Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import OpenSSL 0.9.7d to address:

Browse Source 
1. Null-pointer assignment during SSL handshake
	2. Out-of-bounds read affects Kerberos ciphersuites
This commit is contained in:
groo 2004-03-20 04:22:06 +00:00
parent 0ff2145648
commit 5a374ad0ce
124 changed files with 2352 additions and 820 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/dist/openssl/LICENSE vendored
View File

@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions

10
crypto/dist/openssl/Makefile.org vendored
View File

@ -456,10 +456,12 @@ do_irix-shared:
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
( WHOLELIB="-all lib$$i.a -notall"; \
(${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
$${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
libs="-l$$i $$libs"; \
done; \
fi
@ -832,7 +834,7 @@ install: all install_docs
fi; \
fi
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
@ -857,6 +859,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@ -873,6 +876,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \

14
crypto/dist/openssl/Makefile.ssl vendored
View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=0.9.7c
VERSION=0.9.7d
MAJOR=0
MINOR=9.7
SHLIB_VERSION_NUMBER=0.9.7
@ -69,7 +69,7 @@ EXE_EXT=
ARFLAGS=
AR=ar $(ARFLAGS) r
RANLIB= /usr/bin/ranlib
PERL= /usr/bin/perl
PERL= /usr/local/bin/perl
TAR= tar
TARFLAGS= --no-recursion
MAKEDEPPROG=makedepend
@ -458,10 +458,12 @@ do_irix-shared:
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
( WHOLELIB="-all lib$$i.a -notall"; \
(${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
$${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
libs="-l$$i $$libs"; \
done; \
fi
@ -834,7 +836,7 @@ install: all install_docs
fi; \
fi
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
@ -859,6 +861,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@ -875,6 +878,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \

8
crypto/dist/openssl/NEWS vendored
View File

@ -5,6 +5,14 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
o Security: Fix null-pointer assignment in do_change_cipher_spec()
o Allow multiple active certificates with same subject in CA index
o Multiple X590 verification fixes
o Speed up HMAC and other operations
Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
o Security: fix various ASN1 parsing bugs.

4
crypto/dist/openssl/README vendored
View File

@ -1,7 +1,7 @@
OpenSSL 0.9.7c 30 Sep 2003
OpenSSL 0.9.7d 17 Mar 2004
Copyright (c) 1998-2003 The OpenSSL Project
Copyright (c) 1998-2004 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

2
crypto/dist/openssl/apps/CA.pl vendored
View File

@ -1,4 +1,4 @@
#!/usr/bin/perl
#!/usr/local/bin/perl
#
# CA - wrapper around ca to make it easier to use ... basically ca requires
# some setup stuff to be done before you can use it and this makes

2
crypto/dist/openssl/apps/Makefile.ssl vendored
View File

@ -121,7 +121,7 @@ tags:
tests:
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff

563
crypto/dist/openssl/apps/apps.c vendored
View File

@ -501,7 +501,7 @@ static int ui_read(UI *ui, UI_STRING *uis)
{
const char *password =
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
if (password[0] != '\0')
if (password && password[0] != '\0')
{
UI_set_result(ui, uis, password);
return 1;
@ -525,7 +525,7 @@ static int ui_write(UI *ui, UI_STRING *uis)
{
const char *password =
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
if (password[0] != '\0')
if (password && password[0] != '\0')
return 1;
}
default:
@ -1411,14 +1411,565 @@ int load_config(BIO *err, CONF *cnf)
char *make_config_name()
{
const char *t=X509_get_default_cert_area();
size_t len;
char *p;
p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
strcpy(p,t);
len=strlen(t)+strlen(OPENSSL_CONF)+2;
p=OPENSSL_malloc(len);
BUF_strlcpy(p,t,len);
#ifndef OPENSSL_SYS_VMS
strcat(p,"/");
BUF_strlcat(p,"/",len);
#endif
strcat(p,OPENSSL_CONF);
BUF_strlcat(p,OPENSSL_CONF,len);
return p;
}
static unsigned long index_serial_hash(const char **a)
{
const char *n;
n=a[DB_serial];
while (*n == '0') n++;
return(lh_strhash(n));
}
static int index_serial_cmp(const char **a, const char **b)
{
const char *aa,*bb;
for (aa=a[DB_serial]; *aa == '0'; aa++);
for (bb=b[DB_serial]; *bb == '0'; bb++);
return(strcmp(aa,bb));
}
static int index_name_qual(char **a)
{ return(a[0][0] == 'V'); }
static unsigned long index_name_hash(const char **a)
{ return(lh_strhash(a[DB_name])); }
int index_name_cmp(const char **a, const char **b)
{ return(strcmp(a[DB_name],
b[DB_name])); }
static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)
#undef BSIZE
#define BSIZE 256
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
{
BIO *in=NULL;
BIGNUM *ret=NULL;
MS_STATIC char buf[1024];
ASN1_INTEGER *ai=NULL;
ai=ASN1_INTEGER_new();
if (ai == NULL) goto err;
if ((in=BIO_new(BIO_s_file())) == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_read_filename(in,serialfile) <= 0)
{
if (!create)
{
perror(serialfile);
goto err;
}
else
{
ASN1_INTEGER_set(ai,1);
ret=BN_new();
if (ret == NULL)
BIO_printf(bio_err, "Out of memory\n");
else
BN_one(ret);
}
}
else
{
if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
{
BIO_printf(bio_err,"unable to load number from %s\n",
serialfile);
goto err;
}
ret=ASN1_INTEGER_to_BN(ai,NULL);
if (ret == NULL)
{
BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
goto err;
}
}
if (ret && retai)
{
*retai = ai;
ai = NULL;
}
err:
if (in != NULL) BIO_free(in);
if (ai != NULL) ASN1_INTEGER_free(ai);
return(ret);
}
int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
{
char buf[1][BSIZE];
BIO *out = NULL;
int ret=0;
ASN1_INTEGER *ai=NULL;
int j;
if (suffix == NULL)
j = strlen(serialfile);
else
j = strlen(serialfile) + strlen(suffix) + 1;
if (j >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
if (suffix == NULL)
BUF_strlcpy(buf[0], serialfile, BSIZE);
else
{
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
#endif
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
#endif
out=BIO_new(BIO_s_file());
if (out == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_write_filename(out,buf[0]) <= 0)
{
perror(serialfile);
goto err;
}
if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
{
BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
goto err;
}
i2a_ASN1_INTEGER(out,ai);
BIO_puts(out,"\n");
ret=1;
if (retai)
{
*retai = ai;
ai = NULL;
}
err:
if (out != NULL) BIO_free_all(out);
if (ai != NULL) ASN1_INTEGER_free(ai);
return(ret);
}
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
{
char buf[5][BSIZE];
int i,j;
struct stat sb;
i = strlen(serialfile) + strlen(old_suffix);
j = strlen(serialfile) + strlen(new_suffix);
if (i > j) j = i;
if (j + 1 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
serialfile, new_suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
serialfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
serialfile, old_suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
serialfile, old_suffix);
#endif
if (stat(serialfile,&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
serialfile, buf[1]);
#endif
if (rename(serialfile,buf[1]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
serialfile, buf[1]);
perror("reason");
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[0],serialfile);
#endif
if (rename(buf[0],serialfile) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[0],serialfile);
perror("reason");
rename(buf[1],serialfile);
goto err;
}
return 1;
err:
return 0;
}
CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
{
CA_DB *retdb = NULL;
TXT_DB *tmpdb = NULL;
BIO *in = BIO_new(BIO_s_file());
CONF *dbattr_conf = NULL;
char buf[1][BSIZE];
long errorline= -1;
if (in == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_read_filename(in,dbfile) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
goto err;
}
if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL)
{
if (tmpdb != NULL) TXT_DB_free(tmpdb);
goto err;
}
#ifndef OPENSSL_SYS_VMS
BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
#else
BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
#endif
dbattr_conf = NCONF_new(NULL);
if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0)
{
if (errorline > 0)
{
BIO_printf(bio_err,
"error on line %ld of db attribute file '%s'\n"
,errorline,buf[0]);
goto err;
}
else
{
NCONF_free(dbattr_conf);
dbattr_conf = NULL;
}
}
if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL)
{
fprintf(stderr, "Out of memory\n");
goto err;
}
retdb->db = tmpdb;
tmpdb = NULL;
if (db_attr)
retdb->attributes = *db_attr;
else
{
retdb->attributes.unique_subject = 1;
}
if (dbattr_conf)
{
char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject");
if (p)
{
BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
switch(*p)
{
case 'f': /* false */
case 'F': /* FALSE */
case 'n': /* no */
case 'N': /* NO */
retdb->attributes.unique_subject = 0;
break;
case 't': /* true */
case 'T': /* TRUE */
case 'y': /* yes */
case 'Y': /* YES */
default:
retdb->attributes.unique_subject = 1;
break;
}
}
}
err:
if (dbattr_conf) NCONF_free(dbattr_conf);
if (tmpdb) TXT_DB_free(tmpdb);
if (in) BIO_free_all(in);
return retdb;
}
int index_index(CA_DB *db)
{
if (!TXT_DB_create_index(db->db, DB_serial, NULL,
LHASH_HASH_FN(index_serial_hash),
LHASH_COMP_FN(index_serial_cmp)))
{
BIO_printf(bio_err,
"error creating serial number index:(%ld,%ld,%ld)\n",
db->db->error,db->db->arg1,db->db->arg2);
return 0;
}
if (db->attributes.unique_subject
&& !TXT_DB_create_index(db->db, DB_name, index_name_qual,
LHASH_HASH_FN(index_name_hash),
LHASH_COMP_FN(index_name_cmp)))
{
BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
db->db->error,db->db->arg1,db->db->arg2);
return 0;
}
return 1;
}
int save_index(char *dbfile, char *suffix, CA_DB *db)
{
char buf[3][BSIZE];
BIO *out = BIO_new(BIO_s_file());
int j;
if (out == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
j = strlen(dbfile) + strlen(suffix);
if (j + 6 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
#else
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
#endif
if (BIO_write_filename(out,buf[0]) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n", dbfile);
goto err;
}
j=TXT_DB_write(out,db->db);
if (j <= 0) goto err;
BIO_free(out);
out = BIO_new(BIO_s_file());
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
#endif
if (BIO_write_filename(out,buf[1]) <= 0)
{
perror(buf[2]);
BIO_printf(bio_err,"unable to open '%s'\n", buf[2]);
goto err;
}
BIO_printf(out,"unique_subject = %s\n",
db->attributes.unique_subject ? "yes" : "no");
BIO_free(out);
return 1;
err:
return 0;
}
int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
{
char buf[5][BSIZE];
int i,j;
struct stat sb;
i = strlen(dbfile) + strlen(old_suffix);
j = strlen(dbfile) + strlen(new_suffix);
if (i > j) j = i;
if (j + 6 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
#else
j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s",
dbfile, new_suffix);
#else
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s",
dbfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
dbfile, new_suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
dbfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
dbfile, old_suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
dbfile, old_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s",
dbfile, old_suffix);
#else
j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s",
dbfile, old_suffix);
#endif
if (stat(dbfile,&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
dbfile, buf[1]);
#endif
if (rename(dbfile,buf[1]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
dbfile, buf[1]);
perror("reason");
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[0],dbfile);
#endif
if (rename(buf[0],dbfile) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[0],dbfile);
perror("reason");
rename(buf[1],dbfile);
goto err;
}
if (stat(buf[4],&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[4],buf[3]);
#endif
if (rename(buf[4],buf[3]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[4], buf[3]);
perror("reason");
rename(dbfile,buf[0]);
rename(buf[1],dbfile);
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[2],buf[4]);
#endif
if (rename(buf[2],buf[4]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[2],buf[4]);
perror("reason");
rename(buf[3],buf[4]);
rename(dbfile,buf[0]);
rename(buf[1],dbfile);
goto err;
}
return 1;
err:
return 0;
}
void free_index(CA_DB *db)
{
TXT_DB_free(db->db);
OPENSSL_free(db);
}

