Merge ^/head r294961 through r295350.
This commit is contained in:
commit
0abf59f0ae
9
Makefile
9
Makefile
@ -136,6 +136,7 @@ TGTS+= ${BITGTS}
|
||||
.ORDER: buildworld installworld
|
||||
.ORDER: buildworld distributeworld
|
||||
.ORDER: buildworld buildkernel
|
||||
.ORDER: installworld distribution
|
||||
.ORDER: buildkernel installkernel
|
||||
.ORDER: buildkernel installkernel.debug
|
||||
.ORDER: buildkernel reinstallkernel
|
||||
@ -328,7 +329,7 @@ bmake: .PHONY
|
||||
${MMAKE} all; \
|
||||
${MMAKE} install DESTDIR=${MYMAKE:H} BINDIR=
|
||||
|
||||
tinderbox toolchains kernel-toolchains: upgrade_checks
|
||||
tinderbox toolchains kernel-toolchains kernels worlds: upgrade_checks
|
||||
|
||||
tinderbox:
|
||||
@cd ${.CURDIR}; ${SUB_MAKE} DOING_TINDERBOX=YES universe
|
||||
@ -339,6 +340,12 @@ toolchains:
|
||||
kernel-toolchains:
|
||||
@cd ${.CURDIR}; ${SUB_MAKE} UNIVERSE_TARGET=kernel-toolchain universe
|
||||
|
||||
kernels:
|
||||
@cd ${.CURDIR}; ${SUB_MAKE} UNIVERSE_TARGET=buildkernel universe
|
||||
|
||||
worlds:
|
||||
@cd ${.CURDIR}; ${SUB_MAKE} UNIVERSE_TARGET=buildworld universe
|
||||
|
||||
#
|
||||
# universe
|
||||
#
|
||||
|
@ -72,7 +72,7 @@ SRCDIR?= ${.CURDIR}
|
||||
SUBDIR= ${SUBDIR_OVERRIDE}
|
||||
.else
|
||||
SUBDIR= lib libexec
|
||||
.if make(install*)
|
||||
.if !defined(NO_ROOT) && (make(installworld) || make(install))
|
||||
# Ensure libraries are installed before progressing.
|
||||
SUBDIR+=.WAIT
|
||||
.endif
|
||||
@ -127,7 +127,7 @@ SUBDIR+= ${_DIR}
|
||||
# by calling 'makedb' in share/man. This is only relevant for
|
||||
# install/distribute so they build the whatis file after every manpage is
|
||||
# installed.
|
||||
.if make(install*)
|
||||
.if make(installworld) || make(install)
|
||||
SUBDIR+=.WAIT
|
||||
.endif
|
||||
SUBDIR+=etc
|
||||
@ -1083,16 +1083,14 @@ redistribute: .MAKE .PHONY
|
||||
DISTRIBUTION=lib32
|
||||
.endif
|
||||
|
||||
distrib-dirs: .MAKE .PHONY
|
||||
${_+_}cd ${.CURDIR}/etc; ${CROSSENV} PATH=${TMPPATH} ${MAKE} \
|
||||
${IMAKE_INSTALL} ${IMAKE_MTREE} METALOG=${METALOG} ${.TARGET}
|
||||
|
||||
distribution: .MAKE .PHONY
|
||||
distrib-dirs distribution: .MAKE .PHONY
|
||||
${_+_}cd ${.CURDIR}/etc; ${CROSSENV} PATH=${TMPPATH} ${MAKE} \
|
||||
${IMAKE_INSTALL} ${IMAKE_MTREE} METALOG=${METALOG} ${.TARGET}
|
||||
.if make(distribution)
|
||||
${_+_}cd ${.CURDIR}; ${CROSSENV} PATH=${TMPPATH} \
|
||||
${MAKE} -f Makefile.inc1 ${IMAKE_INSTALL} \
|
||||
METALOG=${METALOG} installconfig
|
||||
.endif
|
||||
|
||||
#
|
||||
# buildkernel and installkernel
|
||||
|
7
UPDATING
7
UPDATING
@ -31,6 +31,13 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11.x IS SLOW:
|
||||
disable the most expensive debugging functionality run
|
||||
"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
|
||||
|
||||
20160129:
|
||||
Building ZFS pools on top of zvols is prohibited by default. That
|
||||
feature has never worked safely; it's always been prone to deadlocks.
|
||||
Using a zvol as the backing store for a VM guest's virtual disk will
|
||||
still work, even if the guest is using ZFS. Legacy behavior can be
|
||||
restored by setting vfs.zfs.vol.recursive=1.
|
||||
|
||||
20160119:
|
||||
The NONE and HPN patches has been removed from OpenSSH. They are
|
||||
still available in the security/openssh-portable port.
|
||||
|
@ -51,41 +51,40 @@ FILESDIR= ${SHAREDIR}/examples/tcsh
|
||||
FILES= complete.tcsh csh-mode.el
|
||||
.endif
|
||||
|
||||
CATALOGS= et:et_EE.ISO8859-15 \
|
||||
finnish:fi_FI.ISO8859-1 \
|
||||
french:fr_FR.ISO8859-1 \
|
||||
german:de_DE.ISO8859-1 \
|
||||
greek:el_GR.ISO8859-7 \
|
||||
italian:it_IT.ISO8859-1 \
|
||||
ja:ja_JP.eucJP \
|
||||
russian:ru_RU.KOI8-R \
|
||||
spanish:es_ES.ISO8859-1 \
|
||||
ukrainian:uk_UA.KOI8-U
|
||||
CATALOGS= et:et_EE.UTF-8 \
|
||||
finnish:fi_FI.UTF-8 \
|
||||
french:fr_FR.UTF-8 \
|
||||
german:de_DE.UTF-8 \
|
||||
greek:el_GR.UTF-8 \
|
||||
italian:it_IT.UTF-8 \
|
||||
ja:ja_JP.UTF-8 \
|
||||
russian:ru_RU.UTF-8 \
|
||||
spanish:es_ES.UTF-8 \
|
||||
ukrainian:uk_UA.UTF-8
|
||||
|
||||
NLSLINKS_fi_FI.ISO8859-1= fi_FI.ISO8859-15
|
||||
NLSLINKS_fr_FR.ISO8859-1= fr_BE.ISO8859-1 fr_BE.ISO8859-15 \
|
||||
fr_CA.ISO8859-1 fr_CA.ISO8859-15 fr_CH.ISO8859-1 \
|
||||
fr_CH.ISO8859-15 fr_FR.ISO8859-15
|
||||
NLSLINKS_de_DE.ISO8859-1= de_AT.ISO8859-1 de_AT.ISO8859-15 de_CH.ISO8859-1 \
|
||||
de_CH.ISO8859-15 de_DE.ISO8859-15
|
||||
NLSLINKS_it_IT.ISO8859-1= it_CH.ISO8859-1 it_CH.ISO8859-15 it_IT.ISO8859-15
|
||||
NLSLINKS_es_ES.ISO8859-1= es_ES.ISO8859-15
|
||||
NLSLINKS_de_DE.UTF-8 = de_AT.UTF-8 de_CH.UTF-8
|
||||
NLSLINKS_fr_FR.UTF-8 = fr_BE.UTF-8 fr_CA.UTF-8 fr_CH.UTF-8
|
||||
NLSLINKS_it_IT.UTF-8 = it_CH.UTF-8
|
||||
|
||||
.if ${MK_NLS_CATALOGS} == "no" || defined(RESCUE)
|
||||
CFLAGS+= -DNO_NLS_CATALOGS
|
||||
.else
|
||||
CFLAGS+= -DHAVE_ICONV
|
||||
.if ${MK_ICONV} != "no"
|
||||
NLSLINKS_de_DE.ISO8859-1 += de_AT.UTF-8 de_CH.UTF-8 de_DE.UTF-8
|
||||
NLSLINKS_el_GR.ISO8859-7 = el_GR.UTF-8
|
||||
NLSLINKS_es_ES.ISO8859-1 += es_ES.UTF-8
|
||||
NLSLINKS_et_EE.ISO8859-15 = et_EE.UTF-8
|
||||
NLSLINKS_fi_FI.ISO8859-1 += fi_FI.UTF-8
|
||||
NLSLINKS_fr_FR.ISO8859-1 += fr_BE.UTF-8 fr_CA.UTF-8 fr_CH.UTF-8 fr_FR.UTF-8
|
||||
NLSLINKS_it_IT.ISO8859-1 += it_CH.UTF-8 it_IT.UTF-8
|
||||
NLSLINKS_ja_JP.eucJP = ja_JP.SJIS ja_JP.UTF-8
|
||||
NLSLINKS_ru_RU.KOI8-R = ru_RU.CP1251 ru_RU.CP866 ru_RU.ISO8859-5 ru_RU.UTF-8
|
||||
NLSLINKS_uk_UA.KOI8-U = uk_UA.ISO8859-5 uk_UA.UTF-8
|
||||
NLSLINKS_de_DE.UTF-8 += de_AT.ISO8859-1 de_AT.ISO8859-15 de_CH.ISO8859-1 \
|
||||
de_CH.ISO8859-15 de_DE.ISO8859-1 de_DE.ISO8859-15
|
||||
NLSLINKS_el_GR.UTF-8 = el_GR.ISO8859-7
|
||||
NLSLINKS_es_ES.UTF-8 = es_ES.ISO8859-1 es_ES.ISO8859-15
|
||||
NLSLINKS_et_EE.UTF-8 = et_EE.ISO8859-15
|
||||
NLSLINKS_fi_FI.UTF-8 = fi_FI.ISO8859-1 fi_FI.ISO8859-15
|
||||
NLSLINKS_fr_FR.UTF-8 += fr_BE.ISO8859-1 fr_BE.ISO8859-15 \
|
||||
fr_CA.ISO8859-1 fr_CA.ISO8859-15 fr_CH.ISO8859-1 \
|
||||
fr_CH.ISO8859-15 fr_FR.ISO8859-1 fr_FR.ISO8859-15
|
||||
NLSLINKS_it_IT.UTF-8 += it_CH.ISO8859-1 it_CH.ISO8859-15 it_IT.ISO8859-1 \
|
||||
it_IT.ISO8859-15
|
||||
NLSLINKS_ja_JP.UTF-8 = ja_JP.SJIS ja_JP.eucJP
|
||||
NLSLINKS_ru_RU.UTF-8 = ru_RU.CP1251 ru_RU.CP866 ru_RU.ISO8859-5 ru_RU.KOI8-R
|
||||
NLSLINKS_uk_UA.UTF-8 = uk_UA.ISO8859-5 uk_UA.KOI8-U
|
||||
.else
|
||||
# Above links can be installed from ports/shells/tcsh_nls
|
||||
|
||||
|
@ -36,9 +36,9 @@
|
||||
#undef iconv_close
|
||||
|
||||
#define ICONVLIB "libiconv.so"
|
||||
#define ICONV_ENGINE "iconv"
|
||||
#define ICONV_OPEN "iconv_open"
|
||||
#define ICONV_CLOSE "iconv_close"
|
||||
#define ICONV_ENGINE "libiconv"
|
||||
#define ICONV_OPEN "libiconv_open"
|
||||
#define ICONV_CLOSE "libiconv_close"
|
||||
|
||||
typedef iconv_t iconv_open_t(const char *, const char *);
|
||||
|
||||
|
@ -360,6 +360,46 @@ c_conv(const void *a, const void *b)
|
||||
((const struct conv *)b)->name));
|
||||
}
|
||||
|
||||
static uintmax_t
|
||||
postfix_to_mult(const char expr)
|
||||
{
|
||||
uintmax_t mult;
|
||||
|
||||
mult = 0;
|
||||
switch (expr) {
|
||||
case 'B':
|
||||
case 'b':
|
||||
mult = 512;
|
||||
break;
|
||||
case 'K':
|
||||
case 'k':
|
||||
mult = 1 << 10;
|
||||
break;
|
||||
case 'M':
|
||||
case 'm':
|
||||
mult = 1 << 20;
|
||||
break;
|
||||
case 'G':
|
||||
case 'g':
|
||||
mult = 1 << 30;
|
||||
break;
|
||||
case 'T':
|
||||
case 't':
|
||||
mult = (uintmax_t)1 << 40;
|
||||
break;
|
||||
case 'P':
|
||||
case 'p':
|
||||
mult = (uintmax_t)1 << 50;
|
||||
break;
|
||||
case 'W':
|
||||
case 'w':
|
||||
mult = sizeof(int);
|
||||
break;
|
||||
}
|
||||
|
||||
return (mult);
|
||||
}
|
||||
|
||||
/*
|
||||
* Convert an expression of the following forms to a uintmax_t.
|
||||
* 1) A positive decimal number.
|
||||
@ -386,31 +426,7 @@ get_num(const char *val)
|
||||
if (expr == val) /* No valid digits. */
|
||||
errx(1, "%s: illegal numeric value", oper);
|
||||
|
||||
mult = 0;
|
||||
switch (*expr) {
|
||||
case 'B':
|
||||
case 'b':
|
||||
mult = 512;
|
||||
break;
|
||||
case 'K':
|
||||
case 'k':
|
||||
mult = 1 << 10;
|
||||
break;
|
||||
case 'M':
|
||||
case 'm':
|
||||
mult = 1 << 20;
|
||||
break;
|
||||
case 'G':
|
||||
case 'g':
|
||||
mult = 1 << 30;
|
||||
break;
|
||||
case 'W':
|
||||
case 'w':
|
||||
mult = sizeof(int);
|
||||
break;
|
||||
default:
|
||||
;
|
||||
}
|
||||
mult = postfix_to_mult(*expr);
|
||||
|
||||
if (mult != 0) {
|
||||
prevnum = num;
|
||||
@ -460,29 +476,7 @@ get_off_t(const char *val)
|
||||
if (expr == val) /* No valid digits. */
|
||||
errx(1, "%s: illegal numeric value", oper);
|
||||
|
||||
mult = 0;
|
||||
switch (*expr) {
|
||||
case 'B':
|
||||
case 'b':
|
||||
mult = 512;
|
||||
break;
|
||||
case 'K':
|
||||
case 'k':
|
||||
mult = 1 << 10;
|
||||
break;
|
||||
case 'M':
|
||||
case 'm':
|
||||
mult = 1 << 20;
|
||||
break;
|
||||
case 'G':
|
||||
case 'g':
|
||||
mult = 1 << 30;
|
||||
break;
|
||||
case 'W':
|
||||
case 'w':
|
||||
mult = sizeof(int);
|
||||
break;
|
||||
}
|
||||
mult = postfix_to_mult(*expr);
|
||||
|
||||
if (mult != 0) {
|
||||
prevnum = num;
|
||||
|
@ -32,7 +32,7 @@
|
||||
.\" @(#)dd.1 8.2 (Berkeley) 1/13/94
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd August 28, 2014
|
||||
.Dd February 4, 2016
|
||||
.Dt DD 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -332,10 +332,13 @@ If the number ends with a
|
||||
.Dq Li k ,
|
||||
.Dq Li m ,
|
||||
.Dq Li g ,
|
||||
.Dq Li t ,
|
||||
.Dq Li p ,
|
||||
or
|
||||
.Dq Li w ,
|
||||
the
|
||||
number is multiplied by 512, 1024 (1K), 1048576 (1M), 1073741824 (1G)
|
||||
number is multiplied by 512, 1024 (1K), 1048576 (1M), 1073741824 (1G),
|
||||
1099511627776 (1T), 1125899906842624 (1P)
|
||||
or the number of bytes in an integer, respectively.
|
||||
Two or more numbers may be separated by an
|
||||
.Dq Li x
|
||||
|
@ -70,6 +70,7 @@ struct redirtab {
|
||||
struct redirtab *next;
|
||||
int renamed[10];
|
||||
int fd0_redirected;
|
||||
unsigned int empty_redirs;
|
||||
};
|
||||
|
||||
|
||||
@ -82,6 +83,9 @@ static struct redirtab *redirlist;
|
||||
*/
|
||||
static int fd0_redirected = 0;
|
||||
|
||||
/* Number of redirtabs that have not been allocated. */
|
||||
static unsigned int empty_redirs = 0;
|
||||
|
||||
static void openredirect(union node *, char[10 ]);
|
||||
static int openhere(union node *);
|
||||
|
||||
@ -115,12 +119,17 @@ redirect(union node *redir, int flags)
|
||||
memory[i] = 0;
|
||||
memory[1] = flags & REDIR_BACKQ;
|
||||
if (flags & REDIR_PUSH) {
|
||||
sv = ckmalloc(sizeof (struct redirtab));
|
||||
for (i = 0 ; i < 10 ; i++)
|
||||
sv->renamed[i] = EMPTY;
|
||||
sv->fd0_redirected = fd0_redirected;
|
||||
sv->next = redirlist;
|
||||
redirlist = sv;
|
||||
empty_redirs++;
|
||||
if (redir != NULL) {
|
||||
sv = ckmalloc(sizeof (struct redirtab));
|
||||
for (i = 0 ; i < 10 ; i++)
|
||||
sv->renamed[i] = EMPTY;
|
||||
sv->fd0_redirected = fd0_redirected;
|
||||
sv->empty_redirs = empty_redirs - 1;
|
||||
sv->next = redirlist;
|
||||
redirlist = sv;
|
||||
empty_redirs = 0;
|
||||
}
|
||||
}
|
||||
for (n = redir ; n ; n = n->nfile.next) {
|
||||
fd = n->nfile.fd;
|
||||
@ -303,6 +312,12 @@ popredir(void)
|
||||
struct redirtab *rp = redirlist;
|
||||
int i;
|
||||
|
||||
INTOFF;
|
||||
if (empty_redirs > 0) {
|
||||
empty_redirs--;
|
||||
INTON;
|
||||
return;
|
||||
}
|
||||
for (i = 0 ; i < 10 ; i++) {
|
||||
if (rp->renamed[i] != EMPTY) {
|
||||
if (rp->renamed[i] >= 0) {
|
||||
@ -313,8 +328,8 @@ popredir(void)
|
||||
}
|
||||
}
|
||||
}
|
||||
INTOFF;
|
||||
fd0_redirected = rp->fd0_redirected;
|
||||
empty_redirs = rp->empty_redirs;
|
||||
redirlist = rp->next;
|
||||
ckfree(rp);
|
||||
INTON;
|
||||
|
25
bin/sh/sh.1
25
bin/sh/sh.1
@ -32,7 +32,7 @@
|
||||
.\" from: @(#)sh.1 8.6 (Berkeley) 5/4/95
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd August 29, 2015
|
||||
.Dd January 30, 2016
|
||||
.Dt SH 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -1952,13 +1952,20 @@ Execute the specified built-in command,
|
||||
This is useful when the user wishes to override a shell function
|
||||
with the same name as a built-in command.
|
||||
.It Ic cd Oo Fl L | P Oc Oo Fl e Oc Op Ar directory
|
||||
.It Ic cd Fl
|
||||
Switch to the specified
|
||||
.Ar directory ,
|
||||
or to the directory specified in the
|
||||
to the directory specified in the
|
||||
.Va HOME
|
||||
environment variable if no
|
||||
.Ar directory
|
||||
is specified.
|
||||
is specified or
|
||||
to the directory specified in the
|
||||
.Va OLDPWD
|
||||
environment variable if
|
||||
.Ar directory
|
||||
is
|
||||
.Fl .
|
||||
If
|
||||
.Ar directory
|
||||
does not begin with
|
||||
@ -1982,10 +1989,12 @@ the
|
||||
.Ic cd
|
||||
command will print out the name of the directory
|
||||
that it actually switched to
|
||||
if this is different from the name that the user gave.
|
||||
These may be different either because the
|
||||
if the
|
||||
.Va CDPATH
|
||||
mechanism was used or because a symbolic link was crossed.
|
||||
mechanism was used or if
|
||||
.Ar directory
|
||||
was
|
||||
.Fl .
|
||||
.Pp
|
||||
If the
|
||||
.Fl P
|
||||
@ -2774,6 +2783,10 @@ Initialization file for interactive shells.
|
||||
Locale settings.
|
||||
These are inherited by children of the shell,
|
||||
and is used in a limited manner by the shell itself.
|
||||
.It Ev OLDPWD
|
||||
The previous current directory.
|
||||
This is used and updated by
|
||||
.Ic cd .
|
||||
.It Ev PWD
|
||||
An absolute pathname for the current directory,
|
||||
possibly containing symbolic links.
|
||||
|
166
bin/test/test.c
166
bin/test/test.c
@ -120,51 +120,53 @@ enum token {
|
||||
|
||||
#define TOKEN_TYPE(token) ((token) & 0xff00)
|
||||
|
||||
static struct t_op {
|
||||
char op_text[4];
|
||||
static const struct t_op {
|
||||
char op_text[2];
|
||||
short op_num;
|
||||
} const ops [] = {
|
||||
{"-r", FILRD},
|
||||
{"-w", FILWR},
|
||||
{"-x", FILEX},
|
||||
{"-e", FILEXIST},
|
||||
{"-f", FILREG},
|
||||
{"-d", FILDIR},
|
||||
{"-c", FILCDEV},
|
||||
{"-b", FILBDEV},
|
||||
{"-p", FILFIFO},
|
||||
{"-u", FILSUID},
|
||||
{"-g", FILSGID},
|
||||
{"-k", FILSTCK},
|
||||
{"-s", FILGZ},
|
||||
{"-t", FILTT},
|
||||
{"-z", STREZ},
|
||||
{"-n", STRNZ},
|
||||
{"-h", FILSYM}, /* for backwards compat */
|
||||
{"-O", FILUID},
|
||||
{"-G", FILGID},
|
||||
{"-L", FILSYM},
|
||||
{"-S", FILSOCK},
|
||||
} ops1[] = {
|
||||
{"=", STREQ},
|
||||
{"==", STREQ},
|
||||
{"!=", STRNE},
|
||||
{"<", STRLT},
|
||||
{">", STRGT},
|
||||
{"-eq", INTEQ},
|
||||
{"-ne", INTNE},
|
||||
{"-ge", INTGE},
|
||||
{"-gt", INTGT},
|
||||
{"-le", INTLE},
|
||||
{"-lt", INTLT},
|
||||
{"-nt", FILNT},
|
||||
{"-ot", FILOT},
|
||||
{"-ef", FILEQ},
|
||||
{"!", UNOT},
|
||||
{"-a", BAND},
|
||||
{"-o", BOR},
|
||||
{"(", LPAREN},
|
||||
{")", RPAREN},
|
||||
{"", 0}
|
||||
}, opsm1[] = {
|
||||
{"r", FILRD},
|
||||
{"w", FILWR},
|
||||
{"x", FILEX},
|
||||
{"e", FILEXIST},
|
||||
{"f", FILREG},
|
||||
{"d", FILDIR},
|
||||
{"c", FILCDEV},
|
||||
{"b", FILBDEV},
|
||||
{"p", FILFIFO},
|
||||
{"u", FILSUID},
|
||||
{"g", FILSGID},
|
||||
{"k", FILSTCK},
|
||||
{"s", FILGZ},
|
||||
{"t", FILTT},
|
||||
{"z", STREZ},
|
||||
{"n", STRNZ},
|
||||
{"h", FILSYM}, /* for backwards compat */
|
||||
{"O", FILUID},
|
||||
{"G", FILGID},
|
||||
{"L", FILSYM},
|
||||
{"S", FILSOCK},
|
||||
{"a", BAND},
|
||||
{"o", BOR},
|
||||
}, ops2[] = {
|
||||
{"==", STREQ},
|
||||
{"!=", STRNE},
|
||||
}, opsm2[] = {
|
||||
{"eq", INTEQ},
|
||||
{"ne", INTNE},
|
||||
{"ge", INTGE},
|
||||
{"gt", INTGT},
|
||||
{"le", INTLE},
|
||||
{"lt", INTLT},
|
||||
{"nt", FILNT},
|
||||
{"ot", FILOT},
|
||||
{"ef", FILEQ},
|
||||
};
|
||||
|
||||
static int nargc;
|
||||
@ -416,35 +418,71 @@ filstat(char *nm, enum token mode)
|
||||
}
|
||||
}
|
||||
|
||||
static enum token
|
||||
t_lex(char *s)
|
||||
static int
|
||||
find_op_1char(const struct t_op *op, const struct t_op *end, const char *s)
|
||||
{
|
||||
struct t_op const *op = ops;
|
||||
char c;
|
||||
|
||||
if (s == 0) {
|
||||
return EOI;
|
||||
}
|
||||
while (*op->op_text) {
|
||||
if (strcmp(s, op->op_text) == 0) {
|
||||
if (((TOKEN_TYPE(op->op_num) == UNOP ||
|
||||
TOKEN_TYPE(op->op_num) == BUNOP)
|
||||
&& isunopoperand()) ||
|
||||
(op->op_num == LPAREN && islparenoperand()) ||
|
||||
(op->op_num == RPAREN && isrparenoperand()))
|
||||
break;
|
||||
c = s[0];
|
||||
while (op != end) {
|
||||
if (c == *op->op_text)
|
||||
return op->op_num;
|
||||
}
|
||||
op++;
|
||||
}
|
||||
return OPERAND;
|
||||
}
|
||||
|
||||
static int
|
||||
find_op_2char(const struct t_op *op, const struct t_op *end, const char *s)
|
||||
{
|
||||
while (op != end) {
|
||||
if (s[0] == op->op_text[0] && s[1] == op->op_text[1])
|
||||
return op->op_num;
|
||||
op++;
|
||||
}
|
||||
return OPERAND;
|
||||
}
|
||||
|
||||
static int
|
||||
find_op(const char *s)
|
||||
{
|
||||
if (s[0] == '\0')
|
||||
return OPERAND;
|
||||
else if (s[1] == '\0')
|
||||
return find_op_1char(ops1, (&ops1)[1], s);
|
||||
else if (s[2] == '\0')
|
||||
return s[0] == '-' ? find_op_1char(opsm1, (&opsm1)[1], s + 1) :
|
||||
find_op_2char(ops2, (&ops2)[1], s);
|
||||
else if (s[3] == '\0')
|
||||
return s[0] == '-' ? find_op_2char(opsm2, (&opsm2)[1], s + 1) :
|
||||
OPERAND;
|
||||
else
|
||||
return OPERAND;
|
||||
}
|
||||
|
||||
static enum token
|
||||
t_lex(char *s)
|
||||
{
|
||||
int num;
|
||||
|
||||
if (s == 0) {
|
||||
return EOI;
|
||||
}
|
||||
num = find_op(s);
|
||||
if (((TOKEN_TYPE(num) == UNOP || TOKEN_TYPE(num) == BUNOP)
|
||||
&& isunopoperand()) ||
|
||||
(num == LPAREN && islparenoperand()) ||
|
||||
(num == RPAREN && isrparenoperand()))
|
||||
return OPERAND;
|
||||
return num;
|
||||
}
|
||||
|
||||
static int
|
||||
isunopoperand(void)
|
||||
{
|
||||
struct t_op const *op = ops;
|
||||
char *s;
|
||||
char *t;
|
||||
int num;
|
||||
|
||||
if (nargc == 1)
|
||||
return 1;
|
||||
@ -452,20 +490,16 @@ isunopoperand(void)
|
||||
if (nargc == 2)
|
||||
return parenlevel == 1 && strcmp(s, ")") == 0;
|
||||
t = *(t_wp + 2);
|
||||
while (*op->op_text) {
|
||||
if (strcmp(s, op->op_text) == 0)
|
||||
return TOKEN_TYPE(op->op_num) == BINOP &&
|
||||
(parenlevel == 0 || t[0] != ')' || t[1] != '\0');
|
||||
op++;
|
||||
}
|
||||
return 0;
|
||||
num = find_op(s);
|
||||
return TOKEN_TYPE(num) == BINOP &&
|
||||
(parenlevel == 0 || t[0] != ')' || t[1] != '\0');
|
||||
}
|
||||
|
||||
static int
|
||||
islparenoperand(void)
|
||||
{
|
||||
struct t_op const *op = ops;
|
||||
char *s;
|
||||
int num;
|
||||
|
||||
if (nargc == 1)
|
||||
return 1;
|
||||
@ -474,12 +508,8 @@ islparenoperand(void)
|
||||
return parenlevel == 1 && strcmp(s, ")") == 0;
|
||||
if (nargc != 3)
|
||||
return 0;
|
||||
while (*op->op_text) {
|
||||
if (strcmp(s, op->op_text) == 0)
|
||||
return TOKEN_TYPE(op->op_num) == BINOP;
|
||||
op++;
|
||||
}
|
||||
return 0;
|
||||
num = find_op(s);
|
||||
return TOKEN_TYPE(num) == BINOP;
|
||||
}
|
||||
|
||||
static int
|
||||
|
@ -26,6 +26,7 @@
|
||||
|
||||
/*
|
||||
* Copyright (c) 2012 by Delphix. All rights reserved.
|
||||
* Copyright (c) 2015 by Syneto S.R.L. All rights reserved.
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -246,8 +247,9 @@ zpool_get_features(zpool_handle_t *zhp)
|
||||
config = zpool_get_config(zhp, NULL);
|
||||
}
|
||||
|
||||
verify(nvlist_lookup_nvlist(config, ZPOOL_CONFIG_FEATURE_STATS,
|
||||
&features) == 0);
|
||||
if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_FEATURE_STATS,
|
||||
&features) != 0)
|
||||
return (NULL);
|
||||
|
||||
return (features);
|
||||
}
|
||||
|
@ -982,7 +982,7 @@ handle_rtmsg(struct rt_msghdr *rtm)
|
||||
{
|
||||
struct sockaddr *addrs[RTAX_MAX];
|
||||
struct if_msghdr *ifm;
|
||||
struct ifa_msghdr ifam;
|
||||
struct ifa_msghdr ifam, *ifamp;
|
||||
struct ifma_msghdr *ifmam;
|
||||
#ifdef RTM_IFANNOUNCE
|
||||
struct if_announcemsghdr *ifan;
|
||||
@ -1002,8 +1002,9 @@ handle_rtmsg(struct rt_msghdr *rtm)
|
||||
switch (rtm->rtm_type) {
|
||||
|
||||
case RTM_NEWADDR:
|
||||
memcpy(&ifam, rtm, sizeof(ifam));
|
||||
mib_extract_addrs(ifam.ifam_addrs, (u_char *)(&ifam + 1), addrs);
|
||||
ifamp = (struct ifa_msghdr *)rtm;
|
||||
memcpy(&ifam, ifamp, sizeof(ifam));
|
||||
mib_extract_addrs(ifam.ifam_addrs, (u_char *)(ifamp + 1), addrs);
|
||||
if (addrs[RTAX_IFA] == NULL || addrs[RTAX_NETMASK] == NULL)
|
||||
break;
|
||||
|
||||
@ -1029,8 +1030,9 @@ handle_rtmsg(struct rt_msghdr *rtm)
|
||||
break;
|
||||
|
||||
case RTM_DELADDR:
|
||||
memcpy(&ifam, rtm, sizeof(ifam));
|
||||
mib_extract_addrs(ifam.ifam_addrs, (u_char *)(&ifam + 1), addrs);
|
||||
ifamp = (struct ifa_msghdr *)rtm;
|
||||
memcpy(&ifam, ifamp, sizeof(ifam));
|
||||
mib_extract_addrs(ifam.ifam_addrs, (u_char *)(ifamp + 1), addrs);
|
||||
if (addrs[RTAX_IFA] == NULL)
|
||||
break;
|
||||
|
||||
|
@ -1053,8 +1053,9 @@ static struct {
|
||||
static const char *
|
||||
r_type(unsigned int mach, unsigned int type)
|
||||
{
|
||||
static char s_type[32];
|
||||
|
||||
switch(mach) {
|
||||
case EM_NONE: return "";
|
||||
case EM_386:
|
||||
case EM_IAMCU:
|
||||
switch(type) {
|
||||
@ -1089,8 +1090,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 35: return "R_386_TLS_DTPMOD32";
|
||||
case 36: return "R_386_TLS_DTPOFF32";
|
||||
case 37: return "R_386_TLS_TPOFF32";
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_AARCH64:
|
||||
switch(type) {
|
||||
case 0: return "R_AARCH64_NONE";
|
||||
@ -1145,6 +1146,16 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 311: return "R_AARCH64_ADR_GOT_PAGE";
|
||||
case 312: return "R_AARCH64_LD64_GOT_LO12_NC";
|
||||
case 313: return "R_AARCH64_LD64_GOTPAGE_LO15";
|
||||
case 560: return "R_AARCH64_TLSDESC_LD_PREL19";
|
||||
case 561: return "R_AARCH64_TLSDESC_ADR_PREL21";
|
||||
case 562: return "R_AARCH64_TLSDESC_ADR_PAGE21";
|
||||
case 563: return "R_AARCH64_TLSDESC_LD64_LO12";
|
||||
case 564: return "R_AARCH64_TLSDESC_ADD_LO12";
|
||||
case 565: return "R_AARCH64_TLSDESC_OFF_G1";
|
||||
case 566: return "R_AARCH64_TLSDESC_OFF_G0_NC";
|
||||
case 567: return "R_AARCH64_TLSDESC_LDR";
|
||||
case 568: return "R_AARCH64_TLSDESC_ADD";
|
||||
case 569: return "R_AARCH64_TLSDESC_CALL";
|
||||
case 1024: return "R_AARCH64_COPY";
|
||||
case 1025: return "R_AARCH64_GLOB_DAT";
|
||||
case 1026: return "R_AARCH64_JUMP_SLOT";
|
||||
@ -1154,8 +1165,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 1030: return "R_AARCH64_TLS_TPREL64";
|
||||
case 1031: return "R_AARCH64_TLSDESC";
|
||||
case 1032: return "R_AARCH64_IRELATIVE";
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_ARM:
|
||||
switch(type) {
|
||||
case 0: return "R_ARM_NONE";
|
||||
@ -1206,8 +1217,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 253: return "R_ARM_RABS32";
|
||||
case 254: return "R_ARM_RPC24";
|
||||
case 255: return "R_ARM_RBASE";
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_IA_64:
|
||||
switch(type) {
|
||||
case 0: return "R_IA_64_NONE";
|
||||
@ -1290,8 +1301,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 182: return "R_IA_64_DTPREL64MSB";
|
||||
case 183: return "R_IA_64_DTPREL64LSB";
|
||||
case 186: return "R_IA_64_LTOFF_DTPREL22";
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_MIPS:
|
||||
switch(type) {
|
||||
case 0: return "R_MIPS_NONE";
