generic-library/libreSSL
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: generic-library:v2.2.7
Branches Tags
generic-library:main generic-library:OPENBSD_6_2 generic-library:OPENBSD_6_1 generic-library:OPENBSD_6_0 generic-library:OPENBSD_5_9 generic-library:OPENBSD_5_8 generic-library:OPENBSD_5_7 generic-library:OPENBSD_5_6
generic-library:v2.6.4 generic-library:v2.6.3 generic-library:v2.6.2 generic-library:v2.6.1 generic-library:v2.6.0 generic-library:v2.5.5 generic-library:v2.5.4 generic-library:v2.5.3 generic-library:v2.5.2 generic-library:v2.5.1 generic-library:v2.4.5 generic-library:v2.3.10 generic-library:v2.3.9 generic-library:v2.4.4 generic-library:v2.5.0 generic-library:v2.3.8 generic-library:v2.4.3 generic-library:v2.3.7 generic-library:v2.4.2 generic-library:v2.4.1 generic-library:v2.3.6 generic-library:v2.2.9 generic-library:v2.4.0 generic-library:v2.3.5 generic-library:v2.2.8 generic-library:v2.2.7 generic-library:v2.3.4 generic-library:v2.3.3 generic-library:v2.1.10 generic-library:v2.2.6 generic-library:v2.3.2 generic-library:v2.2.5 generic-library:v2.1.9 generic-library:v2.3.1 generic-library:v2.0.6 generic-library:v2.1.8 generic-library:v2.2.4 generic-library:v2.3.0 generic-library:v2.2.3 generic-library:v2.2.2 generic-library:v2.2.1 generic-library:v2.2.0 generic-library:v2.1.7 generic-library:v2.1.6 generic-library:v2.1.5 generic-library:v2.1.4 generic-library:v2.1.3 generic-library:v2.1.2
..
compare: generic-library:v2.0.6
Branches Tags
generic-library:OPENBSD_6_2 generic-library:main generic-library:OPENBSD_6_1 generic-library:OPENBSD_6_0 generic-library:OPENBSD_5_9 generic-library:OPENBSD_5_8 generic-library:OPENBSD_5_7 generic-library:OPENBSD_5_6
generic-library:v2.6.4 generic-library:v2.6.3 generic-library:v2.6.2 generic-library:v2.6.1 generic-library:v2.6.0 generic-library:v2.5.5 generic-library:v2.5.4 generic-library:v2.5.3 generic-library:v2.5.2 generic-library:v2.5.1 generic-library:v2.4.5 generic-library:v2.3.10 generic-library:v2.3.9 generic-library:v2.4.4 generic-library:v2.5.0 generic-library:v2.3.8 generic-library:v2.4.3 generic-library:v2.3.7 generic-library:v2.4.2 generic-library:v2.4.1 generic-library:v2.3.6 generic-library:v2.2.9 generic-library:v2.4.0 generic-library:v2.3.5 generic-library:v2.2.8 generic-library:v2.2.7 generic-library:v2.3.4 generic-library:v2.3.3 generic-library:v2.1.10 generic-library:v2.2.6 generic-library:v2.3.2 generic-library:v2.2.5 generic-library:v2.1.9 generic-library:v2.3.1 generic-library:v2.0.6 generic-library:v2.1.8 generic-library:v2.2.4 generic-library:v2.3.0 generic-library:v2.2.3 generic-library:v2.2.2 generic-library:v2.2.1 generic-library:v2.2.0 generic-library:v2.1.7 generic-library:v2.1.6 generic-library:v2.1.5 generic-library:v2.1.4 generic-library:v2.1.3 generic-library:v2.1.2

5 Commits
v2.2.7 ... v2.0.6

Author SHA1 Message Date
Brent Cook
7356330f2c update to 2.0.6 2015-10-15 16:17:10 -05:00
Brent Cook
6f4f4e1f34 rebase on pull when updating the openbsd branch 
this avoids inadvertent local merges
 2014-08-08 07:33:23 -05:00
Brent Cook
5196a58dae conditionally build strnlen if needed. 
it is only used by strndup

prodded by Sortie@
 2014-08-04 10:44:56 -06:00
Bob Beck
eb8ed5a532 Crank version for next 2.0 2014-08-04 10:41:44 -06:00
Brent Cook
05f8996169 tie libressl branch to openbsd branch, bump ver. 
Added OPENBSD_BRANCH to set what branch update.sh should checkout.
 2014-07-31 22:06:14 -05:00
122 changed files with 2077 additions and 9076 deletions
Expand all files Collapse all files

185
.gitignore vendored
View File

@@ -9,10 +9,6 @@
# C stuff # C stuff
*.o *.o
# Assembly stuff
*.S
*.s
# Windows stuff # Windows stuff
*.obj *.obj
*.exe *.exe
@@ -38,26 +34,20 @@ Makefile.in
*.lo *.lo
*.la *.la
*.def
*.pc *.pc
# tests # tests
test-driver test-driver
*.log *.log
*.trs *.trs
!tests/optionstest.c
tests/aes_wrap* tests/aes_wrap*
tests/arc4random_fork* tests/arc4random_fork*
tests/cipher*
tests/explicit_bzero* tests/explicit_bzero*
tests/gost2814789t*
tests/mont* tests/mont*
tests/timingsafe* tests/timingsafe*
tests/*test tests/*test
tests/tests.h
tests/*test.c tests/*test.c
tests/memmem.c tests/memmem.c
tests/pbkdf2*
tests/*.pem tests/*.pem
tests/testssl tests/testssl
tests/*.txt tests/*.txt
@@ -65,83 +55,132 @@ tests/*.txt
# ctags stuff # ctags stuff
TAGS TAGS
autom4te.cache ## The initial / makes these files only get ignored in particular directories.
/autom4te.cache
# Libtool adds these, at least sometimes # Libtool adds these, at least sometimes
INSTALL INSTALL
/COPYING /m4/libtool.m4
!m4/check*.m4 /m4/ltoptions.m4
m4/l* /m4/ltsugar.m4
/m4/ltversion.m4
/m4/lt~obsolete.m4
aclocal.m4 /aclocal.m4
compile /compile
doxygen /doxygen
config.guess /config.guess
config.log /config.log
config.status /config.status
config.sub /config.sub
configure /configure
depcomp /configure.ac
config.h /depcomp
config.h.in /config.h
install-sh /config.h.in
libtool /install-sh
ltmain.sh /libtool
missing /ltmain.sh
stamp-h1 /missing
stamp-h2 /stamp-h1
/stamp-h2
crypto/Makefile.am
include/openssl/Makefile.am include/openssl/Makefile.am
ssl/Makefile.am
VERSION apps/Makefile.am
crypto/VERSION tests/Makefile.am
ssl/VERSION
tls/VERSION
libtls-standalone/VERSION
ssl/*.c ssl/*.c
ssl/*.h ssl/*.h
tls/*.c
tls/*.h
include/pqueue.h include/pqueue.h
include/tls.h
include/openssl/*.h include/openssl/*.h
include/openssl/*.he
apps/*.c
apps/*.h
apps/*.cnf
apps/openssl
!/apps/apps_win.c crypto/compat/arc4random.c
!/apps/poll_win.c crypto/compat/chacha_private.h
!/apps/certhash_disabled.c crypto/compat/explicit_bzero.c
/apps/*.h crypto/compat/getentropy_*.c
/apps/*.c crypto/compat/reallocarray.c
/apps/*.cnf crypto/compat/strlcat.c
/apps/*.pem crypto/compat/strlcpy.c
/apps/openssl crypto/compat/strndup.c
crypto/compat/strnlen.c
!/crypto/Makefile.am.* crypto/compat/strtonum.c
!/crypto/compat/arc4random.h crypto/compat/timingsafe_bcmp.c
!/crypto/compat/b_win.c crypto/compat/timingsafe_memcmp.c
!/crypto/compat/explicit_bzero_win.c crypto/compat/arc4random_*.h
!/crypto/compat/posix_win.c
!/crypto/compat/bsd_asprintf.c
!/crypto/compat/inet_pton.c
!/crypto/compat/ui_openssl_win.c
!/crypto/CMakeLists.txt
/crypto
!/libtls-standalone/compat/Makefile.am
/libtls-standalone/include/*.h
/libtls-standalone/src/*.c
/libtls-standalone/src/*.h
/libtls-standalone/src
/libtls-standalone/tests/test
/libtls-standalone/compat
/libtls-standalone/VERSION
/libtls-standalone/m4
/libtls-standalone/man
crypto/aes/
crypto/asn1/
crypto/bf/
crypto/bio/
crypto/bn/
crypto/buffer/
crypto/cast/
crypto/chacha/
crypto/cmac/
crypto/comp/
crypto/conf/
crypto/cpt_err.c
crypto/cryptlib.c
crypto/cryptlib.h
crypto/cversion.c
crypto/des/
crypto/dh/
crypto/dsa/
crypto/dso/
crypto/ec/
crypto/ecdh/
crypto/ecdsa/
crypto/engine/
crypto/err/
crypto/evp/
crypto/ex_data.c
crypto/hmac/
crypto/idea/
crypto/krb5/
crypto/lhash/
crypto/malloc-wrapper.c
crypto/md32_common.h
crypto/md4/
crypto/md5/
crypto/mdc2/
crypto/mem_clr.c
crypto/mem_dbg.c
crypto/modes/
crypto/o_init.c
crypto/o_str.c
crypto/o_time.c
crypto/o_time.h
crypto/objects
crypto/ocsp/
crypto/pem/
crypto/pkcs12/
crypto/pkcs7/
crypto/poly1305/
crypto/pqueue/
crypto/rand/
crypto/rc2/
crypto/rc4/
crypto/ripemd/
crypto/rsa/
crypto/sha/
crypto/stack/
crypto/ts/
crypto/txt_db/
crypto/ui/
crypto/whrlpool/
crypto/x509/
crypto/x509v3/
openbsd/ openbsd/
*.tar.gz
apps/*.1*
man/*.3 man/*.3
man/*.1 man/*.1
man/Makefile.am man/Makefile.am
.gitmodules
ChangeLog
COPYING

24
.travis.yml
View File

@@ -1,24 +0,0 @@
language: c
matrix:
include:
- compiler: clang
os: osx
env: ARCH=native
- compiler: gcc
os: osx
env: ARCH=native
- compiler: clang
os: linux
env: ARCH=native
- compiler: gcc
os: linux
env: ARCH=native
- compiler: gcc
os: linux
env: ARCH=mingw32
- compiler: gcc
os: linux
env: ARCH=mingw64
script:
"./scripts/travis"

0
libtls-standalone/AUTHORS → AUTHORS
View File

182
CMakeLists.txt
View File

@@ -1,182 +0,0 @@
cmake_minimum_required (VERSION 2.8)
include(CheckFunctionExists)
include(CheckLibraryExists)
include(CheckIncludeFiles)
project (LibreSSL)
enable_testing()
file(READ ${CMAKE_SOURCE_DIR}/ssl/VERSION SSL_VERSION)
string(STRIP ${SSL_VERSION} SSL_VERSION)
string(REPLACE ":" "." SSL_VERSION ${SSL_VERSION})
string(REGEX REPLACE "\\..*" "" SSL_MAJOR_VERSION ${SSL_VERSION})
file(READ ${CMAKE_SOURCE_DIR}/crypto/VERSION CRYPTO_VERSION)
string(STRIP ${CRYPTO_VERSION} CRYPTO_VERSION)
string(REPLACE ":" "." CRYPTO_VERSION ${CRYPTO_VERSION})
string(REGEX REPLACE "\\..*" "" CRYPTO_MAJOR_VERSION ${CRYPTO_VERSION})
file(READ ${CMAKE_SOURCE_DIR}/tls/VERSION TLS_VERSION)
string(STRIP ${TLS_VERSION} TLS_VERSION)
string(REPLACE ":" "." TLS_VERSION ${TLS_VERSION})
string(REGEX REPLACE "\\..*" "" TLS_MAJOR_VERSION ${TLS_VERSION})
if(CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
add_definitions(-DHAVE_ATTRIBUTE__BOUNDED__)
endif()
if(CMAKE_SYSTEM_NAME MATCHES "Linux")
add_definitions(-D_DEFAULT_SOURCE)
add_definitions(-D_BSD_SOURCE)
add_definitions(-D_POSIX_SOURCE)
add_definitions(-D_GNU_SOURCE)
endif()
add_definitions(-DLIBRESSL_INTERNAL)
add_definitions(-DOPENSSL_NO_HW_PADLOCK)
add_definitions(-DOPENSSL_NO_ASM)
set(CMAKE_POSITION_INDEPENDENT_CODE true)
if (CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang")
add_definitions(-Wno-pointer-sign)
endif()
if(MSVC)
add_definitions(-Dinline=__inline)
add_definitions(-Drestrict)
add_definitions(-D_CRT_SECURE_NO_WARNINGS)
add_definitions(-D_CRT_DEPRECATED_NO_WARNINGS)
add_definitions(-D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS)
add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0501)
add_definitions(-DCPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG -DNO_CRYPT)
set(MSVC_DISABLED_WARNINGS_LIST
"C4057" # C4057: 'initializing' : 'unsigned char *' differs in
# indirection to slightly different base types from 'char [2]'
"C4100" # 'exarg' : unreferenced formal parameter
"C4127" # conditional expression is constant
"C4242" # 'function' : conversion from 'int' to 'uint8_t',
# possible loss of data
"C4244" # 'function' : conversion from 'int' to 'uint8_t',
# possible loss of data
"C4706" # assignment within conditional expression
"C4820" # 'bytes' bytes padding added after construct 'member_name'
"C4996" # 'read': The POSIX name for this item is deprecated. Instead,
# use the ISO C++ conformant name: _read.
)
string(REPLACE "C" " -wd" MSVC_DISABLED_WARNINGS_STR
${MSVC_DISABLED_WARNINGS_LIST})
set(CMAKE_C_FLAGS "-MP -W4 ${MSVC_DISABLED_WARNINGS_STR}")
endif()
check_function_exists(asprintf HAVE_ASPRINTF)
if(HAVE_ASPRINTF)
add_definitions(-DHAVE_ASPRINTF)
endif()
check_function_exists(inet_pton HAVE_INET_PTON)
if(HAVE_INET_PTON)
add_definitions(-DHAVE_INET_PTON)
endif()
check_function_exists(reallocarray HAVE_REALLOCARRAY)
if(HAVE_REALLOCARRAY)
add_definitions(-DHAVE_REALLOCARRAY)
endif()
check_function_exists(strcasecmp HAVE_STRCASECMP)
if(HAVE_STRCASECMP)
add_definitions(-DHAVE_STRCASECMP)
endif()
check_function_exists(strlcat HAVE_STRLCAT)
if(HAVE_STRLCAT)
add_definitions(-DHAVE_STRLCAT)
endif()
check_function_exists(strlcat HAVE_STRLCPY)
if(HAVE_STRLCPY)
add_definitions(-DHAVE_STRLCPY)
endif()
check_function_exists(strndup HAVE_STRNDUP)
if(HAVE_STRNDUP)
add_definitions(-DHAVE_STRNDUP)
endif()
if(MSVC)
set(HAVE_STRNLEN)
add_definitions(-DHAVE_STRNLEN)
else()
check_function_exists(strnlen HAVE_STRNLEN)
if(HAVE_STRNLEN)
add_definitions(-DHAVE_STRNLEN)
endif()
endif()
check_function_exists(strsep HAVE_STRSEP)
if(HAVE_STRSEP)
add_definitions(-DHAVE_STRSEP)
endif()
check_function_exists(arc4random_buf HAVE_ARC4RANDOM_BUF)
if(HAVE_ARC4RANDOM_BUF)
add_definitions(-DHAVE_ARC4RANDOM_BUF)
endif()
check_function_exists(explicit_bzero HAVE_EXPLICIT_BZERO)
if(HAVE_EXPLICIT_BZERO)
add_definitions(-DHAVE_EXPLICIT_BZERO)
endif()
check_function_exists(getauxval HAVE_GETAUXVAL)
if(HAVE_GETAUXVAL)
add_definitions(-DHAVE_GETAUXVAL)
endif()
check_function_exists(getentropy HAVE_GETENTROPY)
if(HAVE_GETENTROPY)
add_definitions(-DHAVE_GETENTROPY)
endif()
check_function_exists(timingsafe_bcmp HAVE_TIMINGSAFE_BCMP)
if(HAVE_TIMINGSAFE_BCMP)
add_definitions(-DHAVE_TIMINGSAFE_BCMP)
endif()
check_function_exists(timingsafe_memcmp HAVE_TIMINGSAFE_MEMCMP)
if(HAVE_MEMCMP)
add_definitions(-DHAVE_MEMCMP)
endif()
check_include_files(err.h HAVE_ERR_H)
if(HAVE_ERR_H)
add_definitions(-DHAVE_ERR_H)
endif()
set(OPENSSL_LIBS ssl crypto)
if(CMAKE_HOST_WIN32)
set(OPENSSL_LIBS ${OPENSSL_LIBS} ws2_32)
endif()
if(CMAKE_SYSTEM_NAME MATCHES "Linux")
check_library_exists(rt clock_gettime "time.h" HAVE_CLOCK_GETTIME)
if (HAVE_CLOCK_GETTIME)
set(OPENSSL_LIBS ${OPENSSL_LIBS} rt)
endif()
endif()
if(NOT (CMAKE_SYSTEM_NAME MATCHES "Darwin" OR MSVC))
set(BUILD_SHARED true)
endif()
add_subdirectory(crypto)
add_subdirectory(ssl)
add_subdirectory(apps)
add_subdirectory(tls)
add_subdirectory(include)
if(NOT MSVC)
add_subdirectory(man)
add_subdirectory(tests)
endif()

387
ChangeLog
View File

@@ -1,387 +0,0 @@
Because this project is maintained both in the OpenBSD tree using CVS and in
Git, it can be confusing following all of the changes.
Most of the libssl and libcrypto source code is is here in OpenBSD CVS:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/
Some of the libcrypto and OS-compatibility files for entropy and random number
generation are here:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcrypto/
A simplified TLS wrapper library is here:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libtls/
The LibreSSL Portable project copies these portions of the OpenBSD tree, along
with relevant portions of the C library, to a Git repository. This makes it
easier to follow all of the relevant changes to the upstream project in a
single place:
https://github.com/libressl-portable/openbsd
The portable bits of the project are largely maintained out-of-tree, and their
history is also available from Git.
https://github.com/libressl-portable/portable
LibreSSL Portable Release Notes:
2.2.7 - Security Update
* Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding.
From OpenSSL.
2.2.6 - Security Update
* Deprecated the SSL_OP_SINGLE_DH_USE flag.
2.2.5 - Reliability Update
* Fixes from OpenSSL 1.0.1q
- CVE-2015-3194 - NULL pointer dereference in client side certificate
validation.
- CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
* The following OpenSSL CVEs did not apply to LibreSSL
- CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery
squaring procedure.
- CVE-2015-3196 - Double free race condition of the identify hint
data.
See https://marc.info/?l=openbsd-announce&m=144925068504102
2.2.4 - Build and bug fixes
* Backported build fixes for CMake on Windows, OSX and Linux
* Fixes for a memory leak and out-of-bounds access in OBJ_obj2txt
reported by Qualys Security.
- CVE-2015-5333 - memory leak in OBJ_obj2txt
- CVE-2015-5334 - 1-byte buffer overflow in OBJ_obj2txt
See http://www.openwall.com/lists/oss-security/2015/10/16/1
2.2.3 - Bug fixes, build enhancements
* LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not
include TLS extensions, resulting in such handshakes being aborted.
This release corrects the handling of such messages. Thanks to
Ligushka from github for reporting the issue.
* Added install target for cmake builds. Thanks to TheNietsnie from
github.
* Updated pkgconfig files to correctly report the release version
number, not the individual library ABI version numbers. Thanks to
Jan Engelhardt for reporting the issue.
2.2.2 - More TLS parser rework, bug fixes, expanded portable build support
* Switched 'openssl dhparam' default from 512 to 2048 bits
* Reworked openssl(1) option handling
* More CRYPTO ByteString (CBC) packet parsing conversions
* Fixed 'openssl pkeyutl -verify' to exit with a 0 on success
* Fixed dozens of Coverity issues including dead code, memory leaks,
logic errors and more.
* Ensure that openssl(1) restores terminal echo state after reading a
password.
* Incorporated fix for OpenSSL Issue #3683
* LibreSSL version define LIBRESSL_VERSION_NUMBER will now be bumped
for each portable release.
* Removed workarounds for TLS client padding bugs.
* No longer disable ECDHE-ECDSA on OS X
* Removed SSLv3 support from openssl(1)
* Removed IE 6 SSLv3 workarounds.
* Modified tls_write in libtls to allow partial writes, clarified with
examples in the documentation.
* Removed RSAX engine
* Tested SSLv3 removal with the OpenBSD ports tree and found several
applications that were not ready to build without SSLv3 yet. For
now, building a program that intentionally uses SSLv3 will result in
a linker warning.
* Added TLS_method, TLS_client_method and TLS_server_method as a
replacement for the SSLv23_*method calls.
* Added initial cmake build support, including support for building with
Visual Studio, currently tested with Visual Studio 2013 Community
Edition.
* --with-enginesdir is removed as a configuration parameter
* Default cert.pem, openssl.cnf, and x509v3.cnf files are now
installed under $sysconfdir/ssl or the directory specified by
--with-openssldir. Previous versions of LibreSSL left these empty.
2.2.1 - Build fixes, feature added, features removed
* Assorted build fixes for musl, HP-UX, Mingw, Solaris.
* Initial support for Windows Embedded 2009, Server 2003, XP
* Protocol parsing conversions to BoringSSL's CRYPTO ByteString (CBS) API
* Added EC_curve_nid2nist and EC_curve_nist2nid from OpenSSL
* Removed Dynamic Engine support
* Removed unused and obsolete MDC-2DES cipher
* Removed workarounds for obsolete SSL implementations
2.2.0 - Build cleanups and new OS support, Security Updates
* AIX Support - thanks to Michael Felt
* Cygwin Support - thanks to Corinna Vinschen
* Refactored build macros, support packaging libtls independently.
There are more pieces required to support building and using OpenSSL
with libtls, but this is an initial start at providing an
independent package for people to start hacking on.
* Removal of OPENSSL_issetugid and all library getenv calls.
Applications can and should no longer rely on environment variables
for changing library behavior. OPENSSL_CONF/SSLEAY_CONF is still
supported with the openssl(1) command.
* libtls API and documentation additions
* Various bug fixes and simplifications to libssl and libcrypto
* Fixes for the following issues are integrated into LibreSSL 2.2.0:
- CVE-2015-1788 - Malformed ECParameters causes infinite loop
- CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
- CVE-2015-1792 - CMS verify infinite loop with unknown hash function
* The following CVEs did not apply to LibreSSL or were fixed in
earlier releases:
- CVE-2015-4000 - DHE man-in-the-middle protection (Logjam)
- CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent
- CVE-2014-8176 - Invalid free in DTLS
* Fixes for the following CVEs are still in review for LibreSSL
- CVE-2015-1791 - Race condition handling NewSessionTicket
2.1.6 - Security update
* Fixes for the following issues are integrated into LibreSSL 2.1.6:
- CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
- CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
- CVE-2015-0287 - ASN.1 structure reuse memory corruption
- CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
- CVE-2015-0289 - PKCS7 NULL pointer dereferences
* The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
is integrated for safety, but LibreSSL is not vulnerable.
* Libtls is now built by default. The --enable-libtls
configuration option is no longer required.
The libtls API is now stable for the 2.1.x series.
2.1.5 - Bug fixes and a security update
* Fix incorrect comparison function in openssl(1) certhash command.
Thanks to Christian Neukirchen / Void Linux.
* Windows port improvements and bug fixes.
- Removed a dependency on libgcc in 32-bit dynamic libraries.
- Correct a hang in openssl(1) reading from stdin on an connection.
- Initialize winsock in openssl(1) earlier, allow 'openssl ocsp' and
any other network-related commands to function properly.
* Reject all server DH keys smaller than 1024 bits.
2.1.4 - Security and feature updates
* Improvements to libtls:
- a new API for loading CA chains directly from memory instead of a
file, allowing verification with privilege separation in a chroot
without direct access to CA certificate files.
- Ciphers default to TLSv1.2 with AEAD and PFS.
- Improved error handling and message generation
- New APIs and improved documentation
* Added X509_STORE_load_mem API for loading certificates from memory.
This facilitates accessing certificates from a chrooted environment.
* New AEAD "MAC alias" allows configuring TLSv1.2 AEAD ciphers by
using 'TLSv1.2+AEAD' as the cipher selection string.
* Dead and disabled code removal including MD5, Netscape workarounds,
non-POSIX IO, SCTP, RFC 3779 support, many #if 0 sections, and more.
* ASN1 macro maze expanded to aid reading and searching the code.
* NULL pointer asserts removed in favor of letting the OS/signal
handler catch them.
* Refactored argument handling in openssl(1) for consistency and
maintainability.
* New openssl(1) command 'certhash' replaces the c_rehash script.
* Support for building with OPENSSL_NO_DEPRECATED
* Server-side support for TLS_FALLBACK_SCSV for compatibility with
various auditor and vulnerability scanners.
* Dozens of issues found with the Coverity scanner fixed.
* Security Updates:
- Fix a minor information leak that was introduced in t1_lib.c
r1.71, whereby an additional 28 bytes of .rodata (or .data) is
provided to the network. In most cases this is a non-issue since
the memory content is already public. Issue found and reported by
Felix Groebert of the Google Security Team.
- Fixes for the following low-severity issues were integrated into
LibreSSL from OpenSSL 1.0.1k:
CVE-2015-0205 - DH client certificates accepted without
verification
CVE-2014-3570 - Bignum squaring may produce incorrect results
CVE-2014-8275 - Certificate fingerprints can be modified
CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
Reported by Karthikeyan Bhargavan of the PROSECCO team at INRIA.
The following CVEs were fixed in earlier LibreSSL releases:
CVE-2015-0206 - Memory leak handling repeated DLTS records
CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites.
The following CVEs did not apply to LibreSSL:
CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
CVE-2014-3569 - no-ssl3 configuration sets method to NULL
CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA
2.1.3 - Security update and OS support improvements
* Fixed various memory leaks in DTLS, including fixes for
CVE-2015-0206.
* Added Application-Layer Protocol Negotiation (ALPN) support.
* Removed GOST R 34.10-94 signature authentication.
* Removed nonfunctional Netscape browser-hang workaround code.
* Simplfied and refactored SSL/DTLS handshake code.
* Added SHA256 Camellia cipher suites for TLS 1.2 from RFC 5932.
* Hide timing info about padding errors during handshakes.
* Improved libtls support for non-blocking sockets, added randomized
session ID contexts. Work is ongoing with this library - feedback
and potential use-cases are welcome.
* Support building Windows DLLs.
Thanks to Jan Engelhard.
* Packaged config wrapper for better compatibility with OpenSSL-based
build systems.
Thanks to @technion from github
* Ensure the stack is marked non-executable for assembly sections.
Thanks to Anthony G. Bastile.
* Enable extra compiler hardening flags by default, where applicable.
The default set of hardening features can vary by OS to OS, so
feedback is welcome on this. To disable the default hardening flags,
specify '--disable-hardening' during configure.
Thanks to Jim Barlow
* Initial HP-UX support, tested with HP-UX 11.31 ia64
Thanks to Kinichiro Inoguchi
* Initial NetBSD support, tested with NetBSD 6.1.5 x86_64
Imported from OpenNTPD, thanks to @gitisihara from github
2.1.2 - Many new features and improvements
* Added reworked GOST cipher suite support
thanks to Dmitry Eremin-Solenikov
* Enabled Camellia ciphers due to improved patent situation
* Use builtin arc4random implementation on OS X and FreeBSD
this addresses some deficiencies in the native implementations of
these operating systems, see commit logs for more information
* Added initial Windows mingw-w64 support (32 and 64-bit)
thanks to Song Dongsheng and others for code and feedback
* Enabled assembly optimizations on x86_64 CPUs
supports Linux, *BSD, Solaris and OS X operating systems
thanks to Wouter Clarie for the initial implementation
* Added no_ssl3/no_tls1_1/no_tls1_2 options to openssl(1)
* Improved build infrastructure, 'make distcheck' now passes
this simplifies and speeds developer efficiency
thanks to Dmitry Eremin-Solenikov and Wouter Clarie
* Allow conditional building of the libtls library
expect the API and ABI of the library to change
feedback is welcome
* Fixes for more memory leaks, cleanups, etc.
2.1.1 - Security update
* Address POODLE attack by disabling SSLv3 by default
* Fix Eliptical Curve cipher selection bug
(https://github.com/libressl-portable/portable/issues/35)
2.1.0 - First release from the OpenBSD 5.7 tree
* Added support for automatic ephemeral EC keys
* Fixes for many memory leaks and overflows in error handlers
* The TLS padding extension (that works around bugs in F5 terminators) is
off by default
* support for getrandom(2) on Linux 3.17
* the NO_ASM macro is no longer being set, providing the first bits toward
enabling other assembly offloads.
2.0.5 - Fixes for CVEs from OpenSSL 1.0.1i
* CVE-2014-3506
* CVE-2014-3507
* CVE-2014-3508 (partially vulnerable)he
* CVE-2014-3509
* CVE-2014-3510
* CVE-2014-3511
* Synced LibreSSL Portable with the release version of OpenBSD 5.6
2.0.4 - Portability fixes, deleted unused SRP code
2.0.3 - Portability fixes, improvements to fork detection
2.0.2 - Address arc4random fork PID wraparound issues with pthread_atfork
2.0.1 - Portability fixes:
* Removed -Werror and and other non-portable compiler flags
* Allow setting OPENSSLDIR and ENGINSDIR
2.0.0 - First release from the OpenBSD 5.6 tree
* Removal of many obsolete features and coding conventions from the OpenSSL
1.0.1h source