10
crypto/dist/openssl/apps/asn1pars.c vendored
View File

@ -304,7 +304,15 @@ bad:
num=tmplen;
}
if (length == 0) length=(unsigned int)num;
if (offset >= num)
{
BIO_printf(bio_err, "Error: offset too large\n");
goto end;
}
num -= offset;
if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
if(derout) {
if(BIO_write(derout, str + offset, length) != (int)length) {
BIO_printf(bio_err, "Error writing output\n");

2
crypto/dist/openssl/apps/der_chop vendored
View File

@ -1,4 +1,4 @@
#!/usr/bin/perl
#!/usr/local/bin/perl
#
# der_chop ... this is one total hack that Eric is really not proud of
# so don't look at it and don't ask for support

4
crypto/dist/openssl/apps/engine.c vendored
View File

@ -122,8 +122,8 @@ static int append_buf(char **buf, const char *s, int *size, int step)
return 0;
if (**buf != '\0')
strcat(*buf, ", ");
strcat(*buf, s);
BUF_strlcat(*buf, ", ", *size);
BUF_strlcat(*buf, s, *size);
return 1;
}

46
crypto/dist/openssl/apps/ocsp.c vendored
View File

@ -68,19 +68,6 @@
/* Maximum leeway in validity period: default 5 minutes */
#define MAX_VALIDITY_PERIOD (5 * 60)
/* CA index.txt definitions */
#define DB_type 0
#define DB_exp_date 1
#define DB_rev_date 2
#define DB_serial 3 /* index - unique */
#define DB_file 4
#define DB_name 5 /* index - unique for active */
#define DB_NUMBER 6
#define DB_TYPE_REV 'R'
#define DB_TYPE_EXP 'E'
#define DB_TYPE_VAL 'V'
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
STACK_OF(OCSP_CERTID) *ids);
static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
@ -89,12 +76,12 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
STACK *names, STACK_OF(OCSP_CERTID) *ids,
long nsec, long maxage);
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
X509 *ca, X509 *rcert, EVP_PKEY *rkey,
STACK_OF(X509) *rother, unsigned long flags,
int nmin, int ndays);
static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser);
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
static BIO *init_responder(char *port);
static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port);
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
@ -143,7 +130,7 @@ int MAIN(int argc, char **argv)
X509 *rca_cert = NULL;
char *ridx_filename = NULL;
char *rca_filename = NULL;
TXT_DB *rdb = NULL;
CA_DB *rdb = NULL;
int nmin = 0, ndays = -1;
if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
@ -700,22 +687,9 @@ int MAIN(int argc, char **argv)
if (ridx_filename && !rdb)
{
BIO *db_bio = NULL;
db_bio = BIO_new_file(ridx_filename, "r");
if (!db_bio)
{
BIO_printf(bio_err, "Error opening index file %s\n", ridx_filename);
goto end;
}
rdb = TXT_DB_read(db_bio, DB_NUMBER);
BIO_free(db_bio);
if (!rdb)
{
BIO_printf(bio_err, "Error reading index file %s\n", ridx_filename);
goto end;
}
if (!make_serial_index(rdb))
goto end;
rdb = load_index(ridx_filename, NULL);
if (!rdb) goto end;
if (!index_index(rdb)) goto end;
}
if (rdb)
@ -899,7 +873,7 @@ end:
X509_free(cert);
X509_free(rsigner);
X509_free(rca_cert);
TXT_DB_free(rdb);
free_index(rdb);
BIO_free_all(cbio);
BIO_free_all(acbio);
BIO_free(out);
@ -1041,7 +1015,7 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
}
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
X509 *ca, X509 *rcert, EVP_PKEY *rkey,
STACK_OF(X509) *rother, unsigned long flags,
int nmin, int ndays)
@ -1133,7 +1107,7 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *d
}
static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
{
int i;
BIGNUM *bn = NULL;
@ -1146,7 +1120,7 @@ static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
itmp = BN_bn2hex(bn);
row[DB_serial] = itmp;
BN_free(bn);
rrow=TXT_DB_get_by_index(db,DB_serial,row);
rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
OPENSSL_free(itmp);
return rrow;
}

5
crypto/dist/openssl/apps/openssl.cnf vendored
View File

@ -38,10 +38,14 @@ dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
#crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
@ -58,6 +62,7 @@ cert_opt = ca_default # Certificate field options
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for

4
crypto/dist/openssl/apps/pkcs12.c vendored
View File

@ -557,7 +557,7 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "Can't read Password\n");
goto export_end;
}
if (!twopass) strcpy(macpass, pass);
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
/* Turn certbags into encrypted authsafe */
authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
iter, bags);
@ -658,7 +658,7 @@ int MAIN(int argc, char **argv)
CRYPTO_pop_info();
#endif
if (!twopass) strcpy(macpass, pass);
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if(macver) {

3
crypto/dist/openssl/apps/pkcs7.c vendored
View File

@ -102,6 +102,9 @@ int MAIN(int argc, char **argv)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;

12
crypto/dist/openssl/apps/rsautl.c vendored
View File

@ -97,6 +97,7 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
char *passargin = NULL, *passin = NULL;
int rsa_inlen, rsa_outlen = 0;
int keysize;
@ -124,6 +125,9 @@ int MAIN(int argc, char **argv)
} else if(!strcmp(*argv, "-inkey")) {
if (--argc < 1) badarg = 1;
keyfile = *(++argv);
} else if (!strcmp(*argv,"-passin")) {
if (--argc < 1) badarg = 1;
passargin= *(++argv);
} else if (strcmp(*argv,"-keyform") == 0) {
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
@ -169,6 +173,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
@ -176,7 +184,7 @@ int MAIN(int argc, char **argv)
switch(key_type) {
case KEY_PRIVKEY:
pkey = load_key(bio_err, keyfile, keyform, 0,
NULL, e, "Private Key");
passin, e, "Private Key");
break;
case KEY_PUBKEY:
@ -290,6 +298,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if(rsa_in) OPENSSL_free(rsa_in);
if(rsa_out) OPENSSL_free(rsa_out);
if(passin) OPENSSL_free(passin);
return ret;
}
@ -313,6 +322,7 @@ static void usage()
BIO_printf(bio_err, "-hexdump hex dump output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf (bio_err, "-passin arg pass phrase source\n");
#endif
}

2
crypto/dist/openssl/apps/s_socket.c vendored
View File

@ -389,7 +389,7 @@ redoit:
perror("OPENSSL_malloc");
return(0);
}
strcpy(*host,h1->h_name);
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
h2=GetHostByName(*host);
if (h2 == NULL)

82
crypto/dist/openssl/apps/x509.c vendored
View File

@ -1022,31 +1022,31 @@ end:
OPENSSL_EXIT(ret);
}
static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile, int create)
{
char *buf = NULL, *p;
MS_STATIC char buf2[1024];
ASN1_INTEGER *bs = NULL, *bs2 = NULL;
BIO *io = NULL;
ASN1_INTEGER *bs = NULL;
BIGNUM *serial = NULL;
size_t len;
buf=OPENSSL_malloc( ((serialfile == NULL)
len = ((serialfile == NULL)
?(strlen(CAfile)+strlen(POSTFIX)+1)
:(strlen(serialfile)))+1);
:(strlen(serialfile)))+1;
buf=OPENSSL_malloc(len);
if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
if (serialfile == NULL)
{
strcpy(buf,CAfile);
BUF_strlcpy(buf,CAfile,len);
for (p=buf; *p; p++)
if (*p == '.')
{
*p='\0';
break;
}
strcat(buf,POSTFIX);
BUF_strlcat(buf,POSTFIX,len);
}
else
strcpy(buf,serialfile);
BUF_strlcpy(buf,serialfile,len);
serial=BN_new();
bs=ASN1_INTEGER_new();
if ((serial == NULL) || (bs == NULL))
@ -1055,72 +1055,18 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
goto end;
}
io=BIO_new(BIO_s_file());
if (io == NULL)
{
ERR_print_errors(bio_err);
goto end;
}
if (BIO_read_filename(io,buf) <= 0)
{
if (!create)
{
perror(buf);
goto end;
}
else
{
ASN1_INTEGER_set(bs,1);
BN_one(serial);
}
}
else
{
if (!a2i_ASN1_INTEGER(io,bs,buf2,sizeof buf2))
{
BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
ERR_print_errors(bio_err);
goto end;
}
else
{
serial=BN_bin2bn(bs->data,bs->length,serial);
if (serial == NULL)
{
BIO_printf(bio_err,"error converting bin 2 bn");
goto end;
}
}
}
serial = load_serial(buf, create, NULL);
if (serial == NULL) goto end;
if (!BN_add_word(serial,1))
{ BIO_printf(bio_err,"add_word failure\n"); goto end; }
if (!(bs2 = BN_to_ASN1_INTEGER(serial, NULL)))
{ BIO_printf(bio_err,"error converting bn 2 asn1_integer\n"); goto end; }
if (BIO_write_filename(io,buf) <= 0)
{
BIO_printf(bio_err,"error attempting to write serial number file\n");
perror(buf);
goto end;
}
i2a_ASN1_INTEGER(io,bs2);
BIO_puts(io,"\n");
BIO_free(io);
if (buf) OPENSSL_free(buf);
ASN1_INTEGER_free(bs2);
BN_free(serial);
io=NULL;
return bs;
if (!save_serial(buf, NULL, serial, &bs)) goto end;
end:
if (buf) OPENSSL_free(buf);
BIO_free(io);
ASN1_INTEGER_free(bs);
BN_free(serial);
return NULL;
return bs;
}
static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
@ -1142,7 +1088,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
goto end;
}
if (sno) bs = sno;
else if (!(bs = load_serial(CAfile, serialfile, create)))
else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
goto end;
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/

18
crypto/dist/openssl/certs/expired/vsign3.pem vendored Normal file
View File

@ -0,0 +1,18 @@
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
notBefore=Jan 29 00:00:00 1996 GMT
notAfter=Jan 7 23:59:59 2004 GMT
-----BEGIN CERTIFICATE-----
MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
pA==
-----END CERTIFICATE-----