|
||||
@ -1324,9 +1335,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 48: return "R_MIPS_TLS_TPREL64";
|
||||
case 49: return "R_MIPS_TLS_TPREL_HI16";
|
||||
case 50: return "R_MIPS_TLS_TPREL_LO16";
|
||||
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_PPC:
|
||||
switch(type) {
|
||||
case 0: return "R_PPC_NONE";
|
||||
@ -1406,8 +1416,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 114: return "R_PPC_EMB_RELST_HA";
|
||||
case 115: return "R_PPC_EMB_BIT_FLD";
|
||||
case 116: return "R_PPC_EMB_RELSDA";
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_RISCV:
|
||||
switch(type) {
|
||||
case 0: return "R_RISCV_NONE";
|
||||
@ -1453,6 +1463,7 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 44: return "R_RISCV_RVC_BRANCH";
|
||||
case 45: return "R_RISCV_RVC_JUMP";
|
||||
}
|
||||
break;
|
||||
case EM_SPARC:
|
||||
case EM_SPARCV9:
|
||||
switch(type) {
|
||||
@ -1536,8 +1547,8 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 77: return "R_SPARC_TLS_DTPOFF64";
|
||||
case 78: return "R_SPARC_TLS_TPOFF32";
|
||||
case 79: return "R_SPARC_TLS_TPOFF64";
|
||||
default: return "";
|
||||
}
|
||||
break;
|
||||
case EM_X86_64:
|
||||
switch(type) {
|
||||
case 0: return "R_X86_64_NONE";
|
||||
@ -1578,10 +1589,12 @@ r_type(unsigned int mach, unsigned int type)
|
||||
case 35: return "R_X86_64_TLSDESC_CALL";
|
||||
case 36: return "R_X86_64_TLSDESC";
|
||||
case 37: return "R_X86_64_IRELATIVE";
|
||||
default: return "";
|
||||
}
|
||||
default: return "";
|
||||
break;
|
||||
}
|
||||
|
||||
snprintf(s_type, sizeof(s_type), "<unknown: %#x>", type);
|
||||
return (s_type);
|
||||
}
|
||||
|
||||
static const char *
|
||||
|
8
contrib/libucl/tests/.gitignore
vendored
8
contrib/libucl/tests/.gitignore
vendored
@ -1,8 +0,0 @@
|
||||
*.log
|
||||
*.trs
|
||||
*.plist
|
||||
|
||||
test_basic
|
||||
test_generate
|
||||
test_schema
|
||||
test_speed
|
46
contrib/libxo/.gitignore
vendored
46
contrib/libxo/.gitignore
vendored
@ -1,46 +0,0 @@
|
||||
# Object files
|
||||
*.o
|
||||
|
||||
# Libraries
|
||||
*.lib
|
||||
*.a
|
||||
|
||||
# Shared objects (inc. Windows DLLs)
|
||||
*.dll
|
||||
*.so
|
||||
*.so.*
|
||||
*.dylib
|
||||
|
||||
# Executables
|
||||
*.exe
|
||||
*.app
|
||||
|
||||
*~
|
||||
*.orig
|
||||
|
||||
aclocal.m4
|
||||
ar-lib
|
||||
autom4te.cache
|
||||
build
|
||||
compile
|
||||
config.guess
|
||||
config.h.in
|
||||
config.sub
|
||||
depcomp
|
||||
install-sh
|
||||
ltmain.sh
|
||||
missing
|
||||
m4
|
||||
|
||||
Makefile.in
|
||||
configure
|
||||
.DS_Store
|
||||
|
||||
xoconfig.h.in
|
||||
xo_config.h.in
|
||||
|
||||
.gdbinit
|
||||
.gdbinit.local
|
||||
xtest
|
||||
xtest.dSYM
|
||||
tests/w
|
@ -5,7 +5,6 @@
|
||||
PROG= cmatose
|
||||
MAN=
|
||||
SRCS= cmatose.c
|
||||
LDADD+= -libverbs -lrdmacm -lpthread
|
||||
LDADD+= -lmlx4
|
||||
LIBADD= ibverbs rdmacm pthread mlx4
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
@ -5,7 +5,6 @@
|
||||
PROG= mckey
|
||||
MAN=
|
||||
SRCS= mckey.c
|
||||
LDADD+= -libverbs -lrdmacm -lpthread
|
||||
LDADD+= -lmlx4
|
||||
LIBADD= ibverbs rdmacm pthread mlx4
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
@ -5,7 +5,6 @@
|
||||
PROG= udaddy
|
||||
MAN=
|
||||
SRCS= udaddy.c
|
||||
LDADD+= -libverbs -lrdmacm -lpthread
|
||||
LDADD+= -lmlx4
|
||||
LIBADD= ibverbs rdmacm pthread mlx4
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
@ -1,5 +1,5 @@
|
||||
PKG= openresolv
|
||||
VERSION= 3.7.0
|
||||
VERSION= 3.7.1
|
||||
|
||||
# Nasty hack so that make clean works without configure being run
|
||||
_CONFIG_MK!= test -e config.mk && echo config.mk || echo config-null.mk
|
||||
@ -37,7 +37,7 @@ SED_RESTARTCMD= -e 's:@RESTARTCMD \(.*\)@:${RESTARTCMD}:g'
|
||||
|
||||
DISTPREFIX?= ${PKG}-${VERSION}
|
||||
DISTFILEGZ?= ${DISTPREFIX}.tar.gz
|
||||
DISTFILE?= ${DISTPREFIX}.tar.bz2
|
||||
DISTFILE?= ${DISTPREFIX}.tar.xz
|
||||
FOSSILID?= current
|
||||
|
||||
.SUFFIXES: .in
|
||||
@ -77,9 +77,9 @@ install: proginstall maninstall
|
||||
import:
|
||||
rm -rf /tmp/${DISTPREFIX}
|
||||
${INSTALL} -d /tmp/${DISTPREFIX}
|
||||
cp README ${SRCS} /tmp/${DISPREFIX}
|
||||
cp README ${SRCS} /tmp/${DISTPREFIX}
|
||||
|
||||
dist:
|
||||
fossil tarball --name ${DISTPREFIX} ${FOSSILID} ${DISTFILEGZ}
|
||||
gunzip -c ${DISTFILEGZ} | bzip2 >${DISTFILE}
|
||||
gunzip -c ${DISTFILEGZ} | xz >${DISTFILE}
|
||||
rm ${DISTFILEGZ}
|
||||
|
@ -22,7 +22,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd April 27, 2014
|
||||
.Dd April 27, 2015
|
||||
.Dt RESOLVCONF 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -22,7 +22,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd March 20, 2015
|
||||
.Dd May 14, 2015
|
||||
.Dt RESOLVCONF.CONF 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -91,6 +91,11 @@ To remove a block, you can use 192.168.*
|
||||
These interfaces name servers will only be queried for the domains listed
|
||||
in their resolv.conf.
|
||||
Useful for VPN domains.
|
||||
Setting
|
||||
.Sy private_interfaces Ns ="*"
|
||||
will stop the forwarding of the root zone and allows the local resolver to
|
||||
recursively query the root servers directly.
|
||||
Requires a local nameserver other than libc.
|
||||
This is equivalent to the
|
||||
.Nm resolvconf -p
|
||||
option.
|
||||
@ -149,7 +154,7 @@ When set to /dev/null or NULL,
|
||||
.Sy resolv_conf_local_only
|
||||
is defaulted to NO,
|
||||
.Sy local_nameservers
|
||||
is unset unless overriden and only the information set in
|
||||
is unset unless overridden and only the information set in
|
||||
.Nm
|
||||
is written to
|
||||
.Sy resolv_conf .
|
||||
@ -271,7 +276,7 @@ Each subscriber attempts to automatically configure itself, but not every
|
||||
distribution has been catered for.
|
||||
Also, users could equally want to use a different version from the one
|
||||
installed by default, such as bind8 and bind9.
|
||||
To accomodate this, the subscribers have these files in configurable
|
||||
To accommodate this, the subscribers have these files in configurable
|
||||
variables, documented below.
|
||||
.Pp
|
||||
.Bl -tag -width indent
|
||||
|
@ -50,7 +50,6 @@ elif [ -d "$SYSCONFDIR/resolvconf" ]; then
|
||||
interface_order="$(cat "$SYSCONFDIR"/interface-order)"
|
||||
fi
|
||||
fi
|
||||
TMPDIR="$VARDIR/tmp"
|
||||
IFACEDIR="$VARDIR/interfaces"
|
||||
METRICDIR="$VARDIR/metrics"
|
||||
PRIVATEDIR="$VARDIR/private"
|
||||
|
@ -45,7 +45,8 @@ for d in $DOMAINS; do
|
||||
ns="${d#*:}"
|
||||
case "$unbound_insecure" in
|
||||
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
||||
newconf="$newconf${NL}domain-insecure: \"$dn\""
|
||||
newconf="$newconf${NL}server:$NL"
|
||||
newconf="$newconf domain-insecure: \"$dn\"$NL"
|
||||
;;
|
||||
esac
|
||||
newconf="$newconf${NL}forward-zone:$NL name: \"$dn\"$NL"
|
||||
|
@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <fcntl.h>
|
||||
#include <stdio.h>
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
#include <strings.h>
|
||||
#include <stdlib.h>
|
||||
#include <sysexits.h>
|
||||
|
38
contrib/unbound/.gitignore
vendored
38
contrib/unbound/.gitignore
vendored
@ -1,38 +0,0 @@
|
||||
*.lo
|
||||
*.o
|
||||
/.libs/
|
||||
/Makefile
|
||||
/autom4te.cache/
|
||||
/config.h
|
||||
/config.log
|
||||
/config.status
|
||||
/dnstap/dnstap_config.h
|
||||
/doc/example.conf
|
||||
/doc/libunbound.3
|
||||
/doc/unbound-anchor.8
|
||||
/doc/unbound-checkconf.8
|
||||
/doc/unbound-control.8
|
||||
/doc/unbound-host.1
|
||||
/doc/unbound.8
|
||||
/doc/unbound.conf.5
|
||||
/libtool
|
||||
/libunbound.la
|
||||
/smallapp/unbound-control-setup.sh
|
||||
/unbound
|
||||
/unbound-anchor
|
||||
/unbound-checkconf
|
||||
/unbound-control
|
||||
/unbound-control-setup
|
||||
/unbound-host
|
||||
/unbound.h
|
||||
/asynclook
|
||||
/delayer
|
||||
/lock-verify
|
||||
/memstats
|
||||
/perf
|
||||
/petal
|
||||
/pktview
|
||||
/streamtcp
|
||||
/testbound
|
||||
/unittest
|
||||
|
@ -45,7 +45,7 @@
|
||||
# Authentication:
|
||||
|
||||
#LoginGraceTime 2m
|
||||
#PermitRootLogin prohibit-password
|
||||
#PermitRootLogin no
|
||||
#StrictModes yes
|
||||
#MaxAuthTries 6
|
||||
#MaxSessions 10
|
||||
|
@ -1217,7 +1217,7 @@ The argument must be
|
||||
or
|
||||
.Dq no .
|
||||
The default is
|
||||
.Dq prohibit-password .
|
||||
.Dq no .
|
||||
Note that if
|
||||
.Cm ChallengeResponseAuthentication
|
||||
is
|
||||
|
@ -1,30 +1,2 @@
|
||||
The OpenSSL project depends on volunteer efforts and financial support from
|
||||
the end user community. That support comes in the form of donations and paid
|
||||
sponsorships, software support contracts, paid consulting services
|
||||
and commissioned software development.
|
||||
|
||||
Since all these activities support the continued development and improvement
|
||||
of OpenSSL we consider all these clients and customers as sponsors of the
|
||||
OpenSSL project.
|
||||
|
||||
We would like to identify and thank the following such sponsors for their past
|
||||
or current significant support of the OpenSSL project:
|
||||
|
||||
Major support:
|
||||
|
||||
Qualys http://www.qualys.com/
|
||||
|
||||
Very significant support:
|
||||
|
||||
OpenGear: http://www.opengear.com/
|
||||
|
||||
Significant support:
|
||||
|
||||
PSW Group: http://www.psw.net/
|
||||
Acano Ltd. http://acano.com/
|
||||
|
||||
Please note that we ask permission to identify sponsors and that some sponsors
|
||||
we consider eligible for inclusion here have requested to remain anonymous.
|
||||
|
||||
Additional sponsorship or financial support is always welcome: for more
|
||||
information please contact the OpenSSL Software Foundation.
|
||||
Please https://www.openssl.org/community/thanks.html for the current
|
||||
acknowledgements.
