sync w/ openssl 0.9.7c. shlib minor bump for libcrypto.
(ERR_release_err_state_table() added)
This commit is contained in:
parent
385718bc5c
commit
aec01dda91
|
@ -2,6 +2,57 @@
|
|||
OpenSSL CHANGES
|
||||
_______________
|
||||
|
||||
Changes between 0.9.7b and 0.9.7c [30 Sep 2003]
|
||||
|
||||
*) Fix various bugs revealed by running the NISCC test suite:
|
||||
|
||||
Stop out of bounds reads in the ASN1 code when presented with
|
||||
invalid tags (CAN-2003-0543 and CAN-2003-0544).
|
||||
|
||||
Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
|
||||
|
||||
If verify callback ignores invalid public key errors don't try to check
|
||||
certificate signature with the NULL public key.
|
||||
|
||||
[Steve Henson]
|
||||
|
||||
*) New -ignore_err option in ocsp application to stop the server
|
||||
exiting on the first error in a request.
|
||||
[Steve Henson]
|
||||
|
||||
*) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
|
||||
if the server requested one: as stated in TLS 1.0 and SSL 3.0
|
||||
specifications.
|
||||
[Steve Henson]
|
||||
|
||||
*) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
|
||||
extra data after the compression methods not only for TLS 1.0
|
||||
but also for SSL 3.0 (as required by the specification).
|
||||
[Bodo Moeller; problem pointed out by Matthias Loepfe]
|
||||
|
||||
*) Change X509_certificate_type() to mark the key as exported/exportable
|
||||
when it's 512 *bits* long, not 512 bytes.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Change AES_cbc_encrypt() so it outputs exact multiple of
|
||||
blocks during encryption.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Various fixes to base64 BIO and non blocking I/O. On write
|
||||
flushes were not handled properly if the BIO retried. On read
|
||||
data was not being buffered properly and had various logic bugs.
|
||||
This also affects blocking I/O when the data being decoded is a
|
||||
certain size.
|
||||
[Steve Henson]
|
||||
|
||||
*) Various S/MIME bugfixes and compatibility changes:
|
||||
output correct application/pkcs7 MIME type if
|
||||
PKCS7_NOOLDMIMETYPE is set. Tolerate some broken signatures.
|
||||
Output CR+LF for EOL if PKCS7_CRLFEOL is set (this makes opening
|
||||
of files as .eml work). Correctly handle very long lines in MIME
|
||||
parser.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 0.9.7a and 0.9.7b [10 Apr 2003]
|
||||
|
||||
*) Countermeasure against the Klima-Pokorny-Rosa extension of
|
||||
|
@ -120,6 +171,9 @@
|
|||
|
||||
Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
|
||||
|
||||
[NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
|
||||
OpenSSL 0.9.7.]
|
||||
|
||||
*) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
|
||||
code (06) was taken as the first octet of the session ID and the last
|
||||
octet was ignored consequently. As a result SSLv2 client side session
|
||||
|
@ -1938,6 +1992,57 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
|||
*) Clean old EAY MD5 hack from e_os.h.
|
||||
[Richard Levitte]
|
||||
|
||||
Changes between 0.9.6j and 0.9.6k [30 Sep 2003]
|
||||
|
||||
*) Fix various bugs revealed by running the NISCC test suite:
|
||||
|
||||
Stop out of bounds reads in the ASN1 code when presented with
|
||||
invalid tags (CAN-2003-0543 and CAN-2003-0544).
|
||||
|
||||
If verify callback ignores invalid public key errors don't try to check
|
||||
certificate signature with the NULL public key.
|
||||
|
||||
[Steve Henson]
|
||||
|
||||
*) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
|
||||
if the server requested one: as stated in TLS 1.0 and SSL 3.0
|
||||
specifications.
|
||||
[Steve Henson]
|
||||
|
||||
*) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
|
||||
extra data after the compression methods not only for TLS 1.0
|
||||
but also for SSL 3.0 (as required by the specification).
|
||||
[Bodo Moeller; problem pointed out by Matthias Loepfe]
|
||||
|
||||
*) Change X509_certificate_type() to mark the key as exported/exportable
|
||||
when it's 512 *bits* long, not 512 bytes.
|
||||
[Richard Levitte]
|
||||
|
||||
Changes between 0.9.6i and 0.9.6j [10 Apr 2003]
|
||||
|
||||
*) Countermeasure against the Klima-Pokorny-Rosa extension of
|
||||
Bleichbacher's attack on PKCS #1 v1.5 padding: treat
|
||||
a protocol version number mismatch like a decryption error
|
||||
in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Turn on RSA blinding by default in the default implementation
|
||||
to avoid a timing attack. Applications that don't want it can call
|
||||
RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
|
||||
They would be ill-advised to do so in most cases.
|
||||
[Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
|
||||
|
||||
*) Change RSA blinding code so that it works when the PRNG is not
|
||||
seeded (in this case, the secret RSA exponent is abused as
|
||||
an unpredictable seed -- if it is not unpredictable, there
|
||||
is no point in blinding anyway). Make RSA blinding thread-safe
|
||||
by remembering the creator's thread ID in rsa->blinding and
|
||||
having all other threads use local one-time blinding factors
|
||||
(this requires more computation than sharing rsa->blinding, but
|
||||
avoids excessive locking; and if an RSA object is not shared
|
||||
between threads, blinding will still be very fast).
|
||||
[Bodo Moeller]
|
||||
|
||||
Changes between 0.9.6h and 0.9.6i [19 Feb 2003]
|
||||
|
||||
*) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
|
||||
|
|
|
@ -68,7 +68,7 @@ OpenSSL - Frequently Asked Questions
|
|||
* Which is the current version of OpenSSL?
|
||||
|
||||
The current version is available from <URL: http://www.openssl.org>.
|
||||
OpenSSL 0.9.7b was released on April 10, 2003.
|
||||
OpenSSL 0.9.7c was released on September 30, 2003.