27
crypto/dist/openssl/certs/vsign3.pem vendored
View File

@ -1,18 +1,17 @@
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
notBefore=Jan 29 00:00:00 1996 GMT
notAfter=Jan 7 23:59:59 2004 GMT
notAfter=Aug 1 23:59:59 2028 GMT
-----BEGIN CERTIFICATE-----
MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
pA==
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
-----END CERTIFICATE-----

8
crypto/dist/openssl/crypto/Makefile.ssl vendored
View File

@ -50,7 +50,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER)
top:
@(cd ..; $(MAKE) DIRS=$(DIR) all)
all: buildinf.h lib subdirs shared
all: shared
buildinf.h: ../Makefile.ssl
( echo "#ifndef MK1MF_BUILD"; \
@ -81,11 +81,11 @@ files:
done;
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@for i in $(SDIRS); do \
(cd $$i && echo "making links in crypto/$$i..." && \
$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
@ -96,7 +96,7 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
shared:
shared: buildinf.h lib subdirs
if [ -n "$(SHARED_LIBS)" ]; then \
(cd ..; $(MAKE) $(SHARED_LIB)); \
fi

2
crypto/dist/openssl/crypto/aes/Makefile.ssl vendored
View File

@ -52,7 +52,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/aes/aes_cbc.c vendored
View File

@ -104,7 +104,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
memcpy(tmp, in, AES_BLOCK_SIZE);
AES_decrypt(tmp, tmp, key);
for(n=0; n < len; ++n)
out[n] ^= ivec[n];
out[n] = tmp[n] ^ ivec[n];
memcpy(ivec, tmp, AES_BLOCK_SIZE);
}
}

2
crypto/dist/openssl/crypto/asn1/Makefile.ssl vendored
View File

@ -77,7 +77,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/asn1/a_strex.c vendored
View File

@ -285,7 +285,7 @@ const static signed char tag2nbyte[] = {
-1, -1, 0, -1, /* 10-13 */
-1, -1, -1, -1, /* 15-17 */
-1, 1, 1, /* 18-20 */
-1, 1, -1,-1, /* 21-24 */
-1, 1, 1, 1, /* 21-24 */
-1, 1, -1, /* 25-27 */
4, -1, 2 /* 28-30 */
};

9
crypto/dist/openssl/crypto/asn1/a_time.c vendored
View File

@ -128,6 +128,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
{
ASN1_GENERALIZEDTIME *ret;
char *str;
int newlen;
if (!ASN1_TIME_check(t)) return NULL;
@ -150,12 +151,14 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
/* grow the string */
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
return NULL;
/* ASN1_STRING_set() allocated 'len + 1' bytes. */
newlen = t->length + 2 + 1;
str = (char *)ret->data;
/* Work out the century and prepend */
if (t->data[0] >= '5') strcpy(str, "19");
else strcpy(str, "20");
if (t->data[0] >= '5') BUF_strlcpy(str, "19", newlen);
else BUF_strlcpy(str, "20", newlen);
BUF_strlcat(str, (char *)t->data, t->length+3); /* Include space for a '\0' */
BUF_strlcat(str, (char *)t->data, newlen);
return ret;
}

7
crypto/dist/openssl/crypto/asn1/asn_moid.c vendored
View File

@ -89,7 +89,12 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
return 1;
}
static void oid_module_finish(CONF_IMODULE *md)
{
OBJ_cleanup();
}
void ASN1_add_oid_module(void)
{
CONF_module_add("oid_section", oid_module_init, 0);
CONF_module_add("oid_section", oid_module_init, oid_module_finish);
}

10
crypto/dist/openssl/crypto/asn1/x_long.c vendored
View File

@ -104,7 +104,12 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
long ltmp;
unsigned long utmp;
int clen, pad, i;
ltmp = *(long *)pval;
/* this exists to bypass broken gcc optimization */
char *cp = (char *)pval;
/* use memcpy, because we may not be long aligned */
memcpy(&ltmp, cp, sizeof(long));
if(ltmp == it->size) return -1;
/* Convert the long to positive: we subtract one if negative so
* we can cleanly handle the padding if only the MSB of the leading
@ -136,6 +141,7 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
int neg, i;
long ltmp;
unsigned long utmp = 0;
char *cp = (char *)pval;
if(len > sizeof(long)) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
@ -158,6 +164,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
*(long *)pval = ltmp;
memcpy(cp, &ltmp, sizeof(long));
return 1;
}

3
crypto/dist/openssl/crypto/bf/Makefile.ssl vendored
View File

@ -22,6 +22,7 @@ BF_ENC= bf_enc.o
#DES_ENC= bx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=bftest.c
@ -67,7 +68,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/bio/Makefile.ssl vendored
View File

@ -57,7 +57,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

12
crypto/dist/openssl/crypto/bio/b_print.c vendored
View File

@ -576,12 +576,12 @@ abs_val(LDOUBLE value)
}
static LDOUBLE
pow10(int exp)
pow10(int in_exp)
{
LDOUBLE result = 1;
while (exp) {
while (in_exp) {
result *= 10;
exp--;
in_exp--;
}
return result;
}
@ -652,8 +652,8 @@ fmtfp(
(caps ? "0123456789ABCDEF"
: "0123456789abcdef")[intpart % 10];
intpart = (intpart / 10);
} while (intpart && (iplace < sizeof iplace));
if (iplace == sizeof iplace)
} while (intpart && (iplace < sizeof iconvert));
if (iplace == sizeof iconvert)
iplace--;
iconvert[iplace] = 0;
@ -664,7 +664,7 @@ fmtfp(
: "0123456789abcdef")[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace < max);
if (fplace == sizeof fplace)
if (fplace == sizeof fconvert)
fplace--;
fconvert[fplace] = 0;

5
crypto/dist/openssl/crypto/bn/Makefile.ssl vendored
View File

@ -120,11 +120,14 @@ asm/ia64-cpp.o: asm/ia64.S
asm/x86_64-gcc.o: asm/x86_64-gcc.c
asm/pa-risc2W.o: asm/pa-risc2W.s
/usr/ccs/bin/as -o asm/pa-rics2W.o asm/pa-risc2W.s
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/bn/asm/bn-586.pl vendored
View File

@ -11,7 +11,7 @@ require "x86asm.pl";
&bn_div_words("bn_div_words");
&bn_add_words("bn_add_words");
&bn_sub_words("bn_sub_words");
&bn_sub_part_words("bn_sub_part_words");
#&bn_sub_part_words("bn_sub_part_words");
&asm_finish();

416
crypto/dist/openssl/crypto/bn/asm/pa-risc2.s.old vendored Normal file
View File

