From c5f8bbbc0b94f3ec3f3f8f2aabbe3cc81f7b8158 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 21 Sep 2000 05:42:01 +0000 Subject: [PATCH 1/2] Portability patch for HP MPE/iX. Submitted by Mark Bixby --- Configure | 3 +++ apps/s_socket.c | 2 ++ apps/speed.c | 2 +- config | 4 ++++ crypto/bio/bss_conn.c | 2 +- crypto/des/read_pwd.c | 6 ++++++ e_os.h | 7 ++++++- ssl/ssl2.h | 4 ++++ 8 files changed, 27 insertions(+), 3 deletions(-) diff --git a/Configure b/Configure index 2e2023394..257b94ac6 100755 --- a/Configure +++ b/Configure @@ -256,6 +256,9 @@ my %table=( #"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::", # Use unified settings above instead. +#### HP MPE/iX http://jazz.external.hp.com/src/openssl/ +"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -DMPE -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::", + # Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with # the new compiler # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version diff --git a/apps/s_socket.c b/apps/s_socket.c index 0238566a8..9812e6d50 100644 --- a/apps/s_socket.c +++ b/apps/s_socket.c @@ -209,9 +209,11 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port) s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); if (s == INVALID_SOCKET) { perror("socket"); return(0); } +#ifndef MPE i=0; i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); if (i < 0) { perror("keepalive"); return(0); } +#endif if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) { close(s); perror("connect"); return(0); } diff --git a/apps/speed.c b/apps/speed.c index 1214de39d..15c9a1fdc 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -87,7 +87,7 @@ #elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) # define TIMES #endif -#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) +#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) # define TIMEB #endif diff --git a/config b/config index 910c97fac..6a2625308 100755 --- a/config +++ b/config @@ -71,6 +71,10 @@ fi # Now we simply scan though... In most cases, the SYSTEM info is enough # case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in + MPE/iX:*) + MACHINE=`echo "$MACHINE" | sed -e 's/-/_/g'` + echo "parisc-hp-MPE/iX"; exit 0 + ;; A/UX:*) echo "m68k-apple-aux3"; exit 0 ;; diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index e092528b3..a6b77a2cb 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -236,7 +236,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c) } c->state=BIO_CONN_S_CONNECT; -#ifdef SO_KEEPALIVE +#if defined(SO_KEEPALIVE) && !defined(MPE) i=1; i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); if (i < 0) diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c index 9555abe3a..c27ec336e 100644 --- a/crypto/des/read_pwd.c +++ b/crypto/des/read_pwd.c @@ -271,7 +271,9 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt, #elif defined(MAC_OS_pre_X) tty=stdin; #else +#ifndef MPE if ((tty=fopen("/dev/tty","r")) == NULL) +#endif tty=stdin; #endif @@ -312,8 +314,12 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt, #if defined(TTY_set) && !defined(VMS) if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1)) +#ifdef MPE + ; /* MPE lies -- echo really has been disabled */ +#else return(-1); #endif +#endif #ifdef VMS tty_new[0] = tty_orig[0]; tty_new[1] = tty_orig[1] | TT$M_NOECHO; diff --git a/e_os.h b/e_os.h index 77efc6e35..0c0784f9a 100644 --- a/e_os.h +++ b/e_os.h @@ -275,6 +275,9 @@ extern "C" { # define NO_SYS_PARAM_H # else /* !defined VMS */ +# ifdef MPE +# define NO_SYS_PARAM_H +# endif # ifdef OPENSSL_UNISTD # include OPENSSL_UNISTD # else @@ -344,7 +347,9 @@ extern HINSTANCE _hInstance; # ifndef NO_SYS_PARAM_H # include # endif -# include /* Needed under linux for FD_XXX */ +# ifndef MPE +# include /* Needed under linux for FD_XXX */ +# endif # include # if defined(VMS) && !defined(__DECC) diff --git a/ssl/ssl2.h b/ssl/ssl2.h index 01d41c88c..df7d03c18 100644 --- a/ssl/ssl2.h +++ b/ssl/ssl2.h @@ -133,7 +133,11 @@ extern "C" { /* Upper/Lower Bounds */ #define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 +#ifdef MPE +#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)29998 +#else #define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767 +#endif #define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/ #define SSL2_CHALLENGE_LENGTH 16 From c19b6c922a6575974455404be3c1409de60fb1eb Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 21 Sep 2000 06:46:15 +0000 Subject: [PATCH 2/2] Clarifications and new documents. Submitted by Lutz Jaenicke --- doc/ssl/SSL_CTX_set_ssl_version.pod | 60 +++++++++++++++++++++++++++++ doc/ssl/SSL_accept.pod | 7 +++- doc/ssl/SSL_connect.pod | 7 +++- doc/ssl/SSL_pending.pod | 30 +++++++++++++++ doc/ssl/SSL_read.pod | 12 +++++- doc/ssl/SSL_write.pod | 12 +++++- 6 files changed, 122 insertions(+), 6 deletions(-) create mode 100644 doc/ssl/SSL_CTX_set_ssl_version.pod create mode 100644 doc/ssl/SSL_pending.pod diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod new file mode 100644 index 000000000..3091bd689 --- /dev/null +++ b/doc/ssl/SSL_CTX_set_ssl_version.pod @@ -0,0 +1,60 @@ +=pod + +=head1 NAME + +SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method +- choose a new TLS/SSL method + +=head1 SYNOPSIS + + #include + + int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method); + int SSL_set_ssl_method(SSL *s, SSL_METHOD *method); + SSL_METHOD *SSL_get_ssl_method(SSL *ssl); + +=head1 DESCRIPTION + +SSL_CTX_set_ssl_version() sets a new default TLS/SSL B for SSL objects +newly created from this B. SSL objects already created with +L are not affected, except when SSL_clear() is +being called. + +SSL_set_ssl_method() sets a new TLS/SSL B for a particular B +object. It may be reset, when SSL_clear() is called. + +SSL_get_ssl_method() returns a function pointer to the TLS/SSL method +set in B. + +=head1 NOTES + +The available B choices are described in +L. + +When SSL_clear() is called and no session is connected to an SSL object, +the method of the SSL object is reset to the method currently set in +the corresponding SSL_CTX object. + +=head1 RETURN VALUES + +The following return values can occur for SSL_CTX_set_ssl_version() +and SSL_set_ssl_method(): + +=over 4 + +=item 0 + +The new choice failed, check the error stack to find out the reason. + +=item 1 + +The operation succeeded. + +=back + +=head1 SEE ALSO + +L, L, +L, L + +=cut diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod index fc6a57b5d..0c79ac515 100644 --- a/doc/ssl/SSL_accept.pod +++ b/doc/ssl/SSL_accept.pod @@ -14,8 +14,11 @@ SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL handshake. The communication channel must already have been set and assigned to the -B by setting an underlying B. The behaviour of SSL_accept() depends -on the underlying BIO. +B by setting an underlying B. + +=head1 NOTES + +The behaviour of SSL_accept() depends on the underlying BIO. If the underlying BIO is B, SSL_accept() will only return once the handshake has been finished or an error occurred, except for SGC (Server diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod index 7123bf325..debe41744 100644 --- a/doc/ssl/SSL_connect.pod +++ b/doc/ssl/SSL_connect.pod @@ -14,8 +14,11 @@ SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server SSL_connect() initiates the TLS/SSL handshake with a server. The communication channel must already have been set and assigned to the B by setting an -underlying B. The behaviour of SSL_connect() depends on the underlying -BIO. +underlying B. + +=head1 NOTES + +The behaviour of SSL_connect() depends on the underlying BIO. If the underlying BIO is B, SSL_connect() will only return once the handshake has been finished or an error occurred. diff --git a/doc/ssl/SSL_pending.pod b/doc/ssl/SSL_pending.pod new file mode 100644 index 000000000..744e1855e --- /dev/null +++ b/doc/ssl/SSL_pending.pod @@ -0,0 +1,30 @@ +=pod + +=head1 NAME + +SSL_pending - obtain number of readable bytes buffered in an SSL object + +=head1 SYNOPSIS + + #include + + int SSL_pending(SSL *ssl); + +=head1 DESCRIPTION + +SSL_pending() returns the number of bytes which are available inside +B for immediate read. + +=head1 NOTES + +Data are received in blocks from the peer. Therefore data can be buffered +inside B and are ready for immediate retrieval with +L. + +=head1 RETURN VALUES + +The number of bytes pending is returned. + +L, L + +=cut diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod index 3b082a7c9..708b20fdb 100644 --- a/doc/ssl/SSL_read.pod +++ b/doc/ssl/SSL_read.pod @@ -13,7 +13,11 @@ SSL_read - read bytes from a TLS/SSL connection. =head1 DESCRIPTION SSL_read() tries to read B bytes from the specified B into the -buffer B. If necessary, SSL_read() will negotiate a TLS/SSL session, if +buffer B. + +=head1 NOTES + +If necessary, SSL_read() will negotiate a TLS/SSL session, if not already explicitly performed by SSL_connect() or SSL_accept(). If the peer requests a re-negotiation, it will be performed transparently during the SSL_read() operation. The behaviour of SSL_read() depends on the @@ -34,6 +38,12 @@ non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue. +=head1 IMPORTANT + +When an SSL_read() operation has to be repeated because of +B or B, it must be repeated +with the same arguments. + =head1 RETURN VALUES The following return values can occur: diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod index b086258e8..0a1adaba7 100644 --- a/doc/ssl/SSL_write.pod +++ b/doc/ssl/SSL_write.pod @@ -13,7 +13,11 @@ SSL_read - write bytes to a TLS/SSL connection. =head1 DESCRIPTION SSL_write() writes B bytes from the buffer B into the specified -B. If necessary, SSL_write() will negotiate a TLS/SSL session, if +B connection. + +=head1 NOTES + +If necessary, SSL_write() will negotiate a TLS/SSL session, if not already explicitly performed by SSL_connect() or SSL_accept(). If the peer requests a re-negotiation, it will be performed transparently during the SSL_write() operation. The behaviour of SSL_write() depends on the @@ -34,6 +38,12 @@ non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue. +=head1 IMPORTANT + +When an SSL_write() operation has to be repeated because of +B or B, it must be repeated +with the same arguments. + =head1 RETURN VALUES The following return values can occur: