Compare commits
	
		
			224 Commits
		
	
	
		
			OPENBSD_5_
			...
			v2.6.0
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|   | 5e6de6ebce | ||
|   | c92119f50a | ||
|   | 51e5279c24 | ||
|   | 70ee57c6ad | ||
|   | 0dbae37735 | ||
|   | e550534203 | ||
|   | 9b88fa46bb | ||
|   | c18852f650 | ||
|   | 0e82f22d16 | ||
|   | 9cad7f785b | ||
|   | 08869b75db | ||
|   | fc4e1b9572 | ||
|   | a8cd9fdbd6 | ||
|   | 3471d20142 | ||
|   | a61122ef6c | ||
|   | 360a67cd34 | ||
|   | a4d80ca56a | ||
|   | 334245374a | ||
|   | 52080abbf7 | ||
|   | 322b82367d | ||
|   | 1f7777169d | ||
|   | 2557dd7439 | ||
|   | a2bd5ebaba | ||
|   | 728bda1830 | ||
|   | 8a658c37b5 | ||
|   | fe79df3c90 | ||
|   | 8b80bcdad8 | ||
|   | b49242fcb0 | ||
|   | 0974d6f011 | ||
|   | d3f3daec18 | ||
|   | 0da71010d6 | ||
|   | e7b0c0069b | ||
|   | 530fbba1ed | ||
|   | 63042e98f8 | ||
|   | f494c6aaf7 | ||
|   | 6cb87c121a | ||
|   | 32ab245f05 | ||
|   | 6374bfa401 | ||
|   | 7ba183503a | ||
|   | 1f13e7956b | ||
|   | 993f5cf6f9 | ||
|   | 53fb56ea87 | ||
|   | 048625cf2b | ||
|   | 7ec0510e33 | ||
|   | 9d2418ae3a | ||
|   | 922cd9c94e | ||
|   | 7ecfed7690 | ||
|   | 2c66480f5e | ||
|   | 22bda9840b | ||
|   | 19cf5c9b01 | ||
|   | 570717c488 | ||
|   | cb73e4bef6 | ||
|   | 350170b6ab | ||
|   | ff462f05a2 | ||
|   | 764ab1e6a9 | ||
|   | d5b247cc4f | ||
|   | 8f69fe98db | ||
|   | 8622dc7536 | ||
|   | c61c9821e8 | ||
|   | 8877e9bc55 | ||
|   | 27f0879030 | ||
|   | f2c14deb58 | ||
|   | 5297e9d486 | ||
|   | 3b4d3d7541 | ||
|   | b2b47a7d11 | ||
|   | 9d75e5ea97 | ||
|   | 3ba2699dab | ||
|   | 7383bf673b | ||
|   | b67d365454 | ||
|   | c957ff63c0 | ||
|   | 97fecd593a | ||
|   | 58eb645fdb | ||
|   | fb936f89b8 | ||
|   | cb57534af8 | ||
|   | b631cafca8 | ||
|   | beffe6b41d | ||
|   | 63eaeafeec | ||
|   | 05cf1ee697 | ||
|   | f5026b1f3c | ||
|   | e57ab149c2 | ||
|   | 7dd0650d33 | ||
|   | adb94725ae | ||
|   | 91a8bd7914 | ||
|   | 93754dc5cf | ||
|   | fa149b8c8c | ||
|   | 91f771f981 | ||
|   | 301d50eaa3 | ||
|   | e463ba3b22 | ||
|   | b249f68e6c | ||
|   | 484feaae91 | ||
|   | 3276be122f | ||
|   | 3b8cf47307 | ||
|   | 3b2560feb3 | ||
|   | 4cb675e2d9 | ||
|   | f21bd20c7e | ||
|   | 51a53876b6 | ||
|   | c53c23c5d8 | ||
|   | 057e7a85b9 | ||
|   | 69e2a7fb75 | ||
|   | dbd5fb28ec | ||
|   | dfb6b11e5a | ||
|   | fa20dae329 | ||
|   | 1d934cd2d8 | ||
|   | 6db4299941 | ||
|   | 63add73d0b | ||
|   | 5e6c9983dd | ||
|   | 9f9fdc0531 | ||
|   | 7acb28a3e7 | ||
|   | c691459502 | ||
|   | 45d35f0dfb | ||
|   | 5a35108648 | ||
|   | cf056d7d43 | ||
|   | b48d11d8df | ||
|   | 7054105fde | ||
|   | a206997ad9 | ||
|   | 6fa2d21ba5 | ||
|   | f8a9c71e79 | ||
|   | b5ebbf6b88 | ||
|   | a638d7937d | ||
|   | c4165cc210 | ||
|   | 3b0488e870 | ||
|   | 04150e635c | ||
|   | 4e221632b1 | ||
|   | f51c1b3886 | ||
|   | 7e4ce26c27 | ||
|   | d2f5ab1ee8 | ||
|   | d38ab0a39e | ||
|   | f99d89a0fc | ||
|   | 5f187770f3 | ||
|   | e0a62cf201 | ||
|   | a99a3d7287 | ||
|   | 42ee57590a | ||
|   | 55419a0dde | ||
|   | 0241a8d4da | ||
|   | 5842215600 | ||
|   | 9d14220bdb | ||
|   | 70805a3e17 | ||
|   | c2ec622b89 | ||
|   | 77a2a9f3ef | ||
|   | 7770e4f2e4 | ||
|   | 348362416d | ||
|   | 19457d72b0 | ||
|   | 03a321e558 | ||
|   | 659aff9fa7 | ||
|   | a241b876e9 | ||
|   | d3abaf5fe7 | ||
|   | cb63e63370 | ||
|   | 2570ad9344 | ||
|   | 332c2eeaa3 | ||
|   | 14905877a0 | ||
|   | b434123987 | ||
|   | 62f2a73061 | ||
|   | e168f3b0bc | ||
|   | 9ba1224ed4 | ||
|   | a896814187 | ||
|   | b7ba692f72 | ||
|   | df20769977 | ||
|   | 08837a82b6 | ||
|   | 5532f007d3 | ||
|   | 6f24864a73 | ||
|   | 6040ff04b0 | ||
|   | 93be612b5c | ||
|   | 5bb829d86d | ||
|   | 22dcefee4e | ||
|   | 5ea2a55cc7 | ||
|   | 829b21581f | ||
|   | 971892766d | ||
|   | 8edd509e2c | ||
|   | 439de92dc6 | ||
|   | fab6e1f251 | ||
|   | 9e25f75800 | ||
|   | fef54aef36 | ||
|   | 83e9741dc6 | ||
|   | 2d987d32e6 | ||
|   | 36aafbb241 | ||
|   | 7a46efa40d | ||
|   | a7f754a663 | ||
|   | 1fde1eaa44 | ||
|   | 1b10e48a1f | ||
|   | a9332ccecf | ||
|   | fa435db8df | ||
|   | 618c32e4a1 | ||
|   | b13529f791 | ||
|   | 30adf9c06e | ||
|   | 23083e7724 | ||
|   | aab671088d | ||
|   | ccf66c469f | ||
|   | ec4c98718d | ||
|   | 13b7ac8ada | ||
|   | a69063be10 | ||
|   | ddb22413ed | ||
|   | 2cbdc049bb | ||
|   | 4a9e42808c | ||
|   | de4a123930 | ||
|   | 72ce1e1c9f | ||
|   | 0c4d1b9cef | ||
|   | 1f6f1a3527 | ||
|   | 7b420734d4 | ||
|   | ff021e8abd | ||
|   | 40974784c0 | ||
|   | 552817b77f | ||
|   | 5582be55b4 | ||
|   | a653a67a1e | ||
|   | 466e389d3f | ||
|   | 02e1cc4df1 | ||
|   | 49eabdcb16 | ||
|   | 08089a1b20 | ||
|   | bda62f7fe4 | ||
|   | c94670a8cd | ||
|   | 752ad82d33 | ||
|   | 2510a5e6f9 | ||
|   | 9a98de6c34 | ||
|   | 34bf322e6e | ||
|   | d9b0838432 | ||
|   | e1f8a1e160 | ||
|   | 177e13159b | ||
|   | cf45f2bdfd | ||
|   | 3207606f11 | ||
|   | 2997b8577c | ||
|   | 02b00b5c07 | ||
|   | 8131b377bf | ||
|   | 04ceeb2c75 | ||
|   | 9a0f8a424b | ||
|   | 14aa5f73ab | 
							
								
								
									
										17
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										17
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -39,6 +39,7 @@ Makefile.in | ||||
| *.la | ||||
|  | ||||
| *.def | ||||
| *.sym | ||||
| *.pc | ||||
|  | ||||
| # man pages | ||||
| @@ -57,15 +58,18 @@ tests/explicit_bzero* | ||||
| tests/gost2814789t* | ||||
| tests/mont* | ||||
| tests/rfc5280time* | ||||
| tests/ssl_versions* | ||||
| tests/timingsafe* | ||||
| tests/tls_ext_alpn* | ||||
| tests/tls_prf* | ||||
| tests/*test | ||||
| tests/tests.h | ||||
| tests/*test.c | ||||
| tests/memmem.c | ||||
| tests/pbkdf2* | ||||
| tests/*.pem | ||||
| tests/testssl | ||||
| tests/*.txt | ||||
| tests/compat/*.c | ||||
| !tests/optionstest.c | ||||
| !tests/*.test | ||||
|  | ||||
| @@ -114,10 +118,18 @@ include/pqueue.h | ||||
| include/tls.h | ||||
| include/openssl/*.h | ||||
|  | ||||
| /apps/ocspcheck/*.h | ||||
| /apps/ocspcheck/*.c | ||||
| /apps/ocspcheck/ocspcheck* | ||||
| /apps/ocspcheck/compat/inet_ntop.c | ||||
| /apps/ocspcheck/compat/memmem.c | ||||
|  | ||||
| /apps/nc/*.h | ||||
| /apps/nc/*.c | ||||
| /apps/nc/nc* | ||||
| !/apps/nc/readpassphrase.c | ||||
| /apps/nc/compat/*.c | ||||
|  | ||||
| /apps/openssl/*.h | ||||
| /apps/openssl/*.c | ||||
| /apps/openssl/*.cnf | ||||
| @@ -131,6 +143,8 @@ include/openssl/*.h | ||||
| !/crypto/compat/arc4random.h | ||||
| !/crypto/compat/b_win.c | ||||
| !/crypto/compat/explicit_bzero_win.c | ||||
| !/crypto/compat/freezero.c | ||||
| !/crypto/compat/getpagesize.c | ||||
| !/crypto/compat/posix_win.c | ||||
| !/crypto/compat/bsd_asprintf.c | ||||
| !/crypto/compat/inet_pton.c | ||||
| @@ -154,3 +168,4 @@ openbsd/ | ||||
|  | ||||
| *.tar.gz | ||||
| man/Makefile.am | ||||
| man/mandoc.db | ||||
|   | ||||
| @@ -10,15 +10,23 @@ matrix: | ||||
|     - compiler: clang | ||||
|       os: linux | ||||
|       env: ARCH=native | ||||
|       dist: trusty | ||||
|       sudo: required | ||||
|     - compiler: gcc | ||||
|       os: linux | ||||
|       env: ARCH=native | ||||
|       dist: trusty | ||||
|       sudo: required | ||||
|     - compiler: gcc | ||||
|       os: linux | ||||
|       env: ARCH=mingw32 | ||||
|       dist: trusty | ||||
|       sudo: required | ||||
|     - compiler: gcc | ||||
|       os: linux | ||||
|       env: ARCH=mingw64 | ||||
|       dist: trusty | ||||
|       sudo: required | ||||
|  | ||||
| script: | ||||
|   "./scripts/travis" | ||||
|   | ||||
							
								
								
									
										195
									
								
								CMakeLists.txt
									
									
									
									
									
								
							
							
						
						
									
										195
									
								
								CMakeLists.txt
									
									
									
									
									
								
							| @@ -1,27 +1,50 @@ | ||||
| cmake_minimum_required (VERSION 2.8) | ||||
| cmake_minimum_required (VERSION 2.8.8) | ||||
| include(CheckFunctionExists) | ||||
| include(CheckLibraryExists) | ||||
| include(CheckIncludeFiles) | ||||
| include(CheckTypeSize) | ||||
|  | ||||
| project (LibreSSL) | ||||
| set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}" ${CMAKE_MODULE_PATH}) | ||||
| include(cmake_export_symbol) | ||||
| include(GNUInstallDirs) | ||||
|  | ||||
| project (LibreSSL C) | ||||
|  | ||||
| enable_testing() | ||||
|  | ||||
| file(READ ${CMAKE_SOURCE_DIR}/ssl/VERSION SSL_VERSION) | ||||
| file(READ ${CMAKE_CURRENT_SOURCE_DIR}/ssl/VERSION SSL_VERSION) | ||||
| string(STRIP ${SSL_VERSION} SSL_VERSION) | ||||
| string(REPLACE ":" "." SSL_VERSION ${SSL_VERSION}) | ||||
| string(REGEX REPLACE "\\..*" "" SSL_MAJOR_VERSION ${SSL_VERSION}) | ||||
|  | ||||
| file(READ ${CMAKE_SOURCE_DIR}/crypto/VERSION CRYPTO_VERSION) | ||||
| file(READ ${CMAKE_CURRENT_SOURCE_DIR}/crypto/VERSION CRYPTO_VERSION) | ||||
| string(STRIP ${CRYPTO_VERSION} CRYPTO_VERSION) | ||||
| string(REPLACE ":" "." CRYPTO_VERSION ${CRYPTO_VERSION}) | ||||
| string(REGEX REPLACE "\\..*" "" CRYPTO_MAJOR_VERSION ${CRYPTO_VERSION}) | ||||
|  | ||||
| file(READ ${CMAKE_SOURCE_DIR}/tls/VERSION TLS_VERSION) | ||||
| file(READ ${CMAKE_CURRENT_SOURCE_DIR}/tls/VERSION TLS_VERSION) | ||||
| string(STRIP ${TLS_VERSION} TLS_VERSION) | ||||
| string(REPLACE ":" "." TLS_VERSION ${TLS_VERSION}) | ||||
| string(REGEX REPLACE "\\..*" "" TLS_MAJOR_VERSION ${TLS_VERSION}) | ||||
|  | ||||
| option(LIBRESSL_SKIP_INSTALL "Skip installation" ${LIBRESSL_SKIP_INSTALL}) | ||||
| option(ENABLE_ASM "Enable assembly" ON) | ||||
| option(ENABLE_EXTRATESTS "Enable extra tests that may be unreliable on some platforms" OFF) | ||||
| option(ENABLE_NC "Enable installing TLS-enabled nc(1)" OFF) | ||||
| option(ENABLE_VSTEST "Enable test on Visual Studio" OFF) | ||||
| set(OPENSSLDIR ${OPENSSLDIR} CACHE PATH "Set the default openssl directory" FORCE) | ||||
|  | ||||
| if(NOT LIBRESSL_SKIP_INSTALL) | ||||
| 	set( ENABLE_LIBRESSL_INSTALL ON ) | ||||
| endif(NOT LIBRESSL_SKIP_INSTALL) | ||||
|  | ||||
|  | ||||
| set(BUILD_NC true) | ||||
|  | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "Darwin") | ||||
| 	add_definitions(-fno-common) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "OpenBSD") | ||||
| 	add_definitions(-DHAVE_ATTRIBUTE__BOUNDED__) | ||||
| endif() | ||||
| @@ -33,9 +56,36 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux") | ||||
| 	add_definitions(-D_GNU_SOURCE) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "MINGW") | ||||
| 	set(BUILD_NC false) | ||||
| endif() | ||||
|  | ||||
| if(WIN32) | ||||
| 	set(BUILD_NC false) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "HP-UX") | ||||
| 	if(CMAKE_C_COMPILER MATCHES "gcc") | ||||
| 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -std=gnu99 -fno-strict-aliasing") | ||||
| 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mlp64") | ||||
| 	else() | ||||
| 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -O2 +DD64 +Otype_safety=off") | ||||
| 	endif() | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT") | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "SunOS") | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -std=gnu99 -fno-strict-aliasing") | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__EXTENSIONS__") | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600") | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DBSD_COMP") | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fpic -m64") | ||||
| endif() | ||||
|  | ||||
| add_definitions(-DLIBRESSL_INTERNAL) | ||||
| add_definitions(-DOPENSSL_NO_HW_PADLOCK) | ||||
| add_definitions(-DOPENSSL_NO_ASM) | ||||
| add_definitions(-D__BEGIN_HIDDEN_DECLS=) | ||||
| add_definitions(-D__END_HIDDEN_DECLS=) | ||||
|  | ||||
| set(CMAKE_POSITION_INDEPENDENT_CODE true) | ||||
|  | ||||
| @@ -43,32 +93,57 @@ if (CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang") | ||||
| 	add_definitions(-Wno-pointer-sign) | ||||
| endif() | ||||
|  | ||||
| if(MSVC) | ||||
| 	add_definitions(-Dinline=__inline) | ||||
| if(WIN32) | ||||
| 	add_definitions(-Drestrict) | ||||
| 	add_definitions(-D_CRT_SECURE_NO_WARNINGS) | ||||
| 	add_definitions(-D_CRT_DEPRECATED_NO_WARNINGS) | ||||
| 	add_definitions(-D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS) | ||||
| 	add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0501) | ||||
| 	add_definitions(-DCPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG -DNO_CRYPT) | ||||
| endif() | ||||
|  | ||||
| 	set(MSVC_DISABLED_WARNINGS_LIST | ||||
| 		"C4057" # C4057: 'initializing' : 'unsigned char *' differs in | ||||
| 		        # indirection to slightly different base types from 'char [2]' | ||||
| 		"C4100" # 'exarg' : unreferenced formal parameter | ||||
| 		"C4127" # conditional expression is constant | ||||
| 		"C4242" # 'function' : conversion from 'int' to 'uint8_t', | ||||
| 		        # possible loss of data | ||||
| 		"C4244" # 'function' : conversion from 'int' to 'uint8_t', | ||||
| 		        # possible loss of data | ||||
| 		"C4706" # assignment within conditional expression | ||||
| 		"C4820" # 'bytes' bytes padding added after construct 'member_name' | ||||
| 		"C4996" # 'read': The POSIX name for this item is deprecated. Instead, | ||||
| 		        # use the ISO C++ conformant name: _read. | ||||
| 	) | ||||
| if(MSVC) | ||||
| 	add_definitions(-Dinline=__inline) | ||||
| 	message(STATUS "Using [${CMAKE_C_COMPILER_ID}] compiler") | ||||
| 	if(CMAKE_C_COMPILER_ID MATCHES "MSVC") | ||||
| 		set(MSVC_DISABLED_WARNINGS_LIST | ||||
| 			"C4057" # C4057: 'initializing' : 'unsigned char *' differs in | ||||
| 		        	# indirection to slightly different base types from 'char [2]' | ||||
| 			"C4100" # 'exarg' : unreferenced formal parameter | ||||
| 			"C4127" # conditional expression is constant | ||||
| 			"C4242" # 'function' : conversion from 'int' to 'uint8_t', | ||||
| 			        # possible loss of data | ||||
| 			"C4244" # 'function' : conversion from 'int' to 'uint8_t', | ||||
| 			        # possible loss of data | ||||
| 			"C4267" # conversion from 'size_t' to 'some type that is almost | ||||
| 				# certainly safe to convert a size_t to'. | ||||
| 			"C4706" # assignment within conditional expression | ||||
| 			"C4820" # 'bytes' bytes padding added after construct 'member_name' | ||||
| 			"C4996" # 'read': The POSIX name for this item is deprecated. Instead, | ||||
| 			        # use the ISO C++ conformant name: _read. | ||||
| 		) | ||||
| 	elseif(CMAKE_C_COMPILER_ID MATCHES "Intel") | ||||
| 		add_definitions(-D_CRT_SUPPRESS_RESTRICT) | ||||
| 		set(MSVC_DISABLED_WARNINGS_LIST | ||||
| 			"C111"  # Unreachable statement | ||||
| 			"C128"  # Unreachable loop | ||||
| 			"C167"  # Unexplict casting unsigned to signed | ||||
| 			"C186"  # Pointless comparison of unsigned int with zero | ||||
| 			"C188"  # Enumerated type mixed with another type | ||||
| 			"C344"  # Redeclared type | ||||
| 			"C556"  # Unexplict casting signed to unsigned | ||||
| 			"C869"  # Unreferenced parameters | ||||
| 			"C1786" # Deprecated functions | ||||
| 			"C2545" # Empty else statement | ||||
| 			"C2557" # Comparing signed to unsigned | ||||
| 			"C2722" # List init syntax is c++11 feature | ||||
| 			"C3280" # Declaration hides variable | ||||
| 		) | ||||
| 	endif() | ||||
| 	string(REPLACE "C" " -wd" MSVC_DISABLED_WARNINGS_STR | ||||
| 		${MSVC_DISABLED_WARNINGS_LIST}) | ||||
| 	set(CMAKE_C_FLAGS  "-MP -W4 ${MSVC_DISABLED_WARNINGS_STR}") | ||||
| 	string(REGEX REPLACE "[/-]W[1234][ ]?" "" CMAKE_C_FLAGS ${CMAKE_C_FLAGS}) | ||||
| 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -MP -W4 ${MSVC_DISABLED_WARNINGS_STR}") | ||||
| endif() | ||||
|  | ||||
| check_function_exists(asprintf HAVE_ASPRINTF) | ||||
| @@ -106,7 +181,7 @@ if(HAVE_STRNDUP) | ||||
| 	add_definitions(-DHAVE_STRNDUP) | ||||
| endif() | ||||
|  | ||||
| if(MSVC) | ||||
| if(WIN32) | ||||
| 	set(HAVE_STRNLEN true) | ||||
| 	add_definitions(-DHAVE_STRNLEN) | ||||
| else() | ||||
| @@ -131,6 +206,11 @@ if(HAVE_ARC4RANDOM_BUF) | ||||
| 	add_definitions(-DHAVE_ARC4RANDOM_BUF) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(arc4random_uniform HAVE_ARC4RANDOM_UNIFORM) | ||||
| if(HAVE_ARC4RANDOM_UNIFORM) | ||||
| 	add_definitions(-DHAVE_ARC4RANDOM_UNIFORM) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(explicit_bzero HAVE_EXPLICIT_BZERO) | ||||
| if(HAVE_EXPLICIT_BZERO) | ||||
| 	add_definitions(-DHAVE_EXPLICIT_BZERO) | ||||
| @@ -146,6 +226,11 @@ if(HAVE_GETENTROPY) | ||||
| 	add_definitions(-DHAVE_GETENTROPY) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(getpagesize HAVE_GETPAGESIZE) | ||||
| if(HAVE_GETPAGESIZE) | ||||
| 	add_definitions(-DHAVE_GETPAGESIZE) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(timingsafe_bcmp HAVE_TIMINGSAFE_BCMP) | ||||
| if(HAVE_TIMINGSAFE_BCMP) | ||||
| 	add_definitions(-DHAVE_TIMINGSAFE_BCMP) | ||||
| @@ -156,12 +241,46 @@ if(HAVE_MEMCMP) | ||||
| 	add_definitions(-DHAVE_MEMCMP) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(memmem HAVE_MEMMEM) | ||||
| if(HAVE_MEMMEM) | ||||
| 	add_definitions(-DHAVE_MEMMEM) | ||||
| endif() | ||||
|  | ||||
| check_include_files(err.h HAVE_ERR_H) | ||||
| if(HAVE_ERR_H) | ||||
| 	add_definitions(-DHAVE_ERR_H) | ||||
| endif() | ||||
|  | ||||
| set(OPENSSL_LIBS ssl crypto) | ||||
| if(ENABLE_ASM) | ||||
| 	if("${CMAKE_C_COMPILER_ABI}" STREQUAL "ELF") | ||||
| 		if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "(x86_64|amd64)") | ||||
| 			set(HOST_ASM_ELF_X86_64 true) | ||||
| 		elseif(CMAKE_SYSTEM_NAME STREQUAL "SunOS" AND "${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "i386") | ||||
| 			set(HOST_ASM_ELF_X86_64 true) | ||||
| 		endif() | ||||
| 	elseif(APPLE AND "${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "x86_64") | ||||
| 		set(HOST_ASM_MACOSX_X86_64 true) | ||||
| 	endif() | ||||
| endif() | ||||
|  | ||||
| if(NOT (CMAKE_SYSTEM_NAME MATCHES "(Darwin|CYGWIN)")) | ||||
| 	set(BUILD_SHARED true) | ||||
| endif() | ||||
|  | ||||
| # USE_SHARED builds applications (e.g. openssl) using shared LibreSSL. | ||||
| # By default, applications use LibreSSL static library to avoid dependencies. | ||||
| # USE_SHARED isn't set by default; use -DUSE_SHARED=ON with CMake to enable. | ||||
| # Can be helpful for debugging; don't use for public releases. | ||||
| if(NOT BUILD_SHARED) | ||||
| 	set(USE_SHARED off) | ||||
| endif() | ||||
|  | ||||
| if(USE_SHARED) | ||||
| 	set(OPENSSL_LIBS tls-shared ssl-shared crypto-shared) | ||||
| else() | ||||
| 	set(OPENSSL_LIBS tls ssl crypto) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_HOST_WIN32) | ||||
| 	set(OPENSSL_LIBS ${OPENSSL_LIBS} ws2_32) | ||||
| endif() | ||||
| @@ -171,10 +290,20 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux") | ||||
| 		set(OPENSSL_LIBS ${OPENSSL_LIBS} rt) | ||||
| 	endif() | ||||
| endif() | ||||
|  | ||||
| if(NOT (CMAKE_SYSTEM_NAME MATCHES "Darwin" OR MSVC)) | ||||
| 	set(BUILD_SHARED true) | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "HP-UX") | ||||
| 	set(OPENSSL_LIBS ${OPENSSL_LIBS} pthread) | ||||
| endif() | ||||
| if(CMAKE_SYSTEM_NAME MATCHES "SunOS") | ||||
| 	set(OPENSSL_LIBS ${OPENSSL_LIBS} nsl socket) | ||||
| endif() | ||||
|  | ||||
| check_type_size(time_t SIZEOF_TIME_T) | ||||
| if(SIZEOF_TIME_T STREQUAL "4") | ||||
| 	set(SMALL_TIME_T true) | ||||
| 	message(WARNING " ** Warning, this system is unable to represent times past 2038\n" | ||||
| 	                " ** It will behave incorrectly when handling valid RFC5280 dates") | ||||
| endif() | ||||
| add_definitions(-DSIZEOF_TIME_T=${SIZEOF_TIME_T}) | ||||
|  | ||||
| add_subdirectory(crypto) | ||||
| add_subdirectory(ssl) | ||||
| @@ -183,5 +312,15 @@ add_subdirectory(tls) | ||||
| add_subdirectory(include) | ||||
| if(NOT MSVC) | ||||
| 	add_subdirectory(man) | ||||
| endif() | ||||
| if(NOT MSVC OR ENABLE_VSTEST) | ||||
| 	add_subdirectory(tests) | ||||
| endif() | ||||
|  | ||||
| configure_file( | ||||
| 	"${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in" | ||||
| 	"${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake" | ||||
| 	IMMEDIATE @ONLY) | ||||
|  | ||||
| add_custom_target(uninstall | ||||
| 	COMMAND ${CMAKE_COMMAND} -P ${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake) | ||||
|   | ||||
							
								
								
									
										330
									
								
								ChangeLog
									
									
									
									
									
								
							
							
						
						
									
										330
									
								
								ChangeLog
									
									
									
									
									