@ -0,0 +1,416 @@
.SPACE $PRIVATE$
.SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
.SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
.SPACE $TEXT$
.SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
.SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
.IMPORT $global$,DATA
.IMPORT $$dyncall,MILLICODE
; gcc_compiled.:
.SPACE $TEXT$
.SUBSPA $CODE$
.align 4
.EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
bn_mul_add_words
.PROC
.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
.ENTRY
stw %r2,-20(0,%r30)
stwm %r4,64(0,%r30)
copy %r24,%r31
stw %r3,-60(0,%r30)
ldi 0,%r20
ldo 12(%r26),%r2
stw %r23,-16(0,%r30)
copy %r25,%r3
ldo 12(%r3),%r1
fldws -16(0,%r30),%fr8L
L$0010
copy %r20,%r25
ldi 0,%r24
fldws 0(0,%r3),%fr9L
ldw 0(0,%r26),%r19
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r19,%r23
ldw -16(0,%r30),%r28
ldw -12(0,%r30),%r29
ldi 0,%r22
add %r23,%r29,%r29
addc %r22,%r28,%r28
add %r25,%r29,%r29
addc %r24,%r28,%r28
copy %r28,%r21
ldi 0,%r20
copy %r21,%r20
addib,= -1,%r31,L$0011
stw %r29,0(0,%r26)
copy %r20,%r25
ldi 0,%r24
fldws -8(0,%r1),%fr9L
ldw -8(0,%r2),%r19
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r19,%r23
ldw -16(0,%r30),%r28
ldw -12(0,%r30),%r29
ldi 0,%r22
add %r23,%r29,%r29
addc %r22,%r28,%r28
add %r25,%r29,%r29
addc %r24,%r28,%r28
copy %r28,%r21
ldi 0,%r20
copy %r21,%r20
addib,= -1,%r31,L$0011
stw %r29,-8(0,%r2)
copy %r20,%r25
ldi 0,%r24
fldws -4(0,%r1),%fr9L
ldw -4(0,%r2),%r19
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r19,%r23
ldw -16(0,%r30),%r28
ldw -12(0,%r30),%r29
ldi 0,%r22
add %r23,%r29,%r29
addc %r22,%r28,%r28
add %r25,%r29,%r29
addc %r24,%r28,%r28
copy %r28,%r21
ldi 0,%r20
copy %r21,%r20
addib,= -1,%r31,L$0011
stw %r29,-4(0,%r2)
copy %r20,%r25
ldi 0,%r24
fldws 0(0,%r1),%fr9L
ldw 0(0,%r2),%r19
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r19,%r23
ldw -16(0,%r30),%r28
ldw -12(0,%r30),%r29
ldi 0,%r22
add %r23,%r29,%r29
addc %r22,%r28,%r28
add %r25,%r29,%r29
addc %r24,%r28,%r28
copy %r28,%r21
ldi 0,%r20
copy %r21,%r20
addib,= -1,%r31,L$0011
stw %r29,0(0,%r2)
ldo 16(%r1),%r1
ldo 16(%r3),%r3
ldo 16(%r2),%r2
bl L$0010,0
ldo 16(%r26),%r26
L$0011
copy %r20,%r28
ldw -84(0,%r30),%r2
ldw -60(0,%r30),%r3
bv 0(%r2)
ldwm -64(0,%r30),%r4
.EXIT
.PROCEND
.align 4
.EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
bn_mul_words
.PROC
.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
.ENTRY
stw %r2,-20(0,%r30)
copy %r25,%r2
stwm %r4,64(0,%r30)
copy %r24,%r19
ldi 0,%r28
stw %r23,-16(0,%r30)
ldo 12(%r26),%r31
ldo 12(%r2),%r29
fldws -16(0,%r30),%fr8L
L$0026
fldws 0(0,%r2),%fr9L
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r28,%r21
ldi 0,%r20
ldw -16(0,%r30),%r24
ldw -12(0,%r30),%r25
add %r21,%r25,%r25
addc %r20,%r24,%r24
copy %r24,%r23
ldi 0,%r22
copy %r23,%r28
addib,= -1,%r19,L$0027
stw %r25,0(0,%r26)
fldws -8(0,%r29),%fr9L
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r28,%r21
ldi 0,%r20
ldw -16(0,%r30),%r24
ldw -12(0,%r30),%r25
add %r21,%r25,%r25
addc %r20,%r24,%r24
copy %r24,%r23
ldi 0,%r22
copy %r23,%r28
addib,= -1,%r19,L$0027
stw %r25,-8(0,%r31)
fldws -4(0,%r29),%fr9L
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r28,%r21
ldi 0,%r20
ldw -16(0,%r30),%r24
ldw -12(0,%r30),%r25
add %r21,%r25,%r25
addc %r20,%r24,%r24
copy %r24,%r23
ldi 0,%r22
copy %r23,%r28
addib,= -1,%r19,L$0027
stw %r25,-4(0,%r31)
fldws 0(0,%r29),%fr9L
xmpyu %fr8L,%fr9L,%fr9
fstds %fr9,-16(0,%r30)
copy %r28,%r21
ldi 0,%r20
ldw -16(0,%r30),%r24
ldw -12(0,%r30),%r25
add %r21,%r25,%r25
addc %r20,%r24,%r24
copy %r24,%r23
ldi 0,%r22
copy %r23,%r28
addib,= -1,%r19,L$0027
stw %r25,0(0,%r31)
ldo 16(%r29),%r29
ldo 16(%r2),%r2
ldo 16(%r31),%r31
bl L$0026,0
ldo 16(%r26),%r26
L$0027
ldw -84(0,%r30),%r2
bv 0(%r2)
ldwm -64(0,%r30),%r4
.EXIT
.PROCEND
.align 4
.EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
bn_sqr_words
.PROC
.CALLINFO FRAME=0,NO_CALLS
.ENTRY
ldo 28(%r26),%r19
ldo 12(%r25),%r28
L$0042
fldws 0(0,%r25),%fr8L
fldws 0(0,%r25),%fr8R
xmpyu %fr8L,%fr8R,%fr8
fstds %fr8,-16(0,%r30)
ldw -16(0,%r30),%r22
ldw -12(0,%r30),%r23
stw %r23,0(0,%r26)
copy %r22,%r21
ldi 0,%r20
addib,= -1,%r24,L$0049
stw %r21,-24(0,%r19)
fldws -8(0,%r28),%fr8L
fldws -8(0,%r28),%fr8R
xmpyu %fr8L,%fr8R,%fr8
fstds %fr8,-16(0,%r30)
ldw -16(0,%r30),%r22
ldw -12(0,%r30),%r23
stw %r23,-20(0,%r19)
copy %r22,%r21
ldi 0,%r20
addib,= -1,%r24,L$0049
stw %r21,-16(0,%r19)
fldws -4(0,%r28),%fr8L
fldws -4(0,%r28),%fr8R
xmpyu %fr8L,%fr8R,%fr8
fstds %fr8,-16(0,%r30)
ldw -16(0,%r30),%r22
ldw -12(0,%r30),%r23
stw %r23,-12(0,%r19)
copy %r22,%r21
ldi 0,%r20
addib,= -1,%r24,L$0049
stw %r21,-8(0,%r19)
fldws 0(0,%r28),%fr8L
fldws 0(0,%r28),%fr8R
xmpyu %fr8L,%fr8R,%fr8
fstds %fr8,-16(0,%r30)
ldw -16(0,%r30),%r22
ldw -12(0,%r30),%r23
stw %r23,-4(0,%r19)
copy %r22,%r21
ldi 0,%r20
addib,= -1,%r24,L$0049
stw %r21,0(0,%r19)
ldo 16(%r28),%r28
ldo 16(%r25),%r25
ldo 32(%r19),%r19
bl L$0042,0
ldo 32(%r26),%r26
L$0049
bv,n 0(%r2)
.EXIT
.PROCEND
.IMPORT BN_num_bits_word,CODE
.IMPORT fprintf,CODE
.IMPORT __iob,DATA
.SPACE $TEXT$
.SUBSPA $LIT$
.align 4
L$C0000
.STRING "Division would overflow (%d)\x0a\x00"
.IMPORT abort,CODE
.SPACE $TEXT$
.SUBSPA $CODE$
.align 4
.EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
bn_div64
.PROC
.CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
.ENTRY
stw %r2,-20(0,%r30)
stwm %r8,128(0,%r30)
stw %r7,-124(0,%r30)
stw %r4,-112(0,%r30)
stw %r3,-108(0,%r30)
copy %r26,%r3
copy %r25,%r4
stw %r6,-120(0,%r30)
ldi 0,%r7
stw %r5,-116(0,%r30)
movb,<> %r24,%r5,L$0051
ldi 2,%r6
bl L$0068,0
ldi -1,%r28
L$0051
.CALL ARGW0=GR
bl BN_num_bits_word,%r2
copy %r5,%r26
copy %r28,%r24
ldi 32,%r19
comb,= %r19,%r24,L$0052
subi 31,%r24,%r19
mtsar %r19
zvdepi 1,32,%r19
comb,>>= %r19,%r3,L$0052
addil LR'__iob-$global$+32,%r27
ldo RR'__iob-$global$+32(%r1),%r26
ldil LR'L$C0000,%r25
.CALL ARGW0=GR,ARGW1=GR,ARGW2=GR
bl fprintf,%r2
ldo RR'L$C0000(%r25),%r25
.CALL
bl abort,%r2
nop
L$0052
comb,>> %r5,%r3,L$0053
subi 32,%r24,%r24
sub %r3,%r5,%r3
L$0053
comib,= 0,%r24,L$0054
subi 31,%r24,%r19
mtsar %r19
zvdep %r5,32,%r5
zvdep %r3,32,%r21
subi 32,%r24,%r20
mtsar %r20
vshd 0,%r4,%r20
or %r21,%r20,%r3
mtsar %r19
zvdep %r4,32,%r4
L$0054
extru %r5,15,16,%r23
extru %r5,31,16,%r28
L$0055
extru %r3,15,16,%r19
comb,<> %r23,%r19,L$0058
copy %r3,%r26
bl L$0059,0
zdepi -1,31,16,%r29
L$0058
.IMPORT $$divU,MILLICODE
bl $$divU,%r31
copy %r23,%r25
L$0059
stw %r29,-16(0,%r30)
fldws -16(0,%r30),%fr10L
stw %r28,-16(0,%r30)
fldws -16(0,%r30),%fr10R
stw %r23,-16(0,%r30)
xmpyu %fr10L,%fr10R,%fr8
fldws -16(0,%r30),%fr10R
fstws %fr8R,-16(0,%r30)
xmpyu %fr10L,%fr10R,%fr9
ldw -16(0,%r30),%r8
fstws %fr9R,-16(0,%r30)
copy %r8,%r22
ldw -16(0,%r30),%r8
extru %r4,15,16,%r24
copy %r8,%r21
L$0060
sub %r3,%r21,%r20
copy %r20,%r19
depi 0,31,16,%r19
comib,<> 0,%r19,L$0061
zdep %r20,15,16,%r19
addl %r19,%r24,%r19
comb,>>= %r19,%r22,L$0061
sub %r22,%r28,%r22
sub %r21,%r23,%r21
bl L$0060,0
ldo -1(%r29),%r29
L$0061
stw %r29,-16(0,%r30)
fldws -16(0,%r30),%fr10L
stw %r28,-16(0,%r30)
fldws -16(0,%r30),%fr10R
xmpyu %fr10L,%fr10R,%fr8
fstws %fr8R,-16(0,%r30)
ldw -16(0,%r30),%r8
stw %r23,-16(0,%r30)
fldws -16(0,%r30),%fr10R
copy %r8,%r19
xmpyu %fr10L,%fr10R,%fr8
fstws %fr8R,-16(0,%r30)
extru %r19,15,16,%r20
ldw -16(0,%r30),%r8
zdep %r19,15,16,%r19
addl %r8,%r20,%r20
comclr,<<= %r19,%r4,0
addi 1,%r20,%r20
comb,<<= %r20,%r3,L$0066
sub %r4,%r19,%r4
addl %r3,%r5,%r3
ldo -1(%r29),%r29
L$0066
addib,= -1,%r6,L$0056
sub %r3,%r20,%r3
zdep %r29,15,16,%r7
shd %r3,%r4,16,%r3
bl L$0055,0
zdep %r4,15,16,%r4
L$0056
or %r7,%r29,%r28
L$0068
ldw -148(0,%r30),%r2
ldw -124(0,%r30),%r7
ldw -120(0,%r30),%r6
ldw -116(0,%r30),%r5
ldw -112(0,%r30),%r4
ldw -108(0,%r30),%r3
bv 0(%r2)
ldwm -128(0,%r30),%r8
.EXIT
.PROCEND

2
crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c vendored
View File

@ -142,7 +142,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
{ BN_ULONG ret,waste;
asm ("divq %3"
asm ("divq %4"
: "=a"(ret),"=d"(waste)
: "a"(l),"d"(h),"g"(d)
: "cc");

15
crypto/dist/openssl/crypto/bn/bn_lcl.h vendored
View File

@ -433,19 +433,18 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a);
int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n);
int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
int cl, int dl);
#if 0
/* bn_mul.c rollback <appro> */
#ifdef BN_RECURSION
void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
int dna,int dnb,BN_ULONG *t);
void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
int n,int tna,int tnb,BN_ULONG *t);
#endif
void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
BN_ULONG *t);
void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
int n, BN_ULONG *t);
void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
BN_ULONG *t);
void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
BN_ULONG *t);
void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
#endif
void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
#ifdef __cplusplus
}

2
crypto/dist/openssl/crypto/buffer/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

3
crypto/dist/openssl/crypto/cast/Makefile.ssl vendored
View File

@ -25,6 +25,7 @@ CAST_ENC=c_enc.o
#CAST_ENC=asm/cx86bdsi.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=casttest.c
@ -70,7 +71,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/comp/Makefile.ssl vendored
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/conf/Makefile.ssl vendored
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

30
crypto/dist/openssl/crypto/des/Makefile.ssl vendored
View File

@ -22,6 +22,7 @@ DES_ENC= des_enc.o fcrypt_b.o
#DES_ENC= dx86-elf.o yx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=destest.c
@ -96,7 +97,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
@ -157,12 +158,13 @@ cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
cfb64enc.o: cfb64enc.c des_locl.h
cfb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
cfb_enc.o: cfb_enc.c des_locl.h
des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@ -191,13 +193,13 @@ ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
ecb3_enc.o: des_locl.h ecb3_enc.c
ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
ecb_enc.o: spr.h
ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
ede_cbcm_enc.o: ../../include/openssl/opensslconf.h

21
crypto/dist/openssl/crypto/des/cfb_enc.c vendored
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#include "e_os.h"
#include "des_locl.h"
/* The input and output are loaded in multiples of 8 bits.
@ -64,17 +65,15 @@
* the second. The second 12 bits will come from the 3rd and half the 4th
* byte.
*/
/* WARNING WARNING: this uses in and out in 8-byte chunks regardless of
* length */
/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
* will not be compatible with any encryption prior to that date. Ben. */
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
long length, DES_key_schedule *schedule, DES_cblock *ivec,
int enc)
{
register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
register unsigned long l=length;
register int num=numbits;
register DES_LONG d0,d1,v0,v1;
register unsigned long l=length,n=(numbits+7)/8;
register int num=numbits,i;
DES_LONG ti[2];
unsigned char *iv;
unsigned char ovec[16];
@ -114,10 +113,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
/* now the remaining bits */
if(num%8 != 0)
for(n=0 ; n < 8 ; ++n)
for(i=0 ; i < 8 ; ++i)
{
ovec[n]<<=num%8;
ovec[n]|=ovec[n+1]>>(8-num%8);
ovec[i]<<=num%8;
ovec[i]|=ovec[i+1]>>(8-num%8);
}
iv=&ovec[0];
c2l(iv,v0);
@ -152,10 +151,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
/* now the remaining bits */
if(num%8 != 0)
for(n=0 ; n < 8 ; ++n)
for(i=0 ; i < 8 ; ++i)
{
ovec[n]<<=num%8;
ovec[n]|=ovec[n+1]>>(8-num%8);
ovec[i]<<=num%8;
ovec[i]|=ovec[i+1]>>(8-num%8);
}
iv=&ovec[0];
c2l(iv,v0);

