524 | |||
| 525 | #include <vxWorks.h> | ||
| 526 | #include <sockLib.h> | ||
| 527 | #include <taskLib.h> | ||
| 528 | |||
| 529 | #define getpid taskIdSelf | ||
| 530 | |||
| 531 | /* NOTE: these are implemented by helpers in database app! | ||
| 532 | * if the database is not linked, we need to implement them | ||
| 533 | * elswhere */ | ||
| 534 | struct hostent *gethostbyname(const char *name); | ||
| 535 | struct hostent *gethostbyaddr(const char *addr, int length, int type); | ||
| 536 | struct servent *getservbyname(const char *name, const char *proto); | ||
| 537 | |||
| 538 | #endif | ||
| 539 | /* end vxworks */ | ||
| 540 | |||
| 488 | #ifdef __cplusplus | 541 | #ifdef __cplusplus |
| 489 | } | 542 | } |
| 490 | #endif | 543 | #endif |
diff --git a/src/lib/libssl/src/e_os2.h b/src/lib/libssl/src/e_os2.h index ff68d5b94a..81be3025f6 100644 --- a/src/lib/libssl/src/e_os2.h +++ b/src/lib/libssl/src/e_os2.h | |||
| @@ -106,11 +106,15 @@ extern "C" { | |||
| 106 | # undef OPENSSL_SYS_UNIX | 106 | # undef OPENSSL_SYS_UNIX |
| 107 | # define OPENSSL_SYS_WINNT | 107 | # define OPENSSL_SYS_WINNT |
| 108 | # endif | 108 | # endif |
| 109 | # if defined(OPENSSL_SYSNAME_WINCE) | ||
| 110 | # undef OPENSSL_SYS_UNIX | ||
| 111 | # define OPENSSL_SYS_WINCE | ||
| 112 | # endif | ||
| 109 | # endif | 113 | # endif |
| 110 | #endif | 114 | #endif |
| 111 | 115 | ||
| 112 | /* Anything that tries to look like Microsoft is "Windows" */ | 116 | /* Anything that tries to look like Microsoft is "Windows" */ |
| 113 | #if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) | 117 | #if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) |
| 114 | # undef OPENSSL_SYS_UNIX | 118 | # undef OPENSSL_SYS_UNIX |
| 115 | # define OPENSSL_SYS_WINDOWS | 119 | # define OPENSSL_SYS_WINDOWS |
| 116 | # ifndef OPENSSL_SYS_MSDOS | 120 | # ifndef OPENSSL_SYS_MSDOS |
| @@ -170,6 +174,13 @@ extern "C" { | |||
| 170 | # ifdef OPENSSL_SYSNAME_MACOSX | 174 | # ifdef OPENSSL_SYSNAME_MACOSX |
| 171 | # define OPENSSL_SYS_MACOSX | 175 | # define OPENSSL_SYS_MACOSX |
| 172 | # endif | 176 | # endif |
| 177 | # ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY | ||
| 178 | # define OPENSSL_SYS_MACOSX_RHAPSODY | ||
| 179 | # define OPENSSL_SYS_MACOSX | ||
| 180 | # endif | ||
| 181 | # ifdef OPENSSL_SYSNAME_SUNOS | ||
| 182 | # define OPENSSL_SYS_SUNOS | ||
| 183 | #endif | ||
| 173 | # if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY) | 184 | # if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY) |
| 174 | # define OPENSSL_SYS_CRAY | 185 | # define OPENSSL_SYS_CRAY |
| 175 | # endif | 186 | # endif |
| @@ -178,6 +189,11 @@ extern "C" { | |||
| 178 | # endif | 189 | # endif |
| 179 | #endif | 190 | #endif |
| 180 | 191 | ||
| 192 | /* ------------------------------- VxWorks --------------------------------- */ | ||
| 193 | #ifdef OPENSSL_SYSNAME_VXWORKS | ||
| 194 | # define OPENSSL_SYS_VXWORKS | ||
| 195 | #endif | ||
| 196 | |||
| 181 | /** | 197 | /** |
| 182 | * That's it for OS-specific stuff | 198 | * That's it for OS-specific stuff |
| 183 | *****************************************************************************/ | 199 | *****************************************************************************/ |
diff --git a/src/lib/libssl/src/makevms.com b/src/lib/libssl/src/makevms.com index e5c1edbe0e..443f3c15c5 100644 --- a/src/lib/libssl/src/makevms.com +++ b/src/lib/libssl/src/makevms.com | |||
| @@ -9,7 +9,7 @@ $! | |||
| 9 | $! Changes by Richard Levitte <richard@levitte.org> | 9 | $! Changes by Richard Levitte <richard@levitte.org> |
| 10 | $! | 10 | $! |
| 11 | $! This procedure creates the SSL libraries of "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" | 11 | $! This procedure creates the SSL libraries of "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" |
| 12 | $! "[.xxx.EXE.SSL]LIBSSL.OLB" and if specified "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB". | 12 | $! "[.xxx.EXE.SSL]LIBSSL.OLB" |
| 13 | $! The "xxx" denotes the machine architecture of AXP or VAX. | 13 | $! The "xxx" denotes the machine architecture of AXP or VAX. |
| 14 | $! | 14 | $! |
| 15 | $! This procedures accepts two command line options listed below. | 15 | $! This procedures accepts two command line options listed below. |
| @@ -21,7 +21,6 @@ $! CONFIG Just build the "[.CRYPTO]OPENSSLCONF.H" file. | |||
| 21 | $! BUILDINF Just build the "[.CRYPTO]BUILDINF.H" file. | 21 | $! BUILDINF Just build the "[.CRYPTO]BUILDINF.H" file. |
| 22 | $! SOFTLINKS Just fix the Unix soft links. | 22 | $! SOFTLINKS Just fix the Unix soft links. |
| 23 | $! BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done. | 23 | $! BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done. |
| 24 | $! RSAREF Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library. | ||
| 25 | $! CRYPTO Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library. | 24 | $! CRYPTO Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library. |
| 26 | $! CRYPTO/x Just build the x part of the | 25 | $! CRYPTO/x Just build the x part of the |
| 27 | $! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library. | 26 | $! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library. |
| @@ -31,16 +30,8 @@ $! TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL. | |||
| 31 | $! APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL. | 30 | $! APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL. |
| 32 | $! | 31 | $! |
| 33 | $! | 32 | $! |
| 34 | $! Specify RSAREF as P2 to compile using the RSAREF Library. | 33 | $! P2 is ignored (it was used to denote if RSAref should be used or not, |
| 35 | $! If you specify NORSAREF, it will compile without using RSAREF. | 34 | $! and is simply kept so surrounding scripts don't get confused) |
| 36 | $! (If in the United States, You Must Compile Using RSAREF). | ||
| 37 | $! | ||
| 38 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 39 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 40 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 41 | $! directory structure stored. You have to extract the file | ||
| 42 | $! into the [.RSAREF] directory as that is where the scripts | ||
| 43 | $! will look for the files. | ||
| 44 | $! | 35 | $! |
| 45 | $! Speficy DEBUG or NODEBUG as P3 to compile with or without debugging | 36 | $! Speficy DEBUG or NODEBUG as P3 to compile with or without debugging |
| 46 | $! information. | 37 | $! information. |
| @@ -127,20 +118,6 @@ $! | |||
| 127 | $ IF (BUILDCOMMAND.EQS."ALL".OR.BUILDCOMMAND.EQS."BUILDALL") | 118 | $ IF (BUILDCOMMAND.EQS."ALL".OR.BUILDCOMMAND.EQS."BUILDALL") |
| 128 | $ THEN | 119 | $ THEN |
| 129 | $! | 120 | $! |
| 130 | $! Check To See If We Are Going To Be Building The | ||
| 131 | $! [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library. | ||
| 132 | $! | ||
| 133 | $ IF (RSAREF.EQS."RSAREF") | ||
| 134 | $ THEN | ||
| 135 | $! | ||
| 136 | $! Build The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library. | ||
| 137 | $! | ||
| 138 | $ GOSUB RSAREF | ||
| 139 | $! | ||
| 140 | $! End The RSAREF Check. | ||
| 141 | $! | ||
| 142 | $ ENDIF | ||
| 143 | $! | ||
| 144 | $! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. | 121 | $! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. |
| 145 | $! | 122 | $! |
| 146 | $ GOSUB CRYPTO | 123 | $ GOSUB CRYPTO |
| @@ -498,11 +475,6 @@ $ ENDIF | |||
| 498 | $ GOTO LOOP_SDIRS | 475 | $ GOTO LOOP_SDIRS |
| 499 | $ LOOP_SDIRS_END: | 476 | $ LOOP_SDIRS_END: |
| 500 | $! | 477 | $! |
| 501 | $! Copy All The ".H" Files From The [.RSAREF] Directory. | ||
| 502 | $! | ||
| 503 | $! EXHEADER := rsaref.h | ||
| 504 | $! COPY SYS$DISK:[.RSAREF]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] | ||
| 505 | $! | ||
| 506 | $! Copy All The ".H" Files From The [.SSL] Directory. | 478 | $! Copy All The ".H" Files From The [.SSL] Directory. |
| 507 | $! | 479 | $! |
| 508 | $ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h | 480 | $ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h |
| @@ -531,11 +503,11 @@ $ SET DEFAULT SYS$DISK:[.CRYPTO] | |||
| 531 | $! | 503 | $! |
| 532 | $! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. | 504 | $! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. |
| 533 | $! | 505 | $! |
| 534 | $ @CRYPTO-LIB LIBRARY 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" "''BUILDPART'" | 506 | $ @CRYPTO-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" "''BUILDPART'" |
| 535 | $! | 507 | $! |
| 536 | $! Build The [.xxx.EXE.CRYPTO]*.EXE Test Applications. | 508 | $! Build The [.xxx.EXE.CRYPTO]*.EXE Test Applications. |
| 537 | $! | 509 | $! |
| 538 | $ @CRYPTO-LIB APPS 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' | 510 | $ @CRYPTO-LIB APPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' |
| 539 | $! | 511 | $! |
| 540 | $! Go Back To The Main Directory. | 512 | $! Go Back To The Main Directory. |
| 541 | $! | 513 | $! |
| @@ -545,34 +517,6 @@ $! Time To RETURN. | |||
| 545 | $! | 517 | $! |
| 546 | $ RETURN | 518 | $ RETURN |
| 547 | $! | 519 | $! |
| 548 | $! Build The [.xxx.EXE.RSAREF]LIBRSAGLUE Library. | ||
| 549 | $! | ||
| 550 | $ RSAREF: | ||
| 551 | $ WRITE SYS$OUTPUT "" | ||
| 552 | $ WRITE SYS$OUTPUT "RSAref glue library not built, since it's no longer needed" | ||
| 553 | $ RETURN | ||
| 554 | $! | ||
| 555 | $! Tell The User What We Are Doing. | ||
| 556 | $! | ||
| 557 | $ WRITE SYS$OUTPUT "" | ||
| 558 | $ WRITE SYS$OUTPUT "Building The [.",ARCH,".EXE.RSAREF]LIBRSAGLUE.OLB Library." | ||
| 559 | $! | ||
| 560 | $! Go To The [.RSAREF] Directory. | ||
| 561 | $! | ||
| 562 | $ SET DEFAULT SYS$DISK:[.RSAREF] | ||
| 563 | $! | ||
| 564 | $! Build The [.xxx.EXE.RSAREF]LIBRSAGLUE.OLB Library. | ||
| 565 | $! | ||
| 566 | $ @RSAREF-LIB LIBRARY 'DEBUGGER' "''COMPILER'" 'ISSEVEN' | ||
| 567 | $! | ||
| 568 | $! Go Back To The Main Directory. | ||
| 569 | $! | ||
| 570 | $ SET DEFAULT [-] | ||
| 571 | $! | ||
| 572 | $! Time To Return. | ||
| 573 | $! | ||
| 574 | $ RETURN | ||
| 575 | $! | ||
| 576 | $! Build The "[.xxx.EXE.SSL]LIBSSL.OLB" Library. | 520 | $! Build The "[.xxx.EXE.SSL]LIBSSL.OLB" Library. |
| 577 | $! | 521 | $! |
| 578 | $ SSL: | 522 | $ SSL: |
| @@ -588,7 +532,7 @@ $ SET DEFAULT SYS$DISK:[.SSL] | |||
| 588 | $! | 532 | $! |
| 589 | $! Build The [.xxx.EXE.SSL]LIBSSL.OLB Library. | 533 | $! Build The [.xxx.EXE.SSL]LIBSSL.OLB Library. |
| 590 | $! | 534 | $! |
| 591 | $ @SSL-LIB LIBRARY 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' | 535 | $ @SSL-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' |
| 592 | $! | 536 | $! |
| 593 | $! Go Back To The Main Directory. | 537 | $! Go Back To The Main Directory. |
| 594 | $! | 538 | $! |
| @@ -613,7 +557,7 @@ $ SET DEFAULT SYS$DISK:[.SSL] | |||
| 613 | $! | 557 | $! |
| 614 | $! Build The [.xxx.EXE.SSL]SSL_TASK.EXE | 558 | $! Build The [.xxx.EXE.SSL]SSL_TASK.EXE |
| 615 | $! | 559 | $! |
| 616 | $ @SSL-LIB SSL_TASK 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' | 560 | $ @SSL-LIB SSL_TASK 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' |
| 617 | $! | 561 | $! |
| 618 | $! Go Back To The Main Directory. | 562 | $! Go Back To The Main Directory. |
| 619 | $! | 563 | $! |
| @@ -638,7 +582,7 @@ $ SET DEFAULT SYS$DISK:[.TEST] | |||
| 638 | $! | 582 | $! |
| 639 | $! Build The Test Programs. | 583 | $! Build The Test Programs. |
| 640 | $! | 584 | $! |
| 641 | $ @MAKETESTS 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' | 585 | $ @MAKETESTS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' |
| 642 | $! | 586 | $! |
| 643 | $! Go Back To The Main Directory. | 587 | $! Go Back To The Main Directory. |
| 644 | $! | 588 | $! |
| @@ -663,7 +607,7 @@ $ SET DEFAULT SYS$DISK:[.APPS] | |||
| 663 | $! | 607 | $! |
| 664 | $! Build The Application Programs. | 608 | $! Build The Application Programs. |
| 665 | $! | 609 | $! |
| 666 | $ @MAKEAPPS 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' | 610 | $ @MAKEAPPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' |
| 667 | $! | 611 | $! |
| 668 | $! Go Back To The Main Directory. | 612 | $! Go Back To The Main Directory. |
| 669 | $! | 613 | $! |
| @@ -704,7 +648,7 @@ $! Else, Check To See If P1 Has A Valid Arguement. | |||
| 704 | $! | 648 | $! |
| 705 | $ IF (P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") - | 649 | $ IF (P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") - |
| 706 | .OR.(P1.EQS."BUILDALL") - | 650 | .OR.(P1.EQS."BUILDALL") - |
| 707 | .OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL").OR.(P1.EQS."RSAREF") - | 651 | .OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL") - |
| 708 | .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") | 652 | .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") |
| 709 | $ THEN | 653 | $ THEN |
| 710 | $! | 654 | $! |
| @@ -752,54 +696,6 @@ $! End The P1 Check. | |||
| 752 | $! | 696 | $! |
| 753 | $ ENDIF | 697 | $ ENDIF |
| 754 | $! | 698 | $! |
| 755 | $! Check To See If P2 Is Blank. | ||
| 756 | $! | ||
| 757 | $ P2 = "NORSAREF" | ||
| 758 | $ IF (P2.EQS."NORSAREF") | ||
| 759 | $ THEN | ||
| 760 | $! | ||
| 761 | $! P2 Is NORSAREF, So Compile Without RSAREF. | ||
| 762 | $! | ||
| 763 | $ RSAREF = "NORSAREF" | ||
| 764 | $! | ||
| 765 | $! Else... | ||
| 766 | $! | ||
| 767 | $ ELSE | ||
| 768 | $! | ||
| 769 | $! Check To See If We Are To Compile Using The RSAREF Library. | ||
| 770 | $! | ||
| 771 | $ IF (P2.EQS."RSAREF") | ||
| 772 | $ THEN | ||
| 773 | $! | ||
| 774 | $! Compile With RSAREF Library. | ||
| 775 | $! | ||
| 776 | $ RSAREF = "RSAREF" | ||
| 777 | $! | ||
| 778 | $! Else... | ||
| 779 | $! | ||
| 780 | $ ELSE | ||
| 781 | $! | ||
| 782 | $! Tell The User Entered An Invalid Option.. | ||
| 783 | $! | ||
| 784 | $ WRITE SYS$OUTPUT "" | ||
| 785 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | ||
| 786 | $ WRITE SYS$OUTPUT "" | ||
| 787 | $ WRITE SYS$OUTPUT " RSAREF : To Compile With The RSAREF Library." | ||
| 788 | $ WRITE SYS$OUTPUT " NORSAREF : To Compile With The Regular RSA Library." | ||
| 789 | $ WRITE SYS$OUTPUT "" | ||
| 790 | $! | ||
| 791 | $! Time To EXIT. | ||
| 792 | $! | ||
| 793 | $ EXIT | ||
| 794 | $! | ||
| 795 | $! End The Valid Arguemnt Check. | ||
| 796 | $! | ||
| 797 | $ ENDIF | ||
| 798 | $! | ||
| 799 | $! End The P2 Check. | ||
| 800 | $! | ||
| 801 | $ ENDIF | ||
| 802 | $! | ||
| 803 | $! Check To See If P3 Is Blank. | 699 | $! Check To See If P3 Is Blank. |
| 804 | $! | 700 | $! |
| 805 | $ IF (P3.EQS."NODEBUG") | 701 | $ IF (P3.EQS."NODEBUG") |
diff --git a/src/lib/libssl/src/ms/do_ms.bat b/src/lib/libssl/src/ms/do_ms.bat index 5cbc6f7d5f..a8cf515bac 100644 --- a/src/lib/libssl/src/ms/do_ms.bat +++ b/src/lib/libssl/src/ms/do_ms.bat | |||
| @@ -5,6 +5,8 @@ rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak | |||
| 5 | perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak | 5 | perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak |
| 6 | perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak | 6 | perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak |
| 7 | perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak | 7 | perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak |
| 8 | perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak | ||
| 9 | perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak | ||
| 8 | 10 | ||
| 9 | perl util\mkdef.pl 16 libeay > ms\libeay16.def | 11 | perl util\mkdef.pl 16 libeay > ms\libeay16.def |
| 10 | perl util\mkdef.pl 32 libeay > ms\libeay32.def | 12 | perl util\mkdef.pl 32 libeay > ms\libeay32.def |
diff --git a/src/lib/libssl/src/ms/mingw32.bat b/src/lib/libssl/src/ms/mingw32.bat index 1968f4150b..8c7c63e0f2 100644 --- a/src/lib/libssl/src/ms/mingw32.bat +++ b/src/lib/libssl/src/ms/mingw32.bat | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | @rem OpenSSL with Mingw32+GNU as | 1 | @rem OpenSSL with Mingw32+GNU as |
| 2 | @rem --------------------------- | 2 | @rem --------------------------- |
| 3 | 3 | ||
| 4 | perl Configure Mingw32 %1 %2 %3 %4 %5 %6 %7 %8 | 4 | perl Configure mingw %1 %2 %3 %4 %5 %6 %7 %8 |
| 5 | 5 | ||
| 6 | @echo off | 6 | @echo off |
| 7 | 7 | ||
| @@ -66,21 +66,16 @@ cd ..\..\.. | |||
| 66 | echo Generating makefile | 66 | echo Generating makefile |
| 67 | perl util\mkfiles.pl >MINFO | 67 | perl util\mkfiles.pl >MINFO |
| 68 | perl util\mk1mf.pl gaswin Mingw32 >ms\mingw32a.mak | 68 | perl util\mk1mf.pl gaswin Mingw32 >ms\mingw32a.mak |
| 69 | perl util\mk1mf.pl gaswin Mingw32-files >ms\mingw32f.mak | ||
| 70 | echo Generating DLL definition files | 69 | echo Generating DLL definition files |
| 71 | perl util\mkdef.pl 32 libeay >ms\libeay32.def | 70 | perl util\mkdef.pl 32 libeay >ms\libeay32.def |
| 72 | if errorlevel 1 goto end | 71 | if errorlevel 1 goto end |
| 73 | perl util\mkdef.pl 32 ssleay >ms\ssleay32.def | 72 | perl util\mkdef.pl 32 ssleay >ms\ssleay32.def |
| 74 | if errorlevel 1 goto end | 73 | if errorlevel 1 goto end |
| 75 | 74 | ||
| 76 | rem Create files -- this can be skipped if using the GNU file utilities | 75 | rem copy ms\tlhelp32.h outinc |
| 77 | make -f ms/mingw32f.mak | ||
| 78 | echo You can ignore the error messages above | ||
| 79 | |||
| 80 | copy ms\tlhelp32.h outinc | ||
| 81 | 76 | ||
| 82 | echo Building the libraries | 77 | echo Building the libraries |
| 83 | make -f ms/mingw32a.mak | 78 | mingw32-make -f ms/mingw32a.mak |
| 84 | if errorlevel 1 goto end | 79 | if errorlevel 1 goto end |
| 85 | 80 | ||
| 86 | echo Generating the DLLs and input libraries | 81 | echo Generating the DLLs and input libraries |
diff --git a/src/lib/libssl/src/ms/mw.bat b/src/lib/libssl/src/ms/mw.bat index dc37913b71..c5ccd693e3 100644 --- a/src/lib/libssl/src/ms/mw.bat +++ b/src/lib/libssl/src/ms/mw.bat | |||
| @@ -4,17 +4,12 @@ | |||
| 4 | @rem Makefile | 4 | @rem Makefile |
| 5 | perl util\mkfiles.pl >MINFO | 5 | perl util\mkfiles.pl >MINFO |
| 6 | perl util\mk1mf.pl Mingw32 >ms\mingw32.mak | 6 | perl util\mk1mf.pl Mingw32 >ms\mingw32.mak |
| 7 | perl util\mk1mf.pl Mingw32-files >ms\mingw32f.mak | ||
| 8 | @rem DLL definition files | 7 | @rem DLL definition files |
| 9 | perl util\mkdef.pl 32 libeay >ms\libeay32.def | 8 | perl util\mkdef.pl 32 libeay >ms\libeay32.def |
| 10 | if errorlevel 1 goto end | 9 | if errorlevel 1 goto end |
| 11 | perl util\mkdef.pl 32 ssleay >ms\ssleay32.def | 10 | perl util\mkdef.pl 32 ssleay >ms\ssleay32.def |
| 12 | if errorlevel 1 goto end | 11 | if errorlevel 1 goto end |
| 13 | 12 | ||
| 14 | @rem Create files -- this can be skipped if using the GNU file utilities | ||
| 15 | make -f ms/mingw32f.mak | ||
| 16 | echo You can ignore the error messages above | ||
| 17 | |||
| 18 | @rem Build the libraries | 13 | @rem Build the libraries |
| 19 | make -f ms/mingw32.mak | 14 | make -f ms/mingw32.mak |
| 20 | if errorlevel 1 goto end | 15 | if errorlevel 1 goto end |
diff --git a/src/lib/libssl/src/ms/test.bat b/src/lib/libssl/src/ms/test.bat index 8f69194283..c3a1b0c28d 100644 --- a/src/lib/libssl/src/ms/test.bat +++ b/src/lib/libssl/src/ms/test.bat | |||
| @@ -67,6 +67,10 @@ echo dsatest | |||
| 67 | dsatest | 67 | dsatest |
| 68 | if errorlevel 1 goto done | 68 | if errorlevel 1 goto done |
| 69 | 69 | ||
| 70 | echo ectest | ||
| 71 | ectest | ||
| 72 | if errorlevel 1 goto done | ||
| 73 | |||
| 70 | echo testenc | 74 | echo testenc |
| 71 | call %test%\testenc openssl | 75 | call %test%\testenc openssl |
| 72 | if errorlevel 1 goto done | 76 | if errorlevel 1 goto done |
diff --git a/src/lib/libssl/src/ms/testenc.bat b/src/lib/libssl/src/ms/testenc.bat index e8917eeee2..4b99bd5895 100644 --- a/src/lib/libssl/src/ms/testenc.bat +++ b/src/lib/libssl/src/ms/testenc.bat | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | 1 | @echo off | |
| 2 | echo start testenc | 2 | echo start testenc |
| 3 | echo=off | 3 | |
| 4 | path=..\ms;%path% | 4 | path=..\ms;%path% |
| 5 | set ssleay=%1% | 5 | set ssleay=%1% |
| 6 | set input=..\ms\testenc.bat | 6 | set input=..\ms\testenc.bat |
diff --git a/src/lib/libssl/src/ms/testpem.bat b/src/lib/libssl/src/ms/testpem.bat index 81e566b69b..005f13b67e 100644 --- a/src/lib/libssl/src/ms/testpem.bat +++ b/src/lib/libssl/src/ms/testpem.bat | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | echo=off | 1 | @echo off |
| 2 | set ssleay=%1% | 2 | set ssleay=%1% |
| 3 | set tmp1=pem.out | 3 | set tmp1=pem.out |
| 4 | set cmp=fc.exe | 4 | set cmp=fc.exe |
diff --git a/src/lib/libssl/src/ms/testss.bat b/src/lib/libssl/src/ms/testss.bat index d9ae625439..f7e58e2756 100644 --- a/src/lib/libssl/src/ms/testss.bat +++ b/src/lib/libssl/src/ms/testss.bat | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | echo on | 1 | @echo off |
| 2 | 2 | ||
| 3 | rem set ssleay=..\out\ssleay | 3 | rem set ssleay=..\out\ssleay |
| 4 | set ssleay=%1 | 4 | set ssleay=%1 |
diff --git a/src/lib/libssl/src/openssl.spec b/src/lib/libssl/src/openssl.spec index 4d68d705ae..9bd9c8375e 100644 --- a/src/lib/libssl/src/openssl.spec +++ b/src/lib/libssl/src/openssl.spec | |||
| @@ -1,15 +1,15 @@ | |||
| 1 | %define libmaj 0 | 1 | %define libmaj 0 |
| 2 | %define libmin 9 | 2 | %define libmin 9 |
| 3 | %define librel 7 | 3 | %define librel 7 |
| 4 | #%define librev a | 4 | %define librev b |
| 5 | Release: 1 | 5 | Release: 1 |
| 6 | 6 | ||
| 7 | %define openssldir /var/ssl | 7 | %define openssldir /var/ssl |
| 8 | 8 | ||
| 9 | Summary: Secure Sockets Layer and cryptography libraries and tools | 9 | Summary: Secure Sockets Layer and cryptography libraries and tools |
| 10 | Name: openssl | 10 | Name: openssl |
| 11 | Version: %{libmaj}.%{libmin}.%{librel} | 11 | #Version: %{libmaj}.%{libmin}.%{librel} |
| 12 | #Version: %{libmaj}.%{libmin}.%{librel}%{librev} | 12 | Version: %{libmaj}.%{libmin}.%{librel}%{librev} |
| 13 | Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz | 13 | Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz |
| 14 | Copyright: Freely distributable | 14 | Copyright: Freely distributable |
| 15 | Group: System Environment/Libraries | 15 | Group: System Environment/Libraries |
diff --git a/src/lib/libssl/src/shlib/svr5-shared-gcc.sh b/src/lib/libssl/src/shlib/svr5-shared-gcc.sh index 76957df947..c5d0cc56ac 100644 --- a/src/lib/libssl/src/shlib/svr5-shared-gcc.sh +++ b/src/lib/libssl/src/shlib/svr5-shared-gcc.sh | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | #!/usr/bin/sh | 1 | #!/usr/bin/sh |
| 2 | 2 | ||
| 3 | major="0" | 3 | major="0" |
| 4 | minor="9.7" | 4 | minor="9.7b" |
| 5 | 5 | ||
| 6 | slib=libssl | 6 | slib=libssl |
| 7 | sh_slib=$slib.so.$major.$minor | 7 | sh_slib=$slib.so.$major.$minor |
diff --git a/src/lib/libssl/src/shlib/svr5-shared-installed b/src/lib/libssl/src/shlib/svr5-shared-installed index 544f5a9417..b1def35d5c 100644 --- a/src/lib/libssl/src/shlib/svr5-shared-installed +++ b/src/lib/libssl/src/shlib/svr5-shared-installed | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | #!/usr/bin/sh | 1 | #!/usr/bin/sh |
| 2 | 2 | ||
| 3 | major="0" | 3 | major="0" |
| 4 | minor="9.7" | 4 | minor="9.7b" |
| 5 | 5 | ||
| 6 | slib=libssl | 6 | slib=libssl |
| 7 | sh_slib=$slib.so.$major.$minor | 7 | sh_slib=$slib.so.$major.$minor |
| @@ -25,4 +25,3 @@ rm -f $INSTALLTOP/$slib.so | |||
| 25 | ln -s $INSTALLTOP/$sh_slib $slib.so | 25 | ln -s $INSTALLTOP/$sh_slib $slib.so |
| 26 | 26 | ||
| 27 | cd $PWD | 27 | cd $PWD |
| 28 | |||
diff --git a/src/lib/libssl/src/shlib/svr5-shared.sh b/src/lib/libssl/src/shlib/svr5-shared.sh index a70bb65baa..9edf26e9a7 100644 --- a/src/lib/libssl/src/shlib/svr5-shared.sh +++ b/src/lib/libssl/src/shlib/svr5-shared.sh | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | #!/usr/bin/sh | 1 | #!/usr/bin/sh |
| 2 | 2 | ||
| 3 | major="0" | 3 | major="0" |
| 4 | minor="9.7" | 4 | minor="9.7b" |
| 5 | 5 | ||
| 6 | slib=libssl | 6 | slib=libssl |
| 7 | sh_slib=$slib.so.$major.$minor | 7 | sh_slib=$slib.so.$major.$minor |
diff --git a/src/lib/libssl/src/ssl/Makefile.ssl b/src/lib/libssl/src/ssl/Makefile.ssl index 23fcab1a3a..e48b5cedfb 100644 --- a/src/lib/libssl/src/ssl/Makefile.ssl +++ b/src/lib/libssl/src/ssl/Makefile.ssl | |||
| @@ -17,7 +17,6 @@ MAKEFILE= Makefile.ssl | |||
| 17 | AR= ar r | 17 | AR= ar r |
| 18 | # KRB5 stuff | 18 | # KRB5 stuff |
| 19 | KRB5_INCLUDES= | 19 | KRB5_INCLUDES= |
| 20 | LIBKRB5= | ||
| 21 | 20 | ||
| 22 | CFLAGS= $(INCLUDES) $(CFLAG) | 21 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 23 | 22 | ||
| @@ -93,7 +92,7 @@ lint: | |||
| 93 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 92 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 94 | 93 | ||
| 95 | depend: | 94 | depend: |
| 96 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) | 95 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 97 | 96 | ||
| 98 | dclean: | 97 | dclean: |
| 99 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 98 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -307,31 +306,32 @@ s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | |||
| 307 | s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/ui.h | 306 | s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/ui.h |
| 308 | s2_clnt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 307 | s2_clnt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 309 | s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h | 308 | s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h |
| 310 | s2_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 309 | s2_enc.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h |
| 311 | s2_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 310 | s2_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 312 | s2_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 311 | s2_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| 313 | s2_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h | 312 | s2_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h |
| 314 | s2_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h | 313 | s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| 315 | s2_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h | 314 | s2_enc.o: ../include/openssl/des.h ../include/openssl/des_old.h |
| 316 | s2_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | 315 | s2_enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h |
| 317 | s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h | 316 | s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| 318 | s2_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h | 317 | s2_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h |
| 319 | s2_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h | 318 | s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 320 | s2_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h | 319 | s2_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h |
| 321 | s2_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h | 320 | s2_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h |
| 322 | s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 321 | s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 323 | s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 322 | s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 324 | s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 323 | s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 325 | s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h | 324 | s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 326 | s2_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h | 325 | s2_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h |
| 327 | s2_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | 326 | s2_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h |
| 328 | s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 327 | s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 329 | s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 328 | s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 330 | s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 329 | s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 331 | s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 330 | s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 332 | s2_enc.o: ../include/openssl/tls1.h ../include/openssl/ui.h | 331 | s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 333 | s2_enc.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 332 | s2_enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h |
| 334 | s2_enc.o: ../include/openssl/x509_vfy.h s2_enc.c ssl_locl.h | 333 | s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c |
| 334 | s2_enc.o: ssl_locl.h | ||
| 335 | s2_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h | 335 | s2_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h |
| 336 | s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 336 | s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 337 | s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h | 337 | s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| @@ -383,31 +383,32 @@ s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | |||
| 383 | s2_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h | 383 | s2_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h |
| 384 | s2_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 384 | s2_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 385 | s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h | 385 | s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h |
| 386 | s2_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 386 | s2_pkt.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h |
| 387 | s2_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 387 | s2_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 388 | s2_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 388 | s2_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| 389 | s2_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h | 389 | s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h |
| 390 | s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h | 390 | s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| 391 | s2_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h | 391 | s2_pkt.o: ../include/openssl/des.h ../include/openssl/des_old.h |
| 392 | s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | 392 | s2_pkt.o: ../include/openssl/dh.h ../include/openssl/dsa.h |
| 393 | s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h | 393 | s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| 394 | s2_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h | 394 | s2_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h |
| 395 | s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h | 395 | s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 396 | s2_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h | 396 | s2_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h |
| 397 | s2_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h | 397 | s2_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h |
| 398 | s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 398 | s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 399 | s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 399 | s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 400 | s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 400 | s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 401 | s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h | 401 | s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 402 | s2_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h | 402 | s2_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h |
| 403 | s2_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | 403 | s2_pkt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h |
| 404 | s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 404 | s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 405 | s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 405 | s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 406 | s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 406 | s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 407 | s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 407 | s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 408 | s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h | 408 | s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 409 | s2_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 409 | s2_pkt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h |
| 410 | s2_pkt.o: ../include/openssl/x509_vfy.h s2_pkt.c ssl_locl.h | 410 | s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c |
| 411 | s2_pkt.o: ssl_locl.h | ||
| 411 | s2_srvr.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h | 412 | s2_srvr.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h |
| 412 | s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 413 | s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 413 | s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h | 414 | s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| @@ -765,32 +766,33 @@ ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | |||
| 765 | ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/ui.h | 766 | ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/ui.h |
| 766 | ssl_err2.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 767 | ssl_err2.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 767 | ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c | 768 | ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c |
| 768 | ssl_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 769 | ssl_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h |
| 769 | ssl_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 770 | ssl_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 770 | ssl_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 771 | ssl_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| 771 | ssl_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h | 772 | ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h |
| 772 | ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 773 | ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| 773 | ssl_lib.o: ../include/openssl/des.h ../include/openssl/des_old.h | 774 | ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| 774 | ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 775 | ssl_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h |
| 775 | ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h | 776 | ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h |
| 776 | ssl_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h | 777 | ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 777 | ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 778 | ssl_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h |
| 778 | ssl_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h | 779 | ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h |
| 779 | ssl_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h | 780 | ssl_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h |
| 780 | ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 781 | ssl_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h |
| 781 | ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 782 | ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 782 | ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 783 | ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 783 | ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 784 | ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 784 | ssl_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h | 785 | ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h |
| 785 | ssl_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h | 786 | ssl_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h |
| 786 | ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 787 | ssl_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h |
| 787 | ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h | 788 | ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 788 | ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h | 789 | ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h |
| 789 | ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h | 790 | ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h |
| 790 | ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h | 791 | ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 791 | ssl_lib.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | 792 | ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h |
| 792 | ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 793 | ssl_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 793 | ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h | 794 | ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h |
| 795 | ssl_lib.o: ssl_lib.c ssl_locl.h | ||
| 794 | ssl_rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 796 | ssl_rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 795 | ssl_rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 797 | ssl_rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 796 | ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 798 | ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
diff --git a/src/lib/libssl/src/ssl/bio_ssl.c b/src/lib/libssl/src/ssl/bio_ssl.c index 467e149947..d683ee43e1 100644 --- a/src/lib/libssl/src/ssl/bio_ssl.c +++ b/src/lib/libssl/src/ssl/bio_ssl.c | |||
| @@ -403,6 +403,10 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 403 | { | 403 | { |
| 404 | BIO_free_all(ssl->wbio); | 404 | BIO_free_all(ssl->wbio); |
| 405 | } | 405 | } |
| 406 | if (b->next_bio != NULL) | ||
| 407 | { | ||
| 408 | CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO); | ||
| 409 | } | ||
| 406 | ssl->wbio=NULL; | 410 | ssl->wbio=NULL; |
| 407 | ssl->rbio=NULL; | 411 | ssl->rbio=NULL; |
| 408 | break; | 412 | break; |
| @@ -509,6 +513,7 @@ static int ssl_puts(BIO *bp, const char *str) | |||
| 509 | 513 | ||
| 510 | BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) | 514 | BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) |
| 511 | { | 515 | { |
| 516 | #ifndef OPENSSL_NO_SOCK | ||
| 512 | BIO *ret=NULL,*buf=NULL,*ssl=NULL; | 517 | BIO *ret=NULL,*buf=NULL,*ssl=NULL; |
| 513 | 518 | ||
| 514 | if ((buf=BIO_new(BIO_f_buffer())) == NULL) | 519 | if ((buf=BIO_new(BIO_f_buffer())) == NULL) |
| @@ -521,6 +526,7 @@ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) | |||
| 521 | err: | 526 | err: |
| 522 | if (buf != NULL) BIO_free(buf); | 527 | if (buf != NULL) BIO_free(buf); |
| 523 | if (ssl != NULL) BIO_free(ssl); | 528 | if (ssl != NULL) BIO_free(ssl); |
| 529 | #endif | ||
| 524 | return(NULL); | 530 | return(NULL); |
| 525 | } | 531 | } |
| 526 | 532 | ||
diff --git a/src/lib/libssl/src/ssl/kssl.c b/src/lib/libssl/src/ssl/kssl.c index d3c7be7581..a80f5b2f74 100644 --- a/src/lib/libssl/src/ssl/kssl.c +++ b/src/lib/libssl/src/ssl/kssl.c | |||
| @@ -70,6 +70,7 @@ | |||
| 70 | 70 | ||
| 71 | #define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */ | 71 | #define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */ |
| 72 | #include <time.h> | 72 | #include <time.h> |
| 73 | #undef _XOPEN_SOURCE /* To avoid clashes with anything else... */ | ||
| 73 | #include <string.h> | 74 | #include <string.h> |
| 74 | 75 | ||
| 75 | #include <openssl/ssl.h> | 76 | #include <openssl/ssl.h> |
| @@ -783,24 +784,6 @@ char | |||
| 783 | return ((string == NULL)? null: string); | 784 | return ((string == NULL)? null: string); |
| 784 | } | 785 | } |
| 785 | 786 | ||
| 786 | #define MAXKNUM 255 | ||
| 787 | char | ||
| 788 | *knumber(int len, krb5_octet *contents) | ||
| 789 | { | ||
| 790 | static char buf[MAXKNUM+1]; | ||
| 791 | int i; | ||
| 792 | |||
| 793 | BIO_snprintf(buf, MAXKNUM, "[%d] ", len); | ||
| 794 | |||
| 795 | for (i=0; i < len && MAXKNUM > strlen(buf)+3; i++) | ||
| 796 | { | ||
| 797 | BIO_snprintf(&buf[strlen(buf)], 3, "%02x", contents[i]); | ||
| 798 | } | ||
| 799 | |||
| 800 | return (buf); | ||
| 801 | } | ||
| 802 | |||
| 803 | |||
| 804 | /* Given KRB5 enctype (basically DES or 3DES), | 787 | /* Given KRB5 enctype (basically DES or 3DES), |
| 805 | ** return closest match openssl EVP_ encryption algorithm. | 788 | ** return closest match openssl EVP_ encryption algorithm. |
| 806 | ** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes. | 789 | ** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes. |
| @@ -1568,7 +1551,7 @@ kssl_ctx_free(KSSL_CTX *kssl_ctx) | |||
| 1568 | { | 1551 | { |
| 1569 | if (kssl_ctx == NULL) return kssl_ctx; | 1552 | if (kssl_ctx == NULL) return kssl_ctx; |
| 1570 | 1553 | ||
| 1571 | if (kssl_ctx->key) memset(kssl_ctx->key, 0, | 1554 | if (kssl_ctx->key) OPENSSL_cleanse(kssl_ctx->key, |
| 1572 | kssl_ctx->length); | 1555 | kssl_ctx->length); |
| 1573 | if (kssl_ctx->key) free(kssl_ctx->key); | 1556 | if (kssl_ctx->key) free(kssl_ctx->key); |
| 1574 | if (kssl_ctx->client_princ) free(kssl_ctx->client_princ); | 1557 | if (kssl_ctx->client_princ) free(kssl_ctx->client_princ); |
| @@ -1672,7 +1655,7 @@ kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session) | |||
| 1672 | 1655 | ||
| 1673 | if (kssl_ctx->key) | 1656 | if (kssl_ctx->key) |
| 1674 | { | 1657 | { |
| 1675 | memset(kssl_ctx->key, 0, kssl_ctx->length); | 1658 | OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length); |
| 1676 | free(kssl_ctx->key); | 1659 | free(kssl_ctx->key); |
| 1677 | } | 1660 | } |
| 1678 | 1661 | ||
| @@ -1979,7 +1962,7 @@ krb5_error_code kssl_check_authent( | |||
| 1979 | const EVP_CIPHER *enc = NULL; | 1962 | const EVP_CIPHER *enc = NULL; |
| 1980 | unsigned char iv[EVP_MAX_IV_LENGTH]; | 1963 | unsigned char iv[EVP_MAX_IV_LENGTH]; |
| 1981 | unsigned char *p, *unenc_authent; | 1964 | unsigned char *p, *unenc_authent; |
| 1982 | int padl, outl, unencbufsize; | 1965 | int outl, unencbufsize; |
| 1983 | struct tm tm_time, *tm_l, *tm_g; | 1966 | struct tm tm_time, *tm_l, *tm_g; |
| 1984 | time_t now, tl, tg, tr, tz_offset; | 1967 | time_t now, tl, tg, tr, tz_offset; |
| 1985 | 1968 | ||
| @@ -2037,7 +2020,7 @@ krb5_error_code kssl_check_authent( | |||
| 2037 | } | 2020 | } |
| 2038 | #endif | 2021 | #endif |
| 2039 | enc = kssl_map_enc(enctype); | 2022 | enc = kssl_map_enc(enctype); |
| 2040 | memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ | 2023 | memset(iv, 0, sizeof iv); /* per RFC 1510 */ |
| 2041 | 2024 | ||
| 2042 | if (enc == NULL) | 2025 | if (enc == NULL) |
| 2043 | { | 2026 | { |
| @@ -2047,44 +2030,23 @@ krb5_error_code kssl_check_authent( | |||
| 2047 | */ | 2030 | */ |
| 2048 | goto err; | 2031 | goto err; |
| 2049 | } | 2032 | } |
| 2050 | if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) | 2033 | |
| 2051 | { | 2034 | if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0)) |
| 2052 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, | 2035 | { |
| 2053 | "EVP_DecryptInit_ex error decrypting authenticator.\n"); | 2036 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, |
| 2054 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; | 2037 | "EVP_CipherInit error decrypting authenticator.\n"); |
| 2055 | goto err; | 2038 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; |
| 2056 | } | 2039 | goto err; |
| 2057 | if (!EVP_DecryptUpdate(&ciph_ctx, unenc_authent, &outl, | 2040 | } |
| 2058 | dec_authent->cipher->data, dec_authent->cipher->length)) | 2041 | outl = dec_authent->cipher->length; |
| 2059 | { | 2042 | if (!EVP_Cipher(&ciph_ctx,unenc_authent,dec_authent->cipher->data,outl)) |
| 2060 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, | 2043 | { |
| 2061 | "EVP_DecryptUpdate error decrypting authenticator.\n"); | 2044 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, |
| 2062 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; | 2045 | "EVP_Cipher error decrypting authenticator.\n"); |
| 2063 | goto err; | 2046 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; |
| 2064 | } | 2047 | goto err; |
| 2065 | if (outl > unencbufsize) | 2048 | } |
| 2066 | { | 2049 | EVP_CIPHER_CTX_cleanup(&ciph_ctx); |
| 2067 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, | ||
| 2068 | "Buffer overflow decrypting authenticator.\n"); | ||
| 2069 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; | ||
| 2070 | goto err; | ||
| 2071 | } | ||
| 2072 | if (!EVP_DecryptFinal_ex(&ciph_ctx, &(unenc_authent[outl]), &padl)) | ||
| 2073 | { | ||
| 2074 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, | ||
| 2075 | "EVP_DecryptFinal_ex error decrypting authenticator.\n"); | ||
| 2076 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; | ||
| 2077 | goto err; | ||
| 2078 | } | ||
| 2079 | outl += padl; | ||
| 2080 | if (outl > unencbufsize) | ||
| 2081 | { | ||
| 2082 | kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, | ||
| 2083 | "Buffer overflow decrypting authenticator.\n"); | ||
| 2084 | krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; | ||
| 2085 | goto err; | ||
| 2086 | } | ||
| 2087 | EVP_CIPHER_CTX_cleanup(&ciph_ctx); | ||
| 2088 | 2050 | ||
| 2089 | #ifdef KSSL_DEBUG | 2051 | #ifdef KSSL_DEBUG |
| 2090 | printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl); | 2052 | printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl); |
| @@ -2133,6 +2095,7 @@ krb5_error_code kssl_check_authent( | |||
| 2133 | if (auth) KRB5_AUTHENT_free((KRB5_AUTHENT *) auth); | 2095 | if (auth) KRB5_AUTHENT_free((KRB5_AUTHENT *) auth); |
| 2134 | if (dec_authent) KRB5_ENCDATA_free(dec_authent); | 2096 | if (dec_authent) KRB5_ENCDATA_free(dec_authent); |
| 2135 | if (unenc_authent) free(unenc_authent); | 2097 | if (unenc_authent) free(unenc_authent); |
| 2098 | EVP_CIPHER_CTX_cleanup(&ciph_ctx); | ||
| 2136 | return krb5rc; | 2099 | return krb5rc; |
| 2137 | } | 2100 | } |
| 2138 | 2101 | ||
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c index 019e9aecee..64ee4269ec 100644 --- a/src/lib/libssl/src/ssl/s23_clnt.c +++ b/src/lib/libssl/src/ssl/s23_clnt.c | |||
| @@ -87,18 +87,25 @@ SSL_METHOD *SSLv23_client_method(void) | |||
| 87 | 87 | ||
| 88 | if (init) | 88 | if (init) |
| 89 | { | 89 | { |
| 90 | memcpy((char *)&SSLv23_client_data, | 90 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 91 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | 91 | |
| 92 | SSLv23_client_data.ssl_connect=ssl23_connect; | 92 | if (init) |
| 93 | SSLv23_client_data.get_ssl_method=ssl23_get_client_method; | 93 | { |
| 94 | init=0; | 94 | memcpy((char *)&SSLv23_client_data, |
| 95 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | ||
| 96 | SSLv23_client_data.ssl_connect=ssl23_connect; | ||
| 97 | SSLv23_client_data.get_ssl_method=ssl23_get_client_method; | ||
| 98 | init=0; | ||
| 99 | } | ||
| 100 | |||
| 101 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 95 | } | 102 | } |
| 96 | return(&SSLv23_client_data); | 103 | return(&SSLv23_client_data); |
| 97 | } | 104 | } |
| 98 | 105 | ||
| 99 | int ssl23_connect(SSL *s) | 106 | int ssl23_connect(SSL *s) |
| 100 | { | 107 | { |
| 101 | BUF_MEM *buf; | 108 | BUF_MEM *buf=NULL; |
| 102 | unsigned long Time=time(NULL); | 109 | unsigned long Time=time(NULL); |
| 103 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 110 | void (*cb)(const SSL *ssl,int type,int val)=NULL; |
| 104 | int ret= -1; | 111 | int ret= -1; |
| @@ -152,6 +159,7 @@ int ssl23_connect(SSL *s) | |||
| 152 | goto end; | 159 | goto end; |
| 153 | } | 160 | } |
| 154 | s->init_buf=buf; | 161 | s->init_buf=buf; |
| 162 | buf=NULL; | ||
| 155 | } | 163 | } |
| 156 | 164 | ||
| 157 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } | 165 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } |
| @@ -200,6 +208,8 @@ int ssl23_connect(SSL *s) | |||
| 200 | } | 208 | } |
| 201 | end: | 209 | end: |
| 202 | s->in_handshake--; | 210 | s->in_handshake--; |
| 211 | if (buf != NULL) | ||
| 212 | BUF_MEM_free(buf); | ||
| 203 | if (cb != NULL) | 213 | if (cb != NULL) |
| 204 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 214 | cb(s,SSL_CB_CONNECT_EXIT,ret); |
| 205 | return(ret); | 215 | return(ret); |
| @@ -363,7 +373,7 @@ static int ssl23_get_server_hello(SSL *s) | |||
| 363 | 373 | ||
| 364 | if (s->s3 != NULL) ssl3_free(s); | 374 | if (s->s3 != NULL) ssl3_free(s); |
| 365 | 375 | ||
| 366 | if (!BUF_MEM_grow(s->init_buf, | 376 | if (!BUF_MEM_grow_clean(s->init_buf, |
| 367 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) | 377 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) |
| 368 | { | 378 | { |
| 369 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); | 379 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); |
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c index 40684311db..f207140835 100644 --- a/src/lib/libssl/src/ssl/s23_meth.c +++ b/src/lib/libssl/src/ssl/s23_meth.c | |||
| @@ -80,12 +80,19 @@ SSL_METHOD *SSLv23_method(void) | |||
| 80 | 80 | ||
| 81 | if (init) | 81 | if (init) |
| 82 | { | 82 | { |
| 83 | memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(), | 83 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 84 | sizeof(SSL_METHOD)); | 84 | |
| 85 | SSLv23_data.ssl_connect=ssl23_connect; | 85 | if (init) |
| 86 | SSLv23_data.ssl_accept=ssl23_accept; | 86 | { |
| 87 | SSLv23_data.get_ssl_method=ssl23_get_method; | 87 | memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(), |
| 88 | init=0; | 88 | sizeof(SSL_METHOD)); |
| 89 | SSLv23_data.ssl_connect=ssl23_connect; | ||
| 90 | SSLv23_data.ssl_accept=ssl23_accept; | ||
| 91 | SSLv23_data.get_ssl_method=ssl23_get_method; | ||
| 92 | init=0; | ||
| 93 | } | ||
| 94 | |||
| 95 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 89 | } | 96 | } |
| 90 | return(&SSLv23_data); | 97 | return(&SSLv23_data); |
| 91 | } | 98 | } |
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c index 8743b61cbb..c5404ca0bc 100644 --- a/src/lib/libssl/src/ssl/s23_srvr.c +++ b/src/lib/libssl/src/ssl/s23_srvr.c | |||
| @@ -139,11 +139,18 @@ SSL_METHOD *SSLv23_server_method(void) | |||
| 139 | 139 | ||
| 140 | if (init) | 140 | if (init) |
| 141 | { | 141 | { |
| 142 | memcpy((char *)&SSLv23_server_data, | 142 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 143 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | 143 | |
| 144 | SSLv23_server_data.ssl_accept=ssl23_accept; | 144 | if (init) |
| 145 | SSLv23_server_data.get_ssl_method=ssl23_get_server_method; | 145 | { |
| 146 | init=0; | 146 | memcpy((char *)&SSLv23_server_data, |
| 147 | (char *)sslv23_base_method(),sizeof(SSL_METHOD)); | ||
| 148 | SSLv23_server_data.ssl_accept=ssl23_accept; | ||
| 149 | SSLv23_server_data.get_ssl_method=ssl23_get_server_method; | ||
| 150 | init=0; | ||
| 151 | } | ||
| 152 | |||
| 153 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 147 | } | 154 | } |
| 148 | return(&SSLv23_server_data); | 155 | return(&SSLv23_server_data); |
| 149 | } | 156 | } |
| @@ -505,7 +512,7 @@ int ssl23_get_client_hello(SSL *s) | |||
| 505 | 512 | ||
| 506 | if (s->s3 != NULL) ssl3_free(s); | 513 | if (s->s3 != NULL) ssl3_free(s); |
| 507 | 514 | ||
| 508 | if (!BUF_MEM_grow(s->init_buf, | 515 | if (!BUF_MEM_grow_clean(s->init_buf, |
| 509 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) | 516 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) |
| 510 | { | 517 | { |
| 511 | goto err; | 518 | goto err; |