								
							| @@ -28,25 +28,261 @@ history is also available from Git. | ||||
|  | ||||
| LibreSSL Portable Release Notes: | ||||
|  | ||||
| 2.3.10 - Security and compatibility fixes | ||||
| 2.6.0 - New APIs, bug fixes and improvements | ||||
|  | ||||
| 	* Added support for providing CRLs to libtls. Once a CRL is provided we | ||||
| 	  enable CRL checking for the full certificate chain. Based on a diff | ||||
| 	  from Jack Burton | ||||
|  | ||||
| 	* Allow non-compliant clients using IP literal addresses with SNI | ||||
| 	  to connect to a server using libtls. | ||||
|  | ||||
| 	* Avoid a potential NULL pointer dereference in d2i_ECPrivateKey(). | ||||
| 	  Reported by Robert Swiecki, who found the issue using honggfuzz. | ||||
|  | ||||
| 	* Added definitions for three OIDs used in EV certificates. | ||||
| 	  From Kyle J. McKay | ||||
|  | ||||
| 	* Plugged a memory leak in tls_ocsp_free. | ||||
|  | ||||
| 	* Added tls_peer_cert_chain_pem, tls_cert_hash, and tls_hex_string to | ||||
| 	  libtls, useful in private certificate validation callbacks such as | ||||
| 	  those in relayd. | ||||
|  | ||||
| 	* Converted explicit lear/free sequences to use freezero(3). | ||||
|  | ||||
| 	* Reworked TLS certificate name verification code to more strictly | ||||
| 	  follow RFC 6125. | ||||
|  | ||||
| 	* Cleaned up and simplified server key exchange EC point handling. | ||||
|  | ||||
| 	* Added tls_keypair_clear_key for clearing key material. | ||||
|  | ||||
| 	* Removed inconsistent IPv6 handling from BIO_get_accept_socket, | ||||
| 	  simplified BIO_get_host_ip and BIO_accept. | ||||
|  | ||||
| 	* Fixed the openssl(1) ca command so that is generates certificates | ||||
| 	  with RFC 5280-conformant time. Problem noticed by Harald Dunkel. | ||||
|  | ||||
| 	* Added ASN1_TIME_set_tm to set an asn1 from a struct tm * | ||||
|  | ||||
| 	* Added SSL{,_CTX}_set_{min,max}_proto_version() functions. | ||||
|  | ||||
| 	* Added HKDF (HMAC Key Derivation Function) from BoringSSL | ||||
|  | ||||
| 	* Providea a tls_unload_file() function that frees the memory returned | ||||
| 	  from a tls_load_file() call, ensuring that it the contents become | ||||
| 	  inaccessible. This is specifically needed on platforms where the | ||||
| 	  library allocators may be different from the application allocator. | ||||
|  | ||||
| 	* Perform reference counting for tls_config. This allows | ||||
| 	  tls_config_free() to be called as soon as it has been passed to the | ||||
| 	  final tls_configure() call, simplifying lifetime tracking for the | ||||
| 	  application. | ||||
|  | ||||
| 	* Moved internal state of SSL and other structures to be opaque. | ||||
|  | ||||
| 	* Dropped cipher suites with DSS authentication. | ||||
|  | ||||
| 	* nc(1) improvements, including: | ||||
| 	   nc -W to terminate nc after receiving a number of packets | ||||
| 	   nc -Z for saving the peer certificate and chain in a pem file | ||||
|  | ||||
| 2.5.5 - Bug fixes | ||||
|  | ||||
| 	* Distinguish between self-issued certificates and self-signed | ||||
| 	  certificates. The certificate verification code has special cases | ||||
| 	  for self-signed certificates and without this change, self-issued | ||||
| 	  certificates (which it seems are common place with | ||||
| 	  openvpn/easyrsa) were also being included in this category. | ||||
|  | ||||
| 	* Added getpagesize fallback, needed for Android bionic libc. | ||||
|  | ||||
| 2.5.4 - Security Updates | ||||
|  | ||||
| 	* Revert a previous change that forced consistency between return | ||||
| 	  value and error code when specifing a certificate verification | ||||
| 	  callback, since this breaks the documented API. When a user supplied | ||||
| 	  callback always returns 1, and later code checks the error code to | ||||
| 	  potentially abort post verification, this will result in incorrect | ||||
| 	  successul certificate verification. | ||||
|  | ||||
| 	* Switched Linux getrandom() usage to non-blocking mode, continuing to | ||||
| 	  use fallback mechanims if unsuccessful. This works around a design | ||||
| 	  flaw in Linux getrandom(2) where early boot usage in a library makes | ||||
| 	  it impossible to recover if getrandom(2) is not yet initialized. | ||||
|  | ||||
| 	* Fixed a bug caused by the return value being set early to signal | ||||
| 	  successful DTLS cookie validation. This can mask a later failure and | ||||
| 	  result in a positive return value being returned from | ||||
| 	  ssl3_get_client_hello(), when it should return a negative value to | ||||
| 	  propagate the error. | ||||
|  | ||||
| 	* Fixed a build error on non-x86/x86_64 systems running Solaris. | ||||
|  | ||||
| 2.5.3 - OpenBSD 6.1 Release | ||||
|  | ||||
| 	* Documentation updates | ||||
|  | ||||
| 	* Improved ocspcheck(1) error handling | ||||
|  | ||||
| 2.5.2 - Security features and bugfixes | ||||
|  | ||||
| 	* Added the recallocarray(3) memory allocation function, and converted | ||||
| 	  various places in the library to use it, such as CBB and BUF_MEM_grow. | ||||
| 	  recallocarray(3) is similar to reallocarray. Newly allocated memory | ||||
| 	  is cleared similar to calloc(3). Memory that becomes unallocated | ||||
| 	  while shrinking or moving existing allocations is explicitly | ||||
| 	  discarded by unmapping or clearing to 0 | ||||
|  | ||||
| 	* Added new root CAs from SECOM Trust Systems / Security Communication | ||||
| 	  of Japan. | ||||
|  | ||||
| 	* Added EVP interface for MD5+SHA1 hashes. | ||||
|  | ||||
| 	* Fixed DTLS client failures when the server sends a certificate | ||||
| 	  request. | ||||
|  | ||||
| 	* Correct handling of padding when upgrading an SSLv2 challenge into | ||||
| 	  an SSLv3/TLS connection. | ||||
|  | ||||
| 	* Allow protocols and ciphers to be set on a TLS config object in | ||||
| 	  libtls. | ||||
|  | ||||
| 	* Improved nc(1) TLS handshake CPU usage and server-side error | ||||
| 	  reporting. | ||||
|  | ||||
| 2.5.1 - Bug and security fixes, new features, documentation updates | ||||
|  | ||||
| 	* X509_cmp_time() now passes a malformed GeneralizedTime field as an | ||||
| 	  error. Reported by Theofilos Petsios. | ||||
|  | ||||
| 	* Detect zero-length encrypted session data early, instead of when | ||||
| 	  malloc(0) fails or the HMAC check fails. Noted independently by | ||||
| 	  jsing@ and Kurt Cancemi. | ||||
|  | ||||
| 	* Check for and handle failure of HMAC_{Update,Final} or | ||||
| 	  EVP_DecryptUpdate(). | ||||
|  | ||||
| 	* Massive update and normalization of manpages, conversion to | ||||
| 	  mandoc format. Many pages were rewritten for clarity and accuracy. | ||||
| 	  Portable doc links are up-to-date with a new conversion tool. | ||||
|  | ||||
| 	* Curve25519 Key Exchange support. | ||||
|  | ||||
| 	* Support for alternate chains for certificate verification. | ||||
|  | ||||
| 	* Code cleanups, CBS conversions, further unification of DTLS/SSL | ||||
| 	  handshake code, further ASN1 macro expansion and removal. | ||||
|  | ||||
| 	* Private symbol are now hidden in libssl and libcryto. | ||||
|  | ||||
| 	* Friendly certificate verification error messages in libtls, peer | ||||
| 	  verification is now always enabled. | ||||
|  | ||||
| 	* Added OCSP stapling support to libtls and netcat. | ||||
|  | ||||
| 	* Added ocspcheck utility to validate a certificate against its OCSP | ||||
| 	  responder and save the reply for stapling | ||||
|  | ||||
| 	* Enhanced regression tests and error handling for libtls. | ||||
|  | ||||
| 	* Added explicit constant and non-constant time BN functions, | ||||
| 	  defaulting to constant time wherever possible. | ||||
|  | ||||
| 	* Moved many leaked implementation details in public structs behind | ||||
| 	  opaque pointers. | ||||
|  | ||||
| 	* Added ticket support to libtls. | ||||
|  | ||||
| 	* Added support for setting the supported EC curves via | ||||
| 	  SSL{_CTX}_set1_groups{_list}() - also provide defines for the previous | ||||
| 	  SSL{_CTX}_set1_curves{_list} names. This also changes the default | ||||
| 	  list of curves to be X25519, P-256 and P-384. All other curves must | ||||
| 	  be manually enabled. | ||||
|  | ||||
| 	* Added -groups option to openssl(1) s_client for specifying the curves | ||||
| 	  to be used in a colon-separated list. | ||||
|  | ||||
| 	* Merged client/server version negotiation code paths into one, | ||||
| 	  reducing much duplicate code. | ||||
|  | ||||
| 	* Removed error function codes from libssl and libcrypto. | ||||
|  | ||||
| 	* Fixed an issue where a truncated packet could crash via an OOB read. | ||||
|  | ||||
| 	* Added SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows | ||||
| 	  client-initiated renegotiation. This is the default for libtls | ||||
| 	  servers. | ||||
|  | ||||
| 	* Avoid a side-channel cache-timing attack that can leak the ECDSA | ||||
| 	  private keys when signing. This is due to BN_mod_inverse() being | ||||
| 	  used without the constant time flag being set. | ||||
|  | ||||
| 	  This issue was reported by Cesar Pereida Garcia and Billy Brumley | ||||
| 	  (Tampere University of Technology). The fix was developed by Cesar | ||||
| 	  Pereida Garcia. | ||||
| 	  used without the constant time flag being set. Reported by Cesar | ||||
| 	  Pereida Garcia and Billy Brumley (Tampere University of Technology). | ||||
| 	  The fix was developed by Cesar Pereida Garcia. | ||||
|  | ||||
| 	* iOS and MacOS compatibility updates from Simone Basso and Jacob | ||||
| 	  Berkman. | ||||
|  | ||||
| 2.3.9 - Reliability improvements | ||||
|  | ||||
| 	* Avoid continual processing of an unlimited number of TLS records, | ||||
| 	  which can cause a denial-of-service condition. | ||||
| 2.5.0 - New APIs, bug fixes and improvements | ||||
|  | ||||
| 2.3.8 - Security and reliability fixes | ||||
| 	* libtls now supports ALPN and SNI | ||||
|  | ||||
| 	* libtls adds a new callback interface for integrating custom IO | ||||
| 	  functions. Thanks to Tobias Pape. | ||||
|  | ||||
| 	* libtls now handles 4 cipher suite groups: | ||||
| 	    "secure" (TLSv1.2+AEAD+PFS) | ||||
| 	    "compat" (HIGH:!aNULL) | ||||
| 	    "legacy" (HIGH:MEDIUM:!aNULL) | ||||
| 	    "insecure" (ALL:!aNULL:!eNULL) | ||||
|  | ||||
| 	    This allows for flexibility and finer grained control, rather than | ||||
| 	    having two extremes (an issue raised by Marko Kreen some time ago). | ||||
|  | ||||
| 	* Tightened error handling for tls_config_set_ciphers(). | ||||
|  | ||||
| 	* libtls now always loads CA, key and certificate files at the time the | ||||
| 	  configuration function is called. This simplifies code and results in | ||||
| 	  a single memory based code path being used to provide data to libssl. | ||||
|  | ||||
| 	* Add support for OCSP intermediate certificates. | ||||
|  | ||||
| 	* Added functions used by stunnel and exim from BoringSSL - this | ||||
| 	  brings in X509_check_host, X509_check_email, X509_check_ip, and | ||||
| 	  X509_check_ip_asc. | ||||
|  | ||||
| 	* Added initial support for iOS, thanks to Jacob Berkman. | ||||
|  | ||||
| 	* Improved behavior of arc4random on Windows when using memory leak | ||||
| 	  analysis software. | ||||
|  | ||||
| 	* Correctly handle an EOF that occurs prior to the TLS handshake | ||||
| 	  completing. Reported by Vasily Kolobkov, based on a diff from Marko | ||||
| 	  Kreen. | ||||
|  | ||||
| 	* Limit the support of the "backward compatible" ssl2 handshake to | ||||
| 	  only be used if TLS 1.0 is enabled. | ||||
|  | ||||
| 	* Fix incorrect results in certain cases on 64-bit systems when | ||||
| 	  BN_mod_word() can return incorrect results. BN_mod_word() now can | ||||
| 	  return an error condition. Thanks to Brian Smith. | ||||
|  | ||||
| 	* Added constant-time updates to address CVE-2016-0702 | ||||
|  | ||||
| 	* Fixed undefined behavior in BN_GF2m_mod_arr() | ||||
|  | ||||
| 	* Removed unused Cryptographic Message Support (CMS) | ||||
|  | ||||
| 	* More conversions of long long idioms to time_t | ||||
|  | ||||
| 	* Improved compatibility by avoiding printing NULL strings with | ||||
| 	  printf. | ||||
|  | ||||
| 	* Reverted change that cleans up the EVP cipher context in | ||||
| 	  EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the | ||||
| 	  previous behaviour. | ||||
|  | ||||
| 	* Avoid unbounded memory growth in libssl, which can be triggered by a | ||||
| 	  TLS client repeatedly renegotiating and sending OCSP Status Request | ||||
| @@ -55,25 +291,79 @@ LibreSSL Portable Release Notes: | ||||
| 	* Avoid falling back to a weak digest for (EC)DH when using SNI with | ||||
| 	  libssl. | ||||
|  | ||||
| 2.3.7 - OCSP fixes | ||||
| 2.4.2 - Bug fixes and improvements | ||||
|  | ||||
| 	* Fix several issues in the OCSP code that could result in the | ||||
| 	  incorrect generation and parsing of OCSP requests. This remediates a | ||||
| 	  lack of error checking on time parsing in these functions, and | ||||
| 	  ensures that only GENERALIZEDTIME formats are accepted for OCSP, as | ||||
| 	  per RFC 6960. | ||||
| 	* Fixed loading default certificate locations with openssl s_client. | ||||
|  | ||||
| 	  Issues reported, and fixes provided by  Kazuki Yamaguchi <k@rhe.jp> | ||||
| 	  and Kinichiro Inoguchi <kinichiro.inoguchi@gmail.com> | ||||
| 	* Ensured OCSP only uses and compares GENERALIZEDTIME values as per | ||||
| 	  RFC6960. Also added fixes for OCSP to work with intermediate | ||||
| 	  certificates provided in responses. | ||||
|  | ||||
| 2.3.6 - Security fix | ||||
| 	* Improved behavior of arc4random on Windows to not appear to leak | ||||
| 	  memory in debug tools, reduced privileges of allocated memory. | ||||
|  | ||||
| 	* Fixed incorrect results from BN_mod_word() when the modulus is too | ||||
| 	  large, thanks to Brian Smith from BoringSSL. | ||||
|  | ||||
| 	* Correctly handle an EOF prior to completing the TLS handshake in | ||||
| 	  libtls. | ||||
|  | ||||
| 	* Improved libtls ceritificate loading and cipher string validation. | ||||
|  | ||||
| 	* Updated libtls cipher group suites into four categories: | ||||
| 	    "secure"   (TLSv1.2+AEAD+PFS) | ||||
| 	    "compat"   (HIGH:!aNULL) | ||||
| 	    "legacy"   (HIGH:MEDIUM:!aNULL) | ||||
| 	    "insecure" (ALL:!aNULL:!eNULL) | ||||
| 	  This allows for flexibility and finer grained control, rather than | ||||
| 	  having two extremes. | ||||
|  | ||||
| 	* Limited support for 'backward compatible' SSLv2 handshake packets to | ||||
| 	  when TLS 1.0 is enabled, providing more restricted compatibility | ||||
| 	  with TLS 1.0 clients. | ||||
|  | ||||
| 	* openssl(1) and other documentation improvements. | ||||
|  | ||||
| 	* Removed flags for disabling constant-time operations. | ||||
| 	  This removes support for DSA_FLAG_NO_EXP_CONSTTIME, | ||||
| 	  DH_FLAG_NO_EXP_CONSTTIME, and RSA_FLAG_NO_CONSTTIME flags, making | ||||
| 	  all of these operations unconditionally constant-time. | ||||
|  | ||||
|  | ||||
| 2.4.1 - Security fix | ||||
|  | ||||
| 	* Correct a problem that prevents the DSA signing algorithm from | ||||
| 	  running in constant time even if the flag BN_FLG_CONSTTIME is set. | ||||
| 	  This issue was reported by Cesar Pereida (Aalto University), Billy | ||||
| 	  Brumley (Tampere University of Technology), and Yuval Yarom (The | ||||
| 	  University of Adelaide and NICTA). The fix was developed by Cesar | ||||
| 	  Pereida. See OpenBSD 5.9 errata 11, June 6, 2016 | ||||
| 	  Pereida. | ||||
|  | ||||
| 2.4.0 - Build improvements, new features | ||||
|  | ||||
| 	* Many improvements to the CMake build infrastructure, including | ||||
| 	  Solaris, mingw-w64, Cygwin, and HP-UX support. Thanks to Kinichiro | ||||
| 	  Inoguchi for this work. | ||||
|  | ||||
| 	* Added missing error handling around bn_wexpand() calls. | ||||
|  | ||||
| 	* Added explicit_bzero calls for freed ASN.1 objects. | ||||
|  | ||||
| 	* Fixed X509_*set_object functions to return 0 on allocation failure. | ||||
|  | ||||
| 	* Implemented the IETF ChaCha20-Poly1305 cipher suites. | ||||
|  | ||||
| 	* Changed default EVP_aead_chacha20_poly1305() implementation to the | ||||
| 	  IETF version, which is now the default. | ||||
|  | ||||
| 	* Fixed password prompts from openssl(1) to properly handle ^C. | ||||
|  | ||||
| 	* Reworked error handling in libtls so that configuration errors are | ||||
| 	  visible. | ||||
|  | ||||
| 	* Deprecated internal use of EVP_[Cipher|Encrypt|Decrypt]_Final. | ||||
|  | ||||
| 	* Manpage fixes and updates | ||||
|  | ||||
| 2.3.5 - Reliability fix | ||||
|  | ||||
|   | ||||
| @@ -5,7 +5,7 @@ pkgconfigdir = $(libdir)/pkgconfig | ||||
| pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc | ||||
|  | ||||
| EXTRA_DIST = README.md README.windows VERSION config scripts | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
| EXTRA_DIST += CMakeLists.txt cmake_export_symbol.cmake cmake_uninstall.cmake.in | ||||
|  | ||||
| .PHONY: install_sw | ||||
| install_sw: install | ||||
|   | ||||
| @@ -1,2 +1,3 @@ | ||||
| AM_CFLAGS = | ||||
| AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/include/compat -DLIBRESSL_INTERNAL | ||||
| AM_CPPFLAGS += -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= | ||||
|   | ||||
| @@ -1 +1 @@ | ||||
| OPENBSD_5_9 | ||||
| master | ||||
|   | ||||
							
								
								
									
										14
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										14
									
								
								README.md
									
									
									
									
									
								
							| @@ -30,7 +30,7 @@ At the time of this writing, LibreSSL is know to build and work on: | ||||
|  | ||||
| * Linux (kernel 3.17 or later recommended) | ||||
| * FreeBSD (tested with 9.2 and later) | ||||
| * NetBSD (tested with 6.1.5) | ||||
| * NetBSD (7.0 or later recommended) | ||||
| * HP-UX (11i) | ||||
| * Solaris (11 and later preferred) | ||||
| * Mac OS X (tested with 10.8 and later) | ||||
| @@ -131,3 +131,15 @@ install CMake, enter the LibreSSL source directory and run: | ||||
|  | ||||
| This will generate a LibreSSL.sln file that you can incorporate into other | ||||
| projects or build by itself. | ||||
|  | ||||
| #### Cmake - Additional Options #### | ||||
|  | ||||
| | Option Name | Default | Description  | ||||
| | ------------ | -----: | ------  | ||||
| |  LIBRESSL_SKIP_INSTALL | OFF | allows skipping install() rules.  Can be specified from command line using <br>```-DLIBRESSL_SKIP_INSTALL=ON``` | | ||||
| |  ENABLE_ASM | ON | builds assembly optimized rules. | | ||||
| |  ENABLE_EXTRATESTS | OFF | Enable extra tests that may be unreliable on some platforms | | ||||
| |  ENABLE_NC | OFF | Enable installing TLS-enabled nc(1) | | ||||
| |  ENABLE_VSTEST | OFF | Enable test on Visual Studio | | ||||
| |  OPENSSLDIR | Blank | Set the default openssl directory.  Can be specified from command line using <br>```-DOPENSSLDIR=<dirname>``` | | ||||
|  | ||||
|   | ||||
| @@ -12,7 +12,8 @@ cross compilers on Windows. | ||||
| To configure and build LibreSSL for a 32-bit system, use the following | ||||
| build steps: | ||||
|  | ||||
|  CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 | ||||
|  CC=i686-w64-mingw32-gcc CPPFLAGS=-D__MINGW_USE_VC2005_COMPAT \ | ||||
|  ./configure --host=i686-w64-mingw32 | ||||
|  make | ||||
|  make check | ||||
|  | ||||
| @@ -22,6 +23,25 @@ For 64-bit builds, use these instead: | ||||
|  make | ||||
|  make check | ||||
|  | ||||
| # Why the -D__MINGW_USE_VC2005_COMPAT flag on 32-bit systems? | ||||
|  | ||||
| An ABI change introduced with Microsoft Visual C++ 2005 (also known as | ||||
| Visual C++ 8.0) switched time_t from 32-bit to 64-bit. It is important to | ||||
| build LibreSSL with 64-bit time_t whenever possible, because 32-bit time_t | ||||
| is unable to represent times past 2038 (this is commonly known as the | ||||
| Y2K38 problem). | ||||
|  | ||||
| If LibreSSL is built with 32-bit time_t, when verifying a certificate whose | ||||
| expiry date is set past 19 January 2038, it will be unable to tell if the | ||||
| certificate has expired or not, and thus take the safe stance and reject it. | ||||
|  | ||||
| In order to avoid this, you need to build LibreSSL (and everything that links | ||||
| with it) with the -D__MINGW_USE_VC2005_COMPAT flag. This tells mingw-w64 to | ||||
| use the new ABI. | ||||
|  | ||||
| 64-bit systems always have a 64-bit time_t and are not affected by this | ||||
| problem. | ||||
|  | ||||
| # Using Libressl with Visual Studio | ||||
|  | ||||
| A script for generating ready-to-use .DLL and static .LIB files is included in | ||||
|   | ||||
| @@ -1,80 +1,3 @@ | ||||
| include_directories( | ||||
| 	. | ||||
| 	../include | ||||
| 	../include/compat | ||||
| ) | ||||
|  | ||||
| set( | ||||
| 	OPENSSL_SRC | ||||
| 	openssl/apps.c | ||||
| 	openssl/asn1pars.c | ||||
| 	openssl/ca.c | ||||
| 	openssl/ciphers.c | ||||
| 	openssl/cms.c | ||||
| 	openssl/crl.c | ||||
| 	openssl/crl2p7.c | ||||
| 	openssl/dgst.c | ||||
| 	openssl/dh.c | ||||
| 	openssl/dhparam.c | ||||
| 	openssl/dsa.c | ||||
| 	openssl/dsaparam.c | ||||
| 	openssl/ec.c | ||||
| 	openssl/ecparam.c | ||||
| 	openssl/enc.c | ||||
| 	openssl/errstr.c | ||||
| 	openssl/gendh.c | ||||
| 	openssl/gendsa.c | ||||
| 	openssl/genpkey.c | ||||
| 	openssl/genrsa.c | ||||
| 	openssl/nseq.c | ||||
| 	openssl/ocsp.c | ||||
| 	openssl/openssl.c | ||||
| 	openssl/passwd.c | ||||
| 	openssl/pkcs12.c | ||||
| 	openssl/pkcs7.c | ||||
| 	openssl/pkcs8.c | ||||
| 	openssl/pkey.c | ||||
| 	openssl/pkeyparam.c | ||||
| 	openssl/pkeyutl.c | ||||
| 	openssl/prime.c | ||||
| 	openssl/rand.c | ||||
| 	openssl/req.c | ||||
| 	openssl/rsa.c | ||||
| 	openssl/rsautl.c | ||||
| 	openssl/s_cb.c | ||||
| 	openssl/s_client.c | ||||
| 	openssl/s_server.c | ||||
| 	openssl/s_socket.c | ||||
| 	openssl/s_time.c | ||||
| 	openssl/sess_id.c | ||||
| 	openssl/smime.c | ||||
| 	openssl/speed.c | ||||
| 	openssl/spkac.c | ||||
| 	openssl/ts.c | ||||
| 	openssl/verify.c | ||||
| 	openssl/version.c | ||||
| 	openssl/x509.c | ||||
| ) | ||||
|  | ||||
| if(CMAKE_HOST_UNIX) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/apps_posix.c) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/certhash.c) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_HOST_WIN32) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/apps_win.c) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/certhash_win.c) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/compat/poll_win.c) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(strtonum HAVE_STRTONUM) | ||||
| if(HAVE_STRTONUM) | ||||
| 	add_definitions(-DHAVE_STRTONUM) | ||||
| else() | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/compat/strtonum.c) | ||||
| endif() | ||||
|  | ||||
| add_executable(openssl ${OPENSSL_SRC}) | ||||
| target_link_libraries(openssl ${OPENSSL_LIBS}) | ||||
|  | ||||
| install(TARGETS openssl DESTINATION bin) | ||||
| add_subdirectory(ocspcheck) | ||||
| add_subdirectory(openssl) | ||||
| add_subdirectory(nc) | ||||
|   | ||||
| @@ -1,5 +1,5 @@ | ||||
| include $(top_srcdir)/Makefile.am.common | ||||
|  | ||||
| SUBDIRS = openssl nc | ||||
| SUBDIRS = ocspcheck openssl nc | ||||
|  | ||||
| EXTRA_DIST = CMakeLists.txt | ||||
|   | ||||
							
								
								
									
										62
									
								
								apps/nc/CMakeLists.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										62
									
								
								apps/nc/CMakeLists.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,62 @@ | ||||
| if(BUILD_NC) | ||||
|  | ||||
| include_directories( | ||||
| 	. | ||||
| 	./compat | ||||
| 	../../include | ||||
| 	../../include/compat | ||||
| ) | ||||
|  | ||||
| set( | ||||
| 	NC_SRC | ||||
| 	atomicio.c | ||||
| 	netcat.c | ||||
| 	socks.c | ||||
| 	compat/socket.c | ||||
| ) | ||||
|  | ||||
| check_function_exists(b64_ntop HAVE_B64_NTOP) | ||||
| if(HAVE_B64_NTOP) | ||||
| 	add_definitions(-DHAVE_B64_NTOP) | ||||
| else() | ||||
| 	set(NC_SRC ${NC_SRC} compat/base64.c) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(accept4 HAVE_ACCEPT4) | ||||
| if(HAVE_ACCEPT4) | ||||
| 	add_definitions(-DHAVE_ACCEPT4) | ||||
| else() | ||||
| 	set(NC_SRC ${NC_SRC} compat/accept4.c) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(readpassphrase HAVE_READPASSPHRASE) | ||||
| if(HAVE_READPASSPHRASE) | ||||
| 	add_definitions(-DHAVE_READPASSPHRASE) | ||||
| else() | ||||
| 	set(NC_SRC ${NC_SRC} compat/readpassphrase.c) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(strtonum HAVE_STRTONUM) | ||||
| if(HAVE_STRTONUM) | ||||
| 	add_definitions(-DHAVE_STRTONUM) | ||||
| else() | ||||
| 	set(NC_SRC ${NC_SRC} compat/strtonum.c) | ||||
| endif() | ||||
|  | ||||
| if(NOT "${OPENSSLDIR}" STREQUAL "") | ||||
| 	add_definitions(-DDEFAULT_CA_FILE=\"${OPENSSLDIR}/cert.pem\") | ||||
| else() | ||||
| 	add_definitions(-DDEFAULT_CA_FILE=\"${CMAKE_INSTALL_PREFIX}/etc/ssl/cert.pem\") | ||||
| endif() | ||||
|  | ||||
| add_executable(nc ${NC_SRC}) | ||||
| target_link_libraries(nc tls ${OPENSSL_LIBS}) | ||||
|  | ||||
| if(ENABLE_NC) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS nc DESTINATION ${CMAKE_INSTALL_BINDIR}) | ||||
| 		install(FILES nc.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| endif() | ||||
|  | ||||
| endif() | ||||
| @@ -4,23 +4,20 @@ if BUILD_NC | ||||
|  | ||||
| if ENABLE_NC | ||||
| bin_PROGRAMS = nc | ||||
| dist_man_MANS = nc.1 | ||||
| else | ||||
| noinst_PROGRAMS = nc | ||||
| endif | ||||
|  | ||||
| EXTRA_DIST = nc.1 | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
|  | ||||
| nc_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
| nc_LDADD += $(abs_top_builddir)/crypto/libcrypto.la | ||||
| nc_LDADD = $(abs_top_builddir)/crypto/libcrypto.la | ||||
| nc_LDADD += $(abs_top_builddir)/ssl/libssl.la | ||||
| nc_LDADD += $(abs_top_builddir)/tls/libtls.la | ||||
| nc_LDADD += $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
|  | ||||
| AM_CPPFLAGS += -I$(top_srcdir)/apps/nc/compat | ||||
| if OPENSSLDIR_DEFINED | ||||
| AM_CPPFLAGS += -DDEFAULT_CA_FILE=\"@OPENSSLDIR@/cert.pem\" | ||||
| else | ||||
| AM_CPPFLAGS += -DDEFAULT_CA_FILE=\"$(sysconfdir)/ssl/cert.pem\" | ||||
| endif | ||||
|  | ||||
| nc_SOURCES = atomicio.c | ||||
| nc_SOURCES += netcat.c | ||||
|   | ||||
| @@ -1,315 +0,0 @@ | ||||
| /*	$OpenBSD: base64.c,v 1.8 2015/01/16 16:48:51 deraadt Exp $	*/ | ||||
|  | ||||
| /* | ||||
|  * Copyright (c) 1996 by Internet Software Consortium. | ||||
|  * | ||||
|  * Permission to use, copy, modify, and distribute this software for any | ||||
|  * purpose with or without fee is hereby granted, provided that the above | ||||
|  * copyright notice and this permission notice appear in all copies. | ||||
|  * | ||||
|  * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS | ||||
|  * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES | ||||
|  * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE | ||||
|  * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL | ||||
|  * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR | ||||
|  * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS | ||||
|  * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS | ||||
|  * SOFTWARE. | ||||
|  */ | ||||
|  | ||||
| /* | ||||
|  * Portions Copyright (c) 1995 by International Business Machines, Inc. | ||||
|  * | ||||
|  * International Business Machines, Inc. (hereinafter called IBM) grants | ||||
|  * permission under its copyrights to use, copy, modify, and distribute this | ||||
|  * Software with or without fee, provided that the above copyright notice and | ||||
|  * all paragraphs of this notice appear in all copies, and that the name of IBM | ||||
|  * not be used in connection with the marketing of any product incorporating | ||||
|  * the Software or modifications thereof, without specific, written prior | ||||
|  * permission. | ||||
|  * | ||||
|  * To the extent it has a right to do so, IBM grants an immunity from suit | ||||
|  * under its patents, if any, for the use, sale or manufacture of products to | ||||
|  * the extent that such products are used for performing Domain Name System | ||||
|  * dynamic updates in TCP/IP networks by means of the Software.  No immunity is | ||||
|  * granted for any product per se or for any other function of any product. | ||||
|  * | ||||
|  * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, | ||||
|  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A | ||||
|  * PARTICULAR PURPOSE.  IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, | ||||
|  * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING | ||||
|  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN | ||||
|  * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. | ||||
|  */ | ||||
|  | ||||
| #include <sys/types.h> | ||||
| #include <sys/socket.h> | ||||
| #include <netinet/in.h> | ||||
| #include <arpa/inet.h> | ||||
| #include <arpa/nameser.h> | ||||
|  | ||||
| #include <ctype.h> | ||||
| #include <resolv.h> | ||||
| #include <stdio.h> | ||||
|  | ||||
| #include <stdlib.h> | ||||
| #include <string.h> | ||||
|  | ||||
| static const char Base64[] = | ||||
| 	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; | ||||
| static const char Pad64 = '='; | ||||
|  | ||||
| /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) | ||||
|    The following encoding technique is taken from RFC 1521 by Borenstein | ||||
|    and Freed.  It is reproduced here in a slightly edited form for | ||||
|    convenience. | ||||
|  | ||||
|    A 65-character subset of US-ASCII is used, enabling 6 bits to be | ||||
|    represented per printable character. (The extra 65th character, "=", | ||||
|    is used to signify a special processing function.) | ||||
|  | ||||
|    The encoding process represents 24-bit groups of input bits as output | ||||
|    strings of 4 encoded characters. Proceeding from left to right, a | ||||
|    24-bit input group is formed by concatenating 3 8-bit input groups. | ||||
|    These 24 bits are then treated as 4 concatenated 6-bit groups, each | ||||
|    of which is translated into a single digit in the base64 alphabet. | ||||
|  | ||||
|    Each 6-bit group is used as an index into an array of 64 printable | ||||
|    characters. The character referenced by the index is placed in the | ||||
|    output string. | ||||
|  | ||||
|                          Table 1: The Base64 Alphabet | ||||
|  | ||||
|       Value Encoding  Value Encoding  Value Encoding  Value Encoding | ||||
|           0 A            17 R            34 i            51 z | ||||
|           1 B            18 S            35 j            52 0 | ||||
|           2 C            19 T            36 k            53 1 | ||||
|           3 D            20 U            37 l            54 2 | ||||
|           4 E            21 V            38 m            55 3 | ||||
|           5 F            22 W            39 n            56 4 | ||||
|           6 G            23 X            40 o            57 5 | ||||
|           7 H            24 Y            41 p            58 6 | ||||
|           8 I            25 Z            42 q            59 7 | ||||
|           9 J            26 a            43 r            60 8 | ||||
|          10 K            27 b            44 s            61 9 | ||||
|          11 L            28 c            45 t            62 + | ||||
|          12 M            29 d            46 u            63 / | ||||
|          13 N            30 e            47 v | ||||
|          14 O            31 f            48 w         (pad) = | ||||
|          15 P            32 g            49 x | ||||
|          16 Q            33 h            50 y | ||||
|  | ||||
|    Special processing is performed if fewer than 24 bits are available | ||||
|    at the end of the data being encoded.  A full encoding quantum is | ||||
|    always completed at the end of a quantity.  When fewer than 24 input | ||||
|    bits are available in an input group, zero bits are added (on the | ||||
|    right) to form an integral number of 6-bit groups.  Padding at the | ||||
|    end of the data is performed using the '=' character. | ||||
|  | ||||
|    Since all base64 input is an integral number of octets, only the | ||||
|          -------------------------------------------------                        | ||||
|    following cases can arise: | ||||
|     | ||||
|        (1) the final quantum of encoding input is an integral | ||||
|            multiple of 24 bits; here, the final unit of encoded | ||||
| 	   output will be an integral multiple of 4 characters | ||||
| 	   with no "=" padding, | ||||
|        (2) the final quantum of encoding input is exactly 8 bits; | ||||
|            here, the final unit of encoded output will be two | ||||
| 	   characters followed by two "=" padding characters, or | ||||
|        (3) the final quantum of encoding input is exactly 16 bits; | ||||
|            here, the final unit of encoded output will be three | ||||
| 	   characters followed by one "=" padding character. | ||||
|    */ | ||||
|  | ||||
| int | ||||
| b64_ntop(src, srclength, target, targsize) | ||||
| 	u_char const *src; | ||||
| 	size_t srclength; | ||||
| 	char *target; | ||||
| 	size_t targsize; | ||||
| { | ||||
| 	size_t datalength = 0; | ||||
| 	u_char input[3]; | ||||
| 	u_char output[4]; | ||||
| 	int i; | ||||
|  | ||||
| 	while (2 < srclength) { | ||||
| 		input[0] = *src++; | ||||
| 		input[1] = *src++; | ||||
| 		input[2] = *src++; | ||||
| 		srclength -= 3; | ||||
|  | ||||
| 		output[0] = input[0] >> 2; | ||||
| 		output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); | ||||
| 		output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); | ||||
| 		output[3] = input[2] & 0x3f; | ||||
|  | ||||
| 		if (datalength + 4 > targsize) | ||||
| 			return (-1); | ||||
| 		target[datalength++] = Base64[output[0]]; | ||||
| 		target[datalength++] = Base64[output[1]]; | ||||
| 		target[datalength++] = Base64[output[2]]; | ||||
| 		target[datalength++] = Base64[output[3]]; | ||||
| 	} | ||||
|      | ||||
| 	/* Now we worry about padding. */ | ||||
| 	if (0 != srclength) { | ||||
| 		/* Get what's left. */ | ||||
| 		input[0] = input[1] = input[2] = '\0'; | ||||
| 		for (i = 0; i < srclength; i++) | ||||
| 			input[i] = *src++; | ||||
| 	 | ||||
| 		output[0] = input[0] >> 2; | ||||
| 		output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); | ||||
| 		output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); | ||||
|  | ||||
| 		if (datalength + 4 > targsize) | ||||
| 			return (-1); | ||||
| 		target[datalength++] = Base64[output[0]]; | ||||
| 		target[datalength++] = Base64[output[1]]; | ||||
| 		if (srclength == 1) | ||||
| 			target[datalength++] = Pad64; | ||||
| 		else | ||||
| 			target[datalength++] = Base64[output[2]]; | ||||
| 		target[datalength++] = Pad64; | ||||
| 	} | ||||
| 	if (datalength >= targsize) | ||||
| 		return (-1); | ||||
| 	target[datalength] = '\0';	/* Returned value doesn't count \0. */ | ||||
| 	return (datalength); | ||||
| } | ||||
|  | ||||
| /* skips all whitespace anywhere. | ||||
|    converts characters, four at a time, starting at (or after) | ||||
|    src from base - 64 numbers into three 8 bit bytes in the target area. | ||||
|    it returns the number of data bytes stored at the target, or -1 on error. | ||||
|  */ | ||||
|  | ||||
| int | ||||
| b64_pton(src, target, targsize) | ||||
| 	char const *src; | ||||
| 	u_char *target; | ||||
| 	size_t targsize; | ||||
| { | ||||
| 	int tarindex, state, ch; | ||||
| 	u_char nextbyte; | ||||
| 	char *pos; | ||||
|  | ||||
| 	state = 0; | ||||
| 	tarindex = 0; | ||||
|  | ||||
| 	while ((ch = (unsigned char)*src++) != '\0') { | ||||
| 		if (isspace(ch))	/* Skip whitespace anywhere. */ | ||||
| 			continue; | ||||
|  | ||||
| 		if (ch == Pad64) | ||||
| 			break; | ||||
|  | ||||
| 		pos = strchr(Base64, ch); | ||||
| 		if (pos == 0) 		/* A non-base64 character. */ | ||||
| 			return (-1); | ||||
|  | ||||
| 		switch (state) { | ||||
| 		case 0: | ||||
| 			if (target) { | ||||
| 				if (tarindex >= targsize) | ||||
| 					return (-1); | ||||
| 				target[tarindex] = (pos - Base64) << 2; | ||||
| 			} | ||||
| 			state = 1; | ||||
| 			break; | ||||
| 		case 1: | ||||
| 			if (target) { | ||||
| 				if (tarindex >= targsize) | ||||
| 					return (-1); | ||||
| 				target[tarindex]   |=  (pos - Base64) >> 4; | ||||
| 				nextbyte = ((pos - Base64) & 0x0f) << 4; | ||||
| 				if (tarindex + 1 < targsize) | ||||
| 					target[tarindex+1] = nextbyte; | ||||
| 				else if (nextbyte) | ||||
| 					return (-1); | ||||
| 			} | ||||
| 			tarindex++; | ||||
| 			state = 2; | ||||
| 			break; | ||||
| 		case 2: | ||||
| 			if (target) { | ||||
| 				if (tarindex >= targsize) | ||||
| 					return (-1); | ||||
| 				target[tarindex]   |=  (pos - Base64) >> 2; | ||||
| 				nextbyte = ((pos - Base64) & 0x03) << 6; | ||||
| 				if (tarindex + 1 < targsize) | ||||
| 					target[tarindex+1] = nextbyte; | ||||
| 				else if (nextbyte) | ||||
| 					return (-1); | ||||
| 			} | ||||
| 			tarindex++; | ||||
| 			state = 3; | ||||
| 			break; | ||||
| 		case 3: | ||||
| 			if (target) { | ||||
| 				if (tarindex >= targsize) | ||||
| 					return (-1); | ||||
| 				target[tarindex] |= (pos - Base64); | ||||
| 			} | ||||
| 			tarindex++; | ||||
| 			state = 0; | ||||
| 			break; | ||||
| 		} | ||||
| 	} | ||||
|  | ||||
| 	/* | ||||
| 	 * We are done decoding Base-64 chars.  Let's see if we ended | ||||
| 	 * on a byte boundary, and/or with erroneous trailing characters. | ||||
| 	 */ | ||||
|  | ||||
| 	if (ch == Pad64) {			/* We got a pad char. */ | ||||
| 		ch = (unsigned char)*src++;	/* Skip it, get next. */ | ||||
| 		switch (state) { | ||||
| 		case 0:		/* Invalid = in first position */ | ||||
| 		case 1:		/* Invalid = in second position */ | ||||
| 			return (-1); | ||||
|  | ||||
| 		case 2:		/* Valid, means one byte of info */ | ||||
| 			/* Skip any number of spaces. */ | ||||
| 			for (; ch != '\0'; ch = (unsigned char)*src++) | ||||
| 				if (!isspace(ch)) | ||||
| 					break; | ||||
| 			/* Make sure there is another trailing = sign. */ | ||||
| 			if (ch != Pad64) | ||||
| 				return (-1); | ||||
| 			ch = (unsigned char)*src++;		/* Skip the = */ | ||||
| 			/* Fall through to "single trailing =" case. */ | ||||
| 			/* FALLTHROUGH */ | ||||
|  | ||||
| 		case 3:		/* Valid, means two bytes of info */ | ||||
| 			/* | ||||
| 			 * We know this char is an =.  Is there anything but | ||||
| 			 * whitespace after it? | ||||
| 			 */ | ||||
| 			for (; ch != '\0'; ch = (unsigned char)*src++) | ||||
| 				if (!isspace(ch)) | ||||
| 					return (-1); | ||||
|  | ||||
| 			/* | ||||
| 			 * Now make sure for cases 2 and 3 that the "extra" | ||||
| 			 * bits that slopped past the last full byte were | ||||
| 			 * zeros.  If we don't check them, they become a | ||||
| 			 * subliminal channel. | ||||
| 			 */ | ||||
| 			if (target && tarindex < targsize && | ||||
| 			    target[tarindex] != 0) | ||||
| 				return (-1); | ||||
| 		} | ||||
| 	} else { | ||||
| 		/* | ||||
| 		 * We ended by seeing the end of the string.  Make sure we | ||||
| 		 * have no partial bytes lying around. | ||||
| 		 */ | ||||
| 		if (state != 0) | ||||
| 			return (-1); | ||||
| 	} | ||||
|  | ||||
| 	return (tarindex); | ||||
| } | ||||
| @@ -1,65 +0,0 @@ | ||||
| /*	$OpenBSD: strtonum.c,v 1.7 2013/04/17 18:40:58 tedu Exp $	*/ | ||||
|  | ||||
| /* | ||||
|  * Copyright (c) 2004 Ted Unangst and Todd Miller | ||||
|  * All rights reserved. | ||||
|  * | ||||
|  * Permission to use, copy, modify, and distribute this software for any | ||||
|  * purpose with or without fee is hereby granted, provided that the above | ||||
|  * copyright notice and this permission notice appear in all copies. | ||||
|  * | ||||
|  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||||
|  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||||
|  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||||
|  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||||
|  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||||
|  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||||
|  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||||
|  */ | ||||
|  | ||||
| #include <errno.h> | ||||
| #include <limits.h> | ||||
| #include <stdlib.h> | ||||
|  | ||||
| #define	INVALID		1 | ||||
| #define	TOOSMALL	2 | ||||
| #define	TOOLARGE	3 | ||||
|  | ||||
| long long | ||||
| strtonum(const char *numstr, long long minval, long long maxval, | ||||
|     const char **errstrp) | ||||
| { | ||||
| 	long long ll = 0; | ||||
| 	int error = 0; | ||||
| 	char *ep; | ||||
| 	struct errval { | ||||
| 		const char *errstr; | ||||
| 		int err; | ||||
| 	} ev[4] = { | ||||
| 		{ NULL,		0 }, | ||||
| 		{ "invalid",	EINVAL }, | ||||
| 		{ "too small",	ERANGE }, | ||||
| 		{ "too large",	ERANGE }, | ||||
| 	}; | ||||
|  | ||||
| 	ev[0].err = errno; | ||||
| 	errno = 0; | ||||
| 	if (minval > maxval) { | ||||
| 		error = INVALID; | ||||
| 	} else { | ||||
| 		ll = strtoll(numstr, &ep, 10); | ||||
| 		if (numstr == ep || *ep != '\0') | ||||
| 			error = INVALID; | ||||
| 		else if ((ll == LLONG_MIN && errno == ERANGE) || ll < minval) | ||||
| 			error = TOOSMALL; | ||||
| 		else if ((ll == LLONG_MAX && errno == ERANGE) || ll > maxval) | ||||
| 			error = TOOLARGE; | ||||
| 	} | ||||
| 	if (errstrp != NULL) | ||||
| 		*errstrp = ev[error].errstr; | ||||
| 	errno = ev[error].err; | ||||
| 	if (error) | ||||
| 		ll = 0; | ||||
|  | ||||
| 	return (ll); | ||||
| } | ||||
							
