d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of OpenSSL 0.9.7a.

Browse Source
This commit is contained in:
Jacques Vidrine 2003-02-19 23:17:42 +00:00
parent 6e955c8f09
commit fceca8a377
157 changed files with 1684 additions and 643 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
crypto/openssl/CHANGES
View File

@ -2,6 +2,87 @@
OpenSSL CHANGES
_______________
Changes between 0.9.7 and 0.9.7a [19 Feb 2003]
*) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
via timing by performing a MAC computation even if incorrrect
block cipher padding has been found. This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
[Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
Martin Vuagnoux (EPFL, Ilion)]
*) Make the no-err option work as intended. The intention with no-err
is not to have the whole error stack handling routines removed from
libcrypto, it's only intended to remove all the function name and
reason texts, thereby removing some of the footprint that may not
be interesting if those errors aren't displayed anyway.
NOTE: it's still possible for any application or module to have it's
own set of error texts inserted. The routines are there, just not
used by default when no-err is given.
[Richard Levitte]
*) Add support for FreeBSD on IA64.
[dirk.meyer@dinoex.sub.org via Richard Levitte, resolves #454]
*) Adjust DES_cbc_cksum() so it returns the same value as the MIT
Kerberos function mit_des_cbc_cksum(). Before this change,
the value returned by DES_cbc_cksum() was like the one from
mit_des_cbc_cksum(), except the bytes were swapped.
[Kevin Greaney <Kevin.Greaney@hp.com> and Richard Levitte]
*) Allow an application to disable the automatic SSL chain building.
Before this a rather primitive chain build was always performed in
ssl3_output_cert_chain(): an application had no way to send the
correct chain if the automatic operation produced an incorrect result.
Now the chain builder is disabled if either:
1. Extra certificates are added via SSL_CTX_add_extra_chain_cert().
2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set.
The reasoning behind this is that an application would not want the
auto chain building to take place if extra chain certificates are
present and it might also want a means of sending no additional
certificates (for example the chain has two certificates and the
root is omitted).
[Steve Henson]
*) Add the possibility to build without the ENGINE framework.
[Steven Reddie <smr@essemer.com.au> via Richard Levitte]
*) Under Win32 gmtime() can return NULL: check return value in
OPENSSL_gmtime(). Add error code for case where gmtime() fails.
[Steve Henson]
*) DSA routines: under certain error conditions uninitialized BN objects
could be freed. Solution: make sure initialization is performed early
enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
Nils Larsch <nla@trustcenter.de> via PR#459)
[Lutz Jaenicke]
*) Another fix for SSLv2 session ID handling: the session ID was incorrectly
checked on reconnect on the client side, therefore session resumption
could still fail with a "ssl session id is different" error. This
behaviour is masked when SSL_OP_ALL is used due to
SSL_OP_MICROSOFT_SESS_ID_BUG being set.
Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
followup to PR #377.
[Lutz Jaenicke]
*) IA-32 assembler support enhancements: unified ELF targets, support
for SCO/Caldera platforms, fix for Cygwin shared build.
[Andy Polyakov]
*) Add support for FreeBSD on sparc64. As a consequence, support for
FreeBSD on non-x86 processors is separate from x86 processors on
the config script, much like the NetBSD support.
[Richard Levitte & Kris Kennaway <kris@obsecurity.org>]
Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
*) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
@ -177,7 +258,7 @@
# is assumed to contain the absolute OpenSSL source directory.
mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
cd objtree/"`uname -s`-`uname -r`-`uname -m`"
(cd $OPENSSL_SOURCE; find . -type f -o -type l) | while read F; do
(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
mkdir -p `dirname $F`
ln -s $OPENSSL_SOURCE/$F $F
done
@ -1677,6 +1758,11 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
be reduced modulo m.
[Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
#if 0
The following entry accidentily appeared in the CHANGES file
distributed with OpenSSL 0.9.7. The modifications described in
it do *not* apply to OpenSSL 0.9.7.
*) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
was actually never needed) and in BN_mul(). The removal in BN_mul()
required a small change in bn_mul_part_recursive() and the addition
@ -1685,6 +1771,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
bn_sub_words() and bn_add_words() except they take arrays with
differing sizes.
[Richard Levitte]
#endif
*) In 'openssl passwd', verify passwords read from the terminal
unless the '-salt' option is used (which usually means that
@ -1816,6 +1903,18 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
*) Clean old EAY MD5 hack from e_os.h.
[Richard Levitte]
Changes between 0.9.6h and 0.9.6i [19 Feb 2003]
*) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
via timing by performing a MAC computation even if incorrrect
block cipher padding has been found. This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
[Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
Martin Vuagnoux (EPFL, Ilion)]
Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
*) New function OPENSSL_cleanse(), which is used to cleanse a section of

99
crypto/openssl/Configure
View File

@ -10,7 +10,7 @@ use strict;
# see INSTALL for instructions.
my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
# Options:
#
@ -38,6 +38,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
# no-engine do not compile in any engine code.
# no-hw-xxx do not compile support for specific crypto hardware.
# Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware
@ -107,7 +108,6 @@ my $tlib="-lnsl -lsocket";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
my $x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
@ -161,7 +161,7 @@ my %table=(
# surrounds it with #APP #NO_APP comment pair which (at least Solaris
# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
# error message.
"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -262,22 +262,21 @@ my %table=(
"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# IA-64 targets
# I have no idea if this one actually works, feedback needed. <appro>
"hpux-ia64-cc","cc:-Ae +DD32 +O3 +ESlit -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
# with debugging of the following config.
"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# More attempts at unified 10.X and 11.X targets for HP C compiler.
#
# Chris Ruemmler <ruemmler@cup.hp.com>
# Kevin Steves <ks@hp.se>
"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# Isn't the line below meaningless? HP-UX cc optimizes for host by default.
# hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro>
"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# HPUX 9.X config.
# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or
@ -384,8 +383,8 @@ my %table=(
"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::",
"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::",
"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -396,6 +395,8 @@ my %table=(
"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown):::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -403,7 +404,7 @@ my %table=(
"nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
# NCR MP-RAS UNIX ver 02.03.01
"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",
# QNX 4
"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
@ -414,33 +415,36 @@ my %table=(
# Linux on ARM
"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# SCO/Caldera targets.
#
# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
# Now we only have blended unixware-* as it's the only one used by ./config.
# If you want to optimize for particular microarchitecture, bypass ./config
# and './Configure unixware-7 -Kpentium_pro' or whatever appropriate.
# Note that not all targets include assembler support. Mostly because of
# lack of motivation to support out-of-date platforms with out-of-date
# compiler drivers and assemblers. Tim Rice <tim@multitalents.net> has
# patiently assisted to debug most of it.
#
# UnixWare 2.0x fails destest with -O
"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
"unixware-2.0-pentium","cc:-DFILIO_H -DNO_STRINGS_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
# UnixWare 2.1
"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the SCO cc.
"sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# UnixWare 7
"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"unixware-7-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"unixware-7-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# OpenUNIX 8
"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"OpenUNIX-8-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"OpenUNIX-8-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# IBM's AIX.
"aix-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
"aix-gcc", "gcc:-O3 -DB_ENDIAN::(unknown):AIX::BN_LLONG RC4_CHAR:::",
"aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:",
"aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::",
"aix43-gcc", "gcc:-O1 -DAIX -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR::::::::::dlfcn:",
"aix64-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384 -q64::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHAR::::::::::dlfcn::::::-X 64",
"aix64-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384 -q64::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHAR::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
#
# Cray T90 and similar (SDSC)
@ -473,15 +477,6 @@ my %table=(
"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
# SCO 3 - Tim Rice <tim@multitalents.net>
"sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
# SCO cc.
"sco5-cc", "cc:-belf::(unknown)::-lsocket -lresolv -lnsl:${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-Kpic", # des options?
"sco5-cc-pentium", "cc:-Kpentium::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lresolv -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-fPIC",
# Sinix/ReliantUNIX RM400
# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */
"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -508,7 +503,7 @@ my %table=(
"VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
# Borland C++ 4.5
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX::::::::::win32",
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN::::::::::win32",
"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
# Mingw32
@ -656,6 +651,7 @@ my $openssl_thread_defines;
my $openssl_sys_defines="";
my $openssl_other_defines;
my $libs;
my $libkrb5="";
my $target;
my $options;
my $symlink;
@ -696,6 +692,11 @@ PROCESS_ARGS:
$flags .= "-DOPENSSL_NO_ASM ";
$openssl_other_defines .= "#define OPENSSL_NO_ASM\n";
}
elsif (/^no-err$/)
{
$flags .= "-DOPENSSL_NO_ERR ";
$openssl_other_defines .= "#define OPENSSL_NO_ERR\n";
}
elsif (/^no-hw-(.+)$/)
{
my $hw=$1;
@ -956,6 +957,8 @@ my $shared_extension = $fields[$idx_shared_extension];
my $ranlib = $fields[$idx_ranlib];
my $arflags = $fields[$idx_arflags];
my $no_shared_warn=0;
$cflags="$flags$cflags" if ($flags ne "");
# Kerberos settings. The flavor must be provided from outside, either through
@ -1020,8 +1023,6 @@ else
$withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
if $withargs{"krb5-include"} eq "" &&
$withargs{"krb5-dir"} ne "";
$libs.=$withargs{"krb5-lib"}." " if $withargs{"krb5-lib"} ne "";
}
# The DSO code currently always implements all functions so that no
@ -1107,6 +1108,7 @@ if ($zlib)
my $shared_mark = "";
if ($shared_target eq "")
{
$no_shared_warn = 1 if !$no_shared;
$no_shared = 1;
}
if (!$no_shared)
@ -1240,6 +1242,7 @@ while (<IN>)
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@ -1513,6 +1516,16 @@ applications as the compiler options required on this system are not known.
See file INSTALL for details if you need multi-threading.
EOF
print <<\EOF if ($no_shared_warn);
You gave the option 'shared'. Normally, that would give you shared libraries.
Unfortunately, the OpenSSL configuration doesn't include shared library support
for this platform yet, so it will pretend you gave the option 'no-shared'. If
you can inform the developpers (openssl-dev\@openssl.org) how to support shared
libraries on this platform, they will at least look at it and try their best
(but please first make sure you have tried with a current version of OpenSSL).
EOF
exit(0);
sub usage

68
crypto/openssl/FAQ
View File

@ -68,7 +68,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 0.9.7 was released on December 31, 2002.
OpenSSL 0.9.7a was released on February 19, 2003.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@ -189,18 +189,30 @@ for permission to use their software with OpenSSL.
Cryptographic software needs a source of unpredictable data to work
correctly. Many open source operating systems provide a "randomness
device" that serves this purpose. On other systems, applications have
to call the RAND_add() or RAND_seed() function with appropriate data
before generating keys or performing public key encryption.
(These functions initialize the pseudo-random number generator, PRNG.)
device" (/dev/urandom or /dev/random) that serves this purpose.
All OpenSSL versions try to use /dev/urandom by default; starting with
version 0.9.7, OpenSSL also tries /dev/random if /dev/urandom is not
available.
Some broken applications do not do this. As of version 0.9.5, the
OpenSSL functions that need randomness report an error if the random
number generator has not been seeded with at least 128 bits of
randomness. If this error occurs, please contact the author of the
application you are using. It is likely that it never worked
correctly. OpenSSL 0.9.5 and later make the error visible by refusing
to perform potentially insecure encryption.
On other systems, applications have to call the RAND_add() or
RAND_seed() function with appropriate data before generating keys or
performing public key encryption. (These functions initialize the
pseudo-random number generator, PRNG.) Some broken applications do
not do this. As of version 0.9.5, the OpenSSL functions that need
randomness report an error if the random number generator has not been
seeded with at least 128 bits of randomness. If this error occurs and
is not discussed in the documentation of the application you are
using, please contact the author of that application; it is likely
that it never worked correctly. OpenSSL 0.9.5 and later make the
error visible by refusing to perform potentially insecure encryption.
If you are using Solaris 8, you can add /dev/urandom and /dev/random
devices by installing patch 112438 (Sparc) or 112439 (x86), which are
available via the Patchfinder at <URL: http://sunsolve.sun.com>
(Solaris 9 includes these devices by default). For /dev/random support
for earlier Solaris versions, see Sun's statement at
<URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski>
(the SUNWski package is available in patch 105710).
On systems without /dev/urandom and /dev/random, it is a good idea to
use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for
@ -233,18 +245,6 @@ OpenSSL command line tools. Applications using the OpenSSL library
provide their own configuration options to specify the entropy source,
please check out the documentation coming the with application.
For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested
installing the SUNski package from Sun patch 105710-01 (Sparc) which
adds a /dev/random device and make sure it gets used, usually through
$RANDFILE. There are probably similar patches for the other Solaris
versions. An official statement from Sun with respect to /dev/random
support can be found at
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
However, be warned that /dev/random is usually a blocking device, which
may have some effects on OpenSSL.
A third party /dev/random solution for Solaris is available at
http://www.cosy.sbg.ac.at/~andi/
* Why do I get an "unable to write 'random state'" error message?
@ -490,10 +490,13 @@ and then redo the compilation. What you should really do is make sure
Sometimes, you may get reports from VC++ command line (cl) that it
can't find standard include files like stdio.h and other weirdnesses.
One possible cause is that the environment isn't correctly set up.
To solve that problem, one should run VCVARS32.BAT which is found in
the 'bin' subdirectory of the VC++ installation directory (somewhere
under 'Program Files'). This needs to be done prior to running NMAKE,
and the changes are only valid for the current DOS session.
To solve that problem for VC++ versions up to 6, one should run
VCVARS32.BAT which is found in the 'bin' subdirectory of the VC++
installation directory (somewhere under 'Program Files'). For VC++
version 7 (and up?), which is also called VS.NET, the file is called
VSVARS32.BAT instead.
This needs to be done prior to running NMAKE, and the changes are only
valid for the current DOS session.
* What is special about OpenSSL on Redhat?
@ -577,10 +580,13 @@ As of 0.9.7 assembler routines were overhauled for position independence
of the machine code, which is essential for shared library support. For
some reason OpenBSD is equipped with an out-of-date GNU assembler which
finds the new code offensive. To work around the problem, configure with
no-asm (and sacrifice a great deal of performance) or upgrade /usr/bin/as.
no-asm (and sacrifice a great deal of performance) or patch your assembler
according to <URL: http://www.openssl.org/~appro/gas-1.92.3.OpenBSD.patch>.
For your convenience a pre-compiled replacement binary is provided at
http://www.openssl.org/~appro/i386-openbsd3-as, which is compiled from
binutils-2.8 released in 1997.
<URL: http://www.openssl.org/~appro/gas-1.92.3.static.aout.bin>.
Reportedly elder *BSD a.out platforms also suffer from this problem and
remedy should be same. Provided binary is statically linked and should be
working across wider range of *BSD branches, not just OpenBSD.
[PROG] ========================================================================