7
Makefile.am
View File

@@ -1,8 +1,5 @@
SUBDIRS = crypto ssl tls include apps tests man SUBDIRS = crypto ssl include apps tests man
ACLOCAL_AMFLAGS = -I m4 ACLOCAL_AMFLAGS = -I m4
pkgconfigdir = $(libdir)/pkgconfig pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc pkgconfig_DATA = libcrypto.pc libssl.pc openssl.pc
EXTRA_DIST = README.md README.windows VERSION config scripts
EXTRA_DIST += CMakeLists.txt

6
Makefile.am.common
View File

@@ -1,2 +1,4 @@
AM_CFLAGS = AM_CPPFLAGS = -I$(top_srcdir)/include
AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/include/compat -DLIBRESSL_INTERNAL AM_CPPFLAGS += -DOPENSSL_NO_ASM
AM_CPPFLAGS += -DHAVE_CRYPTODEV
AM_CPPFLAGS += -DLIBRESSL_INTERNAL

0
libtls-standalone/NEWS → NEWS
View File

2
OPENBSD_BRANCH
View File

@@ -1 +1 @@
OPENBSD_5_8 OPENBSD_5_6

34
README Normal file
View File

@@ -0,0 +1,34 @@
This package is the official portable version of LibreSSL
(http://www.libressl.org).
LibreSSL is a fork of OpenSSL developed by the OpenBSD project
(http://www.openbsd.org). LibreSSL is developed on OpenBSD. This
package then adds portability shims for other operating systems.
Official release tarballs are available at your friendly neighborhood
OpenBSD mirror in directory LibreSSL, e.g.:
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/
although it is suggested you use a mirror.
Development is done in the upstream OpenBSD codebase. A github clone
of the official repositories is kept at:
https://github.com/libressl-portable
We update this repository from the OpenBSD respositories
semi-frequently, so changes may not show up in GitHub immediately.
The GitHub repository should be used for informational purposes
only.
./configure && make check && make install
See crypto/compat for the bulk of the local compatibility code.
It will likely build on any reasonably modern version of Linux, Solaris,
or OSX with a sane compiler and C library.
Note: Our policy is generally to use your system provided intrinsics.
If your system provides security sensitive functions (such as
arc4random(), issetugid(), calloc(), getentropy(), and others) we will
assume they are implemented correctly and securely. If they are
not please contact your OS provider.

133
README.md
View File

@@ -1,133 +0,0 @@
![LibreSSL image](http://www.libressl.org/images/libressl.jpg)
## Official portable version of [LibreSSL](http://www.libressl.org) ##
[![Build Status](https://travis-ci.org/libressl-portable/portable.svg?branch=master)](https://travis-ci.org/libressl-portable/portable)
LibreSSL is a fork of [OpenSSL](https://www.openssl.org) 1.0.1g developed by the
[OpenBSD](http://www.openbsd.org) project. Our goal is to modernize the codebase,
improve security, and apply best practice development processes from OpenBSD.
## Compatibility with OpenSSL: ##
LibreSSL is API compatible with OpenSSL 1.0.1, but does not yet include all
new APIs from OpenSSL 1.0.2 and later. LibreSSL also includes APIs not yet
present in OpenSSL. The current common API subset is OpenSSL 1.0.1.
LibreSSL is not ABI compatible with any release of OpenSSL, or necessarily
earlier releases of LibreSSL. You will need to relink your programs to
LibreSSL in order to use it, just as in moving between major versions of OpenSSL.
LibreSSL's installed library version numbers are incremented to account for
ABI and API changes.
## Compatibility with other operating systems: ##
While primarily developed on and taking advantage of APIs available on OpenBSD,
the LibreSSL portable project attempts to provide working alternatives for
other operating systems, and assists with improving OS-native implementations
where possible.
At the time of this writing, LibreSSL is know to build and work on:
* Linux (kernel 3.17 or later recommended)
* FreeBSD (tested with 9.2 and later)
* NetBSD (tested with 6.1.5)
* HP-UX (11i)
* Solaris (11 and later preferred)
* Mac OS X (tested with 10.8 and later)
* AIX (5.3 and later)
LibreSSL also supports the following Windows environments:
* Microsoft Windows (XP or higher, x86 and x64)
* Wine (32-bit and 64-bit)
* Builds with Mingw-w64, Cygwin, and Visual Studio
Official release tarballs are available at your friendly neighborhood
OpenBSD mirror in directory
[LibreSSL](http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/),
although we suggest that you use a [mirror](http://www.openbsd.org/ftp.html).
The LibreSSL portable build framework is also
[mirrored](https://github.com/libressl-portable/portable) in Github.
Please report bugs either to the public libressl@openbsd.org mailing list,
or to the github
[issue tracker](https://github.com/libressl-portable/portable/issues)
Severe vulnerabilities or bugs requiring coordination with OpenSSL can be
sent to the core team at libressl-security@openbsd.org.
## Prerequisites when building from git ##
If you have checked this source using Git, follow these initial steps to
prepare the source tree for building:
1. Ensure you have the following packages installed:
automake, autoconf, git, libtool, perl, pod2man
2. Run './autogen.sh' to prepare the source tree for building or
run './dist.sh' to prepare a tarball.
## Building LibreSSL ##
Once you have a source tree from Git or FTP, run these commands to build and
install the package on most systems:
```sh
./configure # see ./configure --help for configuration options
make check # runs builtin unit tests
make install # set DESTDIR= to install to an alternate location
```
If you wish to use the CMake build system, use these commands:
```sh
mkdir build
cd build
cmake ..
make
make test
```
For faster builds, you can use Ninja as well:
```sh
mkdir build-ninja
cd build-ninja
cmake -G"Ninja" ..
ninja
ninja test
```
### OS specific build information: ###
#### HP-UX (11i) ####
Set the UNIX_STD environment variable to '2003' before running 'configure'
in order to build with the HP C/aC++ compiler. See the "standards(5)" man
page for more details.
```sh
export UNIX_STD=2003
./configure
make
```
#### Windows - Mingw-w64 ####
LibreSSL builds against relatively recent versions of Mingw-w64, not to be
confused with the original mingw.org project. Mingw-w64 3.2 or later
should work. See README.windows for more information
#### Windows - Visual Studio ####
LibreSSL builds using the CMake target "Visual Studio 12 2013", and may build
against older/newer targets as well. To generate a Visual Studio project,
install CMake, enter the LibreSSL source directory and run:
```sh
mkdir build-vs2013
cd build-vs2013
cmake -G"Visual Studio 12 2013" ..
```
This will generate a LibreSSL.sln file that you can incorporate into other
projects or build by itself.

45
README.windows
View File

@@ -1,45 +0,0 @@
# Building
For Windows systems, LibreSSL supports the mingw-w64 toolchain, which can use
GCC or Clang as the compiler. Contrary to its name, mingw-w64 supports both
32-bit and 64-bit build environments. If your project already uses mingw-w64,
then LibreSSL should integrate very nicely. Old versions of the mingw-w64
toolchain, such as the one packaged with Ubuntu 12.04, may have trouble
building LibreSSL. Please try it with a recent toolchain if you encounter
troubles. Cygwin provides an easy method of installing the latest mingw-w64
cross compilers on Windows.
To configure and build LibreSSL for a 32-bit system, use the following
build steps:
CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32
make
make check
For 64-bit builds, use these instead:
CC=x86_64-w64-mingw32-gcc ./configure --host=x86_64-w64-mingw32
make
make check
# Using Libressl with Visual Studio
A script for generating ready-to-use .DLL and static .LIB files is included in
the source repository at
https://github.com/libressl-portable/portable/blob/master/dist-win.sh
This script uses mingw-w64 to build LibreSSL and then uses Visual Studio tools
to generate compatible library import files ready-to-use with Visual
Studio projects. Static and dynamic libraries are included. The script uses
cv2pdb to generate Visual Studio and windbg compatible debug files. cv2pdb is a
tool developed for the D language and can be found here:
https://github.com/rainers/cv2pdb
Pre-built Windows binaries are available with LibreSSL releases if you do not
have a mingw-w64 build environment. Mingw-w64 code is largely, but not 100%,
compatible with code built from Visual Studio. Notably, FILE * pointers cannot
be shared between code built for Mingw-w64 and Visual Studio.
As of LibreSSL 2.2.2, Visual Studio Native builds can be produced using CMake.
This produces ABI-compatible libraries for linking with native code generated
by Visual Studio.

1
VERSION Normal file
View File

@@ -0,0 +1 @@
2.0.6

81
apps/CMakeLists.txt
View File

@@ -1,81 +0,0 @@
include_directories(
.
../include
../include/compat
)
set(
OPENSSL_SRC
apps.c
asn1pars.c
ca.c
ciphers.c
cms.c
crl.c
crl2p7.c
dgst.c
dh.c
dhparam.c
dsa.c
dsaparam.c
ec.c
ecparam.c
enc.c
engine.c
errstr.c
gendh.c
gendsa.c
genpkey.c
genrsa.c
nseq.c
ocsp.c
openssl.c
passwd.c
pkcs12.c
pkcs7.c
pkcs8.c
pkey.c
pkeyparam.c
pkeyutl.c
prime.c
rand.c
req.c
rsa.c
rsautl.c
s_cb.c
s_client.c
s_server.c
s_socket.c
s_time.c
sess_id.c
smime.c
speed.c
spkac.c
ts.c
verify.c
version.c
x509.c
)
if(CMAKE_HOST_UNIX)
set(OPENSSL_SRC ${OPENSSL_SRC} apps_posix.c)
set(OPENSSL_SRC ${OPENSSL_SRC} certhash.c)
endif()
if(CMAKE_HOST_WIN32)
set(OPENSSL_SRC ${OPENSSL_SRC} apps_win.c)
set(OPENSSL_SRC ${OPENSSL_SRC} certhash_disabled.c)
set(OPENSSL_SRC ${OPENSSL_SRC} poll_win.c)
endif()
check_function_exists(strtonum HAVE_STRTONUM)
if(HAVE_STRTONUM)
add_definitions(-DHAVE_STRTONUM)
else()
set(OPENSSL_SRC ${OPENSSL_SRC} strtonum.c)
endif()
add_executable(openssl ${OPENSSL_SRC})
target_link_libraries(openssl ${OPENSSL_LIBS})
install(TARGETS openssl DESTINATION bin)

118
apps/Makefile.am
View File

@@ -1,118 +0,0 @@
include $(top_srcdir)/Makefile.am.common
bin_PROGRAMS = openssl
openssl_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
openssl_LDADD += $(top_builddir)/ssl/libssl.la
openssl_LDADD += $(top_builddir)/crypto/libcrypto.la
openssl_SOURCES = apps.c
openssl_SOURCES += asn1pars.c
openssl_SOURCES += ca.c
openssl_SOURCES += ciphers.c
openssl_SOURCES += cms.c
openssl_SOURCES += crl.c
openssl_SOURCES += crl2p7.c
openssl_SOURCES += dgst.c
openssl_SOURCES += dh.c
openssl_SOURCES += dhparam.c
openssl_SOURCES += dsa.c
openssl_SOURCES += dsaparam.c
openssl_SOURCES += ec.c
openssl_SOURCES += ecparam.c
openssl_SOURCES += enc.c
openssl_SOURCES += engine.c
openssl_SOURCES += errstr.c
openssl_SOURCES += gendh.c
openssl_SOURCES += gendsa.c
openssl_SOURCES += genpkey.c
openssl_SOURCES += genrsa.c
openssl_SOURCES += nseq.c
openssl_SOURCES += ocsp.c
openssl_SOURCES += openssl.c
openssl_SOURCES += passwd.c
openssl_SOURCES += pkcs12.c
openssl_SOURCES += pkcs7.c
openssl_SOURCES += pkcs8.c
openssl_SOURCES += pkey.c
openssl_SOURCES += pkeyparam.c
openssl_SOURCES += pkeyutl.c
openssl_SOURCES += prime.c
openssl_SOURCES += rand.c
openssl_SOURCES += req.c
openssl_SOURCES += rsa.c
openssl_SOURCES += rsautl.c
openssl_SOURCES += s_cb.c
openssl_SOURCES += s_client.c
openssl_SOURCES += s_server.c
openssl_SOURCES += s_socket.c
openssl_SOURCES += s_time.c
openssl_SOURCES += sess_id.c
openssl_SOURCES += smime.c
openssl_SOURCES += speed.c
openssl_SOURCES += spkac.c
openssl_SOURCES += ts.c
openssl_SOURCES += verify.c
openssl_SOURCES += version.c
openssl_SOURCES += x509.c
if BUILD_CERTHASH
openssl_SOURCES += certhash.c
else
openssl_SOURCES += certhash_disabled.c
endif
if HOST_WIN
openssl_SOURCES += apps_win.c
else
openssl_SOURCES += apps_posix.c
endif
if !HAVE_POLL
if HOST_WIN
openssl_SOURCES += poll_win.c
endif
endif
if !HAVE_STRTONUM
openssl_SOURCES += strtonum.c
endif
noinst_HEADERS = apps.h
noinst_HEADERS += progs.h
noinst_HEADERS += s_apps.h
noinst_HEADERS += testdsa.h
noinst_HEADERS += testrsa.h
noinst_HEADERS += timeouts.h
EXTRA_DIST = cert.pem
EXTRA_DIST += openssl.cnf
EXTRA_DIST += x509v3.cnf
EXTRA_DIST += CMakeLists.txt
install-exec-hook:
@if [ "@OPENSSLDIR@x" != "x" ]; then \
OPENSSLDIR="$(DESTDIR)/@OPENSSLDIR@"; \
else \
OPENSSLDIR="$(DESTDIR)/$(sysconfdir)/ssl"; \
fi; \
mkdir -p "$$OPENSSLDIR/certs"; \
for i in cert.pem openssl.cnf x509v3.cnf; do \
if [ ! -f "$$OPENSSLDIR/$i" ]; then \
$(INSTALL) -m 644 "$(srcdir)/$$i" "$$OPENSSLDIR/$$i"; \
else \
echo " $$OPENSSLDIR/$$i already exists, install will not overwrite"; \
fi \
done
uninstall-local:
@if [ "@OPENSSLDIR@x" != "x" ]; then \
OPENSSLDIR="$(DESTDIR)/@OPENSSLDIR@"; \
else \
OPENSSLDIR="$(DESTDIR)/$(sysconfdir)/ssl"; \
fi; \
for i in cert.pem openssl.cnf x509v3.cnf; do \
if cmp -s "$$OPENSSLDIR/$$i" "$(srcdir)/$$i"; then \
rm -f "$$OPENSSLDIR/$$i"; \
fi \
done

15
apps/Makefile.am.tpl Normal file
View File

@@ -0,0 +1,15 @@
include $(top_srcdir)/Makefile.am.common
bin_PROGRAMS = openssl
openssl_CFLAGS = $(USER_CFLAGS)
openssl_LDADD = $(PLATFORM_LDADD)
openssl_LDADD += $(top_builddir)/ssl/libssl.la
openssl_LDADD += $(top_builddir)/crypto/libcrypto.la
openssl_SOURCES =
noinst_HEADERS =
if NO_STRTONUM
openssl_SOURCES += strtonum.c
endif

29
apps/apps_win.c
View File

@@ -1,29 +0,0 @@
/*
* Public domain
*
* Dongsheng Song <dongsheng.song@gmail.com>
* Brent Cook <bcook@openbsd.org>
*/
#include <windows.h>
#include "apps.h"
double
app_tminterval(int stop, int usertime)
{
static unsigned __int64 tmstart;
union {
unsigned __int64 u64;
FILETIME ft;
} ct, et, kt, ut;
GetProcessTimes(GetCurrentProcess(), &ct.ft, &et.ft, &kt.ft, &ut.ft);
if (stop == TM_START) {
tmstart = ut.u64 + kt.u64;
} else {
return (ut.u64 + kt.u64 - tmstart) / (double) 10000000;
}
return 0;
}

13
apps/certhash_disabled.c
View File

@@ -1,13 +0,0 @@
/*
* Public domain
* certhash dummy implementation for platforms without symlinks
*/
#include "apps.h"
int
certhash_main(int argc, char **argv)
{
fprintf(stderr, "certhash is not enabled on this platform\n");
return (1);
}

327
apps/poll_win.c
View File

@@ -1,327 +0,0 @@
/*
* Public domain
*
* poll(2) emulation for Windows
*
* This emulates just-enough poll functionality on Windows to work in the
* context of the openssl(1) program. This is not a replacement for
* POSIX.1-2001 poll(2), though it may come closer than I care to admit.
*
* Dongsheng Song <dongsheng.song@gmail.com>
* Brent Cook <bcook@openbsd.org>
*/
#include <conio.h>
#include <errno.h>
#include <io.h>
#include <poll.h>
#include <ws2tcpip.h>
static int
conn_is_closed(int fd)
{
char buf[1];
int ret = recv(fd, buf, 1, MSG_PEEK);
if (ret == -1) {
switch (WSAGetLastError()) {
case WSAECONNABORTED:
case WSAECONNRESET:
case WSAENETRESET:
case WSAESHUTDOWN:
return 1;
}
}
return 0;
}
static int
conn_has_oob_data(int fd)
{
char buf[1];
return (recv(fd, buf, 1, MSG_PEEK | MSG_OOB) == 1);
}
static int
is_socket(int fd)
{
if (fd < 3)
return 0;
WSANETWORKEVENTS events;
return (WSAEnumNetworkEvents((SOCKET)fd, NULL, &events) == 0);
}
static int
compute_select_revents(int fd, short events,
fd_set *rfds, fd_set *wfds, fd_set *efds)
{
int rc = 0;
if ((events & (POLLIN | POLLRDNORM | POLLRDBAND)) &&
FD_ISSET(fd, rfds)) {
if (conn_is_closed(fd))
rc |= POLLHUP;
else
rc |= POLLIN | POLLRDNORM;
}
if ((events & (POLLOUT | POLLWRNORM | POLLWRBAND)) &&
FD_ISSET(fd, wfds))
rc |= POLLOUT;
if (FD_ISSET(fd, efds)) {
if (conn_is_closed(fd))
rc |= POLLHUP;
else if (conn_has_oob_data(fd))
rc |= POLLRDBAND | POLLPRI;
}
return rc;
}
static int
compute_wait_revents(HANDLE h, short events, int object, int wait_rc)
{
int rc = 0;
INPUT_RECORD record;
DWORD num_read;
/*
* Assume we can always write to file handles (probably a bad
* assumption but works for now, at least it doesn't block).
*/
if (events & (POLLOUT | POLLWRNORM))
rc |= POLLOUT;
/*
* Check if this handle was signaled by WaitForMultipleObjects
*/
if (wait_rc >= WAIT_OBJECT_0 && (object == (wait_rc - WAIT_OBJECT_0))
&& (events & (POLLIN | POLLRDNORM))) {
/*
* Check if this file is stdin, and if so, if it is a console.
*/
if (h == GetStdHandle(STD_INPUT_HANDLE) &&
PeekConsoleInput(h, &record, 1, &num_read) == 1) {
/*
* Handle the input console buffer differently,
* since it can signal on other events like
* window and mouse, but read can still block.
*/
if (record.EventType == KEY_EVENT &&
record.Event.KeyEvent.bKeyDown) {
rc |= POLLIN;
} else {
/*
* Flush non-character events from the
* console buffer.
*/
ReadConsoleInput(h, &record, 1, &num_read);
}
} else {
rc |= POLLIN;
}
}
return rc;
}
static int
wsa_select_errno(int err)
{
switch (err) {
case WSAEINTR:
case WSAEINPROGRESS:
errno = EINTR;
break;
case WSAEFAULT:
/*
* Windows uses WSAEFAULT for both resource allocation failures
* and arguments not being contained in the user's address
* space. So, we have to choose EFAULT or ENOMEM.
*/
errno = EFAULT;
break;
case WSAEINVAL:
errno = EINVAL;
break;
case WSANOTINITIALISED:
errno = EPERM;
break;
case WSAENETDOWN:
errno = ENOMEM;
break;
}
return -1;
}
int
poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
{
nfds_t i;
int timespent_ms, looptime_ms;
/*
* select machinery
*/
fd_set rfds, wfds, efds;
int rc;
int num_sockets;
/*
* wait machinery
*/
DWORD wait_rc;
HANDLE handles[FD_SETSIZE];
int num_handles;
if (pfds == NULL) {
errno = EINVAL;
return -1;
}
if (nfds <= 0) {
return 0;
}
FD_ZERO(&rfds);
FD_ZERO(&wfds);
FD_ZERO(&efds);
num_sockets = 0;
num_handles = 0;
for (i = 0; i < nfds; i++) {
if ((int)pfds[i].fd < 0)
continue;
if (is_socket(pfds[i].fd)) {
if (num_sockets >= FD_SETSIZE) {
errno = EINVAL;
return -1;
}
FD_SET(pfds[i].fd, &efds);
if (pfds[i].events &
(POLLIN | POLLRDNORM | POLLRDBAND)) {
FD_SET(pfds[i].fd, &rfds);
}
if (pfds[i].events &
(POLLOUT | POLLWRNORM | POLLWRBAND)) {
FD_SET(pfds[i].fd, &wfds);
}
num_sockets++;
} else {
if (num_handles >= FD_SETSIZE) {
errno = EINVAL;
return -1;
}
handles[num_handles++] =
(HANDLE)_get_osfhandle(pfds[i].fd);
}
}
/*
* Determine if the files, pipes, sockets, consoles, etc. have signaled.
*
* Do this by alternating a loop between WaitForMultipleObjects for
* non-sockets and and select for sockets.
*
* I tried to implement this all in terms of WaitForMultipleObjects
* with a select-based 'poll' of the sockets at the end to get extra
* specific socket status.
*
* However, the cost of setting up an event handle for each socket and
* cleaning them up reliably was pretty high. Since the event handle
* associated with a socket is also global, creating a new one here
* cancels one that may exist externally to this function.
*
* At any rate, even if global socket event handles were not an issue,
* the 'FD_WRITE' status of a socket event handle does not behave in an
* expected fashion, being triggered by an edge on a write buffer rather
* than simply triggering if there is space available.
*/
timespent_ms = 0;
wait_rc = WAIT_FAILED;
if (timeout_ms < 0)
timeout_ms = INFINITE;
looptime_ms = timeout_ms > 100 ? 100 : timeout_ms;
do {
struct timeval tv = {0, looptime_ms * 1000};
int handle_signaled = 0;
/*
* Check if any file handles have signaled
*/
if (num_handles) {
wait_rc = WaitForMultipleObjects(num_handles, handles,
FALSE, 0);
if (wait_rc == WAIT_FAILED) {
/*
* The documentation for WaitForMultipleObjects
* does not specify what values GetLastError
* may return here. Rather than enumerate
* badness like for wsa_select_errno, assume a
* general errno value.
*/
errno = ENOMEM;
return 0;
}
}
/*
* If we signaled on a file handle, don't wait on the sockets.
*/
if (wait_rc >= WAIT_OBJECT_0 &&
(wait_rc <= WAIT_OBJECT_0 + num_handles - 1)) {
tv.tv_usec = 0;
handle_signaled = 1;
}
/*
* Check if any sockets have signaled
*/
rc = select(0, &rfds, &wfds, &efds, &tv);
if (!handle_signaled && rc == SOCKET_ERROR)
return wsa_select_errno(WSAGetLastError());
if (handle_signaled || (num_sockets && rc > 0))
break;
timespent_ms += looptime_ms;
} while (timespent_ms < timeout_ms);
rc = 0;
num_handles = 0;
for (i = 0; i < nfds; i++) {
pfds[i].revents = 0;
if ((int)pfds[i].fd < 0)
continue;
if (is_socket(pfds[i].fd)) {
pfds[i].revents = compute_select_revents(pfds[i].fd,
pfds[i].events, &rfds, &wfds, &efds);
} else {
pfds[i].revents = compute_wait_revents(
handles[num_handles], pfds[i].events, num_handles,
wait_rc);
num_handles++;
}
if (pfds[i].revents)
rc++;
}
return rc;
}

5
autogen.sh
View File

@@ -4,8 +4,3 @@ set -e
./update.sh ./update.sh
mkdir -p m4 mkdir -p m4
autoreconf -i -f autoreconf -i -f
# Patch libtool 2.4.2 to pass -fstack-protector as a linker argument
sed 's/-fuse-linker-plugin)/-fuse-linker-plugin|-fstack-protector*)/' \
ltmain.sh > ltmain.sh.fixed
mv -f ltmain.sh.fixed ltmain.sh

17
config
View File

@@ -1,17 +0,0 @@
#!/bin/sh
# This file exists for backwards-compatibility with build systems that expect a
# config script similar to OpenSSL's.
# New software should prefer the native configure script over this one.
ARGS=""
for var in "$@"; do
case $var in
no-shared ) ARGS="$ARGS --disable-shared";;
no-asm ) ARGS="$ARGS --disable-asm";;
--prefix* ) ARGS="$ARGS $var";;
esac
done
./configure $ARGS