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c index b4ee0bfc31..43b32eb415 100644 --- a/src/lib/libssl/src/ssl/s2_clnt.c +++ b/src/lib/libssl/src/ssl/s2_clnt.c | |||
| @@ -144,11 +144,18 @@ SSL_METHOD *SSLv2_client_method(void) | |||
| 144 | 144 | ||
| 145 | if (init) | 145 | if (init) |
| 146 | { | 146 | { |
| 147 | memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(), | 147 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 148 | sizeof(SSL_METHOD)); | 148 | |
| 149 | SSLv2_client_data.ssl_connect=ssl2_connect; | 149 | if (init) |
| 150 | SSLv2_client_data.get_ssl_method=ssl2_get_client_method; | 150 | { |
| 151 | init=0; | 151 | memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(), |
| 152 | sizeof(SSL_METHOD)); | ||
| 153 | SSLv2_client_data.ssl_connect=ssl2_connect; | ||
| 154 | SSLv2_client_data.get_ssl_method=ssl2_get_client_method; | ||
| 155 | init=0; | ||
| 156 | } | ||
| 157 | |||
| 158 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 152 | } | 159 | } |
| 153 | return(&SSLv2_client_data); | 160 | return(&SSLv2_client_data); |
| 154 | } | 161 | } |
| @@ -200,10 +207,13 @@ int ssl2_connect(SSL *s) | |||
| 200 | if (!BUF_MEM_grow(buf, | 207 | if (!BUF_MEM_grow(buf, |
| 201 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) | 208 | SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) |
| 202 | { | 209 | { |
| 210 | if (buf == s->init_buf) | ||
| 211 | buf=NULL; | ||
| 203 | ret= -1; | 212 | ret= -1; |
| 204 | goto end; | 213 | goto end; |
| 205 | } | 214 | } |
| 206 | s->init_buf=buf; | 215 | s->init_buf=buf; |
| 216 | buf=NULL; | ||
| 207 | s->init_num=0; | 217 | s->init_num=0; |
| 208 | s->state=SSL2_ST_SEND_CLIENT_HELLO_A; | 218 | s->state=SSL2_ST_SEND_CLIENT_HELLO_A; |
| 209 | s->ctx->stats.sess_connect++; | 219 | s->ctx->stats.sess_connect++; |
| @@ -330,6 +340,8 @@ int ssl2_connect(SSL *s) | |||
| 330 | } | 340 | } |
| 331 | end: | 341 | end: |
| 332 | s->in_handshake--; | 342 | s->in_handshake--; |
| 343 | if (buf != NULL) | ||
| 344 | BUF_MEM_free(buf); | ||
| 333 | if (cb != NULL) | 345 | if (cb != NULL) |
| 334 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 346 | cb(s,SSL_CB_CONNECT_EXIT,ret); |
| 335 | return(ret); | 347 | return(ret); |
| @@ -762,8 +774,8 @@ static int client_certificate(SSL *s) | |||
| 762 | if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) | 774 | if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) |
| 763 | { | 775 | { |
| 764 | i=ssl2_read(s,(char *)&(buf[s->init_num]), | 776 | i=ssl2_read(s,(char *)&(buf[s->init_num]), |
| 765 | SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num); | 777 | SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num); |
| 766 | if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num)) | 778 | if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num)) |
| 767 | return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); | 779 | return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); |
| 768 | s->init_num += i; | 780 | s->init_num += i; |
| 769 | if (s->msg_callback) | 781 | if (s->msg_callback) |
| @@ -863,7 +875,7 @@ static int client_certificate(SSL *s) | |||
| 863 | EVP_MD_CTX_init(&ctx); | 875 | EVP_MD_CTX_init(&ctx); |
| 864 | EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); | 876 | EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); |
| 865 | EVP_SignUpdate(&ctx,s->s2->key_material, | 877 | EVP_SignUpdate(&ctx,s->s2->key_material, |
| 866 | (unsigned int)s->s2->key_material_length); | 878 | s->s2->key_material_length); |
| 867 | EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); | 879 | EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); |
| 868 | n=i2d_X509(s->session->sess_cert->peer_key->x509,&p); | 880 | n=i2d_X509(s->session->sess_cert->peer_key->x509,&p); |
| 869 | EVP_SignUpdate(&ctx,buf,(unsigned int)n); | 881 | EVP_SignUpdate(&ctx,buf,(unsigned int)n); |
| @@ -937,7 +949,7 @@ static int get_server_verify(SSL *s) | |||
| 937 | s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ | 949 | s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ |
| 938 | p += 1; | 950 | p += 1; |
| 939 | 951 | ||
| 940 | if (memcmp(p,s->s2->challenge,(unsigned int)s->s2->challenge_length) != 0) | 952 | if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) |
| 941 | { | 953 | { |
| 942 | ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); | 954 | ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); |
| 943 | SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); | 955 | SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); |
| @@ -1001,14 +1013,14 @@ static int get_server_finished(SSL *s) | |||
| 1001 | * or bad things can happen */ | 1013 | * or bad things can happen */ |
| 1002 | /* ZZZZZZZZZZZZZ */ | 1014 | /* ZZZZZZZZZZZZZ */ |
| 1003 | s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; | 1015 | s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; |
| 1004 | memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH); | 1016 | memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH); |
| 1005 | } | 1017 | } |
| 1006 | else | 1018 | else |
| 1007 | { | 1019 | { |
| 1008 | if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) | 1020 | if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) |
| 1009 | { | 1021 | { |
| 1010 | if ((s->session->session_id_length > sizeof s->session->session_id) | 1022 | if ((s->session->session_id_length > sizeof s->session->session_id) |
| 1011 | || (0 != memcmp(buf, s->session->session_id, | 1023 | || (0 != memcmp(buf + 1, s->session->session_id, |
| 1012 | (unsigned int)s->session->session_id_length))) | 1024 | (unsigned int)s->session->session_id_length))) |
| 1013 | { | 1025 | { |
| 1014 | ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); | 1026 | ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); |
diff --git a/src/lib/libssl/src/ssl/s2_enc.c b/src/lib/libssl/src/ssl/s2_enc.c index 690252e3d3..21a06f76cb 100644 --- a/src/lib/libssl/src/ssl/s2_enc.c +++ b/src/lib/libssl/src/ssl/s2_enc.c | |||
| @@ -95,10 +95,12 @@ int ssl2_enc_init(SSL *s, int client) | |||
| 95 | 95 | ||
| 96 | num=c->key_len; | 96 | num=c->key_len; |
| 97 | s->s2->key_material_length=num*2; | 97 | s->s2->key_material_length=num*2; |
| 98 | OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); | ||
| 98 | 99 | ||
| 99 | if (ssl2_generate_key_material(s) <= 0) | 100 | if (ssl2_generate_key_material(s) <= 0) |
| 100 | return 0; | 101 | return 0; |
| 101 | 102 | ||
| 103 | OPENSSL_assert(c->iv_len <= sizeof s->session->key_arg); | ||
| 102 | EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), | 104 | EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), |
| 103 | s->session->key_arg); | 105 | s->session->key_arg); |
| 104 | EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), | 106 | EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), |
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c index df2ea875de..edcef4dda2 100644 --- a/src/lib/libssl/src/ssl/s2_lib.c +++ b/src/lib/libssl/src/ssl/s2_lib.c | |||
| @@ -309,7 +309,7 @@ void ssl2_free(SSL *s) | |||
| 309 | s2=s->s2; | 309 | s2=s->s2; |
| 310 | if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); | 310 | if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); |
| 311 | if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); | 311 | if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); |
| 312 | memset(s2,0,sizeof *s2); | 312 | OPENSSL_cleanse(s2,sizeof *s2); |
| 313 | OPENSSL_free(s2); | 313 | OPENSSL_free(s2); |
| 314 | s->s2=NULL; | 314 | s->s2=NULL; |
| 315 | } | 315 | } |
| @@ -378,15 +378,19 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) | |||
| 378 | { | 378 | { |
| 379 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); | 379 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); |
| 380 | 380 | ||
| 381 | for (i=0; i<SSL2_NUM_CIPHERS; i++) | 381 | if (init) |
| 382 | sorted[i]= &(ssl2_ciphers[i]); | 382 | { |
| 383 | for (i=0; i<SSL2_NUM_CIPHERS; i++) | ||
| 384 | sorted[i]= &(ssl2_ciphers[i]); | ||
| 383 | 385 | ||
| 384 | qsort( (char *)sorted, | 386 | qsort((char *)sorted, |
| 385 | SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *), | 387 | SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *), |
| 386 | FP_ICC ssl_cipher_ptr_id_cmp); | 388 | FP_ICC ssl_cipher_ptr_id_cmp); |
| 387 | 389 | ||
| 390 | init=0; | ||
| 391 | } | ||
| 392 | |||
| 388 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); | 393 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); |
| 389 | init=0; | ||
| 390 | } | 394 | } |
| 391 | 395 | ||
| 392 | id=0x02000000L|((unsigned long)p[0]<<16L)| | 396 | id=0x02000000L|((unsigned long)p[0]<<16L)| |
| @@ -451,6 +455,9 @@ int ssl2_generate_key_material(SSL *s) | |||
| 451 | 455 | ||
| 452 | EVP_DigestInit_ex(&ctx, md5, NULL); | 456 | EVP_DigestInit_ex(&ctx, md5, NULL); |
| 453 | 457 | ||
| 458 | OPENSSL_assert(s->session->master_key_length >= 0 | ||
| 459 | && s->session->master_key_length | ||
| 460 | < sizeof s->session->master_key); | ||
| 454 | EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); | 461 | EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); |
| 455 | EVP_DigestUpdate(&ctx,&c,1); | 462 | EVP_DigestUpdate(&ctx,&c,1); |
| 456 | c++; | 463 | c++; |
| @@ -489,9 +496,7 @@ void ssl2_write_error(SSL *s) | |||
| 489 | 496 | ||
| 490 | error=s->error; /* number of bytes left to write */ | 497 | error=s->error; /* number of bytes left to write */ |
| 491 | s->error=0; | 498 | s->error=0; |
| 492 | if (error < 0 || error > sizeof buf) /* can't happen */ | 499 | OPENSSL_assert(error >= 0 && error <= sizeof buf); |
| 493 | return; | ||
| 494 | |||
| 495 | i=ssl2_write(s,&(buf[3-error]),error); | 500 | i=ssl2_write(s,&(buf[3-error]),error); |
| 496 | 501 | ||
| 497 | /* if (i == error) s->rwstate=state; */ | 502 | /* if (i == error) s->rwstate=state; */ |
diff --git a/src/lib/libssl/src/ssl/s2_meth.c b/src/lib/libssl/src/ssl/s2_meth.c index d30b7179f7..8b6cbd086e 100644 --- a/src/lib/libssl/src/ssl/s2_meth.c +++ b/src/lib/libssl/src/ssl/s2_meth.c | |||
| @@ -77,12 +77,19 @@ SSL_METHOD *SSLv2_method(void) | |||
| 77 | 77 | ||
| 78 | if (init) | 78 | if (init) |
| 79 | { | 79 | { |
| 80 | memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(), | 80 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 81 | sizeof(SSL_METHOD)); | 81 | |
| 82 | SSLv2_data.ssl_connect=ssl2_connect; | 82 | if (init) |
| 83 | SSLv2_data.ssl_accept=ssl2_accept; | 83 | { |
| 84 | SSLv2_data.get_ssl_method=ssl2_get_method; | 84 | memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(), |
| 85 | init=0; | 85 | sizeof(SSL_METHOD)); |
| 86 | SSLv2_data.ssl_connect=ssl2_connect; | ||
| 87 | SSLv2_data.ssl_accept=ssl2_accept; | ||
| 88 | SSLv2_data.get_ssl_method=ssl2_get_method; | ||
| 89 | init=0; | ||
| 90 | } | ||
| 91 | |||
| 92 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 86 | } | 93 | } |
| 87 | return(&SSLv2_data); | 94 | return(&SSLv2_data); |
| 88 | } | 95 | } |
diff --git a/src/lib/libssl/src/ssl/s2_pkt.c b/src/lib/libssl/src/ssl/s2_pkt.c index cf0aee2bd6..a10929a757 100644 --- a/src/lib/libssl/src/ssl/s2_pkt.c +++ b/src/lib/libssl/src/ssl/s2_pkt.c | |||
| @@ -247,6 +247,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) | |||
| 247 | else | 247 | else |
| 248 | { | 248 | { |
| 249 | mac_size=EVP_MD_size(s->read_hash); | 249 | mac_size=EVP_MD_size(s->read_hash); |
| 250 | OPENSSL_assert(mac_size <= MAX_MAC_SIZE); | ||
| 250 | s->s2->mac_data=p; | 251 | s->s2->mac_data=p; |
| 251 | s->s2->ract_data= &p[mac_size]; | 252 | s->s2->ract_data= &p[mac_size]; |
| 252 | if (s->s2->padding + mac_size > s->s2->rlength) | 253 | if (s->s2->padding + mac_size > s->s2->rlength) |
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c index f79c9a1651..5da2a54af3 100644 --- a/src/lib/libssl/src/ssl/s2_srvr.c +++ b/src/lib/libssl/src/ssl/s2_srvr.c | |||
| @@ -144,11 +144,18 @@ SSL_METHOD *SSLv2_server_method(void) | |||
| 144 | 144 | ||
| 145 | if (init) | 145 | if (init) |
| 146 | { | 146 | { |
| 147 | memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(), | 147 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 148 | sizeof(SSL_METHOD)); | 148 | |
| 149 | SSLv2_server_data.ssl_accept=ssl2_accept; | 149 | if (init) |
| 150 | SSLv2_server_data.get_ssl_method=ssl2_get_server_method; | 150 | { |
| 151 | init=0; | 151 | memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(), |
| 152 | sizeof(SSL_METHOD)); | ||
| 153 | SSLv2_server_data.ssl_accept=ssl2_accept; | ||
| 154 | SSLv2_server_data.get_ssl_method=ssl2_get_server_method; | ||
| 155 | init=0; | ||
| 156 | } | ||
| 157 | |||
| 158 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 152 | } | 159 | } |
| 153 | return(&SSLv2_server_data); | 160 | return(&SSLv2_server_data); |
| 154 | } | 161 | } |
| @@ -868,7 +875,7 @@ static int get_client_finished(SSL *s) | |||
| 868 | if (s->msg_callback) | 875 | if (s->msg_callback) |
| 869 | s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */ | 876 | s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */ |
| 870 | p += 1; | 877 | p += 1; |
| 871 | if (memcmp(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length) != 0) | 878 | if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0) |
| 872 | { | 879 | { |
| 873 | ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); | 880 | ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); |
| 874 | SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); | 881 | SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); |
| @@ -1068,7 +1075,7 @@ static int request_certificate(SSL *s) | |||
| 1068 | EVP_MD_CTX_init(&ctx); | 1075 | EVP_MD_CTX_init(&ctx); |
| 1069 | EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL); | 1076 | EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL); |
| 1070 | EVP_VerifyUpdate(&ctx,s->s2->key_material, | 1077 | EVP_VerifyUpdate(&ctx,s->s2->key_material, |
| 1071 | (unsigned int)s->s2->key_material_length); | 1078 | s->s2->key_material_length); |
| 1072 | EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); | 1079 | EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); |
| 1073 | 1080 | ||
| 1074 | i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); | 1081 | i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); |
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c index 8864366f59..64d317b7ac 100644 --- a/src/lib/libssl/src/ssl/s3_both.c +++ b/src/lib/libssl/src/ssl/s3_both.c | |||
| @@ -268,16 +268,23 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 268 | X509_STORE_CTX xs_ctx; | 268 | X509_STORE_CTX xs_ctx; |
| 269 | X509_OBJECT obj; | 269 | X509_OBJECT obj; |
| 270 | 270 | ||
| 271 | int no_chain; | ||
| 272 | |||
| 273 | if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs) | ||
| 274 | no_chain = 1; | ||
| 275 | else | ||
| 276 | no_chain = 0; | ||
| 277 | |||
| 271 | /* TLSv1 sends a chain with nothing in it, instead of an alert */ | 278 | /* TLSv1 sends a chain with nothing in it, instead of an alert */ |
| 272 | buf=s->init_buf; | 279 | buf=s->init_buf; |
| 273 | if (!BUF_MEM_grow(buf,(int)(10))) | 280 | if (!BUF_MEM_grow_clean(buf,10)) |
| 274 | { | 281 | { |
| 275 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); | 282 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); |
| 276 | return(0); | 283 | return(0); |
| 277 | } | 284 | } |
| 278 | if (x != NULL) | 285 | if (x != NULL) |
| 279 | { | 286 | { |
| 280 | if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) | 287 | if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) |
| 281 | { | 288 | { |
| 282 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); | 289 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); |
| 283 | return(0); | 290 | return(0); |
| @@ -286,7 +293,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 286 | for (;;) | 293 | for (;;) |
| 287 | { | 294 | { |
| 288 | n=i2d_X509(x,NULL); | 295 | n=i2d_X509(x,NULL); |
| 289 | if (!BUF_MEM_grow(buf,(int)(n+l+3))) | 296 | if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) |
| 290 | { | 297 | { |
| 291 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); | 298 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); |
| 292 | return(0); | 299 | return(0); |
| @@ -295,6 +302,10 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 295 | l2n3(n,p); | 302 | l2n3(n,p); |
| 296 | i2d_X509(x,&p); | 303 | i2d_X509(x,&p); |
| 297 | l+=n+3; | 304 | l+=n+3; |
| 305 | |||
| 306 | if (no_chain) | ||
| 307 | break; | ||
| 308 | |||
| 298 | if (X509_NAME_cmp(X509_get_subject_name(x), | 309 | if (X509_NAME_cmp(X509_get_subject_name(x), |
| 299 | X509_get_issuer_name(x)) == 0) break; | 310 | X509_get_issuer_name(x)) == 0) break; |
| 300 | 311 | ||
| @@ -306,8 +317,8 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 306 | * ref count */ | 317 | * ref count */ |
| 307 | X509_free(x); | 318 | X509_free(x); |
| 308 | } | 319 | } |
| 309 | 320 | if (!no_chain) | |
| 310 | X509_STORE_CTX_cleanup(&xs_ctx); | 321 | X509_STORE_CTX_cleanup(&xs_ctx); |
| 311 | } | 322 | } |
| 312 | 323 | ||
| 313 | /* Thawte special :-) */ | 324 | /* Thawte special :-) */ |
| @@ -316,7 +327,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) | |||
| 316 | { | 327 | { |
| 317 | x=sk_X509_value(s->ctx->extra_certs,i); | 328 | x=sk_X509_value(s->ctx->extra_certs,i); |
| 318 | n=i2d_X509(x,NULL); | 329 | n=i2d_X509(x,NULL); |
| 319 | if (!BUF_MEM_grow(buf,(int)(n+l+3))) | 330 | if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) |
| 320 | { | 331 | { |
| 321 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); | 332 | SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); |
| 322 | return(0); | 333 | return(0); |
| @@ -439,7 +450,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 439 | SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); | 450 | SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); |
| 440 | goto f_err; | 451 | goto f_err; |
| 441 | } | 452 | } |
| 442 | if (l && !BUF_MEM_grow(s->init_buf,(int)l+4)) | 453 | if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4)) |
| 443 | { | 454 | { |
| 444 | SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); | 455 | SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); |
| 445 | goto err; | 456 | goto err; |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 7da9363ef5..d32bb1cb9c 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -145,18 +145,25 @@ SSL_METHOD *SSLv3_client_method(void) | |||
| 145 | 145 | ||
| 146 | if (init) | 146 | if (init) |
| 147 | { | 147 | { |
| 148 | init=0; | 148 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 149 | memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), | 149 | |
| 150 | sizeof(SSL_METHOD)); | 150 | if (init) |
| 151 | SSLv3_client_data.ssl_connect=ssl3_connect; | 151 | { |
| 152 | SSLv3_client_data.get_ssl_method=ssl3_get_client_method; | 152 | memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), |
| 153 | sizeof(SSL_METHOD)); | ||
| 154 | SSLv3_client_data.ssl_connect=ssl3_connect; | ||
| 155 | SSLv3_client_data.get_ssl_method=ssl3_get_client_method; | ||
| 156 | init=0; | ||
| 157 | } | ||
| 158 | |||
| 159 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 153 | } | 160 | } |
| 154 | return(&SSLv3_client_data); | 161 | return(&SSLv3_client_data); |
| 155 | } | 162 | } |
| 156 | 163 | ||
| 157 | int ssl3_connect(SSL *s) | 164 | int ssl3_connect(SSL *s) |
| 158 | { | 165 | { |
| 159 | BUF_MEM *buf; | 166 | BUF_MEM *buf=NULL; |
| 160 | unsigned long Time=time(NULL),l; | 167 | unsigned long Time=time(NULL),l; |
| 161 | long num1; | 168 | long num1; |
| 162 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 169 | void (*cb)(const SSL *ssl,int type,int val)=NULL; |
| @@ -217,6 +224,7 @@ int ssl3_connect(SSL *s) | |||
| 217 | goto end; | 224 | goto end; |
| 218 | } | 225 | } |
| 219 | s->init_buf=buf; | 226 | s->init_buf=buf; |
| 227 | buf=NULL; | ||
| 220 | } | 228 | } |
| 221 | 229 | ||
| 222 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } | 230 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } |
| @@ -495,6 +503,8 @@ int ssl3_connect(SSL *s) | |||
| 495 | } | 503 | } |
| 496 | end: | 504 | end: |
| 497 | s->in_handshake--; | 505 | s->in_handshake--; |
| 506 | if (buf != NULL) | ||
| 507 | BUF_MEM_free(buf); | ||
| 498 | if (cb != NULL) | 508 | if (cb != NULL) |
| 499 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 509 | cb(s,SSL_CB_CONNECT_EXIT,ret); |
| 500 | return(ret); | 510 | return(ret); |
| @@ -637,6 +647,7 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 637 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); | 647 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); |
| 638 | goto f_err; | 648 | goto f_err; |
| 639 | } | 649 | } |
| 650 | |||
| 640 | if (j != 0 && j == s->session->session_id_length | 651 | if (j != 0 && j == s->session->session_id_length |
| 641 | && memcmp(p,s->session->session_id,j) == 0) | 652 | && memcmp(p,s->session->session_id,j) == 0) |
| 642 | { | 653 | { |
| @@ -687,7 +698,12 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 687 | goto f_err; | 698 | goto f_err; |
| 688 | } | 699 | } |
| 689 | 700 | ||
| 690 | if (s->hit && (s->session->cipher != c)) | 701 | /* Depending on the session caching (internal/external), the cipher |
| 702 | and/or cipher_id values may not be set. Make sure that | ||
| 703 | cipher_id is set and use it for comparison. */ | ||
| 704 | if (s->session->cipher) | ||
| 705 | s->session->cipher_id = s->session->cipher->id; | ||
| 706 | if (s->hit && (s->session->cipher_id != c->id)) | ||
| 691 | { | 707 | { |
| 692 | if (!(s->options & | 708 | if (!(s->options & |
| 693 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) | 709 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) |
| @@ -1445,16 +1461,16 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1445 | 1461 | ||
| 1446 | tmp_buf[0]=s->client_version>>8; | 1462 | tmp_buf[0]=s->client_version>>8; |
| 1447 | tmp_buf[1]=s->client_version&0xff; | 1463 | tmp_buf[1]=s->client_version&0xff; |
| 1448 | if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0) | 1464 | if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0) |
| 1449 | goto err; | 1465 | goto err; |
| 1450 | 1466 | ||
| 1451 | s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; | 1467 | s->session->master_key_length=sizeof tmp_buf; |
| 1452 | 1468 | ||
| 1453 | q=p; | 1469 | q=p; |
| 1454 | /* Fix buf for TLS and beyond */ | 1470 | /* Fix buf for TLS and beyond */ |
| 1455 | if (s->version > SSL3_VERSION) | 1471 | if (s->version > SSL3_VERSION) |
| 1456 | p+=2; | 1472 | p+=2; |
| 1457 | n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH, | 1473 | n=RSA_public_encrypt(sizeof tmp_buf, |
| 1458 | tmp_buf,p,rsa,RSA_PKCS1_PADDING); | 1474 | tmp_buf,p,rsa,RSA_PKCS1_PADDING); |
| 1459 | #ifdef PKCS1_CHECK | 1475 | #ifdef PKCS1_CHECK |
| 1460 | if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; | 1476 | if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; |
| @@ -1476,8 +1492,8 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1476 | s->session->master_key_length= | 1492 | s->session->master_key_length= |
| 1477 | s->method->ssl3_enc->generate_master_secret(s, | 1493 | s->method->ssl3_enc->generate_master_secret(s, |
| 1478 | s->session->master_key, | 1494 | s->session->master_key, |
| 1479 | tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); | 1495 | tmp_buf,sizeof tmp_buf); |
| 1480 | memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); | 1496 | OPENSSL_cleanse(tmp_buf,sizeof tmp_buf); |
| 1481 | } | 1497 | } |
| 1482 | #endif | 1498 | #endif |
| 1483 | #ifndef OPENSSL_NO_KRB5 | 1499 | #ifndef OPENSSL_NO_KRB5 |
| @@ -1573,7 +1589,7 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1573 | n+=2; | 1589 | n+=2; |
| 1574 | } | 1590 | } |
| 1575 | 1591 | ||
| 1576 | if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0) | 1592 | if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0) |
| 1577 | goto err; | 1593 | goto err; |
| 1578 | 1594 | ||
| 1579 | /* 20010420 VRS. Tried it this way; failed. | 1595 | /* 20010420 VRS. Tried it this way; failed. |
| @@ -1583,11 +1599,11 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1583 | ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); | 1599 | ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); |
| 1584 | */ | 1600 | */ |
| 1585 | 1601 | ||
| 1586 | memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ | 1602 | memset(iv, 0, sizeof iv); /* per RFC 1510 */ |
| 1587 | EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, | 1603 | EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, |
| 1588 | kssl_ctx->key,iv); | 1604 | kssl_ctx->key,iv); |
| 1589 | EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, | 1605 | EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, |
| 1590 | SSL_MAX_MASTER_KEY_LENGTH); | 1606 | sizeof tmp_buf); |
| 1591 | EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); | 1607 | EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); |
| 1592 | outl += padl; | 1608 | outl += padl; |
| 1593 | if (outl > sizeof epms) | 1609 | if (outl > sizeof epms) |
| @@ -1606,10 +1622,10 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1606 | s->session->master_key_length= | 1622 | s->session->master_key_length= |
| 1607 | s->method->ssl3_enc->generate_master_secret(s, | 1623 | s->method->ssl3_enc->generate_master_secret(s, |
| 1608 | s->session->master_key, | 1624 | s->session->master_key, |
| 1609 | tmp_buf, SSL_MAX_MASTER_KEY_LENGTH); | 1625 | tmp_buf, sizeof tmp_buf); |
| 1610 | 1626 | ||
| 1611 | memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH); | 1627 | OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); |
| 1612 | memset(epms, 0, outl); | 1628 | OPENSSL_cleanse(epms, outl); |
| 1613 | } | 1629 | } |
| 1614 | #endif | 1630 | #endif |
| 1615 | #ifndef OPENSSL_NO_DH | 1631 | #ifndef OPENSSL_NO_DH |
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 888a9a2868..559924d368 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c | |||
| @@ -182,7 +182,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) | |||
| 182 | 182 | ||
| 183 | km+=MD5_DIGEST_LENGTH; | 183 | km+=MD5_DIGEST_LENGTH; |
| 184 | } | 184 | } |
| 185 | memset(smd,0,SHA_DIGEST_LENGTH); | 185 | OPENSSL_cleanse(smd,SHA_DIGEST_LENGTH); |
| 186 | EVP_MD_CTX_cleanup(&m5); | 186 | EVP_MD_CTX_cleanup(&m5); |
| 187 | EVP_MD_CTX_cleanup(&s1); | 187 | EVP_MD_CTX_cleanup(&s1); |
| 188 | return 1; | 188 | return 1; |
| @@ -192,7 +192,7 @@ int ssl3_change_cipher_state(SSL *s, int which) | |||
| 192 | { | 192 | { |
| 193 | unsigned char *p,*key_block,*mac_secret; | 193 | unsigned char *p,*key_block,*mac_secret; |
| 194 | unsigned char exp_key[EVP_MAX_KEY_LENGTH]; | 194 | unsigned char exp_key[EVP_MAX_KEY_LENGTH]; |
| 195 | unsigned char exp_iv[EVP_MAX_KEY_LENGTH]; | 195 | unsigned char exp_iv[EVP_MAX_IV_LENGTH]; |
| 196 | unsigned char *ms,*key,*iv,*er1,*er2; | 196 | unsigned char *ms,*key,*iv,*er1,*er2; |
| 197 | EVP_CIPHER_CTX *dd; | 197 | EVP_CIPHER_CTX *dd; |
| 198 | const EVP_CIPHER *c; | 198 | const EVP_CIPHER *c; |
| @@ -333,8 +333,8 @@ int ssl3_change_cipher_state(SSL *s, int which) | |||
| 333 | 333 | ||
| 334 | EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE)); | 334 | EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE)); |
| 335 | 335 | ||
| 336 | memset(&(exp_key[0]),0,sizeof(exp_key)); | 336 | OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key)); |
| 337 | memset(&(exp_iv[0]),0,sizeof(exp_iv)); | 337 | OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv)); |
| 338 | EVP_MD_CTX_cleanup(&md); | 338 | EVP_MD_CTX_cleanup(&md); |
| 339 | return(1); | 339 | return(1); |
| 340 | err: | 340 | err: |
| @@ -408,7 +408,7 @@ void ssl3_cleanup_key_block(SSL *s) | |||
| 408 | { | 408 | { |
| 409 | if (s->s3->tmp.key_block != NULL) | 409 | if (s->s3->tmp.key_block != NULL) |
| 410 | { | 410 | { |
| 411 | memset(s->s3->tmp.key_block,0, | 411 | OPENSSL_cleanse(s->s3->tmp.key_block, |
| 412 | s->s3->tmp.key_block_length); | 412 | s->s3->tmp.key_block_length); |
| 413 | OPENSSL_free(s->s3->tmp.key_block); | 413 | OPENSSL_free(s->s3->tmp.key_block); |
| 414 | s->s3->tmp.key_block=NULL; | 414 | s->s3->tmp.key_block=NULL; |
| @@ -474,6 +474,7 @@ int ssl3_enc(SSL *s, int send) | |||
| 474 | ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); | 474 | ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); |
| 475 | return 0; | 475 | return 0; |
| 476 | } | 476 | } |
| 477 | /* otherwise, rec->length >= bs */ | ||
| 477 | } | 478 | } |
| 478 | 479 | ||
| 479 | EVP_Cipher(ds,rec->data,rec->input,l); | 480 | EVP_Cipher(ds,rec->data,rec->input,l); |
| @@ -482,7 +483,7 @@ int ssl3_enc(SSL *s, int send) | |||
| 482 | { | 483 | { |
| 483 | i=rec->data[l-1]+1; | 484 | i=rec->data[l-1]+1; |
| 484 | /* SSL 3.0 bounds the number of padding bytes by the block size; | 485 | /* SSL 3.0 bounds the number of padding bytes by the block size; |
| 485 | * padding bytes (except that last) are arbitrary */ | 486 | * padding bytes (except the last one) are arbitrary */ |
| 486 | if (i > bs) | 487 | if (i > bs) |
| 487 | { | 488 | { |
| 488 | /* Incorrect padding. SSLerr() and ssl3_alert are done | 489 | /* Incorrect padding. SSLerr() and ssl3_alert are done |
| @@ -491,6 +492,7 @@ int ssl3_enc(SSL *s, int send) | |||
| 491 | * (see http://www.openssl.org/~bodo/tls-cbc.txt) */ | 492 | * (see http://www.openssl.org/~bodo/tls-cbc.txt) */ |
| 492 | return -1; | 493 | return -1; |
| 493 | } | 494 | } |
| 495 | /* now i <= bs <= rec->length */ | ||
| 494 | rec->length-=i; | 496 | rec->length-=i; |
| 495 | } | 497 | } |
| 496 | } | 498 | } |
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index cc0aeef511..d04096016c 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c | |||
| @@ -514,6 +514,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 514 | SSL_ALL_STRENGTHS, | 514 | SSL_ALL_STRENGTHS, |
| 515 | }, | 515 | }, |
| 516 | 516 | ||
| 517 | #if 0 | ||
| 517 | /* Cipher 1E */ | 518 | /* Cipher 1E */ |
| 518 | { | 519 | { |
| 519 | 0, | 520 | 0, |
| @@ -527,55 +528,70 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 527 | SSL_ALL_CIPHERS, | 528 | SSL_ALL_CIPHERS, |
| 528 | SSL_ALL_STRENGTHS, | 529 | SSL_ALL_STRENGTHS, |
| 529 | }, | 530 | }, |
| 531 | #endif | ||
| 530 | 532 | ||
| 531 | #ifndef OPENSSL_NO_KRB5 | 533 | #ifndef OPENSSL_NO_KRB5 |
| 532 | /* The Kerberos ciphers | 534 | /* The Kerberos ciphers |
| 533 | ** 20000107 VRS: And the first shall be last, | 535 | ** 20000107 VRS: And the first shall be last, |
| 534 | ** in hopes of avoiding the lynx ssl renegotiation problem. | 536 | ** in hopes of avoiding the lynx ssl renegotiation problem. |
| 535 | */ | 537 | */ |
| 536 | /* Cipher 21 VRS */ | 538 | /* Cipher 1E VRS */ |
| 537 | { | 539 | { |
| 538 | 1, | 540 | 1, |
| 539 | SSL3_TXT_KRB5_DES_40_CBC_SHA, | 541 | SSL3_TXT_KRB5_DES_64_CBC_SHA, |
| 540 | SSL3_CK_KRB5_DES_40_CBC_SHA, | 542 | SSL3_CK_KRB5_DES_64_CBC_SHA, |
| 541 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, | 543 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, |
| 542 | SSL_EXPORT|SSL_EXP40, | 544 | SSL_NOT_EXP|SSL_LOW, |
| 543 | 0, | 545 | 0, |
| 544 | 40, | 546 | 56, |
| 545 | 56, | 547 | 56, |
| 546 | SSL_ALL_CIPHERS, | 548 | SSL_ALL_CIPHERS, |
| 547 | SSL_ALL_STRENGTHS, | 549 | SSL_ALL_STRENGTHS, |
| 548 | }, | 550 | }, |
| 549 | 551 | ||
| 550 | /* Cipher 22 VRS */ | 552 | /* Cipher 1F VRS */ |
| 551 | { | 553 | { |
| 552 | 1, | 554 | 1, |
| 553 | SSL3_TXT_KRB5_DES_40_CBC_MD5, | 555 | SSL3_TXT_KRB5_DES_192_CBC3_SHA, |
| 554 | SSL3_CK_KRB5_DES_40_CBC_MD5, | 556 | SSL3_CK_KRB5_DES_192_CBC3_SHA, |
| 555 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, | 557 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, |
| 556 | SSL_EXPORT|SSL_EXP40, | 558 | SSL_NOT_EXP|SSL_HIGH, |
| 557 | 0, | 559 | 0, |
| 558 | 40, | 560 | 112, |
| 559 | 56, | 561 | 168, |
| 560 | SSL_ALL_CIPHERS, | 562 | SSL_ALL_CIPHERS, |
| 561 | SSL_ALL_STRENGTHS, | 563 | SSL_ALL_STRENGTHS, |
| 562 | }, | 564 | }, |
| 563 | 565 | ||
| 564 | /* Cipher 23 VRS */ | 566 | /* Cipher 20 VRS */ |
| 565 | { | 567 | { |
| 566 | 1, | 568 | 1, |
| 567 | SSL3_TXT_KRB5_DES_64_CBC_SHA, | 569 | SSL3_TXT_KRB5_RC4_128_SHA, |
| 568 | SSL3_CK_KRB5_DES_64_CBC_SHA, | 570 | SSL3_CK_KRB5_RC4_128_SHA, |
| 569 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, | 571 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, |
| 570 | SSL_NOT_EXP|SSL_LOW, | 572 | SSL_NOT_EXP|SSL_MEDIUM, |
| 571 | 0, | 573 | 0, |
| 572 | 56, | 574 | 128, |
| 573 | 56, | 575 | 128, |
| 574 | SSL_ALL_CIPHERS, | 576 | SSL_ALL_CIPHERS, |
| 575 | SSL_ALL_STRENGTHS, | 577 | SSL_ALL_STRENGTHS, |
| 576 | }, | 578 | }, |
| 577 | 579 | ||
| 578 | /* Cipher 24 VRS */ | 580 | /* Cipher 21 VRS */ |
| 581 | { | ||
| 582 | 1, | ||
| 583 | SSL3_TXT_KRB5_IDEA_128_CBC_SHA, | ||
| 584 | SSL3_CK_KRB5_IDEA_128_CBC_SHA, | ||
| 585 | SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_SHA1 |SSL_SSLV3, | ||
| 586 | SSL_NOT_EXP|SSL_MEDIUM, | ||
| 587 | 0, | ||
| 588 | 128, | ||
| 589 | 128, | ||
| 590 | SSL_ALL_CIPHERS, | ||
| 591 | SSL_ALL_STRENGTHS, | ||
| 592 | }, | ||
| 593 | |||
| 594 | /* Cipher 22 VRS */ | ||
| 579 | { | 595 | { |
| 580 | 1, | 596 | 1, |
| 581 | SSL3_TXT_KRB5_DES_64_CBC_MD5, | 597 | SSL3_TXT_KRB5_DES_64_CBC_MD5, |
| @@ -589,12 +605,12 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 589 | SSL_ALL_STRENGTHS, | 605 | SSL_ALL_STRENGTHS, |
| 590 | }, | 606 | }, |
| 591 | 607 | ||
| 592 | /* Cipher 25 VRS */ | 608 | /* Cipher 23 VRS */ |
| 593 | { | 609 | { |
| 594 | 1, | 610 | 1, |
| 595 | SSL3_TXT_KRB5_DES_192_CBC3_SHA, | 611 | SSL3_TXT_KRB5_DES_192_CBC3_MD5, |
| 596 | SSL3_CK_KRB5_DES_192_CBC3_SHA, | 612 | SSL3_CK_KRB5_DES_192_CBC3_MD5, |
| 597 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, | 613 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, |
| 598 | SSL_NOT_EXP|SSL_HIGH, | 614 | SSL_NOT_EXP|SSL_HIGH, |
| 599 | 0, | 615 | 0, |
| 600 | 112, | 616 | 112, |
| @@ -603,16 +619,114 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 603 | SSL_ALL_STRENGTHS, | 619 | SSL_ALL_STRENGTHS, |
| 604 | }, | 620 | }, |
| 605 | 621 | ||
| 622 | /* Cipher 24 VRS */ | ||
| 623 | { | ||
| 624 | 1, | ||
| 625 | SSL3_TXT_KRB5_RC4_128_MD5, | ||
| 626 | SSL3_CK_KRB5_RC4_128_MD5, | ||
| 627 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, | ||
| 628 | SSL_NOT_EXP|SSL_MEDIUM, | ||
| 629 | 0, | ||
| 630 | 128, | ||
| 631 | 128, | ||
| 632 | SSL_ALL_CIPHERS, | ||
| 633 | SSL_ALL_STRENGTHS, | ||
| 634 | }, | ||
| 635 | |||
| 636 | /* Cipher 25 VRS */ | ||
| 637 | { | ||
| 638 | 1, | ||
| 639 | SSL3_TXT_KRB5_IDEA_128_CBC_MD5, | ||
| 640 | SSL3_CK_KRB5_IDEA_128_CBC_MD5, | ||
| 641 | SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_MD5 |SSL_SSLV3, | ||
| 642 | SSL_NOT_EXP|SSL_MEDIUM, | ||
| 643 | 0, | ||
| 644 | 128, | ||
| 645 | 128, | ||
| 646 | SSL_ALL_CIPHERS, | ||
| 647 | SSL_ALL_STRENGTHS, | ||
| 648 | }, | ||
| 649 | |||
| 606 | /* Cipher 26 VRS */ | 650 | /* Cipher 26 VRS */ |
| 607 | { | 651 | { |
| 608 | 1, | 652 | 1, |
| 609 | SSL3_TXT_KRB5_DES_192_CBC3_MD5, | 653 | SSL3_TXT_KRB5_DES_40_CBC_SHA, |
| 610 | SSL3_CK_KRB5_DES_192_CBC3_MD5, | 654 | SSL3_CK_KRB5_DES_40_CBC_SHA, |
| 611 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, | 655 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, |
| 612 | SSL_NOT_EXP|SSL_HIGH, | 656 | SSL_EXPORT|SSL_EXP40, |
| 613 | 0, | 657 | 0, |
| 614 | 112, | 658 | 40, |
| 615 | 168, | 659 | 56, |
| 660 | SSL_ALL_CIPHERS, | ||
| 661 | SSL_ALL_STRENGTHS, | ||
| 662 | }, | ||
| 663 | |||
| 664 | /* Cipher 27 VRS */ | ||
| 665 | { | ||
| 666 | 1, | ||
| 667 | SSL3_TXT_KRB5_RC2_40_CBC_SHA, | ||
| 668 | SSL3_CK_KRB5_RC2_40_CBC_SHA, | ||
| 669 | SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_SHA1 |SSL_SSLV3, | ||
| 670 | SSL_EXPORT|SSL_EXP40, | ||
| 671 | 0, | ||
| 672 | 40, | ||
| 673 | 128, | ||
| 674 | SSL_ALL_CIPHERS, | ||
| 675 | SSL_ALL_STRENGTHS, | ||
| 676 | }, | ||
| 677 | |||
| 678 | /* Cipher 28 VRS */ | ||
| 679 | { | ||
| 680 | 1, | ||
| 681 | SSL3_TXT_KRB5_RC4_40_SHA, | ||
| 682 | SSL3_CK_KRB5_RC4_40_SHA, | ||
| 683 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, | ||
| 684 | SSL_EXPORT|SSL_EXP40, | ||
| 685 | 0, | ||
| 686 | 128, | ||
| 687 | 128, | ||
| 688 | SSL_ALL_CIPHERS, | ||
| 689 | SSL_ALL_STRENGTHS, | ||
| 690 | }, | ||
| 691 | |||
| 692 | /* Cipher 29 VRS */ | ||
| 693 | { | ||
| 694 | 1, | ||
| 695 | SSL3_TXT_KRB5_DES_40_CBC_MD5, | ||
| 696 | SSL3_CK_KRB5_DES_40_CBC_MD5, | ||
| 697 | SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, | ||
| 698 | SSL_EXPORT|SSL_EXP40, | ||
| 699 | 0, | ||
| 700 | 40, | ||
| 701 | 56, | ||
| 702 | SSL_ALL_CIPHERS, | ||
| 703 | SSL_ALL_STRENGTHS, | ||
| 704 | }, | ||
| 705 | |||
| 706 | /* Cipher 2A VRS */ | ||
| 707 | { | ||
| 708 | 1, | ||
| 709 | SSL3_TXT_KRB5_RC2_40_CBC_MD5, | ||
| 710 | SSL3_CK_KRB5_RC2_40_CBC_MD5, | ||
| 711 | SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_MD5 |SSL_SSLV3, | ||
| 712 | SSL_EXPORT|SSL_EXP40, | ||
| 713 | 0, | ||
| 714 | 40, | ||
| 715 | 128, | ||
| 716 | SSL_ALL_CIPHERS, | ||
| 717 | SSL_ALL_STRENGTHS, | ||
| 718 | }, | ||
| 719 | |||
| 720 | /* Cipher 2B VRS */ | ||
| 721 | { | ||
| 722 | 1, | ||
| 723 | SSL3_TXT_KRB5_RC4_40_MD5, | ||
| 724 | SSL3_CK_KRB5_RC4_40_MD5, | ||
| 725 | SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, | ||
| 726 | SSL_EXPORT|SSL_EXP40, | ||
| 727 | 0, | ||
| 728 | 128, | ||
| 729 | 128, | ||
| 616 | SSL_ALL_CIPHERS, | 730 | SSL_ALL_CIPHERS, |
| 617 | SSL_ALL_STRENGTHS, | 731 | SSL_ALL_STRENGTHS, |
| 618 | }, | 732 | }, |
| @@ -988,7 +1102,7 @@ void ssl3_free(SSL *s) | |||
| 988 | sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); | 1102 | sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); |
| 989 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); | 1103 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); |
| 990 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); | 1104 | EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); |
| 991 | memset(s->s3,0,sizeof *s->s3); | 1105 | OPENSSL_cleanse(s->s3,sizeof *s->s3); |
| 992 | OPENSSL_free(s->s3); | 1106 | OPENSSL_free(s->s3); |
| 993 | s->s3=NULL; | 1107 | s->s3=NULL; |
| 994 | } | 1108 | } |
| @@ -1343,16 +1457,19 @@ SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) | |||
| 1343 | { | 1457 | { |
| 1344 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); | 1458 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); |
| 1345 | 1459 | ||
| 1346 | for (i=0; i<SSL3_NUM_CIPHERS; i++) | 1460 | if (init) |
| 1347 | sorted[i]= &(ssl3_ciphers[i]); | 1461 | { |
| 1462 | for (i=0; i<SSL3_NUM_CIPHERS; i++) | ||
| 1463 | sorted[i]= &(ssl3_ciphers[i]); | ||
| 1348 | 1464 | ||
| 1349 | qsort( (char *)sorted, | 1465 | qsort(sorted, |
| 1350 | SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *), | 1466 | SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *), |
| 1351 | FP_ICC ssl_cipher_ptr_id_cmp); | 1467 | FP_ICC ssl_cipher_ptr_id_cmp); |
| 1352 | 1468 | ||
| 1469 | init=0; | ||
| 1470 | } | ||
| 1471 | |||
| 1353 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); | 1472 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); |
| 1354 | |||
| 1355 | init=0; | ||
| 1356 | } | 1473 | } |
| 1357 | 1474 | ||
| 1358 | id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; | 1475 | id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; |
diff --git a/src/lib/libssl/src/ssl/s3_meth.c b/src/lib/libssl/src/ssl/s3_meth.c index 81bcad89c5..1fd7a96f87 100644 --- a/src/lib/libssl/src/ssl/s3_meth.c +++ b/src/lib/libssl/src/ssl/s3_meth.c | |||
| @@ -76,12 +76,19 @@ SSL_METHOD *SSLv3_method(void) | |||
| 76 | 76 | ||
| 77 | if (init) | 77 | if (init) |
| 78 | { | 78 | { |
| 79 | memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(), | 79 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 80 | sizeof(SSL_METHOD)); | 80 | |
| 81 | SSLv3_data.ssl_connect=ssl3_connect; | 81 | if (init) |
| 82 | SSLv3_data.ssl_accept=ssl3_accept; | 82 | { |
| 83 | SSLv3_data.get_ssl_method=ssl3_get_method; | 83 | memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(), |
| 84 | init=0; | 84 | sizeof(SSL_METHOD)); |
| 85 | SSLv3_data.ssl_connect=ssl3_connect; | ||
| 86 | SSLv3_data.ssl_accept=ssl3_accept; | ||
| 87 | SSLv3_data.get_ssl_method=ssl3_get_method; | ||
| 88 | init=0; | ||
| 89 | } | ||
| 90 | |||
| 91 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 85 | } | 92 | } |
| 86 | return(&SSLv3_data); | 93 | return(&SSLv3_data); |
| 87 | } | 94 | } |
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index a2c17f2950..cd7b88eeb5 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -153,11 +153,18 @@ SSL_METHOD *SSLv3_server_method(void) | |||
| 153 | 153 | ||
| 154 | if (init) | 154 | if (init) |
| 155 | { | 155 | { |
| 156 | memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), | 156 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 157 | sizeof(SSL_METHOD)); | 157 | |
| 158 | SSLv3_server_data.ssl_accept=ssl3_accept; | 158 | if (init) |
| 159 | SSLv3_server_data.get_ssl_method=ssl3_get_server_method; | 159 | { |
| 160 | init=0; | 160 | memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), |
| 161 | sizeof(SSL_METHOD)); | ||
| 162 | SSLv3_server_data.ssl_accept=ssl3_accept; | ||
| 163 | SSLv3_server_data.get_ssl_method=ssl3_get_server_method; | ||
| 164 | init=0; | ||
| 165 | } | ||
| 166 | |||
| 167 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 161 | } | 168 | } |
| 162 | return(&SSLv3_server_data); | 169 | return(&SSLv3_server_data); |
| 163 | } | 170 | } |
| @@ -1172,7 +1179,7 @@ static int ssl3_send_server_key_exchange(SSL *s) | |||
| 1172 | kn=0; | 1179 | kn=0; |
| 1173 | } | 1180 | } |
| 1174 | 1181 | ||
| 1175 | if (!BUF_MEM_grow(buf,n+4+kn)) | 1182 | if (!BUF_MEM_grow_clean(buf,n+4+kn)) |
| 1176 | { | 1183 | { |
| 1177 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); | 1184 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); |
| 1178 | goto err; | 1185 | goto err; |
| @@ -1299,7 +1306,7 @@ static int ssl3_send_certificate_request(SSL *s) | |||
| 1299 | { | 1306 | { |
| 1300 | name=sk_X509_NAME_value(sk,i); | 1307 | name=sk_X509_NAME_value(sk,i); |
| 1301 | j=i2d_X509_NAME(name,NULL); | 1308 | j=i2d_X509_NAME(name,NULL); |
| 1302 | if (!BUF_MEM_grow(buf,4+n+j+2)) | 1309 | if (!BUF_MEM_grow_clean(buf,4+n+j+2)) |
| 1303 | { | 1310 | { |
| 1304 | SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB); | 1311 | SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB); |
| 1305 | goto err; | 1312 | goto err; |
| @@ -1466,7 +1473,6 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1466 | * made up by the adversary is properly formatted except | 1473 | * made up by the adversary is properly formatted except |
| 1467 | * that the version number is wrong. To avoid such attacks, | 1474 | * that the version number is wrong. To avoid such attacks, |
| 1468 | * we should treat this just like any other decryption error. */ | 1475 | * we should treat this just like any other decryption error. */ |
| 1469 | p[0] = (char)(int) "CAN-2003-0131 patch 2003-03-20"; | ||
| 1470 | } | 1476 | } |
| 1471 | } | 1477 | } |
| 1472 | 1478 | ||
| @@ -1486,7 +1492,7 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1486 | s->method->ssl3_enc->generate_master_secret(s, | 1492 | s->method->ssl3_enc->generate_master_secret(s, |
| 1487 | s->session->master_key, | 1493 | s->session->master_key, |
| 1488 | p,i); | 1494 | p,i); |
| 1489 | memset(p,0,i); | 1495 | OPENSSL_cleanse(p,i); |
| 1490 | } | 1496 | } |
| 1491 | else | 1497 | else |
| 1492 | #endif | 1498 | #endif |
| @@ -1549,7 +1555,7 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1549 | s->session->master_key_length= | 1555 | s->session->master_key_length= |
| 1550 | s->method->ssl3_enc->generate_master_secret(s, | 1556 | s->method->ssl3_enc->generate_master_secret(s, |
| 1551 | s->session->master_key,p,i); | 1557 | s->session->master_key,p,i); |
| 1552 | memset(p,0,i); | 1558 | OPENSSL_cleanse(p,i); |
| 1553 | } | 1559 | } |
| 1554 | else | 1560 | else |
| 1555 | #endif | 1561 | #endif |
| @@ -1652,7 +1658,7 @@ static int ssl3_get_client_key_exchange(SSL *s) | |||
| 1652 | if (enc == NULL) | 1658 | if (enc == NULL) |
| 1653 | goto err; | 1659 | goto err; |
| 1654 | 1660 | ||
| 1655 | memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ | 1661 | memset(iv, 0, sizeof iv); /* per RFC 1510 */ |
| 1656 | 1662 | ||
| 1657 | if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv)) | 1663 | if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv)) |
| 1658 | { | 1664 | { |
| @@ -1740,7 +1746,7 @@ static int ssl3_get_cert_verify(SSL *s) | |||
| 1740 | SSL3_ST_SR_CERT_VRFY_A, | 1746 | SSL3_ST_SR_CERT_VRFY_A, |
| 1741 | SSL3_ST_SR_CERT_VRFY_B, | 1747 | SSL3_ST_SR_CERT_VRFY_B, |
| 1742 | -1, | 1748 | -1, |
| 1743 | 512, /* 512? */ | 1749 | 514, /* 514? */ |
| 1744 | &ok); | 1750 | &ok); |
| 1745 | 1751 | ||
| 1746 | if (!ok) return((int)n); | 1752 | if (!ok) return((int)n); |
diff --git a/src/lib/libssl/src/ssl/ssl-lib.com b/src/lib/libssl/src/ssl/ssl-lib.com index d6829a8d64..163ade9f7a 100644 --- a/src/lib/libssl/src/ssl/ssl-lib.com +++ b/src/lib/libssl/src/ssl/ssl-lib.com | |||
| @@ -21,22 +21,10 @@ $! | |||
| 21 | $! LIBRARY To just compile the [.xxx.EXE.SSL]LIBSSL.OLB Library. | 21 | $! LIBRARY To just compile the [.xxx.EXE.SSL]LIBSSL.OLB Library. |
| 22 | $! SSL_TASK To just compile the [.xxx.EXE.SSL]SSL_TASK.EXE | 22 | $! SSL_TASK To just compile the [.xxx.EXE.SSL]SSL_TASK.EXE |
| 23 | $! | 23 | $! |
| 24 | $! Specify RSAREF as P2 to compile with the RSAREF library instead of | 24 | $! Specify DEBUG or NODEBUG as P2 to compile with or without debugger |
| 25 | $! the regular one. If you specify NORSAREF it will compile with the | ||
| 26 | $! regular RSAREF routines. (Note: If you are in the United States | ||
| 27 | $! you MUST compile with RSAREF unless you have a license from RSA). | ||
| 28 | $! | ||
| 29 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 30 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 31 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 32 | $! directory structure stored. You have to extract the file | ||
| 33 | $! into the [.RSAREF] directory under the root directory as that | ||
| 34 | $! is where the scripts will look for the files. | ||
| 35 | $! | ||
| 36 | $! Specify DEBUG or NODEBUG as P3 to compile with or without debugger | ||
| 37 | $! information. | 25 | $! information. |
| 38 | $! | 26 | $! |
| 39 | $! Specify which compiler at P4 to try to compile under. | 27 | $! Specify which compiler at P3 to try to compile under. |
| 40 | $! | 28 | $! |
| 41 | $! VAXC For VAX C. | 29 | $! VAXC For VAX C. |
| 42 | $! DECC For DEC C. | 30 | $! DECC For DEC C. |
| @@ -45,14 +33,14 @@ $! | |||
| 45 | $! If you don't speficy a compiler, it will try to determine which | 33 | $! If you don't speficy a compiler, it will try to determine which |
| 46 | $! "C" compiler to use. | 34 | $! "C" compiler to use. |
| 47 | $! | 35 | $! |
| 48 | $! P5, if defined, sets a TCP/IP library to use, through one of the following | 36 | $! P4, if defined, sets a TCP/IP library to use, through one of the following |
| 49 | $! keywords: | 37 | $! keywords: |
| 50 | $! | 38 | $! |
| 51 | $! UCX for UCX | 39 | $! UCX for UCX |
| 52 | $! TCPIP for TCPIP (post UCX) | 40 | $! TCPIP for TCPIP (post UCX) |
| 53 | $! SOCKETSHR for SOCKETSHR+NETLIB | 41 | $! SOCKETSHR for SOCKETSHR+NETLIB |
| 54 | $! | 42 | $! |
| 55 | $! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | 43 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) |
| 56 | $! | 44 | $! |
| 57 | $! | 45 | $! |
| 58 | $! Define A TCP/IP Library That We Will Need To Link To. | 46 | $! Define A TCP/IP Library That We Will Need To Link To. |
| @@ -135,10 +123,6 @@ $! Define The CRYPTO-LIB We Are To Use. | |||
| 135 | $! | 123 | $! |
| 136 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB | 124 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB |
| 137 | $! | 125 | $! |
| 138 | $! Define The RSAREF-LIB We Are To Use. | ||
| 139 | $! | ||
| 140 | $ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB | ||
| 141 | $! | ||
| 142 | $! Check To See What We Are To Do. | 126 | $! Check To See What We Are To Do. |
| 143 | $! | 127 | $! |
| 144 | $ IF (BUILDALL.EQS."TRUE") | 128 | $ IF (BUILDALL.EQS."TRUE") |
| @@ -317,73 +301,31 @@ $! | |||
| 317 | $ ON ERROR THEN GOTO SSL_TASK_END | 301 | $ ON ERROR THEN GOTO SSL_TASK_END |
| 318 | $ CC5/OBJECT='OBJ_DIR'SSL_TASK.OBJ SYS$DISK:[]SSL_TASK.C | 302 | $ CC5/OBJECT='OBJ_DIR'SSL_TASK.OBJ SYS$DISK:[]SSL_TASK.C |
| 319 | $! | 303 | $! |
| 320 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. | 304 | $! Link The Program. |
| 305 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 321 | $! | 306 | $! |
| 322 | $ IF (RSAREF.EQS."TRUE") | 307 | $ IF (TCPIP_LIB.NES."") |
| 323 | $ THEN | 308 | $ THEN |
| 324 | $! | 309 | $! |
| 325 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 310 | $! Link With TCP/IP Library. |
| 326 | $! | ||
| 327 | $ IF (TCPIP_LIB.NES."") | ||
| 328 | $ THEN | ||
| 329 | $! | ||
| 330 | $! Link With The RSAREF Library And A Specific TCP/IP Library. | ||
| 331 | $! | ||
| 332 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE - | ||
| 333 | 'OBJ_DIR'SSL_TASK.OBJ, - | ||
| 334 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 335 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 336 | $! | 311 | $! |
| 337 | $! Else... | 312 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE - |
| 338 | $! | 313 | 'OBJ_DIR'SSL_TASK.OBJ, - |
| 339 | $ ELSE | 314 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - |
| 340 | $! | 315 | 'TCPIP_LIB','OPT_FILE'/OPTION |
| 341 | $! Link With The RSAREF Library And NO TCP/IP Library. | ||
| 342 | $! | ||
| 343 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE - | ||
| 344 | 'OBJ_DIR'SSL_TASK.OBJ, - | ||
| 345 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 346 | 'OPT_FILE'/OPTION | ||
| 347 | $! | ||
| 348 | $! End The TCP/IP Library Check. | ||
| 349 | $! | ||
| 350 | $ ENDIF | ||
| 351 | $! | 316 | $! |
| 352 | $! Else... | 317 | $! Else... |
| 353 | $! | 318 | $! |
| 354 | $ ELSE | 319 | $ ELSE |
| 355 | $! | 320 | $! |
| 356 | $! Don't Link With The RSAREF Routines. | 321 | $! Don't Link With TCP/IP Library. |
| 357 | $! | 322 | $! |
| 323 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE - | ||
| 324 | 'OBJ_DIR'SSL_TASK.OBJ,- | ||
| 325 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | ||
| 326 | 'OPT_FILE'/OPTION | ||
| 358 | $! | 327 | $! |
| 359 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 328 | $! End The TCP/IP Library Check. |
| 360 | $! | ||
| 361 | $ IF (TCPIP_LIB.NES."") | ||
| 362 | $ THEN | ||
| 363 | $! | ||
| 364 | $! Don't Link With The RSAREF Routines And TCP/IP Library. | ||
| 365 | $! | ||
| 366 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE - | ||
| 367 | 'OBJ_DIR'SSL_TASK.OBJ, - | ||
| 368 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | ||
| 369 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 370 | $! | ||
| 371 | $! Else... | ||
| 372 | $! | ||
| 373 | $ ELSE | ||
| 374 | $! | ||
| 375 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. | ||
| 376 | $! | ||
| 377 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE - | ||
| 378 | 'OBJ_DIR'SSL_TASK.OBJ,- | ||
| 379 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | ||