2
crypto/dist/openssl/crypto/dh/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/dsa/Makefile.ssl vendored
View File

@ -49,7 +49,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/dso/Makefile.ssl vendored
View File

@ -49,7 +49,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

4
crypto/dist/openssl/crypto/dso/dso_lib.c vendored
View File

@ -383,7 +383,7 @@ int DSO_set_filename(DSO *dso, const char *filename)
DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
return(0);
}
strcpy(copied, filename);
BUF_strlcpy(copied, filename, strlen(filename) + 1);
if(dso->filename)
OPENSSL_free(dso->filename);
dso->filename = copied;
@ -422,7 +422,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename)
ERR_R_MALLOC_FAILURE);
return(NULL);
}
strcpy(result, filename);
BUF_strlcpy(result, filename, strlen(filename) + 1);
}
return(result);
}

2
crypto/dist/openssl/crypto/ec/Makefile.ssl vendored
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/ec/ecp_smpl.c vendored
View File

@ -896,7 +896,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
}
form = buf[0];
y_bit = form & 1;
form = form & ~1;
form = form & ~1U;
if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
&& (form != POINT_CONVERSION_UNCOMPRESSED)
&& (form != POINT_CONVERSION_HYBRID))

2
crypto/dist/openssl/crypto/engine/Makefile.ssl vendored
View File

@ -57,7 +57,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

10
crypto/dist/openssl/crypto/engine/eng_ctrl.c vendored
View File

@ -160,15 +160,19 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
return strlen(e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_NAME_FROM_CMD:
return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
"%s", e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return strlen(e->cmd_defns[idx].cmd_desc);
return strlen(int_no_description);
case ENGINE_CTRL_GET_DESC_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
return sprintf(s, "%s", int_no_description);
return BIO_snprintf(s,
strlen(e->cmd_defns[idx].cmd_desc) + 1,
"%s", e->cmd_defns[idx].cmd_desc);
return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
int_no_description);
case ENGINE_CTRL_GET_CMD_FLAGS:
return e->cmd_defns[idx].cmd_flags;
}

6
crypto/dist/openssl/crypto/engine/eng_fat.c vendored
View File

@ -107,14 +107,14 @@ static int int_def_cb(const char *alg, int len, void *arg)
}
int ENGINE_set_default_string(ENGINE *e, const char *list)
int ENGINE_set_default_string(ENGINE *e, const char *def_list)
{
unsigned int flags = 0;
if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags))
if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags))
{
ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
ENGINE_R_INVALID_STRING);
ERR_add_error_data(2, "str=",list);
ERR_add_error_data(2, "str=",def_list);
return 0;
}
return ENGINE_set_default(e, flags);

2
crypto/dist/openssl/crypto/err/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/evp/Makefile.ssl vendored
View File

@ -67,7 +67,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
cp $(TESTDATA) ../../test

2
crypto/dist/openssl/crypto/evp/bio_ok.c vendored
View File

@ -102,7 +102,7 @@
*) digest is initialized with random seed instead of
standardized one.
*) same seed is written to ouput
*) same seed is written to output
*) well-known text is then hashed and the output
of the digest is also written to output.

13
crypto/dist/openssl/crypto/evp/digest.c vendored
View File

@ -248,6 +248,7 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
{
unsigned char *tmp_buf;
if ((in == NULL) || (in->digest == NULL))
{
EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
@ -262,12 +263,19 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
}
#endif
if (out->digest == in->digest)
{
tmp_buf = out->md_data;
EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE);
}
else tmp_buf = NULL;
EVP_MD_CTX_cleanup(out);
memcpy(out,in,sizeof *out);
if (out->digest->ctx_size)
{
out->md_data=OPENSSL_malloc(out->digest->ctx_size);
if (tmp_buf) out->md_data = tmp_buf;
else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
memcpy(out->md_data,in->md_data,out->digest->ctx_size);
}
@ -308,7 +316,8 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
if (ctx->digest && ctx->digest->cleanup
&& !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
ctx->digest->cleanup(ctx);
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
{
OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);

12
crypto/dist/openssl/crypto/evp/evp_enc.c vendored
View File

@ -148,7 +148,19 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
#endif
ctx->cipher=cipher;
if (ctx->cipher->ctx_size)
{
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
if (!ctx->cipher_data)
{
EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
return 0;
}
}
else
{
ctx->cipher_data = NULL;
}
ctx->key_len = cipher->key_len;
ctx->flags = 0;
if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)

2
crypto/dist/openssl/crypto/hmac/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/idea/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/krb5/Makefile.ssl vendored
View File

@ -48,7 +48,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile ;
@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/lhash/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/md2/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/md4/Makefile.ssl vendored
View File

@ -48,7 +48,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/md5/Makefile.ssl vendored
View File

@ -84,7 +84,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/mdc2/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

14
crypto/dist/openssl/crypto/mem.c vendored
View File

@ -252,7 +252,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
void *ret = NULL;
extern unsigned char cleanse_ctr;
if (num < 0) return NULL;
if (num <= 0) return NULL;
allow_customize = 0;
if (malloc_debug_func != NULL)
@ -293,7 +293,7 @@ void *CRYPTO_malloc(int num, const char *file, int line)
void *ret = NULL;
extern unsigned char cleanse_ctr;
if (num < 0) return NULL;
if (num <= 0) return NULL;
allow_customize = 0;
if (malloc_debug_func != NULL)
@ -324,7 +324,7 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
if (str == NULL)
return CRYPTO_malloc(num, file, line);
if (num < 0) return NULL;
if (num <= 0) return NULL;
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
@ -346,17 +346,21 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
if (str == NULL)
return CRYPTO_malloc(num, file, line);
if (num < 0) return NULL;
if (num <= 0) return NULL;
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
ret=malloc_ex_func(num,file,line);
if(ret)
{
memcpy(ret,str,old_len);
OPENSSL_cleanse(str,old_len);
free_func(str);
}
#ifdef LEVITTE_DEBUG_MEM
fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num);
fprintf(stderr,
"LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n",
str, ret, num);
#endif
if (realloc_debug_func != NULL)
realloc_debug_func(str, ret, num, file, line, 1);

2
crypto/dist/openssl/crypto/objects/Makefile.ssl vendored
View File

@ -55,7 +55,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

4
crypto/dist/openssl/crypto/objects/obj_dat.pl vendored
View File

@ -1,5 +1,9 @@
#!/usr/local/bin/perl
# fixes bug in floating point emulation on sparc64 when
# this script produces off-by-one output on sparc64
use integer;
sub obj_cmp
{
local(@a,@b,$_,$r);

2
crypto/dist/openssl/crypto/ocsp/Makefile.ssl vendored
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile ;
@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

24
crypto/dist/openssl/crypto/ocsp/ocsp_ext.c vendored
View File

@ -305,6 +305,8 @@ err:
/* Add a nonce to an extension stack. A nonce can be specificed or if NULL
* a random nonce will be generated.
* Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the
* nonce, previous versions used the raw nonce.
*/
static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len)
@ -313,20 +315,28 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val,
ASN1_OCTET_STRING os;
int ret = 0;
if (len <= 0) len = OCSP_DEFAULT_NONCE_LENGTH;
if (val) tmpval = val;
/* Create the OCTET STRING manually by writing out the header and
* appending the content octets. This avoids an extra memory allocation
* operation in some cases. Applications should *NOT* do this because
* it relies on library internals.
*/
os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
os.data = OPENSSL_malloc(os.length);
if (os.data == NULL)
goto err;
tmpval = os.data;
ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
if (val)
memcpy(tmpval, val, len);
else
{
if (!(tmpval = OPENSSL_malloc(len))) goto err;
RAND_pseudo_bytes(tmpval, len);
}
os.data = tmpval;
os.length = len;
if(!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
&os, 0, X509V3_ADD_REPLACE))
goto err;
ret = 1;
err:
if(!val) OPENSSL_free(tmpval);
if (os.data)
OPENSSL_free(os.data);
return ret;
}

1
crypto/dist/openssl/crypto/ocsp/ocsp_lib.c vendored
View File

@ -253,6 +253,7 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss
err:
if (buf) OPENSSL_free(buf);
if (*ppath) OPENSSL_free(*ppath);
if (*pport) OPENSSL_free(*pport);
if (*phost) OPENSSL_free(*phost);

6
crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c vendored
View File

@ -3,7 +3,7 @@
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -272,7 +272,7 @@ static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
for (i = 1; i < idcount; i++)
{
tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
/* Check to see if IDs match */
if (OCSP_id_issuer_cmp(cid, tmpid))
{
@ -330,7 +330,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
OCSP_CERTID *tmpid;
for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++)
{
tmpid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
ret = ocsp_match_issuerid(cert, tmpid, NULL);
if (ret <= 0) return ret;
}

4
crypto/dist/openssl/crypto/opensslv.h vendored
View File

@ -25,8 +25,8 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x0090703fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7c 30 Sep 2003"
#define OPENSSL_VERSION_NUMBER 0x0090704fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7d 17 Mar 2004"
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

2
crypto/dist/openssl/crypto/pem/Makefile.ssl vendored
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links: $(EXHEADER)
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

4
crypto/dist/openssl/crypto/pem/pem_pkey.c vendored
View File

@ -87,6 +87,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
if(!p8inf) goto p8err;
ret = EVP_PKCS82PKEY(p8inf);
if(x) {
if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
*x = ret;
}
PKCS8_PRIV_KEY_INFO_free(p8inf);
} else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
PKCS8_PRIV_KEY_INFO *p8inf;

2
crypto/dist/openssl/crypto/pkcs12/Makefile.ssl vendored
View File

@ -53,7 +53,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/pkcs7/Makefile.ssl vendored
View File