129
configure.ac
View File

@@ -1,129 +0,0 @@
# Copyright (c) 2014-2015 Brent Cook
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT([libressl], m4_esyscmd([tr -d '\n' < VERSION]))
AC_SUBST([LIBCRYPTO_VERSION], m4_esyscmd([tr -d '\n' < crypto/VERSION]))
AC_SUBST([LIBSSL_VERSION], m4_esyscmd([tr -d '\n' < ssl/VERSION]))
AC_SUBST([LIBTLS_VERSION], m4_esyscmd([tr -d '\n' < tls/VERSION]))
AC_CANONICAL_HOST
AM_INIT_AUTOMAKE([subdir-objects foreign])
AC_CONFIG_MACRO_DIR([m4])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
# This must be saved before AC_PROG_CC
USER_CFLAGS="$CFLAGS"
AC_PROG_CC
AC_PROG_CC_STDC
AM_PROG_CC_C_O
AC_PROG_LIBTOOL
LT_INIT
CHECK_OS_OPTIONS
CHECK_C_HARDENING_OPTIONS
DISABLE_AS_EXECUTABLE_STACK
AM_PROG_AS
DISABLE_COMPILER_WARNINGS
# Check if the certhash command should be built
AC_CHECK_FUNCS([symlink])
AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes])
# Check if funopen exists
AC_CHECK_FUNC([funopen])
CHECK_LIBC_COMPAT
CHECK_LIBC_CRYPTO_COMPAT
CHECK_VA_COPY
AC_CHECK_HEADERS([err.h])
AC_ARG_WITH([openssldir],
AS_HELP_STRING([--with-openssldir],
[Set the default openssl directory]),
OPENSSLDIR="$withval"
AC_SUBST(OPENSSLDIR)
)
AM_CONDITIONAL([OPENSSLDIR_DEFINED], [test x$with_openssldir != x])
AC_ARG_ENABLE([extratests],
AS_HELP_STRING([--enable-extratests], [Enable extra tests that may be unreliable on some platforms]))
AM_CONDITIONAL([ENABLE_EXTRATESTS], [test "x$enable_extratests" = xyes])
# Add CPU-specific alignment flags
old_cflags=$CFLAGS
CFLAGS="$CFLAGS -I$srcdir/include"
AC_MSG_CHECKING([if BSWAP4 builds without __STRICT_ALIGNMENT])
AC_TRY_COMPILE([#include "$srcdir/crypto/modes/modes_lcl.h"],
[int a = 0; BSWAP4(a);],
AC_MSG_RESULT([yes])
BSWAP4=yes,
AC_MSG_RESULT([no])
BSWAP4=no)
CFLAGS="$old_cflags"
case $host_cpu in
*sparc*)
CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT"
;;
*arm*)
AS_IF([test "x$BSWAP4" = "xyes"],,
CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT")
;;
esac
AC_MSG_CHECKING([if .gnu.warning accepts long strings])
AC_LINK_IFELSE([AC_LANG_SOURCE([[
extern void SSLv3_method();
__asm__(".section .gnu.warning.SSLv3_method; .ascii \"SSLv3_method is insecure\" ; .text");
int main() {return 0;}
]])], [
AC_DEFINE(HAS_GNU_WARNING_LONG, 1, [Define if .gnu.warning accepts long strings.])
AC_MSG_RESULT(yes)
], [
AC_MSG_RESULT(no)
])
AC_ARG_ENABLE([asm],
AS_HELP_STRING([--disable-asm], [Disable assembly]))
AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"])
# Conditionally enable assembly by default
AM_CONDITIONAL([HOST_ASM_ELF_X86_64],
[test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64],
[test "x$HOST_ABI" = "xmacosx" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
AC_CONFIG_FILES([
Makefile
include/Makefile
include/openssl/Makefile
crypto/Makefile
ssl/Makefile
tls/Makefile
tests/Makefile
apps/Makefile
man/Makefile
libcrypto.pc
libssl.pc
libtls.pc
openssl.pc
])
AC_OUTPUT

184
configure.ac.tpl Normal file
View File

@@ -0,0 +1,184 @@
AC_INIT([libressl], [VERSION])
AC_CANONICAL_HOST
AM_INIT_AUTOMAKE([subdir-objects])
AC_CONFIG_MACRO_DIR([m4])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
AC_SUBST([USER_CFLAGS], "-O2 $CFLAGS")
CFLAGS="$CFLAGS -Wall -std=c99 -g"
case $host_os in
*darwin*)
HOST_OS=darwin;
LDFLAGS="$LDFLAGS -Qunused-arguments"
;;
*linux*)
HOST_OS=linux;
CFLAGS="$CFLAGS -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
;;
*solaris*)
HOST_OS=solaris;
CFLAGS="$CFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
;;
*openbsd*)
AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
;;
*mingw*)
HOST_OS=win32
;;
*) ;;
esac
AM_CONDITIONAL(HOST_DARWIN, test x$HOST_OS = xdarwin)
AM_CONDITIONAL(HOST_LINUX, test x$HOST_OS = xlinux)
AM_CONDITIONAL(HOST_SOLARIS, test x$HOST_OS = xsolaris)
AM_CONDITIONAL(HOST_WIN, test x$HOST_OS = xwin)
AC_CHECK_FUNC([clock_gettime],,
[AC_SEARCH_LIBS([clock_gettime],[rt posix4])])
AC_CHECK_FUNC([dl_iterate_phdr],,
[AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
AC_PROG_CC
AC_PROG_LIBTOOL
AC_PROG_CC_STDC
AM_PROG_CC_C_O
save_cflags="$CFLAGS"
CFLAGS=-Wno-pointer-sign
AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
[AC_MSG_RESULT([yes])]
[AM_CFLAGS=-Wno-pointer-sign],
[AC_MSG_RESULT([no])]
)
CFLAGS="$save_cflags $AM_CFLAGS"
AC_CHECK_FUNC(strlcpy,
AM_CONDITIONAL(NO_STRLCPY, false),
AC_DEFINE(NO_STRLCPY)
AM_CONDITIONAL(NO_STRLCPY, true))
AC_CHECK_FUNC(strlcat,
AM_CONDITIONAL(NO_STRLCAT, false),
AC_DEFINE(NO_STRLCAT)
AM_CONDITIONAL(NO_STRLCAT, true))
AC_CHECK_FUNC(strndup,
AM_CONDITIONAL(NO_STRNDUP, false),
AC_DEFINE(NO_STRNDUP)
AM_CONDITIONAL(NO_STRNDUP, true))
AC_CHECK_FUNC(strnlen,
AM_CONDITIONAL(NO_STRNLEN, false),
AC_DEFINE(NO_STRNLEN)
AM_CONDITIONAL(NO_STRNLEN, true))
AC_CHECK_FUNC(asprintf,
AM_CONDITIONAL(NO_ASPRINTF, false),
AC_DEFINE(NO_ASPRINTF)
AM_CONDITIONAL(NO_ASPRINTF, true))
AC_CHECK_FUNC(reallocarray,
AM_CONDITIONAL(NO_REALLOCARRAY, false),
AC_DEFINE(NO_REALLOCARRAY)
AM_CONDITIONAL(NO_REALLOCARRAY, true))
AC_CHECK_FUNC(timingsafe_bcmp,
AM_CONDITIONAL(NO_TIMINGSAFE_BCMP, false),
AC_DEFINE(NO_TIMINGSAFE_BCMP)
AM_CONDITIONAL(NO_TIMINGSAFE_BCMP, true))
AC_CHECK_FUNC(timingsafe_memcmp,
AM_CONDITIONAL(NO_TIMINGSAFE_MEMCMP, false),
AC_DEFINE(NO_TIMINGSAFE_MEMCMP)
AM_CONDITIONAL(NO_TIMINGSAFE_MEMCMP, true))
AC_CHECK_FUNC(arc4random_buf,
AM_CONDITIONAL(NO_ARC4RANDOM_BUF, false),
AC_DEFINE(NO_ARC4RANDOM_BUF)
AM_CONDITIONAL(NO_ARC4RANDOM_BUF, true))
AC_CHECK_FUNC(getentropy,
AM_CONDITIONAL(NO_GETENTROPY, false),
AC_DEFINE(NO_GETENTROPY)
AM_CONDITIONAL(NO_GETENTROPY, true))
AC_CHECK_FUNC(issetugid,
AM_CONDITIONAL(NO_ISSETUGID, false),
AC_DEFINE(NO_ISSETUGID)
AM_CONDITIONAL(NO_ISSETUGID, true))
AC_CHECK_FUNC(strtonum,
AM_CONDITIONAL(NO_STRTONUM, false),
AC_DEFINE(NO_STRTONUM)
AM_CONDITIONAL(NO_STRTONUM, true))
AC_CHECK_FUNC(explicit_bzero,
AM_CONDITIONAL(NO_EXPLICIT_BZERO, false),
AC_DEFINE(NO_EXPLICIT_BZERO)
AM_CONDITIONAL(NO_EXPLICIT_BZERO, true))
AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>
va_list x,y;
]], [[ va_copy(x,y); ]])],
[ ac_cv_have_va_copy="yes" ],
[ ac_cv_have_va_copy="no"
])
])
if test "x$ac_cv_have_va_copy" = "xyes" ; then
AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists])
fi
AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>
va_list x,y;
]], [[ __va_copy(x,y); ]])],
[ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no"
])
])
if test "x$ac_cv_have___va_copy" = "xyes" ; then
AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists])
fi
AC_CHECK_FUNC(getauxval, AC_DEFINE(HAVE_GETAUXVAL))
AC_CHECK_FUNC(funopen, AC_DEFINE(HAVE_FUNOPEN))
AC_CHECK_HEADER(sys/sysctl.h, AC_DEFINE(HAVE_SYS_SYSCTL_H))
AC_CHECK_HEADER(err.h, AC_DEFINE(HAVE_ERR_H))
AC_ARG_WITH([openssldir],
AS_HELP_STRING([--with-openssldir], [Set the default openssl directory]),
AC_DEFINE_UNQUOTED(OPENSSLDIR, "$withval")
)
AC_ARG_WITH([enginesdir],
AS_HELP_STRING([--with-enginesdir], [Set the default engines directory (use with openssldir)]),
AC_DEFINE_UNQUOTED(ENGINESDIR, "$withval")
)
LT_INIT
AC_CONFIG_FILES([
Makefile
include/Makefile
include/openssl/Makefile
ssl/Makefile
crypto/Makefile
tests/Makefile
apps/Makefile
man/Makefile
libcrypto.pc
libssl.pc
openssl.pc
])
AC_OUTPUT

653
crypto/CMakeLists.txt
View File

@@ -1,653 +0,0 @@
include_directories(
.
../include
../include/compat
asn1
dsa
evp
modes
)
set(
CRYPTO_SRC
aes/aes_cbc.c
aes/aes_core.c
camellia/camellia.c
camellia/cmll_cbc.c
rc4/rc4_enc.c
rc4/rc4_skey.c
whrlpool/wp_block.c
cpt_err.c
cryptlib.c
cversion.c
ex_data.c
malloc-wrapper.c
mem_clr.c
mem_dbg.c
o_init.c
o_str.c
o_time.c
aes/aes_cfb.c
aes/aes_ctr.c
aes/aes_ecb.c
aes/aes_ige.c
aes/aes_misc.c
aes/aes_ofb.c
aes/aes_wrap.c
asn1/a_bitstr.c
asn1/a_bool.c
asn1/a_bytes.c
asn1/a_d2i_fp.c
asn1/a_digest.c
asn1/a_dup.c
asn1/a_enum.c
asn1/a_gentm.c
asn1/a_i2d_fp.c
asn1/a_int.c
asn1/a_mbstr.c
asn1/a_object.c
asn1/a_octet.c
asn1/a_print.c
asn1/a_set.c
asn1/a_sign.c
asn1/a_strex.c
asn1/a_strnid.c
asn1/a_time.c
asn1/a_type.c
asn1/a_utctm.c
asn1/a_utf8.c
asn1/a_verify.c
asn1/ameth_lib.c
asn1/asn1_err.c
asn1/asn1_gen.c
asn1/asn1_lib.c
asn1/asn1_par.c
asn1/asn_mime.c
asn1/asn_moid.c
asn1/asn_pack.c
asn1/bio_asn1.c
asn1/bio_ndef.c
asn1/d2i_pr.c
asn1/d2i_pu.c
asn1/evp_asn1.c
asn1/f_enum.c
asn1/f_int.c
asn1/f_string.c
asn1/i2d_pr.c
asn1/i2d_pu.c
asn1/n_pkey.c
asn1/nsseq.c
asn1/p5_pbe.c
asn1/p5_pbev2.c
asn1/p8_pkey.c
asn1/t_bitst.c
asn1/t_crl.c
asn1/t_pkey.c
asn1/t_req.c
asn1/t_spki.c
asn1/t_x509.c
asn1/t_x509a.c
asn1/tasn_dec.c
asn1/tasn_enc.c
asn1/tasn_fre.c
asn1/tasn_new.c
asn1/tasn_prn.c
asn1/tasn_typ.c
asn1/tasn_utl.c
asn1/x_algor.c
asn1/x_attrib.c
asn1/x_bignum.c
asn1/x_crl.c
asn1/x_exten.c
asn1/x_info.c
asn1/x_long.c
asn1/x_name.c
asn1/x_nx509.c
asn1/x_pkey.c
asn1/x_pubkey.c
asn1/x_req.c
asn1/x_sig.c
asn1/x_spki.c
asn1/x_val.c
asn1/x_x509.c
asn1/x_x509a.c
bf/bf_cfb64.c
bf/bf_ecb.c
bf/bf_enc.c
bf/bf_ofb64.c
bf/bf_skey.c
bio/b_dump.c
bio/b_print.c
bio/b_sock.c
bio/bf_buff.c
bio/bf_nbio.c
bio/bf_null.c
bio/bio_cb.c
bio/bio_err.c
bio/bio_lib.c
bio/bss_acpt.c
bio/bss_bio.c
bio/bss_conn.c
bio/bss_dgram.c
bio/bss_fd.c
bio/bss_file.c
bio/bss_mem.c
bio/bss_null.c
bio/bss_sock.c
bn/bn_add.c
bn/bn_asm.c
bn/bn_blind.c
bn/bn_const.c
bn/bn_ctx.c
bn/bn_depr.c
bn/bn_div.c
bn/bn_err.c
bn/bn_exp.c
bn/bn_exp2.c
bn/bn_gcd.c
bn/bn_gf2m.c
bn/bn_kron.c
bn/bn_lib.c
bn/bn_mod.c
bn/bn_mont.c
bn/bn_mpi.c
bn/bn_mul.c
bn/bn_nist.c
bn/bn_prime.c
bn/bn_print.c
bn/bn_rand.c
bn/bn_recp.c
bn/bn_shift.c
bn/bn_sqr.c
bn/bn_sqrt.c
bn/bn_word.c
bn/bn_x931p.c
buffer/buf_err.c
buffer/buf_str.c
buffer/buffer.c
camellia/cmll_cfb.c
camellia/cmll_ctr.c
camellia/cmll_ecb.c
camellia/cmll_misc.c
camellia/cmll_ofb.c
cast/c_cfb64.c
cast/c_ecb.c
cast/c_enc.c
cast/c_ofb64.c
cast/c_skey.c
chacha/chacha.c
cmac/cm_ameth.c
cmac/cm_pmeth.c
cmac/cmac.c
comp/c_rle.c
comp/c_zlib.c
comp/comp_err.c
comp/comp_lib.c
conf/conf_api.c
conf/conf_def.c
conf/conf_err.c
conf/conf_lib.c
conf/conf_mall.c
conf/conf_mod.c
conf/conf_sap.c
des/cbc_cksm.c
des/cbc_enc.c
des/cfb64ede.c
des/cfb64enc.c
des/cfb_enc.c
des/des_enc.c
des/ecb3_enc.c
des/ecb_enc.c
des/ede_cbcm_enc.c
des/enc_read.c
des/enc_writ.c
des/fcrypt.c
des/fcrypt_b.c
des/ofb64ede.c
des/ofb64enc.c
des/ofb_enc.c
des/pcbc_enc.c
des/qud_cksm.c
des/rand_key.c
des/set_key.c
des/str2key.c
des/xcbc_enc.c
dh/dh_ameth.c
dh/dh_asn1.c
dh/dh_check.c
dh/dh_depr.c
dh/dh_err.c
dh/dh_gen.c
dh/dh_key.c
dh/dh_lib.c
dh/dh_pmeth.c
dh/dh_prn.c
dsa/dsa_ameth.c
dsa/dsa_asn1.c
dsa/dsa_depr.c
dsa/dsa_err.c
dsa/dsa_gen.c
dsa/dsa_key.c
dsa/dsa_lib.c
dsa/dsa_ossl.c
dsa/dsa_pmeth.c
dsa/dsa_prn.c
dsa/dsa_sign.c
dsa/dsa_vrf.c
dso/dso_dlfcn.c
dso/dso_err.c
dso/dso_lib.c
dso/dso_null.c
dso/dso_openssl.c
ec/ec2_mult.c
ec/ec2_oct.c
ec/ec2_smpl.c
ec/ec_ameth.c
ec/ec_asn1.c
ec/ec_check.c
ec/ec_curve.c
ec/ec_cvt.c
ec/ec_err.c
ec/ec_key.c
ec/ec_lib.c
ec/ec_mult.c
ec/ec_oct.c
ec/ec_pmeth.c
ec/ec_print.c
ec/eck_prn.c
ec/ecp_mont.c
ec/ecp_nist.c
ec/ecp_oct.c
ec/ecp_smpl.c
ecdh/ech_err.c
ecdh/ech_key.c
ecdh/ech_lib.c
ecdh/ech_ossl.c
ecdsa/ecs_asn1.c
ecdsa/ecs_err.c
ecdsa/ecs_lib.c
ecdsa/ecs_ossl.c
ecdsa/ecs_sign.c
ecdsa/ecs_vrf.c
engine/eng_all.c
engine/eng_cnf.c
engine/eng_ctrl.c
engine/eng_dyn.c
engine/eng_err.c
engine/eng_fat.c
engine/eng_init.c
engine/eng_lib.c
engine/eng_list.c
engine/eng_openssl.c
engine/eng_pkey.c
engine/eng_table.c
engine/tb_asnmth.c
engine/tb_cipher.c
engine/tb_dh.c
engine/tb_digest.c
engine/tb_dsa.c
engine/tb_ecdh.c
engine/tb_ecdsa.c
engine/tb_pkmeth.c
engine/tb_rand.c
engine/tb_rsa.c
engine/tb_store.c
err/err.c
err/err_all.c
err/err_prn.c
evp/bio_b64.c
evp/bio_enc.c
evp/bio_md.c
evp/c_all.c
evp/digest.c
evp/e_aes.c
evp/e_aes_cbc_hmac_sha1.c
evp/e_bf.c
evp/e_camellia.c
evp/e_cast.c
evp/e_chacha.c
evp/e_chacha20poly1305.c
evp/e_des.c
evp/e_des3.c
evp/e_gost2814789.c
evp/e_idea.c
evp/e_null.c
evp/e_old.c
evp/e_rc2.c
evp/e_rc4.c
evp/e_rc4_hmac_md5.c
evp/e_xcbc_d.c
evp/encode.c
evp/evp_aead.c
evp/evp_enc.c
evp/evp_err.c
evp/evp_key.c
evp/evp_lib.c
evp/evp_pbe.c
evp/evp_pkey.c
evp/m_dss.c
evp/m_dss1.c
evp/m_ecdsa.c
evp/m_gost2814789.c
evp/m_gostr341194.c
evp/m_md4.c
evp/m_md5.c
evp/m_null.c
evp/m_ripemd.c
evp/m_sha.c
evp/m_sha1.c
evp/m_sigver.c
evp/m_streebog.c
evp/m_wp.c
evp/names.c
evp/p5_crpt.c
evp/p5_crpt2.c
evp/p_dec.c
evp/p_enc.c
evp/p_lib.c
evp/p_open.c
evp/p_seal.c
evp/p_sign.c
evp/p_verify.c
evp/pmeth_fn.c
evp/pmeth_gn.c
evp/pmeth_lib.c
gost/gost2814789.c
gost/gost89_keywrap.c
gost/gost89_params.c
gost/gost89imit_ameth.c
gost/gost89imit_pmeth.c
gost/gost_asn1.c
gost/gost_err.c
gost/gostr341001.c
gost/gostr341001_ameth.c
gost/gostr341001_key.c
gost/gostr341001_params.c
gost/gostr341001_pmeth.c
gost/gostr341194.c
gost/streebog.c
hmac/hm_ameth.c
hmac/hm_pmeth.c
hmac/hmac.c
idea/i_cbc.c
idea/i_cfb64.c
idea/i_ecb.c
idea/i_ofb64.c
idea/i_skey.c
krb5/krb5_asn.c
lhash/lh_stats.c
lhash/lhash.c
md4/md4_dgst.c
md4/md4_one.c
md5/md5_dgst.c
md5/md5_one.c
modes/cbc128.c
modes/ccm128.c
modes/cfb128.c
modes/ctr128.c
modes/cts128.c
modes/gcm128.c
modes/ofb128.c
modes/xts128.c
objects/o_names.c
objects/obj_dat.c
objects/obj_err.c
objects/obj_lib.c
objects/obj_xref.c
ocsp/ocsp_asn.c
ocsp/ocsp_cl.c
ocsp/ocsp_err.c
ocsp/ocsp_ext.c
ocsp/ocsp_ht.c
ocsp/ocsp_lib.c
ocsp/ocsp_prn.c
ocsp/ocsp_srv.c
ocsp/ocsp_vfy.c
pem/pem_all.c
pem/pem_err.c
pem/pem_info.c
pem/pem_lib.c
pem/pem_oth.c
pem/pem_pk8.c
pem/pem_pkey.c
pem/pem_seal.c
pem/pem_sign.c
pem/pem_x509.c
pem/pem_xaux.c
pem/pvkfmt.c
pkcs12/p12_add.c
pkcs12/p12_asn.c
pkcs12/p12_attr.c
pkcs12/p12_crpt.c
pkcs12/p12_crt.c
pkcs12/p12_decr.c
pkcs12/p12_init.c
pkcs12/p12_key.c
pkcs12/p12_kiss.c
pkcs12/p12_mutl.c
pkcs12/p12_npas.c
pkcs12/p12_p8d.c
pkcs12/p12_p8e.c
pkcs12/p12_utl.c
pkcs12/pk12err.c
pkcs7/bio_pk7.c
pkcs7/pk7_asn1.c
pkcs7/pk7_attr.c
pkcs7/pk7_doit.c
pkcs7/pk7_lib.c
pkcs7/pk7_mime.c
pkcs7/pk7_smime.c
pkcs7/pkcs7err.c
poly1305/poly1305.c
rand/rand_err.c
rand/rand_lib.c
rand/randfile.c
rc2/rc2_cbc.c
rc2/rc2_ecb.c
rc2/rc2_skey.c
rc2/rc2cfb64.c
rc2/rc2ofb64.c
ripemd/rmd_dgst.c
ripemd/rmd_one.c
rsa/rsa_ameth.c
rsa/rsa_asn1.c
rsa/rsa_chk.c
rsa/rsa_crpt.c
rsa/rsa_depr.c
rsa/rsa_eay.c
rsa/rsa_err.c
rsa/rsa_gen.c
rsa/rsa_lib.c
rsa/rsa_none.c
rsa/rsa_oaep.c
rsa/rsa_pk1.c
rsa/rsa_pmeth.c
rsa/rsa_prn.c
rsa/rsa_pss.c
rsa/rsa_saos.c
rsa/rsa_sign.c
rsa/rsa_ssl.c
rsa/rsa_x931.c
sha/sha1_one.c
sha/sha1dgst.c
sha/sha256.c
sha/sha512.c
sha/sha_dgst.c
sha/sha_one.c
stack/stack.c
ts/ts_asn1.c
ts/ts_conf.c
ts/ts_err.c
ts/ts_lib.c
ts/ts_req_print.c
ts/ts_req_utils.c
ts/ts_rsp_print.c
ts/ts_rsp_sign.c
ts/ts_rsp_utils.c
ts/ts_rsp_verify.c
ts/ts_verify_ctx.c
txt_db/txt_db.c
ui/ui_err.c
ui/ui_lib.c
ui/ui_util.c
whrlpool/wp_dgst.c
x509/by_dir.c
x509/by_file.c
x509/by_mem.c
x509/x509_att.c
x509/x509_cmp.c
x509/x509_d2.c
x509/x509_def.c
x509/x509_err.c
x509/x509_ext.c
x509/x509_lu.c
x509/x509_obj.c
x509/x509_r2x.c
x509/x509_req.c
x509/x509_set.c
x509/x509_trs.c
x509/x509_txt.c
x509/x509_v3.c
x509/x509_vfy.c
x509/x509_vpm.c
x509/x509cset.c
x509/x509name.c
x509/x509rset.c
x509/x509spki.c
x509/x509type.c
x509/x_all.c
x509v3/pcy_cache.c
x509v3/pcy_data.c
x509v3/pcy_lib.c
x509v3/pcy_map.c
x509v3/pcy_node.c
x509v3/pcy_tree.c
x509v3/v3_akey.c
x509v3/v3_akeya.c
x509v3/v3_alt.c
x509v3/v3_bcons.c
x509v3/v3_bitst.c
x509v3/v3_conf.c
x509v3/v3_cpols.c
x509v3/v3_crld.c
x509v3/v3_enum.c
x509v3/v3_extku.c
x509v3/v3_genn.c
x509v3/v3_ia5.c
x509v3/v3_info.c
x509v3/v3_int.c
x509v3/v3_lib.c
x509v3/v3_ncons.c
x509v3/v3_ocsp.c
x509v3/v3_pci.c
x509v3/v3_pcia.c
x509v3/v3_pcons.c
x509v3/v3_pku.c
x509v3/v3_pmaps.c
x509v3/v3_prn.c
x509v3/v3_purp.c
x509v3/v3_skey.c
x509v3/v3_sxnet.c
x509v3/v3_utl.c
x509v3/v3err.c
)
if(CMAKE_HOST_UNIX)
set(CRYPTO_SRC ${CRYPTO_SRC} bio/b_posix.c)
set(CRYPTO_SRC ${CRYPTO_SRC} bio/bss_log.c)
set(CRYPTO_SRC ${CRYPTO_SRC} ui/ui_openssl.c)
endif()
if(CMAKE_HOST_WIN32)
set(CRYPTO_SRC ${CRYPTO_SRC} bio/b_win.c)
set(CRYPTO_SRC ${CRYPTO_SRC} ui/ui_openssl_win.c)
endif()
if(CMAKE_HOST_WIN32)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/posix_win.c)
endif()
if(NOT HAVE_ASPRINTF)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/bsd-asprintf.c)
endif()
if(NOT HAVE_INET_PTON)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/inet_pton.c)
endif()
if(NOT HAVE_REALLOCARRAY)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/reallocarray.c)
endif()
if(NOT HAVE_STRCASECMP)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/strcasecmp.c)
endif()
if(NOT HAVE_STRLCAT)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/strlcat.c)
endif()
if(NOT HAVE_STRLCPY)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/strlcpy.c)
endif()
if(NOT HAVE_STRNDUP)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/strndup.c)
if(NOT HAVE_STRNLEN)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/strnlen.c)
endif()
endif()
if(NOT HAVE_EXPLICIT_BZERO)
if(CMAKE_HOST_WIN32)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/explicit_bzero_win.c)
else()
set(CRYPTO_SRC ${CRYPTO_SRC} compat/explicit_bzero.c)
set_source_files_properties(compat/explicit_bzero.c PROPERTIES COMPILE_FLAGS -O0)
endif()
endif()
if(NOT HAVE_ARC4RANDOM_BUF)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/arc4random.c)
if(NOT HAVE_GETENTROPY)
if(CMAKE_HOST_WIN32)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_win.c)
elseif(CMAKE_SYSTEM_NAME MATCHES "AIX")
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_aix.c)
elseif(CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_freebsd.c)
elseif(CMAKE_SYSTEM_NAME MATCHES "Linux")
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_linux.c)
elseif(CMAKE_SYSTEM_NAME MATCHES "NetBSD")
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_netbsd.c)
elseif(CMAKE_SYSTEM_NAME MATCHES "Darwin")
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_darwin.c)
elseif(CMAKE_SYSTEM_NAME MATCHES "SunOS")
set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_solaris.c)
endif()
endif()
endif()
if(NOT HAVE_TIMINGSAFE_BCMP)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_bcmp.c)
endif()
if(NOT HAVE_TIMINGSAFE_MEMCMP)
set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_memcmp.c)
endif()
if (BUILD_SHARED)
add_library(crypto-objects OBJECT ${CRYPTO_SRC})
add_library(crypto STATIC $<TARGET_OBJECTS:crypto-objects>)
add_library(crypto-shared SHARED $<TARGET_OBJECTS:crypto-objects>)
set_target_properties(crypto-shared PROPERTIES OUTPUT_NAME crypto)
set_target_properties(crypto-shared PROPERTIES VERSION
${CRYPTO_VERSION} SOVERSION ${CRYPTO_MAJOR_VERSION})
install(TARGETS crypto crypto-shared DESTINATION lib)
else()
add_library(crypto STATIC ${CRYPTO_SRC})
install(TARGETS crypto DESTINATION lib)
endif()

805
crypto/Makefile.am
View File

@@ -1,805 +0,0 @@
include $(top_srcdir)/Makefile.am.common
AM_CPPFLAGS += -I$(top_srcdir)/crypto/asn1
AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp
AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes
AM_CPPFLAGS += -I$(top_srcdir)/crypto
lib_LTLIBRARIES = libcrypto.la
EXTRA_DIST = VERSION
EXTRA_DIST += CMakeLists.txt
# needed for a CMake target
EXTRA_DIST += compat/strcasecmp.c
libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@ -no-undefined
libcrypto_la_LIBADD = libcompat.la libcompatnoopt.la
libcrypto_la_CPPFLAGS = $(AM_CPPFLAGS)
libcrypto_la_CPPFLAGS += -DLIBRESSL_INTERNAL
libcrypto_la_CPPFLAGS += -DOPENSSL_NO_HW_PADLOCK
if OPENSSL_NO_ASM
libcrypto_la_CPPFLAGS += -DOPENSSL_NO_ASM
else
if HOST_WIN
libcrypto_la_CPPFLAGS += -DOPENSSL_NO_ASM
endif
endif
if OPENSSLDIR_DEFINED
libcrypto_la_CPPFLAGS += -DOPENSSLDIR=\"@OPENSSLDIR@\"
else
libcrypto_la_CPPFLAGS += -DOPENSSLDIR=\"$(sysconfdir)/ssl\"
endif
noinst_LTLIBRARIES = libcompat.la libcompatnoopt.la
# compatibility functions that need to be built without optimizations
libcompatnoopt_la_CFLAGS = -O0
libcompatnoopt_la_SOURCES =
if !HAVE_EXPLICIT_BZERO
if HOST_WIN
libcompatnoopt_la_SOURCES += compat/explicit_bzero_win.c
else
libcompatnoopt_la_SOURCES += compat/explicit_bzero.c
endif
endif
# other compatibility functions
libcompat_la_SOURCES =
libcompat_la_LIBADD = $(PLATFORM_LDADD)
if !HAVE_STRLCAT
libcompat_la_SOURCES += compat/strlcat.c
endif
if !HAVE_STRLCPY
libcompat_la_SOURCES += compat/strlcpy.c
endif
if !HAVE_STRNDUP
libcompat_la_SOURCES += compat/strndup.c
# the only user of strnlen is strndup, so only build it if needed
if !HAVE_STRNLEN
libcompat_la_SOURCES += compat/strnlen.c
endif
endif
if !HAVE_ASPRINTF
libcompat_la_SOURCES += compat/bsd-asprintf.c
endif
if !HAVE_INET_PTON
libcompat_la_SOURCES += compat/inet_pton.c
endif
if !HAVE_REALLOCARRAY
libcompat_la_SOURCES += compat/reallocarray.c
endif
if !HAVE_TIMINGSAFE_MEMCMP
libcompat_la_SOURCES += compat/timingsafe_memcmp.c
endif
if !HAVE_TIMINGSAFE_BCMP
libcompat_la_SOURCES += compat/timingsafe_bcmp.c
endif
if HOST_WIN
libcompat_la_SOURCES += compat/posix_win.c
endif
include Makefile.am.arc4random
libcrypto_la_SOURCES =
EXTRA_libcrypto_la_SOURCES =
include Makefile.am.elf-x86_64
include Makefile.am.macosx-x86_64
if !HOST_ASM_ELF_X86_64
if !HOST_ASM_MACOSX_X86_64
libcrypto_la_SOURCES += aes/aes_cbc.c
libcrypto_la_SOURCES += aes/aes_core.c
libcrypto_la_SOURCES += camellia/camellia.c
libcrypto_la_SOURCES += camellia/cmll_cbc.c
libcrypto_la_SOURCES += rc4/rc4_enc.c
libcrypto_la_SOURCES += rc4/rc4_skey.c
libcrypto_la_SOURCES += whrlpool/wp_block.c
endif
endif
libcrypto_la_SOURCES += cpt_err.c
libcrypto_la_SOURCES += cryptlib.c
libcrypto_la_SOURCES += cversion.c
libcrypto_la_SOURCES += ex_data.c
libcrypto_la_SOURCES += malloc-wrapper.c
libcrypto_la_SOURCES += mem_clr.c
libcrypto_la_SOURCES += mem_dbg.c
libcrypto_la_SOURCES += o_init.c
libcrypto_la_SOURCES += o_str.c
libcrypto_la_SOURCES += o_time.c
noinst_HEADERS += constant_time_locl.h
noinst_HEADERS += cryptlib.h
noinst_HEADERS += md32_common.h
noinst_HEADERS += o_time.h
# aes
libcrypto_la_SOURCES += aes/aes_cfb.c
libcrypto_la_SOURCES += aes/aes_ctr.c
libcrypto_la_SOURCES += aes/aes_ecb.c
libcrypto_la_SOURCES += aes/aes_ige.c
libcrypto_la_SOURCES += aes/aes_misc.c
libcrypto_la_SOURCES += aes/aes_ofb.c
libcrypto_la_SOURCES += aes/aes_wrap.c
noinst_HEADERS += aes/aes_locl.h
# asn1
libcrypto_la_SOURCES += asn1/a_bitstr.c
libcrypto_la_SOURCES += asn1/a_bool.c
libcrypto_la_SOURCES += asn1/a_bytes.c
libcrypto_la_SOURCES += asn1/a_d2i_fp.c
libcrypto_la_SOURCES += asn1/a_digest.c
libcrypto_la_SOURCES += asn1/a_dup.c
libcrypto_la_SOURCES += asn1/a_enum.c
libcrypto_la_SOURCES += asn1/a_gentm.c
libcrypto_la_SOURCES += asn1/a_i2d_fp.c
libcrypto_la_SOURCES += asn1/a_int.c
libcrypto_la_SOURCES += asn1/a_mbstr.c
libcrypto_la_SOURCES += asn1/a_object.c
libcrypto_la_SOURCES += asn1/a_octet.c
libcrypto_la_SOURCES += asn1/a_print.c
libcrypto_la_SOURCES += asn1/a_set.c
libcrypto_la_SOURCES += asn1/a_sign.c
libcrypto_la_SOURCES += asn1/a_strex.c
libcrypto_la_SOURCES += asn1/a_strnid.c
libcrypto_la_SOURCES += asn1/a_time.c
libcrypto_la_SOURCES += asn1/a_type.c
libcrypto_la_SOURCES += asn1/a_utctm.c
libcrypto_la_SOURCES += asn1/a_utf8.c
libcrypto_la_SOURCES += asn1/a_verify.c
libcrypto_la_SOURCES += asn1/ameth_lib.c
libcrypto_la_SOURCES += asn1/asn1_err.c
libcrypto_la_SOURCES += asn1/asn1_gen.c
libcrypto_la_SOURCES += asn1/asn1_lib.c
libcrypto_la_SOURCES += asn1/asn1_par.c
libcrypto_la_SOURCES += asn1/asn_mime.c
libcrypto_la_SOURCES += asn1/asn_moid.c
libcrypto_la_SOURCES += asn1/asn_pack.c
libcrypto_la_SOURCES += asn1/bio_asn1.c
libcrypto_la_SOURCES += asn1/bio_ndef.c
libcrypto_la_SOURCES += asn1/d2i_pr.c
libcrypto_la_SOURCES += asn1/d2i_pu.c
libcrypto_la_SOURCES += asn1/evp_asn1.c
libcrypto_la_SOURCES += asn1/f_enum.c
libcrypto_la_SOURCES += asn1/f_int.c
libcrypto_la_SOURCES += asn1/f_string.c
libcrypto_la_SOURCES += asn1/i2d_pr.c
libcrypto_la_SOURCES += asn1/i2d_pu.c
libcrypto_la_SOURCES += asn1/n_pkey.c
libcrypto_la_SOURCES += asn1/nsseq.c
libcrypto_la_SOURCES += asn1/p5_pbe.c
libcrypto_la_SOURCES += asn1/p5_pbev2.c
libcrypto_la_SOURCES += asn1/p8_pkey.c
libcrypto_la_SOURCES += asn1/t_bitst.c
libcrypto_la_SOURCES += asn1/t_crl.c
libcrypto_la_SOURCES += asn1/t_pkey.c
libcrypto_la_SOURCES += asn1/t_req.c
libcrypto_la_SOURCES += asn1/t_spki.c
libcrypto_la_SOURCES += asn1/t_x509.c
libcrypto_la_SOURCES += asn1/t_x509a.c
libcrypto_la_SOURCES += asn1/tasn_dec.c
libcrypto_la_SOURCES += asn1/tasn_enc.c
libcrypto_la_SOURCES += asn1/tasn_fre.c
libcrypto_la_SOURCES += asn1/tasn_new.c
libcrypto_la_SOURCES += asn1/tasn_prn.c
libcrypto_la_SOURCES += asn1/tasn_typ.c
libcrypto_la_SOURCES += asn1/tasn_utl.c
libcrypto_la_SOURCES += asn1/x_algor.c
libcrypto_la_SOURCES += asn1/x_attrib.c
libcrypto_la_SOURCES += asn1/x_bignum.c
libcrypto_la_SOURCES += asn1/x_crl.c
libcrypto_la_SOURCES += asn1/x_exten.c
libcrypto_la_SOURCES += asn1/x_info.c
libcrypto_la_SOURCES += asn1/x_long.c
libcrypto_la_SOURCES += asn1/x_name.c
libcrypto_la_SOURCES += asn1/x_nx509.c
libcrypto_la_SOURCES += asn1/x_pkey.c
libcrypto_la_SOURCES += asn1/x_pubkey.c
libcrypto_la_SOURCES += asn1/x_req.c
libcrypto_la_SOURCES += asn1/x_sig.c
libcrypto_la_SOURCES += asn1/x_spki.c
libcrypto_la_SOURCES += asn1/x_val.c
libcrypto_la_SOURCES += asn1/x_x509.c
libcrypto_la_SOURCES += asn1/x_x509a.c
noinst_HEADERS += asn1/asn1_locl.h
noinst_HEADERS += asn1/charmap.h
# bf
libcrypto_la_SOURCES += bf/bf_cfb64.c
libcrypto_la_SOURCES += bf/bf_ecb.c
libcrypto_la_SOURCES += bf/bf_enc.c
libcrypto_la_SOURCES += bf/bf_ofb64.c
libcrypto_la_SOURCES += bf/bf_skey.c
noinst_HEADERS += bf/bf_locl.h
noinst_HEADERS += bf/bf_pi.h
# bio
libcrypto_la_SOURCES += bio/b_dump.c
if !HOST_WIN
libcrypto_la_SOURCES += bio/b_posix.c
endif
libcrypto_la_SOURCES += bio/b_print.c
libcrypto_la_SOURCES += bio/b_sock.c
if HOST_WIN
libcrypto_la_SOURCES += bio/b_win.c
endif
libcrypto_la_SOURCES += bio/bf_buff.c
libcrypto_la_SOURCES += bio/bf_nbio.c
libcrypto_la_SOURCES += bio/bf_null.c
libcrypto_la_SOURCES += bio/bio_cb.c
libcrypto_la_SOURCES += bio/bio_err.c
libcrypto_la_SOURCES += bio/bio_lib.c
libcrypto_la_SOURCES += bio/bss_acpt.c
libcrypto_la_SOURCES += bio/bss_bio.c
libcrypto_la_SOURCES += bio/bss_conn.c
libcrypto_la_SOURCES += bio/bss_dgram.c
libcrypto_la_SOURCES += bio/bss_fd.c
libcrypto_la_SOURCES += bio/bss_file.c
if !HOST_WIN
libcrypto_la_SOURCES += bio/bss_log.c
endif
libcrypto_la_SOURCES += bio/bss_mem.c
libcrypto_la_SOURCES += bio/bss_null.c
libcrypto_la_SOURCES += bio/bss_sock.c
# bn
libcrypto_la_SOURCES += bn/bn_add.c
libcrypto_la_SOURCES += bn/bn_asm.c
libcrypto_la_SOURCES += bn/bn_blind.c
libcrypto_la_SOURCES += bn/bn_const.c
libcrypto_la_SOURCES += bn/bn_ctx.c
libcrypto_la_SOURCES += bn/bn_depr.c
libcrypto_la_SOURCES += bn/bn_div.c
libcrypto_la_SOURCES += bn/bn_err.c
libcrypto_la_SOURCES += bn/bn_exp.c
libcrypto_la_SOURCES += bn/bn_exp2.c
libcrypto_la_SOURCES += bn/bn_gcd.c
libcrypto_la_SOURCES += bn/bn_gf2m.c
libcrypto_la_SOURCES += bn/bn_kron.c
libcrypto_la_SOURCES += bn/bn_lib.c
libcrypto_la_SOURCES += bn/bn_mod.c
libcrypto_la_SOURCES += bn/bn_mont.c
libcrypto_la_SOURCES += bn/bn_mpi.c
libcrypto_la_SOURCES += bn/bn_mul.c
libcrypto_la_SOURCES += bn/bn_nist.c
libcrypto_la_SOURCES += bn/bn_prime.c
libcrypto_la_SOURCES += bn/bn_print.c
libcrypto_la_SOURCES += bn/bn_rand.c
libcrypto_la_SOURCES += bn/bn_recp.c
libcrypto_la_SOURCES += bn/bn_shift.c
libcrypto_la_SOURCES += bn/bn_sqr.c
libcrypto_la_SOURCES += bn/bn_sqrt.c
libcrypto_la_SOURCES += bn/bn_word.c
libcrypto_la_SOURCES += bn/bn_x931p.c
noinst_HEADERS += bn/bn_lcl.h
noinst_HEADERS += bn/bn_prime.h
# buffer
libcrypto_la_SOURCES += buffer/buf_err.c
libcrypto_la_SOURCES += buffer/buf_str.c
libcrypto_la_SOURCES += buffer/buffer.c
# camellia
libcrypto_la_SOURCES += camellia/cmll_cfb.c
libcrypto_la_SOURCES += camellia/cmll_ctr.c
libcrypto_la_SOURCES += camellia/cmll_ecb.c
libcrypto_la_SOURCES += camellia/cmll_misc.c
libcrypto_la_SOURCES += camellia/cmll_ofb.c
noinst_HEADERS += camellia/camellia.h
noinst_HEADERS += camellia/cmll_locl.h
# cast
libcrypto_la_SOURCES += cast/c_cfb64.c
libcrypto_la_SOURCES += cast/c_ecb.c
libcrypto_la_SOURCES += cast/c_enc.c
libcrypto_la_SOURCES += cast/c_ofb64.c
libcrypto_la_SOURCES += cast/c_skey.c
noinst_HEADERS += cast/cast_lcl.h
noinst_HEADERS += cast/cast_s.h
# chacha
EXTRA_libcrypto_la_SOURCES += chacha/chacha-merged.c
libcrypto_la_SOURCES += chacha/chacha.c
# cmac
libcrypto_la_SOURCES += cmac/cm_ameth.c
libcrypto_la_SOURCES += cmac/cm_pmeth.c
libcrypto_la_SOURCES += cmac/cmac.c
# comp
libcrypto_la_SOURCES += comp/c_rle.c
libcrypto_la_SOURCES += comp/c_zlib.c
libcrypto_la_SOURCES += comp/comp_err.c
libcrypto_la_SOURCES += comp/comp_lib.c
# conf
libcrypto_la_SOURCES += conf/conf_api.c
libcrypto_la_SOURCES += conf/conf_def.c
libcrypto_la_SOURCES += conf/conf_err.c
libcrypto_la_SOURCES += conf/conf_lib.c
libcrypto_la_SOURCES += conf/conf_mall.c
libcrypto_la_SOURCES += conf/conf_mod.c
libcrypto_la_SOURCES += conf/conf_sap.c
noinst_HEADERS += conf/conf_def.h
# des
libcrypto_la_SOURCES += des/cbc_cksm.c
libcrypto_la_SOURCES += des/cbc_enc.c
libcrypto_la_SOURCES += des/cfb64ede.c
libcrypto_la_SOURCES += des/cfb64enc.c
libcrypto_la_SOURCES += des/cfb_enc.c
libcrypto_la_SOURCES += des/des_enc.c
libcrypto_la_SOURCES += des/ecb3_enc.c
libcrypto_la_SOURCES += des/ecb_enc.c
libcrypto_la_SOURCES += des/ede_cbcm_enc.c
libcrypto_la_SOURCES += des/enc_read.c
libcrypto_la_SOURCES += des/enc_writ.c
libcrypto_la_SOURCES += des/fcrypt.c
libcrypto_la_SOURCES += des/fcrypt_b.c
EXTRA_libcrypto_la_SOURCES += des/ncbc_enc.c
libcrypto_la_SOURCES += des/ofb64ede.c
libcrypto_la_SOURCES += des/ofb64enc.c
libcrypto_la_SOURCES += des/ofb_enc.c
libcrypto_la_SOURCES += des/pcbc_enc.c
libcrypto_la_SOURCES += des/qud_cksm.c
libcrypto_la_SOURCES += des/rand_key.c
libcrypto_la_SOURCES += des/set_key.c
libcrypto_la_SOURCES += des/str2key.c
libcrypto_la_SOURCES += des/xcbc_enc.c
noinst_HEADERS += des/des_locl.h
noinst_HEADERS += des/spr.h
# dh
libcrypto_la_SOURCES += dh/dh_ameth.c
libcrypto_la_SOURCES += dh/dh_asn1.c
libcrypto_la_SOURCES += dh/dh_check.c
libcrypto_la_SOURCES += dh/dh_depr.c
libcrypto_la_SOURCES += dh/dh_err.c
libcrypto_la_SOURCES += dh/dh_gen.c
libcrypto_la_SOURCES += dh/dh_key.c
libcrypto_la_SOURCES += dh/dh_lib.c
libcrypto_la_SOURCES += dh/dh_pmeth.c
libcrypto_la_SOURCES += dh/dh_prn.c
# dsa
libcrypto_la_SOURCES += dsa/dsa_ameth.c
libcrypto_la_SOURCES += dsa/dsa_asn1.c
libcrypto_la_SOURCES += dsa/dsa_depr.c
libcrypto_la_SOURCES += dsa/dsa_err.c
libcrypto_la_SOURCES += dsa/dsa_gen.c
libcrypto_la_SOURCES += dsa/dsa_key.c
libcrypto_la_SOURCES += dsa/dsa_lib.c
libcrypto_la_SOURCES += dsa/dsa_ossl.c
libcrypto_la_SOURCES += dsa/dsa_pmeth.c
libcrypto_la_SOURCES += dsa/dsa_prn.c
libcrypto_la_SOURCES += dsa/dsa_sign.c
libcrypto_la_SOURCES += dsa/dsa_vrf.c
noinst_HEADERS += dsa/dsa_locl.h
# dso
libcrypto_la_SOURCES += dso/dso_dlfcn.c
libcrypto_la_SOURCES += dso/dso_err.c
libcrypto_la_SOURCES += dso/dso_lib.c
libcrypto_la_SOURCES += dso/dso_null.c
libcrypto_la_SOURCES += dso/dso_openssl.c
# ec
libcrypto_la_SOURCES += ec/ec2_mult.c
libcrypto_la_SOURCES += ec/ec2_oct.c
libcrypto_la_SOURCES += ec/ec2_smpl.c
libcrypto_la_SOURCES += ec/ec_ameth.c
libcrypto_la_SOURCES += ec/ec_asn1.c
libcrypto_la_SOURCES += ec/ec_check.c
libcrypto_la_SOURCES += ec/ec_curve.c
libcrypto_la_SOURCES += ec/ec_cvt.c
libcrypto_la_SOURCES += ec/ec_err.c
libcrypto_la_SOURCES += ec/ec_key.c
libcrypto_la_SOURCES += ec/ec_lib.c
libcrypto_la_SOURCES += ec/ec_mult.c
libcrypto_la_SOURCES += ec/ec_oct.c
libcrypto_la_SOURCES += ec/ec_pmeth.c
libcrypto_la_SOURCES += ec/ec_print.c
libcrypto_la_SOURCES += ec/eck_prn.c
libcrypto_la_SOURCES += ec/ecp_mont.c
libcrypto_la_SOURCES += ec/ecp_nist.c
libcrypto_la_SOURCES += ec/ecp_oct.c
libcrypto_la_SOURCES += ec/ecp_smpl.c
noinst_HEADERS += ec/ec_lcl.h
# ecdh
libcrypto_la_SOURCES += ecdh/ech_err.c
libcrypto_la_SOURCES += ecdh/ech_key.c
libcrypto_la_SOURCES += ecdh/ech_lib.c
libcrypto_la_SOURCES += ecdh/ech_ossl.c
noinst_HEADERS += ecdh/ech_locl.h
# ecdsa
libcrypto_la_SOURCES += ecdsa/ecs_asn1.c
libcrypto_la_SOURCES += ecdsa/ecs_err.c
libcrypto_la_SOURCES += ecdsa/ecs_lib.c
libcrypto_la_SOURCES += ecdsa/ecs_ossl.c
libcrypto_la_SOURCES += ecdsa/ecs_sign.c
libcrypto_la_SOURCES += ecdsa/ecs_vrf.c
noinst_HEADERS += ecdsa/ecs_locl.h
# engine
libcrypto_la_SOURCES += engine/eng_all.c
libcrypto_la_SOURCES += engine/eng_cnf.c
libcrypto_la_SOURCES += engine/eng_ctrl.c
libcrypto_la_SOURCES += engine/eng_dyn.c
libcrypto_la_SOURCES += engine/eng_err.c
libcrypto_la_SOURCES += engine/eng_fat.c
libcrypto_la_SOURCES += engine/eng_init.c
libcrypto_la_SOURCES += engine/eng_lib.c
libcrypto_la_SOURCES += engine/eng_list.c
libcrypto_la_SOURCES += engine/eng_openssl.c
libcrypto_la_SOURCES += engine/eng_pkey.c
libcrypto_la_SOURCES += engine/eng_table.c
libcrypto_la_SOURCES += engine/tb_asnmth.c
libcrypto_la_SOURCES += engine/tb_cipher.c
libcrypto_la_SOURCES += engine/tb_dh.c
libcrypto_la_SOURCES += engine/tb_digest.c
libcrypto_la_SOURCES += engine/tb_dsa.c
libcrypto_la_SOURCES += engine/tb_ecdh.c
libcrypto_la_SOURCES += engine/tb_ecdsa.c
libcrypto_la_SOURCES += engine/tb_pkmeth.c
libcrypto_la_SOURCES += engine/tb_rand.c
libcrypto_la_SOURCES += engine/tb_rsa.c
libcrypto_la_SOURCES += engine/tb_store.c
noinst_HEADERS += engine/eng_int.h
# err
libcrypto_la_SOURCES += err/err.c
libcrypto_la_SOURCES += err/err_all.c
libcrypto_la_SOURCES += err/err_prn.c
# evp
libcrypto_la_SOURCES += evp/bio_b64.c
libcrypto_la_SOURCES += evp/bio_enc.c
libcrypto_la_SOURCES += evp/bio_md.c
libcrypto_la_SOURCES += evp/c_all.c
libcrypto_la_SOURCES += evp/digest.c
libcrypto_la_SOURCES += evp/e_aes.c
libcrypto_la_SOURCES += evp/e_aes_cbc_hmac_sha1.c
libcrypto_la_SOURCES += evp/e_bf.c
libcrypto_la_SOURCES += evp/e_camellia.c
libcrypto_la_SOURCES += evp/e_cast.c
libcrypto_la_SOURCES += evp/e_chacha.c
libcrypto_la_SOURCES += evp/e_chacha20poly1305.c
libcrypto_la_SOURCES += evp/e_des.c
libcrypto_la_SOURCES += evp/e_des3.c
libcrypto_la_SOURCES += evp/e_gost2814789.c
libcrypto_la_SOURCES += evp/e_idea.c
libcrypto_la_SOURCES += evp/e_null.c
libcrypto_la_SOURCES += evp/e_old.c
libcrypto_la_SOURCES += evp/e_rc2.c
libcrypto_la_SOURCES += evp/e_rc4.c
libcrypto_la_SOURCES += evp/e_rc4_hmac_md5.c
libcrypto_la_SOURCES += evp/e_xcbc_d.c
libcrypto_la_SOURCES += evp/encode.c
libcrypto_la_SOURCES += evp/evp_aead.c
libcrypto_la_SOURCES += evp/evp_enc.c
libcrypto_la_SOURCES += evp/evp_err.c
libcrypto_la_SOURCES += evp/evp_key.c
libcrypto_la_SOURCES += evp/evp_lib.c
libcrypto_la_SOURCES += evp/evp_pbe.c
libcrypto_la_SOURCES += evp/evp_pkey.c
libcrypto_la_SOURCES += evp/m_dss.c
libcrypto_la_SOURCES += evp/m_dss1.c
libcrypto_la_SOURCES += evp/m_ecdsa.c
libcrypto_la_SOURCES += evp/m_gost2814789.c
libcrypto_la_SOURCES += evp/m_gostr341194.c
libcrypto_la_SOURCES += evp/m_md4.c
libcrypto_la_SOURCES += evp/m_md5.c
libcrypto_la_SOURCES += evp/m_null.c
libcrypto_la_SOURCES += evp/m_ripemd.c
libcrypto_la_SOURCES += evp/m_sha.c
libcrypto_la_SOURCES += evp/m_sha1.c
libcrypto_la_SOURCES += evp/m_sigver.c
libcrypto_la_SOURCES += evp/m_streebog.c
libcrypto_la_SOURCES += evp/m_wp.c
libcrypto_la_SOURCES += evp/names.c
libcrypto_la_SOURCES += evp/p5_crpt.c
libcrypto_la_SOURCES += evp/p5_crpt2.c
libcrypto_la_SOURCES += evp/p_dec.c
libcrypto_la_SOURCES += evp/p_enc.c
libcrypto_la_SOURCES += evp/p_lib.c
libcrypto_la_SOURCES += evp/p_open.c
libcrypto_la_SOURCES += evp/p_seal.c
libcrypto_la_SOURCES += evp/p_sign.c
libcrypto_la_SOURCES += evp/p_verify.c
libcrypto_la_SOURCES += evp/pmeth_fn.c
libcrypto_la_SOURCES += evp/pmeth_gn.c
libcrypto_la_SOURCES += evp/pmeth_lib.c
noinst_HEADERS += evp/evp_locl.h
# gost
libcrypto_la_SOURCES += gost/gost2814789.c
libcrypto_la_SOURCES += gost/gost89_keywrap.c
libcrypto_la_SOURCES += gost/gost89_params.c
libcrypto_la_SOURCES += gost/gost89imit_ameth.c
libcrypto_la_SOURCES += gost/gost89imit_pmeth.c
libcrypto_la_SOURCES += gost/gost_asn1.c
libcrypto_la_SOURCES += gost/gost_err.c
libcrypto_la_SOURCES += gost/gostr341001.c
libcrypto_la_SOURCES += gost/gostr341001_ameth.c
libcrypto_la_SOURCES += gost/gostr341001_key.c
libcrypto_la_SOURCES += gost/gostr341001_params.c
libcrypto_la_SOURCES += gost/gostr341001_pmeth.c
libcrypto_la_SOURCES += gost/gostr341194.c
libcrypto_la_SOURCES += gost/streebog.c
noinst_HEADERS += gost/gost.h
noinst_HEADERS += gost/gost_asn1.h
noinst_HEADERS += gost/gost_locl.h
# hmac
libcrypto_la_SOURCES += hmac/hm_ameth.c
libcrypto_la_SOURCES += hmac/hm_pmeth.c
libcrypto_la_SOURCES += hmac/hmac.c
# idea
libcrypto_la_SOURCES += idea/i_cbc.c
libcrypto_la_SOURCES += idea/i_cfb64.c
libcrypto_la_SOURCES += idea/i_ecb.c
libcrypto_la_SOURCES += idea/i_ofb64.c
libcrypto_la_SOURCES += idea/i_skey.c
noinst_HEADERS += idea/idea_lcl.h
# krb5
libcrypto_la_SOURCES += krb5/krb5_asn.c
# lhash
libcrypto_la_SOURCES += lhash/lh_stats.c
libcrypto_la_SOURCES += lhash/lhash.c
# md4
libcrypto_la_SOURCES += md4/md4_dgst.c
libcrypto_la_SOURCES += md4/md4_one.c
noinst_HEADERS += md4/md4_locl.h
# md5
libcrypto_la_SOURCES += md5/md5_dgst.c
libcrypto_la_SOURCES += md5/md5_one.c
noinst_HEADERS += md5/md5_locl.h
# modes
libcrypto_la_SOURCES += modes/cbc128.c
libcrypto_la_SOURCES += modes/ccm128.c
libcrypto_la_SOURCES += modes/cfb128.c
libcrypto_la_SOURCES += modes/ctr128.c
libcrypto_la_SOURCES += modes/cts128.c
libcrypto_la_SOURCES += modes/gcm128.c
libcrypto_la_SOURCES += modes/ofb128.c
libcrypto_la_SOURCES += modes/xts128.c
noinst_HEADERS += modes/modes_lcl.h
# objects
libcrypto_la_SOURCES += objects/o_names.c
libcrypto_la_SOURCES += objects/obj_dat.c
libcrypto_la_SOURCES += objects/obj_err.c
libcrypto_la_SOURCES += objects/obj_lib.c
libcrypto_la_SOURCES += objects/obj_xref.c
noinst_HEADERS += objects/obj_dat.h
noinst_HEADERS += objects/obj_xref.h
# ocsp
libcrypto_la_SOURCES += ocsp/ocsp_asn.c
libcrypto_la_SOURCES += ocsp/ocsp_cl.c
libcrypto_la_SOURCES += ocsp/ocsp_err.c
libcrypto_la_SOURCES += ocsp/ocsp_ext.c
libcrypto_la_SOURCES += ocsp/ocsp_ht.c
libcrypto_la_SOURCES += ocsp/ocsp_lib.c
libcrypto_la_SOURCES += ocsp/ocsp_prn.c
libcrypto_la_SOURCES += ocsp/ocsp_srv.c
libcrypto_la_SOURCES += ocsp/ocsp_vfy.c
# pem
libcrypto_la_SOURCES += pem/pem_all.c
libcrypto_la_SOURCES += pem/pem_err.c
libcrypto_la_SOURCES += pem/pem_info.c
libcrypto_la_SOURCES += pem/pem_lib.c
libcrypto_la_SOURCES += pem/pem_oth.c
libcrypto_la_SOURCES += pem/pem_pk8.c
libcrypto_la_SOURCES += pem/pem_pkey.c
libcrypto_la_SOURCES += pem/pem_seal.c
libcrypto_la_SOURCES += pem/pem_sign.c
libcrypto_la_SOURCES += pem/pem_x509.c
libcrypto_la_SOURCES += pem/pem_xaux.c
libcrypto_la_SOURCES += pem/pvkfmt.c
# pkcs12
libcrypto_la_SOURCES += pkcs12/p12_add.c
libcrypto_la_SOURCES += pkcs12/p12_asn.c
libcrypto_la_SOURCES += pkcs12/p12_attr.c
libcrypto_la_SOURCES += pkcs12/p12_crpt.c
libcrypto_la_SOURCES += pkcs12/p12_crt.c
libcrypto_la_SOURCES += pkcs12/p12_decr.c
libcrypto_la_SOURCES += pkcs12/p12_init.c
libcrypto_la_SOURCES += pkcs12/p12_key.c
libcrypto_la_SOURCES += pkcs12/p12_kiss.c
libcrypto_la_SOURCES += pkcs12/p12_mutl.c
libcrypto_la_SOURCES += pkcs12/p12_npas.c
libcrypto_la_SOURCES += pkcs12/p12_p8d.c
libcrypto_la_SOURCES += pkcs12/p12_p8e.c
libcrypto_la_SOURCES += pkcs12/p12_utl.c
libcrypto_la_SOURCES += pkcs12/pk12err.c
# pkcs7
libcrypto_la_SOURCES += pkcs7/bio_pk7.c
libcrypto_la_SOURCES += pkcs7/pk7_asn1.c
libcrypto_la_SOURCES += pkcs7/pk7_attr.c
libcrypto_la_SOURCES += pkcs7/pk7_doit.c
libcrypto_la_SOURCES += pkcs7/pk7_lib.c
libcrypto_la_SOURCES += pkcs7/pk7_mime.c
libcrypto_la_SOURCES += pkcs7/pk7_smime.c
libcrypto_la_SOURCES += pkcs7/pkcs7err.c
# poly1305
EXTRA_libcrypto_la_SOURCES += poly1305/poly1305-donna.c
libcrypto_la_SOURCES += poly1305/poly1305.c
# rand
libcrypto_la_SOURCES += rand/rand_err.c
libcrypto_la_SOURCES += rand/rand_lib.c
libcrypto_la_SOURCES += rand/randfile.c
# rc2
libcrypto_la_SOURCES += rc2/rc2_cbc.c
libcrypto_la_SOURCES += rc2/rc2_ecb.c
libcrypto_la_SOURCES += rc2/rc2_skey.c
libcrypto_la_SOURCES += rc2/rc2cfb64.c
libcrypto_la_SOURCES += rc2/rc2ofb64.c
noinst_HEADERS += rc2/rc2_locl.h
# rc4
noinst_HEADERS += rc4/rc4_locl.h
# ripemd
libcrypto_la_SOURCES += ripemd/rmd_dgst.c
libcrypto_la_SOURCES += ripemd/rmd_one.c
noinst_HEADERS += ripemd/rmd_locl.h
noinst_HEADERS += ripemd/rmdconst.h
# rsa
libcrypto_la_SOURCES += rsa/rsa_ameth.c
libcrypto_la_SOURCES += rsa/rsa_asn1.c
libcrypto_la_SOURCES += rsa/rsa_chk.c
libcrypto_la_SOURCES += rsa/rsa_crpt.c
libcrypto_la_SOURCES += rsa/rsa_depr.c
libcrypto_la_SOURCES += rsa/rsa_eay.c
libcrypto_la_SOURCES += rsa/rsa_err.c
libcrypto_la_SOURCES += rsa/rsa_gen.c
libcrypto_la_SOURCES += rsa/rsa_lib.c
libcrypto_la_SOURCES += rsa/rsa_none.c
libcrypto_la_SOURCES += rsa/rsa_oaep.c
libcrypto_la_SOURCES += rsa/rsa_pk1.c
libcrypto_la_SOURCES += rsa/rsa_pmeth.c
libcrypto_la_SOURCES += rsa/rsa_prn.c
libcrypto_la_SOURCES += rsa/rsa_pss.c
libcrypto_la_SOURCES += rsa/rsa_saos.c
libcrypto_la_SOURCES += rsa/rsa_sign.c
libcrypto_la_SOURCES += rsa/rsa_ssl.c
libcrypto_la_SOURCES += rsa/rsa_x931.c
noinst_HEADERS += rsa/rsa_locl.h
# sha
libcrypto_la_SOURCES += sha/sha1_one.c
libcrypto_la_SOURCES += sha/sha1dgst.c
libcrypto_la_SOURCES += sha/sha256.c
libcrypto_la_SOURCES += sha/sha512.c
libcrypto_la_SOURCES += sha/sha_dgst.c
libcrypto_la_SOURCES += sha/sha_one.c
noinst_HEADERS += sha/sha_locl.h
# stack
libcrypto_la_SOURCES += stack/stack.c
# ts
libcrypto_la_SOURCES += ts/ts_asn1.c
libcrypto_la_SOURCES += ts/ts_conf.c
libcrypto_la_SOURCES += ts/ts_err.c
libcrypto_la_SOURCES += ts/ts_lib.c
libcrypto_la_SOURCES += ts/ts_req_print.c
libcrypto_la_SOURCES += ts/ts_req_utils.c
libcrypto_la_SOURCES += ts/ts_rsp_print.c
libcrypto_la_SOURCES += ts/ts_rsp_sign.c
libcrypto_la_SOURCES += ts/ts_rsp_utils.c
libcrypto_la_SOURCES += ts/ts_rsp_verify.c
libcrypto_la_SOURCES += ts/ts_verify_ctx.c
# txt_db
libcrypto_la_SOURCES += txt_db/txt_db.c
# ui
libcrypto_la_SOURCES += ui/ui_err.c
libcrypto_la_SOURCES += ui/ui_lib.c
if !HOST_WIN
libcrypto_la_SOURCES += ui/ui_openssl.c
endif
if HOST_WIN
libcrypto_la_SOURCES += ui/ui_openssl_win.c
endif
libcrypto_la_SOURCES += ui/ui_util.c
noinst_HEADERS += ui/ui_locl.h
# whrlpool
libcrypto_la_SOURCES += whrlpool/wp_dgst.c
noinst_HEADERS += whrlpool/wp_locl.h
# x509
libcrypto_la_SOURCES += x509/by_dir.c
libcrypto_la_SOURCES += x509/by_file.c
libcrypto_la_SOURCES += x509/by_mem.c
libcrypto_la_SOURCES += x509/x509_att.c
libcrypto_la_SOURCES += x509/x509_cmp.c
libcrypto_la_SOURCES += x509/x509_d2.c
libcrypto_la_SOURCES += x509/x509_def.c
libcrypto_la_SOURCES += x509/x509_err.c
libcrypto_la_SOURCES += x509/x509_ext.c
libcrypto_la_SOURCES += x509/x509_lu.c
libcrypto_la_SOURCES += x509/x509_obj.c
libcrypto_la_SOURCES += x509/x509_r2x.c
libcrypto_la_SOURCES += x509/x509_req.c
libcrypto_la_SOURCES += x509/x509_set.c
libcrypto_la_SOURCES += x509/x509_trs.c
libcrypto_la_SOURCES += x509/x509_txt.c
libcrypto_la_SOURCES += x509/x509_v3.c
libcrypto_la_SOURCES += x509/x509_vfy.c
libcrypto_la_SOURCES += x509/x509_vpm.c
libcrypto_la_SOURCES += x509/x509cset.c
libcrypto_la_SOURCES += x509/x509name.c
libcrypto_la_SOURCES += x509/x509rset.c
libcrypto_la_SOURCES += x509/x509spki.c
libcrypto_la_SOURCES += x509/x509type.c
libcrypto_la_SOURCES += x509/x_all.c
noinst_HEADERS += x509/x509_lcl.h
# x509v3
libcrypto_la_SOURCES += x509v3/pcy_cache.c
libcrypto_la_SOURCES += x509v3/pcy_data.c
libcrypto_la_SOURCES += x509v3/pcy_lib.c
libcrypto_la_SOURCES += x509v3/pcy_map.c
libcrypto_la_SOURCES += x509v3/pcy_node.c
libcrypto_la_SOURCES += x509v3/pcy_tree.c
libcrypto_la_SOURCES += x509v3/v3_akey.c
libcrypto_la_SOURCES += x509v3/v3_akeya.c
libcrypto_la_SOURCES += x509v3/v3_alt.c
libcrypto_la_SOURCES += x509v3/v3_bcons.c
libcrypto_la_SOURCES += x509v3/v3_bitst.c
libcrypto_la_SOURCES += x509v3/v3_conf.c
libcrypto_la_SOURCES += x509v3/v3_cpols.c
libcrypto_la_SOURCES += x509v3/v3_crld.c
libcrypto_la_SOURCES += x509v3/v3_enum.c
libcrypto_la_SOURCES += x509v3/v3_extku.c
libcrypto_la_SOURCES += x509v3/v3_genn.c
libcrypto_la_SOURCES += x509v3/v3_ia5.c
libcrypto_la_SOURCES += x509v3/v3_info.c
libcrypto_la_SOURCES += x509v3/v3_int.c
libcrypto_la_SOURCES += x509v3/v3_lib.c
libcrypto_la_SOURCES += x509v3/v3_ncons.c
libcrypto_la_SOURCES += x509v3/v3_ocsp.c
libcrypto_la_SOURCES += x509v3/v3_pci.c
libcrypto_la_SOURCES += x509v3/v3_pcia.c
libcrypto_la_SOURCES += x509v3/v3_pcons.c
libcrypto_la_SOURCES += x509v3/v3_pku.c
libcrypto_la_SOURCES += x509v3/v3_pmaps.c
libcrypto_la_SOURCES += x509v3/v3_prn.c
libcrypto_la_SOURCES += x509v3/v3_purp.c
libcrypto_la_SOURCES += x509v3/v3_skey.c
libcrypto_la_SOURCES += x509v3/v3_sxnet.c
libcrypto_la_SOURCES += x509v3/v3_utl.c
libcrypto_la_SOURCES += x509v3/v3err.c
noinst_HEADERS += x509v3/ext_dat.h
noinst_HEADERS += x509v3/pcy_int.h

45
crypto/Makefile.am.arc4random
View File

@@ -1,45 +0,0 @@
if !HAVE_ARC4RANDOM_BUF
libcompat_la_SOURCES += compat/arc4random.c
if !HAVE_GETENTROPY
if HOST_AIX
libcompat_la_SOURCES += compat/getentropy_aix.c
endif
if HOST_FREEBSD
libcompat_la_SOURCES += compat/getentropy_freebsd.c
endif
if HOST_HPUX
libcompat_la_SOURCES += compat/getentropy_hpux.c
endif
if HOST_LINUX
libcompat_la_SOURCES += compat/getentropy_linux.c
endif
if HOST_NETBSD
libcompat_la_SOURCES += compat/getentropy_netbsd.c
endif
if HOST_DARWIN
libcompat_la_SOURCES += compat/getentropy_osx.c
endif
if HOST_SOLARIS
libcompat_la_SOURCES += compat/getentropy_solaris.c
endif
if HOST_WIN
libcompat_la_SOURCES += compat/getentropy_win.c
endif
endif
endif
noinst_HEADERS =
noinst_HEADERS += compat/arc4random.h
noinst_HEADERS += compat/arc4random_aix.h
noinst_HEADERS += compat/arc4random_freebsd.h
noinst_HEADERS += compat/arc4random_hpux.h
noinst_HEADERS += compat/arc4random_linux.h
noinst_HEADERS += compat/arc4random_netbsd.h
noinst_HEADERS += compat/arc4random_osx.h
noinst_HEADERS += compat/arc4random_solaris.h
noinst_HEADERS += compat/arc4random_win.h
noinst_HEADERS += compat/chacha_private.h

41
crypto/Makefile.am.elf-x86_64
View File

@@ -1,41 +0,0 @@
ASM_X86_64_ELF = aes/aes-elf-x86_64.s
ASM_X86_64_ELF += aes/bsaes-elf-x86_64.s
ASM_X86_64_ELF += aes/vpaes-elf-x86_64.s
ASM_X86_64_ELF += aes/aesni-elf-x86_64.s
ASM_X86_64_ELF += aes/aesni-sha1-elf-x86_64.s
ASM_X86_64_ELF += bn/modexp512-elf-x86_64.s
ASM_X86_64_ELF += bn/mont-elf-x86_64.s
ASM_X86_64_ELF += bn/mont5-elf-x86_64.s
ASM_X86_64_ELF += bn/gf2m-elf-x86_64.s
ASM_X86_64_ELF += camellia/cmll-elf-x86_64.s
ASM_X86_64_ELF += md5/md5-elf-x86_64.s
ASM_X86_64_ELF += modes/ghash-elf-x86_64.s
ASM_X86_64_ELF += rc4/rc4-elf-x86_64.s
ASM_X86_64_ELF += rc4/rc4-md5-elf-x86_64.s
ASM_X86_64_ELF += sha/sha1-elf-x86_64.s
ASM_X86_64_ELF += sha/sha256-elf-x86_64.S
ASM_X86_64_ELF += sha/sha512-elf-x86_64.S
ASM_X86_64_ELF += whrlpool/wp-elf-x86_64.s
ASM_X86_64_ELF += cpuid-elf-x86_64.S
EXTRA_DIST += $(ASM_X86_64_ELF)
if HOST_ASM_ELF_X86_64
libcrypto_la_CPPFLAGS += -DAES_ASM
libcrypto_la_CPPFLAGS += -DBSAES_ASM
libcrypto_la_CPPFLAGS += -DVPAES_ASM
libcrypto_la_CPPFLAGS += -DOPENSSL_IA32_SSE2
libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_MONT
libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_MONT5
libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_GF2m
libcrypto_la_CPPFLAGS += -DMD5_ASM
libcrypto_la_CPPFLAGS += -DGHASH_ASM
libcrypto_la_CPPFLAGS += -DRSA_ASM
libcrypto_la_CPPFLAGS += -DSHA1_ASM
libcrypto_la_CPPFLAGS += -DSHA256_ASM
libcrypto_la_CPPFLAGS += -DSHA512_ASM
libcrypto_la_CPPFLAGS += -DWHIRLPOOL_ASM
libcrypto_la_CPPFLAGS += -DOPENSSL_CPUID_OBJ
libcrypto_la_SOURCES += $(ASM_X86_64_ELF)
endif

41
crypto/Makefile.am.macosx-x86_64
View File

@@ -1,41 +0,0 @@
ASM_X86_64_MACOSX = aes/aes-macosx-x86_64.s
ASM_X86_64_MACOSX += aes/bsaes-macosx-x86_64.s
ASM_X86_64_MACOSX += aes/vpaes-macosx-x86_64.s
ASM_X86_64_MACOSX += aes/aesni-macosx-x86_64.s
ASM_X86_64_MACOSX += aes/aesni-sha1-macosx-x86_64.s
ASM_X86_64_MACOSX += bn/modexp512-macosx-x86_64.s
ASM_X86_64_MACOSX += bn/mont-macosx-x86_64.s
ASM_X86_64_MACOSX += bn/mont5-macosx-x86_64.s
ASM_X86_64_MACOSX += bn/gf2m-macosx-x86_64.s
ASM_X86_64_MACOSX += camellia/cmll-macosx-x86_64.s
ASM_X86_64_MACOSX += md5/md5-macosx-x86_64.s
ASM_X86_64_MACOSX += modes/ghash-macosx-x86_64.s
ASM_X86_64_MACOSX += rc4/rc4-macosx-x86_64.s
ASM_X86_64_MACOSX += rc4/rc4-md5-macosx-x86_64.s
ASM_X86_64_MACOSX += sha/sha1-macosx-x86_64.s
ASM_X86_64_MACOSX += sha/sha256-macosx-x86_64.S
ASM_X86_64_MACOSX += sha/sha512-macosx-x86_64.S
ASM_X86_64_MACOSX += whrlpool/wp-macosx-x86_64.s
ASM_X86_64_MACOSX += cpuid-macosx-x86_64.S
EXTRA_DIST += $(ASM_X86_64_MACOSX)
if HOST_ASM_MACOSX_X86_64
libcrypto_la_CPPFLAGS += -DAES_ASM
libcrypto_la_CPPFLAGS += -DBSAES_ASM
libcrypto_la_CPPFLAGS += -DVPAES_ASM
libcrypto_la_CPPFLAGS += -DOPENSSL_IA32_SSE2
libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_MONT
libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_MONT5
libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_GF2m
libcrypto_la_CPPFLAGS += -DMD5_ASM
libcrypto_la_CPPFLAGS += -DGHASH_ASM
libcrypto_la_CPPFLAGS += -DRSA_ASM
libcrypto_la_CPPFLAGS += -DSHA1_ASM
libcrypto_la_CPPFLAGS += -DSHA256_ASM
libcrypto_la_CPPFLAGS += -DSHA512_ASM
libcrypto_la_CPPFLAGS += -DWHIRLPOOL_ASM
libcrypto_la_CPPFLAGS += -DOPENSSL_CPUID_OBJ
libcrypto_la_SOURCES += $(ASM_X86_64_MACOSX)
endif

96
crypto/Makefile.am.tpl Normal file
View File

@@ -0,0 +1,96 @@
include $(top_srcdir)/Makefile.am.common
AM_CPPFLAGS += -I$(top_srcdir)/crypto/asn1
AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp
AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes
lib_LTLIBRARIES = libcrypto.la
libcrypto_la_LIBADD = libcompat.la libcompatnoopt.la
libcrypto_la_LDFLAGS = -version-info libcrypto-version
libcrypto_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS) -DOPENSSL_NO_HW_PADLOCK
noinst_LTLIBRARIES = libcompat.la libcompatnoopt.la
# compatibility functions that need to be built without optimizations
libcompatnoopt_la_CFLAGS = -O0
libcompatnoopt_la_SOURCES =
if NO_EXPLICIT_BZERO
libcompatnoopt_la_SOURCES += compat/explicit_bzero.c
endif
# other compatibility functions
libcompat_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS)
libcompat_la_SOURCES =
libcompat_la_LIBADD = $(PLATFORM_LDADD)
if NO_STRLCAT
libcompat_la_SOURCES += compat/strlcat.c
endif
if NO_STRLCPY
libcompat_la_SOURCES += compat/strlcpy.c
endif
if NO_STRNDUP
libcompat_la_SOURCES += compat/strndup.c
if NO_STRNLEN
libcompat_la_SOURCES += compat/strnlen.c
endif
endif
if NO_ASPRINTF
libcompat_la_SOURCES += compat/bsd-asprintf.c
endif
if NO_REALLOCARRAY
libcompat_la_SOURCES += compat/reallocarray.c
endif
if NO_TIMINGSAFE_MEMCMP
libcompat_la_SOURCES += compat/timingsafe_memcmp.c
endif
if NO_TIMINGSAFE_BCMP
libcompat_la_SOURCES += compat/timingsafe_bcmp.c
endif
if NO_ARC4RANDOM_BUF
libcompat_la_SOURCES += compat/arc4random.c
if NO_GETENTROPY
if HOST_LINUX
libcompat_la_SOURCES += compat/getentropy_linux.c
endif
if HOST_DARWIN
libcompat_la_SOURCES += compat/getentropy_osx.c
endif
if HOST_SOLARIS
libcompat_la_SOURCES += compat/getentropy_solaris.c
endif
if HOST_WIN
libcompat_la_SOURCES += compat/getentropy_win.c
endif
endif
endif
if NO_ISSETUGID
if HOST_LINUX
libcompat_la_SOURCES += compat/issetugid_linux.c
endif
if HOST_WIN
libcompat_la_SOURCES += compat/issetugid_win.c
endif
endif
noinst_HEADERS = des/ncbc_enc.c
noinst_HEADERS += compat/arc4random.h
noinst_HEADERS += compat/arc4random_linux.h
noinst_HEADERS += compat/arc4random_osx.h
noinst_HEADERS += compat/arc4random_solaris.h
noinst_HEADERS += compat/arc4random_win.h
noinst_HEADERS += compat/chacha_private.h
libcrypto_la_SOURCES =
EXTRA_libcrypto_la_SOURCES =

22
crypto/compat/arc4random.h
View File

@@ -1,30 +1,13 @@
#ifndef LIBCRYPTOCOMPAT_ARC4RANDOM_H #if defined(__linux__)
#define LIBCRYPTOCOMPAT_ARC4RANDOM_H
#include <sys/param.h>
#if defined(_AIX)
#include "arc4random_aix.h"
#elif defined(__FreeBSD__)
#include "arc4random_freebsd.h"
#elif defined(__hpux)
#include "arc4random_hpux.h"
#elif defined(__linux__)
#include "arc4random_linux.h" #include "arc4random_linux.h"
#elif defined(__NetBSD__)
#include "arc4random_netbsd.h"
#elif defined(__APPLE__) #elif defined(__APPLE__)
#include "arc4random_osx.h" #include "arc4random_osx.h"
#elif defined(__sun) #elif defined(__sun)
#include "arc4random_solaris.h" #include "arc4random_solaris.h"
#elif defined(_WIN32) #elif defined(__WIN32)
#include "arc4random_win.h" #include "arc4random_win.h"
#else #else
@@ -32,4 +15,3 @@
#endif #endif
#endif

54
crypto/compat/b_win.c
View File

@@ -1,54 +0,0 @@
/*
* Public domain
*
* Dongsheng Song <dongsheng.song@gmail.com>
* Brent Cook <bcook@openbsd.org>
*/
#include <ws2tcpip.h>
#include <openssl/bio.h>
#include <openssl/err.h>
int
BIO_sock_init(void)
{
/*
* WSAStartup loads the winsock .dll and initializes the networking
* stack on Windows, or simply increases the reference count.
*/
static struct WSAData wsa_state = {0};
WORD version_requested = MAKEWORD(2, 2);
static int wsa_init_done = 0;
if (!wsa_init_done) {
if (WSAStartup(version_requested, &wsa_state) != 0) {
int err = WSAGetLastError();
SYSerr(SYS_F_WSASTARTUP, err);
BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
return (-1);
}
wsa_init_done = 1;
}
return (1);
}
void
BIO_sock_cleanup(void)
{
/*
* We could call WSACleanup here, but it is easy to get it wrong. Since
* this API provides no way to even tell if it failed, there is no safe
* way to expose that functionality here.
*
* The cost of leaving the networking DLLs loaded may have been large
* during the Windows 3.1/win32s era, but it is small in modern
* contexts, so don't bother.
*/
}
int
BIO_socket_nbio(int s, int mode)
{
u_long value = mode;
return ioctlsocket(s, FIONBIO, &value) != SOCKET_ERROR;
}

4
crypto/compat/bsd-asprintf.c
View File

@@ -17,7 +17,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
#ifndef HAVE_ASPRINTF #ifndef HAVE_VASPRINTF
#include <errno.h> #include <errno.h>
#include <limits.h> /* for INT_MAX */ #include <limits.h> /* for INT_MAX */
@@ -80,7 +80,9 @@ fail:
errno = ENOMEM; errno = ENOMEM;
return (-1); return (-1);
} }
#endif
#ifndef HAVE_ASPRINTF
int asprintf(char **str, const char *fmt, ...) int asprintf(char **str, const char *fmt, ...)
{ {
va_list ap; va_list ap;

13
crypto/compat/explicit_bzero_win.c
View File

@@ -1,13 +0,0 @@
/*
* Public domain.
* Win32 explicit_bzero compatibility shim.
*/
#include <windows.h>
#include <string.h>
void
explicit_bzero(void *buf, size_t len)
{
SecureZeroMemory(buf, len);
}

212
crypto/compat/inet_pton.c
View File

@@ -1,212 +0,0 @@
/* $OpenBSD: inet_pton.c,v 1.9 2015/01/16 16:48:51 deraadt Exp $ */
/* Copyright (c) 1996 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <arpa/nameser.h>
#include <string.h>
#include <errno.h>
/*
* WARNING: Don't even consider trying to compile this on a system where
* sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
*/
static int inet_pton4(const char *src, u_char *dst);
static int inet_pton6(const char *src, u_char *dst);
/* int
* inet_pton(af, src, dst)
* convert from presentation format (which usually means ASCII printable)
* to network format (which is usually some kind of binary format).
* return:
* 1 if the address was valid for the specified address family
* 0 if the address wasn't valid (`dst' is untouched in this case)
* -1 if some other error occurred (`dst' is untouched in this case, too)
* author:
* Paul Vixie, 1996.
*/
int
inet_pton(int af, const char *src, void *dst)
{
switch (af) {
case AF_INET:
return (inet_pton4(src, dst));
case AF_INET6:
return (inet_pton6(src, dst));
default:
errno = EAFNOSUPPORT;
return (-1);
}
/* NOTREACHED */
}
/* int
* inet_pton4(src, dst)
* like inet_aton() but without all the hexadecimal and shorthand.
* return:
* 1 if `src' is a valid dotted quad, else 0.
* notice:
* does not touch `dst' unless it's returning 1.
* author:
* Paul Vixie, 1996.
*/
static int
inet_pton4(const char *src, u_char *dst)
{
static const char digits[] = "0123456789";
int saw_digit, octets, ch;
u_char tmp[INADDRSZ], *tp;
saw_digit = 0;
octets = 0;
*(tp = tmp) = 0;
while ((ch = *src++) != '\0') {
const char *pch;
if ((pch = strchr(digits, ch)) != NULL) {
u_int new = *tp * 10 + (pch - digits);
if (new > 255)
return (0);
if (! saw_digit) {
if (++octets > 4)
return (0);
saw_digit = 1;
}
*tp = new;
} else if (ch == '.' && saw_digit) {
if (octets == 4)
return (0);
*++tp = 0;
saw_digit = 0;
} else
return (0);
}
if (octets < 4)
return (0);
memcpy(dst, tmp, INADDRSZ);
return (1);
}
/* int
* inet_pton6(src, dst)
* convert presentation level address to network order binary form.
* return:
* 1 if `src' is a valid [RFC1884 2.2] address, else 0.
* notice:
* does not touch `dst' unless it's returning 1.
* credit:
* inspired by Mark Andrews.
* author:
* Paul Vixie, 1996.
*/
static int
inet_pton6(const char *src, u_char *dst)
{
static const char xdigits_l[] = "0123456789abcdef",
xdigits_u[] = "0123456789ABCDEF";
u_char tmp[IN6ADDRSZ], *tp, *endp, *colonp;
const char *xdigits, *curtok;
int ch, saw_xdigit, count_xdigit;
u_int val;
memset((tp = tmp), '\0', IN6ADDRSZ);
endp = tp + IN6ADDRSZ;
colonp = NULL;
/* Leading :: requires some special handling. */
if (*src == ':')
if (*++src != ':')
return (0);
curtok = src;
saw_xdigit = count_xdigit = 0;
val = 0;
while ((ch = *src++) != '\0') {
const char *pch;
if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
pch = strchr((xdigits = xdigits_u), ch);
if (pch != NULL) {
if (count_xdigit >= 4)
return (0);
val <<= 4;
val |= (pch - xdigits);
if (val > 0xffff)
return (0);
saw_xdigit = 1;
count_xdigit++;
continue;
}
if (ch == ':') {
curtok = src;
if (!saw_xdigit) {
if (colonp)
return (0);
colonp = tp;
continue;
} else if (*src == '\0') {
return (0);
}
if (tp + INT16SZ > endp)
return (0);
*tp++ = (u_char) (val >> 8) & 0xff;
*tp++ = (u_char) val & 0xff;
saw_xdigit = 0;
count_xdigit = 0;
val = 0;
continue;
}
if (ch == '.' && ((tp + INADDRSZ) <= endp) &&
inet_pton4(curtok, tp) > 0) {
tp += INADDRSZ;
saw_xdigit = 0;
count_xdigit = 0;
break; /* '\0' was seen by inet_pton4(). */
}
return (0);
}
if (saw_xdigit) {
if (tp + INT16SZ > endp)
return (0);
*tp++ = (u_char) (val >> 8) & 0xff;
*tp++ = (u_char) val & 0xff;
}
if (colonp != NULL) {
/*
* Since some memmove()'s erroneously fail to handle
* overlapping regions, we'll do the shift by hand.
*/
const int n = tp - colonp;
int i;
if (tp == endp)
return (0);
for (i = 1; i <= n; i++) {
endp[- i] = colonp[n - i];
colonp[n - i] = 0;
}
tp = endp;
}
if (tp != endp)
return (0);
memcpy(dst, tmp, IN6ADDRSZ);
return (1);
}

47
crypto/compat/issetugid_linux.c Normal file
View File

@@ -0,0 +1,47 @@
/*
* issetugid implementation for Linux
* Public domain
*/
#include <errno.h>
#include <gnu/libc-version.h>
#include <string.h>
#include <sys/types.h>
#include <unistd.h>
/*
* Linux-specific glibc 2.16+ interface for determining if a process was
* launched setuid/setgid or with additional capabilities.
*/
#ifdef HAVE_GETAUXVAL
#include <sys/auxv.h>
#endif
int issetugid(void)
{
#ifdef HAVE_GETAUXVAL
/*
* The API for glibc < 2.19 does not indicate if there is an error with
* getauxval. While it should not be the case that any 2.6 or greater
* kernel ever does not supply AT_SECURE, an emulated software environment
* might rewrite the aux vector.
*
* See https://sourceware.org/bugzilla/show_bug.cgi?id=15846
*
* Perhaps this code should just read the aux vector itself, so we have
* backward-compatibility and error handling in older glibc versions.
* info: http://lwn.net/Articles/519085/
*
*/
const char *glcv = gnu_get_libc_version();
if (strverscmp(glcv, "2.19") >= 0) {
errno = 0;
if (getauxval(AT_SECURE) == 0) {
if (errno != ENOENT) {
return 0;
}
}
}
#endif
return 1;
}

26
crypto/compat/issetugid_win.c Normal file
View File

@@ -0,0 +1,26 @@
/*
* issetugid implementation for Windows
* Public domain
*/
#include <unistd.h>
/*
* Windows does not have a native setuid/setgid functionality.
* A user must enter credentials each time a process elevates its
* privileges.
*
* So, in theory, this could always return 0, given what I know currently.
* However, it makes sense to stub out initially in 'safe' mode until we
* understand more (and determine if any disabled functionality is actually
* useful on Windows anyway).
*
* Future versions of this function that are made more 'open' should thoroughly
* consider the case of this code running as a privileged service with saved
* user credentials or privilege escalations by other means (e.g. the old
* RunAsEx utility.)
*/
int issetugid(void)
{
return 1;
}

199
crypto/compat/posix_win.c
View File

@@ -1,199 +0,0 @@
/*
* Public domain
*
* BSD socket emulation code for Winsock2
* File IO compatibility shims
* Brent Cook <bcook@openbsd.org>
*/
#define NO_REDEF_POSIX_FUNCTIONS
#include <windows.h>
#include <ws2tcpip.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
void
posix_perror(const char *s)
{
fprintf(stderr, "%s: %s\n", s, strerror(errno));
}
FILE *
posix_fopen(const char *path, const char *mode)
{
if (strchr(mode, 'b') == NULL) {
char *bin_mode = NULL;
if (asprintf(&bin_mode, "%sb", mode) == -1)
return NULL;
FILE *f = fopen(path, bin_mode);
free(bin_mode);
return f;
}
return fopen(path, mode);
}
int
posix_rename(const char *oldpath, const char *newpath)
{
return MoveFileEx(oldpath, newpath, MOVEFILE_REPLACE_EXISTING) ? 0 : -1;
}
static int
wsa_errno(int err)
{
switch (err) {
case WSAENOBUFS:
errno = ENOMEM;
break;
case WSAEACCES:
errno = EACCES;
break;
case WSANOTINITIALISED:
errno = EPERM;
break;
case WSAEHOSTUNREACH:
case WSAENETDOWN:
errno = EIO;
break;
case WSAEFAULT:
errno = EFAULT;
break;
case WSAEINTR:
errno = EINTR;
break;
case WSAEINVAL:
errno = EINVAL;
break;
case WSAEINPROGRESS:
errno = EINPROGRESS;
break;
case WSAEWOULDBLOCK:
errno = EAGAIN;
break;
case WSAEOPNOTSUPP:
errno = ENOTSUP;
break;
case WSAEMSGSIZE:
errno = EFBIG;
break;
case WSAENOTSOCK:
errno = ENOTSOCK;
break;
case WSAENOPROTOOPT:
errno = ENOPROTOOPT;
break;
case WSAECONNREFUSED:
errno = ECONNREFUSED;
break;
case WSAEAFNOSUPPORT:
errno = EAFNOSUPPORT;
break;
case WSAENETRESET:
case WSAENOTCONN:
case WSAECONNABORTED:
case WSAECONNRESET:
case WSAESHUTDOWN:
case WSAETIMEDOUT:
errno = EPIPE;
break;
}
return -1;
}
int
posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen)
{
int rc = connect(sockfd, addr, addrlen);
if (rc == SOCKET_ERROR)
return wsa_errno(WSAGetLastError());
return rc;
}
int
posix_close(int fd)
{
if (closesocket(fd) == SOCKET_ERROR) {
int err = WSAGetLastError();
return err == WSAENOTSOCK ?
close(fd) : wsa_errno(err);
}
return 0;
}
ssize_t
posix_read(int fd, void *buf, size_t count)
{
ssize_t rc = recv(fd, buf, count, 0);
if (rc == SOCKET_ERROR) {
int err = WSAGetLastError();
return err == WSAENOTSOCK ?
read(fd, buf, count) : wsa_errno(err);
}
return rc;
}
ssize_t
posix_write(int fd, const void *buf, size_t count)
{
ssize_t rc = send(fd, buf, count, 0);
if (rc == SOCKET_ERROR) {
int err = WSAGetLastError();
return err == WSAENOTSOCK ?
write(fd, buf, count) : wsa_errno(err);
}
return rc;
}
int
posix_getsockopt(int sockfd, int level, int optname,
void *optval, socklen_t *optlen)
{
int rc = getsockopt(sockfd, level, optname, (char *)optval, optlen);
return rc == 0 ? 0 : wsa_errno(WSAGetLastError());
}
int
posix_setsockopt(int sockfd, int level, int optname,
const void *optval, socklen_t optlen)
{
int rc = setsockopt(sockfd, level, optname, (char *)optval, optlen);
return rc == 0 ? 0 : wsa_errno(WSAGetLastError());
}
#ifdef _MSC_VER
int gettimeofday(struct timeval * tp, struct timezone * tzp)
{
/*
* Note: some broken versions only have 8 trailing zero's, the correct
* epoch has 9 trailing zero's
*/
static const uint64_t EPOCH = ((uint64_t) 116444736000000000ULL);
SYSTEMTIME system_time;
FILETIME file_time;
uint64_t time;
GetSystemTime(&system_time);
SystemTimeToFileTime(&system_time, &file_time);
time = ((uint64_t)file_time.dwLowDateTime);
time += ((uint64_t)file_time.dwHighDateTime) << 32;
tp->tv_sec = (long)((time - EPOCH) / 10000000L);
tp->tv_usec = (long)(system_time.wMilliseconds * 1000);
return 0;
}
unsigned int sleep(unsigned int seconds)
{
Sleep(seconds * 1000);
return seconds;
}
#endif

367
crypto/compat/ui_openssl_win.c
View File

@@ -1,367 +0,0 @@
/* $OpenBSD: ui_openssl.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */
/* Written by Richard Levitte (richard@levitte.org) and others
* for the OpenSSL project 2001.
*/
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* The lowest level part of this file was previously in crypto/des/read_pwd.c,
* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <sys/ioctl.h>
#include <openssl/opensslconf.h>
#include <errno.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "ui_locl.h"
#ifndef NX509_SIG
#define NX509_SIG 32
#endif
/* Define globals. They are protected by a lock */
static void (*savsig[NX509_SIG])(int );
DWORD console_mode;
static FILE *tty_in, *tty_out;
static int is_a_tty;
/* Declare static functions */
static int read_till_nl(FILE *);
static void recsig(int);
static void pushsig(void);
static void popsig(void);
static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
static int read_string(UI *ui, UI_STRING *uis);
static int write_string(UI *ui, UI_STRING *uis);
static int open_console(UI *ui);
static int echo_console(UI *ui);
static int noecho_console(UI *ui);
static int close_console(UI *ui);
static UI_METHOD ui_openssl = {
.name = "OpenSSL default user interface",
.ui_open_session = open_console,
.ui_write_string = write_string,
.ui_read_string = read_string,
.ui_close_session = close_console,
};
/* The method with all the built-in thingies */
UI_METHOD *
UI_OpenSSL(void)
{
return &ui_openssl;
}
/* The following function makes sure that info and error strings are printed
before any prompt. */
static int
write_string(UI *ui, UI_STRING *uis)
{
switch (UI_get_string_type(uis)) {
case UIT_ERROR:
case UIT_INFO:
fputs(UI_get0_output_string(uis), tty_out);
fflush(tty_out);
break;
default:
break;
}
return 1;
}
static int
read_string(UI *ui, UI_STRING *uis)
{
int ok = 0;
switch (UI_get_string_type(uis)) {
case UIT_BOOLEAN:
fputs(UI_get0_output_string(uis), tty_out);
fputs(UI_get0_action_string(uis), tty_out);
fflush(tty_out);
return read_string_inner(ui, uis,
UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 0);
case UIT_PROMPT:
fputs(UI_get0_output_string(uis), tty_out);
fflush(tty_out);
return read_string_inner(ui, uis,
UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1);
case UIT_VERIFY:
fprintf(tty_out, "Verifying - %s",
UI_get0_output_string(uis));
fflush(tty_out);
if ((ok = read_string_inner(ui, uis, UI_get_input_flags(uis) &
UI_INPUT_FLAG_ECHO, 1)) <= 0)
return ok;
if (strcmp(UI_get0_result_string(uis),
UI_get0_test_string(uis)) != 0) {
fprintf(tty_out, "Verify failure\n");
fflush(tty_out);
return 0;
}
break;
default:
break;
}
return 1;
}
/* Internal functions to read a string without echoing */
static int
read_till_nl(FILE *in)
{
#define SIZE 4
char buf[SIZE + 1];
do {
if (!fgets(buf, SIZE, in))
return 0;
} while (strchr(buf, '\n') == NULL);
return 1;
}
static volatile sig_atomic_t intr_signal;
static int
read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
{
static int ps;
int ok;
char result[BUFSIZ];
int maxsize = BUFSIZ - 1;
char *p;
intr_signal = 0;
ok = 0;
ps = 0;
pushsig();
ps = 1;
if (!echo && !noecho_console(ui))
goto error;
ps = 2;
result[0] = '\0';
p = fgets(result, maxsize, tty_in);
if (!p)
goto error;
if (feof(tty_in))
goto error;
if (ferror(tty_in))
goto error;
if ((p = strchr(result, '\n')) != NULL) {
if (strip_nl)
*p = '\0';
} else if (!read_till_nl(tty_in))
goto error;
if (UI_set_result(ui, uis, result) >= 0)
ok = 1;
error:
if (intr_signal == SIGINT)
ok = -1;
if (!echo)
fprintf(tty_out, "\n");
if (ps >= 2 && !echo && !echo_console(ui))
ok = 0;
if (ps >= 1)
popsig();
OPENSSL_cleanse(result, BUFSIZ);
return ok;
}
/* Internal functions to open, handle and close a channel to the console. */
static int
open_console(UI *ui)
{
CRYPTO_w_lock(CRYPTO_LOCK_UI);
is_a_tty = 1;
tty_in = stdin;
tty_out = stderr;
HANDLE handle = GetStdHandle(STD_INPUT_HANDLE);
if (handle != INVALID_HANDLE_VALUE)
return GetConsoleMode(handle, &console_mode);
return 0;
}
static int
noecho_console(UI *ui)
{
HANDLE handle = GetStdHandle(STD_INPUT_HANDLE);
if (handle != INVALID_HANDLE_VALUE)
return SetConsoleMode(handle, console_mode & ~ENABLE_ECHO_INPUT);
return 0;
}
static int
echo_console(UI *ui)
{
HANDLE handle = GetStdHandle(STD_INPUT_HANDLE);
if (handle != INVALID_HANDLE_VALUE)
return SetConsoleMode(handle, console_mode);
return 0;
}
static int
close_console(UI *ui)
{
if (tty_in != stdin)
fclose(tty_in);
if (tty_out != stderr)
fclose(tty_out);
CRYPTO_w_unlock(CRYPTO_LOCK_UI);
return 1;
}
/* Internal functions to handle signals and act on them */
static void
pushsig(void)
{
savsig[SIGABRT] = signal(SIGABRT, recsig);
savsig[SIGFPE] = signal(SIGFPE, recsig);
savsig[SIGILL] = signal(SIGILL, recsig);
savsig[SIGINT] = signal(SIGINT, recsig);
savsig[SIGSEGV] = signal(SIGSEGV, recsig);
savsig[SIGTERM] = signal(SIGTERM, recsig);
}
static void
popsig(void)
{
signal(SIGABRT, savsig[SIGABRT]);
signal(SIGFPE, savsig[SIGFPE]);
signal(SIGILL, savsig[SIGILL]);
signal(SIGINT, savsig[SIGINT]);
signal(SIGSEGV, savsig[SIGSEGV]);
signal(SIGTERM, savsig[SIGTERM]);
}
static void
recsig(int i)
{
intr_signal = i;
}

57
dist-win.sh
View File

@@ -1,57 +0,0 @@
#!/bin/bash
set -e
#set -x
export PATH=/cygdrive/c/Program\ Files\ \(x86\)/Microsoft\ Visual\ Studio\ 12.0/VC/bin:$PATH
VERSION=`cat VERSION`
DIST=libressl-$VERSION-windows
rm -fr $DIST
mkdir -p $DIST
autoreconf -i
for ARCH in X86 X64; do
if [ $ARCH = X86 ]; then
HOST=i686-w64-mingw32
ARCHDIR=x86
else
HOST=x86_64-w64-mingw32
ARCHDIR=x64
fi
echo Building for $HOST
CC=$HOST-gcc ./configure --host=$HOST
make clean
PATH=$PATH:/usr/$HOST/sys-root/mingw/bin \
make -j 4 check
make -j 4 install DESTDIR=`pwd`/stage-$ARCHDIR
mkdir -p $DIST/$ARCHDIR
#cp -a stage-$ARCHDIR/usr/local/lib/* $DIST/$ARCHDIR
if [ ! -e $DIST/include ]; then
cp -a stage-$ARCHDIR/usr/local/include $DIST
sed -i -e 'N;/\n.*__non/s/"\? *\n/ /;P;D' \
$DIST/include/openssl/*.h $DIST/include/*.h
sed -i -e 'N;/\n.*__attr/s/"\? *\n/ /;P;D' \
$DIST/include/openssl/*.h $DIST/include/*.h
sed -i -e "s/__attr.*;/;/" \
-e "s/sys\/time.h/winsock2.h/" \
$DIST/include/openssl/*.h $DIST/include/*.h
fi
cp stage-$ARCHDIR/usr/local/bin/* $DIST/$ARCHDIR
#cp /usr/$HOST/sys-root/mingw/bin/libssp* $DIST/$ARCHDIR
for i in libcrypto libssl libtls; do
DLL=$(basename `ls -1 $DIST/$ARCHDIR/$i*.dll`|cut -d. -f1)
echo EXPORTS > $DLL.def
dumpbin /exports $DIST/$ARCHDIR/$DLL.dll | \
awk '{print $4}' | awk 'NF' |tail -n +9 >> $DLL.def
lib /MACHINE:$ARCH /def:$DLL.def /out:$DIST/$ARCHDIR/$DLL.lib
cv2pdb $DIST/$ARCHDIR/$DLL.dll
done
done
zip -r $DIST.zip $DIST

3
dist.sh
View File

@@ -1,7 +1,6 @@
#!/bin/sh #!/bin/sh
set -e set -e
rm -f man/*.1 man/*.3 include/openssl/*.h
./autogen.sh ./autogen.sh
./configure ./configure
make distcheck make dist

43
gen-coverage-report.sh
View File

@@ -1,43 +0,0 @@
#!/bin/sh
VERSION=$(cat VERSION)
DESTDIR=libressl-coverage-$VERSION
echo "This will generate a code coverage report under $DESTDIR"
echo
if [ "x$(which lcov)" = "x" ]; then
echo "'lcov' is required but not found!"
exit 1
fi
if [ "x$(which genhtml)" = "x" ]; then
echo "'genhtml' is required but not found!"
exit 1
fi
find -name '*.gcda' -o -name '*.gcno' -delete
rm -fr $DESTDIR
echo "Configuring to build with code coverage support"
./configure CFLAGS='-O0 -fprofile-arcs -ftest-coverage'
echo "Running all code paths"
make clean
make check
echo "Generating report"
mkdir -p $DESTDIR
find tests -name '*.gcda' -o -name '*.gcno' -delete
lcov --capture --output-file $DESTDIR/coverage.tmp \
--rc lcov_branch_coverage=1 \
--directory crypto \
--directory ssl \
--directory tls \
--test-name "LibreSSL $VERSION"
genhtml --prefix . --output-directory $DESTDIR \
--branch-coverage --function-coverage \
--rc lcov_branch_coverage=1 \
--title "LibreSSL $VERSION" --legend --show-detail $DESTDIR/coverage.tmp
echo "Code coverage report is available under $DESTDIR"

5
include/CMakeLists.txt
View File

@@ -1,5 +0,0 @@
install(DIRECTORY .
DESTINATION include
PATTERN "CMakeLists.txt" EXCLUDE
PATTERN "compat" EXCLUDE
PATTERN "Makefile.*" EXCLUDE)

46
include/Makefile.am
View File

@@ -1,39 +1,11 @@
include $(top_srcdir)/Makefile.am.common
EXTRA_DIST = CMakeLists.txt
SUBDIRS = openssl SUBDIRS = openssl
noinst_HEADERS = pqueue.h noinst_HEADERS = err.h
noinst_HEADERS += compat/dirent.h noinst_HEADERS += pqueue.h
noinst_HEADERS += compat/dirent_msvc.h noinst_HEADERS += stdio.h
noinst_HEADERS += compat/err.h noinst_HEADERS += stdlib.h
noinst_HEADERS += compat/netdb.h noinst_HEADERS += string.h
noinst_HEADERS += compat/poll.h noinst_HEADERS += unistd.h
noinst_HEADERS += compat/stdio.h noinst_HEADERS += machine/endian.h
noinst_HEADERS += compat/stdlib.h noinst_HEADERS += sys/mman.h
noinst_HEADERS += compat/string.h noinst_HEADERS += sys/types.h
noinst_HEADERS += compat/time.h
noinst_HEADERS += compat/unistd.h
noinst_HEADERS += compat/win32netcompat.h
noinst_HEADERS += compat/arpa/inet.h
noinst_HEADERS += compat/arpa/nameser.h
noinst_HEADERS += compat/machine/endian.h
noinst_HEADERS += compat/netinet/in.h
noinst_HEADERS += compat/netinet/tcp.h
noinst_HEADERS += compat/sys/cdefs.h
noinst_HEADERS += compat/sys/ioctl.h
noinst_HEADERS += compat/sys/mman.h
noinst_HEADERS += compat/sys/param.h
noinst_HEADERS += compat/sys/select.h
noinst_HEADERS += compat/sys/stat.h
noinst_HEADERS += compat/sys/socket.h
noinst_HEADERS += compat/sys/time.h
noinst_HEADERS += compat/sys/types.h
noinst_HEADERS += compat/sys/uio.h
include_HEADERS = tls.h

19
include/compat/arpa/inet.h
View File

@@ -1,19 +0,0 @@
/*
* Public domain
* arpa/inet.h compatibility shim
*/
#ifndef _WIN32
#include_next <arpa/inet.h>
#else
#include <win32netcompat.h>
#ifndef AI_ADDRCONFIG
#define AI_ADDRCONFIG 0x00000400
#endif
#endif
#ifndef HAVE_INET_PTON
int inet_pton(int af, const char * src, void * dst);
#endif

23
include/compat/arpa/nameser.h
View File

@@ -1,23 +0,0 @@
/*
* Public domain
* arpa/inet.h compatibility shim
*/
#ifndef _WIN32
#include_next <arpa/nameser.h>
#else
#include <win32netcompat.h>
#ifndef INADDRSZ
#define INADDRSZ 4
#endif
#ifndef IN6ADDRSZ
#define IN6ADDRSZ 16
#endif
#ifndef INT16SZ
#define INT16SZ 2
#endif
#endif

17
include/compat/dirent.h
View File

@@ -1,17 +0,0 @@
/*
* Public domain
* dirent.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_DIRENT_H
#define LIBCRYPTOCOMPAT_DIRENT_H
#ifdef _MSC_VER
#include <windows.h>
#include <dirent_msvc.h>
#else
#include_next <dirent.h>
#endif
#endif

611
include/compat/dirent_msvc.h
View File

@@ -1,611 +0,0 @@
/*
* dirent.h - dirent API for Microsoft Visual Studio
*
* Copyright (C) 2006-2012 Toni Ronkko
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* ``Software''), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED ``AS IS'', WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
* IN NO EVENT SHALL TONI RONKKO BE LIABLE FOR ANY CLAIM, DAMAGES OR
* OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
* OTHER DEALINGS IN THE SOFTWARE.
*
* $Id: dirent.h,v 1.20 2014/03/19 17:52:23 tronkko Exp $
*/
#ifndef DIRENT_MSVC_H
#define DIRENT_MSVC_H
#include <windows.h>
#if _MSC_VER >= 1900
#include <../ucrt/stdio.h>
#include <../ucrt/wchar.h>
#include <../ucrt/string.h>
#include <../ucrt/stdlib.h>
#include <../ucrt/sys/types.h>
#include <../ucrt/errno.h>
#else
#include <../include/stdio.h>
#include <../include/wchar.h>
#include <../include/string.h>
#include <../include/stdlib.h>
#include <../include/sys/types.h>
#include <../include/errno.h>
#endif
#include <stdarg.h>
#include <sys/stat.h>
/* Indicates that d_type field is available in dirent structure */
#define _DIRENT_HAVE_D_TYPE
/* Indicates that d_namlen field is available in dirent structure */
#define _DIRENT_HAVE_D_NAMLEN
/* Maximum length of file name */
#if !defined(PATH_MAX)
# define PATH_MAX MAX_PATH
#endif
#if !defined(FILENAME_MAX)
# define FILENAME_MAX MAX_PATH
#endif
#if !defined(NAME_MAX)
# define NAME_MAX FILENAME_MAX
#endif
/* Return the exact length of d_namlen without zero terminator */
#define _D_EXACT_NAMLEN(p)((p)->d_namlen)
/* Return number of bytes needed to store d_namlen */
#define _D_ALLOC_NAMLEN(p)(PATH_MAX)
/* Wide-character version */
struct _wdirent {
long d_ino; /* Always zero */
unsigned short d_reclen; /* Structure size */
size_t d_namlen; /* Length of name without \0 */
int d_type; /* File type */
wchar_t d_name[PATH_MAX]; /* File name */
};
typedef struct _wdirent _wdirent;
struct _WDIR {
struct _wdirent ent; /* Current directory entry */
WIN32_FIND_DATAW data; /* Private file data */
int cached; /* True if data is valid */
HANDLE handle; /* Win32 search handle */
wchar_t *patt; /* Initial directory name */
};
typedef struct _WDIR _WDIR;
static _WDIR *_wopendir(const wchar_t *dirname);
static struct _wdirent *_wreaddir(_WDIR *dirp);
static int _wclosedir(_WDIR *dirp);
static void _wrewinddir(_WDIR* dirp);
/* Multi-byte character versions */
struct dirent {
long d_ino; /* Always zero */
unsigned short d_reclen; /* Structure size */
size_t d_namlen; /* Length of name without \0 */
int d_type; /* File type */
char d_name[PATH_MAX]; /* File name */
};
typedef struct dirent dirent;
struct DIR {
struct dirent ent;
struct _WDIR *wdirp;
};
typedef struct DIR DIR;
static DIR *opendir(const char *dirname);
static struct dirent *readdir(DIR *dirp);
static int closedir(DIR *dirp);
static void rewinddir(DIR* dirp);
/* Internal utility functions */
static WIN32_FIND_DATAW *dirent_first(_WDIR *dirp);
static WIN32_FIND_DATAW *dirent_next(_WDIR *dirp);
static int dirent_mbstowcs_s(
size_t *pReturnValue,
wchar_t *wcstr,
size_t sizeInWords,
const char *mbstr,
size_t count);
static int dirent_wcstombs_s(
size_t *pReturnValue,
char *mbstr,
size_t sizeInBytes,
const wchar_t *wcstr,
size_t count);
/*
* Open directory stream DIRNAME for read and return a pointer to the
* internal working area that is used to retrieve individual directory
* entries.
*/
static _WDIR*
_wopendir(const wchar_t *dirname)
{
_WDIR *dirp = NULL;
int error;
/* Must have directory name */
if (dirname == NULL || dirname[0] == '\0') {
_set_errno(ENOENT);
return NULL;
}
/* Allocate new _WDIR structure */
dirp =(_WDIR*) malloc(sizeof(struct _WDIR));
if (dirp != NULL) {
DWORD n;
/* Reset _WDIR structure */
dirp->handle = INVALID_HANDLE_VALUE;
dirp->patt = NULL;
dirp->cached = 0;
/* Compute the length of full path plus zero terminator */
n = GetFullPathNameW(dirname, 0, NULL, NULL);
/* Allocate room for absolute directory name and search pattern */
dirp->patt =(wchar_t*) malloc(sizeof(wchar_t) * n + 16);
if (dirp->patt) {
/*
* Convert relative directory name to an absolute one. This
* allows rewinddir() to function correctly even when current
* working directory is changed between opendir() and rewinddir().
*/
n = GetFullPathNameW(dirname, n, dirp->patt, NULL);
if (n > 0) {
wchar_t *p;
/* Append search pattern \* to the directory name */
p = dirp->patt + n;
if (dirp->patt < p) {
switch(p[-1]) {
case '\\':
case '/':
case ':':
/* Directory ends in path separator, e.g. c:\temp\ */
/*NOP*/;
break;
default:
/* Directory name doesn't end in path separator */
*p++ = '\\';
}
}
*p++ = '*';
*p = '\0';
/* Open directory stream and retrieve the first entry */
if (dirent_first(dirp)) {
/* Directory stream opened successfully */
error = 0;
} else {
/* Cannot retrieve first entry */
error = 1;
_set_errno(ENOENT);
}
} else {
/* Cannot retrieve full path name */
_set_errno(ENOENT);
error = 1;
}
} else {
/* Cannot allocate memory for search pattern */
error = 1;
}
} else {
/* Cannot allocate _WDIR structure */
error = 1;
}
/* Clean up in case of error */
if (error && dirp) {
_wclosedir(dirp);
dirp = NULL;
}
return dirp;
}
/*
* Read next directory entry. The directory entry is returned in dirent
* structure in the d_name field. Individual directory entries returned by
* this function include regular files, sub-directories, pseudo-directories
* "." and ".." as well as volume labels, hidden files and system files.
*/
static struct _wdirent*
_wreaddir(_WDIR *dirp)
{
WIN32_FIND_DATAW *datap;
struct _wdirent *entp;
/* Read next directory entry */
datap = dirent_next(dirp);
if (datap) {
size_t n;
DWORD attr;
/* Pointer to directory entry to return */
entp = &dirp->ent;
/*
* Copy file name as wide-character string. If the file name is too
* long to fit in to the destination buffer, then truncate file name
* to PATH_MAX characters and zero-terminate the buffer.
*/
n = 0;
while(n + 1 < PATH_MAX && datap->cFileName[n] != 0) {
entp->d_name[n] = datap->cFileName[n];
n++;
}
dirp->ent.d_name[n] = 0;
/* Length of file name excluding zero terminator */
entp->d_namlen = n;
/* File type */
attr = datap->dwFileAttributes;
if ((attr & FILE_ATTRIBUTE_DEVICE) != 0) {
entp->d_type = DT_CHR;
} else if ((attr & FILE_ATTRIBUTE_DIRECTORY) != 0) {
entp->d_type = DT_DIR;
} else {
entp->d_type = DT_REG;
}
/* Reset dummy fields */
entp->d_ino = 0;
entp->d_reclen = sizeof(struct _wdirent);
} else {
/* Last directory entry read */
entp = NULL;
}
return entp;
}
/*
* Close directory stream opened by opendir() function. This invalidates the
* DIR structure as well as any directory entry read previously by
* _wreaddir().
*/
static int
_wclosedir(_WDIR *dirp)
{
int ok;
if (dirp) {
/* Release search handle */
if (dirp->handle != INVALID_HANDLE_VALUE) {
FindClose(dirp->handle);
dirp->handle = INVALID_HANDLE_VALUE;
}
/* Release search pattern */
if (dirp->patt) {
free(dirp->patt);
dirp->patt = NULL;
}
/* Release directory structure */
free(dirp);
ok = /*success*/0;
} else {
/* Invalid directory stream */
_set_errno(EBADF);
ok = /*failure*/-1;
}
return ok;
}
/*
* Rewind directory stream such that _wreaddir() returns the very first
* file name again.
*/
static void
_wrewinddir(_WDIR* dirp)
{
if (dirp) {
/* Release existing search handle */
if (dirp->handle != INVALID_HANDLE_VALUE) {
FindClose(dirp->handle);
}
/* Open new search handle */
dirent_first(dirp);
}
}
/* Get first directory entry(internal) */
static WIN32_FIND_DATAW*
dirent_first(_WDIR *dirp)
{
WIN32_FIND_DATAW *datap;
/* Open directory and retrieve the first entry */
dirp->handle = FindFirstFileW(dirp->patt, &dirp->data);
if (dirp->handle != INVALID_HANDLE_VALUE) {
/* a directory entry is now waiting in memory */
datap = &dirp->data;
dirp->cached = 1;
} else {
/* Failed to re-open directory: no directory entry in memory */
dirp->cached = 0;
datap = NULL;
}
return datap;
}
/* Get next directory entry(internal) */
static WIN32_FIND_DATAW*
dirent_next(_WDIR *dirp)
{
WIN32_FIND_DATAW *p;
/* Get next directory entry */
if (dirp->cached != 0) {
/* A valid directory entry already in memory */
p = &dirp->data;
dirp->cached = 0;
} else if (dirp->handle != INVALID_HANDLE_VALUE) {
/* Get the next directory entry from stream */
if (FindNextFileW(dirp->handle, &dirp->data) != FALSE) {
/* Got a file */
p = &dirp->data;
} else {
/* The very last entry has been processed or an error occured */
FindClose(dirp->handle);
dirp->handle = INVALID_HANDLE_VALUE;
p = NULL;
}
} else {
/* End of directory stream reached */
p = NULL;
}
return p;
}
/*
* Open directory stream using plain old C-string.
*/
static DIR*
opendir(const char *dirname)
{
struct DIR *dirp;
int error;
/* Must have directory name */
if (dirname == NULL || dirname[0] == '\0') {
_set_errno(ENOENT);
return NULL;
}
/* Allocate memory for DIR structure */
dirp =(DIR*) malloc(sizeof(struct DIR));
if (dirp) {
wchar_t wname[PATH_MAX];
size_t n;
/* Convert directory name to wide-character string */
error = dirent_mbstowcs_s(&n, wname, PATH_MAX, dirname, PATH_MAX);
if (!error) {
/* Open directory stream using wide-character name */
dirp->wdirp = _wopendir(wname);
if (dirp->wdirp) {
/* Directory stream opened */
error = 0;
} else {
/* Failed to open directory stream */
error = 1;
}
} else {
/*
* Cannot convert file name to wide-character string. This
* occurs if the string contains invalid multi-byte sequences or
* the output buffer is too small to contain the resulting
* string.
*/
error = 1;
}
} else {
/* Cannot allocate DIR structure */
error = 1;
}
/* Clean up in case of error */
if (error && dirp) {
free(dirp);
dirp = NULL;
}
return dirp;
}
/*
* Read next directory entry.
*
* When working with text consoles, please note that file names returned by
* readdir() are represented in the default ANSI code page while any output to
* console is typically formatted on another code page. Thus, non-ASCII
* characters in file names will not usually display correctly on console. The
* problem can be fixed in two ways:(1) change the character set of console
* to 1252 using chcp utility and use Lucida Console font, or(2) use
* _cprintf function when writing to console. The _cprinf() will re-encode
* ANSI strings to the console code page so many non-ASCII characters will
* display correcly.
*/
static struct dirent*
readdir(DIR *dirp)
{
WIN32_FIND_DATAW *datap;
struct dirent *entp;
/* Read next directory entry */
datap = dirent_next(dirp->wdirp);
if (datap) {
size_t n;
int error;
/* Attempt to convert file name to multi-byte string */
error = dirent_wcstombs_s(
&n, dirp->ent.d_name, PATH_MAX, datap->cFileName, PATH_MAX);
/*
* If the file name cannot be represented by a multi-byte string,
* then attempt to use old 8+3 file name. This allows traditional
* Unix-code to access some file names despite of unicode
* characters, although file names may seem unfamiliar to the user.
*
* Be ware that the code below cannot come up with a short file
* name unless the file system provides one. At least
* VirtualBox shared folders fail to do this.
*/
if (error && datap->cAlternateFileName[0] != '\0') {
error = dirent_wcstombs_s(
&n, dirp->ent.d_name, PATH_MAX,
datap->cAlternateFileName, PATH_MAX);
}
if (!error) {
DWORD attr;
/* Initialize directory entry for return */
entp = &dirp->ent;
/* Length of file name excluding zero terminator */
entp->d_namlen = n - 1;
/* File attributes */
attr = datap->dwFileAttributes;
if ((attr & FILE_ATTRIBUTE_DEVICE) != 0) {
entp->d_type = DT_CHR;
} else if ((attr & FILE_ATTRIBUTE_DIRECTORY) != 0) {
entp->d_type = DT_DIR;
} else {
entp->d_type = DT_REG;
}
/* Reset dummy fields */
entp->d_ino = 0;
entp->d_reclen = sizeof(struct dirent);
} else {
/*
* Cannot convert file name to multi-byte string so construct
* an errornous directory entry and return that. Note that
* we cannot return NULL as that would stop the processing
* of directory entries completely.
*/
entp = &dirp->ent;
entp->d_name[0] = '?';
entp->d_name[1] = '\0';
entp->d_namlen = 1;
entp->d_type = DT_UNKNOWN;
entp->d_ino = 0;
entp->d_reclen = 0;
}
} else {
/* No more directory entries */
entp = NULL;
}
return entp;
}
/*
* Close directory stream.
*/
static int
closedir(DIR *dirp)
{
int ok;
if (dirp) {
/* Close wide-character directory stream */
ok = _wclosedir(dirp->wdirp);
dirp->wdirp = NULL;
/* Release multi-byte character version */
free(dirp);
} else {
/* Invalid directory stream */
_set_errno(EBADF);
ok = /*failure*/-1;
}
return ok;
}
/*
* Rewind directory stream to beginning.
*/
static void
rewinddir(DIR* dirp)
{
/* Rewind wide-character string directory stream */
_wrewinddir(dirp->wdirp);
}
/* Convert multi-byte string to wide character string */
static int
dirent_mbstowcs_s(size_t *pReturnValue, wchar_t *wcstr,
size_t sizeInWords, const char *mbstr, size_t count)
{
return mbstowcs_s(pReturnValue, wcstr, sizeInWords, mbstr, count);
}
/* Convert wide-character string to multi-byte string */
static int
dirent_wcstombs_s(size_t *pReturnValue, char *mbstr,
size_t sizeInBytes, /* max size of mbstr */
const wchar_t *wcstr, size_t count)
{
return wcstombs_s(pReturnValue, mbstr, sizeInBytes, wcstr, count);
}
#endif /*DIRENT_H*/

33
include/compat/err.h
View File

@@ -1,33 +0,0 @@
/*
* Public domain
* err.h compatibility shim
*/
#ifdef HAVE_ERR_H
#include_next <err.h>
#else
#ifndef LIBCRYPTOCOMPAT_ERR_H
#define LIBCRYPTOCOMPAT_ERR_H
#include <errno.h>
#include <stdio.h>
#include <string.h>
#define err(exitcode, format, ...) \
errx(exitcode, format ": %s", ## __VA_ARGS__, strerror(errno))
#define errx(exitcode, format, ...) \
do { warnx(format, ## __VA_ARGS__); exit(exitcode); } while (0)
#define warn(format, ...) \
warnx(format ": %s", ## __VA_ARGS__, strerror(errno))
#define warnx(format, ...) \
fprintf(stderr, format "\n", ## __VA_ARGS__)
#endif
#endif

10
include/compat/netdb.h
View File

@@ -1,10 +0,0 @@
/*
* Public domain
* netdb.h compatibility shim
*/
#ifndef _WIN32
#include_next <netdb.h>
#else
#include <win32netcompat.h>
#endif

10
include/compat/netinet/in.h
View File

@@ -1,10 +0,0 @@
/*
* Public domain
* netinet/in.h compatibility shim
*/
#ifndef _WIN32
#include_next <netinet/in.h>
#else
#include <win32netcompat.h>
#endif

10
include/compat/netinet/tcp.h
View File

@@ -1,10 +0,0 @@
/*
* Public domain
* netinet/tcp.h compatibility shim
*/
#ifndef _WIN32
#include_next <netinet/tcp.h>
#else
#include <win32netcompat.h>
#endif

63
include/compat/poll.h
View File

@@ -1,63 +0,0 @@
/*
* Public domain
*
* poll(2) emulation for Windows
*
* This emulates just-enough poll functionality on Windows to work in the
* context of the openssl(1) program. This is not a replacement for
* POSIX.1-2001 poll(2).
*
* Dongsheng Song <dongsheng.song@gmail.com>
* Brent Cook <bcook@openbsd.org>
*/
#ifndef LIBCRYPTOCOMPAT_POLL_H
#define LIBCRYPTOCOMPAT_POLL_H
#ifndef _WIN32
#include_next <poll.h>
#else
#include <winsock2.h>
/* Type used for the number of file descriptors. */
typedef unsigned long int nfds_t;
#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0600)
/* Data structure describing a polling request. */
struct pollfd {
int fd; /* file descriptor */
short events; /* requested events */
short revents; /* returned events */
};
/* Event types that can be polled */
#define POLLIN 0x001 /* There is data to read. */
#define POLLPRI 0x002 /* There is urgent data to read. */
#define POLLOUT 0x004 /* Writing now will not block. */
# define POLLRDNORM 0x040 /* Normal data may be read. */
# define POLLRDBAND 0x080 /* Priority data may be read. */
# define POLLWRNORM 0x100 /* Writing now will not block. */
# define POLLWRBAND 0x200 /* Priority data may be written. */
/* Event types always implicitly polled. */
#define POLLERR 0x008 /* Error condition. */
#define POLLHUP 0x010 /* Hung up. */
#define POLLNVAL 0x020 /* Invalid polling request. */
#endif
#ifdef __cplusplus
extern "C" {
#endif
int poll(struct pollfd *pfds, nfds_t nfds, int timeout);
#ifdef __cplusplus
}
#endif
#endif /* HAVE_POLL */
#endif /* LIBCRYPTOCOMPAT_POLL_H */

45
include/compat/stdio.h
View File

@@ -1,45 +0,0 @@
/*
* Public domain
* stdio.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_STDIO_H
#define LIBCRYPTOCOMPAT_STDIO_H
#ifdef _MSC_VER
#if _MSC_VER >= 1900
#include <../ucrt/stdlib.h>
#include <../ucrt/corecrt_io.h>
#include <../ucrt/stdio.h>
#else
#include <../include/stdio.h>
#endif
#else
#include_next <stdio.h>
#endif
#ifndef HAVE_ASPRINTF
#include <stdarg.h>
int vasprintf(char **str, const char *fmt, va_list ap);
int asprintf(char **str, const char *fmt, ...);
#endif
#ifdef _WIN32
void posix_perror(const char *s);
FILE * posix_fopen(const char *path, const char *mode);
int posix_rename(const char *oldpath, const char *newpath);
#ifndef NO_REDEF_POSIX_FUNCTIONS
#define perror(errnum) posix_perror(errnum)
#define fopen(path, mode) posix_fopen(path, mode)
#define rename(oldpath, newpath) posix_rename(oldpath, newpath)
#endif
#ifdef _MSC_VER
#define snprintf _snprintf
#endif
#endif
#endif

86
include/compat/string.h
View File

@@ -1,86 +0,0 @@
/*
* Public domain
* string.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_STRING_H
#define LIBCRYPTOCOMPAT_STRING_H
#ifdef _MSC_VER
#if _MSC_VER >= 1900
#include <../ucrt/string.h>
#else
#include <../include/string.h>
#endif
#else
#include_next <string.h>
#endif
#include <sys/types.h>
#if defined(__sun) || defined(__hpux)
/* Some functions historically defined in string.h were placed in strings.h by
* SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris and HPUX.
*/
#include <strings.h>
#endif
#ifndef HAVE_STRCASECMP
int strcasecmp(const char *s1, const char *s2);
int strncasecmp(const char *s1, const char *s2, size_t len);
#endif
#ifndef HAVE_STRLCPY
size_t strlcpy(char *dst, const char *src, size_t siz);
#endif
#ifndef HAVE_STRLCAT
size_t strlcat(char *dst, const char *src, size_t siz);
#endif
#ifndef HAVE_STRNDUP
char * strndup(const char *str, size_t maxlen);
/* the only user of strnlen is strndup, so only build it if needed */
#ifndef HAVE_STRNLEN
size_t strnlen(const char *str, size_t maxlen);
#endif
#endif
#ifndef HAVE_STRSEP
char *strsep(char **stringp, const char *delim);
#endif
#ifndef HAVE_EXPLICIT_BZERO
void explicit_bzero(void *, size_t);
#endif
#ifndef HAVE_TIMINGSAFE_BCMP
int timingsafe_bcmp(const void *b1, const void *b2, size_t n);
#endif
#ifndef HAVE_TIMINGSAFE_MEMCMP
int timingsafe_memcmp(const void *b1, const void *b2, size_t len);
#endif
#ifndef HAVE_MEMMEM
void * memmem(const void *big, size_t big_len, const void *little,
size_t little_len);
#endif
#ifdef _WIN32
#include <errno.h>
static inline char *
posix_strerror(int errnum)
{
if (errnum == ECONNREFUSED) {
return "Connection refused";
}
return strerror(errnum);
}
#define strerror(errnum) posix_strerror(errnum)
#endif
#endif

31
include/compat/sys/cdefs.h
View File

@@ -1,31 +0,0 @@
/*
* Public domain
* sys/cdefs.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_SYS_CDEFS_H
#define LIBCRYPTOCOMPAT_SYS_CDEFS_H
#ifdef _WIN32
#define __warn_references(sym,msg)
#else
#include_next <sys/cdefs.h>
#ifndef __warn_references
#if defined(__GNUC__) && defined (HAS_GNU_WARNING_LONG)
#define __warn_references(sym,msg) \
__asm__(".section .gnu.warning." __STRING(sym) \
" ; .ascii \"" msg "\" ; .text");
#else
#define __warn_references(sym,msg)
#endif
#endif /* __warn_references */
#endif /* _WIN32 */
#endif /* LIBCRYPTOCOMPAT_SYS_CDEFS_H */

11
include/compat/sys/ioctl.h
View File

@@ -1,11 +0,0 @@
/*
* Public domain
* sys/ioctl.h compatibility shim
*/
#ifndef _WIN32
#include_next <sys/ioctl.h>
#else
#include <win32netcompat.h>
#define ioctl(fd, type, arg) ioctlsocket(fd, type, arg)
#endif

15
include/compat/sys/param.h
View File

@@ -1,15 +0,0 @@
/*
* Public domain
* sys/param.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_SYS_PARAM_H
#define LIBCRYPTOCOMPAT_SYS_PARAM_H
#ifdef _MSC_VER
#include <winsock2.h>
#else
#include_next <sys/param.h>
#endif
#endif

10
include/compat/sys/select.h
View File

@@ -1,10 +0,0 @@
/*
* Public domain
* sys/select.h compatibility shim
*/
#ifndef _WIN32
#include_next <sys/select.h>
#else
#include <win32netcompat.h>
#endif

10
include/compat/sys/socket.h
View File

@@ -1,10 +0,0 @@
/*
* Public domain
* sys/socket.h compatibility shim
*/
#ifndef _WIN32
#include_next <sys/socket.h>
#else
#include <win32netcompat.h>
#endif

100
include/compat/sys/stat.h
View File

@@ -1,100 +0,0 @@
/*
* Public domain
* sys/stat.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_SYS_STAT_H
#define LIBCRYPTOCOMPAT_SYS_STAT_H
#ifndef _MSC_VER
#include_next <sys/stat.h>
#else
#include <windows.h>
#if _MSC_VER >= 1900
#include <../ucrt/sys/stat.h>
#else
#include <../include/sys/stat.h>
#endif
/* File type and permission flags for stat() */
#if !defined(S_IFMT)
# define S_IFMT _S_IFMT /* File type mask */
#endif
#if !defined(S_IFDIR)
# define S_IFDIR _S_IFDIR /* Directory */
#endif
#if !defined(S_IFCHR)
# define S_IFCHR _S_IFCHR /* Character device */
#endif
#if !defined(S_IFFIFO)
# define S_IFFIFO _S_IFFIFO /* Pipe */
#endif
#if !defined(S_IFREG)
# define S_IFREG _S_IFREG /* Regular file */
#endif
#if !defined(S_IREAD)
# define S_IREAD _S_IREAD /* Read permission */
#endif
#if !defined(S_IWRITE)
# define S_IWRITE _S_IWRITE /* Write permission */
#endif
#if !defined(S_IEXEC)
# define S_IEXEC _S_IEXEC /* Execute permission */
#endif
#if !defined(S_IFIFO)
# define S_IFIFO _S_IFIFO /* Pipe */
#endif
#if !defined(S_IFBLK)
# define S_IFBLK 0 /* Block device */
#endif
#if !defined(S_IFLNK)
# define S_IFLNK 0 /* Link */
#endif
#if !defined(S_IFSOCK)
# define S_IFSOCK 0 /* Socket */
#endif
#if defined(_MSC_VER)
# define S_IRUSR S_IREAD /* Read user */
# define S_IWUSR S_IWRITE /* Write user */
# define S_IXUSR 0 /* Execute user */
# define S_IRGRP 0 /* Read group */
# define S_IWGRP 0 /* Write group */
# define S_IXGRP 0 /* Execute group */
# define S_IROTH 0 /* Read others */
# define S_IWOTH 0 /* Write others */
# define S_IXOTH 0 /* Execute others */
#endif
/* File type flags for d_type */
#define DT_UNKNOWN 0
#define DT_REG S_IFREG
#define DT_DIR S_IFDIR
#define DT_FIFO S_IFIFO
#define DT_SOCK S_IFSOCK
#define DT_CHR S_IFCHR
#define DT_BLK S_IFBLK
#define DT_LNK S_IFLNK
/* Macros for converting between st_mode and d_type */
#define IFTODT(mode) ((mode) & S_IFMT)
#define DTTOIF(type) (type)
/*
* File type macros. Note that block devices, sockets and links cannot be
* distinguished on Windows and the macros S_ISBLK, S_ISSOCK and S_ISLNK are
* only defined for compatibility. These macros should always return false
* on Windows.
*/
#define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
#define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR)
#define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG)
#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK)
#define S_ISSOCK(mode) (((mode) & S_IFMT) == S_IFSOCK)
#define S_ISCHR(mode) (((mode) & S_IFMT) == S_IFCHR)
#define S_ISBLK(mode) (((mode) & S_IFMT) == S_IFBLK)
#endif
#endif

16
include/compat/sys/time.h
View File

@@ -1,16 +0,0 @@
/*
* Public domain
* sys/time.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_SYS_TIME_H
#define LIBCRYPTOCOMPAT_SYS_TIME_H
#ifdef _MSC_VER
#include <winsock2.h>
int gettimeofday(struct timeval *tp, void *tzp);
#else
#include_next <sys/time.h>
#endif
#endif

47
include/compat/sys/types.h
View File

@@ -1,47 +0,0 @@
/*
* Public domain
* sys/types.h compatibility shim
*/
#ifdef _MSC_VER
#if _MSC_VER >= 1900
#include <../ucrt/sys/types.h>
#else
#include <../include/sys/types.h>
#endif
#else
#include_next <sys/types.h>
#endif
#ifndef LIBCRYPTOCOMPAT_SYS_TYPES_H
#define LIBCRYPTOCOMPAT_SYS_TYPES_H
#include <stdint.h>
#ifdef __MINGW32__
#include <_bsd_types.h>
#endif
#ifdef _MSC_VER
typedef unsigned char u_char;
typedef unsigned short u_short;
typedef unsigned int u_int;
#include <basetsd.h>
typedef SSIZE_T ssize_t;
#ifndef SSIZE_MAX
#ifdef _WIN64
#define SSIZE_MAX _I64_MAX
#else
#define SSIZE_MAX INT_MAX
#endif
#endif
#endif
#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__bounded__)
# define __bounded__(x, y, z)
#endif
#endif

17
include/compat/sys/uio.h
View File

@@ -1,17 +0,0 @@
/*
* Public domain
* sys/select.h compatibility shim
*/
#ifndef _WIN32
#include_next <sys/uio.h>
#else
#include <sys/types.h>
struct iovec {
void *iov_base;
size_t iov_len;
};
#endif

15
include/compat/time.h
View File

@@ -1,15 +0,0 @@
/*
* Public domain
* sys/time.h compatibility shim
*/
#ifdef _MSC_VER
#if _MSC_VER >= 1900
#include <../ucrt/time.h>
#else
#include <../include/time.h>
#endif
#define gmtime_r(tp, tm) ((gmtime_s((tm), (tp)) == 0) ? (tm) : NULL)
#else
#include_next <time.h>
#endif

32
include/compat/unistd.h
View File

@@ -1,32 +0,0 @@
/*
* Public domain
* unistd.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_UNISTD_H
#define LIBCRYPTOCOMPAT_UNISTD_H
#ifndef _MSC_VER
#include_next <unistd.h>
#else
#include <stdlib.h>
#include <io.h>
#include <process.h>
#define R_OK 4
#define W_OK 2
#define X_OK 0
#define F_OK 0
#define access _access
unsigned int sleep(unsigned int seconds);
#endif
#ifndef HAVE_GETENTROPY
int getentropy(void *buf, size_t buflen);
#endif
#endif

48
include/compat/win32netcompat.h
View File

@@ -1,48 +0,0 @@
/*
* Public domain
*
* BSD socket emulation code for Winsock2
* Brent Cook <bcook@openbsd.org>
*/
#ifndef LIBCRYPTOCOMPAT_WIN32NETCOMPAT_H
#define LIBCRYPTOCOMPAT_WIN32NETCOMPAT_H
#ifdef _WIN32
#include <ws2tcpip.h>
#define SHUT_RDWR SD_BOTH
#define SHUT_RD SD_RECEIVE
#define SHUT_WR SD_SEND
#include <errno.h>
#include <unistd.h>
int posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
int posix_close(int fd);
ssize_t posix_read(int fd, void *buf, size_t count);
ssize_t posix_write(int fd, const void *buf, size_t count);
int posix_getsockopt(int sockfd, int level, int optname,
void *optval, socklen_t *optlen);
int posix_setsockopt(int sockfd, int level, int optname,
const void *optval, socklen_t optlen);
#ifndef NO_REDEF_POSIX_FUNCTIONS
#define connect(sockfd, addr, addrlen) posix_connect(sockfd, addr, addrlen)
#define close(fd) posix_close(fd)
#define read(fd, buf, count) posix_read(fd, buf, count)
#define write(fd, buf, count) posix_write(fd, buf, count)
#define getsockopt(sockfd, level, optname, optval, optlen) \
posix_getsockopt(sockfd, level, optname, optval, optlen)
#define setsockopt(sockfd, level, optname, optval, optlen) \
posix_setsockopt(sockfd, level, optname, optval, optlen)
#endif
#endif
#endif