24
crypto/openssl/INSTALL
View File

@ -158,7 +158,7 @@
If a test fails, look at the output. There may be reasons for
the failure that isn't a problem in OpenSSL itself (like a missing
or malfunctioning bc). If it is a problem with OpenSSL itself,
try removing any compiler optimization flags from the CFLAGS line
try removing any compiler optimization flags from the CFLAG line
in Makefile.ssl and run "make clean; make". Please send a bug
report to <openssl-bugs@openssl.org>, including the output of
"make report" in order to be added to the request tracker at
@ -308,3 +308,25 @@
to install additional support software to obtain random seed.
Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
and the FAQ for more information.
Note on support for multiple builds
-----------------------------------
OpenSSL is usually built in it's source tree. Unfortunately, this doesn't
support building for multiple platforms from the same source tree very well.
It is however possible to build in a separate tree through the use of lots
of symbolic links, which should be prepared like this:
mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
cd objtree/"`uname -s`-`uname -r`-`uname -m`"
(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
mkdir -p `dirname $F`
rm -f $F; ln -s $OPENSSL_SOURCE/$F $F
echo $F '->' $OPENSSL_SOURCE/$F
done
make -f Makefile.org clean
OPENSSL_SOURCE is an environment variable that contains the absolute (this
is important!) path to the OpenSSL source tree.
Also, operations like 'make update' should still be made in the source tree.

100
crypto/openssl/Makefile.org
View File

@ -72,6 +72,14 @@ TAR= tar
TARFLAGS= --no-recursion
MAKEDEPPROG=makedepend
# We let the C compiler driver to take care of .s files. This is done in
# order to be excused from maintaining a separate set of architecture
# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
# gcc, then the driver will automatically translate it to -xarch=v8plus
# and pass it down to assembler.
AS=$(CC) -c
ASFLAGS=$(CFLAG)
# Set BN_ASM to bn_asm.o if you want to use the C version
BN_ASM= bn_asm.o
#BN_ASM= bn_asm.o
@ -159,6 +167,7 @@ RMD160_ASM_OBJ= asm/rm86-out.o
# KRB5 stuff
KRB5_INCLUDES=
LIBKRB5=
# When we're prepared to use shared libraries in the programs we link here
# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
@ -216,7 +225,7 @@ sub_all:
do \
if [ -d "$$i" ]; then \
(cd $$i && echo "making all in $$i..." && \
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAGS='${ASFLAGS}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
else \
$(MAKE) $$i; \
fi; \
@ -269,13 +278,16 @@ do_bsd-gcc-shared: do_gnu-shared
do_linux-shared: do_gnu-shared
do_gnu-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-Bsymbolic \
-Wl,--whole-archive lib$$i.a \
-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
@ -283,22 +295,28 @@ DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
# For Darwin AKA Mac OS/X (dyld)
do_darwin-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
( set -x ; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
-compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
-install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
libs="$$libs -l`basename $$i${SHLIB_EXT} .dylib`"; \
libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \
echo "" ; \
done
do_cygwin-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} -shared -o cyg$$i-$(SHLIB_VERSION_NUMBER).dll \
-Wl,-Bsymbolic \
-Wl,--whole-archive lib$$i.a \
-Wl,--out-implib,lib$$i.dll.a \
-Wl,--no-whole-archive $$libs ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
# This assumes that GNU utilities are *not* used
@ -307,11 +325,14 @@ do_alpha-osf1-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so \
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -323,11 +344,14 @@ do_tru64-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -msym -o lib$$i.so \
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -339,12 +363,15 @@ do_tru64-shared-rpath:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -msym -o lib$$i.so \
-rpath ${INSTALLTOP}/lib \
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -355,6 +382,9 @@ do_solaris-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
MINUSZ='-z '; \
(${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
@ -363,7 +393,7 @@ do_solaris-shared:
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
$${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
$$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -373,6 +403,9 @@ do_svr3-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
find . -name "*.o" -print > allobjs ; \
OBJS= ; export OBJS ; \
@ -382,7 +415,7 @@ do_svr3-shared:
set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -392,6 +425,9 @@ do_svr5-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
find . -name "*.o" -print > allobjs ; \
OBJS= ; export OBJS ; \
@ -402,7 +438,7 @@ do_svr5-shared:
-G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -412,11 +448,14 @@ do_irix-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -433,6 +472,9 @@ do_irix-shared:
#
do_hpux-shared:
for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
+vnocompatwarnings \
-b -z +s \
@ -453,6 +495,9 @@ do_hpux-shared:
#
do_hpux64-shared:
for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
-b -z \
-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
@ -495,17 +540,24 @@ SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE
SHAREDCMD=$(CC)
do_aix-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; \
ld -r -o $$i.o $(ALLSYMSFLAG) lib$$i.a && \
ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
$(SHAREDCMD) $(SHAREDFLAG) -o lib$$i.so lib$$i.o \
$(SHAREDCMD) $(SHAREDFLAGS) \
-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
$$libs ${EX_LIBS} ) ) \
|| exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
do_reliantunix-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \
( set -x; \
( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
@ -515,7 +567,7 @@ do_reliantunix-shared:
cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
) || exit 1; \
rm -rf $$tmpdir ; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
openssl.pc: Makefile.ssl
@ -528,7 +580,7 @@ openssl.pc: Makefile.ssl
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile.ssl: Makefile.org
@ -601,8 +653,7 @@ rehash.time: certs
@(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH"; \
elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
$(PERL) tools/c_rehash certs)
touch rehash.time
@ -613,8 +664,7 @@ tests: rehash
@(cd test && echo "testing..." && \
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
@LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH"; \
elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
apps/openssl version -a
@ -749,7 +799,7 @@ install: all install_docs
chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
else \
c=`echo $$i | sed 's/^lib\(.*\)/cyg\1-$(SHLIB_VERSION_NUMBER)/'`; \
c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
@ -763,6 +813,12 @@ install: all install_docs
cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
set $(MAKE); \
$$1 -f $$here/Makefile link-shared ); \
if [ "$(INSTALLTOP)" != "/usr" ]; then \
echo 'OpenSSL shared libraries have been installed in:'; \
echo ' $(INSTALLTOP)'; \
echo ''; \
sed -e '1,/^$$/d' doc/openssl-shared.txt; \
fi; \
fi
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig

102
crypto/openssl/Makefile.ssl
View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=0.9.7
VERSION=0.9.7a
MAJOR=0
MINOR=9.7
SHLIB_VERSION_NUMBER=0.9.7
@ -74,6 +74,14 @@ TAR= tar
TARFLAGS= --no-recursion
MAKEDEPPROG=makedepend
# We let the C compiler driver to take care of .s files. This is done in
# order to be excused from maintaining a separate set of architecture
# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
# gcc, then the driver will automatically translate it to -xarch=v8plus
# and pass it down to assembler.
AS=$(CC) -c
ASFLAGS=$(CFLAG)
# Set BN_ASM to bn_asm.o if you want to use the C version
BN_ASM= bn_asm.o
#BN_ASM= bn_asm.o
@ -161,6 +169,7 @@ RMD160_ASM_OBJ=
# KRB5 stuff
KRB5_INCLUDES=
LIBKRB5=
# When we're prepared to use shared libraries in the programs we link here
# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
@ -218,7 +227,7 @@ sub_all:
do \
if [ -d "$$i" ]; then \
(cd $$i && echo "making all in $$i..." && \
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAGS='${ASFLAGS}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
else \
$(MAKE) $$i; \
fi; \
@ -271,13 +280,16 @@ do_bsd-gcc-shared: do_gnu-shared
do_linux-shared: do_gnu-shared
do_gnu-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-Bsymbolic \
-Wl,--whole-archive lib$$i.a \
-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
@ -285,22 +297,28 @@ DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
# For Darwin AKA Mac OS/X (dyld)
do_darwin-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
( set -x ; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
-compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
-install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
libs="$$libs -l`basename $$i${SHLIB_EXT} .dylib`"; \
libs="-l`basename $$i${SHLIB_EXT} .dylib` $$libs"; \
echo "" ; \
done
do_cygwin-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} -shared -o cyg$$i-$(SHLIB_VERSION_NUMBER).dll \
-Wl,-Bsymbolic \
-Wl,--whole-archive lib$$i.a \
-Wl,--out-implib,lib$$i.dll.a \
-Wl,--no-whole-archive $$libs ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
# This assumes that GNU utilities are *not* used
@ -309,11 +327,14 @@ do_alpha-osf1-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so \
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -325,11 +346,14 @@ do_tru64-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -msym -o lib$$i.so \
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -341,12 +365,15 @@ do_tru64-shared-rpath:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -msym -o lib$$i.so \
-rpath ${INSTALLTOP}/lib \
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -357,6 +384,9 @@ do_solaris-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
MINUSZ='-z '; \
(${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
@ -365,7 +395,7 @@ do_solaris-shared:
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
$${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
$$libs ${EX_LIBS} -lc ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -375,6 +405,9 @@ do_svr3-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
find . -name "*.o" -print > allobjs ; \
OBJS= ; export OBJS ; \
@ -384,7 +417,7 @@ do_svr3-shared:
set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -394,6 +427,9 @@ do_svr5-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
find . -name "*.o" -print > allobjs ; \
OBJS= ; export OBJS ; \
@ -404,7 +440,7 @@ do_svr5-shared:
-G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -414,11 +450,14 @@ do_irix-shared:
$(MAKE) do_gnu-shared; \
else \
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done; \
fi
@ -435,6 +474,9 @@ do_irix-shared:
#
do_hpux-shared:
for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
+vnocompatwarnings \
-b -z +s \
@ -455,6 +497,9 @@ do_hpux-shared:
#
do_hpux64-shared:
for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
-b -z \
-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
@ -497,17 +542,24 @@ SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE
SHAREDCMD=$(CC)
do_aix-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; \
ld -r -o $$i.o $(ALLSYMSFLAG) lib$$i.a && \
ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
$(SHAREDCMD) $(SHAREDFLAG) -o lib$$i.so lib$$i.o \
$(SHAREDCMD) $(SHAREDFLAGS) \
-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
$$libs ${EX_LIBS} ) ) \
|| exit 1; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
do_reliantunix-shared:
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
tmpdir=/tmp/openssl.$$$$ ; rm -rf $$tmpdir ; \
( set -x; \
( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
@ -517,7 +569,7 @@ do_reliantunix-shared:
cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
) || exit 1; \
rm -rf $$tmpdir ; \
libs="$$libs -l$$i"; \
libs="-l$$i $$libs"; \
done
openssl.pc: Makefile.ssl
@ -530,7 +582,7 @@ openssl.pc: Makefile.ssl
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
echo 'Libs: -L$${libdir} -lssl -lcrypto $(LIBKRB5) $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile.ssl: Makefile.org
@ -603,8 +655,7 @@ rehash.time: certs
@(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH"; \
elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
$(PERL) tools/c_rehash certs)
touch rehash.time
@ -615,8 +666,7 @@ tests: rehash
@(cd test && echo "testing..." && \
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
@LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH"; \
elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
apps/openssl version -a
@ -751,7 +801,7 @@ install: all install_docs
chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
else \
c=`echo $$i | sed 's/^lib\(.*\)/cyg\1-$(SHLIB_VERSION_NUMBER)/'`; \
c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
@ -765,6 +815,12 @@ install: all install_docs
cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
set $(MAKE); \
$$1 -f $$here/Makefile link-shared ); \
if [ "$(INSTALLTOP)" != "/usr" ]; then \
echo 'OpenSSL shared libraries have been installed in:'; \
echo ' $(INSTALLTOP)'; \
echo ''; \
sed -e '1,/^$$/d' doc/openssl-shared.txt; \
fi; \
fi
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig

15
crypto/openssl/NEWS
View File

@ -5,6 +5,17 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a:
o Security: Important security related bugfixes.
o Enhanced compatibility with MIT Kerberos.
o Can be built without the ENGINE framework.
o IA32 assembler enhancements.
o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64.
o Configuration: the no-err option now works properly.
o SSL/TLS: now handles manual certificate chain building.
o SSL/TLS: certain session ID malfunctions corrected.
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7:
o New library section OCSP.
@ -51,6 +62,10 @@
o SSL/TLS: add callback to retrieve SSL/TLS messages.
o SSL/TLS: support AES cipher suites (RFC3268).
Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i:
o Important security related bugfixes.
Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h:
o New configuration targets for Tandem OSS and A/UX.