								
								
									
										45
									
								
								apps/ocspcheck/CMakeLists.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										45
									
								
								apps/ocspcheck/CMakeLists.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,45 @@ | ||||
| if(NOT MSVC) | ||||
|  | ||||
| include_directories( | ||||
| 	. | ||||
| 	./compat | ||||
| 	../../include | ||||
| 	../../include/compat | ||||
| ) | ||||
|  | ||||
| set( | ||||
| 	OCSPCHECK_SRC | ||||
| 	http.c | ||||
| 	ocspcheck.c | ||||
| ) | ||||
|  | ||||
| check_function_exists(inet_ntop HAVE_INET_NTOP) | ||||
| if(HAVE_INET_NTOP) | ||||
|         add_definitions(-DHAVE_INET_NTOP) | ||||
| else() | ||||
|         set(OCSPCHECK_SRC ${OCSPCHECK_SRC} compat/inet_ntop.c) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(inet_ntop HAVE_MEMMEM) | ||||
| if(HAVE_MEMMEM) | ||||
|         add_definitions(-DHAVE_MEMMEM) | ||||
| else() | ||||
|         set(OCSPCHECK_SRC ${OCSPCHECK_SRC} compat/memmem.c) | ||||
| endif() | ||||
|  | ||||
| if(NOT "${OPENSSLDIR}" STREQUAL "") | ||||
| 	add_definitions(-DDEFAULT_CA_FILE=\"${OPENSSLDIR}/cert.pem\") | ||||
| else() | ||||
| 	add_definitions(-DDEFAULT_CA_FILE=\"${CMAKE_INSTALL_PREFIX}/etc/ssl/cert.pem\") | ||||
| endif() | ||||
|  | ||||
| add_executable(ocspcheck ${OCSPCHECK_SRC}) | ||||
| target_link_libraries(ocspcheck tls ${OPENSSL_LIBS}) | ||||
|  | ||||
| if(ENABLE_LIBRESSL_INSTALL) | ||||
| 	install(TARGETS ocspcheck DESTINATION ${CMAKE_INSTALL_BINDIR}) | ||||
| 	install(FILES ocspcheck.8 DESTINATION ${CMAKE_INSTALL_MANDIR}/man8) | ||||
|  | ||||
| endif(ENABLE_LIBRESSL_INSTALL) | ||||
|  | ||||
| endif() | ||||
							
								
								
									
										23
									
								
								apps/ocspcheck/Makefile.am
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								apps/ocspcheck/Makefile.am
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,23 @@ | ||||
| include $(top_srcdir)/Makefile.am.common | ||||
|  | ||||
| bin_PROGRAMS = ocspcheck | ||||
|  | ||||
| EXTRA_DIST = ocspcheck.8 | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
|  | ||||
| ocspcheck_LDADD = $(abs_top_builddir)/crypto/libcrypto.la | ||||
| ocspcheck_LDADD += $(abs_top_builddir)/ssl/libssl.la | ||||
| ocspcheck_LDADD += $(abs_top_builddir)/tls/libtls.la | ||||
| ocspcheck_LDADD += $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
|  | ||||
| ocspcheck_SOURCES = http.c | ||||
| ocspcheck_SOURCES += ocspcheck.c | ||||
| noinst_HEADERS = http.h | ||||
|  | ||||
| if !HAVE_INET_NTOP | ||||
| ocspcheck_SOURCES += compat/inet_ntop.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_MEMMEM | ||||
| ocspcheck_SOURCES += compat/memmem.c | ||||
| endif | ||||
							
								
								
									
										0
									
								
								apps/ocspcheck/compat/.gitignore
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										0
									
								
								apps/ocspcheck/compat/.gitignore
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
								
								
									
										92
									
								
								apps/openssl/CMakeLists.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										92
									
								
								apps/openssl/CMakeLists.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,92 @@ | ||||
| include_directories( | ||||
| 	. | ||||
| 	../../include | ||||
| 	../../include/compat | ||||
| ) | ||||
|  | ||||
| set( | ||||
| 	OPENSSL_SRC | ||||
| 	apps.c | ||||
| 	asn1pars.c | ||||
| 	ca.c | ||||
| 	ciphers.c | ||||
| 	crl.c | ||||
| 	crl2p7.c | ||||
| 	dgst.c | ||||
| 	dh.c | ||||
| 	dhparam.c | ||||
| 	dsa.c | ||||
| 	dsaparam.c | ||||
| 	ec.c | ||||
| 	ecparam.c | ||||
| 	enc.c | ||||
| 	errstr.c | ||||
| 	gendh.c | ||||
| 	gendsa.c | ||||
| 	genpkey.c | ||||
| 	genrsa.c | ||||
| 	nseq.c | ||||
| 	ocsp.c | ||||
| 	openssl.c | ||||
| 	passwd.c | ||||
| 	pkcs12.c | ||||
| 	pkcs7.c | ||||
| 	pkcs8.c | ||||
| 	pkey.c | ||||
| 	pkeyparam.c | ||||
| 	pkeyutl.c | ||||
| 	prime.c | ||||
| 	rand.c | ||||
| 	req.c | ||||
| 	rsa.c | ||||
| 	rsautl.c | ||||
| 	s_cb.c | ||||
| 	s_client.c | ||||
| 	s_server.c | ||||
| 	s_socket.c | ||||
| 	s_time.c | ||||
| 	sess_id.c | ||||
| 	smime.c | ||||
| 	speed.c | ||||
| 	spkac.c | ||||
| 	ts.c | ||||
| 	verify.c | ||||
| 	version.c | ||||
| 	x509.c | ||||
| ) | ||||
|  | ||||
| if(CMAKE_HOST_UNIX) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} apps_posix.c) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} certhash.c) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_HOST_WIN32) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} apps_win.c) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} certhash_win.c) | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} compat/poll_win.c) | ||||
| endif() | ||||
|  | ||||
| check_function_exists(strtonum HAVE_STRTONUM) | ||||
| if(HAVE_STRTONUM) | ||||
| 	add_definitions(-DHAVE_STRTONUM) | ||||
| else() | ||||
| 	set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c) | ||||
| endif() | ||||
|  | ||||
| add_executable(openssl ${OPENSSL_SRC}) | ||||
| target_link_libraries(openssl ${OPENSSL_LIBS}) | ||||
|  | ||||
| if(ENABLE_LIBRESSL_INSTALL) | ||||
| 	install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) | ||||
| 	install(FILES openssl.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1) | ||||
| endif(ENABLE_LIBRESSL_INSTALL) | ||||
|  | ||||
| if(NOT "${OPENSSLDIR}" STREQUAL "") | ||||
| 	set(CONF_DIR "${OPENSSLDIR}") | ||||
| else() | ||||
| 	set(CONF_DIR "${CMAKE_INSTALL_PREFIX}/etc/ssl") | ||||
| endif() | ||||
| if(ENABLE_LIBRESSL_INSTALL) | ||||
| 	install(FILES cert.pem openssl.cnf x509v3.cnf DESTINATION ${CONF_DIR}) | ||||
| 	install(DIRECTORY DESTINATION ${CONF_DIR}/cert) | ||||
| endif(ENABLE_LIBRESSL_INSTALL) | ||||
| @@ -4,15 +4,14 @@ bin_PROGRAMS = openssl | ||||
|  | ||||
| dist_man_MANS = openssl.1 | ||||
|  | ||||
| openssl_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
| openssl_LDADD += $(abs_top_builddir)/ssl/libssl.la | ||||
| openssl_LDADD = $(abs_top_builddir)/ssl/libssl.la | ||||
| openssl_LDADD += $(abs_top_builddir)/crypto/libcrypto.la | ||||
| openssl_LDADD += $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
|  | ||||
| openssl_SOURCES = apps.c | ||||
| openssl_SOURCES += asn1pars.c | ||||
| openssl_SOURCES += ca.c | ||||
| openssl_SOURCES += ciphers.c | ||||
| openssl_SOURCES += cms.c | ||||
| openssl_SOURCES += crl.c | ||||
| openssl_SOURCES += crl2p7.c | ||||
| openssl_SOURCES += dgst.c | ||||
| @@ -89,12 +88,13 @@ noinst_HEADERS += timeouts.h | ||||
| EXTRA_DIST = cert.pem | ||||
| EXTRA_DIST += openssl.cnf | ||||
| EXTRA_DIST += x509v3.cnf | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
|  | ||||
| install-exec-hook: | ||||
| 	@if [ "@OPENSSLDIR@x" != "x" ]; then \ | ||||
| 		OPENSSLDIR="$(DESTDIR)/@OPENSSLDIR@"; \ | ||||
| 		OPENSSLDIR="$(DESTDIR)@OPENSSLDIR@"; \ | ||||
| 	else \ | ||||
| 		OPENSSLDIR="$(DESTDIR)/$(sysconfdir)/ssl"; \ | ||||
| 		OPENSSLDIR="$(DESTDIR)$(sysconfdir)/ssl"; \ | ||||
| 	fi; \ | ||||
| 	mkdir -p "$$OPENSSLDIR/certs"; \ | ||||
| 	for i in cert.pem openssl.cnf x509v3.cnf; do \ | ||||
| @@ -107,9 +107,9 @@ install-exec-hook: | ||||
|  | ||||
| uninstall-local: | ||||
| 	@if [ "@OPENSSLDIR@x" != "x" ]; then \ | ||||
| 		OPENSSLDIR="$(DESTDIR)/@OPENSSLDIR@"; \ | ||||
| 		OPENSSLDIR="$(DESTDIR)@OPENSSLDIR@"; \ | ||||
| 	else \ | ||||
| 		OPENSSLDIR="$(DESTDIR)/$(sysconfdir)/ssl"; \ | ||||
| 		OPENSSLDIR="$(DESTDIR)$(sysconfdir)/ssl"; \ | ||||
| 	fi; \ | ||||
| 	for i in cert.pem openssl.cnf x509v3.cnf; do \ | ||||
| 		if cmp -s "$$OPENSSLDIR/$$i" "$(srcdir)/$$i"; then \ | ||||
|   | ||||
							
								
								
									
										44
									
								
								cmake_export_symbol.cmake
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										44
									
								
								cmake_export_symbol.cmake
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,44 @@ | ||||
| macro(export_symbol TARGET FILENAME) | ||||
|  | ||||
| 	set(FLAG "") | ||||
|  | ||||
| 	if(WIN32) | ||||
| 		string(REPLACE ".sym" ".def" DEF_FILENAME ${FILENAME}) | ||||
| 		file(WRITE ${DEF_FILENAME} "EXPORTS\n") | ||||
| 		file(READ ${FILENAME} SYMBOLS) | ||||
| 		file(APPEND ${DEF_FILENAME} "${SYMBOLS}") | ||||
| 		target_sources(${TARGET} PRIVATE ${DEF_FILENAME}) | ||||
|  | ||||
| 	elseif(APPLE) | ||||
| 		set(FLAG "-exported_symbols_list ${FILENAME}") | ||||
| 		set_target_properties(${TARGET} PROPERTIES LINK_FLAGS ${FLAG}) | ||||
|  | ||||
| 	elseif(CMAKE_SYSTEM_NAME MATCHES "HP-UX") | ||||
| 		file(READ ${FILENAME} SYMBOLS) | ||||
| 		string(REGEX REPLACE "\n$" "" SYMBOLS ${SYMBOLS}) | ||||
| 		string(REPLACE "\n" "\n+e " SYMBOLS ${SYMBOLS}) | ||||
| 		string(REPLACE ".sym" ".opt" OPT_FILENAME ${FILENAME}) | ||||
| 		file(WRITE ${OPT_FILENAME} "+e ${SYMBOLS}") | ||||
| 		set(FLAG "-Wl,-c,${OPT_FILENAME}") | ||||
| 		set_target_properties(${TARGET} PROPERTIES LINK_FLAGS ${FLAG}) | ||||
|  | ||||
| 	elseif(CMAKE_SYSTEM_NAME MATCHES "SunOS") | ||||
| 		file(READ ${FILENAME} SYMBOLS) | ||||
| 		string(REPLACE "\n" ";\n" SYMBOLS ${SYMBOLS}) | ||||
| 		string(REPLACE ".sym" ".ver" VER_FILENAME ${FILENAME}) | ||||
| 		file(WRITE ${VER_FILENAME} | ||||
| 			"{\nglobal:\n${SYMBOLS}\nlocal:\n*;\n};\n") | ||||
| 		set(FLAG "-Wl,-M${VER_FILENAME}") | ||||
| 		set_target_properties(${TARGET} PROPERTIES LINK_FLAGS ${FLAG}) | ||||
|  | ||||
| 	elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang") | ||||
| 		file(READ ${FILENAME} SYMBOLS) | ||||
| 		string(REPLACE "\n" ";\n" SYMBOLS ${SYMBOLS}) | ||||
| 		string(REPLACE ".sym" ".ver" VER_FILENAME ${FILENAME}) | ||||
| 		file(WRITE ${VER_FILENAME} | ||||
| 			"{\nglobal:\n${SYMBOLS}\nlocal:\n*;\n};\n") | ||||
| 		set(FLAG "-Wl,--version-script,\"${VER_FILENAME}\"") | ||||
| 		set_target_properties(${TARGET} PROPERTIES LINK_FLAGS ${FLAG}) | ||||
| 	endif() | ||||
|  | ||||
| endmacro() | ||||
							
								
								
									
										21
									
								
								cmake_uninstall.cmake.in
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								cmake_uninstall.cmake.in
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| if(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt") | ||||
| 	message(FATAL_ERROR "Cannot find install manifest: @CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt") | ||||
| endif(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt") | ||||
|  | ||||
| file(READ "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt" files) | ||||
| string(REGEX REPLACE "\n" ";" files "${files}") | ||||
| foreach(file ${files}) | ||||
| 	message(STATUS "Uninstalling $ENV{DESTDIR}${file}") | ||||
| 	if(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}") | ||||
| 		exec_program( | ||||
| 			"@CMAKE_COMMAND@" ARGS "-E remove \"$ENV{DESTDIR}${file}\"" | ||||
| 			OUTPUT_VARIABLE rm_out | ||||
| 			RETURN_VALUE rm_retval | ||||
| 			) | ||||
| 		if(NOT "${rm_retval}" STREQUAL 0) | ||||
| 			message(FATAL_ERROR "Problem when removing $ENV{DESTDIR}${file}") | ||||
| 		endif(NOT "${rm_retval}" STREQUAL 0) | ||||
| 	else(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}") | ||||
| 		message(STATUS "File $ENV{DESTDIR}${file} does not exist.") | ||||
| 	endif(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}") | ||||
| endforeach(file) | ||||
							
								
								
									
										29
									
								
								configure.ac
									
									
									
									
									
								
							
							
						
						
									
										29
									
								
								configure.ac
									
									
									
									
									