|
||||
|
||||
In addition to the current stable release, you can also access daily
|
||||
snapshots of the OpenSSL development version at <URL:
|
||||
|
|
|
@ -90,9 +90,7 @@ FUNCTION functions[] = {
|
|||
{FUNC_TYPE_MD,"md5",dgst_main},
|
||||
{FUNC_TYPE_MD,"sha",dgst_main},
|
||||
{FUNC_TYPE_MD,"sha1",dgst_main},
|
||||
#ifndef OPENSSL_NO_MDC2
|
||||
{FUNC_TYPE_MD,"mdc2",dgst_main},
|
||||
#endif
|
||||
{FUNC_TYPE_MD,"rmd160",dgst_main},
|
||||
{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
|
||||
|
@ -104,17 +102,13 @@ FUNCTION functions[] = {
|
|||
{FUNC_TYPE_CIPHER,"des",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"des3",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"desx",enc_main},
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
{FUNC_TYPE_CIPHER,"idea",enc_main},
|
||||
#endif
|
||||
{FUNC_TYPE_CIPHER,"rc4",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc2",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"bf",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"cast",enc_main},
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
{FUNC_TYPE_CIPHER,"rc5",enc_main},
|
||||
#endif
|
||||
{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"des-ede",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
|
||||
|
@ -127,12 +121,10 @@ FUNCTION functions[] = {
|
|||
{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
|
||||
#endif
|
||||
{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
|
||||
|
@ -148,11 +140,9 @@ FUNCTION functions[] = {
|
|||
{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
|
||||
{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
|
||||
#endif
|
||||
{0,NULL,NULL}
|
||||
};
|
||||
|
|
|
@ -112,13 +112,7 @@
|
|||
#include <sys/types.h>
|
||||
#include <openssl/opensslconf.h>
|
||||
|
||||
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
|
||||
#include <conio.h>
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_SYS_MSDOS
|
||||
#define _kbhit kbhit
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
|
||||
/* VAX C does not defined fd_set and friends, but it's actually quite simple */
|
||||
|
|
|
@ -168,6 +168,10 @@ int MAIN(int argc, char **argv)
|
|||
flags |= PKCS7_BINARY;
|
||||
else if (!strcmp (*args, "-nosigs"))
|
||||
flags |= PKCS7_NOSIGS;
|
||||
else if (!strcmp (*args, "-nooldmime"))
|
||||
flags |= PKCS7_NOOLDMIMETYPE;
|
||||
else if (!strcmp (*args, "-crlfeol"))
|
||||
flags |= PKCS7_CRLFEOL;
|
||||
else if (!strcmp (*args, "-crl_check"))
|
||||
store_flags |= X509_V_FLAG_CRL_CHECK;
|
||||
else if (!strcmp (*args, "-crl_check_all"))
|
||||
|
|
|
@ -98,7 +98,7 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|||
unsigned char *ivec, int *num);
|
||||
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
unsigned char counter[AES_BLOCK_SIZE],
|
||||
unsigned char ivec[AES_BLOCK_SIZE],
|
||||
unsigned char ecount_buf[AES_BLOCK_SIZE],
|
||||
unsigned int *num);
|
||||
|
||||
|
|
|
@ -296,7 +296,7 @@ static int in_utf8(unsigned long value, void *arg)
|
|||
|
||||
static int out_utf8(unsigned long value, void *arg)
|
||||
{
|
||||
long *outlen;
|
||||
int *outlen;
|
||||
outlen = arg;
|
||||
*outlen += UTF8_putc(NULL, -1, value);
|
||||
return 1;
|
||||
|
|
|
@ -143,7 +143,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
|
|||
/* Now the tables and helper functions for the string table:
|
||||
*/
|
||||
|
||||
/* size limits: this stuff is taken straight from RFC2459 */
|
||||
/* size limits: this stuff is taken straight from RFC3280 */
|
||||
|
||||
#define ub_name 32768
|
||||
#define ub_common_name 64
|
||||
|
@ -153,6 +153,8 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
|
|||
#define ub_organization_unit_name 64
|
||||
#define ub_title 64
|
||||
#define ub_email_address 128
|
||||
#define ub_serial_number 64
|
||||
|
||||
|
||||
/* This table must be kept in NID order */
|
||||
|
||||
|
@ -170,6 +172,7 @@ static ASN1_STRING_TABLE tbl_standard[] = {
|
|||
{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
|
||||
{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
|
||||
{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
|
||||
{NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
|
||||
{NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
|
||||
{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
|
||||
{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
|
||||
|
|
|
@ -1,4 +1,57 @@
|
|||
/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
/* Special method for a BIO where the other endpoint is also a BIO
|
||||
* of this kind, handled by the same thread (i.e. the "peer" is actually
|
||||
|
@ -502,7 +555,7 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
|||
break;
|
||||
|
||||
case BIO_C_DESTROY_BIO_PAIR:
|
||||
/* Effects both BIOs in the pair -- call just once!
|
||||
/* Affects both BIOs in the pair -- call just once!
|
||||
* Or let BIO_free(bio1); BIO_free(bio2); do the job. */
|
||||
bio_destroy_pair(bio);
|
||||
ret = 1;
|
||||
|
|
|
@ -213,12 +213,29 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
b->shutdown=(int)num&BIO_CLOSE;
|
||||
b->ptr=(char *)ptr;
|
||||
b->init=1;
|
||||
#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS)
|
||||
/* Set correct text/binary mode */
|
||||
#if defined(OPENSSL_SYS_WINDOWS)
|
||||
if (num & BIO_FP_TEXT)
|
||||
_setmode(fileno((FILE *)ptr),_O_TEXT);
|
||||
else
|
||||
_setmode(fileno((FILE *)ptr),_O_BINARY);
|
||||
#elif defined(OPENSSL_SYS_MSDOS)
|
||||
{
|
||||
int fd = fileno((FILE*)ptr);
|
||||
/* Set correct text/binary mode */
|
||||
if (num & BIO_FP_TEXT)
|
||||
_setmode(fd,_O_TEXT);
|
||||
/* Dangerous to set stdin/stdout to raw (unless redirected) */
|
||||
else
|
||||
{
|
||||
if (fd == STDIN_FILENO || fd == STDOUT_FILENO)
|
||||
{
|
||||
if (isatty(fd) <= 0)
|
||||
_setmode(fd,_O_BINARY);
|
||||
}
|
||||
else
|
||||
_setmode(fd,_O_BINARY);
|
||||
}
|
||||
}
|
||||
#elif defined(OPENSSL_SYS_OS2)
|
||||
if (num & BIO_FP_TEXT)
|
||||
setmode(fileno((FILE *)ptr), O_TEXT);
|
||||
|
|
|
@ -61,9 +61,6 @@
|
|||
|
||||
#include <openssl/e_os2.h>
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
|
||||
#define OPENSSL_SYS_MSDOS
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
|
|
@ -425,7 +425,7 @@ int main(int argc, char *argv[])
|
|||
|
||||
#ifndef LIBDES_LIT
|
||||
printf("Doing ede ecb\n");
|
||||
for (i=0; i<(NUM_TESTS-1); i++)
|
||||
for (i=0; i<(NUM_TESTS-2); i++)
|
||||
{
|
||||
DES_set_key_unchecked(&key_data[i],&ks);
|
||||
DES_set_key_unchecked(&key_data[i+1],&ks2);
|
||||
|
|
|