28
crypto/openssl/PROBLEMS
View File

@ -70,3 +70,31 @@ if compiled with WorkShop 6 compiler and -xarch=v9. The cause for
this seems to be the fact that compiler emits multiplication to
perform shift operations:-( To work the problem around configure
with './Configure solaris64-sparcv9-cc -DMD32_REG_T=int'.
* Problems with hp-parisc2-cc target when used with "no-asm" flag
When using the hp-parisc2-cc target, wrong bignum code is generated.
This is due to the SIXTY_FOUR_BIT build being compiled with the +O3
aggressive optimization.
The problem manifests itself by the BN_kronecker test hanging in an
endless loop. Reason: the BN_kronecker test calls BN_generate_prime()
which itself hangs. The reason could be tracked down to the bn_mul_comba8()
function in bn_asm.c. At some occasions the higher 32bit value of r[7]
is off by 1 (meaning: calculated=shouldbe+1). Further analysis failed,
as no debugger support possible at +O3 and additional fprintf()'s
introduced fixed the bug, therefore it is most likely a bug in the
optimizer.
The bug was found in the BN_kronecker test but may also lead to
failures in other parts of the code.
(See Ticket #426.)
Workaround: modify the target to +O2 when building with no-asm.
* Poor support for AIX shared builds.
do_aix-shared rule is not flexible enough to parameterize through a
config-line. './Configure aix43-cc shared' is working, but not
'./Configure aix64-gcc shared'. In latter case make fails to create shared
libraries. It's possible to build 64-bit shared libraries by running
'env OBJECT_MODE=64 make', but we need more elegant solution. Preferably one
supporting even gcc shared builds. See RT#463 for background information.

4
crypto/openssl/README
View File

@ -1,7 +1,7 @@
OpenSSL 0.9.7 31 Dec 2002
OpenSSL 0.9.7a Feb 19 2003
Copyright (c) 1998-2002 The OpenSSL Project
Copyright (c) 1998-2003 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

4
crypto/openssl/apps/Makefile.ssl
View File

@ -18,6 +18,7 @@ PERL= perl
RM= rm -f
# KRB5 stuff
KRB5_INCLUDES=
LIBKRB5=
PEX_LIBS=
EX_LIBS=
@ -150,8 +151,7 @@ $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
fi
-(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \
LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \
if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH"; \
elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
$(PERL) tools/c_rehash certs)

8
crypto/openssl/apps/apps.c
View File

@ -122,7 +122,9 @@
#include <openssl/pkcs12.h>
#include <openssl/ui.h>
#include <openssl/safestack.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifdef OPENSSL_SYS_WINDOWS
#define strcasecmp _stricmp
@ -859,6 +861,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
BIO_printf(err,"no keyfile specified\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
@ -868,6 +871,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
ui_method, &cb_data);
goto end;
}
#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
@ -935,6 +939,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
BIO_printf(err,"no keyfile specified\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
@ -944,6 +949,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
ui_method, &cb_data);
goto end;
}
#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
@ -1329,6 +1335,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
return NULL;
}
#ifndef OPENSSL_NO_ENGINE
/* Try to load an engine in a shareable library */
static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
{
@ -1385,6 +1392,7 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug)
}
return e;
}
#endif
int load_config(BIO *err, CONF *cnf)
{

69
crypto/openssl/apps/apps.h
View File

@ -121,7 +121,9 @@
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/txt_db.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/ossl_typ.h>
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
@ -179,30 +181,57 @@ extern BIO *bio_err;
do_pipe_sig()
# define apps_shutdown()
#else
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
defined(OPENSSL_SYS_WIN32)
# ifdef _O_BINARY
# define apps_startup() \
do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
# ifndef OPENSSL_NO_ENGINE
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
defined(OPENSSL_SYS_WIN32)
# ifdef _O_BINARY
# define apps_startup() \
do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
# else
# define apps_startup() \
do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
# endif
# else
# define apps_startup() \
do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
setup_ui_method(); } while(0)
# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
EVP_cleanup(); ENGINE_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
ERR_free_strings(); } while(0)
# else
# define apps_startup() \
do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
setup_ui_method(); } while(0)
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
defined(OPENSSL_SYS_WIN32)
# ifdef _O_BINARY
# define apps_startup() \
do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
setup_ui_method(); } while(0)
# else
# define apps_startup() \
do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
setup_ui_method(); } while(0)
# endif
# else
# define apps_startup() \
do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
ERR_load_crypto_strings(); \
setup_ui_method(); } while(0)
# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
EVP_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
ERR_free_strings(); } while(0)
# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
EVP_cleanup(); ENGINE_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
ERR_free_strings(); } while(0)
#endif
typedef struct args_st
@ -248,7 +277,9 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
#ifndef OPENSSL_NO_ENGINE
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
#endif
int load_config(BIO *err, CONF *cnf);
char *make_config_name(void);

16
crypto/openssl/apps/ca.c
View File

@ -196,7 +196,9 @@ static char *ca_usage[]={
" -extensions .. - Extension section (override value in config file)\n",
" -extfile file - Configuration file with X509v3 extentions to add\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
#endif
" -status serial - Shows certificate status given the serial number\n",
" -updatedb - Updates db for expired certificates\n",
NULL
@ -333,7 +335,9 @@ int MAIN(int argc, char **argv)
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *tofree=NULL;
#ifdef EFENCE
@ -537,11 +541,13 @@ EF_ALIGNMENT=0;
rev_arg = *(++argv);
rev_type = REV_CA_COMPROMISE;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else
{
bad:
@ -562,7 +568,9 @@ EF_ALIGNMENT=0;
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
/*****************************************************************/
tofree=NULL;
@ -597,7 +605,10 @@ EF_ALIGNMENT=0;
goto err;
}
if(tofree)
{
OPENSSL_free(tofree);
tofree = NULL;
}
if (!load_config(bio_err, conf))
goto err;
@ -1633,11 +1644,12 @@ EF_ALIGNMENT=0;
BIO_free_all(out);
BIO_free_all(in);
sk_X509_pop_free(cert_sk,X509_free);
if (cert_sk)
sk_X509_pop_free(cert_sk,X509_free);
if (ret) ERR_print_errors(bio_err);
app_RAND_write_file(randfile, bio_err);
if (free_key)
if (free_key && key)
OPENSSL_free(key);
BN_free(serial);
TXT_DB_free(db);

8
crypto/openssl/apps/dgst.c
View File

@ -100,7 +100,9 @@ int MAIN(int argc, char **argv)
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
int siglen = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -166,11 +168,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) break;
keyform=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) break;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-hex") == 0)
out_bin = 0;
else if (strcmp(*argv,"-binary") == 0)
@ -208,7 +212,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n");
BIO_printf(bio_err,"-signature file signature to verify\n");
BIO_printf(bio_err,"-binary output in binary form\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
LN_md5,LN_md5);
@ -228,7 +234,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
bmd=BIO_new(BIO_f_md());

15
crypto/openssl/apps/dh.c
View File

@ -87,12 +87,17 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog,*engine;
char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
char *engine;
#endif
apps_startup();
@ -103,7 +108,9 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
engine=NULL;
#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
@ -134,11 +141,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
@ -170,13 +179,17 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());

13
crypto/openssl/apps/dhparam.c
View File

@ -148,7 +148,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@ -157,7 +159,10 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
char *inrand=NULL,*engine=NULL;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
int num = 0, g = 0;
apps_startup();
@ -199,11 +204,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
@ -249,7 +256,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n");
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@ -259,7 +268,9 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (g && !num)
num = DEFBITS;

15
crypto/openssl/apps/dsa.c
View File

@ -90,7 +90,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret=1;
DSA *dsa=NULL;
int i,badops=0;
@ -98,7 +100,10 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL;
int informat,outformat,text=0,noout=0;
int pubin = 0, pubout = 0;
char *infile,*outfile,*prog,*engine;
char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
char *engine;
#endif
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
int modulus=0;
@ -112,7 +117,9 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
engine=NULL;
#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
@ -153,11 +160,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-text") == 0)
@ -189,7 +198,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
@ -207,7 +218,9 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

10
crypto/openssl/apps/dsaparam.c
View File

@ -90,7 +90,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@ -98,7 +100,9 @@ int MAIN(int argc, char **argv)
char *infile,*outfile,*prog,*inrand=NULL;
int numbits= -1,num,genkey=0;
int need_rand=0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -139,11 +143,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if(strcmp(*argv, "-engine") == 0)
{
if (--argc < 1) goto bad;
engine = *(++argv);
}
#endif
else if (strcmp(*argv,"-text") == 0)
text=1;
else if (strcmp(*argv,"-C") == 0)
@ -191,7 +197,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -noout no output\n");
BIO_printf(bio_err," -genkey generate a DSA key\n");
BIO_printf(bio_err," -rand files to use for random number input\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," number number of bits to use for generating private key\n");
goto end;
}
@ -235,7 +243,9 @@ int MAIN(int argc, char **argv)
}
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
{

10
crypto/openssl/apps/enc.c
View File

@ -100,7 +100,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@ -119,7 +121,9 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
apps_startup();
@ -163,11 +167,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passarg= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-d") == 0)
enc=0;
else if (strcmp(*argv,"-p") == 0)
@ -270,7 +276,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
#endif
BIO_printf(bio_err,"Cipher Types\n");
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
@ -284,7 +292,9 @@ int MAIN(int argc, char **argv)
argv++;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (bufsize != NULL)
{

3
crypto/openssl/apps/engine.c
View File

@ -56,6 +56,8 @@
*
*/
#ifndef OPENSSL_NO_ENGINE
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -518,3 +520,4 @@ int MAIN(int argc, char **argv)
apps_shutdown();
OPENSSL_EXIT(ret);
}
#endif

10
crypto/openssl/apps/gendh.c
View File

@ -81,13 +81,17 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
char *outfile=NULL;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
BIO *out=NULL;
apps_startup();
@ -115,11 +119,13 @@ int MAIN(int argc, char **argv)
g=3; */
else if (strcmp(*argv,"-5") == 0)
g=5;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -138,14 +144,18 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());
if (out == NULL)

10
crypto/openssl/apps/gendsa.c
View File

@ -77,7 +77,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@ -85,7 +87,9 @@ int MAIN(int argc, char **argv)
char *passargout = NULL, *passout = NULL;
BIO *out=NULL,*in=NULL;
const EVP_CIPHER *enc=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -111,11 +115,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -167,7 +173,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@ -176,7 +184,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");

10
crypto/openssl/apps/genrsa.c
View File

@ -81,7 +81,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret=1;
RSA *rsa=NULL;
int i,num=DEFBITS;
@ -90,7 +92,9 @@ int MAIN(int argc, char **argv)
unsigned long f4=RSA_F4;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
char *inrand=NULL;
BIO *out=NULL;
@ -122,11 +126,13 @@ int MAIN(int argc, char **argv)
f4=3;
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
f4=RSA_F4;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -177,7 +183,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
BIO_printf(bio_err," -3 use 3 for the E value\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@ -191,7 +199,9 @@ int MAIN(int argc, char **argv)
goto err;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (outfile == NULL)
{

20
crypto/openssl/apps/ocsp.c
View File

@ -55,6 +55,7 @@
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef OPENSSL_NO_OCSP
#include <stdio.h>
#include <string.h>
@ -722,7 +723,12 @@ int MAIN(int argc, char **argv)
}
else if (host)
{
#ifndef OPENSSL_NO_SOCK
cbio = BIO_new_connect(host);
#else
BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n");
goto end;
#endif
if (!cbio)
{
BIO_printf(bio_err, "Error creating connect BIO\n");
@ -732,7 +738,16 @@ int MAIN(int argc, char **argv)
if (use_ssl == 1)
{
BIO *sbio;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
ctx = SSL_CTX_new(SSLv23_client_method());
#elif !defined(OPENSSL_NO_SSL3)
ctx = SSL_CTX_new(SSLv3_client_method());
#elif !defined(OPENSSL_NO_SSL2)
ctx = SSL_CTX_new(SSLv2_client_method());
#else
BIO_printf(bio_err, "SSL is disabled\n");
goto end;
#endif
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
sbio = BIO_new_ssl(ctx, 1);
cbio = BIO_push(sbio, cbio);
@ -1139,7 +1154,11 @@ static BIO *init_responder(char *port)
bufbio = BIO_new(BIO_f_buffer());
if (!bufbio)
goto err;
#ifndef OPENSSL_NO_SOCK
acbio = BIO_new_accept(port);
#else
BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n");
#endif
if (!acbio)
goto err;
BIO_set_accept_bios(acbio, bufbio);
@ -1226,3 +1245,4 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
return 1;
}
#endif

2
crypto/openssl/apps/openssl.c
View File

@ -122,7 +122,9 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
#include "progs.h"
#include "s_apps.h"

8
crypto/openssl/apps/pkcs12.c
View File

@ -120,7 +120,9 @@ int MAIN(int argc, char **argv)
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
char *CApath = NULL, *CAfile = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -252,11 +254,13 @@ int MAIN(int argc, char **argv)
args++;
CAfile = *args;
} else badarg = 1;
#ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*args,"-engine")) {
if (args[1]) {
args++;
engine = *args;
} else badarg = 1;
#endif
} else badarg = 1;
} else badarg = 1;
@ -304,14 +308,18 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-password p set import/export password source\n");
BIO_printf (bio_err, "-passin p input file pass phrase source\n");
BIO_printf (bio_err, "-passout p output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(passarg) {
if(export_cert) passargout = passarg;