								
							| @@ -78,19 +78,15 @@ AC_TRY_COMPILE([#include "$srcdir/crypto/modes/modes_lcl.h"], | ||||
| 	       BSWAP4=no) | ||||
| CFLAGS="$old_cflags" | ||||
|  | ||||
| case $host_cpu in | ||||
| 	*sparc*) | ||||
| 		CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT" | ||||
| 		;; | ||||
| 	*arm*) | ||||
| 		AS_IF([test "x$BSWAP4" = "xyes"],, | ||||
| 		    CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT") | ||||
| 		;; | ||||
| 	*amd64*) | ||||
| 		host_cpu=x86_64 | ||||
| 		;; | ||||
|  | ||||
| esac | ||||
| AS_CASE([$host_cpu], | ||||
| 	[*sparc*], [CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT"], | ||||
| 	[*arm*], AS_IF([test "x$BSWAP4" = "xyes"],, | ||||
| 		    CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT"), | ||||
| 	[*amd64*], [host_cpu=x86_64, HOSTARCH=intel], | ||||
| 	[i?86], [HOSTARCH=intel], | ||||
| 	[x86_64], [HOSTARCH=intel] | ||||
| ) | ||||
| AM_CONDITIONAL([HOST_CPU_IS_INTEL], [test "x$HOSTARCH" = "xintel"]) | ||||
|  | ||||
| AC_MSG_CHECKING([if .gnu.warning accepts long strings]) | ||||
| AC_LINK_IFELSE([AC_LANG_SOURCE([[ | ||||
| @@ -126,6 +122,7 @@ AC_CONFIG_FILES([ | ||||
| 	tls/Makefile | ||||
| 	tests/Makefile | ||||
| 	apps/Makefile | ||||
| 	apps/ocspcheck/Makefile | ||||
| 	apps/openssl/Makefile | ||||
| 	apps/nc/Makefile | ||||
| 	man/Makefile | ||||
| @@ -139,6 +136,12 @@ AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"]) | ||||
| if test "$ac_cv_sizeof_time_t" = "4"; then | ||||
|     echo " ** Warning, this system is unable to represent times past 2038" | ||||
|     echo " ** It will behave incorrectly when handling valid RFC5280 dates" | ||||
|  | ||||
|     if test "$host_os" = "mingw32" ; then | ||||
|         echo " **" | ||||
|         echo " ** You can solve this by adjusting the build flags in your" | ||||
|         echo " ** mingw-w64 toolchain. Refer to README.windows for details." | ||||
|     fi | ||||
| fi | ||||
|  | ||||
| AC_REQUIRE_AUX_FILE([tap-driver.sh]) | ||||
|   | ||||
| @@ -3,21 +3,113 @@ include_directories( | ||||
| 	../include | ||||
| 	../include/compat | ||||
| 	asn1 | ||||
| 	bn | ||||
| 	dsa | ||||
| 	evp | ||||
| 	modes | ||||
| ) | ||||
|  | ||||
| if(HOST_ASM_ELF_X86_64) | ||||
| 	set( | ||||
| 		ASM_X86_64_ELF_SRC | ||||
| 		aes/aes-elf-x86_64.S | ||||
| 		aes/bsaes-elf-x86_64.S | ||||
| 		aes/vpaes-elf-x86_64.S | ||||
| 		aes/aesni-elf-x86_64.S | ||||
| 		aes/aesni-sha1-elf-x86_64.S | ||||
| 		bn/modexp512-elf-x86_64.S | ||||
| 		bn/mont-elf-x86_64.S | ||||
| 		bn/mont5-elf-x86_64.S | ||||
| 		bn/gf2m-elf-x86_64.S | ||||
| 		camellia/cmll-elf-x86_64.S | ||||
| 		md5/md5-elf-x86_64.S | ||||
| 		modes/ghash-elf-x86_64.S | ||||
| 		rc4/rc4-elf-x86_64.S | ||||
| 		rc4/rc4-md5-elf-x86_64.S | ||||
| 		sha/sha1-elf-x86_64.S | ||||
| 		sha/sha256-elf-x86_64.S | ||||
| 		sha/sha512-elf-x86_64.S | ||||
| 		whrlpool/wp-elf-x86_64.S | ||||
| 		cpuid-elf-x86_64.S | ||||
| 	) | ||||
| 	add_definitions(-DAES_ASM) | ||||
| 	add_definitions(-DBSAES_ASM) | ||||
| 	add_definitions(-DVPAES_ASM) | ||||
| 	add_definitions(-DOPENSSL_IA32_SSE2) | ||||
| 	add_definitions(-DOPENSSL_BN_ASM_MONT) | ||||
| 	add_definitions(-DOPENSSL_BN_ASM_MONT5) | ||||
| 	add_definitions(-DOPENSSL_BN_ASM_GF2m) | ||||
| 	add_definitions(-DMD5_ASM) | ||||
| 	add_definitions(-DGHASH_ASM) | ||||
| 	add_definitions(-DRSA_ASM) | ||||
| 	add_definitions(-DSHA1_ASM) | ||||
| 	add_definitions(-DSHA256_ASM) | ||||
| 	add_definitions(-DSHA512_ASM) | ||||
| 	add_definitions(-DWHIRLPOOL_ASM) | ||||
| 	add_definitions(-DOPENSSL_CPUID_OBJ) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} ${ASM_X86_64_ELF_SRC}) | ||||
| 	set_property(SOURCE ${ASM_X86_64_ELF_SRC} PROPERTY LANGUAGE C) | ||||
| endif() | ||||
|  | ||||
| if(HOST_ASM_MACOSX_X86_64) | ||||
| 	set( | ||||
| 		ASM_X86_64_MACOSX_SRC | ||||
| 		aes/aes-macosx-x86_64.S | ||||
| 		aes/bsaes-macosx-x86_64.S | ||||
| 		aes/vpaes-macosx-x86_64.S | ||||
| 		aes/aesni-macosx-x86_64.S | ||||
| 		aes/aesni-sha1-macosx-x86_64.S | ||||
| 		bn/modexp512-macosx-x86_64.S | ||||
| 		bn/mont-macosx-x86_64.S | ||||
| 		bn/mont5-macosx-x86_64.S | ||||
| 		bn/gf2m-macosx-x86_64.S | ||||
| 		camellia/cmll-macosx-x86_64.S | ||||
| 		md5/md5-macosx-x86_64.S | ||||
| 		modes/ghash-macosx-x86_64.S | ||||
| 		rc4/rc4-macosx-x86_64.S | ||||
| 		rc4/rc4-md5-macosx-x86_64.S | ||||
| 		sha/sha1-macosx-x86_64.S | ||||
| 		sha/sha256-macosx-x86_64.S | ||||
| 		sha/sha512-macosx-x86_64.S | ||||
| 		whrlpool/wp-macosx-x86_64.S | ||||
| 		cpuid-macosx-x86_64.S | ||||
| 	) | ||||
| 	add_definitions(-DAES_ASM) | ||||
| 	add_definitions(-DBSAES_ASM) | ||||
| 	add_definitions(-DVPAES_ASM) | ||||
| 	add_definitions(-DOPENSSL_IA32_SSE2) | ||||
| 	add_definitions(-DOPENSSL_BN_ASM_MONT) | ||||
| 	add_definitions(-DOPENSSL_BN_ASM_MONT5) | ||||
| 	add_definitions(-DOPENSSL_BN_ASM_GF2m) | ||||
| 	add_definitions(-DMD5_ASM) | ||||
| 	add_definitions(-DGHASH_ASM) | ||||
| 	add_definitions(-DRSA_ASM) | ||||
| 	add_definitions(-DSHA1_ASM) | ||||
| 	add_definitions(-DSHA256_ASM) | ||||
| 	add_definitions(-DSHA512_ASM) | ||||
| 	add_definitions(-DWHIRLPOOL_ASM) | ||||
| 	add_definitions(-DOPENSSL_CPUID_OBJ) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} ${ASM_X86_64_MACOSX_SRC}) | ||||
| 	set_property(SOURCE ${ASM_X86_64_MACOSX_SRC} PROPERTY LANGUAGE C) | ||||
| endif() | ||||
|  | ||||
| if((NOT HOST_ASM_ELF_X86_64) AND (NOT HOST_ASM_MACOSX_X86_64)) | ||||
| 	set( | ||||
| 		CRYPTO_SRC | ||||
| 		${CRYPTO_SRC} | ||||
| 		aes/aes_cbc.c | ||||
| 		aes/aes_core.c | ||||
| 		camellia/camellia.c | ||||
| 		camellia/cmll_cbc.c | ||||
| 		rc4/rc4_enc.c | ||||
| 		rc4/rc4_skey.c | ||||
| 		whrlpool/wp_block.c | ||||
| 	) | ||||
| endif() | ||||
|  | ||||
| set( | ||||
| 	CRYPTO_SRC | ||||
|  | ||||
| 	aes/aes_cbc.c | ||||
| 	aes/aes_core.c | ||||
| 	camellia/camellia.c | ||||
| 	camellia/cmll_cbc.c | ||||
| 	rc4/rc4_enc.c | ||||
| 	rc4/rc4_skey.c | ||||
| 	whrlpool/wp_block.c | ||||
| 	${CRYPTO_SRC} | ||||
| 	cpt_err.c | ||||
| 	cryptlib.c | ||||
| 	cversion.c | ||||
| @@ -190,6 +282,8 @@ set( | ||||
| 	conf/conf_mall.c | ||||
| 	conf/conf_mod.c | ||||
| 	conf/conf_sap.c | ||||
| 	curve25519/curve25519-generic.c | ||||
| 	curve25519/curve25519.c | ||||
| 	des/cbc_cksm.c | ||||
| 	des/cbc_enc.c | ||||
| 	des/cfb64ede.c | ||||
| @@ -258,6 +352,10 @@ set( | ||||
| 	ec/ecp_mont.c | ||||
| 	ec/ecp_nist.c | ||||
| 	ec/ecp_oct.c | ||||
| 	ec/ecp_nistp224.c | ||||
| 	ec/ecp_nistp256.c | ||||
| 	ec/ecp_nistp521.c | ||||
| 	ec/ecp_nistputil.c | ||||
| 	ec/ecp_smpl.c | ||||
| 	ecdh/ech_err.c | ||||
| 	ecdh/ech_key.c | ||||
| @@ -331,6 +429,7 @@ set( | ||||
| 	evp/m_gostr341194.c | ||||
| 	evp/m_md4.c | ||||
| 	evp/m_md5.c | ||||
| 	evp/m_md5_sha1.c | ||||
| 	evp/m_null.c | ||||
| 	evp/m_ripemd.c | ||||
| 	evp/m_sha1.c | ||||
| @@ -364,6 +463,7 @@ set( | ||||
| 	gost/gostr341001_pmeth.c | ||||
| 	gost/gostr341194.c | ||||
| 	gost/streebog.c | ||||
| 	hkdf/hkdf.c | ||||
| 	hmac/hm_ameth.c | ||||
| 	hmac/hm_pmeth.c | ||||
| 	hmac/hmac.c | ||||
| @@ -372,7 +472,6 @@ set( | ||||
| 	idea/i_ecb.c | ||||
| 	idea/i_ofb64.c | ||||
| 	idea/i_skey.c | ||||
| 	krb5/krb5_asn.c | ||||
| 	lhash/lh_stats.c | ||||
| 	lhash/lhash.c | ||||
| 	md4/md4_dgst.c | ||||
| @@ -556,46 +655,89 @@ endif() | ||||
|  | ||||
| if(CMAKE_HOST_WIN32) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} bio/b_win.c) | ||||
| 	set(CRYPTO_UNEXPORT ${CRYPTO_UNEXPORT} BIO_s_log) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} ui/ui_openssl_win.c) | ||||
| endif() | ||||
|  | ||||
| if(CMAKE_HOST_WIN32) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/posix_win.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} gettimeofday) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_perror) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_fopen) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_fgets) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_open) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_rename) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_connect) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_close) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_read) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_write) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_getsockopt) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_setsockopt) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} sleep) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_ASPRINTF) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/bsd-asprintf.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} asprintf) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} vasprintf) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_FREEZERO) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/freezero.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} freezero) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_GETPAGESIZE) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/getpagesize.c) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_INET_PTON) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/inet_pton.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} inet_pton) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_REALLOCARRAY) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/reallocarray.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} reallocarray) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_RECALLOCARRAY) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/recallocarray.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} recallocarray) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_STRCASECMP) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/strcasecmp.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} strcasecmp) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_STRLCAT) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/strlcat.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} strlcat) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_STRLCPY) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/strlcpy.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} strlcpy) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_STRNDUP) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/strndup.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} strndup) | ||||
| 	if(NOT HAVE_STRNLEN) | ||||
| 		set(CRYPTO_SRC ${CRYPTO_SRC} compat/strnlen.c) | ||||
| 		set(EXTRA_EXPORT ${EXTRA_EXPORT} strnlen) | ||||
| 	endif() | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_STRSEP) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/strsep.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} strsep) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_TIMEGM) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/timegm.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} timegm) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_EXPLICIT_BZERO) | ||||
| @@ -605,10 +747,15 @@ if(NOT HAVE_EXPLICIT_BZERO) | ||||
| 		set(CRYPTO_SRC ${CRYPTO_SRC} compat/explicit_bzero.c) | ||||
| 		set_source_files_properties(compat/explicit_bzero.c PROPERTIES COMPILE_FLAGS -O0) | ||||
| 	endif() | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} explicit_bzero) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_ARC4RANDOM_BUF) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/arc4random.c) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/arc4random_uniform.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} arc4random) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} arc4random_buf) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} arc4random_uniform) | ||||
|  | ||||
| 	if(NOT HAVE_GETENTROPY) | ||||
| 		if(CMAKE_HOST_WIN32) | ||||
| @@ -617,39 +764,78 @@ if(NOT HAVE_ARC4RANDOM_BUF) | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_aix.c) | ||||
| 		elseif(CMAKE_SYSTEM_NAME MATCHES "FreeBSD") | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_freebsd.c) | ||||
| 		elseif(CMAKE_SYSTEM_NAME MATCHES "HP-UX") | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_hpux.c) | ||||
| 		elseif(CMAKE_SYSTEM_NAME MATCHES "Linux") | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_linux.c) | ||||
| 		elseif(CMAKE_SYSTEM_NAME MATCHES "NetBSD") | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_netbsd.c) | ||||
| 		elseif(CMAKE_SYSTEM_NAME MATCHES "Darwin") | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_darwin.c) | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_osx.c) | ||||
| 		elseif(CMAKE_SYSTEM_NAME MATCHES "SunOS") | ||||
| 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_solaris.c) | ||||
| 		endif() | ||||
| 		set(EXTRA_EXPORT ${EXTRA_EXPORT} getentropy) | ||||
| 	endif() | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_TIMINGSAFE_BCMP) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_bcmp.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} timingsafe_bcmp) | ||||
| endif() | ||||
|  | ||||
| if(NOT HAVE_TIMINGSAFE_MEMCMP) | ||||
| 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_memcmp.c) | ||||
| 	set(EXTRA_EXPORT ${EXTRA_EXPORT} timingsafe_memcmp) | ||||
| endif() | ||||
|  | ||||
| if(NOT ENABLE_ASM) | ||||
| 	add_definitions(-DOPENSSL_NO_ASM) | ||||
| else() | ||||
| 	if(CMAKE_HOST_WIN32) | ||||
| 		add_definitions(-DOPENSSL_NO_ASM) | ||||
| 	endif() | ||||
| endif() | ||||
|  | ||||
| if(NOT "${OPENSSLDIR}" STREQUAL "") | ||||
| 	add_definitions(-DOPENSSLDIR=\"${OPENSSLDIR}\") | ||||
| else() | ||||
| 	add_definitions(-DOPENSSLDIR=\"${CMAKE_INSTALL_PREFIX}/etc/ssl\") | ||||
| endif() | ||||
|  | ||||
| file(READ ${CMAKE_CURRENT_SOURCE_DIR}/crypto.sym SYMS) | ||||
| foreach(SYM IN LISTS CRYPTO_UNEXPORT) | ||||
| 	string(REPLACE "${SYM}\n" "" SYMS ${SYMS}) | ||||
| endforeach() | ||||
| file(WRITE ${CMAKE_CURRENT_SOURCE_DIR}/crypto_p.sym ${SYMS}) | ||||
| if(EXTRA_EXPORT) | ||||
| 	list(SORT EXTRA_EXPORT) | ||||
| 	foreach(SYM IN LISTS EXTRA_EXPORT) | ||||
| 		file(APPEND ${CMAKE_CURRENT_SOURCE_DIR}/crypto_p.sym "${SYM}\n") | ||||
| 	endforeach() | ||||
| endif() | ||||
|  | ||||
| add_library(crypto-objects OBJECT ${CRYPTO_SRC}) | ||||
| if (BUILD_SHARED) | ||||
| 	add_library(crypto-objects OBJECT ${CRYPTO_SRC}) | ||||
| 	add_library(crypto STATIC $<TARGET_OBJECTS:crypto-objects>) | ||||
| 	add_library(crypto-shared SHARED $<TARGET_OBJECTS:crypto-objects>) | ||||
| 	if (MSVC) | ||||
| 		target_link_libraries(crypto-shared crypto Ws2_32.lib) | ||||
| 	export_symbol(crypto-shared ${CMAKE_CURRENT_SOURCE_DIR}/crypto_p.sym) | ||||
| 	if (WIN32) | ||||
| 		target_link_libraries(crypto-shared Ws2_32.lib) | ||||
| 		set(CRYPTO_POSTFIX -${CRYPTO_MAJOR_VERSION}) | ||||
| 	endif() | ||||
| 	set_target_properties(crypto-shared PROPERTIES OUTPUT_NAME crypto) | ||||
| 	set_target_properties(crypto-shared PROPERTIES | ||||
| 		OUTPUT_NAME crypto${CRYPTO_POSTFIX} | ||||
| 		ARCHIVE_OUTPUT_NAME crypto${CRYPTO_POSTFIX}) | ||||
| 	set_target_properties(crypto-shared PROPERTIES VERSION | ||||
| 		${CRYPTO_VERSION} SOVERSION ${CRYPTO_MAJOR_VERSION}) | ||||
| 	install(TARGETS crypto crypto-shared DESTINATION lib) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS crypto crypto-shared DESTINATION ${CMAKE_INSTALL_LIBDIR}) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| else() | ||||
| 	add_library(crypto STATIC ${CRYPTO_SRC}) | ||||
| 	install(TARGETS crypto DESTINATION lib) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS crypto DESTINATION ${CMAKE_INSTALL_LIBDIR}) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| endif() | ||||
|  | ||||
|   | ||||
| @@ -1,6 +1,7 @@ | ||||
| include $(top_srcdir)/Makefile.am.common | ||||
|  | ||||
| AM_CPPFLAGS += -I$(top_srcdir)/crypto/asn1 | ||||
| AM_CPPFLAGS += -I$(top_srcdir)/crypto/bn | ||||
| AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp | ||||
| AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes | ||||
| AM_CPPFLAGS += -I$(top_srcdir)/crypto | ||||
| @@ -9,11 +10,89 @@ lib_LTLIBRARIES = libcrypto.la | ||||
|  | ||||
| EXTRA_DIST = VERSION | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
| EXTRA_DIST += crypto.sym | ||||
|  | ||||
| # needed for a CMake target | ||||
| EXTRA_DIST += compat/strcasecmp.c | ||||
|  | ||||
| libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@ -no-undefined | ||||
| BUILT_SOURCES = crypto_portable.sym | ||||
| CLEANFILES = crypto_portable.sym | ||||
|  | ||||
| crypto_portable.sym: | ||||
| 	-echo "generating crypto_portable.sym ..." | ||||
| 	-cp $(top_srcdir)/crypto/crypto.sym crypto_portable.sym | ||||
| 	-chmod u+w crypto_portable.sym | ||||
| if !HAVE_ARC4RANDOM_BUF | ||||
| 	-echo arc4random >> crypto_portable.sym | ||||
| 	-echo arc4random_buf >> crypto_portable.sym | ||||
| 	-echo arc4random_uniform >> crypto_portable.sym | ||||
| if !HAVE_GETENTROPY | ||||
| 	-echo getentropy >> crypto_portable.sym | ||||
| endif | ||||
| endif | ||||
| if !HAVE_ASPRINTF | ||||
| 	-echo asprintf >> crypto_portable.sym | ||||
| 	-echo vasprintf >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_EXPLICIT_BZERO | ||||
| 	-echo explicit_bzero >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_FREEZERO | ||||
| 	-echo freezero >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_INET_PTON | ||||
| 	-echo inet_pton >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_REALLOCARRAY | ||||
| 	-echo reallocarray >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_RECALLOCARRAY | ||||
| 	-echo recallocarray >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_STRLCAT | ||||
| 	-echo strlcat >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_STRLCPY | ||||
| 	-echo strlcpy >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_STRNDUP | ||||
| 	-echo strndup >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_STRNLEN | ||||
| 	-echo strnlen >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_STRSEP | ||||
| 	-echo strsep >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_TIMEGM | ||||
| 	-echo timegm >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_TIMINGSAFE_BCMP | ||||
| 	-echo timingsafe_bcmp >> crypto_portable.sym | ||||
| endif | ||||
| if !HAVE_TIMINGSAFE_MEMCMP | ||||
| 	-echo timingsafe_memcmp >> crypto_portable.sym | ||||
| endif | ||||
| if HOST_CPU_IS_INTEL | ||||
| 	-echo OPENSSL_ia32cap_P >> crypto_portable.sym | ||||
| endif | ||||
| if HOST_WIN | ||||
| 	-echo posix_perror >> crypto_portable.sym | ||||
| 	-echo posix_fopen >> crypto_portable.sym | ||||
| 	-echo posix_fgets >> crypto_portable.sym | ||||
| 	-echo posix_open >> crypto_portable.sym | ||||
| 	-echo posix_rename >> crypto_portable.sym | ||||
| 	-echo posix_connect >> crypto_portable.sym | ||||
| 	-echo posix_close >> crypto_portable.sym | ||||
| 	-echo posix_read >> crypto_portable.sym | ||||
| 	-echo posix_write >> crypto_portable.sym | ||||
| 	-echo posix_getsockopt >> crypto_portable.sym | ||||
| 	-echo posix_setsockopt >> crypto_portable.sym | ||||
| 	-grep -v BIO_s_log crypto_portable.sym > crypto_portable.sym.tmp | ||||
| 	-mv crypto_portable.sym.tmp crypto_portable.sym | ||||
| endif | ||||
|  | ||||
| libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@ -no-undefined -export-symbols crypto_portable.sym | ||||
| libcrypto_la_LIBADD = libcompat.la | ||||
| if !HAVE_EXPLICIT_BZERO | ||||
| libcrypto_la_LIBADD += libcompatnoopt.la | ||||
| @@ -71,10 +150,22 @@ libcompat_la_SOURCES += compat/strnlen.c | ||||
| endif | ||||
| endif | ||||
|  | ||||
| if !HAVE_STRSEP | ||||
| libcompat_la_SOURCES += compat/strsep.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_ASPRINTF | ||||
| libcompat_la_SOURCES += compat/bsd-asprintf.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_FREEZERO | ||||
| libcompat_la_SOURCES += compat/freezero.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_GETPAGESIZE | ||||
| libcompat_la_SOURCES += compat/getpagesize.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_INET_PTON | ||||
| libcompat_la_SOURCES += compat/inet_pton.c | ||||
| endif | ||||
| @@ -87,6 +178,10 @@ if !HAVE_REALLOCARRAY | ||||
| libcompat_la_SOURCES += compat/reallocarray.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_RECALLOCARRAY | ||||
| libcompat_la_SOURCES += compat/recallocarray.c | ||||
| endif | ||||
|  | ||||
| if !HAVE_TIMINGSAFE_MEMCMP | ||||
| libcompat_la_SOURCES += compat/timingsafe_memcmp.c | ||||
| endif | ||||
| @@ -133,6 +228,7 @@ noinst_HEADERS += constant_time_locl.h | ||||
| noinst_HEADERS += cryptlib.h | ||||
| noinst_HEADERS += md32_common.h | ||||
| noinst_HEADERS += o_time.h | ||||
| noinst_HEADERS += x86_arch.h | ||||
|  | ||||
| # aes | ||||
| libcrypto_la_SOURCES += aes/aes_cfb.c | ||||
| @@ -342,6 +438,12 @@ libcrypto_la_SOURCES += conf/conf_mod.c | ||||
| libcrypto_la_SOURCES += conf/conf_sap.c | ||||
| noinst_HEADERS += conf/conf_def.h | ||||
|  | ||||
| # curve25519 | ||||
| libcrypto_la_SOURCES += curve25519/curve25519-generic.c | ||||
| libcrypto_la_SOURCES += curve25519/curve25519.c | ||||
| noinst_HEADERS += curve25519/curve25519_internal.h | ||||
|  | ||||
|  | ||||
| # des | ||||
| libcrypto_la_SOURCES += des/cbc_cksm.c | ||||
| libcrypto_la_SOURCES += des/cbc_enc.c | ||||
| @@ -422,6 +524,10 @@ libcrypto_la_SOURCES += ec/ec_print.c | ||||
| libcrypto_la_SOURCES += ec/eck_prn.c | ||||
| libcrypto_la_SOURCES += ec/ecp_mont.c | ||||
| libcrypto_la_SOURCES += ec/ecp_nist.c | ||||
| libcrypto_la_SOURCES += ec/ecp_nistp224.c | ||||
| libcrypto_la_SOURCES += ec/ecp_nistp256.c | ||||
| libcrypto_la_SOURCES += ec/ecp_nistp521.c | ||||
| libcrypto_la_SOURCES += ec/ecp_nistputil.c | ||||
| libcrypto_la_SOURCES += ec/ecp_oct.c | ||||
| libcrypto_la_SOURCES += ec/ecp_smpl.c | ||||
| noinst_HEADERS += ec/ec_lcl.h | ||||
| @@ -510,6 +616,7 @@ libcrypto_la_SOURCES += evp/m_gost2814789.c | ||||
| libcrypto_la_SOURCES += evp/m_gostr341194.c | ||||
| libcrypto_la_SOURCES += evp/m_md4.c | ||||
| libcrypto_la_SOURCES += evp/m_md5.c | ||||
| libcrypto_la_SOURCES += evp/m_md5_sha1.c | ||||
| libcrypto_la_SOURCES += evp/m_null.c | ||||
| libcrypto_la_SOURCES += evp/m_ripemd.c | ||||
| libcrypto_la_SOURCES += evp/m_sha1.c | ||||
| @@ -550,6 +657,9 @@ noinst_HEADERS += gost/gost.h | ||||
| noinst_HEADERS += gost/gost_asn1.h | ||||
| noinst_HEADERS += gost/gost_locl.h | ||||
|  | ||||
| # hkdf | ||||
| libcrypto_la_SOURCES += hkdf/hkdf.c | ||||
|  | ||||
| # hmac | ||||
| libcrypto_la_SOURCES += hmac/hm_ameth.c | ||||
| libcrypto_la_SOURCES += hmac/hm_pmeth.c | ||||
| @@ -563,9 +673,6 @@ libcrypto_la_SOURCES += idea/i_ofb64.c | ||||
| libcrypto_la_SOURCES += idea/i_skey.c | ||||
| noinst_HEADERS += idea/idea_lcl.h | ||||
|  | ||||
| # krb5 | ||||
| libcrypto_la_SOURCES += krb5/krb5_asn.c | ||||
|  | ||||
| # lhash | ||||
| libcrypto_la_SOURCES += lhash/lh_stats.c | ||||
| libcrypto_la_SOURCES += lhash/lhash.c | ||||
| @@ -769,6 +876,7 @@ libcrypto_la_SOURCES += x509/x509spki.c | ||||
| libcrypto_la_SOURCES += x509/x509type.c | ||||
| libcrypto_la_SOURCES += x509/x_all.c | ||||
| noinst_HEADERS += x509/x509_lcl.h | ||||
| noinst_HEADERS += x509/vpm_int.h | ||||
|  | ||||
| # x509v3 | ||||
| libcrypto_la_SOURCES += x509v3/pcy_cache.c | ||||
|   | ||||
| @@ -1,22 +1,22 @@ | ||||
|  | ||||
| ASM_X86_64_ELF = aes/aes-elf-x86_64.s | ||||
| ASM_X86_64_ELF += aes/bsaes-elf-x86_64.s | ||||
| ASM_X86_64_ELF += aes/vpaes-elf-x86_64.s | ||||
| ASM_X86_64_ELF += aes/aesni-elf-x86_64.s | ||||
| ASM_X86_64_ELF += aes/aesni-sha1-elf-x86_64.s | ||||
| ASM_X86_64_ELF += bn/modexp512-elf-x86_64.s | ||||
| ASM_X86_64_ELF += bn/mont-elf-x86_64.s | ||||
| ASM_X86_64_ELF += bn/mont5-elf-x86_64.s | ||||
| ASM_X86_64_ELF += bn/gf2m-elf-x86_64.s | ||||
| ASM_X86_64_ELF += camellia/cmll-elf-x86_64.s | ||||
| ASM_X86_64_ELF += md5/md5-elf-x86_64.s | ||||
| ASM_X86_64_ELF += modes/ghash-elf-x86_64.s | ||||
| ASM_X86_64_ELF += rc4/rc4-elf-x86_64.s | ||||
| ASM_X86_64_ELF += rc4/rc4-md5-elf-x86_64.s | ||||
| ASM_X86_64_ELF += sha/sha1-elf-x86_64.s | ||||
| ASM_X86_64_ELF = aes/aes-elf-x86_64.S | ||||
| ASM_X86_64_ELF += aes/bsaes-elf-x86_64.S | ||||
| ASM_X86_64_ELF += aes/vpaes-elf-x86_64.S | ||||
| ASM_X86_64_ELF += aes/aesni-elf-x86_64.S | ||||
| ASM_X86_64_ELF += aes/aesni-sha1-elf-x86_64.S | ||||
| ASM_X86_64_ELF += bn/modexp512-elf-x86_64.S | ||||
| ASM_X86_64_ELF += bn/mont-elf-x86_64.S | ||||
| ASM_X86_64_ELF += bn/mont5-elf-x86_64.S | ||||
| ASM_X86_64_ELF += bn/gf2m-elf-x86_64.S | ||||
| ASM_X86_64_ELF += camellia/cmll-elf-x86_64.S | ||||
| ASM_X86_64_ELF += md5/md5-elf-x86_64.S | ||||
| ASM_X86_64_ELF += modes/ghash-elf-x86_64.S | ||||
| ASM_X86_64_ELF += rc4/rc4-elf-x86_64.S | ||||
| ASM_X86_64_ELF += rc4/rc4-md5-elf-x86_64.S | ||||
| ASM_X86_64_ELF += sha/sha1-elf-x86_64.S | ||||
| ASM_X86_64_ELF += sha/sha256-elf-x86_64.S | ||||
| ASM_X86_64_ELF += sha/sha512-elf-x86_64.S | ||||
| ASM_X86_64_ELF += whrlpool/wp-elf-x86_64.s | ||||
| ASM_X86_64_ELF += whrlpool/wp-elf-x86_64.S | ||||
| ASM_X86_64_ELF += cpuid-elf-x86_64.S | ||||
|  | ||||
| EXTRA_DIST += $(ASM_X86_64_ELF) | ||||
|   | ||||
| @@ -1,22 +1,22 @@ | ||||
|  | ||||
| ASM_X86_64_MACOSX = aes/aes-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += aes/bsaes-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += aes/vpaes-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += aes/aesni-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += aes/aesni-sha1-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += bn/modexp512-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += bn/mont-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += bn/mont5-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += bn/gf2m-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += camellia/cmll-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += md5/md5-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += modes/ghash-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += rc4/rc4-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += rc4/rc4-md5-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += sha/sha1-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX = aes/aes-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += aes/bsaes-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += aes/vpaes-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += aes/aesni-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += aes/aesni-sha1-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += bn/modexp512-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += bn/mont-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += bn/mont5-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += bn/gf2m-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += camellia/cmll-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += md5/md5-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += modes/ghash-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += rc4/rc4-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += rc4/rc4-md5-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += sha/sha1-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += sha/sha256-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += sha/sha512-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += whrlpool/wp-macosx-x86_64.s | ||||
| ASM_X86_64_MACOSX += whrlpool/wp-macosx-x86_64.S | ||||
| ASM_X86_64_MACOSX += cpuid-macosx-x86_64.S | ||||
|  | ||||
| EXTRA_DIST += $(ASM_X86_64_MACOSX) | ||||
|   | ||||
| @@ -23,8 +23,8 @@ BIO_sock_init(void) | ||||
| 	if (!wsa_init_done) { | ||||
| 		if (WSAStartup(version_requested, &wsa_state) != 0) { | ||||
| 			int err = WSAGetLastError(); | ||||
| 			SYSerr(SYS_F_WSASTARTUP, err); | ||||
| 			BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP); | ||||
| 			SYSerror(err); | ||||
| 			BIOerror(BIO_R_WSASTARTUP); | ||||
| 			return (-1); | ||||
| 		} | ||||
| 		wsa_init_done = 1; | ||||
|   | ||||
							
								
								
									
										32
									
								
								crypto/compat/freezero.c
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								crypto/compat/freezero.c
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| /* | ||||
|  * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net> | ||||
|  * Copyright (c) 2012 Matthew Dempsky <matthew@openbsd.org> | ||||
|  * Copyright (c) 2008 Damien Miller <djm@openbsd.org> | ||||
|  * Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org> | ||||
|  * | ||||
|  * Permission to use, copy, modify, and distribute this software for any | ||||
|  * purpose with or without fee is hereby granted, provided that the above | ||||
|  * copyright notice and this permission notice appear in all copies. | ||||
|  * | ||||
|  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||||
|  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||||
|  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||||
|  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||||
|  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||||
|  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||||
|  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||||
|  */ | ||||
|  | ||||
| #include <string.h> | ||||
| #include <stdlib.h> | ||||
|  | ||||
| void | ||||
| freezero(void *ptr, size_t sz) | ||||
| { | ||||
| 	/* This is legal. */ | ||||
| 	if (ptr == NULL) | ||||
| 		return; | ||||
|  | ||||
| 	explicit_bzero(ptr, sz); | ||||
| 	free(ptr); | ||||
| } | ||||
							
								
								
									
										18
									
								
								crypto/compat/getpagesize.c
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								crypto/compat/getpagesize.c
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | ||||
| /* $OpenBSD$ */ | ||||
|  | ||||
| #include <unistd.h> | ||||
|  | ||||
| #ifdef _MSC_VER | ||||
| #include <windows.h> | ||||
| #endif | ||||
|  | ||||
| int | ||||
| getpagesize(void) { | ||||
| #ifdef _MSC_VER | ||||
| 	SYSTEM_INFO system_info; | ||||
| 	GetSystemInfo(&system_info); | ||||
| 	return system_info.dwPageSize; | ||||
| #else | ||||
| 	return sysconf(_SC_PAGESIZE); | ||||
| #endif | ||||
| } | ||||
| @@ -1,212 +0,0 @@ | ||||
| /*	$OpenBSD: inet_pton.c,v 1.9 2015/01/16 16:48:51 deraadt Exp $	*/ | ||||
|  | ||||
| /* Copyright (c) 1996 by Internet Software Consortium. | ||||
|  * | ||||
|  * Permission to use, copy, modify, and distribute this software for any | ||||
|  * purpose with or without fee is hereby granted, provided that the above | ||||
|  * copyright notice and this permission notice appear in all copies. | ||||
|  * | ||||
|  * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS | ||||
|  * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES | ||||
|  * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE | ||||
|  * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL | ||||
|  * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR | ||||
|  * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS | ||||
|  * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS | ||||
|  * SOFTWARE. | ||||
|  */ | ||||
|  | ||||
| #include <sys/types.h> | ||||
| #include <sys/socket.h> | ||||
| #include <netinet/in.h> | ||||
| #include <arpa/inet.h> | ||||
| #include <arpa/nameser.h> | ||||
| #include <string.h> | ||||
| #include <errno.h> | ||||
|  | ||||
| /* | ||||
|  * WARNING: Don't even consider trying to compile this on a system where | ||||
|  * sizeof(int) < 4.  sizeof(int) > 4 is fine; all the world's not a VAX. | ||||
|  */ | ||||
|  | ||||
| static int	inet_pton4(const char *src, u_char *dst); | ||||
| static int	inet_pton6(const char *src, u_char *dst); | ||||
|  | ||||
| /* int | ||||
|  * inet_pton(af, src, dst) | ||||
|  *	convert from presentation format (which usually means ASCII printable) | ||||
|  *	to network format (which is usually some kind of binary format). | ||||
|  * return: | ||||
|  *	1 if the address was valid for the specified address family | ||||
|  *	0 if the address wasn't valid (`dst' is untouched in this case) | ||||
|  *	-1 if some other error occurred (`dst' is untouched in this case, too) | ||||
|  * author: | ||||
|  *	Paul Vixie, 1996. | ||||
|  */ | ||||
| int | ||||
| inet_pton(int af, const char *src, void *dst) | ||||
| { | ||||
| 	switch (af) { | ||||
| 	case AF_INET: | ||||
| 		return (inet_pton4(src, dst)); | ||||
| 	case AF_INET6: | ||||
| 		return (inet_pton6(src, dst)); | ||||
| 	default: | ||||
| 		errno = EAFNOSUPPORT; | ||||
| 		return (-1); | ||||
| 	} | ||||
| 	/* NOTREACHED */ | ||||
| } | ||||
|  | ||||
| /* int | ||||
|  * inet_pton4(src, dst) | ||||
|  *	like inet_aton() but without all the hexadecimal and shorthand. | ||||
|  * return: | ||||
|  *	1 if `src' is a valid dotted quad, else 0. | ||||
|  * notice: | ||||
|  *	does not touch `dst' unless it's returning 1. | ||||
|  * author: | ||||
|  *	Paul Vixie, 1996. | ||||
|  */ | ||||
| static int | ||||
| inet_pton4(const char *src, u_char *dst) | ||||
| { | ||||
| 	static const char digits[] = "0123456789"; | ||||
| 	int saw_digit, octets, ch; | ||||
| 	u_char tmp[INADDRSZ], *tp; | ||||
|  | ||||
| 	saw_digit = 0; | ||||
| 	octets = 0; | ||||
| 	*(tp = tmp) = 0; | ||||
| 	while ((ch = *src++) != '\0') { | ||||
| 		const char *pch; | ||||
|  | ||||
| 		if ((pch = strchr(digits, ch)) != NULL) { | ||||
| 			u_int new = *tp * 10 + (pch - digits); | ||||
|  | ||||
| 			if (new > 255) | ||||
| 				return (0); | ||||
| 			if (! saw_digit) { | ||||
| 				if (++octets > 4) | ||||
| 					return (0); | ||||
| 				saw_digit = 1; | ||||
| 			} | ||||
| 			*tp = new; | ||||
| 		} else if (ch == '.' && saw_digit) { | ||||
| 			if (octets == 4) | ||||
| 				return (0); | ||||
| 			*++tp = 0; | ||||
| 			saw_digit = 0; | ||||
| 		} else | ||||
| 			return (0); | ||||
| 	} | ||||
| 	if (octets < 4) | ||||
| 		return (0); | ||||
|  | ||||
| 	memcpy(dst, tmp, INADDRSZ); | ||||
| 	return (1); | ||||
| } | ||||
|  | ||||
| /* int | ||||
|  * inet_pton6(src, dst) | ||||
|  *	convert presentation level address to network order binary form. | ||||
|  * return: | ||||
|  *	1 if `src' is a valid [RFC1884 2.2] address, else 0. | ||||
|  * notice: | ||||
|  *	does not touch `dst' unless it's returning 1. | ||||
|  * credit: | ||||
|  *	inspired by Mark Andrews. | ||||
|  * author: | ||||
|  *	Paul Vixie, 1996. | ||||
|  */ | ||||
| static int | ||||
| inet_pton6(const char *src, u_char *dst) | ||||
| { | ||||
| 	static const char xdigits_l[] = "0123456789abcdef", | ||||
| 			  xdigits_u[] = "0123456789ABCDEF"; | ||||
| 	u_char tmp[IN6ADDRSZ], *tp, *endp, *colonp; | ||||
| 	const char *xdigits, *curtok; | ||||
| 	int ch, saw_xdigit, count_xdigit; | ||||
| 	u_int val; | ||||
|  | ||||
| 	memset((tp = tmp), '\0', IN6ADDRSZ); | ||||
| 	endp = tp + IN6ADDRSZ; | ||||
| 	colonp = NULL; | ||||
| 	/* Leading :: requires some special handling. */ | ||||
| 	if (*src == ':') | ||||
| 		if (*++src != ':') | ||||
| 			return (0); | ||||
| 	curtok = src; | ||||
| 	saw_xdigit = count_xdigit = 0; | ||||
| 	val = 0; | ||||
| 	while ((ch = *src++) != '\0') { | ||||
| 		const char *pch; | ||||
|  | ||||
| 		if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL) | ||||
| 			pch = strchr((xdigits = xdigits_u), ch); | ||||
| 		if (pch != NULL) { | ||||
| 			if (count_xdigit >= 4) | ||||
| 				return (0); | ||||
| 			val <<= 4; | ||||
| 			val |= (pch - xdigits); | ||||
| 			if (val > 0xffff) | ||||
| 				return (0); | ||||
| 			saw_xdigit = 1; | ||||
| 			count_xdigit++; | ||||
| 			continue; | ||||
| 		} | ||||
| 		if (ch == ':') { | ||||
| 			curtok = src; | ||||
| 			if (!saw_xdigit) { | ||||
| 				if (colonp) | ||||
| 					return (0); | ||||
| 				colonp = tp; | ||||
| 				continue; | ||||
| 			} else if (*src == '\0') { | ||||
| 				return (0); | ||||
| 			} | ||||
| 			if (tp + INT16SZ > endp) | ||||
| 				return (0); | ||||
| 			*tp++ = (u_char) (val >> 8) & 0xff; | ||||
| 			*tp++ = (u_char) val & 0xff; | ||||
| 			saw_xdigit = 0; | ||||
| 			count_xdigit = 0; | ||||
| 			val = 0; | ||||
| 			continue; | ||||
| 		} | ||||
| 		if (ch == '.' && ((tp + INADDRSZ) <= endp) && | ||||
| 		    inet_pton4(curtok, tp) > 0) { | ||||
| 			tp += INADDRSZ; | ||||
| 			saw_xdigit = 0; | ||||
| 			count_xdigit = 0; | ||||
| 			break;	/* '\0' was seen by inet_pton4(). */ | ||||
| 		} | ||||
| 		return (0); | ||||
| 	} | ||||
| 	if (saw_xdigit) { | ||||
| 		if (tp + INT16SZ > endp) | ||||
| 			return (0); | ||||
| 		*tp++ = (u_char) (val >> 8) & 0xff; | ||||
| 		*tp++ = (u_char) val & 0xff; | ||||
| 	} | ||||
| 	if (colonp != NULL) { | ||||
| 		/* | ||||
| 		 * Since some memmove()'s erroneously fail to handle | ||||
| 		 * overlapping regions, we'll do the shift by hand. | ||||
| 		 */ | ||||
| 		const int n = tp - colonp; | ||||
| 		int i; | ||||
|  | ||||
| 		if (tp == endp) | ||||
| 			return (0); | ||||
| 		for (i = 1; i <= n; i++) { | ||||
| 			endp[- i] = colonp[n - i]; | ||||
| 			colonp[n - i] = 0; | ||||
| 		} | ||||
| 		tp = endp; | ||||
| 	} | ||||
| 	if (tp != endp) | ||||
| 		return (0); | ||||
| 	memcpy(dst, tmp, IN6ADDRSZ); | ||||
| 	return (1); | ||||
| } | ||||
| @@ -12,6 +12,7 @@ | ||||
| #include <ws2tcpip.h> | ||||
|  | ||||
| #include <errno.h> | ||||
| #include <fcntl.h> | ||||
| #include <stdint.h> | ||||
| #include <stdio.h> | ||||
| #include <stdlib.h> | ||||
| @@ -39,6 +40,28 @@ posix_fopen(const char *path, const char *mode) | ||||
| 	return fopen(path, mode); | ||||
| } | ||||
|  | ||||
| int | ||||
| posix_open(const char *path, ...) | ||||
| { | ||||
| 	va_list ap; | ||||
| 	int mode = 0; | ||||
| 	int flags; | ||||
|  | ||||
| 	va_start(ap, path); | ||||
| 	flags = va_arg(ap, int); | ||||
| 	if (flags & O_CREAT) | ||||
| 		mode = va_arg(ap, int); | ||||
| 	va_end(ap); | ||||
|  | ||||
| 	flags |= O_BINARY; | ||||
| 	if (flags & O_CLOEXEC) { | ||||
| 		flags &= ~O_CLOEXEC; | ||||
| 		flags |= O_NOINHERIT; | ||||
| 	} | ||||
| 	flags &= ~O_NONBLOCK; | ||||
| 	return open(path, flags, mode); | ||||
| } | ||||
|  | ||||
| char * | ||||
| posix_fgets(char *s, int size, FILE *stream) | ||||
| { | ||||
| @@ -109,6 +132,9 @@ wsa_errno(int err) | ||||
| 	case WSAEAFNOSUPPORT: | ||||
| 		errno = EAFNOSUPPORT; | ||||
| 		break; | ||||
| 	case WSAEBADF: | ||||
| 		errno = EBADF; | ||||
| 		break; | ||||
| 	case WSAENETRESET: | ||||
| 	case WSAENOTCONN: | ||||
| 	case WSAECONNABORTED: | ||||
| @@ -135,7 +161,7 @@ posix_close(int fd) | ||||
| { | ||||
| 	if (closesocket(fd) == SOCKET_ERROR) { | ||||
| 		int err = WSAGetLastError(); | ||||
| 		return err == WSAENOTSOCK ? | ||||
| 		return (err == WSAENOTSOCK || err == WSAEBADF) ? | ||||
| 			close(fd) : wsa_errno(err); | ||||
| 	} | ||||
| 	return 0; | ||||
| @@ -147,7 +173,7 @@ posix_read(int fd, void *buf, size_t count) | ||||
| 	ssize_t rc = recv(fd, buf, count, 0); | ||||
| 	if (rc == SOCKET_ERROR) { | ||||
| 		int err = WSAGetLastError(); | ||||
| 		return err == WSAENOTSOCK ? | ||||
| 		return (err == WSAENOTSOCK || err == WSAEBADF) ? | ||||
| 			read(fd, buf, count) : wsa_errno(err); | ||||
| 	} | ||||
| 	return rc; | ||||
| @@ -159,7 +185,7 @@ posix_write(int fd, const void *buf, size_t count) | ||||
| 	ssize_t rc = send(fd, buf, count, 0); | ||||
| 	if (rc == SOCKET_ERROR) { | ||||
| 		int err = WSAGetLastError(); | ||||
| 		return err == WSAENOTSOCK ? | ||||
| 		return (err == WSAENOTSOCK || err == WSAEBADF) ? | ||||
| 			write(fd, buf, count) : wsa_errno(err); | ||||
| 	} | ||||
| 	return rc; | ||||
|   | ||||
							