|
||||
|
@ -2,6 +2,54 @@
|
||||
OpenSSL CHANGES
|
||||
_______________
|
||||
|
||||
Changes between 1.0.2e and 1.0.2f [28 Jan 2016]
|
||||
|
||||
*) DH small subgroups
|
||||
|
||||
Historically OpenSSL only ever generated DH parameters based on "safe"
|
||||
primes. More recently (in version 1.0.2) support was provided for
|
||||
generating X9.42 style parameter files such as those required for RFC 5114
|
||||
support. The primes used in such files may not be "safe". Where an
|
||||
application is using DH configured with parameters based on primes that are
|
||||
not "safe" then an attacker could use this fact to find a peer's private
|
||||
DH exponent. This attack requires that the attacker complete multiple
|
||||
handshakes in which the peer uses the same private DH exponent. For example
|
||||
this could be used to discover a TLS server's private DH exponent if it's
|
||||
reusing the private DH exponent or it's using a static DH ciphersuite.
|
||||
|
||||
OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in
|
||||
TLS. It is not on by default. If the option is not set then the server
|
||||
reuses the same private DH exponent for the life of the server process and
|
||||
would be vulnerable to this attack. It is believed that many popular
|
||||
applications do set this option and would therefore not be at risk.
|
||||
|
||||
The fix for this issue adds an additional check where a "q" parameter is
|
||||
available (as is the case in X9.42 based parameters). This detects the
|
||||
only known attack, and is the only possible defense for static DH
|
||||
ciphersuites. This could have some performance impact.
|
||||
|
||||
Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by
|
||||
default and cannot be disabled. This could have some performance impact.
|
||||
|
||||
This issue was reported to OpenSSL by Antonio Sanso (Adobe).
|
||||
(CVE-2016-0701)
|
||||
[Matt Caswell]
|
||||
|
||||
*) SSLv2 doesn't block disabled ciphers
|
||||
|
||||
A malicious client can negotiate SSLv2 ciphers that have been disabled on
|
||||
the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
|
||||
been disabled, provided that the SSLv2 protocol was not also disabled via
|
||||
SSL_OP_NO_SSLv2.
|
||||
|
||||
This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram
|
||||
and Sebastian Schinzel.
|
||||
(CVE-2015-3197)
|
||||
[Viktor Dukhovni]
|
||||
|
||||
*) Reject DH handshakes with parameters shorter than 1024 bits.
|
||||
[Kurt Roeckx]
|
||||
|
||||
Changes between 1.0.2d and 1.0.2e [3 Dec 2015]
|
||||
|
||||
*) BN_mod_exp may produce incorrect results on x86_64
|
||||
|
@ -124,6 +124,9 @@ my $clang_disabled_warnings = "-Wno-unused-parameter -Wno-missing-field-initiali
|
||||
# -Wextended-offsetof
|
||||
my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Qunused-arguments";
|
||||
|
||||
# Warn that "make depend" should be run?
|
||||
my $warn_make_depend = 0;
|
||||
|
||||
my $strict_warnings = 0;
|
||||
|
||||
my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
|
||||
@ -1513,7 +1516,7 @@ if ($target =~ /\-icc$/) # Intel C compiler
|
||||
# linker only when --prefix is not /usr.
|
||||
if ($target =~ /^BSD\-/)
|
||||
{
|
||||
$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
|
||||
$shared_ldflag.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
|
||||
}
|
||||
|
||||
if ($sys_id ne "")
|
||||
@ -2028,14 +2031,8 @@ EOF
|
||||
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
|
||||
}
|
||||
if ($depflags ne $default_depflags && !$make_depend) {
|
||||
print <<EOF;
|
||||
|
||||
Since you've disabled or enabled at least one algorithm, you need to do
|
||||
the following before building:
|
||||
|
||||
make depend
|
||||
EOF
|
||||
}
|
||||
$warn_make_depend++;
|
||||
}
|
||||
}
|
||||
|
||||
# create the ms/version32.rc file if needed
|
||||
@ -2114,12 +2111,18 @@ EOF
|
||||
|
||||
print <<\EOF if ($no_shared_warn);
|
||||
|
||||
You gave the option 'shared'. Normally, that would give you shared libraries.
|
||||
Unfortunately, the OpenSSL configuration doesn't include shared library support
|
||||
for this platform yet, so it will pretend you gave the option 'no-shared'. If
|
||||
you can inform the developpers (openssl-dev\@openssl.org) how to support shared
|
||||
libraries on this platform, they will at least look at it and try their best
|
||||
(but please first make sure you have tried with a current version of OpenSSL).
|
||||
You gave the option 'shared', which is not supported on this platform, so
|
||||
we will pretend you gave the option 'no-shared'. If you know how to implement
|
||||
shared libraries, please let us know (but please first make sure you have
|
||||
tried with a current version of OpenSSL).
|
||||
EOF
|
||||
|
||||
print <<EOF if ($warn_make_depend);
|
||||
|
||||
*** Because of configuration changes, you MUST do the following before
|
||||
*** building:
|
||||
|
||||
make depend
|
||||
EOF
|
||||
|
||||
exit(0);
|
||||
|
@ -164,10 +164,10 @@
|
||||
standard headers). If it is a problem with OpenSSL itself, please
|
||||
report the problem to <openssl-bugs@openssl.org> (note that your
|
||||
message will be recorded in the request tracker publicly readable
|
||||
via http://www.openssl.org/support/rt.html and will be forwarded to a
|
||||
public mailing list). Include the output of "make report" in your message.
|
||||
Please check out the request tracker. Maybe the bug was already
|
||||
reported or has already been fixed.
|
||||
at https://www.openssl.org/community/index.html#bugs and will be
|
||||
forwarded to a public mailing list). Include the output of "make
|
||||
report" in your message. Please check out the request tracker. Maybe
|
||||
the bug was already reported or has already been fixed.
|
||||
|
||||
[If you encounter assembler error messages, try the "no-asm"
|
||||
configuration option as an immediate fix.]
|
||||
|
@ -12,7 +12,7 @@
|
||||
---------------
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -4,7 +4,7 @@
|
||||
## Makefile for OpenSSL
|
||||
##
|
||||
|
||||
VERSION=1.0.2e
|
||||
VERSION=1.0.2f
|
||||
MAJOR=1
|
||||
MINOR=0.2
|
||||
SHLIB_VERSION_NUMBER=1.0.0
|
||||
@ -182,8 +182,7 @@ SHARED_LDFLAGS=
|
||||
GENERAL= Makefile
|
||||
BASENAME= openssl
|
||||
NAME= $(BASENAME)-$(VERSION)
|
||||
TARFILE= $(NAME).tar
|
||||
WTARFILE= $(NAME)-win.tar
|
||||
TARFILE= ../$(NAME).tar
|
||||
EXHEADER= e_os2.h
|
||||
HEADER= e_os.h
|
||||
|
||||
@ -501,38 +500,35 @@ TABLE: Configure
|
||||
# would occur. Therefore the list of files is temporarily stored into a file
|
||||
# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
|
||||
# tar does not support the --files-from option.
|
||||
TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \
|
||||
--owner openssl:0 --group openssl:0 \
|
||||
--transform 's|^|openssl-$(VERSION)/|' \
|
||||
TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
|
||||
--owner 0 --group 0 \
|
||||
--transform 's|^|$(NAME)/|' \
|
||||
-cvf -
|
||||
|
||||
../$(TARFILE).list:
|
||||
$(TARFILE).list:
|
||||
find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
|
||||
\! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
|
||||
\! -name '*test' \! -name '.#*' \! -name '*~' \
|
||||
| sort > ../$(TARFILE).list
|
||||
\( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
|
||||
\! -name '.#*' \! -name '*~' \! -type l \
|
||||
| sort > $(TARFILE).list
|
||||
|
||||
tar: ../$(TARFILE).list
|
||||
tar: $(TARFILE).list
|
||||
find . -type d -print | xargs chmod 755
|
||||
find . -type f -print | xargs chmod a+r
|
||||
find . -type f -perm -0100 -print | xargs chmod a+x
|
||||
$(TAR_COMMAND) | gzip --best >../$(TARFILE).gz
|
||||
rm -f ../$(TARFILE).list
|
||||
ls -l ../$(TARFILE).gz
|
||||
$(TAR_COMMAND) | gzip --best > $(TARFILE).gz
|
||||
rm -f $(TARFILE).list
|
||||
ls -l $(TARFILE).gz
|
||||
|
||||
tar-snap: ../$(TARFILE).list
|
||||
$(TAR_COMMAND) > ../$(TARFILE)
|
||||
rm -f ../$(TARFILE).list
|
||||
ls -l ../$(TARFILE)
|
||||
tar-snap: $(TARFILE).list
|
||||
$(TAR_COMMAND) > $(TARFILE)
|
||||
rm -f $(TARFILE).list
|
||||
ls -l $(TARFILE)
|
||||
|
||||
dist:
|
||||
$(PERL) Configure dist
|
||||
@$(MAKE) dist_pem_h
|
||||
@$(MAKE) SDIRS='$(SDIRS)' clean
|
||||
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
|
||||
|
||||
dist_pem_h:
|
||||
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
|
||||
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
|
||||
|
||||
install: all install_docs install_sw
|
||||
|
||||
|
@ -180,8 +180,7 @@ SHARED_LDFLAGS=
|
||||
GENERAL= Makefile
|
||||
BASENAME= openssl
|
||||
NAME= $(BASENAME)-$(VERSION)
|
||||
TARFILE= $(NAME).tar
|
||||
WTARFILE= $(NAME)-win.tar
|
||||
TARFILE= ../$(NAME).tar
|
||||
EXHEADER= e_os2.h
|
||||
HEADER= e_os.h
|
||||
|
||||
@ -499,38 +498,35 @@ TABLE: Configure
|
||||
# would occur. Therefore the list of files is temporarily stored into a file
|
||||
# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
|
||||
# tar does not support the --files-from option.
|
||||
TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list \
|
||||
--owner openssl:0 --group openssl:0 \
|
||||
--transform 's|^|openssl-$(VERSION)/|' \
|
||||
TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
|
||||
--owner 0 --group 0 \
|
||||
--transform 's|^|$(NAME)/|' \
|
||||
-cvf -
|
||||
|
||||
../$(TARFILE).list:
|
||||
$(TARFILE).list:
|
||||
find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
|
||||
\! -name '*.so' \! -name '*.so.*' \! -name 'openssl' \
|
||||
\! -name '*test' \! -name '.#*' \! -name '*~' \
|
||||
| sort > ../$(TARFILE).list
|
||||
\( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
|
||||
\! -name '.#*' \! -name '*~' \! -type l \
|
||||
| sort > $(TARFILE).list
|
||||
|
||||
tar: ../$(TARFILE).list
|
||||
tar: $(TARFILE).list
|
||||
find . -type d -print | xargs chmod 755
|
||||
find . -type f -print | xargs chmod a+r
|
||||
find . -type f -perm -0100 -print | xargs chmod a+x
|
||||
$(TAR_COMMAND) | gzip --best >../$(TARFILE).gz
|
||||
rm -f ../$(TARFILE).list
|
||||
ls -l ../$(TARFILE).gz
|
||||
$(TAR_COMMAND) | gzip --best > $(TARFILE).gz
|
||||
rm -f $(TARFILE).list
|
||||
ls -l $(TARFILE).gz
|
||||
|
||||
tar-snap: ../$(TARFILE).list
|
||||
$(TAR_COMMAND) > ../$(TARFILE)
|
||||
rm -f ../$(TARFILE).list
|
||||
ls -l ../$(TARFILE)
|
||||
tar-snap: $(TARFILE).list
|
||||
$(TAR_COMMAND) > $(TARFILE)
|
||||
rm -f $(TARFILE).list
|
||||
ls -l $(TARFILE)
|
||||
|
||||
dist:
|
||||
$(PERL) Configure dist
|
||||
@$(MAKE) dist_pem_h
|
||||
@$(MAKE) SDIRS='$(SDIRS)' clean
|
||||
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
|
||||
|
||||
dist_pem_h:
|
||||
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
|
||||
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
|
||||
|
||||
install: all install_docs install_sw
|
||||
|
||||
|
@ -5,6 +5,11 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016]
|
||||
|
||||
o DH small subgroups (CVE-2016-0701)
|
||||
o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
|
||||
|
||||
Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]
|
||||
|
||||
o BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
OpenSSL 1.0.2e 3 Dec 2015
|
||||
OpenSSL 1.0.2f 28 Jan 2016
|
||||
|
||||
Copyright (c) 1998-2015 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
@ -90,11 +90,12 @@
|
||||
|
||||
In order to avoid spam, this is a moderated mailing list, and it might
|
||||
take a day for the ticket to show up. (We also scan posts to make sure
|
||||
that security disclosures aren't publically posted by mistake.) Mail to
|
||||
this address is recorded in the public RT (request tracker) database (see
|
||||
https://www.openssl.org/support/rt.html for details) and also forwarded
|
||||
the public openssl-dev mailing list. Confidential mail may be sent to
|
||||
openssl-security@openssl.org (PGP key available from the key servers).