10
crypto/openssl/apps/pkcs7.c
View File

@ -82,7 +82,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@ -90,7 +92,9 @@ int MAIN(int argc, char **argv)
char *infile,*outfile,*prog;
int print_certs=0,text=0,noout=0;
int ret=1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -134,11 +138,13 @@ int MAIN(int argc, char **argv)
text=1;
else if (strcmp(*argv,"-print_certs") == 0)
print_certs=1;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
@ -161,14 +167,18 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
BIO_printf(bio_err," -text print full details of certificates\n");
BIO_printf(bio_err," -noout don't output encoded data\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
ret = 1;
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());

8
crypto/openssl/apps/pkcs8.c
View File

@ -85,7 +85,9 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey=NULL;
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
@ -145,11 +147,13 @@ int MAIN(int argc, char **argv)
if (!args[1]) goto bad;
passargout= *(++args);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
if (!args[1]) goto bad;
engine= *(++args);
}
#endif
else if (!strcmp (*args, "-in")) {
if (args[1]) {
args++;
@ -182,11 +186,15 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n");
BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
return (1);
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

6
crypto/openssl/apps/progs.h
View File

@ -35,7 +35,9 @@ extern int pkcs8_main(int argc,char *argv[]);
extern int spkac_main(int argc,char *argv[]);
extern int smime_main(int argc,char *argv[]);
extern int rand_main(int argc,char *argv[]);
#ifndef OPENSSL_NO_ENGINE
extern int engine_main(int argc,char *argv[]);
#endif
extern int ocsp_main(int argc,char *argv[]);
#define FUNC_TYPE_GENERAL 1
@ -92,7 +94,9 @@ FUNCTION functions[] = {
#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
{FUNC_TYPE_GENERAL,"s_client",s_client_main},
#endif
#ifndef OPENSSL_NO_SPEED
{FUNC_TYPE_GENERAL,"speed",speed_main},
#endif
#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
{FUNC_TYPE_GENERAL,"s_time",s_time_main},
#endif
@ -111,7 +115,9 @@ FUNCTION functions[] = {
{FUNC_TYPE_GENERAL,"spkac",spkac_main},
{FUNC_TYPE_GENERAL,"smime",smime_main},
{FUNC_TYPE_GENERAL,"rand",rand_main},
#ifndef OPENSSL_NO_ENGINE
{FUNC_TYPE_GENERAL,"engine",engine_main},
#endif
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
#ifndef OPENSSL_NO_MD2
{FUNC_TYPE_MD,"md2",dgst_main},

10
crypto/openssl/apps/rand.c
View File

@ -76,7 +76,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@ -84,7 +86,9 @@ int MAIN(int argc, char **argv)
int base64 = 0;
BIO *out = NULL;
int num = -1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -106,6 +110,7 @@ int MAIN(int argc, char **argv)
else
badopt = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(argv[i], "-engine") == 0)
{
if ((argv[i+1] != NULL) && (engine == NULL))
@ -113,6 +118,7 @@ int MAIN(int argc, char **argv)
else
badopt = 1;
}
#endif
else if (strcmp(argv[i], "-rand") == 0)
{
if ((argv[i+1] != NULL) && (inrand == NULL))
@ -150,13 +156,17 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "Usage: rand [options] num\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-out file - write to file\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "-base64 - encode output\n");
goto err;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)

16
crypto/openssl/apps/req.c
View File

@ -162,7 +162,9 @@ int MAIN(int argc, char **argv)
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
char *extensions = NULL;
char *req_exts = NULL;
const EVP_CIPHER *cipher=NULL;
@ -210,11 +212,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
@ -428,7 +432,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -verify verify signature on REQ\n");
BIO_printf(bio_err," -modulus RSA modulus\n");
BIO_printf(bio_err," -nodes don't encrypt the output key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n");
#endif
BIO_printf(bio_err," -subject output the request's subject\n");
BIO_printf(bio_err," -passin private key password source\n");
BIO_printf(bio_err," -key file use the private key contained in file\n");
@ -453,7 +459,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n");
BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n");
BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
BIO_printf(bio_err," -reqopt arg - various request text options\n\n");
goto end;
}
@ -617,7 +623,9 @@ int MAIN(int argc, char **argv)
if ((in == NULL) || (out == NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (keyfile != NULL)
{
@ -1237,11 +1245,17 @@ start: for (;;)
sprintf(buf,"%s_min",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
{
ERR_clear_error();
n_min = -1;
}
sprintf(buf,"%s_max",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
{
ERR_clear_error();
n_max = -1;
}
if (!add_DN_object(subj,v->value,def,value,nid,
n_min,n_max, chtype))

8
crypto/openssl/apps/rsa.c
View File

@ -104,7 +104,9 @@ int MAIN(int argc, char **argv)
char *infile,*outfile,*prog;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
int modulus=0;
apps_startup();
@ -156,11 +158,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-sgckey") == 0)
sgckey=1;
else if (strcmp(*argv,"-pubin") == 0)
@ -212,13 +216,17 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -check verify key consistency\n");
BIO_printf(bio_err," -pubin expect a public key in input file\n");
BIO_printf(bio_err," -pubout output a public key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

8
crypto/openssl/apps/rsautl.c
View File

@ -85,7 +85,9 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
@ -125,9 +127,11 @@ int MAIN(int argc, char **argv)
} else if (strcmp(*argv,"-keyform") == 0) {
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
#ifndef OPENSSL_NO_ENGINE
} else if(!strcmp(*argv, "-engine")) {
if (--argc < 1) badarg = 1;
engine = *(++argv);
#endif
} else if(!strcmp(*argv, "-pubin")) {
key_type = KEY_PUBKEY;
} else if(!strcmp(*argv, "-certin")) {
@ -162,7 +166,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
@ -305,7 +311,9 @@ static void usage()
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
}

8
crypto/openssl/apps/s_client.c
View File

@ -222,7 +222,9 @@ static void sc_usage(void)
BIO_printf(bio_err," for those protocols that support it, where\n");
BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
BIO_printf(bio_err," only \"smtp\" is supported.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
}
@ -254,8 +256,10 @@ int MAIN(int argc, char **argv)
SSL_METHOD *meth=NULL;
BIO *sbio;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine_id=NULL;
ENGINE *e=NULL;
#endif
#ifdef OPENSSL_SYS_WINDOWS
struct timeval tv;
#endif
@ -415,11 +419,13 @@ int MAIN(int argc, char **argv)
else
goto bad;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id = *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -444,7 +450,9 @@ int MAIN(int argc, char **argv)
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
#endif
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())

12
crypto/openssl/apps/s_server.c
View File

@ -242,7 +242,9 @@ static int s_msg=0;
static int s_quiet=0;
static int hack=0;
#ifndef OPENSSL_NO_ENGINE
static char *engine_id=NULL;
#endif
static const char *session_id_prefix=NULL;
#ifdef MONOLITH
@ -267,7 +269,9 @@ static void s_server_init(void)
s_msg=0;
s_quiet=0;
hack=0;
#ifndef OPENSSL_NO_ENGINE
engine_id=NULL;
#endif
}
#endif
@ -316,7 +320,9 @@ static void sv_usage(void)
BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
#endif
BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
}
@ -490,7 +496,9 @@ int MAIN(int argc, char *argv[])
int no_tmp_rsa=0,no_dhe=0,nocert=0;
int state=0;
SSL_METHOD *meth=NULL;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e=NULL;
#endif
char *inrand=NULL;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
@ -665,11 +673,13 @@ int MAIN(int argc, char *argv[])
if (--argc < 1) goto bad;
session_id_prefix = *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -694,7 +704,9 @@ int MAIN(int argc, char *argv[])
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
#endif
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())

8
crypto/openssl/apps/smime.c
View File

@ -104,7 +104,9 @@ int MAIN(int argc, char **argv)
int need_rand = 0;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
args = argv + 1;
ret = 1;
@ -176,11 +178,13 @@ int MAIN(int argc, char **argv)
inrand = *args;
} else badarg = 1;
need_rand = 1;
#ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*args,"-engine")) {
if (args[1]) {
args++;
engine = *args;
} else badarg = 1;
#endif
} else if (!strcmp(*args,"-passin")) {
if (args[1]) {
args++;
@ -330,7 +334,9 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf (bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
@ -339,7 +345,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");

10
crypto/openssl/apps/speed.c
View File

@ -58,6 +58,8 @@
/* most of this code has been pilfered from my libdes speed.c program */
#ifndef OPENSSL_NO_SPEED
#undef SECONDS
#define SECONDS 3
#define RSA_SECONDS 10
@ -370,7 +372,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
@ -590,6 +594,7 @@ int MAIN(int argc, char **argv)
j--; /* Otherwise, -elapsed gets confused with
an algorithm. */
}
#ifndef OPENSSL_NO_ENGINE
else if ((argc > 0) && (strcmp(*argv,"-engine") == 0))
{
argc--;
@ -606,6 +611,7 @@ int MAIN(int argc, char **argv)
means all of them should be run) */
j--;
}
#endif
#ifdef HAVE_FORK
else if ((argc > 0) && (strcmp(*argv,"-multi") == 0))
{
@ -865,7 +871,9 @@ int MAIN(int argc, char **argv)
#if defined(TIMES) || defined(USE_TOD)
BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n");
#endif
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err,"-evp e use EVP e.\n");
BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n");
BIO_printf(bio_err,"-mr produce machine readable output.\n");
@ -1393,6 +1401,7 @@ int MAIN(int argc, char **argv)
else
EVP_EncryptFinal_ex(&ctx,buf,&outl);
d=Time_F(STOP);
EVP_CIPHER_CTX_cleanup(&ctx);
}
if (evp_md)
{
@ -1939,3 +1948,4 @@ static int do_multi(int multi)
return 1;
}
#endif
#endif

8
crypto/openssl/apps/spkac.c
View File

@ -92,7 +92,9 @@ int MAIN(int argc, char **argv)
CONF *conf = NULL;
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -141,11 +143,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
spksect= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-pubkey") == 0)
@ -171,7 +175,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err," -noout don't print SPKAC\n");
BIO_printf(bio_err," -pubkey output public key\n");
BIO_printf(bio_err," -verify verify SPKAC signature\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
@ -181,7 +187,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(keyfile) {
pkey = load_key(bio_err,

12
crypto/openssl/apps/verify.c
View File

@ -86,7 +86,9 @@ int MAIN(int argc, char **argv)
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
X509_STORE *cert_ctx=NULL;
X509_LOOKUP *lookup=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
cert_ctx=X509_STORE_new();
if (cert_ctx == NULL) goto end;
@ -142,11 +144,13 @@ int MAIN(int argc, char **argv)
if (argc-- < 1) goto end;
trustfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto end;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-help") == 0)
goto end;
else if (strcmp(*argv,"-ignore_critical") == 0)
@ -170,7 +174,9 @@ int MAIN(int argc, char **argv)
break;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
if (lookup == NULL) abort();
@ -219,7 +225,11 @@ int MAIN(int argc, char **argv)
ret=0;
end:
if (ret == 1) {
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-engine e] cert1 cert2 ...\n");
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," [-engine e]");
#endif
BIO_printf(bio_err," cert1 cert2 ...\n");
BIO_printf(bio_err,"recognized usages:\n");
for(i = 0; i < X509_PURPOSE_get_count(); i++) {
X509_PURPOSE *ptmp;

8
crypto/openssl/apps/x509.c
View File

@ -131,7 +131,9 @@ static char *x509_usage[]={
" -extensions - section from config file with X509V3 extensions to add\n",
" -clrext - delete extensions before signing and input certificate\n",
" -nameopt arg - various certificate name options\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
#endif
" -certopt arg - various certificate text options\n",
NULL
};
@ -183,7 +185,9 @@ int MAIN(int argc, char **argv)
int need_rand = 0;
int checkend=0,checkoffset=0;
unsigned long nmflag = 0, certflag = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
reqfile=0;
@ -360,11 +364,13 @@ int MAIN(int argc, char **argv)
alias= *(++argv);
trustout = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-C") == 0)
C= ++num;
else if (strcmp(*argv,"-email") == 0)
@ -450,7 +456,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
app_RAND_load_file(NULL, bio_err, 0);