@ -68,7 +68,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

52
crypto/dist/openssl/crypto/pkcs7/pk7_doit.c vendored
View File

@ -91,17 +91,19 @@ static int PKCS7_type_is_other(PKCS7* p7)
}
static int PKCS7_type_is_octet_string(PKCS7* p7)
static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
{
if ( 0==PKCS7_type_is_other(p7) )
return 0;
return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;
if ( PKCS7_type_is_data(p7))
return p7->d.data;
if ( PKCS7_type_is_other(p7) && p7->d.other
&& (p7->d.other->type == V_ASN1_OCTET_STRING))
return p7->d.other->value.octet_string;
return NULL;
}
BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
{
int i,j;
int i;
BIO *out=NULL,*btmp=NULL;
X509_ALGOR *xa;
const EVP_MD *evp_md;
@ -159,8 +161,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
goto err;
}
j=OBJ_obj2nid(xa->algorithm);
evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
evp_md=EVP_get_digestbyobj(xa->algorithm);
if (evp_md == NULL)
{
PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@ -250,25 +251,18 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
btmp=NULL;
}
if (bio == NULL) {
if (bio == NULL)
{
if (PKCS7_is_detached(p7))
bio=BIO_new(BIO_s_null());
else {
if (PKCS7_type_is_signed(p7) ) {
if ( PKCS7_type_is_data(p7->d.sign->contents)) {
else
{
ASN1_OCTET_STRING *os;
os=p7->d.sign->contents->d.data;
if (os->length > 0)
os = PKCS7_get_octet_string(p7->d.sign->contents);
if (os && os->length > 0)
bio = BIO_new_mem_buf(os->data, os->length);
}
else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
ASN1_OCTET_STRING *os;
os=p7->d.sign->contents->d.other->value.octet_string;
if (os->length > 0)
bio = BIO_new_mem_buf(os->data, os->length);
}
}
if(bio == NULL) {
if(bio == NULL)
{
bio=BIO_new(BIO_s_mem());
BIO_set_mem_eof_return(bio,0);
}
@ -311,7 +305,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
switch (i)
{
case NID_pkcs7_signed:
data_body=p7->d.sign->contents->d.data;
data_body=PKCS7_get_octet_string(p7->d.sign->contents);
md_sk=p7->d.sign->md_algs;
break;
case NID_pkcs7_signedAndEnveloped:
@ -319,7 +313,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
md_sk=p7->d.signed_and_enveloped->md_algs;
data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
if (evp_cipher == NULL)
{
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@ -331,7 +325,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
rsk=p7->d.enveloped->recipientinfo;
enc_alg=p7->d.enveloped->enc_data->algorithm;
data_body=p7->d.enveloped->enc_data->enc_data;
evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm)));
evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
if (evp_cipher == NULL)
{
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
@ -357,7 +351,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
}
j=OBJ_obj2nid(xa->algorithm);
evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
evp_md=EVP_get_digestbynid(j);
if (evp_md == NULL)
{
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE);
@ -531,9 +525,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
break;
case NID_pkcs7_signed:
si_sk=p7->d.sign->signer_info;
os=p7->d.sign->contents->d.data;
os=PKCS7_get_octet_string(p7->d.sign->contents);
/* If detached data then the content is excluded */
if(p7->detached) {
if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
M_ASN1_OCTET_STRING_free(os);
p7->d.sign->contents->d.data = NULL;
}

10
crypto/dist/openssl/crypto/rand/Makefile.ssl vendored
View File

@ -49,7 +49,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
@ -101,7 +101,8 @@ md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
md_rand.o: md_rand.c rand_lcl.h
rand_egd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
rand_egd.o: ../../include/openssl/opensslconf.h
rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
rand_egd.o: rand_egd.c
rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
@ -186,8 +187,9 @@ rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c
randfile.o: ../../e_os.h ../../include/openssl/crypto.h
randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
randfile.o: ../../e_os.h ../../include/openssl/buffer.h
randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
randfile.o: ../../include/openssl/opensslconf.h
randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h

19
crypto/dist/openssl/crypto/rand/rand_unix.c vendored
View File

@ -124,6 +124,24 @@
#include <unistd.h>
#include <time.h>
#ifdef __OpenBSD__
int RAND_poll(void)
{
u_int32_t rnd = 0, i;
unsigned char buf[ENTROPY_NEEDED];
for (i = 0; i < sizeof(buf); i++) {
if (i % 4 == 0)
rnd = arc4random();
buf[i] = rnd;
rnd >>= 8;
}
RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
memset(buf, 0, sizeof(buf));
return 1;
}
#else
int RAND_poll(void)
{
unsigned long l;
@ -235,6 +253,7 @@ int RAND_poll(void)
#endif
}
#endif
#endif
#if defined(OPENSSL_SYS_VXWORKS)

2
crypto/dist/openssl/crypto/rand/rand_win.c vendored
View File

@ -646,7 +646,7 @@ static void readtimer(void)
* Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
*
* Code adapted from
* <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
* <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
* the original copyright message is:
*
* (C) Copyright Microsoft Corp. 1993. All rights reserved.

2
crypto/dist/openssl/crypto/rc2/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

3
crypto/dist/openssl/crypto/rc4/Makefile.ssl vendored
View File

@ -25,6 +25,7 @@ RC4_ENC=rc4_enc.o
#RC4_ENC=asm/rx86bdsi.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=rc4test.c
@ -70,7 +71,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

3
crypto/dist/openssl/crypto/rc5/Makefile.ssl vendored
View File

@ -22,6 +22,7 @@ RC5_ENC= rc5_enc.o
#DES_ENC= r586-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=rc5test.c
@ -67,7 +68,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

3
crypto/dist/openssl/crypto/ripemd/Makefile.ssl vendored
View File

@ -20,6 +20,7 @@ AR= ar r
RIP_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=rmdtest.c
@ -65,7 +66,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/rsa/Makefile.ssl vendored
View File

@ -51,7 +51,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

3
crypto/dist/openssl/crypto/sha/Makefile.ssl vendored
View File

@ -20,6 +20,7 @@ AR= ar r
SHA1_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=shatest.c sha1test.c
@ -65,7 +66,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

289
crypto/dist/openssl/crypto/sha/asm/sha1-586.pl vendored
View File

@ -1,5 +1,30 @@
#!/usr/local/bin/perl
# It was noted that Intel IA-32 C compiler generates code which
# performs ~30% *faster* on P4 CPU than original *hand-coded*
# SHA1 assembler implementation. To address this problem (and
# prove that humans are still better than machines:-), the
# original code was overhauled, which resulted in following
# performance changes:
#
# compared with original compared with Intel cc
# assembler impl. generated code
# Pentium -25% +37%
# PIII/AMD +8% +16%
# P4 +85%(!) +45%
#
# As you can see Pentium came out as looser:-( Yet I reckoned that
# improvement on P4 outweights the loss and incorporate this
# re-tuned code to 0.9.7 and later.
# ----------------------------------------------------------------
# Those who for any particular reason absolutely must score on
# Pentium can replace this module with one from 0.9.6 distribution.
# This "offer" shall be revoked the moment programming interface to
# this module is changed, in which case this paragraph should be
# removed.
# ----------------------------------------------------------------
# <appro@fy.chalmers.se>
$normal=0;
push(@INC,"perlasm","../../perlasm");
@ -77,54 +102,21 @@ sub BODY_00_15
{
local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
return if $n & 1;
&comment("00_15 $n");
&mov($f,$c);
&mov($tmp1,$a);
&xor($f,$d); # F2
&mov($f,$c); # f to hold F_00_19(b,c,d)
&rotl($tmp1,5); # tmp1=ROTATE(a,5)
&xor($f,$d);
&and($f,$b);
&rotr($b,2); # b=ROTATE(b,30)
&add($tmp1,$e); # tmp1+=e;
&mov($e,&swtmp($n)); # e becomes volatile and
# is loaded with xi
&xor($f,$d); # f holds F_00_19(b,c,d)
&lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi
&rotl($tmp1,5); # A2
&and($f,$b); # F3
&add($tmp1,$e);
&rotr($b,1); # B1 <- F
&mov($e,&swtmp($n)); # G1
&rotr($b,1); # B1 <- F
&xor($f,$d); # F4
&lea($tmp1,&DWP($K,$tmp1,$e,1));
############################
# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
$n++;
local($n0,$n1,$n2,$n3,$np)=&Na($n);
($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
&mov($f,$c);
&add($a,$tmp1); # MOVED DOWN
&xor($f,$d); # F2
&mov($tmp1,$a);
&and($f,$b); # F3
&rotl($tmp1,5); # A2
&add($tmp1,$e);
&mov($e,&swtmp($n)); # G1
&rotr($b,1); # B1 <- F
&xor($f,$d); # F4
&rotr($b,1); # B1 <- F
&lea($tmp1,&DWP($K,$tmp1,$e,1));
&add($f,$tmp1);
&add($f,$tmp1); # f+=tmp1
}
sub BODY_16_19
@ -132,66 +124,24 @@ sub BODY_16_19
local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
local($n0,$n1,$n2,$n3,$np)=&Na($n);
return if $n & 1;
&comment("16_19 $n");
&nop() if ($pos < 0);
&mov($tmp1,&swtmp($n0)); # X1
&mov($f,&swtmp($n1)); # X2
&xor($f,$tmp1); # X3
&mov($tmp1,&swtmp($n2)); # X4
&xor($f,$tmp1); # X5
&mov($tmp1,&swtmp($n3)); # X6
&xor($f,$tmp1); # X7 - slot
&mov($tmp1,$c); # F1
&rotl($f,1); # X8 - slot
&xor($tmp1,$d); # F2
&mov(&swtmp($n0),$f); # X9 - anytime
&and($tmp1,$b); # F3
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
&xor($tmp1,$d); # F4
&mov($e,$a); # A1
&add($f,$tmp1); # tot+=F();
&rotl($e,5); # A2
&rotr($b,1); # B1 <- F
&add($f,$e); # tot+=a
############################
# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
$n++;
local($n0,$n1,$n2,$n3,$np)=&Na($n);
($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
&mov($f,&swtmp($n0)); # X1
&mov($tmp1,&swtmp($n1)); # X2
&xor($f,$tmp1); # X3
&mov($tmp1,&swtmp($n2)); # X4
&xor($f,$tmp1); # X5
&mov($tmp1,&swtmp($n3)); # X6
&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN
&xor($f,$tmp1); # X7 - slot
&rotl($f,1); # X8 - slot
&mov($tmp1,$c); # F1
&xor($tmp1,$d); # F2
&mov(&swtmp($n0),$f); # X9 - anytime
&and($tmp1,$b); # F3
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
&xor($tmp1,$d); # F4
&mov($e,$a); # A1
&rotl($e,5); # A2
&rotr($b,1); # B1 <- F
&add($f,$e); # tot+=a
&rotr($b,1); # B1 <- F
&add($f,$tmp1); # tot+=F();
&mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd)
&mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
&xor($f,&swtmp($n0));
&xor($tmp1,$d);
&xor($f,&swtmp($n2));
&and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
&xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
&rotr($b,2); # b=ROTATE(b,30)
&xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
&rotl($f,1); # f=ROATE(f,1)
&mov(&swtmp($n0),$f); # xi=f
&lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e
&mov($e,$a); # e becomes volatile
&add($f,$tmp1); # f+=F_00_19(b,c,d)
&rotl($e,5); # e=ROTATE(a,5)
&add($f,$e); # f+=ROTATE(a,5)
}
sub BODY_20_39
@ -201,42 +151,21 @@ sub BODY_20_39
&comment("20_39 $n");
local($n0,$n1,$n2,$n3,$np)=&Na($n);
&mov($f,&swtmp($n0)); # X1
&mov($tmp1,&swtmp($n1)); # X2
&xor($f,$tmp1); # X3
&mov($tmp1,&swtmp($n2)); # X4
&xor($f,$tmp1); # X5
&mov($tmp1,&swtmp($n3)); # X6
&xor($f,$tmp1); # X7 - slot
&mov($tmp1,$b); # F1
&rotl($f,1); # X8 - slot
&xor($tmp1,$c); # F2
&mov(&swtmp($n0),$f); # X9 - anytime
&xor($tmp1,$d); # F3
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
&mov($e,$a); # A1
&rotl($e,5); # A2
if ($n != 79) # last loop
{
&rotr($b,1); # B1 <- F
&add($e,$tmp1); # tmp1=F()+a
&rotr($b,1); # B2 <- F
&add($f,$e); # tot+=tmp1;
}
else
{
&add($e,$tmp1); # tmp1=F()+a
&mov($tmp1,&wparam(0));
&rotr($b,1); # B1 <- F
&add($f,$e); # tot+=tmp1;
&rotr($b,1); # B2 <- F
}
&mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
&mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
&xor($f,&swtmp($n1));
&rotr($b,2); # b=ROTATE(b,30)
&xor($f,&swtmp($n2));
&xor($tmp1,$c);
&xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
&xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
&rotl($f,1); # f=ROTATE(f,1)
&mov(&swtmp($n0),$f); # xi=f
&lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e
&mov($e,$a); # e becomes volatile
&rotl($e,5); # e=ROTATE(a,5)
&add($f,$tmp1); # f+=F_20_39(b,c,d)
&add($f,$e); # f+=ROTATE(a,5)
}
sub BODY_40_59
@ -244,70 +173,27 @@ sub BODY_40_59
local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
&comment("40_59 $n");
return if $n & 1;
local($n0,$n1,$n2,$n3,$np)=&Na($n);
&mov($f,&swtmp($n0)); # X1
&mov($tmp1,&swtmp($n1)); # X2
&xor($f,$tmp1); # X3
&mov($tmp1,&swtmp($n2)); # X4
&xor($f,$tmp1); # X5
&mov($tmp1,&swtmp($n3)); # X6
&xor($f,$tmp1); # X7 - slot
&mov($tmp1,$b); # F1
&rotl($f,1); # X8 - slot
&or($tmp1,$c); # F2
&mov(&swtmp($n0),$f); # X9 - anytime
&and($tmp1,$d); # F3
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
&mov($e,$b); # F4
&rotr($b,1); # B1 <- F
&and($e,$c); # F5
&or($tmp1,$e); # F6
&mov($e,$a); # A1
&rotl($e,5); # A2
&add($tmp1,$e); # tmp1=F()+a
############################
# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
$n++;
local($n0,$n1,$n2,$n3,$np)=&Na($n);
($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
&mov($f,&swtmp($n0)); # X1
&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1
&mov($tmp1,&swtmp($n1)); # X2
&xor($f,$tmp1); # X3
&mov($tmp1,&swtmp($n2)); # X4
&xor($f,$tmp1); # X5
&mov($tmp1,&swtmp($n3)); # X6
&rotr($c,1); # B2 <- F # moved was rotr b,1
&xor($f,$tmp1); # X7 - slot
&rotl($f,1); # X8 - slot
&mov($tmp1,$b); # F1
&mov(&swtmp($n0),$f); # X9 - anytime
&or($tmp1,$c); # F2
&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
&mov($e,$b); # F4
&and($tmp1,$d); # F3
&and($e,$c); # F5
&or($tmp1,$e); # F6
&mov($e,$a); # A1
&rotl($e,5); # A2
&rotr($b,1); # B1 <- F
&add($tmp1,$e); # tmp1=F()+a
&rotr($b,1); # B2 <- F
&add($f,$tmp1); # tot+=tmp1;
&mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
&mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
&xor($f,&swtmp($n1));
&or($tmp1,$c);
&xor($f,&swtmp($n2));
&and($tmp1,$d);
&xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
&mov(&swtmp($n0),$f); # xi=f
&lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e
&mov($e,$b); # e becomes volatile and is used
# to calculate F_40_59(b,c,d)
&rotr($b,2); # b=ROTATE(b,30)
&and($e,$c);
&or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
&mov($e,$a);
&rotl($e,5); # e=ROTATE(a,5)
&add($tmp1,$e); # tmp1+=ROTATE(a,5)
&add($f,$tmp1); # f+=tmp1;
}
sub BODY_60_79
@ -495,8 +381,7 @@ sub sha1_block_data
# C -> E
# D -> T
# The last 2 have been moved into the last loop
# &mov($tmp1,&wparam(0));
&mov($tmp1,&wparam(0));
&mov($D, &DWP(12,$tmp1,"",0));
&add($D,$B);