								
								
									
										2
									
								
								dist.sh
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								dist.sh
									
									
									
									
									
								
							| @@ -4,4 +4,4 @@ set -e | ||||
| rm -f man/*.1 man/*.3 include/openssl/*.h | ||||
| ./autogen.sh | ||||
| ./configure | ||||
| make distcheck | ||||
| make -j2 distcheck | ||||
|   | ||||
| @@ -1,5 +1,7 @@ | ||||
| install(DIRECTORY . | ||||
|         DESTINATION include | ||||
|         PATTERN "CMakeLists.txt" EXCLUDE | ||||
|         PATTERN "compat" EXCLUDE | ||||
|         PATTERN "Makefile.*" EXCLUDE) | ||||
| if(ENABLE_LIBRESSL_INSTALL) | ||||
| 	install(DIRECTORY . | ||||
| 	        DESTINATION ${CMAKE_INSTALL_INCLUDEDIR} | ||||
| 	        PATTERN "CMakeLists.txt" EXCLUDE | ||||
| 	        PATTERN "compat" EXCLUDE | ||||
| 	        PATTERN "Makefile*" EXCLUDE) | ||||
| endif(ENABLE_LIBRESSL_INSTALL) | ||||
|   | ||||
| @@ -8,6 +8,7 @@ noinst_HEADERS = pqueue.h | ||||
| noinst_HEADERS += compat/dirent.h | ||||
| noinst_HEADERS += compat/dirent_msvc.h | ||||
| noinst_HEADERS += compat/err.h | ||||
| noinst_HEADERS += compat/fcntl.h | ||||
| noinst_HEADERS += compat/limits.h | ||||
| noinst_HEADERS += compat/netdb.h | ||||
| noinst_HEADERS += compat/poll.h | ||||
| @@ -29,7 +30,6 @@ noinst_HEADERS += compat/netinet/in.h | ||||
| noinst_HEADERS += compat/netinet/ip.h | ||||
| noinst_HEADERS += compat/netinet/tcp.h | ||||
|  | ||||
| noinst_HEADERS += compat/sys/cdefs.h | ||||
| noinst_HEADERS += compat/sys/ioctl.h | ||||
| noinst_HEADERS += compat/sys/mman.h | ||||
| noinst_HEADERS += compat/sys/param.h | ||||
|   | ||||
| @@ -14,6 +14,10 @@ | ||||
|  | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_INET_NTOP | ||||
| const char * inet_ntop(int af, const void *src, char *dst, socklen_t size); | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_INET_PTON | ||||
| int inet_pton(int af, const char * src, void * dst); | ||||
| #endif | ||||
|   | ||||
| @@ -18,6 +18,11 @@ | ||||
| #include <stdio.h> | ||||
| #include <string.h> | ||||
|  | ||||
| #if defined(_MSC_VER) | ||||
| __declspec(noreturn) | ||||
| #else | ||||
| __attribute__((noreturn)) | ||||
| #endif | ||||
| static inline void | ||||
| err(int eval, const char *fmt, ...) | ||||
| { | ||||
| @@ -34,6 +39,11 @@ err(int eval, const char *fmt, ...) | ||||
| 	va_end(ap); | ||||
| } | ||||
|  | ||||
| #if defined(_MSC_VER) | ||||
| __declspec(noreturn) | ||||
| #else | ||||
| __attribute__((noreturn)) | ||||
| #endif | ||||
| static inline void | ||||
| errx(int eval, const char *fmt, ...) | ||||
| { | ||||
|   | ||||
							
								
								
									
										32
									
								
								include/compat/fcntl.h
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								include/compat/fcntl.h
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| /* | ||||
|  * Public domain | ||||
|  * fcntl.h compatibility shim | ||||
|  */ | ||||
|  | ||||
| #ifndef _WIN32 | ||||
| #include_next <fcntl.h> | ||||
| #else | ||||
|  | ||||
| #ifdef _MSC_VER | ||||
| #if _MSC_VER >= 1900 | ||||
| #include <../ucrt/fcntl.h> | ||||
| #else | ||||
| #include <../include/fcntl.h> | ||||
| #endif | ||||
| #else | ||||
| #include_next <fcntl.h> | ||||
| #endif | ||||
|  | ||||
| #endif | ||||
|  | ||||
| #ifndef O_NONBLOCK | ||||
| #define O_NONBLOCK      0x100000 | ||||
| #endif | ||||
|  | ||||
| #ifndef O_CLOEXEC | ||||
| #define O_CLOEXEC       0x200000 | ||||
| #endif | ||||
|  | ||||
| #ifndef FD_CLOEXEC | ||||
| #define FD_CLOEXEC      1 | ||||
| #endif | ||||
| @@ -5,6 +5,14 @@ | ||||
|  | ||||
| #ifdef _MSC_VER | ||||
| #include <../include/limits.h> | ||||
| #if _MSC_VER >= 1900 | ||||
| #include <../ucrt/stdlib.h> | ||||
| #else | ||||
| #include <../include/stdlib.h> | ||||
| #endif | ||||
| #ifndef PATH_MAX | ||||
| #define PATH_MAX _MAX_PATH | ||||
| #endif | ||||
| #else | ||||
| #include_next <limits.h> | ||||
| #endif | ||||
|   | ||||
| @@ -26,6 +26,10 @@ int asprintf(char **str, const char *fmt, ...); | ||||
|  | ||||
| #ifdef _WIN32 | ||||
|  | ||||
| #if defined(_MSC_VER) | ||||
| #define __func__ __FUNCTION__ | ||||
| #endif | ||||
|  | ||||
| void posix_perror(const char *s); | ||||
| FILE * posix_fopen(const char *path, const char *mode); | ||||
| char * posix_fgets(char *s, int size, FILE *stream); | ||||
|   | ||||
| @@ -25,10 +25,18 @@ void arc4random_buf(void *_buf, size_t n); | ||||
| uint32_t arc4random_uniform(uint32_t upper_bound); | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_FREEZERO | ||||
| void freezero(void *ptr, size_t sz); | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_REALLOCARRAY | ||||
| void *reallocarray(void *, size_t, size_t); | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_RECALLOCARRAY | ||||
| void *recallocarray(void *, size_t, size_t, size_t); | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_STRTONUM | ||||
| long long strtonum(const char *nptr, long long minval, | ||||
| 		long long maxval, const char **errstr); | ||||
|   | ||||
| @@ -1,31 +0,0 @@ | ||||
| /* | ||||
|  * Public domain | ||||
|  * sys/cdefs.h compatibility shim | ||||
|  */ | ||||
|  | ||||
| #ifndef LIBCRYPTOCOMPAT_SYS_CDEFS_H | ||||
| #define LIBCRYPTOCOMPAT_SYS_CDEFS_H | ||||
|  | ||||
| #ifdef _WIN32 | ||||
|  | ||||
| #define __warn_references(sym,msg) | ||||
|  | ||||
| #else | ||||
|  | ||||
| #include_next <sys/cdefs.h> | ||||
|  | ||||
| #ifndef __warn_references | ||||
|  | ||||
| #if defined(__GNUC__)  && defined (HAS_GNU_WARNING_LONG) | ||||
| #define __warn_references(sym,msg)          \ | ||||
|   __asm__(".section .gnu.warning." __STRING(sym)  \ | ||||
|          " ; .ascii \"" msg "\" ; .text"); | ||||
| #else | ||||
| #define __warn_references(sym,msg) | ||||
| #endif | ||||
|  | ||||
| #endif /* __warn_references */ | ||||
|  | ||||
| #endif /* _WIN32 */ | ||||
|  | ||||
| #endif /* LIBCRYPTOCOMPAT_SYS_CDEFS_H */ | ||||
| @@ -8,3 +8,10 @@ | ||||
| #else | ||||
| #include <win32netcompat.h> | ||||
| #endif | ||||
|  | ||||
| #if !defined(SOCK_NONBLOCK) || !defined(SOCK_CLOEXEC) | ||||
| #define SOCK_CLOEXEC            0x8000  /* set FD_CLOEXEC */ | ||||
| #define SOCK_NONBLOCK           0x4000  /* set O_NONBLOCK */ | ||||
| int bsd_socketpair(int domain, int type, int protocol, int socket_vector[2]); | ||||
| #define socketpair(d,t,p,sv) bsd_socketpair(d,t,p,sv) | ||||
| #endif | ||||
|   | ||||
| @@ -8,6 +8,15 @@ | ||||
|  | ||||
| #ifndef _MSC_VER | ||||
| #include_next <sys/stat.h> | ||||
|  | ||||
| /* for old MinGW */ | ||||
| #ifndef S_IRGRP | ||||
| #define S_IRGRP         0 | ||||
| #endif | ||||
| #ifndef S_IROTH | ||||
| #define S_IROTH         0 | ||||
| #endif | ||||
|  | ||||
| #else | ||||
|  | ||||
| #include <windows.h> | ||||
|   | ||||
| @@ -20,12 +20,14 @@ | ||||
|  | ||||
| #ifdef __MINGW32__ | ||||
| #include <_bsd_types.h> | ||||
| typedef uint32_t        in_addr_t; | ||||
| #endif | ||||
|  | ||||
| #ifdef _MSC_VER | ||||
| typedef unsigned char   u_char; | ||||
| typedef unsigned short  u_short; | ||||
| typedef unsigned int    u_int; | ||||
| typedef uint32_t        in_addr_t; | ||||
|  | ||||
| #include <basetsd.h> | ||||
| typedef SSIZE_T ssize_t; | ||||
| @@ -44,4 +46,25 @@ typedef SSIZE_T ssize_t; | ||||
| # define __bounded__(x, y, z) | ||||
| #endif | ||||
|  | ||||
| #ifdef _WIN32 | ||||
| #define __warn_references(sym,msg) | ||||
| #else | ||||
|  | ||||
| #ifndef __warn_references | ||||
|  | ||||
| #ifndef __STRING | ||||
| #define __STRING(x) #x | ||||
| #endif | ||||
|  | ||||
| #if defined(__GNUC__)  && defined (HAS_GNU_WARNING_LONG) | ||||
| #define __warn_references(sym,msg)          \ | ||||
|   __asm__(".section .gnu.warning." __STRING(sym)  \ | ||||
|          " ; .ascii \"" msg "\" ; .text"); | ||||
| #else | ||||
| #define __warn_references(sym,msg) | ||||
| #endif | ||||
|  | ||||
| #endif /* __warn_references */ | ||||
| #endif /* _WIN32 */ | ||||
|  | ||||
| #endif | ||||
|   | ||||
| @@ -14,6 +14,9 @@ | ||||
| #include <io.h> | ||||
| #include <process.h> | ||||
|  | ||||
| #define STDOUT_FILENO   1 | ||||
| #define STDERR_FILENO   2 | ||||
|  | ||||
| #define R_OK    4 | ||||
| #define W_OK    2 | ||||
| #define X_OK    0 | ||||
| @@ -36,6 +39,14 @@ int getentropy(void *buf, size_t buflen); | ||||
| #endif | ||||
| #endif | ||||
|  | ||||
| #ifndef HAVE_GETPAGESIZE | ||||
| int getpagesize(void); | ||||
| #endif | ||||
|  | ||||
| #define pledge(request, paths) 0 | ||||
|  | ||||
| #ifndef HAVE_PIPE2 | ||||
| int pipe2(int fildes[2], int flags); | ||||
| #endif | ||||
|  | ||||
| #endif | ||||
|   | ||||
| @@ -26,7 +26,10 @@ | ||||
|  | ||||
| int posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen); | ||||
|  | ||||
| int posix_open(const char *path, ...); | ||||
|  | ||||
| int posix_close(int fd); | ||||
|  | ||||
| ssize_t posix_read(int fd, void *buf, size_t count); | ||||
|  | ||||
| ssize_t posix_write(int fd, const void *buf, size_t count); | ||||
| @@ -39,6 +42,7 @@ int posix_setsockopt(int sockfd, int level, int optname, | ||||
|  | ||||
| #ifndef NO_REDEF_POSIX_FUNCTIONS | ||||
| #define connect(sockfd, addr, addrlen) posix_connect(sockfd, addr, addrlen) | ||||
| #define open(path, ...) posix_open(path, __VA_ARGS__) | ||||
| #define close(fd) posix_close(fd) | ||||
| #define read(fd, buf, count) posix_read(fd, buf, count) | ||||
| #define write(fd, buf, count) posix_write(fd, buf, count) | ||||
|   | ||||
| @@ -5,11 +5,11 @@ exec_prefix=@exec_prefix@ | ||||
| libdir=@libdir@ | ||||
| includedir=@includedir@ | ||||
|  | ||||
| Name: LibreSSL-libssl | ||||
| Description: Secure Sockets Layer and cryptography libraries | ||||
| Name: LibreSSL-libcrypto | ||||
| Description: LibreSSL cryptography library | ||||
| Version: @VERSION@ | ||||
| Requires: | ||||
| Conflicts: | ||||
| Libs: -L${libdir} -lcrypto | ||||
| Libs.private: @LIBS@ | ||||
| Libs.private: @LIBS@ @PLATFORM_LDADD@ | ||||
| Cflags: -I${includedir} | ||||
|   | ||||
| @@ -12,5 +12,5 @@ Requires: | ||||
| Requires.private: libcrypto | ||||
| Conflicts: | ||||
| Libs: -L${libdir} -lssl | ||||
| Libs.private: @LIBS@ -lcrypto | ||||
| Libs.private: @LIBS@ -lcrypto @PLATFORM_LDADD@ | ||||
| Cflags: -I${includedir} | ||||
|   | ||||
| @@ -8,6 +8,7 @@ libtls_la_LIBADD += $(top_builddir)/compat/libcompat.la | ||||
| libtls_la_LIBADD += $(top_builddir)/compat/libcompatnoopt.la | ||||
|  | ||||
| libtls_la_SOURCES = tls.c | ||||
| libtls_la_SOURCES += tls_bio_cb.c | ||||
| libtls_la_SOURCES += tls_client.c | ||||
| libtls_la_SOURCES += tls_config.c | ||||
| libtls_la_SOURCES += tls_server.c | ||||
|   | ||||
| @@ -12,5 +12,5 @@ Requires: | ||||
| Requires.private: libcrypto libssl | ||||
| Conflicts: | ||||
| Libs: -L${libdir} -ltls | ||||
| Libs.private: @LIBS@ -lcrypto -lssl | ||||
| Libs.private: @LIBS@ -lcrypto -lssl @PLATFORM_LDADD@ | ||||
| Cflags: -I${includedir} | ||||
|   | ||||
| @@ -2,14 +2,19 @@ AC_DEFUN([CHECK_LIBC_COMPAT], [ | ||||
| # Check for libc headers | ||||
| AC_CHECK_HEADERS([err.h readpassphrase.h]) | ||||
| # Check for general libc functions | ||||
| AC_CHECK_FUNCS([asprintf inet_pton memmem readpassphrase reallocarray]) | ||||
| AC_CHECK_FUNCS([asprintf freezero getpagesize inet_ntop inet_pton memmem]) | ||||
| AC_CHECK_FUNCS([readpassphrase reallocarray recallocarray]) | ||||
| AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum]) | ||||
| AC_CHECK_FUNCS([timegm _mkgmtime]) | ||||
| AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_FREEZERO], [test "x$ac_cv_func_freezero" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_GETPAGESIZE], [test "x$ac_cv_func_getpagesize" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_INET_NTOP], [test "x$ac_cv_func_inet_ntop" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_INET_PTON], [test "x$ac_cv_func_inet_pton" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_READPASSPHRASE], [test "x$ac_cv_func_readpassphrase" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_RECALLOCARRAY], [test "x$ac_cv_func_recallocarray" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes]) | ||||
| @@ -20,10 +25,12 @@ AM_CONDITIONAL([HAVE_TIMEGM], [test "x$ac_cv_func_timegm" = xyes]) | ||||
| ]) | ||||
|  | ||||
| AC_DEFUN([CHECK_SYSCALL_COMPAT], [ | ||||
| AC_CHECK_FUNCS([accept4 pledge poll]) | ||||
| AC_CHECK_FUNCS([accept4 pipe2 pledge poll socketpair]) | ||||
| AM_CONDITIONAL([HAVE_ACCEPT4], [test "x$ac_cv_func_accept4" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_PIPE2], [test "x$ac_cv_func_pipe2" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_PLEDGE], [test "x$ac_cv_func_pledge" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes]) | ||||
| AM_CONDITIONAL([HAVE_SOCKETPAIR], [test "x$ac_cv_func_socketpair" = xyes]) | ||||
| ]) | ||||
|  | ||||
| AC_DEFUN([CHECK_B64_NTOP], [ | ||||
|   | ||||
| @@ -106,13 +106,12 @@ char buf[1]; getentropy(buf, 1); | ||||
| 		CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS" | ||||
| 		CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0501" | ||||
| 		CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED" | ||||
| 		CFLAGS="$CFLAGS -static-libgcc" | ||||
| 		LDFLAGS="$LDFLAGS -static-libgcc" | ||||
| 		AC_SUBST([PLATFORM_LDADD], ['-lws2_32']) | ||||
| 		;; | ||||
| 	*solaris*) | ||||
| 		HOST_OS=solaris | ||||
| 		HOST_ABI=elf | ||||
| 		CFLAGS="$CFLAGS -m64" | ||||
| 		CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" | ||||
| 		AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket']) | ||||
| 		;; | ||||
|   | ||||
| @@ -1,9 +1,11 @@ | ||||
| install(DIRECTORY . | ||||
|     DESTINATION share/man/man3 | ||||
|     FILES_MATCHING PATTERN "*.3" | ||||
|     ) | ||||
| if(ENABLE_LIBRESSL_INSTALL) | ||||
| 	install(DIRECTORY . | ||||
| 	    DESTINATION ${CMAKE_INSTALL_MANDIR}/man3 | ||||
| 	    FILES_MATCHING PATTERN "*.3" | ||||
| 	    ) | ||||
|  | ||||
| install(DIRECTORY . | ||||
|     DESTINATION share/man/man1 | ||||
|     FILES_MATCHING PATTERN "*.1" | ||||
|     ) | ||||
| 	install(DIRECTORY . | ||||
| 	    DESTINATION ${CMAKE_INSTALL_MANDIR}/man1 | ||||
| 	    FILES_MATCHING PATTERN "*.1" | ||||
| 	    ) | ||||
| endif(ENABLE_LIBRESSL_INSTALL) | ||||
|   | ||||
| @@ -1,18 +1,19 @@ | ||||
| #!/bin/sh | ||||
|  | ||||
| # Run this periodically to ensure that the manpage links are up to date | ||||
| ( | ||||
|     cd /usr/src/usr.bin/mandoc/ | ||||
|     make obj | ||||
|     make cleandir | ||||
|     make depend | ||||
|     make | ||||
|     cd /usr/src/regress/usr.bin/mandoc/db/mlinks/ | ||||
|     make obj | ||||
|     make cleandir | ||||
|     make | ||||
| ) | ||||
|  | ||||
| makewhatis -a . | ||||
|  | ||||
| echo "# This is an auto-generated file by $0" > links | ||||
| doas makewhatis | ||||
| for i in `ls -1 *.3`; do | ||||
|   name=`echo $i|cut -d. -f1` | ||||
|   links=`sqlite3 /usr/share/man/mandoc.db \ | ||||
|     "select names.name from mlinks,names where mlinks.name='$name' and mlinks.pageid=names.pageid;"` | ||||
|   for j in $links; do | ||||
|     a=`echo "x$j" | tr '[:upper:]' '[:lower:]'` | ||||
|     b=`echo "x$name" | tr '[:upper:]' '[:lower:]'` | ||||
|     if [[ $a != $b && $a != *"<type>"* ]]; then | ||||
|       echo $name.3,$j.3 >> links | ||||
|     fi | ||||
|   done | ||||
| done | ||||
| /usr/src/regress/usr.bin/mandoc/db/mlinks/obj/mlinks mandoc.db | sort >> links | ||||
|   | ||||
							
								
								
									
										15
									
								
								patches/aeadtest.c.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										15
									
								
								patches/aeadtest.c.patch
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,15 @@ | ||||
| --- tests/aeadtest.c.orig	2016-10-18 17:03:33.845870889 +0900 | ||||
| +++ tests/aeadtest.c	2016-10-18 17:11:19.880841283 +0900 | ||||
| @@ -75,6 +75,12 @@ | ||||
|   | ||||
|  #define BUF_MAX 1024 | ||||
|   | ||||
| +#ifdef _MSC_VER | ||||
| +#ifdef IN | ||||
| +#undef IN | ||||
| +#endif | ||||
| +#endif | ||||
| + | ||||
|  /* These are the different types of line that are found in the input file. */ | ||||
|  enum { | ||||
|  	AEAD = 0,	/* name of the AEAD algorithm. */ | ||||
							
								
								
									
										36
									
								
								patches/bio.h.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								patches/bio.h.patch
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| --- include/openssl/bio.h.orig	Mon Oct  3 06:09:28 2016 | ||||
| +++ include/openssl/bio.h	Sun Nov  6 04:24:57 2016 | ||||
| @@ -678,8 +678,24 @@ | ||||
|  | ||||
|  /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ | ||||
|  | ||||
| +#ifdef __MINGW_PRINTF_FORMAT | ||||
|  int | ||||
|  BIO_printf(BIO *bio, const char *format, ...) | ||||
| +	__attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2))); | ||||
| +int | ||||
| +BIO_vprintf(BIO *bio, const char *format, va_list args) | ||||
| +	__attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 0), __nonnull__(2))); | ||||
| +int | ||||
| +BIO_snprintf(char *buf, size_t n, const char *format, ...) | ||||
| +	__attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 4), | ||||
| +	    __nonnull__(3))); | ||||
| +int | ||||
| +BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) | ||||
| +	__attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0), | ||||
| +	    __nonnull__(3))); | ||||
| +#else | ||||
| +int | ||||
| +BIO_printf(BIO *bio, const char *format, ...) | ||||
|  	__attribute__((__format__(__printf__, 2, 3), __nonnull__(2))); | ||||
|  int | ||||
|  BIO_vprintf(BIO *bio, const char *format, va_list args) | ||||
| @@ -692,6 +708,8 @@ | ||||
|  BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) | ||||
|  	__attribute__((__deprecated__, __format__(__printf__, 3, 0), | ||||
|  	    __nonnull__(3))); | ||||
| +#endif | ||||
| + | ||||
|  | ||||
|  /* BEGIN ERROR CODES */ | ||||
|  /* The following lines are auto generated by the script mkerr.pl. Any changes | ||||
							
								
								
									
										12
									
								
								patches/http.c.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								patches/http.c.patch
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,12 @@ | ||||
| --- apps/ocspcheck/http.c.orig	Sun Jun  4 00:45:29 2017 | ||||
| +++ apps/ocspcheck/http.c	Sun Jun  4 00:45:57 2017 | ||||
| @@ -35,7 +35,9 @@ | ||||
|  #include "http.h" | ||||
|  #include <tls.h> | ||||
|   | ||||
| +#ifndef DEFAULT_CA_FILE | ||||
|  #define DEFAULT_CA_FILE "/etc/ssl/cert.pem" | ||||
| +#endif | ||||
|   | ||||
|  /* | ||||
|   * A buffer for transferring HTTP/S data. | ||||
| @@ -1,27 +1,16 @@ | ||||
| --- apps/nc/netcat.c.orig	Mon Dec 28 08:46:10 2015 | ||||
| +++ apps/nc/netcat.c	Mon Dec 28 08:46:19 2015 | ||||
| @@ -57,6 +57,10 @@ | ||||
|  #include <tls.h> | ||||
|  #include "atomicio.h" | ||||
|   | ||||
| +#ifndef IPV6_TCLASS | ||||
| +#define IPV6_TCLASS -1 | ||||
| +#endif | ||||
| + | ||||
|  #define PORT_MAX	65535 | ||||
|  #define UNIX_DG_TMP_SOCKET_SIZE	19 | ||||
|   | ||||
| @@ -65,7 +69,9 @@ | ||||
|  #define POLL_NETIN 2 | ||||
|  #define POLL_STDOUT 3 | ||||
|  #define BUFSIZE 16384 | ||||
| --- apps/nc/netcat.c.orig	2017-07-07 00:10:09.009409624 +0900 | ||||
| +++ apps/nc/netcat.c	2017-07-07 00:30:32.380088772 +0900 | ||||
| @@ -66,7 +66,9 @@ | ||||
|  #define POLL_NETIN	2 | ||||
|  #define POLL_STDOUT	3 | ||||
|  #define BUFSIZE		16384 | ||||
| +#ifndef DEFAULT_CA_FILE | ||||
|  #define DEFAULT_CA_FILE "/etc/ssl/cert.pem" | ||||
|  #define DEFAULT_CA_FILE	"/etc/ssl/cert.pem" | ||||
| +#endif | ||||
|   | ||||
|  #define TLS_LEGACY	(1 << 1) | ||||
|  #define TLS_ALL	(1 << 1) | ||||
|  #define TLS_NOVERIFY	(1 << 2) | ||||
| @@ -92,9 +98,13 @@ | ||||
| @@ -94,9 +96,13 @@ int	zflag;					/* Port Scan Flag */ | ||||
|  int	Dflag;					/* sodebug */ | ||||
|  int	Iflag;					/* TCP receive buffer size */ | ||||
|  int	Oflag;					/* TCP send buffer size */ | ||||
| @@ -35,16 +24,7 @@ | ||||
|   | ||||
|  int	usetls;					/* use TLS */ | ||||
|  char    *Cflag;					/* Public cert file */ | ||||
| @@ -150,7 +160,7 @@ | ||||
|  	struct servent *sv; | ||||
|  	socklen_t len; | ||||
|  	struct sockaddr_storage cliaddr; | ||||
| -	char *proxy; | ||||
| +	char *proxy = NULL; | ||||
|  	const char *errstr, *proxyhost = "", *proxyport = NULL; | ||||
|  	struct addrinfo proxyhints; | ||||
|  	char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; | ||||
| @@ -251,12 +261,14 @@ | ||||
| @@ -265,12 +271,14 @@ main(int argc, char *argv[]) | ||||
|  		case 'u': | ||||
|  			uflag = 1; | ||||
|  			break; | ||||
| @@ -59,9 +39,9 @@ | ||||
|  		case 'v': | ||||
|  			vflag = 1; | ||||
|  			break; | ||||
| @@ -289,9 +301,11 @@ | ||||
|  				errx(1, "TCP send window %s: %s", | ||||
|  				    errstr, optarg); | ||||
| @@ -317,9 +325,11 @@ main(int argc, char *argv[]) | ||||
|  		case 'o': | ||||
|  			oflag = optarg; | ||||
|  			break; | ||||
| +#ifdef TCP_MD5SIG | ||||
|  		case 'S': | ||||
| @@ -71,7 +51,7 @@ | ||||
|  		case 'T': | ||||
|  			errstr = NULL; | ||||
|  			errno = 0; | ||||
| @@ -315,9 +329,11 @@ | ||||
| @@ -343,9 +353,11 @@ main(int argc, char *argv[]) | ||||
|  	argc -= optind; | ||||
|  	argv += optind; | ||||
|   | ||||
| @@ -83,31 +63,19 @@ | ||||
|   | ||||
|  	if (family == AF_UNIX) { | ||||
|  		if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) | ||||
| @@ -460,7 +476,10 @@ | ||||
|  				errx(1, "-H and -T noverify may not be used" | ||||
|  				    "together"); | ||||
|  			tls_config_insecure_noverifycert(tls_cfg); | ||||
| -		} | ||||
| +		} else { | ||||
| +                        if (Rflag && access(Rflag, R_OK) == -1) | ||||
| +                                errx(1, "unable to find root CA file %s", Rflag); | ||||
| +                } | ||||
|  	} | ||||
|  	if (lflag) { | ||||
|  		struct tls *tls_cctx = NULL; | ||||
| @@ -807,7 +826,10 @@ | ||||
| @@ -888,7 +900,10 @@ int | ||||
|  remote_connect(const char *host, const char *port, struct addrinfo hints) | ||||
|  { | ||||
|  	struct addrinfo *res, *res0; | ||||
| -	int s, error, on = 1; | ||||
| +	int s, error; | ||||
| -	int s = -1, error, on = 1, save_errno; | ||||
| +	int s = -1, error, save_errno; | ||||
| +#ifdef SO_BINDANY | ||||
| +	int on = 1; | ||||
| +#endif | ||||
|   | ||||
|  	if ((error = getaddrinfo(host, port, &hints, &res))) | ||||
|  		errx(1, "getaddrinfo: %s", gai_strerror(error)); | ||||
| @@ -822,8 +844,10 @@ | ||||
|  	if ((error = getaddrinfo(host, port, &hints, &res0))) | ||||
|  		errx(1, "getaddrinfo for host \"%s\" port %s: %s", host, | ||||
| @@ -903,8 +918,10 @@ remote_connect(const char *host, const c | ||||
|  		if (sflag || pflag) { | ||||
|  			struct addrinfo ahints, *ares; | ||||
|   | ||||
| @@ -116,22 +84,22 @@ | ||||
|  			setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on)); | ||||
| +#endif | ||||
|  			memset(&ahints, 0, sizeof(struct addrinfo)); | ||||
|  			ahints.ai_family = res0->ai_family; | ||||
|  			ahints.ai_family = res->ai_family; | ||||
|  			ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; | ||||
| @@ -892,7 +916,10 @@ | ||||
| @@ -975,7 +992,10 @@ int | ||||
|  local_listen(char *host, char *port, struct addrinfo hints) | ||||
|  { | ||||
|  	struct addrinfo *res, *res0; | ||||
| -	int s, ret, x = 1; | ||||
| +	int s; | ||||
| -	int s = -1, ret, x = 1, save_errno; | ||||
| +	int s = -1, save_errno; | ||||
| +#ifdef SO_REUSEPORT | ||||
| +	int ret, x = 1; | ||||
| +#endif | ||||
|  	int error; | ||||
|   | ||||
|  	/* Allow nodename to be null. */ | ||||
| @@ -914,9 +941,11 @@ | ||||
|  		    res0->ai_protocol)) < 0) | ||||
| @@ -996,9 +1016,11 @@ local_listen(char *host, char *port, str | ||||
|  		    res->ai_protocol)) < 0) | ||||
|  			continue; | ||||
|   | ||||
| +#ifdef SO_REUSEPORT | ||||
| @@ -140,9 +108,9 @@ | ||||
|  			err(1, NULL); | ||||
| +#endif | ||||
|   | ||||
|  		set_common_sockopts(s, res0->ai_family); | ||||
|  		set_common_sockopts(s, res->ai_family); | ||||
|   | ||||
| @@ -1356,11 +1385,13 @@ | ||||
| @@ -1454,11 +1476,13 @@ set_common_sockopts(int s, int af) | ||||
|  { | ||||
|  	int x = 1; | ||||
|   | ||||
| @@ -156,7 +124,43 @@ | ||||
|  	if (Dflag) { | ||||
|  		if (setsockopt(s, SOL_SOCKET, SO_DEBUG, | ||||
|  			&x, sizeof(x)) == -1) | ||||
| @@ -1538,14 +1569,22 @@ | ||||
| @@ -1469,9 +1493,16 @@ set_common_sockopts(int s, int af) | ||||
|  		    IP_TOS, &Tflag, sizeof(Tflag)) == -1) | ||||
|  			err(1, "set IP ToS"); | ||||
|   | ||||
| +#ifdef IPV6_TCLASS | ||||
|  		else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, | ||||
|  		    IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1) | ||||
|  			err(1, "set IPv6 traffic class"); | ||||
| +#else | ||||
| +		else if (af == AF_INET6) { | ||||
| +			errno = ENOPROTOOPT | ||||
| +			err(1, "set IPv6 traffic class not supported"); | ||||
| +		} | ||||
| +#endif | ||||
|  	} | ||||
|  	if (Iflag) { | ||||
|  		if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, | ||||
| @@ -1495,13 +1526,17 @@ set_common_sockopts(int s, int af) | ||||
|  	} | ||||
|   | ||||
|  	if (minttl != -1) { | ||||
| +#ifdef IP_MINTTL | ||||
|  		if (af == AF_INET && setsockopt(s, IPPROTO_IP, | ||||
|  		    IP_MINTTL, &minttl, sizeof(minttl))) | ||||
|  			err(1, "set IP min TTL"); | ||||
| +#endif | ||||
|   | ||||
| -		else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, | ||||
| +#ifdef IPV6_MINHOPCOUNT | ||||
| +		if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, | ||||
|  		    IPV6_MINHOPCOUNT, &minttl, sizeof(minttl))) | ||||
|  			err(1, "set IPv6 min hop count"); | ||||
| +#endif | ||||
|  	} | ||||
|  } | ||||
|   | ||||
| @@ -1709,14 +1744,22 @@ help(void) | ||||
|  	\t-P proxyuser\tUsername for proxy authentication\n\ | ||||
|  	\t-p port\t	Specify local port for remote connects\n\ | ||||
|  	\t-R CAfile	CA bundle\n\ | ||||
| @@ -164,10 +168,10 @@ | ||||
| -	\t-S		Enable the TCP MD5 signature option\n\ | ||||
| +	\t-r		Randomize remote ports\n" | ||||
| +#ifdef TCP_MD5SIG | ||||
| +        "\ | ||||
| +	"\ | ||||
| +	\t-S		Enable the TCP MD5 signature option\n" | ||||
| +#endif | ||||
| +        "\ | ||||
| +	"\ | ||||
|  	\t-s source	Local source address\n\ | ||||
|  	\t-T keyword	TOS value or TLS options\n\ | ||||
|  	\t-t		Answer TELNET negotiation\n\ | ||||
| @@ -176,10 +180,10 @@ | ||||
| -	\t-V rtable	Specify alternate routing table\n\ | ||||
| +	\t-u		UDP mode\n" | ||||
| +#ifdef SO_RTABLE | ||||
| +        "\ | ||||
| +	"\ | ||||
| +	\t-V rtable	Specify alternate routing table\n" | ||||
| +#endif | ||||
| +        "\ | ||||
| +	"\ | ||||
|  	\t-v		Verbose\n\ | ||||
|  	\t-W recvlimit	Terminate after receiving a number of packets\n\ | ||||
|  	\t-w timeout	Timeout for connects and final net reads\n\ | ||||
|  	\t-X proto	Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\ | ||||
|   | ||||
							
								
								
									
										14
									
								
								patches/ocsp_test.c.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								patches/ocsp_test.c.patch
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,14 @@ | ||||
| --- tests/ocsp_test.c.orig	2016-10-18 18:12:39.854607509 +0900 | ||||
| +++ tests/ocsp_test.c	2016-10-18 18:14:29.261600559 +0900 | ||||
| @@ -16,6 +16,11 @@ | ||||
|  	hints.ai_family = AF_INET; | ||||
|  	hints.ai_socktype = SOCK_STREAM; | ||||
|   | ||||
| +#ifdef _MSC_VER | ||||
| +	if (BIO_sock_init() != 1) | ||||
| +		exit(-1); | ||||
| +#endif | ||||
| + | ||||
|  	error = getaddrinfo(host, port, &hints, &res); | ||||
|  	if (error != 0) { | ||||
|  		perror("getaddrinfo()"); | ||||
| @@ -1,6 +1,6 @@ | ||||
| --- apps/openssl/openssl.c.orig	Sun Sep 13 09:11:31 2015 | ||||
| +++ apps/openssl/openssl.c	Sun Sep 13 09:10:02 2015 | ||||
| @@ -399,7 +399,9 @@ | ||||
| --- apps/openssl/openssl.c.orig	Fri Nov  4 09:33:19 2016 | ||||
| +++ apps/openssl/openssl.c	Sat Nov  5 15:28:35 2016 | ||||
| @@ -396,7 +396,9 @@ | ||||
|  static void | ||||
|  openssl_startup(void) | ||||
|  { | ||||
|   | ||||
							
								
								
									
										32
									
								
								patches/tls.h.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								patches/tls.h.patch
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| --- include/tls.h.orig	2017-02-13 20:19:55.918636579 +0900 | ||||
| +++ include/tls.h	2017-02-13 20:21:18.313073161 +0900 | ||||
| @@ -22,6 +22,13 @@ | ||||
|  extern "C" { | ||||
|  #endif | ||||
|   | ||||
| +#ifdef _MSC_VER | ||||
| +#ifndef LIBRESSL_INTERNAL | ||||
| +#include <basetsd.h> | ||||
| +typedef SSIZE_T ssize_t; | ||||
| +#endif | ||||
| +#endif | ||||
| + | ||||
|  #include <sys/types.h> | ||||
|   | ||||
|  #include <stddef.h> | ||||
| --- libtls-standalone/include/tls.h.orig	2017-02-13 20:21:48.297958529 +0900 | ||||
| +++ libtls-standalone/include/tls.h	2017-02-13 20:21:48.296958502 +0900 | ||||
| @@ -22,6 +22,13 @@ | ||||
|  extern "C" { | ||||
|  #endif | ||||
|   | ||||
| +#ifdef _MSC_VER | ||||
| +#ifndef LIBRESSL_INTERNAL | ||||
| +#include <basetsd.h> | ||||
| +typedef SSIZE_T ssize_t; | ||||
| +#endif | ||||
| +#endif | ||||
| + | ||||
|  #include <sys/types.h> | ||||
|   | ||||
|  #include <stddef.h> | ||||
| @@ -24,8 +24,8 @@ diff -u include/openssl.orig/opensslconf.h include/openssl/opensslconf.h | ||||
| +#define __attribute__(a) | ||||
| +#endif | ||||
| + | ||||
|  /* Generate 80386 code? */ | ||||
|  #undef I386_ONLY | ||||
|  #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) | ||||
|  #define OPENSSLDIR "/etc/ssl" | ||||
|  | ||||
| diff -u include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h | ||||
| --- include/openssl.orig/ossl_typ.h	Mon Dec  7 07:58:32 2015 | ||||
|   | ||||
| @@ -21,9 +21,6 @@ if [ "x$ARCH" = "xnative" ]; then | ||||
| 		make | ||||
| 		make test | ||||
| 	else | ||||
| 		sudo apt-get update | ||||
| 		sudo apt-get install -y python-software-properties | ||||
| 		sudo apt-add-repository -y ppa:kalakris/cmake | ||||
| 		sudo apt-get update | ||||
| 		sudo apt-get install -y cmake ninja-build | ||||
| 		cmake -GNinja .. | ||||
| @@ -38,12 +35,8 @@ else | ||||
| 	export CC=$CPU-w64-mingw32-gcc | ||||
|  | ||||
| 	if [ -z $(which $CC) ]; then | ||||
| 		# Update Ubuntu 12.04 with current mingw toolchain | ||||
| 		sudo apt-get update | ||||
| 		sudo apt-get install -y python-software-properties | ||||
| 		sudo apt-add-repository -y ppa:tobydox/mingw-x-precise | ||||
| 		sudo apt-get update | ||||
| 		sudo apt-get install -y $ARCH-x-gcc make | ||||
| 		sudo apt-get install -y mingw-w64 make | ||||
| 		export PATH=$PATH:/opt/$ARCH/bin | ||||
| 	fi | ||||
|  | ||||
|   | ||||
| @@ -19,47 +19,53 @@ set( | ||||
| 	d1_srtp.c | ||||
| 	d1_srvr.c | ||||
| 	pqueue.c | ||||
| 	s23_clnt.c | ||||
| 	s23_lib.c | ||||
| 	s23_pkt.c | ||||
| 	s23_srvr.c | ||||
| 	s3_both.c | ||||
| 	s3_cbc.c | ||||
| 	s3_clnt.c | ||||
| 	s3_lib.c | ||||
| 	s3_pkt.c | ||||
| 	s3_srvr.c | ||||
| 	ssl_algs.c | ||||
| 	ssl_asn1.c | ||||
| 	ssl_both.c | ||||
| 	ssl_cert.c | ||||
| 	ssl_ciph.c | ||||
| 	ssl_clnt.c | ||||
| 	ssl_err.c | ||||
| 	ssl_err2.c | ||||
| 	ssl_lib.c | ||||
| 	ssl_packet.c | ||||
| 	ssl_pkt.c | ||||
| 	ssl_rsa.c | ||||
| 	ssl_sess.c | ||||
| 	ssl_srvr.c | ||||
| 	ssl_stat.c | ||||
| 	ssl_txt.c | ||||
| 	ssl_versions.c | ||||
| 	t1_clnt.c | ||||
| 	t1_enc.c | ||||
| 	t1_hash.c | ||||
| 	t1_lib.c | ||||
| 	t1_meth.c | ||||
| 	t1_reneg.c | ||||
| 	t1_srvr.c | ||||
| ) | ||||
|  | ||||
| add_library(ssl-objects OBJECT ${SSL_SRC}) | ||||
| if (BUILD_SHARED) | ||||
| 	add_library(ssl-objects OBJECT ${SSL_SRC}) | ||||
| 	add_library(ssl STATIC $<TARGET_OBJECTS:ssl-objects>) | ||||
| 	add_library(ssl-shared SHARED $<TARGET_OBJECTS:ssl-objects>) | ||||
| 	if (MSVC) | ||||
| 	export_symbol(ssl-shared ${CMAKE_CURRENT_SOURCE_DIR}/ssl.sym) | ||||
| 	if (WIN32) | ||||
| 		target_link_libraries(ssl-shared crypto-shared Ws2_32.lib) | ||||
| 		set(SSL_POSTFIX -${SSL_MAJOR_VERSION}) | ||||
| 	endif() | ||||
| 	set_target_properties(ssl-shared PROPERTIES OUTPUT_NAME ssl) | ||||
| 	set_target_properties(ssl-shared PROPERTIES | ||||
| 		OUTPUT_NAME ssl${SSL_POSTFIX} | ||||
| 		ARCHIVE_OUTPUT_NAME ssl${SSL_POSTFIX}) | ||||
| 	set_target_properties(ssl-shared PROPERTIES VERSION ${SSL_VERSION} | ||||
| 		SOVERSION ${SSL_MAJOR_VERSION}) | ||||
| 	install(TARGETS ssl ssl-shared DESTINATION lib) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS ssl ssl-shared DESTINATION ${CMAKE_INSTALL_LIBDIR}) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| else() | ||||
| 	add_library(ssl STATIC ${SSL_SRC}) | ||||
| 	install(TARGETS ssl DESTINATION lib) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS ssl DESTINATION ${CMAKE_INSTALL_LIBDIR}) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| endif() | ||||
|   | ||||
| @@ -4,8 +4,9 @@ lib_LTLIBRARIES = libssl.la | ||||
|  | ||||
| EXTRA_DIST = VERSION | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
| EXTRA_DIST += ssl.sym | ||||
|  | ||||
| libssl_la_LDFLAGS = -version-info @LIBSSL_VERSION@ -no-undefined | ||||
| libssl_la_LDFLAGS = -version-info @LIBSSL_VERSION@ -no-undefined -export-symbols $(top_srcdir)/ssl/ssl.sym | ||||
| libssl_la_LIBADD = $(abs_top_builddir)/crypto/libcrypto.la | ||||
|  | ||||
| libssl_la_SOURCES = bio_ssl.c | ||||
| @@ -21,29 +22,27 @@ libssl_la_SOURCES += d1_pkt.c | ||||
| libssl_la_SOURCES += d1_srtp.c | ||||
| libssl_la_SOURCES += d1_srvr.c | ||||
| libssl_la_SOURCES += pqueue.c | ||||
| libssl_la_SOURCES += s23_clnt.c | ||||
| libssl_la_SOURCES += s23_lib.c | ||||
| libssl_la_SOURCES += s23_pkt.c | ||||
| libssl_la_SOURCES += s23_srvr.c | ||||
| libssl_la_SOURCES += s3_both.c | ||||
| libssl_la_SOURCES += s3_cbc.c | ||||
| libssl_la_SOURCES += s3_clnt.c | ||||
| libssl_la_SOURCES += s3_lib.c | ||||
| libssl_la_SOURCES += s3_pkt.c | ||||
| libssl_la_SOURCES += s3_srvr.c | ||||
| libssl_la_SOURCES += ssl_algs.c | ||||
| libssl_la_SOURCES += ssl_asn1.c | ||||
| libssl_la_SOURCES += ssl_both.c | ||||
| libssl_la_SOURCES += ssl_cert.c | ||||
| libssl_la_SOURCES += ssl_ciph.c | ||||
| libssl_la_SOURCES += ssl_clnt.c | ||||
| libssl_la_SOURCES += ssl_err.c | ||||
| libssl_la_SOURCES += ssl_err2.c | ||||
| libssl_la_SOURCES += ssl_lib.c | ||||
| libssl_la_SOURCES += ssl_packet.c | ||||
| libssl_la_SOURCES += ssl_pkt.c | ||||
| libssl_la_SOURCES += ssl_rsa.c | ||||
| libssl_la_SOURCES += ssl_sess.c | ||||
| libssl_la_SOURCES += ssl_srvr.c | ||||
| libssl_la_SOURCES += ssl_stat.c | ||||
| libssl_la_SOURCES += ssl_txt.c | ||||
| libssl_la_SOURCES += ssl_versions.c | ||||
| libssl_la_SOURCES += t1_clnt.c | ||||
| libssl_la_SOURCES += t1_enc.c | ||||
| libssl_la_SOURCES += t1_hash.c | ||||
| libssl_la_SOURCES += t1_lib.c | ||||
| libssl_la_SOURCES += t1_meth.c | ||||
| libssl_la_SOURCES += t1_reneg.c | ||||
|   | ||||
| @@ -9,274 +9,413 @@ include_directories( | ||||
| 	../apps/openssl/compat | ||||
| ) | ||||
|  | ||||
| set(ENV{srcdir} ${CMAKE_CURRENT_SOURCE_DIR}) | ||||
| add_definitions(-D_PATH_SSL_CA_FILE=\"${CMAKE_CURRENT_SOURCE_DIR}/../apps/openssl/cert.pem\") | ||||
|  | ||||
| foreach(lib IN LISTS OPENSSL_LIBS) | ||||
| 	if(${lib} STREQUAL "tls-shared") | ||||
| 		set(TESTS_LIBS ${TESTS_LIBS} tls) | ||||
| 	elseif(${lib} STREQUAL "ssl-shared") | ||||
| 		set(TESTS_LIBS ${TESTS_LIBS} ssl) | ||||
| 	elseif(${lib} STREQUAL "crypto-shared") | ||||
| 		set(TESTS_LIBS ${TESTS_LIBS} crypto) | ||||
| 	else() | ||||
| 		set(TESTS_LIBS ${TESTS_LIBS} ${lib}) | ||||
| 	endif() | ||||
| endforeach() | ||||
|  | ||||
| # aeadtest | ||||
| #add_executable(aeadtest aeadtest.c) | ||||
| #target_link_libraries(aeadtest ${OPENSSL_LIBS}) | ||||
| #add_test(aeadtest aeadtest.sh) | ||||
| #configure_file(aeadtests.txt aeadtests.txt COPYONLY) | ||||
| #configure_file(aeadtest.sh aeadtest.sh COPYONLY) | ||||
| add_executable(aeadtest aeadtest.c) | ||||
| target_link_libraries(aeadtest ${TESTS_LIBS}) | ||||
| add_test(aeadtest aeadtest ${CMAKE_CURRENT_SOURCE_DIR}/aeadtests.txt) | ||||
|  | ||||
| # aes_wrap | ||||
| add_executable(aes_wrap aes_wrap.c) | ||||
| target_link_libraries(aes_wrap ${OPENSSL_LIBS}) | ||||
| target_link_libraries(aes_wrap ${TESTS_LIBS}) | ||||
| add_test(aes_wrap aes_wrap) | ||||
|  | ||||
| # arc4randomforktest | ||||
| # Windows/mingw does not have fork, but Cygwin does. | ||||
| if(NOT CMAKE_HOST_WIN32) | ||||
| add_executable(arc4randomforktest arc4randomforktest.c) | ||||
| target_link_libraries(arc4randomforktest ${OPENSSL_LIBS}) | ||||
| add_test(arc4randomforktest ${CMAKE_CURRENT_SOURCE_DIR}/arc4randomforktest.sh) | ||||
| if(NOT CMAKE_HOST_WIN32 AND NOT CMAKE_SYSTEM_NAME MATCHES "MINGW") | ||||
| 	add_executable(arc4randomforktest arc4randomforktest.c) | ||||
| 	target_link_libraries(arc4randomforktest ${TESTS_LIBS}) | ||||
| 	add_test(arc4randomforktest ${CMAKE_CURRENT_SOURCE_DIR}/arc4randomforktest.sh) | ||||
| endif() | ||||
|  | ||||
| # asn1test | ||||
| add_executable(asn1test asn1test.c) | ||||
| target_link_libraries(asn1test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(asn1test ${TESTS_LIBS}) | ||||
| add_test(asn1test asn1test) | ||||
|  | ||||
| # asn1time | ||||
| add_executable(asn1time asn1time.c) | ||||
| target_link_libraries(asn1time ${OPENSSL_LIBS}) | ||||
| target_link_libraries(asn1time ${TESTS_LIBS}) | ||||
| add_test(asn1time asn1time) | ||||
|  | ||||
| # base64test | ||||
| add_executable(base64test base64test.c) | ||||
| target_link_libraries(base64test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(base64test ${TESTS_LIBS}) | ||||
| add_test(base64test base64test) | ||||
|  | ||||
| # bftest | ||||
| add_executable(bftest bftest.c) | ||||
| target_link_libraries(bftest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(bftest ${TESTS_LIBS}) | ||||
| add_test(bftest bftest) | ||||
|  | ||||
| # biotest | ||||
| # the BIO tests rely on resolver results that are OS and environment-specific | ||||
| if(ENABLE_EXTRATESTS) | ||||
| 	add_executable(biotest biotest.c) | ||||
| 	target_link_libraries(biotest ${TESTS_LIBS}) | ||||
| 	add_test(biotest biotest) | ||||
| endif() | ||||
|  | ||||
| # bntest | ||||
| add_executable(bntest bntest.c) | ||||
| target_link_libraries(bntest ${OPENSSL_LIBS}) | ||||
| set_source_files_properties(bntest.c PROPERTIES COMPILE_FLAGS -ULIBRESSL_INTERNAL) | ||||
| target_link_libraries(bntest ${TESTS_LIBS}) | ||||
| add_test(bntest bntest) | ||||
|  | ||||
| # bytestringtest | ||||
| add_executable(bytestringtest bytestringtest.c) | ||||
| target_link_libraries(bytestringtest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(bytestringtest ${TESTS_LIBS}) | ||||
| add_test(bytestringtest bytestringtest) | ||||
|  | ||||
| # casttest | ||||
| add_executable(casttest casttest.c) | ||||
| target_link_libraries(casttest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(casttest ${TESTS_LIBS}) | ||||
| add_test(casttest casttest) | ||||
|  | ||||
| # chachatest | ||||
| add_executable(chachatest chachatest.c) | ||||
| target_link_libraries(chachatest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(chachatest ${TESTS_LIBS}) | ||||
| add_test(chachatest chachatest) | ||||
|  | ||||
| # cipher_list | ||||
| add_executable(cipher_list cipher_list.c) | ||||
| target_link_libraries(cipher_list ${OPENSSL_LIBS}) | ||||
| target_link_libraries(cipher_list ${TESTS_LIBS}) | ||||
| add_test(cipher_list cipher_list) | ||||
|  | ||||
| # cipherstest | ||||
| add_executable(cipherstest cipherstest.c) | ||||
| target_link_libraries(cipherstest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(cipherstest ${TESTS_LIBS}) | ||||
| add_test(cipherstest cipherstest) | ||||
|  | ||||
| # clienttest | ||||
| add_executable(clienttest clienttest.c) | ||||
| target_link_libraries(clienttest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(clienttest ${TESTS_LIBS}) | ||||
| add_test(clienttest clienttest) | ||||
|  | ||||
| # cts128test | ||||
| add_executable(cts128test cts128test.c) | ||||
| target_link_libraries(cts128test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(cts128test ${TESTS_LIBS}) | ||||
| add_test(cts128test cts128test) | ||||
|  | ||||
| # destest | ||||
| add_executable(destest destest.c) | ||||
| target_link_libraries(destest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(destest ${TESTS_LIBS}) | ||||
| add_test(destest destest) | ||||
|  | ||||
| # dhtest | ||||
| add_executable(dhtest dhtest.c) | ||||
| target_link_libraries(dhtest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(dhtest ${TESTS_LIBS}) | ||||
| add_test(dhtest dhtest) | ||||
|  | ||||
| # dsatest | ||||
| add_executable(dsatest dsatest.c) | ||||
| target_link_libraries(dsatest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(dsatest ${TESTS_LIBS}) | ||||
| add_test(dsatest dsatest) | ||||
|  | ||||
| # ecdhtest | ||||
| add_executable(ecdhtest ecdhtest.c) | ||||
| target_link_libraries(ecdhtest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(ecdhtest ${TESTS_LIBS}) | ||||
| add_test(ecdhtest ecdhtest) | ||||
|  | ||||
| # ecdsatest | ||||
| add_executable(ecdsatest ecdsatest.c) | ||||
| target_link_libraries(ecdsatest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(ecdsatest ${TESTS_LIBS}) | ||||
| add_test(ecdsatest ecdsatest) | ||||
|  | ||||
| # ectest | ||||
| add_executable(ectest ectest.c) | ||||
| target_link_libraries(ectest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(ectest ${TESTS_LIBS}) | ||||
| add_test(ectest ectest) | ||||
|  | ||||
| # enginetest | ||||
| add_executable(enginetest enginetest.c) | ||||
| target_link_libraries(enginetest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(enginetest ${TESTS_LIBS}) | ||||
| add_test(enginetest enginetest) | ||||
|  | ||||
| # evptest | ||||
| #add_executable(evptest evptest.c) | ||||
| #target_link_libraries(evptest ${OPENSSL_LIBS}) | ||||
| #add_test(evptest ${CMAKE_CURRENT_SOURCE_DIR}/evptest.sh) | ||||
| add_executable(evptest evptest.c) | ||||
| target_link_libraries(evptest ${TESTS_LIBS}) | ||||
| add_test(evptest evptest ${CMAKE_CURRENT_SOURCE_DIR}/evptests.txt) | ||||
|  | ||||
| # explicit_bzero | ||||
| # explicit_bzero relies on SA_ONSTACK, which is unavailable on Windows | ||||
| if(NOT CMAKE_HOST_WIN32) | ||||
| add_executable(explicit_bzero explicit_bzero.c) | ||||
| target_link_libraries(explicit_bzero ${OPENSSL_LIBS}) | ||||
| add_test(explicit_bzero explicit_bzero) | ||||
| #if !HAVE_MEMMEM | ||||
| #explicit_bzero_SOURCES += memmem.c | ||||
| #endif | ||||
| 	if(HAVE_MEMMEM) | ||||
| 		add_executable(explicit_bzero explicit_bzero.c) | ||||
| 	else() | ||||
| 		add_executable(explicit_bzero explicit_bzero.c compat/memmem.c) | ||||
| 	endif() | ||||
| 	target_link_libraries(explicit_bzero ${TESTS_LIBS}) | ||||
| 	add_test(explicit_bzero explicit_bzero) | ||||
| endif() | ||||
|  | ||||
| # exptest | ||||
| add_executable(exptest exptest.c) | ||||
| target_link_libraries(exptest ${OPENSSL_LIBS}) | ||||
| set_source_files_properties(exptest.c PROPERTIES COMPILE_FLAGS -ULIBRESSL_INTERNAL) | ||||
| target_link_libraries(exptest ${TESTS_LIBS}) | ||||
| add_test(exptest exptest) | ||||
|  | ||||
| # gcm128test | ||||
| add_executable(gcm128test gcm128test.c) | ||||
| target_link_libraries(gcm128test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(gcm128test ${TESTS_LIBS}) | ||||
| add_test(gcm128test gcm128test) | ||||
|  | ||||
| # gost2814789t | ||||
| add_executable(gost2814789t gost2814789t.c) | ||||
| target_link_libraries(gost2814789t ${OPENSSL_LIBS}) | ||||
| target_link_libraries(gost2814789t ${TESTS_LIBS}) | ||||
| add_test(gost2814789t gost2814789t) | ||||
|  | ||||
| # hkdf_test | ||||
| add_executable(hkdf_test hkdf_test.c) | ||||
| target_link_libraries(hkdf_test ${TESTS_LIBS}) | ||||
| add_test(hkdf_test hkdf_test) | ||||
|  | ||||
| # hmactest | ||||
| add_executable(hmactest hmactest.c) | ||||
| target_link_libraries(hmactest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(hmactest ${TESTS_LIBS}) | ||||
| add_test(hmactest hmactest) | ||||
|  | ||||
| # ideatest | ||||
| add_executable(ideatest ideatest.c) | ||||
| target_link_libraries(ideatest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(ideatest ${TESTS_LIBS}) | ||||
| add_test(ideatest ideatest) | ||||
|  | ||||
| # igetest | ||||
| add_executable(igetest igetest.c) | ||||
| target_link_libraries(igetest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(igetest ${TESTS_LIBS}) | ||||
| add_test(igetest igetest) | ||||
|  | ||||
| # md4test | ||||
| add_executable(md4test md4test.c) | ||||
| target_link_libraries(md4test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(md4test ${TESTS_LIBS}) | ||||
| add_test(md4test md4test) | ||||
|  | ||||
| # md5test | ||||
| add_executable(md5test md5test.c) | ||||
| target_link_libraries(md5test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(md5test ${TESTS_LIBS}) | ||||
| add_test(md5test md5test) | ||||
|  | ||||
| # mont | ||||
| add_executable(mont mont.c) | ||||
| target_link_libraries(mont ${OPENSSL_LIBS}) | ||||
| target_link_libraries(mont ${TESTS_LIBS}) | ||||
| add_test(mont mont) | ||||
|  | ||||
| # ocsp_test | ||||
| if(ENABLE_EXTRATESTS) | ||||
| 	add_executable(ocsp_test ocsp_test.c) | ||||
| 	target_link_libraries(ocsp_test ${TESTS_LIBS}) | ||||
| 	if(NOT MSVC) | ||||
| 		add_test(ocsptest ${CMAKE_CURRENT_SOURCE_DIR}/ocsptest.sh) | ||||
| 	else() | ||||
| 		add_test(ocsptest ${CMAKE_CURRENT_SOURCE_DIR}/ocsptest.bat) | ||||
| 	endif() | ||||
| endif() | ||||
|  | ||||
| # optionstest | ||||
| add_executable(optionstest optionstest.c) | ||||
| target_link_libraries(optionstest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(optionstest ${TESTS_LIBS}) | ||||
| add_test(optionstest optionstest) | ||||
|  | ||||
| # pbkdf2 | ||||
| add_executable(pbkdf2 pbkdf2.c) | ||||
| target_link_libraries(pbkdf2 ${OPENSSL_LIBS}) | ||||
| target_link_libraries(pbkdf2 ${TESTS_LIBS}) | ||||
| add_test(pbkdf2 pbkdf2) | ||||
|  | ||||
| # pidwraptest | ||||
| # pidwraptest relies on an OS-specific way to give out pids and is generally | ||||
| # awkward on systems with slow fork | ||||
| if(ENABLE_EXTRATESTS AND NOT MSVC) | ||||
| 	add_executable(pidwraptest pidwraptest.c) | ||||
| 	target_link_libraries(pidwraptest ${TESTS_LIBS}) | ||||
| 	add_test(pidwraptest ${CMAKE_CURRENT_SOURCE_DIR}/pidwraptest.sh) | ||||
| endif() | ||||
|  | ||||
| # pkcs7test | ||||
| add_executable(pkcs7test pkcs7test.c) | ||||
| target_link_libraries(pkcs7test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(pkcs7test ${TESTS_LIBS}) | ||||
| add_test(pkcs7test pkcs7test) | ||||
|  | ||||
| # poly1305test | ||||
| add_executable(poly1305test poly1305test.c) | ||||
| target_link_libraries(poly1305test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(poly1305test ${TESTS_LIBS}) | ||||
| add_test(poly1305test poly1305test) | ||||
|  | ||||
| # pq_test | ||||
| #add_executable(pq_test pq_test.c) | ||||
| #target_link_libraries(pq_test ${OPENSSL_LIBS}) | ||||
| #add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.sh) | ||||
| add_executable(pq_test pq_test.c) | ||||
| target_link_libraries(pq_test ${TESTS_LIBS}) | ||||
| if(NOT MSVC) | ||||
| 	add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.sh) | ||||
| else() | ||||
| 	add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.bat) | ||||
| endif() | ||||
| set_tests_properties(pq_test PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # randtest | ||||
| add_executable(randtest randtest.c) | ||||
| target_link_libraries(randtest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(randtest ${TESTS_LIBS}) | ||||
| add_test(randtest randtest) | ||||
|  | ||||
| # rc2test | ||||
| add_executable(rc2test rc2test.c) | ||||
| target_link_libraries(rc2test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(rc2test ${TESTS_LIBS}) | ||||
| add_test(rc2test rc2test) | ||||
|  | ||||
| # rc4test | ||||
| add_executable(rc4test rc4test.c) | ||||
| target_link_libraries(rc4test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(rc4test ${TESTS_LIBS}) | ||||
| add_test(rc4test rc4test) | ||||
|  | ||||
| # rfc5280time | ||||
| add_executable(rfc5280time rfc5280time.c) | ||||
| target_link_libraries(rfc5280time ${OPENSSL_LIBS}) | ||||
| add_test(rfc5280time rfc5280time) | ||||
| target_link_libraries(rfc5280time ${TESTS_LIBS}) | ||||
| if(SMALL_TIME_T) | ||||
| 	add_test(rfc5280time ${CMAKE_CURRENT_SOURCE_DIR}/rfc5280time_small.test) | ||||
| else() | ||||
| 	add_test(rfc5280time rfc5280time) | ||||
| endif() | ||||
|  | ||||
| # rmdtest | ||||
| add_executable(rmdtest rmdtest.c) | ||||
| target_link_libraries(rmdtest ${OPENSSL_LIBS}) | ||||
| target_link_libraries(rmdtest ${TESTS_LIBS}) | ||||
| add_test(rmdtest rmdtest) | ||||
|  | ||||
| # rsa_test | ||||
| add_executable(rsa_test rsa_test.c) | ||||
| target_link_libraries(rsa_test ${TESTS_LIBS}) | ||||
| add_test(rsa_test rsa_test) | ||||
|  | ||||
| # servertest | ||||
| add_executable(servertest servertest.c) | ||||
| target_link_libraries(servertest ${TESTS_LIBS}) | ||||
| if(NOT MSVC) | ||||
| 	add_test(servertest ${CMAKE_CURRENT_SOURCE_DIR}/servertest.sh) | ||||
| else() | ||||
| 	add_test(servertest ${CMAKE_CURRENT_SOURCE_DIR}/servertest.bat) | ||||
| endif() | ||||
| set_tests_properties(servertest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # sha1test | ||||
| add_executable(sha1test sha1test.c) | ||||
| target_link_libraries(sha1test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(sha1test ${TESTS_LIBS}) | ||||
| add_test(sha1test sha1test) | ||||
|  | ||||
| # sha256test | ||||
| add_executable(sha256test sha256test.c) | ||||
| target_link_libraries(sha256test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(sha256test ${TESTS_LIBS}) | ||||
| add_test(sha256test sha256test) | ||||
|  | ||||
| # sha512test | ||||
| add_executable(sha512test sha512test.c) | ||||
| target_link_libraries(sha512test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(sha512test ${TESTS_LIBS}) | ||||
| add_test(sha512test sha512test) | ||||
|  | ||||
| # ssl_versions | ||||
| add_executable(ssl_versions ssl_versions.c) | ||||
| target_link_libraries(ssl_versions ${TESTS_LIBS}) | ||||
| add_test(ssl_versions ssl_versions) | ||||
|  | ||||
| # ssltest | ||||
| #add_executable(ssltest ssltest.c) | ||||
| #target_link_libraries(ssltest ${OPENSSL_LIBS}) | ||||
| #add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.sh) | ||||
| add_executable(ssltest ssltest.c) | ||||
| target_link_libraries(ssltest ${TESTS_LIBS}) | ||||
| if(NOT MSVC) | ||||
| 	add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.sh) | ||||
| else() | ||||
| 	add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.bat) | ||||
| endif() | ||||
| set_tests_properties(ssltest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # testdsa | ||||
| #add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.sh) | ||||
| if(NOT MSVC) | ||||
| 	add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.sh) | ||||
| else() | ||||
| 	add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.bat) | ||||
| endif() | ||||
| set_tests_properties(testdsa PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # testenc | ||||
| add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.sh) | ||||
| if(NOT MSVC) | ||||
| 	add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.sh) | ||||
| else() | ||||
| 	add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.bat) | ||||
| endif() | ||||
| set_tests_properties(testenc PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # testrsa | ||||
| #add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.sh) | ||||
| if(NOT MSVC) | ||||
| 	add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.sh) | ||||
| else() | ||||
| 	add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.bat) | ||||
| endif() | ||||
| set_tests_properties(testrsa PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # timingsafe | ||||
| add_executable(timingsafe timingsafe.c) | ||||
| target_link_libraries(timingsafe ${OPENSSL_LIBS}) | ||||
| target_link_libraries(timingsafe ${TESTS_LIBS}) | ||||
| add_test(timingsafe timingsafe) | ||||
|  | ||||
| # tlstest | ||||
| set(TLSTEST_SRC tlstest.c) | ||||
| check_function_exists(pipe2 HAVE_PIPE2) | ||||
| if(HAVE_PIPE2) | ||||
| 	add_definitions(-DHAVE_PIPE2) | ||||
| else() | ||||
| 	set(TLSTEST_SRC ${TLSTEST_SRC} compat/pipe2.c) | ||||
| endif() | ||||
|  | ||||
| add_executable(tlstest ${TLSTEST_SRC}) | ||||
| target_link_libraries(tlstest ${TESTS_LIBS}) | ||||
| if(NOT MSVC) | ||||
| 	add_test(tlstest ${CMAKE_CURRENT_SOURCE_DIR}/tlstest.sh) | ||||
| else() | ||||
| 	add_test(tlstest ${CMAKE_CURRENT_SOURCE_DIR}/tlstest.bat) | ||||
| endif() | ||||
| set_tests_properties(tlstest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}") | ||||
|  | ||||
| # tls_ext_alpn | ||||
| add_executable(tls_ext_alpn tls_ext_alpn.c) | ||||
| target_link_libraries(tls_ext_alpn ${TESTS_LIBS}) | ||||
| add_test(tls_ext_alpn tls_ext_alpn) | ||||
|  | ||||
| # tls_prf | ||||
| add_executable(tls_prf tls_prf.c) | ||||
| target_link_libraries(tls_prf ${TESTS_LIBS}) | ||||
| add_test(tls_prf tls_prf) | ||||
|  | ||||
| # utf8test | ||||
| add_executable(utf8test utf8test.c) | ||||
| target_link_libraries(utf8test ${OPENSSL_LIBS}) | ||||
| target_link_libraries(utf8test ${TESTS_LIBS}) | ||||
| add_test(utf8test utf8test) | ||||
|  | ||||
| # verifytest | ||||
| add_executable(verifytest verifytest.c) | ||||
| target_link_libraries(verifytest tls ${OPENSSL_LIBS}) | ||||
| target_link_libraries(verifytest tls ${TESTS_LIBS}) | ||||
| add_test(verifytest verifytest) | ||||
|  | ||||
| # x25519test | ||||
| add_executable(x25519test x25519test.c) | ||||
| target_link_libraries(x25519test ${TESTS_LIBS}) | ||||
| add_test(x25519test x25519test) | ||||
|  | ||||
| if(ENABLE_VSTEST AND USE_SHARED) | ||||
| 	add_custom_command(TARGET x25519test POST_BUILD | ||||
| 		COMMAND "${CMAKE_COMMAND}" -E copy | ||||
| 		"$<TARGET_FILE:tls-shared>" | ||||
| 		"$<TARGET_FILE:ssl-shared>" | ||||
| 		"$<TARGET_FILE:crypto-shared>" | ||||
| 		"${CMAKE_CURRENT_BINARY_DIR}" | ||||
| 		COMMENT "Copying DLLs for regression tests") | ||||
| endif() | ||||
|  | ||||
|   | ||||
| @@ -5,11 +5,15 @@ AM_CPPFLAGS += -I $(top_srcdir)/crypto/asn1 | ||||
| AM_CPPFLAGS += -I $(top_srcdir)/ssl | ||||
| AM_CPPFLAGS += -I $(top_srcdir)/apps/openssl | ||||
| AM_CPPFLAGS += -I $(top_srcdir)/apps/openssl/compat | ||||
| AM_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"$(top_srcdir)/apps/openssl/cert.pem\" | ||||
|  | ||||
| LDADD = $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
| LDADD += $(abs_top_builddir)/ssl/libssl.la | ||||
| LDADD += $(abs_top_builddir)/crypto/libcrypto.la | ||||
| LDADD += $(abs_top_builddir)/tls/libtls.la | ||||
| LDADD = $(abs_top_builddir)/tls/.libs/libtls.a | ||||
| LDADD += $(abs_top_builddir)/ssl/.libs/libssl.a | ||||
| LDADD += $(abs_top_builddir)/crypto/.libs/libcrypto.a | ||||
| LDADD += $(PLATFORM_LDADD) $(PROG_LDADD) | ||||
| if HOST_ASM_MACOSX_X86_64 | ||||
| LDADD += $(abs_top_builddir)/crypto/.libs/libcrypto_la-cpuid-macosx-x86_64.o | ||||
| endif | ||||
|  | ||||
| TEST_LOG_DRIVER = env AM_TAP_AWK='$(AWK)' $(SHELL) $(top_srcdir)/tap-driver.sh | ||||
|  | ||||
| @@ -69,6 +73,7 @@ endif | ||||
|  | ||||
| # bntest | ||||
| TESTS += bntest | ||||
| bntest_CPPFLAGS = $(AM_CPPFLAGS) -ULIBRESSL_INTERNAL | ||||
| check_PROGRAMS += bntest | ||||
| bntest_SOURCES = bntest.c | ||||
|  | ||||
| @@ -158,7 +163,7 @@ TESTS += explicit_bzero | ||||
| check_PROGRAMS += explicit_bzero | ||||
| explicit_bzero_SOURCES = explicit_bzero.c | ||||
| if !HAVE_MEMMEM | ||||
| explicit_bzero_SOURCES += memmem.c | ||||
| explicit_bzero_SOURCES += compat/memmem.c | ||||
| endif | ||||
| endif | ||||
| endif | ||||
| @@ -166,6 +171,7 @@ endif | ||||
| # exptest | ||||
| TESTS += exptest | ||||
| check_PROGRAMS += exptest | ||||
| exptest_CPPFLAGS = $(AM_CPPFLAGS) -ULIBRESSL_INTERNAL | ||||
| exptest_SOURCES = exptest.c | ||||
|  | ||||
| # gcm128test | ||||
| @@ -178,6 +184,11 @@ TESTS += gost2814789t | ||||
| check_PROGRAMS += gost2814789t | ||||
| gost2814789t_SOURCES = gost2814789t.c | ||||
|  | ||||
| # hkdf_test | ||||
| TESTS += hkdftest | ||||
| check_PROGRAMS += hkdftest | ||||
| hkdftest_SOURCES = hkdf_test.c | ||||
|  | ||||
| # hmactest | ||||
| TESTS += hmactest | ||||
| check_PROGRAMS += hmactest | ||||
| @@ -208,6 +219,14 @@ TESTS += mont | ||||
| check_PROGRAMS += mont | ||||
| mont_SOURCES = mont.c | ||||
|  | ||||
| # ocsp_test | ||||
| if ENABLE_EXTRATESTS | ||||
| TESTS += ocsptest.sh | ||||
| check_PROGRAMS += ocsp_test | ||||
| ocsp_test_SOURCES = ocsp_test.c | ||||
| endif | ||||
| EXTRA_DIST += ocsptest.sh ocsptest.bat | ||||
|  | ||||
| # optionstest | ||||
| TESTS += optionstest | ||||
| check_PROGRAMS += optionstest | ||||
| @@ -242,7 +261,7 @@ poly1305test_SOURCES = poly1305test.c | ||||
| TESTS += pq_test.sh | ||||
| check_PROGRAMS += pq_test | ||||
| pq_test_SOURCES = pq_test.c | ||||
| EXTRA_DIST += pq_test.sh | ||||
| EXTRA_DIST += pq_test.sh pq_test.bat | ||||
| EXTRA_DIST += pq_expected.txt | ||||
|  | ||||
| # randtest | ||||
| @@ -275,6 +294,17 @@ TESTS += rmdtest | ||||
| check_PROGRAMS += rmdtest | ||||
| rmdtest_SOURCES = rmdtest.c | ||||
|  | ||||
| # rsa_test | ||||
| TESTS += rsa_test | ||||
| check_PROGRAMS += rsa_test | ||||
| rsa_test_SOURCES = rsa_test.c | ||||
|  | ||||
| # servertest | ||||
| TESTS += servertest.sh | ||||
| check_PROGRAMS += servertest | ||||
| servertest_SOURCES = servertest.c | ||||
| EXTRA_DIST += servertest.sh servertest.bat | ||||
|  | ||||
| # sha1test | ||||
| TESTS += sha1test | ||||
| check_PROGRAMS += sha1test | ||||
| @@ -290,31 +320,55 @@ TESTS += sha512test | ||||
| check_PROGRAMS += sha512test | ||||
| sha512test_SOURCES = sha512test.c | ||||
|  | ||||
| # ssl_versions | ||||
| TESTS += ssl_versions | ||||
| check_PROGRAMS += ssl_versions | ||||
| ssl_versions_SOURCES = ssl_versions.c | ||||
|  | ||||
| # ssltest | ||||
| TESTS += ssltest.sh | ||||
| check_PROGRAMS += ssltest | ||||
| ssltest_SOURCES = ssltest.c | ||||
| EXTRA_DIST += ssltest.sh | ||||
| EXTRA_DIST += testssl ca.pem server.pem | ||||
| EXTRA_DIST += ssltest.sh ssltest.bat | ||||
| EXTRA_DIST += testssl testssl.bat ca.pem server.pem | ||||
|  | ||||
| # testdsa | ||||
| TESTS += testdsa.sh | ||||
| EXTRA_DIST += testdsa.sh | ||||
| EXTRA_DIST += testdsa.sh testdsa.bat | ||||
| EXTRA_DIST += openssl.cnf | ||||
|  | ||||
| # testenc | ||||
| TESTS += testenc.sh | ||||
| EXTRA_DIST += testenc.sh | ||||
| EXTRA_DIST += testenc.sh testenc.bat | ||||
|  | ||||
| # testrsa | ||||
| TESTS += testrsa.sh | ||||
| EXTRA_DIST += testrsa.sh | ||||
| EXTRA_DIST += testrsa.sh testrsa.bat | ||||
|  | ||||
| # timingsafe | ||||
| TESTS += timingsafe | ||||
| check_PROGRAMS += timingsafe | ||||
| timingsafe_SOURCES = timingsafe.c | ||||
|  | ||||
| # tlstest | ||||
| TESTS += tlstest.sh | ||||
| check_PROGRAMS += tlstest | ||||
| tlstest_SOURCES = tlstest.c | ||||
| if !HAVE_PIPE2 | ||||
| tlstest_SOURCES += compat/pipe2.c | ||||
| endif | ||||
| EXTRA_DIST += tlstest.sh tlstest.bat | ||||
|  | ||||
| # tls_ext_alpn | ||||
| TESTS += tls_ext_alpn | ||||
| check_PROGRAMS += tls_ext_alpn | ||||
| tls_ext_alpn_SOURCES = tls_ext_alpn.c | ||||
|  | ||||
| # tls_prf | ||||
| TESTS += tls_prf | ||||
| check_PROGRAMS += tls_prf | ||||
| tls_prf_SOURCES = tls_prf.c | ||||
|  | ||||
| # utf8test | ||||
| TESTS += utf8test | ||||
| check_PROGRAMS += utf8test | ||||
| @@ -324,3 +378,8 @@ utf8test_SOURCES = utf8test.c | ||||
| TESTS += verifytest | ||||
| check_PROGRAMS += verifytest | ||||
| verifytest_SOURCES = verifytest.c | ||||
|  | ||||
| # x25519test | ||||
| TESTS += x25519test | ||||
| check_PROGRAMS += x25519test | ||||
| x25519test_SOURCES = x25519test.c | ||||
|   | ||||
							