62
crypto/openssl/config
View File

@ -74,34 +74,27 @@ if [ "x$XREL" != "x" ]; then
echo "whatever-whatever-sco5"; exit 0
;;
4.2MP)
if [ "x$VERSION" = "x2.01" ]; then
echo "${MACHINE}-whatever-unixware201"; exit 0
elif [ "x$VERSION" = "x2.02" ]; then
echo "${MACHINE}-whatever-unixware202"; exit 0
elif [ "x$VERSION" = "x2.03" ]; then
echo "${MACHINE}-whatever-unixware203"; exit 0
elif [ "x$VERSION" = "x2.1.1" ]; then
echo "${MACHINE}-whatever-unixware211"; exit 0
elif [ "x$VERSION" = "x2.1.2" ]; then
echo "${MACHINE}-whatever-unixware212"; exit 0
elif [ "x$VERSION" = "x2.1.3" ]; then
echo "${MACHINE}-whatever-unixware213"; exit 0
else
echo "${MACHINE}-whatever-unixware2"; exit 0
fi
case "x${VERSION}" in
x2.0*) echo "whatever-whatever-unixware20"; exit 0 ;;
x2.1*) echo "whatever-whatever-unixware21"; exit 0 ;;
x2*) echo "whatever-whatever-unixware2"; exit 0 ;;
esac
;;
4.2)
echo "whatever-whatever-unixware1"; exit 0
;;
OpenUNIX)
if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x8" ]; then
echo "${MACHINE}-unknown-OpenUNIX${VERSION}"; exit 0
fi
echo "i386-whatever-unixware1"; exit 0
;;
5)
if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x7" ]; then
echo "${MACHINE}-sco-unixware7"; exit 0
fi
case "x${VERSION}" in
# We hardcode i586 in place of ${MACHINE} for the
# following reason. The catch is that even though Pentium
# is minimum requirement for platforms in question,
# ${MACHINE} gets always assigned to i386. Now, problem
# with i386 is that it makes ./config pass 386 to
# ./Configure, which in turn makes make generate
# inefficient SHA-1 (for this moment) code.
x7*) echo "i586-sco-unixware7"; exit 0 ;;
x8*) echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;;
esac
;;
esac
fi
@ -196,7 +189,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
echo "${MACHINE}-whatever-bsdi"; exit 0
;;
FreeBSD:*)
FreeBSD:*:*:*386*)
VERS=`echo ${RELEASE} | sed -e 's/[-(].*//'`
MACH=`sysctl -n hw.model`
ARCH='whatever'
@ -205,7 +198,6 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
*486* ) MACH="i486" ;;
Pentium\ II*) MACH="i686" ;;
Pentium* ) MACH="i586" ;;
Alpha* ) MACH="alpha" ;;
* ) MACH="$MACHINE" ;;
esac
case ${MACH} in
@ -214,6 +206,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
echo "${MACH}-${ARCH}-freebsd${VERS}"; exit 0
;;
FreeBSD:*)
echo "${MACHINE}-whatever-freebsd"; exit 0
;;
NetBSD:*:*:*386*)
echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
;;
@ -461,6 +457,10 @@ if [ "${SYSTEM}-${MACHINE}" = "Linux-alpha" ]; then
fi
fi
if [ "${SYSTEM}" = "AIX" ]; then # favor vendor cc over gcc
(cc) 2>&1 | grep -iv "command not found" > /dev/null && CC=cc
fi
CCVER=${CCVER:-0}
# read the output of the embedded GuessOS
@ -547,7 +547,7 @@ EOF
ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
i386-apple-darwin*) OUT="darwin-i386-cc" ;;
sparc64-*-linux2)
echo "WARNING! If *know* that your GNU C supports 64-bit/V9 ABI"
echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
echo " and wish to build 64-bit library, then you have to"
echo " invoke './Configure linux64-sparcv9' *manually*."
if [ "$TEST" = "false" ]; then
@ -640,6 +640,8 @@ EOF
*86*-*-solaris2) OUT="solaris-x86-$CC" ;;
*-*-sunos4) OUT="sunos-$CC" ;;
alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;;
sparc64-*-freebsd*) OUT="FreeBSD-sparc64" ;;
ia64-*-freebsd*) OUT="FreeBSD-ia64" ;;
*-freebsd[3-9]*) OUT="FreeBSD-elf" ;;
*-freebsd[1-2]*) OUT="FreeBSD" ;;
*86*-*-netbsd) OUT="NetBSD-x86" ;;
@ -696,9 +698,11 @@ EOF
CPU_VERSION=${CPU_VERSION:-0}
# See <sys/unistd.h> for further info on CPU_VERSION.
if [ $CPU_VERSION -ge 768 ]; then # IA-64 CPU
echo "NOTICE! 64-bit is the only ABI currently operational on HP-UXi."
echo " Post request to openssl-dev@openssl.org for 32-bit support."
echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
echo " If you wish to build 32-bit library, the you have to"
echo " invoke './Configure hpux-ia32-cc' *manually*."
if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
(stty -icanon min 0 time 50; read waste) < /dev/tty
fi
OUT="hpux64-ia64-cc"

6
crypto/openssl/crypto/aes/aes_core.c
View File

@ -750,7 +750,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
rk[2] = GETU32(userKey + 8);
rk[3] = GETU32(userKey + 12);
if (bits == 128) {
for (;;) {
while (1) {
temp = rk[3];
rk[4] = rk[0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
@ -770,7 +770,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
rk[4] = GETU32(userKey + 16);
rk[5] = GETU32(userKey + 20);
if (bits == 192) {
for (;;) {
while (1) {
temp = rk[ 5];
rk[ 6] = rk[ 0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
@ -792,7 +792,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
rk[6] = GETU32(userKey + 24);
rk[7] = GETU32(userKey + 28);
if (bits == 256) {
for (;;) {
while (1) {
temp = rk[ 7];
rk[ 8] = rk[ 0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^

5
crypto/openssl/crypto/asn1/a_time.c
View File

@ -105,7 +105,10 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
ts=OPENSSL_gmtime(&t,&data);
if (ts == NULL)
{
ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);
return NULL;
}
if((ts->tm_year >= 50) && (ts->tm_year < 150))
return ASN1_UTCTIME_set(s, t);
return ASN1_GENERALIZEDTIME_set(s,t);
@ -152,7 +155,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
if (t->data[0] >= '5') strcpy(str, "19");
else strcpy(str, "20");
BUF_strlcat(str, (char *)t->data, t->length+2);
BUF_strlcat(str, (char *)t->data, t->length+3); /* Include space for a '\0' */
return ret;
}

2
crypto/openssl/crypto/asn1/asn1.h
View File

@ -980,6 +980,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_TEMPLATE_D2I 131
#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
#define ASN1_F_ASN1_TEMPLATE_NEW 133
#define ASN1_F_ASN1_TIME_SET 175
#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
#define ASN1_F_ASN1_UNPACK_STRING 136
@ -1037,6 +1038,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_DECODE_ERROR 110
#define ASN1_R_DECODING_ERROR 111
#define ASN1_R_ENCODE_ERROR 112
#define ASN1_R_ERROR_GETTING_TIME 173
#define ASN1_R_ERROR_LOADING_SECTION 172
#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114

4
crypto/openssl/crypto/asn1/asn1_err.c
View File

@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -100,6 +100,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"},
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"},
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"},
{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0), "ASN1_TIME_set"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
@ -160,6 +161,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
{ASN1_R_DECODE_ERROR ,"decode error"},
{ASN1_R_DECODING_ERROR ,"decoding error"},
{ASN1_R_ENCODE_ERROR ,"encode error"},
{ASN1_R_ERROR_GETTING_TIME ,"error getting time"},
{ASN1_R_ERROR_LOADING_SECTION ,"error loading section"},
{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"},

12
crypto/openssl/crypto/bf/Makefile.ssl
View File

@ -49,14 +49,8 @@ lib: $(LIBOBJ)
@touch lib
# elf
asm/bx86-elf.o: asm/bx86unix.cpp
$(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o
# solaris
asm/bx86-sol.o: asm/bx86unix.cpp
$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
as -o asm/bx86-sol.o asm/bx86-sol.s
rm -f asm/bx86-sol.s
asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
(cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s)
# a.out
asm/bx86-out.o: asm/bx86unix.cpp
@ -103,7 +97,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.

4
crypto/openssl/crypto/bio/b_sock.c
View File

@ -492,7 +492,7 @@ void BIO_sock_cleanup(void)
#if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000
int BIO_socket_ioctl(int fd, long type, unsigned long *arg)
int BIO_socket_ioctl(int fd, long type, void *arg)
{
int i;
@ -742,7 +742,7 @@ int BIO_set_tcp_ndelay(int s, int on)
int BIO_socket_nbio(int s, int mode)
{
int ret= -1;
unsigned long l;
int l;
l=mode;
#ifdef FIONBIO

4
crypto/openssl/crypto/bio/bio.h
View File

@ -244,7 +244,7 @@ typedef struct bio_method_st
long (_far *ctrl)();
int (_far *create)();
int (_far *destroy)();
long (_fat *callback_ctrl)();
long (_far *callback_ctrl)();
} BIO_METHOD;
#endif
@ -585,7 +585,7 @@ struct hostent *BIO_gethostbyname(const char *name);
* and an appropriate error code is set).
*/
int BIO_sock_error(int sock);
int BIO_socket_ioctl(int fd, long type, unsigned long *arg);
int BIO_socket_ioctl(int fd, long type, void *arg);
int BIO_socket_nbio(int fd,int mode);
int BIO_get_port(const char *str, unsigned short *port_ptr);
int BIO_get_host_ip(const char *str, unsigned char *ip);

3
crypto/openssl/crypto/bio/bio_lib.c
View File

@ -395,6 +395,8 @@ BIO *BIO_pop(BIO *b)
if (b == NULL) return(NULL);
ret=b->next_bio;
BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
if (b->prev_bio != NULL)
b->prev_bio->next_bio=b->next_bio;
if (b->next_bio != NULL)
@ -402,7 +404,6 @@ BIO *BIO_pop(BIO *b)
b->next_bio=NULL;
b->prev_bio=NULL;
BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
return(ret);
}

29
crypto/openssl/crypto/bn/Makefile.ssl
View File

@ -23,14 +23,6 @@ BN_ASM= bn_asm.o
CFLAGS= $(INCLUDES) $(CFLAG)
# We let the C compiler driver to take care of .s files. This is done in
# order to be excused from maintaining a separate set of architecture
# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
# gcc, then the driver will automatically translate it to -xarch=v8plus
# and pass it down to assembler.
AS=$(CC) -c
ASFLAGS=$(CFLAGS)
GENERAL=Makefile
TEST=bntest.c exptest.c
APPS=
@ -73,22 +65,11 @@ lib: $(LIBOBJ)
@touch lib
# elf
asm/bn86-elf.o: asm/bn86unix.cpp
$(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o
asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl
(cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s)
asm/co86-elf.o: asm/co86unix.cpp
$(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o
# solaris
asm/bn86-sol.o: asm/bn86unix.cpp
$(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s
as -o asm/bn86-sol.o asm/bn86-sol.s
rm -f asm/bn86-sol.s
asm/co86-sol.o: asm/co86unix.cpp
$(CC) -E -DSOL asm/co86unix.cpp | sed 's/^#.*//' > asm/co86-sol.s
as -o asm/co86-sol.o asm/co86-sol.s
rm -f asm/co86-sol.s
asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl
(cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s)
# a.out
asm/bn86-out.o: asm/bn86unix.cpp
@ -178,7 +159,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f asm/co86unix.cpp asm/bn86unix.cpp *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
# DO NOT DELETE THIS LINE -- make depend depends on it.