@ -125,7 +125,11 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
|
|||
# endif
|
||||
# endif
|
||||
#else
|
||||
# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
|
||||
# ifdef OPENSSL_SYS_SUNOS
|
||||
# define DLOPEN_FLAG 1
|
||||
# else
|
||||
# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* For this DSO_METHOD, our meth_data STACK will contain;
|
||||
|
|
|
@ -520,10 +520,10 @@ void ENGINE_add_conf_module(void);
|
|||
/**************************/
|
||||
|
||||
/* Binary/behaviour compatibility levels */
|
||||
#define OSSL_DYNAMIC_VERSION (unsigned long)0x00010100
|
||||
#define OSSL_DYNAMIC_VERSION (unsigned long)0x00010200
|
||||
/* Binary versions older than this are too old for us (whether we're a loader or
|
||||
* a loadee) */
|
||||
#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00010100
|
||||
#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00010200
|
||||
|
||||
/* When compiling an ENGINE entirely as an external shared library, loadable by
|
||||
* the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure
|
||||
|
@ -612,6 +612,10 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
|
|||
if(!fn(e,id)) return 0; \
|
||||
return 1; }
|
||||
|
||||
#if defined(__OpenBSD__) || defined(__FreeBSD__)
|
||||
void ENGINE_setup_bsd_cryptodev(void);
|
||||
#endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
|
@ -32,19 +32,10 @@ typedef __uint32_t SW_U32;
|
|||
typedef unsigned long SW_U32; /* 32 bit integer */
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN32)
|
||||
typedef struct _SW_U64 {
|
||||
SW_U32 low32;
|
||||
SW_U32 high32;
|
||||
} SW_U64; /* 64 bit integer */
|
||||
#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
|
||||
typedef longlong SW_U64
|
||||
#else /* Unix variants */
|
||||
typedef struct _SW_U64 {
|
||||
SW_U32 low32;
|
||||
SW_U32 high32;
|
||||
} SW_U64; /* 64 bit integer */
|
||||
#endif
|
||||
|
||||
/* status codes */
|
||||
#define SW_OK (0L)
|
||||
|
@ -156,26 +147,9 @@ typedef struct _SW_LARGENUMBER {
|
|||
/* bytes in network (big endian) order */
|
||||
} SW_LARGENUMBER;
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN32)
|
||||
#include <windows.h>
|
||||
typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
|
||||
#define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE
|
||||
#define SW_CALLCONV _stdcall
|
||||
#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
|
||||
/* async callback mechanisms */
|
||||
/* swiftCallbackLevel */
|
||||
#define SW_MAC_CALLBACK_LEVEL_NO 0
|
||||
#define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */
|
||||
#define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */
|
||||
typedef int SW_MAC_CALLBACK_LEVEL;
|
||||
typedef int SW_OSHANDLE;
|
||||
#define SW_OS_INVALID_HANDLE (-1)
|
||||
#define SW_CALLCONV
|
||||
#else /* Unix variants */
|
||||
typedef int SW_OSHANDLE; /* handle to driver */
|
||||
#define SW_OS_INVALID_HANDLE (-1)
|
||||
#define SW_CALLCONV
|
||||
#endif
|
||||
|
||||
typedef struct _SW_CRT {
|
||||
SW_LARGENUMBER p; /* prime number p */
|
||||
|
|
|
@ -12,20 +12,6 @@
|
|||
/*
|
||||
* Only WIN32 support for now
|
||||
*/
|
||||
#if defined(WIN32)
|
||||
|
||||
#define CCA_LIB_NAME "CSUNSAPI"
|
||||
|
||||
#define CSNDPKX "CSNDPKX_32"
|
||||
#define CSNDKRR "CSNDKRR_32"
|
||||
#define CSNDPKE "CSNDPKE_32"
|
||||
#define CSNDPKD "CSNDPKD_32"
|
||||
#define CSNDDSV "CSNDDSV_32"
|
||||
#define CSNDDSG "CSNDDSG_32"
|
||||
#define CSNBRNG "CSNBRNG_32"
|
||||
|
||||
#define SECURITYAPI __stdcall
|
||||
#else
|
||||
/* Fixme!!
|
||||
Find out the values of these constants for other platforms.
|
||||
*/
|
||||
|
@ -40,7 +26,6 @@
|
|||
#define CSNBRNG "CSNBRNG"
|
||||
|
||||
#define SECURITYAPI
|
||||
#endif
|
||||
|
||||
/*
|
||||
* security API prototypes
|
||||
|
|
|
@ -17,11 +17,7 @@
|
|||
*
|
||||
*
|
||||
*/
|
||||
#ifdef WIN32
|
||||
#define SW_EXPORT __declspec ( dllexport )
|
||||
#else
|
||||
#define SW_EXPORT
|
||||
#endif
|
||||
|
||||
/*
|
||||
* List of exposed SureWare errors
|
||||
|
|
|
@ -225,6 +225,7 @@ struct st_ERR_FNS
|
|||
ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *);
|
||||
/* Works on the "thread_hash" error-state table */
|
||||
LHASH *(*cb_thread_get)(int create);
|
||||
void (*cb_thread_release)(LHASH **hash);
|
||||
ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *);
|
||||
ERR_STATE *(*cb_thread_set_item)(ERR_STATE *);
|
||||
void (*cb_thread_del_item)(const ERR_STATE *);
|
||||
|
@ -239,6 +240,7 @@ static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
|
|||
static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
|
||||
static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
|
||||
static LHASH *int_thread_get(int create);
|
||||
static void int_thread_release(LHASH **hash);
|
||||
static ERR_STATE *int_thread_get_item(const ERR_STATE *);
|
||||
static ERR_STATE *int_thread_set_item(ERR_STATE *);
|
||||
static void int_thread_del_item(const ERR_STATE *);
|
||||
|
@ -252,6 +254,7 @@ static const ERR_FNS err_defaults =
|
|||
int_err_set_item,
|
||||
int_err_del_item,
|
||||
int_thread_get,
|
||||
int_thread_release,
|
||||
int_thread_get_item,
|
||||
int_thread_set_item,
|
||||
int_thread_del_item,
|
||||
|
@ -271,6 +274,7 @@ static const ERR_FNS *err_fns = NULL;
|
|||
* and state in the loading application. */
|
||||
static LHASH *int_error_hash = NULL;
|
||||
static LHASH *int_thread_hash = NULL;
|
||||
static int int_thread_hash_references = 0;
|
||||
static int int_err_library_number= ERR_LIB_USER;
|
||||
|
||||
/* Internal function that checks whether "err_fns" is set and if not, sets it to
|
||||
|
@ -417,11 +421,37 @@ static LHASH *int_thread_get(int create)
|
|||
CRYPTO_pop_info();
|
||||
}
|
||||
if (int_thread_hash)
|
||||
{
|
||||
int_thread_hash_references++;
|
||||
ret = int_thread_hash;
|
||||
}
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void int_thread_release(LHASH **hash)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (hash == NULL || *hash == NULL)
|
||||
return;
|
||||
|
||||
i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR);
|
||||
|
||||
#ifdef REF_PRINT
|
||||
fprintf(stderr,"%4d:%s\n",int_thread_hash_references,"ERR");
|
||||
#endif
|
||||
if (i > 0) return;
|
||||
#ifdef REF_CHECK
|
||||
if (i < 0)
|
||||
{
|
||||
fprintf(stderr,"int_thread_release, bad reference count\n");
|
||||
abort(); /* ok */
|
||||
}
|
||||
#endif
|
||||
*hash = NULL;
|
||||
}
|
||||
|
||||
static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
|
||||
{
|
||||
ERR_STATE *p;
|
||||
|