								
								
									
										167
									
								
								tests/compat/pipe2.c
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										167
									
								
								tests/compat/pipe2.c
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,167 @@ | ||||
| /* | ||||
|  * Public domain | ||||
|  * | ||||
|  * pipe2/pipe/socketpair emulation | ||||
|  * Brent Cook <bcook@openbsd.org> | ||||
|  */ | ||||
|  | ||||
| #include <errno.h> | ||||
| #include <fcntl.h> | ||||
| #include <unistd.h> | ||||
| #include <sys/socket.h> | ||||
|  | ||||
| #undef socketpair | ||||
|  | ||||
| #ifdef _WIN32 | ||||
|  | ||||
| static int setfd(int fd, int flag) | ||||
| { | ||||
| 	int rc = -1; | ||||
| 	if (flag & FD_CLOEXEC) { | ||||
| 		HANDLE h = (HANDLE)_get_osfhandle(fd); | ||||
| 		if (h != NULL) | ||||
| 			rc = SetHandleInformation(h, HANDLE_FLAG_INHERIT, 0) == 0 ? -1 : 0; | ||||
| 	} | ||||
| 	return rc; | ||||
| } | ||||
|  | ||||
| static int setfl(int fd, int flag) | ||||
| { | ||||
| 	int rc = -1; | ||||
| 	if (flag & O_NONBLOCK) { | ||||
| 		long mode = 1; | ||||
| 		rc = ioctlsocket(fd, FIONBIO, &mode); | ||||
| 	} | ||||
| 	return rc; | ||||
| } | ||||
|  | ||||
| int socketpair(int domain, int type, int protocol, int socket_vector[2]) | ||||
| { | ||||
| 	if (domain != AF_UNIX || !(type & SOCK_STREAM) || protocol != PF_UNSPEC) | ||||
| 		return -1; | ||||
|  | ||||
| 	socket_vector[0] = -1; | ||||
| 	socket_vector[1] = -1; | ||||
|  | ||||
| 	int listener = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); | ||||
| 	if (listener == -1) { | ||||
| 		return -1; | ||||
| 	} | ||||
|  | ||||
| 	struct sockaddr_in addr = { | ||||
| 		.sin_family = AF_INET, | ||||
| 		.sin_addr.s_addr = htonl(INADDR_LOOPBACK), | ||||
| 		.sin_port = 0, | ||||
| 	}; | ||||
|  | ||||
| 	int yes = 1, e; | ||||
| 	if (setsockopt(listener, SOL_SOCKET, SO_REUSEADDR, | ||||
| 			(void *)&yes, sizeof yes) == -1) | ||||
| 		goto err; | ||||
|  | ||||
| 	if (bind(listener, (struct sockaddr *)&addr, sizeof addr) != 0) | ||||
| 		goto err; | ||||
|  | ||||
| 	memset(&addr, 0, sizeof addr); | ||||
| 	socklen_t addrlen = sizeof addr; | ||||
| 	if (getsockname(listener, (struct sockaddr *)&addr, &addrlen) != 0) | ||||
| 		goto err; | ||||
|  | ||||
| 	addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); | ||||
| 	addr.sin_family = AF_INET; | ||||
|  | ||||
| 	if (listen(listener, 1) != 0) | ||||
| 		goto err; | ||||
|  | ||||
| 	socket_vector[0] = WSASocket(AF_INET, SOCK_STREAM, 0, NULL, 0, 0); | ||||
| 	if (socket_vector[0] == -1) | ||||
| 		goto err; | ||||
|  | ||||
| 	if (connect(socket_vector[0], (struct sockaddr *)&addr, sizeof addr) != 0) | ||||
| 		goto err; | ||||
|  | ||||
| 	socket_vector[1] = accept(listener, NULL, NULL); | ||||
| 	if (socket_vector[1] == -1) | ||||
| 		goto err; | ||||
|  | ||||
| 	closesocket(listener); | ||||
| 	return 0; | ||||
|  | ||||
| err: | ||||
| 	e = WSAGetLastError(); | ||||
| 	closesocket(listener); | ||||
| 	closesocket(socket_vector[0]); | ||||
| 	closesocket(socket_vector[1]); | ||||
| 	WSASetLastError(e); | ||||
| 	socket_vector[0] = -1; | ||||
| 	socket_vector[1] = -1; | ||||
| 	return -1; | ||||
| } | ||||
|  | ||||
| int pipe(int fildes[2]) | ||||
| { | ||||
| 	return socketpair(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, PF_UNSPEC, fildes); | ||||
| } | ||||
|  | ||||
| #else | ||||
|  | ||||
| static int setfd(int fd, int flag) | ||||
| { | ||||
| 	int flags = fcntl(fd, F_GETFD); | ||||
| 	flags |= flag; | ||||
| 	return fcntl(fd, F_SETFD, flags); | ||||
| } | ||||
|  | ||||
| static int setfl(int fd, int flag) | ||||
| { | ||||
| 	int flags = fcntl(fd, F_GETFL); | ||||
| 	flags |= flag; | ||||
| 	return fcntl(fd, F_SETFL, flags); | ||||
| } | ||||
| #endif | ||||
|  | ||||
| int pipe2(int fildes[2], int flags) | ||||
| { | ||||
| 	int rc = pipe(fildes); | ||||
| 	if (rc == 0) { | ||||
| 		if (flags & O_NONBLOCK) { | ||||
| 			rc |= setfl(fildes[0], O_NONBLOCK); | ||||
| 			rc |= setfl(fildes[1], O_NONBLOCK); | ||||
| 		} | ||||
| 		if (flags & O_CLOEXEC) { | ||||
| 			rc |= setfd(fildes[0], FD_CLOEXEC); | ||||
| 			rc |= setfd(fildes[1], FD_CLOEXEC); | ||||
| 		} | ||||
| 		if (rc != 0) { | ||||
| 			int e = errno; | ||||
| 			close(fildes[0]); | ||||
| 			close(fildes[1]); | ||||
| 			errno = e; | ||||
| 		} | ||||
| 	} | ||||
| 	return rc; | ||||
| } | ||||
|  | ||||
| int bsd_socketpair(int domain, int type, int protocol, int socket_vector[2]) | ||||
| { | ||||
| 	int flags = type & ~0xf; | ||||
| 	type &= 0xf; | ||||
| 	int rc = socketpair(domain, type, protocol, socket_vector); | ||||
| 	if (rc == 0) { | ||||
| 		if (flags & SOCK_NONBLOCK) { | ||||
| 			rc |= setfl(socket_vector[0], O_NONBLOCK); | ||||
| 			rc |= setfl(socket_vector[1], O_NONBLOCK); | ||||
| 		} | ||||
| 		if (flags & SOCK_CLOEXEC) { | ||||
| 			rc |= setfd(socket_vector[0], FD_CLOEXEC); | ||||
| 			rc |= setfd(socket_vector[1], FD_CLOEXEC); | ||||
| 		} | ||||
| 		if (rc != 0) { | ||||
| 			int e = errno; | ||||
| 			close(socket_vector[0]); | ||||
| 			close(socket_vector[1]); | ||||
| 			errno = e; | ||||
| 		} | ||||
| 	} | ||||
| 	return rc; | ||||
| } | ||||
							
								
								
									
										11
									
								
								tests/ocsptest.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								tests/ocsptest.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	ocsptest.bat | ||||
|  | ||||
| set TEST=Debug\ocsp_test.exe | ||||
| if not exist %TEST% exit /b 1 | ||||
|  | ||||
| %TEST% www.amazon.com 443 & if !errorlevel! neq 0 exit /b 1 | ||||
| %TEST% cloudflare.com 443 & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| endlocal | ||||
							
								
								
									
										8
									
								
								tests/ocsptest.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										8
									
								
								tests/ocsptest.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,8 @@ | ||||
| #!/bin/sh | ||||
| set -e | ||||
| TEST=./ocsp_test | ||||
| if [ -e ./ocsp_test.exe ]; then | ||||
| 	TEST=./ocsp_test.exe | ||||
| fi | ||||
| $TEST www.amazon.com 443 | ||||
| $TEST cloudflare.com 443 | ||||
							
								
								
									
										14
									
								
								tests/pq_test.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								tests/pq_test.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,14 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	pq_test.bat | ||||
|  | ||||
| set TEST=Debug\pq_test.exe | ||||
| if not exist %TEST% exit /b 1 | ||||
|  | ||||
| set pq_output=pq_output.txt | ||||
| if exist %pq_output% del %pq_output% | ||||
|  | ||||
| %TEST% > %pq_output% | ||||
| fc /b %pq_output% %srcdir%\pq_expected.txt | ||||
|  | ||||
| endlocal | ||||
							
								
								
									
										17
									
								
								tests/servertest.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								tests/servertest.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	servertest.bat | ||||
|  | ||||
| set servertest_bin=Debug\servertest.exe | ||||
| if not exist %servertest_bin% exit /b 1 | ||||
|  | ||||
| if "%srcdir%"=="" ( | ||||
| 	set srcdir=. | ||||
| ) | ||||
|  | ||||
| %servertest_bin% %srcdir%\server.pem %srcdir%\server.pem %srcdir%\ca.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
| endlocal | ||||
							
								
								
									
										13
									
								
								tests/servertest.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										13
									
								
								tests/servertest.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| #!/bin/sh | ||||
| set -e | ||||
|  | ||||
| servertest_bin=./servertest | ||||
| if [ -e ./servertest.exe ]; then | ||||
| 	servertest_bin=./servertest.exe | ||||
| fi | ||||
|  | ||||
| if [ -z $srcdir ]; then | ||||
| 	srcdir=. | ||||
| fi | ||||
|  | ||||
| $servertest_bin $srcdir/server.pem $srcdir/server.pem $srcdir/ca.pem | ||||
							
								
								
									
										21
									
								
								tests/ssltest.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								tests/ssltest.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	ssltest.bat | ||||
|  | ||||
| set ssltest_bin=Debug\ssltest.exe | ||||
| if not exist %ssltest_bin% exit /b 1 | ||||
|  | ||||
| set openssl_bin=..\apps\openssl\Debug\openssl.exe | ||||
| if not exist %openssl_bin% exit /b 1 | ||||
|  | ||||
| if "%srcdir%"=="" ( | ||||
| 	set srcdir=. | ||||
| ) | ||||
|  | ||||
| %srcdir%\testssl.bat %srcdir%\server.pem %srcdir%\server.pem %srcdir%\ca.pem ^ | ||||
|     %ssltest_bin% %openssl_bin% | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
| endlocal | ||||
| @@ -6,9 +6,16 @@ if [ -e ./ssltest.exe ]; then | ||||
| 	ssltest_bin=./ssltest.exe | ||||
| fi | ||||
|  | ||||
| openssl_bin=../apps/openssl/openssl | ||||
| if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 	openssl_bin=../apps/openssl/openssl.exe | ||||
| if [ -d ../apps/openssl ]; then | ||||
| 	openssl_bin=../apps/openssl/openssl | ||||
| 	if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 		openssl_bin=../apps/openssl/openssl.exe | ||||
| 	fi | ||||
| else | ||||
| 	openssl_bin=../apps/openssl | ||||
| 	if [ -e ../apps/openssl.exe ]; then | ||||
| 		openssl_bin=../apps/openssl.exe | ||||
| 	fi | ||||
| fi | ||||
|  | ||||
| if [ -z $srcdir ]; then | ||||
|   | ||||
							
								
								
									
										38
									
								
								tests/testdsa.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										38
									
								
								tests/testdsa.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,38 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	testdsa.bat | ||||
|  | ||||
|  | ||||
| REM # Test DSA certificate generation of openssl | ||||
|  | ||||
| set cmd=..\apps\openssl\Debug\openssl.exe | ||||
| if not exist %cmd% exit /b 1 | ||||
|  | ||||
| if "%srcdir%"=="" ( | ||||
| 	set srcdir=. | ||||
| ) | ||||
|  | ||||
| REM # Generate DSA paramter set | ||||
| %cmd% dsaparam 512 -out dsa512.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
|  | ||||
| REM # Generate a DSA certificate | ||||
| %cmd% req -config %srcdir%\openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
|  | ||||
| REM # Now check the certificate | ||||
| %cmd% x509 -text -in testdsa.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
| del testdsa.key dsa512.pem testdsa.pem | ||||
|  | ||||
| exit /b 0 | ||||
| endlocal | ||||
| @@ -4,9 +4,16 @@ | ||||
|  | ||||
| #Test DSA certificate generation of openssl | ||||
|  | ||||
| cmd=../apps/openssl/openssl | ||||
| if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 	cmd=../apps/openssl/openssl.exe | ||||
| if [ -d ../apps/openssl ]; then | ||||
| 	cmd=../apps/openssl/openssl | ||||
| 	if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 		cmd=../apps/openssl/openssl.exe | ||||
| 	fi | ||||
| else | ||||
| 	cmd=../apps/openssl | ||||
| 	if [ -e ../apps/openssl.exe ]; then | ||||
| 		cmd=../apps/openssl.exe | ||||
| 	fi | ||||
| fi | ||||
|  | ||||
| if [ -z $srcdir ]; then | ||||
|   | ||||
							
								
								
									
										69
									
								
								tests/testenc.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										69
									
								
								tests/testenc.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,69 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	testenc.bat | ||||
|  | ||||
| set test=p | ||||
| set cmd=..\apps\openssl\Debug\openssl.exe | ||||
| if not exist %cmd% exit /b 1 | ||||
|  | ||||
| set srcdir=..\..\tests | ||||
|  | ||||
| copy %srcdir%\openssl.cnf %test% | ||||
|  | ||||
| echo cat | ||||
| %cmd% enc -in %test% -out %test%.cipher | ||||
| %cmd% enc -in %test%.cipher -out %test%.clear | ||||
| fc /b %test% %test%.clear | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) else ( | ||||
| 	del %test%.cipher %test%.clear | ||||
| ) | ||||
|  | ||||
| echo base64 | ||||
| %cmd% enc -a -e -in %test% -out %test%.cipher | ||||
| %cmd% enc -a -d -in %test%.cipher -out %test%.clear | ||||
| fc /b %test% %test%.clear | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) else ( | ||||
| 	del %test%.cipher %test%.clear | ||||
| ) | ||||
|  | ||||
| for %%i in ( | ||||
| 	aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8 | ||||
| 	aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb | ||||
| 	aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb | ||||
| 	aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8 | ||||
| 	aes-256-ecb aes-256-ofb | ||||
| 	bf-cbc bf-cfb bf-ecb bf-ofb | ||||
| 	cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb | ||||
| 	des-cbc des-cfb des-cfb8 des-ecb des-ede | ||||
| 	des-ede-cbc des-ede-cfb des-ede-ofb des-ede3 | ||||
| 	des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc | ||||
| 	rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb | ||||
| 	rc4 rc4-40 | ||||
| ) do ( | ||||
| 	echo %%i | ||||
| 	%cmd% %%i -e -k test -in %test% -out %test%.%%i.cipher | ||||
| 	%cmd% %%i -d -k test -in %test%.%%i.cipher -out %test%.%%i.clear | ||||
| 	fc /b %test% %test%.%%i.clear | ||||
| 	if !errorlevel! neq 0 ( | ||||
| 		exit /b 1 | ||||
| 	) else ( | ||||
| 		del %test%.%%i.cipher %test%.%%i.clear | ||||
| 	) | ||||
|  | ||||
| 	echo %%i base64 | ||||
| 	%cmd% %%i -a -e -k test -in %test% -out %test%.%%i.cipher | ||||
| 	%cmd% %%i -a -d -k test -in %test%.%%i.cipher -out %test%.%%i.clear | ||||
| 	fc /b %test% %test%.%%i.clear | ||||
| 	if !errorlevel! neq 0 ( | ||||
| 		exit /b 1 | ||||
| 	) else ( | ||||
| 		del %test%.%%i.cipher %test%.%%i.clear | ||||
| 	) | ||||
| ) | ||||
|  | ||||
| del %test% | ||||
| endlocal | ||||
| @@ -2,12 +2,23 @@ | ||||
| #	$OpenBSD: testenc.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $ | ||||
|  | ||||
| test=p | ||||
| cmd=../apps/openssl/openssl | ||||
| if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 	cmd=../apps/openssl/openssl.exe | ||||
| if [ -d ../apps/openssl ]; then | ||||
| 	cmd=../apps/openssl/openssl | ||||
| 	if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 		cmd=../apps/openssl/openssl.exe | ||||
| 	fi | ||||
| else | ||||
| 	cmd=../apps/openssl | ||||
| 	if [ -e ../apps/openssl.exe ]; then | ||||
| 		cmd=../apps/openssl.exe | ||||
| 	fi | ||||
| fi | ||||
|  | ||||
| cat openssl.cnf >$test; | ||||
| if [ -z $srcdir ]; then | ||||
| 	srcdir=. | ||||
| fi | ||||
|  | ||||
| cat $srcdir/openssl.cnf >$test; | ||||
|  | ||||
| echo cat | ||||
| $cmd enc < $test > $test.cipher | ||||
|   | ||||
							
								
								
									
										38
									
								
								tests/testrsa.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										38
									
								
								tests/testrsa.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,38 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	testrsa.bat | ||||
|  | ||||
|  | ||||
| REM # Test RSA certificate generation of openssl | ||||
|  | ||||
| set cmd=..\apps\openssl\Debug\openssl.exe | ||||
| if not exist %cmd% exit /b 1 | ||||
|  | ||||
| if "%srcdir%"=="" ( | ||||
| 	set srcdir=. | ||||
| ) | ||||
|  | ||||
| REM # Generate RSA private key | ||||
| %cmd% genrsa -out rsakey.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
|  | ||||
| REM # Generate an RSA certificate | ||||
| %cmd% req -config %srcdir%\openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
|  | ||||
| REM # Now check the certificate | ||||
| %cmd% x509 -text -in rsacert.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
| del rsacert.pem rsakey.pem | ||||
|  | ||||
| exit /b 0 | ||||
| endlocal | ||||
| @@ -4,9 +4,16 @@ | ||||
|  | ||||
| #Test RSA certificate generation of openssl | ||||
|  | ||||
| cmd=../apps/openssl/openssl | ||||
| if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 	cmd=../apps/openssl/openssl.exe | ||||
| if [ -d ../apps/openssl ]; then | ||||
| 	cmd=../apps/openssl/openssl | ||||
| 	if [ -e ../apps/openssl/openssl.exe ]; then | ||||
| 		cmd=../apps/openssl/openssl.exe | ||||
| 	fi | ||||
| else | ||||
| 	cmd=../apps/openssl | ||||
| 	if [ -e ../apps/openssl.exe ]; then | ||||
| 		cmd=../apps/openssl.exe | ||||
| 	fi | ||||
| fi | ||||
|  | ||||
| if [ -z $srcdir ]; then | ||||
|   | ||||
							
								
								