235
crypto/openssl/crypto/bn/asm/ia64.S
View File

@ -1,6 +1,6 @@
.explicit
.text
.ident "ia64.S, Version 1.1"
.ident "ia64.S, Version 2.0"
.ident "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
//
@ -13,6 +13,35 @@
// disclaimed.
// ====================================================================
//
// Version 2.x is Itanium2 re-tune. Few words about how Itanum2 is
// different from Itanium to this module viewpoint. Most notably, is it
// "wider" than Itanium? Can you experience loop scalability as
// discussed in commentary sections? Not really:-( Itanium2 has 6
// integer ALU ports, i.e. it's 2 ports wider, but it's not enough to
// spin twice as fast, as I need 8 IALU ports. Amount of floating point
// ports is the same, i.e. 2, while I need 4. In other words, to this
// module Itanium2 remains effectively as "wide" as Itanium. Yet it's
// essentially different in respect to this module, and a re-tune was
// required. Well, because some intruction latencies has changed. Most
// noticeably those intensively used:
//
// Itanium Itanium2
// ldf8 9 6 L2 hit
// ld8 2 1 L1 hit
// getf 2 5
// xma[->getf] 7[+1] 4[+0]
// add[->st8] 1[+1] 1[+0]
//
// What does it mean? You might ratiocinate that the original code
// should run just faster... Because sum of latencies is smaller...
// Wrong! Note that getf latency increased. This means that if a loop is
// scheduled for lower latency (and they are), then it will suffer from
// stall condition and the code will therefore turn anti-scalable, e.g.
// original bn_mul_words spun at 5*n or 2.5 times slower than expected
// on Itanium2! What to do? Reschedule loops for Itanium2? But then
// Itanium would exhibit anti-scalability. So I've chosen to reschedule
// for worst latency for every instruction aiming for best *all-round*
// performance.
// Q. How much faster does it get?
// A. Here is the output from 'openssl speed rsa dsa' for vanilla
@ -149,12 +178,27 @@ bn_add_words:
brp.loop.imp .L_bn_add_words_ctop,.L_bn_add_words_cend-16
}
.body
{ .mib; mov r14=r32 // rp
{ .mib;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r14=0,r32 // rp
#else
mov r14=r32 // rp
#endif
mov r9=pr };;
{ .mii; mov r15=r33 // ap
{ .mii;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r15=0,r33 // ap
#else
mov r15=r33 // ap
#endif
mov ar.lc=r10
mov ar.ec=6 }
{ .mib; mov r16=r34 // bp
{ .mib;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r16=0,r34 // bp
#else
mov r16=r34 // bp
#endif
mov pr.rot=1<<16 };;
.L_bn_add_words_ctop:
@ -174,7 +218,7 @@ bn_add_words:
{ .mii;
(p59) add r8=1,r8 // return value
mov pr=r9,-1
mov pr=r9,0x1ffff
mov ar.lc=r3 }
{ .mbb; nop.b 0x0
br.ret.sptk.many b0 };;
@ -202,12 +246,27 @@ bn_sub_words:
brp.loop.imp .L_bn_sub_words_ctop,.L_bn_sub_words_cend-16
}
.body
{ .mib; mov r14=r32 // rp
{ .mib;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r14=0,r32 // rp
#else
mov r14=r32 // rp
#endif
mov r9=pr };;
{ .mii; mov r15=r33 // ap
{ .mii;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r15=0,r33 // ap
#else
mov r15=r33 // ap
#endif
mov ar.lc=r10
mov ar.ec=6 }
{ .mib; mov r16=r34 // bp
{ .mib;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r16=0,r34 // bp
#else
mov r16=r34 // bp
#endif
mov pr.rot=1<<16 };;
.L_bn_sub_words_ctop:
@ -227,7 +286,7 @@ bn_sub_words:
{ .mii;
(p59) add r8=1,r8 // return value
mov pr=r9,-1
mov pr=r9,0x1ffff
mov ar.lc=r3 }
{ .mbb; nop.b 0x0
br.ret.sptk.many b0 };;
@ -253,7 +312,7 @@ bn_mul_words:
#ifdef XMA_TEMPTATION
{ .mfi; alloc r2=ar.pfs,4,0,0,0 };;
#else
{ .mfi; alloc r2=ar.pfs,4,4,0,8 };;
{ .mfi; alloc r2=ar.pfs,4,12,0,16 };;
#endif
{ .mib; mov r8=r0 // return value
cmp4.le p6,p0=r34,r0
@ -266,24 +325,30 @@ bn_mul_words:
.body
{ .mib; setf.sig f8=r35 // w
mov pr.rot=0x400001<<16
// ------^----- serves as (p48) at first (p26)
mov pr.rot=0x800001<<16
// ------^----- serves as (p50) at first (p27)
brp.loop.imp .L_bn_mul_words_ctop,.L_bn_mul_words_cend-16
}
#ifndef XMA_TEMPTATION
{ .mii; mov r14=r32 // rp
mov r15=r33 // ap
{ .mii;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r14=0,r32 // rp
addp4 r15=0,r33 // ap
#else
mov r14=r32 // rp
mov r15=r33 // ap
#endif
mov ar.lc=r10 }
{ .mii; mov r39=0 // serves as r33 at first (p26)
mov ar.ec=12 };;
{ .mii; mov r40=0 // serves as r35 at first (p27)
mov ar.ec=13 };;
// This loop spins in 2*(n+11) ticks. It's scheduled for data in L2
// cache (i.e. 9 ticks away) as floating point load/store instructions
// This loop spins in 2*(n+12) ticks. It's scheduled for data in Itanium
// L2 cache (i.e. 9 ticks away) as floating point load/store instructions
// bypass L1 cache and L2 latency is actually best-case scenario for
// ldf8. The loop is not scalable and shall run in 2*(n+11) even on
// "wider" IA-64 implementations. It's a trade-off here. n+22 loop
// ldf8. The loop is not scalable and shall run in 2*(n+12) even on
// "wider" IA-64 implementations. It's a trade-off here. n+24 loop
// would give us ~5% in *overall* performance improvement on "wider"
// IA-64, but would hurt Itanium for about same because of longer
// epilogue. As it's a matter of few percents in either case I've
@ -291,25 +356,25 @@ bn_mul_words:
// this very instruction sequence in bn_mul_add_words loop which in
// turn is scalable).
.L_bn_mul_words_ctop:
{ .mfi; (p25) getf.sig r36=f49 // low
(p21) xmpy.lu f45=f37,f8
(p27) cmp.ltu p52,p48=r39,r38 }
{ .mfi; (p25) getf.sig r36=f52 // low
(p21) xmpy.lu f48=f37,f8
(p28) cmp.ltu p54,p50=r41,r39 }
{ .mfi; (p16) ldf8 f32=[r15],8
(p21) xmpy.hu f38=f37,f8
(p21) xmpy.hu f40=f37,f8
(p0) nop.i 0x0 };;
{ .mii; (p26) getf.sig r32=f43 // high
.pred.rel "mutex",p48,p52
(p48) add r38=r37,r33 // (p26)
(p52) add r38=r37,r33,1 } // (p26)
{ .mfb; (p27) st8 [r14]=r39,8
{ .mii; (p25) getf.sig r32=f44 // high
.pred.rel "mutex",p50,p54
(p50) add r40=r38,r35 // (p27)
(p54) add r40=r38,r35,1 } // (p27)
{ .mfb; (p28) st8 [r14]=r41,8
(p0) nop.f 0x0
br.ctop.sptk .L_bn_mul_words_ctop };;
.L_bn_mul_words_cend:
{ .mii; nop.m 0x0
.pred.rel "mutex",p49,p53
(p49) add r8=r34,r0
(p53) add r8=r34,r0,1 }
.pred.rel "mutex",p51,p55
(p51) add r8=r36,r0
(p55) add r8=r36,r0,1 }
{ .mfb; nop.m 0x0
nop.f 0x0
nop.b 0x0 }
@ -344,7 +409,7 @@ bn_mul_words:
#endif // XMA_TEMPTATION
{ .mii; nop.m 0x0
mov pr=r9,-1
mov pr=r9,0x1ffff
mov ar.lc=r3 }
{ .mfb; rum 1<<5 // clear um.mfh
nop.f 0x0
@ -376,59 +441,69 @@ bn_mul_add_words:
.body
{ .mib; setf.sig f8=r35 // w
mov pr.rot=0x400001<<16
// ------^----- serves as (p48) at first (p26)
mov pr.rot=0x800001<<16
// ------^----- serves as (p50) at first (p27)
brp.loop.imp .L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16
}
{ .mii; mov r14=r32 // rp
mov r15=r33 // ap
{ .mii;
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r14=0,r32 // rp
addp4 r15=0,r33 // ap
#else
mov r14=r32 // rp
mov r15=r33 // ap
#endif
mov ar.lc=r10 }
{ .mii; mov r39=0 // serves as r33 at first (p26)
mov r18=r32 // rp copy
mov ar.ec=14 };;
{ .mii; mov r40=0 // serves as r35 at first (p27)
#if defined(_HPUX_SOURCE) && defined(_ILP32)
addp4 r18=0,r32 // rp copy
#else
mov r18=r32 // rp copy
#endif
mov ar.ec=15 };;
// This loop spins in 3*(n+13) ticks on Itanium and should spin in
// 2*(n+13) on "wider" IA-64 implementations (to be verified with new
// This loop spins in 3*(n+14) ticks on Itanium and should spin in
// 2*(n+14) on "wider" IA-64 implementations (to be verified with new
// µ-architecture manuals as they become available). As usual it's
// possible to compress the epilogue, down to 10 in this case, at the
// cost of scalability. Compressed (and therefore non-scalable) loop
// running at 3*(n+10) would buy you ~10% on Itanium but take ~35%
// running at 3*(n+11) would buy you ~10% on Itanium but take ~35%
// from "wider" IA-64 so let it be scalable! Special attention was
// paid for having the loop body split at 64-byte boundary. ld8 is
// scheduled for L1 cache as the data is more than likely there.
// Indeed, bn_mul_words has put it there a moment ago:-)
.L_bn_mul_add_words_ctop:
{ .mfi; (p25) getf.sig r36=f49 // low
(p21) xmpy.lu f45=f37,f8
(p27) cmp.ltu p52,p48=r39,r38 }
{ .mfi; (p25) getf.sig r36=f52 // low
(p21) xmpy.lu f48=f37,f8
(p28) cmp.ltu p54,p50=r41,r39 }
{ .mfi; (p16) ldf8 f32=[r15],8
(p21) xmpy.hu f38=f37,f8
(p27) add r43=r43,r39 };;
{ .mii; (p26) getf.sig r32=f43 // high
.pred.rel "mutex",p48,p52
(p48) add r38=r37,r33 // (p26)
(p52) add r38=r37,r33,1 } // (p26)
{ .mfb; (p27) cmp.ltu.unc p56,p0=r43,r39
(p21) xmpy.hu f40=f37,f8
(p28) add r45=r45,r41 };;
{ .mii; (p25) getf.sig r32=f44 // high
.pred.rel "mutex",p50,p54
(p50) add r40=r38,r35 // (p27)
(p54) add r40=r38,r35,1 } // (p27)
{ .mfb; (p28) cmp.ltu.unc p60,p0=r45,r41
(p0) nop.f 0x0
(p0) nop.b 0x0 }
{ .mii; (p26) ld8 r42=[r18],8
(p58) cmp.eq.or p57,p0=-1,r44
(p58) add r44=1,r44 }
{ .mfb; (p29) st8 [r14]=r45,8
{ .mii; (p27) ld8 r44=[r18],8
(p62) cmp.eq.or p61,p0=-1,r46
(p62) add r46=1,r46 }
{ .mfb; (p30) st8 [r14]=r47,8
(p0) nop.f 0x0
br.ctop.sptk .L_bn_mul_add_words_ctop};;
.L_bn_mul_add_words_cend:
{ .mii; nop.m 0x0
.pred.rel "mutex",p51,p55
(p51) add r8=r36,r0
(p55) add r8=r36,r0,1 }
.pred.rel "mutex",p53,p57
(p53) add r8=r38,r0
(p57) add r8=r38,r0,1 }
{ .mfb; nop.m 0x0
nop.f 0x0
nop.b 0x0 };;
{ .mii;
(p59) add r8=1,r8
mov pr=r9,-1
(p63) add r8=1,r8
mov pr=r9,0x1ffff
mov ar.lc=r3 }
{ .mfb; rum 1<<5 // clear um.mfh
nop.f 0x0
@ -461,6 +536,10 @@ bn_sqr_words:
mov r9=pr };;
.body
#if defined(_HPUX_SOURCE) && defined(_ILP32)
{ .mii; addp4 r32=0,r32
addp4 r33=0,r33 };;
#endif
{ .mib;
mov pr.rot=1<<16
brp.loop.imp .L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16
@ -492,7 +571,7 @@ bn_sqr_words:
.L_bn_sqr_words_cend:
{ .mii; nop.m 0x0
mov pr=r9,-1
mov pr=r9,0x1ffff
mov ar.lc=r3 }
{ .mfb; rum 1<<5 // clear um.mfh
nop.f 0x0
@ -526,7 +605,14 @@ bn_sqr_comba8:
.prologue
.fframe 0
.save ar.pfs,r2
#if defined(_HPUX_SOURCE) && defined(_ILP32)
{ .mii; alloc r2=ar.pfs,2,1,0,0
addp4 r33=0,r33
addp4 r32=0,r32 };;
{ .mii;
#else
{ .mii; alloc r2=ar.pfs,2,1,0,0
#endif
mov r34=r33
add r14=8,r33 };;
.body
@ -587,7 +673,14 @@ bn_mul_comba8:
.prologue
.fframe 0
.save ar.pfs,r2
#if defined(_HPUX_SOURCE) && defined(_ILP32)
{ .mii; alloc r2=ar.pfs,3,0,0,0
addp4 r33=0,r33
addp4 r34=0,r34 };;
{ .mii; addp4 r32=0,r32
#else
{ .mii; alloc r2=ar.pfs,3,0,0,0
#endif
add r14=8,r33
add r17=8,r34 }
.body
@ -1138,7 +1231,14 @@ bn_sqr_comba4:
.prologue
.fframe 0
.save ar.pfs,r2
#if defined(_HPUX_SOURCE) && defined(_ILP32)
{ .mii; alloc r2=ar.pfs,2,1,0,0
addp4 r32=0,r32
addp4 r33=0,r33 };;
{ .mii;
#else
{ .mii; alloc r2=ar.pfs,2,1,0,0
#endif
mov r34=r33
add r14=8,r33 };;
.body
@ -1164,7 +1264,14 @@ bn_mul_comba4:
.prologue
.fframe 0
.save ar.pfs,r2
#if defined(_HPUX_SOURCE) && defined(_ILP32)
{ .mii; alloc r2=ar.pfs,3,0,0,0
addp4 r33=0,r33
addp4 r34=0,r34 };;
{ .mii; addp4 r32=0,r32
#else
{ .mii; alloc r2=ar.pfs,3,0,0,0
#endif
add r14=8,r33
add r17=8,r34 }
.body
@ -1464,7 +1571,7 @@ bn_div_words:
or r8=r8,r33
mov ar.pfs=r2 };;
{ .mii; shr.u r9=H,I // remainder if anybody wants it
mov pr=r10,-1 }
mov pr=r10,0x1ffff }
{ .mfb; br.ret.sptk.many b0 };;
// Unsigned 64 by 32 (well, by 64 for the moment) bit integer division

36
crypto/openssl/crypto/bn/asm/pa-risc2.s
View File

@ -747,8 +747,8 @@ bn_div_words
.PROC
.EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN
.IMPORT BN_num_bits_word,CODE
.IMPORT __iob,DATA
.IMPORT fprintf,CODE
;--- not PIC .IMPORT __iob,DATA
;--- not PIC .IMPORT fprintf,CODE
.IMPORT abort,CODE
.IMPORT $$div2U,MILLICODE
.CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
@ -844,12 +844,12 @@ $0006001A
MOVIB,TR 2,%r8,$0006001C ;offset 0xa18
EXTRD,U %r3,63,32,%r7 ;offset 0xa1c
$D2
ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20
LDIL LR'C$7,%r21 ;offset 0xa24
LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28
.CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28;
B,L fprintf,%r2 ;offset 0xa2c
LDO RR'C$7(%r21),%r25 ;offset 0xa30
;--- not PIC ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20
;--- not PIC LDIL LR'C$7,%r21 ;offset 0xa24
;--- not PIC LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28
;--- not PIC .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28;
;--- not PIC B,L fprintf,%r2 ;offset 0xa2c
;--- not PIC LDO RR'C$7(%r21),%r25 ;offset 0xa30
.CALL ;
B,L abort,%r2 ;offset 0xa34
NOP ;offset 0xa38
@ -1605,14 +1605,14 @@ bn_mul_comba4
.PROCEND
.SPACE $TEXT$
.SUBSPA $CODE$
.SPACE $PRIVATE$,SORT=16
.IMPORT $global$,DATA
.SPACE $TEXT$
.SUBSPA $CODE$
.SUBSPA $LIT$,ACCESS=0x2c
C$7
.ALIGN 8
.STRINGZ "Division would overflow (%d)\n"
;--- not PIC .SPACE $TEXT$
;--- not PIC .SUBSPA $CODE$
;--- not PIC .SPACE $PRIVATE$,SORT=16
;--- not PIC .IMPORT $global$,DATA
;--- not PIC .SPACE $TEXT$
;--- not PIC .SUBSPA $CODE$
;--- not PIC .SUBSPA $LIT$,ACCESS=0x2c
;--- not PIC C$7
;--- not PIC .ALIGN 8
;--- not PIC .STRINGZ "Division would overflow (%d)\n"
.END

4
crypto/openssl/crypto/bn/bn_lcl.h
View File

@ -446,10 +446,6 @@ void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
BN_ULONG *t);
void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
BN_ULONG *t);
BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
int cl, int dl);
BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
int cl, int dl);
#ifdef __cplusplus
}

2
crypto/openssl/crypto/bn/bn_prime.c
View File

@ -140,6 +140,7 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
BN_CTX *ctx;
int checks = BN_prime_checks_for_size(bits);
BN_init(&t);
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
if (ret == NULL)
@ -148,7 +149,6 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
}
else
rnd=ret;
BN_init(&t);
loop:
/* make a random number and set the top and bottom bits */
if (add == NULL)

12
crypto/openssl/crypto/cast/Makefile.ssl
View File

@ -52,14 +52,8 @@ lib: $(LIBOBJ)
@touch lib
# elf
asm/cx86-elf.o: asm/cx86unix.cpp
$(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o
# solaris
asm/cx86-sol.o: asm/cx86unix.cpp
$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
as -o asm/cx86-sol.o asm/cx86-sol.s
rm -f asm/cx86-sol.s
asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
(cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s)
# a.out
asm/cx86-out.o: asm/cx86unix.cpp
@ -104,7 +98,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f asm/cx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.