| 380 | 'OPT_FILE'/OPTION | ||
| 381 | $! | ||
| 382 | $! End The TCP/IP Library Check. | ||
| 383 | $! | ||
| 384 | $ ENDIF | ||
| 385 | $! | ||
| 386 | $! End The RSAREF Link Check. | ||
| 387 | $! | 329 | $! |
| 388 | $ ENDIF | 330 | $ ENDIF |
| 389 | $! | 331 | $! |
| @@ -558,35 +500,6 @@ $! End The LIBCRYPTO.OLB Library Check. | |||
| 558 | $! | 500 | $! |
| 559 | $ ENDIF | 501 | $ ENDIF |
| 560 | $! | 502 | $! |
| 561 | $! Check To See If We Need The RSAREF Library. | ||
| 562 | $! | ||
| 563 | $ IF (RSAREF.EQS."TRUE") | ||
| 564 | $ THEN | ||
| 565 | $! | ||
| 566 | $! Look For The Library LIBRSAGLUE.OLB. | ||
| 567 | $! | ||
| 568 | $ IF (F$SEARCH(RSAREF_LIB).EQS."") | ||
| 569 | $ THEN | ||
| 570 | $! | ||
| 571 | $! Tell The User We Can't Find The LIBRSAGLUE.OLB Library. | ||
| 572 | $! | ||
| 573 | $ WRITE SYS$OUTPUT "" | ||
| 574 | $ WRITE SYS$OUTPUT "Can't Find The Library ",RSAREF_LIB,"." | ||
| 575 | $ WRITE SYS$OUTPUT "We Can't Link Without It." | ||
| 576 | $ WRITE SYS$OUTPUT "" | ||
| 577 | $! | ||
| 578 | $! Since We Can't Link Without It, Exit. | ||
| 579 | $! | ||
| 580 | $ EXIT | ||
| 581 | $! | ||
| 582 | $! End The LIBRSAGLUE.OLB Library Check. | ||
| 583 | $! | ||
| 584 | $ ENDIF | ||
| 585 | $! | ||
| 586 | $! End The RSAREF Library Check. | ||
| 587 | $! | ||
| 588 | $ ENDIF | ||
| 589 | $! | ||
| 590 | $! Time To Return. | 503 | $! Time To Return. |
| 591 | $! | 504 | $! |
| 592 | $ RETURN | 505 | $ RETURN |
| @@ -650,78 +563,10 @@ $ ENDIF | |||
| 650 | $! | 563 | $! |
| 651 | $! Check To See If P2 Is Blank. | 564 | $! Check To See If P2 Is Blank. |
| 652 | $! | 565 | $! |
| 653 | $ p2 = "NORSAREF" | 566 | $ IF (P2.EQS."NODEBUG") |
| 654 | $ IF (P2.EQS."NORSAREF") | ||
| 655 | $ THEN | 567 | $ THEN |
| 656 | $! | 568 | $! |
| 657 | $! P2 Is NORSAREF, So Compile With The Regular RSA Libraries. | 569 | $! P2 Is NODEBUG, So Compile Without Debugger Information. |
| 658 | $! | ||
| 659 | $ RSAREF = "FALSE" | ||
| 660 | $! | ||
| 661 | $! Else... | ||
| 662 | $! | ||
| 663 | $ ELSE | ||
| 664 | $! | ||
| 665 | $! Check To See If We Are To Use The RSAREF Library. | ||
| 666 | $! | ||
| 667 | $ IF (P2.EQS."RSAREF") | ||
| 668 | $ THEN | ||
| 669 | $! | ||
| 670 | $! Check To Make Sure We Have The RSAREF Source Code Directory. | ||
| 671 | $! | ||
| 672 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."") | ||
| 673 | $ THEN | ||
| 674 | $! | ||
| 675 | $! We Don't Have The RSAREF Souce Code Directory, So Tell The | ||
| 676 | $! User This. | ||
| 677 | $! | ||
| 678 | $ WRITE SYS$OUTPUT "" | ||
| 679 | $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." | ||
| 680 | $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" | ||
| 681 | $ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the" | ||
| 682 | $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" | ||
| 683 | $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" | ||
| 684 | $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." | ||
| 685 | $ WRITE SYS$OUTPUT "" | ||
| 686 | $! | ||
| 687 | $! Time To Exit. | ||
| 688 | $! | ||
| 689 | $ EXIT | ||
| 690 | $! | ||
| 691 | $! Else, Compile Using The RSAREF Library. | ||
| 692 | $! | ||
| 693 | $ ELSE | ||
| 694 | $ RSAREF = "TRUE" | ||
| 695 | $ ENDIF | ||
| 696 | $ ELSE | ||
| 697 | $! | ||
| 698 | $! They Entered An Invalid Option.. | ||
| 699 | $! | ||
| 700 | $ WRITE SYS$OUTPUT "" | ||
| 701 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | ||
| 702 | $ WRITE SYS$OUTPUT "" | ||
| 703 | $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." | ||
| 704 | $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." | ||
| 705 | $ WRITE SYS$OUTPUT "" | ||
| 706 | $! | ||
| 707 | $! Time To EXIT. | ||
| 708 | $! | ||
| 709 | $ EXIT | ||
| 710 | $! | ||
| 711 | $! End The Valid Arguement Check. | ||
| 712 | $! | ||
| 713 | $ ENDIF | ||
| 714 | $! | ||
| 715 | $! End The P2 Check. | ||
| 716 | $! | ||
| 717 | $ ENDIF | ||
| 718 | $! | ||
| 719 | $! Check To See If P3 Is Blank. | ||
| 720 | $! | ||
| 721 | $ IF (P3.EQS."NODEBUG") | ||
| 722 | $ THEN | ||
| 723 | $! | ||
| 724 | $! P3 Is NODEBUG, So Compile Without Debugger Information. | ||
| 725 | $! | 570 | $! |
| 726 | $ DEBUGGER = "NODEBUG" | 571 | $ DEBUGGER = "NODEBUG" |
| 727 | $ TRACEBACK = "NOTRACEBACK" | 572 | $ TRACEBACK = "NOTRACEBACK" |
| @@ -736,7 +581,7 @@ $ ELSE | |||
| 736 | $! | 581 | $! |
| 737 | $! Check To See If We Are To Compile With Debugger Information. | 582 | $! Check To See If We Are To Compile With Debugger Information. |
| 738 | $! | 583 | $! |
| 739 | $ IF (P3.EQS."DEBUG") | 584 | $ IF (P2.EQS."DEBUG") |
| 740 | $ THEN | 585 | $ THEN |
| 741 | $! | 586 | $! |
| 742 | $! Compile With Debugger Information. | 587 | $! Compile With Debugger Information. |
| @@ -752,7 +597,7 @@ $! | |||
| 752 | $! Tell The User Entered An Invalid Option.. | 597 | $! Tell The User Entered An Invalid Option.. |
| 753 | $! | 598 | $! |
| 754 | $ WRITE SYS$OUTPUT "" | 599 | $ WRITE SYS$OUTPUT "" |
| 755 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | 600 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" |
| 756 | $ WRITE SYS$OUTPUT "" | 601 | $ WRITE SYS$OUTPUT "" |
| 757 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | 602 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." |
| 758 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | 603 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." |
| @@ -766,7 +611,7 @@ $! End The Valid Arguement Check. | |||
| 766 | $! | 611 | $! |
| 767 | $ ENDIF | 612 | $ ENDIF |
| 768 | $! | 613 | $! |
| 769 | $! End The P3 Check. | 614 | $! End The P2 Check. |
| 770 | $! | 615 | $! |
| 771 | $ ENDIF | 616 | $ ENDIF |
| 772 | $! | 617 | $! |
| @@ -776,9 +621,9 @@ $! Written By: Richard Levitte | |||
| 776 | $! richard@levitte.org | 621 | $! richard@levitte.org |
| 777 | $! | 622 | $! |
| 778 | $! | 623 | $! |
| 779 | $! Check To See If We Have A Option For P6. | 624 | $! Check To See If We Have A Option For P5. |
| 780 | $! | 625 | $! |
| 781 | $ IF (P6.EQS."") | 626 | $ IF (P5.EQS."") |
| 782 | $ THEN | 627 | $ THEN |
| 783 | $! | 628 | $! |
| 784 | $! Get The Version Of VMS We Are Using. | 629 | $! Get The Version Of VMS We Are Using. |
| @@ -800,13 +645,13 @@ $! End The VMS Version Check. | |||
| 800 | $! | 645 | $! |
| 801 | $ ENDIF | 646 | $ ENDIF |
| 802 | $! | 647 | $! |
| 803 | $! End The P6 Check. | 648 | $! End The P5 Check. |
| 804 | $! | 649 | $! |
| 805 | $ ENDIF | 650 | $ ENDIF |
| 806 | $! | 651 | $! |
| 807 | $! Check To See If P4 Is Blank. | 652 | $! Check To See If P3 Is Blank. |
| 808 | $! | 653 | $! |
| 809 | $ IF (P4.EQS."") | 654 | $ IF (P3.EQS."") |
| 810 | $ THEN | 655 | $ THEN |
| 811 | $! | 656 | $! |
| 812 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | 657 | $! O.K., The User Didn't Specify A Compiler, Let's Try To |
| @@ -819,7 +664,7 @@ $ THEN | |||
| 819 | $! | 664 | $! |
| 820 | $! Looks Like GNUC, Set To Use GNUC. | 665 | $! Looks Like GNUC, Set To Use GNUC. |
| 821 | $! | 666 | $! |
| 822 | $ P4 = "GNUC" | 667 | $ P3 = "GNUC" |
| 823 | $! | 668 | $! |
| 824 | $! End The GNU C Compiler Check. | 669 | $! End The GNU C Compiler Check. |
| 825 | $! | 670 | $! |
| @@ -832,7 +677,7 @@ $ THEN | |||
| 832 | $! | 677 | $! |
| 833 | $! Looks Like DECC, Set To Use DECC. | 678 | $! Looks Like DECC, Set To Use DECC. |
| 834 | $! | 679 | $! |
| 835 | $ P4 = "DECC" | 680 | $ P3 = "DECC" |
| 836 | $! | 681 | $! |
| 837 | $! Else... | 682 | $! Else... |
| 838 | $! | 683 | $! |
| @@ -840,7 +685,7 @@ $ ELSE | |||
| 840 | $! | 685 | $! |
| 841 | $! Looks Like VAXC, Set To Use VAXC. | 686 | $! Looks Like VAXC, Set To Use VAXC. |
| 842 | $! | 687 | $! |
| 843 | $ P4 = "VAXC" | 688 | $ P3 = "VAXC" |
| 844 | $! | 689 | $! |
| 845 | $! End The VAXC Compiler Check. | 690 | $! End The VAXC Compiler Check. |
| 846 | $! | 691 | $! |
| @@ -854,9 +699,9 @@ $! End The Compiler Check. | |||
| 854 | $! | 699 | $! |
| 855 | $ ENDIF | 700 | $ ENDIF |
| 856 | $! | 701 | $! |
| 857 | $! Check To See If We Have A Option For P5. | 702 | $! Check To See If We Have A Option For P4. |
| 858 | $! | 703 | $! |
| 859 | $ IF (P5.EQS."") | 704 | $ IF (P4.EQS."") |
| 860 | $ THEN | 705 | $ THEN |
| 861 | $! | 706 | $! |
| 862 | $! Find out what socket library we have available | 707 | $! Find out what socket library we have available |
| @@ -866,7 +711,7 @@ $ THEN | |||
| 866 | $! | 711 | $! |
| 867 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | 712 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. |
| 868 | $! | 713 | $! |
| 869 | $ P5 = "SOCKETSHR" | 714 | $ P4 = "SOCKETSHR" |
| 870 | $! | 715 | $! |
| 871 | $! Tell the user | 716 | $! Tell the user |
| 872 | $! | 717 | $! |
| @@ -886,7 +731,7 @@ $ THEN | |||
| 886 | $! | 731 | $! |
| 887 | $! Last resort: a UCX or UCX-compatible library | 732 | $! Last resort: a UCX or UCX-compatible library |
| 888 | $! | 733 | $! |
| 889 | $ P5 = "UCX" | 734 | $ P4 = "UCX" |
| 890 | $! | 735 | $! |
| 891 | $! Tell the user | 736 | $! Tell the user |
| 892 | $! | 737 | $! |
| @@ -900,7 +745,7 @@ $ ENDIF | |||
| 900 | $! | 745 | $! |
| 901 | $! Set Up Initial CC Definitions, Possibly With User Ones | 746 | $! Set Up Initial CC Definitions, Possibly With User Ones |
| 902 | $! | 747 | $! |
| 903 | $ CCDEFS = "TCPIP_TYPE_''P5'" | 748 | $ CCDEFS = "TCPIP_TYPE_''P4'" |
| 904 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | 749 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS |
| 905 | $ CCEXTRAFLAGS = "" | 750 | $ CCEXTRAFLAGS = "" |
| 906 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | 751 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS |
| @@ -910,12 +755,12 @@ $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | |||
| 910 | $! | 755 | $! |
| 911 | $! Check To See If The User Entered A Valid Paramter. | 756 | $! Check To See If The User Entered A Valid Paramter. |
| 912 | $! | 757 | $! |
| 913 | $ IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC") | 758 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") |
| 914 | $ THEN | 759 | $ THEN |
| 915 | $! | 760 | $! |
| 916 | $! Check To See If The User Wanted DECC. | 761 | $! Check To See If The User Wanted DECC. |
| 917 | $! | 762 | $! |
| 918 | $ IF (P4.EQS."DECC") | 763 | $ IF (P3.EQS."DECC") |
| 919 | $ THEN | 764 | $ THEN |
| 920 | $! | 765 | $! |
| 921 | $! Looks Like DECC, Set To Use DECC. | 766 | $! Looks Like DECC, Set To Use DECC. |
| @@ -945,7 +790,7 @@ $ ENDIF | |||
| 945 | $! | 790 | $! |
| 946 | $! Check To See If We Are To Use VAXC. | 791 | $! Check To See If We Are To Use VAXC. |
| 947 | $! | 792 | $! |
| 948 | $ IF (P4.EQS."VAXC") | 793 | $ IF (P3.EQS."VAXC") |
| 949 | $ THEN | 794 | $ THEN |
| 950 | $! | 795 | $! |
| 951 | $! Looks Like VAXC, Set To Use VAXC. | 796 | $! Looks Like VAXC, Set To Use VAXC. |
| @@ -983,7 +828,7 @@ $ ENDIF | |||
| 983 | $! | 828 | $! |
| 984 | $! Check To See If We Are To Use GNU C. | 829 | $! Check To See If We Are To Use GNU C. |
| 985 | $! | 830 | $! |
| 986 | $ IF (P4.EQS."GNUC") | 831 | $ IF (P3.EQS."GNUC") |
| 987 | $ THEN | 832 | $ THEN |
| 988 | $! | 833 | $! |
| 989 | $! Looks Like GNUC, Set To Use GNUC. | 834 | $! Looks Like GNUC, Set To Use GNUC. |
| @@ -1012,31 +857,6 @@ $! Set up default defines | |||
| 1012 | $! | 857 | $! |
| 1013 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | 858 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS |
| 1014 | $! | 859 | $! |
| 1015 | $! Check To See If We Are To Compile With RSAREF Routines. | ||
| 1016 | $! | ||
| 1017 | $ IF (RSAREF.EQS."TRUE") | ||
| 1018 | $ THEN | ||
| 1019 | $! | ||
| 1020 | $! Compile With RSAREF. | ||
| 1021 | $! | ||
| 1022 | $ CCDEFS = CCDEFS + ",""RSAref=1""" | ||
| 1023 | $! | ||
| 1024 | $! Tell The User This. | ||
| 1025 | $! | ||
| 1026 | $ WRITE SYS$OUTPUT "Compiling With RSAREF Routines." | ||
| 1027 | $! | ||
| 1028 | $! Else, We Don't Care. Compile Without The RSAREF Library. | ||
| 1029 | $! | ||
| 1030 | $ ELSE | ||
| 1031 | $! | ||
| 1032 | $! Tell The User We Are Compile Without The RSAREF Routines. | ||
| 1033 | $! | ||
| 1034 | $ WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines. | ||
| 1035 | $! | ||
| 1036 | $! End The RSAREF Check. | ||
| 1037 | $! | ||
| 1038 | $ ENDIF | ||
| 1039 | $! | ||
| 1040 | $! Finish up the definition of CC. | 860 | $! Finish up the definition of CC. |
| 1041 | $! | 861 | $! |
| 1042 | $ IF COMPILER .EQS. "DECC" | 862 | $ IF COMPILER .EQS. "DECC" |
| @@ -1076,7 +896,7 @@ $! | |||
| 1076 | $! Tell The User We Don't Know What They Want. | 896 | $! Tell The User We Don't Know What They Want. |
| 1077 | $! | 897 | $! |
| 1078 | $ WRITE SYS$OUTPUT "" | 898 | $ WRITE SYS$OUTPUT "" |
| 1079 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | 899 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" |
| 1080 | $ WRITE SYS$OUTPUT "" | 900 | $ WRITE SYS$OUTPUT "" |
| 1081 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | 901 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." |
| 1082 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | 902 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." |
| @@ -1090,13 +910,13 @@ $ ENDIF | |||
| 1090 | $! | 910 | $! |
| 1091 | $! Time to check the contents, and to make sure we get the correct library. | 911 | $! Time to check the contents, and to make sure we get the correct library. |
| 1092 | $! | 912 | $! |
| 1093 | $ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" - | 913 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - |
| 1094 | .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE" | 914 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" |
| 1095 | $ THEN | 915 | $ THEN |
| 1096 | $! | 916 | $! |
| 1097 | $! Check to see if SOCKETSHR was chosen | 917 | $! Check to see if SOCKETSHR was chosen |
| 1098 | $! | 918 | $! |
| 1099 | $ IF P5.EQS."SOCKETSHR" | 919 | $ IF P4.EQS."SOCKETSHR" |
| 1100 | $ THEN | 920 | $ THEN |
| 1101 | $! | 921 | $! |
| 1102 | $! Set the library to use SOCKETSHR | 922 | $! Set the library to use SOCKETSHR |
| @@ -1109,12 +929,12 @@ $ ENDIF | |||
| 1109 | $! | 929 | $! |
| 1110 | $! Check to see if MULTINET was chosen | 930 | $! Check to see if MULTINET was chosen |
| 1111 | $! | 931 | $! |
| 1112 | $ IF P5.EQS."MULTINET" | 932 | $ IF P4.EQS."MULTINET" |
| 1113 | $ THEN | 933 | $ THEN |
| 1114 | $! | 934 | $! |
| 1115 | $! Set the library to use UCX emulation. | 935 | $! Set the library to use UCX emulation. |
| 1116 | $! | 936 | $! |
| 1117 | $ P5 = "UCX" | 937 | $ P4 = "UCX" |
| 1118 | $! | 938 | $! |
| 1119 | $! Done with MULTINET | 939 | $! Done with MULTINET |
| 1120 | $! | 940 | $! |
| @@ -1122,7 +942,7 @@ $ ENDIF | |||
| 1122 | $! | 942 | $! |
| 1123 | $! Check to see if UCX was chosen | 943 | $! Check to see if UCX was chosen |
| 1124 | $! | 944 | $! |
| 1125 | $ IF P5.EQS."UCX" | 945 | $ IF P4.EQS."UCX" |
| 1126 | $ THEN | 946 | $ THEN |
| 1127 | $! | 947 | $! |
| 1128 | $! Set the library to use UCX. | 948 | $! Set the library to use UCX. |
| @@ -1142,7 +962,7 @@ $ ENDIF | |||
| 1142 | $! | 962 | $! |
| 1143 | $! Check to see if TCPIP was chosen | 963 | $! Check to see if TCPIP was chosen |
| 1144 | $! | 964 | $! |
| 1145 | $ IF P5.EQS."TCPIP" | 965 | $ IF P4.EQS."TCPIP" |
| 1146 | $ THEN | 966 | $ THEN |
| 1147 | $! | 967 | $! |
| 1148 | $! Set the library to use TCPIP (post UCX). | 968 | $! Set the library to use TCPIP (post UCX). |
| @@ -1155,7 +975,7 @@ $ ENDIF | |||
| 1155 | $! | 975 | $! |
| 1156 | $! Check to see if NONE was chosen | 976 | $! Check to see if NONE was chosen |
| 1157 | $! | 977 | $! |
| 1158 | $ IF P5.EQS."NONE" | 978 | $ IF P4.EQS."NONE" |
| 1159 | $ THEN | 979 | $ THEN |
| 1160 | $! | 980 | $! |
| 1161 | $! Do not use a TCPIP library. | 981 | $! Do not use a TCPIP library. |
| @@ -1177,7 +997,7 @@ $! | |||
| 1177 | $! Tell The User We Don't Know What They Want. | 997 | $! Tell The User We Don't Know What They Want. |
| 1178 | $! | 998 | $! |
| 1179 | $ WRITE SYS$OUTPUT "" | 999 | $ WRITE SYS$OUTPUT "" |
| 1180 | $ WRITE SYS$OUTPUT "The Option ",P5," Is Invalid. The Valid Options Are:" | 1000 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" |
| 1181 | $ WRITE SYS$OUTPUT "" | 1001 | $ WRITE SYS$OUTPUT "" |
| 1182 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | 1002 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." |
| 1183 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | 1003 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." |
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h index e9d1e896d7..4ae8458259 100644 --- a/src/lib/libssl/src/ssl/ssl.h +++ b/src/lib/libssl/src/ssl/ssl.h | |||
| @@ -204,6 +204,22 @@ extern "C" { | |||
| 204 | 204 | ||
| 205 | /* VRS Additional Kerberos5 entries | 205 | /* VRS Additional Kerberos5 entries |
| 206 | */ | 206 | */ |
| 207 | #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA | ||
| 208 | #define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA | ||
| 209 | #define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA | ||
| 210 | #define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA | ||
| 211 | #define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 | ||
| 212 | #define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 | ||
| 213 | #define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5 | ||
| 214 | #define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5 | ||
| 215 | |||
| 216 | #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA | ||
| 217 | #define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA | ||
| 218 | #define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA | ||
| 219 | #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 | ||
| 220 | #define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5 | ||
| 221 | #define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5 | ||
| 222 | |||
| 207 | #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA | 223 | #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA |
| 208 | #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 | 224 | #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 |
| 209 | #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA | 225 | #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA |
| @@ -299,9 +315,7 @@ extern "C" { | |||
| 299 | #include <openssl/crypto.h> | 315 | #include <openssl/crypto.h> |
| 300 | #include <openssl/lhash.h> | 316 | #include <openssl/lhash.h> |
| 301 | #include <openssl/buffer.h> | 317 | #include <openssl/buffer.h> |
| 302 | #include <openssl/bio.h> | ||
| 303 | #include <openssl/pem.h> | 318 | #include <openssl/pem.h> |
| 304 | #include <openssl/x509.h> | ||
| 305 | 319 | ||
| 306 | #ifdef __cplusplus | 320 | #ifdef __cplusplus |
| 307 | extern "C" { | 321 | extern "C" { |
| @@ -507,6 +521,8 @@ typedef struct ssl_session_st | |||
| 507 | /* Never bother the application with retries if the transport | 521 | /* Never bother the application with retries if the transport |
| 508 | * is blocking: */ | 522 | * is blocking: */ |
| 509 | #define SSL_MODE_AUTO_RETRY 0x00000004L | 523 | #define SSL_MODE_AUTO_RETRY 0x00000004L |
| 524 | /* Don't attempt to automatically build certificate chain */ | ||
| 525 | #define SSL_MODE_NO_AUTO_CHAIN 0x00000008L | ||
| 510 | 526 | ||
| 511 | 527 | ||
| 512 | /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, | 528 | /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, |
| @@ -704,10 +720,11 @@ struct ssl_ctx_st | |||
| 704 | #define SSL_SESS_CACHE_SERVER 0x0002 | 720 | #define SSL_SESS_CACHE_SERVER 0x0002 |
| 705 | #define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) | 721 | #define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) |
| 706 | #define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 | 722 | #define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 |
| 707 | /* This one, when set, makes the server session-id lookup not look | 723 | /* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ |
| 708 | * in the cache. If there is an application get_session callback | ||
| 709 | * defined, this will still get called. */ | ||
| 710 | #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 | 724 | #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 |
| 725 | #define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 | ||
| 726 | #define SSL_SESS_CACHE_NO_INTERNAL \ | ||
| 727 | (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE) | ||
| 711 | 728 | ||
| 712 | struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); | 729 | struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); |
| 713 | #define SSL_CTX_sess_number(ctx) \ | 730 | #define SSL_CTX_sess_number(ctx) \ |
| @@ -1212,14 +1229,12 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM t | |||
| 1212 | STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); | 1229 | STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); |
| 1213 | int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, | 1230 | int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, |
| 1214 | const char *file); | 1231 | const char *file); |
| 1215 | #ifndef OPENSSL_SYS_WIN32 | ||
| 1216 | #ifndef OPENSSL_SYS_VMS | 1232 | #ifndef OPENSSL_SYS_VMS |
| 1217 | #ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */ | 1233 | #ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */ |
| 1218 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, | 1234 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, |
| 1219 | const char *dir); | 1235 | const char *dir); |
| 1220 | #endif | 1236 | #endif |
| 1221 | #endif | 1237 | #endif |
| 1222 | #endif | ||
| 1223 | 1238 | ||
| 1224 | #endif | 1239 | #endif |
| 1225 | 1240 | ||
| @@ -1688,6 +1703,7 @@ void ERR_load_SSL_strings(void); | |||
| 1688 | #define SSL_R_LENGTH_TOO_SHORT 160 | 1703 | #define SSL_R_LENGTH_TOO_SHORT 160 |
| 1689 | #define SSL_R_LIBRARY_BUG 274 | 1704 | #define SSL_R_LIBRARY_BUG 274 |
| 1690 | #define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 | 1705 | #define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 |
| 1706 | #define SSL_R_MASTER_KEY_TOO_LONG 1112 | ||
| 1691 | #define SSL_R_MESSAGE_TOO_LONG 1111 | 1707 | #define SSL_R_MESSAGE_TOO_LONG 1111 |
| 1692 | #define SSL_R_MISSING_DH_DSA_CERT 162 | 1708 | #define SSL_R_MISSING_DH_DSA_CERT 162 |
| 1693 | #define SSL_R_MISSING_DH_KEY 163 | 1709 | #define SSL_R_MISSING_DH_KEY 163 |
diff --git a/src/lib/libssl/src/ssl/ssl3.h b/src/lib/libssl/src/ssl/ssl3.h index 8fd6951d77..1153aeda74 100644 --- a/src/lib/libssl/src/ssl/ssl3.h +++ b/src/lib/libssl/src/ssl/ssl3.h | |||
| @@ -156,23 +156,29 @@ extern "C" { | |||
| 156 | 156 | ||
| 157 | #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C | 157 | #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C |
| 158 | #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D | 158 | #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D |
| 159 | #if 0 /* Because it clashes with KRB5, is never used any more, and is safe | ||
| 160 | to remove according to David Hopwood <david.hopwood@zetnet.co.uk> | ||
| 161 | of the ietf-tls list */ | ||
| 159 | #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E | 162 | #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E |
| 163 | #endif | ||
| 160 | 164 | ||
| 161 | /* VRS Additional Kerberos5 entries | 165 | /* VRS Additional Kerberos5 entries |
| 162 | */ | 166 | */ |
| 163 | #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 | 167 | #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E |
| 164 | #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 | 168 | #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F |
| 165 | #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 | 169 | #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 |
| 166 | #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 | 170 | #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 |
| 167 | #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 | 171 | #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 |
| 168 | #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 | 172 | #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 |
| 169 | 173 | #define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 | |
| 170 | #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" | 174 | #define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025 |
| 171 | #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" | 175 | |
| 172 | #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" | 176 | #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 |
| 173 | #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" | 177 | #define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 |
| 174 | #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" | 178 | #define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 |
| 175 | #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" | 179 | #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 |
| 180 | #define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A | ||
| 181 | #define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B | ||
| 176 | 182 | ||
| 177 | #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" | 183 | #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" |
| 178 | #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" | 184 | #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" |
| @@ -209,6 +215,22 @@ extern "C" { | |||
| 209 | #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" | 215 | #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" |
| 210 | #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" | 216 | #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" |
| 211 | 217 | ||
| 218 | #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" | ||
| 219 | #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" | ||
| 220 | #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" | ||
| 221 | #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" | ||
| 222 | #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" | ||
| 223 | #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" | ||
| 224 | #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" | ||
| 225 | #define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" | ||
| 226 | |||
| 227 | #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" | ||
| 228 | #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" | ||
| 229 | #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" | ||
| 230 | #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" | ||
| 231 | #define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" | ||
| 232 | #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" | ||
| 233 | |||
| 212 | #define SSL3_SSL_SESSION_ID_LENGTH 32 | 234 | #define SSL3_SSL_SESSION_ID_LENGTH 32 |
| 213 | #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 | 235 | #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 |
| 214 | 236 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c index 23bfe44e21..d8ff8fc4a3 100644 --- a/src/lib/libssl/src/ssl/ssl_asn1.c +++ b/src/lib/libssl/src/ssl/ssl_asn1.c | |||
| @@ -298,6 +298,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, | |||
| 298 | os.length = sizeof ret->session_id; | 298 | os.length = sizeof ret->session_id; |
| 299 | 299 | ||
| 300 | ret->session_id_length=os.length; | 300 | ret->session_id_length=os.length; |
| 301 | OPENSSL_assert(os.length <= sizeof ret->session_id); | ||
| 301 | memcpy(ret->session_id,os.data,os.length); | 302 | memcpy(ret->session_id,os.data,os.length); |
| 302 | 303 | ||
| 303 | M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); | 304 | M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); |
| @@ -369,9 +370,15 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, | |||
| 369 | if(os.data != NULL) | 370 | if(os.data != NULL) |
| 370 | { | 371 | { |
| 371 | if (os.length > SSL_MAX_SID_CTX_LENGTH) | 372 | if (os.length > SSL_MAX_SID_CTX_LENGTH) |
| 373 | { | ||
| 374 | ret->sid_ctx_length=os.length; | ||
| 372 | SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); | 375 | SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); |
| 373 | ret->sid_ctx_length=os.length; | 376 | } |
| 374 | memcpy(ret->sid_ctx,os.data,os.length); | 377 | else |
| 378 | { | ||
| 379 | ret->sid_ctx_length=os.length; | ||
| 380 | memcpy(ret->sid_ctx,os.data,os.length); | ||
| 381 | } | ||
| 375 | OPENSSL_free(os.data); os.data=NULL; os.length=0; | 382 | OPENSSL_free(os.data); os.data=NULL; os.length=0; |
| 376 | } | 383 | } |
| 377 | else | 384 | else |
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c index 3d31bbf05f..da90078a37 100644 --- a/src/lib/libssl/src/ssl/ssl_cert.c +++ b/src/lib/libssl/src/ssl/ssl_cert.c | |||
| @@ -781,7 +781,7 @@ err: | |||
| 781 | #endif | 781 | #endif |
| 782 | #endif | 782 | #endif |
| 783 | 783 | ||
| 784 | #else | 784 | #else /* OPENSSL_SYS_WIN32 */ |
| 785 | 785 | ||
| 786 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | 786 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, |
| 787 | const char *dir) | 787 | const char *dir) |
| @@ -789,10 +789,30 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | |||
| 789 | WIN32_FIND_DATA FindFileData; | 789 | WIN32_FIND_DATA FindFileData; |
| 790 | HANDLE hFind; | 790 | HANDLE hFind; |
| 791 | int ret = 0; | 791 | int ret = 0; |
| 792 | #ifdef OPENSSL_SYS_WINCE | ||
| 793 | WCHAR* wdir = NULL; | ||
| 794 | #endif | ||
| 792 | 795 | ||
| 793 | CRYPTO_w_lock(CRYPTO_LOCK_READDIR); | 796 | CRYPTO_w_lock(CRYPTO_LOCK_READDIR); |
| 794 | 797 | ||
| 798 | #ifdef OPENSSL_SYS_WINCE | ||
| 799 | /* convert strings to UNICODE */ | ||
| 800 | { | ||
| 801 | BOOL result = FALSE; | ||
| 802 | int i; | ||
| 803 | wdir = malloc((strlen(dir)+1)*2); | ||
| 804 | if (wdir == NULL) | ||
| 805 | goto err_noclose; | ||
| 806 | for (i=0; i<(int)strlen(dir)+1; i++) | ||
| 807 | wdir[i] = (short)dir[i]; | ||
| 808 | } | ||
| 809 | #endif | ||
| 810 | |||
| 811 | #ifdef OPENSSL_SYS_WINCE | ||
| 812 | hFind = FindFirstFile(wdir, &FindFileData); | ||
| 813 | #else | ||
| 795 | hFind = FindFirstFile(dir, &FindFileData); | 814 | hFind = FindFirstFile(dir, &FindFileData); |
| 815 | #endif | ||
| 796 | /* Note that a side effect is that the CAs will be sorted by name */ | 816 | /* Note that a side effect is that the CAs will be sorted by name */ |
| 797 | if(hFind == INVALID_HANDLE_VALUE) | 817 | if(hFind == INVALID_HANDLE_VALUE) |
| 798 | { | 818 | { |
| @@ -807,7 +827,11 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | |||
| 807 | char buf[1024]; | 827 | char buf[1024]; |
| 808 | int r; | 828 | int r; |
| 809 | 829 | ||
| 830 | #ifdef OPENSSL_SYS_WINCE | ||
| 831 | if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf) | ||
| 832 | #else | ||
| 810 | if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf) | 833 | if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf) |
| 834 | #endif | ||
| 811 | { | 835 | { |
| 812 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); | 836 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); |
| 813 | goto err; | 837 | goto err; |
| @@ -825,6 +849,10 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | |||
| 825 | err: | 849 | err: |
| 826 | FindClose(hFind); | 850 | FindClose(hFind); |
| 827 | err_noclose: | 851 | err_noclose: |
| 852 | #ifdef OPENSSL_SYS_WINCE | ||
| 853 | if (wdir != NULL) | ||
| 854 | free(wdir); | ||
| 855 | #endif | ||
| 828 | CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); | 856 | CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); |
| 829 | return ret; | 857 | return ret; |
| 830 | } | 858 | } |
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c index df48245b2c..438d9eacbb 100644 --- a/src/lib/libssl/src/ssl/ssl_ciph.c +++ b/src/lib/libssl/src/ssl/ssl_ciph.c | |||
| @@ -674,13 +674,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str, | |||
| 674 | * So additionally check whether the cipher name found | 674 | * So additionally check whether the cipher name found |
| 675 | * has the correct length. We can save a strlen() call: | 675 | * has the correct length. We can save a strlen() call: |
| 676 | * just checking for the '\0' at the right place is | 676 | * just checking for the '\0' at the right place is |
| 677 | * sufficient, we have to strncmp() anyway. | 677 | * sufficient, we have to strncmp() anyway. (We cannot |
| 678 | * use strcmp(), because buf is not '\0' terminated.) | ||
| 678 | */ | 679 | */ |
| 679 | j = found = 0; | 680 | j = found = 0; |
| 680 | while (ca_list[j]) | 681 | while (ca_list[j]) |
| 681 | { | 682 | { |
| 682 | if ((ca_list[j]->name[buflen] == '\0') && | 683 | if (!strncmp(buf, ca_list[j]->name, buflen) && |
| 683 | !strncmp(buf, ca_list[j]->name, buflen)) | 684 | (ca_list[j]->name[buflen] == '\0')) |
| 684 | { | 685 | { |
| 685 | found = 1; | 686 | found = 1; |
| 686 | break; | 687 | break; |
| @@ -757,7 +758,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, | |||
| 757 | */ | 758 | */ |
| 758 | if (rule_str == NULL) return(NULL); | 759 | if (rule_str == NULL) return(NULL); |
| 759 | 760 | ||
| 760 | if (init_ciphers) load_ciphers(); | 761 | if (init_ciphers) |
| 762 | { | ||
| 763 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); | ||
| 764 | if (init_ciphers) load_ciphers(); | ||
| 765 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); | ||
| 766 | } | ||
| 761 | 767 | ||
| 762 | /* | 768 | /* |
| 763 | * To reduce the work to do we only want to process the compiled | 769 | * To reduce the work to do we only want to process the compiled |
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c index 7067a745f3..d2cb181503 100644 --- a/src/lib/libssl/src/ssl/ssl_err.c +++ b/src/lib/libssl/src/ssl/ssl_err.c | |||
| @@ -296,6 +296,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= | |||
| 296 | {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, | 296 | {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, |
| 297 | {SSL_R_LIBRARY_BUG ,"library bug"}, | 297 | {SSL_R_LIBRARY_BUG ,"library bug"}, |
| 298 | {SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, | 298 | {SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, |
| 299 | {SSL_R_MASTER_KEY_TOO_LONG ,"master key too long"}, | ||
| 299 | {SSL_R_MESSAGE_TOO_LONG ,"message too long"}, | 300 | {SSL_R_MESSAGE_TOO_LONG ,"message too long"}, |
| 300 | {SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, | 301 | {SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, |
| 301 | {SSL_R_MISSING_DH_KEY ,"missing dh key"}, | 302 | {SSL_R_MISSING_DH_KEY ,"missing dh key"}, |
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index 4bc4ce5b3a..8701fb33ca 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -273,6 +273,7 @@ SSL *SSL_new(SSL_CTX *ctx) | |||
| 273 | s->verify_mode=ctx->verify_mode; | 273 | s->verify_mode=ctx->verify_mode; |
| 274 | s->verify_depth=ctx->verify_depth; | 274 | s->verify_depth=ctx->verify_depth; |
| 275 | s->sid_ctx_length=ctx->sid_ctx_length; | 275 | s->sid_ctx_length=ctx->sid_ctx_length; |
| 276 | OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx); | ||
| 276 | memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx)); | 277 | memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx)); |
| 277 | s->verify_callback=ctx->default_verify_callback; | 278 | s->verify_callback=ctx->default_verify_callback; |
| 278 | s->generate_session_id=ctx->generate_session_id; | 279 | s->generate_session_id=ctx->generate_session_id; |
| @@ -314,7 +315,7 @@ err: | |||
| 314 | int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx, | 315 | int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx, |
| 315 | unsigned int sid_ctx_len) | 316 | unsigned int sid_ctx_len) |
| 316 | { | 317 | { |
| 317 | if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) | 318 | if(sid_ctx_len > sizeof ctx->sid_ctx) |
| 318 | { | 319 | { |
| 319 | SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); | 320 | SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); |
| 320 | return 0; | 321 | return 0; |
| @@ -364,6 +365,10 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, | |||
| 364 | * any new session built out of this id/id_len and the ssl_version in | 365 | * any new session built out of this id/id_len and the ssl_version in |
| 365 | * use by this SSL. */ | 366 | * use by this SSL. */ |
| 366 | SSL_SESSION r, *p; | 367 | SSL_SESSION r, *p; |
| 368 | |||
| 369 | if(id_len > sizeof r.session_id) | ||
| 370 | return 0; | ||
| 371 | |||
| 367 | r.ssl_version = ssl->version; | 372 | r.ssl_version = ssl->version; |
| 368 | r.session_id_length = id_len; | 373 | r.session_id_length = id_len; |
| 369 | memcpy(r.session_id, id, id_len); | 374 | memcpy(r.session_id, id, id_len); |
| @@ -1063,14 +1068,17 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, | |||
| 1063 | * preference */ | 1068 | * preference */ |
| 1064 | STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) | 1069 | STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) |
| 1065 | { | 1070 | { |
| 1066 | if ((s != NULL) && (s->cipher_list != NULL)) | 1071 | if (s != NULL) |
| 1067 | { | ||
| 1068 | return(s->cipher_list); | ||
| 1069 | } | ||
| 1070 | else if ((s->ctx != NULL) && | ||
| 1071 | (s->ctx->cipher_list != NULL)) | ||
| 1072 | { | 1072 | { |
| 1073 | return(s->ctx->cipher_list); | 1073 | if (s->cipher_list != NULL) |
| 1074 | { | ||
| 1075 | return(s->cipher_list); | ||
| 1076 | } | ||
| 1077 | else if ((s->ctx != NULL) && | ||
| 1078 | (s->ctx->cipher_list != NULL)) | ||
| 1079 | { | ||
| 1080 | return(s->ctx->cipher_list); | ||
| 1081 | } | ||
| 1074 | } | 1082 | } |
| 1075 | return(NULL); | 1083 | return(NULL); |
| 1076 | } | 1084 | } |
| @@ -1079,14 +1087,17 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) | |||
| 1079 | * algorithm id */ | 1087 | * algorithm id */ |
| 1080 | STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) | 1088 | STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) |
| 1081 | { | 1089 | { |
| 1082 | if ((s != NULL) && (s->cipher_list_by_id != NULL)) | 1090 | if (s != NULL) |
| 1083 | { | ||
| 1084 | return(s->cipher_list_by_id); | ||
| 1085 | } | ||
| 1086 | else if ((s != NULL) && (s->ctx != NULL) && | ||
| 1087 | (s->ctx->cipher_list_by_id != NULL)) | ||
| 1088 | { | 1091 | { |
| 1089 | return(s->ctx->cipher_list_by_id); | 1092 | if (s->cipher_list_by_id != NULL) |
| 1093 | { | ||
| 1094 | return(s->cipher_list_by_id); | ||
| 1095 | } | ||
| 1096 | else if ((s->ctx != NULL) && | ||
| 1097 | (s->ctx->cipher_list_by_id != NULL)) | ||
| 1098 | { | ||
| 1099 | return(s->ctx->cipher_list_by_id); | ||
| 1100 | } | ||
| 1090 | } | 1101 | } |
| 1091 | return(NULL); | 1102 | return(NULL); |
| 1092 | } | 1103 | } |
| @@ -1652,7 +1663,7 @@ void ssl_update_cache(SSL *s,int mode) | |||
| 1652 | 1663 | ||
| 1653 | i=s->ctx->session_cache_mode; | 1664 | i=s->ctx->session_cache_mode; |
| 1654 | if ((i & mode) && (!s->hit) | 1665 | if ((i & mode) && (!s->hit) |
| 1655 | && ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) | 1666 | && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) |
| 1656 | || SSL_CTX_add_session(s->ctx,s->session)) | 1667 | || SSL_CTX_add_session(s->ctx,s->session)) |
| 1657 | && (s->ctx->new_session_cb != NULL)) | 1668 | && (s->ctx->new_session_cb != NULL)) |
| 1658 | { | 1669 | { |
| @@ -1884,6 +1895,7 @@ SSL *SSL_dup(SSL *s) | |||
| 1884 | * they should not both point to the same object, | 1895 | * they should not both point to the same object, |
| 1885 | * and thus we can't use SSL_copy_session_id. */ | 1896 | * and thus we can't use SSL_copy_session_id. */ |
| 1886 | 1897 | ||
| 1898 | ret->method->ssl_free(ret); | ||
| 1887 | ret->method = s->method; | 1899 | ret->method = s->method; |
| 1888 | ret->method->ssl_new(ret); | 1900 | ret->method->ssl_new(ret); |
| 1889 | 1901 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c index 664f8c2230..a505e388fb 100644 --- a/src/lib/libssl/src/ssl/ssl_sess.c +++ b/src/lib/libssl/src/ssl/ssl_sess.c | |||
| @@ -308,9 +308,12 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) | |||
| 308 | if (copy) | 308 | if (copy) |
| 309 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | 309 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); |
| 310 | 310 | ||
| 311 | /* The following should not return 1, otherwise, | 311 | /* Add the externally cached session to the internal |
| 312 | * things are very strange */ | 312 | * cache as well if and only if we are supposed to. */ |
| 313 | SSL_CTX_add_session(s->ctx,ret); | 313 | if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE)) |
| 314 | /* The following should not return 1, otherwise, | ||
| 315 | * things are very strange */ | ||
| 316 | SSL_CTX_add_session(s->ctx,ret); | ||
| 314 | } | 317 | } |
| 315 | if (ret == NULL) | 318 | if (ret == NULL) |
| 316 | goto err; | 319 | goto err; |
| @@ -524,13 +527,13 @@ void SSL_SESSION_free(SSL_SESSION *ss) | |||
| 524 | 527 | ||
| 525 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); | 528 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
| 526 | 529 | ||
| 527 | memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); | 530 | OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg); |
| 528 | memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); | 531 | OPENSSL_cleanse(ss->master_key,sizeof ss->master_key); |
| 529 | memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); | 532 | OPENSSL_cleanse(ss->session_id,sizeof ss->session_id); |
| 530 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); | 533 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); |
| 531 | if (ss->peer != NULL) X509_free(ss->peer); | 534 | if (ss->peer != NULL) X509_free(ss->peer); |
| 532 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); | 535 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); |
| 533 | memset(ss,0,sizeof(*ss)); | 536 | OPENSSL_cleanse(ss,sizeof(*ss)); |
| 534 | OPENSSL_free(ss); | 537 | OPENSSL_free(ss); |
| 535 | } | 538 | } |
| 536 | 539 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_task.c b/src/lib/libssl/src/ssl/ssl_task.c index e36af0eb94..b5ce44b47c 100644 --- a/src/lib/libssl/src/ssl/ssl_task.c +++ b/src/lib/libssl/src/ssl/ssl_task.c | |||
| @@ -258,7 +258,7 @@ int doit(io_channel chan, SSL_CTX *s_ctx ) | |||
| 258 | { | 258 | { |
| 259 | int status, length, link_state; | 259 | int status, length, link_state; |
| 260 | struct rpc_msg msg; | 260 | struct rpc_msg msg; |
| 261 | static char cbuf[200],sbuf[200]; | 261 | |
| 262 | SSL *s_ssl=NULL; | 262 | SSL *s_ssl=NULL; |
| 263 | BIO *c_to_s=NULL; | 263 | BIO *c_to_s=NULL; |
| 264 | BIO *s_to_c=NULL; | 264 | BIO *s_to_c=NULL; |
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c index 342c59e659..5fccc48b71 100644 --- a/src/lib/libssl/src/ssl/ssltest.c +++ b/src/lib/libssl/src/ssl/ssltest.c | |||
| @@ -109,11 +109,8 @@ | |||
| 109 | * | 109 | * |
| 110 | */ | 110 | */ |
| 111 | 111 | ||
| 112 | #define _XOPEN_SOURCE 600 /* Or gethostname won't be declared properly | 112 | #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly |
| 113 | on Linux and GNU platforms. */ | 113 | on Linux and GNU platforms. */ |
| 114 | #define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly | ||
| 115 | on Compaq platforms (at least with DEC C). | ||
| 116 | */ | ||
| 117 | 114 | ||
| 118 | #include <assert.h> | 115 | #include <assert.h> |
| 119 | #include <errno.h> | 116 | #include <errno.h> |
| @@ -124,6 +121,7 @@ | |||
| 124 | #include <time.h> | 121 | #include <time.h> |
| 125 | #include <inttypes.h> | 122 | #include <inttypes.h> |
| 126 | 123 | ||
| 124 | #define USE_SOCKETS | ||
| 127 | #include "e_os.h" | 125 | #include "e_os.h" |
| 128 | 126 | ||
| 129 | #include <openssl/bio.h> | 127 | #include <openssl/bio.h> |
| @@ -131,12 +129,20 @@ | |||
| 131 | #include <openssl/evp.h> | 129 | #include <openssl/evp.h> |
| 132 | #include <openssl/x509.h> | 130 | #include <openssl/x509.h> |
| 133 | #include <openssl/ssl.h> | 131 | #include <openssl/ssl.h> |
| 132 | #ifndef OPENSSL_NO_ENGINE | ||
| 134 | #include <openssl/engine.h> | 133 | #include <openssl/engine.h> |
| 134 | #endif | ||
| 135 | #include <openssl/err.h> | 135 | #include <openssl/err.h> |
| 136 | #include <openssl/rand.h> | 136 | #include <openssl/rand.h> |
| 137 | |||
| 138 | #define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly | ||
| 139 | on Compaq platforms (at least with DEC C). | ||
| 140 | Do not try to put it earlier, or IPv6 includes | ||
| 141 | get screwed... | ||
| 142 | */ | ||
| 143 | |||
| 137 | #ifdef OPENSSL_SYS_WINDOWS | 144 | #ifdef OPENSSL_SYS_WINDOWS |
| 138 | #include <winsock.h> | 145 | #include <winsock.h> |
| 139 | #include "../crypto/bio/bss_file.c" | ||
| 140 | #else | 146 | #else |
| 141 | #include OPENSSL_UNISTD | 147 | #include OPENSSL_UNISTD |
| 142 | #endif | 148 | #endif |
| @@ -144,6 +150,9 @@ | |||
| 144 | #ifdef OPENSSL_SYS_VMS | 150 | #ifdef OPENSSL_SYS_VMS |
| 145 | # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" | 151 | # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" |
| 146 | # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" | 152 | # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" |
| 153 | #elif defined(OPENSSL_SYS_WINCE) | ||
| 154 | # define TEST_SERVER_CERT "\\OpenSSL\\server.pem" | ||
| 155 | # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem" | ||
| 147 | #else | 156 | #else |
| 148 | # define TEST_SERVER_CERT "../apps/server.pem" | 157 | # define TEST_SERVER_CERT "../apps/server.pem" |
| 149 | # define TEST_CLIENT_CERT "../apps/client.pem" | 158 | # define TEST_CLIENT_CERT "../apps/client.pem" |
| @@ -365,7 +374,9 @@ int main(int argc, char *argv[]) | |||
| 365 | verbose = 0; | 374 | verbose = 0; |
| 366 | debug = 0; | 375 | debug = 0; |
| 367 | cipher = 0; | 376 | cipher = 0; |
| 368 | 377 | ||
| 378 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | ||
| 379 | |||
| 369 | CRYPTO_set_locking_callback(lock_dbg_cb); | 380 | CRYPTO_set_locking_callback(lock_dbg_cb); |
| 370 | 381 | ||
| 371 | /* enable memory leak checking unless explicitly disabled */ | 382 | /* enable memory leak checking unless explicitly disabled */ |
| @@ -383,7 +394,6 @@ int main(int argc, char *argv[]) | |||
| 383 | 394 | ||
| 384 | RAND_seed(rnd_seed, sizeof rnd_seed); | 395 | RAND_seed(rnd_seed, sizeof rnd_seed); |
| 385 | 396 | ||
| 386 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | ||
| 387 | bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); | 397 | bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); |
| 388 | 398 | ||
| 389 | argc--; | 399 | argc--; |
| @@ -406,7 +416,7 @@ int main(int argc, char *argv[]) | |||
| 406 | #ifndef OPENSSL_NO_DH | 416 | #ifndef OPENSSL_NO_DH |
| 407 | dhe1024=1; | 417 | dhe1024=1; |
| 408 | #else | 418 | #else |
| 409 | fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"; | 419 | fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"); |
| 410 | #endif | 420 | #endif |
| 411 | } | 421 | } |
| 412 | else if (strcmp(*argv,"-dhe1024dsa") == 0) | 422 | else if (strcmp(*argv,"-dhe1024dsa") == 0) |
| @@ -414,7 +424,7 @@ int main(int argc, char *argv[]) | |||
| 414 | #ifndef OPENSSL_NO_DH | 424 | #ifndef OPENSSL_NO_DH |
| 415 | dhe1024dsa=1; | 425 | dhe1024dsa=1; |
| 416 | #else | 426 | #else |
| 417 | fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"; | 427 | fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"); |
| 418 | #endif | 428 | #endif |
| 419 | } | 429 | } |
| 420 | else if (strcmp(*argv,"-no_dhe") == 0) | 430 | else if (strcmp(*argv,"-no_dhe") == 0) |
| @@ -531,7 +541,7 @@ bad: | |||
| 531 | "the test anyway (and\n-d to see what happens), " | 541 | "the test anyway (and\n-d to see what happens), " |
| 532 | "or add one of -ssl2, -ssl3, -tls1, -reuse\n" | 542 | "or add one of -ssl2, -ssl3, -tls1, -reuse\n" |
| 533 | "to avoid protocol mismatch.\n"); | 543 | "to avoid protocol mismatch.\n"); |
| 534 | exit(1); | 544 | EXIT(1); |
| 535 | } | 545 | } |
| 536 | 546 | ||
| 537 | if (print_time) | 547 | if (print_time) |
| @@ -687,10 +697,16 @@ bad: | |||
| 687 | #ifndef OPENSSL_NO_KRB5 | 697 | #ifndef OPENSSL_NO_KRB5 |
| 688 | if (c_ssl && c_ssl->kssl_ctx) | 698 | if (c_ssl && c_ssl->kssl_ctx) |
| 689 | { | 699 | { |
| 690 | char localhost[257]; | 700 | char localhost[MAXHOSTNAMELEN+2]; |
| 691 | 701 | ||
| 692 | if (gethostname(localhost, 256) == 0) | 702 | if (gethostname(localhost, sizeof localhost-1) == 0) |
| 693 | { | 703 | { |
| 704 | localhost[sizeof localhost-1]='\0'; | ||
| 705 | if(strlen(localhost) == sizeof localhost-1) | ||
| 706 | { | ||
| 707 | BIO_printf(bio_err,"localhost name too long\n"); | ||
| 708 | goto end; | ||
| 709 | } | ||
| 694 | kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, | 710 | kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, |
| 695 | localhost); | 711 | localhost); |
| 696 | } | 712 | } |
| @@ -746,7 +762,9 @@ end: | |||
| 746 | #ifndef OPENSSL_NO_RSA | 762 | #ifndef OPENSSL_NO_RSA |
| 747 | free_tmp_rsa(); | 763 | free_tmp_rsa(); |
| 748 | #endif | 764 | #endif |
| 765 | #ifndef OPENSSL_NO_ENGINE | ||
| 749 | ENGINE_cleanup(); | 766 | ENGINE_cleanup(); |
| 767 | #endif | ||
| 750 | CRYPTO_cleanup_all_ex_data(); | 768 | CRYPTO_cleanup_all_ex_data(); |
| 751 | ERR_free_strings(); | 769 | ERR_free_strings(); |
| 752 | ERR_remove_state(0); | 770 | ERR_remove_state(0); |
| @@ -836,6 +854,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, | |||
| 836 | int i, r; | 854 | int i, r; |
| 837 | clock_t c_clock = clock(); | 855 | clock_t c_clock = clock(); |
| 838 | 856 | ||
| 857 | memset(cbuf, 0, sizeof(cbuf)); | ||
| 858 | |||
| 839 | if (debug) | 859 | if (debug) |
| 840 | if (SSL_in_init(c_ssl)) | 860 | if (SSL_in_init(c_ssl)) |
| 841 | printf("client waiting in SSL_connect - %s\n", | 861 | printf("client waiting in SSL_connect - %s\n", |
| @@ -920,6 +940,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, | |||
| 920 | int i, r; | 940 | int i, r; |
| 921 | clock_t s_clock = clock(); | 941 | clock_t s_clock = clock(); |
| 922 | 942 | ||
| 943 | memset(sbuf, 0, sizeof(sbuf)); | ||
| 944 | |||
| 923 | if (debug) | 945 | if (debug) |
| 924 | if (SSL_in_init(s_ssl)) | 946 | if (SSL_in_init(s_ssl)) |
| 925 | printf("server waiting in SSL_accept - %s\n", | 947 | printf("server waiting in SSL_accept - %s\n", |
| @@ -1163,6 +1185,9 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) | |||
| 1163 | int c_write,s_write; | 1185 | int c_write,s_write; |
| 1164 | int do_server=0,do_client=0; | 1186 | int do_server=0,do_client=0; |
| 1165 | 1187 | ||
| 1188 | memset(cbuf,0,sizeof(cbuf)); | ||
| 1189 | memset(sbuf,0,sizeof(sbuf)); | ||
| 1190 | |||
| 1166 | c_to_s=BIO_new(BIO_s_mem()); | 1191 | c_to_s=BIO_new(BIO_s_mem()); |
| 1167 | s_to_c=BIO_new(BIO_s_mem()); | 1192 | s_to_c=BIO_new(BIO_s_mem()); |
| 1168 | if ((s_to_c == NULL) || (c_to_s == NULL)) | 1193 | if ((s_to_c == NULL) || (c_to_s == NULL)) |
| @@ -1444,7 +1469,8 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) | |||
| 1444 | { | 1469 | { |
| 1445 | char *s,buf[256]; | 1470 | char *s,buf[256]; |
| 1446 | 1471 | ||
| 1447 | s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256); | 1472 | s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf, |
| 1473 | sizeof buf); | ||
| 1448 | if (s != NULL) | 1474 | if (s != NULL) |
| 1449 | { | 1475 | { |
| 1450 | if (ok) | 1476 | if (ok) |
diff --git a/src/lib/libssl/src/ssl/t1_clnt.c b/src/lib/libssl/src/ssl/t1_clnt.c index 9ad518f9f4..57205fb429 100644 --- a/src/lib/libssl/src/ssl/t1_clnt.c +++ b/src/lib/libssl/src/ssl/t1_clnt.c | |||