|
||||
that security disclosures aren't publically posted by mistake.) Mail
|
||||
to this address is recorded in the public RT (request tracker) database
|
||||
(see https://www.openssl.org/community/index.html#bugs for details) and
|
||||
also forwarded the public openssl-dev mailing list. Confidential mail
|
||||
may be sent to openssl-security@openssl.org (PGP key available from the
|
||||
key servers).
|
||||
|
||||
Please do NOT use this for general assistance or support queries.
|
||||
Just because something doesn't work the way you expect does not mean it
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
|
||||
/* apps/engine.c */
|
||||
/*
|
||||
* Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1041,7 +1041,7 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
|
||||
bs = OCSP_BASICRESP_new();
|
||||
thisupd = X509_gmtime_adj(NULL, 0);
|
||||
if (ndays != -1)
|
||||
nextupd = X509_gmtime_adj(NULL, nmin * 60 + ndays * 3600 * 24);
|
||||
nextupd = X509_time_adj_ex(NULL, ndays, nmin * 60, NULL);
|
||||
|
||||
/* Examine each certificate id in the request */
|
||||
for (i = 0; i < id_count; i++) {
|
||||
|
@ -79,7 +79,8 @@ const EVP_CIPHER *enc;
|
||||
# define CLCERTS 0x8
|
||||
# define CACERTS 0x10
|
||||
|
||||
int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
|
||||
static int get_cert_chain(X509 *cert, X509_STORE *store,
|
||||
STACK_OF(X509) **chain);
|
||||
int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen,
|
||||
int options, char *pempass);
|
||||
int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
|
||||
@ -594,7 +595,7 @@ int MAIN(int argc, char **argv)
|
||||
vret = get_cert_chain(ucert, store, &chain2);
|
||||
X509_STORE_free(store);
|
||||
|
||||
if (!vret) {
|
||||
if (vret == X509_V_OK) {
|
||||
/* Exclude verified certificate */
|
||||
for (i = 1; i < sk_X509_num(chain2); i++)
|
||||
sk_X509_push(certs, sk_X509_value(chain2, i));
|
||||
@ -602,7 +603,7 @@ int MAIN(int argc, char **argv)
|
||||
X509_free(sk_X509_value(chain2, 0));
|
||||
sk_X509_free(chain2);
|
||||
} else {
|
||||
if (vret >= 0)
|
||||
if (vret != X509_V_ERR_UNSPECIFIED)
|
||||
BIO_printf(bio_err, "Error %s getting chain.\n",
|
||||
X509_verify_cert_error_string(vret));
|
||||
else
|
||||
@ -906,36 +907,25 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
|
||||
|
||||
/* Given a single certificate return a verified chain or NULL if error */
|
||||
|
||||
/* Hope this is OK .... */
|
||||
|
||||
int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
|
||||
static int get_cert_chain(X509 *cert, X509_STORE *store,
|
||||
STACK_OF(X509) **chain)
|
||||
{
|
||||
X509_STORE_CTX store_ctx;
|
||||
STACK_OF(X509) *chn;
|
||||
STACK_OF(X509) *chn = NULL;
|
||||
int i = 0;
|
||||
|
||||
/*
|
||||
* FIXME: Should really check the return status of X509_STORE_CTX_init
|
||||
* for an error, but how that fits into the return value of this function
|
||||
* is less obvious.
|
||||
*/
|
||||
X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
|
||||
if (X509_verify_cert(&store_ctx) <= 0) {
|
||||
i = X509_STORE_CTX_get_error(&store_ctx);
|
||||
if (i == 0)
|
||||
/*
|
||||
* avoid returning 0 if X509_verify_cert() did not set an
|
||||
* appropriate error value in the context
|
||||
*/
|
||||
i = -1;
|
||||
chn = NULL;
|
||||
goto err;
|
||||
} else
|
||||
if (!X509_STORE_CTX_init(&store_ctx, store, cert, NULL)) {
|
||||
*chain = NULL;
|
||||
return X509_V_ERR_UNSPECIFIED;
|
||||
}
|
||||
|
||||
if (X509_verify_cert(&store_ctx) > 0)
|
||||
chn = X509_STORE_CTX_get1_chain(&store_ctx);
|
||||
err:
|
||||
else if ((i = X509_STORE_CTX_get_error(&store_ctx)) == 0)
|
||||
i = X509_V_ERR_UNSPECIFIED;
|
||||
|
||||
X509_STORE_CTX_cleanup(&store_ctx);
|
||||
*chain = chn;
|
||||
|
||||
return i;
|
||||
}
|
||||
|
||||
|
@ -74,10 +74,11 @@ static void usage(void);
|
||||
|
||||
static EVP_PKEY_CTX *init_ctx(int *pkeysize,
|
||||
char *keyfile, int keyform, int key_type,
|
||||
char *passargin, int pkey_op, ENGINE *e);
|
||||
char *passargin, int pkey_op, ENGINE *e,
|
||||
int impl);
|
||||
|
||||
static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
|
||||
const char *file);
|
||||
const char *file, ENGINE* e);
|
||||
|
||||
static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
|
||||
unsigned char *out, size_t *poutlen,
|
||||
@ -97,6 +98,7 @@ int MAIN(int argc, char **argv)
|
||||
EVP_PKEY_CTX *ctx = NULL;
|
||||
char *passargin = NULL;
|
||||
int keysize = -1;
|
||||
int engine_impl = 0;
|
||||
|
||||
unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
|
||||
size_t buf_outlen;
|
||||
@ -137,7 +139,7 @@ int MAIN(int argc, char **argv)
|
||||
else {
|
||||
ctx = init_ctx(&keysize,
|
||||
*(++argv), keyform, key_type,
|
||||
passargin, pkey_op, e);
|
||||
passargin, pkey_op, e, engine_impl);
|
||||
if (!ctx) {
|
||||
BIO_puts(bio_err, "Error initializing context\n");
|
||||
ERR_print_errors(bio_err);
|
||||
@ -147,7 +149,7 @@ int MAIN(int argc, char **argv)
|
||||
} else if (!strcmp(*argv, "-peerkey")) {
|
||||
if (--argc < 1)
|
||||
badarg = 1;
|
||||
else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
|
||||
else if (!setup_peer(bio_err, ctx, peerform, *(++argv), e))
|
||||
badarg = 1;
|
||||
} else if (!strcmp(*argv, "-passin")) {
|
||||
if (--argc < 1)
|
||||
@ -171,6 +173,8 @@ int MAIN(int argc, char **argv)
|
||||
badarg = 1;
|
||||
else
|
||||
e = setup_engine(bio_err, *(++argv), 0);
|
||||
} else if (!strcmp(*argv, "-engine_impl")) {
|
||||
engine_impl = 1;
|
||||
}
|
||||
#endif
|
||||
else if (!strcmp(*argv, "-pubin"))
|
||||
@ -368,7 +372,8 @@ static void usage()
|
||||
BIO_printf(bio_err, "-hexdump hex dump output\n");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
BIO_printf(bio_err,
|
||||
"-engine e use engine e, possibly a hardware device.\n");
|
||||
"-engine e use engine e, maybe a hardware device, for loading keys.\n");
|
||||
BIO_printf(bio_err, "-engine_impl also use engine given by -engine for crypto operations\n");
|
||||
#endif
|
||||
BIO_printf(bio_err, "-passin arg pass phrase source\n");
|
||||
|
||||
@ -376,10 +381,12 @@ static void usage()
|
||||
|
||||
static EVP_PKEY_CTX *init_ctx(int *pkeysize,
|
||||
char *keyfile, int keyform, int key_type,
|
||||
char *passargin, int pkey_op, ENGINE *e)
|
||||
char *passargin, int pkey_op, ENGINE *e,
|
||||
int engine_impl)
|
||||
{
|
||||
EVP_PKEY *pkey = NULL;
|
||||
EVP_PKEY_CTX *ctx = NULL;
|
||||
ENGINE *impl = NULL;
|
||||
char *passin = NULL;
|
||||
int rv = -1;
|
||||
X509 *x;
|
||||
@ -418,9 +425,14 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
|
||||
|
||||
if (!pkey)
|
||||
goto end;
|
||||
|
||||
ctx = EVP_PKEY_CTX_new(pkey, e);
|
||||
|
||||
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
if (engine_impl)
|
||||
impl = e;
|
||||
#endif
|
||||
|
||||
ctx = EVP_PKEY_CTX_new(pkey, impl);
|
||||
|
||||
EVP_PKEY_free(pkey);
|
||||
|
||||
if (!ctx)
|
||||
@ -467,16 +479,20 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
|
||||
}
|
||||
|
||||
static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
|
||||
const char *file)
|
||||
const char *file, ENGINE* e)
|
||||
{
|
||||
EVP_PKEY *peer = NULL;
|
||||
ENGINE* engine = NULL;
|
||||
int ret;
|
||||
if (!ctx) {
|
||||
BIO_puts(err, "-peerkey command before -inkey\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
|
||||
if (peerform == FORMAT_ENGINE)
|
||||
engine = e;
|
||||
|
||||
peer = load_pubkey(bio_err, file, peerform, 0, NULL, engine, "Peer Key");
|
||||
|
||||
if (!peer) {
|
||||
BIO_printf(bio_err, "Error reading peer key %s\n", file);
|
||||
|
@ -308,7 +308,7 @@ static void sc_usage(void)
|
||||
" -connect host:port - who to connect to (default is %s:%s)\n",
|
||||
SSL_HOST_NAME, PORT_STR);
|
||||
BIO_printf(bio_err,
|
||||
" -verify_host host - check peer certificate matches \"host\"\n");
|
||||
" -verify_hostname host - check peer certificate matches \"host\"\n");
|
||||
BIO_printf(bio_err,
|
||||
" -verify_email email - check peer certificate matches \"email\"\n");
|
||||
BIO_printf(bio_err,
|
||||
|
@ -498,7 +498,7 @@ static void sv_usage(void)
|
||||
BIO_printf(bio_err,
|
||||
" -accept arg - port to accept on (default is %d)\n", PORT);
|
||||
BIO_printf(bio_err,
|
||||
" -verify_host host - check peer certificate matches \"host\"\n");
|
||||
" -verify_hostname host - check peer certificate matches \"host\"\n");
|
||||
BIO_printf(bio_err,
|
||||
" -verify_email email - check peer certificate matches \"email\"\n");
|
||||
BIO_printf(bio_err,
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* apps/speed.c */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
|
@ -1226,12 +1226,7 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
|
||||
if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL)
|
||||
goto err;
|
||||
|
||||
/* Lets just make it 12:00am GMT, Jan 1 1970 */
|
||||
/* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
|
||||
/* 28 days to be certified */
|
||||
|
||||
if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) ==
|
||||
NULL)
|
||||
if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
|
||||
goto err;
|
||||
|
||||
if (!X509_set_pubkey(x, pkey))
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_cbc.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_cfb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_core.c */
|
||||
/**
|
||||
* rijndael-alg-fst.c
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ctr.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ecb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ige.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_misc.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ofb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_core.c */