@ -436,6 +466,7 @@ static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
|
|||
p = (ERR_STATE *)lh_retrieve(hash, d);
|
||||
CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
|
||||
|
||||
ERRFN(thread_release)(&hash);
|
||||
return p;
|
||||
}
|
||||
|
||||
|
@ -453,6 +484,7 @@ static ERR_STATE *int_thread_set_item(ERR_STATE *d)
|
|||
p = (ERR_STATE *)lh_insert(hash, d);
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
|
||||
|
||||
ERRFN(thread_release)(&hash);
|
||||
return p;
|
||||
}
|
||||
|
||||
|
@ -469,13 +501,15 @@ static void int_thread_del_item(const ERR_STATE *d)
|
|||
CRYPTO_w_lock(CRYPTO_LOCK_ERR);
|
||||
p = (ERR_STATE *)lh_delete(hash, d);
|
||||
/* make sure we don't leak memory */
|
||||
if (int_thread_hash && (lh_num_items(int_thread_hash) == 0))
|
||||
if (int_thread_hash_references == 1
|
||||
&& int_thread_hash && (lh_num_items(int_thread_hash) == 0))
|
||||
{
|
||||
lh_free(int_thread_hash);
|
||||
int_thread_hash = NULL;
|
||||
}
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
|
||||
|
||||
ERRFN(thread_release)(&hash);
|
||||
if (p)
|
||||
ERR_STATE_free(p);
|
||||
}
|
||||
|
@ -845,6 +879,12 @@ LHASH *ERR_get_err_state_table(void)
|
|||
return ERRFN(thread_get)(0);
|
||||
}
|
||||
|
||||
void ERR_release_err_state_table(LHASH **hash)
|
||||
{
|
||||
err_fns_check();
|
||||
ERRFN(thread_release)(hash);
|
||||
}
|
||||
|
||||
const char *ERR_lib_error_string(unsigned long e)
|
||||
{
|
||||
ERR_STRING_DATA d,*p;
|
||||
|
|
|
@ -263,6 +263,7 @@ ERR_STATE *ERR_get_state(void);
|
|||
|
||||
LHASH *ERR_get_string_table(void);
|
||||
LHASH *ERR_get_err_state_table(void);
|
||||
void ERR_release_err_state_table(LHASH **hash);
|
||||
|
||||
int ERR_get_next_error_library(void);
|
||||
|
||||
|
|
|
@ -59,7 +59,6 @@
|
|||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <openssl/md2.h>
|
||||
|
||||
#include "../e_os.h"
|
||||
|
||||
|
@ -71,6 +70,7 @@ int main(int argc, char *argv[])
|
|||
}
|
||||
#else
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/md2.h>
|
||||
|
||||
#ifdef CHARSET_EBCDIC
|
||||
#include <openssl/ebcdic.h>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
* project 1999.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -101,7 +101,7 @@ static int mime_param_cmp(const MIME_PARAM * const *a,
|
|||
static void mime_param_free(MIME_PARAM *param);
|
||||
static int mime_bound_check(char *line, int linelen, char *bound, int blen);
|
||||
static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
|
||||
static int iscrlf(char c);
|
||||
static int strip_eol(char *linebuf, int *plen);
|
||||
static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
|
||||
static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
|
||||
static void mime_hdr_free(MIME_HEADER *hdr);
|
||||
|
@ -150,9 +150,17 @@ static PKCS7 *B64_read_PKCS7(BIO *bio)
|
|||
|
||||
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
|
||||
{
|
||||
char linebuf[MAX_SMLEN];
|
||||
char bound[33], c;
|
||||
int i;
|
||||
char *mime_prefix, *mime_eol;
|
||||
if (flags & PKCS7_NOOLDMIMETYPE)
|
||||
mime_prefix = "application/pkcs7-";
|
||||
else
|
||||
mime_prefix = "application/x-pkcs7-";
|
||||
if (flags & PKCS7_CRLFEOL)
|
||||
mime_eol = "\r\n";
|
||||
else
|
||||
mime_eol = "\n";
|
||||
if((flags & PKCS7_DETACHED) && data) {
|
||||
/* We want multipart/signed */
|
||||
/* Generate a random boundary */
|
||||
|
@ -164,34 +172,42 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
|
|||
bound[i] = c;
|
||||
}
|
||||
bound[32] = 0;
|
||||
BIO_printf(bio, "MIME-Version: 1.0\n");
|
||||
BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
|
||||
BIO_printf(bio, "Content-Type: multipart/signed;");
|
||||
BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";");
|
||||
BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound);
|
||||
BIO_printf(bio, "This is an S/MIME signed message\n\n");
|
||||
BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
|
||||
BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s",
|
||||
bound, mime_eol, mime_eol);
|
||||
BIO_printf(bio, "This is an S/MIME signed message%s%s",
|
||||
mime_eol, mime_eol);
|
||||
/* Now write out the first part */
|
||||
BIO_printf(bio, "------%s\n", bound);
|
||||
if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n");
|
||||
while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0)
|
||||
BIO_write(bio, linebuf, i);
|
||||
BIO_printf(bio, "\n------%s\n", bound);
|
||||
BIO_printf(bio, "------%s%s", bound, mime_eol);
|
||||
SMIME_crlf_copy(data, bio, flags);
|
||||
BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
|
||||
|
||||
/* Headers for signature */
|
||||
|
||||
BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n");
|
||||
BIO_printf(bio, "Content-Transfer-Encoding: base64\n");
|
||||
BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n");
|
||||
BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
|
||||
BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
|
||||
BIO_printf(bio, "Content-Transfer-Encoding: base64%s",
|
||||
mime_eol);
|
||||
BIO_printf(bio, "Content-Disposition: attachment;");
|
||||
BIO_printf(bio, " filename=\"smime.p7s\"%s%s",
|
||||
mime_eol, mime_eol);
|
||||
B64_write_PKCS7(bio, p7);
|
||||
BIO_printf(bio,"\n------%s--\n\n", bound);
|
||||
BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound,
|
||||
mime_eol, mime_eol);
|
||||
return 1;
|
||||
}
|
||||
/* MIME headers */
|
||||
BIO_printf(bio, "MIME-Version: 1.0\n");
|
||||
BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n");
|
||||
BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n");
|
||||
BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n");
|
||||
BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
|
||||
BIO_printf(bio, "Content-Disposition: attachment;");
|
||||
BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol);
|
||||
BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
|
||||
BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol);
|
||||
BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
|
||||
mime_eol, mime_eol);
|
||||
B64_write_PKCS7(bio, p7);
|
||||
BIO_printf(bio, "\n");
|
||||
BIO_printf(bio, "%s", mime_eol);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -316,12 +332,9 @@ int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
|
|||
}
|
||||
if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
|
||||
while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
|
||||
eol = 0;
|
||||
while(iscrlf(linebuf[len - 1])) {
|
||||
len--;
|
||||
eol = 1;
|
||||
}
|
||||
BIO_write(out, linebuf, len);
|
||||