| @@ -79,11 +79,18 @@ SSL_METHOD *TLSv1_client_method(void) | |||
| 79 | 79 | ||
| 80 | if (init) | 80 | if (init) |
| 81 | { | 81 | { |
| 82 | memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(), | 82 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 83 | sizeof(SSL_METHOD)); | 83 | |
| 84 | TLSv1_client_data.ssl_connect=ssl3_connect; | 84 | if (init) |
| 85 | TLSv1_client_data.get_ssl_method=tls1_get_client_method; | 85 | { |
| 86 | init=0; | 86 | memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(), |
| 87 | sizeof(SSL_METHOD)); | ||
| 88 | TLSv1_client_data.ssl_connect=ssl3_connect; | ||
| 89 | TLSv1_client_data.get_ssl_method=tls1_get_client_method; | ||
| 90 | init=0; | ||
| 91 | } | ||
| 92 | |||
| 93 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 87 | } | 94 | } |
| 88 | return(&TLSv1_client_data); | 95 | return(&TLSv1_client_data); |
| 89 | } | 96 | } |
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 5290bf6665..271e247eea 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -124,7 +124,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 124 | unsigned int j; | 124 | unsigned int j; |
| 125 | HMAC_CTX ctx; | 125 | HMAC_CTX ctx; |
| 126 | HMAC_CTX ctx_tmp; | 126 | HMAC_CTX ctx_tmp; |
| 127 | unsigned char A1[HMAC_MAX_MD_CBLOCK]; | 127 | unsigned char A1[EVP_MAX_MD_SIZE]; |
| 128 | unsigned int A1_len; | 128 | unsigned int A1_len; |
| 129 | 129 | ||
| 130 | chunk=EVP_MD_size(md); | 130 | chunk=EVP_MD_size(md); |
| @@ -161,7 +161,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 161 | } | 161 | } |
| 162 | HMAC_CTX_cleanup(&ctx); | 162 | HMAC_CTX_cleanup(&ctx); |
| 163 | HMAC_CTX_cleanup(&ctx_tmp); | 163 | HMAC_CTX_cleanup(&ctx_tmp); |
| 164 | memset(A1,0,sizeof(A1)); | 164 | OPENSSL_cleanse(A1,sizeof(A1)); |
| 165 | } | 165 | } |
| 166 | 166 | ||
| 167 | static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, | 167 | static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, |
| @@ -418,10 +418,10 @@ printf("\niv="); | |||
| 418 | printf("\n"); | 418 | printf("\n"); |
| 419 | #endif | 419 | #endif |
| 420 | 420 | ||
| 421 | memset(tmp1,0,sizeof(tmp1)); | 421 | OPENSSL_cleanse(tmp1,sizeof(tmp1)); |
| 422 | memset(tmp2,0,sizeof(tmp1)); | 422 | OPENSSL_cleanse(tmp2,sizeof(tmp1)); |
| 423 | memset(iv1,0,sizeof(iv1)); | 423 | OPENSSL_cleanse(iv1,sizeof(iv1)); |
| 424 | memset(iv2,0,sizeof(iv2)); | 424 | OPENSSL_cleanse(iv2,sizeof(iv2)); |
| 425 | return(1); | 425 | return(1); |
| 426 | err: | 426 | err: |
| 427 | SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); | 427 | SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); |
| @@ -476,7 +476,7 @@ printf("pre-master\n"); | |||
| 476 | { int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } | 476 | { int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } |
| 477 | #endif | 477 | #endif |
| 478 | tls1_generate_key_block(s,p1,p2,num); | 478 | tls1_generate_key_block(s,p1,p2,num); |
| 479 | memset(p2,0,num); | 479 | OPENSSL_cleanse(p2,num); |
| 480 | OPENSSL_free(p2); | 480 | OPENSSL_free(p2); |
| 481 | #ifdef TLS_DEBUG | 481 | #ifdef TLS_DEBUG |
| 482 | printf("\nkey block\n"); | 482 | printf("\nkey block\n"); |
| @@ -683,10 +683,10 @@ int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, | |||
| 683 | 683 | ||
| 684 | tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), | 684 | tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), |
| 685 | s->session->master_key,s->session->master_key_length, | 685 | s->session->master_key,s->session->master_key_length, |
| 686 | out,buf2,12); | 686 | out,buf2,sizeof buf2); |
| 687 | EVP_MD_CTX_cleanup(&ctx); | 687 | EVP_MD_CTX_cleanup(&ctx); |
| 688 | 688 | ||
| 689 | return((int)12); | 689 | return sizeof buf2; |
| 690 | } | 690 | } |
| 691 | 691 | ||
| 692 | int tls1_mac(SSL *ssl, unsigned char *md, int send) | 692 | int tls1_mac(SSL *ssl, unsigned char *md, int send) |
| @@ -773,7 +773,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, | |||
| 773 | s->s3->server_random,SSL3_RANDOM_SIZE); | 773 | s->s3->server_random,SSL3_RANDOM_SIZE); |
| 774 | tls1_PRF(s->ctx->md5,s->ctx->sha1, | 774 | tls1_PRF(s->ctx->md5,s->ctx->sha1, |
| 775 | buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, | 775 | buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, |
| 776 | s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE); | 776 | s->session->master_key,buff,sizeof buff); |
| 777 | #ifdef KSSL_DEBUG | 777 | #ifdef KSSL_DEBUG |
| 778 | printf ("tls1_generate_master_secret() complete\n"); | 778 | printf ("tls1_generate_master_secret() complete\n"); |
| 779 | #endif /* KSSL_DEBUG */ | 779 | #endif /* KSSL_DEBUG */ |
diff --git a/src/lib/libssl/src/ssl/t1_meth.c b/src/lib/libssl/src/ssl/t1_meth.c index 9bb36a7d1c..fcc243f782 100644 --- a/src/lib/libssl/src/ssl/t1_meth.c +++ b/src/lib/libssl/src/ssl/t1_meth.c | |||
| @@ -76,13 +76,21 @@ SSL_METHOD *TLSv1_method(void) | |||
| 76 | 76 | ||
| 77 | if (init) | 77 | if (init) |
| 78 | { | 78 | { |
| 79 | memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(), | 79 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 80 | sizeof(SSL_METHOD)); | 80 | |
| 81 | TLSv1_data.ssl_connect=ssl3_connect; | 81 | if (init) |
| 82 | TLSv1_data.ssl_accept=ssl3_accept; | 82 | { |
| 83 | TLSv1_data.get_ssl_method=tls1_get_method; | 83 | memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(), |
| 84 | init=0; | 84 | sizeof(SSL_METHOD)); |
| 85 | TLSv1_data.ssl_connect=ssl3_connect; | ||
| 86 | TLSv1_data.ssl_accept=ssl3_accept; | ||
| 87 | TLSv1_data.get_ssl_method=tls1_get_method; | ||
| 88 | init=0; | ||
| 89 | } | ||
| 90 | |||
| 91 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 85 | } | 92 | } |
| 93 | |||
| 86 | return(&TLSv1_data); | 94 | return(&TLSv1_data); |
| 87 | } | 95 | } |
| 88 | 96 | ||
diff --git a/src/lib/libssl/src/ssl/t1_srvr.c b/src/lib/libssl/src/ssl/t1_srvr.c index 6e765e587f..1c1149e49f 100644 --- a/src/lib/libssl/src/ssl/t1_srvr.c +++ b/src/lib/libssl/src/ssl/t1_srvr.c | |||
| @@ -80,11 +80,18 @@ SSL_METHOD *TLSv1_server_method(void) | |||
| 80 | 80 | ||
| 81 | if (init) | 81 | if (init) |
| 82 | { | 82 | { |
| 83 | memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(), | 83 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 84 | sizeof(SSL_METHOD)); | 84 | |
| 85 | TLSv1_server_data.ssl_accept=ssl3_accept; | 85 | if (init) |
| 86 | TLSv1_server_data.get_ssl_method=tls1_get_server_method; | 86 | { |
| 87 | init=0; | 87 | memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(), |
| 88 | sizeof(SSL_METHOD)); | ||
| 89 | TLSv1_server_data.ssl_accept=ssl3_accept; | ||
| 90 | TLSv1_server_data.get_ssl_method=tls1_get_server_method; | ||
| 91 | init=0; | ||
| 92 | } | ||
| 93 | |||
| 94 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 88 | } | 95 | } |
| 89 | return(&TLSv1_server_data); | 96 | return(&TLSv1_server_data); |
| 90 | } | 97 | } |
diff --git a/src/lib/libssl/src/test/Makefile.ssl b/src/lib/libssl/src/test/Makefile.ssl index f489332a65..373f17a929 100644 --- a/src/lib/libssl/src/test/Makefile.ssl +++ b/src/lib/libssl/src/test/Makefile.ssl | |||
| @@ -15,6 +15,9 @@ MAKE= make -f $(MAKEFILE) | |||
| 15 | MAKEDEPPROG= makedepend | 15 | MAKEDEPPROG= makedepend |
| 16 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | 16 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) |
| 17 | PERL= perl | 17 | PERL= perl |
| 18 | # KRB5 stuff | ||
| 19 | KRB5_INCLUDES= | ||
| 20 | LIBKRB5= | ||
| 18 | 21 | ||
| 19 | PEX_LIBS= | 22 | PEX_LIBS= |
| 20 | EX_LIBS= #-lnsl -lsocket | 23 | EX_LIBS= #-lnsl -lsocket |
| @@ -116,158 +119,162 @@ tags: | |||
| 116 | tests: exe apps $(TESTS) | 119 | tests: exe apps $(TESTS) |
| 117 | 120 | ||
| 118 | apps: | 121 | apps: |
| 119 | @(cd ../apps; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all) | 122 | @(cd ..; $(MAKE) DIRS=apps all) |
| 120 | 123 | ||
| 121 | alltests: | 124 | SET_SO_PATHS=OSSL_LIBPATH="`cd ..; pwd`"; \ |
| 122 | (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; DYLD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \ | 125 | LD_LIBRARY_PATH="$$OSSL_LIBPATH:$$LD_LIBRARY_PATH"; \ |
| 123 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ | 126 | DYLD_LIBRARY_PATH="$$OSSL_LIBPATH:$$DYLD_LIBRARY_PATH"; \ |
| 124 | $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' alltests.chooser) | 127 | SHLIB_PATH="$$OSSL_LIBPATH:$$SHLIB_PATH"; \ |
| 125 | alltests.chooser: \ | 128 | LIBPATH="$$OSSL_LIBPATH:$$LIBPATH"; \ |
| 129 | if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \ | ||
| 130 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH | ||
| 131 | |||
| 132 | alltests: \ | ||
| 126 | test_des test_idea test_sha test_md4 test_md5 test_hmac \ | 133 | test_des test_idea test_sha test_md4 test_md5 test_hmac \ |
| 127 | test_md2 test_mdc2 \ | 134 | test_md2 test_mdc2 \ |
| 128 | test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \ | 135 | test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \ |
| 129 | test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \ | 136 | test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \ |
| 130 | test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ | 137 | test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ |
| 131 | test_ss test_ca test_engine test_evp test_ssl | 138 | test_ss test_ca test_engine test_evp test_ssl |
| 132 | 139 | ||
| 133 | test_evp: | 140 | test_evp: |
| 134 | ./$(EVPTEST) evptests.txt | 141 | $(SET_SO_PATHS); ./$(EVPTEST) evptests.txt |
| 135 | 142 | ||
| 136 | test_des: | 143 | test_des: |
| 137 | ./$(DESTEST) | 144 | $(SET_SO_PATHS); ./$(DESTEST) |
| 138 | 145 | ||
| 139 | test_idea: | 146 | test_idea: |
| 140 | ./$(IDEATEST) | 147 | $(SET_SO_PATHS); ./$(IDEATEST) |
| 141 | 148 | ||
| 142 | test_sha: | 149 | test_sha: |
| 143 | ./$(SHATEST) | 150 | $(SET_SO_PATHS); ./$(SHATEST) |
| 144 | ./$(SHA1TEST) | 151 | $(SET_SO_PATHS); ./$(SHA1TEST) |
| 145 | 152 | ||
| 146 | test_mdc2: | 153 | test_mdc2: |
| 147 | ./$(MDC2TEST) | 154 | $(SET_SO_PATHS); ./$(MDC2TEST) |
| 148 | 155 | ||
| 149 | test_md5: | 156 | test_md5: |
| 150 | ./$(MD5TEST) | 157 | $(SET_SO_PATHS); ./$(MD5TEST) |
| 151 | 158 | ||
| 152 | test_md4: | 159 | test_md4: |
| 153 | ./$(MD4TEST) | 160 | $(SET_SO_PATHS); ./$(MD4TEST) |
| 154 | 161 | ||
| 155 | test_hmac: | 162 | test_hmac: |
| 156 | ./$(HMACTEST) | 163 | $(SET_SO_PATHS); ./$(HMACTEST) |
| 157 | 164 | ||
| 158 | test_md2: | 165 | test_md2: |
| 159 | ./$(MD2TEST) | 166 | $(SET_SO_PATHS); ./$(MD2TEST) |
| 160 | 167 | ||
| 161 | test_rmd: | 168 | test_rmd: |
| 162 | ./$(RMDTEST) | 169 | $(SET_SO_PATHS); ./$(RMDTEST) |
| 163 | 170 | ||
| 164 | test_bf: | 171 | test_bf: |
| 165 | ./$(BFTEST) | 172 | $(SET_SO_PATHS); ./$(BFTEST) |
| 166 | 173 | ||
| 167 | test_cast: | 174 | test_cast: |
| 168 | ./$(CASTTEST) | 175 | $(SET_SO_PATHS); ./$(CASTTEST) |
| 169 | 176 | ||
| 170 | test_rc2: | 177 | test_rc2: |
| 171 | ./$(RC2TEST) | 178 | $(SET_SO_PATHS); ./$(RC2TEST) |
| 172 | 179 | ||
| 173 | test_rc4: | 180 | test_rc4: |
| 174 | ./$(RC4TEST) | 181 | $(SET_SO_PATHS); ./$(RC4TEST) |
| 175 | 182 | ||
| 176 | test_rc5: | 183 | test_rc5: |
| 177 | ./$(RC5TEST) | 184 | $(SET_SO_PATHS); ./$(RC5TEST) |
| 178 | 185 | ||
| 179 | test_rand: | 186 | test_rand: |
| 180 | ./$(RANDTEST) | 187 | $(SET_SO_PATHS); ./$(RANDTEST) |
| 181 | 188 | ||
| 182 | test_enc: | 189 | test_enc: |
| 183 | @sh ./testenc | 190 | @$(SET_SO_PATHS); sh ./testenc |
| 184 | 191 | ||
| 185 | test_x509: | 192 | test_x509: |
| 186 | echo test normal x509v1 certificate | 193 | echo test normal x509v1 certificate |
| 187 | sh ./tx509 2>/dev/null | 194 | $(SET_SO_PATHS); sh ./tx509 2>/dev/null |
| 188 | echo test first x509v3 certificate | 195 | echo test first x509v3 certificate |
| 189 | sh ./tx509 v3-cert1.pem 2>/dev/null | 196 | $(SET_SO_PATHS); sh ./tx509 v3-cert1.pem 2>/dev/null |
| 190 | echo test second x509v3 certificate | 197 | echo test second x509v3 certificate |
| 191 | sh ./tx509 v3-cert2.pem 2>/dev/null | 198 | $(SET_SO_PATHS); sh ./tx509 v3-cert2.pem 2>/dev/null |
| 192 | 199 | ||
| 193 | test_rsa: | 200 | test_rsa: |
| 194 | @sh ./trsa 2>/dev/null | 201 | @$(SET_SO_PATHS); sh ./trsa 2>/dev/null |
| 195 | ./$(RSATEST) | 202 | $(SET_SO_PATHS); ./$(RSATEST) |
| 196 | 203 | ||
| 197 | test_crl: | 204 | test_crl: |
| 198 | @sh ./tcrl 2>/dev/null | 205 | @$(SET_SO_PATHS); sh ./tcrl 2>/dev/null |
| 199 | 206 | ||
| 200 | test_sid: | 207 | test_sid: |
| 201 | @sh ./tsid 2>/dev/null | 208 | @$(SET_SO_PATHS); sh ./tsid 2>/dev/null |
| 202 | 209 | ||
| 203 | test_req: | 210 | test_req: |
| 204 | @sh ./treq 2>/dev/null | 211 | @$(SET_SO_PATHS); sh ./treq 2>/dev/null |
| 205 | @sh ./treq testreq2.pem 2>/dev/null | 212 | @$(SET_SO_PATHS); sh ./treq testreq2.pem 2>/dev/null |
| 206 | 213 | ||
| 207 | test_pkcs7: | 214 | test_pkcs7: |
| 208 | @sh ./tpkcs7 2>/dev/null | 215 | @$(SET_SO_PATHS); sh ./tpkcs7 2>/dev/null |
| 209 | @sh ./tpkcs7d 2>/dev/null | 216 | @$(SET_SO_PATHS); sh ./tpkcs7d 2>/dev/null |
| 210 | 217 | ||
| 211 | test_bn: | 218 | test_bn: |
| 212 | @echo starting big number library test, could take a while... | 219 | @echo starting big number library test, could take a while... |
| 213 | @./$(BNTEST) >tmp.bntest | 220 | @$(SET_SO_PATHS); ./$(BNTEST) >tmp.bntest |
| 214 | @echo quit >>tmp.bntest | 221 | @echo quit >>tmp.bntest |
| 215 | @echo "running bc" | 222 | @echo "running bc" |
| 216 | @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"' | 223 | @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"' |
| 217 | @echo 'test a^b%c implementations' | 224 | @echo 'test a^b%c implementations' |
| 218 | ./$(EXPTEST) | 225 | $(SET_SO_PATHS); ./$(EXPTEST) |
| 219 | 226 | ||
| 220 | test_ec: | 227 | test_ec: |
| 221 | @echo 'test elliptic curves' | 228 | @echo 'test elliptic curves' |
| 222 | ./$(ECTEST) | 229 | $(SET_SO_PATHS); ./$(ECTEST) |
| 223 | 230 | ||
| 224 | test_verify: | 231 | test_verify: |
| 225 | @echo "The following command should have some OK's and some failures" | 232 | @echo "The following command should have some OK's and some failures" |
| 226 | @echo "There are definitly a few expired certificates" | 233 | @echo "There are definitly a few expired certificates" |
| 227 | -../apps/openssl verify -CApath ../certs ../certs/*.pem | 234 | -$(SET_SO_PATHS); ../apps/openssl verify -CApath ../certs ../certs/*.pem |
| 228 | 235 | ||
| 229 | test_dh: | 236 | test_dh: |
| 230 | @echo "Generate a set of DH parameters" | 237 | @echo "Generate a set of DH parameters" |
| 231 | ./$(DHTEST) | 238 | $(SET_SO_PATHS); ./$(DHTEST) |
| 232 | 239 | ||
| 233 | test_dsa: | 240 | test_dsa: |
| 234 | @echo "Generate a set of DSA parameters" | 241 | @echo "Generate a set of DSA parameters" |
| 235 | ./$(DSATEST) | 242 | $(SET_SO_PATHS); ./$(DSATEST) |
| 236 | ./$(DSATEST) -app2_1 | 243 | $(SET_SO_PATHS); ./$(DSATEST) -app2_1 |
| 237 | 244 | ||
| 238 | test_gen: | 245 | test_gen: |
| 239 | @echo "Generate and verify a certificate request" | 246 | @echo "Generate and verify a certificate request" |
| 240 | @sh ./testgen | 247 | @$(SET_SO_PATHS); sh ./testgen |
| 241 | 248 | ||
| 242 | test_ss keyU.ss certU.ss certCA.ss: testss | 249 | test_ss keyU.ss certU.ss certCA.ss: testss |
| 243 | @echo "Generate and certify a test certificate" | 250 | @echo "Generate and certify a test certificate" |
| 244 | @sh ./testss | 251 | @$(SET_SO_PATHS); sh ./testss |
| 245 | 252 | ||
| 246 | test_engine: | 253 | test_engine: |
| 247 | @echo "Manipulate the ENGINE structures" | 254 | @echo "Manipulate the ENGINE structures" |
| 248 | ./$(ENGINETEST) | 255 | $(SET_SO_PATHS); ./$(ENGINETEST) |
| 249 | 256 | ||
| 250 | test_ssl: keyU.ss certU.ss certCA.ss | 257 | test_ssl: keyU.ss certU.ss certCA.ss |
| 251 | @echo "test SSL protocol" | 258 | @echo "test SSL protocol" |
| 252 | @sh ./testssl keyU.ss certU.ss certCA.ss | 259 | @$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss |
| 253 | 260 | ||
| 254 | test_ca: | 261 | test_ca: |
| 255 | @if ../apps/openssl no-rsa; then \ | 262 | @$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \ |
| 256 | echo "skipping CA.sh test -- requires RSA"; \ | 263 | echo "skipping CA.sh test -- requires RSA"; \ |
| 257 | else \ | 264 | else \ |
| 258 | echo "Generate and certify a test certificate via the 'ca' program"; \ | 265 | echo "Generate and certify a test certificate via the 'ca' program"; \ |
| 259 | sh ./testca; \ | 266 | sh ./testca; \ |
| 260 | fi | 267 | fi |
| 261 | 268 | ||
| 262 | test_rd: #$(RDTEST) | 269 | test_aes: #$(AESTEST) |
| 263 | # @echo "test Rijndael" | 270 | # @echo "test Rijndael" |
| 264 | # ./$(RDTEST) | 271 | # $(SET_SO_PATHS); ./$(AESTEST) |
| 265 | 272 | ||
| 266 | lint: | 273 | lint: |
| 267 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 274 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 268 | 275 | ||
| 269 | depend: | 276 | depend: |
| 270 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC) | 277 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC) |
| 271 | 278 | ||
| 272 | dclean: | 279 | dclean: |
| 273 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 280 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -277,101 +284,241 @@ clean: | |||
| 277 | rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log | 284 | rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log |
| 278 | 285 | ||
| 279 | $(DLIBSSL): | 286 | $(DLIBSSL): |
| 280 | (cd ../ssl; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}') | 287 | (cd ..; $(MAKE) DIRS=ssl all) |
| 281 | 288 | ||
| 282 | $(DLIBCRYPTO): | 289 | $(DLIBCRYPTO): |
| 283 | (cd ../crypto; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}') | 290 | (cd ..; $(MAKE) DIRS=crypto all) |
| 284 | 291 | ||
| 285 | $(RSATEST): $(RSATEST).o $(DLIBCRYPTO) | 292 | $(RSATEST): $(RSATEST).o $(DLIBCRYPTO) |
| 286 | $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 293 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 294 | $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 295 | else \ | ||
| 296 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 297 | $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 298 | fi | ||
| 287 | 299 | ||
| 288 | $(BNTEST): $(BNTEST).o $(DLIBCRYPTO) | 300 | $(BNTEST): $(BNTEST).o $(DLIBCRYPTO) |
| 289 | $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 301 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 302 | $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 303 | else \ | ||
| 304 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 305 | $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 306 | fi | ||
| 290 | 307 | ||
| 291 | $(ECTEST): $(ECTEST).o $(DLIBCRYPTO) | 308 | $(ECTEST): $(ECTEST).o $(DLIBCRYPTO) |
| 292 | $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 309 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 310 | $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 311 | else \ | ||
| 312 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 313 | $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 314 | fi | ||
| 293 | 315 | ||
| 294 | $(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO) | 316 | $(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO) |
| 295 | $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 317 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 318 | $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 319 | else \ | ||
| 320 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 321 | $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 322 | fi | ||
| 296 | 323 | ||
| 297 | $(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO) | 324 | $(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO) |
| 298 | $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 325 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 326 | $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 327 | else \ | ||
| 328 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 329 | $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 330 | fi | ||
| 299 | 331 | ||
| 300 | $(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO) | 332 | $(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO) |
| 301 | $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 333 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 334 | $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 335 | else \ | ||
| 336 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 337 | $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 338 | fi | ||
| 302 | 339 | ||
| 303 | $(SHATEST): $(SHATEST).o $(DLIBCRYPTO) | 340 | $(SHATEST): $(SHATEST).o $(DLIBCRYPTO) |
| 304 | $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 341 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 342 | $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 343 | else \ | ||
| 344 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 345 | $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 346 | fi | ||
| 305 | 347 | ||
| 306 | $(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO) | 348 | $(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO) |
| 307 | $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 349 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 350 | $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 351 | else \ | ||
| 352 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 353 | $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 354 | fi | ||
| 308 | 355 | ||
| 309 | $(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO) | 356 | $(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO) |
| 310 | $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 357 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 358 | $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 359 | else \ | ||
| 360 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 361 | $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 362 | fi | ||
| 311 | 363 | ||
| 312 | $(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO) | 364 | $(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO) |
| 313 | $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 365 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 366 | $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 367 | else \ | ||
| 368 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 369 | $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 370 | fi | ||
| 314 | 371 | ||
| 315 | $(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO) | 372 | $(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO) |
| 316 | $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 373 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 374 | $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 375 | else \ | ||
| 376 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 377 | $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 378 | fi | ||
| 317 | 379 | ||
| 318 | $(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO) | 380 | $(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO) |
| 319 | $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 381 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 382 | $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 383 | else \ | ||
| 384 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 385 | $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 386 | fi | ||
| 320 | 387 | ||
| 321 | $(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO) | 388 | $(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO) |
| 322 | $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 389 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 390 | $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 391 | else \ | ||
| 392 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 393 | $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 394 | fi | ||
| 323 | 395 | ||
| 324 | $(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO) | 396 | $(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO) |
| 325 | $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 397 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 398 | $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 399 | else \ | ||
| 400 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 401 | $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 402 | fi | ||
| 326 | 403 | ||
| 327 | $(BFTEST): $(BFTEST).o $(DLIBCRYPTO) | 404 | $(BFTEST): $(BFTEST).o $(DLIBCRYPTO) |
| 328 | $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 405 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 406 | $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 407 | else \ | ||
| 408 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 409 | $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 410 | fi | ||
| 329 | 411 | ||
| 330 | $(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO) | 412 | $(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO) |
| 331 | $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 413 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 414 | $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 415 | else \ | ||
| 416 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 417 | $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 418 | fi | ||
| 332 | 419 | ||
| 333 | $(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO) | 420 | $(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO) |
| 334 | $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 421 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 422 | $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 423 | else \ | ||
| 424 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 425 | $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 426 | fi | ||
| 335 | 427 | ||
| 336 | $(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO) | 428 | $(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO) |
| 337 | $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 429 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 430 | $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 431 | else \ | ||
| 432 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 433 | $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 434 | fi | ||
| 338 | 435 | ||
| 339 | $(DESTEST): $(DESTEST).o $(DLIBCRYPTO) | 436 | $(DESTEST): $(DESTEST).o $(DLIBCRYPTO) |
| 340 | $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 437 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 438 | $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 439 | else \ | ||
| 440 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 441 | $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 442 | fi | ||
| 341 | 443 | ||
| 342 | $(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO) | 444 | $(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO) |
| 343 | $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 445 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 446 | $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 447 | else \ | ||
| 448 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 449 | $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 450 | fi | ||
| 344 | 451 | ||
| 345 | $(DHTEST): $(DHTEST).o $(DLIBCRYPTO) | 452 | $(DHTEST): $(DHTEST).o $(DLIBCRYPTO) |
| 346 | $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 453 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 454 | $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 455 | else \ | ||
| 456 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 457 | $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 458 | fi | ||
| 347 | 459 | ||
| 348 | $(DSATEST): $(DSATEST).o $(DLIBCRYPTO) | 460 | $(DSATEST): $(DSATEST).o $(DLIBCRYPTO) |
| 349 | $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 461 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 462 | $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 463 | else \ | ||
| 464 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 465 | $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 466 | fi | ||
| 350 | 467 | ||
| 351 | $(METHTEST): $(METHTEST).o $(DLIBCRYPTO) | 468 | $(METHTEST): $(METHTEST).o $(DLIBCRYPTO) |
| 352 | $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 469 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 470 | $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 471 | else \ | ||
| 472 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 473 | $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 474 | fi | ||
| 353 | 475 | ||
| 354 | $(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) | 476 | $(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
| 355 | $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) | 477 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 478 | $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 479 | else \ | ||
| 480 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 481 | $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 482 | fi | ||
| 356 | 483 | ||
| 357 | $(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO) | 484 | $(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO) |
| 358 | $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 485 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 486 | $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 487 | else \ | ||
| 488 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 489 | $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 490 | fi | ||
| 359 | 491 | ||
| 360 | $(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO) | 492 | $(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO) |
| 361 | $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 493 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 494 | $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 495 | else \ | ||
| 496 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 497 | $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 498 | fi | ||
| 362 | 499 | ||
| 363 | #$(RDTEST).o: $(RDTEST).c | 500 | #$(AESTEST).o: $(AESTEST).c |
| 364 | # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c | 501 | # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
| 365 | 502 | ||
| 366 | #$(RDTEST): $(RDTEST).o $(DLIBCRYPTO) | 503 | #$(AESTEST): $(AESTEST).o $(DLIBCRYPTO) |
| 367 | # $(CC) -o $(RDTEST) $(CFLAGS) $(RDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 504 | # if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 505 | # $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 506 | # else \ | ||
| 507 | # LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 508 | # $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 509 | # fi | ||
| 368 | 510 | ||
| 369 | dummytest: dummytest.o $(DLIBCRYPTO) | 511 | dummytest: dummytest.o $(DLIBCRYPTO) |
| 370 | $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 512 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 513 | $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 514 | else \ | ||
| 515 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 516 | $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 517 | fi | ||
| 371 | 518 | ||
| 372 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 519 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 373 | 520 | ||
| 374 | bftest.o: ../include/openssl/blowfish.h ../include/openssl/e_os2.h | 521 | bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h |
| 375 | bftest.o: ../include/openssl/opensslconf.h bftest.c | 522 | bftest.o: ../include/openssl/opensslconf.h bftest.c |
| 376 | bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 523 | bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 377 | bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 524 | bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| @@ -394,31 +541,30 @@ bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h | |||
| 394 | bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 541 | bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 395 | bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 542 | bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 396 | bntest.o: ../include/openssl/x509_vfy.h bntest.c | 543 | bntest.o: ../include/openssl/x509_vfy.h bntest.c |
| 397 | casttest.o: ../include/openssl/cast.h casttest.c | 544 | casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h |
| 545 | casttest.o: ../include/openssl/opensslconf.h casttest.c | ||
| 398 | destest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 546 | destest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| 399 | destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h | 547 | destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h |
| 400 | destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 548 | destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 401 | destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 549 | destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 402 | destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 550 | destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 403 | destest.o: ../include/openssl/ui_compat.h destest.c | 551 | destest.o: ../include/openssl/ui_compat.h destest.c |
| 404 | dhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h | 552 | dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 405 | dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h | 553 | dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h |
| 406 | dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h | 554 | dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| 407 | dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h | 555 | dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h |
| 408 | dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 556 | dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 409 | dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h | 557 | dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h |
| 410 | dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c | 558 | dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c |
| 411 | dsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 559 | dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 412 | dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 560 | dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h |
| 413 | dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 561 | dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h |
| 414 | dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h | ||
| 415 | dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h | 562 | dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h |
| 416 | dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 563 | dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 417 | dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 564 | dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h |
| 418 | dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 565 | dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 419 | dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 566 | dsatest.o: ../include/openssl/symhacks.h dsatest.c |
| 420 | dsatest.o: ../include/openssl/ui.h dsatest.c | 567 | ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 421 | ectest.o: ../include/openssl/asn1.h ../include/openssl/bio.h | ||
| 422 | ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 568 | ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h |
| 423 | ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 569 | ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h |
| 424 | ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 570 | ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| @@ -439,7 +585,7 @@ enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h | |||
| 439 | enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 585 | enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 440 | enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 586 | enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 441 | enginetest.o: enginetest.c | 587 | enginetest.o: enginetest.c |
| 442 | evp_test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 588 | evp_test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 443 | evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 589 | evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 444 | evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 590 | evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 445 | evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 591 | evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -459,14 +605,14 @@ evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | |||
| 459 | evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h | 605 | evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 460 | evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 606 | evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 461 | evp_test.o: ../include/openssl/ui_compat.h evp_test.c | 607 | evp_test.o: ../include/openssl/ui_compat.h evp_test.c |
| 462 | exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h | 608 | exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 463 | exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 609 | exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 464 | exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h | 610 | exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h |
| 465 | exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 611 | exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 466 | exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 612 | exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h |
| 467 | exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 613 | exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 468 | exptest.o: ../include/openssl/symhacks.h exptest.c | 614 | exptest.o: ../include/openssl/symhacks.h exptest.c |
| 469 | hmactest.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 615 | hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 470 | hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 616 | hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 471 | hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h | 617 | hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 472 | hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 618 | hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -484,9 +630,9 @@ hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | |||
| 484 | hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h | 630 | hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 485 | hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 631 | hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 486 | hmactest.o: ../include/openssl/ui_compat.h hmactest.c | 632 | hmactest.o: ../include/openssl/ui_compat.h hmactest.c |
| 487 | ideatest.o: ../include/openssl/idea.h ../include/openssl/opensslconf.h | 633 | ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h |
| 488 | ideatest.o: ideatest.c | 634 | ideatest.o: ../include/openssl/opensslconf.h ideatest.c |
| 489 | md2test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 635 | md2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 490 | md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 636 | md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 491 | md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 637 | md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 492 | md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 638 | md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -503,7 +649,7 @@ md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 503 | md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 649 | md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 504 | md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 650 | md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 505 | md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c | 651 | md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c |
| 506 | md4test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 652 | md4test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 507 | md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 653 | md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 508 | md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 654 | md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 509 | md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 655 | md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -520,7 +666,7 @@ md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 520 | md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 666 | md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 521 | md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 667 | md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 522 | md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c | 668 | md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c |
| 523 | md5test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 669 | md5test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 524 | md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 670 | md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 525 | md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 671 | md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 526 | md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 672 | md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -537,7 +683,7 @@ md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 537 | md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 683 | md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 538 | md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 684 | md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 539 | md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c | 685 | md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c |
| 540 | mdc2test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 686 | mdc2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 541 | mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 687 | mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 542 | mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 688 | mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 543 | mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 689 | mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -554,12 +700,16 @@ mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 554 | mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 700 | mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 555 | mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 701 | mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 556 | mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c | 702 | mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c |
| 557 | randtest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h | 703 | randtest.o: ../e_os.h ../include/openssl/e_os2.h |
| 558 | randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h randtest.c | 704 | randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h |
| 705 | randtest.o: ../include/openssl/rand.h randtest.c | ||
| 706 | rc2test.o: ../e_os.h ../include/openssl/e_os2.h | ||
| 559 | rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c | 707 | rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c |
| 708 | rc4test.o: ../e_os.h ../include/openssl/e_os2.h | ||
| 560 | rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c | 709 | rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c |
| 561 | rc5test.o: ../include/openssl/rc5.h rc5test.c | 710 | rc5test.o: ../e_os.h ../include/openssl/e_os2.h |
| 562 | rmdtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 711 | rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c |
| 712 | rmdtest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | ||
| 563 | rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 713 | rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 564 | rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h | 714 | rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 565 | rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 715 | rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -578,15 +728,13 @@ rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | |||
| 578 | rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c | 728 | rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c |
| 579 | rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 729 | rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 580 | rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 730 | rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h |
| 581 | rsa_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 731 | rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| 582 | rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h | 732 | rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h |
| 583 | rsa_test.o: ../include/openssl/err.h ../include/openssl/lhash.h | 733 | rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 584 | rsa_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 734 | rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 585 | rsa_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 735 | rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 586 | rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 736 | rsa_test.o: ../include/openssl/symhacks.h rsa_test.c |
| 587 | rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 737 | sha1test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 588 | rsa_test.o: ../include/openssl/ui.h rsa_test.c | ||
| 589 | sha1test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | ||
| 590 | sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 738 | sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 591 | sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 739 | sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 592 | sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 740 | sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -603,7 +751,7 @@ sha1test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 603 | sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 751 | sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 604 | sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 752 | sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 605 | sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c | 753 | sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c |
| 606 | shatest.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 754 | shatest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 607 | shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 755 | shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 608 | shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h | 756 | shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 609 | shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 757 | shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
diff --git a/src/lib/libssl/src/test/maketests.com b/src/lib/libssl/src/test/maketests.com index 91e859deab..7c44e4545a 100644 --- a/src/lib/libssl/src/test/maketests.com +++ b/src/lib/libssl/src/test/maketests.com | |||
| @@ -16,22 +16,10 @@ $! The test "executeables" will be placed in a directory called | |||
| 16 | $! [.xxx.EXE.TEST] where "xxx" denotes AXP or VAX depending on your machines | 16 | $! [.xxx.EXE.TEST] where "xxx" denotes AXP or VAX depending on your machines |
| 17 | $! architecture. | 17 | $! architecture. |
| 18 | $! | 18 | $! |
| 19 | $! Specify RSAREF as P1 to compile with the RSAREF library instead of | 19 | $! Specify DEBUG or NODEBUG P1 to compile with or without debugger |
| 20 | $! the regular one. If you specify NORSAREF it will compile with the | ||
| 21 | $! regular RSAREF routines. (Note: If you are in the United States | ||
| 22 | $! you MUST compile with RSAREF unless you have a license from RSA). | ||
| 23 | $! | ||
| 24 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 25 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 26 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 27 | $! directory structure stored. You have to extract the file | ||
| 28 | $! into the [.RSAREF] directory under the root directory as that | ||
| 29 | $! is where the scripts will look for the files. | ||
| 30 | $! | ||
| 31 | $! Specify DEBUG or NODEBUG P2 to compile with or without debugger | ||
| 32 | $! information. | 20 | $! information. |
| 33 | $! | 21 | $! |
| 34 | $! Specify which compiler at P3 to try to compile under. | 22 | $! Specify which compiler at P2 to try to compile under. |
| 35 | $! | 23 | $! |
| 36 | $! VAXC For VAX C. | 24 | $! VAXC For VAX C. |
| 37 | $! DECC For DEC C. | 25 | $! DECC For DEC C. |
| @@ -40,13 +28,13 @@ $! | |||
| 40 | $! If you don't speficy a compiler, it will try to determine which | 28 | $! If you don't speficy a compiler, it will try to determine which |
| 41 | $! "C" compiler to use. | 29 | $! "C" compiler to use. |
| 42 | $! | 30 | $! |
| 43 | $! P4, if defined, sets a TCP/IP library to use, through one of the following | 31 | $! P3, if defined, sets a TCP/IP library to use, through one of the following |
| 44 | $! keywords: | 32 | $! keywords: |
| 45 | $! | 33 | $! |
| 46 | $! UCX for UCX | 34 | $! UCX for UCX |
| 47 | $! SOCKETSHR for SOCKETSHR+NETLIB | 35 | $! SOCKETSHR for SOCKETSHR+NETLIB |
| 48 | $! | 36 | $! |
| 49 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | 37 | $! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) |
| 50 | $! | 38 | $! |
| 51 | $! | 39 | $! |
| 52 | $! Define A TCP/IP Library That We Will Need To Link To. | 40 | $! Define A TCP/IP Library That We Will Need To Link To. |
| @@ -91,10 +79,6 @@ $! Define The CRYPTO-LIB We Are To Use. | |||
| 91 | $! | 79 | $! |
| 92 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB | 80 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB |
| 93 | $! | 81 | $! |
| 94 | $! Define The RSAREF-LIB We Are To Use. | ||
| 95 | $! | ||
| 96 | $ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB | ||
| 97 | $! | ||
| 98 | $! Define The SSL We Are To Use. | 82 | $! Define The SSL We Are To Use. |
| 99 | $! | 83 | $! |
| 100 | $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB | 84 | $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB |
| @@ -227,74 +211,32 @@ $! | |||
| 227 | $ ENDIF | 211 | $ ENDIF |
| 228 | $! | 212 | $! |
| 229 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. | 213 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. |
| 214 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 230 | $! | 215 | $! |
| 231 | $ IF (RSAREF.EQS."TRUE") | 216 | $ IF (TCPIP_LIB.NES."") |
| 232 | $ THEN | 217 | $ THEN |
| 233 | $! | 218 | $! |
| 234 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 219 | $! Don't Link With The RSAREF Routines And TCP/IP Library. |
| 235 | $! | ||
| 236 | $ IF (TCPIP_LIB.NES."") | ||
| 237 | $ THEN | ||
| 238 | $! | ||
| 239 | $! Link With The RSAREF Library And A Specific TCP/IP Library. | ||
| 240 | $! | ||
| 241 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 242 | 'OBJECT_FILE',- | ||
| 243 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 244 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 245 | $! | ||
| 246 | $! Else... | ||
| 247 | $! | ||
| 248 | $ ELSE | ||
| 249 | $! | ||
| 250 | $! Link With The RSAREF Library And NO TCP/IP Library. | ||
| 251 | $! | ||
| 252 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 253 | 'OBJECT_FILE', - | ||
| 254 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 255 | 'OPT_FILE'/OPTION | ||
| 256 | $! | ||
| 257 | $! End The TCP/IP Library Check. | ||
| 258 | $! | ||
| 259 | $ ENDIF | ||
| 260 | $! | ||
| 261 | $! Else... | ||
| 262 | $! | ||
| 263 | $ ELSE | ||
| 264 | $! | ||
| 265 | $! Don't Link With The RSAREF Routines. | ||
| 266 | $! | ||
| 267 | $! | ||
| 268 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 269 | $! | ||
| 270 | $ IF (TCPIP_LIB.NES."") | ||
| 271 | $ THEN | ||
| 272 | $! | ||
| 273 | $! Don't Link With The RSAREF Routines And TCP/IP Library. | ||
| 274 | $! | 220 | $! |
| 275 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | 221 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - |
| 276 | 'OBJECT_FILE', - | 222 | 'OBJECT_FILE', - |
| 277 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | 223 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - |
| 278 | 'TCPIP_LIB','OPT_FILE'/OPTION | 224 | 'TCPIP_LIB','OPT_FILE'/OPTION |
| 279 | $! | 225 | $! |
| 280 | $! Else... | 226 | $! Else... |
| 281 | $! | 227 | $! |
| 282 | $ ELSE | 228 | $ ELSE |
| 283 | $! | 229 | $! |
| 284 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. | 230 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. |
| 285 | $! | 231 | $! |
| 286 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | 232 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - |
| 287 | 'OBJECT_FILE', - | 233 | 'OBJECT_FILE', - |
| 288 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | 234 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - |
| 289 | 'OPT_FILE'/OPTION | 235 | 'OPT_FILE'/OPTION |
| 290 | $! | 236 | $! |
| 291 | $! End The TCP/IP Library Check. | 237 | $! End The TCP/IP Library Check. |
| 292 | $! | ||
| 293 | $ ENDIF | ||
| 294 | $! | ||
| 295 | $! End The RSAREF Link Check. | ||
| 296 | $! | 238 | $! |
| 297 | $ ENDIF | 239 | $ ENDIF |
| 298 | $! | 240 | $! |
| 299 | $! Go Back And Do It Again. | 241 | $! Go Back And Do It Again. |
| 300 | $! | 242 | $! |
| @@ -459,32 +401,6 @@ $! End The Crypto Library Check. | |||
| 459 | $! | 401 | $! |
| 460 | $ ENDIF | 402 | $ ENDIF |
| 461 | $! | 403 | $! |
| 462 | $! See If We Need The RSAREF Library... | ||
| 463 | $! | ||
| 464 | $ IF (RSAREF.EQS."TRUE") | ||
| 465 | $ THEN | ||
| 466 | $! | ||
| 467 | $! Look For The Library LIBRSAGLUE.OLB. | ||
| 468 | $! | ||
| 469 | $ IF (F$SEARCH(RSAREF_LIB).EQS."") | ||
| 470 | $ THEN | ||
| 471 | $! | ||
| 472 | $! Tell The User We Can't Find The LIBRSAGLUE.OLB Library. | ||
| 473 | $! | ||
| 474 | $ WRITE SYS$OUTPUT "" | ||
| 475 | $ WRITE SYS$OUTPUT "Can't Find The Library ",RSAREF_LIB,"." | ||
| 476 | $ WRITE SYS$OUTPUT "We Can't Link Without It." | ||
| 477 | $ WRITE SYS$OUTPUT "" | ||
| 478 | $! | ||
| 479 | $! Since We Can't Link Without It, Exit. | ||
| 480 | $! | ||
| 481 | $ EXIT | ||
| 482 | $ ENDIF | ||
| 483 | $! | ||
| 484 | $! End The RSAREF Library Check. | ||
| 485 | $! | ||
| 486 | $ ENDIF | ||
| 487 | $! | ||
| 488 | $! Look For The Library LIBSSL.OLB. | 404 | $! Look For The Library LIBSSL.OLB. |
| 489 | $! | 405 | $! |
| 490 | $ IF (F$SEARCH(SSL_LIB).EQS."") | 406 | $ IF (F$SEARCH(SSL_LIB).EQS."") |
| @@ -515,75 +431,10 @@ $ CHECK_OPTIONS: | |||
| 515 | $! | 431 | $! |
| 516 | $! Check To See If P1 Is Blank. | 432 | $! Check To See If P1 Is Blank. |
| 517 | $! | 433 | $! |
| 518 | $ P1 = "NORSAREF" | 434 | $ IF (P1.EQS."NODEBUG") |
| 519 | $ IF (P1.EQS."NORSAREF") | ||
| 520 | $ THEN | ||
| 521 | $! | ||
| 522 | $! P1 Is NORSAREF, So Compile With The Regular RSA Libraries. | ||
| 523 | $! | ||
| 524 | $ RSAREF = "FALSE" | ||
| 525 | $ ELSE | ||
| 526 | $! | ||
| 527 | $! Check To See If We Are To Use The RSAREF Library. | ||
| 528 | $! | ||
| 529 | $ IF (P1.EQS."RSAREF") | ||
| 530 | $ THEN | ||
| 531 | $! | ||
| 532 | $! Check To Make Sure We Have The RSAREF Source Code Directory. | ||
| 533 | $! | ||
| 534 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."") | ||
| 535 | $ THEN | ||
| 536 | $! | ||
| 537 | $! We Don't Have The RSAREF Souce Code Directory, So Tell The | ||
| 538 | $! User This. | ||
| 539 | $! | ||
| 540 | $ WRITE SYS$OUTPUT "" | ||
| 541 | $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." | ||
| 542 | $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" | ||
| 543 | $ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the" | ||
| 544 | $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" | ||
| 545 | $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" | ||
| 546 | $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." | ||
| 547 | $ WRITE SYS$OUTPUT "" | ||
| 548 | $! | ||
| 549 | $! Time To Exit. | ||
| 550 | $! | ||
| 551 | $ EXIT | ||
| 552 | $! | ||
| 553 | $! Else, Compile Using The RSAREF Library. | ||
| 554 | $! | ||
| 555 | $ ELSE | ||
| 556 | $ RSAREF = "TRUE" | ||
| 557 | $ ENDIF | ||
| 558 | $ ELSE | ||
| 559 | $! | ||
| 560 | $! They Entered An Invalid Option.. | ||
| 561 | $! | ||
| 562 | $ WRITE SYS$OUTPUT "" | ||
| 563 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" | ||
| 564 | $ WRITE SYS$OUTPUT "" | ||
| 565 | $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." | ||
| 566 | $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." | ||
| 567 | $ WRITE SYS$OUTPUT "" | ||
| 568 | $! | ||
| 569 | $! Time To EXIT. | ||
| 570 | $! | ||
| 571 | $ EXIT | ||
| 572 | $! | ||
| 573 | $! End The Valid Arguement Check. | ||
| 574 | $! | ||
| 575 | $ ENDIF | ||
| 576 | $! | ||
| 577 | $! End The P1 Check. | ||
| 578 | $! | ||
| 579 | $ ENDIF | ||
| 580 | $! | ||
| 581 | $! Check To See If P2 Is Blank. | ||
| 582 | $! | ||
| 583 | $ IF (P2.EQS."NODEBUG") | ||
| 584 | $ THEN | 435 | $ THEN |
| 585 | $! | 436 | $! |
| 586 | $! P2 Is NODEBUG, So Compile Without Debugger Information. | 437 | $! P1 Is NODEBUG, So Compile Without Debugger Information. |
| 587 | $! | 438 | $! |
| 588 | $ DEBUGGER = "NODEBUG" | 439 | $ DEBUGGER = "NODEBUG" |
| 589 | $ TRACEBACK = "NOTRACEBACK" | 440 | $ TRACEBACK = "NOTRACEBACK" |
| @@ -598,7 +449,7 @@ $ ELSE | |||
| 598 | $! | 449 | $! |
| 599 | $! Check To See If We Are To Compile With Debugger Information. | 450 | $! Check To See If We Are To Compile With Debugger Information. |
| 600 | $! | 451 | $! |
| 601 | $ IF (P2.EQS."DEBUG") | 452 | $ IF (P1.EQS."DEBUG") |
| 602 | $ THEN | 453 | $ THEN |
| 603 | $! | 454 | $! |
| 604 | $! Compile With Debugger Information. | 455 | $! Compile With Debugger Information. |
| @@ -617,7 +468,7 @@ $! | |||
| 617 | $! Tell The User Entered An Invalid Option.. | 468 | $! Tell The User Entered An Invalid Option.. |
| 618 | $! | 469 | $! |
| 619 | $ WRITE SYS$OUTPUT "" | 470 | $ WRITE SYS$OUTPUT "" |
| 620 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | 471 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" |
| 621 | $ WRITE SYS$OUTPUT "" | 472 | $ WRITE SYS$OUTPUT "" |
| 622 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | 473 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." |
| 623 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | 474 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." |
| @@ -631,13 +482,13 @@ $! End The Valid Arguement Check. | |||
| 631 | $! | 482 | $! |
| 632 | $ ENDIF | 483 | $ ENDIF |
| 633 | $! | 484 | $! |
| 634 | $! End The P3 Check. | 485 | $! End The P2 Check. |
| 635 | $! | 486 | $! |
| 636 | $ ENDIF | 487 | $ ENDIF |
| 637 | $! | 488 | $! |
| 638 | $! Check To See If P3 Is Blank. | 489 | $! Check To See If P2 Is Blank. |
| 639 | $! | 490 | $! |
| 640 | $ IF (P3.EQS."") | 491 | $ IF (P2.EQS."") |
| 641 | $ THEN | 492 | $ THEN |
| 642 | $! | 493 | $! |
| 643 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | 494 | $! O.K., The User Didn't Specify A Compiler, Let's Try To |
| @@ -650,7 +501,7 @@ $ THEN | |||
| 650 | $! | 501 | $! |
| 651 | $! Looks Like GNUC, Set To Use GNUC. | 502 | $! Looks Like GNUC, Set To Use GNUC. |
| 652 | $! | 503 | $! |
| 653 | $ P3 = "GNUC" | 504 | $ P2 = "GNUC" |
| 654 | $! | 505 | $! |
| 655 | $! End The GNU C Compiler Check. | 506 | $! End The GNU C Compiler Check. |
| 656 | $! | 507 | $! |
| @@ -663,7 +514,7 @@ $ THEN | |||
| 663 | $! | 514 | $! |
| 664 | $! Looks Like DECC, Set To Use DECC. | 515 | $! Looks Like DECC, Set To Use DECC. |
| 665 | $! | 516 | $! |
| 666 | $ P3 = "DECC" | 517 | $ P2 = "DECC" |
| 667 | $! | 518 | $! |
| 668 | $! Else... | 519 | $! Else... |
| 669 | $! | 520 | $! |
| @@ -671,7 +522,7 @@ $ ELSE | |||
| 671 | $! | 522 | $! |
| 672 | $! Looks Like VAXC, Set To Use VAXC. | 523 | $! Looks Like VAXC, Set To Use VAXC. |
| 673 | $! | 524 | $! |
| 674 | $ P3 = "VAXC" | 525 | $ P2 = "VAXC" |
| 675 | $! | 526 | $! |
| 676 | $! End The VAXC Compiler Check. | 527 | $! End The VAXC Compiler Check. |
| 677 | $! | 528 | $! |
| @@ -685,9 +536,9 @@ $! End The Compiler Check. | |||
| 685 | $! | 536 | $! |
| 686 | $ ENDIF | 537 | $ ENDIF |
| 687 | $! | 538 | $! |
| 688 | $! Check To See If We Have A Option For P4. | 539 | $! Check To See If We Have A Option For P3. |
| 689 | $! | 540 | $! |
| 690 | $ IF (P4.EQS."") | 541 | $ IF (P3.EQS."") |
| 691 | $ THEN | 542 | $ THEN |
| 692 | $! | 543 | $! |
| 693 | $! Find out what socket library we have available | 544 | $! Find out what socket library we have available |
| @@ -697,7 +548,7 @@ $ THEN | |||
| 697 | $! | 548 | $! |
| 698 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | 549 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. |
| 699 | $! | 550 | $! |
| 700 | $ P4 = "SOCKETSHR" | 551 | $ P3 = "SOCKETSHR" |
| 701 | $! | 552 | $! |
| 702 | $! Tell the user | 553 | $! Tell the user |
| 703 | $! | 554 | $! |
| @@ -717,7 +568,7 @@ $ THEN | |||
| 717 | $! | 568 | $! |
| 718 | $! Last resort: a UCX or UCX-compatible library | 569 | $! Last resort: a UCX or UCX-compatible library |
| 719 | $! | 570 | $! |
| 720 | $ P4 = "UCX" | 571 | $ P3 = "UCX" |
| 721 | $! | 572 | $! |
| 722 | $! Tell the user | 573 | $! Tell the user |
| 723 | $! | 574 | $! |
| @@ -731,7 +582,7 @@ $ ENDIF | |||
| 731 | $! | 582 | $! |
| 732 | $! Set Up Initial CC Definitions, Possibly With User Ones | 583 | $! Set Up Initial CC Definitions, Possibly With User Ones |
| 733 | $! | 584 | $! |
| 734 | $ CCDEFS = "TCPIP_TYPE_''P4'" | 585 | $ CCDEFS = "TCPIP_TYPE_''P3'" |
| 735 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | 586 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS |
| 736 | $ CCEXTRAFLAGS = "" | 587 | $ CCEXTRAFLAGS = "" |
| 737 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | 588 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS |
| @@ -741,12 +592,12 @@ $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | |||
| 741 | $! | 592 | $! |
| 742 | $! Check To See If The User Entered A Valid Paramter. | 593 | $! Check To See If The User Entered A Valid Paramter. |
| 743 | $! | 594 | $! |
| 744 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") | 595 | $ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC") |
| 745 | $ THEN | 596 | $ THEN |
| 746 | $! | 597 | $! |
| 747 | $! Check To See If The User Wanted DECC. | 598 | $! Check To See If The User Wanted DECC. |
| 748 | $! | 599 | $! |
| 749 | $ IF (P3.EQS."DECC") | 600 | $ IF (P2.EQS."DECC") |
| 750 | $ THEN | 601 | $ THEN |
| 751 | $! | 602 | $! |
| 752 | $! Looks Like DECC, Set To Use DECC. | 603 | $! Looks Like DECC, Set To Use DECC. |
| @@ -776,7 +627,7 @@ $ ENDIF | |||
| 776 | $! | 627 | $! |
| 777 | $! Check To See If We Are To Use VAXC. | 628 | $! Check To See If We Are To Use VAXC. |
| 778 | $! | 629 | $! |
| 779 | $ IF (P3.EQS."VAXC") | 630 | $ IF (P2.EQS."VAXC") |
| 780 | $ THEN | 631 | $ THEN |
| 781 | $! | 632 | $! |
| 782 | $! Looks Like VAXC, Set To Use VAXC. | 633 | $! Looks Like VAXC, Set To Use VAXC. |
| @@ -814,7 +665,7 @@ $ ENDIF | |||
| 814 | $! | 665 | $! |
| 815 | $! Check To See If We Are To Use GNU C. | 666 | $! Check To See If We Are To Use GNU C. |
| 816 | $! | 667 | $! |
| 817 | $ IF (P3.EQS."GNUC") | 668 | $ IF (P2.EQS."GNUC") |
| 818 | $ THEN | 669 | $ THEN |
| 819 | $! | 670 | $! |
| 820 | $! Looks Like GNUC, Set To Use GNUC. | 671 | $! Looks Like GNUC, Set To Use GNUC. |
| @@ -842,31 +693,6 @@ $! Set up default defines | |||
| 842 | $! | 693 | $! |
| 843 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | 694 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS |
| 844 | $! | 695 | $! |
| 845 | $! Check To See If We Are To Compile With RSAREF Routines. | ||
| 846 | $! | ||
| 847 | $ IF (RSAREF.EQS."TRUE") | ||
| 848 | $ THEN | ||
| 849 | $! | ||
| 850 | $! Compile With RSAREF. | ||
| 851 | $! | ||
| 852 | $ CCDEFS = CCDEFS + ",""RSAref=1""" | ||
| 853 | $! | ||
| 854 | $! Tell The User This. | ||
| 855 | $! | ||
| 856 | $ WRITE SYS$OUTPUT "Compiling With RSAREF Routines." | ||
| 857 | $! | ||
| 858 | $! Else, We Don't Care. Compile Without The RSAREF Library. | ||
| 859 | $! | ||
| 860 | $ ELSE | ||
| 861 | $! | ||
| 862 | $! Tell The User We Are Compile Without The RSAREF Routines. | ||
| 863 | $! | ||
| 864 | $ WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines. | ||
| 865 | $! | ||
| 866 | $! End The RSAREF Check. | ||
| 867 | $! | ||
| 868 | $ ENDIF | ||
| 869 | $! | ||
| 870 | $! Finish up the definition of CC. | 696 | $! Finish up the definition of CC. |
| 871 | $! | 697 | $! |
| 872 | $ IF COMPILER .EQS. "DECC" | 698 | $ IF COMPILER .EQS. "DECC" |
| @@ -896,7 +722,7 @@ $! | |||
| 896 | $! Tell The User We Don't Know What They Want. | 722 | $! Tell The User We Don't Know What They Want. |
| 897 | $! | 723 | $! |
| 898 | $ WRITE SYS$OUTPUT "" | 724 | $ WRITE SYS$OUTPUT "" |
| 899 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | 725 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" |
| 900 | $ WRITE SYS$OUTPUT "" | 726 | $ WRITE SYS$OUTPUT "" |
| 901 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | 727 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." |
| 902 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | 728 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." |
| @@ -910,13 +736,13 @@ $ ENDIF | |||
| 910 | $! | 736 | $! |
| 911 | $! Time to check the contents, and to make sure we get the correct library. | 737 | $! Time to check the contents, and to make sure we get the correct library. |
| 912 | $! | 738 | $! |
| 913 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - | 739 | $ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" - |
| 914 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" | 740 | .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE" |
| 915 | $ THEN | 741 | $ THEN |
| 916 | $! | 742 | $! |
| 917 | $! Check to see if SOCKETSHR was chosen | 743 | $! Check to see if SOCKETSHR was chosen |
| 918 | $! | 744 | $! |
| 919 | $ IF P4.EQS."SOCKETSHR" | 745 | $ IF P3.EQS."SOCKETSHR" |
| 920 | $ THEN | 746 | $ THEN |
| 921 | $! | 747 | $! |
| 922 | $! Set the library to use SOCKETSHR | 748 | $! Set the library to use SOCKETSHR |
| @@ -929,12 +755,12 @@ $ ENDIF | |||
| 929 | $! | 755 | $! |
| 930 | $! Check to see if MULTINET was chosen | 756 | $! Check to see if MULTINET was chosen |
| 931 | $! | 757 | $! |
| 932 | $ IF P4.EQS."MULTINET" | 758 | $ IF P3.EQS."MULTINET" |
| 933 | $ THEN | 759 | $ THEN |
| 934 | $! | 760 | $! |
| 935 | $! Set the library to use UXC emulation. | 761 | $! Set the library to use UXC emulation. |
| 936 | $! | 762 | $! |
| 937 | $ P4 = "UCX" | 763 | $ P3 = "UCX" |
| 938 | $! | 764 | $! |
| 939 | $! Done with MULTINET | 765 | $! Done with MULTINET |
| 940 | $! | 766 | $! |
| @@ -942,7 +768,7 @@ $ ENDIF | |||
| 942 | $! | 768 | $! |
| 943 | $! Check to see if UCX was chosen | 769 | $! Check to see if UCX was chosen |
| 944 | $! | 770 | $! |
| 945 | $ IF P4.EQS."UCX" | 771 | $ IF P3.EQS."UCX" |
| 946 | $ THEN | 772 | $ THEN |
| 947 | $! | 773 | $! |
| 948 | $! Set the library to use UCX. | 774 | $! Set the library to use UCX. |
| @@ -962,7 +788,7 @@ $ ENDIF | |||
| 962 | $! | 788 | $! |
| 963 | $! Check to see if TCPIP was chosen | 789 | $! Check to see if TCPIP was chosen |
| 964 | $! | 790 | $! |
| 965 | $ IF P4.EQS."TCPIP" | 791 | $ IF P3.EQS."TCPIP" |
| 966 | $ THEN | 792 | $ THEN |
| 967 | $! | 793 | $! |
| 968 | $! Set the library to use TCPIP (post UCX). | 794 | $! Set the library to use TCPIP (post UCX). |
| @@ -975,7 +801,7 @@ $ ENDIF | |||
| 975 | $! | 801 | $! |
| 976 | $! Check to see if NONE was chosen | 802 | $! Check to see if NONE was chosen |
| 977 | $! | 803 | $! |
| 978 | $ IF P4.EQS."NONE" | 804 | $ IF P3.EQS."NONE" |
| 979 | $ THEN | 805 | $ THEN |
| 980 | $! | 806 | $! |
| 981 | $! Do not use a TCPIP library. | 807 | $! Do not use a TCPIP library. |
| @@ -997,7 +823,7 @@ $! | |||
| 997 | $! Tell The User We Don't Know What They Want. | 823 | $! Tell The User We Don't Know What They Want. |
| 998 | $! | 824 | $! |
| 999 | $ WRITE SYS$OUTPUT "" | 825 | $ WRITE SYS$OUTPUT "" |
| 1000 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | 826 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" |
| 1001 | $ WRITE SYS$OUTPUT "" | 827 | $ WRITE SYS$OUTPUT "" |
| 1002 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | 828 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." |
| 1003 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | 829 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." |
| @@ -1018,9 +844,9 @@ $! Written By: Richard Levitte | |||
| 1018 | $! richard@levitte.org | 844 | $! richard@levitte.org |
| 1019 | $! | 845 | $! |
| 1020 | $! | 846 | $! |
| 1021 | $! Check To See If We Have A Option For P5. | 847 | $! Check To See If We Have A Option For P4. |
| 1022 | $! | 848 | $! |
| 1023 | $ IF (P5.EQS."") | 849 | $ IF (P4.EQS."") |
| 1024 | $ THEN | 850 | $ THEN |
| 1025 | $! | 851 | $! |
| 1026 | $! Get The Version Of VMS We Are Using. | 852 | $! Get The Version Of VMS We Are Using. |
| @@ -1042,7 +868,7 @@ $! End The VMS Version Check. | |||
| 1042 | $! | 868 | $! |
| 1043 | $ ENDIF | 869 | $ ENDIF |
| 1044 | $! | 870 | $! |
| 1045 | $! End The P5 Check. | 871 | $! End The P4 Check. |
| 1046 | $! | 872 | $! |
| 1047 | $ ENDIF | 873 | $ ENDIF |
| 1048 | $! | 874 | $! |
diff --git a/src/lib/libssl/src/test/methtest.c b/src/lib/libssl/src/test/methtest.c index 06ccb3b310..005c2f4822 100644 --- a/src/lib/libssl/src/test/methtest.c +++ b/src/lib/libssl/src/test/methtest.c | |||
| @@ -96,10 +96,10 @@ char *argv[]; | |||
| 96 | METH_init(top); | 96 | METH_init(top); |
| 97 | METH_control(tmp1,METH_CONTROL_DUMP,stdout); | 97 | METH_control(tmp1,METH_CONTROL_DUMP,stdout); |
| 98 | METH_control(tmp2,METH_CONTROL_DUMP,stdout); | 98 | METH_control(tmp2,METH_CONTROL_DUMP,stdout); |
| 99 | exit(0); | 99 | EXIT(0); |
| 100 | err: | 100 | err: |
| 101 | ERR_load_crypto_strings(); | 101 | ERR_load_crypto_strings(); |
| 102 | ERR_print_errors_fp(stderr); | 102 | ERR_print_errors_fp(stderr); |
| 103 | exit(1); | 103 | EXIT(1); |
| 104 | return(0); | 104 | return(0); |
| 105 | } | 105 | } |
diff --git a/src/lib/libssl/src/test/testgen b/src/lib/libssl/src/test/testgen index 55c496f4bc..3798543e04 100644 --- a/src/lib/libssl/src/test/testgen +++ b/src/lib/libssl/src/test/testgen | |||
| @@ -27,6 +27,8 @@ fi | |||
| 27 | 27 | ||
| 28 | echo "This could take some time." | 28 | echo "This could take some time." |
| 29 | 29 | ||
| 30 | rm -f testkey.pem testreq.pem | ||
| 31 | |||
| 30 | ../apps/openssl req -config test.cnf $req_new -out testreq.pem | 32 | ../apps/openssl req -config test.cnf $req_new -out testreq.pem |
| 31 | if [ $? != 0 ]; then | 33 | if [ $? != 0 ]; then |
| 32 | echo problems creating request | 34 | echo problems creating request |
diff --git a/src/lib/libssl/src/test/testssl b/src/lib/libssl/src/test/testssl index ba5e41c861..ca8e718022 100644 --- a/src/lib/libssl/src/test/testssl +++ b/src/lib/libssl/src/test/testssl | |||
| @@ -121,8 +121,12 @@ $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 | |||
| 121 | 121 | ||
| 122 | ############################################################################# | 122 | ############################################################################# |
| 123 | 123 | ||
| 124 | echo test tls1 with 1024bit anonymous DH, multiple handshakes | 124 | if ../apps/openssl no-dh; then |
| 125 | $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 | 125 | echo skipping anonymous DH tests |
| 126 | else | ||
| 127 | echo test tls1 with 1024bit anonymous DH, multiple handshakes | ||
| 128 | $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 | ||
| 129 | fi | ||
| 126 | 130 | ||
| 127 | if ../apps/openssl no-rsa; then | 131 | if ../apps/openssl no-rsa; then |
| 128 | echo skipping RSA tests | 132 | echo skipping RSA tests |
| @@ -130,8 +134,12 @@ else | |||
| 130 | echo test tls1 with 1024bit RSA, no DHE, multiple handshakes | 134 | echo test tls1 with 1024bit RSA, no DHE, multiple handshakes |
| 131 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 | 135 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 |
| 132 | 136 | ||
| 133 | echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes | 137 | if ../apps/openssl no-dh; then |
| 134 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 | 138 | echo skipping RSA+DHE tests |
| 139 | else | ||
| 140 | echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes | ||
| 141 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 | ||
| 142 | fi | ||
| 135 | fi | 143 | fi |
| 136 | 144 | ||
| 137 | exit 0 | 145 | exit 0 |
diff --git a/src/lib/libssl/src/test/testssl.com b/src/lib/libssl/src/test/testssl.com index 785f262f5a..26308f7715 100644 --- a/src/lib/libssl/src/test/testssl.com +++ b/src/lib/libssl/src/test/testssl.com | |||
| @@ -159,16 +159,25 @@ $ if $severity .ne. 1 then goto exit3 | |||
| 159 | $ | 159 | $ |
| 160 | $!########################################################################### | 160 | $!########################################################################### |
| 161 | $ | 161 | $ |
| 162 | $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" | ||
| 163 | $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time | ||
| 164 | $ if $severity .ne. 1 then goto exit3 | ||
| 165 | $ | ||
| 166 | $ set noon | 162 | $ set noon |
| 167 | $ define/user sys$output nla0: | 163 | $ define/user sys$output nla0: |
| 168 | $ mcr 'exe_dir'openssl no-rsa | 164 | $ mcr 'exe_dir'openssl no-rsa |
| 169 | $ save_severity=$SEVERITY | 165 | $ no_rsa=$SEVERITY |
| 166 | $ define/user sys$output nla0: | ||
| 167 | $ mcr 'exe_dir'openssl no-dh | ||
| 168 | $ no_dh=$SEVERITY | ||
| 170 | $ set on | 169 | $ set on |
| 171 | $ if save_severity | 170 | $ |
| 171 | $ if no_dh | ||
| 172 | $ then | ||
| 173 | $ write sys$output "skipping anonymous DH tests" | ||
| 174 | $ else | ||
| 175 | $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" | ||
| 176 | $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time | ||
| 177 | $ if $severity .ne. 1 then goto exit3 | ||
| 178 | $ endif | ||
| 179 | $ | ||
| 180 | $ if no_rsa | ||
| 172 | $ then | 181 | $ then |
| 173 | $ write sys$output "skipping RSA tests" | 182 | $ write sys$output "skipping RSA tests" |
| 174 | $ else | 183 | $ else |
| @@ -176,9 +185,14 @@ $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" | |||
| 176 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time | 185 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time |
| 177 | $ if $severity .ne. 1 then goto exit3 | 186 | $ if $severity .ne. 1 then goto exit3 |
| 178 | $ | 187 | $ |
| 179 | $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" | 188 | $ if no_dh |
| 180 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time | 189 | $ then |
| 181 | $ if $severity .ne. 1 then goto exit3 | 190 | $ write sys$output "skipping RSA+DHE tests" |
| 191 | $ else | ||
| 192 | $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" | ||
| 193 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time | ||
| 194 | $ if $severity .ne. 1 then goto exit3 | ||
| 195 | $ endif | ||
| 182 | $ endif | 196 | $ endif |
| 183 | $ | 197 | $ |
| 184 | $ RET = 1 | 198 | $ RET = 1 |
diff --git a/src/lib/libssl/src/tools/Makefile.ssl b/src/lib/libssl/src/tools/Makefile.ssl index 32d0b516ba..cb33d4a41e 100644 --- a/src/lib/libssl/src/tools/Makefile.ssl +++ b/src/lib/libssl/src/tools/Makefile.ssl | |||
| @@ -27,13 +27,15 @@ all: | |||
| 27 | install: | 27 | install: |
| 28 | @for i in $(APPS) ; \ | 28 | @for i in $(APPS) ; \ |
| 29 | do \ | 29 | do \ |
| 30 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ | 30 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ |
| 31 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ | 31 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ |
| 32 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ | ||
| 32 | done; | 33 | done; |
| 33 | @for i in $(MISC_APPS) ; \ | 34 | @for i in $(MISC_APPS) ; \ |
| 34 | do \ | 35 | do \ |
| 35 | (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ | 36 | (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ |
| 36 | chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ | 37 | chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ |
| 38 | mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ | ||
| 37 | done; | 39 | done; |
| 38 | 40 | ||
| 39 | files: | 41 | files: |
diff --git a/src/lib/libssl/src/tools/c_rehash.in b/src/lib/libssl/src/tools/c_rehash.in index 5b053406c2..4497cbd9f1 100644 --- a/src/lib/libssl/src/tools/c_rehash.in +++ b/src/lib/libssl/src/tools/c_rehash.in | |||
| @@ -100,7 +100,8 @@ sub check_file { | |||
| 100 | 100 | ||
| 101 | sub link_hash_cert { | 101 | sub link_hash_cert { |
| 102 | my $fname = $_[0]; | 102 | my $fname = $_[0]; |
| 103 | my ($hash, $fprint) = `$openssl x509 -hash -fingerprint -noout -in "$fname"`; | 103 | $fname =~ s/'/'\\''/g; |
| 104 | my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`; | ||
| 104 | chomp $hash; | 105 | chomp $hash; |
| 105 | chomp $fprint; | 106 | chomp $fprint; |
| 106 | $fprint =~ s/^.*=//; | 107 | $fprint =~ s/^.*=//; |
| @@ -130,7 +131,8 @@ sub link_hash_cert { | |||
| 130 | 131 | ||
| 131 | sub link_hash_crl { | 132 | sub link_hash_crl { |
| 132 | my $fname = $_[0]; | 133 | my $fname = $_[0]; |
| 133 | my ($hash, $fprint) = `$openssl crl -hash -fingerprint -noout -in "$fname"`; | 134 | $fname =~ s/'/'\\''/g; |
| 135 | my ($hash, $fprint) = `"$openssl" crl -hash -fingerprint -noout -in '$fname'`; | ||
| 134 | chomp $hash; | 136 | chomp $hash; |
| 135 | chomp $fprint; | 137 | chomp $fprint; |
| 136 | $fprint =~ s/^.*=//; | 138 | $fprint =~ s/^.*=//; |
diff --git a/src/lib/libssl/src/util/cygwin.sh b/src/lib/libssl/src/util/cygwin.sh index b607399b02..930f766b4f 100644 --- a/src/lib/libssl/src/util/cygwin.sh +++ b/src/lib/libssl/src/util/cygwin.sh | |||
| @@ -96,6 +96,8 @@ fi | |||
| 96 | 96 | ||
| 97 | get_openssl_version | 97 | get_openssl_version |
| 98 | 98 | ||
| 99 | make depend || exit 1 | ||
| 100 | |||
| 99 | make || exit 1 | 101 | make || exit 1 |
| 100 | 102 | ||
| 101 | base_install | 103 | base_install |
diff --git a/src/lib/libssl/src/util/domd b/src/lib/libssl/src/util/domd index 8cbe383c16..49310bbdd1 100644 --- a/src/lib/libssl/src/util/domd +++ b/src/lib/libssl/src/util/domd | |||
| @@ -15,9 +15,14 @@ cp Makefile.ssl Makefile.save | |||
| 15 | # fake the presence of Kerberos | 15 | # fake the presence of Kerberos |
| 16 | touch $TOP/krb5.h | 16 | touch $TOP/krb5.h |
| 17 | if [ "$MAKEDEPEND" = "gcc" ]; then | 17 | if [ "$MAKEDEPEND" = "gcc" ]; then |
| 18 | args="" | ||
| 19 | while [ $# -gt 0 ]; do | ||
| 20 | if [ "$1" != "--" ]; then args="$args $1"; fi | ||
| 21 | shift | ||
| 22 | done | ||
| 18 | sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp | 23 | sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp |
| 19 | echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp | 24 | echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp |
| 20 | gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp | 25 | gcc -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp |
| 21 | ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new | 26 | ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new |
| 22 | rm -f Makefile.tmp | 27 | rm -f Makefile.tmp |
| 23 | else | 28 | else |
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num index 7e5728495f..f5c8c0be8a 100644 --- a/src/lib/libssl/src/util/libeay.num +++ b/src/lib/libssl/src/util/libeay.num | |||
| @@ -980,7 +980,7 @@ BN_mul_word 999 EXIST::FUNCTION: | |||
| 980 | BN_sub_word 1000 EXIST::FUNCTION: | 980 | BN_sub_word 1000 EXIST::FUNCTION: |
| 981 | BN_dec2bn 1001 EXIST::FUNCTION: | 981 | BN_dec2bn 1001 EXIST::FUNCTION: |
| 982 | BN_bn2dec 1002 EXIST::FUNCTION: | 982 | BN_bn2dec 1002 EXIST::FUNCTION: |
| 983 | BIO_ghbn_ctrl 1003 EXIST::FUNCTION: | 983 | BIO_ghbn_ctrl 1003 NOEXIST::FUNCTION: |
| 984 | CRYPTO_free_ex_data 1004 EXIST::FUNCTION: | 984 | CRYPTO_free_ex_data 1004 EXIST::FUNCTION: |
| 985 | CRYPTO_get_ex_data 1005 EXIST::FUNCTION: | 985 | CRYPTO_get_ex_data 1005 EXIST::FUNCTION: |
| 986 | CRYPTO_set_ex_data 1007 EXIST::FUNCTION: | 986 | CRYPTO_set_ex_data 1007 EXIST::FUNCTION: |
| @@ -1881,72 +1881,72 @@ BIO_f_linebuffer 2463 EXIST:VMS:FUNCTION: | |||
| 1881 | BN_bntest_rand 2464 EXIST::FUNCTION: | 1881 | BN_bntest_rand 2464 EXIST::FUNCTION: |
| 1882 | OPENSSL_issetugid 2465 EXIST::FUNCTION: | 1882 | OPENSSL_issetugid 2465 EXIST::FUNCTION: |
| 1883 | BN_rand_range 2466 EXIST::FUNCTION: | 1883 | BN_rand_range 2466 EXIST::FUNCTION: |
| 1884 | ERR_load_ENGINE_strings 2467 EXIST::FUNCTION: | 1884 | ERR_load_ENGINE_strings 2467 EXIST::FUNCTION:ENGINE |
| 1885 | ENGINE_set_DSA 2468 EXIST::FUNCTION: | 1885 | ENGINE_set_DSA 2468 EXIST::FUNCTION:ENGINE |
| 1886 | ENGINE_get_finish_function 2469 EXIST::FUNCTION: | 1886 | ENGINE_get_finish_function 2469 EXIST::FUNCTION:ENGINE |
| 1887 | ENGINE_get_default_RSA 2470 EXIST::FUNCTION: | 1887 | ENGINE_get_default_RSA 2470 EXIST::FUNCTION:ENGINE |
| 1888 | ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION: | 1888 | ENGINE_get_BN_mod_exp 2471 NOEXIST::FUNCTION: |
| 1889 | DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION: | 1889 | DSA_get_default_openssl_method 2472 NOEXIST::FUNCTION: |
| 1890 | ENGINE_set_DH 2473 EXIST::FUNCTION: | 1890 | ENGINE_set_DH 2473 EXIST::FUNCTION:ENGINE |
| 1891 | ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: | 1891 | ENGINE_set_def_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: |
| 1892 | ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: | 1892 | ENGINE_set_default_BN_mod_exp_crt 2474 NOEXIST::FUNCTION: |
| 1893 | ENGINE_init 2475 EXIST::FUNCTION: | 1893 | ENGINE_init 2475 EXIST::FUNCTION:ENGINE |
| 1894 | DH_get_default_openssl_method 2476 NOEXIST::FUNCTION: | 1894 | DH_get_default_openssl_method 2476 NOEXIST::FUNCTION: |
| 1895 | RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION: | 1895 | RSA_set_default_openssl_method 2477 NOEXIST::FUNCTION: |
| 1896 | ENGINE_finish 2478 EXIST::FUNCTION: | 1896 | ENGINE_finish 2478 EXIST::FUNCTION:ENGINE |
| 1897 | ENGINE_load_public_key 2479 EXIST::FUNCTION: | 1897 | ENGINE_load_public_key 2479 EXIST::FUNCTION:ENGINE |
| 1898 | ENGINE_get_DH 2480 EXIST::FUNCTION: | 1898 | ENGINE_get_DH 2480 EXIST::FUNCTION:ENGINE |
| 1899 | ENGINE_ctrl 2481 EXIST::FUNCTION: | 1899 | ENGINE_ctrl 2481 EXIST::FUNCTION:ENGINE |
| 1900 | ENGINE_get_init_function 2482 EXIST::FUNCTION: | 1900 | ENGINE_get_init_function 2482 EXIST::FUNCTION:ENGINE |
| 1901 | ENGINE_set_init_function 2483 EXIST::FUNCTION: | 1901 | ENGINE_set_init_function 2483 EXIST::FUNCTION:ENGINE |
| 1902 | ENGINE_set_default_DSA 2484 EXIST::FUNCTION: | 1902 | ENGINE_set_default_DSA 2484 EXIST::FUNCTION:ENGINE |
| 1903 | ENGINE_get_name 2485 EXIST::FUNCTION: | 1903 | ENGINE_get_name 2485 EXIST::FUNCTION:ENGINE |
| 1904 | ENGINE_get_last 2486 EXIST::FUNCTION: | 1904 | ENGINE_get_last 2486 EXIST::FUNCTION:ENGINE |
| 1905 | ENGINE_get_prev 2487 EXIST::FUNCTION: | 1905 | ENGINE_get_prev 2487 EXIST::FUNCTION:ENGINE |
| 1906 | ENGINE_get_default_DH 2488 EXIST::FUNCTION: | 1906 | ENGINE_get_default_DH 2488 EXIST::FUNCTION:ENGINE |
| 1907 | ENGINE_get_RSA 2489 EXIST::FUNCTION: | 1907 | ENGINE_get_RSA 2489 EXIST::FUNCTION:ENGINE |
| 1908 | ENGINE_set_default 2490 EXIST::FUNCTION: | 1908 | ENGINE_set_default 2490 EXIST::FUNCTION:ENGINE |
| 1909 | ENGINE_get_RAND 2491 EXIST::FUNCTION: | 1909 | ENGINE_get_RAND 2491 EXIST::FUNCTION:ENGINE |
| 1910 | ENGINE_get_first 2492 EXIST::FUNCTION: | 1910 | ENGINE_get_first 2492 EXIST::FUNCTION:ENGINE |
| 1911 | ENGINE_by_id 2493 EXIST::FUNCTION: | 1911 | ENGINE_by_id 2493 EXIST::FUNCTION:ENGINE |
| 1912 | ENGINE_set_finish_function 2494 EXIST::FUNCTION: | 1912 | ENGINE_set_finish_function 2494 EXIST::FUNCTION:ENGINE |
| 1913 | ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: | 1913 | ENGINE_get_def_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: |
| 1914 | ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: | 1914 | ENGINE_get_default_BN_mod_exp_crt 2495 NOEXIST::FUNCTION: |
| 1915 | RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION: | 1915 | RSA_get_default_openssl_method 2496 NOEXIST::FUNCTION: |
| 1916 | ENGINE_set_RSA 2497 EXIST::FUNCTION: | 1916 | ENGINE_set_RSA 2497 EXIST::FUNCTION:ENGINE |
| 1917 | ENGINE_load_private_key 2498 EXIST::FUNCTION: | 1917 | ENGINE_load_private_key 2498 EXIST::FUNCTION:ENGINE |
| 1918 | ENGINE_set_default_RAND 2499 EXIST::FUNCTION: | 1918 | ENGINE_set_default_RAND 2499 EXIST::FUNCTION:ENGINE |
| 1919 | ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION: | 1919 | ENGINE_set_BN_mod_exp 2500 NOEXIST::FUNCTION: |
| 1920 | ENGINE_remove 2501 EXIST::FUNCTION: | 1920 | ENGINE_remove 2501 EXIST::FUNCTION:ENGINE |
| 1921 | ENGINE_free 2502 EXIST::FUNCTION: | 1921 | ENGINE_free 2502 EXIST::FUNCTION:ENGINE |
| 1922 | ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION: | 1922 | ENGINE_get_BN_mod_exp_crt 2503 NOEXIST::FUNCTION: |
| 1923 | ENGINE_get_next 2504 EXIST::FUNCTION: | 1923 | ENGINE_get_next 2504 EXIST::FUNCTION:ENGINE |
| 1924 | ENGINE_set_name 2505 EXIST::FUNCTION: | 1924 | ENGINE_set_name 2505 EXIST::FUNCTION:ENGINE |
| 1925 | ENGINE_get_default_DSA 2506 EXIST::FUNCTION: | 1925 | ENGINE_get_default_DSA 2506 EXIST::FUNCTION:ENGINE |
| 1926 | ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION: | 1926 | ENGINE_set_default_BN_mod_exp 2507 NOEXIST::FUNCTION: |
| 1927 | ENGINE_set_default_RSA 2508 EXIST::FUNCTION: | 1927 | ENGINE_set_default_RSA 2508 EXIST::FUNCTION:ENGINE |
| 1928 | ENGINE_get_default_RAND 2509 EXIST::FUNCTION: | 1928 | ENGINE_get_default_RAND 2509 EXIST::FUNCTION:ENGINE |
| 1929 | ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION: | 1929 | ENGINE_get_default_BN_mod_exp 2510 NOEXIST::FUNCTION: |
| 1930 | ENGINE_set_RAND 2511 EXIST::FUNCTION: | 1930 | ENGINE_set_RAND 2511 EXIST::FUNCTION:ENGINE |
| 1931 | ENGINE_set_id 2512 EXIST::FUNCTION: | 1931 | ENGINE_set_id 2512 EXIST::FUNCTION:ENGINE |
| 1932 | ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION: | 1932 | ENGINE_set_BN_mod_exp_crt 2513 NOEXIST::FUNCTION: |
| 1933 | ENGINE_set_default_DH 2514 EXIST::FUNCTION: | 1933 | ENGINE_set_default_DH 2514 EXIST::FUNCTION:ENGINE |
| 1934 | ENGINE_new 2515 EXIST::FUNCTION: | 1934 | ENGINE_new 2515 EXIST::FUNCTION:ENGINE |
| 1935 | ENGINE_get_id 2516 EXIST::FUNCTION: | 1935 | ENGINE_get_id 2516 EXIST::FUNCTION:ENGINE |
| 1936 | DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION: | 1936 | DSA_set_default_openssl_method 2517 NOEXIST::FUNCTION: |
| 1937 | ENGINE_add 2518 EXIST::FUNCTION: | 1937 | ENGINE_add 2518 EXIST::FUNCTION:ENGINE |
| 1938 | DH_set_default_openssl_method 2519 NOEXIST::FUNCTION: | 1938 | DH_set_default_openssl_method 2519 NOEXIST::FUNCTION: |
| 1939 | ENGINE_get_DSA 2520 EXIST::FUNCTION: | 1939 | ENGINE_get_DSA 2520 EXIST::FUNCTION:ENGINE |
| 1940 | ENGINE_get_ctrl_function 2521 EXIST::FUNCTION: | 1940 | ENGINE_get_ctrl_function 2521 EXIST::FUNCTION:ENGINE |
| 1941 | ENGINE_set_ctrl_function 2522 EXIST::FUNCTION: | 1941 | ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE |
| 1942 | BN_pseudo_rand_range 2523 EXIST::FUNCTION: | 1942 | BN_pseudo_rand_range 2523 EXIST::FUNCTION: |
| 1943 | X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION: | 1943 | X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION: |
| 1944 | ERR_load_COMP_strings 2525 EXIST::FUNCTION: | 1944 | ERR_load_COMP_strings 2525 EXIST::FUNCTION: |
| 1945 | PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION: | 1945 | PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION: |
| 1946 | ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1946 | ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1947 | ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1947 | ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 1948 | ENGINE_unregister_ciphers 2528 EXIST::FUNCTION: | 1948 | ENGINE_unregister_ciphers 2528 EXIST::FUNCTION:ENGINE |
| 1949 | ENGINE_get_ciphers 2529 EXIST::FUNCTION: | 1949 | ENGINE_get_ciphers 2529 EXIST::FUNCTION:ENGINE |
| 1950 | d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION: | 1950 | d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION: |
| 1951 | KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1951 | KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1952 | KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1952 | KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -1959,15 +1959,15 @@ X509V3_add1_i2d 2536 EXIST::FUNCTION: | |||
| 1959 | PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1959 | PKCS7_ENVELOPE_it 2537 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1960 | PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1960 | PKCS7_ENVELOPE_it 2537 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 1961 | UI_add_input_boolean 2538 EXIST::FUNCTION: | 1961 | UI_add_input_boolean 2538 EXIST::FUNCTION: |
| 1962 | ENGINE_unregister_RSA 2539 EXIST::FUNCTION: | 1962 | ENGINE_unregister_RSA 2539 EXIST::FUNCTION:ENGINE |
| 1963 | X509V3_EXT_nconf 2540 EXIST::FUNCTION: | 1963 | X509V3_EXT_nconf 2540 EXIST::FUNCTION: |
| 1964 | ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION: | 1964 | ASN1_GENERALSTRING_free 2541 EXIST::FUNCTION: |
| 1965 | d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION: | 1965 | d2i_OCSP_CERTSTATUS 2542 EXIST::FUNCTION: |
| 1966 | X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION: | 1966 | X509_REVOKED_set_serialNumber 2543 EXIST::FUNCTION: |
| 1967 | X509_print_ex 2544 EXIST::FUNCTION:BIO | 1967 | X509_print_ex 2544 EXIST::FUNCTION:BIO |
| 1968 | OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION: | 1968 | OCSP_ONEREQ_get1_ext_d2i 2545 EXIST::FUNCTION: |
| 1969 | ENGINE_register_all_RAND 2546 EXIST::FUNCTION: | 1969 | ENGINE_register_all_RAND 2546 EXIST::FUNCTION:ENGINE |
| 1970 | ENGINE_load_dynamic 2547 EXIST::FUNCTION: | 1970 | ENGINE_load_dynamic 2547 EXIST::FUNCTION:ENGINE |
| 1971 | PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 1971 | PBKDF2PARAM_it 2548 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 1972 | PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 1972 | PBKDF2PARAM_it 2548 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 1973 | EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION: | 1973 | EXTENDED_KEY_USAGE_new 2549 EXIST::FUNCTION: |
| @@ -1987,7 +1987,7 @@ X509_STORE_set_purpose 2559 EXIST::FUNCTION: | |||
| 1987 | i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION: | 1987 | i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION: |
| 1988 | OCSP_response_status 2561 EXIST::FUNCTION: | 1988 | OCSP_response_status 2561 EXIST::FUNCTION: |
| 1989 | i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION: | 1989 | i2d_OCSP_SERVICELOC 2562 EXIST::FUNCTION: |
| 1990 | ENGINE_get_digest_engine 2563 EXIST::FUNCTION: | 1990 | ENGINE_get_digest_engine 2563 EXIST::FUNCTION:ENGINE |
| 1991 | EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC | 1991 | EC_GROUP_set_curve_GFp 2564 EXIST::FUNCTION:EC |
| 1992 | OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION: | 1992 | OCSP_REQUEST_get_ext_by_OBJ 2565 EXIST::FUNCTION: |
| 1993 | _ossl_old_des_random_key 2566 EXIST::FUNCTION:DES | 1993 | _ossl_old_des_random_key 2566 EXIST::FUNCTION:DES |
| @@ -2011,7 +2011,7 @@ _shadow_DES_rw_mode 2581 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2011 | _shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES | 2011 | _shadow_DES_rw_mode 2581 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES |
| 2012 | asn1_do_adb 2582 EXIST::FUNCTION: | 2012 | asn1_do_adb 2582 EXIST::FUNCTION: |
| 2013 | ASN1_template_i2d 2583 EXIST::FUNCTION: | 2013 | ASN1_template_i2d 2583 EXIST::FUNCTION: |
| 2014 | ENGINE_register_DH 2584 EXIST::FUNCTION: | 2014 | ENGINE_register_DH 2584 EXIST::FUNCTION:ENGINE |
| 2015 | UI_construct_prompt 2585 EXIST::FUNCTION: | 2015 | UI_construct_prompt 2585 EXIST::FUNCTION: |
| 2016 | X509_STORE_set_trust 2586 EXIST::FUNCTION: | 2016 | X509_STORE_set_trust 2586 EXIST::FUNCTION: |
| 2017 | UI_dup_input_string 2587 EXIST::FUNCTION: | 2017 | UI_dup_input_string 2587 EXIST::FUNCTION: |
| @@ -2039,7 +2039,7 @@ OCSP_resp_find 2605 EXIST::FUNCTION: | |||
| 2039 | BN_nnmod 2606 EXIST::FUNCTION: | 2039 | BN_nnmod 2606 EXIST::FUNCTION: |
| 2040 | X509_CRL_sort 2607 EXIST::FUNCTION: | 2040 | X509_CRL_sort 2607 EXIST::FUNCTION: |
| 2041 | X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION: | 2041 | X509_REVOKED_set_revocationDate 2608 EXIST::FUNCTION: |
| 2042 | ENGINE_register_RAND 2609 EXIST::FUNCTION: | 2042 | ENGINE_register_RAND 2609 EXIST::FUNCTION:ENGINE |
| 2043 | OCSP_SERVICELOC_new 2610 EXIST::FUNCTION: | 2043 | OCSP_SERVICELOC_new 2610 EXIST::FUNCTION: |
| 2044 | EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC | 2044 | EC_POINT_set_affine_coordinates_GFp 2611 EXIST:!VMS:FUNCTION:EC |
| 2045 | EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC | 2045 | EC_POINT_set_affine_coords_GFp 2611 EXIST:VMS:FUNCTION:EC |
| @@ -2049,11 +2049,11 @@ SXNET_it 2613 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2049 | UI_dup_input_boolean 2614 EXIST::FUNCTION: | 2049 | UI_dup_input_boolean 2614 EXIST::FUNCTION: |
| 2050 | PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION: | 2050 | PKCS12_add_CSPName_asc 2615 EXIST::FUNCTION: |
| 2051 | EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC | 2051 | EC_POINT_is_at_infinity 2616 EXIST::FUNCTION:EC |
| 2052 | ENGINE_load_openbsd_dev_crypto 2617 EXIST::FUNCTION: | 2052 | ENGINE_load_cryptodev 2617 EXIST::FUNCTION:ENGINE |
| 2053 | DSO_convert_filename 2618 EXIST::FUNCTION: | 2053 | DSO_convert_filename 2618 EXIST::FUNCTION: |
| 2054 | POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2054 | POLICYQUALINFO_it 2619 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2055 | POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2055 | POLICYQUALINFO_it 2619 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2056 | ENGINE_register_ciphers 2620 EXIST::FUNCTION: | 2056 | ENGINE_register_ciphers 2620 EXIST::FUNCTION:ENGINE |
| 2057 | BN_mod_lshift_quick 2621 EXIST::FUNCTION: | 2057 | BN_mod_lshift_quick 2621 EXIST::FUNCTION: |
| 2058 | DSO_set_filename 2622 EXIST::FUNCTION: | 2058 | DSO_set_filename 2622 EXIST::FUNCTION: |
| 2059 | ASN1_item_free 2623 EXIST::FUNCTION: | 2059 | ASN1_item_free 2623 EXIST::FUNCTION: |
| @@ -2062,7 +2062,7 @@ AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2062 | AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2062 | AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2063 | KRB5_APREQBODY_new 2626 EXIST::FUNCTION: | 2063 | KRB5_APREQBODY_new 2626 EXIST::FUNCTION: |
| 2064 | X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION: | 2064 | X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION: |
| 2065 | ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION: | 2065 | ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION:ENGINE |
| 2066 | i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION: | 2066 | i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION: |
| 2067 | EVP_MD_CTX_init 2630 EXIST::FUNCTION: | 2067 | EVP_MD_CTX_init 2630 EXIST::FUNCTION: |
| 2068 | EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION: | 2068 | EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION: |
| @@ -2071,8 +2071,8 @@ PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2071 | UI_add_error_string 2633 EXIST::FUNCTION: | 2071 | UI_add_error_string 2633 EXIST::FUNCTION: |
| 2072 | KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: | 2072 | KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: |
| 2073 | OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: | 2073 | OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: |
| 2074 | ENGINE_load_ubsec 2636 EXIST::FUNCTION: | 2074 | ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE |
| 2075 | ENGINE_register_all_digests 2637 EXIST::FUNCTION: | 2075 | ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE |
| 2076 | PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2076 | PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2077 | PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2077 | PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2078 | PKCS12_unpack_authsafes 2639 EXIST::FUNCTION: | 2078 | PKCS12_unpack_authsafes 2639 EXIST::FUNCTION: |
| @@ -2098,16 +2098,16 @@ OCSP_CERTSTATUS_free 2653 EXIST::FUNCTION: | |||
| 2098 | _ossl_old_des_crypt 2654 EXIST::FUNCTION:DES | 2098 | _ossl_old_des_crypt 2654 EXIST::FUNCTION:DES |
| 2099 | ASN1_item_i2d 2655 EXIST::FUNCTION: | 2099 | ASN1_item_i2d 2655 EXIST::FUNCTION: |
| 2100 | EVP_DecryptFinal_ex 2656 EXIST::FUNCTION: | 2100 | EVP_DecryptFinal_ex 2656 EXIST::FUNCTION: |
| 2101 | ENGINE_load_openssl 2657 EXIST::FUNCTION: | 2101 | ENGINE_load_openssl 2657 EXIST::FUNCTION:ENGINE |
| 2102 | ENGINE_get_cmd_defns 2658 EXIST::FUNCTION: | 2102 | ENGINE_get_cmd_defns 2658 EXIST::FUNCTION:ENGINE |
| 2103 | ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION: | 2103 | ENGINE_set_load_privkey_function 2659 EXIST:!VMS:FUNCTION:ENGINE |
| 2104 | ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION: | 2104 | ENGINE_set_load_privkey_fn 2659 EXIST:VMS:FUNCTION:ENGINE |
| 2105 | EVP_EncryptFinal_ex 2660 EXIST::FUNCTION: | 2105 | EVP_EncryptFinal_ex 2660 EXIST::FUNCTION: |
| 2106 | ENGINE_set_default_digests 2661 EXIST::FUNCTION: | 2106 | ENGINE_set_default_digests 2661 EXIST::FUNCTION:ENGINE |
| 2107 | X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION: | 2107 | X509_get0_pubkey_bitstr 2662 EXIST::FUNCTION: |
| 2108 | asn1_ex_i2c 2663 EXIST::FUNCTION: | 2108 | asn1_ex_i2c 2663 EXIST::FUNCTION: |
| 2109 | ENGINE_register_RSA 2664 EXIST::FUNCTION: | 2109 | ENGINE_register_RSA 2664 EXIST::FUNCTION:ENGINE |
| 2110 | ENGINE_unregister_DSA 2665 EXIST::FUNCTION: | 2110 | ENGINE_unregister_DSA 2665 EXIST::FUNCTION:ENGINE |
| 2111 | _ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES | 2111 | _ossl_old_des_key_sched 2666 EXIST::FUNCTION:DES |
| 2112 | X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2112 | X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2113 | X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2113 | X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2120,7 +2120,7 @@ PKCS12_certbag2x509 2672 EXIST::FUNCTION: | |||
| 2120 | _ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES | 2120 | _ossl_old_des_ofb64_encrypt 2673 EXIST::FUNCTION:DES |
| 2121 | d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION: | 2121 | d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION: |
| 2122 | ERR_print_errors_cb 2675 EXIST::FUNCTION: | 2122 | ERR_print_errors_cb 2675 EXIST::FUNCTION: |
| 2123 | ENGINE_set_ciphers 2676 EXIST::FUNCTION: | 2123 | ENGINE_set_ciphers 2676 EXIST::FUNCTION:ENGINE |
| 2124 | d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION: | 2124 | d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION: |
| 2125 | UI_method_get_flusher 2678 EXIST::FUNCTION: | 2125 | UI_method_get_flusher 2678 EXIST::FUNCTION: |
| 2126 | X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2126 | X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2156,7 +2156,7 @@ NCONF_get_number_e 2704 EXIST::FUNCTION: | |||
| 2156 | _ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES | 2156 | _ossl_old_des_decrypt3 2705 EXIST::FUNCTION:DES |
| 2157 | X509_signature_print 2706 EXIST::FUNCTION:EVP | 2157 | X509_signature_print 2706 EXIST::FUNCTION:EVP |
| 2158 | OCSP_SINGLERESP_free 2707 EXIST::FUNCTION: | 2158 | OCSP_SINGLERESP_free 2707 EXIST::FUNCTION: |
| 2159 | ENGINE_load_builtin_engines 2708 EXIST::FUNCTION: | 2159 | ENGINE_load_builtin_engines 2708 EXIST::FUNCTION:ENGINE |
| 2160 | i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION: | 2160 | i2d_OCSP_ONEREQ 2709 EXIST::FUNCTION: |
| 2161 | OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION: | 2161 | OCSP_REQUEST_add_ext 2710 EXIST::FUNCTION: |
| 2162 | OCSP_RESPBYTES_new 2711 EXIST::FUNCTION: | 2162 | OCSP_RESPBYTES_new 2711 EXIST::FUNCTION: |
| @@ -2184,7 +2184,7 @@ X509_CERT_AUX_it 2727 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2184 | CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2184 | CERTIFICATEPOLICIES_it 2728 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2185 | CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2185 | CERTIFICATEPOLICIES_it 2728 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2186 | _ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES | 2186 | _ossl_old_des_ede3_cbc_encrypt 2729 EXIST::FUNCTION:DES |
| 2187 | RAND_set_rand_engine 2730 EXIST::FUNCTION: | 2187 | RAND_set_rand_engine 2730 EXIST::FUNCTION:ENGINE |
| 2188 | DSO_get_loaded_filename 2731 EXIST::FUNCTION: | 2188 | DSO_get_loaded_filename 2731 EXIST::FUNCTION: |
| 2189 | X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2189 | X509_ATTRIBUTE_it 2732 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2190 | X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2190 | X509_ATTRIBUTE_it 2732 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2206,7 +2206,7 @@ i2d_OCSP_BASICRESP 2744 EXIST::FUNCTION: | |||
| 2206 | i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION: | 2206 | i2d_OCSP_RESPBYTES 2745 EXIST::FUNCTION: |
| 2207 | PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION: | 2207 | PKCS12_unpack_p7encdata 2746 EXIST::FUNCTION: |
| 2208 | HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC | 2208 | HMAC_CTX_init 2747 EXIST::FUNCTION:HMAC |
| 2209 | ENGINE_get_digest 2748 EXIST::FUNCTION: | 2209 | ENGINE_get_digest 2748 EXIST::FUNCTION:ENGINE |
| 2210 | OCSP_RESPONSE_print 2749 EXIST::FUNCTION: | 2210 | OCSP_RESPONSE_print 2749 EXIST::FUNCTION: |
| 2211 | KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2211 | KRB5_TKTBODY_it 2750 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2212 | KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2212 | KRB5_TKTBODY_it 2750 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2219,16 +2219,16 @@ PBE2PARAM_it 2753 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2219 | PKCS12_certbag2x509crl 2754 EXIST::FUNCTION: | 2219 | PKCS12_certbag2x509crl 2754 EXIST::FUNCTION: |
| 2220 | PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2220 | PKCS7_SIGNED_it 2755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2221 | PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2221 | PKCS7_SIGNED_it 2755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2222 | ENGINE_get_cipher 2756 EXIST::FUNCTION: | 2222 | ENGINE_get_cipher 2756 EXIST::FUNCTION:ENGINE |
| 2223 | i2d_OCSP_CRLID 2757 EXIST::FUNCTION: | 2223 | i2d_OCSP_CRLID 2757 EXIST::FUNCTION: |
| 2224 | OCSP_SINGLERESP_new 2758 EXIST::FUNCTION: | 2224 | OCSP_SINGLERESP_new 2758 EXIST::FUNCTION: |
| 2225 | ENGINE_cmd_is_executable 2759 EXIST::FUNCTION: | 2225 | ENGINE_cmd_is_executable 2759 EXIST::FUNCTION:ENGINE |
| 2226 | RSA_up_ref 2760 EXIST::FUNCTION:RSA | 2226 | RSA_up_ref 2760 EXIST::FUNCTION:RSA |
| 2227 | ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2227 | ASN1_GENERALSTRING_it 2761 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2228 | ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2228 | ASN1_GENERALSTRING_it 2761 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2229 | ENGINE_register_DSA 2762 EXIST::FUNCTION: | 2229 | ENGINE_register_DSA 2762 EXIST::FUNCTION:ENGINE |
| 2230 | X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION: | 2230 | X509V3_EXT_add_nconf_sk 2763 EXIST::FUNCTION: |
| 2231 | ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION: | 2231 | ENGINE_set_load_pubkey_function 2764 EXIST::FUNCTION:ENGINE |
| 2232 | PKCS8_decrypt 2765 EXIST::FUNCTION: | 2232 | PKCS8_decrypt 2765 EXIST::FUNCTION: |
| 2233 | PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO | 2233 | PEM_bytes_read_bio 2766 EXIST::FUNCTION:BIO |
| 2234 | DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2234 | DIRECTORYSTRING_it 2767 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2265,7 +2265,7 @@ UI_method_set_flusher 2789 EXIST::FUNCTION: | |||
| 2265 | X509_ocspid_print 2790 EXIST::FUNCTION:BIO | 2265 | X509_ocspid_print 2790 EXIST::FUNCTION:BIO |
| 2266 | KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2266 | KRB5_ENCDATA_it 2791 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2267 | KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2267 | KRB5_ENCDATA_it 2791 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2268 | ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION: | 2268 | ENGINE_get_load_pubkey_function 2792 EXIST::FUNCTION:ENGINE |
| 2269 | UI_add_user_data 2793 EXIST::FUNCTION: | 2269 | UI_add_user_data 2793 EXIST::FUNCTION: |
| 2270 | OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION: | 2270 | OCSP_REQUEST_delete_ext 2794 EXIST::FUNCTION: |
| 2271 | UI_get_method 2795 EXIST::FUNCTION: | 2271 | UI_get_method 2795 EXIST::FUNCTION: |
| @@ -2289,16 +2289,16 @@ ASN1_FBOOLEAN_it 2806 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2289 | ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2289 | ASN1_FBOOLEAN_it 2806 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2290 | UI_set_ex_data 2807 EXIST::FUNCTION: | 2290 | UI_set_ex_data 2807 EXIST::FUNCTION: |
| 2291 | _ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES | 2291 | _ossl_old_des_string_to_key 2808 EXIST::FUNCTION:DES |
| 2292 | ENGINE_register_all_RSA 2809 EXIST::FUNCTION: | 2292 | ENGINE_register_all_RSA 2809 EXIST::FUNCTION:ENGINE |
| 2293 | d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION: | 2293 | d2i_KRB5_PRINCNAME 2810 EXIST::FUNCTION: |
| 2294 | OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2294 | OCSP_RESPBYTES_it 2811 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2295 | OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2295 | OCSP_RESPBYTES_it 2811 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2296 | X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2296 | X509_CINF_it 2812 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2297 | X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2297 | X509_CINF_it 2812 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2298 | ENGINE_unregister_digests 2813 EXIST::FUNCTION: | 2298 | ENGINE_unregister_digests 2813 EXIST::FUNCTION:ENGINE |
| 2299 | d2i_EDIPARTYNAME 2814 EXIST::FUNCTION: | 2299 | d2i_EDIPARTYNAME 2814 EXIST::FUNCTION: |
| 2300 | d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION: | 2300 | d2i_OCSP_SERVICELOC 2815 EXIST::FUNCTION: |
| 2301 | ENGINE_get_digests 2816 EXIST::FUNCTION: | 2301 | ENGINE_get_digests 2816 EXIST::FUNCTION:ENGINE |
| 2302 | _ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES | 2302 | _ossl_old_des_set_odd_parity 2817 EXIST::FUNCTION:DES |
| 2303 | OCSP_RESPDATA_free 2818 EXIST::FUNCTION: | 2303 | OCSP_RESPDATA_free 2818 EXIST::FUNCTION: |
| 2304 | d2i_KRB5_TICKET 2819 EXIST::FUNCTION: | 2304 | d2i_KRB5_TICKET 2819 EXIST::FUNCTION: |
| @@ -2309,7 +2309,7 @@ d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION: | |||
| 2309 | X509_CRL_set_version 2823 EXIST::FUNCTION: | 2309 | X509_CRL_set_version 2823 EXIST::FUNCTION: |
| 2310 | BN_mod_sub 2824 EXIST::FUNCTION: | 2310 | BN_mod_sub 2824 EXIST::FUNCTION: |
| 2311 | OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION: | 2311 | OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION: |
| 2312 | ENGINE_get_ex_new_index 2826 EXIST::FUNCTION: | 2312 | ENGINE_get_ex_new_index 2826 EXIST::FUNCTION:ENGINE |
| 2313 | OCSP_REQUEST_free 2827 EXIST::FUNCTION: | 2313 | OCSP_REQUEST_free 2827 EXIST::FUNCTION: |
| 2314 | OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION: | 2314 | OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION: |
| 2315 | X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2315 | X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2343,7 +2343,7 @@ EC_POINT_method_of 2852 EXIST::FUNCTION:EC | |||
| 2343 | i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION: | 2343 | i2d_KRB5_APREQBODY 2853 EXIST::FUNCTION: |
| 2344 | _ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES | 2344 | _ossl_old_des_ecb3_encrypt 2854 EXIST::FUNCTION:DES |
| 2345 | CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION: | 2345 | CRYPTO_get_mem_ex_functions 2855 EXIST::FUNCTION: |
| 2346 | ENGINE_get_ex_data 2856 EXIST::FUNCTION: | 2346 | ENGINE_get_ex_data 2856 EXIST::FUNCTION:ENGINE |
| 2347 | UI_destroy_method 2857 EXIST::FUNCTION: | 2347 | UI_destroy_method 2857 EXIST::FUNCTION: |
| 2348 | ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO | 2348 | ASN1_item_i2d_bio 2858 EXIST::FUNCTION:BIO |
| 2349 | OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION: | 2349 | OCSP_ONEREQ_get_ext_by_OBJ 2859 EXIST::FUNCTION: |
| @@ -2367,7 +2367,7 @@ PKCS12_SAFEBAGS_it 2872 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2367 | PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2367 | PKCS12_SAFEBAGS_it 2872 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2368 | d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION: | 2368 | d2i_OCSP_SIGNATURE 2873 EXIST::FUNCTION: |
| 2369 | OCSP_request_add1_nonce 2874 EXIST::FUNCTION: | 2369 | OCSP_request_add1_nonce 2874 EXIST::FUNCTION: |
| 2370 | ENGINE_set_cmd_defns 2875 EXIST::FUNCTION: | 2370 | ENGINE_set_cmd_defns 2875 EXIST::FUNCTION:ENGINE |
| 2371 | OCSP_SERVICELOC_free 2876 EXIST::FUNCTION: | 2371 | OCSP_SERVICELOC_free 2876 EXIST::FUNCTION: |
| 2372 | EC_GROUP_free 2877 EXIST::FUNCTION:EC | 2372 | EC_GROUP_free 2877 EXIST::FUNCTION:EC |
| 2373 | ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2373 | ASN1_BIT_STRING_it 2878 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2384,7 +2384,7 @@ EC_GROUP_new_curve_GFp 2885 EXIST::FUNCTION:EC | |||
| 2384 | OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION: | 2384 | OCSP_REQUEST_get1_ext_d2i 2886 EXIST::FUNCTION: |
| 2385 | PKCS12_item_pack_safebag 2887 EXIST::FUNCTION: | 2385 | PKCS12_item_pack_safebag 2887 EXIST::FUNCTION: |
| 2386 | asn1_ex_c2i 2888 EXIST::FUNCTION: | 2386 | asn1_ex_c2i 2888 EXIST::FUNCTION: |
| 2387 | ENGINE_register_digests 2889 EXIST::FUNCTION: | 2387 | ENGINE_register_digests 2889 EXIST::FUNCTION:ENGINE |
| 2388 | i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION: | 2388 | i2d_OCSP_REVOKEDINFO 2890 EXIST::FUNCTION: |
| 2389 | asn1_enc_restore 2891 EXIST::FUNCTION: | 2389 | asn1_enc_restore 2891 EXIST::FUNCTION: |
| 2390 | UI_free 2892 EXIST::FUNCTION: | 2390 | UI_free 2892 EXIST::FUNCTION: |
| @@ -2395,7 +2395,7 @@ EC_POINT_invert 2896 EXIST::FUNCTION:EC | |||
| 2395 | OCSP_basic_sign 2897 EXIST::FUNCTION: | 2395 | OCSP_basic_sign 2897 EXIST::FUNCTION: |
| 2396 | i2d_OCSP_RESPID 2898 EXIST::FUNCTION: | 2396 | i2d_OCSP_RESPID 2898 EXIST::FUNCTION: |
| 2397 | OCSP_check_nonce 2899 EXIST::FUNCTION: | 2397 | OCSP_check_nonce 2899 EXIST::FUNCTION: |
| 2398 | ENGINE_ctrl_cmd 2900 EXIST::FUNCTION: | 2398 | ENGINE_ctrl_cmd 2900 EXIST::FUNCTION:ENGINE |
| 2399 | d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION: | 2399 | d2i_KRB5_ENCKEY 2901 EXIST::FUNCTION: |
| 2400 | OCSP_parse_url 2902 EXIST::FUNCTION: | 2400 | OCSP_parse_url 2902 EXIST::FUNCTION: |
| 2401 | OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION: | 2401 | OCSP_SINGLERESP_get_ext 2903 EXIST::FUNCTION: |
| @@ -2403,12 +2403,12 @@ OCSP_CRLID_free 2904 EXIST::FUNCTION: | |||
| 2403 | OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION: | 2403 | OCSP_BASICRESP_get1_ext_d2i 2905 EXIST::FUNCTION: |
| 2404 | RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA | 2404 | RSAPrivateKey_it 2906 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA |
| 2405 | RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA | 2405 | RSAPrivateKey_it 2906 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA |
| 2406 | ENGINE_register_all_DH 2907 EXIST::FUNCTION: | 2406 | ENGINE_register_all_DH 2907 EXIST::FUNCTION:ENGINE |
| 2407 | i2d_EDIPARTYNAME 2908 EXIST::FUNCTION: | 2407 | i2d_EDIPARTYNAME 2908 EXIST::FUNCTION: |
| 2408 | EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC | 2408 | EC_POINT_get_affine_coordinates_GFp 2909 EXIST:!VMS:FUNCTION:EC |
| 2409 | EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC | 2409 | EC_POINT_get_affine_coords_GFp 2909 EXIST:VMS:FUNCTION:EC |
| 2410 | OCSP_CRLID_new 2910 EXIST::FUNCTION: | 2410 | OCSP_CRLID_new 2910 EXIST::FUNCTION: |
| 2411 | ENGINE_get_flags 2911 EXIST::FUNCTION: | 2411 | ENGINE_get_flags 2911 EXIST::FUNCTION:ENGINE |
| 2412 | OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2412 | OCSP_ONEREQ_it 2912 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2413 | OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2413 | OCSP_ONEREQ_it 2912 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2414 | UI_process 2913 EXIST::FUNCTION: | 2414 | UI_process 2913 EXIST::FUNCTION: |
| @@ -2416,8 +2416,8 @@ ASN1_INTEGER_it 2914 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2416 | ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2416 | ASN1_INTEGER_it 2914 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2417 | EVP_CipherInit_ex 2915 EXIST::FUNCTION: | 2417 | EVP_CipherInit_ex 2915 EXIST::FUNCTION: |
| 2418 | UI_get_string_type 2916 EXIST::FUNCTION: | 2418 | UI_get_string_type 2916 EXIST::FUNCTION: |
| 2419 | ENGINE_unregister_DH 2917 EXIST::FUNCTION: | 2419 | ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE |
| 2420 | ENGINE_register_all_DSA 2918 EXIST::FUNCTION: | 2420 | ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE |
| 2421 | OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: | 2421 | OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION: |
| 2422 | bn_dup_expand 2920 EXIST::FUNCTION: | 2422 | bn_dup_expand 2920 EXIST::FUNCTION: |
| 2423 | OCSP_cert_id_new 2921 EXIST::FUNCTION: | 2423 | OCSP_cert_id_new 2921 EXIST::FUNCTION: |
| @@ -2438,11 +2438,11 @@ BN_mod_sub_quick 2933 EXIST::FUNCTION: | |||
| 2438 | OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION: | 2438 | OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION: |
| 2439 | OCSP_request_sign 2935 EXIST::FUNCTION: | 2439 | OCSP_request_sign 2935 EXIST::FUNCTION: |
| 2440 | EVP_DigestFinal_ex 2936 EXIST::FUNCTION: | 2440 | EVP_DigestFinal_ex 2936 EXIST::FUNCTION: |
| 2441 | ENGINE_set_digests 2937 EXIST::FUNCTION: | 2441 | ENGINE_set_digests 2937 EXIST::FUNCTION:ENGINE |
| 2442 | OCSP_id_issuer_cmp 2938 EXIST::FUNCTION: | 2442 | OCSP_id_issuer_cmp 2938 EXIST::FUNCTION: |
| 2443 | OBJ_NAME_do_all 2939 EXIST::FUNCTION: | 2443 | OBJ_NAME_do_all 2939 EXIST::FUNCTION: |
| 2444 | EC_POINTs_mul 2940 EXIST::FUNCTION:EC | 2444 | EC_POINTs_mul 2940 EXIST::FUNCTION:EC |
| 2445 | ENGINE_register_complete 2941 EXIST::FUNCTION: | 2445 | ENGINE_register_complete 2941 EXIST::FUNCTION:ENGINE |
| 2446 | X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION: | 2446 | X509V3_EXT_nconf_nid 2942 EXIST::FUNCTION: |
| 2447 | ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2447 | ASN1_SEQUENCE_it 2943 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2448 | ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2448 | ASN1_SEQUENCE_it 2943 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2451,7 +2451,7 @@ RAND_query_egd_bytes 2945 EXIST::FUNCTION: | |||
| 2451 | UI_method_get_writer 2946 EXIST::FUNCTION: | 2451 | UI_method_get_writer 2946 EXIST::FUNCTION: |
| 2452 | UI_OpenSSL 2947 EXIST::FUNCTION: | 2452 | UI_OpenSSL 2947 EXIST::FUNCTION: |
| 2453 | PEM_def_callback 2948 EXIST::FUNCTION: | 2453 | PEM_def_callback 2948 EXIST::FUNCTION: |
| 2454 | ENGINE_cleanup 2949 EXIST::FUNCTION: | 2454 | ENGINE_cleanup 2949 EXIST::FUNCTION:ENGINE |
| 2455 | DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2455 | DIST_POINT_it 2950 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2456 | DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2456 | DIST_POINT_it 2950 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2457 | OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2457 | OCSP_SINGLERESP_it 2951 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2475,7 +2475,7 @@ OCSP_RESPID_new 2967 EXIST::FUNCTION: | |||
| 2475 | OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2475 | OCSP_RESPDATA_it 2968 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2476 | OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2476 | OCSP_RESPDATA_it 2968 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2477 | d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION: | 2477 | d2i_OCSP_RESPDATA 2969 EXIST::FUNCTION: |
| 2478 | ENGINE_register_all_complete 2970 EXIST::FUNCTION: | 2478 | ENGINE_register_all_complete 2970 EXIST::FUNCTION:ENGINE |
| 2479 | OCSP_check_validity 2971 EXIST::FUNCTION: | 2479 | OCSP_check_validity 2971 EXIST::FUNCTION: |
| 2480 | PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2480 | PKCS12_BAGS_it 2972 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2481 | PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2481 | PKCS12_BAGS_it 2972 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2487,7 +2487,7 @@ KRB5_AUTHENTBODY_it 2976 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2487 | X509_supported_extension 2977 EXIST::FUNCTION: | 2487 | X509_supported_extension 2977 EXIST::FUNCTION: |
| 2488 | i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION: | 2488 | i2d_KRB5_AUTHDATA 2978 EXIST::FUNCTION: |
| 2489 | UI_method_get_opener 2979 EXIST::FUNCTION: | 2489 | UI_method_get_opener 2979 EXIST::FUNCTION: |
| 2490 | ENGINE_set_ex_data 2980 EXIST::FUNCTION: | 2490 | ENGINE_set_ex_data 2980 EXIST::FUNCTION:ENGINE |
| 2491 | OCSP_REQUEST_print 2981 EXIST::FUNCTION: | 2491 | OCSP_REQUEST_print 2981 EXIST::FUNCTION: |
| 2492 | CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2492 | CBIGNUM_it 2982 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2493 | CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2493 | CBIGNUM_it 2982 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2501,7 +2501,7 @@ OCSP_single_get0_status 2989 EXIST::FUNCTION: | |||
| 2501 | BN_swap 2990 EXIST::FUNCTION: | 2501 | BN_swap 2990 EXIST::FUNCTION: |
| 2502 | POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2502 | POLICYINFO_it 2991 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2503 | POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2503 | POLICYINFO_it 2991 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2504 | ENGINE_set_destroy_function 2992 EXIST::FUNCTION: | 2504 | ENGINE_set_destroy_function 2992 EXIST::FUNCTION:ENGINE |
| 2505 | asn1_enc_free 2993 EXIST::FUNCTION: | 2505 | asn1_enc_free 2993 EXIST::FUNCTION: |
| 2506 | OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2506 | OCSP_RESPID_it 2994 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2507 | OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2507 | OCSP_RESPID_it 2994 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2523,8 +2523,8 @@ EDIPARTYNAME_it 3005 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2523 | NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2523 | NETSCAPE_SPKI_it 3006 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2524 | NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2524 | NETSCAPE_SPKI_it 3006 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2525 | UI_get0_test_string 3007 EXIST::FUNCTION: | 2525 | UI_get0_test_string 3007 EXIST::FUNCTION: |
| 2526 | ENGINE_get_cipher_engine 3008 EXIST::FUNCTION: | 2526 | ENGINE_get_cipher_engine 3008 EXIST::FUNCTION:ENGINE |
| 2527 | ENGINE_register_all_ciphers 3009 EXIST::FUNCTION: | 2527 | ENGINE_register_all_ciphers 3009 EXIST::FUNCTION:ENGINE |
| 2528 | EC_POINT_copy 3010 EXIST::FUNCTION:EC | 2528 | EC_POINT_copy 3010 EXIST::FUNCTION:EC |
| 2529 | BN_kronecker 3011 EXIST::FUNCTION: | 2529 | BN_kronecker 3011 EXIST::FUNCTION: |
| 2530 | _ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES | 2530 | _ossl_old_des_ede3_ofb64_encrypt 3012 EXIST:!VMS:FUNCTION:DES |
| @@ -2545,9 +2545,9 @@ OCSP_RESPONSE_new 3023 EXIST::FUNCTION: | |||
| 2545 | AES_set_encrypt_key 3024 EXIST::FUNCTION:AES | 2545 | AES_set_encrypt_key 3024 EXIST::FUNCTION:AES |
| 2546 | OCSP_resp_count 3025 EXIST::FUNCTION: | 2546 | OCSP_resp_count 3025 EXIST::FUNCTION: |
| 2547 | KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: | 2547 | KRB5_CHECKSUM_new 3026 EXIST::FUNCTION: |
| 2548 | ENGINE_load_cswift 3027 EXIST::FUNCTION: | 2548 | ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE |
| 2549 | OCSP_onereq_get0_id 3028 EXIST::FUNCTION: | 2549 | OCSP_onereq_get0_id 3028 EXIST::FUNCTION: |
| 2550 | ENGINE_set_default_ciphers 3029 EXIST::FUNCTION: | 2550 | ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE |
| 2551 | NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2551 | NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2552 | NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2552 | NOTICEREF_it 3030 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2553 | X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION: | 2553 | X509V3_EXT_CRL_add_nconf 3031 EXIST::FUNCTION: |
| @@ -2565,7 +2565,7 @@ AES_decrypt 3040 EXIST::FUNCTION:AES | |||
| 2565 | asn1_enc_init 3041 EXIST::FUNCTION: | 2565 | asn1_enc_init 3041 EXIST::FUNCTION: |
| 2566 | UI_get_result_maxsize 3042 EXIST::FUNCTION: | 2566 | UI_get_result_maxsize 3042 EXIST::FUNCTION: |
| 2567 | OCSP_CERTID_new 3043 EXIST::FUNCTION: | 2567 | OCSP_CERTID_new 3043 EXIST::FUNCTION: |
| 2568 | ENGINE_unregister_RAND 3044 EXIST::FUNCTION: | 2568 | ENGINE_unregister_RAND 3044 EXIST::FUNCTION:ENGINE |
| 2569 | UI_method_get_closer 3045 EXIST::FUNCTION: | 2569 | UI_method_get_closer 3045 EXIST::FUNCTION: |
| 2570 | d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION: | 2570 | d2i_KRB5_ENCDATA 3046 EXIST::FUNCTION: |
| 2571 | OCSP_request_onereq_count 3047 EXIST::FUNCTION: | 2571 | OCSP_request_onereq_count 3047 EXIST::FUNCTION: |
| @@ -2576,7 +2576,7 @@ ASN1_primitive_free 3051 EXIST::FUNCTION: | |||
| 2576 | i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: | 2576 | i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION: |
| 2577 | i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: | 2577 | i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION: |
| 2578 | asn1_enc_save 3054 EXIST::FUNCTION: | 2578 | asn1_enc_save 3054 EXIST::FUNCTION: |
| 2579 | ENGINE_load_nuron 3055 EXIST::FUNCTION: | 2579 | ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE |
| 2580 | _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES | 2580 | _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES |
| 2581 | PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2581 | PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2582 | PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2582 | PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2598,15 +2598,15 @@ ASN1_item_d2i_bio 3069 EXIST::FUNCTION:BIO | |||
| 2598 | EC_POINT_dbl 3070 EXIST::FUNCTION:EC | 2598 | EC_POINT_dbl 3070 EXIST::FUNCTION:EC |
| 2599 | asn1_get_choice_selector 3071 EXIST::FUNCTION: | 2599 | asn1_get_choice_selector 3071 EXIST::FUNCTION: |
| 2600 | i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: | 2600 | i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION: |
| 2601 | ENGINE_set_table_flags 3073 EXIST::FUNCTION: | 2601 | ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE |
| 2602 | AES_options 3074 EXIST::FUNCTION:AES | 2602 | AES_options 3074 EXIST::FUNCTION:AES |
| 2603 | ENGINE_load_chil 3075 EXIST::FUNCTION: | 2603 | ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE |
| 2604 | OCSP_id_cmp 3076 EXIST::FUNCTION: | 2604 | OCSP_id_cmp 3076 EXIST::FUNCTION: |
| 2605 | OCSP_BASICRESP_new 3077 EXIST::FUNCTION: | 2605 | OCSP_BASICRESP_new 3077 EXIST::FUNCTION: |
| 2606 | OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: | 2606 | OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION: |
| 2607 | KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2607 | KRB5_APREQ_it 3079 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2608 | KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2608 | KRB5_APREQ_it 3079 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2609 | ENGINE_get_destroy_function 3080 EXIST::FUNCTION: | 2609 | ENGINE_get_destroy_function 3080 EXIST::FUNCTION:ENGINE |
| 2610 | CONF_set_nconf 3081 EXIST::FUNCTION: | 2610 | CONF_set_nconf 3081 EXIST::FUNCTION: |
| 2611 | ASN1_PRINTABLE_free 3082 EXIST::FUNCTION: | 2611 | ASN1_PRINTABLE_free 3082 EXIST::FUNCTION: |
| 2612 | OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION: | 2612 | OCSP_BASICRESP_get_ext_by_NID 3083 EXIST::FUNCTION: |
| @@ -2667,7 +2667,7 @@ OCSP_CRLID_it 3127 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2667 | OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2667 | OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2668 | i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: | 2668 | i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION: |
| 2669 | OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: | 2669 | OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION: |
| 2670 | ENGINE_load_atalla 3130 EXIST::FUNCTION: | 2670 | ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE |
| 2671 | X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2671 | X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2672 | X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2672 | X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2673 | USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2673 | USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| @@ -2685,7 +2685,7 @@ UI_method_set_opener 3140 EXIST::FUNCTION: | |||
| 2685 | ASN1_item_ex_free 3141 EXIST::FUNCTION: | 2685 | ASN1_item_ex_free 3141 EXIST::FUNCTION: |
| 2686 | ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2686 | ASN1_BOOLEAN_it 3142 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2687 | ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2687 | ASN1_BOOLEAN_it 3142 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2688 | ENGINE_get_table_flags 3143 EXIST::FUNCTION: | 2688 | ENGINE_get_table_flags 3143 EXIST::FUNCTION:ENGINE |
| 2689 | UI_create_method 3144 EXIST::FUNCTION: | 2689 | UI_create_method 3144 EXIST::FUNCTION: |
| 2690 | OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION: | 2690 | OCSP_ONEREQ_add1_ext_i2d 3145 EXIST::FUNCTION: |
| 2691 | _shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES | 2691 | _shadow_DES_check_key 3146 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES |
| @@ -2709,7 +2709,7 @@ PKCS7_it 3160 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA | |||
| 2709 | PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2709 | PKCS7_it 3160 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2710 | OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION: | 2710 | OCSP_REQUEST_get_ext_by_critical 3161 EXIST:!VMS:FUNCTION: |
| 2711 | OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION: | 2711 | OCSP_REQUEST_get_ext_by_crit 3161 EXIST:VMS:FUNCTION: |
| 2712 | ENGINE_set_flags 3162 EXIST::FUNCTION: | 2712 | ENGINE_set_flags 3162 EXIST::FUNCTION:ENGINE |
| 2713 | _ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES | 2713 | _ossl_old_des_ecb_encrypt 3163 EXIST::FUNCTION:DES |
| 2714 | OCSP_response_get1_basic 3164 EXIST::FUNCTION: | 2714 | OCSP_response_get1_basic 3164 EXIST::FUNCTION: |
| 2715 | EVP_Digest 3165 EXIST::FUNCTION: | 2715 | EVP_Digest 3165 EXIST::FUNCTION: |
| @@ -2721,8 +2721,8 @@ ASN1_TIME_to_generalizedtime 3169 EXIST::FUNCTION: | |||
| 2721 | BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2721 | BIGNUM_it 3170 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2722 | BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2722 | BIGNUM_it 3170 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| 2723 | AES_cbc_encrypt 3171 EXIST::FUNCTION:AES | 2723 | AES_cbc_encrypt 3171 EXIST::FUNCTION:AES |
| 2724 | ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION: | 2724 | ENGINE_get_load_privkey_function 3172 EXIST:!VMS:FUNCTION:ENGINE |
| 2725 | ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION: | 2725 | ENGINE_get_load_privkey_fn 3172 EXIST:VMS:FUNCTION:ENGINE |
| 2726 | OCSP_RESPONSE_free 3173 EXIST::FUNCTION: | 2726 | OCSP_RESPONSE_free 3173 EXIST::FUNCTION: |
| 2727 | UI_method_set_reader 3174 EXIST::FUNCTION: | 2727 | UI_method_set_reader 3174 EXIST::FUNCTION: |
| 2728 | i2d_ASN1_T61STRING 3175 EXIST::FUNCTION: | 2728 | i2d_ASN1_T61STRING 3175 EXIST::FUNCTION: |
| @@ -2736,7 +2736,7 @@ OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION: | |||
| 2736 | OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION: | 2736 | OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION: |
| 2737 | CONF_modules_load_file 3182 EXIST::FUNCTION: | 2737 | CONF_modules_load_file 3182 EXIST::FUNCTION: |
| 2738 | CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: | 2738 | CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: |
| 2739 | ENGINE_set_default_string 3184 EXIST::FUNCTION: | 2739 | ENGINE_set_default_string 3184 EXIST::FUNCTION:ENGINE |
| 2740 | CONF_module_get_usr_data 3185 EXIST::FUNCTION: | 2740 | CONF_module_get_usr_data 3185 EXIST::FUNCTION: |
| 2741 | ASN1_add_oid_module 3186 EXIST::FUNCTION: | 2741 | ASN1_add_oid_module 3186 EXIST::FUNCTION: |
| 2742 | CONF_modules_finish 3187 EXIST::FUNCTION: | 2742 | CONF_modules_finish 3187 EXIST::FUNCTION: |
| @@ -2754,7 +2754,7 @@ CONF_imodule_get_name 3198 EXIST::FUNCTION: | |||
| 2754 | ERR_peek_top_error 3199 NOEXIST::FUNCTION: | 2754 | ERR_peek_top_error 3199 NOEXIST::FUNCTION: |
| 2755 | CONF_imodule_get_usr_data 3200 EXIST::FUNCTION: | 2755 | CONF_imodule_get_usr_data 3200 EXIST::FUNCTION: |
| 2756 | CONF_imodule_set_flags 3201 EXIST::FUNCTION: | 2756 | CONF_imodule_set_flags 3201 EXIST::FUNCTION: |
| 2757 | ENGINE_add_conf_module 3202 EXIST::FUNCTION: | 2757 | ENGINE_add_conf_module 3202 EXIST::FUNCTION:ENGINE |
| 2758 | ERR_peek_last_error_line 3203 EXIST::FUNCTION: | 2758 | ERR_peek_last_error_line 3203 EXIST::FUNCTION: |
| 2759 | ERR_peek_last_error_line_data 3204 EXIST::FUNCTION: | 2759 | ERR_peek_last_error_line_data 3204 EXIST::FUNCTION: |
| 2760 | ERR_peek_last_error 3205 EXIST::FUNCTION: | 2760 | ERR_peek_last_error 3205 EXIST::FUNCTION: |
| @@ -2762,8 +2762,8 @@ DES_read_2passwords 3206 EXIST::FUNCTION:DES | |||
| 2762 | DES_read_password 3207 EXIST::FUNCTION:DES | 2762 | DES_read_password 3207 EXIST::FUNCTION:DES |
| 2763 | UI_UTIL_read_pw 3208 EXIST::FUNCTION: | 2763 | UI_UTIL_read_pw 3208 EXIST::FUNCTION: |
| 2764 | UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: | 2764 | UI_UTIL_read_pw_string 3209 EXIST::FUNCTION: |
| 2765 | ENGINE_load_aep 3210 EXIST::FUNCTION: | 2765 | ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE |
| 2766 | ENGINE_load_sureware 3211 EXIST::FUNCTION: | 2766 | ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE |
| 2767 | OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: | 2767 | OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION: |
| 2768 | OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: | 2768 | OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION: |
| 2769 | OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: | 2769 | OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION: |
| @@ -2772,7 +2772,7 @@ OPENSSL_load_builtin_modules 3214 EXIST::FUNCTION: | |||
| 2772 | AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES | 2772 | AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES |
| 2773 | AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES | 2773 | AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES |
| 2774 | AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES | 2774 | AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES |
| 2775 | ENGINE_load_4758cca 3218 EXIST::FUNCTION: | 2775 | ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE |
| 2776 | _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES | 2776 | _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES |
| 2777 | EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES | 2777 | EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES |
| 2778 | EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES | 2778 | EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES |
| @@ -2793,3 +2793,11 @@ ASN1_UNIVERSALSTRING_it 3234 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2793 | d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION: | 2793 | d2i_ASN1_UNIVERSALSTRING 3235 EXIST::FUNCTION: |
| 2794 | EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES | 2794 | EVP_des_ede3_ecb 3236 EXIST::FUNCTION:DES |
| 2795 | X509_REQ_print_ex 3237 EXIST::FUNCTION:BIO | 2795 | X509_REQ_print_ex 3237 EXIST::FUNCTION:BIO |
| 2796 | ENGINE_up_ref 3238 EXIST::FUNCTION:ENGINE | ||
| 2797 | BUF_MEM_grow_clean 3239 EXIST::FUNCTION: | ||
| 2798 | CRYPTO_realloc_clean 3240 EXIST::FUNCTION: | ||
| 2799 | BUF_strlcat 3241 EXIST::FUNCTION: | ||
| 2800 | BIO_indent 3242 EXIST::FUNCTION: | ||
| 2801 | BUF_strlcpy 3243 EXIST::FUNCTION: | ||
| 2802 | OpenSSLDie 3244 EXIST::FUNCTION: | ||
| 2803 | OPENSSL_cleanse 3245 EXIST::FUNCTION: | ||
diff --git a/src/lib/libssl/src/util/mk1mf.pl b/src/lib/libssl/src/util/mk1mf.pl index c9271bbffe..c538f9dffb 100644 --- a/src/lib/libssl/src/util/mk1mf.pl +++ b/src/lib/libssl/src/util/mk1mf.pl | |||
| @@ -24,6 +24,7 @@ $infile="MINFO"; | |||
| 24 | 24 | ||
| 25 | %ops=( | 25 | %ops=( |
| 26 | "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", | 26 | "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", |
| 27 | "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", | ||
| 27 | "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", | 28 | "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", |
| 28 | "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", | 29 | "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", |
| 29 | "VC-WIN16", "Alias for VC-W31-32", | 30 | "VC-WIN16", "Alias for VC-W31-32", |
| @@ -63,6 +64,8 @@ and [options] can be one of | |||
| 63 | no-asm - No x86 asm | 64 | no-asm - No x86 asm |
| 64 | no-krb5 - No KRB5 | 65 | no-krb5 - No KRB5 |
| 65 | no-ec - No EC | 66 | no-ec - No EC |
| 67 | no-engine - No engine | ||
| 68 | no-hw - No hw | ||
| 66 | nasm - Use NASM for x86 asm | 69 | nasm - Use NASM for x86 asm |
| 67 | gaswin - Use GNU as with Mingw32 | 70 | gaswin - Use GNU as with Mingw32 |
| 68 | no-socks - No socket code | 71 | no-socks - No socket code |
| @@ -137,6 +140,10 @@ elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) | |||
| 137 | $NT = 1 if $platform eq "VC-NT"; | 140 | $NT = 1 if $platform eq "VC-NT"; |
| 138 | require 'VC-32.pl'; | 141 | require 'VC-32.pl'; |
| 139 | } | 142 | } |
| 143 | elsif ($platform eq "VC-CE") | ||
| 144 | { | ||
| 145 | require 'VC-CE.pl'; | ||
| 146 | } | ||
| 140 | elsif ($platform eq "Mingw32") | 147 | elsif ($platform eq "Mingw32") |
| 141 | { | 148 | { |
| 142 | require 'Mingw32.pl'; | 149 | require 'Mingw32.pl'; |
| @@ -213,7 +220,7 @@ $cflags.=" -DOPENSSL_NO_MD4" if $no_md4; | |||
| 213 | $cflags.=" -DOPENSSL_NO_MD5" if $no_md5; | 220 | $cflags.=" -DOPENSSL_NO_MD5" if $no_md5; |
| 214 | $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; | 221 | $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; |
| 215 | $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; | 222 | $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; |
| 216 | $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_rmd160; | 223 | $cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd; |
| 217 | $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; | 224 | $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; |
| 218 | $cflags.=" -DOPENSSL_NO_BF" if $no_bf; | 225 | $cflags.=" -DOPENSSL_NO_BF" if $no_bf; |
| 219 | $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; | 226 | $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; |
| @@ -227,6 +234,8 @@ $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; | |||
| 227 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; | 234 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; |
| 228 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; | 235 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; |
| 229 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; | 236 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; |
| 237 | $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; | ||
| 238 | $cflags.=" -DOPENSSL_NO_HW" if $no_hw; | ||
| 230 | #$cflags.=" -DRSAref" if $rsaref ne ""; | 239 | #$cflags.=" -DRSAref" if $rsaref ne ""; |
| 231 | 240 | ||
| 232 | ## if ($unix) | 241 | ## if ($unix) |
| @@ -266,6 +275,17 @@ $defs= <<"EOF"; | |||
| 266 | # The one monster makefile better suits building in non-unix | 275 | # The one monster makefile better suits building in non-unix |
| 267 | # environments. | 276 | # environments. |
| 268 | 277 | ||
| 278 | EOF | ||
| 279 | |||
| 280 | if ($platform eq "VC-CE") | ||
| 281 | { | ||
| 282 | $defs.= <<"EOF"; | ||
| 283 | !INCLUDE <\$(WCECOMPAT)/wcedefs.mak> | ||
| 284 | |||
| 285 | EOF | ||
| 286 | } | ||
| 287 | |||
| 288 | $defs.= <<"EOF"; | ||
| 269 | INSTALLTOP=$INSTALLTOP | 289 | INSTALLTOP=$INSTALLTOP |
| 270 | 290 | ||
| 271 | # Set your compiler options | 291 | # Set your compiler options |
| @@ -632,6 +652,8 @@ sub var_add | |||
| 632 | local($dir,$val)=@_; | 652 | local($dir,$val)=@_; |
| 633 | local(@a,$_,$ret); | 653 | local(@a,$_,$ret); |
| 634 | 654 | ||
| 655 | return("") if $no_engine && $dir =~ /\/engine/; | ||
| 656 | return("") if $no_hw && $dir =~ /\/hw/; | ||
| 635 | return("") if $no_idea && $dir =~ /\/idea/; | 657 | return("") if $no_idea && $dir =~ /\/idea/; |
| 636 | return("") if $no_aes && $dir =~ /\/aes/; | 658 | return("") if $no_aes && $dir =~ /\/aes/; |
| 637 | return("") if $no_rc2 && $dir =~ /\/rc2/; | 659 | return("") if $no_rc2 && $dir =~ /\/rc2/; |
| @@ -641,6 +663,7 @@ sub var_add | |||
| 641 | return("") if $no_rsa && $dir =~ /^rsaref/; | 663 | return("") if $no_rsa && $dir =~ /^rsaref/; |
| 642 | return("") if $no_dsa && $dir =~ /\/dsa/; | 664 | return("") if $no_dsa && $dir =~ /\/dsa/; |
| 643 | return("") if $no_dh && $dir =~ /\/dh/; | 665 | return("") if $no_dh && $dir =~ /\/dh/; |
| 666 | return("") if $no_ec && $dir =~ /\/ec/; | ||
| 644 | if ($no_des && $dir =~ /\/des/) | 667 | if ($no_des && $dir =~ /\/des/) |
| 645 | { | 668 | { |
| 646 | if ($val =~ /read_pwd/) | 669 | if ($val =~ /read_pwd/) |
| @@ -675,7 +698,7 @@ sub var_add | |||
| 675 | @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2; | 698 | @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2; |
| 676 | @a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4; | 699 | @a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4; |
| 677 | @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5; | 700 | @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5; |
| 678 | @a=grep(!/(rmd)|(ripemd)/,@a) if $no_rmd160; | 701 | @a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd; |
| 679 | 702 | ||
| 680 | @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa; | 703 | @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa; |
| 681 | @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa; | 704 | @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa; |
| @@ -692,6 +715,8 @@ sub var_add | |||
| 692 | @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; | 715 | @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; |
| 693 | @a=grep(!/_mdc2$/,@a) if $no_mdc2; | 716 | @a=grep(!/_mdc2$/,@a) if $no_mdc2; |
| 694 | 717 | ||
| 718 | @a=grep(!/^engine$/,@a) if $no_engine; | ||
| 719 | @a=grep(!/^hw$/,@a) if $no_hw; | ||
| 695 | @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; | 720 | @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; |
| 696 | @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa; | 721 | @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa; |
| 697 | @a=grep(!/^gendsa$/,@a) if $no_sha1; | 722 | @a=grep(!/^gendsa$/,@a) if $no_sha1; |
| @@ -885,10 +910,12 @@ sub read_options | |||
| 885 | elsif (/^no-sock$/) { $no_sock=1; } | 910 | elsif (/^no-sock$/) { $no_sock=1; } |
| 886 | elsif (/^no-krb5$/) { $no_krb5=1; } | 911 | elsif (/^no-krb5$/) { $no_krb5=1; } |
| 887 | elsif (/^no-ec$/) { $no_ec=1; } | 912 | elsif (/^no-ec$/) { $no_ec=1; } |
| 913 | elsif (/^no-engine$/) { $no_engine=1; } | ||
| 914 | elsif (/^no-hw$/) { $no_hw=1; } | ||
| 888 | 915 | ||
| 889 | elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; | 916 | elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; |
| 890 | $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; | 917 | $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; |
| 891 | $no_ssl2=$no_err=$no_rmd160=$no_rc5=1; | 918 | $no_ssl2=$no_err=$no_ripemd=$no_rc5=1; |
| 892 | $no_aes=1; } | 919 | $no_aes=1; } |
| 893 | 920 | ||
| 894 | elsif (/^rsaref$/) { } | 921 | elsif (/^rsaref$/) { } |
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl index adfd447dd3..cdd2164c4e 100644 --- a/src/lib/libssl/src/util/mkdef.pl +++ b/src/lib/libssl/src/util/mkdef.pl | |||
| @@ -91,7 +91,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", | |||
| 91 | "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", | 91 | "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", |
| 92 | "LOCKING", | 92 | "LOCKING", |
| 93 | # External "algorithms" | 93 | # External "algorithms" |
| 94 | "FP_API", "STDIO", "SOCK", "KRB5" ); | 94 | "FP_API", "STDIO", "SOCK", "KRB5", "ENGINE", "HW" ); |
| 95 | 95 | ||
| 96 | my $options=""; | 96 | my $options=""; |
| 97 | open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; | 97 | open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n"; |
| @@ -107,7 +107,7 @@ my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf; | |||
| 107 | my $no_cast; | 107 | my $no_cast; |
| 108 | my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; | 108 | my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; |
| 109 | my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; | 109 | my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; |
| 110 | my $no_ec; | 110 | my $no_ec; my $no_engine; my $no_hw; |
| 111 | my $no_fp_api; | 111 | my $no_fp_api; |
| 112 | 112 | ||
| 113 | foreach (@ARGV, split(/ /, $options)) | 113 | foreach (@ARGV, split(/ /, $options)) |
| @@ -176,6 +176,8 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 176 | elsif (/^no-comp$/) { $no_comp=1; } | 176 | elsif (/^no-comp$/) { $no_comp=1; } |
| 177 | elsif (/^no-dso$/) { $no_dso=1; } | 177 | elsif (/^no-dso$/) { $no_dso=1; } |
| 178 | elsif (/^no-krb5$/) { $no_krb5=1; } | 178 | elsif (/^no-krb5$/) { $no_krb5=1; } |
| 179 | elsif (/^no-engine$/) { $no_engine=1; } | ||
| 180 | elsif (/^no-hw$/) { $no_hw=1; } | ||
| 179 | } | 181 | } |
| 180 | 182 | ||
| 181 | 183 | ||
| @@ -235,7 +237,7 @@ $crypto.=" crypto/dh/dh.h" ; # unless $no_dh; | |||
| 235 | $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; | 237 | $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; |
| 236 | $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; | 238 | $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; |
| 237 | 239 | ||
| 238 | $crypto.=" crypto/engine/engine.h"; | 240 | $crypto.=" crypto/engine/engine.h"; # unless $no_engine; |
| 239 | $crypto.=" crypto/stack/stack.h" ; # unless $no_stack; | 241 | $crypto.=" crypto/stack/stack.h" ; # unless $no_stack; |
| 240 | $crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer; | 242 | $crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer; |
| 241 | $crypto.=" crypto/bio/bio.h" ; # unless $no_bio; | 243 | $crypto.=" crypto/bio/bio.h" ; # unless $no_bio; |
| @@ -438,7 +440,12 @@ sub do_defs | |||
| 438 | } | 440 | } |
| 439 | 441 | ||
| 440 | s/\/\*.*?\*\///gs; # ignore comments | 442 | s/\/\*.*?\*\///gs; # ignore comments |
| 443 | if (/\/\*/) { # if we have part | ||
| 444 | $line = $_; # of a comment, | ||
| 445 | next; # continue reading | ||
| 446 | } | ||
| 441 | s/{[^{}]*}//gs; # ignore {} blocks | 447 | s/{[^{}]*}//gs; # ignore {} blocks |
| 448 | print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne ""; | ||
| 442 | print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; | 449 | print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; |
| 443 | if (/^\#\s*ifndef\s+(.*)/) { | 450 | if (/^\#\s*ifndef\s+(.*)/) { |
| 444 | push(@tag,"-"); | 451 | push(@tag,"-"); |
| @@ -812,14 +819,14 @@ sub do_defs | |||
| 812 | } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { | 819 | } elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) { |
| 813 | $s = $1; | 820 | $s = $1; |
| 814 | print STDERR "DEBUG: found ANSI C function $s\n" if $debug; | 821 | print STDERR "DEBUG: found ANSI C function $s\n" if $debug; |
| 815 | } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s) { | 822 | } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 816 | # K&R C | 823 | # K&R C |
| 817 | print STDERR "DEBUG: found K&R C function $s\n" if $debug; | 824 | print STDERR "DEBUG: found K&R C function $s\n" if $debug; |
| 818 | next; | 825 | next; |
| 819 | } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)$/s) { | 826 | } elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 820 | while (not /\(\)$/s) { | 827 | while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 821 | s/[^\(\)]*\)$/\)/s; | 828 | s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 822 | s/\([^\(\)]*\)\)$/\)/s; | 829 | s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 823 | } | 830 | } |
| 824 | s/\(void\)//; | 831 | s/\(void\)//; |
| 825 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; | 832 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; |
| @@ -1052,6 +1059,8 @@ sub is_valid | |||
| 1052 | if ($keyword eq "COMP" && $no_comp) { return 0; } | 1059 | if ($keyword eq "COMP" && $no_comp) { return 0; } |
| 1053 | if ($keyword eq "DSO" && $no_dso) { return 0; } | 1060 | if ($keyword eq "DSO" && $no_dso) { return 0; } |
| 1054 | if ($keyword eq "KRB5" && $no_krb5) { return 0; } | 1061 | if ($keyword eq "KRB5" && $no_krb5) { return 0; } |
| 1062 | if ($keyword eq "ENGINE" && $no_engine) { return 0; } | ||
| 1063 | if ($keyword eq "HW" && $no_hw) { return 0; } | ||
| 1055 | if ($keyword eq "FP_API" && $no_fp_api) { return 0; } | 1064 | if ($keyword eq "FP_API" && $no_fp_api) { return 0; } |
| 1056 | 1065 | ||
| 1057 | # Nothing recognise as true | 1066 | # Nothing recognise as true |
diff --git a/src/lib/libssl/src/util/mkerr.pl b/src/lib/libssl/src/util/mkerr.pl index 4105047b21..1b2915c767 100644 --- a/src/lib/libssl/src/util/mkerr.pl +++ b/src/lib/libssl/src/util/mkerr.pl | |||
| @@ -132,16 +132,16 @@ while (($hdr, $lib) = each %libinc) | |||
| 132 | my $name = $1; | 132 | my $name = $1; |
| 133 | $name =~ tr/[a-z]/[A-Z]/; | 133 | $name =~ tr/[a-z]/[A-Z]/; |
| 134 | $ftrans{$name} = $1; | 134 | $ftrans{$name} = $1; |
| 135 | } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s){ | 135 | } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s){ |
| 136 | # K&R C | 136 | # K&R C |
| 137 | next ; | 137 | next ; |
| 138 | } elsif (/\w+\W+\w+\W*\(.*\)$/s) { | 138 | } elsif (/\w+\W+\w+\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 139 | while (not /\(\)$/s) { | 139 | while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) { |
| 140 | s/[^\(\)]*\)$/\)/s; | 140 | s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 141 | s/\([^\(\)]*\)\)$/\)/s; | 141 | s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s; |
| 142 | } | 142 | } |
| 143 | s/\(void\)//; | 143 | s/\(void\)//; |
| 144 | /(\w+)\W*\(\)/s; | 144 | /(\w+(\{[0-9]+\})?)\W*\(\)/s; |
| 145 | my $name = $1; | 145 | my $name = $1; |
| 146 | $name =~ tr/[a-z]/[A-Z]/; | 146 | $name =~ tr/[a-z]/[A-Z]/; |
| 147 | $ftrans{$name} = $1; | 147 | $ftrans{$name} = $1; |
| @@ -262,7 +262,7 @@ foreach $lib (keys %csrc) | |||
| 262 | } else { | 262 | } else { |
| 263 | push @out, | 263 | push @out, |
| 264 | "/* ====================================================================\n", | 264 | "/* ====================================================================\n", |
| 265 | " * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.\n", | 265 | " * Copyright (c) 2001-2003 The OpenSSL Project. All rights reserved.\n", |
| 266 | " *\n", | 266 | " *\n", |
| 267 | " * Redistribution and use in source and binary forms, with or without\n", | 267 | " * Redistribution and use in source and binary forms, with or without\n", |
| 268 | " * modification, are permitted provided that the following conditions\n", | 268 | " * modification, are permitted provided that the following conditions\n", |
| @@ -404,7 +404,7 @@ EOF | |||
| 404 | print OUT <<"EOF"; | 404 | print OUT <<"EOF"; |
| 405 | /* $cfile */ | 405 | /* $cfile */ |
| 406 | /* ==================================================================== | 406 | /* ==================================================================== |
| 407 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. | 407 | * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. |
| 408 | * | 408 | * |
| 409 | * Redistribution and use in source and binary forms, with or without | 409 | * Redistribution and use in source and binary forms, with or without |
| 410 | * modification, are permitted provided that the following conditions | 410 | * modification, are permitted provided that the following conditions |
diff --git a/src/lib/libssl/src/util/pl/BC-32.pl b/src/lib/libssl/src/util/pl/BC-32.pl index bd7a9d9301..e83b336190 100644 --- a/src/lib/libssl/src/util/pl/BC-32.pl +++ b/src/lib/libssl/src/util/pl/BC-32.pl | |||
| @@ -51,9 +51,9 @@ $lfile=''; | |||
| 51 | $shlib_ex_obj=""; | 51 | $shlib_ex_obj=""; |
| 52 | $app_ex_obj="c0x32.obj"; | 52 | $app_ex_obj="c0x32.obj"; |
| 53 | 53 | ||
| 54 | $asm='nasmw'; | 54 | $asm='nasmw -f obj'; |
| 55 | $asm.=" /Zi" if $debug; | 55 | $asm.=" /Zi" if $debug; |
| 56 | $afile='-f obj -o'; | 56 | $afile='-o'; |
| 57 | 57 | ||
| 58 | $bn_mulw_obj=''; | 58 | $bn_mulw_obj=''; |
| 59 | $bn_mulw_src=''; | 59 | $bn_mulw_src=''; |
diff --git a/src/lib/libssl/src/util/pl/Mingw32.pl b/src/lib/libssl/src/util/pl/Mingw32.pl index 45ab685974..043a3a53ee 100644 --- a/src/lib/libssl/src/util/pl/Mingw32.pl +++ b/src/lib/libssl/src/util/pl/Mingw32.pl | |||
| @@ -1,17 +1,17 @@ | |||
| 1 | #!/usr/local/bin/perl | 1 | #!/usr/local/bin/perl |
| 2 | # | 2 | # |
| 3 | # Mingw32.pl -- Mingw32 with GNU cp (Mingw32f.pl uses DOS tools) | 3 | # Mingw32.pl -- Mingw |
| 4 | # | 4 | # |
| 5 | 5 | ||
| 6 | $o='/'; | 6 | $o='/'; |
| 7 | $cp='cp'; | 7 | $cp='cp'; |
| 8 | $rm='rem'; # use 'rm -f' if using GNU file utilities | 8 | $rm='rm -f'; |
| 9 | $mkdir='gmkdir'; | 9 | $mkdir='gmkdir'; |
| 10 | 10 | ||
| 11 | # gcc wouldn't accept backslashes in paths | 11 | $o='\\'; |
| 12 | #$o='\\'; | 12 | $cp='copy'; |
| 13 | #$cp='copy'; | 13 | $rm='del'; |
| 14 | #$rm='del'; | 14 | $mkdir='mkdir'; |
| 15 | 15 | ||
| 16 | # C compiler stuff | 16 | # C compiler stuff |
| 17 | 17 | ||
| @@ -19,29 +19,29 @@ $cc='gcc'; | |||
| 19 | if ($debug) | 19 | if ($debug) |
| 20 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } | 20 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } |
| 21 | else | 21 | else |
| 22 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; } | 22 | { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; } |
| 23 | 23 | ||
| 24 | if ($gaswin and !$no_asm) | 24 | if ($gaswin and !$no_asm) |
| 25 | { | 25 | { |
| 26 | $bn_asm_obj='$(OBJ_D)/bn-win32.o'; | 26 | $bn_asm_obj='$(OBJ_D)\bn-win32.o'; |
| 27 | $bn_asm_src='crypto/bn/asm/bn-win32.s'; | 27 | $bn_asm_src='crypto/bn/asm/bn-win32.s'; |
| 28 | $bnco_asm_obj='$(OBJ_D)/co-win32.o'; | 28 | $bnco_asm_obj='$(OBJ_D)\co-win32.o'; |
| 29 | $bnco_asm_src='crypto/bn/asm/co-win32.s'; | 29 | $bnco_asm_src='crypto/bn/asm/co-win32.s'; |
| 30 | $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o'; | 30 | $des_enc_obj='$(OBJ_D)\d-win32.o $(OBJ_D)\y-win32.o'; |
| 31 | $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s'; | 31 | $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s'; |
| 32 | $bf_enc_obj='$(OBJ_D)/b-win32.o'; | 32 | $bf_enc_obj='$(OBJ_D)\b-win32.o'; |
| 33 | $bf_enc_src='crypto/bf/asm/b-win32.s'; | 33 | $bf_enc_src='crypto/bf/asm/b-win32.s'; |
| 34 | # $cast_enc_obj='$(OBJ_D)/c-win32.o'; | 34 | # $cast_enc_obj='$(OBJ_D)\c-win32.o'; |
| 35 | # $cast_enc_src='crypto/cast/asm/c-win32.s'; | 35 | # $cast_enc_src='crypto/cast/asm/c-win32.s'; |
| 36 | $rc4_enc_obj='$(OBJ_D)/r4-win32.o'; | 36 | $rc4_enc_obj='$(OBJ_D)\r4-win32.o'; |
| 37 | $rc4_enc_src='crypto/rc4/asm/r4-win32.s'; | 37 | $rc4_enc_src='crypto/rc4/asm/r4-win32.s'; |
| 38 | $rc5_enc_obj='$(OBJ_D)/r5-win32.o'; | 38 | $rc5_enc_obj='$(OBJ_D)\r5-win32.o'; |
| 39 | $rc5_enc_src='crypto/rc5/asm/r5-win32.s'; | 39 | $rc5_enc_src='crypto/rc5/asm/r5-win32.s'; |
| 40 | $md5_asm_obj='$(OBJ_D)/m5-win32.o'; | 40 | $md5_asm_obj='$(OBJ_D)\m5-win32.o'; |
| 41 | $md5_asm_src='crypto/md5/asm/m5-win32.s'; | 41 | $md5_asm_src='crypto/md5/asm/m5-win32.s'; |
| 42 | $rmd160_asm_obj='$(OBJ_D)/rm-win32.o'; | 42 | $rmd160_asm_obj='$(OBJ_D)\rm-win32.o'; |
| 43 | $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; | 43 | $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s'; |
| 44 | $sha1_asm_obj='$(OBJ_D)/s1-win32.o'; | 44 | $sha1_asm_obj='$(OBJ_D)\s1-win32.o'; |
| 45 | $sha1_asm_src='crypto/sha/asm/s1-win32.s'; | 45 | $sha1_asm_src='crypto/sha/asm/s1-win32.s'; |
| 46 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; | 46 | $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; |
| 47 | } | 47 | } |
diff --git a/src/lib/libssl/src/util/pl/VC-32.pl b/src/lib/libssl/src/util/pl/VC-32.pl index d6e3a11530..285990c589 100644 --- a/src/lib/libssl/src/util/pl/VC-32.pl +++ b/src/lib/libssl/src/util/pl/VC-32.pl | |||
| @@ -91,7 +91,7 @@ if ($shlib) | |||
| 91 | { | 91 | { |
| 92 | $mlflags.=" $lflags /dll"; | 92 | $mlflags.=" $lflags /dll"; |
| 93 | # $cflags =~ s| /MD| /MT|; | 93 | # $cflags =~ s| /MD| /MT|; |
| 94 | $lib_cflag=" -D_WINDLL -D_DLL"; | 94 | $lib_cflag=" -D_WINDLL"; |
| 95 | $out_def="out32dll"; | 95 | $out_def="out32dll"; |
| 96 | $tmp_def="tmp32dll"; | 96 | $tmp_def="tmp32dll"; |
| 97 | } | 97 | } |
diff --git a/src/lib/libssl/src/util/ssleay.num b/src/lib/libssl/src/util/ssleay.num index fdea47205d..46e38a131f 100644 --- a/src/lib/libssl/src/util/ssleay.num +++ b/src/lib/libssl/src/util/ssleay.num | |||
| @@ -169,7 +169,7 @@ SSL_add_file_cert_subjects_to_stack 185 EXIST:!VMS:FUNCTION:STDIO | |||
| 169 | SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO | 169 | SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO |
| 170 | SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA | 170 | SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA |
| 171 | SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH | 171 | SSL_set_tmp_dh_callback 187 EXIST::FUNCTION:DH |
| 172 | SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS,!WIN32:FUNCTION:STDIO | 172 | SSL_add_dir_cert_subjects_to_stack 188 EXIST:!VMS:FUNCTION:STDIO |
| 173 | SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: | 173 | SSL_add_dir_cert_subjs_to_stk 188 NOEXIST::FUNCTION: |
| 174 | SSL_set_session_id_context 189 EXIST::FUNCTION: | 174 | SSL_set_session_id_context 189 EXIST::FUNCTION: |
| 175 | SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO | 175 | SSL_CTX_use_certificate_chain_file 222 EXIST:!VMS:FUNCTION:STDIO |
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index e9d1e896d7..4ae8458259 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -204,6 +204,22 @@ extern "C" { | |||
| 204 | 204 | ||
| 205 | /* VRS Additional Kerberos5 entries | 205 | /* VRS Additional Kerberos5 entries |
| 206 | */ | 206 | */ |
| 207 | #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA | ||
| 208 | #define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA | ||
| 209 | #define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA | ||
| 210 | #define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA | ||
| 211 | #define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 | ||
| 212 | #define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 | ||
| 213 | #define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5 | ||
| 214 | #define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5 | ||
| 215 | |||
| 216 | #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA | ||
| 217 | #define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA | ||
| 218 | #define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA | ||
| 219 | #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 | ||
| 220 | #define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5 | ||
| 221 | #define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5 | ||
| 222 | |||
| 207 | #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA | 223 | #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA |
| 208 | #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 | 224 | #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 |
| 209 | #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA | 225 | #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA |
| @@ -299,9 +315,7 @@ extern "C" { | |||
| 299 | #include <openssl/crypto.h> | 315 | #include <openssl/crypto.h> |
| 300 | #include <openssl/lhash.h> | 316 | #include <openssl/lhash.h> |
| 301 | #include <openssl/buffer.h> | 317 | #include <openssl/buffer.h> |
| 302 | #include <openssl/bio.h> | ||
| 303 | #include <openssl/pem.h> | 318 | #include <openssl/pem.h> |
| 304 | #include <openssl/x509.h> | ||
| 305 | 319 | ||
| 306 | #ifdef __cplusplus | 320 | #ifdef __cplusplus |
| 307 | extern "C" { | 321 | extern "C" { |
| @@ -507,6 +521,8 @@ typedef struct ssl_session_st | |||
| 507 | /* Never bother the application with retries if the transport | 521 | /* Never bother the application with retries if the transport |
| 508 | * is blocking: */ | 522 | * is blocking: */ |
| 509 | #define SSL_MODE_AUTO_RETRY 0x00000004L | 523 | #define SSL_MODE_AUTO_RETRY 0x00000004L |
| 524 | /* Don't attempt to automatically build certificate chain */ | ||
| 525 | #define SSL_MODE_NO_AUTO_CHAIN 0x00000008L | ||
| 510 | 526 | ||
| 511 | 527 | ||
| 512 | /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, | 528 | /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, |
| @@ -704,10 +720,11 @@ struct ssl_ctx_st | |||
| 704 | #define SSL_SESS_CACHE_SERVER 0x0002 | 720 | #define SSL_SESS_CACHE_SERVER 0x0002 |
| 705 | #define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) | 721 | #define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) |
| 706 | #define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 | 722 | #define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 |
| 707 | /* This one, when set, makes the server session-id lookup not look | 723 | /* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ |
| 708 | * in the cache. If there is an application get_session callback | ||
| 709 | * defined, this will still get called. */ | ||
| 710 | #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 | 724 | #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 |
| 725 | #define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 | ||
| 726 | #define SSL_SESS_CACHE_NO_INTERNAL \ | ||
| 727 | (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE) | ||
| 711 | 728 | ||
| 712 | struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); | 729 | struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); |
| 713 | #define SSL_CTX_sess_number(ctx) \ | 730 | #define SSL_CTX_sess_number(ctx) \ |
| @@ -1212,14 +1229,12 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM t | |||
| 1212 | STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); | 1229 | STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); |
| 1213 | int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, | 1230 | int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, |
| 1214 | const char *file); | 1231 | const char *file); |
| 1215 | #ifndef OPENSSL_SYS_WIN32 | ||
| 1216 | #ifndef OPENSSL_SYS_VMS | 1232 | #ifndef OPENSSL_SYS_VMS |
| 1217 | #ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */ | 1233 | #ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */ |
| 1218 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, | 1234 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, |
| 1219 | const char *dir); | 1235 | const char *dir); |
| 1220 | #endif | 1236 | #endif |
| 1221 | #endif | 1237 | #endif |
| 1222 | #endif | ||
| 1223 | 1238 | ||
| 1224 | #endif | 1239 | #endif |
| 1225 | 1240 | ||
| @@ -1688,6 +1703,7 @@ void ERR_load_SSL_strings(void); | |||
| 1688 | #define SSL_R_LENGTH_TOO_SHORT 160 | 1703 | #define SSL_R_LENGTH_TOO_SHORT 160 |
| 1689 | #define SSL_R_LIBRARY_BUG 274 | 1704 | #define SSL_R_LIBRARY_BUG 274 |
| 1690 | #define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 | 1705 | #define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 |
| 1706 | #define SSL_R_MASTER_KEY_TOO_LONG 1112 | ||
| 1691 | #define SSL_R_MESSAGE_TOO_LONG 1111 | 1707 | #define SSL_R_MESSAGE_TOO_LONG 1111 |
| 1692 | #define SSL_R_MISSING_DH_DSA_CERT 162 | 1708 | #define SSL_R_MISSING_DH_DSA_CERT 162 |
| 1693 | #define SSL_R_MISSING_DH_KEY 163 | 1709 | #define SSL_R_MISSING_DH_KEY 163 |
diff --git a/src/lib/libssl/ssl/shlib_version b/src/lib/libssl/ssl/shlib_version index 5b844bbf42..d0f0988b41 100644 --- a/src/lib/libssl/ssl/shlib_version +++ b/src/lib/libssl/ssl/shlib_version | |||
| @@ -1,2 +1,2 @@ | |||
| 1 | major=7 | 1 | major=8 |
| 2 | minor=0 | 2 | minor=0 |
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h index 8fd6951d77..1153aeda74 100644 --- a/src/lib/libssl/ssl3.h +++ b/src/lib/libssl/ssl3.h | |||
| @@ -156,23 +156,29 @@ extern "C" { | |||
| 156 | 156 | ||
| 157 | #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C | 157 | #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C |
| 158 | #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D | 158 | #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D |
| 159 | #if 0 /* Because it clashes with KRB5, is never used any more, and is safe | ||
| 160 | to remove according to David Hopwood <david.hopwood@zetnet.co.uk> | ||
| 161 | of the ietf-tls list */ | ||
| 159 | #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E | 162 | #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E |
| 163 | #endif | ||
| 160 | 164 | ||
| 161 | /* VRS Additional Kerberos5 entries | 165 | /* VRS Additional Kerberos5 entries |
| 162 | */ | 166 | */ |
| 163 | #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 | 167 | #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E |
| 164 | #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 | 168 | #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F |
| 165 | #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 | 169 | #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 |
| 166 | #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 | 170 | #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 |
| 167 | #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 | 171 | #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 |
| 168 | #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 | 172 | #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 |
| 169 | 173 | #define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 | |
| 170 | #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" | 174 | #define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025 |
| 171 | #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" | 175 | |
| 172 | #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" | 176 | #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 |
| 173 | #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" | 177 | #define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 |
| 174 | #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" | 178 | #define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 |
| 175 | #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" | 179 | #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 |
| 180 | #define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A | ||
| 181 | #define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B | ||
| 176 | 182 | ||
| 177 | #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" | 183 | #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" |
| 178 | #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" | 184 | #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" |
| @@ -209,6 +215,22 @@ extern "C" { | |||
| 209 | #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" | 215 | #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" |
| 210 | #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" | 216 | #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" |
| 211 | 217 | ||
| 218 | #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" | ||
| 219 | #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" | ||
| 220 | #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" | ||
| 221 | #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" | ||
| 222 | #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" | ||
| 223 | #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" | ||
| 224 | #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" | ||
| 225 | #define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" | ||
| 226 | |||
| 227 | #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" | ||
| 228 | #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" | ||
| 229 | #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" | ||
| 230 | #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" | ||
| 231 | #define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" | ||
| 232 | #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" | ||
| 233 | |||
| 212 | #define SSL3_SSL_SESSION_ID_LENGTH 32 | 234 | #define SSL3_SSL_SESSION_ID_LENGTH 32 |
| 213 | #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 | 235 | #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 |
| 214 | 236 | ||
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c index 23bfe44e21..d8ff8fc4a3 100644 --- a/src/lib/libssl/ssl_asn1.c +++ b/src/lib/libssl/ssl_asn1.c | |||
| @@ -298,6 +298,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, | |||
| 298 | os.length = sizeof ret->session_id; | 298 | os.length = sizeof ret->session_id; |
| 299 | 299 | ||
| 300 | ret->session_id_length=os.length; | 300 | ret->session_id_length=os.length; |
| 301 | OPENSSL_assert(os.length <= sizeof ret->session_id); | ||
| 301 | memcpy(ret->session_id,os.data,os.length); | 302 | memcpy(ret->session_id,os.data,os.length); |
| 302 | 303 | ||
| 303 | M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); | 304 | M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); |
| @@ -369,9 +370,15 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, | |||
| 369 | if(os.data != NULL) | 370 | if(os.data != NULL) |
| 370 | { | 371 | { |
| 371 | if (os.length > SSL_MAX_SID_CTX_LENGTH) | 372 | if (os.length > SSL_MAX_SID_CTX_LENGTH) |
| 373 | { | ||
| 374 | ret->sid_ctx_length=os.length; | ||
| 372 | SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); | 375 | SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); |
| 373 | ret->sid_ctx_length=os.length; | 376 | } |
| 374 | memcpy(ret->sid_ctx,os.data,os.length); | 377 | else |
| 378 | { | ||
| 379 | ret->sid_ctx_length=os.length; | ||
| 380 | memcpy(ret->sid_ctx,os.data,os.length); | ||
| 381 | } | ||
| 375 | OPENSSL_free(os.data); os.data=NULL; os.length=0; | 382 | OPENSSL_free(os.data); os.data=NULL; os.length=0; |
| 376 | } | 383 | } |
| 377 | else | 384 | else |
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index 3d31bbf05f..da90078a37 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -781,7 +781,7 @@ err: | |||
| 781 | #endif | 781 | #endif |
| 782 | #endif | 782 | #endif |
| 783 | 783 | ||
| 784 | #else | 784 | #else /* OPENSSL_SYS_WIN32 */ |
| 785 | 785 | ||
| 786 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | 786 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, |
| 787 | const char *dir) | 787 | const char *dir) |
| @@ -789,10 +789,30 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | |||
| 789 | WIN32_FIND_DATA FindFileData; | 789 | WIN32_FIND_DATA FindFileData; |
| 790 | HANDLE hFind; | 790 | HANDLE hFind; |
| 791 | int ret = 0; | 791 | int ret = 0; |
| 792 | #ifdef OPENSSL_SYS_WINCE | ||
| 793 | WCHAR* wdir = NULL; | ||
| 794 | #endif | ||
| 792 | 795 | ||
| 793 | CRYPTO_w_lock(CRYPTO_LOCK_READDIR); | 796 | CRYPTO_w_lock(CRYPTO_LOCK_READDIR); |
| 794 | 797 | ||
| 798 | #ifdef OPENSSL_SYS_WINCE | ||
| 799 | /* convert strings to UNICODE */ | ||
| 800 | { | ||
| 801 | BOOL result = FALSE; | ||
| 802 | int i; | ||
| 803 | wdir = malloc((strlen(dir)+1)*2); | ||
| 804 | if (wdir == NULL) | ||
| 805 | goto err_noclose; | ||
| 806 | for (i=0; i<(int)strlen(dir)+1; i++) | ||
| 807 | wdir[i] = (short)dir[i]; | ||
| 808 | } | ||
| 809 | #endif | ||
| 810 | |||
| 811 | #ifdef OPENSSL_SYS_WINCE | ||
| 812 | hFind = FindFirstFile(wdir, &FindFileData); | ||
| 813 | #else | ||
| 795 | hFind = FindFirstFile(dir, &FindFileData); | 814 | hFind = FindFirstFile(dir, &FindFileData); |
| 815 | #endif | ||
| 796 | /* Note that a side effect is that the CAs will be sorted by name */ | 816 | /* Note that a side effect is that the CAs will be sorted by name */ |
| 797 | if(hFind == INVALID_HANDLE_VALUE) | 817 | if(hFind == INVALID_HANDLE_VALUE) |
| 798 | { | 818 | { |
| @@ -807,7 +827,11 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | |||
| 807 | char buf[1024]; | 827 | char buf[1024]; |
| 808 | int r; | 828 | int r; |
| 809 | 829 | ||
| 830 | #ifdef OPENSSL_SYS_WINCE | ||
| 831 | if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf) | ||
| 832 | #else | ||
| 810 | if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf) | 833 | if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf) |
| 834 | #endif | ||
| 811 | { | 835 | { |
| 812 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); | 836 | SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); |
| 813 | goto err; | 837 | goto err; |
| @@ -825,6 +849,10 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, | |||
| 825 | err: | 849 | err: |
| 826 | FindClose(hFind); | 850 | FindClose(hFind); |
| 827 | err_noclose: | 851 | err_noclose: |
| 852 | #ifdef OPENSSL_SYS_WINCE | ||
| 853 | if (wdir != NULL) | ||
| 854 | free(wdir); | ||
| 855 | #endif | ||
| 828 | CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); | 856 | CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); |
| 829 | return ret; | 857 | return ret; |
| 830 | } | 858 | } |
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index df48245b2c..438d9eacbb 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c | |||
| @@ -674,13 +674,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str, | |||
| 674 | * So additionally check whether the cipher name found | 674 | * So additionally check whether the cipher name found |
| 675 | * has the correct length. We can save a strlen() call: | 675 | * has the correct length. We can save a strlen() call: |
| 676 | * just checking for the '\0' at the right place is | 676 | * just checking for the '\0' at the right place is |
| 677 | * sufficient, we have to strncmp() anyway. | 677 | * sufficient, we have to strncmp() anyway. (We cannot |
| 678 | * use strcmp(), because buf is not '\0' terminated.) | ||
| 678 | */ | 679 | */ |
| 679 | j = found = 0; | 680 | j = found = 0; |
| 680 | while (ca_list[j]) | 681 | while (ca_list[j]) |
| 681 | { | 682 | { |
| 682 | if ((ca_list[j]->name[buflen] == '\0') && | 683 | if (!strncmp(buf, ca_list[j]->name, buflen) && |
| 683 | !strncmp(buf, ca_list[j]->name, buflen)) | 684 | (ca_list[j]->name[buflen] == '\0')) |
| 684 | { | 685 | { |
| 685 | found = 1; | 686 | found = 1; |
| 686 | break; | 687 | break; |
| @@ -757,7 +758,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, | |||
| 757 | */ | 758 | */ |
| 758 | if (rule_str == NULL) return(NULL); | 759 | if (rule_str == NULL) return(NULL); |
| 759 | 760 | ||
| 760 | if (init_ciphers) load_ciphers(); | 761 | if (init_ciphers) |
| 762 | { | ||
| 763 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); | ||
| 764 | if (init_ciphers) load_ciphers(); | ||
| 765 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); | ||
| 766 | } | ||
| 761 | 767 | ||
| 762 | /* | 768 | /* |
| 763 | * To reduce the work to do we only want to process the compiled | 769 | * To reduce the work to do we only want to process the compiled |
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c index 7067a745f3..d2cb181503 100644 --- a/src/lib/libssl/ssl_err.c +++ b/src/lib/libssl/ssl_err.c | |||
| @@ -296,6 +296,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= | |||
| 296 | {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, | 296 | {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, |
| 297 | {SSL_R_LIBRARY_BUG ,"library bug"}, | 297 | {SSL_R_LIBRARY_BUG ,"library bug"}, |
| 298 | {SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, | 298 | {SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, |
| 299 | {SSL_R_MASTER_KEY_TOO_LONG ,"master key too long"}, | ||
| 299 | {SSL_R_MESSAGE_TOO_LONG ,"message too long"}, | 300 | {SSL_R_MESSAGE_TOO_LONG ,"message too long"}, |
| 300 | {SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, | 301 | {SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, |
| 301 | {SSL_R_MISSING_DH_KEY ,"missing dh key"}, | 302 | {SSL_R_MISSING_DH_KEY ,"missing dh key"}, |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 4bc4ce5b3a..8701fb33ca 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -273,6 +273,7 @@ SSL *SSL_new(SSL_CTX *ctx) | |||
| 273 | s->verify_mode=ctx->verify_mode; | 273 | s->verify_mode=ctx->verify_mode; |
| 274 | s->verify_depth=ctx->verify_depth; | 274 | s->verify_depth=ctx->verify_depth; |
| 275 | s->sid_ctx_length=ctx->sid_ctx_length; | 275 | s->sid_ctx_length=ctx->sid_ctx_length; |
| 276 | OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx); | ||
| 276 | memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx)); | 277 | memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx)); |
| 277 | s->verify_callback=ctx->default_verify_callback; | 278 | s->verify_callback=ctx->default_verify_callback; |
| 278 | s->generate_session_id=ctx->generate_session_id; | 279 | s->generate_session_id=ctx->generate_session_id; |
| @@ -314,7 +315,7 @@ err: | |||
| 314 | int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx, | 315 | int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx, |
| 315 | unsigned int sid_ctx_len) | 316 | unsigned int sid_ctx_len) |
| 316 | { | 317 | { |
| 317 | if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) | 318 | if(sid_ctx_len > sizeof ctx->sid_ctx) |
| 318 | { | 319 | { |
| 319 | SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); | 320 | SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); |
| 320 | return 0; | 321 | return 0; |
| @@ -364,6 +365,10 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, | |||
| 364 | * any new session built out of this id/id_len and the ssl_version in | 365 | * any new session built out of this id/id_len and the ssl_version in |
| 365 | * use by this SSL. */ | 366 | * use by this SSL. */ |
| 366 | SSL_SESSION r, *p; | 367 | SSL_SESSION r, *p; |
| 368 | |||
| 369 | if(id_len > sizeof r.session_id) | ||
| 370 | return 0; | ||
| 371 | |||
| 367 | r.ssl_version = ssl->version; | 372 | r.ssl_version = ssl->version; |
| 368 | r.session_id_length = id_len; | 373 | r.session_id_length = id_len; |
| 369 | memcpy(r.session_id, id, id_len); | 374 | memcpy(r.session_id, id, id_len); |
| @@ -1063,14 +1068,17 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, | |||
| 1063 | * preference */ | 1068 | * preference */ |
| 1064 | STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) | 1069 | STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) |
| 1065 | { | 1070 | { |
| 1066 | if ((s != NULL) && (s->cipher_list != NULL)) | 1071 | if (s != NULL) |
| 1067 | { | ||
| 1068 | return(s->cipher_list); | ||
| 1069 | } | ||
| 1070 | else if ((s->ctx != NULL) && | ||
| 1071 | (s->ctx->cipher_list != NULL)) | ||
| 1072 | { | 1072 | { |
| 1073 | return(s->ctx->cipher_list); | 1073 | if (s->cipher_list != NULL) |
| 1074 | { | ||
| 1075 | return(s->cipher_list); | ||
| 1076 | } | ||
| 1077 | else if ((s->ctx != NULL) && | ||
| 1078 | (s->ctx->cipher_list != NULL)) | ||
| 1079 | { | ||
| 1080 | return(s->ctx->cipher_list); | ||
| 1081 | } | ||
| 1074 | } | 1082 | } |
| 1075 | return(NULL); | 1083 | return(NULL); |
| 1076 | } | 1084 | } |
| @@ -1079,14 +1087,17 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) | |||
| 1079 | * algorithm id */ | 1087 | * algorithm id */ |
| 1080 | STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) | 1088 | STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) |
| 1081 | { | 1089 | { |
| 1082 | if ((s != NULL) && (s->cipher_list_by_id != NULL)) | 1090 | if (s != NULL) |
| 1083 | { | ||
| 1084 | return(s->cipher_list_by_id); | ||
| 1085 | } | ||
| 1086 | else if ((s != NULL) && (s->ctx != NULL) && | ||
| 1087 | (s->ctx->cipher_list_by_id != NULL)) | ||
| 1088 | { | 1091 | { |
| 1089 | return(s->ctx->cipher_list_by_id); | 1092 | if (s->cipher_list_by_id != NULL) |
| 1093 | { | ||
| 1094 | return(s->cipher_list_by_id); | ||
| 1095 | } | ||
| 1096 | else if ((s->ctx != NULL) && | ||
| 1097 | (s->ctx->cipher_list_by_id != NULL)) | ||
| 1098 | { | ||
| 1099 | return(s->ctx->cipher_list_by_id); | ||
| 1100 | } | ||
| 1090 | } | 1101 | } |
| 1091 | return(NULL); | 1102 | return(NULL); |
| 1092 | } | 1103 | } |
| @@ -1652,7 +1663,7 @@ void ssl_update_cache(SSL *s,int mode) | |||
| 1652 | 1663 | ||
| 1653 | i=s->ctx->session_cache_mode; | 1664 | i=s->ctx->session_cache_mode; |
| 1654 | if ((i & mode) && (!s->hit) | 1665 | if ((i & mode) && (!s->hit) |
| 1655 | && ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) | 1666 | && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) |
| 1656 | || SSL_CTX_add_session(s->ctx,s->session)) | 1667 | || SSL_CTX_add_session(s->ctx,s->session)) |
| 1657 | && (s->ctx->new_session_cb != NULL)) | 1668 | && (s->ctx->new_session_cb != NULL)) |
| 1658 | { | 1669 | { |
| @@ -1884,6 +1895,7 @@ SSL *SSL_dup(SSL *s) | |||
| 1884 | * they should not both point to the same object, | 1895 | * they should not both point to the same object, |
| 1885 | * and thus we can't use SSL_copy_session_id. */ | 1896 | * and thus we can't use SSL_copy_session_id. */ |
| 1886 | 1897 | ||
| 1898 | ret->method->ssl_free(ret); | ||
| 1887 | ret->method = s->method; | 1899 | ret->method = s->method; |
| 1888 | ret->method->ssl_new(ret); | 1900 | ret->method->ssl_new(ret); |
| 1889 | 1901 | ||
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 664f8c2230..a505e388fb 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -308,9 +308,12 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) | |||
| 308 | if (copy) | 308 | if (copy) |
| 309 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | 309 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); |
| 310 | 310 | ||
| 311 | /* The following should not return 1, otherwise, | 311 | /* Add the externally cached session to the internal |
| 312 | * things are very strange */ | 312 | * cache as well if and only if we are supposed to. */ |
| 313 | SSL_CTX_add_session(s->ctx,ret); | 313 | if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE)) |
| 314 | /* The following should not return 1, otherwise, | ||
| 315 | * things are very strange */ | ||
| 316 | SSL_CTX_add_session(s->ctx,ret); | ||
| 314 | } | 317 | } |
| 315 | if (ret == NULL) | 318 | if (ret == NULL) |
| 316 | goto err; | 319 | goto err; |
| @@ -524,13 +527,13 @@ void SSL_SESSION_free(SSL_SESSION *ss) | |||
| 524 | 527 | ||
| 525 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); | 528 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
| 526 | 529 | ||
| 527 | memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); | 530 | OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg); |
| 528 | memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); | 531 | OPENSSL_cleanse(ss->master_key,sizeof ss->master_key); |
| 529 | memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); | 532 | OPENSSL_cleanse(ss->session_id,sizeof ss->session_id); |
| 530 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); | 533 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); |
| 531 | if (ss->peer != NULL) X509_free(ss->peer); | 534 | if (ss->peer != NULL) X509_free(ss->peer); |
| 532 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); | 535 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); |
| 533 | memset(ss,0,sizeof(*ss)); | 536 | OPENSSL_cleanse(ss,sizeof(*ss)); |
| 534 | OPENSSL_free(ss); | 537 | OPENSSL_free(ss); |
| 535 | } | 538 | } |
| 536 | 539 | ||
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c index 9ad518f9f4..57205fb429 100644 --- a/src/lib/libssl/t1_clnt.c +++ b/src/lib/libssl/t1_clnt.c | |||
| @@ -79,11 +79,18 @@ SSL_METHOD *TLSv1_client_method(void) | |||
| 79 | 79 | ||
| 80 | if (init) | 80 | if (init) |
| 81 | { | 81 | { |
| 82 | memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(), | 82 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 83 | sizeof(SSL_METHOD)); | 83 | |
| 84 | TLSv1_client_data.ssl_connect=ssl3_connect; | 84 | if (init) |
| 85 | TLSv1_client_data.get_ssl_method=tls1_get_client_method; | 85 | { |
| 86 | init=0; | 86 | memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(), |
| 87 | sizeof(SSL_METHOD)); | ||
| 88 | TLSv1_client_data.ssl_connect=ssl3_connect; | ||
| 89 | TLSv1_client_data.get_ssl_method=tls1_get_client_method; | ||
| 90 | init=0; | ||
| 91 | } | ||
| 92 | |||
| 93 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 87 | } | 94 | } |
| 88 | return(&TLSv1_client_data); | 95 | return(&TLSv1_client_data); |
| 89 | } | 96 | } |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 5290bf6665..271e247eea 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -124,7 +124,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 124 | unsigned int j; | 124 | unsigned int j; |
| 125 | HMAC_CTX ctx; | 125 | HMAC_CTX ctx; |
| 126 | HMAC_CTX ctx_tmp; | 126 | HMAC_CTX ctx_tmp; |
| 127 | unsigned char A1[HMAC_MAX_MD_CBLOCK]; | 127 | unsigned char A1[EVP_MAX_MD_SIZE]; |
| 128 | unsigned int A1_len; | 128 | unsigned int A1_len; |
| 129 | 129 | ||
| 130 | chunk=EVP_MD_size(md); | 130 | chunk=EVP_MD_size(md); |
| @@ -161,7 +161,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 161 | } | 161 | } |
| 162 | HMAC_CTX_cleanup(&ctx); | 162 | HMAC_CTX_cleanup(&ctx); |
| 163 | HMAC_CTX_cleanup(&ctx_tmp); | 163 | HMAC_CTX_cleanup(&ctx_tmp); |
| 164 | memset(A1,0,sizeof(A1)); | 164 | OPENSSL_cleanse(A1,sizeof(A1)); |
| 165 | } | 165 | } |
| 166 | 166 | ||
| 167 | static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, | 167 | static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, |
| @@ -418,10 +418,10 @@ printf("\niv="); | |||
| 418 | printf("\n"); | 418 | printf("\n"); |
| 419 | #endif | 419 | #endif |
| 420 | 420 | ||
| 421 | memset(tmp1,0,sizeof(tmp1)); | 421 | OPENSSL_cleanse(tmp1,sizeof(tmp1)); |
| 422 | memset(tmp2,0,sizeof(tmp1)); | 422 | OPENSSL_cleanse(tmp2,sizeof(tmp1)); |
| 423 | memset(iv1,0,sizeof(iv1)); | 423 | OPENSSL_cleanse(iv1,sizeof(iv1)); |
| 424 | memset(iv2,0,sizeof(iv2)); | 424 | OPENSSL_cleanse(iv2,sizeof(iv2)); |
| 425 | return(1); | 425 | return(1); |
| 426 | err: | 426 | err: |
| 427 | SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); | 427 | SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); |
| @@ -476,7 +476,7 @@ printf("pre-master\n"); | |||
| 476 | { int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } | 476 | { int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } |
| 477 | #endif | 477 | #endif |
| 478 | tls1_generate_key_block(s,p1,p2,num); | 478 | tls1_generate_key_block(s,p1,p2,num); |
| 479 | memset(p2,0,num); | 479 | OPENSSL_cleanse(p2,num); |
| 480 | OPENSSL_free(p2); | 480 | OPENSSL_free(p2); |
| 481 | #ifdef TLS_DEBUG | 481 | #ifdef TLS_DEBUG |
| 482 | printf("\nkey block\n"); | 482 | printf("\nkey block\n"); |
| @@ -683,10 +683,10 @@ int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, | |||
| 683 | 683 | ||
| 684 | tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), | 684 | tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), |
| 685 | s->session->master_key,s->session->master_key_length, | 685 | s->session->master_key,s->session->master_key_length, |
| 686 | out,buf2,12); | 686 | out,buf2,sizeof buf2); |
| 687 | EVP_MD_CTX_cleanup(&ctx); | 687 | EVP_MD_CTX_cleanup(&ctx); |
| 688 | 688 | ||
| 689 | return((int)12); | 689 | return sizeof buf2; |
| 690 | } | 690 | } |
| 691 | 691 | ||
| 692 | int tls1_mac(SSL *ssl, unsigned char *md, int send) | 692 | int tls1_mac(SSL *ssl, unsigned char *md, int send) |
| @@ -773,7 +773,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, | |||
| 773 | s->s3->server_random,SSL3_RANDOM_SIZE); | 773 | s->s3->server_random,SSL3_RANDOM_SIZE); |
| 774 | tls1_PRF(s->ctx->md5,s->ctx->sha1, | 774 | tls1_PRF(s->ctx->md5,s->ctx->sha1, |
| 775 | buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, | 775 | buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, |
| 776 | s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE); | 776 | s->session->master_key,buff,sizeof buff); |
| 777 | #ifdef KSSL_DEBUG | 777 | #ifdef KSSL_DEBUG |
| 778 | printf ("tls1_generate_master_secret() complete\n"); | 778 | printf ("tls1_generate_master_secret() complete\n"); |
| 779 | #endif /* KSSL_DEBUG */ | 779 | #endif /* KSSL_DEBUG */ |
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c index 9bb36a7d1c..fcc243f782 100644 --- a/src/lib/libssl/t1_meth.c +++ b/src/lib/libssl/t1_meth.c | |||
| @@ -76,13 +76,21 @@ SSL_METHOD *TLSv1_method(void) | |||
| 76 | 76 | ||
| 77 | if (init) | 77 | if (init) |
| 78 | { | 78 | { |
| 79 | memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(), | 79 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 80 | sizeof(SSL_METHOD)); | 80 | |
| 81 | TLSv1_data.ssl_connect=ssl3_connect; | 81 | if (init) |
| 82 | TLSv1_data.ssl_accept=ssl3_accept; | 82 | { |
| 83 | TLSv1_data.get_ssl_method=tls1_get_method; | 83 | memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(), |
| 84 | init=0; | 84 | sizeof(SSL_METHOD)); |
| 85 | TLSv1_data.ssl_connect=ssl3_connect; | ||
| 86 | TLSv1_data.ssl_accept=ssl3_accept; | ||
| 87 | TLSv1_data.get_ssl_method=tls1_get_method; | ||
| 88 | init=0; | ||
| 89 | } | ||
| 90 | |||
| 91 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 85 | } | 92 | } |
| 93 | |||
| 86 | return(&TLSv1_data); | 94 | return(&TLSv1_data); |
| 87 | } | 95 | } |
| 88 | 96 | ||
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c index 6e765e587f..1c1149e49f 100644 --- a/src/lib/libssl/t1_srvr.c +++ b/src/lib/libssl/t1_srvr.c | |||
| @@ -80,11 +80,18 @@ SSL_METHOD *TLSv1_server_method(void) | |||
| 80 | 80 | ||
| 81 | if (init) | 81 | if (init) |
| 82 | { | 82 | { |
| 83 | memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(), | 83 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); |
| 84 | sizeof(SSL_METHOD)); | 84 | |
| 85 | TLSv1_server_data.ssl_accept=ssl3_accept; | 85 | if (init) |
| 86 | TLSv1_server_data.get_ssl_method=tls1_get_server_method; | 86 | { |
| 87 | init=0; | 87 | memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(), |
| 88 | sizeof(SSL_METHOD)); | ||
| 89 | TLSv1_server_data.ssl_accept=ssl3_accept; | ||
| 90 | TLSv1_server_data.get_ssl_method=tls1_get_server_method; | ||
| 91 | init=0; | ||
| 92 | } | ||
| 93 | |||
| 94 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 88 | } | 95 | } |
| 89 | return(&TLSv1_server_data); | 96 | return(&TLSv1_server_data); |
| 90 | } | 97 | } |
diff --git a/src/lib/libssl/test/Makefile.ssl b/src/lib/libssl/test/Makefile.ssl index f489332a65..373f17a929 100644 --- a/src/lib/libssl/test/Makefile.ssl +++ b/src/lib/libssl/test/Makefile.ssl | |||
| @@ -15,6 +15,9 @@ MAKE= make -f $(MAKEFILE) | |||
| 15 | MAKEDEPPROG= makedepend | 15 | MAKEDEPPROG= makedepend |
| 16 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | 16 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) |
| 17 | PERL= perl | 17 | PERL= perl |
| 18 | # KRB5 stuff | ||
| 19 | KRB5_INCLUDES= | ||
| 20 | LIBKRB5= | ||
| 18 | 21 | ||
| 19 | PEX_LIBS= | 22 | PEX_LIBS= |
| 20 | EX_LIBS= #-lnsl -lsocket | 23 | EX_LIBS= #-lnsl -lsocket |
| @@ -116,158 +119,162 @@ tags: | |||
| 116 | tests: exe apps $(TESTS) | 119 | tests: exe apps $(TESTS) |
| 117 | 120 | ||
| 118 | apps: | 121 | apps: |
| 119 | @(cd ../apps; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all) | 122 | @(cd ..; $(MAKE) DIRS=apps all) |
| 120 | 123 | ||
| 121 | alltests: | 124 | SET_SO_PATHS=OSSL_LIBPATH="`cd ..; pwd`"; \ |
| 122 | (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; DYLD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \ | 125 | LD_LIBRARY_PATH="$$OSSL_LIBPATH:$$LD_LIBRARY_PATH"; \ |
| 123 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ | 126 | DYLD_LIBRARY_PATH="$$OSSL_LIBPATH:$$DYLD_LIBRARY_PATH"; \ |
| 124 | $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' alltests.chooser) | 127 | SHLIB_PATH="$$OSSL_LIBPATH:$$SHLIB_PATH"; \ |
| 125 | alltests.chooser: \ | 128 | LIBPATH="$$OSSL_LIBPATH:$$LIBPATH"; \ |
| 129 | if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \ | ||
| 130 | export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH | ||
| 131 | |||
| 132 | alltests: \ | ||
| 126 | test_des test_idea test_sha test_md4 test_md5 test_hmac \ | 133 | test_des test_idea test_sha test_md4 test_md5 test_hmac \ |
| 127 | test_md2 test_mdc2 \ | 134 | test_md2 test_mdc2 \ |
| 128 | test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \ | 135 | test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \ |
| 129 | test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \ | 136 | test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \ |
| 130 | test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ | 137 | test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ |
| 131 | test_ss test_ca test_engine test_evp test_ssl | 138 | test_ss test_ca test_engine test_evp test_ssl |
| 132 | 139 | ||
| 133 | test_evp: | 140 | test_evp: |
| 134 | ./$(EVPTEST) evptests.txt | 141 | $(SET_SO_PATHS); ./$(EVPTEST) evptests.txt |
| 135 | 142 | ||
| 136 | test_des: | 143 | test_des: |
| 137 | ./$(DESTEST) | 144 | $(SET_SO_PATHS); ./$(DESTEST) |
| 138 | 145 | ||
| 139 | test_idea: | 146 | test_idea: |
| 140 | ./$(IDEATEST) | 147 | $(SET_SO_PATHS); ./$(IDEATEST) |
| 141 | 148 | ||
| 142 | test_sha: | 149 | test_sha: |
| 143 | ./$(SHATEST) | 150 | $(SET_SO_PATHS); ./$(SHATEST) |
| 144 | ./$(SHA1TEST) | 151 | $(SET_SO_PATHS); ./$(SHA1TEST) |
| 145 | 152 | ||
| 146 | test_mdc2: | 153 | test_mdc2: |
| 147 | ./$(MDC2TEST) | 154 | $(SET_SO_PATHS); ./$(MDC2TEST) |
| 148 | 155 | ||
| 149 | test_md5: | 156 | test_md5: |
| 150 | ./$(MD5TEST) | 157 | $(SET_SO_PATHS); ./$(MD5TEST) |
| 151 | 158 | ||
| 152 | test_md4: | 159 | test_md4: |
| 153 | ./$(MD4TEST) | 160 | $(SET_SO_PATHS); ./$(MD4TEST) |
| 154 | 161 | ||
| 155 | test_hmac: | 162 | test_hmac: |
| 156 | ./$(HMACTEST) | 163 | $(SET_SO_PATHS); ./$(HMACTEST) |
| 157 | 164 | ||
| 158 | test_md2: | 165 | test_md2: |
| 159 | ./$(MD2TEST) | 166 | $(SET_SO_PATHS); ./$(MD2TEST) |
| 160 | 167 | ||
| 161 | test_rmd: | 168 | test_rmd: |
| 162 | ./$(RMDTEST) | 169 | $(SET_SO_PATHS); ./$(RMDTEST) |
| 163 | 170 | ||
| 164 | test_bf: | 171 | test_bf: |
| 165 | ./$(BFTEST) | 172 | $(SET_SO_PATHS); ./$(BFTEST) |
| 166 | 173 | ||
| 167 | test_cast: | 174 | test_cast: |
| 168 | ./$(CASTTEST) | 175 | $(SET_SO_PATHS); ./$(CASTTEST) |
| 169 | 176 | ||
| 170 | test_rc2: | 177 | test_rc2: |
| 171 | ./$(RC2TEST) | 178 | $(SET_SO_PATHS); ./$(RC2TEST) |
| 172 | 179 | ||
| 173 | test_rc4: | 180 | test_rc4: |
| 174 | ./$(RC4TEST) | 181 | $(SET_SO_PATHS); ./$(RC4TEST) |
| 175 | 182 | ||
| 176 | test_rc5: | 183 | test_rc5: |
| 177 | ./$(RC5TEST) | 184 | $(SET_SO_PATHS); ./$(RC5TEST) |
| 178 | 185 | ||
| 179 | test_rand: | 186 | test_rand: |
| 180 | ./$(RANDTEST) | 187 | $(SET_SO_PATHS); ./$(RANDTEST) |
| 181 | 188 | ||
| 182 | test_enc: | 189 | test_enc: |
| 183 | @sh ./testenc | 190 | @$(SET_SO_PATHS); sh ./testenc |
| 184 | 191 | ||
| 185 | test_x509: | 192 | test_x509: |
| 186 | echo test normal x509v1 certificate | 193 | echo test normal x509v1 certificate |
| 187 | sh ./tx509 2>/dev/null | 194 | $(SET_SO_PATHS); sh ./tx509 2>/dev/null |
| 188 | echo test first x509v3 certificate | 195 | echo test first x509v3 certificate |
| 189 | sh ./tx509 v3-cert1.pem 2>/dev/null | 196 | $(SET_SO_PATHS); sh ./tx509 v3-cert1.pem 2>/dev/null |
| 190 | echo test second x509v3 certificate | 197 | echo test second x509v3 certificate |
| 191 | sh ./tx509 v3-cert2.pem 2>/dev/null | 198 | $(SET_SO_PATHS); sh ./tx509 v3-cert2.pem 2>/dev/null |
| 192 | 199 | ||
| 193 | test_rsa: | 200 | test_rsa: |
| 194 | @sh ./trsa 2>/dev/null | 201 | @$(SET_SO_PATHS); sh ./trsa 2>/dev/null |
| 195 | ./$(RSATEST) | 202 | $(SET_SO_PATHS); ./$(RSATEST) |
| 196 | 203 | ||
| 197 | test_crl: | 204 | test_crl: |
| 198 | @sh ./tcrl 2>/dev/null | 205 | @$(SET_SO_PATHS); sh ./tcrl 2>/dev/null |
| 199 | 206 | ||
| 200 | test_sid: | 207 | test_sid: |
| 201 | @sh ./tsid 2>/dev/null | 208 | @$(SET_SO_PATHS); sh ./tsid 2>/dev/null |
| 202 | 209 | ||
| 203 | test_req: | 210 | test_req: |
| 204 | @sh ./treq 2>/dev/null | 211 | @$(SET_SO_PATHS); sh ./treq 2>/dev/null |
| 205 | @sh ./treq testreq2.pem 2>/dev/null | 212 | @$(SET_SO_PATHS); sh ./treq testreq2.pem 2>/dev/null |
| 206 | 213 | ||
| 207 | test_pkcs7: | 214 | test_pkcs7: |
| 208 | @sh ./tpkcs7 2>/dev/null | 215 | @$(SET_SO_PATHS); sh ./tpkcs7 2>/dev/null |
| 209 | @sh ./tpkcs7d 2>/dev/null | 216 | @$(SET_SO_PATHS); sh ./tpkcs7d 2>/dev/null |
| 210 | 217 | ||
| 211 | test_bn: | 218 | test_bn: |
| 212 | @echo starting big number library test, could take a while... | 219 | @echo starting big number library test, could take a while... |
| 213 | @./$(BNTEST) >tmp.bntest | 220 | @$(SET_SO_PATHS); ./$(BNTEST) >tmp.bntest |
| 214 | @echo quit >>tmp.bntest | 221 | @echo quit >>tmp.bntest |
| 215 | @echo "running bc" | 222 | @echo "running bc" |
| 216 | @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"' | 223 | @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"' |
| 217 | @echo 'test a^b%c implementations' | 224 | @echo 'test a^b%c implementations' |
| 218 | ./$(EXPTEST) | 225 | $(SET_SO_PATHS); ./$(EXPTEST) |
| 219 | 226 | ||
| 220 | test_ec: | 227 | test_ec: |
| 221 | @echo 'test elliptic curves' | 228 | @echo 'test elliptic curves' |
| 222 | ./$(ECTEST) | 229 | $(SET_SO_PATHS); ./$(ECTEST) |
| 223 | 230 | ||
| 224 | test_verify: | 231 | test_verify: |
| 225 | @echo "The following command should have some OK's and some failures" | 232 | @echo "The following command should have some OK's and some failures" |
| 226 | @echo "There are definitly a few expired certificates" | 233 | @echo "There are definitly a few expired certificates" |
| 227 | -../apps/openssl verify -CApath ../certs ../certs/*.pem | 234 | -$(SET_SO_PATHS); ../apps/openssl verify -CApath ../certs ../certs/*.pem |
| 228 | 235 | ||
| 229 | test_dh: | 236 | test_dh: |
| 230 | @echo "Generate a set of DH parameters" | 237 | @echo "Generate a set of DH parameters" |
| 231 | ./$(DHTEST) | 238 | $(SET_SO_PATHS); ./$(DHTEST) |
| 232 | 239 | ||
| 233 | test_dsa: | 240 | test_dsa: |
| 234 | @echo "Generate a set of DSA parameters" | 241 | @echo "Generate a set of DSA parameters" |
| 235 | ./$(DSATEST) | 242 | $(SET_SO_PATHS); ./$(DSATEST) |
| 236 | ./$(DSATEST) -app2_1 | 243 | $(SET_SO_PATHS); ./$(DSATEST) -app2_1 |
| 237 | 244 | ||
| 238 | test_gen: | 245 | test_gen: |
| 239 | @echo "Generate and verify a certificate request" | 246 | @echo "Generate and verify a certificate request" |
| 240 | @sh ./testgen | 247 | @$(SET_SO_PATHS); sh ./testgen |
| 241 | 248 | ||
| 242 | test_ss keyU.ss certU.ss certCA.ss: testss | 249 | test_ss keyU.ss certU.ss certCA.ss: testss |
| 243 | @echo "Generate and certify a test certificate" | 250 | @echo "Generate and certify a test certificate" |
| 244 | @sh ./testss | 251 | @$(SET_SO_PATHS); sh ./testss |
| 245 | 252 | ||
| 246 | test_engine: | 253 | test_engine: |
| 247 | @echo "Manipulate the ENGINE structures" | 254 | @echo "Manipulate the ENGINE structures" |
| 248 | ./$(ENGINETEST) | 255 | $(SET_SO_PATHS); ./$(ENGINETEST) |
| 249 | 256 | ||
| 250 | test_ssl: keyU.ss certU.ss certCA.ss | 257 | test_ssl: keyU.ss certU.ss certCA.ss |
| 251 | @echo "test SSL protocol" | 258 | @echo "test SSL protocol" |
| 252 | @sh ./testssl keyU.ss certU.ss certCA.ss | 259 | @$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss |
| 253 | 260 | ||
| 254 | test_ca: | 261 | test_ca: |
| 255 | @if ../apps/openssl no-rsa; then \ | 262 | @$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \ |
| 256 | echo "skipping CA.sh test -- requires RSA"; \ | 263 | echo "skipping CA.sh test -- requires RSA"; \ |
| 257 | else \ | 264 | else \ |
| 258 | echo "Generate and certify a test certificate via the 'ca' program"; \ | 265 | echo "Generate and certify a test certificate via the 'ca' program"; \ |
| 259 | sh ./testca; \ | 266 | sh ./testca; \ |
| 260 | fi | 267 | fi |
| 261 | 268 | ||
| 262 | test_rd: #$(RDTEST) | 269 | test_aes: #$(AESTEST) |
| 263 | # @echo "test Rijndael" | 270 | # @echo "test Rijndael" |
| 264 | # ./$(RDTEST) | 271 | # $(SET_SO_PATHS); ./$(AESTEST) |
| 265 | 272 | ||
| 266 | lint: | 273 | lint: |
| 267 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 274 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 268 | 275 | ||
| 269 | depend: | 276 | depend: |
| 270 | $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC) | 277 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC) |
| 271 | 278 | ||
| 272 | dclean: | 279 | dclean: |
| 273 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 280 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| @@ -277,101 +284,241 @@ clean: | |||
| 277 | rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log | 284 | rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log |
| 278 | 285 | ||
| 279 | $(DLIBSSL): | 286 | $(DLIBSSL): |
| 280 | (cd ../ssl; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}') | 287 | (cd ..; $(MAKE) DIRS=ssl all) |
| 281 | 288 | ||
| 282 | $(DLIBCRYPTO): | 289 | $(DLIBCRYPTO): |
| 283 | (cd ../crypto; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}') | 290 | (cd ..; $(MAKE) DIRS=crypto all) |
| 284 | 291 | ||
| 285 | $(RSATEST): $(RSATEST).o $(DLIBCRYPTO) | 292 | $(RSATEST): $(RSATEST).o $(DLIBCRYPTO) |
| 286 | $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 293 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 294 | $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 295 | else \ | ||
| 296 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 297 | $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 298 | fi | ||
| 287 | 299 | ||
| 288 | $(BNTEST): $(BNTEST).o $(DLIBCRYPTO) | 300 | $(BNTEST): $(BNTEST).o $(DLIBCRYPTO) |
| 289 | $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 301 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 302 | $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 303 | else \ | ||
| 304 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 305 | $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 306 | fi | ||
| 290 | 307 | ||
| 291 | $(ECTEST): $(ECTEST).o $(DLIBCRYPTO) | 308 | $(ECTEST): $(ECTEST).o $(DLIBCRYPTO) |
| 292 | $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 309 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 310 | $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 311 | else \ | ||
| 312 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 313 | $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 314 | fi | ||
| 293 | 315 | ||
| 294 | $(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO) | 316 | $(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO) |
| 295 | $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 317 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 318 | $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 319 | else \ | ||
| 320 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 321 | $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 322 | fi | ||
| 296 | 323 | ||
| 297 | $(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO) | 324 | $(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO) |
| 298 | $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 325 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 326 | $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 327 | else \ | ||
| 328 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 329 | $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 330 | fi | ||
| 299 | 331 | ||
| 300 | $(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO) | 332 | $(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO) |
| 301 | $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 333 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 334 | $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 335 | else \ | ||
| 336 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 337 | $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 338 | fi | ||
| 302 | 339 | ||
| 303 | $(SHATEST): $(SHATEST).o $(DLIBCRYPTO) | 340 | $(SHATEST): $(SHATEST).o $(DLIBCRYPTO) |
| 304 | $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 341 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 342 | $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 343 | else \ | ||
| 344 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 345 | $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 346 | fi | ||
| 305 | 347 | ||
| 306 | $(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO) | 348 | $(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO) |
| 307 | $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 349 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 350 | $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 351 | else \ | ||
| 352 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 353 | $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 354 | fi | ||
| 308 | 355 | ||
| 309 | $(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO) | 356 | $(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO) |
| 310 | $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 357 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 358 | $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 359 | else \ | ||
| 360 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 361 | $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 362 | fi | ||
| 311 | 363 | ||
| 312 | $(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO) | 364 | $(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO) |
| 313 | $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 365 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 366 | $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 367 | else \ | ||
| 368 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 369 | $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 370 | fi | ||
| 314 | 371 | ||
| 315 | $(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO) | 372 | $(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO) |
| 316 | $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 373 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 374 | $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 375 | else \ | ||
| 376 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 377 | $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 378 | fi | ||
| 317 | 379 | ||
| 318 | $(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO) | 380 | $(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO) |
| 319 | $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 381 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 382 | $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 383 | else \ | ||
| 384 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 385 | $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 386 | fi | ||
| 320 | 387 | ||
| 321 | $(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO) | 388 | $(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO) |
| 322 | $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 389 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 390 | $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 391 | else \ | ||
| 392 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 393 | $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 394 | fi | ||
| 323 | 395 | ||
| 324 | $(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO) | 396 | $(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO) |
| 325 | $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 397 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 398 | $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 399 | else \ | ||
| 400 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 401 | $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 402 | fi | ||