4
crypto/openssl/crypto/conf/conf_mall.c
View File

@ -63,7 +63,9 @@
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* Load all OpenSSL builtin modules */
@ -71,6 +73,8 @@ void OPENSSL_load_builtin_modules(void)
{
/* Add builtin modules here */
ASN1_add_oid_module();
#ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module();
#endif
}

4
crypto/openssl/crypto/conf/conf_sap.c
View File

@ -63,7 +63,9 @@
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* This is the automatic configuration loader: it is called automatically by
* OpenSSL when any of a number of standard initialisation functions are called,
@ -78,8 +80,10 @@ void OPENSSL_config(const char *config_name)
return;
OPENSSL_load_builtin_modules();
#ifndef OPENSSL_NO_ENGINE
/* Need to load ENGINEs */
ENGINE_load_builtin_engines();
#endif
/* Add others here? */

29
crypto/openssl/crypto/des/Makefile.ssl
View File

@ -66,30 +66,11 @@ des: des.o cbc3_enc.o lib
$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
# elf
asm/dx86-elf.o: asm/dx86unix.cpp
$(CPP) -DELF \
`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
-x c asm/dx86unix.cpp | as -o asm/dx86-elf.o
asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
(cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s)
asm/yx86-elf.o: asm/yx86unix.cpp
$(CPP) -DELF \
`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
-x c asm/yx86unix.cpp | as -o asm/yx86-elf.o
# solaris
asm/dx86-sol.o: asm/dx86unix.cpp
$(CC) -E -DSOL \
`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
as -o asm/dx86-sol.o asm/dx86-sol.s
rm -f asm/dx86-sol.s
asm/yx86-sol.o: asm/yx86unix.cpp
$(CC) -E -DSOL \
`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
as -o asm/yx86-sol.o asm/yx86-sol.s
rm -f asm/yx86-sol.s
asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
(cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s)
# a.out
asm/dx86-out.o: asm/dx86unix.cpp
@ -145,7 +126,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f asm/dx86unix.cpp asm/yx86unix.cpp *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.

5
crypto/openssl/crypto/des/asm/crypt586.pl
View File

@ -32,8 +32,9 @@ sub fcrypt_body
&xor( $R, $R);
# PIC-ification:-)
if ($cpp) { &picmeup("edx","DES_SPtrans"); }
else { &lea("edx",&DWP("DES_SPtrans")); }
&picmeup("edx","DES_SPtrans");
#if ($cpp) { &picmeup("edx","DES_SPtrans"); }
#else { &lea("edx",&DWP("DES_SPtrans")); }
&push("edx"); # becomes &swtmp(1)
#
&mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT

5
crypto/openssl/crypto/des/asm/des-586.pl
View File

@ -73,8 +73,9 @@ sub DES_encrypt
}
# PIC-ification:-)
if ($cpp) { &picmeup($trans,"DES_SPtrans"); }
else { &lea($trans,&DWP("DES_SPtrans")); }
&picmeup($trans,"DES_SPtrans");
#if ($cpp) { &picmeup($trans,"DES_SPtrans"); }
#else { &lea($trans,&DWP("DES_SPtrans")); }
&mov( "ecx", &wparam(1) );
&cmp("ebx","0");

9
crypto/openssl/crypto/des/cbc_cksm.c
View File

@ -93,5 +93,14 @@ DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
l2c(tout1,out);
}
tout0=tin0=tin1=tin[0]=tin[1]=0;
/*
Transform the data in tout1 so that it will
match the return value that the MIT Kerberos
mit_des_cbc_cksum API returns.
*/
tout1 = ((tout1 >> 24L) & 0x000000FF)
| ((tout1 >> 8L) & 0x0000FF00)
| ((tout1 << 8L) & 0x00FF0000)
| ((tout1 << 24L) & 0xFF000000);
return(tout1);
}

2
crypto/openssl/crypto/des/des_locl.h
View File

@ -162,7 +162,7 @@
#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
#define ROTATE(a,n) (_lrotr(a,n))
#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(NO_ASM) && !defined(NO_INLINE_ASM)
#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
# define ROTATE(a,n) ({ register unsigned int ret; \
asm ("rorl %1,%0" \

4
crypto/openssl/crypto/des/destest.c
View File

@ -320,7 +320,11 @@ static unsigned char ofb_cipher[24]=
0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
};
#if 0
static DES_LONG cbc_cksum_ret=0xB462FEF7L;
#else
static DES_LONG cbc_cksum_ret=0xF7FE62B4L;
#endif
static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
static char *pt(unsigned char *p);

2
crypto/openssl/crypto/dh/dh_key.c
View File

@ -61,7 +61,9 @@
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/dh.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);

10
crypto/openssl/crypto/dh/dh_lib.c
View File

@ -60,7 +60,9 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/dh.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
@ -85,11 +87,13 @@ int DH_set_method(DH *dh, const DH_METHOD *meth)
const DH_METHOD *mtmp;
mtmp = dh->meth;
if (mtmp->finish) mtmp->finish(dh);
#ifndef OPENSSL_NO_ENGINE
if (dh->engine)
{
ENGINE_finish(dh->engine);
dh->engine = NULL;
}
#endif
dh->meth = meth;
if (meth->init) meth->init(dh);
return 1;
@ -112,6 +116,7 @@ DH *DH_new_method(ENGINE *engine)
}
ret->meth = DH_get_default_method();
#ifndef OPENSSL_NO_ENGINE
if (engine)
{
if (!ENGINE_init(engine))
@ -135,6 +140,7 @@ DH *DH_new_method(ENGINE *engine)
return NULL;
}
}
#endif
ret->pad=0;
ret->version=0;
@ -154,8 +160,10 @@ DH *DH_new_method(ENGINE *engine)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
@ -182,8 +190,10 @@ void DH_free(DH *r)
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);

10
crypto/openssl/crypto/dsa/dsa_lib.c
View File

@ -63,7 +63,9 @@
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
@ -93,11 +95,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
const DSA_METHOD *mtmp;
mtmp = dsa->meth;
if (mtmp->finish) mtmp->finish(dsa);
#ifndef OPENSSL_NO_ENGINE
if (dsa->engine)
{
ENGINE_finish(dsa->engine);
dsa->engine = NULL;
}
#endif
dsa->meth = meth;
if (meth->init) meth->init(dsa);
return 1;
@ -114,6 +118,7 @@ DSA *DSA_new_method(ENGINE *engine)
return(NULL);
}
ret->meth = DSA_get_default_method();
#ifndef OPENSSL_NO_ENGINE
if (engine)
{
if (!ENGINE_init(engine))
@ -138,6 +143,7 @@ DSA *DSA_new_method(ENGINE *engine)
return NULL;
}
}
#endif
ret->pad=0;
ret->version=0;
@ -158,8 +164,10 @@ DSA *DSA_new_method(ENGINE *engine)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
@ -189,8 +197,10 @@ void DSA_free(DSA *r)
if(r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
if(r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);

15
crypto/openssl/crypto/dsa/dsa_ossl.c
View File

@ -64,7 +64,9 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
@ -106,13 +108,15 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
int i,reason=ERR_R_BN_LIB;
DSA_SIG *ret=NULL;
BN_init(&m);
BN_init(&xr);
if (!dsa->p || !dsa->q || !dsa->g)
{
reason=DSA_R_MISSING_PARAMETERS;
goto err;
}
BN_init(&m);
BN_init(&xr);
s=BN_new();
if (s == NULL) goto err;
@ -178,6 +182,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
return 0;
}
BN_init(&k);
if (ctx_in == NULL)
{
if ((ctx=BN_CTX_new()) == NULL) goto err;
@ -185,7 +192,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
else
ctx=ctx_in;
BN_init(&k);
if ((r=BN_new()) == NULL) goto err;
kinv=NULL;
@ -241,11 +247,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
return -1;
}
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);
if ((ctx=BN_CTX_new()) == NULL) goto err;
if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
{
ret = 0;

2
crypto/openssl/crypto/dsa/dsa_sign.c
View File

@ -64,7 +64,9 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{

2
crypto/openssl/crypto/dsa/dsa_vrf.c
View File

@ -65,7 +65,9 @@
#include <openssl/rand.h>
#include <openssl/asn1.h>
#include <openssl/asn1_mac.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)

2
crypto/openssl/crypto/dsa/dsagen.c
View File

@ -103,7 +103,7 @@ main()
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
memcpy(seed_buf,seed,20);
dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb);
dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
if (dsa == NULL)
DSA_print(bio_err,dsa,0);

2
crypto/openssl/crypto/dsa/dsatest.c
View File

@ -68,7 +68,9 @@
#include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifdef OPENSSL_SYS_WINDOWS
#include "../bio/bss_file.c"
#endif

2
crypto/openssl/crypto/dso/dso_dl.c
View File

@ -126,7 +126,7 @@ static int dl_load(DSO *dso)
DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME);
goto err;
}
ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, NULL);
ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L);
if(ptr == NULL)
{
DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);

2
crypto/openssl/crypto/ec/ec.h
View File

@ -195,7 +195,6 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_GROUP_GET0_GENERATOR 139
#define EC_F_EC_GROUP_GET_COFACTOR 140
#define EC_F_EC_GROUP_GET_CURVE_GFP 130
#define EC_F_EC_GROUP_GET_EXTRA_DATA 107
#define EC_F_EC_GROUP_GET_ORDER 141
#define EC_F_EC_GROUP_NEW 108
#define EC_F_EC_GROUP_PRECOMPUTE_MULT 142
@ -232,7 +231,6 @@ void ERR_load_EC_strings(void);
#define EC_R_INVALID_FIELD 103
#define EC_R_INVALID_FORM 104
#define EC_R_NOT_INITIALIZED 111
#define EC_R_NO_SUCH_EXTRA_DATA 105
#define EC_R_POINT_AT_INFINITY 106
#define EC_R_POINT_IS_NOT_ON_CURVE 107
#define EC_R_SLOT_FULL 108

2
crypto/openssl/crypto/ec/ec_err.c
View File

@ -84,7 +84,6 @@ static ERR_STRING_DATA EC_str_functs[]=
{ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0), "EC_GROUP_get0_generator"},
{ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0), "EC_GROUP_get_cofactor"},
{ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0), "EC_GROUP_get_curve_GFp"},
{ERR_PACK(0,EC_F_EC_GROUP_GET_EXTRA_DATA,0), "EC_GROUP_get_extra_data"},
{ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"},
{ERR_PACK(0,EC_F_EC_GROUP_NEW,0), "EC_GROUP_new"},
{ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0), "EC_GROUP_precompute_mult"},
@ -124,7 +123,6 @@ static ERR_STRING_DATA EC_str_reasons[]=
{EC_R_INVALID_FIELD ,"invalid field"},
{EC_R_INVALID_FORM ,"invalid form"},
{EC_R_NOT_INITIALIZED ,"not initialized"},
{EC_R_NO_SUCH_EXTRA_DATA ,"no such extra data"},
{EC_R_POINT_AT_INFINITY ,"point at infinity"},
{EC_R_POINT_IS_NOT_ON_CURVE ,"point is not on curve"},
{EC_R_SLOT_FULL ,"slot full"},

4
crypto/openssl/crypto/ec/ec_lib.c
View File

@ -268,7 +268,9 @@ void *EC_GROUP_get_extra_data(const EC_GROUP *group, void *(*extra_data_dup_func
|| (group->extra_data_free_func != extra_data_free_func)
|| (group->extra_data_clear_free_func != extra_data_clear_free_func))
{
ECerr(EC_F_EC_GROUP_GET_EXTRA_DATA, EC_R_NO_SUCH_EXTRA_DATA);
#if 0 /* this was an error in 0.9.7, but that does not make a lot of sense */
ECerr(..._F_EC_GROUP_GET_EXTRA_DATA, ..._R_NO_SUCH_EXTRA_DATA);
#endif
return NULL;
}