2
crypto/dist/openssl/crypto/stack/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/txt_db/Makefile.ssl vendored
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/ui/Makefile.ssl vendored
View File

@ -51,7 +51,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/x509/Makefile.ssl vendored
View File

@ -57,7 +57,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/x509/x509type.c vendored
View File

@ -106,7 +106,7 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
break;
}
if (EVP_PKEY_size(pk) <= 512/8) /* /8 because it's 512 bits we look
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
for, not bytes */
ret|=EVP_PKT_EXP;
if(pkey==NULL) EVP_PKEY_free(pk);

2
crypto/dist/openssl/crypto/x509v3/Makefile.ssl vendored
View File

@ -53,7 +53,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/dist/openssl/crypto/x509v3/v3_crld.c vendored
View File

@ -156,7 +156,7 @@ ASN1_SEQUENCE(DIST_POINT) = {
IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT)
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT)
ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)

140
crypto/dist/openssl/doc/apps/config.pod vendored
View File

@ -10,7 +10,8 @@ config - OpenSSL CONF library configuration files
The OpenSSL CONF library can be used to read configuration files.
It is used for the OpenSSL master configuration file B<openssl.cnf>
and in a few other places like B<SPKAC> files and certificate extension
files for the B<x509> utility.
files for the B<x509> utility. OpenSSL applications can also use the
CONF library for their own purposes.
A configuration file is divided into a number of sections. Each section
starts with a line B<[ section_name ]> and ends when a new section is
@ -51,13 +52,146 @@ or the B<\> character. By making the last character of a line a B<\>
a B<value> string can be spread across multiple lines. In addition
the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognized.
=head1 OPENSSL LIBRARY CONFIGURATION
In OpenSSL 0.9.7 and later applications can automatically configure certain
aspects of OpenSSL using the master OpenSSL configuration file, or optionally
an alternative configuration file. The B<openssl> utility includes this
functionality: any sub command uses the master OpenSSL configuration file
unless an option is used in the sub command to use an alternative configuration
file.
To enable library configuration the default section needs to contain an
appropriate line which points to the main configuration section. The default
name is B<openssl_conf> which is used by the B<openssl> utility. Other
applications may use an alternative name such as B<myapplicaton_conf>.
The configuration section should consist of a set of name value pairs which
contain specific module configuration information. The B<name> represents
the name of the I<configuration module> the meaning of the B<value> is
module specific: it may, for example, represent a further configuration
section containing configuration module specific information. E.g.
openssl_conf = openssl_init
[openssl_init]
oid_section = new_oids
engines = engine_section
[new_oids]
... new oids here ...
[engine_section]
... engine stuff here ...
Currently there are two configuration modules. One for ASN1 objects another
for ENGINE configuration.
=head2 ASN1 OBJECT CONFIGURATION MODULE
This module has the name B<oid_section>. The value of this variable points
to a section containing name value pairs of OIDs: the name is the OID short
and long name, the value is the numerical form of the OID. Although some of
the B<openssl> utility sub commands already have their own ASN1 OBJECT section
functionality not all do. By using the ASN1 OBJECT configuration module
B<all> the B<openssl> utility sub commands can see the new objects as well
as any compliant applications. For example:
[new_oids]
some_new_oid = 1.2.3.4
some_other_oid = 1.2.3.5
=head2 ENGINE CONFIGURATION MODULE
This ENGINE configuration module has the name B<engines>. The value of this
variable points to a section containing further ENGINE configuration
information.
The section pointed to by B<engines> is a table of engine names (though see
B<engine_id> below) and further sections containing configuration informations
specific to each ENGINE.
Each ENGINE specific section is used to set default algorithms, load
dynamic, perform initialization and send ctrls. The actual operation performed
depends on the I<command> name which is the name of the name value pair. The
currently supported commands are listed below.
For example:
[engine_section]
# Configure ENGINE named "foo"
foo = foo_section
# Configure ENGINE named "bar"
bar = bar_section
[foo_section]
... foo ENGINE specific commands ...
[bar_section]
... "bar" ENGINE specific commands ...
The command B<engine_id> is used to give the ENGINE name. If used this
command must be first. For example:
[engine_section]
# This would normally handle an ENGINE named "foo"
foo = foo_section
[foo_section]
# Override default name and use "myfoo" instead.
engine_id = myfoo
The command B<dynamic_path> loads and adds an ENGINE from the given path. It
is equivalent to sending the ctrls B<SO_PATH> with the path argument followed
by B<LIST_ADD> with value 2 and B<LOAD> to the dynamic ENGINE. If this is
not the required behaviour then alternative ctrls can be sent directly
to the dynamic ENGINE using ctrl commands.
The command B<init> determines whether to initialize the ENGINE. If the value
is B<0> the ENGINE will not be initialized, if B<1> and attempt it made to
initialized the ENGINE immediately. If the B<init> command is not present
then an attempt will be made to initialize the ENGINE after all commands in
its section have been processed.
The command B<default_algorithms> sets the default algorithms an ENGINE will
supply using the functions B<ENGINE_set_default_string()>
If the name matches none of the above command names it is assumed to be a
ctrl command which is sent to the ENGINE. The value of the command is the
argument to the ctrl command. If the value is the string B<EMPTY> then no
value is sent to the command.
For example:
[engine_section]
# Configure ENGINE named "foo"
foo = foo_section
[foo_section]
# Load engine from DSO
dynamic_path = /some/path/fooengine.so
# A foo specific ctrl.
some_ctrl = some_value
# Another ctrl that doesn't take a value.
other_ctrl = EMPTY
# Supply all default algorithms
default_algorithms = ALL
=head1 NOTES
If a configuration file attempts to expand a variable that doesn't exist
then an error is flagged and the file will not load. This can happen
if an attempt is made to expand an environment variable that doesn't
exist. For example the default OpenSSL master configuration file used
the value of B<HOME> which may not be defined on non Unix systems.
exist. For example in a previous version of OpenSSL the default OpenSSL
master configuration file used the value of B<HOME> which may not be
defined on non Unix systems and would cause an error.
This can be worked around by including a B<default> section to provide
a default value: then if the environment lookup fails the default value