|
||||
/**
|
||||
* rijndael-alg-fst.c
|
||||
*
|
||||
|
@ -63,7 +63,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$avx = ($1>=10) + ($1>=11);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
$avx = ($2>=3.0) + ($2>3.0);
|
||||
}
|
||||
|
||||
|
@ -94,7 +94,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
|
||||
$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
|
||||
$1>=10);
|
||||
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/ && $2>=3.0);
|
||||
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/ && $2>=3.0);
|
||||
|
||||
$shaext=1; ### set to zero if compiling for 1.0.1
|
||||
|
||||
|
@ -59,7 +59,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$avx = ($1>=10) + ($1>=12);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
$avx = ($2>=3.0) + ($2>3.0);
|
||||
}
|
||||
|
||||
|
@ -479,11 +479,11 @@ struct bio_dgram_sctp_prinfo {
|
||||
# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||
# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||
# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
|
||||
# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
|
||||
# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,0,NULL)
|
||||
|
||||
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||
|
||||
/* BIO_s_accept_socket() */
|
||||
/* BIO_s_accept() */
|
||||
# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
|
||||
# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
|
||||
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
|
||||
@ -496,6 +496,7 @@ struct bio_dgram_sctp_prinfo {
|
||||
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
|
||||
# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
|
||||
|
||||
/* BIO_s_accept() and BIO_s_connect() */
|
||||
# define BIO_do_connect(b) BIO_do_handshake(b)
|
||||
# define BIO_do_accept(b) BIO_do_handshake(b)
|
||||
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
|
||||
@ -515,12 +516,15 @@ struct bio_dgram_sctp_prinfo {
|
||||
# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
|
||||
# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
|
||||
|
||||
/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
|
||||
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
|
||||
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
|
||||
|
||||
/* BIO_s_file() */
|
||||
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
|
||||
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
|
||||
|
||||
/* BIO_s_fd() and BIO_s_file() */
|
||||
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
|
||||
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */
|
||||
/* crypto/bio/bss_bio.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -419,7 +419,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
{
|
||||
BIO *dbio;
|
||||
int *ip;
|
||||
const char **pptr;
|
||||
const char **pptr = NULL;
|
||||
long ret = 1;
|
||||
BIO_CONNECT *data;
|
||||
|
||||
@ -442,19 +442,28 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
case BIO_C_GET_CONNECT:
|
||||
if (ptr != NULL) {
|
||||
pptr = (const char **)ptr;
|
||||
if (num == 0) {
|
||||
*pptr = data->param_hostname;
|
||||
}
|
||||
|
||||
} else if (num == 1) {
|
||||
*pptr = data->param_port;
|
||||
} else if (num == 2) {
|
||||
*pptr = (char *)&(data->ip[0]);
|
||||
} else if (num == 3) {
|
||||
*((int *)ptr) = data->port;
|
||||
if (b->init) {
|
||||
if (pptr != NULL) {
|
||||
ret = 1;
|
||||
if (num == 0) {
|
||||
*pptr = data->param_hostname;
|
||||
} else if (num == 1) {
|
||||
*pptr = data->param_port;
|
||||
} else if (num == 2) {
|
||||
*pptr = (char *)&(data->ip[0]);
|
||||
} else {
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
if ((!b->init) || (ptr == NULL))
|
||||
if (num == 3) {
|
||||
ret = data->port;
|
||||
}
|
||||
} else {
|
||||
if (pptr != NULL)
|
||||
*pptr = "not initialized";
|
||||
ret = 1;
|
||||
ret = 0;
|
||||
}
|
||||
break;
|
||||
case BIO_C_SET_CONNECT:
|
||||
|
@ -519,10 +519,8 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
switch (cmd) {
|
||||
case BIO_CTRL_RESET:
|
||||
num = 0;
|
||||
case BIO_C_FILE_SEEK:
|
||||
ret = 0;
|
||||
break;
|
||||
case BIO_C_FILE_TELL:
|
||||
case BIO_CTRL_INFO:
|
||||
ret = 0;
|
||||
break;
|
||||
|
@ -113,7 +113,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$addx = ($1>=12);
|
||||
}
|
||||
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
|
||||
$addx = ($ver>=3.03);
|
||||
}
|
||||
|
@ -68,7 +68,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$addx = ($1>=12);
|
||||
}
|
||||
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
|
||||
$addx = ($ver>=3.03);
|
||||
}
|
||||
|
@ -53,7 +53,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$addx = ($1>=12);
|
||||
}
|
||||
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
|
||||
$addx = ($ver>=3.03);
|
||||
}
|
||||
|
@ -282,9 +282,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
|
||||
if (bits == 0) {
|
||||
ret = BN_one(r);
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(r);
|
||||
} else {
|
||||
ret = BN_one(r);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -418,7 +423,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
ret = BN_one(rr);
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
ret = BN_one(rr);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -639,7 +650,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
|
||||
* precomputation memory layout to limit data-dependency to a minimum to
|
||||
* protect secret exponents (cf. the hyper-threading timing attacks pointed
|
||||
* out by Colin Percival,
|
||||
* http://www.daemong-consideredperthreading-considered-harmful/)
|
||||
* http://www.daemonology.net/hyperthreading-considered-harmful/)
|
||||
*/
|
||||
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
const BIGNUM *m, BN_CTX *ctx,
|
||||
@ -671,7 +682,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
ret = BN_one(rr);
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
ret = BN_one(rr);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -1182,8 +1199,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else
|
||||
} else {
|
||||
ret = BN_one(rr);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
if (a == 0) {
|
||||
@ -1297,9 +1315,14 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
|
||||
if (bits == 0) {
|
||||
ret = BN_one(r);
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(r);
|
||||
} else {
|
||||
ret = BN_one(r);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -72,6 +72,25 @@
|
||||
static const char rnd_seed[] =
|
||||
"string to make the random number generator think it has entropy";
|
||||
|
||||
/*
|
||||
* Test that r == 0 in test_exp_mod_zero(). Returns one on success,
|
||||
* returns zero and prints debug output otherwise.
|
||||
*/
|
||||
static int a_is_zero_mod_one(const char *method, const BIGNUM *r,
|
||||
const BIGNUM *a) {
|
||||
if (!BN_is_zero(r)) {
|
||||
fprintf(stderr, "%s failed:\n", method);
|
||||
fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n");
|
||||
fprintf(stderr, "a = ");
|
||||
BN_print_fp(stderr, a);
|
||||
fprintf(stderr, "\nr = ");
|
||||
BN_print_fp(stderr, r);
|
||||
fprintf(stderr, "\n");
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
|
||||
*/
|
||||
@ -79,8 +98,9 @@ static int test_exp_mod_zero()
|
||||
{
|
||||
BIGNUM a, p, m;
|
||||
BIGNUM r;
|
||||
BN_ULONG one_word = 1;
|
||||
BN_CTX *ctx = BN_CTX_new();
|
||||
int ret = 1;
|
||||
int ret = 1, failed = 0;
|
||||
|
||||
BN_init(&m);
|
||||
BN_one(&m);
|
||||
@ -92,21 +112,65 @@ static int test_exp_mod_zero()
|
||||
BN_zero(&p);
|
||||
|
||||
BN_init(&r);
|
||||
BN_mod_exp(&r, &a, &p, &m, ctx);
|
||||
BN_CTX_free(ctx);
|
||||
|
||||
if (BN_is_zero(&r))
|
||||
ret = 0;
|
||||
else {
|
||||
printf("1**0 mod 1 = ");
|
||||
BN_print_fp(stdout, &r);
|
||||
printf(", should be 0\n");
|
||||
if (!BN_rand(&a, 1024, 0, 0))
|
||||
goto err;
|
||||
|
||||
if (!BN_mod_exp(&r, &a, &p, &m, ctx))
|
||||
goto err;
|
||||
|
||||
if (!a_is_zero_mod_one("BN_mod_exp", &r, &a))
|
||||
failed = 1;
|
||||
|
||||
if (!BN_mod_exp_recp(&r, &a, &p, &m, ctx))
|
||||
goto err;
|
||||
|
||||
if (!a_is_zero_mod_one("BN_mod_exp_recp", &r, &a))
|
||||
failed = 1;
|
||||
|
||||
if (!BN_mod_exp_simple(&r, &a, &p, &m, ctx))
|
||||
goto err;
|
||||
|
||||
if (!a_is_zero_mod_one("BN_mod_exp_simple", &r, &a))
|
||||
failed = 1;
|
||||
|
||||
if (!BN_mod_exp_mont(&r, &a, &p, &m, ctx, NULL))
|
||||
goto err;
|
||||
|
||||
if (!a_is_zero_mod_one("BN_mod_exp_mont", &r, &a))
|
||||
failed = 1;
|
||||
|
||||
if (!BN_mod_exp_mont_consttime(&r, &a, &p, &m, ctx, NULL)) {
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", &r, &a))
|
||||
failed = 1;
|
||||
|
||||
/*
|
||||
* A different codepath exists for single word multiplication
|
||||
* in non-constant-time only.
|
||||
*/
|
||||
if (!BN_mod_exp_mont_word(&r, one_word, &p, &m, ctx, NULL))
|
||||
goto err;
|
||||
|
||||
if (!BN_is_zero(&r)) {
|
||||
fprintf(stderr, "BN_mod_exp_mont_word failed:\n");
|
||||
fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n");
|
||||
fprintf(stderr, "r = ");
|
||||
BN_print_fp(stderr, &r);
|
||||
fprintf(stderr, "\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = failed;
|
||||
|
||||
err:
|
||||
BN_free(&r);
|
||||
BN_free(&a);
|
||||
BN_free(&p);
|
||||
BN_free(&m);
|
||||
BN_CTX_free(ctx);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia.c */
|
||||
/* ====================================================================
|
||||
* Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
|
||||
* ALL RIGHTS RESERVED.