11
crypto/openssl/crypto/ec/ec_mult.c
View File

@ -209,6 +209,17 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' */
int ret = 0;
if (group->meth != r->meth)
{
ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
if ((scalar == NULL) && (num == 0))
{
return EC_POINT_set_to_infinity(group, r);
}
if (scalar != NULL)
{
generator = EC_GROUP_get0_generator(group);

4
crypto/openssl/crypto/ec/ectest.c
View File

@ -70,7 +70,9 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
#include <openssl/ec.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#define ABORT do { \
@ -628,7 +630,9 @@ int main(int argc, char *argv[])
if (P_384) EC_GROUP_free(P_384);
if (P_521) EC_GROUP_free(P_521);
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);

2
crypto/openssl/crypto/engine/Makefile.ssl
View File

@ -50,7 +50,7 @@ all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:

6
crypto/openssl/crypto/engine/engine.h
View File

@ -59,6 +59,12 @@
#ifndef HEADER_ENGINE_H
#define HEADER_ENGINE_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_ENGINE
#error ENGINE is disabled.
#endif
#include <openssl/ossl_typ.h>
#include <openssl/bn.h>
#ifndef OPENSSL_NO_RSA

11
crypto/openssl/crypto/engine/enginetest.c
View File

@ -56,9 +56,17 @@
*
*/
#include <openssl/e_os2.h>
#include <stdio.h>
#include <string.h>
#ifdef OPENSSL_NO_ENGINE
int main(int argc, char *argv[])
{
printf("No ENGINE support\n");
return(0);
}
#else
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
#include <openssl/engine.h>
@ -272,3 +280,4 @@ int main(int argc, char *argv[])
CRYPTO_mem_leaks_fp(stderr);
return to_return;
}
#endif

2
crypto/openssl/crypto/err/err.c
View File

@ -211,6 +211,7 @@ static ERR_STRING_DATA ERR_str_reasons[]=
{0,NULL},
};
#endif
/* Define the predeclared (but externally opaque) "ERR_FNS" type */
@ -491,6 +492,7 @@ static int int_err_get_next_lib(void)
}
#ifndef OPENSSL_NO_ERR
#define NUM_SYS_STR_REASONS 127
#define LEN_SYS_STR_REASON 32

4
crypto/openssl/crypto/err/err_all.c
View File

@ -82,7 +82,9 @@
#include <openssl/pkcs12.h>
#include <openssl/rand.h>
#include <openssl/dso.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/ocsp.h>
#include <openssl/err.h>
@ -122,7 +124,9 @@ void ERR_load_crypto_strings(void)
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
ERR_load_DSO_strings();
#ifndef OPENSSL_NO_ENGINE
ERR_load_ENGINE_strings();
#endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
#endif

13
crypto/openssl/crypto/evp/digest.c
View File

@ -113,7 +113,9 @@
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
@ -138,6 +140,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
{
EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
#ifndef OPENSSL_NO_ENGINE
/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
* so this context may already have an ENGINE! Try to avoid releasing
* the previous handle, re-querying for an ENGINE, and having a
@ -183,7 +186,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
else
ctx->engine = NULL;
}
else if(!ctx->digest)
else
#endif
if(!ctx->digest)
{
EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
return 0;
@ -196,7 +201,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
if (type->ctx_size)
ctx->md_data=OPENSSL_malloc(type->ctx_size);
}
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
return ctx->digest->init(ctx);
}
@ -246,12 +253,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
return 0;
}
#ifndef OPENSSL_NO_ENGINE
/* Make sure it's safe to copy a digest context using an ENGINE */
if (in->engine && !ENGINE_init(in->engine))
{
EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
return 0;
}
#endif
EVP_MD_CTX_cleanup(out);
memcpy(out,in,sizeof *out);
@ -304,10 +313,12 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);
}
#ifndef OPENSSL_NO_ENGINE
if(ctx->engine)
/* The EVP_MD we used belongs to an ENGINE, release the
* functional reference we held for this reason. */
ENGINE_finish(ctx->engine);
#endif
memset(ctx,'\0',sizeof *ctx);
return 1;

2
crypto/openssl/crypto/evp/evp_acnf.c
View File

@ -59,7 +59,9 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/conf.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* Load all algorithms and configure OpenSSL.

12
crypto/openssl/crypto/evp/evp_enc.c
View File

@ -60,7 +60,9 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include "evp_locl.h"
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
@ -91,6 +93,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
enc = 1;
ctx->encrypt = enc;
}
#ifndef OPENSSL_NO_ENGINE
/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
* so this context may already have an ENGINE! Try to avoid releasing
* the previous handle, re-querying for an ENGINE, and having a
@ -98,6 +101,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
if (ctx->engine && ctx->cipher && (!cipher ||
(cipher && (cipher->nid == ctx->cipher->nid))))
goto skip_to_init;
#endif
if (cipher)
{
/* Ensure a context left lying around from last time is cleared
@ -107,6 +111,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
/* Restore encrypt field: it is zeroed by cleanup */
ctx->encrypt = enc;
#ifndef OPENSSL_NO_ENGINE
if(impl)
{
if (!ENGINE_init(impl))
@ -140,6 +145,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
}
else
ctx->engine = NULL;
#endif
ctx->cipher=cipher;
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
@ -159,7 +165,9 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
return 0;
}
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
/* we assume block size is a power of 2 in *cryptUpdate */
OPENSSL_assert(ctx->cipher->block_size == 1
|| ctx->cipher->block_size == 8
@ -236,7 +244,7 @@ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *imp
int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv)
{
return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0);
return EVP_CipherInit(ctx, cipher, key, iv, 0);
}
int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
@ -460,10 +468,12 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
}
if (c->cipher_data)
OPENSSL_free(c->cipher_data);
#ifndef OPENSSL_NO_ENGINE
if (c->engine)
/* The EVP_CIPHER we used belongs to an ENGINE, release the
* functional reference we held for this reason. */
ENGINE_finish(c->engine);
#endif
memset(c,0,sizeof(EVP_CIPHER_CTX));
return 1;
}

9
crypto/openssl/crypto/evp/evp_test.c
View File

@ -53,7 +53,10 @@
#include "../e_os.h"
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include <openssl/conf.h>
static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
@ -330,11 +333,14 @@ int main(int argc,char **argv)
/* Load up the software EVP_CIPHER and EVP_MD definitions */
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
/* Load all compiled-in ENGINEs */
ENGINE_load_builtin_engines();
#endif
#if 0
OPENSSL_config();
#endif
#ifndef OPENSSL_NO_ENGINE
/* Register all available ENGINE implementations of ciphers and digests.
* This could perhaps be changed to "ENGINE_register_all_complete()"? */
ENGINE_register_all_ciphers();
@ -343,6 +349,7 @@ int main(int argc,char **argv)
* It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
* they weren't already initialised. */
/* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
#endif
for( ; ; )
{
@ -384,7 +391,9 @@ int main(int argc,char **argv)
}
}
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);

2
crypto/openssl/crypto/krb5/Makefile.ssl
View File

@ -41,7 +41,7 @@ all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:

1
crypto/openssl/crypto/md2/md2test.c
View File

@ -125,7 +125,6 @@ int main(int argc, char *argv[])
P++;
}
EXIT(err);
return(0);
}
static char *pt(unsigned char *md)

2
crypto/openssl/crypto/md4/md4.c
View File

@ -64,7 +64,7 @@
void do_fp(FILE *f);
void pt(unsigned char *md);
#ifndef _OSD_POSIX
#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
int read(int, void *, unsigned int);
#endif

20
crypto/openssl/crypto/md5/Makefile.ssl
View File

@ -21,14 +21,6 @@ MD5_ASM_OBJ=
CFLAGS= $(INCLUDES) $(CFLAG)
# We let the C compiler driver to take care of .s files. This is done in
# order to be excused from maintaining a separate set of architecture
# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
# gcc, then the driver will automatically translate it to -xarch=v8plus
# and pass it down to assembler.
AS=$(CC) -c
ASFLAGS=$(CFLAGS)
GENERAL=Makefile
TEST=md5test.c
APPS=
@ -55,14 +47,8 @@ lib: $(LIBOBJ)
@touch lib
# elf
asm/mx86-elf.o: asm/mx86unix.cpp
$(CPP) -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o
# solaris
asm/mx86-sol.o: asm/mx86unix.cpp
$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
as -o asm/mx86-sol.o asm/mx86-sol.s
rm -f asm/mx86-sol.s
asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl
(cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s)
# a.out
asm/mx86-out.o: asm/mx86unix.cpp
@ -125,7 +111,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.

2
crypto/openssl/crypto/md5/md5.c
View File

@ -64,7 +64,7 @@
void do_fp(FILE *f);
void pt(unsigned char *md);
#ifndef _OSD_POSIX
#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
int read(int, void *, unsigned int);
#endif

2
crypto/openssl/crypto/md5/md5.h
View File

@ -78,7 +78,7 @@ extern "C" {
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
#define MD5_LONG unsigned long
#elif defined(OENSSL_SYS_CRAY) || defined(__ILP64__)
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
#define MD5_LONG unsigned long
#define MD5_LONG_LOG2 3
/*

10
crypto/openssl/crypto/mem.c
View File

@ -252,6 +252,8 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
void *ret = NULL;
extern unsigned char cleanse_ctr;
if (num < 0) return NULL;
allow_customize = 0;
if (malloc_debug_func != NULL)
{
@ -291,6 +293,8 @@ void *CRYPTO_malloc(int num, const char *file, int line)
void *ret = NULL;
extern unsigned char cleanse_ctr;
if (num < 0) return NULL;
allow_customize = 0;
if (malloc_debug_func != NULL)
{
@ -319,6 +323,9 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
if (str == NULL)
return CRYPTO_malloc(num, file, line);
if (num < 0) return NULL;
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
ret = realloc_ex_func(str,num,file,line);
@ -338,6 +345,9 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
if (str == NULL)
return CRYPTO_malloc(num, file, line);
if (num < 0) return NULL;
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
ret=malloc_ex_func(num,file,line);

3
crypto/openssl/crypto/o_time.c
View File

@ -80,7 +80,8 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
ts = result;
#elif !defined(OPENSSL_SYS_VMS)
ts = gmtime(timer);
memcpy(result, ts, sizeof(struct tm));
if (ts != NULL)
memcpy(result, ts, sizeof(struct tm));
ts = result;
#endif
#ifdef OPENSSL_SYS_VMS

4
crypto/openssl/crypto/objects/obj_dat.h
View File

@ -827,7 +827,7 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
{"GN","givenName",NID_givenName,3,&(lvalues[535]),0},
{"SN","surName",NID_surname,3,&(lvalues[538]),0},
{"SN","surname",NID_surname,3,&(lvalues[538]),0},
{"initials","initials",NID_initials,3,&(lvalues[541]),0},
{NULL,NULL,NID_undef,0,NULL},
{"crlDistributionPoints","X509v3 CRL Distribution Points",
@ -3005,7 +3005,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[16]),/* "stateOrProvinceName" */
&(nid_objs[498]),/* "subtreeMaximumQuality" */
&(nid_objs[497]),/* "subtreeMinimumQuality" */
&(nid_objs[100]),/* "surName" */
&(nid_objs[100]),/* "surname" */
&(nid_objs[459]),/* "textEncodedORAddress" */
&(nid_objs[293]),/* "textNotice" */
&(nid_objs[106]),/* "title" */

2
crypto/openssl/crypto/objects/obj_mac.h
View File

@ -1596,7 +1596,7 @@
#define OBJ_commonName OBJ_X509,3L
#define SN_surname "SN"
#define LN_surname "surName"
#define LN_surname "surname"
#define NID_surname 100
#define OBJ_surname OBJ_X509,4L

3
crypto/openssl/crypto/objects/objects.txt
View File

@ -531,8 +531,7 @@ algorithm 29 : RSA-SHA1-2 : sha1WithRSA
X500 4 : X509
X509 3 : CN : commonName
!Cname surname
X509 4 : SN : surName
X509 4 : SN : surname
X509 5 : : serialNumber
X509 6 : C : countryName
X509 7 : L : localityName

2
crypto/openssl/crypto/ocsp/Makefile.ssl
View File

@ -43,7 +43,7 @@ all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:

4
crypto/openssl/crypto/opensslv.h
View File

@ -25,8 +25,8 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x0090700fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7 31 Dec 2002"
#define OPENSSL_VERSION_NUMBER 0x0090701fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7a Feb 19 2003"
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

9
crypto/openssl/crypto/perlasm/x86asm.pl
View File

@ -18,9 +18,9 @@ sub main'asm_init
($type,$fn,$i386)=@_;
$filename=$fn;
$cpp=$sol=$aout=$win32=$gaswin=0;
$elf=$cpp=$sol=$aout=$win32=$gaswin=0;
if ( ($type eq "elf"))
{ require "x86unix.pl"; }
{ $elf=1; require "x86unix.pl"; }
elsif ( ($type eq "a.out"))
{ $aout=1; require "x86unix.pl"; }
elsif ( ($type eq "gaswin"))
@ -47,6 +47,9 @@ EOF
exit(1);
}
$pic=0;
for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
&asm_init_output();
&comment("Don't even think of reading this code");
@ -91,7 +94,7 @@ $tmp
#undef SIZE
#undef TYPE
#define SIZE(a,b)
#define TYPE(a,b)
#define TYPE(a,b) .def a; .scl 2; .type 32; .endef
#endif /* __CYGWIN || __DJGPP */
#endif

Some files were not shown because too many files have changed in this diff Show More