eol = strip_eol(linebuf, &len);
|
||||
if (len)
|
||||
BIO_write(out, linebuf, len);
|
||||
if(eol) BIO_write(out, "\r\n", 2);
|
||||
}
|
||||
return 1;
|
||||
|
@ -364,6 +377,7 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
|
|||
{
|
||||
char linebuf[MAX_SMLEN];
|
||||
int len, blen;
|
||||
int eol = 0, next_eol = 0;
|
||||
BIO *bpart = NULL;
|
||||
STACK_OF(BIO) *parts;
|
||||
char state, part, first;
|
||||
|
@ -383,26 +397,23 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
|
|||
sk_BIO_push(parts, bpart);
|
||||
return 1;
|
||||
} else if(part) {
|
||||
/* Strip CR+LF from linebuf */
|
||||
next_eol = strip_eol(linebuf, &len);
|
||||
if(first) {
|
||||
first = 0;
|
||||
if(bpart) sk_BIO_push(parts, bpart);
|
||||
bpart = BIO_new(BIO_s_mem());
|
||||
|
||||
} else BIO_write(bpart, "\r\n", 2);
|
||||
/* Strip CR+LF from linebuf */
|
||||
while(iscrlf(linebuf[len - 1])) len--;
|
||||
BIO_write(bpart, linebuf, len);
|
||||
BIO_set_mem_eof_return(bpart, 0);
|
||||
} else if (eol)
|
||||
BIO_write(bpart, "\r\n", 2);
|
||||
eol = next_eol;
|
||||
if (len)
|
||||
BIO_write(bpart, linebuf, len);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int iscrlf(char c)
|
||||
{
|
||||
if(c == '\r' || c == '\n') return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* This is the big one: parse MIME header lines up to message body */
|
||||
|
||||
#define MIME_INVALID 0
|
||||
|
@ -683,3 +694,21 @@ static int mime_bound_check(char *line, int linelen, char *bound, int blen)
|
|||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int strip_eol(char *linebuf, int *plen)
|
||||
{
|
||||
int len = *plen;
|
||||
char *p, c;
|
||||
int is_eol = 0;
|
||||
p = linebuf + len - 1;
|
||||
for (p = linebuf + len - 1; len > 0; len--, p--)
|
||||
{
|
||||
c = *p;
|
||||
if (c == '\n')
|
||||
is_eol = 1;
|
||||
else if (c != '\r')
|
||||
break;
|
||||
}
|
||||
*plen = len;
|
||||
return is_eol;
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
* project 1999.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
|
|
@ -254,6 +254,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
|
|||
#define PKCS7_BINARY 0x80
|
||||
#define PKCS7_NOATTR 0x100
|
||||
#define PKCS7_NOSMIMECAP 0x200
|
||||
#define PKCS7_NOOLDMIMETYPE 0x400
|
||||
#define PKCS7_CRLFEOL 0x800
|
||||
|
||||
/* Flags: for compatibility with older code */
|
||||
|
||||
|
|
|
@ -116,17 +116,7 @@
|
|||
|
||||
|
||||
#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
|
||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
|
||||
#define USE_SHA1_RAND
|
||||
#elif !defined(OPENSSL_NO_MD5)
|
||||
#define USE_MD5_RAND
|
||||
#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
|
||||
#define USE_MDC2_RAND
|
||||
#elif !defined(OPENSSL_NO_MD2)
|
||||
#define USE_MD2_RAND
|
||||
#else
|
||||
#error No message digest algorithm available
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
|
|
@ -152,11 +152,6 @@ struct rsa_st
|
|||
#define RSA_FLAG_CACHE_PUBLIC 0x02
|
||||
#define RSA_FLAG_CACHE_PRIVATE 0x04
|
||||
#define RSA_FLAG_BLINDING 0x08
|
||||
#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
|
||||
* RSA implementation now uses blinding by
|
||||
* default (ignoring RSA_FLAG_BLINDING),
|
||||
* but other engines might not need it
|
||||
*/
|
||||
#define RSA_FLAG_THREAD_SAFE 0x10
|
||||
/* This flag means the private key operations will be handled by rsa_mod_exp
|
||||
* and that they do not depend on the private key components being present:
|
||||
|
@ -169,6 +164,12 @@ struct rsa_st
|
|||
*/
|
||||
#define RSA_FLAG_SIGN_VER 0x40
|
||||
|
||||
#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
|
||||
* RSA implementation now uses blinding by
|
||||
* default (ignoring RSA_FLAG_BLINDING),
|
||||
* but other engines might not need it
|
||||
*/
|
||||
|
||||
#define RSA_PKCS1_PADDING 1
|
||||
#define RSA_SSLV23_PADDING 2
|
||||
#define RSA_NO_PADDING 3
|
||||
|
|
|
@ -484,6 +484,8 @@ err:
|
|||
if (ctx != NULL) BN_CTX_free(ctx);
|
||||
BN_clear_free(&f);
|
||||
BN_clear_free(&ret);
|
||||
if (local_blinding)
|
||||
BN_BLINDING_free(blinding);
|
||||
if (buf != NULL)
|
||||
{
|
||||
OPENSSL_cleanse(buf,num);
|
||||
|
|
|
@ -316,7 +316,7 @@ void RSA_blinding_off(RSA *rsa)
|
|||
|
||||
int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
|
||||
{
|
||||
BIGNUM *A,*Ai;
|
||||
BIGNUM *A,*Ai = NULL;
|
||||
BN_CTX *ctx;
|
||||
int ret=0;
|
||||
|
||||
|
@ -327,8 +327,12 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
|
|||
else
|
||||
ctx=p_ctx;
|
||||
|
||||
/* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */
|
||||
if (rsa->blinding != NULL)
|
||||
{
|
||||
BN_BLINDING_free(rsa->blinding);
|
||||
rsa->blinding = NULL;
|
||||
}
|
||||
|
||||
/* NB: similar code appears in setup_blinding (rsa_eay.c);
|
||||
* this should be placed in a new function of its own, but for reasons
|
||||
|
@ -356,9 +360,9 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
|
|||
rsa->blinding->thread_id = CRYPTO_thread_id();
|
||||
rsa->flags |= RSA_FLAG_BLINDING;
|
||||
rsa->flags &= ~RSA_FLAG_NO_BLINDING;
|
||||
BN_free(Ai);
|
||||
ret=1;
|
||||
err:
|
||||
if (Ai != NULL) BN_free(Ai);
|
||||
BN_CTX_end(ctx);
|
||||
if (ctx != p_ctx) BN_CTX_free(ctx);
|
||||
return(ret);
|
||||
|
|
|
@ -82,6 +82,7 @@ static X509_TRUST trstandard[] = {
|
|||
{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
|
||||
{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL},
|
||||
{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
|
||||
{X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL},
|
||||
{X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
|
||||
{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}
|
||||
};
|
||||
|
|
|
@ -453,9 +453,9 @@ static int check_revocation(X509_STORE_CTX *ctx)
|
|||
if (!(ctx->flags & X509_V_FLAG_CRL_CHECK))
|
||||
return 1;
|
||||
if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL)
|
||||
last = 0;
|
||||
else
|
||||
last = sk_X509_num(ctx->chain) - 1;
|
||||
else
|
||||
last = 0;
|
||||
for(i = 0; i <= last; i++)
|
||||
{
|
||||
ctx->error_depth = i;
|
||||
|
|
|
@ -158,31 +158,13 @@ icaRandomNumberGenerate( ICA_ADAPTER_HANDLE hAdapterHandle,
|
|||
|
||||
#if (_AIX)
|
||||
static const char *IBMCA_LIBNAME = "/lib/libica.a(shr.o)";
|
||||
#elif (WIN32)
|
||||
static const char *IBMCA_LIBNAME = "cryptica";
|
||||
#else
|
||||
static const char *IBMCA_LIBNAME = "ica";
|
||||
#endif
|
||||
|
||||
#if (WIN32)
|
||||
/*
|
||||
The ICA_KEY_RSA_MODEXPO & ICA_KEY_RSA_CRT lengths and
|
||||
offsets must be in big-endian format.