|
||||
@ -67,7 +67,7 @@
|
||||
|
||||
/*
|
||||
* Algorithm Specification
|
||||
* http://info.isl.llia/specicrypt/eng/camellia/specifications.html
|
||||
* http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_cbc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_cbc.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_cfb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_cfb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_ctr.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_ctr.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_ecb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_ecb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_locl.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_locl.h */
|
||||
/* ====================================================================
|
||||
* Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
|
||||
* ALL RIGHTS RESERVED.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_misc.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia_ofb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia_ofb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/cmll_utl.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/cmll_utl.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/des/des_old.c */
|
||||
|
||||
/*-
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/des/des_old.h */
|
||||
|
||||
/*-
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/des/des_old.c */
|
||||
|
||||
/*
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The
|
||||
|
@ -174,6 +174,7 @@ struct dh_st {
|
||||
/* DH_check_pub_key error codes */
|
||||
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
|
||||
# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
|
||||
# define DH_CHECK_PUBKEY_INVALID 0x03
|
||||
|
||||
/*
|
||||
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
|
||||
|
@ -151,23 +151,38 @@ int DH_check(const DH *dh, int *ret)
|
||||
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
|
||||
{
|
||||
int ok = 0;
|
||||
BIGNUM *q = NULL;
|
||||
BIGNUM *tmp = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
|
||||
*ret = 0;
|
||||
q = BN_new();
|
||||
if (q == NULL)
|
||||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
BN_set_word(q, 1);
|
||||
if (BN_cmp(pub_key, q) <= 0)
|
||||
BN_CTX_start(ctx);
|
||||
tmp = BN_CTX_get(ctx);
|
||||
if (tmp == NULL)
|
||||
goto err;
|
||||
BN_set_word(tmp, 1);
|
||||
if (BN_cmp(pub_key, tmp) <= 0)
|
||||
*ret |= DH_CHECK_PUBKEY_TOO_SMALL;
|
||||
BN_copy(q, dh->p);
|
||||
BN_sub_word(q, 1);
|
||||
if (BN_cmp(pub_key, q) >= 0)
|
||||
BN_copy(tmp, dh->p);
|
||||
BN_sub_word(tmp, 1);
|
||||
if (BN_cmp(pub_key, tmp) >= 0)
|
||||
*ret |= DH_CHECK_PUBKEY_TOO_LARGE;
|
||||
|
||||
if (dh->q != NULL) {
|
||||
/* Check pub_key^q == 1 mod p */
|
||||
if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx))
|
||||
goto err;
|
||||
if (!BN_is_one(tmp))
|
||||
*ret |= DH_CHECK_PUBKEY_INVALID;
|
||||
}
|
||||
|
||||
ok = 1;
|
||||
err:
|
||||
if (q != NULL)
|
||||
BN_free(q);
|
||||
if (ctx != NULL) {
|
||||
BN_CTX_end(ctx);
|
||||
BN_CTX_free(ctx);
|
||||
}
|
||||
return (ok);
|
||||
}
|
||||
|
@ -471,6 +471,31 @@ static const unsigned char dhtest_2048_256_Z[] = {
|
||||
0xC2, 0x6C, 0x5D, 0x7C
|
||||
};
|
||||
|
||||
static const unsigned char dhtest_rfc5114_2048_224_bad_y[] = {
|
||||
0x45, 0x32, 0x5F, 0x51, 0x07, 0xE5, 0xDF, 0x1C, 0xD6, 0x02, 0x82, 0xB3,
|
||||
0x32, 0x8F, 0xA4, 0x0F, 0x87, 0xB8, 0x41, 0xFE, 0xB9, 0x35, 0xDE, 0xAD,
|
||||
0xC6, 0x26, 0x85, 0xB4, 0xFF, 0x94, 0x8C, 0x12, 0x4C, 0xBF, 0x5B, 0x20,
|
||||
0xC4, 0x46, 0xA3, 0x26, 0xEB, 0xA4, 0x25, 0xB7, 0x68, 0x8E, 0xCC, 0x67,
|
||||
0xBA, 0xEA, 0x58, 0xD0, 0xF2, 0xE9, 0xD2, 0x24, 0x72, 0x60, 0xDA, 0x88,
|
||||
0x18, 0x9C, 0xE0, 0x31, 0x6A, 0xAD, 0x50, 0x6D, 0x94, 0x35, 0x8B, 0x83,
|
||||
0x4A, 0x6E, 0xFA, 0x48, 0x73, 0x0F, 0x83, 0x87, 0xFF, 0x6B, 0x66, 0x1F,
|
||||
0xA8, 0x82, 0xC6, 0x01, 0xE5, 0x80, 0xB5, 0xB0, 0x52, 0xD0, 0xE9, 0xD8,
|
||||
0x72, 0xF9, 0x7D, 0x5B, 0x8B, 0xA5, 0x4C, 0xA5, 0x25, 0x95, 0x74, 0xE2,
|
||||
0x7A, 0x61, 0x4E, 0xA7, 0x8F, 0x12, 0xE2, 0xD2, 0x9D, 0x8C, 0x02, 0x70,
|
||||
0x34, 0x44, 0x32, 0xC7, 0xB2, 0xF3, 0xB9, 0xFE, 0x17, 0x2B, 0xD6, 0x1F,
|
||||
0x8B, 0x7E, 0x4A, 0xFA, 0xA3, 0xB5, 0x3E, 0x7A, 0x81, 0x9A, 0x33, 0x66,
|
||||
0x62, 0xA4, 0x50, 0x18, 0x3E, 0xA2, 0x5F, 0x00, 0x07, 0xD8, 0x9B, 0x22,
|
||||
0xE4, 0xEC, 0x84, 0xD5, 0xEB, 0x5A, 0xF3, 0x2A, 0x31, 0x23, 0xD8, 0x44,
|
||||
0x22, 0x2A, 0x8B, 0x37, 0x44, 0xCC, 0xC6, 0x87, 0x4B, 0xBE, 0x50, 0x9D,
|
||||
0x4A, 0xC4, 0x8E, 0x45, 0xCF, 0x72, 0x4D, 0xC0, 0x89, 0xB3, 0x72, 0xED,
|
||||
0x33, 0x2C, 0xBC, 0x7F, 0x16, 0x39, 0x3B, 0xEB, 0xD2, 0xDD, 0xA8, 0x01,
|
||||
0x73, 0x84, 0x62, 0xB9, 0x29, 0xD2, 0xC9, 0x51, 0x32, 0x9E, 0x7A, 0x6A,
|
||||
0xCF, 0xC1, 0x0A, 0xDB, 0x0E, 0xE0, 0x62, 0x77, 0x6F, 0x59, 0x62, 0x72,
|
||||
0x5A, 0x69, 0xA6, 0x5B, 0x70, 0xCA, 0x65, 0xC4, 0x95, 0x6F, 0x9A, 0xC2,
|
||||
0xDF, 0x72, 0x6D, 0xB1, 0x1E, 0x54, 0x7B, 0x51, 0xB4, 0xEF, 0x7F, 0x89,
|
||||
0x93, 0x74, 0x89, 0x59
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
DH *(*get_param) (void);
|
||||
const unsigned char *xA;
|
||||
@ -503,10 +528,15 @@ static const rfc5114_td rfctd[] = {
|
||||
static int run_rfc5114_tests(void)
|
||||
{
|
||||
int i;
|
||||
DH *dhA = NULL;
|
||||
DH *dhB = NULL;
|
||||
unsigned char *Z1 = NULL;
|
||||
unsigned char *Z2 = NULL;
|
||||
const rfc5114_td *td = NULL;
|
||||
BIGNUM *bady = NULL;
|
||||
|
||||
for (i = 0; i < (int)(sizeof(rfctd) / sizeof(rfc5114_td)); i++) {
|
||||
DH *dhA, *dhB;
|
||||
unsigned char *Z1 = NULL, *Z2 = NULL;
|
||||
const rfc5114_td *td = rfctd + i;
|
||||
td = rfctd + i;
|
||||
/* Set up DH structures setting key components */
|
||||
dhA = td->get_param();
|
||||
dhB = td->get_param();
|
||||
@ -549,14 +579,63 @@ static int run_rfc5114_tests(void)
|
||||
DH_free(dhB);
|
||||
OPENSSL_free(Z1);
|
||||
OPENSSL_free(Z2);
|
||||
|
||||
dhA = NULL;
|
||||
dhB = NULL;
|
||||
Z1 = NULL;
|
||||
Z2 = NULL;
|
||||
}
|
||||
|
||||
/* Now i == OSSL_NELEM(rfctd) */
|
||||
/* RFC5114 uses unsafe primes, so now test an invalid y value */
|
||||
dhA = DH_get_2048_224();
|
||||
if (dhA == NULL)
|
||||
goto bad_err;
|
||||
Z1 = OPENSSL_malloc(DH_size(dhA));
|
||||
if (Z1 == NULL)
|
||||
goto bad_err;
|
||||
|
||||
bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y,
|
||||
sizeof(dhtest_rfc5114_2048_224_bad_y), NULL);
|
||||
if (bady == NULL)
|
||||
goto bad_err;
|
||||
|
||||
if (!DH_generate_key(dhA))
|
||||
goto bad_err;
|
||||
|
||||
if (DH_compute_key(Z1, bady, dhA) != -1) {
|
||||
/*
|
||||
* DH_compute_key should fail with -1. If we get here we unexpectedly
|
||||
* allowed an invalid y value
|
||||
*/
|
||||
goto err;
|
||||
}
|
||||
/* We'll have a stale error on the queue from the above test so clear it */
|
||||
ERR_clear_error();
|
||||
|
||||
printf("RFC5114 parameter test %d OK\n", i + 1);
|
||||
|
||||
BN_free(bady);
|
||||
DH_free(dhA);
|
||||
OPENSSL_free(Z1);
|
||||
|
||||
return 1;
|
||||
bad_err:
|
||||
BN_free(bady);
|
||||
DH_free(dhA);
|
||||
DH_free(dhB);
|
||||
OPENSSL_free(Z1);
|
||||
OPENSSL_free(Z2);
|
||||
|
||||
fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1);
|
||||
ERR_print_errors_fp(stderr);
|
||||
return 0;
|
||||
err:
|
||||
BN_free(bady);
|
||||
DH_free(dhA);
|
||||
DH_free(dhB);
|
||||
OPENSSL_free(Z1);
|
||||
OPENSSL_free(Z2);
|
||||
|
||||
fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
|
||||
return 0;
|
||||
}
|
||||
|
@ -187,9 +187,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
||||
if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
|
||||
goto err;
|
||||
|
||||
ret = DSA_SIG_new();
|
||||
if (ret == NULL)
|
||||
goto err;
|
||||
/*
|
||||
* Redo if r or s is zero as required by FIPS 186-3: this is very
|
||||
* unlikely.
|
||||
@ -201,11 +198,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
||||
}
|
||||
goto redo;
|
||||
}
|
||||
ret = DSA_SIG_new();
|
||||
if (ret == NULL)
|
||||
goto err;
|
||||
ret->r = r;
|
||||
ret->s = s;
|
||||
|
||||
err:
|
||||
if (!ret) {
|
||||
if (ret == NULL) {
|
||||
DSAerr(DSA_F_DSA_DO_SIGN, reason);
|
||||
BN_free(r);
|
||||
BN_free(s);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso.h */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_dl.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_dlfcn.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_lib.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -81,7 +81,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$addx = ($1>=12);
|
||||
}
|
||||
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
|
||||
$avx = ($ver>=3.0) + ($ver>=3.01);
|
||||
$addx = ($ver>=3.03);
|
||||
|
@ -746,6 +746,7 @@ int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
|
||||
goto err;
|
||||
if (!BN_one(&point->Z))
|
||||
goto err;
|
||||
point->Z_is_one = 1;
|
||||
|
||||
ret = 1;
|
||||
|
||||
|
@ -387,6 +387,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
|
||||
|
||||
tx = BN_CTX_get(ctx);
|
||||
ty = BN_CTX_get(ctx);
|
||||
if (ty == NULL)
|
||||
goto err;
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));
|
||||
|
@ -17,7 +17,7 @@ __attribute((aligned(4096)))
|
||||
#elif defined(_MSC_VER)
|
||||
__declspec(align(4096))
|
||||
#elif defined(__SUNPRO_C)
|
||||
# pragma align 4096(ecp_nistz256_precomputed)
|
||||
# pragma align 64(ecp_nistz256_precomputed)
|
||||
#endif
|
||||
static const BN_ULONG ecp_nistz256_precomputed[37][64 *
|
||||
sizeof(P256_POINT_AFFINE) /
|
||||
|
@ -1591,7 +1591,7 @@ struct nistp_test_params {
|
||||
int degree;
|
||||
/*
|
||||
* Qx, Qy and D are taken from
|
||||
* http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
|
||||
* http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
|
||||
* Otherwise, values are standard curve parameters from FIPS 180-3
|
||||
*/
|
||||
const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/engine/eng_all.c -*- mode: C; c-file-style: "eay" -*- */
|
||||
/* crypto/engine/eng_all.c */
|
||||
/*
|
||||
* Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/evp/e_camellia.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/evp/e_old.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2004.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/evp/e_seed.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2007 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/mem_clr.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2002.
|
||||
|
@ -56,7 +56,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$avx = ($1>=10) + ($1>=11);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
$avx = ($2>=3.0) + ($2>3.0);
|
||||
}
|
||||
|
||||
|
@ -105,7 +105,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$avx = ($1>=10) + ($1>=11);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
$avx = ($2>=3.0) + ($2>3.0);
|
||||
}
|
||||
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user