28
include/err.h Normal file
View File

@@ -0,0 +1,28 @@
#ifdef HAVE_ERR_H
#include_next <err.h>
#else
#ifndef LIBCRYPTOCOMPAT_ERR_H
#define LIBCRYPTOCOMPAT_ERR_H
#include <errno.h>
#include <stdio.h>
#include <string.h>
#define err(exitcode, format, args...) \
errx(exitcode, format ": %s", ## args, strerror(errno))
#define errx(exitcode, format, args...) \
do { warnx(format, ## args); exit(exitcode); } while (0)
#define warn(format, args...) \
warnx(format ": %s", ## args, strerror(errno))
#define warnx(format, args...) \
fprintf(stderr, format "\n", ## args)
#endif
#endif

7
include/compat/machine/endian.h → include/machine/endian.h
View File

@@ -1,12 +1,7 @@
/*
* Public domain
* machine/endian.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_BYTE_ORDER_H_ #ifndef LIBCRYPTOCOMPAT_BYTE_ORDER_H_
#define LIBCRYPTOCOMPAT_BYTE_ORDER_H_ #define LIBCRYPTOCOMPAT_BYTE_ORDER_H_
#if defined(_WIN32) #if defined(__WIN32)
#define LITTLE_ENDIAN 1234 #define LITTLE_ENDIAN 1234
#define BIG_ENDIAN 4321 #define BIG_ENDIAN 4321

11
include/stdio.h Normal file
View File

@@ -0,0 +1,11 @@
#include_next <stdio.h>
#ifndef LIBCRYPTOCOMPAT_STDIO_H
#define LIBCRYPTOCOMPAT_STDIO_H
#ifdef NO_ASPRINTF
int vasprintf(char **str, const char *fmt, va_list ap);
int asprintf(char **str, const char *fmt, ...);
#endif
#endif

22
include/compat/stdlib.h → include/stdlib.h
View File

@@ -1,34 +1,22 @@
/*
* stdlib.h compatibility shim
* Public domain
*/
#ifdef _MSC_VER
#if _MSC_VER >= 1900
#include <../ucrt/stdlib.h>
#else
#include <../include/stdlib.h>
#endif
#else
#include_next <stdlib.h> #include_next <stdlib.h>
#endif
#ifndef LIBCRYPTOCOMPAT_STDLIB_H #ifndef LIBCRYPTOCOMPAT_STDLIB_H
#define LIBCRYPTOCOMPAT_STDLIB_H #define LIBCRYPTOCOMPAT_STDLIB_H
#include <sys/types.h> #include <sys/stat.h>
#include <sys/time.h>
#include <stdint.h> #include <stdint.h>
#ifndef HAVE_ARC4RANDOM_BUF #ifdef NO_ARC4RANDOM_BUF
uint32_t arc4random(void); uint32_t arc4random(void);
void arc4random_buf(void *_buf, size_t n); void arc4random_buf(void *_buf, size_t n);
#endif #endif
#ifndef HAVE_REALLOCARRAY #ifdef NO_REALLOCARRAY
void *reallocarray(void *, size_t, size_t); void *reallocarray(void *, size_t, size_t);
#endif #endif
#ifndef HAVE_STRTONUM #ifdef NO_STRTONUM
long long strtonum(const char *nptr, long long minval, long long strtonum(const char *nptr, long long minval,
long long maxval, const char **errstr); long long maxval, const char **errstr);
#endif #endif

47
include/string.h Normal file
View File

@@ -0,0 +1,47 @@
#include_next <string.h>
#ifndef LIBCRYPTOCOMPAT_STRING_H
#define LIBCRYPTOCOMPAT_STRING_H
#include <sys/types.h>
#ifdef __sun
/* Some functions historically defined in string.h were placed in strings.h by
* SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris.
*/
#include <strings.h>
#endif
#ifdef NO_STRLCPY
size_t strlcpy(char *dst, const char *src, size_t siz);
#endif
#ifdef NO_STRLCAT
size_t strlcat(char *dst, const char *src, size_t siz);
#endif
#ifdef NO_STRNDUP
char * strndup(const char *str, size_t maxlen);
#ifdef NO_STRNLEN
size_t strnlen(const char *str, size_t maxlen);
#endif
#endif
#ifdef NO_EXPLICIT_BZERO
void explicit_bzero(void *, size_t);
#endif
#ifdef NO_TIMINGSAFE_BCMP
int timingsafe_bcmp(const void *b1, const void *b2, size_t n);
#endif
#ifdef NO_TIMINGSAFE_MEMCMP
int timingsafe_memcmp(const void *b1, const void *b2, size_t len);
#endif
#ifdef NO_MEMMEM
void * memmem(const void *big, size_t big_len, const void *little,
size_t little_len);
#endif
#endif

5
include/compat/sys/mman.h → include/sys/mman.h
View File

@@ -1,8 +1,3 @@
/*
* Public domain
* sys/mman.h compatibility shim
*/
#include_next <sys/mman.h> #include_next <sys/mman.h>
#ifndef LIBCRYPTOCOMPAT_MMAN_H #ifndef LIBCRYPTOCOMPAT_MMAN_H

16
include/sys/types.h Normal file
View File

@@ -0,0 +1,16 @@
#include_next <sys/types.h>
#ifndef LIBCRYPTOCOMPAT_SYS_TYPES_H
#define LIBCRYPTOCOMPAT_SYS_TYPES_H
#include <stdint.h>
#ifdef __MINGW32__
#include <_bsd_types.h>
#endif
#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__bounded__)
# define __bounded__(x, y, z)
#endif
#endif

14
include/unistd.h Normal file
View File

@@ -0,0 +1,14 @@
#include_next <unistd.h>
#ifndef LIBCRYPTOCOMPAT_UNISTD_H
#define LIBCRYPTOCOMPAT_UNISTD_H
#ifdef NO_GETENTROPY
int getentropy(void *buf, size_t buflen);
#endif
#ifdef NO_ISSETUGID
int issetugid(void);
#endif
#endif

13
libtls-standalone/COPYING
View File

@@ -1,13 +0,0 @@
libtls is ISC licensed as per OpenBSD's normal licensing policy.
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

0
libtls-standalone/ChangeLog
View File

7
libtls-standalone/Makefile.am
View File

@@ -1,7 +0,0 @@
SUBDIRS = include compat src tests man
ACLOCAL_AMFLAGS = -I m4
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libtls.pc
EXTRA_DIST = README VERSION

0
libtls-standalone/README
View File

45
libtls-standalone/compat/Makefile.am
View File

@@ -1,45 +0,0 @@
#
# Copyright (c) 2014-2015 Brent Cook
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src
noinst_LTLIBRARIES = libcompat.la libcompatnoopt.la
# compatibility functions that need to be built without optimizations
libcompatnoopt_la_CFLAGS = -O0
libcompatnoopt_la_SOURCES =
if !HAVE_EXPLICIT_BZERO
libcompatnoopt_la_SOURCES += explicit_bzero.c
endif
# other compatibility functions
libcompat_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS)
libcompat_la_SOURCES =
libcompat_la_LIBADD = $(PLATFORM_LDADD)
if !HAVE_ASPRINTF
libcompat_la_SOURCES += bsd-asprintf.c
endif
if !HAVE_STRLCPY
libcompat_la_SOURCES += strlcpy.c
endif
if !HAVE_STRSEP
libcompat_la_SOURCES += strsep.c
endif
include Makefile.am.arc4random

52
libtls-standalone/configure.ac
View File

@@ -1,52 +0,0 @@
# Copyright (c) 2014-2015 Brent Cook
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT([libtls], m4_esyscmd([tr -d '\n' < VERSION]))
AC_SUBST([LIBTLS_VERSION], m4_esyscmd([sed -e 's/\./:/g' VERSION | tr -d '\n']))
AC_CANONICAL_HOST
AM_INIT_AUTOMAKE([subdir-objects])
AC_CONFIG_MACRO_DIR([m4])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
# This must be called before AC_PROG_CC
USER_CFLAGS="$CFLAGS"
AC_PROG_CC
AC_PROG_CC_STDC
AM_PROG_CC_C_O
AC_PROG_LIBTOOL
LT_INIT
CHECK_OS_OPTIONS
CHECK_C_HARDENING_OPTIONS
DISABLE_COMPILER_WARNINGS
CHECK_LIBC_COMPAT
CHECK_LIBC_CRYPTO_COMPAT
AC_CONFIG_FILES([
Makefile
include/Makefile
compat/Makefile
man/Makefile
src/Makefile
tests/Makefile
libtls.pc
])
AC_OUTPUT

5
libtls-standalone/include/Makefile.am
View File

@@ -1,5 +0,0 @@
noinst_HEADERS = stdlib.h
noinst_HEADERS += string.h
noinst_HEADERS += unistd.h
include_HEADERS = tls.h

86
libtls-standalone/include/string.h
View File

@@ -1,86 +0,0 @@
/*
* Public domain
* string.h compatibility shim
*/
#ifndef LIBCRYPTOCOMPAT_STRING_H
#define LIBCRYPTOCOMPAT_STRING_H
#ifdef _MSC_VER
#if _MSC_VER >= 1900
#include <../ucrt/string.h>
#else
#include <../include/string.h>
#endif
#else
#include_next <string.h>
#endif
#include <sys/types.h>
#if defined(__sun) || defined(__hpux)
/* Some functions historically defined in string.h were placed in strings.h by
* SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris and HPUX.
*/
#include <strings.h>
#endif
#ifndef HAVE_STRCASECMP
int strcasecmp(const char *s1, const char *s2);
int strncasecmp(const char *s1, const char *s2, size_t len);
#endif
#ifndef HAVE_STRLCPY
size_t strlcpy(char *dst, const char *src, size_t siz);
#endif
#ifndef HAVE_STRLCAT
size_t strlcat(char *dst, const char *src, size_t siz);
#endif
#ifndef HAVE_STRNDUP
char * strndup(const char *str, size_t maxlen);
/* the only user of strnlen is strndup, so only build it if needed */
#ifndef HAVE_STRNLEN
size_t strnlen(const char *str, size_t maxlen);
#endif
#endif
#ifndef HAVE_STRSEP
char *strsep(char **stringp, const char *delim);
#endif
#ifndef HAVE_EXPLICIT_BZERO
void explicit_bzero(void *, size_t);
#endif
#ifndef HAVE_TIMINGSAFE_BCMP
int timingsafe_bcmp(const void *b1, const void *b2, size_t n);
#endif
#ifndef HAVE_TIMINGSAFE_MEMCMP
int timingsafe_memcmp(const void *b1, const void *b2, size_t len);
#endif
#ifndef HAVE_MEMMEM
void * memmem(const void *big, size_t big_len, const void *little,
size_t little_len);
#endif
#ifdef _WIN32
#include <errno.h>
static inline char *
posix_strerror(int errnum)
{
if (errnum == ECONNREFUSED) {
return "Connection refused";
}
return strerror(errnum);
}
#define strerror(errnum) posix_strerror(errnum)
#endif
#endif

16
libtls-standalone/libtls.pc.in
View File

@@ -1,16 +0,0 @@
#libtls pkg-config source file
prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@
Name: LibreSSL-libtls
Description: Secure communications using the TLS socket protocol.
Version: @LIBTLS_VERSION@
Requires:
Requires.private: libcrypto libssl
Conflicts:
Libs: -L${libdir} -ltls
Libs.private: @LIBS@ -lcrypto -lssl
Cflags: -I${includedir}

16
libtls-standalone/src/Makefile.am
View File

@@ -1,16 +0,0 @@
AM_CFLAGS = -I$(top_srcdir)/include
lib_LTLIBRARIES = libtls.la
libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
libtls_la_LIBADD = -lcrypto -lssl -lcrypto $(PLATFORM_LDADD)
libtls_la_LIBADD += $(top_builddir)/compat/libcompat.la
libtls_la_LIBADD += $(top_builddir)/compat/libcompatnoopt.la
libtls_la_SOURCES = tls.c
libtls_la_SOURCES += tls_client.c
libtls_la_SOURCES += tls_config.c
libtls_la_SOURCES += tls_server.c
libtls_la_SOURCES += tls_util.c
libtls_la_SOURCES += tls_verify.c
noinst_HEADERS = tls_internal.h

7
libtls-standalone/tests/Makefile.am
View File

@@ -1,7 +0,0 @@
AM_CFLAGS = -I$(top_srcdir)/include
check_PROGRAMS = test
TESTS = test
test_SOURCES = test.c
test_LDADD = -lcrypto -lssl $(top_builddir)/src/libtls.la

51
libtls-standalone/tests/test.c
View File

@@ -1,51 +0,0 @@
#include <stdio.h>
#include <tls.h>
int main()
{
struct tls *tls;
struct tls_config *tls_config;
size_t written, read;
char buf[4096];
if (tls_init() != 0) {
fprintf(stderr, "tls_init failed");
return 1;
}
if ((tls = tls_client()) == NULL)
goto err;
if ((tls_config = tls_config_new()) == NULL)
goto err;
if (tls_config_set_ciphers(tls_config, "compat") != 0)
goto err;
tls_config_insecure_noverifycert(tls_config);
tls_config_insecure_noverifyname(tls_config);
if (tls_configure(tls, tls_config) != 0)
goto err;
if (tls_connect(tls, "google.com", "443") != 0)
goto err;
if (tls_write(tls, "GET /\r\n", 7, &written) != 0)
goto err;
if (tls_read(tls, buf, sizeof(buf), &read) != 0)
goto err;
buf[read - 1] = '\0';
puts(buf);
if (tls_close(tls) != 0)
goto err;
return 0;
err:
fprintf(stderr, "%s\n", tls_error(tls));
return 1;
}

16
libtls.pc.in
View File

@@ -1,16 +0,0 @@
#libtls pkg-config source file
prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@
Name: LibreSSL-libtls
Description: Secure communications using the TLS socket protocol.
Version: @VERSION@
Requires:
Requires.private: libcrypto libssl
Conflicts:
Libs: -L${libdir} -ltls
Libs.private: @LIBS@ -lcrypto -lssl
Cflags: -I${includedir}

109
m4/check-hardening-options.m4
View File

@@ -1,109 +0,0 @@
AC_DEFUN([CHECK_CFLAG], [
AC_LANG_ASSERT(C)
AC_MSG_CHECKING([if $saved_CC supports "$1"])
old_cflags="$CFLAGS"
CFLAGS="$1 -Wall -Werror"
AC_TRY_LINK([
#include <stdio.h>
],
[printf("Hello")],
AC_MSG_RESULT([yes])
CFLAGS=$old_cflags
HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
AC_MSG_RESULT([no])
CFLAGS=$old_cflags
[$2])
])
AC_DEFUN([CHECK_LDFLAG], [
AC_LANG_ASSERT(C)
AC_MSG_CHECKING([if $saved_LD supports "$1"])
old_ldflags="$LDFLAGS"
LDFLAGS="$1 -Wall -Werror"
AC_TRY_LINK([
#include <stdio.h>
],
[printf("Hello")],
AC_MSG_RESULT([yes])
LDFLAGS=$old_ldflags
HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
AC_MSG_RESULT([no])
LDFLAGS=$old_ldflags
[$2])
])
AC_DEFUN([DISABLE_AS_EXECUTABLE_STACK], [
save_cflags="$CFLAGS"
CFLAGS=
AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
__asm__(".section .note.GNU-stack,\"\",@progbits");]])],
[AC_MSG_RESULT([yes])]
[AM_CFLAGS=-DHAVE_GNU_STACK],
[AC_MSG_RESULT([no])]
)
CFLAGS="$save_cflags $AM_CFLAGS"
])
AC_DEFUN([CHECK_C_HARDENING_OPTIONS], [
AC_ARG_ENABLE([hardening],
[AS_HELP_STRING([--disable-hardening],
[Disable options to frustrate memory corruption exploits])],
[], [enable_hardening=yes])
AC_ARG_ENABLE([windows-ssp],
[AS_HELP_STRING([--enable-windows-ssp],
[Enable building the stack smashing protection on
Windows. This currently distributing libssp-0.dll.])])
# We want to check for compiler flag support. Prior to clang v5.1, there was no
# way to make clang's "argument unused" warning fatal. So we invoke the
# compiler through a wrapper script that greps for this message.
saved_CC="$CC"
saved_LD="$LD"
flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
CC="$flag_wrap $CC"
LD="$flag_wrap $LD"
AS_IF([test "x$enable_hardening" = "xyes"], [
# Tell GCC to NOT optimize based on signed arithmetic overflow
CHECK_CFLAG([[-fno-strict-overflow]])
# _FORTIFY_SOURCE replaces builtin functions with safer versions.
CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
# Enable read only relocations
CHECK_LDFLAG([[-Wl,-z,relro]])
CHECK_LDFLAG([[-Wl,-z,now]])
# Windows security flags
AS_IF([test "x$HOST_OS" = "xwin"], [
CHECK_LDFLAG([[-Wl,--nxcompat]])
CHECK_LDFLAG([[-Wl,--dynamicbase]])
CHECK_LDFLAG([[-Wl,--high-entropy-va]])
])
# Use stack-protector-strong if available; if not, fallback to
# stack-protector-all which is considered to be overkill
AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
CHECK_CFLAG([[-fstack-protector-strong]],
CHECK_CFLAG([[-fstack-protector-all]],
AC_MSG_WARN([compiler does not appear to support stack protection])
)
)
AS_IF([test "x$HOST_OS" = "xwin"], [
AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
])
])
])
# Restore CC, LD
CC="$saved_CC"
LD="$saved_LD"
CFLAGS="$CFLAGS $HARDEN_CFLAGS"
LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
])

66
m4/check-libc.m4
View File

@@ -1,66 +0,0 @@
AC_DEFUN([CHECK_LIBC_COMPAT], [
# Check for general libc functions
AC_CHECK_FUNCS([asprintf inet_pton memmem poll reallocarray])
AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum])
AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
AM_CONDITIONAL([HAVE_INET_PTON], [test "x$ac_cv_func_inet_pton" = xyes])
AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes])
AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes])
AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes])
AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
])
AC_DEFUN([CHECK_LIBC_CRYPTO_COMPAT], [
# Check crypto-related libc functions
AC_CHECK_FUNCS([arc4random_buf explicit_bzero getauxval getentropy])
AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
# Override arc4random_buf implementations with known issues
AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
[test "x$HOST_OS" != xdarwin \
-a "x$HOST_OS" != xfreebsd \
-a "x$HOST_OS" != xnetbsd \
-a "x$ac_cv_func_arc4random_buf" = xyes])
# Check for getentropy fallback dependencies
AC_CHECK_FUNC([getauxval])
AC_CHECK_FUNC([clock_gettime],, [AC_SEARCH_LIBS([clock_gettime],[rt posix4])])
AC_CHECK_FUNC([dl_iterate_phdr],, [AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
])
AC_DEFUN([CHECK_VA_COPY], [
AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>
va_list x,y;
]], [[ va_copy(x,y); ]])],
[ ac_cv_have_va_copy="yes" ],
[ ac_cv_have_va_copy="no"
])
])
if test "x$ac_cv_have_va_copy" = "xyes" ; then
AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists])
fi
AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>
va_list x,y;
]], [[ __va_copy(x,y); ]])],
[ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no"
])
])
if test "x$ac_cv_have___va_copy" = "xyes" ; then
AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists])
fi
])

77
m4/check-os-options.m4
View File

@@ -1,77 +0,0 @@
# This must be called before AC_PROG_CC
AC_DEFUN([CHECK_OS_OPTIONS], [
CFLAGS="$CFLAGS -Wall -std=gnu99 -fno-strict-aliasing"
case $host_os in
*aix*)
HOST_OS=aix
if test "`echo $CC | cut -d ' ' -f 1`" != "gcc" ; then
CFLAGS="-qnoansialias $USER_CFLAGS"
fi
AC_SUBST([PLATFORM_LDADD], ['-lperfstat -lpthread'])
;;
*cygwin*)
HOST_OS=cygwin
;;
*darwin*)
HOST_OS=darwin
HOST_ABI=macosx
;;
*freebsd*)
HOST_OS=freebsd
HOST_ABI=elf
AC_SUBST([PROG_LDADD], ['-lthr'])
;;
*hpux*)
HOST_OS=hpux;
if test "`echo $CC | cut -d ' ' -f 1`" = "gcc" ; then
CFLAGS="$CFLAGS -mlp64"
else
CFLAGS="-g -O2 +DD64 +Otype_safety=off $USER_CFLAGS"
fi
CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
;;
*linux*)
HOST_OS=linux
HOST_ABI=elf
CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
;;
*netbsd*)
HOST_OS=netbsd
CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
;;
*openbsd* | *bitrig*)
HOST_ABI=elf
AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
;;
*mingw*)
HOST_OS=win
CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO"
CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS"
CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0501"
CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED"
CFLAGS="$CFLAGS -static-libgcc"
LDFLAGS="$LDFLAGS -static-libgcc"
AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
;;
*solaris*)
HOST_OS=solaris
HOST_ABI=elf
CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
;;
*) ;;
esac
AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix])
AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin])
AM_CONDITIONAL([HOST_DARWIN], [test x$HOST_OS = xdarwin])
AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
AM_CONDITIONAL([HOST_HPUX], [test x$HOST_OS = xhpux])
AM_CONDITIONAL([HOST_LINUX], [test x$HOST_OS = xlinux])
AM_CONDITIONAL([HOST_NETBSD], [test x$HOST_OS = xnetbsd])
AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
AM_CONDITIONAL([HOST_WIN], [test x$HOST_OS = xwin])
])

29
m4/disable-compiler-warnings.m4
View File

@@ -1,29 +0,0 @@
AC_DEFUN([DISABLE_COMPILER_WARNINGS], [
# Clang throws a lot of warnings when it does not understand a flag. Disable
# this warning for now so other warnings are visible.
AC_MSG_CHECKING([if compiling with clang])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
#ifndef __clang__
not clang
#endif
]])],
[CLANG=yes],
[CLANG=no]
)
AC_MSG_RESULT([$CLANG])
AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
CFLAGS="$CFLAGS $CLANG_FLAGS"
LDFLAGS="$LDFLAGS $CLANG_FLAGS"
# Removing the dependency on -Wno-pointer-sign should be a goal. These are
# largely unsigned char */char* mismatches in asn1 functions.
save_cflags="$CFLAGS"
CFLAGS=-Wno-pointer-sign
AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
[AC_MSG_RESULT([yes])]
[AM_CFLAGS=-Wno-pointer-sign],
[AC_MSG_RESULT([no])]
)
CFLAGS="$save_cflags $AM_CFLAGS"
])

9
man/CMakeLists.txt
View File

@@ -1,9 +0,0 @@
install(DIRECTORY .
DESTINATION share/man/man3
FILES_MATCHING PATTERN "*.3"
)
install(DIRECTORY .
DESTINATION share/man/man1
FILES_MATCHING PATTERN "*.1"
)

3
man/Makefile.am.tpl Normal file
View File

@@ -0,0 +1,3 @@
include $(top_srcdir)/Makefile.am.common
dist_man_MANS=

2168
man/links
View File

File diff suppressed because it is too large Load Diff

18
man/update_links.sh
View File

@@ -1,18 +0,0 @@
#!/bin/sh
# Run this periodically to ensure that the manpage links are up to date
echo "# This is an auto-generated file by $0" > links
sudo makewhatis
for i in `ls -1 *.3`; do
name=`echo $i|cut -d. -f1`
links=`sqlite3 /usr/share/man/mandoc.db \
"select names.name from mlinks,names where mlinks.name='$name' and mlinks.pageid=names.pageid;"`
for j in $links; do
a=`echo "x$j" | tr '[:upper:]' '[:lower:]'`
b=`echo "x$name" | tr '[:upper:]' '[:lower:]'`
if [ $a != $b ]; then
echo $name.3,$j.3 >> links
fi
done
done

15
patches/arc4random.c.patch
View File

@@ -1,15 +0,0 @@
--- crypto/compat/arc4random.c.orig 2015-07-20 07:41:17.000000000 -0600
+++ crypto/compat/arc4random.c 2015-07-20 07:41:58.000000000 -0600
@@ -36,8 +36,11 @@
#define KEYSTREAM_ONLY
#include "chacha_private.h"
+#ifndef min
#define min(a, b) ((a) < (b) ? (a) : (b))
-#ifdef __GNUC__
+#endif
+
+#if defined(__GNUC__) || defined(_MSC_VER)
#define inline __inline
#else /* !__GNUC__ */
#define inline

40
patches/openssl.c.patch
View File

@@ -1,40 +0,0 @@
--- apps/openssl.c.orig 2015-07-20 02:01:42.000000000 -0600
+++ apps/openssl.c 2015-07-20 02:02:00.000000000 -0600
@@ -130,6 +130,19 @@
#include <openssl/engine.h>
#endif
+#ifdef _WIN32
+#include <io.h>
+#include <fcntl.h>
+static void set_stdio_binary(void)
+{
+ _setmode(_fileno(stdin), _O_BINARY);
+ _setmode(_fileno(stdout), _O_BINARY);
+ _setmode(_fileno(stderr), _O_BINARY);
+}
+#else
+static void set_stdio_binary(void) {};
+#endif
+
#include "progs.h"
#include "s_apps.h"
@@ -204,7 +216,9 @@
static void
openssl_startup(void)
{
+#ifndef _WIN32
signal(SIGPIPE, SIG_IGN);
+#endif
CRYPTO_malloc_init();
OpenSSL_add_all_algorithms();
@@ -216,6 +230,7 @@
#endif
setup_ui_method();
+ set_stdio_binary();
}
static void

13
patches/opensslconf.h.patch
View File

@@ -1,13 +0,0 @@
--- include/openssl/opensslconf.h.orig 2015-07-19 23:21:47.000000000 -0600
+++ include/openssl/opensslconf.h 2015-07-19 23:21:17.000000000 -0600
@@ -1,6 +1,10 @@
#include <openssl/opensslfeatures.h>
/* crypto/opensslconf.h.in */
+#if defined(_MSC_VER) && !defined(__attribute__)
+#define __attribute__(a)
+#endif
+
/* Generate 80386 code? */
#undef I386_ONLY

25
patches/ossl_typ.h.patch
View File

@@ -1,25 +0,0 @@
--- include/openssl/ossl_typ.h.orig 2015-07-06 13:21:18.788571423 -0700
+++ include/openssl/ossl_typ.h 2015-07-06 13:24:14.906468003 -0700
@@ -100,6 +100,22 @@
typedef struct ASN1_ITEM_st ASN1_ITEM;
typedef struct asn1_pctx_st ASN1_PCTX;
+#if defined(_WIN32) && defined(__WINCRYPT_H__)
+#ifndef LIBRESSL_INTERNAL
+#ifdef _MSC_VER
+#pragma message("Warning, overriding WinCrypt defines")
+#else
+#warning overriding WinCrypt defines
+#endif
+#endif
+#undef X509_NAME
+#undef X509_CERT_PAIR
+#undef X509_EXTENSIONS
+#undef OCSP_REQUEST
+#undef OCSP_RESPONSE
+#undef PKCS7_ISSUER_AND_SERIAL
+#endif
+
#ifdef BIGNUM
#undef BIGNUM
#endif

21
patches/pkcs7.h.patch
View File

@@ -1,21 +0,0 @@
--- include/openssl/pkcs7.h.orig 2015-07-06 13:26:27.369203527 -0700
+++ include/openssl/pkcs7.h 2015-07-06 13:27:37.637051967 -0700
@@ -69,6 +69,18 @@
extern "C" {
#endif
+#if defined(_WIN32) && defined(__WINCRYPT_H__)
+#ifndef LIBRESSL_INTERNAL
+#ifdef _MSC_VER
+#pragma message("Warning, overriding WinCrypt defines")
+#else
+#warning overriding WinCrypt defines
+#endif
+#endif
+#undef PKCS7_ISSUER_AND_SERIAL
+#undef PKCS7_SIGNER_INFO
+#endif
+
/*
Encryption_ID DES-CBC
Digest_ID MD5

Some files were not shown because too many files have changed in this diff Show More