|
||||
|
||||
*/
|
||||
#define CORRECT_ENDIANNESS(b) ( \
|
||||
(((unsigned long) (b) & 0x000000ff) << 24) | \
|
||||
(((unsigned long) (b) & 0x0000ff00) << 8) | \
|
||||
(((unsigned long) (b) & 0x00ff0000) >> 8) | \
|
||||
(((unsigned long) (b) & 0xff000000) >> 24) \
|
||||
)
|
||||
#define CRT_KEY_TYPE RSA_PKCS_PRIVATE_CHINESE_REMAINDER
|
||||
#define ME_KEY_TYPE RSA_PUBLIC_MODULUS_EXPONENT
|
||||
#else
|
||||
#define CORRECT_ENDIANNESS(b) (b)
|
||||
#define CRT_KEY_TYPE KEYTYPE_PKCSCRT
|
||||
#define ME_KEY_TYPE KEYTYPE_MODEXPO
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ typedef int t_zencod_dump_key (FILE *stream, char *msg, KEY *key);
|
|||
|
||||
|
||||
/*
|
||||
* Key managment tools
|
||||
* Key management tools
|
||||
*/
|
||||
typedef KEY *t_zencod_new_number (unsigned long len, unsigned char *data);
|
||||
typedef int t_zencod_init_number (KEY *n, unsigned long len, unsigned char *data);
|
||||
|
|
|
@ -359,7 +359,7 @@ the same as the B<-md> option. The message digest to use. Mandatory.
|
|||
the text database file to use. Mandatory. This file must be present
|
||||
though initially it will be empty.
|
||||
|
||||
=item B<serialfile>
|
||||
=item B<serial>
|
||||
|
||||
a text file containing the next serial number to use in hex. Mandatory.
|
||||
This file must be present and contain a valid serial number.
|
||||
|
@ -400,7 +400,7 @@ here, except the B<no_signame> and B<no_sigdump> are permanently set
|
|||
and cannot be disabled (this is because the certificate signature cannot
|
||||
be displayed because the certificate has not been signed at this point).
|
||||
|
||||
For convenience the values B<default_ca> are accepted by both to produce
|
||||
For convenience the values B<ca_default> are accepted by both to produce
|
||||
a reasonable output.
|
||||
|
||||
If neither option is present the format used in earlier versions of
|
||||
|
@ -513,8 +513,8 @@ A sample configuration file with the relevant sections for B<ca>:
|
|||
policy = policy_any # default policy
|
||||
email_in_dn = no # Don't add the email into cert DN
|
||||
|
||||
nameopt = default_ca # Subject name display option
|
||||
certopt = default_ca # Certificate display option
|
||||
nameopt = ca_default # Subject name display option
|
||||
certopt = ca_default # Certificate display option
|
||||
copy_extensions = none # Don't copy extensions from request
|
||||
|
||||
[ policy_any ]
|
||||
|
|
|
@ -168,7 +168,7 @@ command for more information.
|
|||
|
||||
send the protocol-specific message(s) to switch to TLS for communication.
|
||||
B<protocol> is a keyword for the intended protocol. Currently, the only
|
||||
supported keyword is "smtp".
|
||||
supported keywords are "smtp" and "pop3".
|
||||
|
||||
=item B<-engine id>
|
||||
|
||||
|
|
|
@ -88,181 +88,34 @@ extern "C" {
|
|||
#define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_VXWORKS)
|
||||
# define NO_SYS_PARAM_H
|
||||
# define NO_CHMOD
|
||||
# define NO_SYSLOG
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
|
||||
# if macintosh==1
|
||||
# ifndef MAC_OS_GUSI_SOURCE
|
||||
# define MAC_OS_pre_X
|
||||
# define NO_SYS_TYPES_H
|
||||
typedef long ssize_t;
|
||||
# endif
|
||||
# define NO_SYS_PARAM_H
|
||||
# define NO_CHMOD
|
||||
# define NO_SYSLOG
|
||||
# undef DEVRANDOM
|
||||
# define GETPID_IS_MEANINGLESS
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/********************************************************************
|
||||
The Microsoft section
|
||||
********************************************************************/
|
||||
/* The following is used becaue of the small stack in some
|
||||
* Microsoft operating systems */
|
||||
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
|
||||
# define MS_STATIC static
|
||||
#else
|
||||
# define MS_STATIC
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
|
||||
# define WIN32
|
||||
#endif
|
||||
#if defined(OPENSSL_SYS_WIN16) && !defined(WIN16)
|
||||
# define WIN16
|
||||
#endif
|
||||
#if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
|
||||
# define WINDOWS
|
||||
#endif
|
||||
#if defined(OPENSSL_SYS_MSDOS) && !defined(MSDOS)
|
||||
# define MSDOS
|
||||
#endif
|
||||
|
||||
#if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)
|
||||
# define GETPID_IS_MEANINGLESS
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#define get_last_sys_error() GetLastError()
|
||||
#define clear_sys_error() SetLastError(0)
|
||||
#if !defined(WINNT)
|
||||
#define WIN_CONSOLE_BUG
|
||||
#endif
|
||||
#else
|
||||
#define get_last_sys_error() errno
|
||||
#define clear_sys_error() errno=0
|
||||
#endif
|
||||
|
||||
#if defined(WINDOWS)
|
||||
#define get_last_socket_error() WSAGetLastError()
|
||||
#define clear_socket_error() WSASetLastError(0)
|
||||
#define readsocket(s,b,n) recv((s),(b),(n),0)
|
||||
#define writesocket(s,b,n) send((s),(b),(n),0)
|
||||
#define EADDRINUSE WSAEADDRINUSE
|
||||
#elif defined(__DJGPP__)
|
||||
#define WATT32
|
||||
#define get_last_socket_error() errno
|
||||
#define clear_socket_error() errno=0
|
||||
#define closesocket(s) close_s(s)
|
||||
#define readsocket(s,b,n) read_s(s,b,n)
|
||||
#define writesocket(s,b,n) send(s,b,n,0)
|
||||
#elif defined(MAC_OS_pre_X)
|
||||
#define get_last_socket_error() errno
|
||||
#define clear_socket_error() errno=0
|
||||
#define closesocket(s) MacSocket_close(s)
|
||||
#define readsocket(s,b,n) MacSocket_recv((s),(b),(n),true)
|
||||
#define writesocket(s,b,n) MacSocket_send((s),(b),(n))
|
||||
#elif defined(OPENSSL_SYS_VMS)
|
||||
#define get_last_socket_error() errno
|
||||
#define clear_socket_error() errno=0
|
||||
#define ioctlsocket(a,b,c) ioctl(a,b,c)
|
||||
#define closesocket(s) close(s)
|
||||
#define readsocket(s,b,n) recv((s),(b),(n),0)
|
||||
#define writesocket(s,b,n) send((s),(b),(n),0)
|
||||
#else
|
||||
#define get_last_socket_error() errno
|
||||
#define clear_socket_error() errno=0
|
||||
#define ioctlsocket(a,b,c) ioctl(a,b,c)
|