173
crypto/dist/openssl/doc/apps/s_time.pod vendored Normal file
View File

@ -0,0 +1,173 @@
=pod
=head1 NAME
s_time - SSL/TLS performance timing program
=head1 SYNOPSIS
B<openssl> B<s_time>
[B<-connect host:port>]
[B<-www page>]
[B<-cert filename>]
[B<-key filename>]
[B<-CApath directory>]
[B<-CAfile filename>]
[B<-reuse>]
[B<-new>]
[B<-verify depth>]
[B<-nbio>]
[B<-time seconds>]
[B<-ssl2>]
[B<-ssl3>]
[B<-bugs>]
[B<-cipher cipherlist>]
=head1 DESCRIPTION
The B<s_client> command implements a generic SSL/TLS client which connects to a
remote host using SSL/TLS. It can request a page from the server and includes
the time to transfer the payload data in its timing measurements. It measures
the number of connections within a given timeframe, the amount of data
transferred (if any), and calculates the average time spent for one connection.
=head1 OPTIONS
=over 4
=item B<-connect host:port>
This specifies the host and optional port to connect to.
=item B<-www page>
This specifies the page to GET from the server. A value of '/' gets the
index.htm[l] page. If this parameter is not specified, then B<s_time> will only
perform the handshake to establish SSL connections but not transfer any
payload data.
=item B<-cert certname>
The certificate to use, if one is requested by the server. The default is
not to use a certificate. The file is in PEM format.
=item B<-key keyfile>
The private key to use. If not specified then the certificate file will
be used. The file is in PEM format.
=item B<-verify depth>
The verify depth to use. This specifies the maximum length of the
server certificate chain and turns on server certificate verification.
Currently the verify operation continues after errors so all the problems
with a certificate chain can be seen. As a side effect the connection
will never fail due to a server certificate verify failure.
=item B<-CApath directory>
The directory to use for server certificate verification. This directory
must be in "hash format", see B<verify> for more information. These are
also used when building the client certificate chain.
=item B<-CAfile file>
A file containing trusted certificates to use during server authentication
and to use when attempting to build the client certificate chain.
=item B<-new>
performs the timing test using a new session ID for each connection.
If neither B<-new> nor B<-reuse> are specified, they are both on by default
and executed in sequence.
=item B<-reuse>
performs the timing test using the same session ID; this can be used as a test
that session caching is working. If neither B<-new> nor B<-reuse> are
specified, they are both on by default and executed in sequence.
=item B<-nbio>
turns on non-blocking I/O.
=item B<-ssl2>, B<-ssl3>
these options disable the use of certain SSL or TLS protocols. By default
the initial handshake uses a method which should be compatible with all
servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
The timing program is not as rich in options to turn protocols on and off as
the L<s_client(1)|s_client(1)> program and may not connect to all servers.
Unfortunately there are a lot of ancient and broken servers in use which
cannot handle this technique and will fail to connect. Some servers only
work if TLS is turned off with the B<-ssl3> option; others
will only support SSL v2 and may need the B<-ssl2> option.
=item B<-bugs>
there are several known bug in SSL and TLS implementations. Adding this
option enables various workarounds.
=item B<-cipher cipherlist>
this allows the cipher list sent by the client to be modified. Although
the server determines which cipher suite is used it should take the first
supported cipher in the list sent by the client.
See the L<ciphers(1)|ciphers(1)> command for more information.
=item B<-time length>
specifies how long (in seconds) B<s_time> should establish connections and
optionally transfer payload data from a server. Server and client performance
and the link speed determine how many connections B<s_time> can establish.
=back
=head1 NOTES
B<s_client> can be used to measure the performance of an SSL connection.
To connect to an SSL HTTP server and get the default page the command
openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
would typically be used (https uses port 443). 'commoncipher' is a cipher to
which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
for details.
If the handshake fails then there are several possible causes, if it is
nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
B<-ssl3> options can be tried
in case it is a buggy server. In particular you should play with these
options B<before> submitting a bug report to an OpenSSL mailing list.
A frequent problem when attempting to get client certificates working
is that a web client complains it has no certificates or gives an empty
list to choose from. This is normally because the server is not sending
the clients certificate authority in its "acceptable CA list" when it
requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
viewed and checked. However some servers only request client authentication
after a specific URL is requested. To obtain the list in this case it
is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
send an HTTP request for an appropriate page.
If a certificate is specified on the command line using the B<-cert>
option it will not be used unless the server specifically requests
a client certificate. Therefor merely including a client certificate
on the command line is no guarantee that the certificate works.
=head1 BUGS
Because this program does not have all the options of the
L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
able to measure the performance of all protocols with all servers.
The B<-verify> option should really exit if the server verification
fails.
=head1 SEE ALSO
L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
=cut

6
crypto/dist/openssl/doc/crypto/BIO_f_ssl.pod vendored
View File

@ -287,8 +287,8 @@ a client and also echoes the request to standard output.
return 0;
}
BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/html\r\n\r\n");
BIO_puts(sbio, "<pre>\r\nConnection Established\r\nRequest headers:\r\n");
BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n");
BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n");
BIO_puts(sbio, "--------------------------------------------------\r\n");
for(;;) {
@ -301,7 +301,7 @@ a client and also echoes the request to standard output.
}
BIO_puts(sbio, "--------------------------------------------------\r\n");
BIO_puts(sbio, "</pre>\r\n");
BIO_puts(sbio, "\r\n");
/* Since there is a buffering BIO present we had better flush it */
BIO_flush(sbio);

47
crypto/dist/openssl/doc/crypto/CONF_modules_free.pod vendored Normal file
View File

@ -0,0 +1,47 @@
=pod
=head1 NAME
CONF_modules_free, CONF_modules_load, CONF_modules_unload -
OpenSSL configuration cleanup functions
=head1 SYNOPSIS
#include <openssl/conf.h>
void CONF_modules_free(void);
void CONF_modules_unload(int all);
void CONF_modules_finish(void);
=head1 DESCRIPTION
CONF_modules_free() closes down and frees up all memory allocated by all
configuration modules.
CONF_modules_finish() calls each configuration modules B<finish> handler
to free up any configuration that module may have performed.
CONF_modules_unload() finishes and unloads configuration modules. If
B<all> is set to B<0> only modules loaded from DSOs will be unloads. If
B<all> is B<1> all modules, including builtin modules will be unloaded.
=head1 NOTES
Normally applications will only call CONF_modules_free() at application to
tidy up any configuration performed.
=head1 RETURN VALUE
None of the functions return a value.
=head1 SEE ALSO
L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
L<CONF_modules_load_file(3), CONF_modules_load_file(3)>
=head1 HISTORY
CONF_modules_free(), CONF_modules_unload(), and CONF_modules_finish()
first appeared in OpenSSL 0.9.7.
=cut

60
crypto/dist/openssl/doc/crypto/CONF_modules_load_file.pod vendored Normal file
View File

@ -0,0 +1,60 @@
=pod
=head1 NAME
CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions
=head1 SYNOPSIS
#include <openssl/conf.h>
int CONF_modules_load_file(const char *filename, const char *appname,
unsigned long flags);
int CONF_modules_load(const CONF *cnf, const char *appname,
unsigned long flags);
=head1 DESCRIPTION
The function CONF_modules_load_file() configures OpenSSL using file
B<filename> and application name B<appname>. If B<filename> is NULL
the standard OpenSSL configuration file is used. If B<appname> is
NULL the standard OpenSSL application name B<openssl_conf> is used.
The behaviour can be cutomized using B<flags>.
CONF_modules_load() is idential to CONF_modules_load_file() except it
read configuration information from B<cnf>.
=head1 NOTES
The following B<flags> are currently recognized:
B<CONF_MFLAGS_IGNORE_ERRORS> if set errors returned by individual
configuration modules are ignored. If not set the first module error is
considered fatal and no further modules are loads.
Normally any modules errors will add error information to the error queue. If
B<CONF_MFLAGS_SILENT> is set no error information is added.
If B<CONF_MFLAGS_NO_DSO> is set configuration module loading from DSOs is
disabled.
B<CONF_MFLAGS_IGNORE_MISSING_FILE> if set will make CONF_load_modules_file()
ignore missing configuration files. Normally a missing configuration file
return an error.
=head1 RETURN VALUE
These functions return 1 for success and a zero or negative value for
failure. If module errors are not ignored the return code will reflect the
return value of the failing module (this will always be zero or negative).
=head1 SEE ALSO
L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
L<CONF_free(3), CONF_free(3)>, L<err(3),err(3)>
=head1 HISTORY
CONF_modules_load_file and CONF_modules_load first appeared in OpenSSL 0.9.7.
=cut

82
crypto/dist/openssl/doc/crypto/OPENSSL_config.pod vendored Normal file
View File

@ -0,0 +1,82 @@
=pod
=head1 NAME
OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions
=head1 SYNOPSIS
#include <openssl/conf.h>
void OPENSSL_config(const char *config_name);
void OPENSSL_no_config(void);
=head1 DESCRIPTION
OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf>
configuration file name using B<config_name>. If B<config_name> is NULL then
the default name B<openssl_conf> will be used. Any errors are ignored. Further
calls to OPENSSL_config() will have no effect. The configuration file format
is documented in the L<conf(5)|conf(5)> manual page.
OPENSSL_no_config() disables configuration. If called before OPENSSL_config()
no configuration takes place.
=head1 NOTES
It is B<strongly> recommended that B<all> new applications call OPENSSL_config()
or the more sophisticated functions such as CONF_modules_load() during
initialization (that is before starting any threads). By doing this
an application does not need to keep track of all configuration options
and some new functionality can be supported automatically.
It is also possible to automatically call OPENSSL_config() when an application
calls OPENSSL_add_all_algorithms() by compiling an application with the
preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
can be added without source changes.
The environment variable B<OPENSSL_CONFIG> can be set to specify the location
of the configuration file.
Currently ASN1 OBJECTs and ENGINE configuration can be performed future
versions of OpenSSL will add new configuration options.
There are several reasons why calling the OpenSSL configuration routines is
advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
used (among other things) to load dynamic ENGINEs from shared libraries (DSOs).
However very few applications currently support the control interface and so
very few can load and use dynamic ENGINEs. Equally in future more sophisticated
ENGINEs will require certain control operations to customize them. If an
application calls OPENSSL_config() it doesn't need to know or care about
ENGINE control operations because they can be performed by editing a
configuration file.
Applications should free up configuration at application closedown by calling
CONF_modules_free().
=head1 RESTRICTIONS
The OPENSSL_config() function is designed to be a very simple "call it and
forget it" function. As a result its behaviour is somewhat limited. It ignores
all errors silently and it can only load from the standard configuration file
location for example.
It is however B<much> better than nothing. Applications which need finer
control over their configuration functionality should use the configuration
functions such as CONF_load_modules() directly.
=head1 RETURN VALUES
Neither OPENSSL_config() nor OPENSSL_no_config() return a value.
=head1 SEE ALSO
L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
L<CONF_modules_free(3),CONF_modules_free(3)>
=head1 HISTORY
OPENSSL_config() and OPENSSL_no_config() first appeared in OpenSSL 0.9.7
=cut

Some files were not shown because too many files have changed in this diff Show More