									
										157
									
								
								tests/testssl.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										157
									
								
								tests/testssl.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,157 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	testssl.bat | ||||
|  | ||||
| set key=%1 | ||||
| set cert=%2 | ||||
| set CA=-CAfile %3 | ||||
| set ssltest=%4 -key %key% -cert %cert% -c_key %key% -c_cert %cert% | ||||
| set openssl=%5 | ||||
| set extra=%6 | ||||
|  | ||||
| %openssl% version & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| for /f "usebackq" %%s in (`%openssl% x509 -in %cert% -text -noout ^| find /c "DSA Public Key"`) do set lines=%%s | ||||
| if %lines% gtr 0 ( | ||||
|   set dsa_cert=YES | ||||
| ) else ( | ||||
|   set dsa_cert=NO | ||||
| ) | ||||
|  | ||||
| REM ######################################################################### | ||||
|  | ||||
| echo test sslv2/sslv3 | ||||
| %ssltest% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with server authentication | ||||
| %ssltest% -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with client authentication | ||||
| %ssltest% -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with both client and server authentication | ||||
| %ssltest% -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 via BIO pair | ||||
| %ssltest% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| if %dsa_cert%==NO ( | ||||
|   echo "test sslv2/sslv3 w/o (EC)DHE via BIO pair" | ||||
|   %ssltest% -bio_pair -no_dhe -no_ecdhe %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
| ) | ||||
|  | ||||
| echo test sslv2/sslv3 with 1024bit DHE via BIO pair | ||||
| %ssltest% -bio_pair -dhe1024dsa -v %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with server authentication | ||||
| %ssltest% -bio_pair -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with client authentication via BIO pair | ||||
| %ssltest% -bio_pair -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with both client and server authentication via BIO pair | ||||
| %ssltest% -bio_pair -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify | ||||
| %ssltest% -bio_pair -server_auth -client_auth -app_verify %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo "Testing ciphersuites" | ||||
| for %%p in ( TLSv1.2 ) do ( | ||||
|   echo "Testing ciphersuites for %%p" | ||||
|   for /f "usebackq" %%c in (`%openssl% ciphers -v "%%p+aRSA"`) do ( | ||||
|     echo "Testing %%c" | ||||
|     %ssltest% -cipher %%c | ||||
|     if !errorlevel! neq 0 ( | ||||
|       echo "Failed %%c" | ||||
|       exit /b 1 | ||||
|     ) | ||||
|   ) | ||||
| ) | ||||
|  | ||||
| REM ########################################################################## | ||||
|  | ||||
| for /f "usebackq" %%s in (`%openssl% no-dh`) do set nodh=%%s | ||||
| if %nodh%==no-dh ( | ||||
|   echo skipping anonymous DH tests | ||||
| ) else ( | ||||
|   echo test tls1 with 1024bit anonymous DH, multiple handshakes | ||||
|   %ssltest% -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
| ) | ||||
|  | ||||
| REM #for /f "usebackq" %%s in (`%openssl% no-rsa`) do set norsa=%%s | ||||
| REM #if %norsa%==no-rsa ( | ||||
| REM #  echo skipping RSA tests | ||||
| REM #) else ( | ||||
| REM #  echo "test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes" | ||||
| REM #  %ssltest% -v -bio_pair -tls1 -cert ..\apps\server2.pem -no_dhe -no_ecdhe -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
| REM # | ||||
| REM #  for /f "usebackq" %%s in (`%openssl% no-dh`) do set nodh=%%s | ||||
| REM #  if %nodh%==no-dh ( | ||||
| REM #    echo skipping RSA+DHE tests | ||||
| REM #  ) else ( | ||||
| REM #    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes | ||||
| REM #    %ssltest% -v -bio_pair -tls1 -cert ..\apps\server2.pem -dhe1024dsa -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
| REM #  ) | ||||
| REM #) | ||||
|  | ||||
| REM # | ||||
| REM # DTLS tests | ||||
| REM # | ||||
|  | ||||
| echo test dtlsv1 | ||||
| %ssltest% -dtls1 %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test dtlsv1 with server authentication | ||||
| %ssltest% -dtls1 -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test dtlsv1 with client authentication | ||||
| %ssltest% -dtls1 -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo test dtlsv1 with both client and server authentication | ||||
| %ssltest% -dtls1 -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| echo "Testing DTLS ciphersuites" | ||||
| for %%p in ( SSLv3 ) do ( | ||||
|   echo "Testing ciphersuites for %%p" | ||||
|   for /f "usebackq" %%c in (`%openssl% ciphers -v "RSA+%%p:-RC4"`) do ( | ||||
|     echo "Testing %%c" | ||||
|     %ssltest% -cipher %%c -dtls1 | ||||
|     if !errorlevel! neq 0 ( | ||||
|       echo "Failed %%c" | ||||
|       exit /b 1 | ||||
|     ) | ||||
|   ) | ||||
| ) | ||||
|  | ||||
| REM # | ||||
| REM # Next Protocol Negotiation tests | ||||
| REM # | ||||
| echo "Testing NPN..." | ||||
| %ssltest% -bio_pair -tls1 -npn_client & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -npn_server & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -npn_server_reject & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -npn_client -npn_server_reject & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -npn_client -npn_server & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -npn_client -npn_server -num 2 & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| REM # | ||||
| REM # ALPN tests | ||||
| REM # | ||||
| echo "Testing ALPN..." | ||||
| %ssltest% -bio_pair -tls1 -alpn_client foo -alpn_server bar & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client foo -alpn_server foo ^ | ||||
|   -alpn_expected foo & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo ^ | ||||
|   -alpn_expected foo & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo ^ | ||||
|   -alpn_expected foo & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar ^ | ||||
|   -alpn_expected foo & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo ^ | ||||
|   -alpn_expected bar & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo ^ | ||||
|   -alpn_expected bar & if !errorlevel! neq 0 exit /b 1 | ||||
| %ssltest% -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo & if !errorlevel! neq 0 exit /b 1 | ||||
|  | ||||
| endlocal | ||||
							
								
								
									
										17
									
								
								tests/tlstest.bat
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								tests/tlstest.bat
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| @echo off | ||||
| setlocal enabledelayedexpansion | ||||
| REM	tlstest.bat | ||||
|  | ||||
| set tlstest_bin=Debug\tlstest.exe | ||||
| if not exist %tlstest_bin% exit /b 1 | ||||
|  | ||||
| if "%srcdir%"=="" ( | ||||
| 	set srcdir=. | ||||
| ) | ||||
|  | ||||
| %tlstest_bin% %srcdir%\ca.pem %srcdir%\server.pem %srcdir%\server.pem | ||||
| if !errorlevel! neq 0 ( | ||||
| 	exit /b 1 | ||||
| ) | ||||
|  | ||||
| endlocal | ||||
							
								
								
									
										13
									
								
								tests/tlstest.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										13
									
								
								tests/tlstest.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| #!/bin/sh | ||||
| set -e | ||||
|  | ||||
| tlstest_bin=./tlstest | ||||
| if [ -e ./tlstest.exe ]; then | ||||
| 	tlstest_bin=./tlstest.exe | ||||
| fi | ||||
|  | ||||
| if [ -z $srcdir ]; then | ||||
| 	srcdir=. | ||||
| fi | ||||
|  | ||||
| $tlstest_bin $srcdir/ca.pem $srcdir/server.pem $srcdir/server.pem | ||||
| @@ -7,33 +7,45 @@ include_directories( | ||||
| set( | ||||
| 	TLS_SRC | ||||
| 	tls.c | ||||
| 	tls_bio_cb.c | ||||
| 	tls_client.c | ||||
| 	tls_config.c | ||||
| 	tls_conninfo.c | ||||
| 	tls_server.c | ||||
| 	tls_ocsp.c | ||||
| 	tls_peer.c | ||||
| 	tls_util.c | ||||
| 	tls_verify.c | ||||
| ) | ||||
|  | ||||
|  | ||||
| if(NOT HAVE_STRCASECMP) | ||||
| 	set(TLS_SRC ${TLS_SRC} strsep.c) | ||||
| if(NOT "${OPENSSLDIR}" STREQUAL "") | ||||
| 	add_definitions(-D_PATH_SSL_CA_FILE=\"${OPENSSLDIR}/cert.pem\") | ||||
| else() | ||||
| 	add_definitions(-D_PATH_SSL_CA_FILE=\"${CMAKE_INSTALL_PREFIX}/etc/ssl/cert.pem\") | ||||
| endif() | ||||
|  | ||||
| add_library(tls-objects OBJECT ${TLS_SRC}) | ||||
| if (BUILD_SHARED) | ||||
| 	add_library(tls-objects OBJECT ${TLS_SRC}) | ||||
| 	add_library(tls STATIC $<TARGET_OBJECTS:tls-objects>) | ||||
| 	add_library(tls-shared SHARED $<TARGET_OBJECTS:tls-objects>) | ||||
| 	if (MSVC) | ||||
| 	export_symbol(tls-shared ${CMAKE_CURRENT_SOURCE_DIR}/tls.sym) | ||||
| 	if (WIN32) | ||||
| 		target_link_libraries(tls-shared ssl-shared crypto-shared Ws2_32.lib) | ||||
| 		set(TLS_POSTFIX -${TLS_MAJOR_VERSION}) | ||||
| 	endif() | ||||
| 	set_target_properties(tls-shared PROPERTIES OUTPUT_NAME tls) | ||||
| 	set_target_properties(tls-shared PROPERTIES | ||||
| 		OUTPUT_NAME tls${TLS_POSTFIX} | ||||
| 		ARCHIVE_OUTPUT_NAME tls${TLS_POSTFIX}) | ||||
| 	set_target_properties(tls-shared PROPERTIES VERSION ${TLS_VERSION} | ||||
| 		SOVERSION ${TLS_MAJOR_VERSION}) | ||||
| 	install(TARGETS tls tls-shared DESTINATION lib) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS tls tls-shared DESTINATION ${CMAKE_INSTALL_LIBDIR}) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| else() | ||||
| 	add_library(tls STATIC ${TLS_SRC}) | ||||
| 	install(TARGETS tls DESTINATION lib) | ||||
| 	if(ENABLE_LIBRESSL_INSTALL) | ||||
| 		install(TARGETS tls DESTINATION ${CMAKE_INSTALL_LIBDIR}) | ||||
| 	endif(ENABLE_LIBRESSL_INSTALL) | ||||
| endif() | ||||
|  | ||||
|   | ||||
| @@ -4,8 +4,9 @@ lib_LTLIBRARIES = libtls.la | ||||
|  | ||||
| EXTRA_DIST = VERSION | ||||
| EXTRA_DIST += CMakeLists.txt | ||||
| EXTRA_DIST += tls.sym | ||||
|  | ||||
| libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined | ||||
| libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined -export-symbols $(top_srcdir)/tls/tls.sym | ||||
| libtls_la_LIBADD = $(abs_top_builddir)/ssl/libssl.la | ||||
| libtls_la_LIBADD += $(abs_top_builddir)/crypto/libcrypto.la | ||||
| libtls_la_LIBADD += $(PLATFORM_LDADD) | ||||
| @@ -19,14 +20,12 @@ endif | ||||
|  | ||||
| libtls_la_SOURCES = tls.c | ||||
| libtls_la_SOURCES += tls_client.c | ||||
| libtls_la_SOURCES += tls_bio_cb.c | ||||
| libtls_la_SOURCES += tls_config.c | ||||
| libtls_la_SOURCES += tls_conninfo.c | ||||
| libtls_la_SOURCES += tls_server.c | ||||
| libtls_la_SOURCES += tls_ocsp.c | ||||
| libtls_la_SOURCES += tls_peer.c | ||||
| libtls_la_SOURCES += tls_util.c | ||||
| libtls_la_SOURCES += tls_verify.c | ||||
| noinst_HEADERS = tls_internal.h | ||||
|  | ||||
| if !HAVE_STRSEP | ||||
| libtls_la_SOURCES += strsep.c | ||||
| endif | ||||
|   | ||||
							
								
								
									
										181
									
								
								update.sh
									
									
									
									
									
								
							
							
						
						
									
										181
									
								
								update.sh
									
									
									
									
									
								
							| @@ -18,23 +18,25 @@ fi | ||||
|  | ||||
| # setup source paths | ||||
| CWD=`pwd` | ||||
| libc_src=$CWD/openbsd/src/lib/libc | ||||
| libc_regress=$CWD/openbsd/src/regress/lib/libc | ||||
| libcrypto_src=$CWD/openbsd/src/lib/libcrypto | ||||
| libcrypto_regress=$CWD/openbsd/src/regress/lib/libcrypto | ||||
| libssl_src=$CWD/openbsd/src/lib/libssl | ||||
| libssl_regress=$CWD/openbsd/src/regress/lib/libssl | ||||
| libtls_src=$CWD/openbsd/src/lib/libtls | ||||
| libtls_regress=$CWD/openbsd/src/regress/lib/libtls | ||||
| app_src=$CWD/openbsd/src/usr.bin | ||||
| OPENBSD_SRC=$CWD/openbsd/src | ||||
| libc_src=$OPENBSD_SRC/lib/libc | ||||
| libc_regress=$OPENBSD_SRC/regress/lib/libc | ||||
| libcrypto_src=$OPENBSD_SRC/lib/libcrypto | ||||
| libcrypto_regress=$OPENBSD_SRC/regress/lib/libcrypto | ||||
| libssl_src=$OPENBSD_SRC/lib/libssl | ||||
| libssl_regress=$OPENBSD_SRC/regress/lib/libssl | ||||
| libtls_src=$OPENBSD_SRC/lib/libtls | ||||
| libtls_regress=$OPENBSD_SRC/regress/lib/libtls | ||||
| bin_src=$OPENBSD_SRC/usr.bin | ||||
| sbin_src=$OPENBSD_SRC/usr.sbin | ||||
|  | ||||
| # load library versions | ||||
| . $libcrypto_src/crypto/shlib_version | ||||
| . $libcrypto_src/shlib_version | ||||
| libcrypto_version=$major:$minor:0 | ||||
| echo "libcrypto version $libcrypto_version" | ||||
| echo $libcrypto_version > crypto/VERSION | ||||
|  | ||||
| . $libssl_src/ssl/shlib_version | ||||
| . $libssl_src/shlib_version | ||||
| libssl_version=$major:$minor:0 | ||||
| echo "libssl version $libssl_version" | ||||
| echo $libssl_version > ssl/VERSION | ||||
| @@ -61,12 +63,16 @@ do_cp_libc() { | ||||
| CP_LIBC='do_cp_libc' | ||||
|  | ||||
| CP='cp -p' | ||||
| GREP='grep' | ||||
| if [ -x /opt/csw/bin/ggrep ]; then | ||||
| 	GREP='/opt/csw/bin/ggrep' | ||||
| fi | ||||
|  | ||||
| $CP $libssl_src/src/LICENSE COPYING | ||||
| $CP $libssl_src/LICENSE COPYING | ||||
|  | ||||
| $CP $libcrypto_src/crypto/arch/amd64/opensslconf.h include/openssl | ||||
| $CP $libssl_src/src/crypto/opensslfeatures.h include/openssl | ||||
| $CP $libssl_src/src/ssl/pqueue.h include | ||||
| $CP $libcrypto_src/arch/amd64/opensslconf.h include/openssl | ||||
| $CP $libcrypto_src/opensslfeatures.h include/openssl | ||||
| $CP $libssl_src/pqueue.h include | ||||
|  | ||||
| $CP $libtls_src/tls.h include | ||||
| $CP $libtls_src/tls.h libtls-standalone/include | ||||
| @@ -75,17 +81,20 @@ for i in crypto/compat libtls-standalone/compat; do | ||||
| 	for j in $libc_src/crypt/arc4random.c \ | ||||
| 	    $libc_src/crypt/arc4random_uniform.c \ | ||||
| 	    $libc_src/crypt/chacha_private.h \ | ||||
| 	    $libc_src/string/explicit_bzero.c \ | ||||
| 	    $libc_src/net/inet_pton.c \ | ||||
| 	    $libc_src/stdlib/reallocarray.c \ | ||||
| 	    $libc_src/stdlib/recallocarray.c \ | ||||
| 	    $libc_src/string/explicit_bzero.c \ | ||||
| 	    $libc_src/string/strcasecmp.c \ | ||||
| 	    $libc_src/string/strlcpy.c \ | ||||
| 	    $libc_src/string/strlcat.c \ | ||||
| 	    $libc_src/string/strndup.c \ | ||||
| 	    $libc_src/string/strnlen.c \ | ||||
| 	    $libc_src/string/strsep.c \ | ||||
| 	    $libc_src/string/timingsafe_bcmp.c \ | ||||
| 	    $libc_src/string/timingsafe_memcmp.c \ | ||||
| 	    $libcrypto_src/crypto/getentropy_*.c \ | ||||
| 	    $libcrypto_src/crypto/arc4random_*.h; do | ||||
| 	    $libcrypto_src/arc4random/getentropy_*.c \ | ||||
| 	    $libcrypto_src/arc4random/arc4random_*.h; do | ||||
| 		$CP_LIBC $j $i | ||||
| 	done | ||||
| done | ||||
| @@ -99,36 +108,36 @@ $CP crypto/compat/arc4random*.h \ | ||||
| 	crypto/compat/bsd-asprintf.c \ | ||||
| 	libtls-standalone/compat | ||||
|  | ||||
| (cd $libssl_src/src/crypto/objects/; | ||||
| (cd $libcrypto_src/objects/; | ||||
| 	perl objects.pl objects.txt obj_mac.num obj_mac.h; | ||||
| 	perl obj_dat.pl obj_mac.h obj_dat.h ) | ||||
| mkdir -p include/openssl crypto/objects | ||||
| $MV $libssl_src/src/crypto/objects/obj_mac.h ./include/openssl/obj_mac.h | ||||
| $MV $libssl_src/src/crypto/objects/obj_dat.h ./crypto/objects/obj_dat.h | ||||
| $MV $libcrypto_src/objects/obj_mac.h ./include/openssl/obj_mac.h | ||||
| $MV $libcrypto_src/objects/obj_dat.h ./crypto/objects/obj_dat.h | ||||
|  | ||||
| copy_hdrs() { | ||||
| 	for file in $2; do | ||||
| 		$CP $libssl_src/src/$1/$file include/openssl | ||||
| 		$CP $1/$file include/openssl | ||||
| 	done | ||||
| } | ||||
|  | ||||
| copy_hdrs crypto "stack/stack.h lhash/lhash.h stack/safestack.h | ||||
| copy_hdrs $libcrypto_src "stack/stack.h lhash/lhash.h stack/safestack.h | ||||
| 	ossl_typ.h err/err.h crypto.h comp/comp.h x509/x509.h buffer/buffer.h | ||||
| 	objects/objects.h asn1/asn1.h bn/bn.h ec/ec.h ecdsa/ecdsa.h | ||||
| 	ecdh/ecdh.h rsa/rsa.h sha/sha.h x509/x509_vfy.h pkcs7/pkcs7.h pem/pem.h | ||||
| 	pem/pem2.h hmac/hmac.h rand/rand.h md5/md5.h | ||||
| 	krb5/krb5_asn.h asn1/asn1_mac.h x509v3/x509v3.h conf/conf.h ocsp/ocsp.h | ||||
| 	pem/pem2.h hkdf/hkdf.h hmac/hmac.h rand/rand.h md5/md5.h | ||||
| 	asn1/asn1_mac.h x509v3/x509v3.h conf/conf.h ocsp/ocsp.h | ||||
| 	aes/aes.h modes/modes.h asn1/asn1t.h dso/dso.h bf/blowfish.h | ||||
| 	bio/bio.h cast/cast.h cmac/cmac.h conf/conf_api.h des/des.h dh/dh.h | ||||
| 	dsa/dsa.h cms/cms.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h | ||||
| 	dsa/dsa.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h | ||||
| 	md4/md4.h ripemd/ripemd.h whrlpool/whrlpool.h idea/idea.h | ||||
| 	rc2/rc2.h rc4/rc4.h ui/ui_compat.h txt_db/txt_db.h | ||||
| 	chacha/chacha.h evp/evp.h poly1305/poly1305.h camellia/camellia.h | ||||
| 	gost/gost.h" | ||||
| 	gost/gost.h curve25519/curve25519.h" | ||||
|  | ||||
| copy_hdrs ssl "srtp.h ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h" | ||||
| copy_hdrs $libssl_src "srtp.h ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h" | ||||
|  | ||||
| $CP $libssl_src/src/crypto/opensslv.h include/openssl | ||||
| $CP $libcrypto_src/opensslv.h include/openssl | ||||
| awk '/LIBRESSL_VERSION_TEXT/ {print $4}' < include/openssl/opensslv.h | cut -d\" -f1 > VERSION | ||||
| echo "LibreSSL version `cat VERSION`" | ||||
|  | ||||
| @@ -139,16 +148,18 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' crypto/Makefile.am` ; do | ||||
| 	dir=`dirname $i` | ||||
| 	mkdir -p crypto/$dir | ||||
| 	if [ $dir != "compat" ]; then | ||||
| 		if [ -e $libssl_src/src/crypto/$i ]; then | ||||
| 			$CP $libssl_src/src/crypto/$i crypto/$i | ||||
| 		if [ -e $libcrypto_src/$i ]; then | ||||
| 			$CP $libcrypto_src/$i crypto/$i | ||||
| 		fi | ||||
| 	fi | ||||
| done | ||||
| $CP crypto/compat/b_win.c crypto/bio | ||||
| $CP crypto/compat/ui_openssl_win.c crypto/ui | ||||
| # add the libcrypto symbol export list | ||||
| $GREP -v OPENSSL_ia32cap_P $libcrypto_src/Symbols.list | $GREP '^[[:alpha:]]' > crypto/crypto.sym | ||||
|  | ||||
| # generate assembly crypto algorithms | ||||
| asm_src=$libssl_src/src/crypto | ||||
| asm_src=$libcrypto_src | ||||
| gen_asm_stdout() { | ||||
| 	perl $asm_src/$2 $1 > $3.tmp | ||||
| 	[ $1 = "elf" ] && cat <<-EOF >> $3.tmp | ||||
| @@ -169,24 +180,24 @@ gen_asm() { | ||||
| } | ||||
| for abi in elf macosx; do | ||||
| 	echo generating ASM source for $abi | ||||
| 	gen_asm_stdout $abi aes/asm/aes-x86_64.pl        crypto/aes/aes-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi aes/asm/vpaes-x86_64.pl      crypto/aes/vpaes-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi aes/asm/bsaes-x86_64.pl      crypto/aes/bsaes-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi aes/asm/aesni-x86_64.pl      crypto/aes/aesni-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi aes/asm/aesni-sha1-x86_64.pl crypto/aes/aesni-sha1-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi bn/asm/modexp512-x86_64.pl   crypto/bn/modexp512-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi bn/asm/x86_64-mont.pl        crypto/bn/mont-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi bn/asm/x86_64-mont5.pl       crypto/bn/mont5-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi bn/asm/x86_64-gf2m.pl        crypto/bn/gf2m-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi camellia/asm/cmll-x86_64.pl  crypto/camellia/cmll-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi md5/asm/md5-x86_64.pl        crypto/md5/md5-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi modes/asm/ghash-x86_64.pl    crypto/modes/ghash-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi rc4/asm/rc4-x86_64.pl        crypto/rc4/rc4-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi rc4/asm/rc4-md5-x86_64.pl    crypto/rc4/rc4-md5-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi sha/asm/sha1-x86_64.pl       crypto/sha/sha1-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi aes/asm/aes-x86_64.pl        crypto/aes/aes-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi aes/asm/vpaes-x86_64.pl      crypto/aes/vpaes-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi aes/asm/bsaes-x86_64.pl      crypto/aes/bsaes-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi aes/asm/aesni-x86_64.pl      crypto/aes/aesni-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi aes/asm/aesni-sha1-x86_64.pl crypto/aes/aesni-sha1-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi bn/asm/modexp512-x86_64.pl   crypto/bn/modexp512-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi bn/asm/x86_64-mont.pl        crypto/bn/mont-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi bn/asm/x86_64-mont5.pl       crypto/bn/mont5-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi bn/asm/x86_64-gf2m.pl        crypto/bn/gf2m-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi camellia/asm/cmll-x86_64.pl  crypto/camellia/cmll-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi md5/asm/md5-x86_64.pl        crypto/md5/md5-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi modes/asm/ghash-x86_64.pl    crypto/modes/ghash-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi rc4/asm/rc4-x86_64.pl        crypto/rc4/rc4-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi rc4/asm/rc4-md5-x86_64.pl    crypto/rc4/rc4-md5-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi sha/asm/sha1-x86_64.pl       crypto/sha/sha1-$abi-x86_64.S | ||||
| 	gen_asm        $abi sha/asm/sha512-x86_64.pl     crypto/sha/sha256-$abi-x86_64.S | ||||
| 	gen_asm        $abi sha/asm/sha512-x86_64.pl     crypto/sha/sha512-$abi-x86_64.S | ||||
| 	gen_asm_stdout $abi whrlpool/asm/wp-x86_64.pl    crypto/whrlpool/wp-$abi-x86_64.s | ||||
| 	gen_asm_stdout $abi whrlpool/asm/wp-x86_64.pl    crypto/whrlpool/wp-$abi-x86_64.S | ||||
| 	gen_asm        $abi x86_64cpuid.pl               crypto/cpuid-$abi-x86_64.S | ||||
| done | ||||
|  | ||||
| @@ -199,9 +210,8 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' tls/Makefile.am` ; do | ||||
| 		$CP $libtls_src/$i libtls-standalone/src | ||||
| 	fi | ||||
| done | ||||
|  | ||||
| $CP_LIBC $libc_src/string/strsep.c tls | ||||
| $CP_LIBC $libc_src/string/strsep.c libtls-standalone/compat | ||||
| # add the libtls symbol export list | ||||
| $GREP '^[[:alpha:]]' < $libtls_src/Symbols.list > tls/tls.sym | ||||
|  | ||||
| mkdir -p libtls-standalone/m4 | ||||
| $CP m4/check*.m4 \ | ||||
| @@ -212,25 +222,38 @@ sed -e "s/compat\///" crypto/Makefile.am.arc4random > \ | ||||
|  | ||||
| # copy nc(1) source | ||||
| echo "copying nc(1) source" | ||||
| $CP $app_src/nc/nc.1 apps/nc | ||||
| $CP $bin_src/nc/nc.1 apps/nc | ||||
| rm -f apps/nc/*.c apps/nc/*.h | ||||
| $CP_LIBC $libc_src/net/base64.c apps/nc/compat | ||||
| $CP_LIBC $libc_src/stdlib/strtonum.c apps/nc/compat | ||||
| for i in `awk '/SOURCES|HEADERS|MANS/ { print $3 }' apps/nc/Makefile.am` ; do | ||||
| 	if [ -e $app_src/nc/$i ]; then | ||||
| 		$CP $app_src/nc/$i apps/nc | ||||
| 	if [ -e $bin_src/nc/$i ]; then | ||||
| 		$CP $bin_src/nc/$i apps/nc | ||||
| 	fi | ||||
| done | ||||
|  | ||||
| # copy ocspcheck(1) source | ||||
| echo "copying ocspcheck(1) source" | ||||
| $CP $sbin_src/ocspcheck/ocspcheck.8 apps/ocspcheck | ||||
| rm -f apps/ocspcheck/*.c apps/ocspcheck/*.h | ||||
| $CP_LIBC $libc_src/net/inet_ntop.c apps/ocspcheck/compat | ||||
| $CP_LIBC $libc_src/string/memmem.c apps/ocspcheck/compat | ||||
| for i in `awk '/SOURCES|HEADERS|MANS/ { print $3 }' apps/ocspcheck/Makefile.am` ; do | ||||
| 	if [ -e $sbin_src/ocspcheck/$i ]; then | ||||
| 		$CP $sbin_src/ocspcheck/$i apps/ocspcheck | ||||
| 	fi | ||||
| done | ||||
|  | ||||
| # copy openssl(1) source | ||||
| echo "copying openssl(1) source" | ||||
| $CP $app_src/openssl/openssl.1 apps/openssl | ||||
| $CP $bin_src/openssl/openssl.1 apps/openssl | ||||
| $CP_LIBC $libc_src/stdlib/strtonum.c apps/openssl/compat | ||||
| $CP $libcrypto_src/cert.pem apps/openssl | ||||
| $CP $libcrypto_src/openssl.cnf apps/openssl | ||||
| $CP $libcrypto_src/x509v3.cnf apps/openssl | ||||
| for i in `awk '/SOURCES|HEADERS|MANS/ { print $3 }' apps/openssl/Makefile.am` ; do | ||||
| 	if [ -e $app_src/openssl/$i ]; then | ||||
| 		$CP $app_src/openssl/$i apps/openssl | ||||
| 	if [ -e $bin_src/openssl/$i ]; then | ||||
| 		$CP $bin_src/openssl/$i apps/openssl | ||||
| 	fi | ||||
| done | ||||
|  | ||||
| @@ -238,8 +261,10 @@ done | ||||
| echo "copying libssl source" | ||||
| rm -f ssl/*.c ssl/*.h | ||||
| for i in `awk '/SOURCES|HEADERS/ { print $3 }' ssl/Makefile.am` ; do | ||||
| 	$CP $libssl_src/src/ssl/$i ssl | ||||
| 	$CP $libssl_src/$i ssl | ||||
| done | ||||
| # add the libssl symbol export list | ||||
| $GREP '^[[:alpha:]]' < $libssl_src/Symbols.list > ssl/ssl.sym | ||||
|  | ||||
| # copy libcrypto tests | ||||
| echo "copying tests" | ||||
| @@ -248,12 +273,11 @@ for i in `find $libcrypto_regress -name '*.c'`; do | ||||
| done | ||||
| $CP $libcrypto_regress/evp/evptests.txt tests | ||||
| $CP $libcrypto_regress/aead/aeadtests.txt tests | ||||
| $CP $libcrypto_regress/pqueue/expected.txt tests/pq_expected.txt | ||||
|  | ||||
| # copy libc tests | ||||
| $CP $libc_regress/arc4random-fork/arc4random-fork.c tests/arc4randomforktest.c | ||||
| $CP $libc_regress/explicit_bzero/explicit_bzero.c tests | ||||
| $CP_LIBC $libc_src/string/memmem.c tests | ||||
| $CP_LIBC $libc_src/string/memmem.c tests/compat | ||||
| $CP $libc_regress/timingsafe/timingsafe.c tests | ||||
|  | ||||
| # copy libssl tests | ||||
| @@ -264,6 +288,7 @@ done | ||||
| $CP $libssl_regress/unit/tests.h tests | ||||
| $CP $libssl_regress/certs/ca.pem tests | ||||
| $CP $libssl_regress/certs/server.pem tests | ||||
| $CP $libssl_regress/pqueue/expected.txt tests/pq_expected.txt | ||||
|  | ||||
| # copy libtls tests | ||||
| for i in `find $libtls_regress -name '*.c'`; do | ||||
| @@ -284,18 +309,18 @@ add_man_links() { | ||||
| 	filter=$1 | ||||
| 	dest=$2 | ||||
| 	echo "install-data-hook:" >> $dest | ||||
| 	for i in `grep $filter man/links`; do | ||||
| 	for i in `$GREP $filter man/links`; do | ||||
| 		IFS=","; set $i; unset IFS | ||||
| 		if [ "$2" != "" ]; then | ||||
| 			echo "	ln -sf $1 \$(DESTDIR)\$(mandir)/man3/$2" >> $dest | ||||
| 			echo "	ln -sf \"$1\" \"\$(DESTDIR)\$(mandir)/man3/$2\"" >> $dest | ||||
| 		fi | ||||
| 	done | ||||
| 	echo "" >> $dest | ||||
| 	echo "uninstall-local:" >> $dest | ||||
| 	for i in `grep $filter man/links`; do | ||||
| 	for i in `$GREP $filter man/links`; do | ||||
| 		IFS=","; set $i; unset IFS | ||||
| 		if [ "$2" != "" ]; then | ||||
| 			echo "	-rm -f \$(DESTDIR)\$(mandir)/man3/$2" >> $dest | ||||
| 			echo "	-rm -f \"\$(DESTDIR)\$(mandir)/man3/$2\"" >> $dest | ||||
| 		fi | ||||
| 	done | ||||
| } | ||||
| @@ -315,12 +340,8 @@ echo "copying manpages" | ||||
| echo EXTRA_DIST = CMakeLists.txt > man/Makefile.am | ||||
| echo dist_man_MANS = >> man/Makefile.am | ||||
|  | ||||
| $CP $libtls_src/tls_init.3 man | ||||
| echo "dist_man_MANS += tls_init.3" >> man/Makefile.am | ||||
|  | ||||
| (cd man | ||||
| 	# update new-style manpages | ||||
| 	for i in `ls -1 $libssl_src/src/doc/ssl/*.3 | sort`; do | ||||
| 	for i in `ls -1 $libssl_src/man/*.3 | sort`; do | ||||
| 		NAME=`basename "$i"` | ||||
| 		$CP $i . | ||||
| 		echo "dist_man_MANS += $NAME" >> Makefile.am | ||||
| @@ -332,24 +353,10 @@ echo "dist_man_MANS += tls_init.3" >> man/Makefile.am | ||||
| 		echo "dist_man_MANS += $NAME" >> Makefile.am | ||||
| 	done | ||||
|  | ||||
| 	# convert remaining POD manpages | ||||
| 	for i in `ls -1 $libssl_src/src/doc/crypto/*.pod | sort`; do | ||||
| 		BASE=`echo $i|sed -e "s/\.pod//"` | ||||
| 		NAME=`basename "$BASE"` | ||||
| 		# reformat file if new | ||||
| 		if [ ! -f $NAME.3 -o $BASE.pod -nt $NAME.3 -o ../include/openssl/opensslv.h -nt $NAME.3 ]; then | ||||
| 			echo processing $NAME | ||||
| 			pod2man --official --release="LibreSSL $VERSION" --center=LibreSSL \ | ||||
| 				--section=3 $POD2MAN --name=$NAME < $BASE.pod > $NAME.3 | ||||
| 		fi | ||||
| 		echo "dist_man_MANS += $NAME.3" >> Makefile.am | ||||
| 	for i in `ls -1 $libtls_src/man/*.3 | sort`; do | ||||
| 		NAME=`basename "$i"` | ||||
| 		$CP $i . | ||||
| 		echo "dist_man_MANS += $NAME" >> Makefile.am | ||||
| 	done | ||||
| ) | ||||
| add_man_links . man/Makefile.am | ||||
|  | ||||
| # standalone libtls manpages | ||||
| mkdir -p libtls-standalone/man | ||||
| echo "dist_man_MANS = tls_init.3" > libtls-standalone/man/Makefile.am | ||||
|  | ||||
| $CP $libtls_src/tls_init.3 libtls-standalone/man | ||||
| add_man_links tls_init libtls-standalone/man/Makefile.am | ||||
|   | ||||
		Reference in New Issue
	
	Block a user