||||
#define closesocket(s) close(s)
|
||||
#define readsocket(s,b,n) read((s),(b),(n))
|
||||
#define writesocket(s,b,n) write((s),(b),(n))
|
||||
#endif
|
||||
|
||||
#ifdef WIN16
|
||||
# define OPENSSL_NO_FP_API
|
||||
# define MS_CALLBACK _far _loadds
|
||||
# define MS_FAR _far
|
||||
#else
|
||||
# define MS_CALLBACK
|
||||
# define MS_FAR
|
||||
#endif
|
||||
|
||||
|
||||
#if (defined(WINDOWS) || defined(MSDOS))
|
||||
|
||||
# ifdef __DJGPP__
|
||||
# include <unistd.h>
|
||||
# include <sys/stat.h>
|
||||
# include <sys/socket.h>
|
||||
# include <tcp.h>
|
||||
# include <netdb.h>
|
||||
# define _setmode setmode
|
||||
# define _O_TEXT O_TEXT
|
||||
# define _O_BINARY O_BINARY
|
||||
# endif /* __DJGPP__ */
|
||||
|
||||
# ifndef S_IFDIR
|
||||
# define S_IFDIR _S_IFDIR
|
||||
# endif
|
||||
|
||||
# ifndef S_IFMT
|
||||
# define S_IFMT _S_IFMT
|
||||
# endif
|
||||
|
||||
# if !defined(WINNT) && !defined(__DJGPP__)
|
||||
# define NO_SYSLOG
|
||||
# endif
|
||||
# define NO_DIRENT
|
||||
|
||||
# ifdef WINDOWS
|
||||
# include <windows.h>
|
||||
# include <stddef.h>
|
||||
# include <errno.h>
|
||||
# include <string.h>
|
||||
# include <malloc.h>
|
||||
# endif
|
||||
# include <io.h>
|
||||
# include <fcntl.h>
|
||||
|
||||
|
||||
# define ssize_t long
|
||||
|
||||
# if defined (__BORLANDC__)
|
||||
# define _setmode setmode
|
||||
# define _O_TEXT O_TEXT
|
||||
# define _O_BINARY O_BINARY
|
||||
# define _int64 __int64
|
||||
# define _kbhit kbhit
|
||||
# endif
|
||||
|
||||
# if defined(WIN16) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
|
||||
# define EXIT(n) _wsetexit(_WINEXITNOPERSIST)
|
||||
# define OPENSSL_EXIT(n) do { if (n == 0) EXIT(n); return(n); } while(0)
|
||||
# else
|
||||
# define EXIT(n) return(n)
|
||||
# endif
|
||||
# define LIST_SEPARATOR_CHAR ';'
|
||||
# ifndef X_OK
|
||||
# define X_OK 0
|
||||
# endif
|
||||
# ifndef W_OK
|
||||
# define W_OK 2
|
||||
# endif
|
||||
# ifndef R_OK
|
||||
# define R_OK 4
|
||||
# endif
|
||||
# define OPENSSL_CONF "openssl.cnf"
|
||||
# define SSLEAY_CONF OPENSSL_CONF
|
||||
# define NUL_DEV "nul"
|
||||
# define RFILE ".rnd"
|
||||
# define DEFAULT_HOME "C:"
|
||||
|
||||
#else /* The non-microsoft world world */
|
||||
|
||||
/* !defined VMS */
|
||||
# ifdef OPENSSL_UNISTD
|
||||
|
@ -273,12 +126,6 @@ extern "C" {
|
|||
# ifndef NO_SYS_TYPES_H
|
||||
# include <sys/types.h>
|
||||
# endif
|
||||
# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4)
|
||||
# define pid_t int /* pid_t is missing on NEXTSTEP/OPENSTEP
|
||||
* (unless when compiling with -D_POSIX_SOURCE,
|
||||
* which doesn't work for us) */
|
||||
# define ssize_t int /* ditto */
|
||||
# endif
|
||||
|
||||
# define OPENSSL_CONF "openssl.cnf"
|
||||
# define SSLEAY_CONF OPENSSL_CONF
|
||||
|
@ -289,77 +136,29 @@ extern "C" {
|
|||
|
||||
# define SSLeay_getpid() getpid()
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
/*************/
|
||||
|
||||
#ifdef USE_SOCKETS
|
||||
# if defined(WINDOWS) || defined(MSDOS)
|
||||
/* windows world */
|
||||
|
||||
# define SSLeay_Write(a,b,c) write_s(a,b,c,0)
|
||||
# define SSLeay_Read(a,b,c) read_s(a,b,c)
|
||||
# define SHUTDOWN(fd) close_s(fd)
|
||||
# define SHUTDOWN2(fd) close_s(fd)
|
||||
|
||||
# elif defined(MAC_OS_pre_X)
|
||||
|
||||
# include "MacSocket.h"
|
||||
# define SSLeay_Write(a,b,c) MacSocket_send((a),(b),(c))
|
||||
# define SSLeay_Read(a,b,c) MacSocket_recv((a),(b),(c),true)
|
||||
# define SHUTDOWN(fd) MacSocket_close(fd)
|
||||
# define SHUTDOWN2(fd) MacSocket_close(fd)
|
||||
|
||||
# else
|
||||
|
||||
# ifndef NO_SYS_PARAM_H
|
||||
# include <sys/param.h>
|
||||
# endif
|
||||
|
||||
# include <netdb.h>
|
||||
# if defined(OPENSSL_SYS_VMS_NODECC)
|
||||
# include <socket.h>
|
||||
# include <in.h>
|
||||
# include <inet.h>
|
||||
# else
|
||||
# include <sys/socket.h>
|
||||
# ifdef FILIO_H
|
||||
# include <sys/filio.h> /* Added for FIONBIO under unixware */
|
||||
# endif
|
||||
# include <netinet/in.h>
|
||||
# include <arpa/inet.h>
|
||||
# endif
|
||||
|
||||
# if defined(NeXT) || defined(_NEXT_SOURCE)
|
||||
# include <sys/fcntl.h>
|
||||
# include <sys/types.h>
|
||||
# endif
|
||||
|
||||
|
||||
# ifdef __QNX__
|
||||
# include <sys/select.h>
|
||||
# endif
|
||||
|
||||
# if defined(sun)
|
||||
# include <sys/filio.h>
|
||||
# else
|
||||
# ifndef VMS
|
||||
|
||||
# include <sys/ioctl.h>
|
||||
# else
|
||||
/* ioctl is only in VMS > 7.0 and when socketshr is not used */
|
||||
# if !defined(TCPIP_TYPE_SOCKETSHR) && defined(__VMS_VER) && (__VMS_VER > 70000000)
|
||||
# include <sys/ioctl.h>
|
||||
# endif
|
||||
# endif
|
||||
# endif
|
||||
|
||||
# ifdef VMS
|
||||
# include <unixio.h>
|
||||
# if defined(TCPIP_TYPE_SOCKETSHR)
|
||||
# include <socketshr.h>
|
||||
# endif
|
||||
# endif
|
||||
|
||||
# define SSLeay_Read(a,b,c) read((a),(b),(c))
|
||||
# define SSLeay_Write(a,b,c) write((a),(b),(c))
|
||||
|
@ -368,26 +167,9 @@ extern "C" {
|
|||
# ifndef INVALID_SOCKET
|
||||
# define INVALID_SOCKET (-1)
|
||||
# endif /* INVALID_SOCKET */
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if defined(__ultrix)
|
||||
# ifndef ssize_t
|
||||
# define ssize_t int
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if defined(sun) && !defined(__svr4__) && !defined(__SVR4)
|
||||
/* include headers first, so our defines don't break it */
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
/* bcopy can handle overlapping moves according to SunOS 4.1.4 manpage */
|
||||
# define memmove(s1,s2,n) bcopy((s2),(s1),(n))
|
||||
# define strtoul(s,e,b) ((unsigned long int)strtol((s),(e),(b)))
|
||||
extern char *sys_errlist[]; extern int sys_nerr;
|
||||
# define strerror(errnum) \
|
||||
(((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_EXIT
|
||||
# if defined(MONOLITH) && !defined(OPENSSL_C)
|
||||
|
@ -402,56 +184,13 @@ extern char *sys_errlist[]; extern int sys_nerr;
|
|||
/* do we need to do this for getenv.