| 326 | 403 | ||
| 327 | $(BFTEST): $(BFTEST).o $(DLIBCRYPTO) | 404 | $(BFTEST): $(BFTEST).o $(DLIBCRYPTO) |
| 328 | $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 405 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 406 | $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 407 | else \ | ||
| 408 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 409 | $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 410 | fi | ||
| 329 | 411 | ||
| 330 | $(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO) | 412 | $(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO) |
| 331 | $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 413 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 414 | $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 415 | else \ | ||
| 416 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 417 | $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 418 | fi | ||
| 332 | 419 | ||
| 333 | $(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO) | 420 | $(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO) |
| 334 | $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 421 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 422 | $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 423 | else \ | ||
| 424 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 425 | $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 426 | fi | ||
| 335 | 427 | ||
| 336 | $(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO) | 428 | $(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO) |
| 337 | $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 429 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 430 | $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 431 | else \ | ||
| 432 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 433 | $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 434 | fi | ||
| 338 | 435 | ||
| 339 | $(DESTEST): $(DESTEST).o $(DLIBCRYPTO) | 436 | $(DESTEST): $(DESTEST).o $(DLIBCRYPTO) |
| 340 | $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 437 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 438 | $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 439 | else \ | ||
| 440 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 441 | $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 442 | fi | ||
| 341 | 443 | ||
| 342 | $(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO) | 444 | $(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO) |
| 343 | $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 445 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 446 | $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 447 | else \ | ||
| 448 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 449 | $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 450 | fi | ||
| 344 | 451 | ||
| 345 | $(DHTEST): $(DHTEST).o $(DLIBCRYPTO) | 452 | $(DHTEST): $(DHTEST).o $(DLIBCRYPTO) |
| 346 | $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 453 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 454 | $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 455 | else \ | ||
| 456 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 457 | $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 458 | fi | ||
| 347 | 459 | ||
| 348 | $(DSATEST): $(DSATEST).o $(DLIBCRYPTO) | 460 | $(DSATEST): $(DSATEST).o $(DLIBCRYPTO) |
| 349 | $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 461 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 462 | $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 463 | else \ | ||
| 464 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 465 | $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 466 | fi | ||
| 350 | 467 | ||
| 351 | $(METHTEST): $(METHTEST).o $(DLIBCRYPTO) | 468 | $(METHTEST): $(METHTEST).o $(DLIBCRYPTO) |
| 352 | $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 469 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 470 | $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 471 | else \ | ||
| 472 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 473 | $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 474 | fi | ||
| 353 | 475 | ||
| 354 | $(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) | 476 | $(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
| 355 | $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) | 477 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 478 | $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 479 | else \ | ||
| 480 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 481 | $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 482 | fi | ||
| 356 | 483 | ||
| 357 | $(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO) | 484 | $(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO) |
| 358 | $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 485 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 486 | $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 487 | else \ | ||
| 488 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 489 | $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 490 | fi | ||
| 359 | 491 | ||
| 360 | $(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO) | 492 | $(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO) |
| 361 | $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 493 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 494 | $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 495 | else \ | ||
| 496 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 497 | $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 498 | fi | ||
| 362 | 499 | ||
| 363 | #$(RDTEST).o: $(RDTEST).c | 500 | #$(AESTEST).o: $(AESTEST).c |
| 364 | # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c | 501 | # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
| 365 | 502 | ||
| 366 | #$(RDTEST): $(RDTEST).o $(DLIBCRYPTO) | 503 | #$(AESTEST): $(AESTEST).o $(DLIBCRYPTO) |
| 367 | # $(CC) -o $(RDTEST) $(CFLAGS) $(RDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 504 | # if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 505 | # $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 506 | # else \ | ||
| 507 | # LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 508 | # $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 509 | # fi | ||
| 368 | 510 | ||
| 369 | dummytest: dummytest.o $(DLIBCRYPTO) | 511 | dummytest: dummytest.o $(DLIBCRYPTO) |
| 370 | $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) | 512 | if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \ |
| 513 | $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \ | ||
| 514 | else \ | ||
| 515 | LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ | ||
| 516 | $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \ | ||
| 517 | fi | ||
| 371 | 518 | ||
| 372 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 519 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 373 | 520 | ||
| 374 | bftest.o: ../include/openssl/blowfish.h ../include/openssl/e_os2.h | 521 | bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h |
| 375 | bftest.o: ../include/openssl/opensslconf.h bftest.c | 522 | bftest.o: ../include/openssl/opensslconf.h bftest.c |
| 376 | bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 523 | bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 377 | bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 524 | bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| @@ -394,31 +541,30 @@ bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h | |||
| 394 | bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 541 | bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 395 | bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 542 | bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 396 | bntest.o: ../include/openssl/x509_vfy.h bntest.c | 543 | bntest.o: ../include/openssl/x509_vfy.h bntest.c |
| 397 | casttest.o: ../include/openssl/cast.h casttest.c | 544 | casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h |
| 545 | casttest.o: ../include/openssl/opensslconf.h casttest.c | ||
| 398 | destest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 546 | destest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| 399 | destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h | 547 | destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h |
| 400 | destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 548 | destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 401 | destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 549 | destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 402 | destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 550 | destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 403 | destest.o: ../include/openssl/ui_compat.h destest.c | 551 | destest.o: ../include/openssl/ui_compat.h destest.c |
| 404 | dhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h | 552 | dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 405 | dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h | 553 | dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h |
| 406 | dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h | 554 | dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| 407 | dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h | 555 | dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h |
| 408 | dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 556 | dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 409 | dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h | 557 | dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h |
| 410 | dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c | 558 | dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c |
| 411 | dsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 559 | dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 412 | dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 560 | dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h |
| 413 | dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 561 | dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h |
| 414 | dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h | ||
| 415 | dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h | 562 | dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h |
| 416 | dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 563 | dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 417 | dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 564 | dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h |
| 418 | dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 565 | dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 419 | dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 566 | dsatest.o: ../include/openssl/symhacks.h dsatest.c |
| 420 | dsatest.o: ../include/openssl/ui.h dsatest.c | 567 | ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 421 | ectest.o: ../include/openssl/asn1.h ../include/openssl/bio.h | ||
| 422 | ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 568 | ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h |
| 423 | ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 569 | ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h |
| 424 | ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 570 | ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| @@ -439,7 +585,7 @@ enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h | |||
| 439 | enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 585 | enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 440 | enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 586 | enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 441 | enginetest.o: enginetest.c | 587 | enginetest.o: enginetest.c |
| 442 | evp_test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 588 | evp_test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 443 | evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 589 | evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 444 | evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 590 | evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 445 | evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 591 | evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -459,14 +605,14 @@ evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | |||
| 459 | evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h | 605 | evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 460 | evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 606 | evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 461 | evp_test.o: ../include/openssl/ui_compat.h evp_test.c | 607 | evp_test.o: ../include/openssl/ui_compat.h evp_test.c |
| 462 | exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h | 608 | exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 463 | exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 609 | exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 464 | exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h | 610 | exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h |
| 465 | exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 611 | exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 466 | exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 612 | exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h |
| 467 | exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 613 | exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 468 | exptest.o: ../include/openssl/symhacks.h exptest.c | 614 | exptest.o: ../include/openssl/symhacks.h exptest.c |
| 469 | hmactest.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 615 | hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 470 | hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 616 | hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 471 | hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h | 617 | hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 472 | hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 618 | hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -484,9 +630,9 @@ hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | |||
| 484 | hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h | 630 | hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 485 | hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | 631 | hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h |
| 486 | hmactest.o: ../include/openssl/ui_compat.h hmactest.c | 632 | hmactest.o: ../include/openssl/ui_compat.h hmactest.c |
| 487 | ideatest.o: ../include/openssl/idea.h ../include/openssl/opensslconf.h | 633 | ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h |
| 488 | ideatest.o: ideatest.c | 634 | ideatest.o: ../include/openssl/opensslconf.h ideatest.c |
| 489 | md2test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 635 | md2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 490 | md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 636 | md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 491 | md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 637 | md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 492 | md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 638 | md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -503,7 +649,7 @@ md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 503 | md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 649 | md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 504 | md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 650 | md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 505 | md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c | 651 | md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c |
| 506 | md4test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 652 | md4test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 507 | md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 653 | md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 508 | md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 654 | md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 509 | md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 655 | md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -520,7 +666,7 @@ md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 520 | md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 666 | md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 521 | md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 667 | md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 522 | md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c | 668 | md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c |
| 523 | md5test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 669 | md5test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 524 | md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 670 | md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 525 | md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 671 | md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 526 | md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 672 | md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -537,7 +683,7 @@ md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 537 | md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 683 | md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 538 | md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 684 | md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 539 | md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c | 685 | md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c |
| 540 | mdc2test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 686 | mdc2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 541 | mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 687 | mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 542 | mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 688 | mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 543 | mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 689 | mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -554,12 +700,16 @@ mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 554 | mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 700 | mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 555 | mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 701 | mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 556 | mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c | 702 | mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c |
| 557 | randtest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h | 703 | randtest.o: ../e_os.h ../include/openssl/e_os2.h |
| 558 | randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h randtest.c | 704 | randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h |
| 705 | randtest.o: ../include/openssl/rand.h randtest.c | ||
| 706 | rc2test.o: ../e_os.h ../include/openssl/e_os2.h | ||
| 559 | rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c | 707 | rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c |
| 708 | rc4test.o: ../e_os.h ../include/openssl/e_os2.h | ||
| 560 | rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c | 709 | rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c |
| 561 | rc5test.o: ../include/openssl/rc5.h rc5test.c | 710 | rc5test.o: ../e_os.h ../include/openssl/e_os2.h |
| 562 | rmdtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 711 | rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c |
| 712 | rmdtest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | ||
| 563 | rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 713 | rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 564 | rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h | 714 | rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 565 | rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 715 | rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -578,15 +728,13 @@ rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | |||
| 578 | rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c | 728 | rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c |
| 579 | rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 729 | rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 580 | rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 730 | rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h |
| 581 | rsa_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 731 | rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| 582 | rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h | 732 | rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h |
| 583 | rsa_test.o: ../include/openssl/err.h ../include/openssl/lhash.h | 733 | rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 584 | rsa_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 734 | rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 585 | rsa_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 735 | rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 586 | rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 736 | rsa_test.o: ../include/openssl/symhacks.h rsa_test.c |
| 587 | rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 737 | sha1test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 588 | rsa_test.o: ../include/openssl/ui.h rsa_test.c | ||
| 589 | sha1test.o: ../include/openssl/aes.h ../include/openssl/asn1.h | ||
| 590 | sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 738 | sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 591 | sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h | 739 | sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 592 | sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h | 740 | sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| @@ -603,7 +751,7 @@ sha1test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | |||
| 603 | sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 751 | sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 604 | sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 752 | sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 605 | sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c | 753 | sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c |
| 606 | shatest.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 754 | shatest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 607 | shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 755 | shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 608 | shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h | 756 | shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h |
| 609 | shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h | 757 | shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h |
diff --git a/src/lib/libssl/test/maketests.com b/src/lib/libssl/test/maketests.com index 91e859deab..7c44e4545a 100644 --- a/src/lib/libssl/test/maketests.com +++ b/src/lib/libssl/test/maketests.com | |||
| @@ -16,22 +16,10 @@ $! The test "executeables" will be placed in a directory called | |||
| 16 | $! [.xxx.EXE.TEST] where "xxx" denotes AXP or VAX depending on your machines | 16 | $! [.xxx.EXE.TEST] where "xxx" denotes AXP or VAX depending on your machines |
| 17 | $! architecture. | 17 | $! architecture. |
| 18 | $! | 18 | $! |
| 19 | $! Specify RSAREF as P1 to compile with the RSAREF library instead of | 19 | $! Specify DEBUG or NODEBUG P1 to compile with or without debugger |
| 20 | $! the regular one. If you specify NORSAREF it will compile with the | ||
| 21 | $! regular RSAREF routines. (Note: If you are in the United States | ||
| 22 | $! you MUST compile with RSAREF unless you have a license from RSA). | ||
| 23 | $! | ||
| 24 | $! Note: The RSAREF libraries are NOT INCLUDED and you have to | ||
| 25 | $! download it from "ftp://ftp.rsa.com/rsaref". You have to | ||
| 26 | $! get the ".tar-Z" file as the ".zip" file dosen't have the | ||
| 27 | $! directory structure stored. You have to extract the file | ||
| 28 | $! into the [.RSAREF] directory under the root directory as that | ||
| 29 | $! is where the scripts will look for the files. | ||
| 30 | $! | ||
| 31 | $! Specify DEBUG or NODEBUG P2 to compile with or without debugger | ||
| 32 | $! information. | 20 | $! information. |
| 33 | $! | 21 | $! |
| 34 | $! Specify which compiler at P3 to try to compile under. | 22 | $! Specify which compiler at P2 to try to compile under. |
| 35 | $! | 23 | $! |
| 36 | $! VAXC For VAX C. | 24 | $! VAXC For VAX C. |
| 37 | $! DECC For DEC C. | 25 | $! DECC For DEC C. |
| @@ -40,13 +28,13 @@ $! | |||
| 40 | $! If you don't speficy a compiler, it will try to determine which | 28 | $! If you don't speficy a compiler, it will try to determine which |
| 41 | $! "C" compiler to use. | 29 | $! "C" compiler to use. |
| 42 | $! | 30 | $! |
| 43 | $! P4, if defined, sets a TCP/IP library to use, through one of the following | 31 | $! P3, if defined, sets a TCP/IP library to use, through one of the following |
| 44 | $! keywords: | 32 | $! keywords: |
| 45 | $! | 33 | $! |
| 46 | $! UCX for UCX | 34 | $! UCX for UCX |
| 47 | $! SOCKETSHR for SOCKETSHR+NETLIB | 35 | $! SOCKETSHR for SOCKETSHR+NETLIB |
| 48 | $! | 36 | $! |
| 49 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | 37 | $! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) |
| 50 | $! | 38 | $! |
| 51 | $! | 39 | $! |
| 52 | $! Define A TCP/IP Library That We Will Need To Link To. | 40 | $! Define A TCP/IP Library That We Will Need To Link To. |
| @@ -91,10 +79,6 @@ $! Define The CRYPTO-LIB We Are To Use. | |||
| 91 | $! | 79 | $! |
| 92 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB | 80 | $ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB |
| 93 | $! | 81 | $! |
| 94 | $! Define The RSAREF-LIB We Are To Use. | ||
| 95 | $! | ||
| 96 | $ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB | ||
| 97 | $! | ||
| 98 | $! Define The SSL We Are To Use. | 82 | $! Define The SSL We Are To Use. |
| 99 | $! | 83 | $! |
| 100 | $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB | 84 | $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB |
| @@ -227,74 +211,32 @@ $! | |||
| 227 | $ ENDIF | 211 | $ ENDIF |
| 228 | $! | 212 | $! |
| 229 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. | 213 | $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. |
| 214 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 230 | $! | 215 | $! |
| 231 | $ IF (RSAREF.EQS."TRUE") | 216 | $ IF (TCPIP_LIB.NES."") |
| 232 | $ THEN | 217 | $ THEN |
| 233 | $! | 218 | $! |
| 234 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | 219 | $! Don't Link With The RSAREF Routines And TCP/IP Library. |
| 235 | $! | ||
| 236 | $ IF (TCPIP_LIB.NES."") | ||
| 237 | $ THEN | ||
| 238 | $! | ||
| 239 | $! Link With The RSAREF Library And A Specific TCP/IP Library. | ||
| 240 | $! | ||
| 241 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 242 | 'OBJECT_FILE',- | ||
| 243 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 244 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
| 245 | $! | ||
| 246 | $! Else... | ||
| 247 | $! | ||
| 248 | $ ELSE | ||
| 249 | $! | ||
| 250 | $! Link With The RSAREF Library And NO TCP/IP Library. | ||
| 251 | $! | ||
| 252 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | ||
| 253 | 'OBJECT_FILE', - | ||
| 254 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, - | ||
| 255 | 'OPT_FILE'/OPTION | ||
| 256 | $! | ||
| 257 | $! End The TCP/IP Library Check. | ||
| 258 | $! | ||
| 259 | $ ENDIF | ||
| 260 | $! | ||
| 261 | $! Else... | ||
| 262 | $! | ||
| 263 | $ ELSE | ||
| 264 | $! | ||
| 265 | $! Don't Link With The RSAREF Routines. | ||
| 266 | $! | ||
| 267 | $! | ||
| 268 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
| 269 | $! | ||
| 270 | $ IF (TCPIP_LIB.NES."") | ||
| 271 | $ THEN | ||
| 272 | $! | ||
| 273 | $! Don't Link With The RSAREF Routines And TCP/IP Library. | ||
| 274 | $! | 220 | $! |
| 275 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | 221 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - |
| 276 | 'OBJECT_FILE', - | 222 | 'OBJECT_FILE', - |
| 277 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | 223 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - |
| 278 | 'TCPIP_LIB','OPT_FILE'/OPTION | 224 | 'TCPIP_LIB','OPT_FILE'/OPTION |
| 279 | $! | 225 | $! |
| 280 | $! Else... | 226 | $! Else... |
| 281 | $! | 227 | $! |
| 282 | $ ELSE | 228 | $ ELSE |
| 283 | $! | 229 | $! |
| 284 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. | 230 | $! Don't Link With The RSAREF Routines And Link With A TCP/IP Library. |
| 285 | $! | 231 | $! |
| 286 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - | 232 | $ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' - |
| 287 | 'OBJECT_FILE', - | 233 | 'OBJECT_FILE', - |
| 288 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - | 234 | 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, - |
| 289 | 'OPT_FILE'/OPTION | 235 | 'OPT_FILE'/OPTION |
| 290 | $! | 236 | $! |
| 291 | $! End The TCP/IP Library Check. | 237 | $! End The TCP/IP Library Check. |
| 292 | $! | ||
| 293 | $ ENDIF | ||
| 294 | $! | ||
| 295 | $! End The RSAREF Link Check. | ||
| 296 | $! | 238 | $! |
| 297 | $ ENDIF | 239 | $ ENDIF |
| 298 | $! | 240 | $! |
| 299 | $! Go Back And Do It Again. | 241 | $! Go Back And Do It Again. |
| 300 | $! | 242 | $! |
| @@ -459,32 +401,6 @@ $! End The Crypto Library Check. | |||
| 459 | $! | 401 | $! |
| 460 | $ ENDIF | 402 | $ ENDIF |
| 461 | $! | 403 | $! |
| 462 | $! See If We Need The RSAREF Library... | ||
| 463 | $! | ||
| 464 | $ IF (RSAREF.EQS."TRUE") | ||
| 465 | $ THEN | ||
| 466 | $! | ||
| 467 | $! Look For The Library LIBRSAGLUE.OLB. | ||
| 468 | $! | ||
| 469 | $ IF (F$SEARCH(RSAREF_LIB).EQS."") | ||
| 470 | $ THEN | ||
| 471 | $! | ||
| 472 | $! Tell The User We Can't Find The LIBRSAGLUE.OLB Library. | ||
| 473 | $! | ||
| 474 | $ WRITE SYS$OUTPUT "" | ||
| 475 | $ WRITE SYS$OUTPUT "Can't Find The Library ",RSAREF_LIB,"." | ||
| 476 | $ WRITE SYS$OUTPUT "We Can't Link Without It." | ||
| 477 | $ WRITE SYS$OUTPUT "" | ||
| 478 | $! | ||
| 479 | $! Since We Can't Link Without It, Exit. | ||
| 480 | $! | ||
| 481 | $ EXIT | ||
| 482 | $ ENDIF | ||
| 483 | $! | ||
| 484 | $! End The RSAREF Library Check. | ||
| 485 | $! | ||
| 486 | $ ENDIF | ||
| 487 | $! | ||
| 488 | $! Look For The Library LIBSSL.OLB. | 404 | $! Look For The Library LIBSSL.OLB. |
| 489 | $! | 405 | $! |
| 490 | $ IF (F$SEARCH(SSL_LIB).EQS."") | 406 | $ IF (F$SEARCH(SSL_LIB).EQS."") |
| @@ -515,75 +431,10 @@ $ CHECK_OPTIONS: | |||
| 515 | $! | 431 | $! |
| 516 | $! Check To See If P1 Is Blank. | 432 | $! Check To See If P1 Is Blank. |
| 517 | $! | 433 | $! |
| 518 | $ P1 = "NORSAREF" | 434 | $ IF (P1.EQS."NODEBUG") |
| 519 | $ IF (P1.EQS."NORSAREF") | ||
| 520 | $ THEN | ||
| 521 | $! | ||
| 522 | $! P1 Is NORSAREF, So Compile With The Regular RSA Libraries. | ||
| 523 | $! | ||
| 524 | $ RSAREF = "FALSE" | ||
| 525 | $ ELSE | ||
| 526 | $! | ||
| 527 | $! Check To See If We Are To Use The RSAREF Library. | ||
| 528 | $! | ||
| 529 | $ IF (P1.EQS."RSAREF") | ||
| 530 | $ THEN | ||
| 531 | $! | ||
| 532 | $! Check To Make Sure We Have The RSAREF Source Code Directory. | ||
| 533 | $! | ||
| 534 | $ IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."") | ||
| 535 | $ THEN | ||
| 536 | $! | ||
| 537 | $! We Don't Have The RSAREF Souce Code Directory, So Tell The | ||
| 538 | $! User This. | ||
| 539 | $! | ||
| 540 | $ WRITE SYS$OUTPUT "" | ||
| 541 | $ WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code." | ||
| 542 | $ WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'. You have to" | ||
| 543 | $ WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the" | ||
| 544 | $ WRITE SYS$OUTPUT "directory structure stored. You have to extract the file" | ||
| 545 | $ WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory" | ||
| 546 | $ WRITE SYS$OUTPUT "as that is where the scripts will look for the files." | ||
| 547 | $ WRITE SYS$OUTPUT "" | ||
| 548 | $! | ||
| 549 | $! Time To Exit. | ||
| 550 | $! | ||
| 551 | $ EXIT | ||
| 552 | $! | ||
| 553 | $! Else, Compile Using The RSAREF Library. | ||
| 554 | $! | ||
| 555 | $ ELSE | ||
| 556 | $ RSAREF = "TRUE" | ||
| 557 | $ ENDIF | ||
| 558 | $ ELSE | ||
| 559 | $! | ||
| 560 | $! They Entered An Invalid Option.. | ||
| 561 | $! | ||
| 562 | $ WRITE SYS$OUTPUT "" | ||
| 563 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" | ||
| 564 | $ WRITE SYS$OUTPUT "" | ||
| 565 | $ WRITE SYS$OUTPUT " RSAREF : Compile With The RSAREF Library." | ||
| 566 | $ WRITE SYS$OUTPUT " NORSAREF : Compile With The Regular RSA Library." | ||
| 567 | $ WRITE SYS$OUTPUT "" | ||
| 568 | $! | ||
| 569 | $! Time To EXIT. | ||
| 570 | $! | ||
| 571 | $ EXIT | ||
| 572 | $! | ||
| 573 | $! End The Valid Arguement Check. | ||
| 574 | $! | ||
| 575 | $ ENDIF | ||
| 576 | $! | ||
| 577 | $! End The P1 Check. | ||
| 578 | $! | ||
| 579 | $ ENDIF | ||
| 580 | $! | ||
| 581 | $! Check To See If P2 Is Blank. | ||
| 582 | $! | ||
| 583 | $ IF (P2.EQS."NODEBUG") | ||
| 584 | $ THEN | 435 | $ THEN |
| 585 | $! | 436 | $! |
| 586 | $! P2 Is NODEBUG, So Compile Without Debugger Information. | 437 | $! P1 Is NODEBUG, So Compile Without Debugger Information. |
| 587 | $! | 438 | $! |
| 588 | $ DEBUGGER = "NODEBUG" | 439 | $ DEBUGGER = "NODEBUG" |
| 589 | $ TRACEBACK = "NOTRACEBACK" | 440 | $ TRACEBACK = "NOTRACEBACK" |
| @@ -598,7 +449,7 @@ $ ELSE | |||
| 598 | $! | 449 | $! |
| 599 | $! Check To See If We Are To Compile With Debugger Information. | 450 | $! Check To See If We Are To Compile With Debugger Information. |
| 600 | $! | 451 | $! |
| 601 | $ IF (P2.EQS."DEBUG") | 452 | $ IF (P1.EQS."DEBUG") |
| 602 | $ THEN | 453 | $ THEN |
| 603 | $! | 454 | $! |
| 604 | $! Compile With Debugger Information. | 455 | $! Compile With Debugger Information. |
| @@ -617,7 +468,7 @@ $! | |||
| 617 | $! Tell The User Entered An Invalid Option.. | 468 | $! Tell The User Entered An Invalid Option.. |
| 618 | $! | 469 | $! |
| 619 | $ WRITE SYS$OUTPUT "" | 470 | $ WRITE SYS$OUTPUT "" |
| 620 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | 471 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" |
| 621 | $ WRITE SYS$OUTPUT "" | 472 | $ WRITE SYS$OUTPUT "" |
| 622 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | 473 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." |
| 623 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | 474 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." |
| @@ -631,13 +482,13 @@ $! End The Valid Arguement Check. | |||
| 631 | $! | 482 | $! |
| 632 | $ ENDIF | 483 | $ ENDIF |
| 633 | $! | 484 | $! |
| 634 | $! End The P3 Check. | 485 | $! End The P2 Check. |
| 635 | $! | 486 | $! |
| 636 | $ ENDIF | 487 | $ ENDIF |
| 637 | $! | 488 | $! |
| 638 | $! Check To See If P3 Is Blank. | 489 | $! Check To See If P2 Is Blank. |
| 639 | $! | 490 | $! |
| 640 | $ IF (P3.EQS."") | 491 | $ IF (P2.EQS."") |
| 641 | $ THEN | 492 | $ THEN |
| 642 | $! | 493 | $! |
| 643 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | 494 | $! O.K., The User Didn't Specify A Compiler, Let's Try To |
| @@ -650,7 +501,7 @@ $ THEN | |||
| 650 | $! | 501 | $! |
| 651 | $! Looks Like GNUC, Set To Use GNUC. | 502 | $! Looks Like GNUC, Set To Use GNUC. |
| 652 | $! | 503 | $! |
| 653 | $ P3 = "GNUC" | 504 | $ P2 = "GNUC" |
| 654 | $! | 505 | $! |
| 655 | $! End The GNU C Compiler Check. | 506 | $! End The GNU C Compiler Check. |
| 656 | $! | 507 | $! |
| @@ -663,7 +514,7 @@ $ THEN | |||
| 663 | $! | 514 | $! |
| 664 | $! Looks Like DECC, Set To Use DECC. | 515 | $! Looks Like DECC, Set To Use DECC. |
| 665 | $! | 516 | $! |
| 666 | $ P3 = "DECC" | 517 | $ P2 = "DECC" |
| 667 | $! | 518 | $! |
| 668 | $! Else... | 519 | $! Else... |
| 669 | $! | 520 | $! |
| @@ -671,7 +522,7 @@ $ ELSE | |||
| 671 | $! | 522 | $! |
| 672 | $! Looks Like VAXC, Set To Use VAXC. | 523 | $! Looks Like VAXC, Set To Use VAXC. |
| 673 | $! | 524 | $! |
| 674 | $ P3 = "VAXC" | 525 | $ P2 = "VAXC" |
| 675 | $! | 526 | $! |
| 676 | $! End The VAXC Compiler Check. | 527 | $! End The VAXC Compiler Check. |
| 677 | $! | 528 | $! |
| @@ -685,9 +536,9 @@ $! End The Compiler Check. | |||
| 685 | $! | 536 | $! |
| 686 | $ ENDIF | 537 | $ ENDIF |
| 687 | $! | 538 | $! |
| 688 | $! Check To See If We Have A Option For P4. | 539 | $! Check To See If We Have A Option For P3. |
| 689 | $! | 540 | $! |
| 690 | $ IF (P4.EQS."") | 541 | $ IF (P3.EQS."") |
| 691 | $ THEN | 542 | $ THEN |
| 692 | $! | 543 | $! |
| 693 | $! Find out what socket library we have available | 544 | $! Find out what socket library we have available |
| @@ -697,7 +548,7 @@ $ THEN | |||
| 697 | $! | 548 | $! |
| 698 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | 549 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. |
| 699 | $! | 550 | $! |
| 700 | $ P4 = "SOCKETSHR" | 551 | $ P3 = "SOCKETSHR" |
| 701 | $! | 552 | $! |
| 702 | $! Tell the user | 553 | $! Tell the user |
| 703 | $! | 554 | $! |
| @@ -717,7 +568,7 @@ $ THEN | |||
| 717 | $! | 568 | $! |
| 718 | $! Last resort: a UCX or UCX-compatible library | 569 | $! Last resort: a UCX or UCX-compatible library |
| 719 | $! | 570 | $! |
| 720 | $ P4 = "UCX" | 571 | $ P3 = "UCX" |
| 721 | $! | 572 | $! |
| 722 | $! Tell the user | 573 | $! Tell the user |
| 723 | $! | 574 | $! |
| @@ -731,7 +582,7 @@ $ ENDIF | |||
| 731 | $! | 582 | $! |
| 732 | $! Set Up Initial CC Definitions, Possibly With User Ones | 583 | $! Set Up Initial CC Definitions, Possibly With User Ones |
| 733 | $! | 584 | $! |
| 734 | $ CCDEFS = "TCPIP_TYPE_''P4'" | 585 | $ CCDEFS = "TCPIP_TYPE_''P3'" |
| 735 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | 586 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS |
| 736 | $ CCEXTRAFLAGS = "" | 587 | $ CCEXTRAFLAGS = "" |
| 737 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | 588 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS |
| @@ -741,12 +592,12 @@ $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | |||
| 741 | $! | 592 | $! |
| 742 | $! Check To See If The User Entered A Valid Paramter. | 593 | $! Check To See If The User Entered A Valid Paramter. |
| 743 | $! | 594 | $! |
| 744 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") | 595 | $ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC") |
| 745 | $ THEN | 596 | $ THEN |
| 746 | $! | 597 | $! |
| 747 | $! Check To See If The User Wanted DECC. | 598 | $! Check To See If The User Wanted DECC. |
| 748 | $! | 599 | $! |
| 749 | $ IF (P3.EQS."DECC") | 600 | $ IF (P2.EQS."DECC") |
| 750 | $ THEN | 601 | $ THEN |
| 751 | $! | 602 | $! |
| 752 | $! Looks Like DECC, Set To Use DECC. | 603 | $! Looks Like DECC, Set To Use DECC. |
| @@ -776,7 +627,7 @@ $ ENDIF | |||
| 776 | $! | 627 | $! |
| 777 | $! Check To See If We Are To Use VAXC. | 628 | $! Check To See If We Are To Use VAXC. |
| 778 | $! | 629 | $! |
| 779 | $ IF (P3.EQS."VAXC") | 630 | $ IF (P2.EQS."VAXC") |
| 780 | $ THEN | 631 | $ THEN |
| 781 | $! | 632 | $! |
| 782 | $! Looks Like VAXC, Set To Use VAXC. | 633 | $! Looks Like VAXC, Set To Use VAXC. |
| @@ -814,7 +665,7 @@ $ ENDIF | |||
| 814 | $! | 665 | $! |
| 815 | $! Check To See If We Are To Use GNU C. | 666 | $! Check To See If We Are To Use GNU C. |
| 816 | $! | 667 | $! |
| 817 | $ IF (P3.EQS."GNUC") | 668 | $ IF (P2.EQS."GNUC") |
| 818 | $ THEN | 669 | $ THEN |
| 819 | $! | 670 | $! |
| 820 | $! Looks Like GNUC, Set To Use GNUC. | 671 | $! Looks Like GNUC, Set To Use GNUC. |
| @@ -842,31 +693,6 @@ $! Set up default defines | |||
| 842 | $! | 693 | $! |
| 843 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | 694 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS |
| 844 | $! | 695 | $! |
| 845 | $! Check To See If We Are To Compile With RSAREF Routines. | ||
| 846 | $! | ||
| 847 | $ IF (RSAREF.EQS."TRUE") | ||
| 848 | $ THEN | ||
| 849 | $! | ||
| 850 | $! Compile With RSAREF. | ||
| 851 | $! | ||
| 852 | $ CCDEFS = CCDEFS + ",""RSAref=1""" | ||
| 853 | $! | ||
| 854 | $! Tell The User This. | ||
| 855 | $! | ||
| 856 | $ WRITE SYS$OUTPUT "Compiling With RSAREF Routines." | ||
| 857 | $! | ||
| 858 | $! Else, We Don't Care. Compile Without The RSAREF Library. | ||
| 859 | $! | ||
| 860 | $ ELSE | ||
| 861 | $! | ||
| 862 | $! Tell The User We Are Compile Without The RSAREF Routines. | ||
| 863 | $! | ||
| 864 | $ WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines. | ||
| 865 | $! | ||
| 866 | $! End The RSAREF Check. | ||
| 867 | $! | ||
| 868 | $ ENDIF | ||
| 869 | $! | ||
| 870 | $! Finish up the definition of CC. | 696 | $! Finish up the definition of CC. |
| 871 | $! | 697 | $! |
| 872 | $ IF COMPILER .EQS. "DECC" | 698 | $ IF COMPILER .EQS. "DECC" |
| @@ -896,7 +722,7 @@ $! | |||
| 896 | $! Tell The User We Don't Know What They Want. | 722 | $! Tell The User We Don't Know What They Want. |
| 897 | $! | 723 | $! |
| 898 | $ WRITE SYS$OUTPUT "" | 724 | $ WRITE SYS$OUTPUT "" |
| 899 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | 725 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" |
| 900 | $ WRITE SYS$OUTPUT "" | 726 | $ WRITE SYS$OUTPUT "" |
| 901 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | 727 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." |
| 902 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | 728 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." |
| @@ -910,13 +736,13 @@ $ ENDIF | |||
| 910 | $! | 736 | $! |
| 911 | $! Time to check the contents, and to make sure we get the correct library. | 737 | $! Time to check the contents, and to make sure we get the correct library. |
| 912 | $! | 738 | $! |
| 913 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - | 739 | $ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" - |
| 914 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" | 740 | .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE" |
| 915 | $ THEN | 741 | $ THEN |
| 916 | $! | 742 | $! |
| 917 | $! Check to see if SOCKETSHR was chosen | 743 | $! Check to see if SOCKETSHR was chosen |
| 918 | $! | 744 | $! |
| 919 | $ IF P4.EQS."SOCKETSHR" | 745 | $ IF P3.EQS."SOCKETSHR" |
| 920 | $ THEN | 746 | $ THEN |
| 921 | $! | 747 | $! |
| 922 | $! Set the library to use SOCKETSHR | 748 | $! Set the library to use SOCKETSHR |
| @@ -929,12 +755,12 @@ $ ENDIF | |||
| 929 | $! | 755 | $! |
| 930 | $! Check to see if MULTINET was chosen | 756 | $! Check to see if MULTINET was chosen |
| 931 | $! | 757 | $! |
| 932 | $ IF P4.EQS."MULTINET" | 758 | $ IF P3.EQS."MULTINET" |
| 933 | $ THEN | 759 | $ THEN |
| 934 | $! | 760 | $! |
| 935 | $! Set the library to use UXC emulation. | 761 | $! Set the library to use UXC emulation. |
| 936 | $! | 762 | $! |
| 937 | $ P4 = "UCX" | 763 | $ P3 = "UCX" |
| 938 | $! | 764 | $! |
| 939 | $! Done with MULTINET | 765 | $! Done with MULTINET |
| 940 | $! | 766 | $! |
| @@ -942,7 +768,7 @@ $ ENDIF | |||
| 942 | $! | 768 | $! |
| 943 | $! Check to see if UCX was chosen | 769 | $! Check to see if UCX was chosen |
| 944 | $! | 770 | $! |
| 945 | $ IF P4.EQS."UCX" | 771 | $ IF P3.EQS."UCX" |
| 946 | $ THEN | 772 | $ THEN |
| 947 | $! | 773 | $! |
| 948 | $! Set the library to use UCX. | 774 | $! Set the library to use UCX. |
| @@ -962,7 +788,7 @@ $ ENDIF | |||
| 962 | $! | 788 | $! |
| 963 | $! Check to see if TCPIP was chosen | 789 | $! Check to see if TCPIP was chosen |
| 964 | $! | 790 | $! |
| 965 | $ IF P4.EQS."TCPIP" | 791 | $ IF P3.EQS."TCPIP" |
| 966 | $ THEN | 792 | $ THEN |
| 967 | $! | 793 | $! |
| 968 | $! Set the library to use TCPIP (post UCX). | 794 | $! Set the library to use TCPIP (post UCX). |
| @@ -975,7 +801,7 @@ $ ENDIF | |||
| 975 | $! | 801 | $! |
| 976 | $! Check to see if NONE was chosen | 802 | $! Check to see if NONE was chosen |
| 977 | $! | 803 | $! |
| 978 | $ IF P4.EQS."NONE" | 804 | $ IF P3.EQS."NONE" |
| 979 | $ THEN | 805 | $ THEN |
| 980 | $! | 806 | $! |
| 981 | $! Do not use a TCPIP library. | 807 | $! Do not use a TCPIP library. |
| @@ -997,7 +823,7 @@ $! | |||
| 997 | $! Tell The User We Don't Know What They Want. | 823 | $! Tell The User We Don't Know What They Want. |
| 998 | $! | 824 | $! |
| 999 | $ WRITE SYS$OUTPUT "" | 825 | $ WRITE SYS$OUTPUT "" |
| 1000 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | 826 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" |
| 1001 | $ WRITE SYS$OUTPUT "" | 827 | $ WRITE SYS$OUTPUT "" |
| 1002 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | 828 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." |
| 1003 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | 829 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." |
| @@ -1018,9 +844,9 @@ $! Written By: Richard Levitte | |||
| 1018 | $! richard@levitte.org | 844 | $! richard@levitte.org |
| 1019 | $! | 845 | $! |
| 1020 | $! | 846 | $! |
| 1021 | $! Check To See If We Have A Option For P5. | 847 | $! Check To See If We Have A Option For P4. |
| 1022 | $! | 848 | $! |
| 1023 | $ IF (P5.EQS."") | 849 | $ IF (P4.EQS."") |
| 1024 | $ THEN | 850 | $ THEN |
| 1025 | $! | 851 | $! |
| 1026 | $! Get The Version Of VMS We Are Using. | 852 | $! Get The Version Of VMS We Are Using. |
| @@ -1042,7 +868,7 @@ $! End The VMS Version Check. | |||
| 1042 | $! | 868 | $! |
| 1043 | $ ENDIF | 869 | $ ENDIF |
| 1044 | $! | 870 | $! |
| 1045 | $! End The P5 Check. | 871 | $! End The P4 Check. |
| 1046 | $! | 872 | $! |
| 1047 | $ ENDIF | 873 | $ ENDIF |
| 1048 | $! | 874 | $! |
diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c index 06ccb3b310..005c2f4822 100644 --- a/src/lib/libssl/test/methtest.c +++ b/src/lib/libssl/test/methtest.c | |||
| @@ -96,10 +96,10 @@ char *argv[]; | |||
| 96 | METH_init(top); | 96 | METH_init(top); |
| 97 | METH_control(tmp1,METH_CONTROL_DUMP,stdout); | 97 | METH_control(tmp1,METH_CONTROL_DUMP,stdout); |
| 98 | METH_control(tmp2,METH_CONTROL_DUMP,stdout); | 98 | METH_control(tmp2,METH_CONTROL_DUMP,stdout); |
| 99 | exit(0); | 99 | EXIT(0); |
| 100 | err: | 100 | err: |
| 101 | ERR_load_crypto_strings(); | 101 | ERR_load_crypto_strings(); |
| 102 | ERR_print_errors_fp(stderr); | 102 | ERR_print_errors_fp(stderr); |
| 103 | exit(1); | 103 | EXIT(1); |
| 104 | return(0); | 104 | return(0); |
| 105 | } | 105 | } |
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen index 55c496f4bc..3798543e04 100644 --- a/src/lib/libssl/test/testgen +++ b/src/lib/libssl/test/testgen | |||
| @@ -27,6 +27,8 @@ fi | |||
| 27 | 27 | ||
| 28 | echo "This could take some time." | 28 | echo "This could take some time." |
| 29 | 29 | ||
| 30 | rm -f testkey.pem testreq.pem | ||
| 31 | |||
| 30 | ../apps/openssl req -config test.cnf $req_new -out testreq.pem | 32 | ../apps/openssl req -config test.cnf $req_new -out testreq.pem |
| 31 | if [ $? != 0 ]; then | 33 | if [ $? != 0 ]; then |
| 32 | echo problems creating request | 34 | echo problems creating request |
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl index ba5e41c861..ca8e718022 100644 --- a/src/lib/libssl/test/testssl +++ b/src/lib/libssl/test/testssl | |||
| @@ -121,8 +121,12 @@ $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 | |||
| 121 | 121 | ||
| 122 | ############################################################################# | 122 | ############################################################################# |
| 123 | 123 | ||
| 124 | echo test tls1 with 1024bit anonymous DH, multiple handshakes | 124 | if ../apps/openssl no-dh; then |
| 125 | $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 | 125 | echo skipping anonymous DH tests |
| 126 | else | ||
| 127 | echo test tls1 with 1024bit anonymous DH, multiple handshakes | ||
| 128 | $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 | ||
| 129 | fi | ||
| 126 | 130 | ||
| 127 | if ../apps/openssl no-rsa; then | 131 | if ../apps/openssl no-rsa; then |
| 128 | echo skipping RSA tests | 132 | echo skipping RSA tests |
| @@ -130,8 +134,12 @@ else | |||
| 130 | echo test tls1 with 1024bit RSA, no DHE, multiple handshakes | 134 | echo test tls1 with 1024bit RSA, no DHE, multiple handshakes |
| 131 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 | 135 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 |
| 132 | 136 | ||
| 133 | echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes | 137 | if ../apps/openssl no-dh; then |
| 134 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 | 138 | echo skipping RSA+DHE tests |
| 139 | else | ||
| 140 | echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes | ||
| 141 | ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 | ||
| 142 | fi | ||
| 135 | fi | 143 | fi |
| 136 | 144 | ||
| 137 | exit 0 | 145 | exit 0 |
diff --git a/src/lib/libssl/test/testssl.com b/src/lib/libssl/test/testssl.com index 785f262f5a..26308f7715 100644 --- a/src/lib/libssl/test/testssl.com +++ b/src/lib/libssl/test/testssl.com | |||
| @@ -159,16 +159,25 @@ $ if $severity .ne. 1 then goto exit3 | |||
| 159 | $ | 159 | $ |
| 160 | $!########################################################################### | 160 | $!########################################################################### |
| 161 | $ | 161 | $ |
| 162 | $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" | ||
| 163 | $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time | ||
| 164 | $ if $severity .ne. 1 then goto exit3 | ||
| 165 | $ | ||
| 166 | $ set noon | 162 | $ set noon |
| 167 | $ define/user sys$output nla0: | 163 | $ define/user sys$output nla0: |
| 168 | $ mcr 'exe_dir'openssl no-rsa | 164 | $ mcr 'exe_dir'openssl no-rsa |
| 169 | $ save_severity=$SEVERITY | 165 | $ no_rsa=$SEVERITY |
| 166 | $ define/user sys$output nla0: | ||
| 167 | $ mcr 'exe_dir'openssl no-dh | ||
| 168 | $ no_dh=$SEVERITY | ||
| 170 | $ set on | 169 | $ set on |
| 171 | $ if save_severity | 170 | $ |
| 171 | $ if no_dh | ||
| 172 | $ then | ||
| 173 | $ write sys$output "skipping anonymous DH tests" | ||
| 174 | $ else | ||
| 175 | $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" | ||
| 176 | $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time | ||
| 177 | $ if $severity .ne. 1 then goto exit3 | ||
| 178 | $ endif | ||
| 179 | $ | ||
| 180 | $ if no_rsa | ||
| 172 | $ then | 181 | $ then |
| 173 | $ write sys$output "skipping RSA tests" | 182 | $ write sys$output "skipping RSA tests" |
| 174 | $ else | 183 | $ else |
| @@ -176,9 +185,14 @@ $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" | |||
| 176 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time | 185 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time |
| 177 | $ if $severity .ne. 1 then goto exit3 | 186 | $ if $severity .ne. 1 then goto exit3 |
| 178 | $ | 187 | $ |
| 179 | $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" | 188 | $ if no_dh |
| 180 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time | 189 | $ then |
| 181 | $ if $severity .ne. 1 then goto exit3 | 190 | $ write sys$output "skipping RSA+DHE tests" |
| 191 | $ else | ||
| 192 | $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" | ||
| 193 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time | ||
| 194 | $ if $severity .ne. 1 then goto exit3 | ||
| 195 | $ endif | ||
| 182 | $ endif | 196 | $ endif |
| 183 | $ | 197 | $ |
| 184 | $ RET = 1 | 198 | $ RET = 1 |