|
||||
* Just define getenv for use under windows */
|
||||
|
||||
#ifdef WIN16
|
||||
/* How to do this needs to be thought out a bit more.... */
|
||||
/*char *GETENV(char *);
|
||||
#define Getenv GETENV*/
|
||||
#define Getenv getenv
|
||||
#else
|
||||
#define Getenv getenv
|
||||
#endif
|
||||
|
||||
#define DG_GCC_BUG /* gcc < 2.6.3 on DGUX */
|
||||
|
||||
#ifdef sgi
|
||||
#define IRIX_CC_BUG /* all version of IRIX I've tested (4.* 5.*) */
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_OS2) && defined(__EMX__)
|
||||
# include <io.h>
|
||||
# include <fcntl.h>
|
||||
# define NO_SYSLOG
|
||||
# define strcasecmp stricmp
|
||||
#endif
|
||||
|
||||
/* vxworks */
|
||||
#if defined(OPENSSL_SYS_VXWORKS)
|
||||
#include <ioLib.h>
|
||||
#include <tickLib.h>
|
||||
#include <sysLib.h>
|
||||
|
||||
#define TTY_STRUCT int
|
||||
|
||||
#define sleep(a) taskDelay((a) * sysClkRateGet())
|
||||
#if defined(ioctlsocket)
|
||||
#undef ioctlsocket
|
||||
#endif
|
||||
#define ioctlsocket(a,b,c) ioctl((a),(b),*(c))
|
||||
|
||||
#include <vxWorks.h>
|
||||
#include <sockLib.h>
|
||||
#include <taskLib.h>
|
||||
|
||||
#define getpid taskIdSelf
|
||||
|
||||
/* NOTE: these are implemented by helpers in database app!
|
||||
* if the database is not linked, we need to implement them
|
||||
* elswhere */
|
||||
struct hostent *gethostbyname(const char *name);
|
||||
struct hostent *gethostbyaddr(const char *addr, int length, int type);
|
||||
struct servent *getservbyname(const char *name, const char *proto);
|
||||
|
||||
#endif
|
||||
/* end vxworks */
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -431,9 +431,7 @@ int ssl3_accept(SSL *s)
|
|||
if (ret == 2)
|
||||
s->state = SSL3_ST_SR_CLNT_HELLO_C;
|
||||
else {
|
||||
/* could be sent for a DH cert, even if we
|
||||
* have not asked for it :-) */
|
||||
if (s->s3->tmp.cert_request)
|
||||
if (s->s3->tmp.cert_request)
|
||||
{
|
||||
ret=ssl3_get_client_certificate(s);
|
||||
if (ret <= 0) goto end;
|
||||
|
@ -847,9 +845,9 @@ static int ssl3_get_client_hello(SSL *s)
|
|||
}
|
||||
|
||||
/* TLS does not mind if there is extra stuff */
|
||||
#if 0 /* SSL 3.0 does not mind either, so we should disable this test
|
||||
* (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
|
||||
* in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
|
||||
#if 0 /* SSL 3.0 does not mind either, so we should disable this test
|
||||
* (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
|
||||
* in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
|
||||
if (s->version == SSL3_VERSION)
|
||||
{
|
||||
if (p < (d+n))
|
||||
|
|
|
@ -79,11 +79,11 @@ SSL_SESSION *SSL_get1_session(SSL *ssl)
|
|||
/* Need to lock this all up rather than just use CRYPTO_add so that
|
||||
* somebody doesn't free ssl->session between when we check it's
|
||||
* non-null and when we up the reference count. */
|
||||
CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION);
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
|
||||
sess = ssl->session;
|
||||
if(sess)
|
||||
sess->references++;
|
||||
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION);
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
|
||||
return(sess);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: shl.mi,v 1.242 2003/10/27 17:15:22 pooka Exp $
|
||||
# $NetBSD: shl.mi,v 1.243 2003/11/04 23:54:27 itojun Exp $
|
||||
# Note: libtermcap and libtermlib are hardlinked and share the same version.
|
||||
./lib/libc.so.12.106 base-sys-shlib
|
||||
./lib/libcrypt.so.0.1 base-sys-shlib
|
||||
./lib/libcrypto.so.2.0 base-crypto-shlib
|
||||
./lib/libcrypto.so.2.1 base-crypto-shlib
|
||||
./lib/libedit.so.2.8 base-sys-shlib
|
||||
./lib/libevent.so.0.1 base-sys-shlib
|
||||
./lib/libipsec.so.2.0 base-net-shlib
|
||||
|
@ -36,7 +36,7 @@
|
|||
./usr/lib/libcdk.so.1.0 base-sys-shlib
|
||||
./usr/lib/libcom_err.so.4.1 base-krb5-shlib
|
||||
./usr/lib/libcrypt.so.0.1 base-sys-shlib
|
||||
./usr/lib/libcrypto.so.2.0 base-crypto-shlib
|
||||
./usr/lib/libcrypto.so.2.1 base-crypto-shlib
|
||||
./usr/lib/libcurses.so.5.10 base-sys-shlib
|
||||
./usr/lib/libdes.so.7.0 base-crypto-shlib
|
||||
./usr/lib/libedit.so.2.8 base-sys-shlib
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: obsolete.mi,v 1.101 2003/10/15 17:10:20 jmc Exp $
|
||||
# $NetBSD: obsolete.mi,v 1.102 2003/11/04 23:54:27 itojun Exp $
|
||||
./usr/bin/genclass
|
||||
./usr/bin/gettextize
|
||||
./usr/include/bfd
|
||||
|
@ -770,7 +770,6 @@
|
|||
./usr/share/man/cat3/list_next.0
|
||||
./usr/share/man/cat3/list_remove.0
|
||||
./usr/share/man/cat3/mdc2.0
|
||||
./usr/share/man/cat3/pw_dup.0
|
||||
./usr/share/man/cat3/rc4.0
|
||||
./usr/share/man/cat3/regsterrpc.0
|
||||
./usr/share/man/cat3/ripemd.0
|
||||
|
@ -878,7 +877,6 @@
|
|||
./usr/share/man/man3/list_next.3
|
||||
./usr/share/man/man3/list_remove.3
|
||||
./usr/share/man/man3/mdc2.3
|
||||
./usr/share/man/man3/pw_dup.3
|
||||
./usr/share/man/man3/rc4.3
|
||||
./usr/share/man/man3/regsterrpc.3
|
||||
./usr/share/man/man3/ripemd.3
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: shlib_version,v 1.7 2003/07/24 14:16:33 itojun Exp $
|
||||
# $NetBSD: shlib_version,v 1.8 2003/11/04 23:54:27 itojun Exp $
|
||||
# Remember to update distrib/sets/lists/base/shl.* when changing
|
||||
#
|
||||
# Also remember to update lib/libdes/shlib_version when changing
|
||||
# (since it just installs a symbolic link to libcrypto)
|
||||
#
|
||||
major=2
|
||||
minor=0
|
||||
minor=1
|
||||
|
|
Loading…
Reference in New Issue